From owner-p4-projects@FreeBSD.ORG  Thu Oct 12 11:45:08 2006
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 3E83C16A522; Thu, 12 Oct 2006 11:45:08 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0A70516A51F
	for <perforce@freebsd.org>; Thu, 12 Oct 2006 11:45:07 +0000 (UTC)
	(envelope-from bushman@freebsd.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id A929643D49
	for <perforce@freebsd.org>; Thu, 12 Oct 2006 11:45:07 +0000 (GMT)
	(envelope-from bushman@freebsd.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id k9CBj760002409
	for <perforce@freebsd.org>; Thu, 12 Oct 2006 11:45:07 GMT
	(envelope-from bushman@freebsd.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id k9CBj7Go002406
	for perforce@freebsd.org; Thu, 12 Oct 2006 11:45:07 GMT
	(envelope-from bushman@freebsd.org)
Date: Thu, 12 Oct 2006 11:45:07 GMT
Message-Id: <200610121145.k9CBj7Go002406@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bushman@freebsd.org using -f
From: Michael Bushkov <bushman@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 107758 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Oct 2006 11:45:08 -0000

http://perforce.freebsd.org/chv.cgi?CH=107758

Change 107758 by bushman@bushman_nss_ldap_cached on 2006/10/12 11:44:58

	nss_ldap_fixes:
	+ fork() syscall is now properly handled by checking PID
	+ bind_policy_soft now properly supported
	+ hard_open and hard_init bind policies are now just aliases for "hard" bind policy
	
	some type-errors fixed in nss_compat and nss_group (caused by previous merge)

Affected files ...

.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_compat/compat_group.c#6 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_files/files_group.c#7 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#11 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.h#11 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.c#11 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.h#12 edit
.. //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.c#12 edit

Differences ...

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_compat/compat_group.c#6 (text+ko) ====

@@ -309,7 +309,7 @@
 	}
 	if (rv == NS_SUCCESS && retval != NULL)
 		*(struct group **)retval = grp;
-	else if (rv == NS_RETRN && *errnop == ERANGE st->fp != MILL))
+	else if (rv == NS_RETURN && *errnop == ERANGE && st->fp != NULL)
 		fseeko(st->fp, pos, SEEK_SET);
 	return (rv);
 #undef set_lookup_type

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_files/files_group.c#7 (text+ko) ====

@@ -177,7 +177,7 @@
 	}
 	if (rv == NS_SUCCESS && retval != NULL)
 		*(struct group **)retval = grp;
-	else if (rv == NS_RETURN && *errnop == ERANGE && st->fp != NULL))
+	else if (rv == NS_RETURN && *errnop == ERANGE && st->fp != NULL)
 		fseeko(st->fp, pos, SEEK_SET);
 	return (rv);
 }

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.c#11 (text+ko) ====

@@ -163,7 +163,7 @@
 	conf->max_reconnect_conntries = 2;
 	conf->deref = NSS_LDAP_DEREF_NEVER;
 	conf->scope = NSS_LDAP_SCOPE_SUB;
-	conf->bind_policy = NSS_LDAP_BIND_POLICY_HARD_OPEN;
+	conf->bind_policy = NSS_LDAP_BIND_POLICY_HARD;
 	conf->connect_policy = NSS_LDAP_CONNECT_POLICY_PERSIST_PERTHREAD;
 	conf->restart = 0;
 	conf->debug = 0;
@@ -242,13 +242,18 @@
 			    }
 			} else if (strcmp(fields[0], "bind_policy") == 0) {
 			    if (field_count == 2) {
-				if (strcmp(fields[1], "hard_open") == 0) {
+				/* 
+				 * "hard_init" and "hard_open" keywords are
+				 * supported only for compatibility with
+				 * PADL's nss_ldap. We only have "hard" and
+				 * "soft" policies.
+				 */
+				if ((strcmp(fields[1], "hard") == 0) ||
+				    (strcmp(fields[1], "hard_open") == 0) || 
+				    (strcmp(fields[1], "hard_init") == 0))
+				    {
 				    conf->bind_policy = 
-					NSS_LDAP_BIND_POLICY_HARD_OPEN;
-				    continue;
-				} else if (strcmp(fields[1], "hard_init") == 0) {
-				    conf->bind_policy =
-					NSS_LDAP_BIND_POLICY_HARD_INIT;
+					NSS_LDAP_BIND_POLICY_HARD;
 				    continue;
 				} else if (strcmp(fields[1], "soft") == 0) {
 				    conf->bind_policy =

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconf.h#11 (text+ko) ====

@@ -50,9 +50,8 @@
 #define NSS_LDAP_PROTO_VERSION_2 2
 #define NSS_LDAP_PROTO_VERSION_3 3
 
-#define NSS_LDAP_BIND_POLICY_HARD_OPEN 0
-#define NSS_LDAP_BIND_POLICY_HARD_INIT 1
-#define NSS_LDAP_BIND_POLICY_SOFT 2
+#define NSS_LDAP_BIND_POLICY_HARD 0
+#define NSS_LDAP_BIND_POLICY_SOFT 1
 
 #define NSS_LDAP_CONNECT_POLICY_PERSIST_PERTHREAD 0
 #define NSS_LDAP_CONNECT_POLICY_PERSIST_PERPROCESS 1

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.c#11 (text+ko) ====

@@ -132,11 +132,16 @@
 	struct nss_ldap_configuration *conf, 
 	struct nss_ldap_connection_error *conn_err)
 {
+	struct nss_ldap_connection_error conn_err_;
 	int rv;
 	
 	if (check_connection_socket(conn) != 0) {
 		rv = close_lost_connection(conn);
 		return (NSS_LDAP_CONNECTION_ERROR);
+	} else if (conn->last_pid != getpid()) {
+		(void)__nss_ldap_disconnect(&__nss_ldap_conf->connection_method, 
+		conn, __nss_ldap_conf, &conn_err_);
+		return (NSS_LDAP_CONNECTION_ERROR);		
 	} else
 		return (NSS_LDAP_SUCCESS);
 }
@@ -385,6 +390,9 @@
 		return (NULL);
 	}
 	
+	/* Remember last pid value to correctly handle fork() calls */
+	conn->last_pid = getpid();
+	
 	switch (conf->proto_version) {
 	case NSS_LDAP_PROTO_VERSION_2:
 		opt = LDAP_VERSION2;

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/ldapconn.h#12 (text+ko) ====

@@ -58,6 +58,7 @@
 	char sockname[NSS_LDAP_SOCK_NAME_SIZE];
 	char peername[NSS_LDAP_SOCK_NAME_SIZE];
 	int sock_fd;
+	pid_t last_pid;
 };
 
 struct nss_ldap_connection_error

==== //depot/projects/soc2006/nss_ldap_cached/src/lib/nss_ldap/nss_ldap.c#12 (text+ko) ====

@@ -332,7 +332,7 @@
 						    NSS_LDAP_LL_ERR_INT,
 					            "init_connection_with_reconnect: "
 					            "__nss_ldap_auth failed ");
-\
+						
 						memset(&l_conn_err, 0, 
 							sizeof(l_conn_err));
 						rv = __nss_ldap_disconnect(
@@ -367,12 +367,15 @@
 				goto fin;
 		}
 		
+		if (__nss_ldap_conf->bind_policy == NSS_LDAP_BIND_POLICY_SOFT)
+			break;
+		
 		if (sleep_time < __nss_ldap_conf->max_reconnect_sleeptime) {
-			sleep_time *= 2;
 			__nss_ldap_log(NSS_LDAP_LL_DEBUG_INT,
 			     "init_connection_with_reconnect: sleeping for"
 			     " %d secs", sleep_time);			
 			sleep(sleep_time);		
+			sleep_time *= 2;
 		}
 	}
 	
@@ -404,7 +407,7 @@
 	if ((*conn != NULL) 
 		&& (__nss_ldap_check_close_connection(
 			connection_method, *conn, __nss_ldap_conf, conn_error) 
-			== NSS_LDAP_CONNECTION_ERROR)) {
+			!= NSS_LDAP_SUCCESS)) {
 				
 		*conn = NULL;