| |
@@ -1118,12 +1118,16 @@
|
| |
/* Enable SASL I/O on the connection */
|
| |
pthread_mutex_lock(&(pb_conn->c_mutex));
|
| |
connection_set_io_layer_cb(pb_conn, sasl_io_enable, NULL, NULL);
|
| |
+
|
| |
+ /* send successful result before sasl_io_enable can be pushed by another incoming op */
|
| |
+ send_ldap_result(pb, LDAP_SUCCESS, NULL, NULL, 0, NULL);
|
| |
+
|
| |
pthread_mutex_unlock(&(pb_conn->c_mutex));
|
| |
+ } else {
|
| |
+ /* send successful result */
|
| |
+ send_ldap_result(pb, LDAP_SUCCESS, NULL, NULL, 0, NULL);
|
| |
}
|
| |
|
| |
- /* send successful result */
|
| |
- send_ldap_result(pb, LDAP_SUCCESS, NULL, NULL, 0, NULL);
|
| |
-
|
| |
/* remove the sasl data from the pblock */
|
| |
slapi_pblock_set(pb, SLAPI_BIND_RET_SASLCREDS, NULL);
|
| |
|
| |
tbordaz
commented 4 years ago
Bug Description:
On a successfull sasl bind, a new IO layer (sasl_io_enable) is registered on top of
the connection. Then sasl bind sends the successful result. Registration is
done while sasl bind thread holds c_mutex but result is sent while the c_mutex
is released.
If a new operation comes in just after c_mutex was released it is possible that sasl bind sends the result while the new IO layer is pushed. IO layers is partially initialized at that time. It can create sigseg or deadlock or...Fix Description:
The fix is to protect the send result from IO layer push.
i.e. move send_ldap_result into c_mutex
https://pagure.io/389-ds-base/issue/50905
Reviewed by: ?
Platforms tested: F29
Flag Day: no
Doc impact: no