Patch: back-passwd needs pwent mutex (ITS#1794)

			================
Written by Hallvard B. Furuseth and placed into the public domain.
This software is not subject to any license of the University of Oslo.
			================

back-passwd uses getpwent() and setpwfile(), which use static data.
It needs a mutex to make sure these operations can complete without
interference from another back-passwd call.  Here is a patch.

Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, May 2002.

diff --git a/servers/slapd/back-passwd/external.h b/servers/slapd/back-passwd/external.h
index db600f341ce8deb6a90b36636be9792ccf5af394..a8a02889cb789a5820555429382da5edf97bf040 100644 (file)
--- a/servers/slapd/back-passwd/external.h
+++ b/servers/slapd/back-passwd/external.h
@@ -5,6 +5,7 @@
 LDAP_BEGIN_DECL
 
 extern BI_init passwd_back_initialize;
+extern BI_destroy      passwd_back_destroy;
 
 extern BI_op_search    passwd_back_search;
 

diff --git a/servers/slapd/back-passwd/init.c b/servers/slapd/back-passwd/init.c
index c34bcf62514288705178a00ab177f1f19d971243..1bb6ad284dfc5d9c0a6e99a9c8095cde519ef1e7 100644 (file)
--- a/servers/slapd/back-passwd/init.c
+++ b/servers/slapd/back-passwd/init.c
@@ -8,7 +8,9 @@
 #include <ac/socket.h>
 
 #include "slap.h"
-#include "external.h"
+#include "back-passwd.h"
+
+ldap_pvt_thread_mutex_t passwd_mutex;
 
 #ifdef SLAPD_PASSWD_DYNAMIC
 
@@ -30,10 +32,12 @@ passwd_back_initialize(
     BackendInfo        *bi
 )
 {
+       ldap_pvt_thread_mutex_init( &passwd_mutex );
+
        bi->bi_open = 0;
        bi->bi_config = 0;
        bi->bi_close = 0;
-       bi->bi_destroy = 0;
+       bi->bi_destroy = passwd_back_destroy;
 
        bi->bi_db_init = 0;
        bi->bi_db_config = passwd_back_db_config;
@@ -62,3 +66,12 @@ passwd_back_initialize(
 
        return 0;
 }
+
+int
+passwd_back_destroy(
+       BackendInfo *bi
+)
+{
+       ldap_pvt_thread_mutex_destroy( &passwd_mutex );
+       return 0;
+}

diff --git a/servers/slapd/back-passwd/search.c b/servers/slapd/back-passwd/search.c
index 4847bfff617bc739f815f6d549727aa35fc31c3f..93af0a6f4ff7c4998238f5b86771f66d61384715 100644 (file)
--- a/servers/slapd/back-passwd/search.c
+++ b/servers/slapd/back-passwd/search.c
@@ -13,9 +13,11 @@
 #include <pwd.h>
 
 #include "slap.h"
-#include "external.h"
+#include "back-passwd.h"
 #include <ldap_pvt.h>
 
+stativ void pw_start( Backend *be );
+
 static Entry *pw2entry(
        Backend *be,
        struct passwd *pw,
@@ -59,14 +61,6 @@ passwd_back_search(
        slimit = (slimit > be->be_sizelimit || slimit < 1) ? be->be_sizelimit
            : slimit;
 
-       endpwent();
-
-#ifdef HAVE_SETPWFILE
-       if ( be->be_private != NULL ) {
-               (void) setpwfile( (char *) be->be_private );
-       }
-#endif /* HAVE_SETPWFILE */
-
        /* Handle a query for the base of this backend */
        if ( be_issuffix( be, nbase ) ) {
                struct berval   vals[2];
@@ -130,10 +124,13 @@ passwd_back_search(
                if ( scope != LDAP_SCOPE_BASE ) {
                        /* check all our "children" */
 
+                       ldap_pvt_thread_mutex_lock( &passwd_mutex );
+                       pw_start( be );
                        for ( pw = getpwent(); pw != NULL; pw = getpwent() ) {
                                /* check for abandon */
                                if ( op->o_abandon ) {
                                        endpwent();
+                                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                        return( -1 );
                                }
 
@@ -142,12 +139,14 @@ passwd_back_search(
                                        send_ldap_result( conn, op, LDAP_TIMELIMIT_EXCEEDED,
                                        NULL, NULL, NULL, NULL );
                                        endpwent();
+                                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                        return( 0 );
                                }
 
                                if ( !(e = pw2entry( be, pw, &text )) ) {
                                        err = LDAP_OPERATIONS_ERROR;
                                        endpwent();
+                                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                        goto done;
                                }
 
@@ -157,6 +156,7 @@ passwd_back_search(
                                                send_ldap_result( conn, op, LDAP_SIZELIMIT_EXCEEDED,
                                                NULL, NULL, NULL, NULL );
                                                endpwent();
+                                               ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                                                return( 0 );
                                        }
 
@@ -168,6 +168,7 @@ passwd_back_search(
                                entry_free( e );
                        }
                        endpwent();
+                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                }
 
        } else {
@@ -201,13 +202,18 @@ passwd_back_search(
                        goto done;
                }
 
+               ldap_pvt_thread_mutex_lock( &passwd_mutex );
+               pw_start( be );
                if ( (pw = getpwnam( rdn[0][0]->la_value.bv_val )) == NULL ) {
                        matched = parent.bv_val;
                        err = LDAP_NO_SUCH_OBJECT;
+                       ldap_pvt_thread_mutex_unlock( &passwd_mutex );
                        goto done;
                }
 
-               if ( !(e = pw2entry( be, pw, &text )) ) {
+               e = pw2entry( be, pw, &text );
+               ldap_pvt_thread_mutex_unlock( &passwd_mutex );
+               if ( !e ) {
                        err = LDAP_OPERATIONS_ERROR;
                        goto done;
                }
@@ -231,6 +237,20 @@ done:
        return( 0 );
 }
 
+static void
+pw_start(
+       Backend *be
+)
+{
+       endpwent();
+
+#ifdef HAVE_SETPWFILE
+       if ( be->be_private != NULL ) {
+               (void) setpwfile( (char *) be->be_private );
+       }
+#endif /* HAVE_SETPWFILE */
+}
+
 static Entry *
 pw2entry( Backend *be, struct passwd *pw, const char **text )
 {