diff options
author | Vincent Ambo <mail@tazj.in> | 2022-02-02T17·55+0300 |
---|---|---|
committer | tazjin <tazjin@tvl.su> | 2022-02-07T17·13+0000 |
commit | 67a31e72525471fa4d384fcd9cf1b0918965d9b5 (patch) | |
tree | 67eeb90ee542cb4e3341a670223e52a93b6f47e1 /web/panettone/src | |
parent | 0d0b43ed8819e66a0888eb6d1d1f47b171ae62e0 (diff) |
fix(web/panettone): unbind LDAP connections after auth r/3777
unbind & close the stream of newly created LDAP connections after auth, which might prevent some of the resource leaking we've got going on i did actually verify in sly that this still works. yay. Change-Id: I92c8ca20de642585ae4c24aa455d051ee6e44a87 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5193 Tested-by: BuildkiteCI Reviewed-by: grfn <grfn@gws.fyi>
Diffstat (limited to 'web/panettone/src')
-rw-r--r-- | web/panettone/src/authentication.lisp | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/web/panettone/src/authentication.lisp b/web/panettone/src/authentication.lisp index c3353450201d..3d4a3510ea05 100644 --- a/web/panettone/src/authentication.lisp +++ b/web/panettone/src/authentication.lisp @@ -103,13 +103,13 @@ instance of `user'" request against the ldap server at *ldap*. Returns the user if authentication is successful, `nil' otherwise" (when-let ((user (if (typep user-or-username 'user) user-or-username - (find-user user-or-username)))) - (let ((dn (dn user))) - (let ((code-sym - (nth-value 1 (ldap:bind - (ldap:new-ldap :host (ldap:host *ldap*) - :port (ldap:port *ldap*) - :user dn - :pass password))))) - (when (equalp code-sym 'trivial-ldap:success) - user))))) + (find-user user-or-username)))) + (let* ((dn (dn user)) + (conn (ldap:new-ldap :host (ldap:host *ldap*) + :port (ldap:port *ldap*) + :user dn + :pass password)) + (code-sym (nth-value 1 (unwind-protect (ldap:bind conn) + (ldap:unbind conn))))) + (when (equalp code-sym 'trivial-ldap:success) + user)))) |