Index: /trunk/server/common/oursrc/httpdmods/mod_vhost_ldap.c =================================================================== --- /trunk/server/common/oursrc/httpdmods/mod_vhost_ldap.c (revision 1587) +++ /trunk/server/common/oursrc/httpdmods/mod_vhost_ldap.c (revision 1588) @@ -32,7 +32,9 @@ #include "apr_version.h" #include "apr_ldap.h" +#include "apr_reslist.h" #include "apr_strings.h" -#include "apr_reslist.h" +#include "apr_tables.h" #include "util_ldap.h" +#include "util_script.h" #if !defined(APU_HAS_LDAP) && !defined(APR_HAS_LDAP) @@ -51,4 +53,6 @@ #define MIN_GID 100 const char USERDIR[] = "web_scripts"; + +#define MAX_FAILURES 5 module AP_MODULE_DECLARE_DATA vhost_ldap_module; @@ -122,9 +126,9 @@ { module **m; - + /* Stolen from modules/generators/mod_cgid.c */ total_modules = 0; for (m = ap_preloaded_modules; *m != NULL; m++) - total_modules++; + total_modules++; /* make sure that mod_ldap (util_ldap) is loaded */ @@ -433,5 +437,4 @@ { mod_vhost_ldap_request_t *reqc; - apr_table_t *e; int failures = 0; const char **vals = NULL; @@ -439,6 +442,6 @@ mod_vhost_ldap_config_t *conf = (mod_vhost_ldap_config_t *)ap_get_module_config(r->server->module_config, &vhost_ldap_module); - core_server_config * core = - (core_server_config *) ap_get_module_config(r->server->module_config, &core_module); + core_server_config *core = + (core_server_config *)ap_get_module_config(r->server->module_config, &core_module); util_ldap_connection_t *ldc = NULL; int result = 0; @@ -447,4 +450,8 @@ const char *hostname = NULL; int is_fallback = 0; + int sleep0 = 0; + int sleep1 = 1; + int sleep; + struct berval hostnamebv, shostnamebv; reqc = @@ -469,17 +476,17 @@ ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r, "[mod_vhost_ldap.c] translate: no conf->host - weird...?"); - return DECLINED; + return HTTP_INTERNAL_SERVER_ERROR; } hostname = r->hostname; if (hostname == NULL || hostname[0] == '\0') - goto null; + goto null; fallback: ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r, - "[mod_vhost_ldap.c]: translating %s", r->uri); - - struct berval hostnamebv, shostnamebv; + "[mod_vhost_ldap.c]: translating hostname [%s], uri [%s]", + hostname, r->uri); + ber_str2bv(hostname, 0, 0, &hostnamebv); if (ldap_bv2escaped_filter_value(&hostnamebv, &shostnamebv) != 0) @@ -494,11 +501,23 @@ /* sanity check - if server is down, retry it up to 5 times */ - if (result == LDAP_SERVER_DOWN) { - if (failures++ <= 5) { + if (AP_LDAP_IS_SERVER_DOWN(result) || + (result == LDAP_TIMEOUT) || + (result == LDAP_CONNECT_ERROR)) { + sleep = sleep0 + sleep1; + ap_log_rerror(APLOG_MARK, APLOG_WARNING|APLOG_NOERRNO, 0, r, + "[mod_vhost_ldap.c]: lookup failure, retry number #[%d], sleeping for [%d] seconds", + failures, sleep); + if (failures++ < MAX_FAILURES) { + /* Back-off exponentially */ + apr_sleep(apr_time_from_sec(sleep)); + sleep0 = sleep1; + sleep1 = sleep; goto start_over; - } - } - - if ((result == LDAP_NO_SUCH_OBJECT)) { + } else { + return HTTP_GATEWAY_TIME_OUT; + } + } + + if (result == LDAP_NO_SUCH_OBJECT) { if (strcmp(hostname, "*") != 0) { if (strncmp(hostname, "*.", 2) == 0) @@ -513,5 +532,5 @@ } - null: +null: if (conf->fallback && (is_fallback++ <= 0)) { ap_log_rerror(APLOG_MARK, APLOG_NOTICE|APLOG_NOERRNO, 0, r, @@ -528,5 +547,5 @@ hostname); - return DECLINED; + return HTTP_BAD_REQUEST; } @@ -537,5 +556,5 @@ "translate failed; virtual host %s; URI %s [%s]", hostname, r->uri, ldap_err2string(result)); - return DECLINED; + return HTTP_INTERNAL_SERVER_ERROR; } @@ -584,9 +603,9 @@ "[mod_vhost_ldap.c] translate: " "translate failed; ServerName or DocumentRoot not defined"); - return DECLINED; + return HTTP_INTERNAL_SERVER_ERROR; } cgi = NULL; - + #if 0 if (reqc->cgiroot) { @@ -597,7 +616,14 @@ } if (cgi) { - r->filename = apr_pstrcat (r->pool, reqc->cgiroot, cgi + strlen("cgi-bin"), NULL); - r->handler = "cgi-script"; - apr_table_setn(r->notes, "alias-forced-type", r->handler); + /* Set exact filename for CGI script */ + cgi = apr_pstrcat(r->pool, reqc->cgiroot, cgi + strlen("cgi-bin"), NULL); + if ((cgi = ap_server_root_relative(r->pool, cgi))) { + ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r, + "[mod_vhost_ldap.c]: ap_document_root is: %s", + ap_document_root(r)); + r->filename = cgi; + r->handler = "cgi-script"; + apr_table_setn(r->notes, "alias-forced-type", r->handler); + } #endif /* This is a quick, dirty hack. I should be shot for taking 6.170 @@ -624,12 +650,19 @@ } } else if (r->uri[0] == '/') { - r->filename = apr_pstrcat (r->pool, reqc->docroot, r->uri, NULL); + /* we don't set r->filename here, and let other modules do it + * this allows other modules (mod_rewrite.c) to work as usual + */ + /* r->filename = apr_pstrcat (r->pool, reqc->docroot, r->uri, NULL); */ } else { + /* We don't handle non-file requests here */ return DECLINED; } - if ((r->server = apr_pmemdup(r->pool, r->server, - sizeof(*r->server))) == NULL) + if ((r->server = apr_pmemdup(r->pool, r->server, sizeof(*r->server))) == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r, + "[mod_vhost_ldap.c] translate: " + "translate failed; Unable to copy r->server structure"); return HTTP_INTERNAL_SERVER_ERROR; + } r->server->server_hostname = reqc->name; @@ -639,24 +672,46 @@ } - // set environment variables - e = r->subprocess_env; - apr_table_addn (e, "SERVER_ROOT", reqc->docroot); - - if ((r->server->module_config = - apr_pmemdup(r->pool, r->server->module_config, - sizeof(void *) * - (total_modules + DYNAMIC_MODULE_LIMIT))) == NULL) - return HTTP_INTERNAL_SERVER_ERROR; - - if ((core = apr_pmemdup(r->pool, core, sizeof(*core))) == NULL) - return HTTP_INTERNAL_SERVER_ERROR; + if ((r->server->module_config = apr_pmemdup(r->pool, r->server->module_config, + sizeof(void *) * + (total_modules + DYNAMIC_MODULE_LIMIT))) == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r, + "[mod_vhost_ldap.c] translate: " + "translate failed; Unable to copy r->server->module_config structure"); + return HTTP_INTERNAL_SERVER_ERROR; + } + + if ((core = apr_pmemdup(r->pool, core, sizeof(*core))) == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR|APLOG_NOERRNO, 0, r, + "[mod_vhost_ldap.c] translate: " + "translate failed; Unable to copy r->core structure"); + return HTTP_INTERNAL_SERVER_ERROR; + } ap_set_module_config(r->server->module_config, &core_module, core); - core->ap_document_root = reqc->docroot; - - ap_log_rerror(APLOG_MARK, APLOG_DEBUG|APLOG_NOERRNO, 0, r, - "[mod_vhost_ldap.c]: translated to %s", r->filename); - - return OK; + /* Stolen from server/core.c */ + + /* Make it absolute, relative to ServerRoot */ + reqc->docroot = ap_server_root_relative(r->pool, reqc->docroot); + + if (reqc->docroot == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, + "[mod_vhost_ldap.c] set_document_root: DocumentRoot must be a directory"); + + return HTTP_INTERNAL_SERVER_ERROR; + } + + /* TODO: ap_configtestonly && ap_docrootcheck && */ + if (apr_filepath_merge((char**)&core->ap_document_root, NULL, reqc->docroot, + APR_FILEPATH_TRUENAME, r->pool) != APR_SUCCESS + || !ap_is_directory(r->pool, reqc->docroot)) { + + ap_log_rerror(APLOG_MARK, APLOG_WARNING, 0, r, + "[mod_vhost_ldap.c] set_document_root: Warning: DocumentRoot [%s] does not exist", + reqc->docroot); + core->ap_document_root = reqc->docroot; + } + + /* Hack to allow post-processing by other modules (mod_rewrite, mod_alias) */ + return DECLINED; } @@ -706,6 +761,12 @@ mod_vhost_ldap_register_hooks (apr_pool_t * p) { + + /* + * Run before mod_rewrite + */ + static const char * const aszRewrite[]={ "mod_rewrite.c", NULL }; + ap_hook_post_config(mod_vhost_ldap_post_config, NULL, NULL, APR_HOOK_MIDDLE); - ap_hook_translate_name(mod_vhost_ldap_translate_name, NULL, NULL, APR_HOOK_MIDDLE); + ap_hook_translate_name(mod_vhost_ldap_translate_name, NULL, aszRewrite, APR_HOOK_FIRST); #ifdef HAVE_UNIX_SUEXEC ap_hook_get_suexec_identity(mod_vhost_ldap_get_suexec_id_doer, NULL, NULL, APR_HOOK_MIDDLE);