openldap-bugs September 2017

openldap-bugs@openldap.org

35 participants
128 discussions

Re: (ITS#8719) slapd_crypt() become slow when many ldap cliant connections occur.
by yos-nishino＠ys.jp.nec.com 03 Sep '17

03 Sep '17

--_003_282E583D7ED52C4FA3C4CC199465868B02804CD4BPXM04GPgispnec_ Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable Dear Howard-san, >I created two patches for passwd.c. I am sorry. The patches I sent before were wrong because free(data) is left= . I send the fixed patches again. Best Regards, ************************************************ Yoshinori Nishino NEC Solution Innovators, Ltd. 1-18-7 Shinkiba, Koto-ku, Tokyo, 136-8627 Japan E-MAIL: … [View More]yos-nishino(a)ys.jp.nec.com ************************************************ --_003_282E583D7ED52C4FA3C4CC199465868B02804CD4BPXM04GPgispnec_ Content-Type: application/octet-stream; name="openldap-slapd_crypt_case2.patch" Content-Description: openldap-slapd_crypt_case2.patch Content-Disposition: attachment; filename="openldap-slapd_crypt_case2.patch"; size=1382; creation-date="Sun, 03 Sep 2017 01:05:35 GMT"; modification-date="Sun, 03 Sep 2017 02:11:42 GMT" Content-Transfer-Encoding: base64 bW9kaWZ5IHBhc3N3ZC5jIHNvIHRoYXQgc2xhcGRfY3J5cHQoKSB1c2VzIGNyeXB0X3IoKS4KCmRp ZmYgLS1naXQgYS9zZXJ2ZXJzL3NsYXBkL3Bhc3N3ZC5jIGIvc2VydmVycy9zbGFwZC9wYXNzd2Qu YwppbmRleCBkZmEzNzBjLi5lY2UwNWZiIDEwMDY0NAotLS0gYS9zZXJ2ZXJzL3NsYXBkL3Bhc3N3 ZC5jCisrKyBiL3NlcnZlcnMvc2xhcGQvcGFzc3dkLmMKQEAgLTIzLDggKzIzLDExIEBACiAjaW5j bHVkZSA8YWMvdW5pc3RkLmg+CiAKICNpZmRlZiBTTEFQRF9DUllQVAorI2lmZGVmIEhBVkVfQ1JZ UFRfUgorI2RlZmluZSBfX1VTRV9HTlUKKyNlbmRpZiAvKiBIQVZFX0NSWVBUX1IgKi8KICNpbmNs dWRlIDxhYy9jcnlwdC5oPgotI2VuZGlmCisjZW5kaWYgLyogU0xBUERfQ1JZUFQgKi8KIAogI2lu Y2x1ZGUgInNsYXAuaCIKIApAQCAtNTkwLDYgKzU5MywzMCBAQCBzbGFwX3Bhc3N3ZF9oYXNoKAog c3RhdGljIGxkYXBfcHZ0X3RocmVhZF9tdXRleF90IHBhc3N3ZF9tdXRleDsKIHN0YXRpYyBsdXRp bF9jcnlwdGZ1bmMgc2xhcGRfY3J5cHQ7CiAKKyNpZmRlZiBIQVZFX0NSWVBUX1IKK3N0YXRpYyBp bnQgc2xhcGRfY3J5cHQoIGNvbnN0IGNoYXIgKmtleSwgY29uc3QgY2hhciAqc2FsdCwgY2hhciAq Kmhhc2ggKQoreworCWNoYXIgKmNyOworCWludCByYzsKKwlzdHJ1Y3QgY3J5cHRfZGF0YSBkYXRh OworICAgIAorCWRhdGEuaW5pdGlhbGl6ZWQgPSAwOworCWNyID0gY3J5cHRfcigga2V5LCBzYWx0 LCAmZGF0YSApOworCWlmICggY3IgPT0gTlVMTCB8fCBjclswXSA9PSAnXDAnICkgeworCQkvKiBz YWx0IG11c3QgaGF2ZSBiZWVuIGludmFsaWQgKi8KKwkJcmMgPSBMVVRJTF9QQVNTV0RfRVJSOwor CX0gZWxzZSB7CisJCWlmICggaGFzaCApIHsKKwkJCSpoYXNoID0gYmVyX3N0cmR1cCggY3IgKTsK KwkJCXJjID0gTFVUSUxfUEFTU1dEX09LOworCQl9IGVsc2UgeworCQkJcmMgPSBzdHJjbXAoIHNh bHQsIGNyICkgPyBMVVRJTF9QQVNTV0RfRVJSIDogTFVUSUxfUEFTU1dEX09LOworCQl9CisJfQor CisgICAgcmV0dXJuIHJjOworfQorI2Vsc2UKIHN0YXRpYyBpbnQgc2xhcGRfY3J5cHQoIGNvbnN0 IGNoYXIgKmtleSwgY29uc3QgY2hhciAqc2FsdCwgY2hhciAqKmhhc2ggKQogewogCWNoYXIgKmNy OwpAQCAtNjE0LDYgKzY0MSw4IEBAIHN0YXRpYyBpbnQgc2xhcGRfY3J5cHQoIGNvbnN0IGNoYXIg KmtleSwgY29uc3QgY2hhciAqc2FsdCwgY2hhciAqKmhhc2ggKQogCWxkYXBfcHZ0X3RocmVhZF9t dXRleF91bmxvY2soICZwYXNzd2RfbXV0ZXggKTsKIAlyZXR1cm4gcmM7CiB9CisjZW5kaWYgLyog SEFWRV9DUllQVF9SICovCisKICNlbmRpZiAvKiBTTEFQRF9DUllQVCAqLwogCiB2b2lkIHNsYXBf cGFzc3dkX2luaXQoKQo= --_003_282E583D7ED52C4FA3C4CC199465868B02804CD4BPXM04GPgispnec_ Content-Type: application/octet-stream; name="openldap-slapd_crypt_case1.patch" Content-Description: openldap-slapd_crypt_case1.patch Content-Disposition: attachment; filename="openldap-slapd_crypt_case1.patch"; size=1482; creation-date="Sun, 03 Sep 2017 01:05:32 GMT"; modification-date="Sun, 03 Sep 2017 02:10:39 GMT" Content-Transfer-Encoding: base64 bW9kaWZ5IHBhc3N3ZC5jIHNvIHRoYXQgc2xhcGRfY3J5cHQoKSB1c2VzIGNyeXB0X3IoKS4KCmRp ZmYgLS1naXQgYS9zZXJ2ZXJzL3NsYXBkL3Bhc3N3ZC5jIGIvc2VydmVycy9zbGFwZC9wYXNzd2Qu YwppbmRleCBkZmEzNzBjLi40OTcwNWY4IDEwMDY0NAotLS0gYS9zZXJ2ZXJzL3NsYXBkL3Bhc3N3 ZC5jCisrKyBiL3NlcnZlcnMvc2xhcGQvcGFzc3dkLmMKQEAgLTIzLDggKzIzLDExIEBACiAjaW5j bHVkZSA8YWMvdW5pc3RkLmg+CiAKICNpZmRlZiBTTEFQRF9DUllQVAorI2lmZGVmIEhBVkVfQ1JZ UFRfUgorI2RlZmluZSBfX1VTRV9HTlUKKyNlbmRpZiAvKiBIQVZFX0NSWVBUX1IgKi8KICNpbmNs dWRlIDxhYy9jcnlwdC5oPgotI2VuZGlmCisjZW5kaWYgLyogU0xBUERfQ1JZUFQgKi8KIAogI2lu Y2x1ZGUgInNsYXAuaCIKIApAQCAtNTkwLDYgKzU5MywzMiBAQCBzbGFwX3Bhc3N3ZF9oYXNoKAog c3RhdGljIGxkYXBfcHZ0X3RocmVhZF9tdXRleF90IHBhc3N3ZF9tdXRleDsKIHN0YXRpYyBsdXRp bF9jcnlwdGZ1bmMgc2xhcGRfY3J5cHQ7CiAKKyNpZmRlZiBIQVZFX0NSWVBUX1IKK3N0YXRpYyBp bnQgc2xhcGRfY3J5cHQoIGNvbnN0IGNoYXIgKmtleSwgY29uc3QgY2hhciAqc2FsdCwgY2hhciAq Kmhhc2ggKQoreworCWNoYXIgKmNyOworCWludCByYzsKKwlzdHJ1Y3QgY3J5cHRfZGF0YSBkYXRh OworICAgIAorCWRhdGEuaW5pdGlhbGl6ZWQgPSAwOworCWNyID0gY3J5cHRfcigga2V5LCBzYWx0 LCAmZGF0YSApOworCWlmICggY3IgPT0gTlVMTCB8fCBjclswXSA9PSAnXDAnICkgeworCQkvKiBz YWx0IG11c3QgaGF2ZSBiZWVuIGludmFsaWQgKi8KKwkJcmMgPSBMVVRJTF9QQVNTV0RfRVJSOwor CX0gZWxzZSB7CisJCWlmICggaGFzaCApIHsKKwkJCWxkYXBfcHZ0X3RocmVhZF9tdXRleF9sb2Nr KCAmcGFzc3dkX211dGV4ICk7CisJCQkqaGFzaCA9IGJlcl9zdHJkdXAoIGNyICk7CisJCQlsZGFw X3B2dF90aHJlYWRfbXV0ZXhfdW5sb2NrKCAmcGFzc3dkX211dGV4ICk7CisJCQlyYyA9IExVVElM X1BBU1NXRF9PSzsKKwkJfSBlbHNlIHsKKwkJCXJjID0gc3RyY21wKCBzYWx0LCBjciApID8gTFVU SUxfUEFTU1dEX0VSUiA6IExVVElMX1BBU1NXRF9PSzsKKwkJfQorCX0KKworICAgIHJldHVybiBy YzsKK30KKyNlbHNlCiBzdGF0aWMgaW50IHNsYXBkX2NyeXB0KCBjb25zdCBjaGFyICprZXksIGNv bnN0IGNoYXIgKnNhbHQsIGNoYXIgKipoYXNoICkKIHsKIAljaGFyICpjcjsKQEAgLTYxNCw2ICs2 NDMsOCBAQCBzdGF0aWMgaW50IHNsYXBkX2NyeXB0KCBjb25zdCBjaGFyICprZXksIGNvbnN0IGNo YXIgKnNhbHQsIGNoYXIgKipoYXNoICkKIAlsZGFwX3B2dF90aHJlYWRfbXV0ZXhfdW5sb2NrKCAm cGFzc3dkX211dGV4ICk7CiAJcmV0dXJuIHJjOwogfQorI2VuZGlmIC8qIEhBVkVfQ1JZUFRfUiAq LworCiAjZW5kaWYgLyogU0xBUERfQ1JZUFQgKi8KIAogdm9pZCBzbGFwX3Bhc3N3ZF9pbml0KCkK --_003_282E583D7ED52C4FA3C4CC199465868B02804CD4BPXM04GPgispnec_-- [View Less]

1 0

Re: (ITS#8719) slapd_crypt() become slow when many ldap cliant connections occur.
by yos-nishino＠ys.jp.nec.com 03 Sep '17

03 Sep '17

--_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_ Content-Type: text/plain; charset="iso-2022-jp" Content-Transfer-Encoding: quoted-printable Dear Howard-san, I appreciate your many valuable advices. >Never use calloc/malloc/free directly in slapd code. Always use ch_calloc/= ch_malloc/ch_free. > >In this particular case, there's no reason to allocate at all. Just define= "struct crypt_data data" as a local variable. You are right. There is no need to allocate memory … [View More]for "data" because using= a local variable is also thread-safe in this case. >Also there's no reason to lock the passwd_mutex at all. That would complet= ely defeat the purpose of using crypt_r() in the first place. I decide to use passwd_mutex only for ber_strdup(), which seems to be non = thread-safe according to ./libraries/liblber/memory.c. I created two patches for passwd.c. Both patches uses "data" as a local variable. =20 "case1" uses passwd_mutex for ber_strdup(), "case2" dose not so. For the time being , I am going to use "case1" due to the aforementioned th= read-safe concern about ber_strdup(). Best Regards, ************************************************ Yoshinori Nishino NEC Solution Innovators, Ltd. 1-18-7 Shinkiba, Koto-ku, Tokyo, 136-8627 Japan E-MAIL: yos-nishino(a)ys.jp.nec.com ************************************************ --_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_ Content-Type: application/octet-stream; name="openldap-slapd_crypt_case1.patch" Content-Description: openldap-slapd_crypt_case1.patch Content-Disposition: attachment; filename="openldap-slapd_crypt_case1.patch"; size=1345; creation-date="Sun, 03 Sep 2017 01:05:32 GMT"; modification-date="Sun, 03 Sep 2017 01:08:20 GMT" Content-Transfer-Encoding: base64 bW9kaWZ5IHBhc3N3ZC5jIHNvIHRoYXQgc2xhcGRfY3J5cHQoKSB1c2VzIGNyeXB0X3IoKS4KCmRp ZmYgLS1naXQgYS9wYXNzd2QuYy4gYi9wYXNzd2QuYwppbmRleCBkZmEzNzBjLi5hYzA3ZGQyIDEw MDY0NAotLS0gYS9wYXNzd2QuYworKysgYi9wYXNzd2QuYwpAQCAtMjMsOCArMjMsMTEgQEAKICNp bmNsdWRlIDxhYy91bmlzdGQuaD4KIAogI2lmZGVmIFNMQVBEX0NSWVBUCisjaWZkZWYgSEFWRV9D UllQVF9SCisjZGVmaW5lIF9fVVNFX0dOVQorI2VuZGlmIC8qIEhBVkVfQ1JZUFRfUiAqLwogI2lu Y2x1ZGUgPGFjL2NyeXB0Lmg+Ci0jZW5kaWYKKyNlbmRpZiAvKiBTTEFQRF9DUllQVCAqLwogCiAj aW5jbHVkZSAic2xhcC5oIgogCkBAIC01OTAsNiArNTkzLDMxIEBAIHNsYXBfcGFzc3dkX2hhc2go CiBzdGF0aWMgbGRhcF9wdnRfdGhyZWFkX211dGV4X3QgcGFzc3dkX211dGV4Owogc3RhdGljIGx1 dGlsX2NyeXB0ZnVuYyBzbGFwZF9jcnlwdDsKIAorI2lmZGVmIEhBVkVfQ1JZUFRfUgorc3RhdGlj IGludCBzbGFwZF9jcnlwdCggY29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFy ICoqaGFzaCApCit7CisJY2hhciAqY3I7CisJaW50IHJjOworCXN0cnVjdCBjcnlwdF9kYXRhIGRh dGE7CisgICAgCisJZGF0YS5pbml0aWFsaXplZCA9IDA7CisJY3IgPSBjcnlwdF9yKCBrZXksIHNh bHQsICZkYXRhICk7CisJaWYgKCBjciA9PSBOVUxMIHx8IGNyWzBdID09ICdcMCcgKSB7CisJCS8q IHNhbHQgbXVzdCBoYXZlIGJlZW4gaW52YWxpZCAqLworCQlyYyA9IExVVElMX1BBU1NXRF9FUlI7 CisJfSBlbHNlIHsKKwkJaWYgKCBoYXNoICkgeworCQkJKmhhc2ggPSBiZXJfc3RyZHVwKCBjciAp OworCQkJcmMgPSBMVVRJTF9QQVNTV0RfT0s7CisJCX0gZWxzZSB7CisJCQlyYyA9IHN0cmNtcCgg c2FsdCwgY3IgKSA/IExVVElMX1BBU1NXRF9FUlIgOiBMVVRJTF9QQVNTV0RfT0s7CisJCX0KKwl9 CisgCisgICAgZnJlZShkYXRhKTsKKyAgICByZXR1cm4gcmM7Cit9CisjZWxzZQogc3RhdGljIGlu dCBzbGFwZF9jcnlwdCggY29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoq aGFzaCApCiB7CiAJY2hhciAqY3I7CkBAIC02MTQsNiArNjQyLDggQEAgc3RhdGljIGludCBzbGFw ZF9jcnlwdCggY29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoqaGFzaCAp CiAJbGRhcF9wdnRfdGhyZWFkX211dGV4X3VubG9jayggJnBhc3N3ZF9tdXRleCApOwogCXJldHVy biByYzsKIH0KKyNlbmRpZiAvKiBIQVZFX0NSWVBUX1IgKi8KKwogI2VuZGlmIC8qIFNMQVBEX0NS WVBUICovCiAKIHZvaWQgc2xhcF9wYXNzd2RfaW5pdCgpCg== --_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_ Content-Type: application/octet-stream; name="openldap-slapd_crypt_case2.patch" Content-Description: openldap-slapd_crypt_case2.patch Content-Disposition: attachment; filename="openldap-slapd_crypt_case2.patch"; size=1444; creation-date="Sun, 03 Sep 2017 01:05:35 GMT"; modification-date="Sun, 03 Sep 2017 01:08:20 GMT" Content-Transfer-Encoding: base64 bW9kaWZ5IHBhc3N3ZC5jIHNvIHRoYXQgc2xhcGRfY3J5cHQoKSB1c2VzIGNyeXB0X3IoKS4KCmRp ZmYgLS1naXQgYS9wYXNzd2QuYyBiL3Bhc3N3ZC5jCmluZGV4IGRmYTM3MGMuLjM1ZDg3ZTUgMTAw NjQ0Ci0tLSBhL3Bhc3N3ZC5jCisrKyBiL3Bhc3N3ZC5jCkBAIC0yMyw4ICsyMywxMSBAQAogI2lu Y2x1ZGUgPGFjL3VuaXN0ZC5oPgogCiAjaWZkZWYgU0xBUERfQ1JZUFQKKyNpZmRlZiBIQVZFX0NS WVBUX1IKKyNkZWZpbmUgX19VU0VfR05VCisjZW5kaWYgLyogSEFWRV9DUllQVF9SICovCiAjaW5j bHVkZSA8YWMvY3J5cHQuaD4KLSNlbmRpZgorI2VuZGlmIC8qIFNMQVBEX0NSWVBUICovCiAKICNp bmNsdWRlICJzbGFwLmgiCiAKQEAgLTU5MCw2ICs1OTMsMzMgQEAgc2xhcF9wYXNzd2RfaGFzaCgK IHN0YXRpYyBsZGFwX3B2dF90aHJlYWRfbXV0ZXhfdCBwYXNzd2RfbXV0ZXg7CiBzdGF0aWMgbHV0 aWxfY3J5cHRmdW5jIHNsYXBkX2NyeXB0OwogCisjaWZkZWYgSEFWRV9DUllQVF9SCitzdGF0aWMg aW50IHNsYXBkX2NyeXB0KCBjb25zdCBjaGFyICprZXksIGNvbnN0IGNoYXIgKnNhbHQsIGNoYXIg KipoYXNoICkKK3sKKwljaGFyICpjcjsKKwlpbnQgcmM7CisJc3RydWN0IGNyeXB0X2RhdGEgZGF0 YTsKKyAgICAKKwlkYXRhLmluaXRpYWxpemVkID0gMDsKKwljciA9IGNyeXB0X3IoIGtleSwgc2Fs dCwgJmRhdGEgKTsKKwlpZiAoIGNyID09IE5VTEwgfHwgY3JbMF0gPT0gJ1wwJyApIHsKKwkJLyog c2FsdCBtdXN0IGhhdmUgYmVlbiBpbnZhbGlkICovCisJCXJjID0gTFVUSUxfUEFTU1dEX0VSUjsK Kwl9IGVsc2UgeworCQlpZiAoIGhhc2ggKSB7CisJCQlsZGFwX3B2dF90aHJlYWRfbXV0ZXhfbG9j ayggJnBhc3N3ZF9tdXRleCApOworCQkJKmhhc2ggPSBiZXJfc3RyZHVwKCBjciApOworCQkJbGRh cF9wdnRfdGhyZWFkX211dGV4X3VubG9jayggJnBhc3N3ZF9tdXRleCApOworCQkJcmMgPSBMVVRJ TF9QQVNTV0RfT0s7CisJCX0gZWxzZSB7CisJCQlyYyA9IHN0cmNtcCggc2FsdCwgY3IgKSA/IExV VElMX1BBU1NXRF9FUlIgOiBMVVRJTF9QQVNTV0RfT0s7CisJCX0KKwl9CisgCisgICAgZnJlZShk YXRhKTsKKyAgICByZXR1cm4gcmM7Cit9CisjZWxzZQogc3RhdGljIGludCBzbGFwZF9jcnlwdCgg Y29uc3QgY2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoqaGFzaCApCiB7CiAJY2hh ciAqY3I7CkBAIC02MTQsNiArNjQ0LDggQEAgc3RhdGljIGludCBzbGFwZF9jcnlwdCggY29uc3Qg Y2hhciAqa2V5LCBjb25zdCBjaGFyICpzYWx0LCBjaGFyICoqaGFzaCApCiAJbGRhcF9wdnRfdGhy ZWFkX211dGV4X3VubG9jayggJnBhc3N3ZF9tdXRleCApOwogCXJldHVybiByYzsKIH0KKyNlbmRp ZiAvKiBIQVZFX0NSWVBUX1IgKi8KKwogI2VuZGlmIC8qIFNMQVBEX0NSWVBUICovCiAKIHZvaWQg c2xhcF9wYXNzd2RfaW5pdCgpCg== --_003_282E583D7ED52C4FA3C4CC199465868B02801BECBPXM04GPgispnec_-- [View Less]

1 0

Re: (ITS#8350) lmdb SIGBUS error on full partition and possible double free issue
by vladimir.cunat＠nic.cz 01 Sep '17

01 Sep '17

On 09/01/2017 02:38 PM, Howard Chu wrote: > vladimir.cunat(a)nic.cz wrote: >> The documentation of txn_commit did confuse me (as well). >> https://github.com/LMDB/lmdb/blob/LMDB_0.9.21/libraries/liblmdb/lmdb.h#L994 >> >> Would you consider adding a line stressing that the txn gets released >> even in case any error is returned? (or something similar) I'm >> personally used to failing operations not "having externally observable >> effects" unless … [View More]

1 0

Re: (ITS#8350) lmdb SIGBUS error on full partition and possible double free issue
by hyc＠symas.com 01 Sep '17

01 Sep '17

vladimir.cunat(a)nic.cz wrote: > Hello! > >> The docs say quite clearly, after txn_commit the txn must not be used > again. > > The documentation of txn_commit did confuse me (as well). > https://github.com/LMDB/lmdb/blob/LMDB_0.9.21/libraries/liblmdb/lmdb.h#L994 > Would you consider adding a line stressing that the txn gets released > even in case any error is returned? (or something similar) I'm > personally used to failing operations not "having externally … [View More]

1 0

Re: (ITS#8719) slapd_crypt() become slow when many ldap cliant connections occur.
by hyc＠symas.com 01 Sep '17

01 Sep '17

Howard Chu wrote: > Yoshinori Nishino wrote: >> Dear Howard-san, >> >> >> Thanks to your advice, I could create the attached tentative patches. >=20 > Thanks, this looks much better. >> >> They modifies servers/slapd/passwd.c and configure.in >> so that running "./configure" can check whether or not crypt_r() exist= s >> and use the function in slapd_crypt() if possible. >> >> I am going to check whether or not "calloc()/free()… [View More]" causes >> unacceptable=E3=80=80memory fragmentation. >=20 > Never use calloc/malloc/free directly in slapd code. Always use=20 > ch_calloc/ch_malloc/ch_free. >=20 > In this particular case, there's no reason to allocate at all. Just def= ine=20 > "struct crypt_data data" as a local variable. Also there's no reason to lock the passwd_mutex at all. That would comple= tely=20 defeat the purpose of using crypt_r() in the first place. >> >> >> Best Regards, >> ------------------------------------------------ >> On 2017/09/01 20:23, Yoshinori Nishino wrote: >>> >>> >>> On 2017/08/30 20:46, Yoshinori Nishino wrote: >>>> Dear Howard-san, >>>> >>>> >>>> Thank you so much for your prompt advice. >>>> >>>> As you told, I need to check whether or not crypt_r() exists. >>>> I am going to consider including the check. >>>> >>>> Would it be possible to let me know whether there are any other >>>> concerns about the fix if we can use crypt_r()? >>>> >>>> The implementation that "both calloc() and free() occur every time >>>> slapd_crypt() is called" does not seem to look good. >>>> The callers of slapd_crypt() might be able to get the memory for >>>> "struct crypt_data" before they call it. >>>> However, I think it causes the changes of other source codes. >>>> So, I think the aforementioned implementation is a workaround for th= e >>>> slowdown if the risk of memory fragmentation can be acceptable. >>>> >>>> On the other hands, I think we do not need to care about strcmp() >>>> because it is thread-safe. >>>> >>>> >>>> Best Regards, >>>> ---------------------------------------- >>>> On 2017/08/30 19:26, Howard Chu wrote: >>>>> yos-nishino(a)ys.jp.nec.com wrote: >>>>>> Full_Name: Yoshinori Nishino >>>>>> Version: 2.4.45 >>>>>> OS: CentOS 7 >>>>>> URL: ftp://ftp.openldap.org/incoming/ >>>>>> Submission from: (NULL) (210.143.35.20) >>>>>> >>>>>> >>>>>> Dear sir, >>>>>> >>>>>> The function slapd_crypt() in servers/slapd/passwd.c seems to beco= me >>>>>> slow when >>>>>> many ldap client connections occur. >>>>>> It seems it is because the function uses crypt()(non thread-safe >>>>>> function) and >>>>>> pthread_mutex_lock(), which results in the slowdown. >>>>>> #Besides, we need to use {CRYPT} hash as users' password hash. >>>>>> >>>>>> So, I modified servers/slapd/passwd.c like the following. >>>>>> As a result, slapd_crypt() becomes much faster under the same >>>>>> condition. >>>>>> Would you let me know whether or not the fix is appropriate for sl= apd? >>>>> >>>>> No it is not an appropriate fix. >>>>> >>>>> You should add an autoconf test to check for the existence of the >>>>> crypt_r function, and use an #ifdef here based on the result of tha= t >>>>> test, since crypt_r is a non-standard function. >>>>>> >> >> >=20 >=20 --=20 -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ [View Less]

1 0

Re: (ITS#8719) slapd_crypt() become slow when many ldap cliant connections occur.
by hyc＠symas.com 01 Sep '17

01 Sep '17

Yoshinori Nishino wrote: > Dear Howard-san, >=20 >=20 > Thanks to your advice, I could create the attached tentative patches. Thanks, this looks much better. >=20 > They modifies servers/slapd/passwd.c and configure.in > so that running "./configure" can check whether or not crypt_r() exists > and use the function in slapd_crypt() if possible. >=20 > I am going to check whether or not "calloc()/free()" causes > unacceptable=E3=80=80memory fragmentation. Never … [View More]use calloc/malloc/free directly in slapd code. Always use=20 ch_calloc/ch_malloc/ch_free. In this particular case, there's no reason to allocate at all. Just defin= e=20 "struct crypt_data data" as a local variable. >=20 >=20 > Best Regards, > ------------------------------------------------ > On 2017/09/01 20:23, Yoshinori Nishino wrote: >> >> >> On 2017/08/30 20:46, Yoshinori Nishino wrote: >>> Dear Howard-san, >>> >>> >>> Thank you so much for your prompt advice. >>> >>> As you told, I need to check whether or not crypt_r() exists. >>> I am going to consider including the check. >>> >>> Would it be possible to let me know whether there are any other >>> concerns about the fix if we can use crypt_r()? >>> >>> The implementation that "both calloc() and free() occur every time >>> slapd_crypt() is called" does not seem to look good. >>> The callers of slapd_crypt() might be able to get the memory for >>> "struct crypt_data" before they call it. >>> However, I think it causes the changes of other source codes. >>> So, I think the aforementioned implementation is a workaround for the >>> slowdown if the risk of memory fragmentation can be acceptable. >>> >>> On the other hands, I think we do not need to care about strcmp() >>> because it is thread-safe. >>> >>> >>> Best Regards, >>> ---------------------------------------- >>> On 2017/08/30 19:26, Howard Chu wrote: >>>> yos-nishino(a)ys.jp.nec.com wrote: >>>>> Full_Name: Yoshinori Nishino >>>>> Version: 2.4.45 >>>>> OS: CentOS 7 >>>>> URL: ftp://ftp.openldap.org/incoming/ >>>>> Submission from: (NULL) (210.143.35.20) >>>>> >>>>> >>>>> Dear sir, >>>>> >>>>> The function slapd_crypt() in servers/slapd/passwd.c seems to becom= e >>>>> slow when >>>>> many ldap client connections occur. >>>>> It seems it is because the function uses crypt()(non thread-safe >>>>> function) and >>>>> pthread_mutex_lock(), which results in the slowdown. >>>>> #Besides, we need to use {CRYPT} hash as users' password hash. >>>>> >>>>> So, I modified servers/slapd/passwd.c like the following. >>>>> As a result, slapd_crypt() becomes much faster under the same >>>>> condition. >>>>> Would you let me know whether or not the fix is appropriate for sla= pd? >>>> >>>> No it is not an appropriate fix. >>>> >>>> You should add an autoconf test to check for the existence of the >>>> crypt_r function, and use an #ifdef here based on the result of that >>>> test, since crypt_r is a non-standard function. >>>>> >=20 >=20 --=20 -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ [View Less]

1 0

Re: (ITS#8350) lmdb SIGBUS error on full partition and possible double free issue
by vladimir.cunat＠nic.cz 01 Sep '17

01 Sep '17

Hello! > The docs say quite clearly, after txn_commit the txn must not be used again. The documentation of txn_commit did confuse me (as well). https://github.com/LMDB/lmdb/blob/LMDB_0.9.21/libraries/liblmdb/lmdb.h#L994 Would you consider adding a line stressing that the txn gets released even in case any error is returned? (or something similar) I'm personally used to failing operations not "having externally observable effects" unless explicitly stated. Thanks. --Vladimir

1 0

Re: (ITS#8719) slapd_crypt() become slow when many ldap cliant connections occur.
by yos-nishino＠ys.jp.nec.com 01 Sep '17

01 Sep '17

--_003_ae98b5ab2c831747beb16297218b350eysjpneccom_ Content-Type: text/plain; charset="utf-8" Content-ID: <514C194789057D4F9AD83D779D27265A(a)gisp.nec.co.jp> Content-Transfer-Encoding: base64 RGVhciBIb3dhcmQtc2FuLA0KDQoNClRoYW5rcyB0byB5b3VyIGFkdmljZSwgSSBjb3VsZCBjcmVh dGUgdGhlIGF0dGFjaGVkIHRlbnRhdGl2ZSBwYXRjaGVzLg0KDQpUaGV5IG1vZGlmaWVzIHNlcnZl cnMvc2xhcGQvcGFzc3dkLmMgYW5kIGNvbmZpZ3VyZS5pbg0Kc28gdGhhdCBydW5uaW5nICIuL2Nv … [View More]bmZpZ3VyZSIgY2FuIGNoZWNrIHdoZXRoZXIgb3Igbm90IGNyeXB0X3IoKSBleGlzdHMNCmFuZCB1 c2UgdGhlIGZ1bmN0aW9uIGluIHNsYXBkX2NyeXB0KCkgaWYgcG9zc2libGUuDQoNCkkgYW0gZ29p bmcgdG8gY2hlY2sgd2hldGhlciBvciBub3QgImNhbGxvYygpL2ZyZWUoKSIgY2F1c2VzIA0KdW5h Y2NlcHRhYmxl44CAbWVtb3J5IGZyYWdtZW50YXRpb24uDQoNCg0KQmVzdCBSZWdhcmRzLA0KLS0t LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQpPbiAyMDE3LzA5 LzAxIDIwOjIzLCBZb3NoaW5vcmkgTmlzaGlubyB3cm90ZToNCj4gDQo+IA0KPiBPbiAyMDE3LzA4 LzMwIDIwOjQ2LCBZb3NoaW5vcmkgTmlzaGlubyB3cm90ZToNCj4+IERlYXIgSG93YXJkLXNhbiwN Cj4+DQo+Pg0KPj4gVGhhbmsgeW91IHNvIG11Y2ggZm9yIHlvdXIgcHJvbXB0IGFkdmljZS4NCj4+ DQo+PiBBcyB5b3UgdG9sZCwgSSBuZWVkIHRvIGNoZWNrIHdoZXRoZXIgb3Igbm90IGNyeXB0X3Io KSBleGlzdHMuDQo+PiBJIGFtIGdvaW5nIHRvIGNvbnNpZGVyIGluY2x1ZGluZyB0aGUgY2hlY2su DQo+Pg0KPj4gV291bGQgaXQgYmUgcG9zc2libGUgdG8gbGV0IG1lIGtub3cgd2hldGhlciB0aGVy ZSBhcmUgYW55IG90aGVyIA0KPj4gY29uY2VybnMgYWJvdXQgdGhlIGZpeCBpZiB3ZSBjYW4gdXNl IGNyeXB0X3IoKT8NCj4+DQo+PiBUaGUgaW1wbGVtZW50YXRpb24gdGhhdCAiYm90aCBjYWxsb2Mo KSBhbmQgZnJlZSgpIG9jY3VyIGV2ZXJ5IHRpbWUgDQo+PiBzbGFwZF9jcnlwdCgpIGlzIGNhbGxl ZCIgZG9lcyBub3Qgc2VlbSB0byBsb29rIGdvb2QuDQo+PiBUaGUgY2FsbGVycyBvZiBzbGFwZF9j cnlwdCgpIG1pZ2h0IGJlIGFibGUgdG8gZ2V0IHRoZSBtZW1vcnkgZm9yIA0KPj4gInN0cnVjdCBj cnlwdF9kYXRhIiBiZWZvcmUgdGhleSBjYWxsIGl0Lg0KPj4gSG93ZXZlciwgSSB0aGluayBpdCBj YXVzZXMgdGhlIGNoYW5nZXMgb2Ygb3RoZXIgc291cmNlIGNvZGVzLg0KPj4gU28sIEkgdGhpbmsg dGhlIGFmb3JlbWVudGlvbmVkIGltcGxlbWVudGF0aW9uIGlzIGEgd29ya2Fyb3VuZCBmb3IgdGhl IA0KPj4gc2xvd2Rvd24gaWYgdGhlIHJpc2sgb2YgbWVtb3J5IGZyYWdtZW50YXRpb24gY2FuIGJl IGFjY2VwdGFibGUuDQo+Pg0KPj4gT24gdGhlIG90aGVyIGhhbmRzLCBJIHRoaW5rIHdlIGRvIG5v dCBuZWVkIHRvIGNhcmUgYWJvdXQgc3RyY21wKCkgDQo+PiBiZWNhdXNlIGl0IGlzIHRocmVhZC1z YWZlLg0KPj4NCj4+DQo+PiBCZXN0IFJlZ2FyZHMsDQo+PiAtLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0tLS0tLS0tDQo+PiBPbiAyMDE3LzA4LzMwIDE5OjI2LCBIb3dhcmQgQ2h1IHdy b3RlOg0KPj4+IHlvcy1uaXNoaW5vQHlzLmpwLm5lYy5jb20gd3JvdGU6DQo+Pj4+IEZ1bGxfTmFt ZTogWW9zaGlub3JpIE5pc2hpbm8NCj4+Pj4gVmVyc2lvbjogMi40LjQ1DQo+Pj4+IE9TOiBDZW50 T1MgNw0KPj4+PiBVUkw6IGZ0cDovL2Z0cC5vcGVubGRhcC5vcmcvaW5jb21pbmcvDQo+Pj4+IFN1 Ym1pc3Npb24gZnJvbTogKE5VTEwpICgyMTAuMTQzLjM1LjIwKQ0KPj4+Pg0KPj4+Pg0KPj4+PiBE ZWFyIHNpciwNCj4+Pj4NCj4+Pj4gVGhlIGZ1bmN0aW9uIHNsYXBkX2NyeXB0KCkgaW4gc2VydmVy cy9zbGFwZC9wYXNzd2QuYyBzZWVtcyB0byBiZWNvbWUgDQo+Pj4+IHNsb3cgd2hlbg0KPj4+PiBt YW55IGxkYXAgY2xpZW50IGNvbm5lY3Rpb25zIG9jY3VyLg0KPj4+PiBJdCBzZWVtcyBpdCBpcyBi ZWNhdXNlIHRoZSBmdW5jdGlvbiB1c2VzIGNyeXB0KCkobm9uIHRocmVhZC1zYWZlIA0KPj4+PiBm dW5jdGlvbikgYW5kDQo+Pj4+IHB0aHJlYWRfbXV0ZXhfbG9jaygpLCB3aGljaCByZXN1bHRzIGlu IHRoZSBzbG93ZG93bi4NCj4+Pj4gI0Jlc2lkZXMsIHdlIG5lZWQgdG8gdXNlIHtDUllQVH0gaGFz aCBhcyB1c2VycycgcGFzc3dvcmQgaGFzaC4NCj4+Pj4NCj4+Pj4gU28sIEkgbW9kaWZpZWQgc2Vy dmVycy9zbGFwZC9wYXNzd2QuYyBsaWtlIHRoZSBmb2xsb3dpbmcuDQo+Pj4+IEFzIGEgcmVzdWx0 LCBzbGFwZF9jcnlwdCgpIGJlY29tZXMgbXVjaCBmYXN0ZXIgdW5kZXIgdGhlIHNhbWUgDQo+Pj4+ IGNvbmRpdGlvbi4NCj4+Pj4gV291bGQgeW91IGxldCBtZSBrbm93IHdoZXRoZXIgb3Igbm90IHRo ZSBmaXggaXMgYXBwcm9wcmlhdGUgZm9yIHNsYXBkPw0KPj4+DQo+Pj4gTm8gaXQgaXMgbm90IGFu IGFwcHJvcHJpYXRlIGZpeC4NCj4+Pg0KPj4+IFlvdSBzaG91bGQgYWRkIGFuIGF1dG9jb25mIHRl c3QgdG8gY2hlY2sgZm9yIHRoZSBleGlzdGVuY2Ugb2YgdGhlIA0KPj4+IGNyeXB0X3IgZnVuY3Rp b24sIGFuZCB1c2UgYW4gI2lmZGVmIGhlcmUgYmFzZWQgb24gdGhlIHJlc3VsdCBvZiB0aGF0IA0K Pj4+IHRlc3QsIHNpbmNlIGNyeXB0X3IgaXMgYSBub24tc3RhbmRhcmQgZnVuY3Rpb24uDQo+Pj4+ DQoNCg0KLS0gDQoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq KioNCllvc2hpbm9yaSBOaXNoaW5vDQoNCk5FQyBTb2x1dGlvbiBJbm5vdmF0b3JzLCBMdGQuDQox LTE4LTcgU2hpbmtpYmEsIEtvdG8ta3UsIFRva3lvLCAxMzYtODYyNyBKYXBhbg0KRS1NQUlMOiB5 b3MtbmlzaGlub0B5cy5qcC5uZWMuY29tDQoqKioqKioqKioqKioqKioqKioqKioqKioqKioqKioq KioqKioqKioqKioqKioqKioNCg== --_003_ae98b5ab2c831747beb16297218b350eysjpneccom_ Content-Type: text/plain; name="openldap-slapd_crypt.patch" Content-Description: openldap-slapd_crypt.patch Content-Disposition: attachment; filename="openldap-slapd_crypt.patch"; size=1542; creation-date="Fri, 01 Sep 2017 11:42:36 GMT"; modification-date="Fri, 01 Sep 2017 11:42:36 GMT" Content-ID: <529021D243717746A9BA512F0ED0DA1A(a)gisp.nec.co.jp> Content-Transfer-Encoding: base64 bW9kaWZ5IHBhc3N3ZC5jIHNvIHRoYXQgc2xhcGRfY3J5cHQoKSB1c2VzIGNyeXB0X3IoKS4KCmRp ZmYgLS1naXQgYS9zZXJ2ZXJzL3NsYXBkL3Bhc3N3ZC5jIGIvc2VydmVycy9zbGFwZC9wYXNzd2Qu YwppbmRleCBkZmEzNzBjLi45YTUyM2VlIDEwMDY0NAotLS0gYS9zZXJ2ZXJzL3NsYXBkL3Bhc3N3 ZC5jCisrKyBiL3NlcnZlcnMvc2xhcGQvcGFzc3dkLmMKQEAgLTIzLDggKzIzLDExIEBACiAjaW5j bHVkZSA8YWMvdW5pc3RkLmg+CiAKICNpZmRlZiBTTEFQRF9DUllQVAorI2lmZGVmIEhBVkVfQ1JZ UFRfUgorI2RlZmluZSBfX1VTRV9HTlUKKyNlbmRpZiAvKiBIQVZFX0NSWVBUX1IgKi8KICNpbmNs dWRlIDxhYy9jcnlwdC5oPgotI2VuZGlmCisjZW5kaWYgLyogU0xBUERfQ1JZUFQgKi8KIAogI2lu Y2x1ZGUgInNsYXAuaCIKIApAQCAtNTkwLDYgKzU5MywzNCBAQCBzbGFwX3Bhc3N3ZF9oYXNoKAog c3RhdGljIGxkYXBfcHZ0X3RocmVhZF9tdXRleF90IHBhc3N3ZF9tdXRleDsKIHN0YXRpYyBsdXRp bF9jcnlwdGZ1bmMgc2xhcGRfY3J5cHQ7CiAKKyNpZmRlZiBIQVZFX0NSWVBUX1IKK3N0YXRpYyBp bnQgc2xhcGRfY3J5cHQoIGNvbnN0IGNoYXIgKmtleSwgY29uc3QgY2hhciAqc2FsdCwgY2hhciAq Kmhhc2ggKQoreworCWNoYXIgKmNyOworCWludCByYzsKKwlzdHJ1Y3QgY3J5cHRfZGF0YSAqZGF0 YTsKKworCWRhdGEgPSAoc3RydWN0IGNyeXB0X2RhdGEgKiljYWxsb2MoMSwgc2l6ZW9mKHN0cnVj dCBjcnlwdF9kYXRhKSk7CisKKwljciA9IGNyeXB0X3IoIGtleSwgc2FsdCwgZGF0YSApOworCWlm ICggY3IgPT0gTlVMTCB8fCBjclswXSA9PSAnXDAnICkgeworCQkvKiBzYWx0IG11c3QgaGF2ZSBi ZWVuIGludmFsaWQgKi8KKwkJcmMgPSBMVVRJTF9QQVNTV0RfRVJSOworCX0gZWxzZSB7CisJCWlm ICggaGFzaCApIHsKKwkJCWxkYXBfcHZ0X3RocmVhZF9tdXRleF9sb2NrKCAmcGFzc3dkX211dGV4 ICk7CisJCQkqaGFzaCA9IGJlcl9zdHJkdXAoIGNyICk7CisJCQlsZGFwX3B2dF90aHJlYWRfbXV0 ZXhfdW5sb2NrKCAmcGFzc3dkX211dGV4ICk7CisJCQlyYyA9IExVVElMX1BBU1NXRF9PSzsKKwkJ fSBlbHNlIHsKKwkJCXJjID0gc3RyY21wKCBzYWx0LCBjciApID8gTFVUSUxfUEFTU1dEX0VSUiA6 IExVVElMX1BBU1NXRF9PSzsKKwkJfQorCX0KKyAKKyAgICBmcmVlKGRhdGEpOworICAgIHJldHVy biByYzsKK30KKyNlbHNlCiBzdGF0aWMgaW50IHNsYXBkX2NyeXB0KCBjb25zdCBjaGFyICprZXks IGNvbnN0IGNoYXIgKnNhbHQsIGNoYXIgKipoYXNoICkKIHsKIAljaGFyICpjcjsKQEAgLTYxNCw2 ICs2NDUsOCBAQCBzdGF0aWMgaW50IHNsYXBkX2NyeXB0KCBjb25zdCBjaGFyICprZXksIGNvbnN0 IGNoYXIgKnNhbHQsIGNoYXIgKipoYXNoICkKIAlsZGFwX3B2dF90aHJlYWRfbXV0ZXhfdW5sb2Nr KCAmcGFzc3dkX211dGV4ICk7CiAJcmV0dXJuIHJjOwogfQorI2VuZGlmIC8qIEhBVkVfQ1JZUFRf UiAqLworCiAjZW5kaWYgLyogU0xBUERfQ1JZUFQgKi8KIAogdm9pZCBzbGFwX3Bhc3N3ZF9pbml0 KCkK --_003_ae98b5ab2c831747beb16297218b350eysjpneccom_ Content-Type: text/plain; name="openldap-slapd_crypt-configure.patch" Content-Description: openldap-slapd_crypt-configure.patch Content-Disposition: attachment; filename="openldap-slapd_crypt-configure.patch"; size=756; creation-date="Fri, 01 Sep 2017 11:42:36 GMT"; modification-date="Fri, 01 Sep 2017 11:42:36 GMT" Content-ID: <4C143CD72661D741AAEA56FC06DE3DE1(a)gisp.nec.co.jp> Content-Transfer-Encoding: base64 bW9kaWZ5IGNvbmZpZ3VyZS5pbiBzbyB0aGF0IHNsYXBkX2NyeXB0KCkgdXNlcyBjcnlwdF9yKCku CgoKZGlmZiAtLWdpdCBhL2NvbmZpZ3VyZS5pbiBiL2NvbmZpZ3VyZS5pbgppbmRleCAzYzE4MTU0 Li5iZDc1M2U1IDEwMDY0NAotLS0gYS9jb25maWd1cmUuaW4KKysrIGIvY29uZmlndXJlLmluCkBA IC0yMTk3LDEwICsyMTk3LDE2IEBAIGlmIHRlc3QgJG9sX2VuYWJsZV9jcnlwdCAhPSBubyA7IHRo ZW4KIAkJQUNfQ0hFQ0tfTElCKGNyeXB0LCBjcnlwdCwgW0xVVElMX0xJQlM9IiRMVVRJTF9MSUJT IC1sY3J5cHQiCiAJCQloYXZlX2NyeXB0PXllc10sIFtoYXZlX2NyeXB0PW5vXSldKQogCisJTElC Uz0iJFRMU19MSUJTICRMSUJTIgorCUFDX0NIRUNLX0xJQihjcnlwdCwgY3J5cHRfciwgW2hhdmVf Y3J5cHRfcj15ZXNdLCBbaGF2ZV9jcnlwdF9yPW5vXSkKKwogCUxJQlM9IiRzYXZlX0xJQlMiCiAK IAlpZiB0ZXN0ICRoYXZlX2NyeXB0ID0geWVzIDsgdGhlbgogCQlBQ19ERUZJTkUoSEFWRV9DUllQ VCwxLCBbZGVmaW5lIGlmIGNyeXB0KDMpIGlzIGF2YWlsYWJsZV0pCisJCWlmIHRlc3QgJGhhdmVf Y3J5cHRfciA9IHllcyA7IHRoZW4KKwkJCUFDX0RFRklORShIQVZFX0NSWVBUX1IsIDEsIFtkZWZp bmUgaWYgY3J5cHRfcigpIGlzIGFsc28gYXZhaWxhYmxlXSkKKwkJZmkKIAllbHNlCiAJCUFDX01T R19XQVJOKFtjb3VsZCBub3QgZmluZCBjcnlwdF0pCiAJCWlmIHRlc3QgJG9sX2VuYWJsZV9jcnlw dCA9IHllcyA7IHRoZW4K --_003_ae98b5ab2c831747beb16297218b350eysjpneccom_-- [View Less]

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs September 2017