r12917: fix decoding of ldap controls

some more work on timeouts
(This used to be commit a7e2fe3cb33be2effff7eb764047567f2da3cd55)

diff --git a/source4/ldap_server/ldap_server.c b/source4/ldap_server/ldap_server.c
index 4272cea67827ee87d37f8a03cc3149019a72155c..a9a4b06645a8d56ad210d841ee9b8ea3840fb214 100644 (file)
--- a/source4/ldap_server/ldap_server.c
+++ b/source4/ldap_server/ldap_server.c
@@ -223,6 +223,19 @@ static NTSTATUS ldapsrv_decode(void *private, DATA_BLOB blob)
        return ldapsrv_decode_plain(conn, blob);
 }
 
+/*
+ Idle timeout handler
+*/
+static void ldapsrv_conn_idle_timeout(struct event_context *ev,
+                                     struct timed_event *te,
+                                     struct timeval t,
+                                     void *private)
+{
+       struct ldapsrv_connection *conn = talloc_get_type(private, struct ldapsrv_connection);
+
+       ldapsrv_terminate_connection(conn, "Timeout. No requests after bind");
+}
+
 /*
   called when a LDAP socket becomes readable
 */
@@ -231,12 +244,22 @@ static void ldapsrv_recv(struct stream_connection *c, uint16_t flags)
        struct ldapsrv_connection *conn = 
                talloc_get_type(c->private, struct ldapsrv_connection);
 
-       if (conn->limits.ite) {
+       if (conn->limits.ite) { /* clean initial timeout if any */
                talloc_free(conn->limits.ite);
                conn->limits.ite = NULL;
        }
 
+       if (conn->limits.te) { /* clean idle timeout if any */
+               talloc_free(conn->limits.te);
+               conn->limits.te = NULL;
+       }
+
        packet_recv(conn->packet);
+
+       /* set idle timeout */
+       conn->limits.te = event_add_timed(c->event.ctx, conn, 
+                                          timeval_current_ofs(conn->limits.conn_idle_time, 0),
+                                          ldapsrv_conn_idle_timeout, conn);
 }
 
 /*

diff --git a/source4/ldap_server/ldap_server.h b/source4/ldap_server/ldap_server.h
index 1341b22948cd358ee1057fbce776a04477dc725d..f71c703088653c309d736e10c2ab33585e579c12 100644 (file)
--- a/source4/ldap_server/ldap_server.h
+++ b/source4/ldap_server/ldap_server.h
@@ -42,6 +42,7 @@ struct ldapsrv_connection {
                int search_timeout;
                
                struct timed_event *ite;
+               struct timed_event *te;
        } limits;
 };
 

diff --git a/source4/libcli/ldap/ldap.c b/source4/libcli/ldap/ldap.c
index d021fc3bd61cd2fdeefce2ca4808f286f866c273..b281f62ed017d616bfe954191a88a310b49b7202 100644 (file)
--- a/source4/libcli/ldap/ldap.c
+++ b/source4/libcli/ldap/ldap.c
@@ -1264,7 +1264,7 @@ BOOL ldap_decode(struct asn1_data *data, struct ldap_message *msg)
                asn1_start_tag(data, ASN1_CONTEXT(0));
 
                for (i=0; asn1_peek_tag(data, ASN1_SEQUENCE(0)); i++) {
-                       asn1_start_tag(data, ASN1_SEQUENCE(0));
+                       /* asn1_start_tag(data, ASN1_SEQUENCE(0)); */
 
                        ctrl = talloc_realloc(msg, ctrl, struct ldap_Control *, i+2);
                        if (!ctrl) {