From 9fa1dd71aef812bde52337ea6a4b589d53ca10f1 Mon Sep 17 00:00:00 2001
From: Daehyung Lee <daehyung@gmail.com>
Date: Mon, 11 Jan 2016 14:03:33 +0900
Subject: [PATCH 1/2] Added support cache related options to apache::mod::ldap

Not to set the any options if you were not specified
---
 manifests/mod/ldap.pp       |  5 +++++
 templates/mod/ldap.conf.erb | 15 +++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/manifests/mod/ldap.pp b/manifests/mod/ldap.pp
index d084186717..8586756d5a 100644
--- a/manifests/mod/ldap.pp
+++ b/manifests/mod/ldap.pp
@@ -2,6 +2,11 @@
   $apache_version                = $::apache::apache_version,
   $ldap_trusted_global_cert_file = undef,
   $ldap_trusted_global_cert_type = 'CA_BASE64',
+  $ldap_shared_cache_size        = undef,
+  $ldap_cache_entries            = undef,
+  $ldap_cache_ttl                = undef,
+  $ldap_opcache_entries          = undef,
+  $ldap_opcache_ttl              = undef,
 ){
   if ($ldap_trusted_global_cert_file) {
     validate_string($ldap_trusted_global_cert_type)
diff --git a/templates/mod/ldap.conf.erb b/templates/mod/ldap.conf.erb
index fbb4b92136..424fbe8ee7 100644
--- a/templates/mod/ldap.conf.erb
+++ b/templates/mod/ldap.conf.erb
@@ -12,3 +12,18 @@
 <% if @ldap_trusted_global_cert_file -%>
 LDAPTrustedGlobalCert <%= @ldap_trusted_global_cert_type %> <%= @ldap_trusted_global_cert_file %>
 <% end -%>
+<%- if @ldap_shared_cache_size -%>
+LDAPSharedCacheSize <%= @ldap_shared_cache_size %>
+<%- end -%>
+<%- if @ldap_cache_entries -%>
+LDAPCacheEntries <%= @ldap_cache_entries %>
+<%- end -%>
+<%- if @ldap_cache_ttl -%>
+LDAPCacheTTL <%= @ldap_cache_ttl %>
+<%- end -%>
+<%- if @ldap_opcache_entries -%>
+LDAPOpCacheEntries <%= @ldap_opcache_entries %>
+<%- end -%>
+<%- if @ldap_opcache_ttl -%>
+LDAPOpCacheTTL <%= @ldap_opcache_ttl %>
+<%- end -%>

From ed74be3277eac484254e0bb887c736b35c14389e Mon Sep 17 00:00:00 2001
From: tphoney <tp@puppetlabs.com>
Date: Mon, 1 Feb 2016 11:14:11 +0000
Subject: [PATCH 2/2] adding docs and tests for ldap parameter additions

---
 README.md                     | 10 ++++++++++
 spec/classes/mod/ldap_spec.rb | 14 ++++++++++++--
 2 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 707720a2b6..05b368686f 100644
--- a/README.md
+++ b/README.md
@@ -1508,6 +1508,11 @@ Installs and configures [`mod_ldap`][]. Allows you to modify the
 class { 'apache::mod::ldap':
   ldap_trusted_global_cert_file => '/etc/pki/tls/certs/ldap-trust.crt'
   ldap_trusted_global_cert_type => 'CA_DER',
+  ldap_shared_cache_size        => '500000',
+  ldap_cache_entries            => '1024',
+  ldap_cache_ttl                => '600',
+  ldap_opcache_entries          => '1024',
+  ldap_opcache_ttl              => '600',
 }
 ~~~
 
@@ -1515,6 +1520,11 @@ class { 'apache::mod::ldap':
 
 - `ldap_trusted_global_cert_file`: Path and file name of the trusted CA certificates to use when establishing SSL or TLS connections to an LDAP server.
 - `ldap_trusted_global_cert_type`: The global trust certificate format. Defaults to 'CA_BASE64'.
+- `ldap_shared_cache_size`: Size in bytes of the shared-memory cache.
+- `ldap_cache_entries`: Maximum number of entries in the primary LDAP cache.
+- `ldap_cache_ttl`: Time that cached items remain valid.
+- `ldap_opcache_entries`: Number of entries used to cache LDAP compare operations.
+- `ldap_opcache_ttl`: Time that entries in the operation cache remain valid.
 
 ##### Class: `apache::mod::negotiation`
 
diff --git a/spec/classes/mod/ldap_spec.rb b/spec/classes/mod/ldap_spec.rb
index 2b82d8d1bb..f51cafd4f7 100644
--- a/spec/classes/mod/ldap_spec.rb
+++ b/spec/classes/mod/ldap_spec.rb
@@ -32,12 +32,22 @@
       it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_BASE64 ca\.pem$/) }
     end
 
-    context 'ldap_trusted_global_cert_file and ldap_trusted_global_cert_type params' do
+    context 'set multiple ldap params' do
       let(:params) {{
         :ldap_trusted_global_cert_file => 'ca.pem',
-        :ldap_trusted_global_cert_type => 'CA_DER'
+        :ldap_trusted_global_cert_type => 'CA_DER',
+        :ldap_shared_cache_size        => '500000',
+        :ldap_cache_entries            => '1024',
+        :ldap_cache_ttl                => '600',
+        :ldap_opcache_entries          => '1024',
+        :ldap_opcache_ttl              => '600'
       }}
       it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPTrustedGlobalCert CA_DER ca\.pem$/) }
+      it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPSharedCacheSize 500000$/) }
+      it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPCacheEntries 1024$/) }
+      it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPCacheTTL 600$/) }
+      it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPOpCacheEntries 1024$/) }
+      it { is_expected.to contain_file('ldap.conf').with_content(/^LDAPOpCacheTTL 600$/) }
     end
   end #Debian