Revert data ready loop fix

fixup gethostby problems
misc sasl fixes

servers/slapd/connection.c

@@ -1221,8 +1221,8 @@ int connection_read(ber_socket_t s)
 	}
 #endif
 
-/* #define CONNECTION_INPUT_LOOP 1 */
-#define	DATA_READY_LOOP 1
+#define CONNECTION_INPUT_LOOP 1
+/* #define	DATA_READY_LOOP 1 */
 
 	do
 	{

servers/slapd/daemon.c

@@ -1383,6 +1383,9 @@ slapd_daemon_task(
 			long id;
 			slap_ssf_t ssf = 0;
 			char *authid = NULL;
+#ifdef SLAPD_RLOOKUPS
+			char *hebuf = NULL;
+#endif
 
 			char	*dnsname = NULL;
 			char	*peeraddr = NULL;
@@ -1601,23 +1604,21 @@ slapd_daemon_task(
 				if ( use_reverse_lookup ) {
 					struct hostent he;
 					int herr;
-					char *ha = NULL;
-					hp = NULL;
+					struct hostent *hp = NULL;
 #  ifdef LDAP_PF_INET6
 					if ( from.sa_addr.sa_family == AF_INET6 )
 						ldap_pvt_gethostbyaddr_a(
 							(char *)&(from.sa_in6_addr.sin6_addr),
 							sizeof(from.sa_in6_addr.sin6_addr),
-							AF_INET6, &he, &ha,
+							AF_INET6, &he, &hebuf,
 							&hp, &herr );
 					else
 #  endif /* LDAP_PF_INET6 */
 					ldap_pvt_gethostbyaddr_a(
 						(char *) &(from.sa_in_addr.sin_addr),
 						sizeof(from.sa_in_addr.sin_addr),
-						AF_INET, &he, &ha, &hp, &herr );
+						AF_INET, &he, &hebuf, &hp, &herr );
 					dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
-					if (ha) ldap_memfree( ha );
 				}
 #else
 				dnsname = NULL;
@@ -1631,7 +1632,7 @@ slapd_daemon_task(
 				{
 					/* DENY ACCESS */
 					Statslog( LDAP_DEBUG_STATS,
-						"fd=%ld host access from %s (%s) denied.\n",
+						"fd=%ld DENIED from %s (%s)",
 						(long) s,
 						dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
 						peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN,
@@ -1655,6 +1656,9 @@ slapd_daemon_task(
 				authid );
 
 			if( authid ) ch_free(authid);
+#ifdef SLAPD_RLOOKUPS
+			if( hebuf ) ldap_memfree(hebuf);
+#endif
 
 			if( id < 0 ) {
 #ifdef NEW_LOGGING
@@ -1677,8 +1681,8 @@ slapd_daemon_task(
 			}
 
 			Statslog( LDAP_DEBUG_STATS,
-				"daemon: conn=%ld fd=%ld connection from %s "
-				"(%s) accepted.\n",
+				"conn=%ld fd=%ld ACCEPT from %s "
+				"(%s)\n",
 				id, (long) s,
 				peername,
 				slap_listeners[l]->sl_name.bv_val,

servers/slapd/sasl.c

@@ -922,7 +922,7 @@ slap_sasl_authorize(
 	/* Nothing to do if no authzID was given */
 	if ( !auxvals[1].name || !auxvals[1].values ) {
 		conn->c_sasl_dn = authcDN;
-		return SASL_OK;
+		goto ok;
 	}
 	
 	AC_MEMCPY( &authzDN, auxvals[1].values[0], sizeof(authzDN) );
@@ -946,6 +946,13 @@ slap_sasl_authorize(
 	}
 
 	conn->c_sasl_dn = authzDN;
+ok:
+	if (conn->c_sasl_bindop) {
+		Statslog( LDAP_DEBUG_STATS,
+	    		"conn=%lu op=%lu BIND authcid=\"%s\"\n",
+	    		conn->c_connid, conn->c_sasl_bindop->o_opid, 
+			auth_identity, 0, 0);
+	}
 
 #ifdef NEW_LOGGING
 	LDAP_LOG( TRANSPORT, ENTRY, 
@@ -1024,8 +1031,7 @@ slap_sasl_authorize(
 #endif
 
 		conn->c_sasl_dn = authcDN;
-		*errstr = NULL;
-		return SASL_OK;
+		goto ok;
 	}
 	rc = slap_sasl_getdn( conn, (char *)authzid, 0, realm, &authzDN, FLAG_GETDN_AUTHZID );
 	if( rc != LDAP_SUCCESS ) {
@@ -1051,7 +1057,9 @@ slap_sasl_authorize(
 		ch_free( authzDN.bv_val );
 		return SASL_NOAUTHZ;
 	}
+	conn->c_sasl_dn = authzDN;
 
+ok:
 #ifdef NEW_LOGGING
 	LDAP_LOG( TRANSPORT, RESULTS, 
 		"slap_sasl_authorize: conn %d authorization allowed\n",
@@ -1062,7 +1070,13 @@ slap_sasl_authorize(
 		(long) (conn ? conn->c_connid : -1), 0, 0 );
 #endif
 
-	conn->c_sasl_dn = authzDN;
+	if (conn->c_sasl_bindop) {
+		Statslog( LDAP_DEBUG_STATS,
+	    		"conn=%lu op=%lu BIND authcid=\"%s\"\n",
+	    		conn->c_connid, conn->c_sasl_bindop->o_opid, 
+			auth_identity, 0, 0);
+	}
+
 	*errstr = NULL;
 	return SASL_OK;
 }

servers/slapd/saslauthz.c

@@ -414,6 +414,7 @@ void slap_sasl2dn( Connection *conn,
 	}
 
 	rc = slap_parseURI( &regout, &dn, &scope, &filter );
+	if( regout.bv_val ) ch_free( regout.bv_val );
 	if( rc != LDAP_SUCCESS ) {
 		goto FINISHED;
 	}