[PATCH] Fix problem with sasl_set_mutex

Kurt Zeilenga Kurt.Zeilenga at Isode.com
Thu Sep 25 12:10:11 EDT 2008 

I think I've changed my mind regarding this patch.

At least with first caller wins, the function pointers don't bounce  
around as they presently do.

-- Kurt

On Sep 24, 2008, at 7:38 AM, Kurt Zeilenga wrote:

> Eric,
>
> I think this patch doesn't offer a general solution to the problem.
>
> The root problem here is that neither Cyrus SASL or OpenLDAP  
> libraries are truly reentrant.  Each does offer some amount of  
> thread-safety, but are each limited by their design.   Obviously,  
> both libraries could be improved by redesigning them to have less,  
> or at least, less irritating limitations.
>
> Anyways, all this patch does is changes which caller wins the  
> initialization conflict.  Where as before, last initializer won, now  
> first initializer wins.  So this patch will lead to same sorts of  
> 'weird crash' behavior as before when two callers make incompatible  
> initializations.
>
> I think you need to rework your program to avoid incompatible  
> initialization.  This basically means reworking the code so that  
> only one call to sasl_set_mutex is made.  Unfortunately, if you are  
> using multiple libraries that each make their own calls to  
> sasl_set_mutex, you are kind of screwed. If you only are using one  
> such library (such as libldap_r), you need to make sure it's the  
> only caller and that it's called early enough for all uses of Cyrus  
> SASL.
>
> Unfortunately, things like NSS and PAM can really cause a lot of  
> incompatible initialization that outside the control of the program.
>
> -- Kurt
>
> [resent from subscribed address]
>
> On Sep 20, 2008, at 5:41 AM, Eric Leblond wrote:
>
>> Hi,
>>
>> When working on NuFW (http://www.nufw.org), I've encounter some  
>> weird crash
>> when calling sasl_dispose. The problem was in fact a logic problem in
>> sasl_set_mutex.
>>
>> NuFW uses sasl and libldap_r. NuFW has to do a call to sasl_set_mutex
>> because it is multithreaded. One of the NuFW module uses libldap_r  
>> which
>> also does a call to sasl_set_mutex. By doing this, we run into a  
>> problem
>> because sasl_MUTEX_* function change during run time. Thus we can
>> allocate a mutex with NuFW function and destroy it with libldap_r
>> function. This lead to a crash in almost all cases.
>>
>> IMHO, the only clean workaround is to modify sasl_set_mutex(): it  
>> should
>> not be run twice in the same program. I attach a simple patch to this
>> mail which implement this behaviour.
>>
>> BR,
>> -- 
>> Eric Leblond
>> INL: http://www.inl.fr/
>> NuFW: http://www.nufw.org/
>> <sasl_set_mutex_fix.diff>
>

More information about the Cyrus-sasl mailing list