|
|
4d476f |
autofs-5.1.0 - add serialization to sasl init
|
|
|
4d476f |
|
|
|
4d476f |
From: Ian Kent <ikent@redhat.com>
|
|
|
4d476f |
|
|
|
4d476f |
Attempt to resolve crash in sasl initialization. We know that the
|
|
|
4d476f |
initial connection calls to connect to an LDAP server are not
|
|
|
4d476f |
thread safe and it looks like the sasl code doesn't take that into
|
|
|
4d476f |
consideration so adding serialization with a mutex is probably a
|
|
|
4d476f |
sensible thing to do.
|
|
|
4d476f |
---
|
|
|
4d476f |
CHANGELOG | 1 +
|
|
|
4d476f |
modules/lookup_ldap.c | 13 +++++++++++++
|
|
|
4d476f |
2 files changed, 14 insertions(+)
|
|
|
4d476f |
|
|
|
4d476f |
--- autofs-5.0.7.orig/CHANGELOG
|
|
|
4d476f |
+++ autofs-5.0.7/CHANGELOG
|
|
|
4d476f |
@@ -126,6 +126,7 @@
|
|
|
4d476f |
- cleanup options in amd_parse.c
|
|
|
4d476f |
- allow empty value for some map options.
|
|
|
4d476f |
- allow empty value in macro selectors.
|
|
|
4d476f |
+- add serialization to sasl init.
|
|
|
4d476f |
|
|
|
4d476f |
25/07/2012 autofs-5.0.7
|
|
|
4d476f |
=======================
|
|
|
4d476f |
--- autofs-5.0.7.orig/modules/lookup_ldap.c
|
|
|
4d476f |
+++ autofs-5.0.7/modules/lookup_ldap.c
|
|
|
4d476f |
@@ -578,7 +578,9 @@ static int do_bind(unsigned logopt, LDAP
|
|
|
4d476f |
ctxt->auth_required, ctxt->sasl_mech);
|
|
|
4d476f |
|
|
|
4d476f |
if (ctxt->auth_required & LDAP_NEED_AUTH) {
|
|
|
4d476f |
+ ldapinit_mutex_lock();
|
|
|
4d476f |
rv = autofs_sasl_bind(logopt, ldap, ctxt);
|
|
|
4d476f |
+ ldapinit_mutex_unlock();
|
|
|
4d476f |
debug(logopt, MODPREFIX "autofs_sasl_bind returned %d", rv);
|
|
|
4d476f |
} else {
|
|
|
4d476f |
rv = bind_ldap_simple(logopt, ldap, uri, ctxt);
|
|
|
4d476f |
@@ -922,7 +924,9 @@ static LDAP *do_reconnect(unsigned logop
|
|
|
4d476f |
#ifdef WITH_SASL
|
|
|
4d476f |
/* Dispose of the sasl authentication connection and try again. */
|
|
|
4d476f |
if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
|
|
|
4d476f |
+ ldapinit_mutex_lock();
|
|
|
4d476f |
autofs_sasl_dispose(ctxt);
|
|
|
4d476f |
+ ldapinit_mutex_unlock();
|
|
|
4d476f |
ldap = connect_to_server(logopt, ctxt->server, ctxt);
|
|
|
4d476f |
}
|
|
|
4d476f |
#endif
|
|
|
4d476f |
@@ -958,7 +962,9 @@ static LDAP *do_reconnect(unsigned logop
|
|
|
4d476f |
* current server again before trying other servers in the list.
|
|
|
4d476f |
*/
|
|
|
4d476f |
if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
|
|
|
4d476f |
+ ldapinit_mutex_lock();
|
|
|
4d476f |
autofs_sasl_dispose(ctxt);
|
|
|
4d476f |
+ ldapinit_mutex_unlock();
|
|
|
4d476f |
ldap = connect_to_server(logopt, ctxt->uri->uri, ctxt);
|
|
|
4d476f |
}
|
|
|
4d476f |
#endif
|
|
|
4d476f |
@@ -969,7 +975,9 @@ static LDAP *do_reconnect(unsigned logop
|
|
|
4d476f |
|
|
|
4d476f |
find_server:
|
|
|
4d476f |
#ifdef WITH_SASL
|
|
|
4d476f |
+ ldapinit_mutex_lock();
|
|
|
4d476f |
autofs_sasl_dispose(ctxt);
|
|
|
4d476f |
+ ldapinit_mutex_unlock();
|
|
|
4d476f |
#endif
|
|
|
4d476f |
|
|
|
4d476f |
/* Current server failed, try the rest or dc connection */
|
|
|
4d476f |
@@ -1742,11 +1750,14 @@ int lookup_init(const char *mapfmt, int
|
|
|
4d476f |
|
|
|
4d476f |
#ifdef WITH_SASL
|
|
|
4d476f |
/* Init the sasl callbacks */
|
|
|
4d476f |
+ ldapinit_mutex_lock();
|
|
|
4d476f |
if (!autofs_sasl_client_init(LOGOPT_NONE)) {
|
|
|
4d476f |
error(LOGOPT_ANY, "failed to init sasl client");
|
|
|
4d476f |
+ ldapinit_mutex_unlock();
|
|
|
4d476f |
free_context(ctxt);
|
|
|
4d476f |
return 1;
|
|
|
4d476f |
}
|
|
|
4d476f |
+ ldapinit_mutex_unlock();
|
|
|
4d476f |
#endif
|
|
|
4d476f |
|
|
|
4d476f |
if (is_amd_format)
|
|
|
4d476f |
@@ -3678,8 +3689,10 @@ int lookup_done(void *context)
|
|
|
4d476f |
struct lookup_context *ctxt = (struct lookup_context *) context;
|
|
|
4d476f |
int rv = close_parse(ctxt->parse);
|
|
|
4d476f |
#ifdef WITH_SASL
|
|
|
4d476f |
+ ldapinit_mutex_lock();
|
|
|
4d476f |
autofs_sasl_dispose(ctxt);
|
|
|
4d476f |
autofs_sasl_done();
|
|
|
4d476f |
+ ldapinit_mutex_unlock();
|
|
|
4d476f |
#endif
|
|
|
4d476f |
free_context(ctxt);
|
|
|
4d476f |
return rv;
|