Backout the input exhaustion change, it loops. Still looking for

[openldap] / servers / slapd / connection.c

diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index bea96c20b049a081ee1296cb1b796062a9852a7b..a5476ad0b3022e9588698d6323cbfbdd06c5c479 100644 (file)
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -273,12 +273,16 @@ long connection_init(
        ber_socket_t s,
        const char* name,
        const char* addr,
-       int use_tls)
+       int use_tls )
 {
        unsigned long id;
        Connection *c;
        assert( connections != NULL );
 
+#ifndef HAVE_TLS
+       assert( !use_tls );
+#endif
+
        if( s == AC_SOCKET_INVALID ) {
         Debug( LDAP_DEBUG_ANY,
                        "connection_init(%ld): invalid.\n",
@@ -396,16 +400,8 @@ long connection_init(
 
 #ifdef HAVE_TLS
     if ( use_tls ) {
-           /* FIXME: >0 means incomplete read */
-           if ( ldap_pvt_tls_accept( c->c_sb, NULL ) < 0 ) {
-                   Debug( LDAP_DEBUG_ANY,
-                          "connection_init(%d): TLS accept failed.\n",
-                               s, 0, 0);
-                   ldap_pvt_thread_mutex_unlock( &c->c_mutex );
-                   ldap_pvt_thread_mutex_unlock( &connections_mutex );
-                   connection_destroy( c );
-                   return -1;
-           }
+           c->c_is_tls = 1;
+           c->c_needs_tls_accept = 1;
     }
 #endif
 
@@ -431,6 +427,7 @@ connection_destroy( Connection *c )
     backend_connection_destroy(c);
 
     c->c_protocol = 0;
+    c->c_connid = -1;
 
     c->c_activitytime = c->c_starttime = 0;
 
@@ -796,6 +793,27 @@ int connection_read(ber_socket_t s)
                "connection_read(%d): checking for input on id=%ld\n",
                s, c->c_connid, 0 );
 
+#ifdef HAVE_TLS
+       if ( c->c_is_tls && c->c_needs_tls_accept ) {
+               rc = ldap_pvt_tls_accept( c->c_sb, NULL );
+               if ( rc < 0 ) {
+                       Debug( LDAP_DEBUG_TRACE,
+                              "connection_read(%d): TLS accept error error=%d id=%ld, closing.\n",
+                              s, rc, c->c_connid );
+
+                       c->c_needs_tls_accept = 0;
+                       /* connections_mutex and c_mutex are locked */
+                       connection_closing( c );
+                       connection_close( c );
+               } else if ( rc == 0 ) {
+                       c->c_needs_tls_accept = 0;
+               }
+               connection_return( c );
+               ldap_pvt_thread_mutex_unlock( &connections_mutex );
+               return 0;
+       }
+#endif
+
 #define CONNECTION_INPUT_LOOP 1
 
 #ifdef DATA_READY_LOOP
@@ -804,6 +822,7 @@ int connection_read(ber_socket_t s)
        while(!rc)
 #endif
        {
+               /* How do we do this without getting into a busy loop ? */
                rc = connection_input( c );
        }
 
@@ -817,6 +836,10 @@ int connection_read(ber_socket_t s)
                connection_close( c );
        }
 
+       if ( ber_pvt_sb_needs_read( c->c_sb ) )
+               slapd_set_read( s, 1 );
+       if ( ber_pvt_sb_needs_write( c->c_sb ) )
+               slapd_set_write( s, 1 );
        connection_return( c );
        ldap_pvt_thread_mutex_unlock( &connections_mutex );
        return 0;
@@ -979,6 +1002,7 @@ static int connection_op_activate( Connection *conn, Operation *op )
        arg->co_op->o_ndn = dn_normalize_case( ch_strdup( arg->co_op->o_dn ) );
 
        arg->co_op->o_protocol = conn->c_protocol;
+       arg->co_op->o_connid = conn->c_connid;
 
        arg->co_op->o_authtype = conn->c_authtype;
        arg->co_op->o_authmech = conn->c_authmech != NULL
@@ -1035,6 +1059,10 @@ int connection_write(ber_socket_t s)
 
        ldap_pvt_thread_cond_signal( &c->c_write_cv );
 
+       if ( ber_pvt_sb_needs_read( c->c_sb ) )
+               slapd_set_read( s, 1 );
+       if ( ber_pvt_sb_needs_write( c->c_sb ) )
+               slapd_set_write( s, 1 );
        connection_return( c );
        ldap_pvt_thread_mutex_unlock( &connections_mutex );
        return 0;