Memory context tweaks for Bind

280fc819 · Howard Chu · be28bf24 · 280fc819 · 280fc819 · 280fc819
Commit 280fc819 authored Apr 12, 2003 by Howard Chu
--- a/servers/slapd/acl.c
+++ b/servers/slapd/acl.c
@@ -1424,9 +1424,9 @@ aci_get_part(
 }

 BerVarray
-aci_set_gather (void *cookie, struct berval *name, struct berval *attr)
+aci_set_gather (SetCookie *cookie, struct berval *name, struct berval *attr)
 {
-	AciSetCookie *cp = cookie;
+	AciSetCookie *cp = (AciSetCookie *)cookie;
 	BerVarray bvals = NULL;
 	struct berval ndn;

@@ -1435,14 +1435,14 @@ aci_set_gather (void *cookie, struct berval *name, struct berval *attr)
 	 * also return the syntax or some "comparison cookie".
 	 */

-	if (dnNormalize2(NULL, name, &ndn, cp->op->o_tmpmemctx ) == LDAP_SUCCESS) {
+	if (dnNormalize2(NULL, name, &ndn, cp->op->o_tmpmemctx) == LDAP_SUCCESS) {
 		const char *text;
 		AttributeDescription *desc = NULL;
 		if (slap_bv2ad(attr, &desc, &text) == LDAP_SUCCESS) {
 			backend_attribute(cp->op,
 				cp->e, &ndn, desc, &bvals);
 		}
-		free(ndn.bv_val);
+		sl_free(ndn.bv_val, cp->op->o_tmpmemctx);
 	}
 	return(bvals);
 }
@@ -1460,7 +1460,7 @@ aci_match_set (
 	AciSetCookie cookie;

 	if (setref == 0) {
-		ber_dupbv( &set, subj );
+		ber_dupbv_x( &set, subj, op->o_tmpmemctx );
 	} else {
 		struct berval subjdn, ndn = { 0, NULL };
 		struct berval setat;
@@ -1497,7 +1497,7 @@ aci_match_set (
 						bvals[0].bv_val = bvals[i-1].bv_val;
 						bvals[i-1].bv_val = NULL;
 					}
-					ber_bvarray_free(bvals);
+					ber_bvarray_free_x(bvals, op->o_tmpmemctx);
 				}
 			}
 			if (ndn.bv_val)
@@ -1508,9 +1508,9 @@ aci_match_set (
 	if (set.bv_val != NULL) {
 		cookie.op = op;
 		cookie.e = e;
-		rc = (slap_set_filter(aci_set_gather, &cookie, &set,
+		rc = (slap_set_filter(aci_set_gather, (SetCookie *)&cookie, &set,
 			&op->o_ndn, &e->e_nname, NULL) > 0);
-		ch_free(set.bv_val);
+		sl_free(set.bv_val, op->o_tmpmemctx);
 	}
 	return(rc);
 }

--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -1206,7 +1206,7 @@ backend_attribute(

 			for ( i=0; a->a_vals[i].bv_val; i++ ) ;
 			
-			v = ch_malloc( sizeof(struct berval) * (i+1) );
+			v = op->o_tmpalloc( sizeof(struct berval) * (i+1), op->o_tmpmemctx );
 			for ( i=0,j=0; a->a_vals[i].bv_val; i++ ) {
 				if ( op->o_conn && access_allowed( op,
 					e, entry_at,
@@ -1214,13 +1214,12 @@ backend_attribute(
 					ACL_AUTH, &acl_state ) == 0 ) {
 					continue;
 				}
-				ber_dupbv( &v[j],
-					&a->a_nvals[i]
-					);
+				ber_dupbv_x( &v[j],
+					&a->a_nvals[i], op->o_tmpmemctx );
 				if (v[j].bv_val ) j++;
 			}
 			if (j == 0) {
-				ch_free( v );
+				op->o_tmpfree( v, op->o_tmpmemctx );
 				*vals = NULL;
 				rc = LDAP_INSUFFICIENT_ACCESS;
 			} else {

--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -161,6 +161,10 @@ do_bind(
 		goto cleanup;
 	} 

+	/* We use the tmpmemctx here because it speeds up normalization.
+	 * However, we must dup with regular malloc when storing any
+	 * resulting DNs in the op or conn structures.
+	 */
 	rs->sr_err = dnPrettyNormal( NULL, &dn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
 	if ( rs->sr_err != LDAP_SUCCESS ) {
 #ifdef NEW_LOGGING
@@ -292,11 +296,14 @@ do_bind(

 		ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
 		if( rs->sr_err == LDAP_SUCCESS ) {
-			op->o_conn->c_dn = op->orb_edn;
+			ber_dupbv(&op->o_conn->c_dn, &op->orb_edn);
 			if( op->orb_edn.bv_len != 0 ) {
 				/* edn is always normalized already */
 				ber_dupbv( &op->o_conn->c_ndn, &op->o_conn->c_dn );
 			}
+			op->o_tmpfree( op->orb_edn.bv_val, op->o_tmpmemctx );
+			op->orb_edn.bv_val = NULL;
+			op->orb_edn.bv_len = 0;
 			op->o_conn->c_authmech = op->o_conn->c_sasl_bind_mech;
 			op->o_conn->c_sasl_bind_mech.bv_val = NULL;
 			op->o_conn->c_sasl_bind_mech.bv_len = 0;
@@ -428,7 +435,7 @@ do_bind(
 		{
 			rs->sr_err = LDAP_CONFIDENTIALITY_REQUIRED;
 			rs->sr_text = "unwilling to perform simple authentication "
-				"without confidentilty protection";
+				"without confidentiality protection";

 			send_ldap_result( op, rs );

@@ -542,13 +549,16 @@ do_bind(
 			/* Set the new connection DN. */
 			if ( rs->sr_err != SLAPI_BIND_ANONYMOUS ) {
 				slapi_pblock_get( pb, SLAPI_CONN_DN, (void *)&op->orb_edn.bv_val );
+				if ( op->orb_edn.bv_val ) op->orb_edn.bv_len = strlen( op->orb_edn.bv_val );
 			}
 			rs->sr_err = dnPrettyNormal( NULL, &op->orb_edn, &op->o_req_dn, &op->o_req_ndn, op->o_tmpmemctx );
 			ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
-			op->o_conn->c_dn = op->o_req_dn;
-			op->o_conn->c_ndn = op->o_req_ndn;
+			ber_dupbv(&op->o_conn->c_dn, &op->o_req_dn);
+			ber_dupbv(&op->o_conn->c_ndn, &op->o_req_ndn);
+			op->o_tmpfree( op->o_req_dn.bv_val, op->o_tmpmemctx );
 			op->o_req_dn.bv_val = NULL;
 			op->o_req_dn.bv_len = 0;
+			op->o_tmpfree( op->o_req_ndn.bv_val, op->o_tmpmemctx );
 			op->o_req_ndn.bv_val = NULL;
 			op->o_req_ndn.bv_len = 0;
 			if ( op->o_conn->c_dn.bv_len != 0 ) {
@@ -585,6 +595,7 @@ do_bind(
 				op->o_conn->c_authz_backend = op->o_bd;
 			}

+			/* be_bind returns regular/global edn */
 			if(op->orb_edn.bv_len) {
 				op->o_conn->c_dn = op->orb_edn;
 			} else {

--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -919,7 +919,7 @@ connection_operation( void *ctx, void *arg_v )
 	memsiz = ber_len( op->o_ber ) * 32;
 	if ( SLAB_SIZE > memsiz ) memsiz = SLAB_SIZE;

-	if ( tag == LDAP_REQ_SEARCH ) {
+	if ( tag == LDAP_REQ_SEARCH || tag == LDAP_REQ_BIND ) {
 		memctx = sl_mem_create( memsiz, ctx );
 		ber_set_option( op->o_ber, LBER_OPT_BER_MEMCTX, memctx );
 		op->o_tmpmemctx = memctx;

--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -1563,7 +1563,7 @@ int slap_sasl_getdn( Connection *conn, Operation *op, char *id, int len,
 			/* EXTERNAL DNs are already normalized */
 			do_norm = 0;
 			is_dn = SET_DN;
-			ber_str2bv( id, len, 1, dn );
+			ber_str2bv_x( id, len, 1, dn, op->o_tmpmemctx );

 		} else {
 			/* convert to u:<username> form */

--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -228,7 +228,8 @@ static void slap_sasl_rx_exp(
 	const int *off,
 	regmatch_t *str,
 	const char *saslname,
-	struct berval *out )
+	struct berval *out,
+	void *ctx )
 {
 	int i, n, len, insert;

@@ -247,7 +248,7 @@ static void slap_sasl_rx_exp(
 		len += str[i].rm_eo - str[i].rm_so;
 		n++;
 	}
-	out->bv_val = ch_malloc( len + 1 );
+	out->bv_val = sl_malloc( len + 1, ctx );
 	out->bv_len = len;

 	/* Fill in URI with replace string, replacing $i as we go */
@@ -277,7 +278,7 @@ static void slap_sasl_rx_exp(
   LDAP URI to find the matching LDAP entry, using the pattern matching
   strings given in the saslregexp config file directive(s) */

-static int slap_sasl_regexp( struct berval *in, struct berval *out )
+static int slap_sasl_regexp( struct berval *in, struct berval *out, void *ctx )
 {
 	char *saslname = in->bv_val;
 	SaslRegexp_t *reg;
@@ -312,7 +313,7 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out )
 	 * to replace the $1,$2 with the strings that matched (b.*) and (d.*)
 	 */
 	slap_sasl_rx_exp( reg->sr_replace, reg->sr_offset,
-		reg->sr_strings, saslname, out );
+		reg->sr_strings, saslname, out, ctx );

 #ifdef NEW_LOGGING
 	LDAP_LOG( TRANSPORT, ENTRY, 
@@ -336,7 +337,7 @@ static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs )

 	/* We only want to be called once */
 	if( ndn->bv_val ) {
-		free(ndn->bv_val);
+		o->o_tmpfree(ndn->bv_val, o->o_tmpmemctx);
 		ndn->bv_val = NULL;

 #ifdef NEW_LOGGING
@@ -349,7 +350,7 @@ static int sasl_sc_sasl2dn( Operation *o, SlapReply *rs )
 		return -1;
 	}

-	ber_dupbv(ndn, &rs->sr_entry->e_nname);
+	ber_dupbv_x(ndn, &rs->sr_entry->e_nname, o->o_tmpmemctx);
 	return 0;
 }

@@ -465,7 +466,7 @@ int slap_sasl_match(Operation *opx, struct berval *rule, struct berval *assertDN
 	}

 CONCLUDED:
-	if( op.o_req_ndn.bv_len ) ch_free( op.o_req_ndn.bv_val );
+	if( op.o_req_ndn.bv_len ) sl_free( op.o_req_ndn.bv_val, opx->o_tmpmemctx );
 	if( op.oq_search.rs_filter ) filter_free_x( opx, op.oq_search.rs_filter );

 #ifdef NEW_LOGGING
@@ -567,12 +568,12 @@ void slap_sasl2dn( Operation *opx,
 	cb.sc_private = sasldn;

 	/* Convert the SASL name into a minimal URI */
-	if( !slap_sasl_regexp( saslname, &regout ) ) {
+	if( !slap_sasl_regexp( saslname, &regout, opx->o_tmpmemctx ) ) {
 		goto FINISHED;
 	}

 	rc = slap_parseURI( opx, &regout, &op.o_req_ndn, &op.oq_search.rs_scope, &op.oq_search.rs_filter );
-	if( regout.bv_val ) ch_free( regout.bv_val );
+	if( regout.bv_val ) sl_free( regout.bv_val, opx->o_tmpmemctx );
 	if( rc != LDAP_SUCCESS ) {
 		goto FINISHED;
 	}

--- a/servers/slapd/sets.c
+++ b/servers/slapd/sets.c
@@ -12,9 +12,9 @@
 #include "slap.h"
 #include "sets.h"

-static BerVarray set_join (BerVarray lset, int op, BerVarray rset);
+static BerVarray set_join (SetCookie *cp, BerVarray lset, int op, BerVarray rset);
 static BerVarray set_chase (SLAP_SET_GATHER gatherer,
-	void *cookie, BerVarray set, struct berval *attr, int closure);
+	SetCookie *cookie, BerVarray set, struct berval *attr, int closure);
 static int set_samedn (char *dn1, char *dn2);

 long
@@ -31,13 +31,13 @@ slap_set_size (BerVarray set)
 }

 void
-slap_set_dispose (BerVarray set)
+slap_set_dispose (SetCookie *cp, BerVarray set)
 {
-	ber_bvarray_free(set);
+	ber_bvarray_free_x(set, cp->op->o_tmpmemctx);
 }

 static BerVarray
-set_join (BerVarray lset, int op, BerVarray rset)
+set_join (SetCookie *cp, BerVarray lset, int op, BerVarray rset)
 {
 	BerVarray set;
 	long i, j, last;
@@ -47,19 +47,20 @@ set_join (BerVarray lset, int op, BerVarray rset)
 		if (lset == NULL || lset->bv_val == NULL) {
 			if (rset == NULL) {
 				if (lset == NULL)
-					return(SLAP_CALLOC(1, sizeof(struct berval)));
+					return(cp->op->o_tmpcalloc(1, sizeof(struct berval),
+						cp->op->o_tmpmemctx));
 				return(lset);
 			}
-			slap_set_dispose(lset);
+			slap_set_dispose(cp, lset);
 			return(rset);
 		}
 		if (rset == NULL || rset->bv_val == NULL) {
-			slap_set_dispose(rset);
+			slap_set_dispose(cp, rset);
 			return(lset);
 		}

 		i = slap_set_size(lset) + slap_set_size(rset) + 1;
-		set = SLAP_CALLOC(i, sizeof(struct berval));
+		set = cp->op->o_tmpcalloc(i, sizeof(struct berval), cp->op->o_tmpmemctx);
 		if (set != NULL) {
 			/* set_chase() depends on this routine to
 			 * keep the first elements of the result
@@ -68,11 +69,11 @@ set_join (BerVarray lset, int op, BerVarray rset)
 			 */
 			for (i = 0; lset[i].bv_val; i++)
 				set[i] = lset[i];
-			ch_free(lset);
+			cp->op->o_tmpfree(lset, cp->op->o_tmpmemctx);
 			for (i = 0; rset[i].bv_val; i++) {
 				for (j = 0; set[j].bv_val; j++) {
 					if (set_samedn(rset[i].bv_val, set[j].bv_val)) {
-						ch_free(rset[i].bv_val);
+						cp->op->o_tmpfree(rset[i].bv_val, cp->op->o_tmpmemctx);
 						rset[i].bv_val = NULL;
 						break;		
 					}	
@@ -80,14 +81,14 @@ set_join (BerVarray lset, int op, BerVarray rset)
 				if (rset[i].bv_val)
 					set[j] = rset[i];
 			}
-			ch_free(rset);
+			cp->op->o_tmpfree(rset, cp->op->o_tmpmemctx);
 		}
 		return(set);
 	}

 	if (op == '&') {
 		if (lset == NULL || lset->bv_val == NULL || rset == NULL || rset->bv_val == NULL) {
-			set = SLAP_CALLOC(1, sizeof(struct berval));
+			set = cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx);
 		} else {
 			set = lset;
 			lset = NULL;
@@ -98,7 +99,7 @@ set_join (BerVarray lset, int op, BerVarray rset)
 						break;
 				}
 				if (rset[j].bv_val == NULL) {
-					ch_free(set[i].bv_val);
+					cp->op->o_tmpfree(set[i].bv_val, cp->op->o_tmpmemctx);
 					set[i] = set[last];
 					set[last].bv_val = NULL;
 					last--;
@@ -108,14 +109,14 @@ set_join (BerVarray lset, int op, BerVarray rset)
 		}
 	}

-	slap_set_dispose(lset);
-	slap_set_dispose(rset);
+	slap_set_dispose(cp, lset);
+	slap_set_dispose(cp, rset);
 	return(set);
 }

 static BerVarray
 set_chase (SLAP_SET_GATHER gatherer,
-	void *cookie, BerVarray set, struct berval *attr, int closure)
+	SetCookie *cp, BerVarray set, struct berval *attr, int closure)
 {
 	BerVarray vals, nset;
 	char attrstr[32];
@@ -126,35 +127,35 @@ set_chase (SLAP_SET_GATHER gatherer,
 	bv.bv_val = attrstr;

 	if (set == NULL)
-		return(SLAP_CALLOC(1, sizeof(struct berval)));
+		return(cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx));

 	if (set->bv_val == NULL)
 		return(set);

 	if (attr->bv_len > (sizeof(attrstr) - 1)) {
-		slap_set_dispose(set);
+		slap_set_dispose(cp, set);
 		return(NULL);
 	}
 	AC_MEMCPY(attrstr, attr->bv_val, attr->bv_len);
 	attrstr[attr->bv_len] = 0;

-	nset = SLAP_CALLOC(1, sizeof(struct berval));
+	nset = cp->op->o_tmpcalloc(1, sizeof(struct berval), cp->op->o_tmpmemctx);
 	if (nset == NULL) {
-		slap_set_dispose(set);
+		slap_set_dispose(cp, set);
 		return(NULL);
 	}
 	for (i = 0; set[i].bv_val; i++) {
-		vals = (gatherer)(cookie, &set[i], &bv);
+		vals = (gatherer)(cp, &set[i], &bv);
 		if (vals != NULL)
-			nset = set_join(nset, '|', vals);
+			nset = set_join(cp, nset, '|', vals);
 	}
-	slap_set_dispose(set);
+	slap_set_dispose(cp, set);

 	if (closure) {
 		for (i = 0; nset[i].bv_val; i++) {
-			vals = (gatherer)(cookie, &nset[i], &bv);
+			vals = (gatherer)(cp, &nset[i], &bv);
 			if (vals != NULL) {
-				nset = set_join(nset, '|', vals);
+				nset = set_join(cp, nset, '|', vals);
 				if (nset == NULL)
 					break;
 			}
@@ -196,7 +197,7 @@ set_samedn (char *dn1, char *dn2)

 int
 slap_set_filter (SLAP_SET_GATHER gatherer,
-	void *cookie, struct berval *fbv,
+	SetCookie *cp, struct berval *fbv,
 	struct berval *user, struct berval *this, BerVarray *results)
 {
 #define IS_SET(x)	( (long)(x) >= 256 )
@@ -245,7 +246,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
 				op = (long)SF_POP();
 				lset = SF_POP();
 				SF_POP();
-				set = set_join(lset, op, set);
+				set = set_join(cp, lset, op, set);
 				if (set == NULL)
 					SF_ERROR(memory);
 				SF_PUSH(set);
@@ -266,7 +267,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
 			} else if (IS_OP(SF_TOP())) {
 				op = (long)SF_POP();
 				lset = SF_POP();
-				set = set_join(lset, op, set);
+				set = set_join(cp, lset, op, set);
 				if (set == NULL)
 					SF_ERROR(memory);
 				SF_PUSH(set);
@@ -287,10 +288,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
 			if (c == 0)
 				SF_ERROR(syntax);
 			
-			set = SLAP_CALLOC(2, sizeof(struct berval));
+			set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx);
 			if (set == NULL)
 				SF_ERROR(memory);
-			set->bv_val = SLAP_CALLOC(len + 1, sizeof(char));
+			set->bv_val = cp->op->o_tmpcalloc(len + 1, sizeof(char), cp->op->o_tmpmemctx);
 			if (set->bv_val == NULL)
 				SF_ERROR(memory);
 			AC_MEMCPY(set->bv_val, &filter[-len - 1], len);
@@ -331,10 +332,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
 			{
 				if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP()))
 					SF_ERROR(syntax);
-				set = SLAP_CALLOC(2, sizeof(struct berval));
+				set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx);
 				if (set == NULL)
 					SF_ERROR(memory);
-				ber_dupbv( set, this );
+				ber_dupbv_x( set, this, cp->op->o_tmpmemctx );
 				if (set->bv_val == NULL)
 					SF_ERROR(memory);
 			} else if (len == 4
@@ -342,10 +343,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
 			{
 				if ((SF_TOP() == (void *)'/') || IS_SET(SF_TOP()))
 					SF_ERROR(syntax);
-				set = SLAP_CALLOC(2, sizeof(struct berval));
+				set = cp->op->o_tmpcalloc(2, sizeof(struct berval), cp->op->o_tmpmemctx);
 				if (set == NULL)
 					SF_ERROR(memory);
-				ber_dupbv( set, user );
+				ber_dupbv_x( set, user, cp->op->o_tmpmemctx );
 				if (set->bv_val == NULL)
 					SF_ERROR(memory);
 			} else if (SF_TOP() != (void *)'/') {
@@ -356,7 +357,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
 				fb2.bv_val = filter;
 				fb2.bv_len = len;
 				set = set_chase(gatherer,
-					cookie, SF_POP(), &fb2, c == '*');
+					cp, SF_POP(), &fb2, c == '*');
 				if (set == NULL)
 					SF_ERROR(memory);
 				if (c == '*')
@@ -377,7 +378,7 @@ slap_set_filter (SLAP_SET_GATHER gatherer,
 	} else if (IS_OP(SF_TOP())) {
 		op = (long)SF_POP();
 		lset = SF_POP();
-		set = set_join(lset, op, set);
+		set = set_join(cp, lset, op, set);
 		if (set == NULL)
 			SF_ERROR(memory);
 	} else {
@@ -392,10 +393,10 @@ slap_set_filter (SLAP_SET_GATHER gatherer,

 _error:
 	if (IS_SET(set))
-		slap_set_dispose(set);
+		slap_set_dispose(cp, set);
 	while ((set = SF_POP())) {
 		if (IS_SET(set))
-			slap_set_dispose(set);
+			slap_set_dispose(cp, set);
 	}
 	return(rc);
 }
--- a/servers/slapd/sets.h
+++ b/servers/slapd/sets.h
@@ -11,20 +11,24 @@

 LDAP_BEGIN_DECL

+typedef struct slap_set_cookie {
+	struct slap_op *op;
+} SetCookie;
+
 /* this routine needs to return the bervals instead of
 * plain strings, since syntax is not known.  It should
 * also return the syntax or some "comparison cookie"
 * that is used by set_filter.
 */
 typedef BerVarray (SLAP_SET_GATHER)(
-	void *cookie, struct berval *name, struct berval *attr);
+	SetCookie *cookie, struct berval *name, struct berval *attr);

 LDAP_SLAPD_F (long) slap_set_size(BerVarray set);
-LDAP_SLAPD_F (void) slap_set_dispose(BerVarray set);
+LDAP_SLAPD_F (void) slap_set_dispose(SetCookie *cookie, BerVarray set);

 LDAP_SLAPD_F (int) slap_set_filter(
 	SLAP_SET_GATHER gatherer,
-	void *cookie, struct berval *filter,
+	SetCookie *cookie, struct berval *filter,
 	struct berval *user, struct berval *this, BerVarray *results);

 LDAP_END_DECL