Implement reconnect when LDAP connection goes down

ngx_http_auth_ldap_module.c

@@ -134,6 +134,7 @@ typedef struct ngx_http_auth_ldap_connection {
     ngx_log_t *log;
     ngx_http_auth_ldap_server_t *server;
     ngx_peer_connection_t conn;
+    ngx_event_t reconnect_event;
 
     ngx_queue_t queue;
     ngx_http_auth_ldap_ctx_t *rctx;
@@ -916,23 +917,38 @@ static Sockbuf_IO ngx_http_auth_ldap_sbio =
 static void
 ngx_http_auth_ldap_close_connection(ngx_http_auth_ldap_connection_t *c)
 {
-    ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http_auth_ldap: Closing connection");
+    ngx_queue_t *q;
 
     if (c->ld) {
-        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http_auth_ldap: Unbinding from the server");
+        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "http_auth_ldap: Unbinding from the server \"%V\")",
+            &c->server->url);
         ldap_unbind_ext(c->ld, NULL, NULL);
         /* Unbind is always synchronous, even though the function name does not end with an '_s'. */
         c->ld = NULL;
     }
 
     if (c->conn.connection) {
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "http_auth_ldap: Closing connection fd=%d",
+        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "http_auth_ldap: Closing connection (fd=%d)",
             c->conn.connection->fd);
         ngx_close_connection(c->conn.connection);
+        c->conn.connection = NULL;
+    }
+
+    q = ngx_queue_head(&c->server->free_connections);
+    while (q != ngx_queue_sentinel(&c->server->free_connections)) {
+        if (q == &c->queue) {
+            ngx_queue_remove(q);
+            break;
+        }
+        q = ngx_queue_next(q);
     }
 
     c->rctx = NULL;
-    c->state = STATE_DISCONNECTED;
+    if (c->state != STATE_DISCONNECTED) {
+        c->state = STATE_DISCONNECTED;
+        ngx_add_timer(&c->reconnect_event, 10000); /* TODO: Reconnect timeout */
+        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http_auth_ldap: Connection scheduled for reconnection in 10000 ms");
+    }
 }
 
 static void
@@ -1114,6 +1130,12 @@ ngx_http_auth_ldap_read_handler(ngx_event_t *rev)
     conn = ((ngx_connection_t *)rev->data)->data;
     c = conn->data;
 
+    if (c->ld == NULL) {
+        ngx_log_error(NGX_LOG_INFO, c->log, 0, "http_auth_ldap: Could not connect");
+        ngx_http_auth_ldap_close_connection(c);
+        return;
+    }
+
     if (rev->timedout) {
         ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "http_auth_ldap: Request timed out (state=%d)", c->state);
         conn->connection->timedout = 1;
@@ -1237,6 +1259,9 @@ ngx_http_auth_ldap_connect(ngx_http_auth_ldap_connection_t *c)
 
     addr = &c->server->parsed_url.addrs[ngx_random() % c->server->parsed_url.naddrs];
 
+    ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "http_auth_ldap: Connecting to LDAP server \"%V\".",
+        &addr->name);
+
     conn = &c->conn;
     conn->data = c;
     conn->sockaddr = addr->sockaddr;
@@ -1251,6 +1276,7 @@ ngx_http_auth_ldap_connect(ngx_http_auth_ldap_connection_t *c)
     if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) {
         ngx_log_error(NGX_LOG_ERR, c->log, 0, "http_auth_ldap: Unable to connect to LDAP server \"%V\".",
             &addr->name);
+        ngx_add_timer(&c->reconnect_event, 10000); /* TODO: Reconnect timeout */
         return;
     }
 
@@ -1269,6 +1295,14 @@ ngx_http_auth_ldap_connection_cleanup(void *data)
     ngx_http_auth_ldap_close_connection((ngx_http_auth_ldap_connection_t *) data);
 }
 
+static void
+ngx_http_auth_ldap_reconnect_handler(ngx_event_t *ev)
+{
+    ngx_connection_t *conn = ev->data;
+    ngx_http_auth_ldap_connection_t *c = conn->data;
+    ngx_http_auth_ldap_connect(c);
+}
+
 static ngx_int_t
 ngx_http_auth_ldap_init_connections(ngx_cycle_t *cycle)
 {
@@ -1276,6 +1310,7 @@ ngx_http_auth_ldap_init_connections(ngx_cycle_t *cycle)
     ngx_http_auth_ldap_main_conf_t *halmcf;
     ngx_http_auth_ldap_server_t *server;
     ngx_pool_cleanup_t *cleanup;
+    ngx_connection_t *dummy_conn;
     ngx_uint_t i, j;
     ngx_int_t rc;
     int option;
@@ -1302,13 +1337,23 @@ ngx_http_auth_ldap_init_connections(ngx_cycle_t *cycle)
         for (j = 0; j < server->connections; j++) {
             c = ngx_pcalloc(cycle->pool, sizeof(ngx_http_auth_ldap_connection_t));
             cleanup = ngx_pool_cleanup_add(cycle->pool, 0);
-            if (c == NULL || cleanup == NULL) {
+            dummy_conn = ngx_pcalloc(cycle->pool, sizeof(ngx_connection_t));
+            if (c == NULL || cleanup == NULL || dummy_conn == NULL) {
                 return NGX_ERROR;
             }
 
             c->log = cycle->log;
             c->server = server;
             c->state = STATE_DISCONNECTED;
+
+            /* Various debug logging around timer management assume that the field
+               'data' in ngx_event_t is a pointer to ngx_connection_t, therefore we
+               have a dummy such structure around so that it does not crash etc. */
+            dummy_conn->data = c;
+            c->reconnect_event.log = c->log;
+            c->reconnect_event.data = dummy_conn;
+            c->reconnect_event.handler = ngx_http_auth_ldap_reconnect_handler;
+
             ngx_http_auth_ldap_connect(c);
 
             cleanup->handler = &ngx_http_auth_ldap_connection_cleanup;