if ( lerr != LDAP_SUCCESS ) {
rc = rs->sr_err = lerr;
- /* Mark the meta_conn struct as tainted so
- * it'll be freed by meta_conn_back_destroy below */
- LDAP_BACK_CONN_TAINTED_SET( mc );
/* FIXME: in some cases (e.g. unavailable)
* do not assume it's not candidate; rather
if ( !LDAP_BACK_PCONN_ISPRIV( mc )
&& !dn_match( &op->o_req_ndn, &mc->mc_local_ndn ) )
{
- metaconn_t *tmpmc;
int lerr;
/* wait for all other ops to release the connection */
-retry_lock:;
ldap_pvt_thread_mutex_lock( &mi->mi_conninfo.lai_mutex );
- if ( mc->mc_refcnt > 1 ) {
- ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
- ldap_pvt_thread_yield();
- goto retry_lock;
- }
-
assert( mc->mc_refcnt == 1 );
#if META_BACK_PRINT_CONNTREE > 0
meta_back_print_conntree( mi, ">>> meta_back_bind" );
#endif /* META_BACK_PRINT_CONNTREE */
- tmpmc = avl_delete( &mi->mi_conninfo.lai_tree, (caddr_t)mc,
- meta_back_conndn_cmp );
- assert( tmpmc == mc );
/* delete all cached connections with the current connection */
if ( LDAP_BACK_SINGLECONN( mi ) ) {
+ metaconn_t *tmpmc;
+
while ( ( tmpmc = avl_delete( &mi->mi_conninfo.lai_tree, (caddr_t)mc, meta_back_conn_cmp ) ) != NULL )
{
Debug( LDAP_DEBUG_TRACE,
}
ber_bvreplace( &mc->mc_local_ndn, &op->o_req_ndn );
- if ( isroot ) {
- LDAP_BACK_CONN_ISPRIV_SET( mc );
- LDAP_BACK_PCONN_SET( mc, op );
- }
lerr = avl_insert( &mi->mi_conninfo.lai_tree, (caddr_t)mc,
meta_back_conndn_cmp, meta_back_conndn_dup );
#if META_BACK_PRINT_CONNTREE > 0
meta_back_print_conntree( mi, "<<< meta_back_bind" );
#endif /* META_BACK_PRINT_CONNTREE */
- ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
- if ( lerr == -1 ) {
- /* we can do this because mc_refcnt == 1 */
- assert( mc->mc_refcnt == 1 );
- mc->mc_refcnt = 0;
- meta_back_conn_free( mc );
- mc = NULL;
+ if ( lerr == 0 ) {
+ if ( isroot ) {
+ LDAP_BACK_CONN_ISPRIV_SET( mc );
+ LDAP_BACK_PCONN_SET( mc, op );
+ }
+ LDAP_BACK_CONN_CACHED_SET( mc );
+
+ } else {
+ LDAP_BACK_CONN_CACHED_CLEAR( mc );
}
+ ldap_pvt_thread_mutex_unlock( &mi->mi_conninfo.lai_mutex );
}
}
meta_back_print_conntree( mi, ">>> meta_back_getconn" );
#endif /* META_BACK_PRINT_CONNTREE */
+ err = 0;
if ( LDAP_BACK_PCONN_ISPRIV( mc ) ) {
if ( mi->mi_conn_priv[ LDAP_BACK_CONN2PRIV( mc ) ].mic_num < mi->mi_conn_priv_max ) {
LDAP_TAILQ_INSERT_TAIL( &mi->mi_conn_priv[ LDAP_BACK_CONN2PRIV( mc ) ].mic_priv, mc, mc_q );
}
rs->sr_err = 0;
- } else {
+ } else if ( !( sendok & LDAP_BACK_BINDING ) ) {
err = avl_insert( &mi->mi_conninfo.lai_tree, ( caddr_t )mc,
meta_back_conndn_cmp, meta_back_conndn_dup );
LDAP_BACK_CONN_CACHED_SET( mc );
* that are not privileged would live forever and pollute
* the connection space (and eat up resources). Maybe this
* should be configurable... */
- if ( LDAP_BACK_CONN_TAINTED( mc ) ) {
+ if ( LDAP_BACK_CONN_TAINTED( mc ) || !LDAP_BACK_CONN_CACHED( mc ) ) {
#if META_BACK_PRINT_CONNTREE > 0
meta_back_print_conntree( mi, ">>> meta_back_release_conn" );
#endif /* META_BACK_PRINT_CONNTREE */
assert( !LDAP_BACK_CONN_CACHED( mc ) );
}
- } else {
+ } else if ( LDAP_BACK_CONN_CACHED( mc ) ) {
metaconn_t *tmpmc;
tmpmc = avl_delete( &mi->mi_conninfo.lai_tree,
bjensen
cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com
bjorn
-cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
-jaj
+ou=People,dc=example,dc=com
++userPassword:(userPassword=*)
--- /dev/null
+# stand-alone slapd config -- for testing (with indexing)
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2007 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+include @SCHEMADIR@/core.schema
+include @SCHEMADIR@/cosine.schema
+include @SCHEMADIR@/inetorgperson.schema
+include @SCHEMADIR@/openldap.schema
+include @SCHEMADIR@/nis.schema
+include @DATADIR@/test.schema
+
+#
+pidfile @TESTDIR@/slapd.1.pid
+argsfile @TESTDIR@/slapd.1.args
+
+# allow big PDUs from anonymous (for testing purposes)
+sockbuf_max_incoming 4194303
+
+#mod#modulepath ../servers/slapd/back-@BACKEND@/
+#mod#moduleload back_@BACKEND@.la
+#monitormod#modulepath ../servers/slapd/back-monitor/
+#monitormod#moduleload back_monitor.la
+
+#######################################################################
+# database definitions
+#######################################################################
+
+database @BACKEND@
+suffix "dc=example,dc=com"
+directory @TESTDIR@/db.1.a
+rootdn "cn=Manager,dc=example,dc=com"
+rootpw secret
+#bdb#index objectClass eq
+#bdb#index cn,sn,uid pres,eq,sub
+#hdb#index objectClass eq
+#hdb#index cn,sn,uid pres,eq,sub
+
+# ITS#5154: force mixed success/failure of binds using same connection
+access to dn="cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,dc=example,dc=com"
+ attrs=userPassword
+ by * =r
+
+access to attrs=userPassword
+ by * =xr
+
+access to *
+ by * read
+
+#monitor#database monitor
--- /dev/null
+# master slapd config -- for testing
+# $OpenLDAP$
+## This work is part of OpenLDAP Software <http://www.openldap.org/>.
+##
+## Copyright 1998-2007 The OpenLDAP Foundation.
+## All rights reserved.
+##
+## Redistribution and use in source and binary forms, with or without
+## modification, are permitted only as authorized by the OpenLDAP
+## Public License.
+##
+## A copy of this license is available in the file LICENSE in the
+## top-level directory of the distribution or, alternatively, at
+## <http://www.OpenLDAP.org/license.html>.
+
+include @SCHEMADIR@/core.schema
+include @SCHEMADIR@/cosine.schema
+include @SCHEMADIR@/inetorgperson.schema
+include @SCHEMADIR@/openldap.schema
+include @SCHEMADIR@/nis.schema
+include @SCHEMADIR@/ppolicy.schema
+pidfile @TESTDIR@/slapd.2.pid
+argsfile @TESTDIR@/slapd.2.args
+
+#mod#modulepath ../servers/slapd/back-@BACKEND@/
+#mod#moduleload back_@BACKEND@.la
+#relaymod#modulepath ../servers/slapd/back-relay/
+#relaymod#moduleload back_relay.la
+#ldapmod#modulepath ../servers/slapd/back-ldap/
+#ldapmod#moduleload back_ldap.la
+#metamod#modulepath ../servers/slapd/back-meta/
+#metamod#moduleload back_meta.la
+#monitormod#modulepath ../servers/slapd/back-monitor/
+#monitormod#moduleload back_monitor.la
+#rwmmod#modulepath ../servers/slapd/overlays/
+#rwmmod#moduleload rwm.la
+
+idletimeout 5
+
+#######################################################################
+# database definitions
+#######################################################################
+
+database @BACKEND@
+suffix "ou=Meta,dc=example,dc=com"
+directory @TESTDIR@/db.2.a
+rootdn "cn=Manager,ou=Meta,dc=example,dc=com"
+rootpw secret
+#bdb#index objectClass eq
+#hdb#index objectClass eq
+
+#monitor#database monitor
+++ /dev/null
-# master slapd config -- for testing
-# $OpenLDAP$
-## This work is part of OpenLDAP Software <http://www.openldap.org/>.
-##
-## Copyright 1998-2007 The OpenLDAP Foundation.
-## All rights reserved.
-##
-## Redistribution and use in source and binary forms, with or without
-## modification, are permitted only as authorized by the OpenLDAP
-## Public License.
-##
-## A copy of this license is available in the file LICENSE in the
-## top-level directory of the distribution or, alternatively, at
-## <http://www.OpenLDAP.org/license.html>.
-
-include @SCHEMADIR@/core.schema
-include @SCHEMADIR@/cosine.schema
-include @SCHEMADIR@/inetorgperson.schema
-include @SCHEMADIR@/openldap.schema
-include @SCHEMADIR@/nis.schema
-include @SCHEMADIR@/ppolicy.schema
-pidfile @TESTDIR@/slapd.2.pid
-argsfile @TESTDIR@/slapd.2.args
-
-#mod#modulepath ../servers/slapd/back-@BACKEND@/
-#mod#moduleload back_@BACKEND@.la
-#relaymod#modulepath ../servers/slapd/back-relay/
-#relaymod#moduleload back_relay.la
-#ldapmod#modulepath ../servers/slapd/back-ldap/
-#ldapmod#moduleload back_ldap.la
-#metamod#modulepath ../servers/slapd/back-meta/
-#metamod#moduleload back_meta.la
-#monitormod#modulepath ../servers/slapd/back-monitor/
-#monitormod#moduleload back_monitor.la
-#rwmmod#modulepath ../servers/slapd/overlays/
-#rwmmod#moduleload rwm.la
-
-idletimeout 5
-
-#######################################################################
-# database definitions
-#######################################################################
-
-database @BACKEND@
-suffix "ou=Meta,dc=example,dc=com"
-directory @TESTDIR@/db.2.a
-rootdn "cn=Manager,ou=Meta,dc=example,dc=com"
-rootpw secret
-#bdb#index objectClass eq
-#hdb#index objectClass eq
-
-#monitor#database monitor
TRANSLUCENTLOCALCONF=$DATADIR/slapd-translucent-local.conf
TRANSLUCENTREMOTECONF=$DATADIR/slapd-translucent-remote.conf
METACONF=$DATADIR/slapd-meta.conf
-METACONF2=$DATADIR/slapd-meta2.conf
+METACONF1=$DATADIR/slapd-meta-target1.conf
+METACONF2=$DATADIR/slapd-meta-target2.conf
GLUELDAPCONF=$DATADIR/slapd-glue-ldap.conf
ACICONF=$DATADIR/slapd-aci.conf
VALSORTCONF=$DATADIR/slapd-valsort.conf
MANAGERDN="cn=Manager,$BASEDN"
UPDATEDN="cn=Replica,$BASEDN"
PASSWD=secret
-BABSDN="cn=Barbara Jensen,ou=Information Technology DivisioN,OU=People,$BASEDN"
-BJORNSDN="cn=Bjorn Jensen,ou=Information Technology DivisioN,OU=People,$BASEDN"
+BABSDN="cn=Barbara Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN"
+BJORNSDN="cn=Bjorn Jensen,ou=Information Technology DivisioN,ou=People,$BASEDN"
JAJDN="cn=James A Jones 1,ou=Alumni Association,ou=People,$BASEDN"
JOHNDDN="cn=John Doe,ou=Information Technology Division,ou=People,$BASEDN"
MELLIOTDN="cn=Mark Elliot,ou=Alumni Association,ou=People,$BASEDN"
mkdir -p $TESTDIR $DBDIR1 $DBDIR2
echo "Starting slapd on TCP/IP port $PORT1..."
-. $CONFFILTER $BACKEND $MONITORDB < $CONF > $CONF1
+. $CONFFILTER $BACKEND $MONITORDB < $METACONF1 > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
exit 0
fi
-#### No longer experimental, IMHO
-###if test "x$TEST_META" = "xno" ; then
-### echo '### Test disabled by "TEST_META=no"; unset TEST_META to re-enable'
-### echo ""
-### exit 0
-###else
-### echo "### this test is experimental; in case of problems,"
-### echo "### set \"TEST_META=no\" to disable, and report thru"
-### echo "### the Issue Tracking System <http://www.openldap.org/its/>"
-### echo ""
-###fi
-
if test x$TESTLOOPS = x ; then
TESTLOOPS=50
fi
fi
echo "Starting slapd on TCP/IP port $PORT1..."
-. $CONFFILTER $BACKEND $MONITORDB < $CONF > $CONF1
+. $CONFFILTER $BACKEND $MONITORDB < $METACONF1 > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
mkdir -p $TESTDIR $DBDIR1 $DBDIR2
echo "Starting slapd on TCP/IP port $PORT1..."
-. $CONFFILTER $BACKEND $MONITORDB < $CONF > $CONF1
+. $CONFFILTER $BACKEND $MONITORDB < $METACONF1 > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
mkdir -p $TESTDIR $DBDIR1 $DBDIR2
echo "Starting slapd on TCP/IP port $PORT1..."
-. $CONFFILTER $BACKEND $MONITORDB < $CONF > $CONF1
+. $CONFFILTER $BACKEND $MONITORDB < $METACONF1 > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
projects / openldap / commitdiff