[SERVER-70912] All LDAP bind state must be attached to connection object Created: 27/Oct/22  Updated: 29/Oct/23  Resolved: 07/Feb/23

Status: Closed
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: 6.3.0-rc0, 6.0.6

Type: Bug Priority: Major - P3
Reporter: Spencer Jackson Assignee: Varun Ravichandran
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Backports
Problem/Incident
is caused by SERVER-58848 Track duration of LDAP operations in ... Closed
Related
Backwards Compatibility: Fully Compatible
Operating System: ALL
Backport Requested:
v6.3, v6.0
Sprint: Security 2022-11-14, Security 2022-11-28, Security 2022-12-12, Security 2022-12-26, Security 2023-01-09, Security 2023-01-23, Security 2023-02-06, Security 2023-02-20
Participants:
Case:

 Description   

OpenLDAPConnection::bindAsUser both binds to the target LDAP server and invokes ldap_set_rebind_proc, to register a callback which actually performs the binding operation. This callback will get executed if a subsequent query operation chases a referral to a delegated LDAP server, and finds that we need to bind to the new server using our original bind parameters. The callback is provided with the address of additional arguments which contain the bind parameters. This address must be valid when the callback is called.

Because the callback can be invoked during any call to several OpenLDAPConenction methods, the pointer registered in ldap_set_rebind_proc must be to a value whose lifetime is guaranteed to live at least as long as the OpenLDAPConnection itself.


Generated at Thu Feb 08 06:17:29 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.