Justin Erenkrantz wrote:
> On Thu, Jul 18, 2002 at 03:49:11PM -0500, Scott Lamb wrote:
>
>>mod_auth_ldap is never releasing locks in mod_auth_ldap_auth_checker, so
>>OpenLDAP eventually runs out of filehandles. pam_ldap and nss_ldap stop
>>working, badness happens.
>
>
> Quick thought - should the closing of the connections be registered
> as a pool cleanup? That would make this a lot cleaner. -- justin
(Disclaimer: I didn't write any of this code. I won't claim to
understand it well.)
util_ldap_connection_close() is a misnomer, I think. It just releases a
lock. ("I'm done with this LDAP connection," rather than "unbind this
LDAP connection.") Since mod_auth_ldap_auth_checker only deals with one
of these at a time, a (sub)pool is inappropriate, correct?
util_ldap_connection_destroy, which does the unbind in ldap-cache, is a
pool cleanup already.
The problem I noticed was that util_ldap_connection_find would never
reuse a connection. It only reuses ones that aren't locked, and
mod_auth_ldap_auth_checker was responsible for that.
<suit frameproof="true"> As far as cleaner ways to unlock in every way
out of the function, there's always C++ destructors. ;) </suit>
--
Scott Lamb
