You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2001/08/18 23:10:04 UTC
cvs commit: httpd-2.0/modules/ldap util_ldap.c util_ldap_cache.c util_ldap_cache.h
minfrin 01/08/18 14:10:04
Modified: . CHANGES
modules/aaa mod_auth_ldap.c
modules/ldap util_ldap.c util_ldap_cache.c util_ldap_cache.h
Log:
Enabled negative caching on attribute comparisons in the LDAP cache.
Fixed a problem where the default cache TTL was set in milliseconds
not microseconds causing the cache to time out almost immediately.
Revision Changes Path
1.313 +5 -0 httpd-2.0/CHANGES
Index: CHANGES
===================================================================
RCS file: /home/cvs/httpd-2.0/CHANGES,v
retrieving revision 1.312
retrieving revision 1.313
diff -u -r1.312 -r1.313
--- CHANGES 2001/08/18 19:44:58 1.312
+++ CHANGES 2001/08/18 21:10:03 1.313
@@ -1,5 +1,10 @@
Changes with Apache 2.0.25-dev
+ *) Enabled negative caching on attribute comparisons in the LDAP cache.
+ Fixed a problem where the default cache TTL was set in milliseconds
+ not microseconds causing the cache to time out almost immediately.
+ [Graham Leggett]
+
*) Fixed all the #if APR_HAS_SHARED_MEMORY checks within the LDAP
module code to follow APR. [Graham Leggett]
1.2 +2 -2 httpd-2.0/modules/aaa/mod_auth_ldap.c
Index: mod_auth_ldap.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/aaa/mod_auth_ldap.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mod_auth_ldap.c 2001/08/18 16:55:14 1.1
+++ mod_auth_ldap.c 2001/08/18 21:10:03 1.2
@@ -505,8 +505,8 @@
case LDAP_COMPARE_TRUE: {
ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r,
"[%d] auth_ldap authorise: require group: "
- "authorisation successful (attribute %s)",
- getpid(), ent[i].name);
+ "authorisation successful (attribute %s) [%s][%s]",
+ getpid(), ent[i].name, ldc->reason, ldap_err2string(result));
return OK;
}
default: {
1.3 +41 -21 httpd-2.0/modules/ldap/util_ldap.c
Index: util_ldap.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ldap/util_ldap.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- util_ldap.c 2001/08/18 19:18:12 1.2
+++ util_ldap.c 2001/08/18 21:10:03 1.3
@@ -60,16 +60,6 @@
* Copyright 1999-2001 Dave Carrigan
*/
-/*
- * FIXME:
- *
- * - The compare cache presently does not have the ability to
- * cache negatively. This has the negative effect of requiring
- * a connect/bind/compare/unbind/disconnect when two or more
- * atrributes are optional for group membership, and performance
- * sucks as a result.
- */
-
#include <apr_ldap.h>
#ifdef APU_HAS_LDAP
@@ -209,7 +199,7 @@
/*
* Destroys an LDAP connection by unbinding. This function is registered
* with the pool cleanup function - causing the LDAP connections to be
- * shut down cleanly on thread exit.
+ * shut down cleanly on graceful restart.
*/
apr_status_t util_ldap_connection_destroy(void *param)
{
@@ -646,6 +636,7 @@
the_compare_node.dn = (char *)dn;
the_compare_node.attrib = (char *)attrib;
the_compare_node.value = (char *)value;
+ the_compare_node.result = 0;
compare_nodep = util_ald_cache_fetch(curl->compare_cache, &the_compare_node);
@@ -659,8 +650,22 @@
/* ...and it is good */
/* unlock this read lock */
apr_lock_release(util_ldap_cache_lock);
- ldc->reason = "Comparison successful (cached)";
- return LDAP_COMPARE_TRUE;
+ if (LDAP_COMPARE_TRUE == compare_nodep->result) {
+ ldc->reason = "Comparison true (cached)";
+ return compare_nodep->result;
+ }
+ else if (LDAP_COMPARE_FALSE == compare_nodep->result) {
+ ldc->reason = "Comparison false (cached)";
+ return compare_nodep->result;
+ }
+ else if (LDAP_NO_SUCH_ATTRIBUTE == compare_nodep->result) {
+ ldc->reason = "Comparison no such attribute (cached)";
+ return compare_nodep->result;
+ }
+ else {
+ ldc->reason = "Comparison undefined (cached)";
+ return compare_nodep->result;
+ }
}
}
/* unlock this read lock */
@@ -685,15 +690,30 @@
ldc->reason = "ldap_compare_s() failed with server down";
goto start_over;
}
-
- if (result == LDAP_COMPARE_TRUE) {
- /* compare succeeded; caching result */
+
+ ldc->reason = "Comparison complete";
+ if ((LDAP_COMPARE_TRUE == result) ||
+ (LDAP_COMPARE_FALSE == result) ||
+ (LDAP_NO_SUCH_ATTRIBUTE == result)) {
+ /* compare completed; caching result */
apr_lock_acquire_rw(util_ldap_cache_lock, APR_WRITER);
the_compare_node.lastcompare = curtime;
+ the_compare_node.result = result;
util_ald_cache_insert(curl->compare_cache, &the_compare_node);
apr_lock_release(util_ldap_cache_lock);
+ if (LDAP_COMPARE_TRUE == result) {
+ ldc->reason = "Comparison true (adding to cache)";
+ return LDAP_COMPARE_TRUE;
+ }
+ else if (LDAP_COMPARE_FALSE == result) {
+ ldc->reason = "Comparison false (adding to cache)";
+ return LDAP_COMPARE_FALSE;
+ }
+ else {
+ ldc->reason = "Comparison no such attribute (adding to cache)";
+ return LDAP_NO_SUCH_ATTRIBUTE;
+ }
}
- ldc->reason = "Comparison complete";
return result;
}
@@ -888,7 +908,7 @@
(util_ldap_state_t *)ap_get_module_config(cmd->server->module_config,
&ldap_module);
- st->search_cache_ttl = atol(ttl) * 1000;
+ st->search_cache_ttl = atol(ttl) * 1000000;
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
"[%d] ldap cache: Setting cache TTL to %ld microseconds.",
@@ -922,7 +942,7 @@
(util_ldap_state_t *)ap_get_module_config(cmd->server->module_config,
&ldap_module);
- st->compare_cache_ttl = atol(ttl) * 1000;
+ st->compare_cache_ttl = atol(ttl) * 1000000;
ap_log_error(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, cmd->server,
"[%d] ldap cache: Setting operation cache TTL to %ld microseconds.",
@@ -978,9 +998,9 @@
st->pool = p;
st->cache_bytes = 100000;
- st->search_cache_ttl = 600000;
+ st->search_cache_ttl = 600000000;
st->search_cache_size = 1024;
- st->compare_cache_ttl = 600000;
+ st->compare_cache_ttl = 600000000;
st->compare_cache_size = 1024;
st->connections = NULL;
1.4 +1 -0 httpd-2.0/modules/ldap/util_ldap_cache.c
Index: util_ldap_cache.c
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ldap/util_ldap_cache.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- util_ldap_cache.c 2001/08/18 19:44:58 1.3
+++ util_ldap_cache.c 2001/08/18 21:10:03 1.4
@@ -168,6 +168,7 @@
node->attrib = util_ald_strdup(n->attrib);
node->value = util_ald_strdup(n->value);
node->lastcompare = n->lastcompare;
+ node->result = n->result;
return node;
}
1.3 +1 -0 httpd-2.0/modules/ldap/util_ldap_cache.h
Index: util_ldap_cache.h
===================================================================
RCS file: /home/cvs/httpd-2.0/modules/ldap/util_ldap_cache.h,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- util_ldap_cache.h 2001/08/18 19:44:58 1.2
+++ util_ldap_cache.h 2001/08/18 21:10:03 1.3
@@ -153,6 +153,7 @@
const char *attrib;
const char *value;
apr_time_t lastcompare;
+ int result;
} util_compare_node_t;
/*