Commit 9166cd31 authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#5436

parent 0397a7ab
OpenLDAP 2.4 Change Log
OpenLDAP 2.4.9 Engineering
Fixed libldap to use unsigned port (ITS#5436)
Fixed libldap_r tpool pause checks (ITS#5364, #5407)
Fixed slapcat error checking (ITS#5387)
Fixed slapd add operations requiring naming attrs (ITS#5412)
......
......@@ -37,604 +37,168 @@
#include <io.h>
#endif /* HAVE_IO_H */
#include "ldap-int.h"
#if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
# ifdef LDAP_PF_INET6
int ldap_int_inet4or6 = AF_UNSPEC;
# else
int ldap_int_inet4or6 = AF_INET;
# endif
#if defined( HAVE_SYS_FILIO_H )
#include <sys/filio.h>
#elif defined( HAVE_SYS_IOCTL_H )
#include <sys/ioctl.h>
#endif
#ifdef LDAP_DEBUG
#define osip_debug(ld,fmt,arg1,arg2,arg3) \
do { \
ldap_log_printf(NULL, LDAP_DEBUG_TRACE, fmt, arg1, arg2, arg3); \
} while(0)
#else
#define osip_debug(ld,fmt,arg1,arg2,arg3) ((void)0)
#include "ldap-int.h"
#endif /* LDAP_DEBUG */
int ldap_int_tblsize = 0;
static void
ldap_pvt_set_errno(int err)
{
sock_errset(err);
}
int
ldap_int_timeval_dup( struct timeval **dest, const struct timeval *src )
{
struct timeval *new;
assert( dest != NULL );
if (src == NULL) {
*dest = NULL;
return 0;
}
new = (struct timeval *) LDAP_MALLOC(sizeof(struct timeval));
if( new == NULL ) {
*dest = NULL;
return 1;
}
AC_MEMCPY( (char *) new, (const char *) src, sizeof(struct timeval));
*dest = new;
return 0;
}
static int
ldap_pvt_ndelay_on(LDAP *ld, int fd)
{
osip_debug(ld, "ldap_ndelay_on: %d\n",fd,0,0);
return ber_pvt_socket_set_nonblock( fd, 1 );
}
static int
ldap_pvt_ndelay_off(LDAP *ld, int fd)
{
osip_debug(ld, "ldap_ndelay_off: %d\n",fd,0,0);
return ber_pvt_socket_set_nonblock( fd, 0 );
}
static ber_socket_t
ldap_int_socket(LDAP *ld, int family, int type )
{
ber_socket_t s = socket(family, type, 0);
osip_debug(ld, "ldap_new_socket: %d\n",s,0,0);
return ( s );
}
static int
ldap_pvt_close_socket(LDAP *ld, int s)
{
osip_debug(ld, "ldap_close_socket: %d\n",s,0,0);
return tcp_close(s);
}
static int
ldap_int_prepare_socket(LDAP *ld, int s, int proto )
{
osip_debug( ld, "ldap_prepare_socket: %d\n", s, 0, 0 );
#if defined( SO_KEEPALIVE ) || defined( TCP_NODELAY )
if ( proto == LDAP_PROTO_TCP ) {
int dummy = 1;
#ifdef SO_KEEPALIVE
if ( setsockopt( s, SOL_SOCKET, SO_KEEPALIVE,
(char*) &dummy, sizeof(dummy) ) == AC_SOCKET_ERROR )
{
osip_debug( ld, "ldap_prepare_socket: "
"setsockopt(%d, SO_KEEPALIVE) failed (ignored).\n",
s, 0, 0 );
}
#endif /* SO_KEEPALIVE */
#ifdef TCP_NODELAY
if ( setsockopt( s, IPPROTO_TCP, TCP_NODELAY,
(char*) &dummy, sizeof(dummy) ) == AC_SOCKET_ERROR )
{
osip_debug( ld, "ldap_prepare_socket: "
"setsockopt(%d, TCP_NODELAY) failed (ignored).\n",
s, 0, 0 );
}
#endif /* TCP_NODELAY */
}
#endif /* SO_KEEPALIVE || TCP_NODELAY */
return 0;
}
#ifndef HAVE_WINSOCK
#undef TRACE
#define TRACE do { \
osip_debug(ld, \
"ldap_is_socket_ready: error on socket %d: errno: %d (%s)\n", \
s, \
errno, \
sock_errstr(errno) ); \
} while( 0 )
ldap_connect_to_host( Sockbuf *sb, const char *host, unsigned long address,
int port, int async )
/*
* check the socket for errors after select returned.
* if host == NULL, connect using address
* "address" and "port" must be in network byte order
* zero is returned upon success, -1 if fatal error, -2 EINPROGRESS
* async is only used ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_REFERRALS (non-0 means don't wait for connect)
* XXX async is not used yet!
*/
static int
ldap_pvt_is_socket_ready(LDAP *ld, int s)
{
osip_debug(ld, "ldap_is_sock_ready: %d\n",s,0,0);
#if defined( notyet ) /* && defined( SO_ERROR ) */
{
int so_errno;
ber_socklen_t dummy = sizeof(so_errno);
if ( getsockopt( s, SOL_SOCKET, SO_ERROR, &so_errno, &dummy )
== AC_SOCKET_ERROR )
{
return -1;
}
if ( so_errno ) {
ldap_pvt_set_errno(so_errno);
TRACE;
return -1;
}
return 0;
}
#else
{
/* error slippery */
#ifdef LDAP_PF_INET6
struct sockaddr_storage sin;
#else
struct sockaddr_in sin;
#endif
char ch;
ber_socklen_t dummy = sizeof(sin);
if ( getpeername( s, (struct sockaddr *) &sin, &dummy )
== AC_SOCKET_ERROR )
{
/* XXX: needs to be replace with ber_stream_read() */
read(s, &ch, 1);
TRACE;
return -1;
}
return 0;
}
#endif
return -1;
}
#undef TRACE
#endif /* HAVE_WINSOCK */
/* NOTE: this is identical to analogous code in os-local.c */
int
ldap_int_poll(
LDAP *ld,
ber_socket_t s,
struct timeval *tvp )
{
int rc;
osip_debug(ld, "ldap_int_poll: fd: %d tm: %ld\n",
s, tvp ? tvp->tv_sec : -1L, 0);
#ifdef HAVE_POLL
{
struct pollfd fd;
int timeout = INFTIM;
fd.fd = s;
fd.events = POLL_WRITE;
if ( tvp != NULL ) {
timeout = TV2MILLISEC( tvp );
}
do {
fd.revents = 0;
rc = poll( &fd, 1, timeout );
} while ( rc == AC_SOCKET_ERROR && errno == EINTR &&
LDAP_BOOL_GET( &ld->ld_options, LDAP_BOOL_RESTART ) );
if ( rc == AC_SOCKET_ERROR ) {
return rc;
}
if ( timeout == 0 && rc == 0 ) {
return -2;
}
if ( fd.revents & POLL_WRITE ) {
if ( ldap_pvt_is_socket_ready( ld, s ) == -1 ) {
return -1;
}
if ( ldap_pvt_ndelay_off( ld, s ) == -1 ) {
return -1;
}
return 0;
}
}
#else
{
fd_set wfds, *z = NULL;
#ifdef HAVE_WINSOCK
fd_set efds;
#endif
struct timeval tv = { 0 };
#if defined( FD_SETSIZE ) && !defined( HAVE_WINSOCK )
if ( s >= FD_SETSIZE ) {
rc = AC_SOCKET_ERROR;
tcp_close( s );
ldap_pvt_set_errno( EMFILE );
return rc;
}
#endif
if ( tvp != NULL ) {
tv = *tvp;
}
do {
FD_ZERO(&wfds);
FD_SET(s, &wfds );
#ifdef HAVE_WINSOCK
FD_ZERO(&efds);
FD_SET(s, &efds );
#endif
rc = select( ldap_int_tblsize, z, &wfds,
int rc, i;
ber_socket_t s = AC_SOCKET_INVALID;
int connected, use_hp;
struct sockaddr_in sin;
struct hostent *hp = NULL;
#ifdef notyet
ioctl_t status; /* for ioctl call */
#endif /* notyet */
/* buffers for ldap_pvt_gethostbyname_a */
struct hostent he_buf;
int local_h_errno;
char *ha_buf=NULL;
#define DO_RETURN(x) if (ha_buf) LDAP_FREE(ha_buf); return (x);
Debug( LDAP_DEBUG_TRACE, "ldap_connect_to_host: %s:%d\n",
( host == NULL ) ? "(by address)" : host, (int) ntohs( (short) port ), 0 );
connected = use_hp = 0;
if ( host != NULL ) {
address = inet_addr( host );
/* This was just a test for -1 until OSF1 let inet_addr return
unsigned int, which is narrower than 'unsigned long address' */
if ( address == 0xffffffff || address == (unsigned long) -1 ) {
if ( ( ldap_pvt_gethostbyname_a( host, &he_buf, &ha_buf,
&hp, &local_h_errno) < 0) || (hp==NULL))
{
#ifdef HAVE_WINSOCK
&efds,
errno = WSAGetLastError();
#else
z,
errno = EHOSTUNREACH; /* not exactly right, but... */
#endif
tvp ? &tv : NULL );
} while ( rc == AC_SOCKET_ERROR && errno == EINTR &&
LDAP_BOOL_GET( &ld->ld_options, LDAP_BOOL_RESTART ) );
if ( rc == AC_SOCKET_ERROR ) {
return rc;
}
if ( rc == 0 && tvp && tvp->tv_sec == 0 && tvp->tv_usec == 0 ) {
return -2;
DO_RETURN( -1 );
}
#ifdef HAVE_WINSOCK
/* This means the connection failed */
if ( FD_ISSET(s, &efds) ) {
int so_errno;
ber_socklen_t dummy = sizeof(so_errno);
if ( getsockopt( s, SOL_SOCKET, SO_ERROR,
(char *) &so_errno, &dummy ) == AC_SOCKET_ERROR || !so_errno )
{
/* impossible */
so_errno = WSAGetLastError();
}
ldap_pvt_set_errno( so_errno );
osip_debug(ld, "ldap_int_poll: error on socket %d: "
"errno: %d (%s)\n", s, errno, sock_errstr( errno ));
return -1;
}
#endif
if ( FD_ISSET(s, &wfds) ) {
#ifndef HAVE_WINSOCK
if ( ldap_pvt_is_socket_ready( ld, s ) == -1 ) {
return -1;
}
#endif
if ( ldap_pvt_ndelay_off(ld, s) == -1 ) {
return -1;
}
return 0;
}
}
#endif
osip_debug(ld, "ldap_int_poll: timed out\n",0,0,0);
ldap_pvt_set_errno( ETIMEDOUT );
return -1;
}
static int
ldap_pvt_connect(LDAP *ld, ber_socket_t s,
struct sockaddr *sin, ber_socklen_t addrlen,
int async)
{
int rc, err;
struct timeval tv, *opt_tv = NULL;
#ifdef LDAP_CONNECTIONLESS
/* We could do a connect() but that would interfere with
* attempts to poll a broadcast address
*/
if (LDAP_IS_UDP(ld)) {
if (ld->ld_options.ldo_peer)
ldap_memfree(ld->ld_options.ldo_peer);
ld->ld_options.ldo_peer=ldap_memalloc(sizeof(struct sockaddr));
AC_MEMCPY(ld->ld_options.ldo_peer,sin,sizeof(struct sockaddr));
return ( 0 );
}
#endif
if ( ld->ld_options.ldo_tm_net.tv_sec >= 0 ) {
tv = ld->ld_options.ldo_tm_net;
opt_tv = &tv;
}
osip_debug(ld, "ldap_pvt_connect: fd: %d tm: %ld async: %d\n",
s, opt_tv ? tv.tv_sec : -1L, async);
if ( opt_tv && ldap_pvt_ndelay_on(ld, s) == -1 )
return ( -1 );
if ( connect(s, sin, addrlen) != AC_SOCKET_ERROR ) {
if ( opt_tv && ldap_pvt_ndelay_off(ld, s) == -1 )
return ( -1 );
return ( 0 );
}
err = sock_errno();
if ( err != EINPROGRESS && err != EWOULDBLOCK ) {
return ( -1 );
}
if ( async ) {
/* caller will call ldap_int_poll() as appropriate? */
return ( -2 );
}
rc = ldap_int_poll( ld, s, opt_tv );
osip_debug(ld, "ldap_pvt_connect: %d\n", rc, 0, 0);
return rc;
}
#ifndef HAVE_INET_ATON
int
ldap_pvt_inet_aton( const char *host, struct in_addr *in)
{
unsigned long u = inet_addr( host );
#ifdef INADDR_NONE
if ( u == INADDR_NONE ) return 0;
#endif
if ( u == 0xffffffffUL || u == (unsigned long) -1L ) return 0;
in->s_addr = u;
return 1;
}
#endif
int
ldap_connect_to_host(LDAP *ld, Sockbuf *sb,
int proto,
const char *host, int port,
int async )
{
int rc;
int socktype;
ber_socket_t s = AC_SOCKET_INVALID;
#if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
char serv[7];
int err;
struct addrinfo hints, *res, *sai;
#else
int i;
int use_hp = 0;
struct hostent *hp = NULL;
struct hostent he_buf;
struct in_addr in;
char *ha_buf=NULL;
#endif
if( host == NULL ) host = "localhost";
switch(proto) {
case LDAP_PROTO_TCP: socktype = SOCK_STREAM;
osip_debug( ld,
"ldap_connect_to_host: TCP %s:%d\n",
host, port, 0);
break;
case LDAP_PROTO_UDP: socktype = SOCK_DGRAM;
osip_debug( ld,
"ldap_connect_to_host: UDP %s:%d\n",
host, port, 0);
break;
default:
osip_debug( ld, "ldap_connect_to_host: unknown proto: %d\n",
proto, 0, 0 );
return -1;
use_hp = 1;
}
}
#if defined( HAVE_GETADDRINFO ) && defined( HAVE_INET_NTOP )
memset( &hints, '\0', sizeof(hints) );
#ifdef USE_AI_ATTRCONFIG /* FIXME: configure test needed */
/* Use AI_ATTRCONFIG only on systems where its known to be needed. */
hints.ai_flags = AI_ATTRCONFIG;
#endif
hints.ai_family = ldap_int_inet4or6;
hints.ai_socktype = socktype;
snprintf(serv, sizeof serv, "%d", port );
#ifdef LDAP_R_COMPILE
/* most getaddrinfo(3) use non-threadsafe resolver libraries */
ldap_pvt_thread_mutex_lock(&ldap_int_resolv_mutex);
#endif
err = getaddrinfo( host, serv, &hints, &res );
#ifdef LDAP_R_COMPILE
ldap_pvt_thread_mutex_unlock(&ldap_int_resolv_mutex);
#endif
if ( err != 0 ) {
osip_debug(ld, "ldap_connect_to_host: getaddrinfo failed: %s\n",
AC_GAI_STRERROR(err), 0, 0);
return -1;
}
rc = -1;
for( sai=res; sai != NULL; sai=sai->ai_next) {
if( sai->ai_addr == NULL ) {
osip_debug(ld, "ldap_connect_to_host: getaddrinfo "
"ai_addr is NULL?\n", 0, 0, 0);
continue;
}
/* we assume AF_x and PF_x are equal for all x */
s = ldap_int_socket( ld, sai->ai_family, socktype );
if ( s == AC_SOCKET_INVALID ) {
continue;
}
if ( ldap_int_prepare_socket(ld, s, proto ) == -1 ) {
ldap_pvt_close_socket(ld, s);
break;
}
switch (sai->ai_family) {
#ifdef LDAP_PF_INET6
case AF_INET6: {
char addr[INET6_ADDRSTRLEN];
inet_ntop( AF_INET6,
&((struct sockaddr_in6 *)sai->ai_addr)->sin6_addr,
addr, sizeof addr);
osip_debug(ld, "ldap_connect_to_host: Trying %s %s\n",
addr, serv, 0);
} break;
#endif
case AF_INET: {
char addr[INET_ADDRSTRLEN];
inet_ntop( AF_INET,
&((struct sockaddr_in *)sai->ai_addr)->sin_addr,
addr, sizeof addr);
osip_debug(ld, "ldap_connect_to_host: Trying %s:%s\n",
addr, serv, 0);
} break;
}
rc = ldap_pvt_connect( ld, s,
sai->ai_addr, sai->ai_addrlen, async );
if ( rc == 0 || rc == -2 ) {
ber_sockbuf_ctrl( sb, LBER_SB_OPT_SET_FD, &s );
for ( i = 0; !use_hp || ( hp->h_addr_list[ i ] != 0 ); i++ ) {
if (( s = socket( AF_INET, SOCK_STREAM, 0 )) < 0 ) {
DO_RETURN( -1 );
}
#ifdef notyet
status = 1;
if ( async && ioctl( s, FIONBIO, (caddr_t)&status ) == -1 ) {
Debug( LDAP_DEBUG_ANY, "FIONBIO ioctl failed on %d\n",
s, 0, 0 );
}
#endif /* notyet */
(void)memset( (char *)&sin, 0, sizeof( struct sockaddr_in ));
sin.sin_family = AF_INET;
sin.sin_port = port;
SAFEMEMCPY( (char *) &sin.sin_addr.s_addr,
( use_hp ? (char *) hp->h_addr_list[ i ] :
(char *) &address ), sizeof( sin.sin_addr.s_addr) );
if ( connect( s, (struct sockaddr *)&sin,
sizeof( struct sockaddr_in )) >= 0 ) {
connected = 1;
rc = 0;
break;
}
ldap_pvt_close_socket(ld, s);
}
freeaddrinfo(res);
#else
if (! inet_aton( host, &in ) ) {
int local_h_errno;
rc = ldap_pvt_gethostbyname_a( host, &he_buf, &ha_buf,
&hp, &local_h_errno );
if ( (rc < 0) || (hp == NULL) ) {
} else {
#ifdef HAVE_WINSOCK
ldap_pvt_set_errno( WSAGetLastError() );
#else
/* not exactly right, but... */
ldap_pvt_set_errno( EHOSTUNREACH );
errno = WSAGetLastError();
#endif
#ifdef notyet
#ifdef EAGAIN
if ( errno == EINPROGRESS || errno == EAGAIN ) {
#else /* EAGAIN */
if ( errno == EINPROGRESS ) {
#endif /* EAGAIN */
Debug( LDAP_DEBUG_TRACE,
"connect would block...\n", 0, 0, 0 );
rc = -2;
break;
}
#endif /* notyet */
#ifdef LDAP_DEBUG
if ( ldap_debug & LDAP_DEBUG_TRACE ) {
perror( (char *)inet_ntoa( sin.sin_addr ));
}
#endif
if (ha_buf) LDAP_FREE(ha_buf);
return -1;
tcp_close( s );
if ( !use_hp ) {
break;