2832810 ipa-kdb: do not use OpenLDAP functions with NULL LDAP context

3 files Authored by abbra 3 years ago, Committed by frenaud 3 years ago,
    ipa-kdb: do not use OpenLDAP functions with NULL LDAP context
    
    Calling to ipadb_get_connection() will remove LDAP context if any error
    happens. This means upper layers must always verify that LDAP context
    exists after such calls.
    
    ipadb_get_user_auth() may re-read global configuration and that may fail
    and cause IPA context to have NULL LDAP context.
    
    Fixes: https://pagure.io/freeipa/issue/8681
    
    Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
    Reviewed-By: Robbie Harwood <rharwood@redhat.com>
    Reviewed-By: Rob Crittenden <rcritten@redhat.com>
    
        
file modified
+1 -0
file modified
+17 -15