summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2013-01-28 10:56:56 +0100
committerJakub Hrozek <jhrozek@redhat.com>2013-01-28 17:28:53 +0100
commit86a16cf3b234597c03fba52dfdfb21a623093254 (patch)
treecd5372f928ff285d3e16fe1a00d713526dfbd021 /src/providers/ldap
parent48130eef6c5c64a07094b9e8582ba358b2048f24 (diff)
downloadsssd-86a16cf3b234597c03fba52dfdfb21a623093254.tar.gz
sssd-86a16cf3b234597c03fba52dfdfb21a623093254.tar.bz2
sssd-86a16cf3b234597c03fba52dfdfb21a623093254.zip
nested groups: fix group lookup hangs if member dn is incorrect
https://fedorahosted.org/sssd/ticket/1783 When dn in member attribute is invalid (e.g. rdn instead of dn) or it is outside of configured search bases, we might hit a situation when tevent_req is marked as done before any callback could be attached on it.
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/sdap_async_groups.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index 96cc7c0c..76c077d8 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -2528,6 +2528,11 @@ struct sdap_nested_group_ctx {
bool enable_deref;
struct sdap_deref_ctx *derefctx;
+
+ /**
+ * FIXME: Remove me!
+ */
+ bool send_finished;
};
static errno_t sdap_nested_group_process_deref_step(struct tevent_req *req);
@@ -2564,6 +2569,7 @@ static struct tevent_req *sdap_nested_group_process_send(
state->sh = sh;
state->enable_deref = enable_deref;
state->nesting_level = nesting;
+ state->send_finished = false;
/* If this is too many levels deep, just return success */
if (nesting > dp_opt_get_int(opts->basic, SDAP_NESTING_LEVEL)) {
@@ -2672,6 +2678,7 @@ static struct tevent_req *sdap_nested_group_process_send(
if (ret != EAGAIN) goto immediate;
}
+ state->send_finished = true;
return req;
immediate:
@@ -2681,6 +2688,7 @@ immediate:
tevent_req_error(req, ret);
}
tevent_req_post(req, ev);
+ state->send_finished = true;
return req;
}
@@ -3209,6 +3217,14 @@ static errno_t sdap_nested_group_lookup_user(struct tevent_req *req,
} else if (ret == EOK) {
DEBUG(SSSDBG_TRACE_FUNC, ("All done.\n"));
tevent_req_done(req);
+
+ /**
+ * FIXME: Rewrite nested group processing so we call
+ * tevent_req_post() only in _send().
+ */
+ if (state->send_finished == false) {
+ tevent_req_post(req, state->ev);
+ }
}
return EOK;
}
@@ -3265,6 +3281,14 @@ static errno_t sdap_nested_group_lookup_group(struct tevent_req *req)
} else if (ret == EOK) {
DEBUG(SSSDBG_TRACE_FUNC, ("All done.\n"));
tevent_req_done(req);
+
+ /**
+ * FIXME: Rewrite nested group processing so we call
+ * tevent_req_post() only in _send().
+ */
+ if (state->send_finished == false) {
+ tevent_req_post(req, state->ev);
+ }
}
return EOK;
}