fix leak when 'rebind-as-user' is set (and client searches without prior bind)

diff --git a/servers/slapd/back-meta/bind.c b/servers/slapd/back-meta/bind.c
index 84bd5ec45b18dc3aa4bf3a3ae92091a54362b38c..e648dee09825b093bc570d53a2d32b7265728eee 100644 (file)
--- a/servers/slapd/back-meta/bind.c
+++ b/servers/slapd/back-meta/bind.c
@@ -168,9 +168,7 @@ meta_back_bind( Operation *op, SlapReply *rs )
                                        BER_BVZERO( &msc->msc_bound_ndn );
                                }
 
-                               if ( LDAP_BACK_SAVECRED( mi ) &&
-                                       !BER_BVISNULL( &msc->msc_cred ) )
-                               {
+                               if ( !BER_BVISNULL( &msc->msc_cred ) ) {
                                        /* destroy sensitive data */
                                        memset( msc->msc_cred.bv_val, 0,
                                                msc->msc_cred.bv_len );
@@ -471,7 +469,7 @@ meta_back_single_bind(
                BER_BVZERO( &msc->msc_bound_ndn );
        }
 
-       if ( LDAP_BACK_SAVECRED( mi ) && !BER_BVISNULL( &msc->msc_cred ) ) {
+       if ( !BER_BVISNULL( &msc->msc_cred ) ) {
                /* destroy sensitive data */
                memset( msc->msc_cred.bv_val, 0, msc->msc_cred.bv_len );
                ch_free( msc->msc_cred.bv_val );
@@ -523,6 +521,10 @@ meta_back_single_bind(
        mc->mc_authz_target = candidate;
 
        if ( LDAP_BACK_SAVECRED( mi ) ) {
+               if ( !BER_BVISNULL( &msc->msc_cred ) ) {
+                       memset( msc->msc_cred.bv_val, 0,
+                               msc->msc_cred.bv_len );
+               }
                ber_bvreplace( &msc->msc_cred, &op->orb_cred );
                ldap_set_rebind_proc( msc->msc_ld, mt->mt_rebind_f, msc );
        }

diff --git a/servers/slapd/back-meta/conn.c b/servers/slapd/back-meta/conn.c
index 4d2ddc454433f2923f0d187f5eb869c40dfdbdd8..b1c4cc5724bb0d9d64b2f979202d70150ce5a2b0 100644 (file)
--- a/servers/slapd/back-meta/conn.c
+++ b/servers/slapd/back-meta/conn.c
@@ -458,6 +458,10 @@ retry:;
                if ( !BER_BVISNULL( &mt->mt_idassert_authcDN ) ) {
                        ber_bvreplace( &msc->msc_bound_ndn, &mt->mt_idassert_authcDN );
                        if ( !BER_BVISNULL( &mt->mt_idassert_passwd ) ) {
+                               if ( !BER_BVISNULL( &msc->msc_cred ) ) {
+                                       memset( msc->msc_cred.bv_val, 0,
+                                               msc->msc_cred.bv_len );
+                               }
                                ber_bvreplace( &msc->msc_cred, &mt->mt_idassert_passwd );
                        }
 

diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c
index 04aa880f04d7a4f6d3a118719e94c51a7cf5c394..c3c0eb01e15673d269ccbe2eb0dbd22e9f86631b 100644 (file)
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -194,7 +194,11 @@ meta_search_dobind_init(
                if ( !BER_BVISNULL( &binddn ) ) {
                        ber_bvreplace( &msc->msc_bound_ndn, &binddn );
                        if ( LDAP_BACK_SAVECRED( mi ) && !BER_BVISNULL( &cred ) ) {
-                               ber_dupbv( &msc->msc_cred, &cred );
+                               if ( !BER_BVISNULL( &msc->msc_cred ) ) {
+                                       memset( msc->msc_cred.bv_val, 0,
+                                               msc->msc_cred.bv_len );
+                               }
+                               ber_bvreplace( &msc->msc_cred, &cred );
                        }
                }