Author: nhosoi
Update of /cvs/dirsec/mod_admserv
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1621
Modified Files:
mod_admserv.c
Log Message:
[197757] ��� Strange random 'Cannot Connect to the Directory Server - Invalid
Credentials' message (comment #9)
Changes [Change(1) and (2) in Comment#2]:
1) updated the auth_user_cache after all the password update is successfully
done.
2) eliminated unnecessary ldap_search.
Index: mod_admserv.c
===================================================================
RCS file: /cvs/dirsec/mod_admserv/mod_admserv.c,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- mod_admserv.c 15 Jun 2006 17:00:29 -0000 1.25
+++ mod_admserv.c 17 Jul 2006 19:01:29 -0000 1.26
@@ -110,6 +110,7 @@
static int sync_task_sie_data(const char *name, char *query, void *arg, request_rec *r);
static int change_sie_password(const char *name, char *query, void* arg, request_rec
*r);
+static int create_auth_users_cache_entry(char *user, char *userDN, const char *userPW,
char *ldapURL);
static int admserv_check_user_id(request_rec *r);
@@ -1141,13 +1142,13 @@
* Return value: if successful, 1; otherwise, 0 is returned.
*/
static int
-task_update_registry_server_bindpw(char *uid, char *password, char* bindpw)
+task_update_registry_server_bindpw(char *uid, char *password,
+ const char* bindpw, request_rec *r)
{
LDAP *ld;
int ldapError;
- char *filter = NULL;
- char *userDN = NULL;
- LDAPMessage *result;
+ char *ldapURL = NULL;
+ const char *userDN = NULL;
LDAPMod mod, *mods[2];
char *vals[2];
char *attrs[2];
@@ -1160,35 +1161,7 @@
return rval;
}
- filter = (char *)malloc(strlen(uid) + 5); /* "uid=<uid>" */
- if (NULL == filter) {
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "task_update_registry_server_bindpw(): cannot allocate %d byte
memory",
- strlen(uid) + 5);
- goto bailout;
- }
- attrs[0] = "dn"; /* we just need dn ... */
- attrs[1] = NULL;
- sprintf(filter, "uid=%s", uid);
- ldapError = ldap_search_s(ld, NETSCAPE_ROOT_BASEDN, LDAP_SCOPE_SUBTREE,
- filter, attrs, 0, &result);
- if (ldapError != LDAP_SUCCESS || ldap_count_entries(ld, result) == 0) {
- ldap_msgfree(result);
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "task_update_registry_server_bindpw(): ldap_search %s under %s failed:
%s",
- filter, NETSCAPE_ROOT_BASEDN, ldap_err2string(ldapError));
- goto bailout;
- } else {
- LDAPMessage *entry = ldap_first_entry(ld, result);
- userDN = ldap_get_dn(ld, entry);
- ldap_msgfree(result);
- }
- if (NULL == userDN || 0 == strlen(userDN)) {
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "task_update_registry_server_bindpw(): ldap_search %s under %s returned
%s",
- filter, NETSCAPE_ROOT_BASEDN, userDN?"empty string":"NULL");
- goto bailout;
- }
+ userDN = apr_table_get(r->notes, RQ_NOTES_USERDN);
/* authenticate to LDAP server */
if (LDAP_SUCCESS != (ldapError = ldap_simple_bind_s(ld, userDN, bindpw))) {
@@ -1229,13 +1202,16 @@
userDN, ldap_err2string(ldapError));
goto bailout;
}
+ /* update the auth_users cache */
+ ldapURL = formLdapURL(®istryServer, r->pool);
+ create_auth_users_cache_entry(uid, (char *)userDN, password, ldapURL);
registryServer.bindPW = password;
rval = 1;
bailout:
closeLDAPConnection(ld);
- if (NULL != filter)
- free(filter);
+ if (NULL != ldapURL)
+ free(ldapURL);
return rval;
}
@@ -1245,16 +1221,16 @@
static int
change_sie_password(const char *name, char *query, void* arg, request_rec *r)
{
- FILE *f;
- char *uid=NULL ,*pw=NULL, *col=NULL;
- char *newpw=query;
- char filename[BIG_LINE];
- char inbuf[BIG_LINE];
- char outbuf[64]; /* needs at least 36 bytes */
- char path[PATH_MAX];
- char *origpw = apr_table_get(r->notes, RQ_NOTES_USERPW);
- int ds_done = 0;
- int admpwd_done = 0;
+ FILE *f;
+ char *uid=NULL ,*pw=NULL, *col=NULL;
+ char *newpw=query;
+ char filename[BIG_LINE];
+ char inbuf[BIG_LINE];
+ char outbuf[64]; /* needs at least 36 bytes */
+ char path[PATH_MAX];
+ char *origpw = (char *)apr_table_get(r->notes, RQ_NOTES_USERPW);
+ int ds_done = 0;
+ int admpwd_done = 0;
apr_snprintf(path, sizeof(path), "%s%cadmin-serv%cconfig",
serverroot, FILE_PATHSEP, FILE_PATHSEP);
@@ -1303,7 +1279,7 @@
}
admpwd_done = 1;
- if (!task_update_registry_server_bindpw(uid, strdup(newpw), origpw)) {
+ if (!task_update_registry_server_bindpw(uid, strdup(newpw), origpw, r)) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
"failed to update server bindpw");
goto recover;