4 messages in net.sourceforge.lists.courier-imap[Courier-imap] Patch for authdaemonli...| From | Sent On | Attachments |
|---|---|---|
| Norbert Kottmann | May 24, 2006 8:41 am | |
| Sam Varshavchik | May 24, 2006 3:21 pm | |
| Brian Candler | May 25, 2006 12:40 am | |
| Brian Candler | May 25, 2006 1:21 am |
| Subject: | [Courier-imap] Patch for authdaemonlib.c opensock() function | |
|---|---|---|
| From: | Norbert Kottmann (norb...@id.unibe.ch) | |
| Date: | May 24, 2006 8:41:53 am | |
| List: | net.sourceforge.lists.courier-imap | |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hi
We made a little testpatch for the opensock() function in authdaemonlib.c.
We patched the source because under high load, the imap and pop daemons (more than one ;-) can simutaniously block the socket to the authdaemond, so that another imap/pop daemon can not connect to the socket. This will lead to really ugly tempfails and the user has to retype the password.
Whats new:
If we can not connect to the UNIX socket, wait (random between 0.9s - 1.1s) and try again. Do this max 10 times and if the socket is still not available, exit with "authentication failed".
Our solution is maybe not really nice but works quite well.
Comments desired.
Patch:
- --- authdaemonlib.c.orig 2006-05-24 17:06:45.000000000 +0200 +++ authdaemonlib.c.angepasst 2006-05-24 17:02:49.000000000 +0200 @@ -27,6 +27,8 @@ #include "authdaemonrc.h" #include "numlib/numlib.h"
+#include "courierauthdebug.h" + static int TIMEOUT_SOCK=10, TIMEOUT_WRITE=10, TIMEOUT_READ=30; @@ -153,16 +155,35 @@ TIMEOUT_WRITE=n; }
- - if (s_connect(s, (const struct sockaddr *)&skun, sizeof(skun), - - TIMEOUT_SOCK)) - - { - - perror("ERR: authdaemon: s_connect() failed"); - - if (errno == ETIMEDOUT || errno == ECONNREFUSED) - - fprintf(stderr, "ERR: [Hint: perhaps authdaemond is not running?]\n"); - - close(s); - - return (-1); +//try 10 times if ERROR = EAGAIN +courier_authdebug_login_level = 1; + int i; + for(i;i<10;i++){ + + if (s_connect(s, (const struct sockaddr *)&skun, sizeof(skun), + TIMEOUT_SOCK)) + { + if (errno!=EAGAIN){ + perror("ERR: authdaemon: s_connect() failed"); + if (errno == ETIMEDOUT || errno == ECONNREFUSED) + fprintf(stderr, "ERR: [Hint: perhaps authdaemond is not running?]\n"); + close(s); + courier_authdebug_login_level =0; + return (-1); + } else if (errno == EAGAIN){ + DPRINTF("ERR: EAGAIN. sleeping now..."); + int nr = rand()/RAND_MAX*200000; + usleep(900000+nr); + } + }else{ + courier_authdebug_login_level =0; + return (s); + } } - - return (s); + DPRINTF("ERR: s_connect failed 10 times!"); + close(s); + courier_authdebug_login_level =0; + return (-1); }
static int writeauth(int fd, const char *p, unsigned pl)
Greets, Norbert - --
_____________________________ University of Berne IT-Services Department
Norbert Kottmann
Gesellschaftsstrasse 6 CH-3012 Bern Tel. +41 (0)31 631 38 38 Fax +41 (0)31 631 43 57
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (Darwin)
iD8DBQFEdH7ZQAEAxP0Zi9ERAjXTAKCLbU68+l+21FTeGVBbS14Zltac3wCgyeyp /z98xUVmU6plBWqPCGkBrvw= =IPox -----END PGP SIGNATURE-----