Closed progier389 closed 1 year ago
Jira ticket: IDMDS-3501
599db0a450357e804072ca03421c9f65351cdf1f Issue 5883 - Remove connection mutex contention risk on autobind (#5886) 415c74809..599db0a45 main -> main f01a61332..837fad742 389-ds-base-2.3 -> 389-ds-base-2.3 d2af71cf1..efe7385c2 389-ds-base-2.2 -> 389-ds-base-2.2 4ba619075..561d80e1d 389-ds-base-2.1 -> 389-ds-base-2.1 8ac0c5d11..68b3c5921 389-ds-base-2.0 -> 389-ds-base-2.0 66106c867..a76bb01da 389-ds-base-1.4.4 -> 389-ds-base-1.4.4 438821a8a..ccff99df6 389-ds-base-1.4.3 -> 389-ds-base-1.4.3
Issue Description Code review show that c_mutex is held for a quite long period (in bind.c) while performing autobind: When doing anonymous bind on a connection using SASL/EXTERNAL mechanism the mutex is held during the whole lookup that maps the SSL certificate to the bind dn but the page search issue showed that holding that c_mutex has a terrible impact on overall performance
Package Version and Platform:
Steps to Reproduce The steps are quite similar to the paged search result performance issue. The trick is to enable the internal operation flags in access log and disable the standard operation, it makes the fact that the lock is held during autobind internal search very visible.
dsconf standalone1 config replace nsslapd-accesslog-level=4
ldclt -p 389 -e esearch -b "dc=example,dc=com" -f "cn=demo"
ldapsearch -Q -LLL -Y EXTERNAL -H ldapi://%2fvar%2frun%2fslapd-standalone1.socket -b dc=example,dc=com cn=demo