openstack
/
keystone
Code Issues Proposed changes
keystone/keystone
History
Mustafa Kemal Gilor ff632a81fb
[PooledLDAPHandler] Ensure result3() invokes message.clean() 
result3 does not invoke message.clean() when an exception is thrown
by `message.connection.result3()` call, causing pool connection
associated with the message to be marked active forever. This causes
a denial-of-service on ldappool.

The fix ensures message.clean() is invoked by wrapping the offending
call in try-except-finally and putting the message.clean() in finally
block.

Closes-Bug: #1998789

Change-Id: I59ebf0fa77391d49b2349e918fc55f96318c42a6
Signed-off-by: Mustafa Kemal Gilor <mustafa.gilor@canonical.com>
 		2022-12-06 17:48:43 +03:00
..
api requirements: Bump linter requirements 2022-10-26 15:14:21 +03:00
application_credential Update hacking for Python3 2020-04-15 07:17:58 +02:00
assignment Merge "Delete system role assignments from system_assignment table" 2020-10-30 21:16:38 +00:00
auth Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00
catalog Remove six usage 2020-01-30 06:06:51 +00:00
cmd requirements: Bump linter requirements 2022-10-26 15:14:21 +03:00
common requirements: Bump linter requirements 2022-10-26 15:14:21 +03:00
conf Change the min value of pool_retry_max to 1 2022-01-18 11:41:59 +01:00
credential Merge "Properly instantiate FernetUtils" 2022-02-17 18:15:40 +00:00
endpoint_policy Remove six usage 2020-01-30 06:06:51 +00:00
federation requirements: Bump linter requirements 2022-10-26 15:14:21 +03:00
identity [PooledLDAPHandler] Ensure result3() invokes message.clean() 2022-12-06 17:48:43 +03:00
limit Remove six usage 2020-01-30 06:06:51 +00:00
locale Imported Translations from Zanata 2022-09-08 03:35:35 +00:00
models fix E225 missing whitespace around operator 2020-11-27 13:21:26 +01:00
oauth1 Stop to use the __future__ module. 2020-06-02 20:20:37 +02:00
oauth2 OAuth2.0 Client Credentials Grant Flow Support 2022-06-14 09:09:33 +00:00
policy Remove six usage 2020-01-30 06:06:51 +00:00
receipt Remove six usage 2020-01-30 06:06:51 +00:00
resource Update hacking for Python3 2020-04-15 07:17:58 +02:00
revoke requirements: Bump linter requirements 2022-10-26 15:14:21 +03:00
server Merge "OAuth2.0 Client Credentials Grant Flow Support" 2022-08-26 17:09:42 +00:00
tests [PooledLDAPHandler] Ensure result3() invokes message.clean() 2022-12-06 17:48:43 +03:00
token Limit token expiration to application credential expiration 2022-10-21 12:36:39 -05:00
trust Improve performance on trust deletion 2021-09-02 15:18:29 +02:00
__init__.py Revert "Disable eventlet monkey-patching of DNS" 2013-05-10 10:24:48 -04:00
exception.py OAuth2.0 Client Credentials Grant Flow Support 2022-06-14 09:09:33 +00:00
i18n.py Fix translated response 2019-08-19 14:49:37 +08:00
notifications.py Hide AccountLocked exception from end users 2021-04-23 13:43:42 -05:00
version.py Add expiring user group memberships on mapped authentication 2020-04-07 19:30:57 -04:00