From: Nick Porter <nick@portercomputing.co.uk>
Date: Tue, 11 Apr 2023 14:57:09 +0000 (+0100)
Subject: Define thread specific trunk to use for LDAP bind auth
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f1966285fb0406fa83d811323f1543572e184245;p=thirdparty%2Ffreeradius-server.git

Define thread specific trunk to use for LDAP bind auth

And associated function to allocate / retrieve the trunk
---

diff --git a/src/lib/ldap/base.h b/src/lib/ldap/base.h
index 97611765861..7e010a4873c 100644
--- a/src/lib/ldap/base.h
+++ b/src/lib/ldap/base.h
@@ -382,6 +382,7 @@ typedef struct {
 	fr_trunk_conf_t		*bind_trunk_conf;	//!< Trunk config for bind auth trunk
 	fr_event_list_t		*el;		//!< Thread event list for callbacks / timeouts
 	fr_connection_t		*conn;		//!< LDAP connection used for bind auths
+	fr_ldap_thread_trunk_t	*bind_trunk;	//!< LDAP trunk used for bind auths
 	fr_rb_tree_t		*binds;		//!< Tree of outstanding bind auths
 } fr_ldap_thread_t;
 
@@ -852,6 +853,8 @@ fr_ldap_thread_trunk_t	*fr_thread_ldap_trunk_get(fr_ldap_thread_t *thread, char
 
 fr_trunk_state_t fr_thread_ldap_trunk_state(fr_ldap_thread_t *thread, char const *uri, char const *bind_dn);
 
+fr_ldap_thread_trunk_t	*fr_thread_ldap_bind_trunk_get(fr_ldap_thread_t *thread);
+
 /*
  *	state.c - Connection state machine
  */
diff --git a/src/lib/ldap/connection.c b/src/lib/ldap/connection.c
index fe122c124dc..38f2c77e99a 100644
--- a/src/lib/ldap/connection.c
+++ b/src/lib/ldap/connection.c
@@ -1047,3 +1047,44 @@ fr_trunk_state_t fr_thread_ldap_trunk_state(fr_ldap_thread_t *thread, char const
 
 	return (found) ? found->trunk->state : FR_TRUNK_STATE_MAX;
 }
+
+/** Find the thread specific trunk to use for LDAP bind auths
+ *
+ * If there is no current trunk then a new one is created.
+ *
+ * @param[in] thread	to which the connection belongs
+ * @return
+ *	- an existing or new trunk.
+ *	- NULL on failure
+ */
+fr_ldap_thread_trunk_t *fr_thread_ldap_bind_trunk_get(fr_ldap_thread_t *thread)
+{
+	fr_ldap_thread_trunk_t	*ttrunk;
+
+	if (thread->bind_trunk) return (thread->bind_trunk);
+
+	MEM(ttrunk = talloc_zero(thread, fr_ldap_thread_trunk_t));
+	memcpy(&ttrunk->config, thread->config, sizeof(fr_ldap_config_t));
+
+	ttrunk->uri = ttrunk->config.server;
+	ttrunk->bind_dn = ttrunk->config.admin_identity;
+
+	ttrunk->trunk = fr_trunk_alloc(ttrunk, thread->el,
+				       &(fr_trunk_io_funcs_t){
+					      .connection_alloc = ldap_trunk_connection_alloc,
+					      .connection_notify = ldap_trunk_connection_notify,
+					},
+				       thread->bind_trunk_conf,
+				       "rlm_ldap bind auth", ttrunk, false);
+
+	if (!ttrunk->trunk) {
+		ERROR("Unable to create LDAP connection");
+		talloc_free(ttrunk);
+		return NULL;
+	}
+
+	ttrunk->t = thread;
+	thread->bind_trunk = ttrunk;
+
+	return ttrunk;
+}