[PATCH] Fix problem with sasl_set_mutex
Alexey Melnikov
alexey.melnikov at isode.com
Thu Sep 25 12:33:33 EDT 2008
Kurt Zeilenga wrote:
> I think I've changed my mind regarding this patch.
>
> At least with first caller wins, the function pointers don't bounce
> around as they presently do.
I think I can do a better patch. sasl_set_mutex should be allowed to be
called any number of times, as long as these calls are before the first
sasl_client_init/sasl_server_init call.
> -- Kurt
>
> On Sep 24, 2008, at 7:38 AM, Kurt Zeilenga wrote:
>
>> Eric,
>>
>> I think this patch doesn't offer a general solution to the problem.
>>
>> The root problem here is that neither Cyrus SASL or OpenLDAP
>> libraries are truly reentrant. Each does offer some amount of
>> thread-safety, but are each limited by their design. Obviously,
>> both libraries could be improved by redesigning them to have less,
>> or at least, less irritating limitations.
>>
>> Anyways, all this patch does is changes which caller wins the
>> initialization conflict. Where as before, last initializer won, now
>> first initializer wins. So this patch will lead to same sorts of
>> 'weird crash' behavior as before when two callers make incompatible
>> initializations.
>>
>> I think you need to rework your program to avoid incompatible
>> initialization. This basically means reworking the code so that
>> only one call to sasl_set_mutex is made. Unfortunately, if you are
>> using multiple libraries that each make their own calls to
>> sasl_set_mutex, you are kind of screwed. If you only are using one
>> such library (such as libldap_r), you need to make sure it's the
>> only caller and that it's called early enough for all uses of Cyrus
>> SASL.
>>
>> Unfortunately, things like NSS and PAM can really cause a lot of
>> incompatible initialization that outside the control of the program.
>>
>> -- Kurt
>>
>> [resent from subscribed address]
>>
>> On Sep 20, 2008, at 5:41 AM, Eric Leblond wrote:
>>
>>> Hi,
>>>
>>> When working on NuFW (http://www.nufw.org), I've encounter some
>>> weird crash
>>> when calling sasl_dispose. The problem was in fact a logic problem in
>>> sasl_set_mutex.
>>>
>>> NuFW uses sasl and libldap_r. NuFW has to do a call to sasl_set_mutex
>>> because it is multithreaded. One of the NuFW module uses libldap_r
>>> which
>>> also does a call to sasl_set_mutex. By doing this, we run into a
>>> problem
>>> because sasl_MUTEX_* function change during run time. Thus we can
>>> allocate a mutex with NuFW function and destroy it with libldap_r
>>> function. This lead to a crash in almost all cases.
>>>
>>> IMHO, the only clean workaround is to modify sasl_set_mutex(): it
>>> should
>>> not be run twice in the same program. I attach a simple patch to this
>>> mail which implement this behaviour.
>>>
>>> BR,
>>> --
>>> Eric Leblond
>>> INL: http://www.inl.fr/
>>> NuFW: http://www.nufw.org/
>>> <sasl_set_mutex_fix.diff>
>>
>>
>
More information about the Cyrus-sasl
mailing list