You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2007/11/16 15:22:29 UTC
svn commit: r595675 - in /httpd/httpd/branches/2.2.x: CHANGES STATUS
modules/ldap/util_ldap.c
Author: covener
Date: Fri Nov 16 06:22:27 2007
New Revision: 595675
URL: http://svn.apache.org/viewvc?rev=595675&view=rev
Log:
Merge r591499, r593919 from trunk:
spurious 401s with message "DN has not been defined" when cache expiration happens in another thread
PR 43786
Modified:
httpd/httpd/branches/2.2.x/CHANGES
httpd/httpd/branches/2.2.x/STATUS
httpd/httpd/branches/2.2.x/modules/ldap/util_ldap.c
Modified: httpd/httpd/branches/2.2.x/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/CHANGES?rev=595675&r1=595674&r2=595675&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/CHANGES [utf-8] (original)
+++ httpd/httpd/branches/2.2.x/CHANGES [utf-8] Fri Nov 16 06:22:27 2007
@@ -1,6 +1,10 @@
-*- coding: utf-8 -*-
Changes with Apache 2.2.7
+ *) mod_ldap: Give callers a reference to data copied into the request
+ pool instead of references directly into the cache
+ PR 43786 [Eric Covener]
+
*) mod_ldap: Stop passing a reference to pconf around for
(limited) use during request processing, avoiding possible
memory corruption and crashes. [Eric Covener]
Modified: httpd/httpd/branches/2.2.x/STATUS
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/STATUS?rev=595675&r1=595674&r2=595675&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/STATUS (original)
+++ httpd/httpd/branches/2.2.x/STATUS Fri Nov 16 06:22:27 2007
@@ -79,18 +79,6 @@
PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
[ start all new proposals below, under PATCHES PROPOSED. ]
- * mod_ldap: Don't return references into shared memory to the caller,
- as these may expire at any time because callers don't hold
- a cache lock
- http://svn.apache.org/viewvc?view=rev&revision=591499
- http://svn.apache.org/viewvc?view=rev&revision=593919
- +1: covener, rpluem, rederpj
- rederpj: Though it should never be a problem (famous last words), should
- there be some sort of verification of i vs. k? (since you
- allocate based on k and copy based on i)
- covener: attrs/vals are defined as being the same length and null terminated,
- we just need to count the length of one to allocate the other
-
PATCHES PROPOSED TO BACKPORT FROM TRUNK:
[ New proposals should be added at the end of the list ]
Modified: httpd/httpd/branches/2.2.x/modules/ldap/util_ldap.c
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/ldap/util_ldap.c?rev=595675&r1=595674&r2=595675&view=diff
==============================================================================
--- httpd/httpd/branches/2.2.x/modules/ldap/util_ldap.c (original)
+++ httpd/httpd/branches/2.2.x/modules/ldap/util_ldap.c Fri Nov 16 06:22:27 2007
@@ -921,8 +921,16 @@
&& (strcmp(search_nodep->bindpw, bindpw) == 0))
{
/* ...and entry is valid */
- *binddn = search_nodep->dn;
- *retvals = search_nodep->vals;
+ *binddn = apr_pstrdup(r->pool, search_nodep->dn);
+ if (attrs) {
+ int i = 0, k = 0;
+ while (attrs[k++]);
+ *retvals = apr_pcalloc(r->pool, sizeof(char *) * k);
+ while (search_nodep->vals[i]) {
+ (*retvals)[i] = apr_pstrdup(r->pool, search_nodep->vals[i]);
+ i++;
+ }
+ }
LDAP_CACHE_UNLOCK();
ldc->reason = "Authentication successful (cached)";
return LDAP_SUCCESS;
@@ -1161,8 +1169,16 @@
}
else {
/* ...and entry is valid */
- *binddn = search_nodep->dn;
- *retvals = search_nodep->vals;
+ *binddn = apr_pstrdup(r->pool, search_nodep->dn);
+ if (attrs) {
+ int i = 0, k = 0;
+ while (attrs[k++]);
+ *retvals = apr_pcalloc(r->pool, sizeof(char *) * k);
+ while (search_nodep->vals[i]) {
+ (*retvals)[i] = apr_pstrdup(r->pool, search_nodep->vals[i]);
+ i++;
+ }
+ }
LDAP_CACHE_UNLOCK();
ldc->reason = "Search successful (cached)";
return LDAP_SUCCESS;