dovecot-2.1: *-login: Fixed crashing when proxying SSL connectio...

[dovecot at dovecot.org]

details:   http://hg.dovecot.org/dovecot-2.1/rev/1d23440ccb89
changeset: 14331:1d23440ccb89
user:      Timo Sirainen <tss at iki.fi>
date:      Thu Mar 22 15:32:00 2012 +0200
description:
*-login: Fixed crashing when proxying SSL connections to a remote server.

diffstat:

 src/login-common/client-common.c     |  7 ++++---
 src/login-common/ssl-proxy-openssl.c |  8 +++++---
 src/login-common/ssl-proxy.h         |  1 +
 3 files changed, 10 insertions(+), 6 deletions(-)

diffs (67 lines):

diff -r ff5c341f8838 -r 1d23440ccb89 src/login-common/client-common.c
--- a/src/login-common/client-common.c	Wed Mar 21 19:01:44 2012 +0200
+++ b/src/login-common/client-common.c	Thu Mar 22 15:32:00 2012 +0200
@@ -180,10 +180,10 @@
 		i_free_and_null(client->proxy_password);
 	}
 
+	if (client->ssl_proxy != NULL)
+		ssl_proxy_unset_client(client->ssl_proxy);
 	if (client->login_proxy != NULL)
 		login_proxy_free(&client->login_proxy);
-	if (client->ssl_proxy != NULL)
-		ssl_proxy_free(&client->ssl_proxy);
 	client->v.destroy(client);
 	if (client_unref(&client) && initial_service_count == 1) {
 		/* as soon as this connection is done with proxying
@@ -229,9 +229,10 @@
 	*_client = NULL;
 
 	i_assert(client->destroyed);
-	i_assert(client->ssl_proxy == NULL);
 	i_assert(client->login_proxy == NULL);
 
+	if (client->ssl_proxy != NULL)
+		ssl_proxy_free(&client->ssl_proxy);
 	if (client->input != NULL)
 		i_stream_unref(&client->input);
 	if (client->output != NULL)
diff -r ff5c341f8838 -r 1d23440ccb89 src/login-common/ssl-proxy-openssl.c
--- a/src/login-common/ssl-proxy-openssl.c	Wed Mar 21 19:01:44 2012 +0200
+++ b/src/login-common/ssl-proxy-openssl.c	Thu Mar 22 15:32:00 2012 +0200
@@ -654,10 +654,14 @@
 {
 	i_assert(proxy->client == NULL);
 
-	client_ref(client);
 	proxy->client = client;
 }
 
+void ssl_proxy_unset_client(struct ssl_proxy *proxy)
+{
+	proxy->client = NULL;
+}
+
 bool ssl_proxy_has_valid_client_cert(const struct ssl_proxy *proxy)
 {
 	return proxy->cert_received && !proxy->cert_broken;
@@ -763,8 +767,6 @@
 
 	SSL_free(proxy->ssl);
 
-	if (proxy->client != NULL)
-		client_unref(&proxy->client);
 	i_free(proxy->last_error);
 	i_free(proxy);
 }
diff -r ff5c341f8838 -r 1d23440ccb89 src/login-common/ssl-proxy.h
--- a/src/login-common/ssl-proxy.h	Wed Mar 21 19:01:44 2012 +0200
+++ b/src/login-common/ssl-proxy.h	Thu Mar 22 15:32:00 2012 +0200
@@ -22,6 +22,7 @@
 			   struct ssl_proxy **proxy_r);
 void ssl_proxy_start(struct ssl_proxy *proxy);
 void ssl_proxy_set_client(struct ssl_proxy *proxy, struct client *client);
+void ssl_proxy_unset_client(struct ssl_proxy *proxy);
 bool ssl_proxy_has_valid_client_cert(const struct ssl_proxy *proxy) ATTR_PURE;
 bool ssl_proxy_has_broken_client_cert(struct ssl_proxy *proxy);
 int ssl_proxy_cert_match_name(struct ssl_proxy *proxy, const char *verify_name);