From acc82de2603f1fb1f1c6e79ee872a6f55bd289a7 Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Thu, 19 Dec 2002 23:02:05 +0000 Subject: [PATCH] Revert data ready loop fix fixup gethostby problems misc sasl fixes --- servers/slapd/connection.c | 4 ++-- servers/slapd/daemon.c | 20 ++++++++++++-------- servers/slapd/sasl.c | 22 ++++++++++++++++++---- servers/slapd/saslauthz.c | 1 + 4 files changed, 33 insertions(+), 14 deletions(-) diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index 236fedfa45..9441050156 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -1221,8 +1221,8 @@ int connection_read(ber_socket_t s) } #endif -/* #define CONNECTION_INPUT_LOOP 1 */ -#define DATA_READY_LOOP 1 +#define CONNECTION_INPUT_LOOP 1 +/* #define DATA_READY_LOOP 1 */ do { diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index 10c47697a5..7b0c6d7b11 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -1383,6 +1383,9 @@ slapd_daemon_task( long id; slap_ssf_t ssf = 0; char *authid = NULL; +#ifdef SLAPD_RLOOKUPS + char *hebuf = NULL; +#endif char *dnsname = NULL; char *peeraddr = NULL; @@ -1601,23 +1604,21 @@ slapd_daemon_task( if ( use_reverse_lookup ) { struct hostent he; int herr; - char *ha = NULL; - hp = NULL; + struct hostent *hp = NULL; # ifdef LDAP_PF_INET6 if ( from.sa_addr.sa_family == AF_INET6 ) ldap_pvt_gethostbyaddr_a( (char *)&(from.sa_in6_addr.sin6_addr), sizeof(from.sa_in6_addr.sin6_addr), - AF_INET6, &he, &ha, + AF_INET6, &he, &hebuf, &hp, &herr ); else # endif /* LDAP_PF_INET6 */ ldap_pvt_gethostbyaddr_a( (char *) &(from.sa_in_addr.sin_addr), sizeof(from.sa_in_addr.sin_addr), - AF_INET, &he, &ha, &hp, &herr ); + AF_INET, &he, &hebuf, &hp, &herr ); dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL; - if (ha) ldap_memfree( ha ); } #else dnsname = NULL; @@ -1631,7 +1632,7 @@ slapd_daemon_task( { /* DENY ACCESS */ Statslog( LDAP_DEBUG_STATS, - "fd=%ld host access from %s (%s) denied.\n", + "fd=%ld DENIED from %s (%s)", (long) s, dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN, peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN, @@ -1655,6 +1656,9 @@ slapd_daemon_task( authid ); if( authid ) ch_free(authid); +#ifdef SLAPD_RLOOKUPS + if( hebuf ) ldap_memfree(hebuf); +#endif if( id < 0 ) { #ifdef NEW_LOGGING @@ -1677,8 +1681,8 @@ slapd_daemon_task( } Statslog( LDAP_DEBUG_STATS, - "daemon: conn=%ld fd=%ld connection from %s " - "(%s) accepted.\n", + "conn=%ld fd=%ld ACCEPT from %s " + "(%s)\n", id, (long) s, peername, slap_listeners[l]->sl_name.bv_val, diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c index 5e632c5ef2..e860abe610 100644 --- a/servers/slapd/sasl.c +++ b/servers/slapd/sasl.c @@ -922,7 +922,7 @@ slap_sasl_authorize( /* Nothing to do if no authzID was given */ if ( !auxvals[1].name || !auxvals[1].values ) { conn->c_sasl_dn = authcDN; - return SASL_OK; + goto ok; } AC_MEMCPY( &authzDN, auxvals[1].values[0], sizeof(authzDN) ); @@ -946,6 +946,13 @@ slap_sasl_authorize( } conn->c_sasl_dn = authzDN; +ok: + if (conn->c_sasl_bindop) { + Statslog( LDAP_DEBUG_STATS, + "conn=%lu op=%lu BIND authcid=\"%s\"\n", + conn->c_connid, conn->c_sasl_bindop->o_opid, + auth_identity, 0, 0); + } #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, ENTRY, @@ -1024,8 +1031,7 @@ slap_sasl_authorize( #endif conn->c_sasl_dn = authcDN; - *errstr = NULL; - return SASL_OK; + goto ok; } rc = slap_sasl_getdn( conn, (char *)authzid, 0, realm, &authzDN, FLAG_GETDN_AUTHZID ); if( rc != LDAP_SUCCESS ) { @@ -1051,7 +1057,9 @@ slap_sasl_authorize( ch_free( authzDN.bv_val ); return SASL_NOAUTHZ; } + conn->c_sasl_dn = authzDN; +ok: #ifdef NEW_LOGGING LDAP_LOG( TRANSPORT, RESULTS, "slap_sasl_authorize: conn %d authorization allowed\n", @@ -1062,7 +1070,13 @@ slap_sasl_authorize( (long) (conn ? conn->c_connid : -1), 0, 0 ); #endif - conn->c_sasl_dn = authzDN; + if (conn->c_sasl_bindop) { + Statslog( LDAP_DEBUG_STATS, + "conn=%lu op=%lu BIND authcid=\"%s\"\n", + conn->c_connid, conn->c_sasl_bindop->o_opid, + auth_identity, 0, 0); + } + *errstr = NULL; return SASL_OK; } diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index c12ba776c5..da04c74e96 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -414,6 +414,7 @@ void slap_sasl2dn( Connection *conn, } rc = slap_parseURI( ®out, &dn, &scope, &filter ); + if( regout.bv_val ) ch_free( regout.bv_val ); if( rc != LDAP_SUCCESS ) { goto FINISHED; } -- 2.47.2