[Pkg-cyrus-sasl2-commits] [cyrus-sasl2] 08/44: Imported Upstream version 2.1.26-72-g88d82a3
Ondřej Surý
ondrej at debian.org
Sat Dec 31 13:07:10 UTC 2016
This is an automated email from the git hooks/post-receive script.
ondrej pushed a commit to branch master
in repository cyrus-sasl2.
commit 9f81f0c2edf5109f760f7a4367b6833fa2667bb9
Author: Ondřej Surý <ondrej at sury.org>
Date: Mon Oct 24 17:37:16 2016 +0200
Imported Upstream version 2.1.26-72-g88d82a3
---
ChangeLog | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
configure.ac | 6 +++---
include/sasl.h | 2 +-
saslauthd/ipc_doors.c | 50 +++++++++++++++++++++++++++++++++++++++++++-------
win32/common.mak | 2 +-
win32/include/config.h | 2 +-
6 files changed, 99 insertions(+), 13 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index c7be303..6a547fa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,53 @@
+2016-10-18 Ken Murchison <murch at andrew.cmu.edu>
+ * Fixed potential DoS attack on saslauthd/doors (from Oracle)
+
+2016-06-30 Ken Murchison <murch at andrew.cmu.edu>
+ * plugins/ntlm.c, otp.c: support OpenSSL 1.1
+
+2016-06-14 Ken Murchison <murch at andrew.cmu.edu>
+ * plugins/digestmd5.c: Fix memory leak in client step 2
+
+2016-03-24 Ken Murchison <murch at andrew.cmu.edu>
+ * auth_rimap.c: Don't hang when IMAP server closes connection
+
+2016-01-29 Ken Murchison <murch at andrew.cmu.edu>
+ * Build fixes from Ignacio Casal Quinteiro
+
+2015-12-26 Ken Murchison <murch at andrew.cmu.edu>
+ * Build fixes from Ignacio Casal Quinteiro
+
+2015-11-16 Ken Murchison <murch at andrew.cmu.edu>
+ * Build fixes from Ignacio Casal Quinteiro
+
+2015-10-14 Ken Murchison <murch at andrew.cmu.edu>
+ * Build fixes from Ignacio Casal Quinteiro
+
+2015-07-17 Ken Murchison <murch at andrew.cmu.edu>
+ * auth_krb5.c: added krb5_conv_krb4_instance option
+
+2014-11-17 Ken Murchison <murch at andrew.cmu.edu>
+ * plugins/digestmd5.c: Fix memory leaks
+
+2014-11-17 Ken Murchison <murch at andrew.cmu.edu>
+ * plugins/digestmd5.c: prevent going from step 3 to step 2
+
+2013-09-13 Alexey Melnikov <alexey.melnikov at isode.com>
+ * Fix memory leaks in DIGEST
+
+2013-08-30 Ken Murchison <murch at andrew.cmu.edu>
+ * plugins/digestmd5.c: only locate reauth cache when reauth is
+ enabled
+
+2013-07-11 Alexey Melnikov <alexey.melnikov at isode.com>
+ * Treat SCRAM and DIGEST as more secure than PLAIN when selecting
+ client-side mechanism
+
+2013-07-11 Alexey Melnikov <alexey.melnikov at isode.com>
+ * Handle NULL return from crypt()
+
+2012-11-20 Alexey Melnikov <alexey.melnikov at isode.com>
+ * Added support for lmdb
+
2012-11-19 Alexey Melnikov <alexey.melnikov at isode.com>
* Final 2.1.26 tagged and released by Ken.
diff --git a/configure.ac b/configure.ac
index d3f38af..199d93e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,10 +49,10 @@ dnl REMINDER: When changing the version number here, please also update
dnl the values in win32/include/config.h and include/sasl.h as well.
dnl
AC_INIT([cyrus-sasl],
- [2.1.26],
- [https://git.cyrus.foundation/maniphest/],
+ [2.1.27],
+ [https://github.com/cyrusimap/cyrus-sasl/issues],
[cyrus-sasl],
- [https://docs.cyrus.foundation])
+ [http://cyrusimap.org])
AC_CONFIG_MACRO_DIR([m4])
diff --git a/include/sasl.h b/include/sasl.h
index 54afd9c..eb001ec 100755
--- a/include/sasl.h
+++ b/include/sasl.h
@@ -126,7 +126,7 @@
/* Keep in sync with win32/common.mak */
#define SASL_VERSION_MAJOR 2
#define SASL_VERSION_MINOR 1
-#define SASL_VERSION_STEP 26
+#define SASL_VERSION_STEP 27
/* A convenience macro: same as was defined in the OpenLDAP LDAPDB */
#define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\
diff --git a/saslauthd/ipc_doors.c b/saslauthd/ipc_doors.c
index 92f403c..4e459d7 100644
--- a/saslauthd/ipc_doors.c
+++ b/saslauthd/ipc_doors.c
@@ -203,13 +203,42 @@ void ipc_cleanup() {
logger(L_DEBUG, L_FUNC, "door file removed: %s", door_file);
}
+/*************************************************************
+ * It is very rare but not impossible to have door_return actually return.
+ * When it does, it leaks a reference count. Prevent that.
+ **************************************************************/
+
+void
+safe_door_return(char *data, size_t len)
+{
+ (void) door_return(data, len, NULL, 0);
+ /*
+ * If door_return() failed, and our response wasn't empty, try sending
+ * an empty response. If that still doesn't work, then we must exit
+ * this thread.
+ */
+ if (len > 0) {
+ logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+ (void) door_return(NULL, 0, NULL, 0);
+ }
+ logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+
+ pthread_mutex_lock(&num_lock);
+ if (num_procs > 0 && num_thr > 0) {
+ num_thr--;
+ }
+ pthread_mutex_unlock(&num_lock);
+ pthread_exit(NULL);
+}
+
/*************************************************************
* Handle the door data, pass the request off to
* do_auth() back in saslauthd-main.c, then send the
* result back through the door.
**************************************************************/
-void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, size_t ndesc) {
+static void
+do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, uint_t ndesc) {
unsigned short count = 0; /* input/output data byte count */
char *response = NULL; /* response to send to the client */
char response_buff[1024]; /* temporary response buffer */
@@ -227,6 +256,12 @@ void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, size
**************************************************************/
dataend = data + datasize;
+ if (data == NULL || datasize < sizeof(unsigned short)) {
+ logger(L_ERR, L_FUNC, "Bad data");
+ send_no("");
+ return;
+ }
+
/* login id */
memcpy(&count, data, sizeof(unsigned short));
@@ -328,8 +363,7 @@ void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, size
if (flags & VERBOSE)
logger(L_DEBUG, L_FUNC, "response: %s", response_buff);
- if(door_return(response_buff, strlen(response_buff), NULL, 0) < 0)
- logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+ safe_door_return(response_buff, strlen(response_buff));
return;
}
@@ -353,14 +387,17 @@ void need_thread(door_info_t *di) {
pthread_create(&newt, &thread_attr, &server_thread, NULL);
}
-
+
/*************************************************************
* Start a new server thread.
* Make it available for door invocations.
**************************************************************/
void *server_thread(void *arg) {
pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL);
- door_return(NULL, 0, NULL, 0);
+
+ safe_door_return(NULL, 0);
+
+ return (void *) NULL;
}
/*************************************************************
@@ -382,8 +419,7 @@ void send_no(char *mesg) {
if (flags & VERBOSE)
logger(L_DEBUG, L_FUNC, "response: %s", buff);
- if(door_return(buff, strlen(buff), NULL, 0) < 0)
- logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+ safe_door_return(buff, strlen(buff));
return;
}
diff --git a/win32/common.mak b/win32/common.mak
index 5c9c4b2..194dfe9 100644
--- a/win32/common.mak
+++ b/win32/common.mak
@@ -2,7 +2,7 @@
#Keep in sync with include/sasl.h and win32/include/config.h
SASL_VERSION_MAJOR=2
SASL_VERSION_MINOR=1
-SASL_VERSION_STEP=26
+SASL_VERSION_STEP=27
!IF "$(STATIC)" == ""
STATIC=yes
diff --git a/win32/include/config.h b/win32/include/config.h
index 3440837..8d8548e 100644
--- a/win32/include/config.h
+++ b/win32/include/config.h
@@ -55,7 +55,7 @@
#define PACKAGE "cyrus-sasl"
/* Our version */
-#define VERSION "2.1.26"
+#define VERSION "2.1.27"
/* Visual Studio supports prototypes */
#define PROTOTYPES 1
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-cyrus-sasl2/cyrus-sasl2.git
More information about the Pkg-cyrus-sasl2-commits
mailing list