[Date Prev][Date Next] [Chronological] [Thread] [Top]

SASL slurpd to multi-slaves not working (ITS#995)



Full_Name: Voradesh Yenbut
Version: 2.0.7
OS: FreeBSD 3.4
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (128.95.2.204)


We have replicas set up in slapd.conf similar to the following:

replica         host=slave1.cs.washington.edu:389
                bindmethod=sasl saslmech=GSSAPI
                authcID=master@CS.WASHINGTON.EDU
                srvtab=/etc/krb5.keytab

replica         host=slave2.cs.washington.edu:389
                bindmethod=sasl saslmech=GSSAPI
                authcID=master@CS.WASHINGTON.EDU
                srvtab=/etc/krb5.keytab

If we have only one replica, slurpd works fine.  If there are two replicas
as set up above, slurpd will get stuck.

The following patch seems to correct the problem:

--- servers/slurpd/ldap_op.c    2001/01/26 01:50:44     1.1
+++ servers/slurpd/ldap_op.c    2001/01/26 02:00:27
@@ -611,6 +611,8 @@
     int                ldrc;
 #ifdef HAVE_CYRUS_SASL
        void *defaults;
+       static  ldap_pvt_thread_mutex_t  sasl_mutex; /* mutex for this sasl */
+
 #endif
 
 
@@ -719,6 +721,7 @@
                ri->ri_hostname, ri->ri_authcId, ri->ri_saslmech );
 
 #ifdef HAVE_CYRUS_SASL
+       ldap_pvt_thread_mutex_lock(&sasl_mutex);
        if( ri->ri_secprops != NULL ) {
                int err;
                err = ldap_set_option(ri->ri_ldp, LDAP_OPT_X_SASL_SECPROPS,
@@ -730,6 +733,7 @@
                                ri->ri_hostname, ri->ri_secprops, NULL );
                        ldap_unbind( ri->ri_ldp );
                        ri->ri_ldp = NULL;
+                       ldap_pvt_thread_mutex_unlock(&sasl_mutex);
                        return BIND_ERR_SASL_FAILED;
                }
        }
@@ -745,8 +749,10 @@
                *lderr = ldrc;
                ldap_unbind( ri->ri_ldp );
                ri->ri_ldp = NULL;
+               ldap_pvt_thread_mutex_unlock(&sasl_mutex);
                return( BIND_ERR_SASL_FAILED );
        }
+       ldap_pvt_thread_mutex_unlock(&sasl_mutex);
        break;
 #else
        Debug( LDAP_DEBUG_ANY,