Fix leak in SASL code, enable cluster ACL test.

git-svn-id: https://svn.apache.org/repos/asf/qpid/trunk/qpid@832134 13f79535-47bb-0310-9956-ffa450edef68

2 files changed, 33 insertions, 9 deletions

diff --git a/cpp/src/qpid/client/SaslFactory.cpp b/cpp/src/qpid/client/SaslFactory.cpp
index 2258163ec8..b699160066 100644
--- a/cpp/src/qpid/client/SaslFactory.cpp
+++ b/cpp/src/qpid/client/SaslFactory.cpp
@@ -20,6 +20,7 @@
  */
 #include "qpid/client/SaslFactory.h"
 #include "qpid/client/ConnectionSettings.h"
+#include <map>
 
 #ifdef HAVE_CONFIG_H
 #  include "config.h"
@@ -326,11 +327,33 @@ int getUserFromSettings(void* context, int /*id*/, const char** result, unsigned
     }
 }
 
-int getPasswordFromSettings(sasl_conn_t* /*conn*/, void* context, int /*id*/, sasl_secret_t** psecret)
+namespace {
+// Global map of secrest allocated for SASL connections via callback
+// to getPasswordFromSettings. Ensures secrets are freed.
+class SecretsMap {
+    typedef std::map<sasl_conn_t*, void*> Map;
+    Map map;
+  public:
+    void keep(sasl_conn_t* conn, void* secret) {
+        Map::iterator i = map.find(conn);
+        if (i != map.end()) free(i->second);
+        map[conn] = secret;
+    }
+
+    ~SecretsMap() {
+        for (Map::iterator i = map.begin(); i != map.end(); ++i)
+            free(i->second);
+    }
+};
+SecretsMap getPasswordFromSettingsSecrets;
+}
+
+int getPasswordFromSettings(sasl_conn_t* conn, void* context, int /*id*/, sasl_secret_t** psecret)
 {
     if (context) {
         size_t length = ((ConnectionSettings*) context)->password.size();
         sasl_secret_t* secret = (sasl_secret_t*) malloc(sizeof(sasl_secret_t) + length);
+        getPasswordFromSettingsSecrets.keep(conn, secret);
         secret->len = length;
         memcpy(secret->data, ((ConnectionSettings*) context)->password.data(), length);
         *psecret = secret;
diff --git a/cpp/src/tests/cluster_test.cpp b/cpp/src/tests/cluster_test.cpp
index de8ec49ea6..eb6d98eced 100644
--- a/cpp/src/tests/cluster_test.cpp
+++ b/cpp/src/tests/cluster_test.cpp
@@ -222,10 +222,6 @@ QPID_AUTO_TEST_CASE(testBadClientData) {
     BOOST_CHECK_EQUAL(c1.session.queueQuery("q1").getQueue(), "");
 }
 
-#if 0
-// FIXME aconway 2009-03-10: This test passes but exposes a memory
-// leak in the SASL client code.  Enable it when the leak is fixed.
-
 QPID_AUTO_TEST_CASE(testAcl) {
     ofstream policyFile("cluster_test.acl");
     policyFile << "acl allow foo@QPID create queue name=foo" << endl
@@ -239,6 +235,7 @@ QPID_AUTO_TEST_CASE(testAcl) {
     aclLib << getLibPath("ACL_LIB", "../.libs/acl.so");
     ClusterFixture::Args args;
     prepareArgs(args, durableFlag);
+    args += "--log-enable=critical"; // Supress expected errors
     args += "--acl-file", string(cwd) + "/cluster_test.acl",
             "--cluster-mechanism", "PLAIN",
             "--cluster-username", "cluster",
@@ -253,18 +250,22 @@ QPID_AUTO_TEST_CASE(testAcl) {
     foo.session.queueDeclare("foo", arg::durable=durableFlag);
     BOOST_CHECK_EQUAL(c0.session.queueQuery("foo").getQueue(), "foo");
 
-    BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::NotAllowedException);
+    { 
+        ScopedSuppressLogging sl;
+        BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::NotAllowedException);
+    }
     BOOST_CHECK(c0.session.queueQuery("bar").getQueue().empty());
     BOOST_CHECK(c1.session.queueQuery("bar").getQueue().empty());
 
     cluster.add();
     Client c2(aclSettings(cluster[2], "c2"), "c2");
-    BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::NotAllowedException);
+    { 
+        ScopedSuppressLogging sl;
+        BOOST_CHECK_THROW(foo.session.queueDeclare("bar", arg::durable=durableFlag), framing::NotAllowedException);
+    }
     BOOST_CHECK(c2.session.queueQuery("bar").getQueue().empty());
 }
 
-#endif
-
 QPID_AUTO_TEST_CASE(testMessageTimeToLive) {
     // Note: this doesn't actually test for cluster race conditions around TTL,
     // it just verifies that basic TTL functionality works.