Forum: >>> Magnum BBS <<<

Bug#265751: cyrus-sasl2: Candidate NMU patch for 2.1.19-1.1 - SARGE (4/

From Henrique de Moraes Holschuh@1:229/2 to All on Sat Aug 14 21:20:06 2004

[continued from previous message]

+ params->utils->free(name_without_realm.value);
+
+- if (name_token.value)
++ if (name_token.value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, &name_token);
+- if (without)
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
++ if (without) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_name(&min_stat, &without);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ SETERROR(text->utils, "GSSAPI Failure");
+ sasl_gss_free_context_contents(text);
+ return SASL_BADAUTH;
+@@ -755,6 +842,7 @@
+
+ name_without_realm.length = strlen( (char *) name_without_realm.value );
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_import_name (&min_stat,
+ &name_without_realm,
+ /* Solaris 8/9 gss_import_name doesn't accept GSS_C_NULL_OID here, +@@ -765,35 +853,53 @@
+ GSS_C_NULL_OID,
+ #endif
+ &without);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+ params->utils->free(name_without_realm.value);
+- if (name_token.value)
++ if (name_token.value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, &name_token);
+- if (without)
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
++ if (without) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_name(&min_stat, &without);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ SETERROR(text->utils, "GSSAPI Failure");
+ sasl_gss_free_context_contents(text);
+ return SASL_BADAUTH;
+ }
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_compare_name(&min_stat,
+ text->client_name,
+ without,
+ &equal);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+ params->utils->free(name_without_realm.value);
+- if (name_token.value)
++ if (name_token.value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, &name_token);
+- if (without)
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
++ if (without) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_name(&min_stat, &without);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ SETERROR(text->utils, "GSSAPI Failure");
+ sasl_gss_free_context_contents(text);
+ return SASL_BADAUTH;
+ }
+
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_name(&min_stat,&without);
++ GSS_UNLOCK_MUTEX(params->utils);
++
+ } else {
+ equal = 0;
+ }
+@@ -814,11 +920,14 @@
+ }
+ }
+
+- if (name_token.value)
++ if (name_token.value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, &name_token);
+- if (name_without_realm.value)
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
++ if (name_without_realm.value) {
+ params->utils->free(name_without_realm.value);
+-
++ }
+
+ /* we have to decide what sort of encryption/integrity/etc.,
+ we support */
+@@ -865,6 +974,7 @@
+ real_input_token.value = (void *)sasldata;
+ real_input_token.length = 4;
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_wrap(&min_stat,
+ text->gss_ctx,
+ 0, /* Just integrity checking here */
+@@ -872,11 +982,15 @@
+ input_token,
+ NULL,
+ output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+ sasl_gss_seterror(text->utils, maj_stat, min_stat);
+- if (output_token->value)
++ if (output_token->value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ sasl_gss_free_context_contents(text);
+ return SASL_FAIL;
+ }
+@@ -889,14 +1003,18 @@
+ ret = _plug_buf_alloc(text->utils, &(text->out_buf),
+ &(text->out_buf_len), *serveroutlen);
+ if(ret != SASL_OK) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+ return ret;
+ }
+ memcpy(text->out_buf, output_token->value, *serveroutlen);
+ *serverout = text->out_buf;
+ }
+
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+ }
+
+ /* Wait for ssf request and authid */
+@@ -911,12 +1029,14 @@
+ real_input_token.value = (void *)clientin;
+ real_input_token.length = clientinlen;
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_unwrap(&min_stat,
+ text->gss_ctx,
+ input_token,
+ output_token,
+ NULL,
+ NULL);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+ sasl_gss_seterror(text->utils, maj_stat, min_stat);
+@@ -946,8 +1066,11 @@
+ "protocol violation: client requested invalid layer");
+ /* Mark that we attempted negotiation */
+ oparams->mech_ssf = 2;
+- if (output_token->value)
++ if (output_token->value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ sasl_gss_free_context_contents(text);
+ return SASL_FAIL;
+ }
+@@ -990,7 +1113,9 @@
+ } else {
+ SETERROR(text->utils,
+ "token too short");
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+ sasl_gss_free_context_contents(text);
+ return SASL_FAIL;
+ }
+@@ -1026,7 +1151,9 @@
+ }
+ }
+
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ text->state = SASL_GSSAPI_STATE_AUTHENTICATED;
+
+@@ -1065,7 +1192,7 @@
+ &gssapi_server_mech_new, /* mech_new */
+ &gssapi_server_mech_step, /* mech_step */
+ &gssapi_common_mech_dispose, /* mech_dispose */
+- NULL, /* mech_free */
++ &gssapi_common_mech_free, /* mech_free */
+ NULL, /* setpass */
+ NULL, /* user_query */
+ NULL, /* idle */
+@@ -1125,6 +1252,15 @@
+ *out_version = SASL_SERVER_PLUG_VERSION;
+ *pluglist = gssapi_server_plugins;
+ *plugcount = 1;
++
++#ifdef GSS_USE_MUTEXES
++ if (!gss_mutex) {
++ gss_mutex = utils->mutex_alloc();
++ if (!gss_mutex) {
++ return SASL_FAIL;
++ }
++ }
++#endif
+
+ return SASL_OK;
+ }
+@@ -1138,7 +1274,7 @@
+ context_t *text;
+
+ /* holds state are in */
+- text = gss_new_context(params->utils);
++ text = sasl_gss_new_context(params->utils);
+ if (text == NULL) {
+ MEMERROR(params->utils);
+ return SASL_NOMEM;
+@@ -1234,10 +1370,12 @@
+
+ sprintf(name_token.value,"%s@%s", params->service, params->serverFQDN);
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_import_name (&min_stat,
+ &name_token,
+ GSS_C_NT_HOSTBASED_SERVICE,
+ &text->server_name);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ params->utils->free(name_token.value);
+ name_token.value = NULL;
+@@ -1261,7 +1399,9 @@
+ * and no input from the server. However, thanks to Imap,
+ * which discards our first output, this happens all the time.
+ * Throw away the context and try again. */
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_delete_sec_context (&min_stat,&text->gss_ctx,GSS_C_NO_BUFFER);
++ GSS_UNLOCK_MUTEX(params->utils);
+ text->gss_ctx = GSS_C_NO_CONTEXT;
+ }
+
+@@ -1282,6 +1422,7 @@

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

Who's Online
Recent Visitors
- Regen
  Tue Jun 9 16:45:02 2026
  from Brooklyn, Ny via Telnet
- Bob Worm
  Tue Jun 9 14:47:58 2026
  from Wales, Uk via Telnet
- Krenn
  Tue Jun 9 11:18:15 2026
  from Sydney, Nsw via Telnet
- Bob Worm
  Tue Jun 9 10:31:07 2026
  from Wales, Uk via Telnet
- Centurion
  Mon Jun 8 23:30:43 2026
  from Berea, Ohio via Telnet
- Centurion
  Mon Jun 8 21:33:11 2026
  from Berea, Ohio via Telnet
- Bob Worm
  Mon Jun 8 20:15:00 2026
  from Wales, Uk via Telnet
- Bob Worm
  Mon Jun 8 16:33:22 2026
  from Wales, Uk via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	716
Nodes:	16 (3 / 13)
Uptime:	48:41:23
Calls:	12,113
Calls today:	4
Files:	15,010
Messages:	6,518,528

Bug#265751: cyrus-sasl2: Candidate NMU patch for 2.1.19-1.1 - SARGE (4/

Who's Online

Recent Visitors

System Info