Blame SOURCES/dovecot-2.2.10-CVE_2014_3430.patch

5fb73d
5fb73d
# HG changeset patch
5fb73d
# User Timo Sirainen <tss@iki.fi>
5fb73d
# Date 1399472781 -10800
5fb73d
# Node ID 41622541a7a3a938895b5fe045bbc633a9b6c022
5fb73d
# Parent  7a08a481c133be4b8cb8415feaed1321d560cee5
5fb73d
*-login: SSL connections didn't get closed when the client got destroyed.
5fb73d
5fb73d
diff -r 7a08a481c133 -r 41622541a7a3 src/login-common/client-common.c
5fb73d
--- a/src/login-common/client-common.c	Wed May 07 17:12:19 2014 +0300
5fb73d
+++ b/src/login-common/client-common.c	Wed May 07 17:26:21 2014 +0300
5fb73d
@@ -171,6 +171,8 @@
5fb73d
 		last_client = client->prev;
5fb73d
 	DLLIST_REMOVE(&clients, client);
5fb73d
 
5fb73d
+	if (!client->login_success && client->ssl_proxy != NULL)
5fb73d
+		ssl_proxy_destroy(client->ssl_proxy);
5fb73d
 	if (client->input != NULL)
5fb73d
 		i_stream_close(client->input);
5fb73d
 	if (client->output != NULL)
5fb73d
diff -r 7a08a481c133 -r 41622541a7a3 src/login-common/ssl-proxy-openssl.c
5fb73d
--- a/src/login-common/ssl-proxy-openssl.c	Wed May 07 17:12:19 2014 +0300
5fb73d
+++ b/src/login-common/ssl-proxy-openssl.c	Wed May 07 17:26:21 2014 +0300
5fb73d
@@ -116,7 +116,6 @@
5fb73d
 static void ssl_read(struct ssl_proxy *proxy);
5fb73d
 static void ssl_write(struct ssl_proxy *proxy);
5fb73d
 static void ssl_step(struct ssl_proxy *proxy);
5fb73d
-static void ssl_proxy_destroy(struct ssl_proxy *proxy);
5fb73d
 static void ssl_proxy_unref(struct ssl_proxy *proxy);
5fb73d
 
5fb73d
 static struct ssl_server_context *
5fb73d
@@ -807,7 +806,7 @@
5fb73d
 	i_free(proxy);
5fb73d
 }
5fb73d
 
5fb73d
-static void ssl_proxy_destroy(struct ssl_proxy *proxy)
5fb73d
+void ssl_proxy_destroy(struct ssl_proxy *proxy)
5fb73d
 {
5fb73d
 	if (proxy->destroyed)
5fb73d
 		return;
5fb73d
diff -r 7a08a481c133 -r 41622541a7a3 src/login-common/ssl-proxy.h
5fb73d
--- a/src/login-common/ssl-proxy.h	Wed May 07 17:12:19 2014 +0300
5fb73d
+++ b/src/login-common/ssl-proxy.h	Wed May 07 17:26:21 2014 +0300
5fb73d
@@ -34,6 +34,7 @@
5fb73d
 const char *ssl_proxy_get_security_string(struct ssl_proxy *proxy);
5fb73d
 const char *ssl_proxy_get_compression(struct ssl_proxy *proxy);
5fb73d
 const char *ssl_proxy_get_cert_error(struct ssl_proxy *proxy);
5fb73d
+void ssl_proxy_destroy(struct ssl_proxy *proxy);
5fb73d
 void ssl_proxy_free(struct ssl_proxy **proxy);
5fb73d
 
5fb73d
 /* Return number of active SSL proxies */
5fb73d