Commit 280fc819 authored by Howard Chu's avatar Howard Chu
Browse files

Memory context tweaks for Bind

parent be28bf24
......@@ -1424,9 +1424,9 @@ aci_get_part(
}
BerVarray
aci_set_gather (void *cookie, struct berval *name, struct berval *attr)
aci_set_gather (SetCookie *cookie, struct berval *name, struct berval *attr)
{
AciSetCookie *cp = cookie;
AciSetCookie *cp = (AciSetCookie *)cookie;
BerVarray bvals = NULL;
struct berval ndn;
......@@ -1435,14 +1435,14 @@ aci_set_gather (void *cookie, struct berval *name, struct berval *attr)
* also return the syntax or some "comparison cookie".
*/
if (dnNormalize2(NULL, name, &ndn, cp->op->o_tmpmemctx ) == LDAP_SUCCESS) {
if (dnNormalize2(NULL, name, &ndn, cp->op->o_tmpmemctx) == LDAP_SUCCESS) {
const char *text;
AttributeDescription *desc = NULL;
if (slap_bv2ad(attr, &desc, &text) == LDAP_SUCCESS) {
backend_attribute(cp->op,
cp->e, &ndn, desc, &bvals);
}
free(ndn.bv_val);
sl_free(ndn.bv_val, cp->op->o_tmpmemctx);
}
return(bvals);
}
......@@ -1460,7 +1460,7 @@ aci_match_set (
AciSetCookie cookie;
if (setref == 0) {
ber_dupbv( &set, subj );
ber_dupbv_x( &set, subj, op->o_tmpmemctx );
} else {
struct berval subjdn, ndn = { 0, NULL };
struct berval setat;
......@@ -1497,7 +1497,7 @@ aci_match_set (
bvals[0].bv_val = bvals[i-1].bv_val;
bvals[i-1].bv_val = NULL;
}
ber_bvarray_free(bvals);
ber_bvarray_free_x(bvals, op->o_tmpmemctx);
}
}
if (ndn.bv_val)
......@@ -1508,9 +1508,9 @@ aci_match_set (
if (set.bv_val != NULL) {
cookie.op = op;
cookie.e = e;
rc = (slap_set_filter(aci_set_gather, &cookie, &set,
rc = (slap_set_filter(aci_set_gather, (SetCookie *)&cookie, &set,
&op->o_ndn, &e->e_nname, NULL) > 0);
ch_free(set.bv_val);
sl_free(set.bv_val, op->o_tmpmemctx);
}
return(rc);
}
......
......@@ -1206,7 +1206,7 @@ backend_attribute(
for ( i=0; a->a_vals[i].bv_val; i++ ) ;
v = ch_malloc( sizeof(struct berval) * (i+1) );
v = op->o_tmpalloc( sizeof(struct berval) * (i+1), op->o_tmpmemctx );
for ( i=0,j=0; a->a_vals[i].bv_val; i++ ) {
if ( op->o_conn && access_allowed( op,
e, entry_at,
......@@ -1214,13 +1214,12 @@ backend_attribute(
ACL_AUTH, &acl_state ) == 0 ) {
continue;
}
ber_dupbv( &v[j],
&a->a_nvals[i]
);
ber_dupbv_x( &v[j],
&a->a_nvals[i], op->o_tmpmemctx );
if (v[j].bv_val ) j++;
}
if (j == 0) {
ch_free( v );
op->o_tmpfree( v, op->o_tmpmemctx );
*vals = NULL;
rc = LDAP_INSUFFICIENT_ACCESS;
} else {
......
......@@ -161,6 +161,10 @@ do_bind(
goto cleanup;
}
/* We use the tmpmemctx here because it speeds up normalization.
* However, we must dup with regular malloc when storing any
* resulting DNs in the op or conn structures.
*/
rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
if ( rs->sr_err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
......@@ -292,11 +296,14 @@ do_bind(
ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
if( rs->sr_err == LDAP_SUCCESS ) {
op->o_conn->c_dn = op->orb_edn;
ber_dupbv(&op->o_conn->c_dn, &op->orb_edn);
if( op->orb_edn.bv_len != 0 ) {
/* edn is always normalized already */
ber_dupbv( &op->o_conn->c_ndn, &op->o_conn->c_dn );
}
op->o_tmpfree( op->orb_edn.bv_val, op->o_tmpmemctx );
op->orb_edn.bv_val = NULL;
op->orb_edn.bv_len = 0;
op->o_conn->c_authmech = op->o_conn->c_sasl_bind_mech;
op->o_conn->c_sasl_bind_mech.bv_val = NULL;
op->o_conn->c_sasl_bind_mech.bv_len = 0;
......@@ -428,7 +435,7 @@ do_bind(
{
rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED;
rs->sr_text = "unwilling to perform simple authentication "
"without confidentilty protection";
"without confidentiality protection";
send_ldap_result( op, rs );
......@@ -542,13 +549,16 @@ do_bind(
/* Set the new connection DN. */
if ( rs->sr_err != SLAPI_BIND_ANONYMOUS ) {
slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&op->orb_edn.bv_val );
if ( op->orb_edn.bv_val ) op->orb_edn.bv_len = strlen( op->orb_edn.bv_val );
}
rs->sr_err = dnPrettyNormal( NULL, &op->orb_edn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
op->o_conn->c_dn = op->o_req_dn;
op->o_conn->c_ndn = op->o_req_ndn;
ber_dupbv(&op->o_conn->c_dn, &op->o_req_dn);
ber_dupbv(&op->o_conn->c_ndn, &op->o_req_ndn);
op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
op->o_req_dn.bv_val = NULL;
op->o_req_dn.bv_len = 0;
op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
op->o_req_ndn.bv_val = NULL;
op->o_req_ndn.bv_len = 0;
if ( op->o_conn->c_dn.bv_len != 0 ) {
......@@ -585,6 +595,7 @@ do_bind(
op->o_conn->c_authz_backend = op->o_bd;
}
/* be_bind returns regular/global edn */
if(op->orb_edn.bv_len) {
op->o_conn->c_dn = op->orb_edn;
} else {
......
......@@ -919,7 +919,7 @@ connection_operation( void *ctx, void *arg_v )
memsiz = ber_len( op->o_ber ) * 32;
if ( SLAB_SIZE > memsiz ) memsiz = SLAB_SIZE;
if ( tag == LDAP_REQ_SEARCH ) {
if ( tag == LDAP_REQ_SEARCH || tag == LDAP_REQ_BIND ) {
memctx = sl_mem_create( memsiz, ctx );
ber_set_option( op->o_ber, LBER_OPT_BER_MEMCTX, memctx );
op->o_tmpmemctx = memctx;
......
......@@ -1563,7 +1563,7 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len,
/* EXTERNAL DNs are already normalized */
do_norm = 0;
is_dn = SET_DN;
ber_str2bv( id, len, 1, dn );
ber_str2bv_x( id, len, 1, dn, op->o_tmpmemctx );
} else {
/* convert to u:<username> form */
......
......@@ -228,7 +228,8 @@ static void slap_sasl_rx_exp(
const int *off,
regmatch_t *str,
const char *saslname,
struct berval *out )
struct berval *out,
void *ctx )
{
int i, n, len, insert;
......@@ -247,7 +248,7 @@ static void slap_sasl_rx_exp(
len += str[i].rm_eo - str[i].rm_so;
n++;
}
out->bv_val = ch_malloc( len + 1 );
out->bv_val = sl_malloc( len + 1, ctx );
out->bv_len = len;
/* Fill in URI with replace string, replacing $i as we go */
......@@ -277,7 +278,7 @@ static void slap_sasl_rx_exp(
LDAP URI to find the matching LDAP entry, using the pattern matching
strings given in the saslregexp config file directive(s) */
static int slap_sasl_regexp( struct berval *in, struct berval *out )
static int slap_sasl_regexp( struct berval *in, struct berval *out, void *ctx )
{
char *saslname = in->bv_val;
SaslRegexp_t *reg;
......@@ -312,7 +313,7 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out )
* to replace the $1,$2 with the strings that matched (b.*) and (d.*)
*/
slap_sasl_rx_exp( reg->sr_replace, reg->sr_offset,
reg->sr_strings, saslname, out );
reg->sr_strings, saslname, out, ctx );
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,
......@@ -336,7 +337,7 @@ static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs )
/* We only want to be called once */
if( ndn->bv_val ) {
free(ndn->bv_val);
o->o_tmpfree(ndn->bv_val, o->o_tmpmemctx);
ndn->bv_val = NULL;
#ifdef NEW_LOGGING
......@@ -349,7 +350,7 @@ static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs )
return -1;
}
ber_dupbv(ndn, &rs->sr_entry->e_nname);
ber_dupbv_x(ndn, &rs->sr_entry->e_nname, o->o_tmpmemctx);
return 0;
}
......@@ -465,7 +466,7 @@ int slap_sasl_match(Operation *opx, struct berval *rule, struct berval *assertDN
}
CONCLUDED:
if( op.o_req_ndn.bv_len ) ch_free( op.o_req_ndn.bv_val );
if( op.o_req_ndn.bv_len ) sl_free( op.o_req_ndn.bv_val, opx->o_tmpmemctx );
if( op.oq_search.rs_filter ) filter_free_x( opx, op.oq_search.rs_filter );
#ifdef NEW_LOGGING
......@@ -567,12 +568,12 @@ void slap_sasl2dn( Operation *opx,
cb.sc_private = sasldn;
/* Convert the SASL name into a minimal URI */
if( !slap_sasl_regexp( saslname, &regout ) ) {
if( !slap_sasl_regexp( saslname, &regout, opx->o_tmpmemctx ) ) {
goto FINISHED;
}
rc = slap_parseURI( opx, &regout, &op.o_req_ndn, &op.oq_search.rs_scope, &op.oq_search.rs_filter );
if( regout.bv_val ) ch_free( regout.bv_val );
if( regout.bv_val ) sl_free( regout.bv_val, opx->o_tmpmemctx );
if( rc != LDAP_SUCCESS ) {
goto FINISHED;
}
......
......@@ -12,9 +12,9 @@
#include "slap.h"
#include "sets.h"
static BerVarray set_join (BerVarray lset, int op, BerVarray rset);
static BerVarray set_join (SetCookie *cp, BerVarray lset, int op, BerVarray rset);
static BerVarray set_chase (SLAP_SET_GATHER gatherer,
void *cookie, BerVarray set, struct berval *attr, int closure);
SetCookie *cookie, BerVarray set, struct berval *attr, int closure);
static int set_samedn (char *dn1, char *dn2);
long
......@@ -31,13 +31,13 @@ slap_set_size (BerVarray set)
}
void
slap_set_dispose (BerVarray set)
slap_set_dispose (SetCookie *cp, BerVarray set)
{
ber_bvarray_free(set);
ber_bvarray_free_x(set, cp->op->o_tmpmemctx);
}
static BerVarray
set_join (BerVarray lset, int op, BerVarray rset)
set_join (SetCookie *cp, BerVarray lset, int op, BerVarray rset)
{
BerVarray set;
long i, j, last;
......@@ -47,19 +47,20 @@ set_join (BerVarray lset, int op, BerVarray rset)
if (lset == NULL || lset->bv_val == NULL) {
if (rset == NULL) {
if (lset == NULL)
return(SLAP_CALLOC(1, sizeof(struct berval)));
return(cp->op->o_tmpcalloc(1, sizeof(struct berval),
cp->op->o_tmpmemctx));
return(lset);
}
slap_set_dispose(lset);
slap_set_dispose(cp, lset);
return(rset);
}
if (rset == NULL || rset->bv_val == NULL) {
slap_set_dispose(rset);
slap_set_dispose(cp, rset);
return(lset);
}
i = slap_set_size(lset) + slap_set_size(rset) + 1;
set = SLAP_CALLOC(i, sizeof(struct berval));
set = cp->op->o_tmpcalloc(i, sizeof(struct berval), cp->op->o_tmpmemctx);
if (set != NULL) {
/* set_chase() depends on this routine to
* keep the first elements of the result
......@@ -68,11 +69,11 @@ set_join (BerVarray lset, int op, BerVarray rset)
*/
for (i = 0; lset[i].bv_val; i++)
set[i] = lset[i];
ch_free(lset);
cp->op->o_tmpfree(lset, cp->op->o_tmpmemctx);
for (i = 0; rset[i].bv_val; i++) {
for (j = 0; set[j].bv_val; j++) {
if (set_samedn(rset[i].bv_val, set[j].bv_val)) {
ch_free(rset[i].bv_val);
cp->op->o_tmpfree(rset[i].bv_val, cp->op->o_tmpmemctx);
rset[i].bv_val = NULL;
break;
}
......@@ -80,14 +81,14 @@ set_join (BerVarray lset, int op, BerVarray rset)
if (rset[i].bv_val)
set[j] = rset[i];
}
ch_free(rset);
cp->op->o_tmpfree(rset, cp->op->o_tmpmemctx);
}
return(set);
}
if (op == '&') {
if (lset == NULL || lset->bv_val == NULL || rset == NULL || rset->bv_val == NULL) {
set = SLAP_CALLOC(1, sizeof(struct berval));
set = cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx);
} else {
set = lset;
lset = NULL;
......@@ -98,7 +99,7 @@ set_join (BerVarray lset, int op, BerVarray rset)
break;
}
if (rset[j].bv_val == NULL) {
ch_free(set[i].bv_val);
cp->op->o_tmpfree(set[i].bv_val, cp->op->o_tmpmemctx);
set[i] = set[last];
set[last].bv_val = NULL;
last--;
......@@ -108,14 +109,14 @@ set_join (BerVarray lset, int op, BerVarray rset)
}
}
slap_set_dispose(lset);
slap_set_dispose(rset);
slap_set_dispose(cp, lset);
slap_set_dispose(cp, rset);
return(set);
}
static BerVarray
set_chase (SLAP_SET_GATHER gatherer,
void *cookie, BerVarray set, struct berval *attr, int closure)
SetCookie *cp, BerVarray set, struct berval *attr, int closure)
{
BerVarray vals, nset;
char attrstr[32];
......@@ -126,35 +127,35 @@ set_chase (SLAP_SET_GATHER gatherer,
bv.bv_val = attrstr;
if (set == NULL)
return(SLAP_CALLOC(1, sizeof(struct berval)));
return(cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx));
if (set->bv_val == NULL)
return(set);
if (attr->bv_len > (sizeof(attrstr) - 1)) {
slap_set_dispose(set);
slap_set_dispose(cp, set);
return(NULL);
}
AC_MEMCPY(attrstr, attr->bv_val, attr->bv_len);
attrstr[attr->bv_len] = 0;
nset = SLAP_CALLOC(1, sizeof(struct berval));
nset = cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx);
if (nset == NULL) {
slap_set_dispose(set);
slap_set_dispose(cp, set);
return(NULL);
}
for (i = 0; set[i].bv_val; i++) {
vals = (gatherer)(cookie, &set[i], &bv);
vals = (gatherer)(cp, &set[i], &bv);
if (vals != NULL)
nset = set_join(nset, '|', vals);
nset = set_join(cp, nset, '|', vals);
}
slap_set_dispose(set);
slap_set_dispose(cp, set);
if (closure) {
for (i = 0; nset[i].bv_val; i++) {
vals = (gatherer)(cookie, &nset[i], &bv);
vals = (gatherer)(cp, &nset[i], &bv);
if (vals != NULL) {
nset = set_join(nset, '|', vals);
nset = set_join(cp, nset, '|', vals);
if (nset == NULL)
break;
}
......@@ -196,7 +197,7 @@ set_samedn (char *dn1, char *dn2)
int
slap_set_filter (SLAP_SET_GATHER gatherer,
void *cookie, struct berval *fbv,
SetCookie *cp, struct berval *fbv,
struct berval *user, struct berval *this, BerVarray *results)
{
#define IS_SET(x) ( (long)(x) >= 256 )
......@@ -245,7 +246,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
op = (long)SF_POP();
lset = SF_POP();
SF_POP();
set = set_join(lset, op, set);
set = set_join(cp, lset, op, set);
if (set == NULL)
SF_ERROR(memory);
SF_PUSH(set);
......@@ -266,7 +267,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
} else if (IS_OP(SF_TOP())) {
op = (long)SF_POP();
lset = SF_POP();
set = set_join(lset, op, set);
set = set_join(cp, lset, op, set);
if (set == NULL)
SF_ERROR(memory);
SF_PUSH(set);
......@@ -287,10 +288,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
if (c == 0)
SF_ERROR(syntax);
set = SLAP_CALLOC(2, sizeof(struct berval));
set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx);
if (set == NULL)
SF_ERROR(memory);
set->bv_val = SLAP_CALLOC(len + 1, sizeof(char));
set->bv_val = cp->op->o_tmpcalloc(len + 1, sizeof(char), cp->op->o_tmpmemctx);
if (set->bv_val == NULL)
SF_ERROR(memory);
AC_MEMCPY(set->bv_val, &filter[-len - 1], len);
......@@ -331,10 +332,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
{
if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP()))
SF_ERROR(syntax);
set = SLAP_CALLOC(2, sizeof(struct berval));
set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx);
if (set == NULL)
SF_ERROR(memory);
ber_dupbv( set, this );
ber_dupbv_x( set, this, cp->op->o_tmpmemctx );
if (set->bv_val == NULL)
SF_ERROR(memory);
} else if (len == 4
......@@ -342,10 +343,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
{
if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP()))
SF_ERROR(syntax);
set = SLAP_CALLOC(2, sizeof(struct berval));
set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx);
if (set == NULL)
SF_ERROR(memory);
ber_dupbv( set, user );
ber_dupbv_x( set, user, cp->op->o_tmpmemctx );
if (set->bv_val == NULL)
SF_ERROR(memory);
} else if (SF_TOP() != (void *)'/') {
......@@ -356,7 +357,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
fb2.bv_val = filter;
fb2.bv_len = len;
set = set_chase(gatherer,
cookie, SF_POP(), &fb2, c == '*');
cp, SF_POP(), &fb2, c == '*');
if (set == NULL)
SF_ERROR(memory);
if (c == '*')
......@@ -377,7 +378,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
} else if (IS_OP(SF_TOP())) {
op = (long)SF_POP();
lset = SF_POP();
set = set_join(lset, op, set);
set = set_join(cp, lset, op, set);
if (set == NULL)
SF_ERROR(memory);
} else {
......@@ -392,10 +393,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
_error:
if (IS_SET(set))
slap_set_dispose(set);
slap_set_dispose(cp, set);
while ((set = SF_POP())) {
if (IS_SET(set))
slap_set_dispose(set);
slap_set_dispose(cp, set);
}
return(rc);
}
......@@ -11,20 +11,24 @@
LDAP_BEGIN_DECL
typedef struct slap_set_cookie {
struct slap_op *op;
} SetCookie;
/* this routine needs to return the bervals instead of
* plain strings, since syntax is not known. It should
* also return the syntax or some "comparison cookie"
* that is used by set_filter.
*/
typedef BerVarray (SLAP_SET_GATHER)(
void *cookie, struct berval *name, struct berval *attr);
SetCookie *cookie, struct berval *name, struct berval *attr);
LDAP_SLAPD_F (long) slap_set_size(BerVarray set);
LDAP_SLAPD_F (void) slap_set_dispose(BerVarray set);
LDAP_SLAPD_F (void) slap_set_dispose(SetCookie *cookie, BerVarray set);
LDAP_SLAPD_F (int) slap_set_filter(
SLAP_SET_GATHER gatherer,
void *cookie, struct berval *filter,
SetCookie *cookie, struct berval *filter,
struct berval *user, struct berval *this, BerVarray *results);
LDAP_END_DECL
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment