[libbeat] [translate_ldap_attribute] Not block on SSPI negotiation#48444
Merged
marc-gr merged 4 commits intoelastic:mainfrom Jan 28, 2026
Merged
[libbeat] [translate_ldap_attribute] Not block on SSPI negotiation#48444marc-gr merged 4 commits intoelastic:mainfrom
marc-gr merged 4 commits intoelastic:mainfrom
Conversation
marc-gr
added
:Processors
bugfix
Team:Security-Windows Platform
botelastic
bot
added
the
needs_team
Contributor
|
Pinging @elastic/sec-windows-platform (Team:Security-Windows Platform) |
botelastic
bot
removed
the
needs_team
Contributor
🤖 GitHub commentsJust comment with:
|
Contributor
ricardo-estc
approved these changes
Jan 27, 2026
…nd prevent goroutine leaks
intxgo
reviewed
Jan 27, 2026
Contributor
intxgo
left a comment
intxgo
left a comment
There was a problem hiding this comment.
perhaps it's worth clearing the timeout error circuit breaker if it turns out the go routine eventually succeeds
intxgo
approved these changes
Jan 27, 2026
nfritts
approved these changes
Jan 27, 2026
mergify bot
pushed a commit
that referenced
this pull request
Jan 28, 2026
…48444) * Not block on SSPI negotiation * Implement circuit breaker for SSPI bind attempts to prevent goroutine leaks * Refactor SSPI bind logic to use atomic boolean for timeout handling and prevent goroutine leaks * Reset SSPI timeout flag after bind operation to prevent incorrect timeout handling (cherry picked from commit 708f325)
Open
6 tasks
mergify bot
pushed a commit
that referenced
this pull request
Jan 28, 2026
…48444) * Not block on SSPI negotiation * Implement circuit breaker for SSPI bind attempts to prevent goroutine leaks * Refactor SSPI bind logic to use atomic boolean for timeout handling and prevent goroutine leaks * Reset SSPI timeout flag after bind operation to prevent incorrect timeout handling (cherry picked from commit 708f325)
Merged
6 tasks
marc-gr
added a commit
that referenced
this pull request
Jan 28, 2026
…48444) (#48574) * Not block on SSPI negotiation * Implement circuit breaker for SSPI bind attempts to prevent goroutine leaks * Refactor SSPI bind logic to use atomic boolean for timeout handling and prevent goroutine leaks * Reset SSPI timeout flag after bind operation to prevent incorrect timeout handling (cherry picked from commit 708f325) Co-authored-by: Marc Guasch <marc-gr@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Proposed commit message
When negotiating credentials through SSPI, if the user is not member of a directory, the call might hang indefinitely. This change prevents the pipeline to wait forever.
Note there is no way to interrupt or cancel the SSPI call, so that goroutine will run forever.
Checklist
stresstest.shscript to run them under stress conditions and race detector to verify their stability../changelog/fragmentsusing the changelog tool.