plug selected leaks resulting from ITS#4056 & ITS#4057 implementation; may need further cleanup and reworking to streamline a bit

This commit is contained in:
Pierangelo Masarati 2005-10-01 18:07:00 +00:00
parent ddded040b9
commit 01bb0fa1ea
4 changed files with 73 additions and 100 deletions

View File

@ -312,14 +312,17 @@ meta_back_retry(
extern void
meta_back_conn_free(
metaconn_t *mc );
void *v_mc );
extern int
meta_back_init_one_conn(
Operation *op,
SlapReply *rs,
metatarget_t *mt,
metaconn_t *mc,
metasingleconn_t *msc,
int ispriv,
int isauthz,
ldap_back_send_t sendok );
extern int

View File

@ -391,7 +391,9 @@ retry:;
/* mc here must be the regular mc,
* reset and ready for init */
rc = meta_back_init_one_conn( op, rs,
mt, msc, LDAP_BACK_DONTSEND );
mt, mc, msc, LDAP_BACK_CONN_ISPRIV( mc ),
candidate == mc->mc_authz_target,
LDAP_BACK_DONTSEND );
} else {
/* can't do anything about it */
@ -567,7 +569,10 @@ retry:;
/* mc here must be the regular mc,
* reset and ready for init */
rc = meta_back_init_one_conn( op, rs,
mt, msc, LDAP_BACK_DONTSEND );
mt, mc, msc,
LDAP_BACK_CONN_ISPRIV( mc ),
candidate == mc->mc_authz_target,
LDAP_BACK_DONTSEND );
} else {

View File

@ -176,27 +176,6 @@ metaconn_alloc(
return mc;
}
/*
* meta_back_conn_free
*
* clears a metaconn
*/
void
meta_back_conn_free(
metaconn_t *mc )
{
assert( mc != NULL );
assert( mc->mc_refcnt == 0 );
if ( !BER_BVISNULL( &mc->mc_local_ndn ) ) {
free( mc->mc_local_ndn.bv_val );
}
ldap_pvt_thread_mutex_destroy( &mc->mc_mutex );
free( mc );
}
static void
meta_back_freeconn(
Operation *op,
@ -225,7 +204,10 @@ meta_back_init_one_conn(
Operation *op,
SlapReply *rs,
metatarget_t *mt,
metaconn_t *mc,
metasingleconn_t *msc,
int ispriv,
int isauthz,
ldap_back_send_t sendok )
{
metainfo_t *mi = ( metainfo_t * )op->o_bd->be_private;
@ -367,7 +349,19 @@ retry:;
/*
* If the connection DN is not null, an attempt to rewrite it is made
*/
if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) ) {
if ( ispriv ) {
ber_dupbv( &msc->msc_cred, &mt->mt_pseudorootpw );
ber_dupbv( &msc->msc_bound_ndn, &mt->mt_pseudorootdn );
LDAP_BACK_CONN_ISPRIV_SET( msc );
} else {
BER_BVZERO( &msc->msc_cred );
BER_BVZERO( &msc->msc_bound_ndn );
if ( !BER_BVISEMPTY( &op->o_ndn )
&& SLAP_IS_AUTHZ_BACKEND( op )
&& isauthz )
{
dc.target = mt;
dc.conn = op->o_conn;
dc.rs = rs;
@ -379,6 +373,7 @@ retry:;
if ( ldap_back_dn_massage( &dc, &op->o_conn->c_dn,
&msc->msc_bound_ndn ) )
{
ldap_unbind_ext_s( msc->msc_ld, NULL, NULL );
goto error_return;
}
@ -387,11 +382,12 @@ retry:;
ber_dupbv( &msc->msc_bound_ndn, &op->o_conn->c_dn );
}
assert( !BER_BVISNULL( &msc->msc_bound_ndn ) );
} else {
ber_str2bv( "", 0, 1, &msc->msc_bound_ndn );
}
}
assert( !BER_BVISNULL( &msc->msc_bound_ndn ) );
LDAP_BACK_CONN_ISBOUND_CLEAR( msc );
@ -450,7 +446,9 @@ retry_lock:;
( void )rewrite_session_delete( mt->mt_rwmap.rwm_rw, op->o_conn );
/* mc here must be the regular mc, reset and ready for init */
rc = meta_back_init_one_conn( op, rs, mt, msc, sendok );
rc = meta_back_init_one_conn( op, rs, mt, mc, msc,
LDAP_BACK_CONN_ISPRIV( mc ),
candidate == mc->mc_authz_target, sendok );
if ( rc == LDAP_SUCCESS ) {
rc = meta_back_single_dobind( op, rs, mc, candidate,
@ -781,27 +779,13 @@ meta_back_getconn(
* also init'd
*/
candidates[ i ].sr_err = meta_back_init_one_conn( op,
rs, mt, msc, sendok );
rs, mt, mc, msc,
LDAP_BACK_CONN_ISPRIV( &mc_curr ),
i == mc->mc_authz_target, sendok );
if ( candidates[ i ].sr_err == LDAP_SUCCESS ) {
candidates[ i ].sr_tag = META_CANDIDATE;
ncandidates++;
if ( LDAP_BACK_CONN_ISPRIV( &mc_curr ) ) {
ber_dupbv( &msc->msc_cred, &mt->mt_pseudorootpw );
ber_dupbv( &msc->msc_bound_ndn, &mt->mt_pseudorootdn );
LDAP_BACK_CONN_ISPRIV_SET( msc );
} else {
BER_BVZERO( &msc->msc_cred );
BER_BVZERO( &msc->msc_bound_ndn );
if ( !BER_BVISEMPTY( &op->o_ndn )
&& SLAP_IS_AUTHZ_BACKEND( op )
&& i == mc->mc_authz_target )
{
ber_dupbv( &msc->msc_bound_ndn, &op->o_ndn );
}
}
} else {
/*
@ -941,7 +925,9 @@ meta_back_getconn(
* also init'd. In case of error, meta_back_init_one_conn
* sends the appropriate result.
*/
err = meta_back_init_one_conn( op, rs, mt, msc, sendok );
err = meta_back_init_one_conn( op, rs, mt, mc, msc,
LDAP_BACK_CONN_ISPRIV( &mc_curr ),
i == mc->mc_authz_target, sendok );
if ( err != LDAP_SUCCESS ) {
/*
* FIXME: in case one target cannot
@ -967,22 +953,6 @@ meta_back_getconn(
*candidate = i;
}
if ( LDAP_BACK_CONN_ISPRIV( &mc_curr ) ) {
ber_dupbv( &msc->msc_cred, &mt->mt_pseudorootpw );
ber_dupbv( &msc->msc_bound_ndn, &mt->mt_pseudorootdn );
LDAP_BACK_CONN_ISPRIV_SET( msc );
} else {
BER_BVZERO( &msc->msc_cred );
BER_BVZERO( &msc->msc_bound_ndn );
if ( !BER_BVISEMPTY( &op->o_ndn )
&& SLAP_IS_AUTHZ_BACKEND( op )
&& i == mc->mc_authz_target )
{
ber_dupbv( &msc->msc_bound_ndn, &op->o_ndn );
}
}
/*
* if no unique candidate ...
*/
@ -1012,28 +982,15 @@ meta_back_getconn(
* also init'd
*/
int lerr = meta_back_init_one_conn( op, rs,
mt, msc, sendok );
mt, mc, msc,
LDAP_BACK_CONN_ISPRIV( &mc_curr ),
i == mc->mc_authz_target,
sendok );
if ( lerr == LDAP_SUCCESS ) {
candidates[ i ].sr_tag = META_CANDIDATE;
candidates[ i ].sr_err = LDAP_SUCCESS;
ncandidates++;
if ( LDAP_BACK_CONN_ISPRIV( &mc_curr ) ) {
ber_dupbv( &msc->msc_cred, &mt->mt_pseudorootpw );
ber_dupbv( &msc->msc_bound_ndn, &mt->mt_pseudorootdn );
LDAP_BACK_CONN_ISPRIV_SET( msc );
} else {
BER_BVZERO( &msc->msc_cred );
BER_BVZERO( &msc->msc_bound_ndn );
if ( !BER_BVISEMPTY( &op->o_ndn )
&& SLAP_IS_AUTHZ_BACKEND( op )
&& i == mc->mc_authz_target )
{
ber_dupbv( &msc->msc_bound_ndn, &op->o_ndn );
}
}
Debug( LDAP_DEBUG_TRACE, "%s: meta_back_init_one_conn(%d)\n",
op->o_log_prefix, i, 0 );

View File

@ -126,13 +126,20 @@ meta_back_db_open(
return 0;
}
static void
conn_free(
void
meta_back_conn_free(
void *v_mc )
{
metaconn_t *mc = v_mc;
int i, ntargets;
assert( mc != NULL );
assert( mc->mc_refcnt == 0 );
if ( !BER_BVISNULL( &mc->mc_local_ndn ) ) {
free( mc->mc_local_ndn.bv_val );
}
assert( mc->mc_conns != NULL );
/* at least one must be present... */
@ -156,6 +163,7 @@ conn_free(
}
}
ldap_pvt_thread_mutex_destroy( &mc->mc_mutex );
free( mc );
}
@ -220,7 +228,7 @@ meta_back_db_destroy(
ldap_pvt_thread_mutex_lock( &mi->mi_conn_mutex );
if ( mi->mi_conntree ) {
avl_free( mi->mi_conntree, conn_free );
avl_free( mi->mi_conntree, meta_back_conn_free );
}
/*