Fix #2085 About director segfault in cram-md5 function

The socket is not supposed to be NULL at that point.

  BSOCK::recv (this=0x0) at bsock.c:795
  in cram_md5_respond (bs=0x0, password=0x7f0961a939c8 "336e56dd67724e551c983a1c50c1f51f", tls_remote_need=<value optimized out>, compatible=0x7f09a53e0a68) at cram-md5.c:155
  in authenticate_storage_daemon (jcr=0x1469218, store=0x7f0961a93a28) at authenticate.c:98
  in connect_to_storage_daemon (jcr=0x1469218, retry_interval=10, max_retry_time=1800, verbose=1) at msgchan.c:133
  in do_backup (jcr=0x1469218) at backup.c:498

diff --git a/bacula/src/dird/authenticate.c b/bacula/src/dird/authenticate.c
index e0eb7aca01de76a3d6bf3ae27ff733c4d70d1ccd..0dce7ef5db62f139bf0c325ddf15d336c8cfb704 100644 (file)
--- a/bacula/src/dird/authenticate.c
+++ b/bacula/src/dird/authenticate.c
@@ -67,6 +67,11 @@ bool authenticate_storage_daemon(JCR *jcr, STORE *store)
    int compatible = true;
    bool auth_success = false;
 
+   if (!sd) {
+      Dmsg0(dbglvl, "Invalid bsock\n");
+      return false;
+   }
+
    /*
     * Send my name to the Storage daemon then do authentication
     */

diff --git a/bacula/src/dird/msgchan.c b/bacula/src/dird/msgchan.c
index 1f227bbd938412c95679d41dc88733738b7f4625..ee5f636c9d898d66fdaaf1fd603ff946a832c9fe 100644 (file)
--- a/bacula/src/dird/msgchan.c
+++ b/bacula/src/dird/msgchan.c
@@ -123,6 +123,10 @@ bool connect_to_storage_daemon(JCR *jcr, int retry_interval,
    sd->set_source_address(director->DIRsrc_addr);
    if (!sd->connect(jcr, retry_interval, max_retry_time, heart_beat, _("Storage daemon"),
          store->address, NULL, store->SDport, verbose)) {
+
+      if (!jcr->store_bsock) {  /* The bsock was locally created, so we free it here */
+         free_bsock(sd);
+      }
       sd = NULL;
    }
 

diff --git a/bacula/src/lib/cram-md5.c b/bacula/src/lib/cram-md5.c
index 035983a9df5727e6618fff50681eb46e6112eb81..facdbe0087fdd1a8e08a3ac878e03de319f02c32 100644 (file)
--- a/bacula/src/lib/cram-md5.c
+++ b/bacula/src/lib/cram-md5.c
@@ -50,6 +50,11 @@ bool cram_md5_challenge(BSOCK *bs, const char *password, int tls_local_need, int
    char host[MAXSTRING];
    uint8_t hmac[20];
 
+   if (!bs) {
+      Dmsg0(dbglvl, "Invalid bsock\n");
+      return false;
+   }
+
    gettimeofday(&t1, &tz);
    for (i=0; i<4; i++) {
       gettimeofday(&t2, &tz);
@@ -110,6 +115,11 @@ bool cram_md5_respond(BSOCK *bs, const char *password, int *tls_remote_need, int
    char chal[MAXSTRING];
    uint8_t hmac[20];
 
+   if (!bs) {
+      Dmsg0(dbglvl, "Invalid bsock\n");
+      return false;
+   }
+
    *compatible = false;
    if (bs->recv() <= 0) {
       bmicrosleep(5, 0);