Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
Joe Martin
OpenLDAP
Commits
1328777a
Commit
1328777a
authored
Mar 21, 2019
by
Ondřej Kuzník
Browse files
Fix a SASL channel-binding leak
parent
58d66a39
Changes
3
Hide whitespace changes
Inline
Side-by-side
servers/lloadd/connection.c
View file @
1328777a
...
...
@@ -357,6 +357,11 @@ connection_destroy( LloadConnection *c )
c
->
c_sasl_defaults
=
NULL
;
}
if
(
c
->
c_sasl_authctx
)
{
#ifdef SASL_CHANNEL_BINDING
/* 2.1.25+ */
if
(
c
->
c_sasl_cbinding
)
{
ch_free
(
c
->
c_sasl_cbinding
);
}
#endif
sasl_dispose
(
&
c
->
c_sasl_authctx
);
}
#endif
/* HAVE_CYRUS_SASL */
...
...
servers/lloadd/lload.h
View file @
1328777a
...
...
@@ -340,6 +340,10 @@ struct LloadConnection {
#ifdef HAVE_CYRUS_SASL
sasl_conn_t
*
c_sasl_authctx
;
void
*
c_sasl_defaults
;
#ifdef SASL_CHANNEL_BINDING
/* 2.1.25+ */
sasl_channel_binding_t
*
c_sasl_cbinding
;
/* Else cyrus-sasl would happily
* leak it on sasl_dispose */
#endif
/* SASL_CHANNEL_BINDING */
#endif
/* HAVE_CYRUS_SASL */
#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS
...
...
servers/lloadd/upstream.c
View file @
1328777a
...
...
@@ -321,6 +321,7 @@ sasl_bind_step( LloadConnection *c, BerValue *scred, BerValue *ccred )
cb
->
data
=
cb_data
=
cb
+
1
;
memcpy
(
cb_data
,
cbv
.
bv_val
,
cbv
.
bv_len
);
sasl_setprop
(
ctx
,
SASL_CHANNEL_BINDING
,
cb
);
c
->
c_sasl_cbinding
=
cb
;
}
}
#endif
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment