From: Pierangelo Masarati <ando@openldap.org>
Date: Mon, 4 Sep 2006 07:20:59 +0000 (+0000)
Subject: release authz resources at shutdown
X-Git-Tag: OPENLDAP_REL_ENG_2_3_MP~215
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=35f8b9c9f53f5faed8ce4c97848dd1378f622075;p=openldap

release authz resources at shutdown
---

diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index a62e633e38..c7036fae5c 100644
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -961,11 +961,13 @@ stop:
 #ifdef HAVE_TLS
 	if ( slap_tls_ld ) {
 		SSL_CTX_free( slap_tls_ctx );
-		ldap_unbind( slap_tls_ld );
+		ldap_unbind_ext( slap_tls_ld, NULL, NULL );
 	}
 	ldap_pvt_tls_destroy();
 #endif
 
+	slap_sasl_regexp_destroy();
+
 	if ( slapd_pid_file_unlink ) {
 		unlink( slapd_pid_file );
 	}
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index 8246077f6c..dac07b4075 100644
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -1453,6 +1453,7 @@ LDAP_SLAPD_F (int) slap_sasl_rewrite_config LDAP_P((
 	int lineno,
 	int argc, 
 	char **argv ));
+LDAP_SLAPD_F (void) slap_sasl_regexp_destroy LDAP_P(( void ));
 #endif /* SLAP_AUTH_REWRITE */
 LDAP_SLAPD_F (int) authzValidate LDAP_P((
 	Syntax *syn, struct berval *in ));
diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index dec0041415..3fd24ad87d 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -1313,7 +1313,8 @@ int slap_sasl_rewrite_config(
 	return rc;
 }
 
-int slap_sasl_rewrite_destroy( void )
+static int
+slap_sasl_rewrite_destroy( void )
 {
 	if ( sasl_rwinfo ) {
 		rewrite_info_delete( &sasl_rwinfo );
@@ -1373,38 +1374,59 @@ int slap_sasl_regexp_config( const char *match, const char *replace )
 
 	reg = &SaslRegexp[nSaslRegexp];
 
-	reg->sr_match = ch_strdup( match );
-	reg->sr_replace = ch_strdup( replace );
-
 #ifdef SLAP_AUTH_REWRITE
 	rc = slap_sasl_regexp_rewrite_config( "sasl-regexp", 0,
 			match, replace, AUTHID_CONTEXT );
-	if ( rc == LDAP_SUCCESS ) nSaslRegexp++;
-	return rc;
 #else /* ! SLAP_AUTH_REWRITE */
 
 	/* Precompile matching pattern */
-	rc = regcomp( &reg->sr_workspace, reg->sr_match, REG_EXTENDED|REG_ICASE );
+	rc = regcomp( &reg->sr_workspace, match, REG_EXTENDED|REG_ICASE );
 	if ( rc ) {
 		Debug( LDAP_DEBUG_ANY,
-		"SASL match pattern %s could not be compiled by regexp engine\n",
-		reg->sr_match, 0, 0 );
+			"SASL match pattern %s could not be compiled by regexp engine\n",
+			match, 0, 0 );
 
 #ifdef ENABLE_REWRITE
-	/* Dummy block to force symbol references in librewrite */
-	if ( slapMode == ( SLAP_SERVER_MODE|SLAP_TOOL_MODE )) {
-		rewrite_info_init( 0 );
-	}
+		/* Dummy block to force symbol references in librewrite */
+		if ( slapMode == ( SLAP_SERVER_MODE|SLAP_TOOL_MODE )) {
+			rewrite_info_init( 0 );
+		}
 #endif
 		return( LDAP_OTHER );
 	}
 
-	rc = slap_sasl_rx_off( reg->sr_replace, reg->sr_offset );
-	if ( rc != LDAP_SUCCESS ) return rc;
-
-	nSaslRegexp++;
-	return( LDAP_SUCCESS );
+	rc = slap_sasl_rx_off( replace, reg->sr_offset );
 #endif /* ! SLAP_AUTH_REWRITE */
+	if ( rc == LDAP_SUCCESS ) {
+		reg->sr_match = ch_strdup( match );
+		reg->sr_replace = ch_strdup( replace );
+
+		nSaslRegexp++;
+	}
+
+	return rc;
+}
+
+void
+slap_sasl_regexp_destroy( void )
+{
+	if ( SaslRegexp ) {
+		int	n;
+
+		for ( n = 0; n < nSaslRegexp; n++ ) {
+			ch_free( SaslRegexp[ n ].sr_match );
+			ch_free( SaslRegexp[ n ].sr_replace );
+#ifndef SLAP_AUTH_REWRITE
+			regfree( &SaslRegexp[ n ].sr_workspace );
+#endif /* SLAP_AUTH_REWRITE */
+		}
+
+		ch_free( SaslRegexp );
+	}
+
+#ifdef SLAP_AUTH_REWRITE
+	slap_sasl_rewrite_destroy();
+#endif /* SLAP_AUTH_REWRITE */
 }
 
 void slap_sasl_regexp_unparse( BerVarray *out )