[Pkg-cyrus-sasl2-commits] [cyrus-sasl2] 01/02: Shutdown down the write side of the socket and wait for the client to close the connection (0 byte read) before closing the server side (Closes: #777349)

Ondrej Sury ondrej at moszumanska.debian.org
Wed Sep 23 12:33:50 UTC 2015 

This is an automated email from the git hooks/post-receive script.

ondrej pushed a commit to branch master
in repository cyrus-sasl2.

commit 6d248d4cd8d9e415679fc2d3fba97efbc879ebca
Author: Ondřej Surý <ondrej at sury.org>
Date:   Mon Mar 9 14:20:58 2015 +0100

    Shutdown down the write side of the socket and wait for the client to close the connection (0 byte read) before closing the server side (Closes: #777349)
---
 debian/patches/early-hangup.patch | 34 ++++++++++++++++++++++++++++++++++
 debian/patches/series             |  1 +
 2 files changed, 35 insertions(+)

diff --git a/debian/patches/early-hangup.patch b/debian/patches/early-hangup.patch
new file mode 100644
index 0000000..b45fb25
--- /dev/null
+++ b/debian/patches/early-hangup.patch
@@ -0,0 +1,34 @@
+Description: it is possible for the client side of the socket to miss data
+ when the server uses close() immediately after the last write(). To avoid
+ this, shutdown down the write side of the socket and wait for the client
+ to close the connection (0 byte read) before closing the server side.
+Author: Kees Cook <kees at debian.org>
+
+--- cyrus-sasl2.orig/saslauthd/ipc_unix.c
++++ cyrus-sasl2/saslauthd/ipc_unix.c
+@@ -217,6 +217,7 @@ void ipc_loop() {
+ 
+ 	int		rc;
+ 	int		conn_fd;
++	unsigned char	dummy;
+ 
+ 
+ 	while(1) {
+@@ -261,6 +262,8 @@ void ipc_loop() {
+ 		    }
+ 		    
+ 		    do_request(conn_fd);
++		    shutdown(conn_fd, SHUT_WR);
++		    while (read(conn_fd, &dummy, 1) > 0) { }
+ 		    close(conn_fd);
+ 
+ 		    if(flags & DETACH_TTY) {
+@@ -275,6 +278,8 @@ void ipc_loop() {
+ 		 * Normal prefork mode.
+ 		 *************************************************************/
+ 		do_request(conn_fd);
++		shutdown(conn_fd, SHUT_WR);
++		while (read(conn_fd, &dummy, 1) > 0) { }
+ 		close(conn_fd);
+ 	}
+ 
diff --git a/debian/patches/series b/debian/patches/series
index 33989db..baae499 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -30,3 +30,4 @@
 0046_fix_void_return.patch
 properly-create-libsasl2.pc.patch
 bug715040.patch
+early-hangup.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-cyrus-sasl2/cyrus-sasl2.git

More information about the Pkg-cyrus-sasl2-commits mailing list