9eff14e488
- login_disabled option before starttls for pop3 - fix compiler warnings for GCC5 - Fix IMAP mailbox maintanence - prevent assertion in p_string_erase - improve crypt authentication, also don't segfault when spasswd is empty - simplify log_query_time duration logic - Disconnect IMAP clients if only few free FDs left - Add primary key constraint to dbmail_authlog - Rework temporary connection failures - Give sensible default for retry 120s - Add retries for binding and searching - Bump search timeout to 60s - Increase ldap timeout to 600s 10 mins - Refactor deprecated functions - Get timeout from config - Remove redundant event_assign - Remove deprecated non functioning g_mem_profile - Add definition for authldap_free - Revert inadvertent event_assign removal - Reduce failed LDAP connection for search to error - Update LDAP to non deprecated search - Clear the ldap connection - Update ldap deprecated unbind - Fix typo - Update to ldap_unbind_ext_s and remove redundant sigaction - Rebalance commit rollback - Ensure mailbox2dbmail is using Python 2 - Tidy mailbox2dbmail man page - Update description of pid file location in server man page - Boundaries fixups ordering of parts do not add newline on - Prepend headers during delivery - Allow for systems that don't use proc PR: 210274 Submitted by: fluffy
95 lines
3.1 KiB
Text
95 lines
3.1 KiB
Text
From cca81b0164c83a90eafa8d27d4887638cae080b5 Mon Sep 17 00:00:00 2001
|
|
From: Alan Hicks <ahicks@p-o.co.uk>
|
|
Date: Tue, 4 Oct 2016 15:34:04 +0100
|
|
Subject: [PATCH 11/33] Add retries for binding and searching
|
|
|
|
---
|
|
src/modules/authldap.c | 43 +++++++++++++++++++++++++++----------------
|
|
1 file changed, 27 insertions(+), 16 deletions(-)
|
|
|
|
diff --git src/modules/authldap.c src/modules/authldap.c
|
|
index 1b1b1bd..475c985 100644
|
|
--- src/modules/authldap.c
|
|
+++ src/modules/authldap.c
|
|
@@ -126,10 +126,11 @@ static LDAP * ldap_con_get(void)
|
|
return ld;
|
|
}
|
|
int c = 0;
|
|
+ int c_tries = 120;
|
|
int err = -1; // Start wanting success
|
|
- while (err != 0 && c++ < 120) {
|
|
+ while (err != 0 && c++ < c_tries) {
|
|
// Loop until success or too many retries
|
|
- TRACE(TRACE_DEBUG, "No connection trying [%d]", c);
|
|
+ TRACE(TRACE_DEBUG, "No connection trying [%d/%d]", c, c_tries);
|
|
|
|
err = authldap_connect();
|
|
|
|
@@ -139,11 +140,13 @@ static LDAP * ldap_con_get(void)
|
|
TRACE(TRACE_DEBUG, "connection [%p]", ld);
|
|
break;
|
|
case LDAP_SERVER_DOWN:
|
|
- TRACE(TRACE_WARNING, "LDAP gone away: %s. Trying to reconnect(%d/120).", ldap_err2string(err),c);
|
|
+ TRACE(TRACE_WARNING, "LDAP gone away: %s. Trying to reconnect(%d/%d).", ldap_err2string(err), c, c_tries);
|
|
sleep(1); // reconnect failed. wait before trying again
|
|
break;
|
|
default:
|
|
+ // Includes timeouts etc. Should probably refactor.
|
|
TRACE(TRACE_ERR, "LDAP error(%d): %s", err, ldap_err2string(err));
|
|
+ sleep(1);
|
|
break;
|
|
}
|
|
}
|
|
@@ -261,7 +264,9 @@ static LDAPMessage * authldap_search(const gchar *query)
|
|
LDAPMessage *ldap_res;
|
|
int _ldap_attrsonly = 0;
|
|
char **_ldap_attrs = NULL;
|
|
- int err;
|
|
+ int err = -1; // Start wanting success
|
|
+ int c = 0;
|
|
+ int c_tries = 10;
|
|
LDAP *_ldap_conn;
|
|
|
|
g_return_val_if_fail(query!=NULL, NULL);
|
|
@@ -269,20 +274,26 @@ static LDAPMessage * authldap_search(const gchar *query)
|
|
_ldap_conn = ldap_con_get();
|
|
|
|
TRACE(TRACE_DEBUG, " [%s]", query);
|
|
- err = ldap_search_s(_ldap_conn, _ldap_cfg.base_dn, _ldap_cfg.scope_int,
|
|
- query, _ldap_attrs, _ldap_attrsonly, &ldap_res);
|
|
|
|
- if (! err)
|
|
- return ldap_res;
|
|
+ while (err != 0 && c++ < c_tries) {
|
|
+ // Loop until success or too many retries
|
|
+
|
|
+ err = ldap_search_s(_ldap_conn, _ldap_cfg.base_dn, _ldap_cfg.scope_int,
|
|
+ query, _ldap_attrs, _ldap_attrsonly, &ldap_res);
|
|
|
|
- switch (err) {
|
|
- case LDAP_SERVER_DOWN:
|
|
- TRACE(TRACE_WARNING, "LDAP gone away: %s).", ldap_err2string(err));
|
|
- break;
|
|
- default:
|
|
- TRACE(TRACE_ERR, "LDAP error(%d): %s", err, ldap_err2string(err));
|
|
- return NULL;
|
|
- break;
|
|
+ switch (err) {
|
|
+ case LDAP_SUCCESS:
|
|
+ return ldap_res;
|
|
+ break;
|
|
+ case LDAP_SERVER_DOWN:
|
|
+ TRACE(TRACE_WARNING, "LDAP gone away: %s. Trying again(%d/%d).", ldap_err2string(err), c, c_tries);
|
|
+ break;
|
|
+ default:
|
|
+ // Includes timeouts etc. Should probably refactor.
|
|
+ TRACE(TRACE_ERR, "LDAP error(%d): %s. Trying again (%d/%d).", err, ldap_err2string(err), c, c_tries);
|
|
+ break;
|
|
+ }
|
|
+ sleep(1); // Search failed. Wait before trying again.
|
|
}
|
|
|
|
TRACE(TRACE_EMERG,"unrecoverable error while talking to ldap server");
|
|
--
|
|
2.10.1 (Apple Git-78)
|
|
|