fix(web/panettone): unbind LDAP connections after auth

unbind & close the stream of newly created LDAP connections after
auth, which might prevent some of the resource leaking we've got going
on

i did actually verify in sly that this still works. yay.

Change-Id: I92c8ca20de642585ae4c24aa455d051ee6e44a87
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5193
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
This commit is contained in:
Vincent Ambo 2022-02-02 20:55:39 +03:00 committed by tazjin
parent 0d0b43ed88
commit 67a31e7252

View file

@ -103,13 +103,13 @@ instance of `user'"
request against the ldap server at *ldap*. Returns the user if authentication is request against the ldap server at *ldap*. Returns the user if authentication is
successful, `nil' otherwise" successful, `nil' otherwise"
(when-let ((user (if (typep user-or-username 'user) user-or-username (when-let ((user (if (typep user-or-username 'user) user-or-username
(find-user user-or-username)))) (find-user user-or-username))))
(let ((dn (dn user))) (let* ((dn (dn user))
(let ((code-sym (conn (ldap:new-ldap :host (ldap:host *ldap*)
(nth-value 1 (ldap:bind :port (ldap:port *ldap*)
(ldap:new-ldap :host (ldap:host *ldap*) :user dn
:port (ldap:port *ldap*) :pass password))
:user dn (code-sym (nth-value 1 (unwind-protect (ldap:bind conn)
:pass password))))) (ldap:unbind conn)))))
(when (equalp code-sym 'trivial-ldap:success) (when (equalp code-sym 'trivial-ldap:success)
user))))) user))))