mainnika
/
nginx-auth-ldap
mirror of https://github.com/mainnika/nginx-auth-ldap
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

don't expire cache entries when they are being used

Browse Source
main
nikita tokarchuk 2 years ago
parent 83c059b735
commit d0685d81bf
Signed by: mainnika
GPG Key ID: 5CDEED14F48FA79D
1 changed files with 8 additions and 8 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 16
      ngx_http_auth_ldap_module.c

16
ngx_http_auth_ldap_module.c
Unescape View File

@ -922,7 +922,7 @@ ngx_http_auth_ldap_init_cache(ngx_cycle_t *cycle)
} }
static ngx_int_t static ngx_int_t
ngx_http_auth_ldap_check_cache(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t *ctx, ngx_http_auth_ldap_check_cache_and_update(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t *ctx,
ngx_http_auth_ldap_cache_t *cache, ngx_http_auth_ldap_server_t *server) ngx_http_auth_ldap_cache_t *cache, ngx_http_auth_ldap_server_t *server)
{ {
ngx_http_auth_ldap_cache_elt_t *elt; ngx_http_auth_ldap_cache_elt_t *elt;
@ -946,6 +946,7 @@ ngx_http_auth_ldap_check_cache(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t *
if (elt->small_hash == ctx->cache_small_hash && if (elt->small_hash == ctx->cache_small_hash &&
elt->time > time_limit && elt->time > time_limit &&
memcmp(elt->big_hash, ctx->cache_big_hash, 16) == 0) { memcmp(elt->big_hash, ctx->cache_big_hash, 16) == 0) {
elt->time = ngx_current_msec; // update time as we've just used this entry
return elt->outcome; return elt->outcome;
} }
} }
@ -1894,10 +1895,10 @@ ngx_http_auth_ldap_authenticate(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t
if (ngx_http_auth_ldap_cache.buckets != NULL) { if (ngx_http_auth_ldap_cache.buckets != NULL) {
for (i = 0; i < conf->servers->nelts; i++) { for (i = 0; i < conf->servers->nelts; i++) {
s = &((ngx_http_auth_ldap_server_t *) conf->servers->elts)[i]; s = &((ngx_http_auth_ldap_server_t *) conf->servers->elts)[i];
rc = ngx_http_auth_ldap_check_cache(r, ctx, &ngx_http_auth_ldap_cache, s); rc = ngx_http_auth_ldap_check_cache_and_update(r, ctx, &ngx_http_auth_ldap_cache, s);
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "http_auth_ldap: Using cached outcome %d from server %d", rc, i); ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "http_auth_ldap: Using cached outcome %d from server %d", rc, i);
if (rc == OUTCOME_DENY || rc == OUTCOME_ALLOW) { if (rc == OUTCOME_CACHED_ALLOW) {
ctx->outcome = (rc == OUTCOME_DENY ? OUTCOME_CACHED_DENY : OUTCOME_CACHED_ALLOW); ctx->outcome = OUTCOME_CACHED_ALLOW;
ctx->phase = PHASE_NEXT; ctx->phase = PHASE_NEXT;
goto loop; goto loop;
} }
@ -2034,10 +2035,9 @@ ngx_http_auth_ldap_authenticate(ngx_http_request_t *r, ngx_http_auth_ldap_ctx_t
ngx_http_auth_ldap_return_connection(ctx->c); ngx_http_auth_ldap_return_connection(ctx->c);
} }
if (ngx_http_auth_ldap_cache.buckets != NULL && if (ngx_http_auth_ldap_cache.buckets != NULL && ctx->outcome == OUTCOME_ALLOW) {
(ctx->outcome == OUTCOME_DENY || ctx->outcome == OUTCOME_ALLOW)) { ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "http_auth_ldap: Caching outcome OUTCOME_CACHED_ALLOW=%d", OUTCOME_CACHED_ALLOW);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "http_auth_ldap: Caching outcome %d", ctx->outcome); ngx_http_auth_ldap_update_cache(ctx, &ngx_http_auth_ldap_cache, OUTCOME_CACHED_ALLOW);
ngx_http_auth_ldap_update_cache(ctx, &ngx_http_auth_ldap_cache, ctx->outcome);
} }
if (ctx->outcome == OUTCOME_ALLOW || ctx->outcome == OUTCOME_CACHED_ALLOW) { if (ctx->outcome == OUTCOME_ALLOW || ctx->outcome == OUTCOME_CACHED_ALLOW) {

Write Preview
Loading…
Cancel
Save