de47d7
From fe199780bd87f7a78c6d26078d0a4d0a0dbe09e9 Mon Sep 17 00:00:00 2001
26b369
From: Thierry Bordaz <tbordaz@redhat.com>
26b369
Date: Fri, 3 Apr 2020 15:23:10 +0200
de47d7
Subject: [PATCH 3/4] Ticket 50905 - intermittent SSL hang with rhds
26b369
26b369
Bug Description:
26b369
	On a successfull sasl bind, a new IO layer (sasl_io_enable) is registered on top of
26b369
	the connection. Then sasl bind sends the successful result. Registration is
26b369
	done while sasl bind thread holds c_mutex but result is sent while the c_mutex
26b369
	is released.
26b369
26b369
	If a new operation comes in just after c_mutex was released it is
26b369
	possible that sasl bind sends the result while the new IO layer is pushed.
26b369
        IO layers is partially initialized at that time. It can create sigseg or
26b369
	deadlock or...
26b369
26b369
Fix Description:
26b369
	The fix is to protect the send result from IO layer push.
26b369
	i.e. move send_ldap_result into c_mutex
26b369
26b369
https://pagure.io/389-ds-base/issue/50905
26b369
26b369
Reviewed by: Mark Reynolds (Thanks !!)
26b369
26b369
Platforms tested: F29
26b369
26b369
Flag Day: no
26b369
26b369
Doc impact: no
26b369
---
26b369
 ldap/servers/slapd/saslbind.c | 10 +++++++---
26b369
 1 file changed, 7 insertions(+), 3 deletions(-)
26b369
26b369
diff --git a/ldap/servers/slapd/saslbind.c b/ldap/servers/slapd/saslbind.c
26b369
index 0907c623f..ef29acf71 100644
26b369
--- a/ldap/servers/slapd/saslbind.c
26b369
+++ b/ldap/servers/slapd/saslbind.c
26b369
@@ -1118,12 +1118,16 @@ sasl_check_result:
26b369
             /* Enable SASL I/O on the connection */
26b369
             PR_EnterMonitor(pb_conn->c_mutex);
26b369
             connection_set_io_layer_cb(pb_conn, sasl_io_enable, NULL, NULL);
26b369
+
26b369
+            /* send successful result before sasl_io_enable can be pushed by another incoming op */
26b369
+            send_ldap_result(pb, LDAP_SUCCESS, NULL, NULL, 0, NULL);
26b369
+
26b369
             PR_ExitMonitor(pb_conn->c_mutex);
26b369
+        } else {
26b369
+            /* send successful result */
26b369
+            send_ldap_result(pb, LDAP_SUCCESS, NULL, NULL, 0, NULL);
26b369
         }
26b369
 
26b369
-        /* send successful result */
26b369
-        send_ldap_result(pb, LDAP_SUCCESS, NULL, NULL, 0, NULL);
26b369
-
26b369
         /* remove the sasl data from the pblock */
26b369
         slapi_pblock_set(pb, SLAPI_BIND_RET_SASLCREDS, NULL);
26b369
 
26b369
-- 
de47d7
2.25.3
26b369