Null AuthData causes kernel panic during LDAP sync

Description

Environment

  • Mattermost Server: 5.25.2

Steps to Reproduce

1. Configure LDAP sync and have some users set up to return a null value for the AuthData value. (Setting the LDAP IdAttribute to objectGUID can cause this)
2. Do an LDAP sync in a cluster

Expected Behavior

Sync is successful, cluster operates normally, null users show an error in LDAP sync report

Observed Behavior

The null value causes a nil pointer dereference panic for all servers in the cluster:

Users with these ObjectGUIDs had a null value in their AuthData. Manually adding them resolved the issue:

  • \f6\d3\ff\6e\f1\35\fd\49\a1\31\7c\59\e4\85\b7\c9

  • \72\83\bd\54\3a\d3\01\49\9d\89\72\7b\90\53\27\c0

  • \30\60\2c\44\d7\f4\03\49\9e\a2\c8\aa\54\77\97\ab

  • \56\0c\d7\45\d1\ef\67\4e\81\c4\bc\ec\43\1c\71\69

  • \3f\a8\ce\60\73\48\fe\45\a1\6c\c7\4b\db\56\79\e8

  • \22\42\1b\d9\a4\2d\02\47\83\0d\14\69\ec\a0\ec\04

  • \24\ab\ae\0e\f0\13\3d\44\aa\43\67\2f\cd\0b\0c\27

  • \af\3f\f1\64\2a\ba\7f\4e\83\db\12\12\87\72\44\6e

  • \7e\6a\2a\ec\e8\72\99\46\bd\93\9d\d6\50\9e\04\84

  • \af\34\16\4a\4f\8a\a8\4c\81\96\0d\c6\b8\ef\01\d3

  • \0d\93\b9\34\f2\a5\28\47\b9\39\13\60\ea\21\38\87

  • \6c\72\1e\52\c2\cc\bf\44\99\8d\bd\a9\e5\14\0c\65

QA Test Steps

As described.

Activity

Show:
Amy Blais
August 21, 2020, 6:29 PM
Martin Kraft
August 25, 2020, 12:03 AM

I have cherry-picked this fix to the following branches:

  • release-2.27

  • release-2.26

  • release-2.25

Linda Mitchell
August 25, 2020, 8:04 PM

Tested and passed on ESR v5.25.4-rc4 (esr.test). Basic LDAP smoke tests passed with no issues found.

Linda Mitchell
August 25, 2020, 8:24 PM

tested on the v5.26.1-rc3 (prev.test) and passed. Basic LDAP smoke tests passed with no issues found.

Linda Mitchell
August 25, 2020, 11:53 PM

Verified high-level smoke tests on v5.27 release branch as well, no issues found. More detailed tests will also be run soon during release testing. Closing this ticket.

Done

Mana

None

Assignee

Martin Kraft

QA Assignee

Linda Mitchell

Reporter

Paul Rothrock

Epic Link

None

Mattermost Team

Enterprise

Sprint

None

Labels

QA Testing Areas

AD/LDAP

GitHub Issue

None

Components

None

Severity

None
Configure