]> git.ipfire.org Git - thirdparty/openldap.git/commitdiff
projects / thirdparty / openldap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4cf90e8)
ITS#9302 ppolicy: avoid pwdFailureTime race condition
authorArvid Requate <requate@univention.de>
Fri, 24 Jul 2020 19:23:20 +0000 (21:23 +0200)
committerHoward Chu <hyc@openldap.org>
Thu, 30 Jul 2020 16:32:32 +0000 (17:32 +0100)
servers/slapd/overlays/ppolicy.c patch | blob | blame | history

diff --git a/servers/slapd/overlays/ppolicy.c b/servers/slapd/overlays/ppolicy.c
index 8af25eb54758f14d202c493e47c90df1da1ab05a..3cbc9f01767de7171c23ade750526470942c3472 100644 (file)
--- a/servers/slapd/overlays/ppolicy.c
+++ b/servers/slapd/overlays/ppolicy.c
@@ -414,6 +414,7 @@ static char *pwd_ocs[] = {
 };
 
 static ldap_pvt_thread_mutex_t chk_syntax_mutex;
+static ldap_pvt_thread_mutex_t pwdFailureTime_mutex;
 
 enum {
        PPOLICY_DEFAULT = 1,
@@ -1418,11 +1419,13 @@ ppolicy_bind_response( Operation *op, SlapReply *rs )
                goto locked;
        }
 
+       ldap_pvt_thread_mutex_lock( &pwdFailureTime_mutex );
        op->o_bd->bd_info = (BackendInfo *)on->on_info;
        rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e );
        op->o_bd->bd_info = bi;
 
        if ( rc != LDAP_SUCCESS ) {
+               ldap_pvt_thread_mutex_unlock( &pwdFailureTime_mutex );
                return SLAP_CB_CONTINUE;
        }
 
@@ -1781,6 +1784,7 @@ locked:
                op->o_callback->sc_cleanup = ppolicy_ctrls_cleanup;
        }
        op->o_bd->bd_info = bi;
+       ldap_pvt_thread_mutex_unlock( &pwdFailureTime_mutex );
        return SLAP_CB_CONTINUE;
 }
 
@@ -3136,6 +3140,8 @@ ppolicy_db_init(
 
        ov_count++;
 
+       ldap_pvt_thread_mutex_init( &pwdFailureTime_mutex );
+
        return 0;
 }
 
@@ -3187,6 +3193,7 @@ ppolicy_db_destroy(
                pwc--;
                ch_free( pwc );
        }
+       ldap_pvt_thread_mutex_destroy( &pwdFailureTime_mutex );
        return 0;
 }
 
Mirror of https://git.openldap.org/openldap/openldap.git