Commit Graph

23388 Commits

Author SHA1 Message Date
Howard Chu
dfe1f6494d ITS#9428 fix cancel exop 2020-12-20 21:31:15 +00:00
Howard Chu
27428b96f5 ITS#9427 fix issuerAndThisUpdateCheck 2020-12-16 18:52:42 +00:00
Howard Chu
354e678ce9 ITS#9426 dynlist: don't add unexpanded groups at end of search
if pagedResults is in use
2020-12-15 22:55:47 +00:00
Howard Chu
d2936fb1d5 ITS#9425 add more checks to ldap_X509dn2bv 2020-12-14 20:05:44 +00:00
Howard Chu
777098aa9d ITS#9424 fix serialNumberAndIssuerSerialCheck 2020-12-14 19:03:27 +00:00
Howard Chu
c944dc55b7 ITS#9423 ldap_X509dn2bv: check for invalid BER after RDN count 2020-12-13 21:52:00 +00:00
Ondřej Kuzník
d9f20cc09e ITS#9363 Set appropriate defaults where needed 2020-12-08 19:11:22 +00:00
Ondřej Kuzník
0c3b8a3524 ITS#9363 Store defaults in ArgConf 2020-12-08 19:11:22 +00:00
Ondřej Kuzník
356715fd08 ITS#9363 Zero out values on config delete 2020-12-08 19:11:22 +00:00
Ondřej Kuzník
a44ba27410 ITS#9363 Unset readonly on delete 2020-12-08 19:11:22 +00:00
Quanah Gibson-Mount
d28e231a69 ITS#9420 - Fix memory leak in modrdn
Fix provided by grapvar@gmail.com
2020-12-08 16:05:35 +00:00
Ding Fei
66254781d2 ITS #9417 ldapexop exit with correct rc value
`rc` collects exit status all the way down but is not used at all? If `code`
comparison at exit is intended then there exists some path that leaves it in
garbage value, say when `ldap_whoami` or `ldap_cancel` fails.
2020-12-04 20:00:47 +08:00
Ding Fei
0b501e6c1f remove unintended semicolon 2020-12-04 10:42:16 +08:00
Howard Chu
4e801a9aaf ITS#9416 more componentFilterMatch garbage 2020-12-03 19:30:53 +00:00
Quanah Gibson-Mount
fd3b8ddedb ITS#9400 - Fix prev commit for modular builds 2020-12-02 23:16:36 +00:00
Howard Chu
6ae9bf167d ITS#9014 fix component match parsing errors 2020-12-01 21:29:19 +00:00
Howard Chu
e394bcfa76 ITS#9413 fix slap_parse_user 2020-12-01 19:05:06 +00:00
Howard Chu
42d42421a8 ITS#9412 fix AVA_Sort on invalid RDN 2020-12-01 19:04:54 +00:00
Howard Chu
2aef56cd24 ITS#9411 fix thisUpdate check 2020-12-01 19:04:46 +00:00
Quanah Gibson-Mount
ec8d6edbd9 Prevent forks of release branches from triggering CI/CD when pushed. All work in forks should be done in a non-release branch 2020-11-30 18:15:21 +00:00
Howard Chu
0c856f1b64 ITS#9410 remove assert in csnValidate 2020-11-30 16:42:17 +00:00
Howard Chu
b1c1a5eb51 ITS#9409 saslauthz: use slap_sl_free in prev commit 2020-11-30 16:20:18 +00:00
Howard Chu
0e09c857b6 ITS#9409 saslauthz: use ch_free on normalized DN 2020-11-30 11:45:46 +00:00
Howard Chu
a11b719c96 ITS#9408 fix vrfilter double-free 2020-11-28 15:54:17 +00:00
Howard Chu
5c27f9569f ITS#9406 fix debug msg 2020-11-27 14:48:26 +00:00
Howard Chu
fa0f97545c ITS#9406, #9407 remove saslauthz asserts 2020-11-27 14:37:10 +00:00
Tero Saarni
a3abd12729 ITS#9400 Added test case for back-ldap retry failure 2020-11-24 18:47:07 +00:00
Howard Chu
12523b0f29 ITS#9400 back-ldap: fix prev commit 2020-11-24 16:08:29 +00:00
Howard Chu
dbe69684a1 ITS#9404 fix serialNumberAndIssuerCheck
Tighten validity checks
2020-11-23 17:14:00 +00:00
Howard Chu
1ea12260d5 ITS#9400 back-ldap: fix retry binds
Regression from fix for ITS#7403
2020-11-23 05:14:30 +00:00
Quanah Gibson-Mount
1aef660f0b ITS#8747 - Regenreate for lloadd 2020-11-20 16:18:15 +00:00
Ondřej Kuzník
8557cc93b7 Add lloadd into our testing regime 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
323bb1d9a4 Handle upstream rejecting a StartTLS exop 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
0abf3f5bc9 Flush cache before calling dispose()
This needs to be confirmed:
Location based atomics do not imply a full fence of the same level. So
to get the code in dispose() read the actual data, it seems we need to
initiate a fence.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbed44b3e Do not accept requests with msgid == 0
It is used internally to identify pinned operations and should not be
encountered over the wire.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbf25d579 Honour keepalive settings for upstreams 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
25fff30e39 Let the last thread dispose of pending references
If we're idle, there might be objects pending cleanup for the last two
epochs. Unless another thread comes in and checks into a new epoch or we
shut down, they will linger forever.

If one of the objects was a connection, it wouldn't get closed and be
stuck in CLOSE_WAIT state, potentially refusing another ligitimate
connection if its socket address were to match the one we're yet to
close.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
41a74b4689 Introduce the notion of experimental features 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1f6d8611a3 Implement read throttling when writes backlog
Reject operations in such a case with LDAP_BUSY. If read_event feature
is on, just stop reading from the connection. However this could still
result in deadlocks in reasonable situations. Need to figure out better
ways to make it safe and still protect ourselves.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
68b163fca9 Introduce mutex checks
Switched off unless thread debugging is on, but still useful for static
analysis.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
62a806b243 Thread error checking 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1328777a85 Fix a SASL channel-binding leak 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
58d66a3946 Fix race between unlinking a client and processing incoming data 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
959ff07911 Make sure read event is not enabled while upstream_bind is scheduled 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b2e57148fa Shorten to one epoch per PDU
A full read cycle can take a very long time if the limits are set too
high.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b49f51879f Implement client pending operation limits 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
f832024e90 Straighten up client pending op tracking 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dc1961cb15 Epoch based memory reclamation
Similar to the algorithm presented in
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-579.pdf

Not completely lock-free at the moment. Also the problems with epoch
based memory reclamation are still present - a thread actively observing
an epoch getting stuck will prevent LloadConnections and LloadOperations
being freed, potentially running out of memory.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
aab6af1c4e Switch to LDAP_OTHER when handling a lost upstream.
LDAP_UNAVAILABLE signals "the server is shutting down or a subsystem
necessary to complete the operation is offline", so intelligent clients
tend to infer the connection will not be usable any more, which is not
the case here.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
81ead4a5f4 Fix races with backend_retry 2020-11-17 17:58:15 +00:00