From 893d77072b0f5a05eefe81d1f67c09059d8f4c4b Mon Sep 17 00:00:00 2001
From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Tue, 24 Oct 2023 03:33:44 +0200
Subject: [PATCH] auth: sasl-server-mech - Add facilities for maintaining
 per-instance mechanism state

---
 src/auth/sasl-server-mech.c      | 31 ++++++++++++++++++++++++++++++-
 src/auth/sasl-server-private.h   |  7 +++++++
 src/auth/sasl-server-protected.h |  3 +++
 src/auth/sasl-server.c           |  2 ++
 4 files changed, 42 insertions(+), 1 deletion(-)

diff --git a/src/auth/sasl-server-mech.c b/src/auth/sasl-server-mech.c
index 039166c002..438ea121a6 100644
--- a/src/auth/sasl-server-mech.c
+++ b/src/auth/sasl-server-mech.c
@@ -127,7 +127,10 @@ sasl_server_mech_create(struct sasl_server_instance *sinst,
 {
 	struct sasl_server_mech *mech;
 
-	mech = p_new(sinst->pool, struct sasl_server_mech, 1);
+	if (def->funcs->mech_new != NULL)
+		mech = def->funcs->mech_new(sinst->pool);
+	else
+		mech = p_new(sinst->pool, struct sasl_server_mech, 1);
 	mech->pool = sinst->pool;
 	mech->sinst = sinst;
 	mech->def = def;
@@ -208,6 +211,10 @@ sasl_server_mech_find(struct sasl_server_instance *sinst, const char *name)
 static void sasl_server_mech_reg_free(struct sasl_server_mech_reg *mech_reg)
 {
 	struct sasl_server_mech *mech = mech_reg->mech;
+
+	if (mech->def->funcs->mech_free != NULL)
+		mech->def->funcs->mech_free(mech);
+
 	struct sasl_server_mech_def_reg *mech_dreg = mech_reg->def_reg;
 
 	i_assert(mech_dreg->def == mech->def);
@@ -263,6 +270,28 @@ void sasl_server_mech_unregister(struct sasl_server_instance *sinst,
 	sasl_server_mech_reg_free(mech_reg);
 }
 
+static struct sasl_server_mech_reg *
+sasl_server_mech_reg_list_free(struct sasl_server_mech_reg *mech_reg_list)
+{
+	struct sasl_server_mech_reg *mech_reg;
+
+	mech_reg = mech_reg_list;
+	while (mech_reg != NULL) {
+		struct sasl_server_mech_reg *mech_reg_next = mech_reg->next;
+
+		sasl_server_mech_reg_free(mech_reg);
+		mech_reg = mech_reg_next;
+	}
+	return NULL;
+}
+
+void sasl_server_instance_mech_registry_free(
+	struct sasl_server_instance *sinst)
+{
+	sasl_server_mech_reg_list_free(sinst->mechs_head);
+	sasl_server_mech_reg_list_free(sinst->mechs_hidden);
+}
+
 /*
  * Iterator
  */
diff --git a/src/auth/sasl-server-private.h b/src/auth/sasl-server-private.h
index 7b908dd481..7e65426a0e 100644
--- a/src/auth/sasl-server-private.h
+++ b/src/auth/sasl-server-private.h
@@ -73,4 +73,11 @@ struct sasl_server {
 	unsigned int requests;
 };
 
+/*
+ * Mechanism
+ */
+
+void sasl_server_instance_mech_registry_free(
+	struct sasl_server_instance *sinst);
+
 #endif
diff --git a/src/auth/sasl-server-protected.h b/src/auth/sasl-server-protected.h
index ea50817ec2..2df4340b55 100644
--- a/src/auth/sasl-server-protected.h
+++ b/src/auth/sasl-server-protected.h
@@ -21,6 +21,9 @@ struct sasl_server_mech_funcs {
 	void (*auth_continue)(struct sasl_server_mech_request *req,
 			      const unsigned char *data, size_t data_size);
 	void (*auth_free)(struct sasl_server_mech_request *req);
+
+	struct sasl_server_mech *(*mech_new)(pool_t pool);
+	void (*mech_free)(struct sasl_server_mech *mech);
 };
 
 struct sasl_server_mech_def {
diff --git a/src/auth/sasl-server.c b/src/auth/sasl-server.c
index ac1bd3b86e..f120287031 100644
--- a/src/auth/sasl-server.c
+++ b/src/auth/sasl-server.c
@@ -66,6 +66,8 @@ void sasl_server_instance_unref(struct sasl_server_instance **_sinst)
 
 	i_assert(sinst->requests == 0);
 
+	sasl_server_instance_mech_registry_free(sinst);
+
 	DLLIST_REMOVE(&server->instances, sinst);
 
 	event_unref(&sinst->event);
-- 
2.47.3