From 5def9c160b5a293b11f6380436d8e99dc3fd5a19 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Sun, 8 Jun 2014 12:15:01 +0200
Subject: saml-2.0/profile: fix leak of xmlSecKey when building signed query
 strings

---
 lasso/saml-2.0/profile.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/lasso/saml-2.0/profile.c b/lasso/saml-2.0/profile.c
index 22a2fe3b..cf3f45c2 100644
--- a/lasso/saml-2.0/profile.c
+++ b/lasso/saml-2.0/profile.c
@@ -1169,9 +1169,7 @@ lasso_saml20_profile_build_http_redirect(LassoProfile *profile,
 
 	goto_cleanup_if_fail_with_rc (url != NULL, LASSO_PROFILE_ERROR_UNKNOWN_PROFILE_URL);
 	/* if message is signed, remove XML signature, add query signature */
-	context = lasso_node_get_signature(msg);
-	/* We must duplicate the key since lasso_node_remove_signature will free it. */
-	context.signature_key = xmlSecKeyDuplicate(context.signature_key);
+	lasso_assign_signature_context(context, lasso_node_get_signature(msg));
 	if (lasso_validate_signature_method(context.signature_method)) {
 		lasso_node_remove_signature(msg);
 	}
@@ -1180,6 +1178,7 @@ lasso_saml20_profile_build_http_redirect(LassoProfile *profile,
 	lasso_assign_new_string(profile->msg_url, lasso_concat_url_query(url, query));
 	lasso_release(profile->msg_body);
 	lasso_release(query);
+	lasso_assign_new_signature_context(context, LASSO_SIGNATURE_CONTEXT_NONE);
 
 cleanup:
 	return rc;
-- 
cgit