handle sizelimit in caching (in partial fulfilment of ITS#5114)

This commit is contained in:
Pierangelo Masarati 2007-09-12 21:09:04 +00:00
parent 1be58c57d6
commit 1157b6dc6a
5 changed files with 394 additions and 104 deletions

View File

@ -72,6 +72,7 @@ typedef struct cached_query_s {
Qbase *qbase; Qbase *qbase;
int scope; int scope;
struct berval q_uuid; /* query identifier */ struct berval q_uuid; /* query identifier */
int q_sizelimit;
struct query_template_s *qtemp; /* template of the query */ struct query_template_s *qtemp; /* template of the query */
time_t expiry_time; /* time till the query is considered valid */ time_t expiry_time; /* time till the query is considered valid */
struct cached_query_s *next; /* next query in the template */ struct cached_query_s *next; /* next query in the template */
@ -127,17 +128,36 @@ typedef struct query_template_s {
int no_of_queries; /* Total number of queries in the template */ int no_of_queries; /* Total number of queries in the template */
time_t ttl; /* TTL for the queries of this template */ time_t ttl; /* TTL for the queries of this template */
time_t negttl; /* TTL for negative results */ time_t negttl; /* TTL for negative results */
time_t limitttl; /* TTL for sizelimit exceeding results */
struct attr_set t_attrs; /* filter attrs + attr_set */ struct attr_set t_attrs; /* filter attrs + attr_set */
} QueryTemplate; } QueryTemplate;
typedef enum {
PC_IGNORE = 0,
PC_POSITIVE,
PC_NEGATIVE,
PC_SIZELIMIT
} pc_caching_reason_t;
static const char *pc_caching_reason_str[] = {
"IGNORE",
"POSITIVE",
"NEGATIVE",
"SIZELIMIT",
NULL
};
struct query_manager_s; struct query_manager_s;
/* prototypes for functions for 1) query containment /* prototypes for functions for 1) query containment
* 2) query addition, 3) cache replacement * 2) query addition, 3) cache replacement
*/ */
typedef CachedQuery * (QCfunc)(Operation *op, struct query_manager_s*, Query*, QueryTemplate*); typedef CachedQuery *(QCfunc)(Operation *op, struct query_manager_s*,
typedef CachedQuery * (AddQueryfunc)(Operation *op, struct query_manager_s*, Query*, QueryTemplate*, int positive); Query*, QueryTemplate*);
typedef void (CRfunc)(struct query_manager_s*, struct berval * ); typedef CachedQuery *(AddQueryfunc)(Operation *op, struct query_manager_s*,
Query*, QueryTemplate*, pc_caching_reason_t);
typedef void (CRfunc)(struct query_manager_s*, struct berval*);
/* LDAP query cache */ /* LDAP query cache */
typedef struct query_manager_s { typedef struct query_manager_s {
@ -225,7 +245,7 @@ add_query(
query_manager* qm, query_manager* qm,
Query* query, Query* query,
QueryTemplate *templ, QueryTemplate *templ,
int positive); pc_caching_reason_t why );
static int static int
remove_query_data( remove_query_data(
@ -452,7 +472,7 @@ url2query(
goto error; goto error;
} }
cq = add_query( op, qm, &query, qt, 1 ); cq = add_query( op, qm, &query, qt, PC_POSITIVE );
if ( cq != NULL ) { if ( cq != NULL ) {
cq->expiry_time = expiry_time; cq->expiry_time = expiry_time;
cq->q_uuid = uuid; cq->q_uuid = uuid;
@ -1093,6 +1113,10 @@ query_containment(Operation *op, query_manager *qm,
qc = find_filter( op, qbptr->scopes[tscope], qc = find_filter( op, qbptr->scopes[tscope],
query->filter, first ); query->filter, first );
if ( qc ) { if ( qc ) {
if ( qc->q_sizelimit ) {
ldap_pvt_thread_rdwr_runlock(&templa->t_rwlock);
return NULL;
}
ldap_pvt_thread_mutex_lock(&qm->lru_mutex); ldap_pvt_thread_mutex_lock(&qm->lru_mutex);
if (qm->lru_top != qc) { if (qm->lru_top != qc) {
remove_query(qm, qc); remove_query(qm, qc);
@ -1135,24 +1159,41 @@ add_query(
query_manager* qm, query_manager* qm,
Query* query, Query* query,
QueryTemplate *templ, QueryTemplate *templ,
int positive) pc_caching_reason_t why )
{ {
CachedQuery* new_cached_query = (CachedQuery*) ch_malloc(sizeof(CachedQuery)); CachedQuery* new_cached_query = (CachedQuery*) ch_malloc(sizeof(CachedQuery));
Qbase *qbase, qb; Qbase *qbase, qb;
Filter *first; Filter *first;
int rc; int rc;
time_t ttl = 0;;
new_cached_query->qtemp = templ; new_cached_query->qtemp = templ;
BER_BVZERO( &new_cached_query->q_uuid ); BER_BVZERO( &new_cached_query->q_uuid );
if ( positive ) { new_cached_query->q_sizelimit = 0;
new_cached_query->expiry_time = slap_get_time() + templ->ttl;
} else { switch ( why ) {
new_cached_query->expiry_time = slap_get_time() + templ->negttl; case PC_POSITIVE:
ttl = templ->ttl;
break;
case PC_NEGATIVE:
ttl = templ->negttl;
break;
case PC_SIZELIMIT:
ttl = templ->limitttl;
break;
default:
assert( 0 );
break;
} }
new_cached_query->expiry_time = slap_get_time() + ttl;
new_cached_query->lru_up = NULL; new_cached_query->lru_up = NULL;
new_cached_query->lru_down = NULL; new_cached_query->lru_down = NULL;
Debug( pcache_debug, "Added query expires at %ld\n", Debug( pcache_debug, "Added query expires at %ld (%s)\n",
(long) new_cached_query->expiry_time, 0, 0 ); (long) new_cached_query->expiry_time,
pc_caching_reason_str[ why ], 0 );
new_cached_query->scope = query->scope; new_cached_query->scope = query->scope;
new_cached_query->filter = query->filter; new_cached_query->filter = query->filter;
@ -1286,7 +1327,7 @@ cache_replacement(query_manager* qm, struct berval *result)
ldap_pvt_thread_mutex_unlock(&qm->lru_mutex); ldap_pvt_thread_mutex_unlock(&qm->lru_mutex);
*result = bottom->q_uuid; *result = bottom->q_uuid;
bottom->q_uuid.bv_val = NULL; BER_BVZERO( &bottom->q_uuid );
Debug( pcache_debug, "Lock CR index = %p\n", (void *) temp, 0, 0 ); Debug( pcache_debug, "Lock CR index = %p\n", (void *) temp, 0, 0 );
ldap_pvt_thread_rdwr_wlock(&temp->t_rwlock); ldap_pvt_thread_rdwr_wlock(&temp->t_rwlock);
@ -1527,6 +1568,8 @@ struct search_info {
int max; int max;
int over; int over;
int count; int count;
int slimit;
int slimit_exceeded;
Entry *head, *tail; Entry *head, *tail;
}; };
@ -1874,8 +1917,18 @@ static int
pcache_op_cleanup( Operation *op, SlapReply *rs ) { pcache_op_cleanup( Operation *op, SlapReply *rs ) {
slap_callback *cb = op->o_callback; slap_callback *cb = op->o_callback;
struct search_info *si = cb->sc_private; struct search_info *si = cb->sc_private;
if ( rs->sr_type == REP_RESULT || op->o_abandon ||
rs->sr_err == SLAPD_ABANDON ) { if ( rs->sr_type == REP_SEARCH ) {
/* don't return more entries than requested by the client */
if ( si->slimit && rs->sr_nentries >= si->slimit ) {
si->slimit_exceeded = 1;
}
}
if ( rs->sr_type == REP_RESULT ||
op->o_abandon ||
rs->sr_err == SLAPD_ABANDON )
{
if ( si->save_attrs != NULL ) { if ( si->save_attrs != NULL ) {
rs->sr_attrs = si->save_attrs; rs->sr_attrs = si->save_attrs;
op->ors_attrs = si->save_attrs; op->ors_attrs = si->save_attrs;
@ -1883,6 +1936,7 @@ pcache_op_cleanup( Operation *op, SlapReply *rs ) {
op->o_callback = op->o_callback->sc_next; op->o_callback = op->o_callback->sc_next;
op->o_tmpfree( cb, op->o_tmpmemctx ); op->o_tmpfree( cb, op->o_tmpmemctx );
} }
return SLAP_CB_CONTINUE; return SLAP_CB_CONTINUE;
} }
@ -1914,6 +1968,7 @@ pcache_response(
if ( !si->head ) si->head = e; if ( !si->head ) si->head = e;
if ( si->tail ) si->tail->e_private = e; if ( si->tail ) si->tail->e_private = e;
si->tail = e; si->tail = e;
} else { } else {
si->over = 1; si->over = 1;
si->count = 0; si->count = 0;
@ -1926,16 +1981,44 @@ pcache_response(
} }
} }
/* don't return more entries than requested by the client */
if ( si->slimit_exceeded ) {
return 0;
}
} else if ( rs->sr_type == REP_RESULT ) { } else if ( rs->sr_type == REP_RESULT ) {
if ( si->count || pc_caching_reason_t why = PC_IGNORE;
( si->qtemp->negttl && !si->count && !si->over &&
rs->sr_err == LDAP_SUCCESS )) { if ( si->count ) {
CachedQuery *qc = qm->addfunc(op, qm, &si->query, si->qtemp, if ( rs->sr_err == LDAP_SUCCESS ) {
si->count); why = PC_POSITIVE;
} else if ( rs->sr_err == LDAP_SIZELIMIT_EXCEEDED
&& si->qtemp->limitttl )
{
why = PC_SIZELIMIT;
}
} else if ( si->qtemp->negttl && !si->count && !si->over &&
rs->sr_err == LDAP_SUCCESS )
{
why = PC_NEGATIVE;
}
if ( why != PC_IGNORE ) {
CachedQuery *qc = qm->addfunc(op, qm, &si->query,
si->qtemp, why );
if ( qc != NULL ) { if ( qc != NULL ) {
if ( si->count ) switch ( why ) {
case PC_POSITIVE:
cache_entries( op, rs, &qc->q_uuid ); cache_entries( op, rs, &qc->q_uuid );
break;
case PC_SIZELIMIT:
qc->q_sizelimit = rs->sr_nentries;
break;
}
ldap_pvt_thread_mutex_lock(&cm->cache_mutex); ldap_pvt_thread_mutex_lock(&cm->cache_mutex);
cm->num_cached_queries++; cm->num_cached_queries++;
Debug( pcache_debug, "STORED QUERIES = %lu\n", Debug( pcache_debug, "STORED QUERIES = %lu\n",
@ -1953,6 +2036,7 @@ pcache_response(
} }
ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex ); ldap_pvt_thread_mutex_unlock( &slapd_rq.rq_mutex );
} }
} else if ( si->count ) { } else if ( si->count ) {
/* duplicate query, free it */ /* duplicate query, free it */
Entry *e; Entry *e;
@ -1962,10 +2046,16 @@ pcache_response(
entry_free(si->head); entry_free(si->head);
} }
} }
} else { } else {
filter_free( si->query.filter ); filter_free( si->query.filter );
} }
if ( si->slimit_exceeded ) {
rs->sr_err = LDAP_SIZELIMIT_EXCEEDED;
}
} }
return SLAP_CB_CONTINUE; return SLAP_CB_CONTINUE;
} }
@ -2255,6 +2345,12 @@ pcache_op_search(
si->max = cm->num_entries_limit ; si->max = cm->num_entries_limit ;
si->over = 0; si->over = 0;
si->count = 0; si->count = 0;
si->slimit = 0;
si->slimit_exceeded = 0;
if ( op->ors_slimit && op->ors_slimit < cm->num_entries_limit ) {
si->slimit = op->ors_slimit;
op->ors_slimit = cm->num_entries_limit;
}
si->head = NULL; si->head = NULL;
si->tail = NULL; si->tail = NULL;
si->save_attrs = op->ors_attrs; si->save_attrs = op->ors_attrs;
@ -2455,9 +2551,10 @@ static ConfigTable pccfg[] = {
"DESC 'A set of attributes to cache' " "DESC 'A set of attributes to cache' "
"SYNTAX OMsDirectoryString )", NULL, NULL }, "SYNTAX OMsDirectoryString )", NULL, NULL },
{ "proxytemplate", "filter> <attrset-index> <TTL> <negTTL", { "proxytemplate", "filter> <attrset-index> <TTL> <negTTL",
4, 5, 0, ARG_MAGIC|PC_TEMP, pc_cf_gen, 4, 6, 0, ARG_MAGIC|PC_TEMP, pc_cf_gen,
"( OLcfgOvAt:2.3 NAME 'olcProxyTemplate' " "( OLcfgOvAt:2.3 NAME 'olcProxyTemplate' "
"DESC 'Filter template, attrset, cache TTL, optional negative TTL' " "DESC 'Filter template, attrset, cache TTL, "
"optional negative TTL, optional sizelimit TTL' "
"SYNTAX OMsDirectoryString )", NULL, NULL }, "SYNTAX OMsDirectoryString )", NULL, NULL },
{ "response-callback", "head|tail(default)", { "response-callback", "head|tail(default)",
2, 2, 0, ARG_MAGIC|PC_RESP, pc_cf_gen, 2, 2, 0, ARG_MAGIC|PC_RESP, pc_cf_gen,
@ -2580,17 +2677,14 @@ pc_cf_gen( ConfigArgs *c )
break; break;
case PC_TEMP: case PC_TEMP:
for (temp=qm->templates; temp; temp=temp->qmnext) { for (temp=qm->templates; temp; temp=temp->qmnext) {
if ( temp->negttl ) { /* HEADS-UP: always print all;
bv.bv_len = snprintf( c->cr_msg, sizeof( c->cr_msg ), * if optional == 0, ignore */
" %d %ld %ld", bv.bv_len = snprintf( c->cr_msg, sizeof( c->cr_msg ),
temp->attr_set_index, " %d %ld %ld %ld",
temp->ttl, temp->attr_set_index,
temp->negttl ); temp->ttl,
} else { temp->negttl,
bv.bv_len = snprintf( c->cr_msg, sizeof( c->cr_msg ), " %d %ld", temp->limitttl );
temp->attr_set_index,
temp->ttl );
}
bv.bv_len += temp->querystr.bv_len + 2; bv.bv_len += temp->querystr.bv_len + 2;
bv.bv_val = ch_malloc( bv.bv_len+1 ); bv.bv_val = ch_malloc( bv.bv_len+1 );
ptr = bv.bv_val; ptr = bv.bv_val;
@ -2839,23 +2933,37 @@ pc_cf_gen( ConfigArgs *c )
ldap_pvt_thread_rdwr_init( &temp->t_rwlock ); ldap_pvt_thread_rdwr_init( &temp->t_rwlock );
temp->query = temp->query_last = NULL; temp->query = temp->query_last = NULL;
if ( lutil_parse_time( c->argv[3], &t ) != 0 ) { if ( lutil_parse_time( c->argv[3], &t ) != 0 ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "unable to parse template ttl=\"%s\"", snprintf( c->cr_msg, sizeof( c->cr_msg ),
"unable to parse template ttl=\"%s\"",
c->argv[3] ); c->argv[3] );
Debug( LDAP_DEBUG_CONFIG, "%s: %s.\n", c->log, c->cr_msg, 0 ); Debug( LDAP_DEBUG_CONFIG, "%s: %s.\n", c->log, c->cr_msg, 0 );
return( 1 ); return( 1 );
} }
temp->ttl = (time_t)t; temp->ttl = (time_t)t;
if ( c->argc == 5 ) { temp->negttl = (time_t)0;
temp->limitttl = (time_t)0;
switch ( c->argc ) {
case 6:
if ( lutil_parse_time( c->argv[5], &t ) != 0 ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ),
"unable to parse template sizelimit ttl=\"%s\"",
c->argv[5] );
Debug( LDAP_DEBUG_CONFIG, "%s: %s.\n", c->log, c->cr_msg, 0 );
return( 1 );
}
temp->limitttl = (time_t)t;
/* fallthru */
case 5:
if ( lutil_parse_time( c->argv[4], &t ) != 0 ) { if ( lutil_parse_time( c->argv[4], &t ) != 0 ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), snprintf( c->cr_msg, sizeof( c->cr_msg ),
"unable to parse template negttl=\"%s\"", "unable to parse template negative ttl=\"%s\"",
c->argv[4] ); c->argv[4] );
Debug( LDAP_DEBUG_CONFIG, "%s: %s.\n", c->log, c->cr_msg, 0 ); Debug( LDAP_DEBUG_CONFIG, "%s: %s.\n", c->log, c->cr_msg, 0 );
return( 1 ); return( 1 );
} }
temp->negttl = (time_t)t; temp->negttl = (time_t)t;
} else { break;
temp->negttl = 0;
} }
temp->no_of_queries = 0; temp->no_of_queries = 0;

View File

@ -1,4 +1,4 @@
# Query 1: filter:(sn=Jon) attrs: all # Query 1: filter:(sn=Jon) attrs:all (expect nothing)
# Query 2: filter:(|(cn=*Jon*)(sn=Jon*)) attrs:cn sn title uid # Query 2: filter:(|(cn=*Jon*)(sn=Jon*)) attrs:cn sn title uid
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
cn: James A Jones 1 cn: James A Jones 1
@ -24,7 +24,7 @@ sn: Doe
uid: johnd uid: johnd
title: System Administrator, Information Technology Division title: System Administrator, Information Technology Division
# Query 3: filter:(sn=Smith*) attrs:cn sn title uid # Query 3: filter:(sn=Smith*) attrs:cn sn uid
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com
cn: Jennifer Smith cn: Jennifer Smith
cn: Jen Smith cn: Jen Smith
@ -65,7 +65,7 @@ postalAddress: Info Tech Division $ 535 W. William St. $ Anytown, MI 48103
mail: bjorn@mailgw.example.com mail: bjorn@mailgw.example.com
telephoneNumber: +1 313 555 0355 telephoneNumber: +1 313 555 0355
# Query 6: filter:(mail=*@mail.alumni.example.com) cn sn title uid # Query 6: filter:(mail=*@mail.alumni.example.com) attrs:cn sn title uid
dn: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com dn: cn=Dorothy Stevens,ou=Alumni Association,ou=People,dc=example,dc=com
cn: Dorothy Stevens cn: Dorothy Stevens
cn: Dot Stevens cn: Dot Stevens
@ -101,7 +101,7 @@ sn: Hampster
uid: uham uid: uham
title: Secretary, UM Alumni Association title: Secretary, UM Alumni Association
# Query 7: filter:(mail=*) cn sn title uid # Query 7: filter:(mail=*) attrs:cn sn title uid
dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example, dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
dc=com dc=com
cn: Barbara Jensen cn: Barbara Jensen
@ -176,7 +176,21 @@ sn: Hampster
uid: uham uid: uham
title: Secretary, UM Alumni Association title: Secretary, UM Alumni Association
# Query 8: filter:(|(cn=*Jones)(sn=Jones)) attrs:cn sn title uid # Query 8: filter:(mail=*example.com) attrs:cn sn title uid
dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
dc=com
cn: Barbara Jensen
cn: Babs Jensen
sn:: IEplbnNlbiA=
uid: bjensen
title: Mythical Manager, Research Systems
# Query 9: filter:(uid=b*) attrs:mail
dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
dc=com
mail: bjensen@mailgw.example.com
# Query 10: filter:(|(cn=*Jones)(sn=Jones)) attrs:cn sn title uid
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
cn: James A Jones 1 cn: James A Jones 1
cn: James Jones cn: James Jones
@ -194,7 +208,7 @@ sn: Doe
uid: jjones uid: jjones
title: Senior Manager, Information Technology Division title: Senior Manager, Information Technology Division
# Query 9: filter:(sn=Smith) attrs:cn sn title uid # Query 11: filter:(sn=Smith) attrs:cn sn title uid
dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com dn: cn=Jennifer Smith,ou=Alumni Association,ou=People,dc=example,dc=com
cn: Jennifer Smith cn: Jennifer Smith
cn: Jen Smith cn: Jen Smith
@ -202,7 +216,7 @@ sn: Smith
uid: jen uid: jen
title: Telemarketer, UM Alumni Association title: Telemarketer, UM Alumni Association
# Query 10: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid # Query 12: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid
dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
=com =com
cn: Bjorn Jensen cn: Bjorn Jensen
@ -212,7 +226,7 @@ postalAddress: Info Tech Division $ 535 W. William St. $ Anytown, MI 48103
mail: bjorn@mailgw.example.com mail: bjorn@mailgw.example.com
telephoneNumber: +1 313 555 0355 telephoneNumber: +1 313 555 0355
# Query 11: filter:(mail=jaj@mail.alumni.example.com) cn sn title uid # Query 13: filter:(mail=jaj@mail.alumni.example.com) attrs:cn sn title uid
dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com dn: cn=James A Jones 1,ou=Alumni Association,ou=People,dc=example,dc=com
cn: James A Jones 1 cn: James A Jones 1
cn: James Jones cn: James Jones
@ -221,3 +235,17 @@ sn: Jones
uid: jaj uid: jaj
title: Mad Cow Researcher, UM Alumni Association title: Mad Cow Researcher, UM Alumni Association
# Query 14: filter:(mail=*example.com) attrs:cn sn title uid
dn: cn=Barbara Jensen,ou=Information Technology Division,ou=People,dc=example,
dc=com
cn: Barbara Jensen
cn: Babs Jensen
sn:: IEplbnNlbiA=
uid: bjensen
title: Mythical Manager, Research Systems
# Query 15: filter:(uid=b*) attrs:mail
dn: cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc
=com
mail: bjorn@mailgw.example.com

View File

@ -39,17 +39,20 @@ argsfile @TESTDIR@/slapd.2.args
database ldap database ldap
suffix "dc=example,dc=com" suffix "dc=example,dc=com"
rootdn "dc=example,dc=com" rootdn "dc=example,dc=com"
rootpw "secret"
uri "@URI1@" uri "@URI1@"
limits dn="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com" size=1
overlay pcache overlay pcache
proxycache @BACKEND@ 100 2 @ENTRY_LIMIT@ @CACHETTL@ proxycache @BACKEND@ 100 2 @ENTRY_LIMIT@ @CACHETTL@
proxyattrset 0 sn cn title uid proxyattrset 0 sn cn title uid
proxyattrset 1 mail postaladdress telephonenumber cn uid proxyattrset 1 mail postaladdress telephonenumber cn uid
proxytemplate (|(cn=)(sn=)) 0 @CACHETTL@ proxytemplate (|(cn=)(sn=)) 0 @CACHETTL@ @NCACHETTL@ @SCACHETTL@
proxytemplate (sn=) 0 @CACHETTL@ proxytemplate (sn=) 0 @CACHETTL@ @NCACHETTL@ @SCACHETTL@
proxytemplate (uid=) 1 @CACHETTL@ proxytemplate (uid=) 1 @CACHETTL@ @NCACHETTL@ @SCACHETTL@
proxytemplate (mail=) 0 @CACHETTL@ proxytemplate (mail=) 0 @CACHETTL@ @NCACHETTL@ @SCACHETTL@
#bdb#cachesize 20 #bdb#cachesize 20
#hdb#cachesize 20 #hdb#cachesize 20

View File

@ -71,6 +71,8 @@ sed -e "s/@BACKEND@/${BACKEND}/" \
-e "s;@PORT6@;${PORT6};" \ -e "s;@PORT6@;${PORT6};" \
-e "s/@SASL_MECH@/${SASL_MECH}/" \ -e "s/@SASL_MECH@/${SASL_MECH}/" \
-e "s/@CACHETTL@/${CACHETTL}/" \ -e "s/@CACHETTL@/${CACHETTL}/" \
-e "s/@NCACHETTL@/${NCACHETTL}/" \
-e "s/@SCACHETTL@/${SCACHETTL}/" \
-e "s/@ENTRY_LIMIT@/${CACHE_ENTRY_LIMIT}/" \ -e "s/@ENTRY_LIMIT@/${CACHE_ENTRY_LIMIT}/" \
-e "s;@TESTDIR@;${TESTDIR};" \ -e "s;@TESTDIR@;${TESTDIR};" \
-e "s;@DATADIR@;${DATADIR};" \ -e "s;@DATADIR@;${DATADIR};" \

View File

@ -14,7 +14,9 @@
## <http://www.OpenLDAP.org/license.html>. ## <http://www.OpenLDAP.org/license.html>.
CACHETTL="1m" CACHETTL="1m"
CACHE_ENTRY_LIMIT=10 NCACHETTL="1m"
SCACHETTL="1m"
CACHE_ENTRY_LIMIT=6
. $SRCDIR/scripts/defines.sh . $SRCDIR/scripts/defines.sh
@ -109,13 +111,17 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
cat /dev/null > $SLAVEOUT cat /dev/null > $SEARCHOUT
echo "Making queries on the proxy cache..." echo "Making queries on the proxy cache..."
echo "Query 1: filter:(sn=Jon) attrs: all" CNT=0
echo "# Query 1: filter:(sn=Jon) attrs: all" >> $SLAVEOUT
CNT=`expr $CNT + 1`
FILTER="(sn=Jon)"
echo "Query $CNT: filter:$FILTER attrs:all (expect nothing)"
echo "# Query $CNT: filter:$FILTER attrs:all (expect nothing)" >> $SEARCHOUT
$LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'sn=Jon' >> $SLAVEOUT 2>&1 "$FILTER" >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -132,10 +138,13 @@ if test $RC != 0 ; then
exit 0 exit 0
fi fi
echo "Query 2: filter:(|(cn=*Jon*)(sn=Jon*)) attrs:cn sn title uid" CNT=`expr $CNT + 1`
echo "# Query 2: filter:(|(cn=*Jon*)(sn=Jon*)) attrs:cn sn title uid" >> $SLAVEOUT FILTER="(|(cn=*Jon*)(sn=Jon*))"
ATTRS="cn sn title uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'(|(cn=*Jon*)(sn=Jon*))' cn sn title uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -143,10 +152,13 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
echo "Query 3: filter:(sn=Smith*) attrs:cn sn uid" CNT=`expr $CNT + 1`
echo "# Query 3: filter:(sn=Smith*) attrs:cn sn uid" >> $SLAVEOUT FILTER="(sn=Smith*)"
ATTRS="cn sn uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'sn=Smith*' cn sn uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -154,21 +166,13 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
echo "Query 4: filter:(sn=Doe*) attrs:cn sn title uid" CNT=`expr $CNT + 1`
echo "# Query 4: filter:(sn=Doe*) attrs:cn sn title uid" >> $SLAVEOUT FILTER="(sn=Doe*)"
ATTRS="cn sn title uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'sn=Doe' cn sn title uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Query 5: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid"
echo "# Query 5: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid" >> $SLAVEOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'uid=bjorn' mail postaladdress telephonenumber cn uid >> $SLAVEOUT 2>&1
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -176,10 +180,13 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
echo "Query 6: filter:(mail=*@mail.alumni.example.com) cn sn title uid" CNT=`expr $CNT + 1`
echo "# Query 6: filter:(mail=*@mail.alumni.example.com) cn sn title uid" >> $SLAVEOUT FILTER="(uid=bjorn)"
ATTRS="mail postaladdress telephonenumber cn uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'mail=*@mail.alumni.example.com' cn sn title uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -187,10 +194,13 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
echo "Query 7: filter:(mail=*) cn sn title uid" CNT=`expr $CNT + 1`
echo "# Query 7: filter:(mail=*) cn sn title uid" >> $SLAVEOUT FILTER="(mail=*@mail.alumni.example.com)"
ATTRS="cn sn title uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'mail=*' cn sn title uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -198,8 +208,78 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
# queries 2-6 are cacheable CNT=`expr $CNT + 1`
CACHEABILITY=0111110 FILTER="(mail=*)"
ATTRS="cn sn title uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
"$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
CNT=`expr $CNT + 1`
FILTER="(mail=*example.com)"
ATTRS="cn sn title uid"
USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD="bjorn"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-D "$USERDN" -w "$PASSWD" \
"$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$?
case $RC in
0)
echo "ldapsearch should have failed!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
4)
echo "ldapsearch failed ($RC)"
;;
*)
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
CNT=`expr $CNT + 1`
FILTER="(uid=b*)"
ATTRS="mail"
USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD="bjorn"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-D "$USERDN" -w "$PASSWD" \
"$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$?
case $RC in
0)
echo "ldapsearch should have failed!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
4)
echo "ldapsearch failed ($RC)"
;;
*)
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
FIRST=$CNT
# queries 2-6,8-9 are cacheable
CACHEABILITY=011111011
grep CACHEABLE $LOG2 | awk '{ grep CACHEABLE $LOG2 | awk '{
if ($2 == "NOT") if ($2 == "NOT")
printf "Query %d not cacheable\n",NR printf "Query %d not cacheable\n",NR
@ -221,10 +301,13 @@ else
exit 1 exit 1
fi fi
echo "Query 8: filter:(|(cn=*Jones)(sn=Jones)) attrs:cn sn title uid" CNT=`expr $CNT + 1`
echo "# Query 8: filter:(|(cn=*Jones)(sn=Jones)) attrs:cn sn title uid" >> $SLAVEOUT FILTER="(|(cn=*Jones)(sn=Jones))"
ATTRS="cn sn title uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -x -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'(|(cn=*Jones)(sn=Jones))' cn sn title uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -232,10 +315,13 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
echo "Query 9: filter:(sn=Smith) attrs:cn sn title uid" CNT=`expr $CNT + 1`
echo "# Query 9: filter:(sn=Smith) attrs:cn sn title uid" >> $SLAVEOUT FILTER="(sn=Smith)"
ATTRS="cn sn title uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'sn=Smith' cn sn title uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -243,10 +329,13 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
echo "Query 10: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid" CNT=`expr $CNT + 1`
echo "# Query 10: filter:(uid=bjorn) attrs:mail postaladdress telephonenumber cn uid" >> $SLAVEOUT FILTER="(uid=bjorn)"
ATTRS="mail postaladdress telephonenumber cn uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'uid=bjorn' mail postaladdress telephonenumber cn uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!" echo "ldapsearch failed ($RC)!"
@ -254,10 +343,13 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
echo "Query 11: filter:(mail=jaj@mail.alumni.example.com) cn sn title uid" CNT=`expr $CNT + 1`
echo "# Query 11: filter:(mail=jaj@mail.alumni.example.com) cn sn title uid" >> $SLAVEOUT FILTER="(mail=jaj@mail.alumni.example.com)"
ATTRS="cn sn title uid"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
'mail=jaj@mail.alumni.example.com' cn sn title uid >> $SLAVEOUT 2>&1 "$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$? RC=$?
if test $RC != 0 ; then if test $RC != 0 ; then
@ -266,18 +358,75 @@ if test $RC != 0 ; then
exit $RC exit $RC
fi fi
#queries 8-11 are answerable CNT=`expr $CNT + 1`
ANSWERABILITY=1111 FILTER="(mail=*example.com)"
grep ANSWERABLE $LOG2 | awk '{ ATTRS="cn sn title uid"
if (NR > 7) { USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD="bjorn"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-D "$USERDN" -w "$PASSWD" \
"$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$?
case $RC in
0)
echo "ldapsearch should have failed!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
4)
echo "ldapsearch failed ($RC)"
;;
*)
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
CNT=`expr $CNT + 1`
FILTER="(uid=b*)"
ATTRS="mail"
USERDN="cn=Bjorn Jensen,ou=Information Technology Division,ou=People,dc=example,dc=com"
PASSWD="bjorn"
echo "Query $CNT: filter:$FILTER attrs:$ATTRS"
echo "# Query $CNT: filter:$FILTER attrs:$ATTRS" >> $SEARCHOUT
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \
-D "$USERDN" -w "$PASSWD" \
"$FILTER" $ATTRS >> $SEARCHOUT 2>> $TESTOUT
RC=$?
case $RC in
0)
echo "ldapsearch should have failed!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
4)
echo "ldapsearch failed ($RC)"
;;
*)
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
#queries 10-12,15 are answerable, 13-14 are not
#actually, 12 would be answerable, but since 8 made mail=*example.com
#not answerable because of sizelimit, queries contained in it are no longer
#answerable as well
ANSWERABILITY=111001
grep ANSWERABLE $LOG2 | awk -vFIRST=$FIRST '{
if (NR > FIRST) {
if ($2 == "NOT") if ($2 == "NOT")
printf "Query %d not answerable\n",NR printf "Query %d not answerable\n",NR
else else
printf "Query %d answerable\n",NR printf "Query %d answerable\n",NR
} }
}' }'
ANSWERED=`grep ANSWERABLE $LOG2 | awk '{ ANSWERED=`grep ANSWERABLE $LOG2 | awk -vFIRST=$FIRST '{
if (NR > 7) { if (NR > FIRST) {
if ($2 == "NOT") if ($2 == "NOT")
printf "0" printf "0"
else else
@ -295,7 +444,7 @@ else
fi fi
echo "Filtering ldapsearch results..." echo "Filtering ldapsearch results..."
. $LDIFFILTER < $SLAVEOUT > $SEARCHFLT . $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif..." echo "Filtering original ldif..."
. $LDIFFILTER < $PROXYCACHEOUT > $LDIFFLT . $LDIFFILTER < $PROXYCACHEOUT > $LDIFFLT
echo "Comparing filter output..." echo "Comparing filter output..."