From: Ondřej Kuzník Date: Wed, 7 Sep 2022 14:01:15 +0000 (+0100) Subject: ITS#9853 Allow inheriting lastbind precision from the frontend X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=294a16c10c28d461c9e29c654fef96fc4128aec8;p=thirdparty%2Fopenldap.git ITS#9853 Allow inheriting lastbind precision from the frontend --- diff --git a/doc/man/man5/slapd-config.5 b/doc/man/man5/slapd-config.5 index c83acb9137..af16c5e51f 100644 --- a/doc/man/man5/slapd-config.5 +++ b/doc/man/man5/slapd-config.5 @@ -1508,7 +1508,9 @@ will be updated. More than .B integer seconds must have passed since the last successful bind. In a replicated environment with frequent bind activity it may be -useful to set this to a large value. +useful to set this to a large value. On a backend, if set to +.B 0 +(the default), the value set on the frontend is used. .TP .B olcLimits: [ [...]] Specify time and size limits based on the operation's initiator or diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5 index c7344b234e..fdebcbdd55 100644 --- a/doc/man/man5/slapd.conf.5 +++ b/doc/man/man5/slapd.conf.5 @@ -1411,7 +1411,9 @@ will be updated. More than .B integer seconds must have passed since the last successful bind. In a replicated environment with frequent bind activity it may be -useful to set this to a large value. +useful to set this to a large value. On a backend, if set to +.B 0 +(the default), the value set on the frontend is used. .TP .B limits [ [...]] Specify time and size limits based on the operation's initiator or diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c index 19598f11a1..ca04e4bc4d 100644 --- a/servers/slapd/bind.c +++ b/servers/slapd/bind.c @@ -424,6 +424,11 @@ fe_op_lastbind( Operation *op ) if ( (a = attr_find( e->e_attrs, slap_schema.si_ad_pwdLastSuccess )) != NULL ) { struct lutil_tm tm; struct lutil_timet tt; + unsigned int precision = op->o_bd->be_lastbind_precision; + + if ( precision == 0 ) { + precision = frontendDB->be_lastbind_precision; + } if ( lutil_parsetime( a->a_nvals[0].bv_val, &tm ) == 0 ) { lutil_tm2time( &tm, &tt ); @@ -437,8 +442,7 @@ fe_op_lastbind( Operation *op ) * TODO: If the recorded bind time is within configurable precision, * it doesn't need to be updated (save a write for nothing) */ - if ( bindtime != (time_t)-1 && - op->o_time <= bindtime + op->o_bd->be_lastbind_precision ) { + if ( bindtime != (time_t)-1 && op->o_time <= bindtime + precision ) { be_entry_release_r( op, e ); return LDAP_SUCCESS; }