Skip to content

Fix double sending of response in TransportOpenIdConnectPrepareAuthenticationAction#89930

Merged
original-brownbear merged 2 commits intoelastic:mainfrom
original-brownbear:fix-double-send-transport-openid-auth
Sep 9, 2022
Merged

Fix double sending of response in TransportOpenIdConnectPrepareAuthenticationAction#89930
original-brownbear merged 2 commits intoelastic:mainfrom
original-brownbear:fix-double-send-transport-openid-auth

Conversation

@original-brownbear
Copy link
Copy Markdown
Contributor

@original-brownbear original-brownbear commented Sep 8, 2022

This fixes an obvious bug where the listener was resolved twice if any of the first two failure conditions in the changed method were met. Prior to #89873 this would lead to a memory leak.

This is actually observable in the real world looking at cloud failure logs.

@original-brownbear
Fix double sending of response in TransportOpenIdConnectPrepareAuthen…
c704e71 
…ticationAction

This fixes an obvious bug where the listener was resolved twice if any of the first
two failure conditions in the changed method were met.
Prior to #89873 this would lead to a memory leak.
@original-brownbear original-brownbear added >bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v8.5.0 v7.17.7 v8.4.2 labels Sep 8, 2022
@elasticsearchmachine
Copy link
Copy Markdown
Collaborator

elasticsearchmachine commented Sep 8, 2022

Pinging @elastic/es-security (Team:Security)

@elasticsearchmachine elasticsearchmachine added the Team:Security Meta label for security team label Sep 8, 2022
@elasticsearchmachine
Copy link
Copy Markdown
Collaborator

elasticsearchmachine commented Sep 8, 2022

Hi @original-brownbear, I've created a changelog YAML for you.

@slobodanadamovic slobodanadamovic self-assigned this Sep 8, 2022
slobodanadamovic
slobodanadamovic approved these changes Sep 8, 2022
View reviewed changes
Copy link
Copy Markdown
Contributor

@slobodanadamovic slobodanadamovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@original-brownbear
Copy link
Copy Markdown
Contributor Author

original-brownbear commented Sep 9, 2022

Thanks Slobodan!

@original-brownbear original-brownbear merged commit bae3284 into elastic:main Sep 9, 2022
@original-brownbear original-brownbear deleted the fix-double-send-transport-openid-auth branch September 9, 2022 08:19
This was referenced Sep 9, 2022
Merged
Merged
@elasticsearchmachine
Copy link
Copy Markdown
Collaborator

elasticsearchmachine commented Sep 9, 2022

💚 Backport successful

Status Branch Result
7.17
8.4

elasticsearchmachine pushed a commit that referenced this pull request Sep 9, 2022
@original-brownbear
Fix double sending of response in TransportOpenIdConnectPrepareAuthen…
02e0c8f 
…ticationAction (#89930) (#89954)

This fixes an obvious bug where the listener was resolved twice if any of the first
two failure conditions in the changed method were met.
Prior to #89873 this would lead to a memory leak.
elasticsearchmachine pushed a commit that referenced this pull request Sep 9, 2022
@original-brownbear
[7.17] Fix double sending of response in TransportOpenIdConnectPrepar…
cf9e982 
…eAuthenticationAction (#89930) (#89953)

* Fix double sending of response in TransportOpenIdConnectPrepareAuthenticationAction (#89930)

This fixes an obvious bug where the listener was resolved twice if any of the first
two failure conditions in the changed method were met.
Prior to #89873 this would lead to a memory leak.

* fix compile
weizijun added a commit to weizijun/elasticsearch that referenced this pull request Sep 9, 2022
@weizijun
Merge branch 'main' into fixed-parse-tsid
1b2d52b 
* main: (176 commits)
  Fix RandomSamplerAggregatorTests testAggregationSamplingNestedAggsScaled test failure (elastic#89958)
  [Downsampling] Replace document map with SMILE encoded doc (elastic#89495)
  Remove full cluster state from error logging in MasterService (elastic#89960)
  [ML] Truncate categorization fields (elastic#89827)
  [TSDB] Removed `summary` and `histogram` metric types (elastic#89937)
  Update testNodeSelectorRouting so that it does not depend on iteration order (elastic#89879)
  Make sure listener is resolved when file queue is cleared (elastic#89929)
  [Stable plugin api] Extensible annotation (elastic#89903)
  Fix double sending of response in TransportOpenIdConnectPrepareAuthenticationAction (elastic#89930)
  Make sure ivy repo directory exists before downloading artifacts
  Use 'file://' scheme for local repository URL
  Use DRA artifacts for release build CI jobs
  Log unsuccessful attempts to get credentials from web identity tokens (elastic#88241)
  Script: Write Field API path manipulation (elastic#89889)
  Fetch health info action (elastic#89820)
  Fix memory leak in TransportDeleteExpiredDataAction (elastic#89935)
  [ML] Performance improvements for categorization jobs (elastic#89824)
  [DOCS] Revert changes for ES_JAVA_OPTS (elastic#89931)
  Fix deadlock bug exposed by a test (elastic#89934)
  [Downsampling] Remove `FieldValueFetcher` validator (elastic#89497)
  ...
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@slobodanadamovic slobodanadamovic slobodanadamovic approved these changes

Assignees

@slobodanadamovic slobodanadamovic

Labels

>bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team v7.17.7 v8.4.2 v8.5.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@original-brownbear @elasticsearchmachine @slobodanadamovic