From e0e9a2dab72d8299bb1b3f9894fb864430fe421b Mon Sep 17 00:00:00 2001
From: Sage Weil <sage@inktank.com>
Date: Fri, 16 Nov 2012 12:21:14 -0800
Subject: [PATCH] msg/Pipe: don't leak session_security

Make sure we free old instances of sesseion_security before we reset the
pointer.

Signed-off-by: Sage Weil <sage@inktank.com>
---
 src/msg/Pipe.cc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/msg/Pipe.cc b/src/msg/Pipe.cc
index 8c054732ce8a1..2846937ee40f6 100644
--- a/src/msg/Pipe.cc
+++ b/src/msg/Pipe.cc
@@ -322,6 +322,7 @@ int Pipe::accept()
 	!authorizer_valid) {
       ldout(msgr->cct,0) << "accept: got bad authorizer" << dendl;
       reply.tag = CEPH_MSGR_TAG_BADAUTHORIZER;
+      delete session_security;
       session_security = NULL;
       goto reply;
     } 
@@ -539,6 +540,7 @@ int Pipe::accept()
   connection_state->set_features((int)reply.features & (int)connect.features);
   ldout(msgr->cct,10) << "accept features " << connection_state->get_features() << dendl;
 
+  delete session_security;
   session_security = get_auth_session_handler(msgr->cct, connect.authorizer_protocol, session_key,
 					      connection_state->get_features());
 
@@ -917,6 +919,7 @@ int Pipe::connect()
       // If we have an authorizer, get a new AuthSessionHandler to deal with ongoing security of the
       // connection.  PLR
 
+      delete session_security;
       if (authorizer != NULL) {
         session_security = get_auth_session_handler(msgr->cct, authorizer->protocol, authorizer->session_key,
 						    connection_state->get_features());
-- 
2.39.5