OpenAFS Master Repository branch, openafs-stable-1_8_x, updated. openafs-stable-1_8_10-11-g3b383ab

Gerrit Code Review
Thu, 17 Aug 2023 13:26:23 -0400

The following commit has been merged in the openafs-stable-1_8_x branch:
commit 3b383abaa932fe03f405571c50df4e95043d7998
Author: Mark Vitale <>
Date:   Fri May 12 21:25:36 2023 -0400

    rxkad: Free memory used to check rxkad response
    Since its introduction with commit 7e4e06b87a09 "Derive DES/fcrypt
    session key from other key types", rxkad_derive_des_key has failed to
    free the memory associated with its HMAC context struct.
    This results in a leak of at least 352 bytes for each rxkad challenge
    response processed by an OpenAFS server when using rxkad-kdf.
    Free the memory by calling HMAC_CTX_cleanup after each round of the
    Discovered via Solaris
    Tested-by: BuildBot <>
    Reviewed-by: Andrew Deason <>
    Reviewed-by: Cheyenne Wills <>
    Reviewed-by: Benjamin Kaduk <>
    (cherry picked from commit 915c9ec007810f99a5ea8be73426fc8882f615fd)
    Change-Id: I4710c1180cdca19cc963d7409ef15e74efd51498
    Tested-by: BuildBot <>
    Reviewed-by: Michael Meffie <>
    Reviewed-by: Mark Vitale <>
    Reviewed-by: Stephan Wiesand <>

 src/rxkad/ticket5.c | 1 +
 1 file changed, 1 insertion(+)

OpenAFS Master Repository