From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Thu, 14 Oct 2021 15:46:14 +0000 (-0500)
Subject: ldap: Add thread local dummy handles to pass to functions which don't really need... 
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=21c407509517e367de7ae216efb1aa15352b2c2b;p=thirdparty%2Ffreeradius-server.git

ldap: Add thread local dummy handles to pass to functions which don't really need a handle
---

diff --git a/src/lib/ldap/base.c b/src/lib/ldap/base.c
index 293c03407c3..8524355e06a 100644
--- a/src/lib/ldap/base.c
+++ b/src/lib/ldap/base.c
@@ -39,6 +39,9 @@ USES_APPLE_DEPRECATED_API
 
 LDAP *ldap_global_handle;			//!< Hack for OpenLDAP libldap global initialisation.
 
+static _Thread_local LDAP *ldap_thread_local_handle;	//!< Hack for functions which require an ldap handle
+						///< but don't actually use it for anything.
+
 static uint32_t instance_count = 0;
 
 /** Used to set the global log prefix for functions which don't operate on connections
@@ -1120,6 +1123,41 @@ fr_ldap_query_t *fr_ldap_modify_alloc(TALLOC_CTX *ctx, char const *dn,
 	return query;
 }
 
+static void _ldap_handle_thread_local_free(void *handle)
+{
+#ifdef HAVE_LDAP_UNBIND_EXT_S
+	ldap_unbind_ext_s(handle, NULL, NULL);
+#else
+	ldap_unbind_s(handle);
+#endif
+}
+
+/** Get a thread local dummy LDAP handle
+ *
+ * Many functions in the OpenLDAP API don't actually use the handle
+ * for anything other than writing out error codes.
+ *
+ * This is true for most of the LDAP extensions API functions.
+ *
+ * This gives us a reusable handle that was can pass to those
+ * functions when we don't already have one available.
+ */
+LDAP *fr_ldap_handle_thread_local(void)
+{
+	if (!ldap_thread_local_handle) {
+		LDAP *handle;
+
+#ifdef HAVE_LDAP_INITIALIZE
+		ldap_initialize(&handle, "");
+#else
+		handle = ldap_init("", 0);
+#endif
+		fr_atexit_thread_local(ldap_thread_local_handle, _ldap_handle_thread_local_free, handle);
+	}
+
+	return ldap_thread_local_handle;
+}
+
 /** Change settings global to libldap
  *
  * May only be called once.  Subsequent calls will be ignored.
diff --git a/src/lib/ldap/base.h b/src/lib/ldap/base.h
index d6f75ede83f..1dd2b7da521 100644
--- a/src/lib/ldap/base.h
+++ b/src/lib/ldap/base.h
@@ -656,6 +656,8 @@ fr_ldap_rcode_t	fr_ldap_result(LDAPMessage **result, LDAPControl ***ctrls,
 			       char const *dn,
 			       fr_time_delta_t timeout);
 
+LDAP		*fr_ldap_handle_thread_local(void);
+
 int		fr_ldap_global_config(int debug_level, char const *tls_random_file);
 
 int		fr_ldap_init(void);