$OpenBSD: patch-src_login-common_client-common_c,v 1.1 2014/05/12 09:20:52 brad Exp $

Fix a DoS attack against imap/pop3-login processes. CVE-2014-3430

--- src/login-common/client-common.c.orig	Mon May 12 04:53:00 2014
+++ src/login-common/client-common.c	Mon May 12 04:53:57 2014
@@ -171,6 +171,8 @@ void client_destroy(struct client *client, const char 
 		last_client = client->prev;
 	DLLIST_REMOVE(&clients, client);
 
+	if (!client->login_success && client->ssl_proxy != NULL)
+		ssl_proxy_destroy(client->ssl_proxy);
 	if (client->input != NULL)
 		i_stream_close(client->input);
 	if (client->output != NULL)
