[Fedora-directory-commits] mod_admserv mod_admserv.c,1.25,1.26

[Noriko Hosoi (nhosoi)]

Author: nhosoi

Update of /cvs/dirsec/mod_admserv
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1621

Modified Files:
	mod_admserv.c 
Log Message:
[197757] – Strange random 'Cannot Connect to the Directory Server - Invalid Credentials' message (comment #9)
Changes [Change(1) and (2) in Comment#2]:
1) updated the auth_user_cache after all the password update is successfully
done.
2) eliminated unnecessary ldap_search.



Index: mod_admserv.c
===================================================================
RCS file: /cvs/dirsec/mod_admserv/mod_admserv.c,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- mod_admserv.c	15 Jun 2006 17:00:29 -0000	1.25
+++ mod_admserv.c	17 Jul 2006 19:01:29 -0000	1.26
@@ -110,6 +110,7 @@
 
 static int sync_task_sie_data(const char *name, char *query, void *arg, request_rec *r);
 static int change_sie_password(const char *name, char *query, void* arg, request_rec *r);
+static int create_auth_users_cache_entry(char *user, char *userDN, const char *userPW, char *ldapURL);
 
 static int admserv_check_user_id(request_rec *r);
 
@@ -1141,13 +1142,13 @@
  * Return value: if successful, 1; otherwise, 0 is returned.
  */
 static int
-task_update_registry_server_bindpw(char *uid, char *password, char* bindpw)
+task_update_registry_server_bindpw(char *uid, char *password,
+                                   const char* bindpw, request_rec *r)
 {
    LDAP        *ld;
    int         ldapError;
-   char        *filter = NULL;
-   char        *userDN = NULL;
-   LDAPMessage *result;
+   char        *ldapURL = NULL;
+   const char  *userDN = NULL;
    LDAPMod     mod, *mods[2];
    char        *vals[2];
    char        *attrs[2];
@@ -1160,35 +1161,7 @@
       return rval;
    }
 
-   filter = (char *)malloc(strlen(uid) + 5); /* "uid=<uid>" */
-   if (NULL == filter) {
-      ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
-         "task_update_registry_server_bindpw(): cannot allocate %d byte memory",
-         strlen(uid) + 5);
-      goto bailout;
-   }
-   attrs[0] = "dn"; /* we just need dn ... */
-   attrs[1] = NULL;
-   sprintf(filter, "uid=%s", uid);
-   ldapError = ldap_search_s(ld, NETSCAPE_ROOT_BASEDN, LDAP_SCOPE_SUBTREE,
-                             filter, attrs, 0, &result);
-   if (ldapError != LDAP_SUCCESS || ldap_count_entries(ld, result) == 0) {
-      ldap_msgfree(result);
-      ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
-         "task_update_registry_server_bindpw(): ldap_search %s under %s failed: %s",
-         filter, NETSCAPE_ROOT_BASEDN, ldap_err2string(ldapError));
-      goto bailout;
-   } else {
-      LDAPMessage *entry = ldap_first_entry(ld, result);
-      userDN = ldap_get_dn(ld, entry);
-      ldap_msgfree(result);
-   }
-   if (NULL == userDN || 0 == strlen(userDN)) {
-      ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
-         "task_update_registry_server_bindpw(): ldap_search %s under %s returned %s",
-      filter, NETSCAPE_ROOT_BASEDN, userDN?"empty string":"NULL");
-      goto bailout;
-   }
+   userDN = apr_table_get(r->notes, RQ_NOTES_USERDN);
 
    /* authenticate to LDAP server */
    if (LDAP_SUCCESS != (ldapError = ldap_simple_bind_s(ld, userDN, bindpw))) {
@@ -1229,13 +1202,16 @@
          userDN, ldap_err2string(ldapError));
       goto bailout;
    }
+   /* update the auth_users cache */
+   ldapURL = formLdapURL(&registryServer, r->pool);
+   create_auth_users_cache_entry(uid, (char *)userDN, password, ldapURL);
 
    registryServer.bindPW = password;
    rval = 1;
 bailout:
    closeLDAPConnection(ld);
-   if (NULL != filter)
-      free(filter);
+   if (NULL != ldapURL)
+      free(ldapURL);
    return rval;
 }
 
@@ -1245,16 +1221,16 @@
 static int
 change_sie_password(const char *name, char *query, void* arg, request_rec *r)
 {
-    FILE *f;
-    char *uid=NULL ,*pw=NULL, *col=NULL;
-    char *newpw=query;
-    char filename[BIG_LINE];
-    char inbuf[BIG_LINE];
-    char outbuf[64];  /* needs at least 36 bytes */
-    char path[PATH_MAX];
-    char *origpw = apr_table_get(r->notes, RQ_NOTES_USERPW);
-    int ds_done = 0;
-    int admpwd_done = 0;
+    FILE       *f;
+    char       *uid=NULL ,*pw=NULL, *col=NULL;
+    char       *newpw=query;
+    char       filename[BIG_LINE];
+    char       inbuf[BIG_LINE];
+    char       outbuf[64];  /* needs at least 36 bytes */
+    char       path[PATH_MAX];
+    char       *origpw = (char *)apr_table_get(r->notes, RQ_NOTES_USERPW);
+    int        ds_done = 0;
+    int        admpwd_done = 0;
 
     apr_snprintf(path, sizeof(path), "%s%cadmin-serv%cconfig",
                  serverroot, FILE_PATHSEP, FILE_PATHSEP);
@@ -1303,7 +1279,7 @@
     }
     admpwd_done = 1;
 
-    if (!task_update_registry_server_bindpw(uid, strdup(newpw), origpw)) {
+    if (!task_update_registry_server_bindpw(uid, strdup(newpw), origpw, r)) {
         ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
             "failed to update server bindpw");
         goto recover;