Bug #57881
closed
LDAP invalid password resource leak fix
Added by Johannes Liebl over 1 year ago.
Updated 3 days ago.
Tags:
ldap backport_processed
Description
I have noticed that in the case a User tries to log in using LDAP with a wrong password, two new LDAP sessions will be opend but not closed.
This has resulted in a massive increase in open connections to our central LDAP after a while.
The issue lies in the ldap implementation (/src/rgw/ldap.h) since it does not unbind the ldap connection if the requests fail.
I will open a pull request shortly.
- Status changed from New to Fix Under Review
- Tags set to ldap
- Pull request ID set to 48509
- Assignee set to Matt Benjamin
- Status changed from Fix Under Review to Pending Backport
- Tags changed from ldap to ldap backport_processed
Is there something I can do to help with Backporting?
We would like this fix to be included in v16.2.12 and v17.2.6 if possible.
- Backport changed from Pacific, Quincy to pacific, quincy
- Copied to Backport #59091: pacific: LDAP invalid password resource leak fix added
- Copied to Backport #59092: quincy: LDAP invalid password resource leak fix added
Thank you very much @Laura
I already created #59090 and #59089 with the intention of creating the pull requests later. Those can be deleted since they are now redundant (Which I can't for some reason).
I will use the Backport script next time
- Status changed from Pending Backport to Resolved
- % Done changed from 0 to 100
Also available in: Atom
PDF