Howard Chu
dfe1f6494d
ITS#9428 fix cancel exop
2020-12-20 21:31:15 +00:00
Howard Chu
27428b96f5
ITS#9427 fix issuerAndThisUpdateCheck
2020-12-16 18:52:42 +00:00
Howard Chu
354e678ce9
ITS#9426 dynlist: don't add unexpanded groups at end of search
...
if pagedResults is in use
2020-12-15 22:55:47 +00:00
Howard Chu
d2936fb1d5
ITS#9425 add more checks to ldap_X509dn2bv
2020-12-14 20:05:44 +00:00
Howard Chu
777098aa9d
ITS#9424 fix serialNumberAndIssuerSerialCheck
2020-12-14 19:03:27 +00:00
Howard Chu
c944dc55b7
ITS#9423 ldap_X509dn2bv: check for invalid BER after RDN count
2020-12-13 21:52:00 +00:00
Ondřej Kuzník
d9f20cc09e
ITS#9363 Set appropriate defaults where needed
2020-12-08 19:11:22 +00:00
Ondřej Kuzník
0c3b8a3524
ITS#9363 Store defaults in ArgConf
2020-12-08 19:11:22 +00:00
Ondřej Kuzník
356715fd08
ITS#9363 Zero out values on config delete
2020-12-08 19:11:22 +00:00
Ondřej Kuzník
a44ba27410
ITS#9363 Unset readonly on delete
2020-12-08 19:11:22 +00:00
Quanah Gibson-Mount
d28e231a69
ITS#9420 - Fix memory leak in modrdn
...
Fix provided by grapvar@gmail.com
2020-12-08 16:05:35 +00:00
Ding Fei
66254781d2
ITS #9417 ldapexop exit with correct rc value
...
`rc` collects exit status all the way down but is not used at all? If `code`
comparison at exit is intended then there exists some path that leaves it in
garbage value, say when `ldap_whoami` or `ldap_cancel` fails.
2020-12-04 20:00:47 +08:00
Ding Fei
0b501e6c1f
remove unintended semicolon
2020-12-04 10:42:16 +08:00
Howard Chu
4e801a9aaf
ITS#9416 more componentFilterMatch garbage
2020-12-03 19:30:53 +00:00
Quanah Gibson-Mount
fd3b8ddedb
ITS#9400 - Fix prev commit for modular builds
2020-12-02 23:16:36 +00:00
Howard Chu
6ae9bf167d
ITS#9014 fix component match parsing errors
2020-12-01 21:29:19 +00:00
Howard Chu
e394bcfa76
ITS#9413 fix slap_parse_user
2020-12-01 19:05:06 +00:00
Howard Chu
42d42421a8
ITS#9412 fix AVA_Sort on invalid RDN
2020-12-01 19:04:54 +00:00
Howard Chu
2aef56cd24
ITS#9411 fix thisUpdate check
2020-12-01 19:04:46 +00:00
Quanah Gibson-Mount
ec8d6edbd9
Prevent forks of release branches from triggering CI/CD when pushed. All work in forks should be done in a non-release branch
2020-11-30 18:15:21 +00:00
Howard Chu
0c856f1b64
ITS#9410 remove assert in csnValidate
2020-11-30 16:42:17 +00:00
Howard Chu
b1c1a5eb51
ITS#9409 saslauthz: use slap_sl_free in prev commit
2020-11-30 16:20:18 +00:00
Howard Chu
0e09c857b6
ITS#9409 saslauthz: use ch_free on normalized DN
2020-11-30 11:45:46 +00:00
Howard Chu
a11b719c96
ITS#9408 fix vrfilter double-free
2020-11-28 15:54:17 +00:00
Howard Chu
5c27f9569f
ITS#9406 fix debug msg
2020-11-27 14:48:26 +00:00
Howard Chu
fa0f97545c
ITS#9406, #9407 remove saslauthz asserts
2020-11-27 14:37:10 +00:00
Tero Saarni
a3abd12729
ITS#9400 Added test case for back-ldap retry failure
2020-11-24 18:47:07 +00:00
Howard Chu
12523b0f29
ITS#9400 back-ldap: fix prev commit
2020-11-24 16:08:29 +00:00
Howard Chu
dbe69684a1
ITS#9404 fix serialNumberAndIssuerCheck
...
Tighten validity checks
2020-11-23 17:14:00 +00:00
Howard Chu
1ea12260d5
ITS#9400 back-ldap: fix retry binds
...
Regression from fix for ITS#7403
2020-11-23 05:14:30 +00:00
Quanah Gibson-Mount
1aef660f0b
ITS#8747 - Regenreate for lloadd
2020-11-20 16:18:15 +00:00
Ondřej Kuzník
8557cc93b7
Add lloadd into our testing regime
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
323bb1d9a4
Handle upstream rejecting a StartTLS exop
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
0abf3f5bc9
Flush cache before calling dispose()
...
This needs to be confirmed:
Location based atomics do not imply a full fence of the same level. So
to get the code in dispose() read the actual data, it seems we need to
initiate a fence.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbed44b3e
Do not accept requests with msgid == 0
...
It is used internally to identify pinned operations and should not be
encountered over the wire.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbf25d579
Honour keepalive settings for upstreams
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
25fff30e39
Let the last thread dispose of pending references
...
If we're idle, there might be objects pending cleanup for the last two
epochs. Unless another thread comes in and checks into a new epoch or we
shut down, they will linger forever.
If one of the objects was a connection, it wouldn't get closed and be
stuck in CLOSE_WAIT state, potentially refusing another ligitimate
connection if its socket address were to match the one we're yet to
close.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
41a74b4689
Introduce the notion of experimental features
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1f6d8611a3
Implement read throttling when writes backlog
...
Reject operations in such a case with LDAP_BUSY. If read_event feature
is on, just stop reading from the connection. However this could still
result in deadlocks in reasonable situations. Need to figure out better
ways to make it safe and still protect ourselves.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
68b163fca9
Introduce mutex checks
...
Switched off unless thread debugging is on, but still useful for static
analysis.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
62a806b243
Thread error checking
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1328777a85
Fix a SASL channel-binding leak
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
58d66a3946
Fix race between unlinking a client and processing incoming data
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
959ff07911
Make sure read event is not enabled while upstream_bind is scheduled
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b2e57148fa
Shorten to one epoch per PDU
...
A full read cycle can take a very long time if the limits are set too
high.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b49f51879f
Implement client pending operation limits
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
f832024e90
Straighten up client pending op tracking
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dc1961cb15
Epoch based memory reclamation
...
Similar to the algorithm presented in
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-579.pdf
Not completely lock-free at the moment. Also the problems with epoch
based memory reclamation are still present - a thread actively observing
an epoch getting stuck will prevent LloadConnections and LloadOperations
being freed, potentially running out of memory.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
aab6af1c4e
Switch to LDAP_OTHER when handling a lost upstream.
...
LDAP_UNAVAILABLE signals "the server is shutting down or a subsystem
necessary to complete the operation is offline", so intelligent clients
tend to infer the connection will not be usable any more, which is not
the case here.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
81ead4a5f4
Fix races with backend_retry
2020-11-17 17:58:15 +00:00