Bug #57881
LDAP invalid password resource leak fix
% Done:
0%
Source:
Community (user)
Tags:
ldap backport_processed
Backport:
Pacific, Quincy
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
I have noticed that in the case a User tries to log in using LDAP with a wrong password, two new LDAP sessions will be opend but not closed.
This has resulted in a massive increase in open connections to our central LDAP after a while.
The issue lies in the ldap implementation (/src/rgw/ldap.h) since it does not unbind the ldap connection if the requests fail.
I will open a pull request shortly.
History
#1 Updated by Johannes Liebl 4 months ago
I created a pull request for a possible fix:
https://github.com/ceph/ceph/pull/48509
#2 Updated by Casey Bodley 4 months ago
- Status changed from New to Fix Under Review
- Tags set to ldap
- Pull request ID set to 48509
#3 Updated by Casey Bodley 3 months ago
- Assignee set to Matt Benjamin
#4 Updated by J. Eric Ivancich 14 days ago
- Status changed from Fix Under Review to Pending Backport
#5 Updated by Backport Bot 14 days ago
- Tags changed from ldap to ldap backport_processed