[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4387) slapd-ldap backend leaks descriptors on closed connections on x86_64



On Sun, 2006-02-05 at 22:52 +0000, aleksander.adamowski@gmail.com wrote:
> On 2/5/06, Pierangelo Masarati <ando@sys-net.it> wrote:
> > I mean: if all it performs is binds then I'd agree; but if it performs
> > anything else in between, then it's a poor design, because the identity
> > that's used for the other operations would change after each
> > (successful) bind.
> 
> >From the logs I can see, that it binds as the special mail server user
> when it needs to look up account information, and binds as other users
> when it needs to test their password.
> 
> So it typically looks like this:
> 
> connection1:
> bind as user bob
> bind as user alice
> bind as user CourierMTA
> search for mail=gregory@example.com attributes homeDirectory, cn,
> uidNumber, gidNumber etc.
> bind as user bob
> ...
> 
> connection2:
> bind as user CourierMTA
> search for mail=bob@example.com attributes homeDirectory, cn,
> uidNumber, gidNumber etc.
> bind as user alice
> bind as user alice
> ...
> 
> Seems like it behaves correctly.

You see, that's (almost) exactly what I mean: a (set of) separate
connection, bound as the CourierMTA, could be maintained for lookups,
saving a lot of useless binds.  The other connections could be used just
for repeated binds as different identities, so your problem would still
be there.  I'll work at it as soon as I can spare some time; I think
ITS#4390 is related.  In HEAD, slapd-bind has already been modified to
be reproduce the multiple bind behavior, this will help in tracking the
issues.

p.




Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------