upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-01-18 12:54:09 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
24326 commits 38 branches 309 tags 74 MiB
Commit graph

284 commits

Author SHA1 Message Date
Ondřej Kuzník
8b24104d1a ITS#9624 Read state while holding relevant mutex, cache if needed 2021-08-04 15:30:36 +00:00
Ondřej Kuzník
71de64fac4 ITS#9624 Make sure we reset only for Binds 2021-08-04 15:30:36 +00:00
Ondřej Kuzník
7c17f06197 ITS#9624 We've already checked before we call request_extended 2021-08-04 15:30:36 +00:00
Ondřej Kuzník
b4afe00942 ITS#9576 Put the used table in ConfigArgs 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
3138c8d5db ITS#9363 Some missed MAGIC defaults 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
2d78b6274f ITS#8747 Allow olcBkLloadClientMaxPending in cn=config 2021-06-21 16:36:06 +00:00
Ondřej Kuzník
cba03e49a4 ITS#8747 Protect shutdown code while workers are still alive 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
8e4d7ffe79 ITS#8747 Remove c_private from LloadConnection 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
1cb65102ce ITS#8747 Keep an explicit backend pointer 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
3802fa9217 ITS#8747 Fix lloadd builds --without-tls 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
a186fd70ab ITS#8747 Do not continue reading if connection is dying 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
4f4997551d ITS#8747 Avoid epoch recursion in connection_write_cb 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
2c1bb42f01 ITS#8747 Do not observe an epoch while calling dispose_cb 2021-05-10 18:49:13 +00:00
Ondřej Kuzník
9bbbbf5f6a ITS#9502 TCP_USER_TIMEOUT for lloadd 2021-04-22 21:52:12 +00:00
Ondřej Kuzník
72caa56a8c ITS#8707 systemd notifications from lloadd 2021-04-20 22:54:19 +00:00
SATOH Fumiyasu
f3501534d4 ITS#8707 - Add slapd.service and lloadd.service for systemd 2021-04-20 22:54:19 +00:00
Ondřej Kuzník
e36d1e31c5 ITS#9001 manual changes 2021-03-30 15:46:40 +01:00
Howard Chu
829263c454 ITS#8847 move lutil_sockaddrstr() to ldap_pvt_sockaddrstr() 2021-03-26 13:45:26 +00:00
Howard Chu
bb6844e296 ITS#7295 don't init TLS threads by default 
Do it explicitly in servers
 2021-03-21 15:26:57 +00:00
Paul B. Henson
146889f205 ITS#9419 Add support for HAProxy proxy protocol v2 2021-02-24 18:11:09 +00:00
Paul B. Henson
dcca73370b Move slap_sockaddrstr into liblutil 2021-02-24 18:11:09 +00:00
Ondřej Kuzník
5fa0a651f5 revert: libevent 2.0 support 2021-02-24 18:11:09 +00:00
Quanah Gibson-Mount
5b2988ca54 ITS#9327 - Use STRIP_OPTS for lloadd 2021-02-17 19:55:25 +00:00
Quanah Gibson-Mount
ce2c5173bd ITS#9161 - Fix various typos 
Fix a number of different typos across the code base
 2021-02-17 18:42:46 +00:00
Ondřej Kuzník
e030e5eadd Do not redefine lload_change everywhere 2021-02-04 18:07:25 +00:00
Quanah Gibson-Mount
6c469f0793 ITS#7790 - Rename config.h 
Rename slapd/config.h to slap-config.h and update accordingly
Rename lloadd/config.h to lload-config.h and update accordingly
 2021-02-02 21:26:39 +00:00
Quanah Gibson-Mount
efaf9a4a17 Happy New Year! 2021-01-11 19:25:53 +00:00
Ondřej Kuzník
323bb1d9a4 Handle upstream rejecting a StartTLS exop 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
0abf3f5bc9 Flush cache before calling dispose() 
This needs to be confirmed:
Location based atomics do not imply a full fence of the same level. So
to get the code in dispose() read the actual data, it seems we need to
initiate a fence.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbed44b3e Do not accept requests with msgid == 0 
It is used internally to identify pinned operations and should not be
encountered over the wire.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dfbf25d579 Honour keepalive settings for upstreams 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
25fff30e39 Let the last thread dispose of pending references 
If we're idle, there might be objects pending cleanup for the last two
epochs. Unless another thread comes in and checks into a new epoch or we
shut down, they will linger forever.

If one of the objects was a connection, it wouldn't get closed and be
stuck in CLOSE_WAIT state, potentially refusing another ligitimate
connection if its socket address were to match the one we're yet to
close.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
41a74b4689 Introduce the notion of experimental features 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1f6d8611a3 Implement read throttling when writes backlog 
Reject operations in such a case with LDAP_BUSY. If read_event feature
is on, just stop reading from the connection. However this could still
result in deadlocks in reasonable situations. Need to figure out better
ways to make it safe and still protect ourselves.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
68b163fca9 Introduce mutex checks 
Switched off unless thread debugging is on, but still useful for static
analysis.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
62a806b243 Thread error checking 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1328777a85 Fix a SASL channel-binding leak 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
58d66a3946 Fix race between unlinking a client and processing incoming data 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
959ff07911 Make sure read event is not enabled while upstream_bind is scheduled 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b2e57148fa Shorten to one epoch per PDU 
A full read cycle can take a very long time if the limits are set too
high.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b49f51879f Implement client pending operation limits 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
f832024e90 Straighten up client pending op tracking 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
dc1961cb15 Epoch based memory reclamation 
Similar to the algorithm presented in
https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-579.pdf

Not completely lock-free at the moment. Also the problems with epoch
based memory reclamation are still present - a thread actively observing
an epoch getting stuck will prevent LloadConnections and LloadOperations
being freed, potentially running out of memory.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
aab6af1c4e Switch to LDAP_OTHER when handling a lost upstream. 
LDAP_UNAVAILABLE signals "the server is shutting down or a subsystem
necessary to complete the operation is offline", so intelligent clients
tend to infer the connection will not be usable any more, which is not
the case here.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
81ead4a5f4 Fix races with backend_retry 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
78f25a3c91 A failed cn=config ADD needs to be handled 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
4b3d21146b Introduce SASL support for upstream connections 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
05e0906f8b Fix backend starttls= setting being ignored 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
9444dfc991 Simplify pause handling 
Gets rid of a race where unpause+pause fired in a quick succession would
miss the event_base_loopbreak() call.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
25a4d684fc Permit lloadd to share slapd TLS context 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
63efcd63eb Reuse connection walking in monitor for upstreams too 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
3bd2d7483e Reuse connection_walk for client matters 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b4f43ed8e1 Refactor backend reset 
Reuse the connection walking facility in timeout management.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
638f8a2cbc Tighten checks on retry management 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
2a813cb06d Clean up backend_retry and its callers. 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
241f65b9e0 Fix a race in managing b_dns_req 2020-11-17 17:58:15 +00:00
Nadezhda Ivanova
f4a2fdd400 Fix a new backend not being operational if added via cn=config 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
00806dd32a libevent 2.0 support 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
f1ea9da3a0 Reorganise listener support in cn=config and module startup 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
bd7a6f67de Introduce lload_open_new_listener 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
757c8beda7 Switch to ldap_parse_url_ext 
This simplifies port parsing in the end. Also pass the url to
ldap_open_listener in anticipation of incremental listener config.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
93d20459f1 Make io-threads modification startup-only 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
db3961f489 Record connect task to allow canceling it 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
6b10c2988e Record pending DNS resolution to be able to cancel 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b039e7c1b0 Keep a reference around for the bind task 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
0314f95d7f Work around libevent base not waking up on shutdown 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
db939eeb86 Protect operation when abandoning 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
07401e5829 Implement runtime monitor (un)registration 
Unregistration is a hack and we shoould either make the subsystems into
an entry (if monitor allows subentry generation) or implement subsystem
unregistration in back-monitor.
 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
1ea5ee1f01 Do not unlock upstream without referencing its dying ops 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
b1c098ad76 Module shutdown support 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
05d6aae40f Rework lloadd startup 2020-11-17 17:58:15 +00:00
Ondřej Kuzník
362f16479a Deal with no backends being configured 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
4c355deb3d Record the backend name 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
3a6b399580 Reflect backend URI change in cn=monitor 2020-11-17 17:58:14 +00:00
Nadezhda Ivanova
bace795984 Enable dynamic configuration 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
70ae4af60a Fix interaction of graceful connection closing and SASL bind support 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
d954216f93 Change log level for unsolicited response 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
edfb3d73d6 Fix operation status tracking. 
An operation is rejected iff it has to be dropped before we can find an
upstream for it (unless we handle it ourselves, that is). At that point
it is failed unless completed successfully.

This makes a difference for multi-stage binds which alternate between
'failed' (we are waiting on a server response) and 'completed' (server
did what we asked them to, waiting on client to continue).
 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
cfe9065824 Introduce infra to handle config changes 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
a7f8f58a63 expose task functions for invalidation 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
bf9f99dd88 Split backend destruction from resetting it 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
7f22bac4ac Introduce a new connection status - gentle shutdown 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
ca646cd02d Fix operation counts 
Trying to abandon an operation does not automatically make it completed,
it might have failed already but we're just racing to reach the client
to record that.
 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
bea9bfb33d Move op counting to operation_init 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
0011684760 Cleanup sasl_bind_mech resets 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
9bd90a741c Fix a race on bind response processing. 
During response processing, an upstream connection could be marked ready
after a different bind had already been allocated to it, thus allowing
two binds to be in progress on the same connection.
 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
485a169758 Implement pause handlers 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
db5966f60d More meaningful connection type reporting 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
22818e8583 Module shutdown 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
dab9054794 Rework monitor startup 
Takes care of dealing with monitor not present/not configured and fix a
monitor startup issue.
 2020-11-17 17:58:14 +00:00
Nadezhda Ivanova
678fa100f7 Convert the load balancer into a backend 2020-11-17 17:58:14 +00:00
Nadezhda Ivanova
7771606984 Use slapd's config.h 2020-11-17 17:58:14 +00:00
Nadezhda Ivanova
2d33032504 Lload cn=monitor initial implementation 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
7a69017f6f Resolve authzid after a successful auth 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
c957bb9199 Add SASL documentation on SASL handling 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
205db0bf94 Reset pin on simple bind 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
cbc0ec04c0 Fix pinned operation forwarding 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
2ba833680f Operation abandon related fixes 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
5c1245de06 Manage c_sasl_bind_mech on upstream 2020-11-17 17:58:14 +00:00
Ondřej Kuzník
c52328f63d Clear c_auth on every bind request 
For a new bind request, this is obvious, for SASL bind requests, we do
not know the final identity until we have finished handling it, make
sure it stays empty until then.
 2020-11-17 17:58:14 +00:00