Forum: >>> Magnum BBS <<<

Bug#265751: cyrus-sasl2: Candidate NMU patch for 2.1.19-1.1 - SARGE (5/

From Henrique de Moraes Holschuh@1:229/2 to All on Sat Aug 14 21:20:06 2004

[continued from previous message]

+ if (params->props.security_flags & SASL_SEC_PASS_CREDENTIALS)
+ req_flags = req_flags | GSS_C_DELEG_FLAG;
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_init_sec_context(&min_stat,
+ GSS_C_NO_CREDENTIAL,
+ &text->gss_ctx,
+@@ -1295,11 +1436,15 @@
+ output_token,
+ &out_req_flags,
+ NULL);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+ sasl_gss_seterror(text->utils, maj_stat, min_stat);
+- if (output_token->value)
++ if (output_token->value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ sasl_gss_free_context_contents(text);
+ return SASL_FAIL;
+ }
+@@ -1316,17 +1461,22 @@
+ ret = _plug_buf_alloc(text->utils, &(text->out_buf),
+ &(text->out_buf_len), *clientoutlen);
+ if(ret != SASL_OK) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+ return ret;
+ }
+ memcpy(text->out_buf, output_token->value, *clientoutlen);
+ *clientout = text->out_buf;
+ }
+
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+ }
+
+ if (maj_stat == GSS_S_COMPLETE) {
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_inquire_context(&min_stat,
+ text->gss_ctx,
+ &text->client_name,
+@@ -1337,6 +1487,7 @@
+ NULL, /* flags */
+ NULL, /* local init */
+ NULL); /* open */
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+ sasl_gss_seterror(text->utils, maj_stat, min_stat);
+@@ -1345,14 +1496,19 @@
+ }
+
+ name_token.length = 0;
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_display_name(&min_stat,
+ text->client_name,
+ &name_token,
+ NULL);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+- if (name_token.value)
++ if (name_token.value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, &name_token);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ SETERROR(text->utils, "GSSAPI Failure");
+ sasl_gss_free_context_contents(text);
+ return SASL_FAIL;
+@@ -1372,7 +1528,9 @@
+ SASL_CU_AUTHID | SASL_CU_AUTHZID,
+ oparams);
+ }
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, &name_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (ret != SASL_OK) return ret;
+
+@@ -1391,18 +1549,23 @@
+ real_input_token.value = (void *) serverin;
+ real_input_token.length = serverinlen;
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_unwrap(&min_stat,
+ text->gss_ctx,
+ input_token,
+ output_token,
+ NULL,
+ NULL);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ if (GSS_ERROR(maj_stat)) {
+ sasl_gss_seterror(text->utils, maj_stat, min_stat);
+ sasl_gss_free_context_contents(text);
+- if (output_token->value)
++ if (output_token->value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ return SASL_FAIL;
+ }
+
+@@ -1477,7 +1640,9 @@
+ }
+ }
+
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ /* oparams->user is always set, due to canon_user requirements.
+ * Make sure the client actually requested it though, by checking
+@@ -1516,6 +1681,7 @@
+ }
+ ((unsigned char *)input_token->value)[0] = mychoice;
+
++ GSS_LOCK_MUTEX(params->utils);
+ maj_stat = gss_wrap (&min_stat,
+ text->gss_ctx,
+ 0, /* Just integrity checking here */
+@@ -1523,14 +1689,18 @@
+ input_token,
+ NULL,
+ output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+
+ params->utils->free(input_token->value);
+ input_token->value = NULL;
+
+ if (GSS_ERROR(maj_stat)) {
+ sasl_gss_seterror(text->utils, maj_stat, min_stat);
+- if (output_token->value)
++ if (output_token->value) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
++ }
+ sasl_gss_free_context_contents(text);
+ return SASL_FAIL;
+ }
+@@ -1542,14 +1712,19 @@
+ ret = _plug_buf_alloc(text->utils, &(text->out_buf),
+ &(text->out_buf_len), *clientoutlen);
+ if (ret != SASL_OK) {
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
+ return ret;
+ }
+ memcpy(text->out_buf, output_token->value, *clientoutlen);
+ *clientout = text->out_buf;
+ }
+
++ GSS_LOCK_MUTEX(params->utils);
+ gss_release_buffer(&min_stat, output_token);
++ GSS_UNLOCK_MUTEX(params->utils);
++
+ }
+
+ text->state = SASL_GSSAPI_STATE_AUTHENTICATED;
+@@ -1595,7 +1770,7 @@
+ &gssapi_client_mech_new, /* mech_new */
+ &gssapi_client_mech_step, /* mech_step */
+ &gssapi_common_mech_dispose, /* mech_dispose */
+- NULL, /* mech_free */
++ &gssapi_common_mech_free, /* mech_free */
+ NULL, /* idle */
+ NULL, /* spare */
+ NULL /* spare */
+@@ -1616,6 +1791,15 @@
+ *out_version = SASL_CLIENT_PLUG_VERSION;
+ *pluglist = gssapi_client_plugins;
+ *plugcount = 1;
++
++#ifdef GSS_USE_MUTEXES
++ if(!gss_mutex) {
++ gss_mutex = utils->mutex_alloc();
++ if(!gss_mutex) {
++ return SASL_FAIL;
++ }
++ }
++#endif
+
+ return SASL_OK;
+ }
diff -urN cyrus-sasl2-2.1.19/debian/patches/20_2370_sasl_upstream_cvs.diff nmu-work/debian/patches/20_2370_sasl_upstream_cvs.diff
--- cyrus-sasl2-2.1.19/debian/patches/20_2370_sasl_upstream_cvs.diff 1969-12-31 21:00:00.000000000 -0300
+++ nmu-work/debian/patches/20_2370_sasl_upstream_cvs.diff 2004-08-14 11:29:18.000000000 -0300
@@ -0,0 +1,83 @@
+---------------------
+PatchSet 2370
+Date: 2004/07/21 13:39:06
+Author: rjs3
+Branch: HEAD
+Tag: (none)
+Log:
+1). Don't try to free something which is not allocated
+2). Prevent some memory leaks on failure.
+3). Use consistent memory allocator.
+(Alexey Melnikov <[email protected]>)
+
+Members:
+ plugins/gssapi.c:1.91->1.92
+
+Index: cyrus-sasl-2.1.19/plugins/gssapi.c +===================================================================
+RCS file: /cvs/src/sasl/plugins/gssapi.c,v
+retrieving revision 1.91
+retrieving revision 1.92
+diff -u -r1.91 -r1.92
+--- cyrus-sasl-2.1.19/plugins/gssapi.c 15 Jul 2004 18:02:03 -0000 1.91 ++++ cyrus-sasl-2.1.19/plugins/gssapi.c 21 Jul 2004 14:39:06 -0000 1.92 +@@ -1,7 +1,7 @@
+ /* GSSAPI SASL plugin
+ * Leif Johansson
+

Who's Online
Recent Visitors
- Bob Worm
  Tue Jun 9 21:16:34 2026
  from Wales, Uk via SSH
- Yokzimo
  Tue Jun 9 17:10:05 2026
  from Sw via Telnet
- Regen
  Tue Jun 9 16:45:02 2026
  from Brooklyn, Ny via Telnet
- Bob Worm
  Tue Jun 9 14:47:58 2026
  from Wales, Uk via Telnet
- Krenn
  Tue Jun 9 11:18:15 2026
  from Sydney, Nsw via Telnet
- Bob Worm
  Tue Jun 9 10:31:07 2026
  from Wales, Uk via Telnet
- Centurion
  Mon Jun 8 23:30:43 2026
  from Berea, Ohio via Telnet
- Centurion
  Mon Jun 8 21:33:11 2026
  from Berea, Ohio via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	716
Nodes:	16 (3 / 13)
Uptime:	53:05:55
Calls:	12,116
Calls today:	7
Files:	15,010
Messages:	6,518,599
Posted today:	2

Bug#265751: cyrus-sasl2: Candidate NMU patch for 2.1.19-1.1 - SARGE (5/

Who's Online

Recent Visitors

System Info