summaryrefslogtreecommitdiffstats
path: root/source3/lib
diff options
context:
space:
mode:
authorBjörn Jacke <bj@sernet.de>2011-08-04 16:42:37 +0200
committerBjoern Jacke <bj@sernet.de>2011-08-05 11:32:09 +0200
commitfd06cf379ded801adf830499c24875a7c60280be (patch)
tree35fb2dc0652d0b1d41d73a9cefe10fd9136c857e /source3/lib
parenta7438cce4e99761303aca0ef1bc65ca2cdf2bb98 (diff)
downloadsamba-fd06cf379ded801adf830499c24875a7c60280be.tar.gz
samba-fd06cf379ded801adf830499c24875a7c60280be.tar.xz
samba-fd06cf379ded801adf830499c24875a7c60280be.zip
s3/ldap: delay the ldap search alarm termination a bit
do the alarm termination of the the ldap search a bit delayed so the LDAP server has a chance to tell us that the time limit was reached and the search was abandoned. If the search is terminated this way we also get the correct LDAP return code in the logs. If alarm() stops the search the ldap search routine will report that the LDAP server is down which would trigger us to rebind to the server needlessly which we also want to avoid.
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/smbldap.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/source3/lib/smbldap.c b/source3/lib/smbldap.c
index 5c99e4b6e8..dcb99c9a65 100644
--- a/source3/lib/smbldap.c
+++ b/source3/lib/smbldap.c
@@ -1432,6 +1432,7 @@ static int smbldap_search_ext(struct smbldap_state *ldap_state,
char *utf8_filter;
time_t endtime = time_mono(NULL)+lp_ldap_timeout();
struct timeval timeout;
+ int alarm_timer;
size_t converted_size;
SMB_ASSERT(ldap_state);
@@ -1477,11 +1478,21 @@ static int smbldap_search_ext(struct smbldap_state *ldap_state,
* covers the case where the server's operation takes too long. It
* does not cover the case where the request hangs on its way to the
* server. The server side timeout is not strictly necessary, it's
- * just a bit more kind to the server. VL. */
+ * just a bit more kind to the server. VL.
+ * We prefer to get the server termination though because otherwise we
+ * have to rebind to the LDAP server aѕ we get a LDAP_SERVER_DOWN in the
+ * alarm termination case. So let's call the alarm 2s later, which
+ * should be enough for the server to report the timelimit exceeded.
+ * in case the ldal timeout is 0 (no limit) we set the _no_ alarm
+ * accordingly. BJ. */
got_alarm = 0;
CatchSignal(SIGALRM, gotalarm_sig);
- alarm(lp_ldap_timeout());
+ alarm_timer = lp_ldap_timeout();
+ if (alarm_timer > 0) {
+ alarm_timer += 2;
+ }
+ alarm(alarm_timer);
/* End setup timeout. */
while (another_ldap_try(ldap_state, &rc, &attempts, endtime)) {