[Auth_ldap] Another memory leak?

jean-jacques.de-jong at st.com jean-jacques.de-jong at st.com
Fri Dec 15 01:33:44 PST 2000 

     Just another remark. In the access logs of our LDAP server, it appears 
     that each authentication opens an LDAP connection but never closes it. 
     Eventually the connection is closed after a time-out. Could the hang 
     be due to too many open connections?
     
     JJJ


______________________________ Forward Header __________________________________
Subject: Re: [Auth_ldap] Another memory leak?
Author:  Jean-jacques DE-JONG at france,crolles,02
Date:    14/12/2000 15:09


     I must say that I installed auth_ldap 1.4.7 and that I still have the 
     problem I mentioned before, i.e. the memory usage gradually increases, 
     auth_ldap hangs, I restart apache: the memory usage drops and 
     everything is OK again for a while. The "while" however seems to be 
     longer than before 1.4.7.
     
     JJJ


______________________________ Reply Separator _________________________________
Subject: [Auth_ldap] Another memory leak?
Author:  richarde (richarde at eskom.co.za) at internet
Date:    14/12/2000 13:03


There may still be a memory leak in auth_ldap, but probably not as severe as the
 previous one. This one may only happen on an error.

Look at the following code just after the ldap search:

  if (result != LDAP_SUCCESS) {
    auth_ldap_log_reason(r, "LDAP search for %s failed: LDAP error: %s; URI %s",

                         filtbuf, ldap_err2string(result), r->uri);
    auth_ldap_release_mutex(sec->ldc->mtx);
    return sec->auth_authoritative? AUTH_REQUIRED : DECLINED;
  }

The man page for ldap search says that memory may be allocated. What happens whe
n a non fatal error occurs, like a timeout? Has the memory already been allocate
d, or will the memory automatically get freed on an error. Maybe it could be a G
ood Thing(TM) to add a free memory here too?

The following errors from ldap.h may be non fatal:

#define LDAP_OPERATIONS_ERROR           0x01
#define LDAP_PROTOCOL_ERROR             0x02
#define LDAP_TIMELIMIT_EXCEEDED         0x03
#define LDAP_SIZELIMIT_EXCEEDED         0x04

There are a couple of others too.

Another thing that I would like is for the connection to be closed to the existi
ng LDAP server and re-opended on some of the error conditions. Some of the setti
ngs can be tuned on the LDAP server. On our Novell environment, the sizelimit an
d timelimit can be done per server, so maybe the other server has different valu
es.

--
Richard Ellerbrock
richarde at eskom.co.za

_______________________________________________
Auth_ldap mailing list
Auth_ldap at rudedog.org
http://www.rudedog.org/mailman/listinfo/auth_ldap

More information about the Auth_ldap mailing list