From a2af37c552477de78297322ef3bef099a0ac0717 Mon Sep 17 00:00:00 2001
From: Alexander Bokovoy <abokovoy@redhat.com>
Date: Wed, 31 Jul 2013 13:28:58 +0300
Subject: schema-compat: introduce a lock to protect PAM authentication

PAM stack requires exclusive access, therefore we need to use a write
lock.

Required for authenticating synthetically created records coming outside
of LDAP store.
---
 src/plug-sch.c | 3 +++
 src/plugin.h   | 2 ++
 2 files changed, 5 insertions(+)

(limited to 'src')

diff --git a/src/plug-sch.c b/src/plug-sch.c
index 5440e00..5d74beb 100644
--- a/src/plug-sch.c
+++ b/src/plug-sch.c
@@ -108,6 +108,7 @@ plugin_startup(Slapi_PBlock *pb)
 			state->plugin_base ? "\"" : "");
 	/* Populate the tree of fake entries. */
 	backend_startup(pb, state);
+	state->pam_lock = wrap_new_rwlock();
 	/* Note that the plugin is ready to go. */
 	slapi_log_error(SLAPI_LOG_PLUGIN, plugin_description.spd_id,
 			"plugin startup completed\n");
@@ -120,6 +121,8 @@ plugin_shutdown(Slapi_PBlock *pb)
 	struct plugin_state *state;
 	slapi_pblock_get(pb, SLAPI_PLUGIN_PRIVATE, &state);
 	map_done(state);
+	wrap_free_rwlock(state->pam_lock);
+	state->pam_lock = NULL;
 	state->plugin_base = NULL;
 	slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id,
 			"plugin shutdown completed\n");
diff --git a/src/plugin.h b/src/plugin.h
index b54e2ad..3967fb0 100644
--- a/src/plugin.h
+++ b/src/plugin.h
@@ -44,6 +44,8 @@ struct plugin_state {
 	struct {
 		int fd, port, pf, type;
 	} listener[4];
+	/* Schema compat-specific data. */
+	struct wrapped_rwlock *pam_lock;
 };
 
 #endif
-- 
cgit