autofs-5.0.9 - add serialization to sasl init

From: Ian Kent <ikent@redhat.com>

Attempt to resolve crash in sasl initialization. We know that the
initial connection calls to connect to an LDAP server are not
thread safe and it looks like the sasl code doesn't take that into
consideration so adding serialization with a mutex is probably a
sensible thing to do.
---
 CHANGELOG             |    1 +
 modules/lookup_ldap.c |   13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/CHANGELOG b/CHANGELOG
index 48c13f5..ca66aed 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -5,6 +5,7 @@
 - fix reset flex scan buffer on init.
 - wait for master map available at start.
 - add master read wait option.
+- add serialization to sasl init.
 
 28/03/2014 autofs-5.0.9
 =======================
diff --git a/modules/lookup_ldap.c b/modules/lookup_ldap.c
index c22d100..44205fd 100644
--- a/modules/lookup_ldap.c
+++ b/modules/lookup_ldap.c
@@ -558,7 +558,9 @@ static int do_bind(unsigned logopt, LDAP *ldap, const char *uri, struct lookup_c
 	      ctxt->auth_required, ctxt->sasl_mech);
 
 	if (ctxt->auth_required & LDAP_NEED_AUTH) {
+		ldapinit_mutex_lock();
 		rv = autofs_sasl_bind(logopt, ldap, ctxt);
+		ldapinit_mutex_unlock();
 		debug(logopt, MODPREFIX "autofs_sasl_bind returned %d", rv);
 	} else {
 		rv = bind_ldap_simple(logopt, ldap, uri, ctxt);
@@ -780,7 +782,9 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
 #ifdef WITH_SASL
 		/* Dispose of the sasl authentication connection and try again. */
 		if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
+			ldapinit_mutex_lock();
 			autofs_sasl_dispose(ctxt);
+			ldapinit_mutex_unlock();
 			ldap = connect_to_server(logopt, ctxt->server, ctxt);
 		}
 #endif
@@ -816,7 +820,9 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
 	 * current server again before trying other servers in the list.
 	 */
 	if (!ldap && ctxt->auth_required & LDAP_NEED_AUTH) {
+		ldapinit_mutex_lock();
 		autofs_sasl_dispose(ctxt);
+		ldapinit_mutex_unlock();
 		ldap = connect_to_server(logopt, ctxt->uri->uri, ctxt);
 	}
 #endif
@@ -827,7 +833,9 @@ static LDAP *do_reconnect(unsigned logopt, struct lookup_context *ctxt)
 
 find_server:
 #ifdef WITH_SASL
+	ldapinit_mutex_lock();
 	autofs_sasl_dispose(ctxt);
+	ldapinit_mutex_unlock();
 #endif
 
 	/* Current server failed, try the rest or dc connection */
@@ -1551,11 +1559,14 @@ int lookup_init(const char *mapfmt, int argc, const char *const *argv, void **co
 
 #ifdef WITH_SASL
 	/* Init the sasl callbacks */
+	ldapinit_mutex_lock();
 	if (!autofs_sasl_client_init(LOGOPT_NONE)) {
 		error(LOGOPT_ANY, "failed to init sasl client");
+		ldapinit_mutex_unlock();
 		free_context(ctxt);
 		return 1;
 	}
+	ldapinit_mutex_unlock();
 #endif
 
 	/* Open the parser, if we can. */
@@ -3087,8 +3098,10 @@ int lookup_done(void *context)
 	struct lookup_context *ctxt = (struct lookup_context *) context;
 	int rv = close_parse(ctxt->parse);
 #ifdef WITH_SASL
+	ldapinit_mutex_lock();
 	autofs_sasl_dispose(ctxt);
 	autofs_sasl_done();
+	ldapinit_mutex_unlock();
 #endif
 	free_context(ctxt);
 	return rv;