diff options
author | Pavel Březina <pbrezina@redhat.com> | 2013-01-28 10:56:56 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-01-28 17:28:53 +0100 |
commit | 86a16cf3b234597c03fba52dfdfb21a623093254 (patch) | |
tree | cd5372f928ff285d3e16fe1a00d713526dfbd021 /src/providers/ldap | |
parent | 48130eef6c5c64a07094b9e8582ba358b2048f24 (diff) | |
download | sssd-86a16cf3b234597c03fba52dfdfb21a623093254.tar.gz sssd-86a16cf3b234597c03fba52dfdfb21a623093254.tar.bz2 sssd-86a16cf3b234597c03fba52dfdfb21a623093254.zip |
nested groups: fix group lookup hangs if member dn is incorrect
https://fedorahosted.org/sssd/ticket/1783
When dn in member attribute is invalid (e.g. rdn instead of dn)
or it is outside of configured search bases, we might hit a situation
when tevent_req is marked as done before any callback could be
attached on it.
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index 96cc7c0c..76c077d8 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -2528,6 +2528,11 @@ struct sdap_nested_group_ctx { bool enable_deref; struct sdap_deref_ctx *derefctx; + + /** + * FIXME: Remove me! + */ + bool send_finished; }; static errno_t sdap_nested_group_process_deref_step(struct tevent_req *req); @@ -2564,6 +2569,7 @@ static struct tevent_req *sdap_nested_group_process_send( state->sh = sh; state->enable_deref = enable_deref; state->nesting_level = nesting; + state->send_finished = false; /* If this is too many levels deep, just return success */ if (nesting > dp_opt_get_int(opts->basic, SDAP_NESTING_LEVEL)) { @@ -2672,6 +2678,7 @@ static struct tevent_req *sdap_nested_group_process_send( if (ret != EAGAIN) goto immediate; } + state->send_finished = true; return req; immediate: @@ -2681,6 +2688,7 @@ immediate: tevent_req_error(req, ret); } tevent_req_post(req, ev); + state->send_finished = true; return req; } @@ -3209,6 +3217,14 @@ static errno_t sdap_nested_group_lookup_user(struct tevent_req *req, } else if (ret == EOK) { DEBUG(SSSDBG_TRACE_FUNC, ("All done.\n")); tevent_req_done(req); + + /** + * FIXME: Rewrite nested group processing so we call + * tevent_req_post() only in _send(). + */ + if (state->send_finished == false) { + tevent_req_post(req, state->ev); + } } return EOK; } @@ -3265,6 +3281,14 @@ static errno_t sdap_nested_group_lookup_group(struct tevent_req *req) } else if (ret == EOK) { DEBUG(SSSDBG_TRACE_FUNC, ("All done.\n")); tevent_req_done(req); + + /** + * FIXME: Rewrite nested group processing so we call + * tevent_req_post() only in _send(). + */ + if (state->send_finished == false) { + tevent_req_post(req, state->ev); + } } return EOK; } |