From 202cf8af75f42af452c4bdc5b121a7b68adee484 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Thu, 13 Feb 2003 23:29:56 +0000 Subject: [PATCH] Implemented connection pooling. Requires libldap_r to allow multiple threads to access the same LDAP* handle. --- servers/slapd/back-ldap/add.c | 4 +- servers/slapd/back-ldap/attribute.c | 21 ++-- servers/slapd/back-ldap/back-ldap.h | 9 +- servers/slapd/back-ldap/bind.c | 154 ++++++++++++++++++++-------- servers/slapd/back-ldap/compare.c | 4 +- servers/slapd/back-ldap/delete.c | 4 +- servers/slapd/back-ldap/group.c | 24 ++--- servers/slapd/back-ldap/init.c | 11 +- servers/slapd/back-ldap/modify.c | 4 +- servers/slapd/back-ldap/modrdn.c | 4 +- servers/slapd/back-ldap/search.c | 16 +-- servers/slapd/back-ldap/unbind.c | 10 +- 12 files changed, 168 insertions(+), 97 deletions(-) diff --git a/servers/slapd/back-ldap/add.c b/servers/slapd/back-ldap/add.c index f17451ad7a..f9032f0531 100644 --- a/servers/slapd/back-ldap/add.c +++ b/servers/slapd/back-ldap/add.c @@ -68,7 +68,7 @@ ldap_back_add( #endif /* !NEW_LOGGING */ lc = ldap_back_getconn(li, conn, op); - if ( !lc || !ldap_back_dobind( lc, op ) ) { + if ( !lc || !ldap_back_dobind( lc, conn, op ) ) { return( -1 ); } @@ -186,7 +186,7 @@ ldap_back_add( free( mdn.bv_val ); } - return( ldap_back_op_result( lc, op ) ); + return( ldap_back_op_result( lc, conn, op ) ); } #ifdef ENABLE_REWRITE diff --git a/servers/slapd/back-ldap/attribute.c b/servers/slapd/back-ldap/attribute.c index 81f7788836..7b6eebd9a1 100644 --- a/servers/slapd/back-ldap/attribute.c +++ b/servers/slapd/back-ldap/attribute.c @@ -31,6 +31,7 @@ ldap_back_attribute( ) { struct ldapinfo *li = (struct ldapinfo *) be->be_private; + struct ldapconn *lc; int rc = 1, i, j, count, is_oc; Attribute *attr = NULL; BerVarray abv, v; @@ -38,7 +39,6 @@ ldap_back_attribute( char **vs = NULL; LDAPMessage *result = NULL, *e = NULL; char *gattr[2]; - LDAP *ld = NULL; *vals = NULL; if (target != NULL && dn_match( &target->e_nname, ndn )) { @@ -68,28 +68,30 @@ ldap_back_attribute( return 1; } - if (ldap_initialize(&ld, li->url) != LDAP_SUCCESS) { + /* Tell getconn this is a privileged op */ + is_oc = op->o_do_not_cache; + op->o_do_not_cache = 1; + lc = ldap_back_getconn(li, conn, op); + if ( !lc || !ldap_back_dobind(lc, NULL, op) ) { + op->o_do_not_cache = is_oc; return 1; } - - if (ldap_bind_s(ld, li->binddn, li->bindpw, LDAP_AUTH_SIMPLE) != LDAP_SUCCESS) { - goto cleanup; - } + op->o_do_not_cache = is_oc; gattr[0] = mapped.bv_val; gattr[1] = NULL; - if (ldap_search_ext_s(ld, ndn->bv_val, LDAP_SCOPE_BASE, "(objectclass=*)", + if (ldap_search_ext_s(lc->ld, ndn->bv_val, LDAP_SCOPE_BASE, "(objectclass=*)", gattr, 0, NULL, NULL, LDAP_NO_LIMIT, LDAP_NO_LIMIT, &result) != LDAP_SUCCESS) { goto cleanup; } - if ((e = ldap_first_entry(ld, result)) == NULL) { + if ((e = ldap_first_entry(lc->ld, result)) == NULL) { goto cleanup; } - vs = ldap_get_values(ld, e, mapped.bv_val); + vs = ldap_get_values(lc->ld, e, mapped.bv_val); if (vs == NULL) { goto cleanup; } @@ -132,7 +134,6 @@ cleanup: if (result) { ldap_msgfree(result); } - ldap_unbind(ld); return(rc); } diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h index eb56fce7cf..585f44720c 100644 --- a/servers/slapd/back-ldap/back-ldap.h +++ b/servers/slapd/back-ldap/back-ldap.h @@ -49,13 +49,16 @@ LDAP_BEGIN_DECL struct slap_conn; struct slap_op; +struct slap_backend_db; struct ldapconn { struct slap_conn *conn; LDAP *ld; struct berval cred; struct berval bound_dn; + struct berval local_dn; int bound; + ldap_pvt_thread_mutex_t lc_mutex; }; struct ldapmap { @@ -71,6 +74,7 @@ struct ldapmapping { }; struct ldapinfo { + struct slap_backend_db *be; char *url; char *binddn; char *bindpw; @@ -89,9 +93,9 @@ struct ldapinfo { struct ldapconn *ldap_back_getconn(struct ldapinfo *li, struct slap_conn *conn, struct slap_op *op); -int ldap_back_dobind(struct ldapconn *lc, Operation *op); +int ldap_back_dobind(struct ldapconn *lc, Connection *conn, Operation *op); int ldap_back_map_result(int err); -int ldap_back_op_result(struct ldapconn *lc, Operation *op); +int ldap_back_op_result(struct ldapconn *lc, Connection *conn, Operation *op); int back_ldap_LTX_init_module(int argc, char *argv[]); void ldap_back_dn_massage(struct ldapinfo *li, struct berval *dn, @@ -99,6 +103,7 @@ void ldap_back_dn_massage(struct ldapinfo *li, struct berval *dn, extern int ldap_back_conn_cmp( const void *c1, const void *c2); extern int ldap_back_conn_dup( void *c1, void *c2 ); +extern void ldap_back_conn_free( void *c ); int mapping_cmp (const void *, const void *); int mapping_dup (void *, void *); diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c index bed8436d1f..99585edbf9 100644 --- a/servers/slapd/back-ldap/bind.c +++ b/servers/slapd/back-ldap/bind.c @@ -77,7 +77,7 @@ ldap_back_bind( if ( op->o_ctrls ) { if ( ldap_set_option( lc->ld, LDAP_OPT_SERVER_CONTROLS, op->o_ctrls ) != LDAP_SUCCESS ) { - ldap_back_op_result( lc, op ); + ldap_back_op_result( lc, conn, op ); return( -1 ); } } @@ -114,11 +114,22 @@ ldap_back_bind( ldap_back_dn_massage( li, dn, &mdn, 0, 1 ); #endif /* !ENABLE_REWRITE */ + if ( lc->bound_dn.bv_val ) { + ch_free( lc->bound_dn.bv_val ); + lc->bound_dn.bv_len = 0; + lc->bound_dn.bv_val = NULL; + } + lc->bound = 0; rc = ldap_bind_s(lc->ld, mdn.bv_val, cred->bv_val, method); if (rc != LDAP_SUCCESS) { - rc = ldap_back_op_result( lc, op ); + rc = ldap_back_op_result( lc, conn, op ); } else { lc->bound = 1; + if ( mdn.bv_val != dn->bv_val ) { + lc->bound_dn = mdn; + } else { + ber_dupbv( &lc->bound_dn, dn ); + } } if ( li->savecred ) { @@ -128,14 +139,22 @@ ldap_back_bind( ldap_set_rebind_proc( lc->ld, ldap_back_rebind, lc ); } - if ( lc->bound_dn.bv_val ) - ch_free( lc->bound_dn.bv_val ); - if ( mdn.bv_val != dn->bv_val ) { - lc->bound_dn = mdn; - } else { - ber_dupbv( &lc->bound_dn, dn ); + /* must re-insert if local DN changed as result of bind */ + if ( lc->bound && ber_bvcmp(ndn, &lc->local_dn ) ) { + int err; + ldap_pvt_thread_mutex_lock( &li->conn_mutex ); + lc = avl_delete( &li->conntree, (caddr_t)lc, ldap_back_conn_cmp ); + if ( lc->local_dn.bv_val ) + ch_free( lc->local_dn.bv_val ); + ber_dupbv( &lc->local_dn, ndn ); + err = avl_insert( &li->conntree, (caddr_t)lc, + ldap_back_conn_cmp, ldap_back_conn_dup ); + ldap_pvt_thread_mutex_unlock( &li->conn_mutex ); + if ( err == -1 ) { + ldap_back_conn_free( lc ); + } } - + return( rc ); } @@ -153,8 +172,16 @@ ldap_back_conn_cmp( { const struct ldapconn *lc1 = (const struct ldapconn *)c1; const struct ldapconn *lc2 = (const struct ldapconn *)c2; + int rc; - return ( ( lc1->conn < lc2->conn ) ? -1 : ( ( lc1->conn > lc2-> conn ) ? 1 : 0 ) ); + /* If local DNs don't match, it is definitely not a match */ + if ( ( rc = ber_bvcmp( &lc1->local_dn, &lc2->local_dn )) ) + return rc; + + /* For shared sessions, conn is NULL. Only explicitly + * bound sessions will have non-NULL conn. + */ + return lc1->conn - lc2->conn; } /* @@ -172,13 +199,18 @@ ldap_back_conn_dup( struct ldapconn *lc1 = (struct ldapconn *)c1; struct ldapconn *lc2 = (struct ldapconn *)c2; - return( ( lc1->conn == lc2->conn ) ? -1 : 0 ); + /* Cannot have more than one shared session with same DN */ + if ( dn_match( &lc1->local_dn, &lc2->local_dn ) && + lc1->conn == lc2->conn ) return -1; + + return 0; } #if PRINT_CONNTREE > 0 static void ravl_print( Avlnode *root, int depth ) { int i; + struct ldapconn *lc; if ( root == 0 ) return; @@ -188,7 +220,8 @@ static void ravl_print( Avlnode *root, int depth ) for ( i = 0; i < depth; i++ ) printf( " " ); - printf( "c(%ld) %d\n", ((struct ldapconn *) root->avl_data)->conn->c_connid, root->avl_bf ); + lc = root->avl_data; + printf( "lc(%lx) local(%s) conn(%lx) %d\n", lc, lc->local_dn.bv_val, lc->conn, root->avl_bf ); ravl_print( root->avl_left, depth+1 ); } @@ -212,9 +245,24 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) { struct ldapconn *lc, lc_curr; LDAP *ld; + int is_priv = 0; /* Searches for a ldapconn in the avl tree */ - lc_curr.conn = conn; + + /* Explicit binds must not be shared */ + if ( op->o_tag == LDAP_REQ_BIND ) { + lc_curr.conn = conn; + } else { + lc_curr.conn = NULL; + } + + /* Internal searches are privileged. So is root. */ + if ( op->o_do_not_cache || be_isroot( li->be, &op->o_ndn ) ) { + lc_curr.local_dn = li->be->be_rootndn; + is_priv = 1; + } else { + lc_curr.local_dn = op->o_ndn; + } ldap_pvt_thread_mutex_lock( &li->conn_mutex ); lc = (struct ldapconn *)avl_find( li->conntree, (caddr_t)&lc_curr, ldap_back_conn_cmp ); @@ -237,11 +285,18 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &vers); lc = (struct ldapconn *)ch_malloc(sizeof(struct ldapconn)); - lc->conn = conn; + lc->conn = lc_curr.conn; lc->ld = ld; + ber_dupbv( &lc->local_dn, &lc_curr.local_dn ); - lc->cred.bv_len = 0; - lc->cred.bv_val = NULL; + if ( is_priv ) { + ber_str2bv( li->bindpw, 0, 1, &lc->cred ); + } else { + lc->cred.bv_len = 0; + lc->cred.bv_val = NULL; + } + + ldap_pvt_thread_mutex_init( &lc->lc_mutex ); #ifdef ENABLE_REWRITE /* @@ -250,7 +305,7 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) ( void )rewrite_session_init( li->rwinfo, conn ); #endif /* ENABLE_REWRITE */ - if ( lc->conn->c_dn.bv_len != 0 ) { + if ( conn->c_dn.bv_len != 0 ) { /* * Rewrite the bind dn if needed @@ -259,24 +314,24 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) lc->bound_dn.bv_val = NULL; lc->bound_dn.bv_len = 0; switch ( rewrite_session( li->rwinfo, "bindDn", - lc->conn->c_dn.bv_val, conn, + conn->c_dn.bv_val, conn, &lc->bound_dn.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( lc->bound_dn.bv_val == NULL ) { ber_dupbv( &lc->bound_dn, - &lc->conn->c_dn ); + &conn->c_dn ); } #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, DETAIL1, "[rw] bindDn: \"%s\" ->" " \"%s\"\n%s", - lc->conn->c_dn.bv_val, + conn->c_dn.bv_val, lc->bound_dn.bv_val, "" ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_ARGS, "rw> bindDn: \"%s\" ->" " \"%s\"\n%s", - lc->conn->c_dn.bv_val, + conn->c_dn.bv_val, lc->bound_dn.bv_val, "" ); #endif /* !NEW_LOGGING */ break; @@ -298,8 +353,8 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) #else /* !ENABLE_REWRITE */ struct berval bv; - ldap_back_dn_massage( li, &lc->conn->c_dn, &bv, 0, 1 ); - if ( bv.bv_val == lc->conn->c_dn.bv_val ) { + ldap_back_dn_massage( li, &conn->c_dn, &bv, 0, 1 ); + if ( bv.bv_val == conn->c_dn.bv_val ) { ber_dupbv( &lc->bound_dn, &bv ); } else { lc->bound_dn = bv; @@ -320,34 +375,34 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) #if PRINT_CONNTREE > 0 myprint( li->conntree ); #endif /* PRINT_CONNTREE */ - + ldap_pvt_thread_mutex_unlock( &li->conn_mutex ); #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, INFO, - "ldap_back_getconn: conn %ld inserted\n", lc->conn->c_connid, 0, 0); + "ldap_back_getconn: conn %lx inserted\n", lc, 0, 0); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_TRACE, - "=>ldap_back_getconn: conn %ld inserted\n%s%s", - lc->conn->c_connid, "", "" ); + "=>ldap_back_getconn: conn %lx inserted\n%s%s", + lc, "", "" ); #endif /* !NEW_LOGGING */ - + /* Err could be -1 in case a duplicate ldapconn is inserted */ if ( err != 0 ) { + ldap_back_conn_free( lc ); send_ldap_result( conn, op, LDAP_OTHER, NULL, "internal server error", NULL, NULL ); - /* better destroy the ldapconn struct? */ return( NULL ); } } else { #ifdef NEW_LOGGING LDAP_LOG( BACK_LDAP, INFO, - "ldap_back_getconn: conn %ld inserted\n", - lc->conn->c_connid, 0, 0 ); + "ldap_back_getconn: conn %lx fetched\n", + lc, 0, 0 ); #else /* !NEW_LOGGING */ Debug( LDAP_DEBUG_TRACE, - "=>ldap_back_getconn: conn %ld fetched%s%s\n", - lc->conn->c_connid, "", "" ); + "=>ldap_back_getconn: conn %lx fetched%s%s\n", + lc, "", "" ); #endif /* !NEW_LOGGING */ } @@ -362,26 +417,34 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op) * it can be used to simplify the check. */ int -ldap_back_dobind( struct ldapconn *lc, Operation *op ) +ldap_back_dobind( struct ldapconn *lc, Connection *conn, Operation *op ) { + int rc = 0; + + ldap_pvt_thread_mutex_lock( &lc->lc_mutex ); if ( op->o_ctrls ) { if ( ldap_set_option( lc->ld, LDAP_OPT_SERVER_CONTROLS, op->o_ctrls ) != LDAP_SUCCESS ) { - ldap_back_op_result( lc, op ); - return( 0 ); + ldap_back_op_result( lc, conn, op ); + goto leave; } } if ( lc->bound ) { - return( lc->bound ); + rc = lc->bound; + goto leave; } if ( ldap_bind_s( lc->ld, lc->bound_dn.bv_val, lc->cred.bv_val, LDAP_AUTH_SIMPLE ) != LDAP_SUCCESS ) { - ldap_back_op_result( lc, op ); - return( 0 ); + ldap_back_op_result( lc, conn, op ); + goto leave; } /* else */ - return( lc->bound = 1 ); + + rc = lc->bound = 1; +leave: + ldap_pvt_thread_mutex_unlock( &lc->lc_mutex ); + return rc; } /* @@ -447,13 +510,17 @@ ldap_back_map_result(int err) } int -ldap_back_op_result(struct ldapconn *lc, Operation *op) +ldap_back_op_result(struct ldapconn *lc, Connection *conn, Operation *op) { int err = LDAP_SUCCESS; char *msg = NULL; char *match = NULL; ldap_get_option(lc->ld, LDAP_OPT_ERROR_NUMBER, &err); + + /* internal ops must not reply to client */ + if ( !conn || op->o_do_not_cache ) goto quiet; + ldap_get_option(lc->ld, LDAP_OPT_ERROR_STRING, &msg); ldap_get_option(lc->ld, LDAP_OPT_MATCHED_DN, &match); err = ldap_back_map_result(err); @@ -463,7 +530,7 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op) /* * FIXME: need rewrite info for match; mmmh ... */ - send_ldap_result( lc->conn, op, err, match, msg, NULL, NULL ); + send_ldap_result( conn, op, err, match, msg, NULL, NULL ); /* better test the pointers before freeing? */ if ( match ) { free( match ); @@ -471,7 +538,7 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op) #else /* !ENABLE_REWRITE */ - send_ldap_result( lc->conn, op, err, match, msg, NULL, NULL ); + send_ldap_result( conn, op, err, match, msg, NULL, NULL ); /* better test the pointers before freeing? */ if ( match ) { free( match ); @@ -480,6 +547,7 @@ ldap_back_op_result(struct ldapconn *lc, Operation *op) #endif /* !ENABLE_REWRITE */ if ( msg ) free( msg ); +quiet: return( (err==LDAP_SUCCESS) ? 0 : -1 ); } diff --git a/servers/slapd/back-ldap/compare.c b/servers/slapd/back-ldap/compare.c index d8767c6f91..43e8f93fbf 100644 --- a/servers/slapd/back-ldap/compare.c +++ b/servers/slapd/back-ldap/compare.c @@ -61,7 +61,7 @@ ldap_back_compare( struct berval mdn = { 0, NULL }; lc = ldap_back_getconn(li, conn, op); - if (!lc || !ldap_back_dobind( lc, op ) ) { + if (!lc || !ldap_back_dobind( lc, conn, op ) ) { return( -1 ); } @@ -121,5 +121,5 @@ ldap_back_compare( free( mdn.bv_val ); } - return( ldap_back_op_result( lc, op ) ); + return( ldap_back_op_result( lc, conn, op ) ); } diff --git a/servers/slapd/back-ldap/delete.c b/servers/slapd/back-ldap/delete.c index 170f00b126..b2a8139b49 100644 --- a/servers/slapd/back-ldap/delete.c +++ b/servers/slapd/back-ldap/delete.c @@ -61,7 +61,7 @@ ldap_back_delete( lc = ldap_back_getconn( li, conn, op ); - if ( !lc || !ldap_back_dobind( lc, op ) ) { + if ( !lc || !ldap_back_dobind( lc, conn, op ) ) { return( -1 ); } @@ -103,5 +103,5 @@ ldap_back_delete( free( mdn.bv_val ); } - return( ldap_back_op_result( lc, op ) ); + return( ldap_back_op_result( lc, conn, op ) ); } diff --git a/servers/slapd/back-ldap/group.c b/servers/slapd/back-ldap/group.c index 79e67c6095..b6dbe107dd 100644 --- a/servers/slapd/back-ldap/group.c +++ b/servers/slapd/back-ldap/group.c @@ -33,13 +33,13 @@ ldap_back_group( ) { struct ldapinfo *li = (struct ldapinfo *) be->be_private; - int rc = 1; + struct ldapconn *lc; + int rc = 1, oc; Attribute *attr; LDAPMessage *result; char *gattr[2]; char *filter = NULL, *ptr; - LDAP *ld; struct berval mop_ndn = { 0, NULL }, mgr_ndn = { 0, NULL }; AttributeDescription *ad_objectClass = slap_schema.si_ad_objectClass; @@ -170,14 +170,15 @@ ldap_back_group( if (filter == NULL) goto cleanup; - if (ldap_initialize(&ld, li->url) != LDAP_SUCCESS) { - goto cleanup; - } - - if (ldap_bind_s(ld, li->binddn, li->bindpw, LDAP_AUTH_SIMPLE) - != LDAP_SUCCESS) { + /* Tell getconn this is a privileged op */ + oc = op->o_do_not_cache; + op->o_do_not_cache = 1; + lc = ldap_back_getconn(li, conn, op); + if ( !lc || !ldap_back_dobind( lc, NULL, op ) ) { + op->o_do_not_cache = oc; goto cleanup; } + op->o_do_not_cache = oc; ptr = lutil_strcopy(filter, "(&(objectclass="); ptr = lutil_strcopy(ptr, group_oc_name.bv_val); @@ -189,18 +190,15 @@ ldap_back_group( gattr[0] = "objectclass"; gattr[1] = NULL; - if (ldap_search_ext_s(ld, mgr_ndn.bv_val, LDAP_SCOPE_BASE, filter, + if (ldap_search_ext_s(lc->ld, mgr_ndn.bv_val, LDAP_SCOPE_BASE, filter, gattr, 0, NULL, NULL, LDAP_NO_LIMIT, LDAP_NO_LIMIT, &result) == LDAP_SUCCESS) { - if (ldap_first_entry(ld, result) != NULL) + if (ldap_first_entry(lc->ld, result) != NULL) rc = 0; ldap_msgfree(result); } cleanup:; - if ( ld != NULL ) { - ldap_unbind(ld); - } ch_free(filter); if ( mop_ndn.bv_val != op_ndn->bv_val ) { free( mop_ndn.bv_val ); diff --git a/servers/slapd/back-ldap/init.c b/servers/slapd/back-ldap/init.c index 5a4b1e2798..aa76717800 100644 --- a/servers/slapd/back-ldap/init.c +++ b/servers/slapd/back-ldap/init.c @@ -124,13 +124,14 @@ ldap_back_db_init( ldap_back_map_init( &li->at_map, &mapping ); + li->be = be; be->be_private = li; return 0; } -static void -conn_free( +void +ldap_back_conn_free( void *v_lc ) { @@ -142,6 +143,10 @@ conn_free( if ( lc->cred.bv_val ) { ch_free( lc->cred.bv_val ); } + if ( lc->local_dn.bv_val ) { + ch_free( lc->local_dn.bv_val ); + } + ldap_pvt_thread_mutex_destroy( &lc->lc_mutex ); ch_free( lc ); } @@ -179,7 +184,7 @@ ldap_back_db_destroy( li->bindpw = NULL; } if (li->conntree) { - avl_free( li->conntree, conn_free ); + avl_free( li->conntree, ldap_back_conn_free ); } #ifdef ENABLE_REWRITE if (li->rwinfo) { diff --git a/servers/slapd/back-ldap/modify.c b/servers/slapd/back-ldap/modify.c index 5cb19e5175..807801b77a 100644 --- a/servers/slapd/back-ldap/modify.c +++ b/servers/slapd/back-ldap/modify.c @@ -65,7 +65,7 @@ ldap_back_modify( struct berval mdn = { 0, NULL }; lc = ldap_back_getconn(li, conn, op); - if ( !lc || !ldap_back_dobind( lc, op ) ) { + if ( !lc || !ldap_back_dobind( lc, conn, op ) ) { return( -1 ); } @@ -170,6 +170,6 @@ cleanup:; ch_free(modv[i]->mod_bvalues); ch_free(mods); ch_free(modv); - return( ldap_back_op_result( lc, op )); + return( ldap_back_op_result( lc, conn, op )); } diff --git a/servers/slapd/back-ldap/modrdn.c b/servers/slapd/back-ldap/modrdn.c index 76f496a260..729822d155 100644 --- a/servers/slapd/back-ldap/modrdn.c +++ b/servers/slapd/back-ldap/modrdn.c @@ -65,7 +65,7 @@ ldap_back_modrdn( struct berval mdn = { 0, NULL }, mnewSuperior = { 0, NULL }; lc = ldap_back_getconn( li, conn, op ); - if ( !lc || !ldap_back_dobind(lc, op) ) { + if ( !lc || !ldap_back_dobind(lc, conn, op) ) { return( -1 ); } @@ -156,5 +156,5 @@ ldap_back_modrdn( free( mnewSuperior.bv_val ); } - return( ldap_back_op_result( lc, op ) ); + return( ldap_back_op_result( lc, conn, op ) ); } diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c index 828f5f2651..0b8ef161ac 100644 --- a/servers/slapd/back-ldap/search.c +++ b/servers/slapd/back-ldap/search.c @@ -48,7 +48,7 @@ #undef ldap_debug /* silence a warning in ldap-int.h */ #include "../../../libraries/libldap/ldap-int.h" -static int ldap_send_entry( Backend *be, Operation *op, struct ldapconn *lc, +static int ldap_send_entry( Backend *be, Operation *op, Connection *conn, LDAPMessage *e, AttributeName *attrs, int attrsonly ); int @@ -95,7 +95,7 @@ ldap_back_search( * FIXME: in case of values return filter, we might want * to map attrs and maybe rewrite value */ - if ( !ldap_back_dobind( lc, op ) ) { + if ( !ldap_back_dobind( lc, conn, op ) ) { return( -1 ); } @@ -264,7 +264,7 @@ ldap_back_search( mapped_attrs, attrsonly); if ( msgid == -1 ) { fail:; - rc = ldap_back_op_result(lc, op); + rc = ldap_back_op_result(lc, conn, op); goto finish; } @@ -291,7 +291,7 @@ fail:; } else if (rc == LDAP_RES_SEARCH_ENTRY) { e = ldap_first_entry(lc->ld,res); - if ( ldap_send_entry(be, op, lc, e, attrs, attrsonly) + if ( ldap_send_entry(be, op, conn, e, attrs, attrsonly) == LDAP_SUCCESS ) { count++; } @@ -425,7 +425,7 @@ static int ldap_send_entry( Backend *be, Operation *op, - struct ldapconn *lc, + Connection *conn, LDAPMessage *e, AttributeName *attrs, int attrsonly @@ -449,7 +449,7 @@ ldap_send_entry( * Rewrite the dn of the result, if needed */ switch ( rewrite_session( li->rwinfo, "searchResult", - bdn.bv_val, lc->conn, &ent.e_name.bv_val ) ) { + bdn.bv_val, conn, &ent.e_name.bv_val ) ) { case REWRITE_REGEXEC_OK: if ( ent.e_name.bv_val == NULL ) { ent.e_name = bdn; @@ -578,7 +578,7 @@ ldap_send_entry( switch ( rewrite_session( li->rwinfo, "searchResult", bv->bv_val, - lc->conn, + conn, &newval.bv_val )) { case REWRITE_REGEXEC_OK: /* left as is */ @@ -621,7 +621,7 @@ ldap_send_entry( *attrp = attr; attrp = &attr->a_next; } - send_search_entry( be, lc->conn, op, &ent, attrs, attrsonly, NULL ); + send_search_entry( be, conn, op, &ent, attrs, attrsonly, NULL ); while (ent.e_attrs) { attr = ent.e_attrs; ent.e_attrs = attr->a_next; diff --git a/servers/slapd/back-ldap/unbind.c b/servers/slapd/back-ldap/unbind.c index 93d2bd4f8b..523657ef24 100644 --- a/servers/slapd/back-ldap/unbind.c +++ b/servers/slapd/back-ldap/unbind.c @@ -64,6 +64,7 @@ ldap_back_conn_destroy( #endif /* !NEW_LOGGING */ lc_curr.conn = conn; + lc_curr.local_dn = conn->c_ndn; ldap_pvt_thread_mutex_lock( &li->conn_mutex ); lc = avl_delete( &li->conntree, (caddr_t)&lc_curr, ldap_back_conn_cmp ); @@ -92,14 +93,7 @@ ldap_back_conn_destroy( * and calling ldap_unbind on a corrupted header results * in a segmentation fault */ - ldap_unbind(lc->ld); - if ( lc->bound_dn.bv_val ) { - ch_free( lc->bound_dn.bv_val ); - } - if ( lc->cred.bv_val ) { - ch_free( lc->cred.bv_val ); - } - ch_free( lc ); + ldap_back_conn_free( lc ); } /* no response to unbind */ -- 2.39.5