few other paths that have us returning LDAP_OTHER (since
only 'server down' is retryable, we want to work hard to get
it returned when appropriate)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1157677 13f79535-47bb-0310-9956-ffa450edef68
number of retries (LDAPRetries, default 3) and configurable delay between
retries (LDAPRetryDelay, no delay by default).
The LDAP connection is re-initted every other retry, instead of
on the fifth retry -- this was a much more recent addition then
the basic looping behavior.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1156790 13f79535-47bb-0310-9956-ffa450edef68
Incorporate the ap_ldap incomplete API, as there is no interest or effort
at APR to make this a complete abstraction, and it was voted 'off the island'
with APR 2.0. This will allow httpd 2.3 to build against either apr-2.0
or apr+util 1.x.
This also reverts part of r1142938, which needs to be re-done.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/revert-ap-ldap@1150172 13f79535-47bb-0310-9956-ffa450edef68
optional functions for the inter-module API:
* modules/ldap/ldap_private.h: New file, containing "real" function
declarations, copied from...
* include/ap_ldap.h.in, include/ap_ldap_url.h,
include/ap_ldap_option.h, include/ap_ldap_init.h,
include/ap_ldap_rebind.h: ... here. All declarations changed to APR
optional function declarations.
* modules/ldap/util_ldap.c (util_ldap_register_hooks): Register all
the new optional functions.
* modules/aaa/mod_authnz_ldap.c (ImportULDAPOptFn): Pick up optional
function stub for ap_ldap_url_parse.
(mod_auth_ldap_parse_url): Use it here.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1140069 13f79535-47bb-0310-9956-ffa450edef68
at APR to make this a complete abstraction, and it was voted 'off the island'
with APR 2.0. This will allow httpd 2.3 to build against either apr-2.0
or apr+util 1.x.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1129808 13f79535-47bb-0310-9956-ffa450edef68
process as opposed to disabling caching completely. This allows to use
the non-shared-memory cache as a workaround for the shared memory cache
not being available during graceful restarts
PR: 48958
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1096577 13f79535-47bb-0310-9956-ffa450edef68
remove unnecessary uldap_connection_cleanup (nothing needed between unbind
and remove)
properly remove rebind callback info when credentials change
maintain a separate pool for the rebind callback storage so it can be cleared
when the connection is unbound.
(major bump for util_ldap function removal)
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1081005 13f79535-47bb-0310-9956-ffa450edef68
if they were not active during server startup but got enabled later during a
graceful restart (in which case they need to do all work during a single
config run).
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1070153 13f79535-47bb-0310-9956-ffa450edef68
like bind and search.
For operations other than search, the support of the timeout depends on the
LDAP SDK supporting LDAP_OPT_TIMEOUT (e.g. OpenLDAP >= 2.4.4). An exception is
the ldap_simple_bind() in uldap_connection_open(): Here we put some extra
effort into detecting a timeout in a portable way, to catch an idle connection
having been dropped by a firewall.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@898102 13f79535-47bb-0310-9956-ffa450edef68
watchdog: use better mutex type name
ldap/digest: use same FOO_mutex_type variable name as other modules
for easier searching
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@883708 13f79535-47bb-0310-9956-ffa450edef68
and WatchdogMutexPath with a single Mutex directive. Add APIs to
simplify setup and user customization of APR proc and global mutexes.
(See util_mutex.h.) Build-time setting DEFAULT_LOCKFILE is no longer
respected; set DEFAULT_REL_RUNTIMEDIR instead.
Some existing modules, such as mod_ldap and mod_auth_digest gain
configurability for their mutexes.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@883540 13f79535-47bb-0310-9956-ffa450edef68
to do anything with it, and causes an error on released openldap levels.
Also moves/remove some macros internal to mod_ldap out of the public header for a major bump.
Reported against APR in PR47501, but httpd shouldn't be asking for the option
by default.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@831542 13f79535-47bb-0310-9956-ffa450edef68
tracing in underlying LDAP SDK, where all the interesting tidbits
about all kinds of LDAP errors are hidden.
Unfortunately windows doesn't implement this LDAP_OPT.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@831183 13f79535-47bb-0310-9956-ffa450edef68
small, try to free some memory by purging the cache and log a warning.
Also increase the default LDAPSharedCacheSize to 500000. This is a more
realistic size suitable for the default values of 1024 for LdapCacheEntries and
LdapOpCacheEntries.
PR: 46749
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@822458 13f79535-47bb-0310-9956-ffa450edef68
old error log message:
auth_ldap authenticate: user wbush authentication failed; URI /ldap-status [(null)][Can't contact LDAP server]
new error log message:
auth_ldap authenticate: user wbush authentication failed; URI /ldap-status [Unable to set LDAP_OPT_REFHOPLIMIT.][Can't contact LDAP server]
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@735068 13f79535-47bb-0310-9956-ffa450edef68
