[Pkg-cyrus-sasl2-commits] [cyrus-sasl2] 08/44: Imported Upstream version 2.1.26-72-g88d82a3

Ondřej Surý ondrej at debian.org
Sat Dec 31 13:07:10 UTC 2016


This is an automated email from the git hooks/post-receive script.

ondrej pushed a commit to branch master
in repository cyrus-sasl2.

commit 9f81f0c2edf5109f760f7a4367b6833fa2667bb9
Author: Ondřej Surý <ondrej at sury.org>
Date:   Mon Oct 24 17:37:16 2016 +0200

    Imported Upstream version 2.1.26-72-g88d82a3
---
 ChangeLog              | 50 ++++++++++++++++++++++++++++++++++++++++++++++++++
 configure.ac           |  6 +++---
 include/sasl.h         |  2 +-
 saslauthd/ipc_doors.c  | 50 +++++++++++++++++++++++++++++++++++++++++++-------
 win32/common.mak       |  2 +-
 win32/include/config.h |  2 +-
 6 files changed, 99 insertions(+), 13 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index c7be303..6a547fa 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,53 @@
+2016-10-18  Ken Murchison <murch at andrew.cmu.edu>
+	* Fixed potential DoS attack on saslauthd/doors (from Oracle)
+
+2016-06-30  Ken Murchison <murch at andrew.cmu.edu>
+	* plugins/ntlm.c, otp.c: support OpenSSL 1.1
+
+2016-06-14  Ken Murchison <murch at andrew.cmu.edu>
+	* plugins/digestmd5.c: Fix memory leak in client step 2
+
+2016-03-24  Ken Murchison <murch at andrew.cmu.edu>
+	* auth_rimap.c: Don't hang when IMAP server closes connection
+
+2016-01-29  Ken Murchison <murch at andrew.cmu.edu>
+	* Build fixes from Ignacio Casal Quinteiro
+
+2015-12-26  Ken Murchison <murch at andrew.cmu.edu>
+	* Build fixes from Ignacio Casal Quinteiro
+
+2015-11-16  Ken Murchison <murch at andrew.cmu.edu>
+	* Build fixes from Ignacio Casal Quinteiro
+
+2015-10-14  Ken Murchison <murch at andrew.cmu.edu>
+	* Build fixes from Ignacio Casal Quinteiro
+
+2015-07-17  Ken Murchison <murch at andrew.cmu.edu>
+	* auth_krb5.c: added krb5_conv_krb4_instance option
+
+2014-11-17  Ken Murchison <murch at andrew.cmu.edu>
+	* plugins/digestmd5.c: Fix memory leaks
+
+2014-11-17  Ken Murchison <murch at andrew.cmu.edu>
+	* plugins/digestmd5.c: prevent going from step 3 to step 2
+
+2013-09-13  Alexey Melnikov <alexey.melnikov at isode.com>
+	* Fix memory leaks in DIGEST
+
+2013-08-30  Ken Murchison <murch at andrew.cmu.edu>
+	* plugins/digestmd5.c: only locate reauth cache when reauth is
+	  enabled
+
+2013-07-11  Alexey Melnikov <alexey.melnikov at isode.com>
+	* Treat SCRAM and DIGEST as more secure than PLAIN when selecting
+	  client-side mechanism
+
+2013-07-11  Alexey Melnikov <alexey.melnikov at isode.com>
+	* Handle NULL return from crypt()
+
+2012-11-20  Alexey Melnikov <alexey.melnikov at isode.com>
+	* Added support for lmdb
+
 2012-11-19  Alexey Melnikov <alexey.melnikov at isode.com>
 	* Final 2.1.26 tagged and released by Ken.
 
diff --git a/configure.ac b/configure.ac
index d3f38af..199d93e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,10 +49,10 @@ dnl REMINDER: When changing the version number here, please also update
 dnl the values in win32/include/config.h and include/sasl.h as well.
 dnl
 AC_INIT([cyrus-sasl],
-        [2.1.26],
-        [https://git.cyrus.foundation/maniphest/],
+        [2.1.27],
+        [https://github.com/cyrusimap/cyrus-sasl/issues],
         [cyrus-sasl],
-        [https://docs.cyrus.foundation])
+        [http://cyrusimap.org])
 
 AC_CONFIG_MACRO_DIR([m4])
 
diff --git a/include/sasl.h b/include/sasl.h
index 54afd9c..eb001ec 100755
--- a/include/sasl.h
+++ b/include/sasl.h
@@ -126,7 +126,7 @@
 /* Keep in sync with win32/common.mak */
 #define SASL_VERSION_MAJOR 2
 #define SASL_VERSION_MINOR 1
-#define SASL_VERSION_STEP 26
+#define SASL_VERSION_STEP 27
 
 /* A convenience macro: same as was defined in the OpenLDAP LDAPDB */
 #define SASL_VERSION_FULL ((SASL_VERSION_MAJOR << 16) |\
diff --git a/saslauthd/ipc_doors.c b/saslauthd/ipc_doors.c
index 92f403c..4e459d7 100644
--- a/saslauthd/ipc_doors.c
+++ b/saslauthd/ipc_doors.c
@@ -203,13 +203,42 @@ void ipc_cleanup() {
 		logger(L_DEBUG, L_FUNC, "door file removed: %s", door_file);
 }
 
+/*************************************************************
+ * It is very rare but not impossible to have door_return actually return.
+ * When it does, it leaks a reference count.  Prevent that.
+ **************************************************************/
+
+void
+safe_door_return(char *data, size_t len)
+{
+    (void) door_return(data, len, NULL, 0);
+    /*
+     * If door_return() failed, and our response wasn't empty, try sending
+     * an empty response.  If that still doesn't work, then we must exit
+     * this thread.
+     */
+    if (len > 0) {
+	logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+	(void) door_return(NULL, 0, NULL, 0);
+    }
+    logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+
+    pthread_mutex_lock(&num_lock);
+    if (num_procs > 0 && num_thr > 0) {
+	num_thr--;
+    }
+    pthread_mutex_unlock(&num_lock);
+    pthread_exit(NULL);
+}
+
 
 /*************************************************************
  * Handle the door data, pass the request off to
  * do_auth() back in saslauthd-main.c, then send the 
  * result back through the door.
  **************************************************************/
-void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, size_t ndesc) {
+static void
+do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, uint_t ndesc) {
 	unsigned short		count = 0;                 /* input/output data byte count           */
 	char			*response = NULL;          /* response to send to the client         */
 	char			response_buff[1024];       /* temporary response buffer              */
@@ -227,6 +256,12 @@ void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, size
 	 **************************************************************/
 	dataend = data + datasize;
 
+	if (data == NULL || datasize < sizeof(unsigned short)) {
+		logger(L_ERR, L_FUNC, "Bad data");
+		send_no("");
+		return;
+	}
+
 	/* login id */
 	memcpy(&count, data, sizeof(unsigned short));
 
@@ -328,8 +363,7 @@ void do_request(void *cookie, char *data, size_t datasize, door_desc_t *dp, size
 	if (flags & VERBOSE)
 	    logger(L_DEBUG, L_FUNC, "response: %s", response_buff);
 
-	if(door_return(response_buff, strlen(response_buff), NULL, 0) < 0)
-	    logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+	safe_door_return(response_buff, strlen(response_buff));
 
 	return;
 }
@@ -353,14 +387,17 @@ void need_thread(door_info_t *di) {
 
     pthread_create(&newt, &thread_attr, &server_thread, NULL);
 }
- 
+
 /*************************************************************
  * Start a new server thread.
  * Make it available for door invocations.
  **************************************************************/
 void *server_thread(void *arg) {
     pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL);
-    door_return(NULL, 0, NULL, 0);
+
+    safe_door_return(NULL, 0);
+
+    return (void *) NULL;
 }
 
 /*************************************************************
@@ -382,8 +419,7 @@ void send_no(char *mesg) {
 	if (flags & VERBOSE)
 	    logger(L_DEBUG, L_FUNC, "response: %s", buff);
 
-	if(door_return(buff, strlen(buff), NULL, 0) < 0)
-	    logger(L_ERR, L_FUNC, "door_return: %s", strerror(errno));
+	safe_door_return(buff, strlen(buff));
 
 	return;	
 }
diff --git a/win32/common.mak b/win32/common.mak
index 5c9c4b2..194dfe9 100644
--- a/win32/common.mak
+++ b/win32/common.mak
@@ -2,7 +2,7 @@
 #Keep in sync with include/sasl.h and win32/include/config.h
 SASL_VERSION_MAJOR=2
 SASL_VERSION_MINOR=1
-SASL_VERSION_STEP=26
+SASL_VERSION_STEP=27
 
 !IF "$(STATIC)" == ""
 STATIC=yes
diff --git a/win32/include/config.h b/win32/include/config.h
index 3440837..8d8548e 100644
--- a/win32/include/config.h
+++ b/win32/include/config.h
@@ -55,7 +55,7 @@
 #define PACKAGE "cyrus-sasl"
 
 /* Our version */
-#define VERSION "2.1.26"
+#define VERSION "2.1.27"
 
 /* Visual Studio supports prototypes */
 #define PROTOTYPES     1

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-cyrus-sasl2/cyrus-sasl2.git



More information about the Pkg-cyrus-sasl2-commits mailing list