From 3a1f8aa6f6464d8e80b79664e204ca3b24663e00 Mon Sep 17 00:00:00 2001
From: Simo Sorce <ssorce@redhat.com>
Date: Fri, 18 Dec 2009 10:23:41 -0500
Subject: Fix ldap child memory hierarchy and other issues

The timeout handler was not a child of the request so it could fire even though
the request was already freed.

The code wouldn't use async writes to the children so it could incur in a short
write with no way to detect or recover from it.
Also fixed style of some helper functions to pass explicit paramters instead of
a general structure.
Add common code to do async writes to pipes.
Fixed async write issue for the krb5_child as well.

Fix also sdap_kinit_done(), a return statement was missing and we were mixing
SDAP_AUTH and errno return codes in state->result

Remove usless helper function that just replicates talloc_strndup()
---
 server/providers/ldap/sdap_async_connection.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'server/providers/ldap/sdap_async_connection.c')

diff --git a/server/providers/ldap/sdap_async_connection.c b/server/providers/ldap/sdap_async_connection.c
index 134979039..7ccb301bd 100644
--- a/server/providers/ldap/sdap_async_connection.c
+++ b/server/providers/ldap/sdap_async_connection.c
@@ -581,8 +581,7 @@ struct tevent_req *sdap_kinit_send(TALLOC_CTX *memctx,
         }
     }
 
-    subreq = sdap_krb5_get_tgt_send(state, ev, timeout,
-                                    realm, principal, keytab);
+    subreq = sdap_get_tgt_send(state, ev, realm, principal, keytab, timeout);
     if (!subreq) {
         talloc_zfree(req);
         return NULL;
@@ -603,19 +602,20 @@ static void sdap_kinit_done(struct tevent_req *subreq)
     int result;
     char *ccname = NULL;
 
-    ret = sdap_krb5_get_tgt_recv(subreq, state, &result, &ccname);
+    ret = sdap_get_tgt_recv(subreq, state, &result, &ccname);
     talloc_zfree(subreq);
     if (ret != EOK) {
-        state->result = ret;
+        state->result = SDAP_AUTH_FAILED;
         DEBUG(1, ("child failed (%d [%s])\n", ret, strerror(ret)));
         tevent_req_error(req, ret);
+        return;
     }
 
     if (result == EOK) {
         ret = setenv("KRB5CCNAME", ccname, 1);
         if (ret == -1) {
             DEBUG(2, ("Unable to set env. variable KRB5CCNAME!\n"));
-            state->result = EFAULT;
+            state->result = SDAP_AUTH_FAILED;
             tevent_req_error(req, EFAULT);
         }
 
-- 
cgit