summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'net-mail/zarafa/files/zarafa-fix-8842.patch')
-rw-r--r--net-mail/zarafa/files/zarafa-fix-8842.patch23
1 files changed, 23 insertions, 0 deletions
diff --git a/net-mail/zarafa/files/zarafa-fix-8842.patch b/net-mail/zarafa/files/zarafa-fix-8842.patch
new file mode 100644
index 0000000..5f79f22
--- /dev/null
+++ b/net-mail/zarafa/files/zarafa-fix-8842.patch
@@ -0,0 +1,23 @@
+Index: trunk/zcp/provider/libserver/ZarafaCmd.cpp
+===================================================================
+diff -u -N -r31009 -r31058
+--- trunk/zcp/provider/libserver/ZarafaCmd.cpp (.../ZarafaCmd.cpp) (revision 31009)
++++ trunk/zcp/provider/libserver/ZarafaCmd.cpp (.../ZarafaCmd.cpp) (revision 31058)
+@@ -824,13 +824,15 @@
+ ECRESULT er = erSuccess;
+ ECSession *lpecSession = NULL;
+
+- er = g_lpSessionManager->ValidateSession(soap, ulSessionId, &lpecSession, false);
++ er = g_lpSessionManager->ValidateSession(soap, ulSessionId, &lpecSession, true);
+ if(er != erSuccess)
+ goto exit;
+
+ if(lpecSession->GetAuthMethod() == ECSession::METHOD_USERPASSWORD || lpecSession->GetAuthMethod() == ECSession::METHOD_SSO)
+ SaveLogonTime(lpecSession, false);
+
++ lpecSession->Unlock();
++
+ // lpecSession is discarded. It is not locked, so we can do that. We only did the 'validatesession'
+ // call to see if the session id existed in the first place, and the request is coming from the correct
+ // IP address. Another logoff() call called at the same time may remove the session *here*, in which case the following call
+