From: Tobias Brunner <tobias@strongswan.org>
Date: Thu, 11 Sep 2014 15:33:52 +0000 (+0200)
Subject: auth-cfg: Fix crash after several reauthentications with multiple authentication... 
X-Git-Tag: 5.2.1dr1~70
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8ca9a67fac597246cefaeaa3932446b6d053afc7;p=thirdparty%2Fstrongswan.git

auth-cfg: Fix crash after several reauthentications with multiple authentication rounds

Due to the issue described in c641974, purge() inadvertently destroyed
CA certificates that should have been kept (while the pointer to these
objects remained in the array).  This lead to incorrect reference counts
and after a few reauthentications with multiple authentication rounds,
which cause calls to purge(TRUE), to crashes.
---

diff --git a/src/libstrongswan/credentials/auth_cfg.c b/src/libstrongswan/credentials/auth_cfg.c
index aeeb4198fe..db08c6b963 100644
--- a/src/libstrongswan/credentials/auth_cfg.c
+++ b/src/libstrongswan/credentials/auth_cfg.c
@@ -998,8 +998,8 @@ METHOD(auth_cfg_t, purge, void,
 	{
 		if (!keep_ca || entry->type != AUTH_RULE_CA_CERT)
 		{
-			array_remove_at(this->entries, enumerator);
 			destroy_entry_value(entry);
+			array_remove_at(this->entries, enumerator);
 		}
 	}
 	enumerator->destroy(enumerator);