|
 |
30390b |
From d7089129b966df83f083cb56ee90f6b906971cb6 Mon Sep 17 00:00:00 2001
|
|
|
30390b |
From: Sumit Bose <sbose@redhat.com>
|
|
|
30390b |
Date: Tue, 1 Dec 2020 16:09:10 +0100
|
|
|
30390b |
Subject: [PATCH 2/3] service: avoid crash if LDAP connection fails
|
|
|
30390b |
|
|
|
30390b |
There was always a chance for a crash if the connection to LDAP failed.
|
|
|
30390b |
In the ldaps case a failed connection became more likely e.g. due to
|
|
|
30390b |
failed certificate checks.
|
|
|
30390b |
|
|
|
30390b |
This patch avoids the crash and returns an error to the client cleanly.
|
|
|
30390b |
|
|
|
30390b |
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1826964
|
|
|
30390b |
---
|
|
|
30390b |
po/POTFILES.in | 1 +
|
|
|
30390b |
service/realm-disco-mscldap.c | 7 +++++++
|
|
|
30390b |
service/realm-disco-rootdse.c | 6 ++++++
|
|
|
30390b |
3 files changed, 14 insertions(+)
|
|
|
30390b |
|
|
|
30390b |
diff --git a/po/POTFILES.in b/po/POTFILES.in
|
|
|
30390b |
index 2de67c8..140ed4c 100644
|
|
|
30390b |
--- a/po/POTFILES.in
|
|
|
30390b |
+++ b/po/POTFILES.in
|
|
|
30390b |
@@ -1,6 +1,7 @@
|
|
|
30390b |
service/org.freedesktop.realmd.policy.in
|
|
|
30390b |
service/realm-command.c
|
|
|
30390b |
service/realm-disco-mscldap.c
|
|
|
30390b |
+service/realm-disco-rootdse.c
|
|
|
30390b |
service/realm-example.c
|
|
|
30390b |
service/realm-ini-config.c
|
|
|
30390b |
service/realm-invocation.c
|
|
|
30390b |
diff --git a/service/realm-disco-mscldap.c b/service/realm-disco-mscldap.c
|
|
|
30390b |
index 2504904..003bb66 100644
|
|
|
30390b |
--- a/service/realm-disco-mscldap.c
|
|
|
30390b |
+++ b/service/realm-disco-mscldap.c
|
|
|
30390b |
@@ -349,6 +349,13 @@ realm_disco_mscldap_async (GSocketAddress *address,
|
|
|
30390b |
}
|
|
|
30390b |
|
|
|
30390b |
clo->source = realm_ldap_connect_anonymous (address, protocol, FALSE, cancellable);
|
|
|
30390b |
+ if (clo->source == NULL) {
|
|
|
30390b |
+ g_task_return_new_error (task, G_IO_ERROR, G_IO_ERROR_NOT_CONNECTED,
|
|
|
30390b |
+ _("Failed to setup LDAP connection"));
|
|
|
30390b |
+ g_object_unref (task);
|
|
|
30390b |
+ return;
|
|
|
30390b |
+ }
|
|
|
30390b |
+
|
|
|
30390b |
g_source_set_callback (clo->source, (GSourceFunc)on_ldap_io,
|
|
|
30390b |
g_object_ref (task), g_object_unref);
|
|
|
30390b |
g_source_attach (clo->source, g_task_get_context (task));
|
|
|
30390b |
diff --git a/service/realm-disco-rootdse.c b/service/realm-disco-rootdse.c
|
|
|
30390b |
index 4ed19e5..d9b44b3 100644
|
|
|
30390b |
--- a/service/realm-disco-rootdse.c
|
|
|
30390b |
+++ b/service/realm-disco-rootdse.c
|
|
|
30390b |
@@ -475,6 +475,12 @@ realm_disco_rootdse_async (GSocketAddress *address,
|
|
|
30390b |
|
|
|
30390b |
clo->source = realm_ldap_connect_anonymous (address, G_SOCKET_PROTOCOL_TCP,
|
|
|
30390b |
use_ldaps, cancellable);
|
|
|
30390b |
+ if (clo->source == NULL) {
|
|
|
30390b |
+ g_task_return_new_error (task, G_IO_ERROR, G_IO_ERROR_NOT_CONNECTED,
|
|
|
30390b |
+ _("Failed to setup LDAP connection"));
|
|
|
30390b |
+ g_object_unref (task);
|
|
|
30390b |
+ return;
|
|
|
30390b |
+ }
|
|
|
30390b |
g_source_set_callback (clo->source, (GSourceFunc)on_ldap_io,
|
|
|
30390b |
g_object_ref (task), g_object_unref);
|
|
|
30390b |
g_source_attach (clo->source, g_task_get_context (task));
|
|
|
30390b |
--
|
|
|
30390b |
2.28.0
|
|
|
30390b |
|