[gentoo-commits] gentoo-x86 commit in net-mail/dovecot/files: CVE-2015-3420.patch

[Eray Aslan (eras)]

eras        15/04/28 19:39:25

  Added:                CVE-2015-3420.patch
  Log:
  Security bump - bug #547872
  
  (Portage version: 2.2.18/cvs/Linux x86_64, signed Manifest commit with key 
0x77F1F175586A3B1F)

Revision  Changes    Path
1.1                  net-mail/dovecot/files/CVE-2015-3420.patch

file : 
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-mail/dovecot/files/CVE-2015-3420.patch?rev=1.1&view=markup
plain: 
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-mail/dovecot/files/CVE-2015-3420.patch?rev=1.1&content-type=text/plain

Index: CVE-2015-3420.patch
===================================================================
--- a/src/login-common/ssl-proxy-openssl.c      Sat Apr 25 12:16:07 2015 +0300
+++ b/src/login-common/ssl-proxy-openssl.c      Tue Apr 28 11:27:04 2015 +0200
@@ -80,6 +80,7 @@
        unsigned int cert_broken:1;
        unsigned int client_proxy:1;
        unsigned int flushing:1;
+       unsigned int failed:1;
 };
 
 struct ssl_parameters {
@@ -131,6 +132,12 @@
 static int ssl_proxy_ctx_get_pkey_ec_curve_name(const struct 
master_service_ssl_settings *set);
 #endif
 
+static void ssl_proxy_destroy_failed(struct ssl_proxy *proxy)
+{
+       proxy->failed = TRUE;
+       ssl_proxy_destroy(proxy);
+}
+
 static unsigned int ssl_server_context_hash(const struct ssl_server_context 
*ctx)
 {
        unsigned int i, g, h = 0;
@@ -462,7 +469,7 @@
 
        if (errstr != NULL) {
                proxy->last_error = i_strdup(errstr);
-               ssl_proxy_destroy(proxy);
+               ssl_proxy_destroy_failed(proxy);
        }
        ssl_proxy_unref(proxy);
 }
@@ -492,7 +499,7 @@
 
        if (proxy->handshake_callback != NULL) {
                if (proxy->handshake_callback(proxy->handshake_context) < 0)
-                       ssl_proxy_destroy(proxy);
+                       ssl_proxy_destroy_failed(proxy);
        }
 }
 
@@ -822,7 +829,8 @@
        if (proxy->destroyed || proxy->flushing)
                return;
        proxy->flushing = TRUE;
-       ssl_proxy_flush(proxy);
+       if (!proxy->failed && proxy->handshaked)
+               ssl_proxy_flush(proxy);
        proxy->destroyed = TRUE;
 
        ssl_proxy_count--;