/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 1998-2004 The OpenLDAP Foundation.
+ * Copyright 1998-2009 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
#ifdef HAVE_IO_H
#include <io.h>
#endif /* HAVE_IO_H */
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
#include "ldap-int.h"
#include "ldap_defaults.h"
{
ber_socket_t s = socket(PF_LOCAL, SOCK_STREAM, 0);
oslocal_debug(ld, "ldap_new_socket: %d\n",s,0,0);
+#ifdef FD_CLOEXEC
+ fcntl(s, F_SETFD, FD_CLOEXEC);
+#endif
return ( s );
}
#if defined( notyet ) /* && defined( SO_ERROR ) */
{
int so_errno;
- socklen_t dummy = sizeof(so_errno);
+ ber_socklen_t dummy = sizeof(so_errno);
if ( getsockopt( s, SOL_SOCKET, SO_ERROR, &so_errno, &dummy )
== AC_SOCKET_ERROR )
{
/* error slippery */
struct sockaddr_un sa;
char ch;
- socklen_t dummy = sizeof(sa);
+ ber_socklen_t dummy = sizeof(sa);
if ( getpeername( s, (struct sockaddr *) &sa, &dummy )
== AC_SOCKET_ERROR )
{
/* XXX: needs to be replace with ber_stream_read() */
- read(s, &ch, 1);
+ (void)read(s, &ch, 1);
TRACE;
return -1;
}
}
#undef TRACE
-#if !defined(HAVE_GETPEEREID) && \
- !defined(SO_PEERCRED) && !defined(LOCAL_PEERCRED) && \
- defined(HAVE_SENDMSG) && defined(HAVE_MSGHDR_MSG_ACCRIGHTS)
-#define DO_SENDMSG
+#ifdef LDAP_PF_LOCAL_SENDMSG
static const char abandonPDU[] = {LDAP_TAG_MESSAGE, 6,
LDAP_TAG_MSGID, 1, 0, LDAP_REQ_ABANDON, 1, 0};
#endif
ldap_pvt_connect(LDAP *ld, ber_socket_t s, struct sockaddr_un *sa, int async)
{
int rc;
- struct timeval tv, *opt_tv=NULL;
+ struct timeval tv, *opt_tv = NULL;
- if ( (opt_tv = ld->ld_options.ldo_tm_net) != NULL ) {
- tv.tv_usec = opt_tv->tv_usec;
- tv.tv_sec = opt_tv->tv_sec;
+ if ( ld->ld_options.ldo_tm_net.tv_sec >= 0 ) {
+ tv = ld->ld_options.ldo_tm_net;
+ opt_tv = &tv;
}
oslocal_debug(ld, "ldap_connect_timeout: fd: %d tm: %ld async: %d\n",
{
if ( ldap_pvt_ndelay_off(ld, s) == -1 ) return -1;
-#ifdef DO_SENDMSG
+#ifdef LDAP_PF_LOCAL_SENDMSG
/* Send a dummy message with access rights. Remote side will
- * obtain our uid/gid by fstat'ing this descriptor.
+ * obtain our uid/gid by fstat'ing this descriptor. The
+ * descriptor permissions must match exactly, and we also
+ * send the socket name, which must also match.
*/
sendcred:
{
int fds[2];
+ ber_socklen_t salen = sizeof(*sa);
if (pipe(fds) == 0) {
/* Abandon, noop, has no reply */
struct iovec iov;
struct msghdr msg = {0};
+# ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
+# ifndef CMSG_SPACE
+# define CMSG_SPACE(len) (_CMSG_ALIGN( sizeof(struct cmsghdr)) + _CMSG_ALIGN(len) )
+# endif
+# ifndef CMSG_LEN
+# define CMSG_LEN(len) (_CMSG_ALIGN( sizeof(struct cmsghdr)) + (len) )
+# endif
+ union {
+ struct cmsghdr cm;
+ unsigned char control[CMSG_SPACE(sizeof(int))];
+ } control_un;
+ struct cmsghdr *cmsg;
+# endif /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
iov.iov_base = (char *) abandonPDU;
iov.iov_len = sizeof abandonPDU;
msg.msg_iov = &iov;
msg.msg_iovlen = 1;
+# ifdef HAVE_STRUCT_MSGHDR_MSG_CONTROL
+ msg.msg_control = control_un.control;
+ msg.msg_controllen = sizeof( control_un.control );
+ msg.msg_flags = 0;
+
+ cmsg = CMSG_FIRSTHDR( &msg );
+ cmsg->cmsg_len = CMSG_LEN( sizeof(int) );
+ cmsg->cmsg_level = SOL_SOCKET;
+ cmsg->cmsg_type = SCM_RIGHTS;
+
+ *((int *)CMSG_DATA(cmsg)) = fds[0];
+# else
msg.msg_accrights = (char *)fds;
msg.msg_accrightslen = sizeof(int);
+# endif /* HAVE_STRUCT_MSGHDR_MSG_CONTROL */
+ getpeername( s, (struct sockaddr *) sa, &salen );
+ fchmod( fds[0], S_ISUID|S_IRWXU );
+ write( fds[1], sa, salen );
sendmsg( s, &msg, 0 );
close(fds[0]);
close(fds[1]);
if( opt_tv != NULL ) timeout = TV2MILLISEC( &tv );
fd.fd = s;
- fd.events = POLLOUT;
+ fd.events = POLL_WRITE;
do {
fd.revents = 0;
if( rc == AC_SOCKET_ERROR ) return rc;
- if( fd.revents & POLLOUT ) {
+ if( fd.revents & POLL_WRITE ) {
if ( ldap_pvt_is_socket_ready(ld, s) == -1 ) return -1;
if ( ldap_pvt_ndelay_off(ld, s) == -1 ) return -1;
-#ifdef DO_SENDMSG
+#ifdef LDAP_PF_LOCAL_SENDMSG
goto sendcred;
#else
return ( 0 );
{
fd_set wfds, *z=NULL;
+#ifdef FD_SETSIZE
+ if ( s >= FD_SETSIZE ) {
+ rc = AC_SOCKET_ERROR;
+ tcp_close( s );
+ ldap_pvt_set_errno( EMFILE );
+ return rc;
+ }
+#endif
do {
FD_ZERO(&wfds);
FD_SET(s, &wfds );
if ( FD_ISSET(s, &wfds) ) {
if ( ldap_pvt_is_socket_ready(ld, s) == -1 ) return -1;
if ( ldap_pvt_ndelay_off(ld, s) == -1 ) return -1;
-#ifdef DO_SENDMSG
+#ifdef LDAP_PF_LOCAL_SENDMSG
goto sendcred;
#else
return ( 0 );
}
int
-ldap_connect_to_path(LDAP *ld, Sockbuf *sb, const char *path, int async)
+ldap_connect_to_path(LDAP *ld, Sockbuf *sb, LDAPURLDesc *srv, int async)
{
struct sockaddr_un server;
ber_socket_t s;
int rc;
+ const char *path = srv->lud_host;
oslocal_debug(ld, "ldap_connect_to_path\n",0,0,0);
rc = ldap_pvt_connect(ld, s, &server, async);
if (rc == 0) {
- ber_sockbuf_ctrl( sb, LBER_SB_OPT_SET_FD, (void *)&s );
- } else {
+ int err;
+ err = ldap_int_connect_cbs( ld, sb, &s, srv, (struct sockaddr *)&server );
+ if ( err )
+ rc = err;
+ }
+ if ( rc ) {
ldap_pvt_close_socket(ld, s);
}
return rc;
projects / openldap / blobdiff