Created attachment 197124 [details]
kerberos context patch
A conversation on the firstname.lastname@example.org list revealed and fixes a memory leak arising from the squid kerberos authentication helper.
Search for "Memory leak with Squid negotiate_kerberos_auth helper under OpenBSD 6.3"
I've enclosed the patches that fix this problem, only because the application of the fix and a new release of heimdal may not be as timely as a patch to the "port"; and I created and applied the patch.
Created attachment 197125 [details]
credential memory leak patch
The first patch appears to be committed upstream.
Could you submit the second patch to upstream? Backporting upstream patch is more reasonable than creating local patches. It is at least reviewed by upstream.
Created attachment 198958 [details]
I'm thinking like this backporting upstream patch.
(In reply to Koichiro Iwao from comment #3)
Thank-you for pursuing this bug. As an aside would it be possible to replace readline, which is GPLv3 with libedit, which is BSD licenced and preserve Heimdal's MIT licence?
(I replaced readline with libedit for most (all) of my non-GPL ports a few years ago, and heimdal is happy.)
Over to maintainer.