Fix and document max_uses

diff --git a/raddb/mods-available/ldap b/raddb/mods-available/ldap
index 550d375..e57c987 100644 (file)
--- a/raddb/mods-available/ldap
+++ b/raddb/mods-available/ldap
@@ -42,6 +42,12 @@ ldap {
        #  every authentication request.
        ldap_connections_number = 5
 
+       #  How many times the connection can be used before
+       #  being re-established. This is useful for things
+       #  like load balancers, which may exhibit sticky
+       #  behaviour without it. (0) is unlimited.
+       max_uses = 0
+
        #  Port to connect on, defaults to 389. Setting this to
        #  636 will enable LDAPS if start_tls (see below) is not
        #  able to be used.

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index ccf653c..2b2e095 100644 (file)
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -249,6 +249,7 @@ static const CONF_PARSER module_config[] = {
        /* allow server unlimited time for search (server-side limit) */
        {"timelimit", PW_TYPE_INTEGER,
         offsetof(ldap_instance,timelimit), NULL, "20"},
+       /* how many times the connection can be used before being re-established */     
        {"max_uses", PW_TYPE_INTEGER,
         offsetof(ldap_instance,max_uses), NULL, "0"},
 
@@ -399,9 +400,11 @@ static inline void ldap_release_conn(int i, ldap_instance *inst)
 
        DEBUG("  [%s] ldap_release_conn: Release Id: %d", inst->xlat_name, i);
        if ((inst->max_uses > 0) && (conns[i].uses >= inst->max_uses)) {
-               if (inst->conns[i].ld){
+               if (conns[i].ld){
                        DEBUG("  [%s] ldap_release_conn: Hit max usage limit, closing Id: %d", inst->xlat_name, i);
-                       ldap_unbind_s(inst->conns[i].ld);
+                       ldap_unbind_s(conns[i].ld);
+                       
+                       conns[i].ld = NULL      
                }
                conns[i].bound = 0;
                conns[i].uses = 0;