auth: ldap: Stop re-sending request after 3 disconnect+reconnects

This prevents retrying the same LDAP request forever in situations where the
request causes LDAP server to become disconnected. This might fix some real
issues, but it was mainly implemented because testing the following commit
caused infinite looping.

diff --git a/src/auth/db-ldap.c b/src/auth/db-ldap.c
index 1b69a4911c57a50afc868647d51f8e404004da87..602cc079c13c9c377c4d2576cca6468a327e3696 100644 (file)
--- a/src/auth/db-ldap.c
+++ b/src/auth/db-ldap.c
@@ -49,6 +49,8 @@
 #  define LDAP_OPT_SUCCESS LDAP_SUCCESS
 #endif
 
+#define DB_LDAP_REQUEST_MAX_ATTEMPT_COUNT 3
+
 static const char *LDAP_ESCAPE_CHARS = "*,\\#+<>;\"()= ";
 
 struct db_ldap_result {
@@ -399,18 +401,25 @@ static bool db_ldap_request_queue_next(struct ldap_connection *conn)
                break;
        }
 
-       switch (request->type) {
-       case LDAP_REQUEST_TYPE_BIND:
-               ret = db_ldap_request_bind(conn, request);
-               break;
-       case LDAP_REQUEST_TYPE_SEARCH:
-               ret = db_ldap_request_search(conn, request);
-               break;
+       if (request->send_count >= DB_LDAP_REQUEST_MAX_ATTEMPT_COUNT) {
+               /* Enough many times retried. Server just keeps disconnecting
+                  whenever attempting to send the request. */
+               ret = 0;
+       } else {
+               switch (request->type) {
+               case LDAP_REQUEST_TYPE_BIND:
+                       ret = db_ldap_request_bind(conn, request);
+                       break;
+               case LDAP_REQUEST_TYPE_SEARCH:
+                       ret = db_ldap_request_search(conn, request);
+                       break;
+               }
        }
 
        if (ret > 0) {
                /* success */
                i_assert(request->msgid != -1);
+               request->send_count++;
                conn->pending_count++;
                return TRUE;
        } else if (ret < 0) {

diff --git a/src/auth/db-ldap.h b/src/auth/db-ldap.h
index e69d716e64bb3101de6442563f0242acb59f4eae..e919e79e3dfe7bc6867873a3a71f1e0fecb89e7d 100644 (file)
--- a/src/auth/db-ldap.h
+++ b/src/auth/db-ldap.h
@@ -104,6 +104,11 @@ struct ldap_request {
        /* timestamp when request was created */
        time_t create_time;
 
+       /* Number of times this request has been sent to LDAP server. This
+          increases when LDAP gets disconnected and reconnect send the request
+          again. */
+       unsigned int send_count;
+
        bool failed:1;
        /* This is to prevent double logging the result */
        bool result_logged:1;