X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fconnection.c;h=439c6fdd1c0210776692d9e015e5479f0d27ef48;hb=b09727567d047cb79c8da8545cca9c8355822185;hp=f1e075eb4582be5f363c928a5f4d14cd4878853c;hpb=ec426532b2cca95330566b1941795dac7e03bb57;p=openldap diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index f1e075eb45..439c6fdd1c 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -15,6 +15,8 @@ #include #include +#include "ldap_pvt.h" +#include "lutil.h" #include "slap.h" /* protected by connections_mutex */ @@ -71,8 +73,13 @@ int connections_init(void) assert( connections == NULL ); if( connections != NULL) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connections_init: already initialized.\n" )); +#else Debug( LDAP_DEBUG_ANY, "connections_init: already initialized.\n", 0, 0, 0 ); +#endif return -1; } @@ -82,9 +89,15 @@ int connections_init(void) connections = (Connection *) calloc( dtblsize, sizeof(Connection) ); if( connections == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connections_init: allocation (%d * %ld) of connection array failed\n", + dtblsize, (long) sizeof(Connection) )); +#else Debug( LDAP_DEBUG_ANY, "connections_init: allocation (%d*%ld) of connection array failed\n", dtblsize, (long) sizeof(Connection), 0 ); +#endif return -1; } @@ -109,8 +122,13 @@ int connections_destroy(void) /* should check return of every call */ if( connections == NULL) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connections_destroy: nothing to destroy.\n")); +#else Debug( LDAP_DEBUG_ANY, "connections_destroy: nothing to destroy.\n", 0, 0, 0 ); +#endif return -1; } @@ -167,9 +185,7 @@ int connections_timeout_idle(time_t now) int connindex; Connection* c; - ldap_pvt_thread_mutex_lock( &connections_mutex ); - - for( c = connection_first( &connindex ); + for( c = connection_first( &connindex ); c != NULL; c = connection_next( c, &connindex ) ) { @@ -182,8 +198,6 @@ int connections_timeout_idle(time_t now) } connection_done( c ); - ldap_pvt_thread_mutex_unlock( &connections_mutex ); - return i; } @@ -193,9 +207,14 @@ static Connection* connection_get( ber_socket_t s ) Connection *c; +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ENTRY, + "connection_get: socket %ld\n", (long)s )); +#else Debug( LDAP_DEBUG_ARGS, "connection_get(%ld)\n", (long) s, 0, 0 ); +#endif assert( connections != NULL ); @@ -253,17 +272,27 @@ static Connection* connection_get( ber_socket_t s ) assert( c->c_conn_state == SLAP_C_INVALID ); assert( sd == AC_SOCKET_INVALID ); +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ARGS, + "connection_get: connection %d not used\n", s )); +#else Debug( LDAP_DEBUG_TRACE, "connection_get(%d): connection not used\n", s, 0, 0 ); +#endif ldap_pvt_thread_mutex_unlock( &c->c_mutex ); return NULL; } +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_RESULTS, + "connection_get: get for %d got connid %ld\n",s, c->c_connid )); +#else Debug( LDAP_DEBUG_TRACE, "connection_get(%d): got connid=%ld\n", s, c->c_connid, 0 ); +#endif c->c_n_get++; @@ -271,7 +300,7 @@ static Connection* connection_get( ber_socket_t s ) assert( c->c_conn_state != SLAP_C_INVALID ); assert( sd != AC_SOCKET_INVALID ); - c->c_activitytime = slap_get_time(); + c->c_activitytime = slap_get_time(); } return c; @@ -288,7 +317,9 @@ long connection_init( const char* dnsname, const char* peername, const char* sockname, - int use_tls ) + int use_tls, + slap_ssf_t ssf, + const char *authid ) { unsigned long id; Connection *c; @@ -304,9 +335,14 @@ long connection_init( #endif if( s == AC_SOCKET_INVALID ) { - Debug( LDAP_DEBUG_ANY, - "connection_init(%ld): invalid.\n", - (long) s, 0, 0 ); +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_init: init of socket %ld invalid.\n", (long)s )); +#else + Debug( LDAP_DEBUG_ANY, + "connection_init(%ld): invalid.\n", + (long) s, 0, 0 ); +#endif return -1; } @@ -326,70 +362,81 @@ long connection_init( c = NULL; - for( i=0; i < dtblsize; i++) { - ber_socket_t sd; + for( i=0; i < dtblsize; i++) { + ber_socket_t sd; - if( connections[i].c_struct_state == SLAP_C_UNINITIALIZED ) { - assert( connections[i].c_sb == 0 ); - c = &connections[i]; - break; - } + if( connections[i].c_struct_state == SLAP_C_UNINITIALIZED ) { + assert( connections[i].c_sb == 0 ); + c = &connections[i]; + break; + } sd = AC_SOCKET_INVALID; if (connections[i].c_sb != NULL) - ber_sockbuf_ctrl( connections[i].c_sb, LBER_SB_OPT_GET_FD, &sd ); + ber_sockbuf_ctrl( connections[i].c_sb, LBER_SB_OPT_GET_FD, &sd ); - if( connections[i].c_struct_state == SLAP_C_UNUSED ) { - assert( sd == AC_SOCKET_INVALID ); - c = &connections[i]; - break; - } - - assert( connections[i].c_struct_state == SLAP_C_USED ); - assert( connections[i].c_conn_state != SLAP_C_INVALID ); - assert( sd != AC_SOCKET_INVALID ); - } - - if( c == NULL ) { - Debug( LDAP_DEBUG_ANY, + if( connections[i].c_struct_state == SLAP_C_UNUSED ) { + assert( sd == AC_SOCKET_INVALID ); + c = &connections[i]; + break; + } + + assert( connections[i].c_struct_state == SLAP_C_USED ); + assert( connections[i].c_conn_state != SLAP_C_INVALID ); + assert( sd != AC_SOCKET_INVALID ); + } + + if( c == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_init: skt %d connection table full (%d/%d)\n", + s, i, dtblsize )); +#else + Debug( LDAP_DEBUG_ANY, "connection_init(%d): connection table full (%d/%d)\n", s, i, dtblsize); - ldap_pvt_thread_mutex_unlock( &connections_mutex ); - return -1; - } +#endif + ldap_pvt_thread_mutex_unlock( &connections_mutex ); + return -1; + } } #endif assert( c != NULL ); - if( c->c_struct_state == SLAP_C_UNINITIALIZED ) { + if( c->c_struct_state == SLAP_C_UNINITIALIZED ) { c->c_authmech = NULL; - c->c_dn = NULL; - c->c_cdn = NULL; + c->c_dn = NULL; + c->c_cdn = NULL; c->c_listener_url = NULL; c->c_peer_domain = NULL; - c->c_peer_name = NULL; - c->c_sock_name = NULL; + c->c_peer_name = NULL; + c->c_sock_name = NULL; - c->c_ops = NULL; - c->c_pending_ops = NULL; + c->c_ops = NULL; + c->c_pending_ops = NULL; c->c_sasl_bind_mech = NULL; -#ifdef HAVE_CYRUS_SASL - c->c_sasl_bind_context = NULL; -#endif + c->c_sasl_context = NULL; + c->c_sasl_extra = NULL; + + c->c_sb = ber_sockbuf_alloc( ); + + { + ber_len_t max = sockbuf_max_incoming; + ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); + } - c->c_sb = ber_sockbuf_alloc( ); c->c_currentber = NULL; - /* should check status of thread calls */ - ldap_pvt_thread_mutex_init( &c->c_mutex ); - ldap_pvt_thread_mutex_init( &c->c_write_mutex ); - ldap_pvt_thread_cond_init( &c->c_write_cv ); + /* should check status of thread calls */ + ldap_pvt_thread_mutex_init( &c->c_mutex ); + ldap_pvt_thread_mutex_init( &c->c_write_mutex ); + ldap_pvt_thread_cond_init( &c->c_write_cv ); - c->c_struct_state = SLAP_C_UNUSED; - } + c->c_struct_state = SLAP_C_UNUSED; + } ldap_pvt_thread_mutex_lock( &c->c_mutex ); @@ -404,9 +451,8 @@ long connection_init( assert( c->c_ops == NULL ); assert( c->c_pending_ops == NULL ); assert( c->c_sasl_bind_mech == NULL ); -#ifdef HAVE_CYRUS_SASL - assert( c->c_sasl_bind_context == NULL ); -#endif + assert( c->c_sasl_context == NULL ); + assert( c->c_sasl_extra == NULL ); assert( c->c_currentber == NULL ); c->c_listener_url = ch_strdup( url ); @@ -423,29 +469,47 @@ long connection_init( c->c_n_read = 0; c->c_n_write = 0; - /* assume LDAPv3 until bind */ - c->c_protocol = LDAP_VERSION3; + /* set to zero until bind, implies LDAP_VERSION3 */ + c->c_protocol = 0; c->c_activitytime = c->c_starttime = slap_get_time(); - ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_tcp, LBER_SBIOD_LEVEL_PROVIDER, - (void *)&s ); - ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_readahead, - LBER_SBIOD_LEVEL_PROVIDER, NULL ); #ifdef LDAP_DEBUG - ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_debug, INT_MAX, NULL ); + ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_debug, + LBER_SBIOD_LEVEL_PROVIDER, (void*)"tcp_" ); #endif - if( ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_NONBLOCK, c /* non-NULL */ ) < 0 ) { - Debug( LDAP_DEBUG_ANY, - "connection_init(%d, %s): set nonblocking failed\n", - s, c->c_peer_name, 0 ); - } + ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_tcp, + LBER_SBIOD_LEVEL_PROVIDER, (void *)&s ); + ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_readahead, + LBER_SBIOD_LEVEL_PROVIDER, NULL ); + +#ifdef LDAP_DEBUG + ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_debug, + INT_MAX, (void*)"ldap_" ); +#endif + + if( ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_NONBLOCK, + c /* non-NULL */ ) < 0 ) + { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_init: conn %d set nonblocking failed\n", + c->c_connid )); +#else + Debug( LDAP_DEBUG_ANY, + "connection_init(%d, %s): set nonblocking failed\n", + s, c->c_peer_name, 0 ); +#endif + } id = c->c_connid = conn_nextid++; c->c_conn_state = SLAP_C_INACTIVE; c->c_struct_state = SLAP_C_USED; + c->c_ssf = c->c_transport_ssf = ssf; + c->c_tls_ssf = 0; + #ifdef HAVE_TLS if ( use_tls ) { c->c_is_tls = 1; @@ -456,6 +520,9 @@ long connection_init( } #endif + slap_sasl_open( c ); + slap_sasl_external( c, ssf, authid ); + ldap_pvt_thread_mutex_unlock( &c->c_mutex ); ldap_pvt_thread_mutex_unlock( &connections_mutex ); @@ -464,6 +531,35 @@ long connection_init( return id; } +void connection2anonymous( Connection *c ) +{ + assert( connections != NULL ); + assert( c != NULL ); + + { + ber_len_t max = sockbuf_max_incoming; + ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); + } + + if(c->c_authmech != NULL ) { + free(c->c_authmech); + c->c_authmech = NULL; + } + + if(c->c_dn != NULL) { + free(c->c_dn); + c->c_dn = NULL; + } + + if(c->c_cdn != NULL) { + free(c->c_cdn); + c->c_cdn = NULL; + } + + c->c_authc_backend = NULL; + c->c_authz_backend = NULL; +} + static void connection_destroy( Connection *c ) { @@ -483,28 +579,19 @@ connection_destroy( Connection *c ) c->c_activitytime = c->c_starttime = 0; - if(c->c_authmech != NULL ) { - free(c->c_authmech); - c->c_authmech = NULL; - } - if(c->c_dn != NULL) { - free(c->c_dn); - c->c_dn = NULL; - } - if(c->c_cdn != NULL) { - free(c->c_cdn); - c->c_cdn = NULL; - } + connection2anonymous( c ); + if(c->c_listener_url != NULL) { free(c->c_listener_url); c->c_listener_url = NULL; } + if(c->c_peer_domain != NULL) { free(c->c_peer_domain); c->c_peer_domain = NULL; } if(c->c_peer_name != NULL) { -#ifdef LDAP_PF_UNIX +#ifdef LDAP_PF_lOCAL /* * If peer was a domain socket, unlink. Mind you, * they may be un-named. Should we leave this to @@ -516,7 +603,7 @@ connection_destroy( Connection *c ) (void)unlink(path); } } -#endif /* LDAP_PF_UNIX */ +#endif /* LDAP_PF_LOCAL */ free(c->c_peer_name); c->c_peer_name = NULL; @@ -531,12 +618,8 @@ connection_destroy( Connection *c ) free(c->c_sasl_bind_mech); c->c_sasl_bind_mech = NULL; } -#ifdef HAVE_CYRUS_SASL - if(c->c_sasl_bind_context != NULL ) { - sasl_dispose( &c->c_sasl_bind_context ); - c->c_sasl_bind_context = NULL; - } -#endif + + slap_sasl_close( c ); if ( c->c_currentber != NULL ) { ber_free( c->c_currentber, 1 ); @@ -552,9 +635,15 @@ connection_destroy( Connection *c ) c->c_connid, sd, 0, 0, 0 ); } - ber_sockbuf_free( c->c_sb ); + ber_sockbuf_free( c->c_sb ); + c->c_sb = ber_sockbuf_alloc( ); + { + ber_len_t max = sockbuf_max_incoming; + ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max ); + } + c->c_conn_state = SLAP_C_INVALID; c->c_struct_state = SLAP_C_UNUSED; } @@ -608,10 +697,15 @@ void connection_closing( Connection *c ) ber_socket_t sd; ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_GET_FD, &sd ); +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1, + "connection_closing: conn %d readying socket %d for close.\n", + c->c_connid, sd )); +#else Debug( LDAP_DEBUG_TRACE, "connection_closing: readying conn=%ld sd=%d for close\n", c->c_connid, sd, 0 ); - +#endif /* update state to closing */ c->c_conn_state = SLAP_C_CLOSING; @@ -640,16 +734,26 @@ static void connection_close( Connection *c ) ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_GET_FD, &sd ); if( c->c_ops != NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1, + "connection_close: conn %d deferring sd %d\n", + c->c_connid, sd )); +#else Debug( LDAP_DEBUG_TRACE, "connection_close: deferring conn=%ld sd=%d\n", c->c_connid, sd, 0 ); - +#endif return; } +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_RESULTS, + "connection_close: conn %d sd %d\n", + c->c_connid, sd )); +#else Debug( LDAP_DEBUG_TRACE, "connection_close: conn=%ld sd=%d\n", c->c_connid, sd, 0 ); - +#endif connection_destroy( c ); } @@ -748,9 +852,15 @@ connection_operation( void *arg_v ) ldap_pvt_thread_mutex_unlock( &num_ops_mutex ); if( conn->c_sasl_bind_in_progress && tag != LDAP_REQ_BIND ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_operation: conn %d SASL bind in progress (tag=%ld).\n", + conn->c_connid, (long)tag )); +#else Debug( LDAP_DEBUG_ANY, "connection_operation: " "error: SASL bind in progress (tag=%ld).\n", (long) tag, 0, 0 ); +#endif send_ldap_result( conn, arg->co_op, rc = LDAP_OPERATIONS_ERROR, NULL, "SASL bind in progress", NULL, NULL ); @@ -799,8 +909,14 @@ connection_operation( void *arg_v ) break; default: +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_operation: conn %d unknown LDAP request 0x%lx\n", + conn->c_connid, tag )); +#else Debug( LDAP_DEBUG_ANY, "unknown LDAP request 0x%lx\n", tag, 0, 0 ); +#endif arg->co_op->o_tag = LBER_ERROR; send_ldap_disconnect( conn, arg->co_op, LDAP_PROTOCOL_ERROR, "unknown LDAP request" ); @@ -862,10 +978,15 @@ int connection_read(ber_socket_t s) c = connection_get( s ); if( c == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_read: sock %ld no connection\n", + (long)s )); +#else Debug( LDAP_DEBUG_ANY, "connection_read(%ld): no connection!\n", (long) s, 0, 0 ); - +#endif slapd_remove(s, 0); ldap_pvt_thread_mutex_unlock( &connections_mutex ); @@ -875,18 +996,28 @@ int connection_read(ber_socket_t s) c->c_n_read++; if( c->c_conn_state == SLAP_C_CLOSING ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_read: conn %d connection closing, ignoring input\n", + c->c_connid)); +#else Debug( LDAP_DEBUG_TRACE, "connection_read(%d): closing, ignoring input for id=%ld\n", s, c->c_connid, 0 ); - +#endif connection_return( c ); ldap_pvt_thread_mutex_unlock( &connections_mutex ); return 0; } +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1, + "connection_read: conn %d checking for input.\n", c->c_connid )); +#else Debug( LDAP_DEBUG_TRACE, "connection_read(%d): checking for input on id=%ld\n", s, c->c_connid, 0 ); +#endif #ifdef HAVE_TLS if ( c->c_is_tls && c->c_needs_tls_accept ) { @@ -895,14 +1026,21 @@ int connection_read(ber_socket_t s) struct timeval tv; fd_set rfd; +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_read: conn %d TLS accept error, error %d\n", + c->c_connid, rc )); +#else Debug( LDAP_DEBUG_TRACE, - "connection_read(%d): TLS accept error error=%d id=%ld, closing\n", - s, rc, c->c_connid ); - + "connection_read(%d): TLS accept error " + "error=%d id=%ld, closing\n", + s, rc, c->c_connid ); +#endif c->c_needs_tls_accept = 0; /* connections_mutex and c_mutex are locked */ connection_closing( c ); +#if 0 /* Drain input before close, to allow SSL error codes * to propagate to client. */ FD_ZERO(&rfd); @@ -916,9 +1054,25 @@ int connection_read(ber_socket_t s) ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_DRAIN, NULL); } +#endif connection_close( c ); + } else if ( rc == 0 ) { + void *ssl; + char *authid; + c->c_needs_tls_accept = 0; + + /* we need to let SASL know */ + ssl = (void *)ldap_pvt_tls_sb_ctx( c->c_sb ); + + c->c_tls_ssf = (slap_ssf_t) ldap_pvt_tls_get_strength( ssl ); + if( c->c_tls_ssf > c->c_ssf ) { + c->c_ssf = c->c_tls_ssf; + } + + authid = (char *)ldap_pvt_tls_get_peer( ssl ); + slap_sasl_external( c, c->c_tls_ssf, authid ); } connection_return( c ); ldap_pvt_thread_mutex_unlock( &connections_mutex ); @@ -926,6 +1080,33 @@ int connection_read(ber_socket_t s) } #endif +#ifdef HAVE_CYRUS_SASL + if ( c->c_sasl_layers ) { + c->c_sasl_layers = 0; + + rc = ldap_pvt_sasl_install( c->c_sb, c->c_sasl_context ); + + if( rc != LDAP_SUCCESS ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_read: conn %d SASL install error %d, closing\n", + c->c_connid, rc )); +#else + Debug( LDAP_DEBUG_TRACE, + "connection_read(%d): SASL install error " + "error=%d id=%ld, closing\n", + s, rc, c->c_connid ); +#endif + /* connections_mutex and c_mutex are locked */ + connection_closing( c ); + connection_close( c ); + connection_return( c ); + ldap_pvt_thread_mutex_unlock( &connections_mutex ); + return 0; + } + } +#endif + #define CONNECTION_INPUT_LOOP 1 #ifdef DATA_READY_LOOP @@ -939,19 +1120,31 @@ int connection_read(ber_socket_t s) } if( rc < 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_read: conn %d input error %d, closing.\n", + c->c_connid, rc )); +#else Debug( LDAP_DEBUG_TRACE, "connection_read(%d): input error=%d id=%ld, closing.\n", s, rc, c->c_connid ); - +#endif /* connections_mutex and c_mutex are locked */ connection_closing( c ); connection_close( c ); + connection_return( c ); + ldap_pvt_thread_mutex_unlock( &connections_mutex ); + return 0; } - if ( ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_NEEDS_READ, NULL ) ) + if ( ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_NEEDS_READ, NULL ) ) { slapd_set_read( s, 1 ); - if ( ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_NEEDS_WRITE, NULL ) ) + } + + if ( ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_NEEDS_WRITE, NULL ) ) { slapd_set_write( s, 1 ); + } + connection_return( c ); ldap_pvt_thread_mutex_unlock( &connections_mutex ); return 0; @@ -970,23 +1163,33 @@ connection_input( if ( conn->c_currentber == NULL && (conn->c_currentber = ber_alloc()) == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_input: conn %d ber_alloc failed.\n", conn->c_connid )); +#else Debug( LDAP_DEBUG_ANY, "ber_alloc failed\n", 0, 0, 0 ); +#endif return -1; } errno = 0; - if ( (tag = ber_get_next( conn->c_sb, &len, conn->c_currentber )) - != LDAP_TAG_MESSAGE ) - { + + tag = ber_get_next( conn->c_sb, &len, conn->c_currentber ); + if ( tag != LDAP_TAG_MESSAGE ) { int err = errno; ber_socket_t sd; ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_GET_FD, &sd ); +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_input: conn %d ber_get_next failed, errno %d (%s).\n", + conn->c_connid, err, sock_errstr(err) )); +#else Debug( LDAP_DEBUG_TRACE, "ber_get_next on fd %d failed errno=%d (%s)\n", sd, err, sock_errstr(err) ); - +#endif if ( err != EWOULDBLOCK && err != EAGAIN ) { /* log, close and send error */ ber_free( conn->c_currentber, 1 ); @@ -1002,16 +1205,28 @@ connection_input( if ( (tag = ber_get_int( ber, &msgid )) != LDAP_TAG_MSGID ) { /* log, close and send error */ +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_input: conn %d ber_get_int returns 0x%lx.\n", + conn->c_connid, tag )); +#else Debug( LDAP_DEBUG_ANY, "ber_get_int returns 0x%lx\n", tag, 0, 0 ); +#endif ber_free( ber, 1 ); return -1; } if ( (tag = ber_peek_tag( ber, &len )) == LBER_ERROR ) { /* log, close and send error */ +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_input: conn %d ber_peek_tag returns 0x%lx.\n", + conn->c_connid, tag )); +#else Debug( LDAP_DEBUG_ANY, "ber_peek_tag returns 0x%lx\n", tag, 0, 0 ); +#endif ber_free( ber, 1 ); return -1; @@ -1027,7 +1242,13 @@ connection_input( if ( conn->c_conn_state == SLAP_C_BINDING || conn->c_conn_state == SLAP_C_CLOSING ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_input: conn %d deferring operation\n", + conn->c_connid )); +#else Debug( LDAP_DEBUG_ANY, "deferring operation\n", 0, 0, 0 ); +#endif conn->c_n_ops_pending++; slap_op_add( &conn->c_pending_ops, op ); @@ -1053,15 +1274,56 @@ connection_resched( Connection *conn ) Operation *op; if( conn->c_conn_state == SLAP_C_CLOSING ) { + int rc; ber_socket_t sd; - ber_sockbuf_ctrl( conn->c_sb, LBER_SB_OPT_GET_FD, &sd ); - Debug( LDAP_DEBUG_TRACE, - "connection_resched: attempting closing conn=%ld sd=%d\n", - conn->c_connid, sd, 0 ); - ldap_pvt_thread_mutex_lock( &connections_mutex ); - connection_close( conn ); + /* us trylock to avoid possible deadlock */ + rc = ldap_pvt_thread_mutex_trylock( &connections_mutex ); + + if( rc ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1, + "connection_resched: conn %d reaquiring locks.\n", + conn->c_connid )); +#else + Debug( LDAP_DEBUG_TRACE, + "connection_resched: reaquiring locks conn=%ld sd=%d\n", + conn->c_connid, sd, 0 ); +#endif + /* + * reaquire locks in the right order... + * this may allow another thread to close this connection, + * so recheck state below. + */ + ldap_pvt_thread_mutex_unlock( &conn->c_mutex ); + ldap_pvt_thread_mutex_lock( &connections_mutex ); + ldap_pvt_thread_mutex_lock( &conn->c_mutex ); + } + + if( conn->c_conn_state != SLAP_C_CLOSING ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_INFO, + "connection_resched: conn %d closed by other thread.\n", + conn->c_connid )); +#else + Debug( LDAP_DEBUG_TRACE, "connection_resched: " + "closed by other thread conn=%ld sd=%d\n", + conn->c_connid, sd, 0 ); +#endif + } else { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1, + "connection_resched: conn %d attempting closing.\n", + conn->c_connid )); +#else + Debug( LDAP_DEBUG_TRACE, "connection_resched: " + "attempting closing conn=%ld sd=%d\n", + conn->c_connid, sd, 0 ); +#endif + connection_close( conn ); + } + ldap_pvt_thread_mutex_unlock( &connections_mutex ); return 0; } @@ -1093,7 +1355,6 @@ connection_resched( Connection *conn ) static int connection_op_activate( Connection *conn, Operation *op ) { struct co_arg *arg; - char *tmpdn; int status; ber_tag_t tag = op->o_tag; @@ -1101,40 +1362,36 @@ static int connection_op_activate( Connection *conn, Operation *op ) conn->c_conn_state = SLAP_C_BINDING; } - if ( conn->c_dn != NULL ) { - tmpdn = ch_strdup( conn->c_dn ); - } else { - tmpdn = NULL; - } - arg = (struct co_arg *) ch_malloc( sizeof(struct co_arg) ); arg->co_conn = conn; arg->co_op = op; - arg->co_op->o_dn = ch_strdup( tmpdn != NULL ? tmpdn : "" ); + arg->co_op->o_authz = conn->c_authz; + arg->co_op->o_dn = ch_strdup( conn->c_dn != NULL ? conn->c_dn : "" ); arg->co_op->o_ndn = ch_strdup( arg->co_op->o_dn ); (void) dn_normalize( arg->co_op->o_ndn ); - - arg->co_op->o_protocol = conn->c_protocol; - arg->co_op->o_connid = conn->c_connid; - arg->co_op->o_authtype = conn->c_authtype; arg->co_op->o_authmech = conn->c_authmech != NULL ? ch_strdup( conn->c_authmech ) : NULL; - slap_op_add( &conn->c_ops, arg->co_op ); + arg->co_op->o_protocol = conn->c_protocol + ? conn->c_protocol : LDAP_VERSION3; + arg->co_op->o_connid = conn->c_connid; - if( tmpdn != NULL ) { - free( tmpdn ); - } + slap_op_add( &conn->c_ops, arg->co_op ); status = ldap_pvt_thread_pool_submit( &connection_pool, connection_operation, (void *) arg ); if ( status != 0 ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_op_activate: conn %d thread pool submit failed.\n", + conn->c_connid )); +#else Debug( LDAP_DEBUG_ANY, - "ldap_pvt_thread_create failed (%d)\n", status, 0, 0 ); - + "ldap_pvt_thread_pool_submit failed (%d)\n", status, 0, 0 ); +#endif /* should move op to pending list */ } @@ -1153,9 +1410,14 @@ int connection_write(ber_socket_t s) slapd_clr_write( s, 0); if( c == NULL ) { +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_ERR, + "connection_write: sock %ld no connection!\n",(long)s)); +#else Debug( LDAP_DEBUG_ANY, "connection_write(%ld): no connection!\n", (long) s, 0, 0 ); +#endif slapd_remove(s, 0); ldap_pvt_thread_mutex_unlock( &connections_mutex ); return -1; @@ -1163,10 +1425,15 @@ int connection_write(ber_socket_t s) c->c_n_write++; +#ifdef NEW_LOGGING + LDAP_LOG(( "connection", LDAP_LEVEL_DETAIL1, + "connection_write conn %d waking output.\n", + c->c_connid )); +#else Debug( LDAP_DEBUG_TRACE, "connection_write(%d): waking output for id=%ld\n", s, c->c_connid, 0 ); - +#endif ldap_pvt_thread_cond_signal( &c->c_write_cv ); if ( ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_NEEDS_READ, NULL ) ) @@ -1177,3 +1444,66 @@ int connection_write(ber_socket_t s) ldap_pvt_thread_mutex_unlock( &connections_mutex ); return 0; } + + +/* + * Create client side and server side connection structures, connected to + * one another, for the front end to use for searches on arbitrary back ends. + */ + +int connection_internal_open( Connection **conn, LDAP **ldp, const char *id ) +{ + int rc; + ber_socket_t fd[2] = {-1,-1}; + Operation *op; + + *conn=NULL; + *ldp=NULL; + + rc = lutil_pair( fd ); + if( rc == -1 ) { + return LDAP_OTHER; + } + + rc = connection_init( fd[1], "INT", "localhost", + "localhost:0", "localhost:00", 0, 256, id ); + if( rc < 0 ) { + tcp_close( fd[0] ); + tcp_close( fd[1] ); + return LDAP_OTHER; + } + slapd_add_internal( fd[1] ); + + /* A search operation, number 0 */ + op = slap_op_alloc( NULL, 0, LDAP_REQ_SEARCH, 0); + op->o_ndn = ch_strdup( id ); + op->o_protocol = LDAP_VERSION3; + + (*conn) = connection_get( fd[1] ); + (*conn)->c_ops = op; + (*conn)->c_conn_state = SLAP_C_ACTIVE; + + + /* Create the client side of the connection */ + rc = ldap_open_internal_connection( ldp, &(fd[0]) ); + if( rc != LDAP_SUCCESS ) { + tcp_close( fd[0] ); + return LDAP_OTHER; + } + + /* The connection_get() will have locked the connection's mutex */ + ldap_pvt_thread_mutex_unlock( &((*conn)->c_mutex) ); + + return LDAP_SUCCESS; +} + + +void connection_internal_close( Connection *conn ) +{ + Operation *op = conn->c_ops; + + slap_op_remove( &conn->c_ops, op ); + slap_op_free( op ); + connection_closing( conn ); + connection_close( conn ); +}