Fix memleak in backport

Resolves: RHEL-62

Signed-off-by: Simo Sorce <simo@redhat.com>

cyrus-sasl-2.1.27-cumulative-digestmd5.patch

@@ -1,6 +1,6 @@
 diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c
---- cyrus-sasl-2.1.27/plugins/digestmd5.c	2021-09-30 17:13:06.573093526 -0400
-+++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c	2021-09-30 17:26:31.818378442 -0400
+--- cyrus-sasl-2.1.27/plugins/digestmd5.c	2022-09-08 12:22:03.782961573 -0400
++++ cyrus-sasl-2.1.27.digestmd5/plugins/digestmd5.c	2022-09-08 12:24:20.289994669 -0400
 @@ -80,6 +80,12 @@
  # endif
  #endif /* WITH_DES */
@@ -105,7 +105,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
  
      /* setup dec context */
      c++;
-@@ -1102,60 +1114,139 @@
+@@ -1102,34 +1114,83 @@
  
      memcpy(c->ivec, ((char *) deckey) + 8, 8);
      
@@ -201,16 +201,14 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
  }
  
  static int init_rc4(context_t *text,
- 		    unsigned char enckey[16],
- 		    unsigned char deckey[16])
- {
-+    const EVP_CIPHER *cipher;
+@@ -1139,23 +1200,57 @@
      EVP_CIPHER_CTX *ctx;
      int rc;
  
 -    ctx = EVP_CIPHER_CTX_new();
 -    if (ctx == NULL) return SASL_NOMEM;
 +#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    EVP_CIPHER *cipher;
 +    ossl3_context_t *ossl3_ctx;
  
 -    rc = EVP_EncryptInit_ex(ctx, EVP_rc4(), NULL, enckey, NULL);
@@ -221,6 +219,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
 +    ossl3_ctx = (ossl3_context_t *)text->crypto.libctx;
 +    cipher = EVP_CIPHER_fetch(ossl3_ctx->libctx, "RC4", "");
 +#else
++    const EVP_CIPHER *cipher;
 +    cipher = EVP_rc4();
 +#endif
  
@@ -241,25 +240,28 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
 +        goto done;
 +    }
 +    text->crypto.enc_ctx = (void *)ctx;
- 
--    text->cipher_dec_context = (void *)ctx;
++
 +    ctx = EVP_CIPHER_CTX_new();
 +    if (ctx == NULL) {
 +        rc = SASL_NOMEM;
 +        goto done;
 +    }
- 
--    return SASL_OK;
++
 +    rc = EVP_DecryptInit_ex(ctx, cipher, NULL, deckey, NULL);
 +    if (rc != 1) {
 +        rc = SASL_FAIL;
 +        goto done;
 +    }
 +    text->crypto.dec_ctx = (void *)ctx;
-+
+ 
+-    text->cipher_dec_context = (void *)ctx;
 +    rc = SASL_OK;
-+
+ 
+-    return SASL_OK;
 +done:
++#if OPENSSL_VERSION_NUMBER >= 0x30000000L
++    EVP_CIPHER_free(cipher);
++#endif
 +    if (rc != SASL_OK) {
 +        free_rc4(text);
 +    }
@@ -267,7 +269,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
  }
  
  static int dec_rc4(context_t *text,
-@@ -1169,14 +1260,14 @@
+@@ -1169,14 +1264,14 @@
      int rc;
  
      /* decrypt the text part & HMAC */
@@ -284,7 +286,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
                               (unsigned char *)output + len, &len);
      if (rc != 1) return SASL_FAIL;
  
-@@ -1198,7 +1289,7 @@
+@@ -1198,7 +1293,7 @@
      int len;
      int rc;
      /* encrypt the text part */
@@ -293,7 +295,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
                             (unsigned char *)output, &len,
                             (const unsigned char *)input, inputlen);
      if (rc != 1) return SASL_FAIL;
-@@ -1206,14 +1297,14 @@
+@@ -1206,14 +1301,14 @@
      *outputlen = len;
  
      /* encrypt the `MAC part */
@@ -310,7 +312,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
                               (unsigned char *)output + *outputlen, &len);
      if (rc != 1) return SASL_FAIL;
  
-@@ -1221,188 +1312,11 @@
+@@ -1221,188 +1316,11 @@
  
      return SASL_OK;
  }
@@ -499,7 +501,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
      { "rc4", 128, 16, 0x04, &enc_rc4, &dec_rc4, &init_rc4, &free_rc4 },
  #endif
  #ifdef WITH_DES
-@@ -2815,6 +2729,7 @@
+@@ -2815,6 +2733,7 @@
  	}
  	
  	if (cptr->name) {
@@ -507,7 +509,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
  	    text->cipher_enc = cptr->cipher_enc;
  	    text->cipher_dec = cptr->cipher_dec;
  	    text->cipher_init = cptr->cipher_init;
-@@ -2958,7 +2873,10 @@
+@@ -2958,7 +2877,10 @@
  	if (text->cipher_init) {
  	    if (text->cipher_init(text, enckey, deckey) != SASL_OK) {
  		sparams->utils->seterror(sparams->utils->conn, 0,
@@ -519,7 +521,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
  	    }
  	}
      }
-@@ -3509,6 +3427,7 @@
+@@ -3509,6 +3431,7 @@
  	oparams->mech_ssf = ctext->cipher->ssf;
  
  	nbits = ctext->cipher->n;
@@ -527,7 +529,7 @@ diff -uPr cyrus-sasl-2.1.27/plugins/digestmd5.c cyrus-sasl-2.1.27.digestmd5/plug
  	text->cipher_enc = ctext->cipher->cipher_enc;
  	text->cipher_dec = ctext->cipher->cipher_dec;
  	text->cipher_free = ctext->cipher->cipher_free;
-@@ -3733,7 +3652,13 @@
+@@ -3733,7 +3656,13 @@
  	
  	/* initialize cipher if need be */
  	if (text->cipher_init) {

cyrus-sasl.spec

@@ -9,7 +9,7 @@
 Summary: The Cyrus SASL library
 Name: cyrus-sasl
 Version: 2.1.27
-Release: 20%{?dist}
+Release: 21%{?dist}
 License: BSD with advertising
 URL: https://www.cyrusimap.org/sasl/
 
@@ -401,11 +401,14 @@ getent passwd %{username} >/dev/null || useradd -r -g %{username} -d %{homedir}
 %{_sbindir}/sasl2-shared-mechlist
 
 %changelog
-* Thu Feb 23 2022 Simo Sorce <simo@redhat.com> - 2.1.27-6
+* Mon Aug  1 2022 Simo Sorce <simo@redhat.com> - 2.1.27-21
+- Fix memleak
+
+* Wed Feb 23 2022 Simo Sorce <simo@redhat.com> - 2.1.27-20
 - Fix for CVE-2022-24407
 - Resolves: rhbz#2055848
 
-* Mon Feb  9 2022 Simo Sorce <simo@redhat.com> - 2.1.27-19
+* Wed Feb  9 2022 Simo Sorce <simo@redhat.com> - 2.1.27-19
 - Fix a memleak in one of the OpenSSL 3 compat patches
   found by covscan