Commit acc82de2 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Revert data ready loop fix

fixup gethostby problems
misc sasl fixes
parent 16e0ea8d
......@@ -1221,8 +1221,8 @@ int connection_read(ber_socket_t s)
}
#endif
/* #define CONNECTION_INPUT_LOOP 1 */
#define DATA_READY_LOOP 1
#define CONNECTION_INPUT_LOOP 1
/* #define DATA_READY_LOOP 1 */
do
{
......
......@@ -1383,6 +1383,9 @@ slapd_daemon_task(
long id;
slap_ssf_t ssf = 0;
char *authid = NULL;
#ifdef SLAPD_RLOOKUPS
char *hebuf = NULL;
#endif
char *dnsname = NULL;
char *peeraddr = NULL;
......@@ -1601,23 +1604,21 @@ slapd_daemon_task(
if ( use_reverse_lookup ) {
struct hostent he;
int herr;
char *ha = NULL;
hp = NULL;
struct hostent *hp = NULL;
# ifdef LDAP_PF_INET6
if ( from.sa_addr.sa_family == AF_INET6 )
ldap_pvt_gethostbyaddr_a(
(char *)&(from.sa_in6_addr.sin6_addr),
sizeof(from.sa_in6_addr.sin6_addr),
AF_INET6, &he, &ha,
AF_INET6, &he, &hebuf,
&hp, &herr );
else
# endif /* LDAP_PF_INET6 */
ldap_pvt_gethostbyaddr_a(
(char *) &(from.sa_in_addr.sin_addr),
sizeof(from.sa_in_addr.sin_addr),
AF_INET, &he, &ha, &hp, &herr );
AF_INET, &he, &hebuf, &hp, &herr );
dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
if (ha) ldap_memfree( ha );
}
#else
dnsname = NULL;
......@@ -1631,7 +1632,7 @@ slapd_daemon_task(
{
/* DENY ACCESS */
Statslog( LDAP_DEBUG_STATS,
"fd=%ld host access from %s (%s) denied.\n",
"fd=%ld DENIED from %s (%s)",
(long) s,
dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN,
......@@ -1655,6 +1656,9 @@ slapd_daemon_task(
authid );
if( authid ) ch_free(authid);
#ifdef SLAPD_RLOOKUPS
if( hebuf ) ldap_memfree(hebuf);
#endif
if( id < 0 ) {
#ifdef NEW_LOGGING
......@@ -1677,8 +1681,8 @@ slapd_daemon_task(
}
Statslog( LDAP_DEBUG_STATS,
"daemon: conn=%ld fd=%ld connection from %s "
"(%s) accepted.\n",
"conn=%ld fd=%ld ACCEPT from %s "
"(%s)\n",
id, (long) s,
peername,
slap_listeners[l]->sl_name.bv_val,
......
......@@ -922,7 +922,7 @@ slap_sasl_authorize(
/* Nothing to do if no authzID was given */
if ( !auxvals[1].name || !auxvals[1].values ) {
conn->c_sasl_dn = authcDN;
return SASL_OK;
goto ok;
}
AC_MEMCPY( &authzDN, auxvals[1].values[0], sizeof(authzDN) );
......@@ -946,6 +946,13 @@ slap_sasl_authorize(
}
conn->c_sasl_dn = authzDN;
ok:
if (conn->c_sasl_bindop) {
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu BIND authcid=\"%s\"\n",
conn->c_connid, conn->c_sasl_bindop->o_opid,
auth_identity, 0, 0);
}
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,
......@@ -1024,8 +1031,7 @@ slap_sasl_authorize(
#endif
conn->c_sasl_dn = authcDN;
*errstr = NULL;
return SASL_OK;
goto ok;
}
rc = slap_sasl_getdn( conn, (char *)authzid, 0, realm, &authzDN, FLAG_GETDN_AUTHZID );
if( rc != LDAP_SUCCESS ) {
......@@ -1051,7 +1057,9 @@ slap_sasl_authorize(
ch_free( authzDN.bv_val );
return SASL_NOAUTHZ;
}
conn->c_sasl_dn = authzDN;
ok:
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, RESULTS,
"slap_sasl_authorize: conn %d authorization allowed\n",
......@@ -1062,7 +1070,13 @@ slap_sasl_authorize(
(long) (conn ? conn->c_connid : -1), 0, 0 );
#endif
conn->c_sasl_dn = authzDN;
if (conn->c_sasl_bindop) {
Statslog( LDAP_DEBUG_STATS,
"conn=%lu op=%lu BIND authcid=\"%s\"\n",
conn->c_connid, conn->c_sasl_bindop->o_opid,
auth_identity, 0, 0);
}
*errstr = NULL;
return SASL_OK;
}
......
......@@ -414,6 +414,7 @@ void slap_sasl2dn( Connection *conn,
}
rc = slap_parseURI( &regout, &dn, &scope, &filter );
if( regout.bv_val ) ch_free( regout.bv_val );
if( rc != LDAP_SUCCESS ) {
goto FINISHED;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment