LDAP connections are never closed with LDAP authentication backend inside Choice
When testing 2.0, I see that the code opens a lot of connections to LDAP server and never close them.
A simple load of the portal page (without authentication) gives these logs in OpenLDAP:
Jan 31 17:31:08 llng-site slapd[32489]: conn=1026 fd=36 ACCEPT from IP=127.0.0.1:34218 (IP=127.0.0.1:389)
Jan 31 17:31:08 llng-site slapd[32489]: conn=1026 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" method=128
Jan 31 17:31:08 llng-site slapd[32489]: conn=1026 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" mech=SIMPLE ssf=0
Jan 31 17:31:08 llng-site slapd[32489]: conn=1026 op=0 RESULT tag=97 err=0 text=
Jan 31 17:31:08 llng-site slapd[32489]: conn=1027 fd=37 ACCEPT from IP=127.0.0.1:34220 (IP=127.0.0.1:389)
Jan 31 17:31:08 llng-site slapd[32489]: conn=1027 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" method=128
Jan 31 17:31:08 llng-site slapd[32489]: conn=1027 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" mech=SIMPLE ssf=0
Jan 31 17:31:08 llng-site slapd[32489]: conn=1027 op=0 RESULT tag=97 err=0 text=
Jan 31 17:31:08 llng-site slapd[32489]: conn=1028 fd=38 ACCEPT from IP=127.0.0.1:34222 (IP=127.0.0.1:389)
Jan 31 17:31:08 llng-site slapd[32489]: conn=1028 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" method=128
Jan 31 17:31:08 llng-site slapd[32489]: conn=1028 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" mech=SIMPLE ssf=0
Jan 31 17:31:08 llng-site slapd[32489]: conn=1028 op=0 RESULT tag=97 err=0 text=
Jan 31 17:31:08 llng-site slapd[32489]: conn=1029 fd=39 ACCEPT from IP=127.0.0.1:34224 (IP=127.0.0.1:389)
Jan 31 17:31:08 llng-site slapd[32489]: conn=1029 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" method=128
Jan 31 17:31:08 llng-site slapd[32489]: conn=1029 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" mech=SIMPLE ssf=0
Jan 31 17:31:08 llng-site slapd[32489]: conn=1029 op=0 RESULT tag=97 err=0 text=
Jan 31 17:31:08 llng-site slapd[32489]: conn=1030 fd=40 ACCEPT from IP=127.0.0.1:34226 (IP=127.0.0.1:389)
Jan 31 17:31:08 llng-site slapd[32489]: conn=1030 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" method=128
Jan 31 17:31:08 llng-site slapd[32489]: conn=1030 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" mech=SIMPLE ssf=0
Jan 31 17:31:08 llng-site slapd[32489]: conn=1030 op=0 RESULT tag=97 err=0 text=
Jan 31 17:31:08 llng-site slapd[32489]: conn=1031 fd=41 ACCEPT from IP=127.0.0.1:34228 (IP=127.0.0.1:389)
Jan 31 17:31:08 llng-site slapd[32489]: conn=1031 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" method=128
Jan 31 17:31:08 llng-site slapd[32489]: conn=1031 op=0 BIND dn="cn=lemonldapng,ou=dsa,dc=openid,dc=club" mech=SIMPLE ssf=0
Jan 31 17:31:08 llng-site slapd[32489]: conn=1031 op=0 RESULT tag=97 err=0 text=
So just to display the page, there are 6 connections opened, and never closed. It seems linked to Choice as I configured 6 authentication choices.
This is a critical bug as the LDAP server is quickly saturated by opened connections.