]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/back-ldbm/bind.c
Set peeraddr also for IPv6, fixes ITS#1918
[openldap] / servers / slapd / back-ldbm / bind.c
index a6ab1c5e2940830e1b5c70ba9254e65488016026..2ca018d03beb83048f4e8100903b4cb275409b20 100644 (file)
@@ -50,9 +50,11 @@ ldbm_back_bind(
        Debug(LDAP_DEBUG_ARGS, "==> ldbm_back_bind: dn: %s\n", dn->bv_val, 0, 0);
 #endif
 
-
        dn = ndn;
 
+       /* grab giant lock for reading */
+       ldap_pvt_thread_rdwr_rlock(&li->li_giant_rwlock);
+
        /* get entry with reader lock */
        if ( (e = dn2entry_r( be, dn, &matched )) == NULL ) {
                char *matched_dn = NULL;
@@ -72,6 +74,8 @@ ldbm_back_bind(
                                NULL, dn, LDAP_SCOPE_DEFAULT );
                }
 
+               ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
+
                /* allow noauth binds */
                rc = 1;
                if ( method == LDAP_AUTH_SIMPLE ) {
@@ -165,7 +169,7 @@ ldbm_back_bind(
                }
 
                if ( ! access_allowed( be, conn, op, e,
-                       password, NULL, ACL_AUTH ) )
+                       password, NULL, ACL_AUTH, NULL ) )
                {
                        send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
                                NULL, NULL, NULL, NULL );
@@ -203,7 +207,7 @@ ldbm_back_bind(
                }
 
                if ( ! access_allowed( be, conn, op, e,
-                       krbattr, NULL, ACL_AUTH ) )
+                       krbattr, NULL, ACL_AUTH, NULL ) )
                {
                        send_ldap_result( conn, op, LDAP_INSUFFICIENT_ACCESS,
                                NULL, NULL, NULL, NULL );
@@ -263,6 +267,7 @@ ldbm_back_bind(
 return_results:;
        /* free entry and reader lock */
        cache_return_entry_r( &li->li_cache, e );
+       ldap_pvt_thread_rdwr_runlock(&li->li_giant_rwlock);
 
        /* front end with send result on success (rc==0) */
        return( rc );