tevent_abort_nesting crash in idmap_ad
jra at samba.org
Sat Jun 25 21:49:22 UTC 2016
On Sat, Jun 25, 2016 at 05:25:22PM +0200, Ralph Boehme wrote:
> On Sat, Jun 25, 2016 at 08:19:28AM -0700, Jeremy Allison wrote:
> > On Sat, Jun 25, 2016 at 05:13:36PM +0200, Ralph Boehme wrote:
> > > On Fri, Jun 24, 2016 at 08:28:08PM -0700, Jeremy Allison wrote:
> > > > Metze, Ralph, do you agree ?
> > >
> > > yes, sounds like a reasonable fix for me.
> > >
> > > Something like the attached hack for gensec to use a instantiated
> > > tevent context upon request in gensec_update_ev() prevents the crash
> > > as well. I still don't understand why gensec_update_send() crashes in
> > > this case, but works from smbd_smb2_session_setup_send().
> > Oh - let me look at this (probably Monday though :-).
> > If this is a generic fix for the problem then it's
> > much nicer than mine which was tldap specific :-).
> > Thanks Ralph !
> well, yes, it's hack that works for this particular case, but I guess
> metze or someone else more familiar with gensec (so anybody :) will
> tear it in pieces. :)
FYI. Had a nice long chat with Volker on the phone to
discuss his concens, and he's OK with either your or my
patch, so long as we check that we can't get any nested
event loops if any of the subsequent gensec calls to sign
or encrypt trigger a ticket re-fetch when a ticket expires.
I don't think that can happen with my patch as it
means the gensec code never gets passed an event
context to work with, so it must create it's own
and to a sub-event loop rather than a nested event
loop to refresh the ticket, but I must confess I
haven't (yet) checked the gensec code to make sure.
Let me do that on Monday and then we can decide if
we use your or my fix for this. Sounds like a plan ?
More information about the samba-technical