From d7089129b966df83f083cb56ee90f6b906971cb6 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Tue, 1 Dec 2020 16:09:10 +0100 Subject: [PATCH 2/3] service: avoid crash if LDAP connection fails There was always a chance for a crash if the connection to LDAP failed. In the ldaps case a failed connection became more likely e.g. due to failed certificate checks. This patch avoids the crash and returns an error to the client cleanly. Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1826964 --- po/POTFILES.in | 1 + service/realm-disco-mscldap.c | 7 +++++++ service/realm-disco-rootdse.c | 6 ++++++ 3 files changed, 14 insertions(+) diff --git a/po/POTFILES.in b/po/POTFILES.in index 2de67c8..140ed4c 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -1,6 +1,7 @@ service/org.freedesktop.realmd.policy.in service/realm-command.c service/realm-disco-mscldap.c +service/realm-disco-rootdse.c service/realm-example.c service/realm-ini-config.c service/realm-invocation.c diff --git a/service/realm-disco-mscldap.c b/service/realm-disco-mscldap.c index 2504904..003bb66 100644 --- a/service/realm-disco-mscldap.c +++ b/service/realm-disco-mscldap.c @@ -349,6 +349,13 @@ realm_disco_mscldap_async (GSocketAddress *address, } clo->source = realm_ldap_connect_anonymous (address, protocol, FALSE, cancellable); + if (clo->source == NULL) { + g_task_return_new_error (task, G_IO_ERROR, G_IO_ERROR_NOT_CONNECTED, + _("Failed to setup LDAP connection")); + g_object_unref (task); + return; + } + g_source_set_callback (clo->source, (GSourceFunc)on_ldap_io, g_object_ref (task), g_object_unref); g_source_attach (clo->source, g_task_get_context (task)); diff --git a/service/realm-disco-rootdse.c b/service/realm-disco-rootdse.c index 4ed19e5..d9b44b3 100644 --- a/service/realm-disco-rootdse.c +++ b/service/realm-disco-rootdse.c @@ -475,6 +475,12 @@ realm_disco_rootdse_async (GSocketAddress *address, clo->source = realm_ldap_connect_anonymous (address, G_SOCKET_PROTOCOL_TCP, use_ldaps, cancellable); + if (clo->source == NULL) { + g_task_return_new_error (task, G_IO_ERROR, G_IO_ERROR_NOT_CONNECTED, + _("Failed to setup LDAP connection")); + g_object_unref (task); + return; + } g_source_set_callback (clo->source, (GSourceFunc)on_ldap_io, g_object_ref (task), g_object_unref); g_source_attach (clo->source, g_task_get_context (task)); -- 2.28.0