97 lines
3.0 KiB
Diff
97 lines
3.0 KiB
Diff
autofs-5.1.0 - add serialization to sasl init
|
|
|
|
From: Ian Kent <ikent@redhat.com>
|
|
|
|
Attempt to resolve crash in sasl initialization. We know that the
|
|
initial connection calls to connect to an LDAP server are not
|
|
thread safe and it looks like the sasl code doesn't take that into
|
|
consideration so adding serialization with a mutex is probably a
|
|
sensible thing to do.
|
|
---
|
|
CHANGELOG | 1 +
|
|
modules/lookup_ldap.c | 13 +++++++++++++
|
|
2 files changed, 14 insertions(+)
|
|
|
|
diff --git a/CHANGELOG b/CHANGELOG
|
|
index 58b94dc..92ee83b 100644
|
|
--- a/CHANGELOG
|
|
+++ b/CHANGELOG
|
|
@@ -1,6 +1,7 @@
|
|
??/??/2014 autofs-5.1.1
|
|
=======================
|
|
- fix compile error in defaults.c.
|
|
+- add serialization to sasl init.
|
|
|
|
04/06/2014 autofs-5.1.0
|
|
=======================
|
|
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
|
|
index 8091ed2..aca3e05 100644
|
|
--- a/modules/lookup_ldap.c
|
|
+++ b/modules/lookup_ldap.c
|
|
@@ -578,7 +578,9 @@ static int do_bind(unsigned logopt, LDAP *ldap, const char *uri, struct lookup_c
|
|
ctxt->auth_required, ctxt->sasl_mech);
|
|
|
|
if (ctxt->auth_required & LDAP_NEED_AUTH) {
|
|
+ ldapinit_mutex_lock();
|
|
rv = autofs_sasl_bind(logopt, ldap, ctxt);
|
|
+ ldapinit_mutex_unlock();
|
|
debug(logopt, MODPREFIX "autofs_sasl_bind returned %d", rv);
|
|
} else {
|
|
rv = bind_ldap_simple(logopt, ldap, uri, ctxt);
|
|
@@ -922,7 +924,9 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
|
|
#ifdef WITH_SASL
|
|
/* Dispose of the sasl authentication connection and try again. */
|
|
if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
|
|
+ ldapinit_mutex_lock();
|
|
autofs_sasl_dispose(ctxt);
|
|
+ ldapinit_mutex_unlock();
|
|
ldap = connect_to_server(logopt, ctxt->server, ctxt);
|
|
}
|
|
#endif
|
|
@@ -958,7 +962,9 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
|
|
* current server again before trying other servers in the list.
|
|
*/
|
|
if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
|
|
+ ldapinit_mutex_lock();
|
|
autofs_sasl_dispose(ctxt);
|
|
+ ldapinit_mutex_unlock();
|
|
ldap = connect_to_server(logopt, ctxt->uri->uri, ctxt);
|
|
}
|
|
#endif
|
|
@@ -969,7 +975,9 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
|
|
|
|
find_server:
|
|
#ifdef WITH_SASL
|
|
+ ldapinit_mutex_lock();
|
|
autofs_sasl_dispose(ctxt);
|
|
+ ldapinit_mutex_unlock();
|
|
#endif
|
|
|
|
/* Current server failed, try the rest or dc connection */
|
|
@@ -1742,11 +1750,14 @@ int lookup_init(const char *mapfmt, int argc, const char *const *argv, void **co
|
|
|
|
#ifdef WITH_SASL
|
|
/* Init the sasl callbacks */
|
|
+ ldapinit_mutex_lock();
|
|
if (!autofs_sasl_client_init(LOGOPT_NONE)) {
|
|
error(LOGOPT_ANY, "failed to init sasl client");
|
|
+ ldapinit_mutex_unlock();
|
|
free_context(ctxt);
|
|
return 1;
|
|
}
|
|
+ ldapinit_mutex_unlock();
|
|
#endif
|
|
|
|
if (is_amd_format)
|
|
@@ -3678,8 +3689,10 @@ int lookup_done(void *context)
|
|
struct lookup_context *ctxt = (struct lookup_context *) context;
|
|
int rv = close_parse(ctxt->parse);
|
|
#ifdef WITH_SASL
|
|
+ ldapinit_mutex_lock();
|
|
autofs_sasl_dispose(ctxt);
|
|
autofs_sasl_done();
|
|
+ ldapinit_mutex_unlock();
|
|
#endif
|
|
free_context(ctxt);
|
|
return rv;
|