Commit Graph

12644 Commits

Author SHA1 Message Date
Howard Chu
9d440e3d28 ITS#8307 slapo-accesslog additional check 2021-01-13 16:58:42 +00:00
Howard Chu
85b68aa5e2 ITS#8307 slapo-dds: mark internal searches as do_not_cache 2021-01-13 16:39:24 +00:00
Howard Chu
eefe12366c ITS#8307 fix slapo-accesslog: noop if logDB isn't open yet
Add be_flag for DB OPEN status
2021-01-13 16:35:43 +00:00
Quanah Gibson-Mount
efaf9a4a17 Happy New Year! 2021-01-11 19:25:53 +00:00
Howard Chu
dfe1f6494d ITS#9428 fix cancel exop 2020-12-20 21:31:15 +00:00
Howard Chu
27428b96f5 ITS#9427 fix issuerAndThisUpdateCheck 2020-12-16 18:52:42 +00:00
Howard Chu
354e678ce9 ITS#9426 dynlist: don't add unexpanded groups at end of search
if pagedResults is in use
2020-12-15 22:55:47 +00:00
Howard Chu
777098aa9d ITS#9424 fix serialNumberAndIssuerSerialCheck 2020-12-14 19:03:27 +00:00
Ondřej Kuzník
d9f20cc09e ITS#9363 Set appropriate defaults where needed 2020-12-08 19:11:22 +00:00
Ondřej Kuzník
0c3b8a3524 ITS#9363 Store defaults in ArgConf 2020-12-08 19:11:22 +00:00
Ondřej Kuzník
356715fd08 ITS#9363 Zero out values on config delete 2020-12-08 19:11:22 +00:00
Ondřej Kuzník
a44ba27410 ITS#9363 Unset readonly on delete 2020-12-08 19:11:22 +00:00
Quanah Gibson-Mount
d28e231a69 ITS#9420 - Fix memory leak in modrdn
Fix provided by grapvar@gmail.com
2020-12-08 16:05:35 +00:00
Howard Chu
4e801a9aaf ITS#9416 more componentFilterMatch garbage 2020-12-03 19:30:53 +00:00
Howard Chu
6ae9bf167d ITS#9014 fix component match parsing errors 2020-12-01 21:29:19 +00:00
Howard Chu
e394bcfa76 ITS#9413 fix slap_parse_user 2020-12-01 19:05:06 +00:00
Howard Chu
42d42421a8 ITS#9412 fix AVA_Sort on invalid RDN 2020-12-01 19:04:54 +00:00
Howard Chu
2aef56cd24 ITS#9411 fix thisUpdate check 2020-12-01 19:04:46 +00:00
Howard Chu
0c856f1b64 ITS#9410 remove assert in csnValidate 2020-11-30 16:42:17 +00:00
Howard Chu
b1c1a5eb51 ITS#9409 saslauthz: use slap_sl_free in prev commit 2020-11-30 16:20:18 +00:00
Howard Chu
0e09c857b6 ITS#9409 saslauthz: use ch_free on normalized DN 2020-11-30 11:45:46 +00:00
Howard Chu
a11b719c96 ITS#9408 fix vrfilter double-free 2020-11-28 15:54:17 +00:00
Howard Chu
5c27f9569f ITS#9406 fix debug msg 2020-11-27 14:48:26 +00:00
Howard Chu
fa0f97545c ITS#9406, #9407 remove saslauthz asserts 2020-11-27 14:37:10 +00:00
Howard Chu
12523b0f29 ITS#9400 back-ldap: fix prev commit 2020-11-24 16:08:29 +00:00
Howard Chu
dbe69684a1 ITS#9404 fix serialNumberAndIssuerCheck
Tighten validity checks
2020-11-23 17:14:00 +00:00
Howard Chu
1ea12260d5 ITS#9400 back-ldap: fix retry binds
Regression from fix for ITS#7403
2020-11-23 05:14:30 +00:00
Ondřej Kuzník
323bb1d9a4 Handle upstream rejecting a StartTLS exop 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
0abf3f5bc9 Flush cache before calling dispose()
This needs to be confirmed:
Location based atomics do not imply a full fence of the same level. So
to get the code in dispose() read the actual data, it seems we need to
initiate a fence.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbed44b3e Do not accept requests with msgid == 0
It is used internally to identify pinned operations and should not be
encountered over the wire.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbf25d579 Honour keepalive settings for upstreams 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
25fff30e39 Let the last thread dispose of pending references
If we're idle, there might be objects pending cleanup for the last two
epochs. Unless another thread comes in and checks into a new epoch or we
shut down, they will linger forever.

If one of the objects was a connection, it wouldn't get closed and be
stuck in CLOSE_WAIT state, potentially refusing another ligitimate
connection if its socket address were to match the one we're yet to
close.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
41a74b4689 Introduce the notion of experimental features 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1f6d8611a3 Implement read throttling when writes backlog
Reject operations in such a case with LDAP_BUSY. If read_event feature
is on, just stop reading from the connection. However this could still
result in deadlocks in reasonable situations. Need to figure out better
ways to make it safe and still protect ourselves.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
68b163fca9 Introduce mutex checks
Switched off unless thread debugging is on, but still useful for static
analysis.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
62a806b243 Thread error checking 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1328777a85 Fix a SASL channel-binding leak 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
58d66a3946 Fix race between unlinking a client and processing incoming data 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
959ff07911 Make sure read event is not enabled while upstream_bind is scheduled 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b2e57148fa Shorten to one epoch per PDU
A full read cycle can take a very long time if the limits are set too
high.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b49f51879f Implement client pending operation limits 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
f832024e90 Straighten up client pending op tracking 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dc1961cb15 Epoch based memory reclamation
Similar to the algorithm presented in
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-579.pdf

Not completely lock-free at the moment. Also the problems with epoch
based memory reclamation are still present - a thread actively observing
an epoch getting stuck will prevent LloadConnections and LloadOperations
being freed, potentially running out of memory.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
aab6af1c4e Switch to LDAP_OTHER when handling a lost upstream.
LDAP_UNAVAILABLE signals "the server is shutting down or a subsystem
necessary to complete the operation is offline", so intelligent clients
tend to infer the connection will not be usable any more, which is not
the case here.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
81ead4a5f4 Fix races with backend_retry 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
78f25a3c91 A failed cn=config ADD needs to be handled 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
4b3d21146b Introduce SASL support for upstream connections 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
05e0906f8b Fix backend starttls= setting being ignored 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
9444dfc991 Simplify pause handling
Gets rid of a race where unpause+pause fired in a quick succession would
miss the event_base_loopbreak() call.
2020-11-17 17:58:15 +00:00
Ondřej Kuzník
25a4d684fc Permit lloadd to share slapd TLS context 2020-11-17 17:58:15 +00:00