2017-03-16 20:11:45 +08:00
|
|
|
/* $OpenLDAP$ */
|
|
|
|
|
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
|
|
|
|
|
*
|
|
|
|
|
* Copyright 1998-2020 The OpenLDAP Foundation.
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
|
* modification, are permitted only as authorized by the OpenLDAP
|
|
|
|
|
* Public License.
|
|
|
|
|
*
|
|
|
|
|
* A copy of this license is available in the file LICENSE in the
|
|
|
|
|
* top-level directory of the distribution or, alternatively, at
|
|
|
|
|
* <http://www.OpenLDAP.org/license.html>.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include "portable.h"
|
|
|
|
|
|
|
|
|
|
#include <ac/socket.h>
|
|
|
|
|
#include <ac/errno.h>
|
|
|
|
|
#include <ac/string.h>
|
|
|
|
|
#include <ac/time.h>
|
|
|
|
|
#include <ac/unistd.h>
|
|
|
|
|
|
|
|
|
|
#include "lutil.h"
|
|
|
|
|
#include "slap.h"
|
|
|
|
|
|
2017-03-29 01:40:20 +08:00
|
|
|
static int
|
|
|
|
|
forward_response( Operation *op, BerElement *ber )
|
|
|
|
|
{
|
|
|
|
|
Connection *c = op->o_client;
|
|
|
|
|
BerElement *output;
|
|
|
|
|
BerValue response, controls = BER_BVNULL;
|
|
|
|
|
ber_tag_t tag, response_tag;
|
|
|
|
|
ber_len_t len;
|
|
|
|
|
|
|
|
|
|
response_tag = ber_skip_element( ber, &response );
|
|
|
|
|
|
|
|
|
|
tag = ber_peek_tag( ber, &len );
|
|
|
|
|
if ( tag == LDAP_TAG_CONTROLS ) {
|
|
|
|
|
ber_skip_element( ber, &controls );
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-27 23:35:21 +08:00
|
|
|
Debug( LDAP_DEBUG_TRACE, "forward_response: "
|
2017-06-20 20:00:31 +08:00
|
|
|
"%s to client connid=%lu request msgid=%d\n",
|
2017-04-14 16:43:37 +08:00
|
|
|
slap_msgtype2str( response_tag ), op->o_client_connid,
|
|
|
|
|
op->o_client_msgid );
|
2017-03-29 01:40:20 +08:00
|
|
|
|
|
|
|
|
ldap_pvt_thread_mutex_lock( &c->c_io_mutex );
|
|
|
|
|
output = c->c_pendingber;
|
|
|
|
|
if ( output == NULL && (output = ber_alloc()) == NULL ) {
|
|
|
|
|
ber_free( ber, 1 );
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
c->c_pendingber = output;
|
|
|
|
|
|
|
|
|
|
ber_printf( output, "t{titOtO}", LDAP_TAG_MESSAGE,
|
|
|
|
|
LDAP_TAG_MSGID, op->o_client_msgid,
|
|
|
|
|
response_tag, &response,
|
|
|
|
|
LDAP_TAG_CONTROLS, BER_BV_OPTIONAL( &controls ) );
|
|
|
|
|
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
|
|
|
|
|
|
|
|
|
|
ber_free( ber, 1 );
|
2017-09-22 17:24:52 +08:00
|
|
|
connection_write_cb( -1, 0, c );
|
2017-03-29 01:40:20 +08:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
forward_final_response( Operation *op, BerElement *ber )
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
|
2017-06-27 23:35:21 +08:00
|
|
|
Debug( LDAP_DEBUG_STATS, "forward_final_response: "
|
2017-06-20 20:00:31 +08:00
|
|
|
"connid=%lu msgid=%d finishing up with a request for "
|
|
|
|
|
"client connid=%lu\n",
|
|
|
|
|
op->o_upstream_connid, op->o_upstream_msgid, op->o_client_connid );
|
2017-03-29 01:40:20 +08:00
|
|
|
rc = forward_response( op, ber );
|
2017-05-03 18:31:40 +08:00
|
|
|
CONNECTION_LOCK_DECREF(op->o_upstream);
|
|
|
|
|
operation_destroy_from_upstream( op );
|
|
|
|
|
CONNECTION_UNLOCK_INCREF(op->o_upstream);
|
2017-03-29 01:40:20 +08:00
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
handle_bind_response( Operation *op, BerElement *ber )
|
|
|
|
|
{
|
2017-06-27 22:34:44 +08:00
|
|
|
Connection *client = op->o_client, *upstream = op->o_upstream;
|
2017-06-23 18:07:59 +08:00
|
|
|
BerValue response;
|
2017-03-29 01:40:20 +08:00
|
|
|
BerElement *copy;
|
2017-06-23 18:07:59 +08:00
|
|
|
ber_int_t result;
|
2017-03-29 01:40:20 +08:00
|
|
|
ber_tag_t tag;
|
2017-06-23 18:07:59 +08:00
|
|
|
int rc = LDAP_SUCCESS;
|
2017-03-29 01:40:20 +08:00
|
|
|
|
2017-06-23 18:07:59 +08:00
|
|
|
if ( (copy = ber_alloc()) == NULL ) {
|
2017-03-29 01:40:20 +08:00
|
|
|
rc = -1;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-23 18:07:59 +08:00
|
|
|
tag = ber_peek_element( ber, &response );
|
|
|
|
|
assert( tag == LDAP_RES_BIND );
|
|
|
|
|
|
|
|
|
|
ber_init2( copy, &response, 0 );
|
|
|
|
|
|
|
|
|
|
tag = ber_get_enum( copy, &result );
|
2017-03-29 01:40:20 +08:00
|
|
|
ber_free( copy, 0 );
|
|
|
|
|
|
|
|
|
|
if ( tag == LBER_ERROR ) {
|
|
|
|
|
rc = -1;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
2017-06-27 23:35:21 +08:00
|
|
|
Debug( LDAP_DEBUG_STATS, "handle_bind_response: "
|
|
|
|
|
"received response for bind request msgid=%d by client "
|
|
|
|
|
"connid=%lu, result=%d\n",
|
|
|
|
|
op->o_client_msgid, op->o_client_connid, result );
|
2017-03-29 01:40:20 +08:00
|
|
|
|
2017-06-27 22:34:44 +08:00
|
|
|
CONNECTION_LOCK(upstream);
|
|
|
|
|
if ( result != LDAP_SASL_BIND_IN_PROGRESS ) {
|
|
|
|
|
upstream->c_state = SLAP_C_READY;
|
|
|
|
|
}
|
|
|
|
|
CONNECTION_UNLOCK(upstream);
|
|
|
|
|
|
|
|
|
|
CONNECTION_LOCK(client);
|
2017-07-07 22:56:32 +08:00
|
|
|
if ( client->c_state == SLAP_C_BINDING ) {
|
|
|
|
|
switch ( result ) {
|
|
|
|
|
case LDAP_SASL_BIND_IN_PROGRESS:
|
|
|
|
|
break;
|
|
|
|
|
case LDAP_SUCCESS:
|
|
|
|
|
default: {
|
|
|
|
|
client->c_state = SLAP_C_READY;
|
|
|
|
|
client->c_type = SLAP_C_OPEN;
|
|
|
|
|
if ( result != LDAP_SUCCESS ) {
|
|
|
|
|
ber_memfree( client->c_auth.bv_val );
|
|
|
|
|
BER_BVZERO( &client->c_auth );
|
|
|
|
|
} else if ( !ber_bvstrcasecmp(
|
|
|
|
|
&client->c_auth, &lloadd_identity ) ) {
|
|
|
|
|
client->c_type = SLAP_C_PRIVILEGED;
|
|
|
|
|
}
|
|
|
|
|
if ( !BER_BVISNULL( &client->c_sasl_bind_mech ) ) {
|
|
|
|
|
ber_memfree( client->c_sasl_bind_mech.bv_val );
|
|
|
|
|
BER_BVZERO( &client->c_sasl_bind_mech );
|
|
|
|
|
}
|
|
|
|
|
break;
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
|
|
|
|
}
|
2017-07-07 22:56:32 +08:00
|
|
|
} else {
|
2017-07-10 17:23:39 +08:00
|
|
|
assert( client->c_state == SLAP_C_INVALID ||
|
|
|
|
|
client->c_state == SLAP_C_CLOSING );
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
2017-06-27 22:34:44 +08:00
|
|
|
CONNECTION_UNLOCK(client);
|
2017-03-29 01:40:20 +08:00
|
|
|
|
|
|
|
|
done:
|
|
|
|
|
if ( rc ) {
|
2017-06-23 18:07:59 +08:00
|
|
|
operation_send_reject( op, LDAP_OTHER, "internal error", 0 );
|
2017-05-03 18:31:40 +08:00
|
|
|
|
2017-03-29 01:40:20 +08:00
|
|
|
ber_free( ber, 1 );
|
2017-06-23 18:07:59 +08:00
|
|
|
return LDAP_SUCCESS;
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
|
|
|
|
return forward_final_response( op, ber );
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-23 17:04:10 +08:00
|
|
|
#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS
|
2017-03-29 01:40:20 +08:00
|
|
|
static int
|
|
|
|
|
handle_vc_bind_response( Operation *op, BerElement *ber )
|
|
|
|
|
{
|
|
|
|
|
Connection *c = op->o_client;
|
|
|
|
|
BerElement *output;
|
|
|
|
|
BerValue matched, diagmsg, creds = BER_BVNULL, controls = BER_BVNULL;
|
|
|
|
|
ber_int_t result;
|
|
|
|
|
ber_tag_t tag;
|
|
|
|
|
ber_len_t len;
|
|
|
|
|
int rc = 0;
|
|
|
|
|
|
|
|
|
|
tag = ber_scanf( ber, "{emm" /* "}" */,
|
|
|
|
|
&result, &matched, &diagmsg );
|
|
|
|
|
if ( tag == LBER_ERROR ) {
|
|
|
|
|
rc = -1;
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tag = ber_peek_tag( ber, &len );
|
|
|
|
|
if ( result == LDAP_PROTOCOL_ERROR ) {
|
2017-04-14 16:36:42 +08:00
|
|
|
Connection *upstream = op->o_upstream;
|
|
|
|
|
Backend *b;
|
|
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
CONNECTION_LOCK(upstream);
|
2017-04-14 16:36:42 +08:00
|
|
|
b = (Backend *)upstream->c_private;
|
2017-06-20 20:00:31 +08:00
|
|
|
Debug( LDAP_DEBUG_ANY, "handle_vc_bind_response: "
|
|
|
|
|
"VC extended operation not supported on backend %s\n",
|
2017-06-14 02:46:31 +08:00
|
|
|
b->b_uri.bv_val );
|
2017-04-21 18:07:43 +08:00
|
|
|
CONNECTION_UNLOCK(upstream);
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
2017-03-16 20:11:45 +08:00
|
|
|
|
2017-06-27 23:35:21 +08:00
|
|
|
Debug( LDAP_DEBUG_STATS, "handle_vc_bind_response: "
|
|
|
|
|
"received response for bind request msgid=%d by client "
|
|
|
|
|
"connid=%lu, result=%d\n",
|
|
|
|
|
op->o_client_msgid, op->o_client_connid, result );
|
2017-03-29 01:40:20 +08:00
|
|
|
|
2017-06-27 23:35:21 +08:00
|
|
|
CONNECTION_LOCK(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
|
|
|
|
|
if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_COOKIE ) {
|
|
|
|
|
if ( !BER_BVISNULL( &c->c_vc_cookie ) ) {
|
|
|
|
|
ber_memfree( c->c_vc_cookie.bv_val );
|
|
|
|
|
}
|
|
|
|
|
tag = ber_scanf( ber, "o", &c->c_vc_cookie );
|
|
|
|
|
if ( tag == LBER_ERROR ) {
|
|
|
|
|
rc = -1;
|
2017-05-03 18:31:40 +08:00
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
tag = ber_peek_tag( ber, &len );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_SCREDS ) {
|
|
|
|
|
tag = ber_scanf( ber, "m", &creds );
|
|
|
|
|
if ( tag == LBER_ERROR ) {
|
|
|
|
|
rc = -1;
|
2017-05-03 18:31:40 +08:00
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
tag = ber_peek_tag( ber, &len );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( tag == LDAP_TAG_EXOP_VERIFY_CREDENTIALS_CONTROLS ) {
|
|
|
|
|
tag = ber_scanf( ber, "m", &controls );
|
|
|
|
|
if ( tag == LBER_ERROR ) {
|
|
|
|
|
rc = -1;
|
2017-05-03 18:31:40 +08:00
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2017-07-07 22:56:32 +08:00
|
|
|
if ( c->c_state == SLAP_C_BINDING ) {
|
|
|
|
|
switch ( result ) {
|
|
|
|
|
case LDAP_SASL_BIND_IN_PROGRESS:
|
|
|
|
|
break;
|
|
|
|
|
case LDAP_SUCCESS:
|
|
|
|
|
default: {
|
|
|
|
|
c->c_state = SLAP_C_READY;
|
|
|
|
|
c->c_type = SLAP_C_OPEN;
|
|
|
|
|
if ( result != LDAP_SUCCESS ) {
|
|
|
|
|
ber_memfree( c->c_auth.bv_val );
|
|
|
|
|
BER_BVZERO( &c->c_auth );
|
|
|
|
|
} else if ( !ber_bvstrcasecmp(
|
|
|
|
|
&c->c_auth, &lloadd_identity ) ) {
|
|
|
|
|
c->c_type = SLAP_C_PRIVILEGED;
|
|
|
|
|
}
|
|
|
|
|
if ( !BER_BVISNULL( &c->c_vc_cookie ) ) {
|
|
|
|
|
ber_memfree( c->c_vc_cookie.bv_val );
|
|
|
|
|
BER_BVZERO( &c->c_vc_cookie );
|
|
|
|
|
}
|
|
|
|
|
if ( !BER_BVISNULL( &c->c_sasl_bind_mech ) ) {
|
|
|
|
|
ber_memfree( c->c_sasl_bind_mech.bv_val );
|
|
|
|
|
BER_BVZERO( &c->c_sasl_bind_mech );
|
|
|
|
|
}
|
|
|
|
|
break;
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
|
|
|
|
}
|
2017-07-07 22:56:32 +08:00
|
|
|
} else {
|
2017-07-10 17:23:39 +08:00
|
|
|
assert( c->c_state == SLAP_C_INVALID || c->c_state == SLAP_C_CLOSING );
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
2017-05-03 18:31:40 +08:00
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
|
|
|
|
|
ldap_pvt_thread_mutex_lock( &c->c_io_mutex );
|
|
|
|
|
output = c->c_pendingber;
|
|
|
|
|
if ( output == NULL && (output = ber_alloc()) == NULL ) {
|
|
|
|
|
rc = -1;
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
|
|
|
|
|
goto done;
|
|
|
|
|
}
|
|
|
|
|
c->c_pendingber = output;
|
|
|
|
|
|
|
|
|
|
rc = ber_printf( output, "t{tit{eOOtO}tO}", LDAP_TAG_MESSAGE,
|
|
|
|
|
LDAP_TAG_MSGID, op->o_client_msgid, LDAP_RES_BIND,
|
|
|
|
|
result, &matched, &diagmsg,
|
|
|
|
|
LDAP_TAG_SASL_RES_CREDS, BER_BV_OPTIONAL( &creds ),
|
|
|
|
|
LDAP_TAG_CONTROLS, BER_BV_OPTIONAL( &controls ) );
|
|
|
|
|
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
|
|
|
|
|
if ( rc >= 0 ) {
|
2017-09-22 17:24:52 +08:00
|
|
|
connection_write_cb( -1, 0, c );
|
2017-03-29 01:40:20 +08:00
|
|
|
rc = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
done:
|
2017-05-03 18:31:40 +08:00
|
|
|
CONNECTION_LOCK_DECREF(c);
|
|
|
|
|
operation_destroy_from_client( op );
|
2017-09-22 17:24:52 +08:00
|
|
|
CONNECTION_UNLOCK_OR_DESTROY(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
ber_free( ber, 1 );
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
2017-05-23 17:04:10 +08:00
|
|
|
#endif /* LDAP_API_FEATURE_VERIFY_CREDENTIALS */
|
2017-03-29 01:40:20 +08:00
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
handle_unsolicited( Connection *c, BerElement *ber )
|
|
|
|
|
{
|
2017-09-25 17:45:07 +08:00
|
|
|
if ( c->c_state == SLAP_C_READY ) {
|
|
|
|
|
c->c_state = SLAP_C_CLOSING;
|
|
|
|
|
}
|
2017-04-14 16:45:18 +08:00
|
|
|
|
2017-03-29 01:40:20 +08:00
|
|
|
Debug( LDAP_DEBUG_CONNS, "handle_unsolicited: "
|
2017-06-20 20:00:31 +08:00
|
|
|
"teardown for upstream connection connid=%lu\n",
|
2017-03-29 01:40:20 +08:00
|
|
|
c->c_connid );
|
|
|
|
|
|
2017-09-22 17:24:52 +08:00
|
|
|
CONNECTION_DESTROY(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
ber_free( ber, 1 );
|
|
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Pull c->c_currentber from the connection and try to look up the operation on
|
|
|
|
|
* the upstream.
|
|
|
|
|
*
|
|
|
|
|
* If it's a notice of disconnection, we won't find it and need to tear down
|
|
|
|
|
* the connection and tell the clients, if we can't find the operation, ignore
|
|
|
|
|
* the message (either client already disconnected/abandoned it or the upstream
|
|
|
|
|
* is pulling our leg).
|
|
|
|
|
*
|
|
|
|
|
* Some responses need special handling:
|
|
|
|
|
* - Bind response
|
|
|
|
|
* - VC response where the client requested a Bind (both need to update the
|
|
|
|
|
* client's bind status)
|
|
|
|
|
* - search entries/referrals and intermediate responses (will not trigger
|
|
|
|
|
* operation to be removed)
|
|
|
|
|
*
|
|
|
|
|
* If the worker pool is overloaded, we might be called directly from
|
2017-09-22 17:24:52 +08:00
|
|
|
* the read callback, at that point, the connection hasn't been muted.
|
2017-03-29 01:40:20 +08:00
|
|
|
*
|
|
|
|
|
* TODO: when the client already has data pending on write, we should mute the
|
|
|
|
|
* upstream.
|
|
|
|
|
* - should record the BerElement on the Op and the Op on the client
|
2017-06-14 02:33:31 +08:00
|
|
|
*
|
|
|
|
|
* The following hold on entering any of the handlers:
|
|
|
|
|
* - op->o_upstream_refcnt > 0
|
|
|
|
|
* - op->o_upstream->c_refcnt > 0
|
|
|
|
|
* - op->o_client->c_refcnt > 0
|
2017-03-29 01:40:20 +08:00
|
|
|
*/
|
|
|
|
|
static int
|
|
|
|
|
handle_one_response( Connection *c )
|
|
|
|
|
{
|
|
|
|
|
BerElement *ber;
|
2017-05-18 23:28:55 +08:00
|
|
|
Operation *op = NULL, needle = { .o_upstream_connid = c->c_connid };
|
2017-03-29 01:40:20 +08:00
|
|
|
OperationHandler handler = NULL;
|
|
|
|
|
ber_tag_t tag;
|
|
|
|
|
ber_len_t len;
|
2017-04-21 18:07:43 +08:00
|
|
|
int rc = LDAP_SUCCESS;
|
2017-03-29 01:40:20 +08:00
|
|
|
|
|
|
|
|
ber = c->c_currentber;
|
|
|
|
|
c->c_currentber = NULL;
|
|
|
|
|
|
|
|
|
|
tag = ber_get_int( ber, &needle.o_upstream_msgid );
|
|
|
|
|
if ( tag != LDAP_TAG_MSGID ) {
|
|
|
|
|
rc = -1;
|
|
|
|
|
ber_free( ber, 1 );
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( needle.o_upstream_msgid == 0 ) {
|
|
|
|
|
return handle_unsolicited( c, ber );
|
|
|
|
|
} else if ( !( op = tavl_find(
|
|
|
|
|
c->c_ops, &needle, operation_upstream_cmp ) ) ) {
|
|
|
|
|
/* Already abandoned, do nothing */
|
2017-05-03 19:18:49 +08:00
|
|
|
ber_free( ber, 1 );
|
|
|
|
|
return rc;
|
2017-03-29 01:40:20 +08:00
|
|
|
/*
|
|
|
|
|
} else if ( op->o_response_pending ) {
|
|
|
|
|
c->c_pendingop = op;
|
|
|
|
|
event_del( c->c_read_event );
|
|
|
|
|
*/
|
|
|
|
|
} else {
|
|
|
|
|
/*
|
|
|
|
|
op->o_response_pending = ber;
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
tag = ber_peek_tag( ber, &len );
|
|
|
|
|
switch ( tag ) {
|
|
|
|
|
case LDAP_RES_SEARCH_ENTRY:
|
|
|
|
|
case LDAP_RES_SEARCH_REFERENCE:
|
|
|
|
|
case LDAP_RES_INTERMEDIATE:
|
|
|
|
|
handler = forward_response;
|
|
|
|
|
break;
|
|
|
|
|
case LDAP_RES_BIND:
|
|
|
|
|
handler = handle_bind_response;
|
|
|
|
|
break;
|
|
|
|
|
case LDAP_RES_EXTENDED:
|
2017-05-23 17:04:10 +08:00
|
|
|
#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS
|
2017-03-29 01:40:20 +08:00
|
|
|
if ( op->o_tag == LDAP_REQ_BIND ) {
|
|
|
|
|
handler = handle_vc_bind_response;
|
|
|
|
|
}
|
2017-05-23 17:04:10 +08:00
|
|
|
#endif /* LDAP_API_FEATURE_VERIFY_CREDENTIALS */
|
2017-03-29 01:40:20 +08:00
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if ( !handler ) {
|
|
|
|
|
handler = forward_final_response;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ( op ) {
|
2017-06-27 23:35:21 +08:00
|
|
|
Debug( LDAP_DEBUG_STATS2, "handle_one_response: "
|
2017-06-20 20:00:31 +08:00
|
|
|
"upstream connid=%lu, processing response for "
|
|
|
|
|
"client connid=%lu, msgid=%d\n",
|
2017-04-14 16:43:37 +08:00
|
|
|
c->c_connid, op->o_client_connid, op->o_client_msgid );
|
2017-03-29 01:40:20 +08:00
|
|
|
} else {
|
|
|
|
|
tag = ber_peek_tag( ber, &len );
|
2017-06-20 20:00:31 +08:00
|
|
|
Debug( LDAP_DEBUG_STATS2, "handle_one_response: "
|
|
|
|
|
"upstream connid=%lu, %s, msgid=%d not for a pending "
|
|
|
|
|
"operation\n",
|
2017-03-29 01:40:20 +08:00
|
|
|
c->c_connid, slap_msgtype2str( tag ), needle.o_upstream_msgid );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( handler ) {
|
2017-05-10 01:03:49 +08:00
|
|
|
Connection *client;
|
|
|
|
|
|
2017-05-03 18:31:40 +08:00
|
|
|
op->o_upstream_refcnt++;
|
|
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
2017-05-10 01:03:49 +08:00
|
|
|
|
2017-07-17 17:56:06 +08:00
|
|
|
ldap_pvt_thread_mutex_lock( &op->o_link_mutex );
|
2017-05-10 01:03:49 +08:00
|
|
|
client = op->o_client;
|
|
|
|
|
if ( client ) {
|
|
|
|
|
CONNECTION_LOCK(client);
|
2017-07-11 20:08:21 +08:00
|
|
|
if ( client->c_live ) {
|
|
|
|
|
op->o_client_refcnt++;
|
|
|
|
|
CONNECTION_UNLOCK_INCREF(client);
|
|
|
|
|
} else {
|
|
|
|
|
CONNECTION_UNLOCK(client);
|
|
|
|
|
client = NULL;
|
|
|
|
|
}
|
2017-05-10 01:03:49 +08:00
|
|
|
}
|
2017-07-17 17:56:06 +08:00
|
|
|
ldap_pvt_thread_mutex_unlock( &op->o_link_mutex );
|
2017-05-10 01:03:49 +08:00
|
|
|
|
|
|
|
|
if ( client ) {
|
|
|
|
|
rc = handler( op, ber );
|
|
|
|
|
CONNECTION_LOCK_DECREF(client);
|
2017-06-23 18:09:03 +08:00
|
|
|
op->o_client_refcnt--;
|
|
|
|
|
if ( !op->o_client_refcnt ) {
|
|
|
|
|
operation_destroy_from_client( op );
|
|
|
|
|
}
|
2017-09-22 17:24:52 +08:00
|
|
|
CONNECTION_UNLOCK_OR_DESTROY(client);
|
2017-05-10 01:03:49 +08:00
|
|
|
} else {
|
|
|
|
|
ber_free( ber, 1 );
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-03 18:31:40 +08:00
|
|
|
CONNECTION_LOCK_DECREF(c);
|
|
|
|
|
op->o_upstream_refcnt--;
|
2017-06-23 18:09:03 +08:00
|
|
|
if ( !client || !op->o_upstream_refcnt ) {
|
2017-07-11 20:08:53 +08:00
|
|
|
if ( c->c_state == SLAP_C_BINDING ) {
|
|
|
|
|
c->c_state = SLAP_C_READY;
|
|
|
|
|
}
|
2017-05-03 18:31:40 +08:00
|
|
|
operation_destroy_from_upstream( op );
|
|
|
|
|
}
|
2017-05-10 01:03:49 +08:00
|
|
|
} else {
|
|
|
|
|
ber_free( ber, 1 );
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fail:
|
|
|
|
|
if ( rc ) {
|
2017-06-20 20:00:31 +08:00
|
|
|
Debug( LDAP_DEBUG_STATS, "handle_one_response: "
|
|
|
|
|
"error on processing a response (%s) on upstream connection "
|
|
|
|
|
"connid=%ld, tag=%lx\n",
|
|
|
|
|
slap_msgtype2str( tag ), c->c_connid, tag );
|
2017-09-22 17:24:52 +08:00
|
|
|
CONNECTION_DESTROY(c);
|
2017-03-29 01:40:20 +08:00
|
|
|
}
|
2017-04-21 18:07:43 +08:00
|
|
|
/* We leave the connection locked */
|
2017-03-29 01:40:20 +08:00
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
int
|
2017-09-25 17:45:07 +08:00
|
|
|
upstream_bind_cb( Connection *c )
|
2017-03-17 22:32:06 +08:00
|
|
|
{
|
2017-09-25 17:45:07 +08:00
|
|
|
BerElement *ber = c->c_currentber;
|
|
|
|
|
Backend *b = c->c_private;
|
2017-04-19 16:51:47 +08:00
|
|
|
BerValue matcheddn, message;
|
2017-03-17 22:32:06 +08:00
|
|
|
ber_tag_t tag;
|
|
|
|
|
ber_int_t msgid, result;
|
|
|
|
|
|
|
|
|
|
c->c_currentber = NULL;
|
|
|
|
|
|
|
|
|
|
if ( ber_scanf( ber, "it", &msgid, &tag ) == LBER_ERROR ) {
|
2017-03-29 01:12:27 +08:00
|
|
|
Debug( LDAP_DEBUG_ANY, "upstream_bind_cb: "
|
|
|
|
|
"protocol violation from server\n" );
|
2017-03-17 22:32:06 +08:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( msgid != ( c->c_next_msgid - 1 ) || tag != LDAP_RES_BIND ) {
|
2017-03-29 01:12:27 +08:00
|
|
|
Debug( LDAP_DEBUG_ANY, "upstream_bind_cb: "
|
|
|
|
|
"unexpected %s from server, msgid=%d\n",
|
2017-03-29 01:07:09 +08:00
|
|
|
slap_msgtype2str( tag ), msgid );
|
2017-03-17 22:32:06 +08:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-19 16:51:47 +08:00
|
|
|
if ( ber_scanf( ber, "{emm" /* "}" */, &result, &matcheddn, &message ) ==
|
2017-03-17 22:32:06 +08:00
|
|
|
LBER_ERROR ) {
|
2017-03-29 01:12:27 +08:00
|
|
|
Debug( LDAP_DEBUG_ANY, "upstream_bind_cb: "
|
|
|
|
|
"response does not conform with a bind response\n" );
|
2017-03-17 22:32:06 +08:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
switch ( result ) {
|
2017-09-25 17:45:07 +08:00
|
|
|
case LDAP_SUCCESS: {
|
|
|
|
|
c->c_pdu_cb = handle_one_response;
|
|
|
|
|
c->c_state = SLAP_C_READY;
|
|
|
|
|
c->c_type = SLAP_C_OPEN;
|
|
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
|
|
|
|
ldap_pvt_thread_mutex_lock( &b->b_mutex );
|
|
|
|
|
LDAP_CIRCLEQ_REMOVE( &b->b_preparing, c, c_next );
|
|
|
|
|
LDAP_CIRCLEQ_INSERT_HEAD( &b->b_conns, c, c_next );
|
|
|
|
|
b->b_active++;
|
|
|
|
|
b->b_opening--;
|
|
|
|
|
b->b_failed = 0;
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &b->b_mutex );
|
|
|
|
|
backend_retry( b );
|
|
|
|
|
CONNECTION_LOCK_DECREF(c);
|
|
|
|
|
} break;
|
2017-03-17 22:32:06 +08:00
|
|
|
#ifdef HAVE_CYRUS_SASL
|
|
|
|
|
case LDAP_SASL_BIND_IN_PROGRESS:
|
|
|
|
|
/* TODO: fallthrough until we implement SASL */
|
|
|
|
|
#endif /* HAVE_CYRUS_SASL */
|
|
|
|
|
default:
|
|
|
|
|
Debug( LDAP_DEBUG_ANY, "upstream_bind_cb: "
|
|
|
|
|
"upstream bind failed, rc=%d, message='%s'\n",
|
2017-04-19 16:51:47 +08:00
|
|
|
result, message.bv_val );
|
2017-03-17 22:32:06 +08:00
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-19 16:51:47 +08:00
|
|
|
ber_free( ber, 1 );
|
2017-09-25 17:45:07 +08:00
|
|
|
return LDAP_SUCCESS;
|
2017-03-17 22:32:06 +08:00
|
|
|
|
2017-04-19 16:51:47 +08:00
|
|
|
fail:
|
2017-03-17 22:32:06 +08:00
|
|
|
ber_free( ber, 1 );
|
2017-09-22 17:24:52 +08:00
|
|
|
CONNECTION_DESTROY(c);
|
2017-09-25 17:45:07 +08:00
|
|
|
return -1;
|
2017-03-16 20:11:45 +08:00
|
|
|
}
|
|
|
|
|
|
2017-03-17 22:32:06 +08:00
|
|
|
void *
|
|
|
|
|
upstream_bind( void *ctx, void *arg )
|
2017-03-16 20:11:45 +08:00
|
|
|
{
|
2017-03-17 22:32:06 +08:00
|
|
|
Connection *c = arg;
|
2017-09-25 17:45:07 +08:00
|
|
|
BerElement *ber;
|
2017-03-17 22:32:06 +08:00
|
|
|
ber_int_t msgid;
|
2017-03-16 20:11:45 +08:00
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
CONNECTION_LOCK(c);
|
2017-09-25 17:45:07 +08:00
|
|
|
c->c_pdu_cb = upstream_bind_cb;
|
|
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
2017-03-16 20:11:45 +08:00
|
|
|
|
2017-09-25 17:45:07 +08:00
|
|
|
ldap_pvt_thread_mutex_lock( &c->c_io_mutex );
|
|
|
|
|
ber = c->c_pendingber;
|
|
|
|
|
if ( ber == NULL && (ber = ber_alloc()) == NULL ) {
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
|
|
|
|
|
CONNECTION_LOCK_DESTROY(c);
|
2017-03-17 22:32:06 +08:00
|
|
|
return NULL;
|
2017-03-16 20:11:45 +08:00
|
|
|
}
|
2017-09-25 17:45:07 +08:00
|
|
|
c->c_pendingber = ber;
|
2017-03-17 22:32:06 +08:00
|
|
|
msgid = c->c_next_msgid++;
|
|
|
|
|
|
2017-06-14 02:46:31 +08:00
|
|
|
if ( bindconf.sb_method == LDAP_AUTH_SIMPLE ) {
|
2017-03-17 22:32:06 +08:00
|
|
|
/* simple bind */
|
2017-03-29 01:07:09 +08:00
|
|
|
ber_printf( ber, "{it{iOtON}}",
|
2017-03-17 22:32:06 +08:00
|
|
|
msgid, LDAP_REQ_BIND, LDAP_VERSION3,
|
2017-06-14 02:46:31 +08:00
|
|
|
&bindconf.sb_binddn, LDAP_AUTH_SIMPLE,
|
|
|
|
|
&bindconf.sb_cred );
|
2017-03-17 22:32:06 +08:00
|
|
|
|
|
|
|
|
#ifdef HAVE_CYRUS_SASL
|
|
|
|
|
} else {
|
2017-03-29 01:07:09 +08:00
|
|
|
BerValue cred = BER_BVNULL;
|
|
|
|
|
ber_printf( ber, "{it{iOt{OON}N}}",
|
|
|
|
|
msgid, LDAP_REQ_BIND, LDAP_VERSION3,
|
2017-06-14 02:46:31 +08:00
|
|
|
&bindconf.sb_binddn, LDAP_AUTH_SASL,
|
|
|
|
|
&bindconf.sb_saslmech, BER_BV_OPTIONAL( &cred ) );
|
2017-03-17 22:32:06 +08:00
|
|
|
#endif /* HAVE_CYRUS_SASL */
|
|
|
|
|
}
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &c->c_io_mutex );
|
|
|
|
|
|
2017-09-22 17:24:52 +08:00
|
|
|
connection_write_cb( -1, 0, c );
|
2017-03-17 22:32:06 +08:00
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
CONNECTION_LOCK_DECREF(c);
|
2017-09-22 17:24:52 +08:00
|
|
|
CONNECTION_UNLOCK_OR_DESTROY(c);
|
2017-04-21 18:07:43 +08:00
|
|
|
|
2017-03-17 22:32:06 +08:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-25 17:45:07 +08:00
|
|
|
/*
|
|
|
|
|
* The backend is already locked when entering the function.
|
|
|
|
|
*/
|
|
|
|
|
static int
|
|
|
|
|
upstream_finish( Connection *c )
|
|
|
|
|
{
|
|
|
|
|
Backend *b = c->c_private;
|
|
|
|
|
int is_bindconn = 0, rc = 0;
|
|
|
|
|
|
|
|
|
|
c->c_pdu_cb = handle_one_response;
|
|
|
|
|
|
|
|
|
|
/* Unless we are configured to use the VC exop, consider allocating the
|
|
|
|
|
* connection into the bind conn pool. Start off by allocating one for
|
|
|
|
|
* general use, then one for binds, then we start filling up the general
|
|
|
|
|
* connection pool, finally the bind pool */
|
|
|
|
|
if (
|
|
|
|
|
#ifdef LDAP_API_FEATURE_VERIFY_CREDENTIALS
|
|
|
|
|
!(lload_features & LLOAD_FEATURE_VC) &&
|
|
|
|
|
#endif /* LDAP_API_FEATURE_VERIFY_CREDENTIALS */
|
|
|
|
|
b->b_active && b->b_numbindconns ) {
|
|
|
|
|
if ( !b->b_bindavail ) {
|
|
|
|
|
is_bindconn = 1;
|
|
|
|
|
} else if ( b->b_active >= b->b_numconns &&
|
|
|
|
|
b->b_bindavail < b->b_numbindconns ) {
|
|
|
|
|
is_bindconn = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( is_bindconn ) {
|
|
|
|
|
LDAP_CIRCLEQ_REMOVE( &b->b_preparing, c, c_next );
|
|
|
|
|
LDAP_CIRCLEQ_INSERT_HEAD( &b->b_bindconns, c, c_next );
|
|
|
|
|
c->c_state = SLAP_C_READY;
|
|
|
|
|
c->c_type = SLAP_C_BIND;
|
|
|
|
|
b->b_bindavail++;
|
|
|
|
|
b->b_opening--;
|
|
|
|
|
b->b_failed = 0;
|
|
|
|
|
} else if ( bindconf.sb_method == LDAP_AUTH_NONE ) {
|
|
|
|
|
LDAP_CIRCLEQ_REMOVE( &b->b_preparing, c, c_next );
|
|
|
|
|
LDAP_CIRCLEQ_INSERT_HEAD( &b->b_conns, c, c_next );
|
|
|
|
|
c->c_state = SLAP_C_READY;
|
|
|
|
|
c->c_type = SLAP_C_OPEN;
|
|
|
|
|
b->b_active++;
|
|
|
|
|
b->b_opening--;
|
|
|
|
|
b->b_failed = 0;
|
|
|
|
|
} else {
|
|
|
|
|
rc = 1;
|
|
|
|
|
ldap_pvt_thread_pool_submit( &connection_pool, upstream_bind, c );
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Debug( LDAP_DEBUG_CONNS, "upstream_finish: "
|
|
|
|
|
"%sconnection connid=%lu is%s ready for use\n",
|
|
|
|
|
is_bindconn ? "bind " : "", c->c_connid, rc ? " almost" : "" );
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2017-04-11 21:15:46 +08:00
|
|
|
/*
|
|
|
|
|
* We must already hold b->b_mutex when called.
|
|
|
|
|
*/
|
2017-03-17 22:32:06 +08:00
|
|
|
Connection *
|
|
|
|
|
upstream_init( ber_socket_t s, Backend *b )
|
|
|
|
|
{
|
|
|
|
|
Connection *c;
|
|
|
|
|
struct event_base *base = slap_get_base( s );
|
|
|
|
|
struct event *event;
|
2017-09-25 17:45:07 +08:00
|
|
|
int flags, rc = -1;
|
2017-03-17 22:32:06 +08:00
|
|
|
|
|
|
|
|
assert( b != NULL );
|
|
|
|
|
|
2017-04-11 21:15:46 +08:00
|
|
|
flags = (b->b_tls == LLOAD_LDAPS) ? CONN_IS_TLS : 0;
|
2017-09-22 17:24:52 +08:00
|
|
|
if ( (c = connection_init( s, b->b_host, flags )) == NULL ) {
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-17 22:32:06 +08:00
|
|
|
c->c_private = b;
|
2017-09-22 17:24:52 +08:00
|
|
|
c->c_is_tls = b->b_tls;
|
|
|
|
|
c->c_pdu_cb = handle_one_response;
|
2017-03-17 22:32:06 +08:00
|
|
|
|
2017-09-25 17:45:07 +08:00
|
|
|
LDAP_CIRCLEQ_INSERT_HEAD( &b->b_preparing, c, c_next );
|
|
|
|
|
c->c_type = SLAP_C_PREPARING;
|
|
|
|
|
|
2017-06-14 02:32:35 +08:00
|
|
|
{
|
|
|
|
|
ber_len_t max = sockbuf_max_incoming_upstream;
|
|
|
|
|
ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_SET_MAX_INCOMING, &max );
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-22 17:24:52 +08:00
|
|
|
event = event_new( base, s, EV_READ|EV_PERSIST, connection_read_cb, c );
|
|
|
|
|
if ( !event ) {
|
|
|
|
|
Debug( LDAP_DEBUG_ANY, "upstream_init: "
|
|
|
|
|
"Read event could not be allocated\n" );
|
|
|
|
|
goto fail;
|
|
|
|
|
}
|
|
|
|
|
c->c_read_event = event;
|
|
|
|
|
|
|
|
|
|
event = event_new( base, s, EV_WRITE, connection_write_cb, c );
|
2017-03-16 20:11:45 +08:00
|
|
|
if ( !event ) {
|
2017-03-29 01:12:27 +08:00
|
|
|
Debug( LDAP_DEBUG_ANY, "upstream_init: "
|
|
|
|
|
"Write event could not be allocated\n" );
|
2017-03-16 20:11:45 +08:00
|
|
|
goto fail;
|
|
|
|
|
}
|
2017-09-22 17:24:52 +08:00
|
|
|
/* We only add the write event when we have data pending */
|
2017-03-16 20:11:45 +08:00
|
|
|
c->c_write_event = event;
|
|
|
|
|
|
2017-09-25 17:45:07 +08:00
|
|
|
rc = upstream_finish( c );
|
|
|
|
|
if ( rc < 0 ) {
|
|
|
|
|
goto fail;
|
2017-04-11 21:15:46 +08:00
|
|
|
}
|
|
|
|
|
|
2017-09-25 17:45:07 +08:00
|
|
|
event_add( c->c_read_event, NULL );
|
2017-03-17 22:29:38 +08:00
|
|
|
|
2017-09-25 17:45:07 +08:00
|
|
|
c->c_destroy = upstream_destroy;
|
|
|
|
|
CONNECTION_UNLOCK_OR_DESTROY(c);
|
|
|
|
|
|
|
|
|
|
/* has upstream_finish() finished? */
|
|
|
|
|
if ( rc == LDAP_SUCCESS ) {
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &b->b_mutex );
|
|
|
|
|
backend_retry( b );
|
|
|
|
|
ldap_pvt_thread_mutex_lock( &b->b_mutex );
|
2017-04-11 21:15:46 +08:00
|
|
|
}
|
2017-03-16 20:11:45 +08:00
|
|
|
|
|
|
|
|
return c;
|
2017-04-11 21:15:46 +08:00
|
|
|
|
2017-03-16 20:11:45 +08:00
|
|
|
fail:
|
|
|
|
|
if ( c->c_write_event ) {
|
|
|
|
|
event_del( c->c_write_event );
|
|
|
|
|
event_free( c->c_write_event );
|
|
|
|
|
}
|
|
|
|
|
if ( c->c_read_event ) {
|
|
|
|
|
event_del( c->c_read_event );
|
|
|
|
|
event_free( c->c_read_event );
|
|
|
|
|
}
|
2017-09-22 17:24:52 +08:00
|
|
|
|
|
|
|
|
c->c_state = SLAP_C_INVALID;
|
|
|
|
|
CONNECTION_DESTROY(c);
|
|
|
|
|
assert( c == NULL );
|
|
|
|
|
|
2017-03-16 20:11:45 +08:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-29 01:40:20 +08:00
|
|
|
void
|
2017-03-16 20:11:45 +08:00
|
|
|
upstream_destroy( Connection *c )
|
|
|
|
|
{
|
|
|
|
|
Backend *b = c->c_private;
|
2017-04-21 18:07:43 +08:00
|
|
|
struct event *read_event, *write_event;
|
2017-06-14 02:40:50 +08:00
|
|
|
TAvlnode *root;
|
2017-06-15 01:24:53 +08:00
|
|
|
long freed, executing;
|
2017-09-22 17:24:52 +08:00
|
|
|
enum sc_state state;
|
2017-03-16 20:11:45 +08:00
|
|
|
|
2017-04-12 22:57:21 +08:00
|
|
|
Debug( LDAP_DEBUG_CONNS, "upstream_destroy: "
|
2017-06-20 20:00:31 +08:00
|
|
|
"freeing connection connid=%lu\n",
|
2017-04-11 21:15:46 +08:00
|
|
|
c->c_connid );
|
|
|
|
|
|
2017-09-22 17:24:52 +08:00
|
|
|
assert( c->c_state != SLAP_C_INVALID );
|
|
|
|
|
state = c->c_state;
|
2017-03-17 22:29:38 +08:00
|
|
|
c->c_state = SLAP_C_INVALID;
|
2017-04-21 18:07:43 +08:00
|
|
|
|
2017-06-14 02:40:50 +08:00
|
|
|
root = c->c_ops;
|
|
|
|
|
c->c_ops = NULL;
|
2017-06-15 01:24:53 +08:00
|
|
|
executing = c->c_n_ops_executing;
|
2017-06-23 17:30:38 +08:00
|
|
|
c->c_n_ops_executing = 0;
|
2017-06-14 02:40:50 +08:00
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
read_event = c->c_read_event;
|
|
|
|
|
write_event = c->c_write_event;
|
2017-06-23 17:30:38 +08:00
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
CONNECTION_UNLOCK_INCREF(c);
|
|
|
|
|
|
2017-06-14 02:40:50 +08:00
|
|
|
freed = tavl_free( root, (AVL_FREE)operation_lost_upstream );
|
2017-06-15 01:24:53 +08:00
|
|
|
assert( freed == executing );
|
2017-06-14 02:40:50 +08:00
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
/*
|
|
|
|
|
* Avoid a deadlock:
|
|
|
|
|
* event_del will block if the event is currently executing its callback,
|
|
|
|
|
* that callback might be waiting to lock c->c_mutex
|
|
|
|
|
*/
|
2017-05-10 01:02:28 +08:00
|
|
|
if ( read_event ) {
|
|
|
|
|
event_del( read_event );
|
|
|
|
|
}
|
2017-04-21 18:07:43 +08:00
|
|
|
|
2017-05-10 01:02:28 +08:00
|
|
|
if ( write_event ) {
|
|
|
|
|
event_del( write_event );
|
|
|
|
|
}
|
2017-03-16 20:11:45 +08:00
|
|
|
|
2017-09-22 17:24:52 +08:00
|
|
|
/* Remove from the backend on first pass */
|
|
|
|
|
if ( state != SLAP_C_CLOSING ) {
|
|
|
|
|
ldap_pvt_thread_mutex_lock( &b->b_mutex );
|
2017-09-25 17:45:07 +08:00
|
|
|
if ( c->c_type == SLAP_C_PREPARING ) {
|
|
|
|
|
LDAP_CIRCLEQ_REMOVE( &b->b_preparing, c, c_next );
|
|
|
|
|
b->b_opening--;
|
|
|
|
|
b->b_failed++;
|
|
|
|
|
} else if ( c->c_type == SLAP_C_BIND ) {
|
2017-09-22 17:24:52 +08:00
|
|
|
LDAP_CIRCLEQ_REMOVE( &b->b_bindconns, c, c_next );
|
|
|
|
|
b->b_bindavail--;
|
|
|
|
|
} else {
|
|
|
|
|
LDAP_CIRCLEQ_REMOVE( &b->b_conns, c, c_next );
|
|
|
|
|
b->b_active--;
|
|
|
|
|
}
|
|
|
|
|
b->b_n_ops_executing -= executing;
|
|
|
|
|
ldap_pvt_thread_mutex_unlock( &b->b_mutex );
|
|
|
|
|
backend_retry( b );
|
2017-03-16 20:11:45 +08:00
|
|
|
}
|
2017-03-16 20:14:22 +08:00
|
|
|
|
2017-04-21 18:07:43 +08:00
|
|
|
CONNECTION_LOCK_DECREF(c);
|
2017-03-16 20:11:45 +08:00
|
|
|
|
2017-05-10 01:02:28 +08:00
|
|
|
if ( c->c_read_event ) {
|
|
|
|
|
event_free( c->c_read_event );
|
|
|
|
|
c->c_read_event = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( c->c_write_event ) {
|
|
|
|
|
event_free( c->c_write_event );
|
|
|
|
|
c->c_write_event = NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-03 18:31:40 +08:00
|
|
|
/*
|
|
|
|
|
* If we attempted to destroy any operations, we might have lent a new
|
|
|
|
|
* refcnt token for a thread that raced us to that, let them call us again
|
|
|
|
|
* later
|
|
|
|
|
*/
|
|
|
|
|
assert( c->c_refcnt >= 0 );
|
|
|
|
|
if ( c->c_refcnt ) {
|
|
|
|
|
c->c_state = SLAP_C_CLOSING;
|
|
|
|
|
Debug( LDAP_DEBUG_CONNS, "upstream_destroy: "
|
|
|
|
|
"connid=%lu aborting with refcnt=%d\n",
|
|
|
|
|
c->c_connid, c->c_refcnt );
|
|
|
|
|
CONNECTION_UNLOCK(c);
|
|
|
|
|
return;
|
|
|
|
|
}
|
2017-03-16 20:11:45 +08:00
|
|
|
connection_destroy( c );
|
|
|
|
|
}
|
