ocserv: corrected session expiration in sec-mod

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/net/ocserv/Makefile b/net/ocserv/Makefile
index 00bc39ae667431f89a48e4d253be7e2bb492b613..3d382c97a37d0981de9e836cda80048db20b4cba 100644 (file)
--- a/net/ocserv/Makefile
+++ b/net/ocserv/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ocserv
 PKG_VERSION:=0.10.3
-PKG_RELEASE:=1
+PKG_RELEASE:=2
 
 PKG_BUILD_DIR :=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz

diff --git a/net/ocserv/patches/001-correct-session-expiration.patch b/net/ocserv/patches/001-correct-session-expiration.patch
new file mode 100644 (file)
index 0000000..b0c596b
--- /dev/null
+++ b/net/ocserv/patches/001-correct-session-expiration.patch
@@ -0,0 +1,22 @@
+diff --git a/src/sec-mod-auth.c b/src/sec-mod-auth.c
+index 4ee6f57..2fc02b5 100644
+--- a/src/sec-mod-auth.c
++++ b/src/sec-mod-auth.c
+@@ -500,7 +500,7 @@ int handle_sec_auth_session_close(int cfd, sec_mod_st *sec, const SecAuthSession
+                               (pack_func) cli_stats_msg__pack);
+       }
+ 
+-      if (e->status != PS_AUTH_COMPLETED) {
++      if (e->status < PS_AUTH_COMPLETED) {
+               seclog(sec, LOG_DEBUG, "session close received in unauthenticated client %s "SESSION_STR"!", e->auth_info.username, e->auth_info.psid);
+               return send_msg(e, cfd, SM_CMD_AUTH_CLI_STATS, &rep,
+                               (pack_size_func) cli_stats_msg__get_packed_size,
+@@ -604,7 +604,7 @@ int handle_sec_auth_stats_cmd(sec_mod_st * sec, const CliStatsMsg * req)
+               e->stats.uptime = req->uptime;
+ 
+       if (req->has_invalidate_cookie && req->invalidate_cookie != 0) {
+-              seclog(sec, LOG_INFO, "invalidating session user '%s' "SESSION_STR,
++              seclog(sec, LOG_INFO, "invalidating session of user '%s' "SESSION_STR,
+                       e->auth_info.username, e->auth_info.psid);
+               e->status = PS_AUTH_USER_TERM;
+       }