[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: ldap_sasl_interactive_bind_s leaks? (ITS#2423)
> >> > >On Mon, 14 Apr 2003, Howard Chu wrote:
> >> > >
> >> > >> > > I think sasl_done() needs to be called during ldap_unbind() and
> >> > >> > > ldap_int_sasl_init() needs to be called every time
> >> > >> ldap_init(ialize)()
> >> > >> > > runs rather than just once. Please see attached patch.
> >> > >> My patch also
> >> > >> > > fixes threadsafe issue in ldap_int_sasl_init().
> >> > >> >
> >> > >> > This solution isn't any better. My interpretation of the
> >> > >> SASL docs is that
> >> > >> > sasl_done() only needs to be called once, at the end of the
> >> > >> particular
> >> > >
> >> > >This is an incorrect interpretation according to the Cyrus team;
> >> > >sasl_done() is meant to be used multiple times within an application.
> >> > >
> >> > >However, cyrus bug 1963 is preventing sasl_done() from being used
> >> > >properly. The bug is currently being worked on.
> >> > >
Cyrus team has posted a fix for bug 1963 in cvs.
> >> > >> This is probably true until cyrus-sasl bug 1963 is developed.
> >> > >> sasl_done() clears digest-md5 reauth buffer. This is what causes the
> >> > >> leak, the buffer is never cleared.
> >> > >
> >> > >> > Patch like the one I proposed still needs to be applied to openldap.
> >> > >>
> >> > >> No. Your patch masks one problem with another. The DIGEST-MD5 code needs to
> >> > >> be fixed.
> >> > >>
> >> > >
> >> > >I wrote the patch with the above in mind.
> >> > >
> >> > >Please let me know what an acceptable patch needs to do.
> >> > >
> >> > >--
> >> > >Igor
> >> >
> >> >
> >>
> >>
> >
> >--
> >Igor
>
>
--
Igor