ldap/libkdb_ldap/ldap_handle.c

	ldap_handle.c revision 2
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws/*
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * lib/kdb/kdb_ldap/ldap_handle.c
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Copyright (c) 2004-2005, Novell, Inc.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * All rights reserved.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Redistribution and use in source and binary forms, with or without
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * modification, are permitted provided that the following conditions are met:
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *   * Redistributions of source code must retain the above copyright notice,
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *       this list of conditions and the following disclaimer.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *   * Redistributions in binary form must reproduce the above copyright
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *       notice, this list of conditions and the following disclaimer in the
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *       documentation and/or other materials provided with the distribution.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *   * The copyright holder's name is not used to endorse or promote products
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *       derived from this software without specific prior written permission.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws *
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
4e901881a1e657e1cbf12d7ef9b476ec373e7939Dale Ghent * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * POSSIBILITY OF SUCH DAMAGE.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws */
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws#include "ldap_main.h"
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws#ifdef ASYNC_BIND
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws/*
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Update the server info structure. In case of an asynchronous bind,
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * this function is called to check the bind status. A flag
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * server_info_upate_pending is refered before calling this function.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * This function sets the server_status to either ON or OFF and
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * sets the server_info_udpate_pending to OFF.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Do not lock the mutex here. The caller should lock it
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws */
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mwsstatic krb5_error_code
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mwskrb5_update_server_info(krb5_ldap_server_handle *ldap_server_handle,
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                        krb5_ldap_server_info *server_info)
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws{
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    krb5_error_code            st=0;
4e901881a1e657e1cbf12d7ef9b476ec373e7939Dale Ghent    struct timeval             ztime={0, 0};
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    LDAPMessage                *result=NULL;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    if (ldap_server_handle == NULL || server_info == NULL)
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        return -1;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    while (st == 0) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        st = ldap_result(ldap_server_handle->ldap_handle, ldap_server_handle->msgid,
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                         LDAP_MSG_ALL, &ztime, &result);
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        switch (st) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        case -1:
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            server_info->server_status = OFF;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            time(&server_info->downtime);
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            break;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        case 0:
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            continue;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            break;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        case LDAP_RES_BIND:
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            if ((st=ldap_result2error(ldap_server_handle->ldap_handle, result, 1)) == LDAP_SUCCESS) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                server_info->server_status = ON;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            } else {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                /* ?? */        krb5_set_error_message(0, 0, "%s", ldap_err2string(st));
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                server_info->server_status = OFF;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                time(&server_info->downtime);
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            }
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            ldap_msgfree(result);
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            break;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        default:
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            ldap_msgfree(result);
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            continue;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            break;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        }
4e901881a1e657e1cbf12d7ef9b476ec373e7939Dale Ghent    }
6734c4b0468cc77a7871a5dd5c23a5562557d64cRobert Mustacchi    ldap_server_handle->server_info_update_pending = FALSE;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    return 0;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws}
4e901881a1e657e1cbf12d7ef9b476ec373e7939Dale Ghent#endif
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws/*
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Return ldap server handle from the pool. If the pool is exhausted return NULL.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Do not lock the mutex, caller should lock it
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws */
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mwsstatic krb5_ldap_server_handle *
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mwskrb5_get_ldap_handle(krb5_ldap_context *ldap_context)
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws{
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    krb5_ldap_server_handle    *ldap_server_handle=NULL;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    krb5_ldap_server_info      *ldap_server_info=NULL;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    int                        cnt=0;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    while (ldap_context->server_info_list[cnt] != NULL) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        ldap_server_info = ldap_context->server_info_list[cnt];
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        if (ldap_server_info->server_status != OFF) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            if (ldap_server_info->ldap_server_handles != NULL) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                ldap_server_handle = ldap_server_info->ldap_server_handles;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                ldap_server_info->ldap_server_handles = ldap_server_handle->next;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                break;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws#ifdef ASYNC_BIND
4e901881a1e657e1cbf12d7ef9b476ec373e7939Dale Ghent                if (ldap_server_handle->server_info_update_pending == TRUE) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                    krb5_update_server_info(context, ldap_server_handle,
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                                            ldap_server_info);
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                }
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                if (ldap_server_info->server_status == ON) {
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                    ldap_server_info->ldap_server_handles = ldap_server_handle->next;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                    break;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                } else
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                    ldap_server_handle = NULL;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws#endif
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws            }
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        }
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        ++cnt;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    }
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    return ldap_server_handle;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws}
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws/*
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * This is called incase krb5_get_ldap_handle returns NULL.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Try getting a single connection (handle) and return the same by
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * calling krb5_get_ldap_handle function.
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws * Do not lock the mutex here. The caller should lock it
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws */
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mwsstatic krb5_ldap_server_handle *
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mwskrb5_retry_get_ldap_handle(krb5_ldap_context *ldap_context,
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws                           krb5_error_code *st)
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws{
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    krb5_ldap_server_handle    *ldap_server_handle=NULL;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    if ((*st=krb5_ldap_db_single_init(ldap_context)) != 0)
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws        return NULL;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    ldap_server_handle = krb5_get_ldap_handle(ldap_context);
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws    return ldap_server_handle;
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws}
84ab085a13f931bc78e7415e7ce921dbaa14fcb3mws
/*
 * Put back the ldap server handle to the front of the list of handles of the
 * ldap server info structure.
 * Do not lock the mutex here. The caller should lock it.
 */

static krb5_error_code
krb5_put_ldap_handle(krb5_ldap_server_handle *ldap_server_handle)
{

    if (ldap_server_handle == NULL)
        return 0;

    ldap_server_handle->next = ldap_server_handle->server_info->ldap_server_handles;
    ldap_server_handle->server_info->ldap_server_handles = ldap_server_handle;
    return 0;
}

/*
 * Add a new ldap server handle structure to the server info structure.
 * This function name can be changed to krb5_insert_ldap_handle.
 * Do not lock the mutex here. The caller should lock it
 */

krb5_error_code
krb5_update_ldap_handle(krb5_ldap_server_handle *ldap_server_handle,
                        krb5_ldap_server_info *server_info)
{

    if (ldap_server_handle == NULL || server_info == NULL)
        return 0;

    ldap_server_handle->next = server_info->ldap_server_handles;
    server_info->ldap_server_handles = ldap_server_handle;
    server_info->num_conns++;
    ldap_server_handle->server_info = server_info;
    return 0;
}

/*
 * Free up all the ldap server handles of the server info.
 * This function is called when the ldap server returns LDAP_SERVER_DOWN.
 */

static krb5_error_code
krb5_ldap_cleanup_handles(krb5_ldap_server_info *ldap_server_info)
{
    krb5_ldap_server_handle    *ldap_server_handle = NULL;

    while (ldap_server_info->ldap_server_handles != NULL) {
        ldap_server_handle = ldap_server_info->ldap_server_handles;
        ldap_server_info->ldap_server_handles = ldap_server_handle->next;
        /* ldap_unbind_s(ldap_server_handle); */
    /* Solaris kerberos: don't leak ldap handles */
    ldap_unbind_s(ldap_server_handle->ldap_handle);
        free (ldap_server_handle);
        ldap_server_handle = NULL;
    }
    return 0;
}

/*
 * wrapper function called from outside to get a handle.
 */

krb5_error_code
krb5_ldap_request_handle_from_pool(krb5_ldap_context *ldap_context,
                                   krb5_ldap_server_handle **
                                   ldap_server_handle)
{
    krb5_error_code            st=0;

    *ldap_server_handle = NULL;

    st = HNDL_LOCK(ldap_context);
    if (st)
        return st;
    if (((*ldap_server_handle)=krb5_get_ldap_handle(ldap_context)) == NULL)
        (*ldap_server_handle)=krb5_retry_get_ldap_handle(ldap_context, &st);
    HNDL_UNLOCK(ldap_context);
    return st;
}

/*
 * wrapper function wrapper called to get the next ldap server handle, when the current
 * ldap server handle returns LDAP_SERVER_DOWN.
 */

krb5_error_code
krb5_ldap_request_next_handle_from_pool(krb5_ldap_context *ldap_context,
                                        krb5_ldap_server_handle **
                                        ldap_server_handle)
{
    krb5_error_code            st=0;

    st = HNDL_LOCK(ldap_context);
    if (st)
        return st;
    (*ldap_server_handle)->server_info->server_status = OFF;
    time(&(*ldap_server_handle)->server_info->downtime);
    krb5_put_ldap_handle(*ldap_server_handle);
    krb5_ldap_cleanup_handles((*ldap_server_handle)->server_info);

    if (((*ldap_server_handle)=krb5_get_ldap_handle(ldap_context)) == NULL)
        (*ldap_server_handle)=krb5_retry_get_ldap_handle(ldap_context, &st);
    HNDL_UNLOCK(ldap_context);
    return st;
}

/*
 * wrapper function to call krb5_put_ldap_handle.
 */

void
krb5_ldap_put_handle_to_pool(krb5_ldap_context *ldap_context,
                             krb5_ldap_server_handle *ldap_server_handle)
{
    if (ldap_server_handle != NULL) {
        if (HNDL_LOCK(ldap_context) == 0) {
            krb5_put_ldap_handle(ldap_server_handle);
            HNDL_UNLOCK(ldap_context);
        }
    }
    return;
}