- fix leak in session freelist when initial RADIUS session allocation fails

- check that radiusnew succeeded before using r

diff --git a/Changes b/Changes
index 274e066..5ef5266 100644 (file)
--- a/Changes
+++ b/Changes
@@ -1,3 +1,7 @@
+* Sat May 7 2005 Brendan O'Dea <bod@optusnet.com.au> 2.0.19
+- Fix leak in session freelist when initial RADIUS session allocation
+  fails.
+
 * Tue May 3 2005 Brendan O'Dea <bod@optusnet.com.au> 2.0.18
 - Add a Cisco-Avpair with intercept details to RADIUS Start/Stop
   records.

diff --git a/garden.c b/garden.c
index bda354b..ff8978d 100644 (file)
--- a/garden.c
+++ b/garden.c
@@ -9,7 +9,7 @@
 
 /* walled garden */
 
-char const *cvs_id = "$Id: garden.c,v 1.20 2004/12/16 08:49:53 bodea Exp $";
+char const *cvs_id = "$Id: garden.c,v 1.20.2.1 2005/05/07 03:51:20 bodea Exp $";
 
 int plugin_api_version = PLUGIN_API_VERSION;
 static struct pluginfuncs *p = 0;
@@ -214,7 +214,7 @@ int garden_session(sessiont *s, int flag)
                {
                        /* OK, we're up! */
                        uint16_t r = p->radiusnew(p->get_id_by_session(s));
-                       p->radiussend(r, RADIUSSTART);
+                       if (r) p->radiussend(r, RADIUSSTART);
                }
        }
 

diff --git a/l2tpns.c b/l2tpns.c
index 5641cd6..200ae0a 100644 (file)
--- a/l2tpns.c
+++ b/l2tpns.c
@@ -4,7 +4,7 @@
 // Copyright (c) 2002 FireBrick (Andrews & Arnold Ltd / Watchfront Ltd) - GPL licenced
 // vim: sw=8 ts=8
 
-char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.73.2.7 2005/05/06 06:35:18 bodea Exp $";
+char const *cvs_id_l2tpns = "$Id: l2tpns.c,v 1.73.2.8 2005/05/07 03:51:21 bodea Exp $";
 
 #include <arpa/inet.h>
 #include <assert.h>
@@ -1117,7 +1117,6 @@ void sessionshutdown(sessionidt s, char *reason)
                        if (!(r = radiusnew(s)))
                        {
                                LOG(1, s, session[s].tunnel, "No free RADIUS sessions for Stop message\n");
-                               STAT(radius_overflow);
                        }
                        else
                        {
@@ -1189,6 +1188,12 @@ void sendipcp(tunnelidt t, sessionidt s)
        if (!r)
                r = radiusnew(s);
 
+       if (!r)
+       {
+               sessionshutdown(s, "No free RADIUS sessions for IPCP");
+               return;
+       }
+
        if (radius[r].state != RADIUSIPCP)
        {
                radius[r].state = RADIUSIPCP;
@@ -1219,6 +1224,17 @@ void sendipcp(tunnelidt t, sessionidt s)
        session[s].flags &= ~SF_IPCP_ACKED;     // Clear flag.
 }
 
+static void sessionclear(sessionidt s)
+{
+       memset(&session[s], 0, sizeof(session[s]));
+       memset(&sess_local[s], 0, sizeof(sess_local[s]));
+       memset(&cli_session_actions[s], 0, sizeof(cli_session_actions[s]));
+
+       session[s].tunnel = T_FREE;     // Mark it as free.
+       session[s].next = sessionfree;
+       sessionfree = s;
+}
+
 // kill a session now
 void sessionkill(sessionidt s, char *reason)
 {
@@ -1240,12 +1256,7 @@ void sessionkill(sessionidt s, char *reason)
                radiusclear(session[s].radius, s); // cant send clean accounting data, session is killed
 
        LOG(2, s, session[s].tunnel, "Kill session %d (%s): %s\n", s, session[s].user, reason);
-
-       memset(&session[s], 0, sizeof(session[s]));
-       session[s].tunnel = T_FREE;     // Mark it as free.
-       session[s].next = sessionfree;
-       sessionfree = s;
-       cli_session_actions[s].action = 0;
+       sessionclear(s);
        cluster_send_session(s);
 }
 
@@ -1866,7 +1877,7 @@ void processudp(uint8_t * buf, int len, struct sockaddr_in *addr)
                                                if (!(r = radiusnew(s)))
                                                {
                                                        LOG(1, s, t, "No free RADIUS sessions for ICRQ\n");
-                                                       sessionkill(s, "no free RADIUS sesions");
+                                                       sessionclear(s);
                                                        return;
                                                }
 

diff --git a/l2tpns.h b/l2tpns.h
index f9dfd32..3c389d2 100644 (file)
--- a/l2tpns.h
+++ b/l2tpns.h
@@ -1,5 +1,5 @@
 // L2TPNS Global Stuff
-// $Id: l2tpns.h,v 1.49.2.6 2005/05/03 05:10:52 bodea Exp $
+// $Id: l2tpns.h,v 1.49.2.7 2005/05/07 03:51:24 bodea Exp $
 
 #ifndef __L2TPNS_H__
 #define __L2TPNS_H__
@@ -15,7 +15,7 @@
 #include <sys/types.h>
 #include <libcli.h>
 
-#define VERSION        "2.0.18"
+#define VERSION        "2.0.19"
 
 // Limits
 #define MAXTUNNEL      500             // could be up to 65535

diff --git a/l2tpns.spec b/l2tpns.spec
index 4cc064f..b7e6237 100644 (file)
--- a/l2tpns.spec
+++ b/l2tpns.spec
@@ -1,6 +1,6 @@
 Summary: A high-speed clustered L2TP LNS
 Name: l2tpns
-Version: 2.0.18
+Version: 2.0.19
 Release: 1
 Copyright: GPL
 Group: System Environment/Daemons
@@ -43,5 +43,5 @@ rm -rf %{buildroot}
 %attr(644,root,root) /usr/share/man/man[58]/*
 
 %changelog
-* Tue May 3 2005 Brendan O'Dea <bod@optusnet.com.au> 2.0.18-1
-- 2.0.18 release, see /usr/share/doc/l2tpns-2.0.18/Changes
+* Sat May 7 2005 Brendan O'Dea <bod@optusnet.com.au> 2.0.19-1
+- 2.0.19 release, see /usr/share/doc/l2tpns-2.0.19/Changes