From 67a31e72525471fa4d384fcd9cf1b0918965d9b5 Mon Sep 17 00:00:00 2001 From: Vincent Ambo Date: Wed, 2 Feb 2022 20:55:39 +0300 Subject: fix(web/panettone): unbind LDAP connections after auth unbind & close the stream of newly created LDAP connections after auth, which might prevent some of the resource leaking we've got going on i did actually verify in sly that this still works. yay. Change-Id: I92c8ca20de642585ae4c24aa455d051ee6e44a87 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5193 Tested-by: BuildkiteCI Reviewed-by: grfn --- web/panettone/src/authentication.lisp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'web/panettone') diff --git a/web/panettone/src/authentication.lisp b/web/panettone/src/authentication.lisp index c335345020..3d4a3510ea 100644 --- a/web/panettone/src/authentication.lisp +++ b/web/panettone/src/authentication.lisp @@ -103,13 +103,13 @@ instance of `user'" request against the ldap server at *ldap*. Returns the user if authentication is successful, `nil' otherwise" (when-let ((user (if (typep user-or-username 'user) user-or-username - (find-user user-or-username)))) - (let ((dn (dn user))) - (let ((code-sym - (nth-value 1 (ldap:bind - (ldap:new-ldap :host (ldap:host *ldap*) - :port (ldap:port *ldap*) - :user dn - :pass password))))) - (when (equalp code-sym 'trivial-ldap:success) - user))))) + (find-user user-or-username)))) + (let* ((dn (dn user)) + (conn (ldap:new-ldap :host (ldap:host *ldap*) + :port (ldap:port *ldap*) + :user dn + :pass password)) + (code-sym (nth-value 1 (unwind-protect (ldap:bind conn) + (ldap:unbind conn))))) + (when (equalp code-sym 'trivial-ldap:success) + user)))) -- cgit 1.4.1