Commit 1328777a authored by Ondřej Kuzník's avatar Ondřej Kuzník
Browse files

Fix a SASL channel-binding leak

parent 58d66a39
......@@ -357,6 +357,11 @@ connection_destroy( LloadConnection *c )
c->c_sasl_defaults = NULL;
}
if ( c->c_sasl_authctx ) {
#ifdef SASL_CHANNEL_BINDING /* 2.1.25+ */
if ( c->c_sasl_cbinding ) {
ch_free( c->c_sasl_cbinding );
}
#endif
sasl_dispose( &c->c_sasl_authctx );
}
#endif /* HAVE_CYRUS_SASL */
......
......@@ -340,6 +340,10 @@ struct LloadConnection {
#ifdef HAVE_CYRUS_SASL
sasl_conn_t *c_sasl_authctx;
void *c_sasl_defaults;
#ifdef SASL_CHANNEL_BINDING /* 2.1.25+ */
sasl_channel_binding_t *c_sasl_cbinding; /* Else cyrus-sasl would happily
* leak it on sasl_dispose */
#endif /* SASL_CHANNEL_BINDING */
#endif /* HAVE_CYRUS_SASL */
#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS
......
......@@ -321,6 +321,7 @@ sasl_bind_step( LloadConnection *c, BerValue *scred, BerValue *ccred )
cb->data = cb_data = cb + 1;
memcpy( cb_data, cbv.bv_val, cbv.bv_len );
sasl_setprop( ctx, SASL_CHANNEL_BINDING, cb );
c->c_sasl_cbinding = cb;
}
}
#endif
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment