ITS#4893 fix prev commit

libraries/liblber/sockbuf.c

@@ -726,8 +726,8 @@ sb_fd_read( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len )
 		AC_MEMCPY( buf, sbiod->sbiod_sb->sb_ungetbuf, blen );
 		buf += blen;
 		len -= blen;
-		if ( blen < sbiod->sbiod_sb->sb_ungetlen ) {
-			sbiod->sbiod_sb->sb_ungetlen -= blen;
+		sbiod->sbiod_sb->sb_ungetlen -= blen;
+		if ( sbiod->sbiod_sb->sb_ungetlen ) {
 			AC_MEMCPY( sbiod->sbiod_sb->sb_ungetbuf,
 				sbiod->sbiod_sb->sb_ungetbuf+blen,
 				sbiod->sbiod_sb->sb_ungetlen );

libraries/liblutil/getpeereid.c

@@ -21,6 +21,13 @@
 #include <sys/types.h>
 #include <ac/unistd.h>
 
+#include <ac/socket.h>
+#include <ac/errno.h>
+
+#ifdef HAVE_GETPEERUCRED
+#include <ucred.h>
+#endif
+
 #ifdef LDAP_PF_LOCAL_SENDMSG
 #include <lber.h>
 #ifdef HAVE_SYS_UIO_H
@@ -29,13 +36,6 @@
 #include <sys/stat.h>
 #endif
 
-#include <ac/socket.h>
-#include <ac/errno.h>
-
-#ifdef HAVE_GETPEERUCRED
-#include <ucred.h>
-#endif
-
 #ifdef HAVE_SYS_UCRED_H
 #ifdef HAVE_GRP_H
 #include <grp.h>	/* for NGROUPS on Tru64 5.1 */
@@ -151,8 +151,8 @@ int lutil_getpeereid( int s, uid_t *euid, gid_t *egid
 			*egid = st.st_gid;
 			return 0;
 		}
-	} else if ( peer->bv_len < 0 ) {
-		peer->bv_len = 0;
+	} else if ( peerbv->bv_len < 0 ) {
+		peerbv->bv_len = 0;
 	}
 #elif defined(SOCKCREDSIZE)
 	struct msghdr msg;

servers/slapd/connection.c

@@ -366,7 +366,11 @@ Connection * connection_init(
 	const char* peername,
 	int flags,
 	slap_ssf_t ssf,
-	struct berval *authid )
+	struct berval *authid
+#ifdef LDAP_PF_LOCAL_SENDMSG
+	, struct berval *peerbv
+#endif
+)
 {
 	unsigned long id;
 	Connection *c;
@@ -379,7 +383,7 @@ Connection * connection_init(
 	assert( peername != NULL );
 
 #ifndef HAVE_TLS
-	assert( flags != CONN_IS_TLS );
+	assert( !( flags & CONN_IS_TLS ));
 #endif
 
 	if( s == AC_SOCKET_INVALID ) {
@@ -525,7 +529,7 @@ Connection * connection_init(
 
 	c->c_listener = listener;
 
-	if ( flags == CONN_IS_CLIENT ) {
+	if ( flags & CONN_IS_CLIENT ) {
 		c->c_connid = 0;
 		c->c_conn_state = SLAP_C_CLIENT;
 		c->c_struct_state = SLAP_C_USED;
@@ -560,7 +564,7 @@ Connection * connection_init(
 
 #ifdef LDAP_CONNECTIONLESS
 	c->c_is_udp = 0;
-	if( flags == CONN_IS_UDP ) {
+	if( flags & CONN_IS_UDP ) {
 		c->c_is_udp = 1;
 #ifdef LDAP_DEBUG
 		ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_debug,
@@ -571,7 +575,21 @@ Connection * connection_init(
 		ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_readahead,
 			LBER_SBIOD_LEVEL_PROVIDER, NULL );
 	} else
+#endif /* LDAP_CONNECTIONLESS */
+#ifdef LDAP_PF_LOCAL
+	if ( flags & CONN_IS_IPC ) {
+#ifdef LDAP_DEBUG
+		ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_debug,
+			LBER_SBIOD_LEVEL_PROVIDER, (void*)"ipc_" );
 #endif
+		ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_fd,
+			LBER_SBIOD_LEVEL_PROVIDER, (void *)&s );
+#ifdef LDAP_PF_LOCAL_SENDMSG
+		if ( !BER_BVISEMPTY( peerbv ))
+			ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_UNGET_BUF, peerbv );
+#endif
+	} else
+#endif /* LDAP_PF_LOCAL */
 	{
 #ifdef LDAP_DEBUG
 		ber_sockbuf_add_io( c->c_sb, &ber_sockbuf_io_debug,
@@ -606,7 +624,7 @@ Connection * connection_init(
 	c->c_tls_ssf = 0;
 
 #ifdef HAVE_TLS
-	if ( flags == CONN_IS_TLS ) {
+	if ( flags & CONN_IS_TLS ) {
 		c->c_is_tls = 1;
 		c->c_needs_tls_accept = 1;
 	} else {
@@ -1189,7 +1207,11 @@ int connection_client_setup(
 	Connection *c;
 
 	c = connection_init( s, (Listener *)&dummy_list, "", "",
-		CONN_IS_CLIENT, 0, NULL );
+		CONN_IS_CLIENT, 0, NULL
+#ifdef LDAP_PF_LOCAL_SENDMSG
+		, NULL
+#endif
+		);
 	if ( !c ) return -1;
 
 	c->c_clientfunc = func;

servers/slapd/daemon.c

@@ -1592,6 +1592,7 @@ slap_listener(
 #else /* ! LDAP_PF_LOCAL && ! LDAP_PF_INET6 */
 	char peername[sizeof("IP=255.255.255.255:65336")];
 #endif /* LDAP_PF_LOCAL */
+	int cflag;
 
 	Debug( LDAP_DEBUG_TRACE,
 		">>> slap_listener(%s)\n",
@@ -1704,9 +1705,12 @@ slap_listener(
 		"daemon: listen=%ld, new connection on %ld\n",
 		(long) sl->sl_sd, (long) s, 0 );
 
+	cflag = 0;
 	switch ( from.sa_addr.sa_family ) {
 #  ifdef LDAP_PF_LOCAL
 	case AF_LOCAL:
+		cflag |= CONN_IS_IPC;
+
 		/* FIXME: apparently accept doesn't fill
 		 * the sun_path sun_path member */
 		if ( from.sa_un_addr.sun_path[0] == '\0' ) {
@@ -1818,16 +1822,17 @@ slap_listener(
 #endif /* HAVE_TCPD */
 	}
 
+#ifdef HAVE_TLS
+	if ( sl->sl_is_tls ) cflag |= CONN_IS_TLS;
+#endif
 	c = connection_init(s, sl,
 		dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
-		peername,
-#ifdef HAVE_TLS
-		sl->sl_is_tls ? CONN_IS_TLS : 0,
-#else /* ! HAVE_TLS */
-		0,
-#endif /* ! HAVE_TLS */
-		ssf,
-		authid.bv_val ? &authid : NULL );
+		peername, cflag, ssf,
+		authid.bv_val ? &authid : NULL
+#ifdef LDAP_PF_LOCAL_SENDMSG
+		, &peerbv
+#endif
+	);
 
 	if( authid.bv_val ) ch_free(authid.bv_val);
 
@@ -1839,11 +1844,6 @@ slap_listener(
 		return 0;
 	}
 
-#ifdef LDAP_PF_LOCAL_SENDMSG
-	if ( !BER_BVISEMPTY( &peerbv ))
-		ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_UNGET_BUF, &peerbv );
-#endif
-
 	Statslog( LDAP_DEBUG_STATS,
 		"conn=%ld fd=%ld ACCEPT from %s (%s)\n",
 		c->c_connid, (long) s, peername, sl->sl_name.bv_val,
@@ -2537,7 +2537,11 @@ connectionless_init( void )
 		}
 
 		c = connection_init( lr->sl_sd, lr, "", "",
-			CONN_IS_UDP, (slap_ssf_t) 0, NULL );
+			CONN_IS_UDP, (slap_ssf_t) 0, NULL
+#ifdef LDAP_PF_LOCAL_SENDMSG
+			, NULL
+#endif
+			);
 
 		if ( !c ) {
 			Debug( LDAP_DEBUG_TRACE,

servers/slapd/proto-slap.h

@@ -693,7 +693,11 @@ LDAP_SLAPD_F (Connection *) connection_init LDAP_P((
 	const char* peername,
 	int use_tls,
 	slap_ssf_t ssf,
-	struct berval *id ));
+	struct berval *id
+#ifdef LDAP_PF_LOCAL_SENDMSG
+	, struct berval *peerbv
+#endif
+	));
 
 LDAP_SLAPD_F (void) connection_closing LDAP_P((
 	Connection *c, const char *why ));

servers/slapd/slap.h

@@ -2682,7 +2682,8 @@ struct Connection {
 
 #define	CONN_IS_TLS	1
 #define	CONN_IS_UDP	2
-#define	CONN_IS_CLIENT	3
+#define	CONN_IS_CLIENT	4
+#define	CONN_IS_IPC	8
 
 #ifdef LDAP_CONNECTIONLESS
 	int	c_is_udp;		/* true if this is (C)LDAP over UDP */