[SCM] Samba Shared Repository - branch v3-2-stable updated - release-3-2-0rc1-33-g0529550

Karolin Seeger kseeger at samba.org
Wed Jun 4 11:24:24 GMT 2008 

The branch, v3-2-stable has been updated
       via  05295505bb773e5351ebcbf0dd9694e72ae94a7e (commit)
       via  539210ea8e023afe71895c2ba093fff59c814fcb (commit)
       via  4307701b6ca3ac953c9eba16668496b79ffd1082 (commit)
      from  73ae1aa1c6c460451855e30114b1a331529a042d (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable


- Log -----------------------------------------------------------------
commit 05295505bb773e5351ebcbf0dd9694e72ae94a7e
Author: Karolin Seeger <kseeger at samba.org>
Date:   Wed Jun 4 13:24:00 2008 +0200

    WHATSNEW: Update changes since 3.2.0rc1.
    
    Karolin
    (cherry picked from commit f2befbeb35a002877db853b6cd72a04ac8f5e8ad)

commit 539210ea8e023afe71895c2ba093fff59c814fcb
Author: Karolin Seeger <kseeger at samba.org>
Date:   Tue Jun 3 16:44:59 2008 +0200

    man pages: Add documentation for new parameter 'ldap connection timeout'.
    
    Karolin
    (cherry picked from commit f7bfa1330cef34b1bbe7969bddbce2ff895321ed)

commit 4307701b6ca3ac953c9eba16668496b79ffd1082
Author: Björn Jacke <bj at sernet.de>
Date:   Mon May 26 11:29:24 2008 +0200

    Add ldap connection timeout for OpenLDAP and Netscape LDAP libs. This can be controlled via the ldap connection timeout parameter. This fixes fallbacks to secondary LDAP servers in multi LDAP server setups like in #4544
    (cherry picked from commit 8e59a2fedc940b081222b0e8f90fe0c5a0981c06)

-----------------------------------------------------------------------

Summary of changes:
 WHATSNEW.txt                                       |    6 ++++
 docs-xml/smbdotconf/ldap/ldapconnectiontimeout.xml |   22 ++++++++++++++++
 source/include/smbldap.h                           |    3 +-
 source/lib/smbldap.c                               |   26 +++++++++++++++++++-
 source/param/loadparm.c                            |   14 ++++++++++-
 5 files changed, 68 insertions(+), 3 deletions(-)
 create mode 100644 docs-xml/smbdotconf/ldap/ldapconnectiontimeout.xml


Changeset truncated at 500 lines:

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 1db5358..d3f6a36 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -194,6 +194,7 @@ smb.conf changes
     ctdbd socket			New		""
     debug class				New		No
     lanman auth				Changed Default	No
+    ldap connection timeout		New		2
     ldap debug level			New		0
     ldap debug threshold		New		10
     mangled map				Removed
@@ -225,6 +226,11 @@ o   Günther Deschner <gd at samba.org>
     * BUG 5285: Fix libcap header mismatch.
 
 
+o   Björn Jacke <bj at sernet.de>
+    * BUG 4544: Add new parameter 'ldap connection timeout' to prevent
+      waiting for TCP connection timeouts if no LDAP server is available.
+
+
 o   Volker Lendecke <vl at samba.org>
     * BUG 5502: Fix security=server.
 
diff --git a/docs-xml/smbdotconf/ldap/ldapconnectiontimeout.xml b/docs-xml/smbdotconf/ldap/ldapconnectiontimeout.xml
new file mode 100644
index 0000000..31713c9
--- /dev/null
+++ b/docs-xml/smbdotconf/ldap/ldapconnectiontimeout.xml
@@ -0,0 +1,22 @@
+<samba:parameter name="ldap connection timeout"
+		 context="G"
+		 advanced="1" developer="1"
+			type="integer"
+		 xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+	<para>
+	This parameter tells the LDAP library calls which timeout in seconds
+	they should honor during initial connection establishments to LDAP servers.
+	It is very useful in failover scenarios in particular. If one or more LDAP
+	servers are not reachable at all, we do not have to wait until TCP
+	timeouts are over. This feature must be supported by your LDAP library.
+	</para>
+
+	<para>
+	This parameter is different from <smbconfoption name="ldap timeout"/>
+	which affects operations on LDAP servers using an existing connection
+	and not establishing an initial connection.
+	</para>
+</description>
+<value type="default">2</value>
+</samba:parameter>
diff --git a/source/include/smbldap.h b/source/include/smbldap.h
index d9d7aca..79e0a38 100644
--- a/source/include/smbldap.h
+++ b/source/include/smbldap.h
@@ -220,7 +220,8 @@ const char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
 
 #endif 	/* HAVE_LDAP */
 
-#define LDAP_CONNECT_DEFAULT_TIMEOUT   15
+#define LDAP_DEFAULT_TIMEOUT   15
+#define LDAP_CONNECTION_DEFAULT_TIMEOUT 2
 #define LDAP_PAGE_SIZE 1024
 
 #endif	/* _SMBLDAP_H */
diff --git a/source/lib/smbldap.c b/source/lib/smbldap.c
index 65a039b..0598b78 100644
--- a/source/lib/smbldap.c
+++ b/source/lib/smbldap.c
@@ -670,9 +670,33 @@ int smb_ldap_setup_conn(LDAP **ldap_struct, const char *uri)
 			return LDAP_OPERATIONS_ERROR;
 #endif /* LDAP_OPT_X_TLS */
 		}
-
 	}
 #endif /* HAVE_LDAP_INITIALIZE */
+
+
+	/* now set connection timeout */
+#ifdef LDAP_X_OPT_CONNECT_TIMEOUT /* Netscape */
+	{
+		int ct = lp_ldap_connection_timeout()*1000;
+		rc = ldap_set_option(*ldap_struct, LDAP_X_OPT_CONNECT_TIMEOUT, &ct);
+		if (rc != LDAP_SUCCESS) {
+			DEBUG(0,("Failed to setup an ldap connection timeout %d: %s\n",
+				ct, ldap_err2string(rc)));
+		}
+	}
+#elif defined (LDAP_OPT_NETWORK_TIMEOUT) /* OpenLDAP */
+	{
+		struct timeval ct;
+		ct.tv_usec = 0;
+		ct.tv_sec = lp_ldap_connection_timeout();
+		rc = ldap_set_option(*ldap_struct, LDAP_OPT_NETWORK_TIMEOUT, &ct);
+		if (rc != LDAP_SUCCESS) {
+			DEBUG(0,("Failed to setup an ldap connection timeout %d: %s\n",
+				ct.tv_sec, ldap_err2string(rc)));
+		}
+	}
+#endif
+
 	return LDAP_SUCCESS;
 }
 
diff --git a/source/param/loadparm.c b/source/param/loadparm.c
index b539684..c6a7489 100644
--- a/source/param/loadparm.c
+++ b/source/param/loadparm.c
@@ -264,6 +264,7 @@ struct global {
 	int ldap_passwd_sync;
 	int ldap_replication_sleep;
 	int ldap_timeout; /* This is initialised in init_globals */
+	int ldap_connection_timeout;
 	int ldap_page_size;
 	bool ldap_delete_dn;
 	bool bMsAddPrinterWizard;
@@ -3563,6 +3564,15 @@ static struct parm_struct parm_table[] = {
 		.flags		= FLAG_ADVANCED,
 	},
 	{
+		.label		= "ldap connection timeout",
+		.type		= P_INTEGER,
+		.p_class	= P_GLOBAL,
+		.ptr		= &Globals.ldap_connection_timeout,
+		.special	= NULL,
+		.enum_list	= NULL,
+		.flags		= FLAG_ADVANCED,
+	},
+	{
 		.label		= "ldap page size",
 		.type		= P_INTEGER,
 		.p_class	= P_GLOBAL,
@@ -4756,7 +4766,8 @@ static void init_globals(bool first_time_only)
 	Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
 	Globals.ldap_delete_dn = False;
 	Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
-	Globals.ldap_timeout = LDAP_CONNECT_DEFAULT_TIMEOUT;
+	Globals.ldap_timeout = LDAP_DEFAULT_TIMEOUT;
+	Globals.ldap_connection_timeout = LDAP_CONNECTION_DEFAULT_TIMEOUT;
 	Globals.ldap_page_size = LDAP_PAGE_SIZE;
 
 	Globals.ldap_debug_level = 0;
@@ -5075,6 +5086,7 @@ FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
 FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
 FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, &Globals.ldap_replication_sleep)
 FN_GLOBAL_INTEGER(lp_ldap_timeout, &Globals.ldap_timeout)
+FN_GLOBAL_INTEGER(lp_ldap_connection_timeout, &Globals.ldap_connection_timeout)
 FN_GLOBAL_INTEGER(lp_ldap_page_size, &Globals.ldap_page_size)
 FN_GLOBAL_INTEGER(lp_ldap_debug_level, &Globals.ldap_debug_level)
 FN_GLOBAL_INTEGER(lp_ldap_debug_threshold, &Globals.ldap_debug_threshold)


-- 
Samba Shared Repository

More information about the samba-cvs mailing list