diff options
Diffstat (limited to 'imap')
| -rw-r--r-- | imap/src/c-client/auth_bea.c | 3 | ||||
| -rw-r--r-- | imap/src/c-client/auth_oa2.c | 3 | ||||
| -rw-r--r-- | imap/src/c-client/mail.c | 1 | ||||
| -rw-r--r-- | imap/src/c-client/oauth2_aux.c | 6 | ||||
| -rw-r--r-- | imap/src/osdep/unix/ssl_unix.c | 10 |
5 files changed, 18 insertions, 5 deletions
diff --git a/imap/src/c-client/auth_bea.c b/imap/src/c-client/auth_bea.c index e05a5007..d6dca992 100644 --- a/imap/src/c-client/auth_bea.c +++ b/imap/src/c-client/auth_bea.c @@ -155,5 +155,8 @@ long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder if(oauth2.param[OA2_Id].value) fs_give((void **) &oauth2.param[OA2_Id].value); if(oauth2.param[OA2_Secret].value) fs_give((void **) &oauth2.param[OA2_Secret].value); if(oauth2.param[OA2_Tenant].value) fs_give((void **) &oauth2.param[OA2_Tenant].value); + if(oauth2.param[OA2_State].value) fs_give((void **) &oauth2.param[OA2_State].value); + if(oauth2.param[OA2_RefreshToken].value) fs_give((void **) &oauth2.param[OA2_RefreshToken].value); + if(oauth2.access_token) fs_give((void **) &oauth2.access_token); return ret; } diff --git a/imap/src/c-client/auth_oa2.c b/imap/src/c-client/auth_oa2.c index 7fb30542..2f52c4f2 100644 --- a/imap/src/c-client/auth_oa2.c +++ b/imap/src/c-client/auth_oa2.c @@ -174,5 +174,8 @@ long auth_oauth2_client (authchallenge_t challenger,authrespond_t responder, cha if(oauth2.param[OA2_Id].value) fs_give((void **) &oauth2.param[OA2_Id].value); if(oauth2.param[OA2_Secret].value) fs_give((void **) &oauth2.param[OA2_Secret].value); if(oauth2.param[OA2_Tenant].value) fs_give((void **) &oauth2.param[OA2_Tenant].value); + if(oauth2.param[OA2_State].value) fs_give((void **) &oauth2.param[OA2_State].value); + if(oauth2.param[OA2_RefreshToken].value) fs_give((void **) &oauth2.param[OA2_RefreshToken].value); + if(oauth2.access_token) fs_give((void **) &oauth2.access_token); return ret; } diff --git a/imap/src/c-client/mail.c b/imap/src/c-client/mail.c index f3e14fe3..730201c2 100644 --- a/imap/src/c-client/mail.c +++ b/imap/src/c-client/mail.c @@ -1440,6 +1440,7 @@ MAILSTREAM *mail_close_full (MAILSTREAM *stream,long options) if (stream->dtb) (*stream->dtb->close) (stream,options); stream->dtb = NIL; /* resign driver */ if (stream->mailbox) fs_give ((void **) &stream->mailbox); + if (stream->auth.name) fs_give ((void **) &stream->auth.name); if (stream->original_mailbox) fs_give ((void **) &stream->original_mailbox); if (stream->snarf.name) fs_give ((void **) &stream->snarf.name); diff --git a/imap/src/c-client/oauth2_aux.c b/imap/src/c-client/oauth2_aux.c index 4ab538c7..5af94992 100644 --- a/imap/src/c-client/oauth2_aux.c +++ b/imap/src/c-client/oauth2_aux.c @@ -425,8 +425,7 @@ void renew_accesstoken(MAILSTREAM *stream) user[0] = '\0'; mm_login_method (&mb, user, (void *) &oauth2, trial, stream->auth.name); - if(oauth2.param[OA2_State].value) - fs_give((void **) &oauth2.param[OA2_State].value); + oauth2.param[OA2_State].value = NIL; /* this is freed before we get here */ if(stream->auth.expiration == 0){ stream->auth.expiration = oauth2.expiration; @@ -447,4 +446,7 @@ void renew_accesstoken(MAILSTREAM *stream) if(oauth2.param[OA2_Id].value) fs_give((void **) &oauth2.param[OA2_Id].value); if(oauth2.param[OA2_Secret].value) fs_give((void **) &oauth2.param[OA2_Secret].value); if(oauth2.param[OA2_Tenant].value) fs_give((void **) &oauth2.param[OA2_Tenant].value); + if(oauth2.param[OA2_State].value) fs_give((void **) &oauth2.param[OA2_State].value); + if(oauth2.param[OA2_RefreshToken].value) fs_give((void **) &oauth2.param[OA2_RefreshToken].value); + if(oauth2.access_token) fs_give((void **) &oauth2.access_token); } diff --git a/imap/src/osdep/unix/ssl_unix.c b/imap/src/osdep/unix/ssl_unix.c index b43842df..9d0124ff 100644 --- a/imap/src/osdep/unix/ssl_unix.c +++ b/imap/src/osdep/unix/ssl_unix.c @@ -468,16 +468,18 @@ static char *ssl_start_work (SSLSTREAM *stream,char *host,unsigned long flags) if (SSL_write (stream->con,"",0) < 0) return ssl_last_error ? ssl_last_error : "SSL negotiation failed"; /* need to validate host names? */ + cert = SSL_get_peer_certificate (stream->con); if (!(flags & NET_NOVALIDATECERT) && - (err = ssl_validate_cert (cert = SSL_get_peer_certificate (stream->con), - host))) { + (err = ssl_validate_cert (cert, host))) { /* application callback */ X509_NAME_oneline (X509_get_subject_name(cert), buf, sizeof(buf)); if (scq) return (*scq) (err,host,cert ? buf : "???") ? NIL : ""; /* error message to return via mm_log() */ sprintf (tmp,"*%.128s: %.255s",err,cert ? buf : "???"); + X509_free(cert); return ssl_last_error = cpystr (tmp); } + X509_free(cert); return NIL; } @@ -520,7 +522,7 @@ static char *ssl_validate_cert (X509 *cert,char *host) { int i,j,n, m = 0; char *s=NULL,*t,*ret = NIL; - void *ext; + void *ext = NIL; GENERAL_NAME *name; X509_NAME *cname; X509_NAME_ENTRY *e; @@ -546,6 +548,7 @@ static char *ssl_validate_cert (X509 *cert,char *host) if ((name = sk_GENERAL_NAME_value (ext,i)) && (name->type = GEN_DNS) && (s = name->d.ia5->data) && ssl_compare_hostnames (host,s)) ret = NIL; + if(ext) GENERAL_NAMES_free(ext); } #endif /* OPENSSL_1_1_0 */ /* Method 2, use cname */ @@ -569,6 +572,7 @@ static char *ssl_validate_cert (X509 *cert,char *host) if ((name = sk_GENERAL_NAME_value (ext,i)) && (name->type = GEN_DNS) && (s = name->d.ia5->data) && ssl_compare_hostnames (host,s)) ret = NIL; + if(ext) GENERAL_NAMES_free(ext); } } } |