tevent_abort_nesting crash in idmap_ad
Stefan Metzmacher
metze at samba.org
Mon Jun 27 07:00:59 UTC 2016
Am 24.06.2016 um 20:45 schrieb Jeremy Allison:
> On Fri, Jun 24, 2016 at 11:23:53AM -0700, Jeremy Allison wrote:
>>
>> OK. Try #2... :-).
>>
>> Inside tldap_gensec_bind_got_mechs() we
>> currently do:
>>
>> gensec_update_send()
>> tevent_req_set_callback(..., tldap_gensec_update_done)
>>
>> to nicely break the gensec updates up into
>> async operations.
>>
>> However, we're under a blocking operation
>> anyway - tldap_gensec_bind().
>>
>> So an easy fix would be to change the
>> gensec_update_send()/tevent_req_set_callback()
>> pairs for the gensec code inside the
>> source3/lib/tldap_gensec_bind.c code
>> to be synchronous.
>>
>> Essentially we change the code to call
>> the synchronous:
>>
>> gensec_update()
>>
>> followed by a direct call to a slightly modified:
>>
>> tldap_gensec_update_done()
>>
>> rather than using the current async
>> mechanism - the spnego gensec backend
>> isn't async anyway.
>>
>> As this is removing asynchronicity
>> this should be a manageable change.
>>
>> I can have a go at doing this if you'd
>> like, or I'm happy to review such a
>> change if anyone else gets to it.
>
> Was easier than I thought. Compiles but
> not (yet) tested.
>
> Ralph, can you see if this fixes the problem
> in your test case ?
I'd prefer this change + making tldap_gensec_bind_send/recv static.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20160627/99cfaf11/signature.sig>
More information about the samba-technical
mailing list