From: Howard Chu Date: Sat, 12 Apr 2003 06:56:42 +0000 (+0000) Subject: Memory context tweaks for Bind X-Git-Tag: OPENLDAP_REL_ENG_2_2_0ALPHA~382 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=280fc819cf9e8b05efa4df875291af0f20666d40;p=openldap Memory context tweaks for Bind --- diff --git a/servers/slapd/acl.c b/servers/slapd/acl.c index d51e3c7aaf..9662615ced 100644 --- a/servers/slapd/acl.c +++ b/servers/slapd/acl.c @@ -1424,9 +1424,9 @@ aci_get_part( } BerVarray -aci_set_gather (void *cookie, struct berval *name, struct berval *attr) +aci_set_gather (SetCookie *cookie, struct berval *name, struct berval *attr) { - AciSetCookie *cp = cookie; + AciSetCookie *cp = (AciSetCookie *)cookie; BerVarray bvals = NULL; struct berval ndn; @@ -1435,14 +1435,14 @@ aci_set_gather (void *cookie, struct berval *name, struct berval *attr) * also return the syntax or some "comparison cookie". */ - if (dnNormalize2(NULL, name, &ndn, cp->op->o_tmpmemctx ) == LDAP_SUCCESS) { + if (dnNormalize2(NULL, name, &ndn, cp->op->o_tmpmemctx) == LDAP_SUCCESS) { const char *text; AttributeDescription *desc = NULL; if (slap_bv2ad(attr, &desc, &text) == LDAP_SUCCESS) { backend_attribute(cp->op, cp->e, &ndn, desc, &bvals); } - free(ndn.bv_val); + sl_free(ndn.bv_val, cp->op->o_tmpmemctx); } return(bvals); } @@ -1460,7 +1460,7 @@ aci_match_set ( AciSetCookie cookie; if (setref == 0) { - ber_dupbv( &set, subj ); + ber_dupbv_x( &set, subj, op->o_tmpmemctx ); } else { struct berval subjdn, ndn = { 0, NULL }; struct berval setat; @@ -1497,7 +1497,7 @@ aci_match_set ( bvals[0].bv_val = bvals[i-1].bv_val; bvals[i-1].bv_val = NULL; } - ber_bvarray_free(bvals); + ber_bvarray_free_x(bvals, op->o_tmpmemctx); } } if (ndn.bv_val) @@ -1508,9 +1508,9 @@ aci_match_set ( if (set.bv_val != NULL) { cookie.op = op; cookie.e = e; - rc = (slap_set_filter(aci_set_gather, &cookie, &set, + rc = (slap_set_filter(aci_set_gather, (SetCookie *)&cookie, &set, &op->o_ndn, &e->e_nname, NULL) > 0); - ch_free(set.bv_val); + sl_free(set.bv_val, op->o_tmpmemctx); } return(rc); } diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index f1c319d6bb..3ee3331675 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -1206,7 +1206,7 @@ backend_attribute( for ( i=0; a->a_vals[i].bv_val; i++ ) ; - v = ch_malloc( sizeof(struct berval) * (i+1) ); + v = op->o_tmpalloc( sizeof(struct berval) * (i+1), op->o_tmpmemctx ); for ( i=0,j=0; a->a_vals[i].bv_val; i++ ) { if ( op->o_conn && access_allowed( op, e, entry_at, @@ -1214,13 +1214,12 @@ backend_attribute( ACL_AUTH, &acl_state ) == 0 ) { continue; } - ber_dupbv( &v[j], - &a->a_nvals[i] - ); + ber_dupbv_x( &v[j], + &a->a_nvals[i], op->o_tmpmemctx ); if (v[j].bv_val ) j++; } if (j == 0) { - ch_free( v ); + op->o_tmpfree( v, op->o_tmpmemctx ); *vals = NULL; rc = LDAP_INSUFFICIENT_ACCESS; } else { diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c index 1c6c29612e..b4c1cf72b1 100644 --- a/servers/slapd/bind.c +++ b/servers/slapd/bind.c @@ -161,6 +161,10 @@ do_bind( goto cleanup; } + /* We use the tmpmemctx here because it speeds up normalization. + * However, we must dup with regular malloc when storing any + * resulting DNs in the op or conn structures. + */ rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx ); if ( rs->sr_err != LDAP_SUCCESS ) { #ifdef NEW_LOGGING @@ -292,11 +296,14 @@ do_bind( ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); if( rs->sr_err == LDAP_SUCCESS ) { - op->o_conn->c_dn = op->orb_edn; + ber_dupbv(&op->o_conn->c_dn, &op->orb_edn); if( op->orb_edn.bv_len != 0 ) { /* edn is always normalized already */ ber_dupbv( &op->o_conn->c_ndn, &op->o_conn->c_dn ); } + op->o_tmpfree( op->orb_edn.bv_val, op->o_tmpmemctx ); + op->orb_edn.bv_val = NULL; + op->orb_edn.bv_len = 0; op->o_conn->c_authmech = op->o_conn->c_sasl_bind_mech; op->o_conn->c_sasl_bind_mech.bv_val = NULL; op->o_conn->c_sasl_bind_mech.bv_len = 0; @@ -428,7 +435,7 @@ do_bind( { rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED; rs->sr_text = "unwilling to perform simple authentication " - "without confidentilty protection"; + "without confidentiality protection"; send_ldap_result( op, rs ); @@ -542,13 +549,16 @@ do_bind( /* Set the new connection DN. */ if ( rs->sr_err != SLAPI_BIND_ANONYMOUS ) { slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&op->orb_edn.bv_val ); + if ( op->orb_edn.bv_val ) op->orb_edn.bv_len = strlen( op->orb_edn.bv_val ); } rs->sr_err = dnPrettyNormal( NULL, &op->orb_edn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx ); ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex ); - op->o_conn->c_dn = op->o_req_dn; - op->o_conn->c_ndn = op->o_req_ndn; + ber_dupbv(&op->o_conn->c_dn, &op->o_req_dn); + ber_dupbv(&op->o_conn->c_ndn, &op->o_req_ndn); + op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx ); op->o_req_dn.bv_val = NULL; op->o_req_dn.bv_len = 0; + op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx ); op->o_req_ndn.bv_val = NULL; op->o_req_ndn.bv_len = 0; if ( op->o_conn->c_dn.bv_len != 0 ) { @@ -585,6 +595,7 @@ do_bind( op->o_conn->c_authz_backend = op->o_bd; } + /* be_bind returns regular/global edn */ if(op->orb_edn.bv_len) { op->o_conn->c_dn = op->orb_edn; } else { diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index 09410a3f27..343a4f3bb2 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -919,7 +919,7 @@ connection_operation( void *ctx, void *arg_v ) memsiz = ber_len( op->o_ber ) * 32; if ( SLAB_SIZE > memsiz ) memsiz = SLAB_SIZE; - if ( tag == LDAP_REQ_SEARCH ) { + if ( tag == LDAP_REQ_SEARCH || tag == LDAP_REQ_BIND ) { memctx = sl_mem_create( memsiz, ctx ); ber_set_option( op->o_ber, LBER_OPT_BER_MEMCTX, memctx ); op->o_tmpmemctx = memctx; diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 6f95c5edfb..45fe39a95c 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -1563,7 +1563,7 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len, /* EXTERNAL DNs are already normalized */ do_norm = 0; is_dn = SET_DN; - ber_str2bv( id, len, 1, dn ); + ber_str2bv_x( id, len, 1, dn, op->o_tmpmemctx ); } else { /* convert to u: form */ diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index cb89fe4791..7b44cd6768 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -228,7 +228,8 @@ static void slap_sasl_rx_exp( const int *off, regmatch_t *str, const char *saslname, - struct berval *out ) + struct berval *out, + void *ctx ) { int i, n, len, insert; @@ -247,7 +248,7 @@ static void slap_sasl_rx_exp( len += str[i].rm_eo - str[i].rm_so; n++; } - out->bv_val = ch_malloc( len + 1 ); + out->bv_val = sl_malloc( len + 1, ctx ); out->bv_len = len; /* Fill in URI with replace string, replacing $i as we go */ @@ -277,7 +278,7 @@ static void slap_sasl_rx_exp( LDAP URI to find the matching LDAP entry, using the pattern matching strings given in the saslregexp config file directive(s) */ -static int slap_sasl_regexp( struct berval *in, struct berval *out ) +static int slap_sasl_regexp( struct berval *in, struct berval *out, void *ctx ) { char *saslname = in->bv_val; SaslRegexp_t *reg; @@ -312,7 +313,7 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out ) * to replace the $1,$2 with the strings that matched (b.*) and (d.*) */ slap_sasl_rx_exp( reg->sr_replace, reg->sr_offset, - reg->sr_strings, saslname, out ); + reg->sr_strings, saslname, out, ctx ); #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, @@ -336,7 +337,7 @@ static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs ) /* We only want to be called once */ if( ndn->bv_val ) { - free(ndn->bv_val); + o->o_tmpfree(ndn->bv_val, o->o_tmpmemctx); ndn->bv_val = NULL; #ifdef NEW_LOGGING @@ -349,7 +350,7 @@ static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs ) return -1; } - ber_dupbv(ndn, &rs->sr_entry->e_nname); + ber_dupbv_x(ndn, &rs->sr_entry->e_nname, o->o_tmpmemctx); return 0; } @@ -465,7 +466,7 @@ int slap_sasl_match(Operation *opx, struct berval *rule, struct berval *assertDN } CONCLUDED: - if( op.o_req_ndn.bv_len ) ch_free( op.o_req_ndn.bv_val ); + if( op.o_req_ndn.bv_len ) sl_free( op.o_req_ndn.bv_val, opx->o_tmpmemctx ); if( op.oq_search.rs_filter ) filter_free_x( opx, op.oq_search.rs_filter ); #ifdef NEW_LOGGING @@ -567,12 +568,12 @@ void slap_sasl2dn( Operation *opx, cb.sc_private = sasldn; /* Convert the SASL name into a minimal URI */ - if( !slap_sasl_regexp( saslname, ®out ) ) { + if( !slap_sasl_regexp( saslname, ®out, opx->o_tmpmemctx ) ) { goto FINISHED; } rc = slap_parseURI( opx, ®out, &op.o_req_ndn, &op.oq_search.rs_scope, &op.oq_search.rs_filter ); - if( regout.bv_val ) ch_free( regout.bv_val ); + if( regout.bv_val ) sl_free( regout.bv_val, opx->o_tmpmemctx ); if( rc != LDAP_SUCCESS ) { goto FINISHED; } diff --git a/servers/slapd/sets.c b/servers/slapd/sets.c index 97b49b4630..79de03025c 100644 --- a/servers/slapd/sets.c +++ b/servers/slapd/sets.c @@ -12,9 +12,9 @@ #include "slap.h" #include "sets.h" -static BerVarray set_join (BerVarray lset, int op, BerVarray rset); +static BerVarray set_join (SetCookie *cp, BerVarray lset, int op, BerVarray rset); static BerVarray set_chase (SLAP_SET_GATHER gatherer, - void *cookie, BerVarray set, struct berval *attr, int closure); + SetCookie *cookie, BerVarray set, struct berval *attr, int closure); static int set_samedn (char *dn1, char *dn2); long @@ -31,13 +31,13 @@ slap_set_size (BerVarray set) } void -slap_set_dispose (BerVarray set) +slap_set_dispose (SetCookie *cp, BerVarray set) { - ber_bvarray_free(set); + ber_bvarray_free_x(set, cp->op->o_tmpmemctx); } static BerVarray -set_join (BerVarray lset, int op, BerVarray rset) +set_join (SetCookie *cp, BerVarray lset, int op, BerVarray rset) { BerVarray set; long i, j, last; @@ -47,19 +47,20 @@ set_join (BerVarray lset, int op, BerVarray rset) if (lset == NULL || lset->bv_val == NULL) { if (rset == NULL) { if (lset == NULL) - return(SLAP_CALLOC(1, sizeof(struct berval))); + return(cp->op->o_tmpcalloc(1, sizeof(struct berval), + cp->op->o_tmpmemctx)); return(lset); } - slap_set_dispose(lset); + slap_set_dispose(cp, lset); return(rset); } if (rset == NULL || rset->bv_val == NULL) { - slap_set_dispose(rset); + slap_set_dispose(cp, rset); return(lset); } i = slap_set_size(lset) + slap_set_size(rset) + 1; - set = SLAP_CALLOC(i, sizeof(struct berval)); + set = cp->op->o_tmpcalloc(i, sizeof(struct berval), cp->op->o_tmpmemctx); if (set != NULL) { /* set_chase() depends on this routine to * keep the first elements of the result @@ -68,11 +69,11 @@ set_join (BerVarray lset, int op, BerVarray rset) */ for (i = 0; lset[i].bv_val; i++) set[i] = lset[i]; - ch_free(lset); + cp->op->o_tmpfree(lset, cp->op->o_tmpmemctx); for (i = 0; rset[i].bv_val; i++) { for (j = 0; set[j].bv_val; j++) { if (set_samedn(rset[i].bv_val, set[j].bv_val)) { - ch_free(rset[i].bv_val); + cp->op->o_tmpfree(rset[i].bv_val, cp->op->o_tmpmemctx); rset[i].bv_val = NULL; break; } @@ -80,14 +81,14 @@ set_join (BerVarray lset, int op, BerVarray rset) if (rset[i].bv_val) set[j] = rset[i]; } - ch_free(rset); + cp->op->o_tmpfree(rset, cp->op->o_tmpmemctx); } return(set); } if (op == '&') { if (lset == NULL || lset->bv_val == NULL || rset == NULL || rset->bv_val == NULL) { - set = SLAP_CALLOC(1, sizeof(struct berval)); + set = cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx); } else { set = lset; lset = NULL; @@ -98,7 +99,7 @@ set_join (BerVarray lset, int op, BerVarray rset) break; } if (rset[j].bv_val == NULL) { - ch_free(set[i].bv_val); + cp->op->o_tmpfree(set[i].bv_val, cp->op->o_tmpmemctx); set[i] = set[last]; set[last].bv_val = NULL; last--; @@ -108,14 +109,14 @@ set_join (BerVarray lset, int op, BerVarray rset) } } - slap_set_dispose(lset); - slap_set_dispose(rset); + slap_set_dispose(cp, lset); + slap_set_dispose(cp, rset); return(set); } static BerVarray set_chase (SLAP_SET_GATHER gatherer, - void *cookie, BerVarray set, struct berval *attr, int closure) + SetCookie *cp, BerVarray set, struct berval *attr, int closure) { BerVarray vals, nset; char attrstr[32]; @@ -126,35 +127,35 @@ set_chase (SLAP_SET_GATHER gatherer, bv.bv_val = attrstr; if (set == NULL) - return(SLAP_CALLOC(1, sizeof(struct berval))); + return(cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx)); if (set->bv_val == NULL) return(set); if (attr->bv_len > (sizeof(attrstr) - 1)) { - slap_set_dispose(set); + slap_set_dispose(cp, set); return(NULL); } AC_MEMCPY(attrstr, attr->bv_val, attr->bv_len); attrstr[attr->bv_len] = 0; - nset = SLAP_CALLOC(1, sizeof(struct berval)); + nset = cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx); if (nset == NULL) { - slap_set_dispose(set); + slap_set_dispose(cp, set); return(NULL); } for (i = 0; set[i].bv_val; i++) { - vals = (gatherer)(cookie, &set[i], &bv); + vals = (gatherer)(cp, &set[i], &bv); if (vals != NULL) - nset = set_join(nset, '|', vals); + nset = set_join(cp, nset, '|', vals); } - slap_set_dispose(set); + slap_set_dispose(cp, set); if (closure) { for (i = 0; nset[i].bv_val; i++) { - vals = (gatherer)(cookie, &nset[i], &bv); + vals = (gatherer)(cp, &nset[i], &bv); if (vals != NULL) { - nset = set_join(nset, '|', vals); + nset = set_join(cp, nset, '|', vals); if (nset == NULL) break; } @@ -196,7 +197,7 @@ set_samedn (char *dn1, char *dn2) int slap_set_filter (SLAP_SET_GATHER gatherer, - void *cookie, struct berval *fbv, + SetCookie *cp, struct berval *fbv, struct berval *user, struct berval *this, BerVarray *results) { #define IS_SET(x) ( (long)(x) >= 256 ) @@ -245,7 +246,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer, op = (long)SF_POP(); lset = SF_POP(); SF_POP(); - set = set_join(lset, op, set); + set = set_join(cp, lset, op, set); if (set == NULL) SF_ERROR(memory); SF_PUSH(set); @@ -266,7 +267,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer, } else if (IS_OP(SF_TOP())) { op = (long)SF_POP(); lset = SF_POP(); - set = set_join(lset, op, set); + set = set_join(cp, lset, op, set); if (set == NULL) SF_ERROR(memory); SF_PUSH(set); @@ -287,10 +288,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer, if (c == 0) SF_ERROR(syntax); - set = SLAP_CALLOC(2, sizeof(struct berval)); + set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx); if (set == NULL) SF_ERROR(memory); - set->bv_val = SLAP_CALLOC(len + 1, sizeof(char)); + set->bv_val = cp->op->o_tmpcalloc(len + 1, sizeof(char), cp->op->o_tmpmemctx); if (set->bv_val == NULL) SF_ERROR(memory); AC_MEMCPY(set->bv_val, &filter[-len - 1], len); @@ -331,10 +332,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer, { if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP())) SF_ERROR(syntax); - set = SLAP_CALLOC(2, sizeof(struct berval)); + set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx); if (set == NULL) SF_ERROR(memory); - ber_dupbv( set, this ); + ber_dupbv_x( set, this, cp->op->o_tmpmemctx ); if (set->bv_val == NULL) SF_ERROR(memory); } else if (len == 4 @@ -342,10 +343,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer, { if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP())) SF_ERROR(syntax); - set = SLAP_CALLOC(2, sizeof(struct berval)); + set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx); if (set == NULL) SF_ERROR(memory); - ber_dupbv( set, user ); + ber_dupbv_x( set, user, cp->op->o_tmpmemctx ); if (set->bv_val == NULL) SF_ERROR(memory); } else if (SF_TOP() != (void *)'/') { @@ -356,7 +357,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer, fb2.bv_val = filter; fb2.bv_len = len; set = set_chase(gatherer, - cookie, SF_POP(), &fb2, c == '*'); + cp, SF_POP(), &fb2, c == '*'); if (set == NULL) SF_ERROR(memory); if (c == '*') @@ -377,7 +378,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer, } else if (IS_OP(SF_TOP())) { op = (long)SF_POP(); lset = SF_POP(); - set = set_join(lset, op, set); + set = set_join(cp, lset, op, set); if (set == NULL) SF_ERROR(memory); } else { @@ -392,10 +393,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer, _error: if (IS_SET(set)) - slap_set_dispose(set); + slap_set_dispose(cp, set); while ((set = SF_POP())) { if (IS_SET(set)) - slap_set_dispose(set); + slap_set_dispose(cp, set); } return(rc); } diff --git a/servers/slapd/sets.h b/servers/slapd/sets.h index 6e3032bbb2..02b9f9f35a 100644 --- a/servers/slapd/sets.h +++ b/servers/slapd/sets.h @@ -11,20 +11,24 @@ LDAP_BEGIN_DECL +typedef struct slap_set_cookie { + struct slap_op *op; +} SetCookie; + /* this routine needs to return the bervals instead of * plain strings, since syntax is not known. It should * also return the syntax or some "comparison cookie" * that is used by set_filter. */ typedef BerVarray (SLAP_SET_GATHER)( - void *cookie, struct berval *name, struct berval *attr); + SetCookie *cookie, struct berval *name, struct berval *attr); LDAP_SLAPD_F (long) slap_set_size(BerVarray set); -LDAP_SLAPD_F (void) slap_set_dispose(BerVarray set); +LDAP_SLAPD_F (void) slap_set_dispose(SetCookie *cookie, BerVarray set); LDAP_SLAPD_F (int) slap_set_filter( SLAP_SET_GATHER gatherer, - void *cookie, struct berval *filter, + SetCookie *cookie, struct berval *filter, struct berval *user, struct berval *this, BerVarray *results); LDAP_END_DECL