r1317: Patch from Joe Meadows "Joe Meadows" <jameadows@webopolis.com> to

add a timeout to the ldap open calls. New parameter, ldap timeout
added.
Jeremy.
(This used to be commit e5b3094c4cc75eb07f667dd1aeb73921ed7366ac)

source3/include/smbldap.h

@@ -153,5 +153,6 @@ struct smbldap_state {
 
 struct smbldap_state;
 
-#endif	/* _SMBLDAP_H */
+#define LDAP_CONNECT_DEFAULT_TIMEOUT   5
 
+#endif	/* _SMBLDAP_H */

source3/lib/smbldap.c

@@ -808,7 +808,7 @@ static int smbldap_connect_system(struct smbldap_state *ldap_state, LDAP * ldap_
 }
 
 /**********************************************************************
-Connect to LDAP server (called before every ldap operation)
+ Connect to LDAP server (called before every ldap operation)
 *********************************************************************/
 static int smbldap_open(struct smbldap_state *ldap_state)
 {

source3/libads/ldap.c

@@ -37,6 +37,35 @@
  * codepoints in UTF-8).  This may have to change at some point
  **/
 
+static SIG_ATOMIC_T gotalarm;
+                                                                                                                   
+/***************************************************************
+ Signal function to tell us we timed out.
+****************************************************************/
+                                                                                                                   
+static void gotalarm_sig(void)
+{
+	gotalarm = 1;
+}
+                                                                                                                   
+LDAP *ldap_open_with_timeout(const char *server, int port, unsigned int to)
+{
+	LDAP *ldp = NULL;
+                                                                                                                   
+	/* Setup timeout */
+	gotalarm = 0;
+	CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig);
+	alarm(to);
+	/* End setup timeout. */
+                                                                                                                   
+	ldp = ldap_open(server, port);
+                                                                                                                   
+	/* Teardown timeout. */
+	CatchSignal(SIGALRM, SIGNAL_CAST SIG_IGN);
+	alarm(0);
+                                                                                                                   
+	return ldp;
+}
 
 /*
   try a connection to a given ldap server, returning True and setting the servers IP
@@ -58,7 +87,7 @@ static BOOL ads_try_connect(ADS_STRUCT *ads, const char *server, unsigned port)
 	/* this copes with inet_ntoa brokenness */
 	srv = strdup(server);
 
-	ads->ld = ldap_open(srv, port);
+	ads->ld = ldap_open_with_timeout(srv, port, lp_ldap_timeout());
 	if (!ads->ld) {
 		free(srv);
 		return False;

source3/nsswitch/winbindd_rpc.c

@@ -707,36 +707,6 @@ done:
 
 #include <ldap.h>
 
-static SIG_ATOMIC_T gotalarm;
-
-/***************************************************************
- Signal function to tell us we timed out.
-****************************************************************/
-
-static void gotalarm_sig(void)
-{
-	gotalarm = 1;
-}
-
-static LDAP *ldap_open_with_timeout(const char *server, int port, unsigned int to)
-{
-	LDAP *ldp = NULL;
-
-	/* Setup timeout */
-	gotalarm = 0;
-	CatchSignal(SIGALRM, SIGNAL_CAST gotalarm_sig);
-	alarm(to);
-	/* End setup timeout. */
-
-	ldp = ldap_open(server, port);
-
-	/* Teardown timeout. */
-	CatchSignal(SIGALRM, SIGNAL_CAST SIG_IGN);
-	alarm(0);
-
-	return ldp;
-}
-
 static int get_ldap_seq(const char *server, int port, uint32 *seq)
 {
 	int ret = -1;
@@ -749,11 +719,11 @@ static int get_ldap_seq(const char *server, int port, uint32 *seq)
 	*seq = DOM_SEQUENCE_NONE;
 
 	/*
-	 * 10 second timeout on open. This is needed as the search timeout
+	 * Parameterised (5) second timeout on open. This is needed as the search timeout
 	 * doesn't seem to apply to doing an open as well. JRA.
 	 */
 
-	if ((ldp = ldap_open_with_timeout(server, port, 10)) == NULL)
+	if ((ldp = ldap_open_with_timeout(server, port, lp_ldap_timeout())) == NULL)
 		return -1;
 
 	/* Timeout if no response within 20 seconds. */

source3/param/loadparm.c

@@ -234,6 +234,7 @@ typedef struct
 	char *szCupsServer;
 	int ldap_passwd_sync; 
 	int ldap_replication_sleep;
+	int ldap_timeout; /* This is initialised in init_globals */
 	BOOL ldap_delete_dn;
 	BOOL bMsAddPrinterWizard;
 	BOOL bDNSproxy;
@@ -1079,17 +1080,18 @@ static struct parm_struct parm_table[] = {
 	{"ldap server", P_STRING, P_GLOBAL, &Globals.szLdapServer, NULL, NULL, FLAG_ADVANCED}, 
 	{"ldap port", P_INTEGER, P_GLOBAL, &Globals.ldap_port, NULL, NULL, FLAG_ADVANCED}, 
 #endif
-	{"ldap suffix", P_STRING, P_GLOBAL, &Globals.szLdapSuffix, NULL, NULL, FLAG_ADVANCED}, 
-	{"ldap machine suffix", P_STRING, P_GLOBAL, &Globals.szLdapMachineSuffix, NULL, NULL, FLAG_ADVANCED}, 
-	{"ldap user suffix", P_STRING, P_GLOBAL, &Globals.szLdapUserSuffix, NULL, NULL, FLAG_ADVANCED}, 
+	{"ldap admin dn", P_STRING, P_GLOBAL, &Globals.szLdapAdminDn, NULL, NULL, FLAG_ADVANCED}, 
+	{"ldap delete dn", P_BOOL, P_GLOBAL, &Globals.ldap_delete_dn, NULL, NULL, FLAG_ADVANCED}, 
+	{"ldap filter", P_STRING, P_GLOBAL, &Globals.szLdapFilter, NULL, NULL, FLAG_ADVANCED}, 
 	{"ldap group suffix", P_STRING, P_GLOBAL, &Globals.szLdapGroupSuffix, NULL, NULL, FLAG_ADVANCED}, 
 	{"ldap idmap suffix", P_STRING, P_GLOBAL, &Globals.szLdapIdmapSuffix, NULL, NULL, FLAG_ADVANCED}, 
-	{"ldap filter", P_STRING, P_GLOBAL, &Globals.szLdapFilter, NULL, NULL, FLAG_ADVANCED}, 
-	{"ldap admin dn", P_STRING, P_GLOBAL, &Globals.szLdapAdminDn, NULL, NULL, FLAG_ADVANCED}, 
-	{"ldap ssl", P_ENUM, P_GLOBAL, &Globals.ldap_ssl, NULL, enum_ldap_ssl, FLAG_ADVANCED}, 
+	{"ldap machine suffix", P_STRING, P_GLOBAL, &Globals.szLdapMachineSuffix, NULL, NULL, FLAG_ADVANCED}, 
 	{"ldap passwd sync", P_ENUM, P_GLOBAL, &Globals.ldap_passwd_sync, NULL, enum_ldap_passwd_sync, FLAG_ADVANCED}, 
-	{"ldap delete dn", P_BOOL, P_GLOBAL, &Globals.ldap_delete_dn, NULL, NULL, FLAG_ADVANCED}, 
 	{"ldap replication sleep", P_INTEGER, P_GLOBAL, &Globals.ldap_replication_sleep, NULL, NULL, FLAG_ADVANCED},
+	{"ldap suffix", P_STRING, P_GLOBAL, &Globals.szLdapSuffix, NULL, NULL, FLAG_ADVANCED}, 
+	{"ldap ssl", P_ENUM, P_GLOBAL, &Globals.ldap_ssl, NULL, enum_ldap_ssl, FLAG_ADVANCED}, 
+	{"ldap timeout", P_INTEGER, P_GLOBAL, &Globals.ldap_timeout, NULL, NULL, FLAG_ADVANCED},
+	{"ldap user suffix", P_STRING, P_GLOBAL, &Globals.szLdapUserSuffix, NULL, NULL, FLAG_ADVANCED}, 
 
 	{N_("Miscellaneous Options"), P_SEP, P_SEPARATOR}, 
 	{"add share command", P_STRING, P_GLOBAL, &Globals.szAddShareCommand, NULL, NULL, FLAG_ADVANCED}, 
@@ -1487,6 +1489,7 @@ static void init_globals(void)
 	Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
 	Globals.ldap_delete_dn = False;
 	Globals.ldap_replication_sleep = 1000; /* wait 1 sec for replication */
+	Globals.ldap_timeout = LDAP_CONNECT_DEFAULT_TIMEOUT;
 
 /* these parameters are set to defaults that are more appropriate
    for the increasing samba install base:
@@ -1721,6 +1724,7 @@ FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
 FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
 FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
 FN_GLOBAL_INTEGER(lp_ldap_replication_sleep, &Globals.ldap_replication_sleep)
+FN_GLOBAL_INTEGER(lp_ldap_timeout, &Globals.ldap_timeout)
 FN_GLOBAL_STRING(lp_add_share_cmd, &Globals.szAddShareCommand)
 FN_GLOBAL_STRING(lp_change_share_cmd, &Globals.szChangeShareCommand)
 FN_GLOBAL_STRING(lp_delete_share_cmd, &Globals.szDeleteShareCommand)

source3/script/mkproto.awk

@@ -132,7 +132,7 @@ END {
     gotstart = 1;
   }
 
-  if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code/ ) {
+  if( $0 ~ /^WINBINDD_PW|^WINBINDD_GR|^NT_PRINTER_INFO_LEVEL_2|^LOGIN_CACHE|^krb5_error_code|^LDAP/ ) {
     gotstart = 1;
   }