Re: crash: cyrus-imapd -> sasl -> pam -> pam_ldap -> libldap-2.x -> sasl

[Lawrence Greenfield <leg+@andrew.cmu.edu>]

   Date: Tue, 28 Nov 2000 10:54:36 -0800
   From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
   Cc: openldap-devel@OpenLDAP.org

   On the reentrancy issue... I don't think libldap is reentrant as well.

   libsasl has an sasl_init and sasl_done functions.  libsasl should
   likely have a initialization counter instead of a boolean.  sasl_init()
   increments the counter and sasl_done should decrement the counter.
   Work done by these routines would be on 0->1 and 1->0 transitions,
   respectively.

This is a good idea, but doesn't solve all the problems---mostly the 
sasl_set_alloc() problems.

It's really needed for some architectures (Windows, MacOS) that the
library calling malloc() needs to call free(), and that's been our
long-term goal.  It's possible to eliminate most of the calls to
malloc/free made by the library (and all the calls of library
malloc/application free and application malloc/library free) but we
haven't had the people resources to work on this.  (It would be a new
major number and require fairly substantial application changes.)  An
added bonus would be increased performance.

In the shorter term, we've been planning on pulling the plaintext
password checking out of the library and making more pwcheck daemons.
We'd leave the sasldb functions inside the library (we need them for
CRAM and DIGEST anyway) but the rest (PAM, kerberos v4, etc.) would be
in a seperate process.  This would also solve the crash described
earlier in this thread, and would mitigate certain shared library
related problems.

Larry