spurious 401s with message "DN has not been defined" when cache expiration happens...

author Eric Covener <covener@apache.org>

Fri, 2 Nov 2007 22:33:36 +0000 (22:33 +0000)

committer Eric Covener <covener@apache.org>

Fri, 2 Nov 2007 22:33:36 +0000 (22:33 +0000)
author Eric Covener <covener@apache.org>
Fri, 2 Nov 2007 22:33:36 +0000 (22:33 +0000)
committer Eric Covener <covener@apache.org>
Fri, 2 Nov 2007 22:33:36 +0000 (22:33 +0000)
diff --git a/CHANGES b/CHANGES

index 1a8c347c44e6aaf3c01049adcabf06134eb8bcb2..8f491125543edc2447c82db526a455440fbf68ae 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
  Changes with Apache 2.3.0
  [ When backported to 2.2.x, remove entry from this file ]
  
+  *) mod_ldap: Give callers a reference to data copied into the request
+     pool instead of references directly into the cache
+     PR 43786 [Eric Covener]
+    
    *) mod_ldap: Stop passing a reference to pconf around for
       (limited) use during request processing, avoiding possible 
       memory corruption and crashes.  [Eric Covener]
diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c

index 917e5c9fea86bd7049415f127d6bbea166d3443c..a0900a16e01867a04610b3c346899041bfc8e414 100644 (file)
--- a/modules/ldap/util_ldap.c
+++ b/modules/ldap/util_ldap.c
@@ -1208,8 +1208,16 @@ static int uldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
                       && (strcmp(search_nodep->bindpw, bindpw) == 0))
              {
                  /* ...and entry is valid */
-                *binddn = search_nodep->dn;
-                *retvals = search_nodep->vals;
+                *binddn = apr_pstrdup(r->pool, search_nodep->dn);
+                if (attrs) {
+                    int i = 0, k = 0;
+                    while (attrs[k++]);
+                    *retvals = apr_pcalloc(r->pool, sizeof(char *) * k);
+                    while (search_nodep->vals[i]) {
+                        *retvals[i] = apr_pstrdup(r->pool, search_nodep->vals[i]);
+                        i++;
+                    }
+                }
                  LDAP_CACHE_UNLOCK();
                  ldc->reason = "Authentication successful (cached)";
                  return LDAP_SUCCESS;
@@ -1448,8 +1456,16 @@ static int uldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
              }
              else {
                  /* ...and entry is valid */
-                *binddn = search_nodep->dn;
-                *retvals = search_nodep->vals;
+                *binddn = apr_pstrdup(r->pool, search_nodep->dn);
+                if (attrs) {
+                    int i = 0, k = 0;
+                    while (attrs[k++]);
+                    *retvals = apr_pcalloc(r->pool, sizeof(char *) * k);
+                    while (search_nodep->vals[i]) {
+                        *retvals[i] = apr_pstrdup(r->pool, search_nodep->vals[i]);
+                        i++;
+                    }
+                }
                  LDAP_CACHE_UNLOCK();
                  ldc->reason = "Search successful (cached)";
                  return LDAP_SUCCESS;
author	Eric Covener <covener@apache.org>
	Fri, 2 Nov 2007 22:33:36 +0000 (22:33 +0000)
committer	Eric Covener <covener@apache.org>
	Fri, 2 Nov 2007 22:33:36 +0000 (22:33 +0000)
CHANGES		patch \| blob \| history
modules/ldap/util_ldap.c		patch \| blob \| history