From: Eric Covener <covener@apache.org>
Date: Fri, 2 Nov 2007 22:33:36 +0000 (+0000)
Subject: spurious 401s with message "DN has not been defined" when cache expiration happens... 
X-Git-Tag: 2.3.0~1292
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=6f970f48dc698291769a48961bad78de07eba868;p=apache

spurious 401s with message "DN has not been defined" when cache expiration happens in another thread

PR 43786


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@591499 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 1a8c347c44..8f49112554 100644
--- a/CHANGES
+++ b/CHANGES
@@ -2,6 +2,10 @@
 Changes with Apache 2.3.0
 [ When backported to 2.2.x, remove entry from this file ]
 
+  *) mod_ldap: Give callers a reference to data copied into the request
+     pool instead of references directly into the cache
+     PR 43786 [Eric Covener]
+    
   *) mod_ldap: Stop passing a reference to pconf around for
      (limited) use during request processing, avoiding possible 
      memory corruption and crashes.  [Eric Covener]
diff --git a/modules/ldap/util_ldap.c b/modules/ldap/util_ldap.c
index 917e5c9fea..a0900a16e0 100644
--- a/modules/ldap/util_ldap.c
+++ b/modules/ldap/util_ldap.c
@@ -1208,8 +1208,16 @@ static int uldap_cache_checkuserid(request_rec *r, util_ldap_connection_t *ldc,
                      && (strcmp(search_nodep->bindpw, bindpw) == 0))
             {
                 /* ...and entry is valid */
-                *binddn = search_nodep->dn;
-                *retvals = search_nodep->vals;
+                *binddn = apr_pstrdup(r->pool, search_nodep->dn);
+                if (attrs) {
+                    int i = 0, k = 0;
+                    while (attrs[k++]);
+                    *retvals = apr_pcalloc(r->pool, sizeof(char *) * k);
+                    while (search_nodep->vals[i]) {
+                        *retvals[i] = apr_pstrdup(r->pool, search_nodep->vals[i]);
+                        i++;
+                    }
+                }
                 LDAP_CACHE_UNLOCK();
                 ldc->reason = "Authentication successful (cached)";
                 return LDAP_SUCCESS;
@@ -1448,8 +1456,16 @@ static int uldap_cache_getuserdn(request_rec *r, util_ldap_connection_t *ldc,
             }
             else {
                 /* ...and entry is valid */
-                *binddn = search_nodep->dn;
-                *retvals = search_nodep->vals;
+                *binddn = apr_pstrdup(r->pool, search_nodep->dn);
+                if (attrs) {
+                    int i = 0, k = 0;
+                    while (attrs[k++]);
+                    *retvals = apr_pcalloc(r->pool, sizeof(char *) * k);
+                    while (search_nodep->vals[i]) {
+                        *retvals[i] = apr_pstrdup(r->pool, search_nodep->vals[i]);
+                        i++;
+                    }
+                }
                 LDAP_CACHE_UNLOCK();
                 ldc->reason = "Search successful (cached)";
                 return LDAP_SUCCESS;