From a369f499a9bc54aa4614d34e903ddabe4e9d69aa Mon Sep 17 00:00:00 2001
From: Johannes <68052021+jliebl-git@users.noreply.github.com>
Date: Mon, 17 Oct 2022 14:46:43 +0200
Subject: [PATCH] rgw: LDAP fix resource leak with wrong credentials

/src/rgw/ldap.h: moved ldap_unbind to outside of successful states to always clean up connections

Fixes: https://tracker.ceph.com/issues/57881
Signed-off-by: Johannes Liebl <68052021+jliebl-git@users.noreply.github.com>

Signed-off-by: Johannes <68052021+jliebl-git@users.noreply.github.com>
(cherry picked from commit fa8945e7a281e3cc3c42ce5313f2de3838dcfd41)
---
 src/rgw/rgw_ldap.h | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/src/rgw/rgw_ldap.h b/src/rgw/rgw_ldap.h
index c37789acc591d..06986e5f59ac7 100644
--- a/src/rgw/rgw_ldap.h
+++ b/src/rgw/rgw_ldap.h
@@ -83,10 +83,8 @@ namespace rgw {
 			      (void*) &ldap_ver);
 	if (ret == LDAP_SUCCESS) {
 	  ret = ldap_simple_bind_s(tldap, dn, pwd.c_str());
-	  if (ret == LDAP_SUCCESS) {
-	    (void) ldap_unbind(tldap);
-	  }
 	}
+	(void) ldap_unbind(tldap);
       }
       return ret; // OpenLDAP client error space
     }
-- 
2.39.5