[Da-tools-commits] ./debian/userdir-ldap r498: There is a deadlock situation when ud-mailgate gets a mail claiming to be from

[Peter Palfrader]

------------------------------------------------------------
revno: 498
committer: Peter Palfrader <peter at palfrader.org>
branch nick: userdir-ldap
timestamp: Wed 2008-12-17 12:58:32 +0100
message:
  There is a deadlock situation when ud-mailgate gets a mail claiming to be from
  itself:
   - ud-mailgate opens and locks the replay cache
   - verification of the mail fails for whatever reason
   - a reply is sent (to itself)
   - exim tries to deliver the mail by directly calling ud-mailgate
   - ud-mailgate tries to acquire the lock -> deadlock
  Fix this by changing when we open the replay cache, and unlock it as soon as we
  are done.
modified:
  debian/changelog
  ud-mailgate
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog	2008-12-14 01:56:40 +0000
+++ b/debian/changelog	2008-12-17 11:58:32 +0000
@@ -1,3 +1,17 @@
+userdir-ldap (0.3.56) unstable; urgency=low
+
+  * There is a deadlock situation when ud-mailgate gets a mail claiming
+    to be from itself:
+    - ud-mailgate opens and locks the replay cache
+    - verification of the mail fails for whatever reason
+    - a reply is sent (to itself)
+    - exim tries to deliver the mail by directly calling ud-mailgate
+    - ud-mailgate tries to acquire the lock -> deadlock
+    Fix this by changing when we open the replay cache, and unlock it
+    as soon as we are done.
+
+ -- Peter Palfrader <weasel at debian.org>  Wed, 17 Dec 2008 12:54:10 +0100
+
 userdir-ldap (0.3.55) unstable; urgency=low
 
   [ Joey Schulze ]

=== modified file 'ud-mailgate'
--- a/ud-mailgate	2008-12-08 10:40:26 +0000
+++ b/ud-mailgate	2008-12-17 11:58:32 +0000
@@ -668,8 +668,6 @@
    # Startup the replay cache
    ErrType = EX_TEMPFAIL;
    ErrMsg = "Failed to initialize the replay cache:";
-   RC = ReplayCache(ReplayCacheFile);
-   RC.Clean();
 
    # Get the email 
    ErrType = EX_PERMFAIL;
@@ -704,12 +702,6 @@
    else:
       PlainText = Res[3];   
 
-   # Check the signature against the replay cache
-   ErrMsg = "The replay cache rejected your message. Check your clock!";
-   Rply = RC.Check(Res[1]);
-   if Rply != None:
-      raise Error, Rply;
-
    # Connect to the ldap server
    ErrType = EX_TEMPFAIL;
    ErrMsg = "An error occured while performing the LDAP lookup";
@@ -726,7 +718,17 @@
    if len(Attrs) != 1:
       raise Error, "Oddly your key fingerprint is assigned to more than one account.."
 
+
+   # Check the signature against the replay cache
+   RC = ReplayCache(ReplayCacheFile);
+   RC.Clean();
+   ErrMsg = "The replay cache rejected your message. Check your clock!";
+   Rply = RC.Check(Res[1]);
+   if Rply != None:
+      RC.close()
+      raise Error, Rply;
    RC.Add(Res[1]);
+   RC.close()
 
    # Determine the sender address
    ErrMsg = "A problem occured while trying to formulate the reply";