avoid potential deadlock related to ACLs checking

This commit is contained in:
Pierangelo Masarati 2005-03-18 00:10:10 +00:00
parent c29c0c9bd8
commit dec4c2197a

View File

@ -415,14 +415,9 @@ slap_passwd_check(
struct berval *bv; struct berval *bv;
AccessControlState acl_state = ACL_STATE_INIT; AccessControlState acl_state = ACL_STATE_INIT;
#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
ldap_pvt_thread_mutex_lock( &passwd_mutex );
#ifdef SLAPD_SPASSWD
lutil_passwd_sasl_conn = op->o_conn->c_sasl_authctx;
#endif
#endif
for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) { for ( bv = a->a_vals; bv->bv_val != NULL; bv++ ) {
int rc;
/* if e is provided, check access */ /* if e is provided, check access */
if ( e && access_allowed( op, e, a->a_desc, bv, if ( e && access_allowed( op, e, a->a_desc, bv,
ACL_AUTH, &acl_state ) == 0 ) ACL_AUTH, &acl_state ) == 0 )
@ -430,11 +425,14 @@ slap_passwd_check(
continue; continue;
} }
if ( !lutil_passwd( bv, cred, NULL, text ) ) { #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
result = 0; ldap_pvt_thread_mutex_lock( &passwd_mutex );
break; #ifdef SLAPD_SPASSWD
} lutil_passwd_sasl_conn = op->o_conn->c_sasl_authctx;
} #endif
#endif
rc = lutil_passwd( bv, cred, NULL, text );
#if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD ) #if defined( SLAPD_CRYPT ) || defined( SLAPD_SPASSWD )
#ifdef SLAPD_SPASSWD #ifdef SLAPD_SPASSWD
@ -443,6 +441,12 @@ slap_passwd_check(
ldap_pvt_thread_mutex_unlock( &passwd_mutex ); ldap_pvt_thread_mutex_unlock( &passwd_mutex );
#endif #endif
if ( !rc ) {
result = 0;
break;
}
}
return result; return result;
} }