diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | configure.in | 4 | ||||
| -rw-r--r-- | daemon/httpauthd.c | 2 | ||||
| -rw-r--r-- | daemon/ldap.c | 25 |
4 files changed, 26 insertions, 9 deletions
@@ -1,3 +1,7 @@ +0.4 + - Better reconnection after a closed connection from mod_httpauth + - Fixed LDAP bind type authentication bug + 0.3 - Changed 'method' to 'handler' throughout - Fixed bug in hash.c diff --git a/configure.in b/configure.in index ecd2c47..50ef1fb 100644 --- a/configure.in +++ b/configure.in @@ -36,8 +36,8 @@ dnl Nate Nielsen <nielsen@memberwebs.com> dnl dnl Process this file with autoconf to produce a configure script. -AC_INIT(httpauth, 0.3, nielsen@memberwebs.com) -AM_INIT_AUTOMAKE(httpauth, 0.3) +AC_INIT(httpauth, 0.4, nielsen@memberwebs.com) +AM_INIT_AUTOMAKE(httpauth, 0.4) LDFLAGS="$LDFLAGS -L/usr/local/lib" CFLAGS="$CFLAGS -I/usr/local/include -g -O0" diff --git a/daemon/httpauthd.c b/daemon/httpauthd.c index d3efbe9..e5b8dcb 100644 --- a/daemon/httpauthd.c +++ b/daemon/httpauthd.c @@ -362,7 +362,7 @@ int main(int argc, char* argv[]) } /* Start a new thread if neccessary */ - if(fd != 0 && threads[i].tid == 0) + if(fd != -1 && threads[i].tid == 0) { threads[i].fd = fd; r = pthread_create(&(threads[i].tid), NULL, httpauth_thread, diff --git a/daemon/ldap.c b/daemon/ldap.c index 37ef27a..3befc4b 100644 --- a/daemon/ldap.c +++ b/daemon/ldap.c @@ -650,6 +650,7 @@ static void save_ldap_connection(ldap_context_t* ctx, LDAP* ld) case LDAP_SERVER_DOWN: case LDAP_LOCAL_ERROR: case LDAP_NO_MEMORY: + discard_ldap_connection(ctx, ld); break; default: @@ -667,13 +668,13 @@ static void save_ldap_connection(ldap_context_t* ctx, LDAP* ld) break; }; +} - if(ld != NULL) - { - ldap_unbind_s(ld); - ctx->pool_mark--; - ha_messagex(LOG_DEBUG, "ldap: discarding connection (total %d)", ctx->pool_mark); - } +static discard_ldap_connection(ldap_context_t* ctx, LDAP* ld) +{ + ldap_unbind_s(ld); + ctx->pool_mark--; + ha_messagex(LOG_DEBUG, "ldap: discarding connection (total %d)", ctx->pool_mark); } static int retrieve_user_entry(ldap_context_t* ctx, const ha_request_t* req, LDAP* ld, @@ -968,6 +969,18 @@ static int basic_ldap_response(ldap_context_t* ctx, const char* header, /* It worked! */ ha_messagex(LOG_NOTICE, "ldap: validated basic user using bind: %s", basic.user); found = 1; + + /* Now we have to rebind the connection back to the main user */ + r = ldap_simple_bind_s(ld, ctx->user ? ctx->user : "", + ctx->password ? ctx->password : ""); + if(r != LDAP_SUCCESS) + { + report_ldap("ldap: couldn't rebind LDAP connection back to auth credentials", r); + + /* Discard the connection since it's useless to us */ + discard_ldap_connection(ctx, ld); + ld = NULL; + } } |