diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2016-04-18 10:32:15 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2016-04-20 21:50:28 +0200 |
| commit | 62a59854f0478130c23bc7b8bbf4064b38bbeaf8 (patch) | |
| tree | 0d2101e019491d560560d36ca9700e2e016801e8 /apps/user_ldap/lib | |
| parent | 85d809c0d3cda16e9ef12f57c4225c868b17915b (diff) | |
| download | nextcloud-server-62a59854f0478130c23bc7b8bbf4064b38bbeaf8.tar.gz nextcloud-server-62a59854f0478130c23bc7b8bbf4064b38bbeaf8.zip | |
Fix LDAP race conditions
* getFromCache is wrapped in isCached
* inbetween the two calls the cache entry hits it's TTL
* getFromCache returns null
* this fix only checkes if the returned value is null and
return only non-null values
Diffstat (limited to 'apps/user_ldap/lib')
| -rw-r--r-- | apps/user_ldap/lib/access.php | 10 | ||||
| -rw-r--r-- | apps/user_ldap/lib/connection.php | 19 | ||||
| -rw-r--r-- | apps/user_ldap/lib/user/user.php | 5 |
3 files changed, 9 insertions, 25 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index 135eca1e625..569d2dbcbe9 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -364,8 +364,9 @@ class Access extends LDAPUtility implements user\IUserTools { $validGroupDNs = []; foreach($groupDNs as $dn) { $cacheKey = 'groupsMatchFilter-'.$dn; - if($this->connection->isCached($cacheKey)) { - if($this->connection->getFromCache($cacheKey)) { + $groupMatchFilter = $this->connection->getFromCache($cacheKey); + if(!is_null($groupMatchFilter)) { + if($groupMatchFilter) { $validGroupDNs[] = $dn; } continue; @@ -1505,8 +1506,9 @@ class Access extends LDAPUtility implements user\IUserTools { public function getSID($dn) { $domainDN = $this->getDomainDNFromDN($dn); $cacheKey = 'getSID-'.$domainDN; - if($this->connection->isCached($cacheKey)) { - return $this->connection->getFromCache($cacheKey); + $sid = $this->connection->getFromCache($cacheKey); + if(!is_null($sid)) { + return $sid; } $objectSid = $this->readAttribute($domainDN, 'objectsid'); diff --git a/apps/user_ldap/lib/connection.php b/apps/user_ldap/lib/connection.php index 53c9b3790a7..974cad6dc02 100644 --- a/apps/user_ldap/lib/connection.php +++ b/apps/user_ldap/lib/connection.php @@ -213,10 +213,6 @@ class Connection extends LDAPUtility { if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) { return null; } - if(!$this->isCached($key)) { - return null; - - } $key = $this->getCacheKey($key); return json_decode(base64_decode($this->cache->get($key)), true); @@ -224,21 +220,6 @@ class Connection extends LDAPUtility { /** * @param string $key - * @return bool - */ - public function isCached($key) { - if(!$this->configured) { - $this->readConfiguration(); - } - if(is_null($this->cache) || !$this->configuration->ldapCacheTTL) { - return false; - } - $key = $this->getCacheKey($key); - return $this->cache->hasKey($key); - } - - /** - * @param string $key * @param mixed $value * * @return string diff --git a/apps/user_ldap/lib/user/user.php b/apps/user_ldap/lib/user/user.php index 23aba0e0d85..4da8ae5f098 100644 --- a/apps/user_ldap/lib/user/user.php +++ b/apps/user_ldap/lib/user/user.php @@ -297,8 +297,9 @@ class User { public function getMemberOfGroups() { $cacheKey = 'getMemberOf'.$this->getUsername(); - if($this->connection->isCached($cacheKey)) { - return $this->connection->getFromCache($cacheKey); + $memberOfGroups = $this->connection->getFromCache($cacheKey); + if(!is_null($memberOfGroups)) { + return $memberOfGroups; } $groupDNs = $this->access->readAttribute($this->getDN(), 'memberOf'); $this->connection->writeToCache($cacheKey, $groupDNs); |