1 files changed, 12 insertions, 12 deletions

diff --git a/daemon/ldap.c b/daemon/ldap.c
index 3ed7199..2474d09 100644
--- a/daemon/ldap.c
+++ b/daemon/ldap.c
@@ -74,6 +74,7 @@ typedef struct ldap_context
 
   int dobind;               /* Bind to do simple authentication */
   int cache_max;            /* Maximum number of connections at once */
+  int cache_timeout;
   int ldap_max;             /* Number of open connections allowed */
   int ldap_timeout;         /* Maximum amount of time to dedicate to an ldap query */
 
@@ -103,6 +104,7 @@ static const ldap_context_t ldap_defaults =
   NULL,               /* domains */
   1,                  /* dobind */
   1000,               /* cache_max */
+  30,                 /* cache_timeout */
   10,                 /* ldap_max */
   30,                 /* ldap_timeout */
   NULL,               /* cache */
@@ -939,7 +941,7 @@ static int digest_ldap_challenge(ldap_context_t* ctx, ha_response_t* resp,
 }
 
 static int digest_ldap_response(ldap_context_t* ctx, const char* header,
-                                const char* method, const char* uri, int timeout,
+                                const char* method, const char* uri,
                                ha_response_t* resp, ha_buffer_t* buf)
 {
   unsigned char nonce[DIGEST_NONCE_LEN];
@@ -972,7 +974,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
   rec = get_cached_digest(ctx, nonce);
 
   /* Check to see if we're stale */
-  if((expiry + timeout) <= time(NULL))
+  if((expiry + ctx->cache_timeout) <= time(NULL))
   {
     stale = 1;
     goto finally;
@@ -1011,7 +1013,7 @@ static int digest_ldap_response(ldap_context_t* ctx, const char* header,
     resp->detail = dg.username;
 
     /* Figure out if we need a new nonce */
-    if((expiry + (timeout - (timeout / 8))) < time(NULL))
+    if((expiry + (ctx->cache_timeout - (ctx->cache_timeout / 8))) < time(NULL))
     {
       digest_makenonce(nonce, g_ldap_secret, NULL);
       stale = 1;
@@ -1151,11 +1153,6 @@ int ldap_config(ha_context_t* context, const char* name, const char* value)
     return ha_confint(name, value, 0, 86400, &(ctx->ldap_timeout));
   }
 
-  else if(strcmp(name, "cachemax") == 0)
-  {
-    return ha_confint(name, value, 0, 0x7FFFFFFF, &(ctx->cache_max));
-  }
-
   return HA_FALSE;
 }
 
@@ -1216,6 +1213,10 @@ int ldap_inithand(ha_context_t* context)
     }
 
     memset(ctx->pool, 0, sizeof(LDAP*) * ctx->ldap_max);
+
+    /* Copy some settings over for easy access */
+    ctx->cache_max = context->cache_max;
+    ctx->cache_timeout = context->cache_timeout;
   }
 
   return HA_OK;
@@ -1231,7 +1232,7 @@ void ldap_destroy(ha_context_t* context)
   /* Note: We don't need to be thread safe here anymore */
   ldap_context_t* ctx = (ldap_context_t*)(context->data);
 
-  ASSERT(data);
+  ASSERT(ctx);
 
   if(ctx->cache)
     hash_free(ctx->cache);
@@ -1265,7 +1266,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
   ha_lock(NULL);
 
     /* Purge out stale connection stuff. */
-    hash_purge(ctx->cache, t - context->timeout);
+    hash_purge(ctx->cache, t - ctx->cache_timeout);
 
   ha_unlock(NULL);
 
@@ -1281,8 +1282,7 @@ int ldap_process(ha_context_t* context, ha_request_t* req,
     if(header)
     {
       ret = digest_ldap_response(ctx, header, req->args[AUTH_ARG_METHOD],
-                                 req->args[AUTH_ARG_URI], context->timeout,
-                                 resp, buf);
+                                 req->args[AUTH_ARG_URI], resp, buf);
       if(ret == HA_ERROR)
         return ret;
     }