Fixed leak of shared keys in xauth-generic plugin
authorMartin Willi <martin@revosec.ch>
Tue, 13 Dec 2011 10:39:54 +0000 (11:39 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:31:20 +0000 (17:31 +0100)
src/libcharon/plugins/xauth_generic/xauth_generic.c

index cac740a..981ab77 100644 (file)
@@ -73,6 +73,7 @@ METHOD(xauth_method_t, process_peer, status_t,
                                CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, user));
        cp->add_attribute(cp, configuration_attribute_create_chunk(
                                CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_PASSWORD, pass));
+       shared->destroy(shared);
        *out = cp;
        return NEED_MORE;
 }
@@ -151,6 +152,7 @@ METHOD(xauth_method_t, process_server, status_t,
        {
                DBG2(DBG_IKE, "authentication of '%Y' with XAuth successful", peer);
        }
+       DESTROY_IF(shared);
        DESTROY_IF(id);
        return status;
 }