This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=c81365ff295130c3f76aefec95a22b1b51857856 The branch, master has been updated via c81365ff295130c3f76aefec95a22b1b51857856 (commit) via 28f619230578deef226c46d347684c5272722101 (commit) via c8cae2ed8f78f462df328f41ea5c337607b1c034 (commit) via 11ef6f53572a913b4f4e996ff27b32429d55a20f (commit) via f8c16f234b70f17e6f1285f90760146a072403a5 (commit) via abef99fde6cc846abae50d1c7900dac5339bd033 (commit) via 235e266da1210f398dbdedc34ba9726eac78b2e6 (commit) from 607c591f1fc4d00dd550981b9a080be9fa9c33a0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c81365ff295130c3f76aefec95a22b1b51857856 Author: Simon Josefsson <[email protected]> Date: Sun Nov 14 02:15:40 2010 +0100 Generated. commit 28f619230578deef226c46d347684c5272722101 Author: Simon Josefsson <[email protected]> Date: Sun Nov 14 02:13:15 2010 +0100 Generated. commit c8cae2ed8f78f462df328f41ea5c337607b1c034 Author: Simon Josefsson <[email protected]> Date: Sun Nov 14 02:08:02 2010 +0100 Generated. commit 11ef6f53572a913b4f4e996ff27b32429d55a20f Author: Simon Josefsson <[email protected]> Date: Sun Nov 14 02:07:23 2010 +0100 Version 1.5.4. commit f8c16f234b70f17e6f1285f90760146a072403a5 Author: Simon Josefsson <[email protected]> Date: Sun Nov 14 02:06:33 2010 +0100 Generated. commit abef99fde6cc846abae50d1c7900dac5339bd033 Author: Simon Josefsson <[email protected]> Date: Sun Nov 14 02:02:26 2010 +0100 SCRAM: Fix memory leaks. commit 235e266da1210f398dbdedc34ba9726eac78b2e6 Author: Simon Josefsson <[email protected]> Date: Sun Nov 14 01:54:22 2010 +0100 Remove debug code. ----------------------------------------------------------------------- Summary of changes: ChangeLog | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++++ NEWS | 2 +- lib/ChangeLog | 82 ++++++++++++++++++++++++++++++++++++++++++++++++++++ lib/NEWS | 4 ++- lib/scram/server.c | 13 +++++--- tests/scramplus.c | 4 -- 6 files changed, 176 insertions(+), 11 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9eadfd4..1be1b68 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,88 @@ 2010-11-14 Simon Josefsson <[email protected]> + * lib/ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + + * NEWS, lib/NEWS: Version 1.5.4. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/NEWS, lib/scram/server.c: SCRAM: Fix memory leaks. + +2010-11-14 Simon Josefsson <[email protected]> + + * tests/scramplus.c: Remove debug code. + +2010-11-14 Simon Josefsson <[email protected]> + + * NEWS, lib/NEWS: Add. + +2010-11-14 Simon Josefsson <[email protected]> + + * GNUmakefile, gl/Makefile.am, gl/arpa_inet.in.h, gl/errno.in.h, + gl/float+.h, gl/float.in.h, gl/getopt.in.h, gl/iconv.in.h, + gl/inet_ntop.c, gl/m4/errno_h.m4, gl/m4/gnulib-comp.m4, + gl/m4/include_next.m4, gl/m4/locale-fr.m4, gl/m4/locale-ja.m4, + gl/m4/locale-zh.m4, gl/m4/poll.m4, gl/m4/poll_h.m4, + gl/m4/stdlib_h.m4, gl/m4/string_h.m4, gl/m4/sys_wait_h.m4, + gl/netdb.in.h, gl/netinet_in.in.h, gl/poll.c, gl/poll.in.h, + gl/printf-parse.c, gl/printf-parse.h, gl/stdarg.in.h, + gl/stddef.in.h, gl/stdint.in.h, gl/stdio.in.h, gl/stdlib.in.h, + gl/strerror.c, gl/string.in.h, gl/sys_select.in.h, + gl/sys_socket.in.h, gl/sys_time.in.h, gl/sys_wait.in.h, + gl/unistd.in.h, gl/vasnprintf.c, gl/wchar.in.h, gl/wctype.in.h, + gl/xalloc.h, gltests/Makefile.am, gltests/fcntl.in.h, + gltests/ignore-value.h, gltests/init.sh, gltests/malloca.c, + gltests/sys_ioctl.in.h, gltests/sys_stat.in.h, + gltests/test-getopt.h, gltests/test-getopt_long.h, + gltests/test-poll-h.c, gltests/test-poll.c, + gltests/test-quotearg-simple.c, gltests/test-select-stdin.c, + gltests/test-select.c, gltests/test-stdlib.c, + gltests/test-sys_wait.c, gltests/time.in.h, lib/GNUmakefile, + lib/build-aux/pmccabe.css, lib/build-aux/pmccabe2html, + lib/gl/Makefile.am, lib/gl/errno.in.h, lib/gl/float+.h, + lib/gl/float.in.h, lib/gl/m4/errno_h.m4, lib/gl/m4/gnulib-comp.m4, + lib/gl/m4/include_next.m4, lib/gl/m4/memmem.m4, + lib/gl/m4/stdlib_h.m4, lib/gl/m4/string_h.m4, + lib/gl/m4/sys_wait_h.m4, lib/gl/m4/threadlib.m4, + lib/gl/printf-parse.c, lib/gl/printf-parse.h, lib/gl/stddef.in.h, + lib/gl/stdint.in.h, lib/gl/stdio.in.h, lib/gl/stdlib.in.h, + lib/gl/str-two-way.h, lib/gl/string.in.h, lib/gl/sys_wait.in.h, + lib/gl/unistd.in.h, lib/gl/vasnprintf.c, lib/gl/verify.h, + lib/gl/wchar.in.h, lib/gltests/Makefile.am, lib/gltests/init.sh, + lib/gltests/test-memmem.c, lib/gltests/test-stdlib.c, + lib/gltests/test-sys_wait.c, lib/gltests/verify.h, lib/maint.mk, + maint.mk: Update gnulib files. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/NEWS: Add. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/scram/parser.c: Fix parsing bug. + +2010-11-14 Simon Josefsson <[email protected]> + + * NEWS, configure.ac, lib/NEWS, lib/configure.ac, lib/src/gsasl.h: + Bump versions. + +2010-11-14 Simon Josefsson <[email protected]> + + * ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + * NEWS, lib/NEWS: Version 1.5.3. 2010-11-14 Simon Josefsson <[email protected]> diff --git a/NEWS b/NEWS index 37e325e..caa7b77 100644 --- a/NEWS +++ b/NEWS @@ -6,7 +6,7 @@ Note that changes to the GNU SASL Library is documented in lib/NEWS. This file track changes to the remaining, non-library, parts of GNU SASL. That include the manual, the command line tool, and self tests. -* Version 1.5.4 (unreleased) [beta] +* Version 1.5.4 (released 2010-11-14) [beta] ** Update gnulib files. diff --git a/lib/ChangeLog b/lib/ChangeLog index b4e9d3b..98a4b43 100644 --- a/lib/ChangeLog +++ b/lib/ChangeLog @@ -1,5 +1,87 @@ 2010-11-14 Simon Josefsson <[email protected]> + * lib/ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + + * NEWS, lib/NEWS: Version 1.5.4. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/NEWS, lib/scram/server.c: SCRAM: Fix memory leaks. + +2010-11-14 Simon Josefsson <[email protected]> + + * tests/scramplus.c: Remove debug code. + +2010-11-14 Simon Josefsson <[email protected]> + + * NEWS, lib/NEWS: Add. + +2010-11-14 Simon Josefsson <[email protected]> + + * GNUmakefile, gl/Makefile.am, gl/arpa_inet.in.h, gl/errno.in.h, + gl/float+.h, gl/float.in.h, gl/getopt.in.h, gl/iconv.in.h, + gl/inet_ntop.c, gl/m4/errno_h.m4, gl/m4/gnulib-comp.m4, + gl/m4/include_next.m4, gl/m4/locale-fr.m4, gl/m4/locale-ja.m4, + gl/m4/locale-zh.m4, gl/m4/poll.m4, gl/m4/poll_h.m4, + gl/m4/stdlib_h.m4, gl/m4/string_h.m4, gl/m4/sys_wait_h.m4, + gl/netdb.in.h, gl/netinet_in.in.h, gl/poll.c, gl/poll.in.h, + gl/printf-parse.c, gl/printf-parse.h, gl/stdarg.in.h, + gl/stddef.in.h, gl/stdint.in.h, gl/stdio.in.h, gl/stdlib.in.h, + gl/strerror.c, gl/string.in.h, gl/sys_select.in.h, + gl/sys_socket.in.h, gl/sys_time.in.h, gl/sys_wait.in.h, + gl/unistd.in.h, gl/vasnprintf.c, gl/wchar.in.h, gl/wctype.in.h, + gl/xalloc.h, gltests/Makefile.am, gltests/fcntl.in.h, + gltests/ignore-value.h, gltests/init.sh, gltests/malloca.c, + gltests/sys_ioctl.in.h, gltests/sys_stat.in.h, + gltests/test-getopt.h, gltests/test-getopt_long.h, + gltests/test-poll-h.c, gltests/test-poll.c, + gltests/test-quotearg-simple.c, gltests/test-select-stdin.c, + gltests/test-select.c, gltests/test-stdlib.c, + gltests/test-sys_wait.c, gltests/time.in.h, lib/GNUmakefile, + lib/build-aux/pmccabe.css, lib/build-aux/pmccabe2html, + lib/gl/Makefile.am, lib/gl/errno.in.h, lib/gl/float+.h, + lib/gl/float.in.h, lib/gl/m4/errno_h.m4, lib/gl/m4/gnulib-comp.m4, + lib/gl/m4/include_next.m4, lib/gl/m4/memmem.m4, + lib/gl/m4/stdlib_h.m4, lib/gl/m4/string_h.m4, + lib/gl/m4/sys_wait_h.m4, lib/gl/m4/threadlib.m4, + lib/gl/printf-parse.c, lib/gl/printf-parse.h, lib/gl/stddef.in.h, + lib/gl/stdint.in.h, lib/gl/stdio.in.h, lib/gl/stdlib.in.h, + lib/gl/str-two-way.h, lib/gl/string.in.h, lib/gl/sys_wait.in.h, + lib/gl/unistd.in.h, lib/gl/vasnprintf.c, lib/gl/verify.h, + lib/gl/wchar.in.h, lib/gltests/Makefile.am, lib/gltests/init.sh, + lib/gltests/test-memmem.c, lib/gltests/test-stdlib.c, + lib/gltests/test-sys_wait.c, lib/gltests/verify.h, lib/maint.mk, + maint.mk: Update gnulib files. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/NEWS: Add. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/scram/parser.c: Fix parsing bug. + +2010-11-14 Simon Josefsson <[email protected]> + + * NEWS, configure.ac, lib/NEWS, lib/configure.ac, lib/src/gsasl.h: + Bump versions. + +2010-11-14 Simon Josefsson <[email protected]> + + * ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + + * lib/ChangeLog: Generated. + +2010-11-14 Simon Josefsson <[email protected]> + * NEWS, lib/NEWS: Version 1.5.3. 2010-11-14 Simon Josefsson <[email protected]> diff --git a/lib/NEWS b/lib/NEWS index 1d42d4e..6540d45 100644 --- a/lib/NEWS +++ b/lib/NEWS @@ -2,10 +2,12 @@ GNU SASL LIBRARY NEWS -- History of user-visible changes. Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Simon Josefsson See the end for copying conditions. -* Version 1.5.4 (unreleased) [beta] +* Version 1.5.4 (released 2010-11-14) [beta] ** SCRAM-SHA-1-PLUS: Fix parsing bug causing memory corruption. +** SCRAM: Fix memory leaks. + ** Update gnulib files. ** API and ABI modifications. diff --git a/lib/scram/server.c b/lib/scram/server.c index ea1a5ae..710868a 100644 --- a/lib/scram/server.c +++ b/lib/scram/server.c @@ -52,6 +52,7 @@ struct scram_server_state { int plus; int step; + char *cbind; char *gs2header; /* copy of client first gs2-header */ char *cfmb_str; /* copy of client first message bare */ char *sf_str; /* copy of server first message */ @@ -268,10 +269,9 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx, client-first. Also check channel binding data. */ { size_t len; - char *cbind; rc = gsasl_base64_from (state->cl.cbind, strlen (state->cl.cbind), - &cbind, &len); + &state->cbind, &len); if (rc != 0) return rc; @@ -280,14 +280,14 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx, if (len < strlen (state->gs2header)) return GSASL_AUTHENTICATION_ERROR; - if (memcmp (cbind, state->gs2header, + if (memcmp (state->cbind, state->gs2header, strlen (state->gs2header)) != 0) return GSASL_AUTHENTICATION_ERROR; if (len - strlen (state->gs2header) != state->cbtlsuniquelen) return GSASL_AUTHENTICATION_ERROR; - if (memcmp (cbind + strlen (state->gs2header), + if (memcmp (state->cbind + strlen (state->gs2header), state->cbtlsunique, state->cbtlsuniquelen) != 0) return GSASL_AUTHENTICATION_ERROR; } @@ -296,7 +296,7 @@ _gsasl_scram_sha1_server_step (Gsasl_session * sctx, if (len != strlen (state->gs2header)) return GSASL_AUTHENTICATION_ERROR; - if (memcmp (cbind, state->gs2header, len) != 0) + if (memcmp (state->cbind, state->gs2header, len) != 0) return GSASL_AUTHENTICATION_ERROR; } } @@ -464,6 +464,8 @@ _gsasl_scram_sha1_server_finish (Gsasl_session * sctx, void *mech_data) if (!state) return; + free (state->cbind); + free (state->gs2header); free (state->cfmb_str); free (state->sf_str); free (state->snonce); @@ -471,6 +473,7 @@ _gsasl_scram_sha1_server_finish (Gsasl_session * sctx, void *mech_data) free (state->storedkey); free (state->serverkey); free (state->authmessage); + free (state->cbtlsunique); scram_free_client_first (&state->cf); scram_free_server_first (&state->sf); scram_free_client_final (&state->cl); diff --git a/tests/scramplus.c b/tests/scramplus.c index 0e1ab28..df23fac 100644 --- a/tests/scramplus.c +++ b/tests/scramplus.c @@ -231,10 +231,6 @@ doit (void) return; } - if (debug) - printf ("C: %.*s [%c]\n", (int) s1len, - s1, res == GSASL_OK ? 'O' : 'N'); - /* Shorten length of cbdata. */ if (i == 17) s1[41] = '='; hooks/post-receive -- GNU gsasl _______________________________________________ Gsasl-commit mailing list [email protected] http://lists.gnu.org/mailman/listinfo/gsasl-commit
