thevar1able/ClickHouse
1
0
Fork 0
mirror of https://github.com/ClickHouse/ClickHouse.git synced 2024-10-01 06:00:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Serialize all calls to ldap lib

Browse Source
This commit is contained in:
Denis Glazachev 2020-10-03 00:31:14 +04:00
parent 80c334a5ac
commit ab2c37cead
1 changed files with 27 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
src/Access/LDAPClient.cpp
View File

@ -2,6 +2,8 @@
#include <Common/Exception.h>
#include <ext/scope_guard.h>
#include <mutex>
#include <cstring>
#include <sys/time.h>
@ -27,16 +29,13 @@ LDAPClient::~LDAPClient()
closeConnection();
}
void LDAPClient::openConnection()
{
const bool graceful_bind_failure = false;
diag(openConnection(graceful_bind_failure));
}
#if USE_LDAP
namespace
{
std::recursive_mutex ldap_global_mutex;
auto escapeForLDAP(const String & src)
{
String dest;
@ -63,10 +62,13 @@ namespace
return dest;
}
}
void LDAPClient::diag(const int rc)
{
std::scoped_lock lock(ldap_global_mutex);
if (rc != LDAP_SUCCESS)
{
String text;
@ -100,8 +102,18 @@ void LDAPClient::diag(const int rc)
}
}
void LDAPClient::openConnection()
{
std::scoped_lock lock(ldap_global_mutex);
const bool graceful_bind_failure = false;
diag(openConnection(graceful_bind_failure));
}
int LDAPClient::openConnection(const bool graceful_bind_failure)
{
std::scoped_lock lock(ldap_global_mutex);
closeConnection();
{
@ -258,6 +270,8 @@ int LDAPClient::openConnection(const bool graceful_bind_failure)
void LDAPClient::closeConnection() noexcept
{
std::scoped_lock lock(ldap_global_mutex);
if (!handle)
return;
@ -267,6 +281,8 @@ void LDAPClient::closeConnection() noexcept
bool LDAPSimpleAuthClient::check()
{
std::scoped_lock lock(ldap_global_mutex);
if (params.user.empty())
throw Exception("LDAP authentication of a user with an empty name is not allowed", ErrorCodes::BAD_ARGUMENTS);
@ -312,6 +328,11 @@ void LDAPClient::diag(const int)
throw Exception("ClickHouse was built without LDAP support", ErrorCodes::FEATURE_IS_NOT_ENABLED_AT_BUILD_TIME);
}
void LDAPClient::openConnection()
{
throw Exception("ClickHouse was built without LDAP support", ErrorCodes::FEATURE_IS_NOT_ENABLED_AT_BUILD_TIME);
}
int LDAPClient::openConnection(const bool)
{
throw Exception("ClickHouse was built without LDAP support", ErrorCodes::FEATURE_IS_NOT_ENABLED_AT_BUILD_TIME);