Commit 58549325 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Numerous minor fixes from HEAD, see CHANGES

parent 1e0f8c42
......@@ -2,9 +2,13 @@ OpenLDAP 2.1 Change Log
OpenLDAP 2.1.15 Engineering
Fixed slapd saslauthz null backend crash
Fixed liblutil getpeereid replacement function
Fixed liblber 64bit len/tag bug
Fixed libldap IPv6 SASL host bug (ITS#2347)
Fixed liblber 64bit len/tag bug (ITS#2344)
Fixed liblutil getpeereid replacement function (ITS#2333)
Fixed slapd illegal schema crash (ITS#2342)
Updated slaptools default backend (ITS#2343)
Updated liblber ber_get_stringbv handling
Removed lint
Build Environment
Updated NT build environment w/ slurpd support
Updated test suite
......
......@@ -998,7 +998,7 @@ fi
dnl ----------------------------------------------------------------
dnl PF_INET6 support requires getaddrinfo and INET6_ADDRSTRLEN
dnl PF_LOCAL may use getaddrinfo in available
AC_CHECK_FUNCS( getaddrinfo gai_strerror inet_ntop )
AC_CHECK_FUNCS( getaddrinfo getnameinfo gai_strerror inet_ntop )
ol_link_ipv6=no
if test $ac_cv_func_getaddrinfo = no -o $ac_cv_func_inet_ntop = no ; then
......@@ -1095,7 +1095,7 @@ if test $ol_with_kerberos = yes -o $ol_with_kerberos = auto \
else
have_krb5=no
AC_MSG_WARN([Unrecongized Kerberos5 Implementation])
AC_MSG_WARN([Unrecognized Kerberos5 Implementation])
fi
if test $have_krb5 = yes ; then
......
......@@ -205,4 +205,9 @@ LDAP_F (int) ldap_pvt_inet_aton LDAP_P(( const char *, struct in_addr * ));
LDAP_LUTIL_F( int ) getpeereid( int s, uid_t *, gid_t * );
#endif
/* DNS RFC defines max host name as 255. New systems seem to use 1024 */
#ifndef NI_MAXHOST
#define NI_MAXHOST 256
#endif
#endif /* _AC_SOCKET_H_ */
......@@ -1616,5 +1616,34 @@ ldap_whoami_s LDAP_P((
LDAPControl **sctrls,
LDAPControl **cctrls ));
/*
* in passwd.c
*/
LDAP_F( int )
ldap_parse_passwd LDAP_P((
LDAP *ld,
LDAPMessage *res,
struct berval *newpasswd ));
LDAP_F( int )
ldap_passwd LDAP_P(( LDAP *ld,
struct berval *user,
struct berval *oldpw,
struct berval *newpw,
LDAPControl **sctrls,
LDAPControl **cctrls,
int *msgidp ));
LDAP_F( int )
ldap_passwd_s LDAP_P((
LDAP *ld,
struct berval *user,
struct berval *oldpw,
struct berval *newpw,
struct berval *newpasswd,
LDAPControl **sctrls,
LDAPControl **cctrls ));
LDAP_END_DECL
#endif /* _LDAP_H */
......@@ -66,6 +66,16 @@ ldap_pvt_gethostbyaddr_a LDAP_P((
struct hostent **result,
int *herrno_ptr ));
struct sockaddr;
LDAP_F( int )
ldap_pvt_get_hname LDAP_P((
const struct sockaddr * sa,
int salen,
char *name,
int namelen,
char **herr ));
/* charray.c */
......
......@@ -512,7 +512,7 @@ ber_get_next(
while (ber->ber_rwptr > (char *)&ber->ber_tag && ber->ber_rwptr <
(char *)&ber->ber_len + LENSIZE*2) {
ber_slen_t sblen;
char buf[LENSIZE-1];
char buf[sizeof(ber->ber_len)-1];
ber_len_t tlen = 0;
sblen=ber_int_sb_read( sb, ber->ber_rwptr,
......@@ -574,11 +574,11 @@ ber_get_next(
}
/* Are there leftover data bytes inside ber->ber_len? */
if (ber->ber_ptr < (char *)&ber->ber_len+LENSIZE) {
if (ber->ber_rwptr < (char *)&ber->ber_len+LENSIZE)
if (ber->ber_ptr < (char *)&ber->ber_usertag) {
if (ber->ber_rwptr < (char *)&ber->ber_usertag)
sblen = ber->ber_rwptr - ber->ber_ptr;
else
sblen = ((char *)&ber->ber_len+LENSIZE) - ber->ber_ptr;
sblen = (char *)&ber->ber_usertag - ber->ber_ptr;
AC_MEMCPY(buf, ber->ber_ptr, sblen);
ber->ber_ptr += sblen;
} else {
......
......@@ -499,7 +499,6 @@ ldap_connect_to_host(LDAP *ld, Sockbuf *sb,
char *
ldap_host_connected_to( Sockbuf *sb )
{
struct hostent *hp;
socklen_t len;
#ifdef LDAP_PF_INET6
struct sockaddr_storage sabuf;
......@@ -507,13 +506,9 @@ ldap_host_connected_to( Sockbuf *sb )
struct sockaddr sabuf;
#endif
struct sockaddr *sa = (struct sockaddr *) &sabuf;
char *addr;
char *host;
/* buffers for gethostbyaddr_r */
struct hostent he_buf;
int local_h_errno;
char *ha_buf=NULL;
char *host = NULL, *herr;
char hbuf[NI_MAXHOST];
int rc;
ber_socket_t sd;
(void)memset( (char *)sa, '\0', sizeof sabuf );
......@@ -537,31 +532,32 @@ ldap_host_connected_to( Sockbuf *sb )
#endif
#ifdef LDAP_PF_INET6
case AF_INET6:
addr = (char *) &((struct sockaddr_in6 *)sa)->sin6_addr;
len = sizeof( struct in6_addr );
{
struct in6_addr localhost = IN6ADDR_LOOPBACK_INIT;
if( memcmp ( &((struct sockaddr_in6 *)sa)->sin6_addr,
&localhost, sizeof(localhost)) == 0 )
{
return LDAP_STRDUP( ldap_int_hostname );
}
}
break;
#endif
case AF_INET:
addr = (char *) &((struct sockaddr_in *)sa)->sin_addr;
len = sizeof( struct in_addr );
{
struct sockaddr_in localhost;
localhost.sin_addr.s_addr = htonl( INADDR_ANY );
struct in_addr localhost;
localhost.s_addr = htonl( INADDR_ANY );
if( memcmp ( &localhost.sin_addr,
&((struct sockaddr_in *)sa)->sin_addr,
sizeof(localhost.sin_addr) ) == 0 )
if( memcmp ( &((struct sockaddr_in *)sa)->sin_addr,
&localhost, sizeof(localhost) ) == 0 )
{
return LDAP_STRDUP( ldap_int_hostname );
}
#ifdef INADDR_LOOPBACK
localhost.sin_addr.s_addr = htonl( INADDR_LOOPBACK );
localhost.s_addr = htonl( INADDR_LOOPBACK );
if( memcmp ( &localhost.sin_addr,
&((struct sockaddr_in *)sa)->sin_addr,
sizeof(localhost.sin_addr) ) == 0 )
if( memcmp ( &((struct sockaddr_in *)sa)->sin_addr,
&localhost, sizeof(localhost) ) == 0 )
{
return LDAP_STRDUP( ldap_int_hostname );
}
......@@ -574,15 +570,13 @@ ldap_host_connected_to( Sockbuf *sb )
break;
}
host = NULL;
if ((ldap_pvt_gethostbyaddr_a( addr, len, sa->sa_family,
&he_buf, &ha_buf, &hp, &local_h_errno ) == 0 ) &&
(hp != NULL) && ( hp->h_name != NULL ) )
hbuf[0] = 0;
if (ldap_pvt_get_hname( sa, len, hbuf, sizeof(hbuf), &herr ) == 0 &&
hbuf[0] )
{
host = LDAP_STRDUP( hp->h_name );
host = LDAP_STRDUP( hbuf );
}
LDAP_FREE( ha_buf );
return host;
}
#endif
......
......@@ -139,6 +139,8 @@ ldap_pvt_is_socket_ready(LDAP *ld, int s)
!defined(SO_PEERCRED) && !defined(LOCAL_PEERCRED) && \
defined(HAVE_SENDMSG) && defined(HAVE_MSGHDR_MSG_ACCRIGHTS)
#define DO_SENDMSG
static const char abandonPDU[] = {LDAP_TAG_MESSAGE, 6,
LDAP_TAG_MSGID, 1, 0, LDAP_REQ_ABANDON, 1, 0};
#endif
static int
......@@ -172,12 +174,10 @@ ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async)
sendcred:
{
int fds[2];
/* Abandon, noop, has no reply */
char txt[] = {LDAP_TAG_MESSAGE, 6,
LDAP_TAG_MSGID, 1, 0, LDAP_REQ_ABANDON, 1, 0};
struct iovec iov = {txt, sizeof(txt)};
struct msghdr msg = {0};
if (pipe(fds) == 0) {
/* Abandon, noop, has no reply */
struct iovec iov = {abandonPDU, sizeof(abandonPDU)};
struct msghdr msg = {0};
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_accrights = (char *)fds;
......
......@@ -178,7 +178,125 @@ int ldap_pvt_gethostbyname_a(
return -1;
#endif
}
#ifndef GETNAMEINFO
static const char *
hp_strerror( int err )
{
switch (err) {
case HOST_NOT_FOUND: return "Host not found (authoritative)";
case TRY_AGAIN: return "Host not found (server fail?)";
case NO_RECOVERY: return "Non-recoverable failure";
case NO_DATA: return "No data of requested type";
#ifdef NETDB_INTERNAL
case NETDB_INTERNAL: return STRERROR( errno );
#endif
default: break;
}
return "Unknown resolver error";
}
#endif
int ldap_pvt_get_hname(
const struct sockaddr *sa,
int len,
char *name,
int namelen,
char **err )
{
int rc;
#if defined( HAVE_GETNAMEINFO )
#if defined( LDAP_R_COMPILE )
ldap_pvt_thread_mutex_lock( &ldap_int_resolv_mutex );
#endif
rc = getnameinfo( sa, len, name, namelen, NULL, 0, 0 );
#if defined( LDAP_R_COMPILE )
ldap_pvt_thread_mutex_unlock( &ldap_int_resolv_mutex );
#endif
if ( rc ) *err = AC_GAI_STRERROR( rc );
return rc;
#else /* !HAVE_GETNAMEINFO */
char *addr;
int alen;
struct hostent *hp = NULL;
#ifdef HAVE_GETHOSTBYADDR_R
struct hostent hb;
int buflen=BUFSTART, h_errno;
char *buf=NULL;
#endif
#ifdef LDAP_PF_INET6
if (sa->sa_family == AF_INET6) {
struct sockaddr_in6 *sin = (struct sockaddr_in6 *)sa;
addr = (char *)&sin->sin6_addr;
alen = sizeof(sin->sin6_addr);
} else
#endif
if (sa->sa_family == AF_INET) {
struct sockaddr_in *sin = (struct sockaddr_in *)sa;
addr = (char *)&sin->sin_addr;
alen = sizeof(sin->sin_addr);
} else {
rc = NO_RECOVERY;
*err = (char *)hp_strerror( rc );
return rc;
}
#if defined( HAVE_GETHOSTBYADDR_R )
for(;buflen<BUFMAX;) {
if (safe_realloc( &buf, buflen )==NULL) {
*err = (char *)STRERROR( ENOMEM );
return ENOMEM;
}
#if (GETHOSTBYADDR_R_NARGS < 8)
hp=gethostbyaddr_r( addr, alen, sa->sa_family,
&hb, buf, buflen, &h_errno );
rc = (hp == NULL) ? -1 : 0;
#else
rc = gethostbyaddr_r( addr, alen, sa->sa_family,
&hb, buf, buflen,
&hp, &h_errno );
#endif
#ifdef NETDB_INTERNAL
if ((rc<0) &&
(h_errno==NETDB_INTERNAL) &&
(errno==ERANGE))
{
buflen*=2;
continue;
}
#endif
break;
}
if (hp) {
strncpy( name, hp->h_name, namelen );
} else {
*err = (char *)hp_strerror( h_errno );
}
LDAP_FREE(buf);
#else /* HAVE_GETHOSTBYADDR_R */
#if defined( LDAP_R_COMPILE )
ldap_pvt_thread_mutex_lock( &ldap_int_resolv_mutex );
#endif
hp = gethostbyaddr( addr, alen, sa->sa_family );
if (hp) {
strncpy( name, hp->h_name, namelen );
rc = 0;
} else {
rc = h_errno;
*err = (char *)hp_strerror( h_errno );
}
#if defined( LDAP_R_COMPILE )
ldap_pvt_thread_mutex_unlock( &ldap_int_resolv_mutex );
#endif
#endif /* !HAVE_GETHOSTBYADDR_R */
return rc;
#endif /* !HAVE_GETNAMEINFO */
}
int ldap_pvt_gethostbyaddr_a(
const char *addr,
int len,
......
......@@ -58,9 +58,12 @@ int getpeereid( int s, uid_t *euid, gid_t *egid )
}
#elif defined( DO_SENDMSG )
int dummy, fd[2];
struct iovec iov = {(char *)&dummy, 1};
struct iovec iov;
struct msghdr msg = {0};
struct stat st;
iov.iov_base = (char*) &dummy;
iov.iov_len = 1;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
msg.msg_accrights = (char *)fd;
......
......@@ -154,7 +154,8 @@ bdb_db_config(
fname, lineno );
return( 1 );
}
bdb->bi_idl_cache_max_size = atoi( argv[1] );
if ( !( slapMode & SLAP_TOOL_MODE ) )
bdb->bi_idl_cache_max_size = atoi( argv[1] );
#endif
/* anything else */
......
......@@ -73,6 +73,7 @@
#include "slap.h"
#include "../back-ldap/back-ldap.h"
#undef ldap_debug /* silence a warning in ldap-int.h */
#include "../../../libraries/libldap/ldap-int.h"
#include "back-meta.h"
......
......@@ -103,7 +103,7 @@ monitor_subsys_database_init(
be = &backendDB[i];
/* Subordinates are not exposed as their own naming context */
if ( be->be_flags & SLAP_BFLAG_GLUE_SUBORDINATE ) {
if ( SLAP_GLUE_SUBORDINATE( be ) ) {
continue;
}
......
......@@ -536,7 +536,7 @@ select_backend(
for ( j = 0; backends[i].be_nsuffix != NULL &&
backends[i].be_nsuffix[j].bv_val != NULL; j++ )
{
if (( backends[i].be_flags & SLAP_BFLAG_GLUE_SUBORDINATE )
if ( ( SLAP_GLUE_SUBORDINATE( &backends[i] ) )
&& noSubs )
{
continue;
......
......@@ -610,7 +610,7 @@ glue_sub_init( )
* backends and connect them to their superior.
*/
for (i = nBackendDB - 1, b1=&backendDB[i]; cont && i>=0; b1--,i--) {
if (b1->be_flags & SLAP_BFLAG_GLUE_SUBORDINATE) {
if (SLAP_GLUE_SUBORDINATE ( b1 ) ) {
/* The last database cannot be a subordinate of noone */
if (i == nBackendDB - 1) {
b1->be_flags ^= SLAP_BFLAG_GLUE_SUBORDINATE;
......@@ -619,11 +619,11 @@ glue_sub_init( )
}
gi = NULL;
for (j = i-1, be=&backendDB[j]; j>=0; be--,j--) {
if (!(be->be_flags & SLAP_BFLAG_GLUE_SUBORDINATE)) {
if ( ! SLAP_GLUE_SUBORDINATE( be ) ) {
continue;
}
/* We will only link it once */
if (be->be_flags & SLAP_BFLAG_GLUE_LINKED) {
if ( SLAP_GLUE_LINKED( be ) ) {
continue;
}
if (!dnIsSuffix(&be->be_nsuffix[0], &b1->be_nsuffix[0])) {
......
......@@ -1381,7 +1381,7 @@ slapd_daemon_task(
slap_ssf_t ssf = 0;
char *authid = NULL;
#ifdef SLAPD_RLOOKUPS
char *hebuf = NULL;
char hbuf[NI_MAXHOST];
#endif
char *dnsname = NULL;
......@@ -1612,23 +1612,12 @@ slapd_daemon_task(
) {
#ifdef SLAPD_RLOOKUPS
if ( use_reverse_lookup ) {
struct hostent he;
int herr;
struct hostent *hp = NULL;
# ifdef LDAP_PF_INET6
if ( from.sa_addr.sa_family == AF_INET6 )
ldap_pvt_gethostbyaddr_a(
(char *)&(from.sa_in6_addr.sin6_addr),
sizeof(from.sa_in6_addr.sin6_addr),
AF_INET6, &he, &hebuf,
&hp, &herr );
else
# endif /* LDAP_PF_INET6 */
ldap_pvt_gethostbyaddr_a(
(char *) &(from.sa_in_addr.sin_addr),
sizeof(from.sa_in_addr.sin_addr),
AF_INET, &he, &hebuf, &hp, &herr );
dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
char *herr;
if (ldap_pvt_get_hname( &from, len, hbuf,
sizeof(hbuf), &herr ) == 0) {
ldap_pvt_str2lower( hbuf );
dnsname = hbuf;
}
}
#else
dnsname = NULL;
......@@ -1666,9 +1655,6 @@ slapd_daemon_task(
authid );
if( authid ) ch_free(authid);
#ifdef SLAPD_RLOOKUPS
if( hebuf ) ldap_memfree(hebuf);
#endif
if( id < 0 ) {
#ifdef NEW_LOGGING
......
......@@ -270,7 +270,6 @@ do_modify(
}
#endif
}
#endif
if ( StatslogTest( LDAP_DEBUG_STATS ) ) {
char abuf[BUFSIZ/2], *ptr = abuf;
......@@ -298,6 +297,7 @@ do_modify(
op->o_connid, op->o_opid, abuf, 0, 0 );
}
}
#endif /* LDAP_DEBUG */
manageDSAit = get_manageDSAit( op );
......
......@@ -113,7 +113,7 @@ root_dse_info(
return LDAP_OTHER;
continue;
}
if ( backends[i].be_flags & SLAP_BFLAG_GLUE_SUBORDINATE ) {
if ( SLAP_GLUE_SUBORDINATE( &backends[i] ) ) {
continue;
}
for ( j = 0; backends[i].be_suffix[j].bv_val != NULL; j++ ) {
......
......@@ -1271,6 +1271,10 @@ struct slap_backend_db {
#define SLAP_BFLAG_DYNAMIC 0x2000U
slap_mask_t be_flags;
#define SLAP_LASTMOD(be) (!((be)->be_flags & SLAP_BFLAG_NOLASTMOD))
#define SLAP_GLUE_INSTANCE(be) ((be)->be_flags & SLAP_BFLAG_GLUE_INSTANCE)
#define SLAP_GLUE_SUBORDINATE(be) \
((be)->be_flags & SLAP_BFLAG_GLUE_SUBORDINATE)
#define SLAP_GLUE_LINKED(be) ((be)->be_flags & SLAP_BFLAG_GLUE_LINKED)
#define SLAP_ALIASES(be) ((be)->be_flags & SLAP_BFLAG_ALIASES)
#define SLAP_REFERRALS(be) ((be)->be_flags & SLAP_BFLAG_REFERRALS)
#define SLAP_SUBENTRIES(be) ((be)->be_flags & SLAP_BFLAG_SUBENTRIES)
......@@ -1969,14 +1973,6 @@ typedef struct slap_conn {
fprintf( stderr, (fmt), (connid), (opid), (arg1), (arg2), (arg3) );\
} while (0)
#define StatslogTest( level ) (ldap_debug & (level))
#elif defined(LDAP_SYSLOG)
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) \
do { \
if ( ldap_syslog & (level) ) \
syslog( ldap_syslog_level, (fmt), (connid), (opid), (arg1), \
(arg2), (arg3) ); \
} while (0)
#define StatslogTest( level ) (ldap_syslog & (level))
#else
#define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 )
#define StatslogTest( level ) (0)
......
......@@ -250,17 +250,45 @@ slap_tool_init(
/* If the named base is a glue master, operate on the
* entire context
*/
if (be->be_flags & SLAP_BFLAG_GLUE_INSTANCE)
if (SLAP_GLUE_INSTANCE(be)) {
nosubordinates = 1;
}
} else if ( dbnum == -1 ) {
if ( nbackends <= 0 ) {
fprintf( stderr, "No available databases\n" );
exit( EXIT_FAILURE );
}
be = &backends[dbnum=0];
/* If just doing the first by default and it is a
* glue subordinate, find the master.
*/
while (be->be_flags & SLAP_BFLAG_GLUE_SUBORDINATE) {
nosubordinates = 1;
while (SLAP_GLUE_SUBORDINATE(be) || SLAP_MONITOR(be)) {
if (SLAP_GLUE_SUBORDINATE(be)) {
nosubordinates = 1;
}
be++;
dbnum++;
}
if ( dbnum >= nbackends ) {
fprintf( stderr, "Available database(s) "
"do not allow %s\n", name );
exit( EXIT_FAILURE );
}
if ( nosubordinates == 0 && dbnum > 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG( BACKEND, ERR,
"The first database does not allow %s; using the first available one (%d)\n",
name, dbnum + 1, 0 );
#else
Debug( LDAP_DEBUG_ANY,
"The first database does not allow %s; using the first available one (%d)\n",
name, dbnum + 1, 0 );
#endif
}
} else if ( dbnum < 0 || dbnum > (nbackends-1) ) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment