Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

core/login: fix potential deadlock for failed logins when user lockout is enabled #25697

Merged
merged 2 commits into from Feb 29, 2024
Merged

core/login: fix potential deadlock for failed logins when user lockout is enabled #25697

merged 2 commits into from Feb 29, 2024

Conversation

jasonodonnell
Copy link
Contributor

@jasonodonnell jasonodonnell commented Feb 28, 2024
edited

Semgrep found an instance in user lockout request handling where we can return without unlocking due to an error.

@jasonodonnell jasonodonnell added this to the 1.16.0 milestone Feb 28, 2024
@jasonodonnell jasonodonnell requested review from akshya96 and a team February 28, 2024 20:00
@github-actions github-actions bot added the hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed label Feb 28, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 28, 2024
edited

Build Results:
All builds succeeded! ✅

@github-actions GitHub Actions
Copy link

github-actions bot commented Feb 28, 2024
edited

CI Results:
All Go tests succeeded! ✅

akshya96
akshya96 approved these changes Feb 28, 2024
View reviewed changes
Copy link
Contributor

@akshya96 akshya96 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@jasonodonnell jasonodonnell added backport/1.13.x Backport changes to `release/1.13.x` backport/1.14.x Backport changes to `release/1.14.x` backport/1.15.x Backport changes to `release/1.15.x` backport/1.16.x Backport changes to `release/1.16.x` labels Feb 28, 2024
banks
banks approved these changes Feb 29, 2024
View reviewed changes
Copy link
Member

@banks banks left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice find Jason, thanks!

@jasonodonnell jasonodonnell merged commit fb7f872 into main Feb 29, 2024
95 checks passed
@jasonodonnell jasonodonnell deleted the deadlock-failed-login branch February 29, 2024 15:30
This was referenced Feb 29, 2024
Closed
Merged
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@banks banks banks approved these changes

@akshya96 akshya96 akshya96 approved these changes

Assignees
No one assigned
Labels
backport/1.13.x Backport changes to `release/1.13.x` backport/1.14.x Backport changes to `release/1.14.x` backport/1.15.x Backport changes to `release/1.15.x` backport/1.16.x Backport changes to `release/1.16.x` hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.16.0
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jasonodonnell @banks @akshya96