[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/servers/slapd/back-ldap chain.c



On Sat, 2005-11-05 at 02:50 -0800, Howard Chu wrote:

> If there is a referral loop this mutex will cause a deadlock. I.e., if 
> the main backend returns a referral to a remote server that refers back 
> to this same backend which causes another referral from the main 
> backend. (If the remote reference back resolves to a regular entry in 
> the local backend it will be fine.)

Yes, I'm aware of that.  I was going to consider it as a "loop detection
feature" until a better solution is designed.

> Like I said before, to really fix 
> this requires making back-ldap work with multiple URLs (and 
> slap_bindconf's). That would also address the FIXME re: using the 
> correct idassert-authcDN.

Agree.  Let's move the URL into the slap_bindconf, it's going to be
beneficial in many places.

However, for this specific case I think we should rather move the
{avlnode, mutex} into a separate structure, since it's very likely they
always go in pairs, and add a pointer to it in ldapinfo.  This way,
copying the ldapinfo would work fine, because all copies would point to
the same {avlnode, mutex}.

> 
> On a related note, we probably should implement this Loop Detection Control.
> http://www.redhat.com/docs/manuals/dir-server/ag/6.0/entry_dist.htm#19056
> 
> I can't seem to find any further docs on it, but this may be enough to 
> work with. Perhaps Mark Wahl could shed some light on it since the OID 
> is under his arc.

I'd like to look into it.  Likely I'm going to need that feature soon.

p.




Ing. Pierangelo Masarati
Responsabile Open Solution

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------