Date: Thu, 12 Oct 2006 11:45:07 GMT From: Michael Bushkov <bushman@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 107758 for review Message-ID: <200610121145.k9CBj7Go002406@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=107758 Change 107758 by bushman@bushman_nss_ldap_cached on 2006/10/12 11:44:58 nss_ldap_fixes: + fork() syscall is now properly handled by checking PID + bind_policy_soft now properly supported + hard_open and hard_init bind policies are now just aliases for "hard" bind policy some type-errors fixed in nss_compat and nss_group (caused by previous merge) Affected files ... .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_compat/compat_group.c#6 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_files/files_group.c#7 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#11 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.h#11 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.c#11 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.h#12 edit .. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.c#12 edit Differences ... ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_compat/compat_group.c#6 (text+ko) ==== @@ -309,7 +309,7 @@ } if (rv == NS_SUCCESS && retval != NULL) *(struct group **)retval = grp; - else if (rv == NS_RETRN && *errnop == ERANGE st->fp != MILL)) + else if (rv == NS_RETURN && *errnop == ERANGE && st->fp != NULL) fseeko(st->fp, pos, SEEK_SET); return (rv); #undef set_lookup_type ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_files/files_group.c#7 (text+ko) ==== @@ -177,7 +177,7 @@ } if (rv == NS_SUCCESS && retval != NULL) *(struct group **)retval = grp; - else if (rv == NS_RETURN && *errnop == ERANGE && st->fp != NULL)) + else if (rv == NS_RETURN && *errnop == ERANGE && st->fp != NULL) fseeko(st->fp, pos, SEEK_SET); return (rv); } ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#11 (text+ko) ==== @@ -163,7 +163,7 @@ conf->max_reconnect_conntries = 2; conf->deref = NSS_LDAP_DEREF_NEVER; conf->scope = NSS_LDAP_SCOPE_SUB; - conf->bind_policy = NSS_LDAP_BIND_POLICY_HARD_OPEN; + conf->bind_policy = NSS_LDAP_BIND_POLICY_HARD; conf->connect_policy = NSS_LDAP_CONNECT_POLICY_PERSIST_PERTHREAD; conf->restart = 0; conf->debug = 0; @@ -242,13 +242,18 @@ } } else if (strcmp(fields[0], "bind_policy") == 0) { if (field_count == 2) { - if (strcmp(fields[1], "hard_open") == 0) { + /* + * "hard_init" and "hard_open" keywords are + * supported only for compatibility with + * PADL's nss_ldap. We only have "hard" and + * "soft" policies. + */ + if ((strcmp(fields[1], "hard") == 0) || + (strcmp(fields[1], "hard_open") == 0) || + (strcmp(fields[1], "hard_init") == 0)) + { conf->bind_policy = - NSS_LDAP_BIND_POLICY_HARD_OPEN; - continue; - } else if (strcmp(fields[1], "hard_init") == 0) { - conf->bind_policy = - NSS_LDAP_BIND_POLICY_HARD_INIT; + NSS_LDAP_BIND_POLICY_HARD; continue; } else if (strcmp(fields[1], "soft") == 0) { conf->bind_policy = ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.h#11 (text+ko) ==== @@ -50,9 +50,8 @@ #define NSS_LDAP_PROTO_VERSION_2 2 #define NSS_LDAP_PROTO_VERSION_3 3 -#define NSS_LDAP_BIND_POLICY_HARD_OPEN 0 -#define NSS_LDAP_BIND_POLICY_HARD_INIT 1 -#define NSS_LDAP_BIND_POLICY_SOFT 2 +#define NSS_LDAP_BIND_POLICY_HARD 0 +#define NSS_LDAP_BIND_POLICY_SOFT 1 #define NSS_LDAP_CONNECT_POLICY_PERSIST_PERTHREAD 0 #define NSS_LDAP_CONNECT_POLICY_PERSIST_PERPROCESS 1 ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.c#11 (text+ko) ==== @@ -132,11 +132,16 @@ struct nss_ldap_configuration *conf, struct nss_ldap_connection_error *conn_err) { + struct nss_ldap_connection_error conn_err_; int rv; if (check_connection_socket(conn) != 0) { rv = close_lost_connection(conn); return (NSS_LDAP_CONNECTION_ERROR); + } else if (conn->last_pid != getpid()) { + (void)__nss_ldap_disconnect(&__nss_ldap_conf->connection_method, + conn, __nss_ldap_conf, &conn_err_); + return (NSS_LDAP_CONNECTION_ERROR); } else return (NSS_LDAP_SUCCESS); } @@ -385,6 +390,9 @@ return (NULL); } + /* Remember last pid value to correctly handle fork() calls */ + conn->last_pid = getpid(); + switch (conf->proto_version) { case NSS_LDAP_PROTO_VERSION_2: opt = LDAP_VERSION2; ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.h#12 (text+ko) ==== @@ -58,6 +58,7 @@ char sockname[NSS_LDAP_SOCK_NAME_SIZE]; char peername[NSS_LDAP_SOCK_NAME_SIZE]; int sock_fd; + pid_t last_pid; }; struct nss_ldap_connection_error ==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.c#12 (text+ko) ==== @@ -332,7 +332,7 @@ NSS_LDAP_LL_ERR_INT, "init_connection_with_reconnect: " "__nss_ldap_auth failed "); -\ + memset(&l_conn_err, 0, sizeof(l_conn_err)); rv = __nss_ldap_disconnect( @@ -367,12 +367,15 @@ goto fin; } + if (__nss_ldap_conf->bind_policy == NSS_LDAP_BIND_POLICY_SOFT) + break; + if (sleep_time < __nss_ldap_conf->max_reconnect_sleeptime) { - sleep_time *= 2; __nss_ldap_log(NSS_LDAP_LL_DEBUG_INT, "init_connection_with_reconnect: sleeping for" " %d secs", sleep_time); sleep(sleep_time); + sleep_time *= 2; } } @@ -404,7 +407,7 @@ if ((*conn != NULL) && (__nss_ldap_check_close_connection( connection_method, *conn, __nss_ldap_conf, conn_error) - == NSS_LDAP_CONNECTION_ERROR)) { + != NSS_LDAP_SUCCESS)) { *conn = NULL;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610121145.k9CBj7Go002406>