c->c_dn.bv_len = 0;
c->c_ndn.bv_val = NULL;
c->c_ndn.bv_len = 0;
- c->c_cdn.bv_val = NULL;
- c->c_cdn.bv_len = 0;
c->c_groups = NULL;
c->c_listener_url.bv_val = NULL;
assert( c->c_authmech.bv_val == NULL );
assert( c->c_dn.bv_val == NULL );
assert( c->c_ndn.bv_val == NULL );
- assert( c->c_cdn.bv_val == NULL );
assert( c->c_groups == NULL );
assert( c->c_listener_url.bv_val == NULL );
assert( c->c_peer_domain.bv_val == NULL );
void connection2anonymous( Connection *c )
{
- assert( connections != NULL );
- assert( c != NULL );
+ assert( connections != NULL );
+ assert( c != NULL );
{
ber_len_t max = sockbuf_max_incoming;
}
c->c_authmech.bv_len = 0;
- if(c->c_dn.bv_val != NULL) {
- free(c->c_dn.bv_val);
- c->c_dn.bv_val = NULL;
- }
- c->c_dn.bv_len = 0;
- if(c->c_ndn.bv_val != NULL) {
- free(c->c_ndn.bv_val);
- c->c_ndn.bv_val = NULL;
- }
- c->c_ndn.bv_len = 0;
-
- if(c->c_cdn.bv_val != NULL) {
- free(c->c_cdn.bv_val);
- c->c_cdn.bv_val = NULL;
+ if(c->c_dn.bv_val != NULL) {
+ free(c->c_dn.bv_val);
+ c->c_dn.bv_val = NULL;
}
- c->c_cdn.bv_len = 0;
+ c->c_dn.bv_len = 0;
+ if(c->c_ndn.bv_val != NULL) {
+ free(c->c_ndn.bv_val);
+ c->c_ndn.bv_val = NULL;
+ }
+ c->c_ndn.bv_len = 0;
c->c_authz_backend = NULL;
-
- {
- GroupAssertion *g, *n;
- for (g = c->c_groups; g; g=n)
+
{
- n = g->ga_next;
- free(g);
+ GroupAssertion *g, *n;
+ for (g = c->c_groups; g; g=n) {
+ n = g->ga_next;
+ free(g);
+ }
+ c->c_groups = NULL;
}
- c->c_groups = NULL;
- }
-
}
static void
* to propagate to client. */
FD_ZERO(&rfd);
FD_SET(s, &rfd);
- for (rc=1; rc>0;)
- {
+ for (rc=1; rc>0;) {
tv.tv_sec = 1;
tv.tv_usec = 0;
rc = select(s+1, &rfd, NULL, NULL, &tv);
- if (rc == 1)
- ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_DRAIN,
- NULL);
+ if (rc == 1) {
+ ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_DRAIN, NULL);
+ }
}
#endif
connection_close( c );
} else if ( rc == 0 ) {
void *ssl;
- char *authid;
+ struct berval authid = { 0, NULL };
c->c_needs_tls_accept = 0;
c->c_ssf = c->c_tls_ssf;
}
- authid = (char *)ldap_pvt_tls_get_peer( ssl );
- slap_sasl_external( c, c->c_tls_ssf, authid );
+ rc = dnX509peerNormalize( ssl, &authid );
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
+ "connection_read: conn %lu unable to get TLS client DN, error %d\n",
+ c->c_connid, rc));
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "connection_read(%d): unable to get TLS client DN "
+ "error=%d id=%lu\n",
+ s, rc, c->c_connid );
+#endif
+ }
+ slap_sasl_external( c, c->c_tls_ssf, authid.bv_val );
+ if ( authid.bv_val ) free( authid.bv_val );
+ }
+
+ /* if success and data is ready, fall thru to data input loop */
+ if( rc != 0 ||
+ !ber_sockbuf_ctrl( c->c_sb, LBER_SB_OPT_DATA_READY, NULL ) )
+ {
+ connection_return( c );
+ ldap_pvt_thread_mutex_unlock( &connections_mutex );
+ return 0;
}
- connection_return( c );
- ldap_pvt_thread_mutex_unlock( &connections_mutex );
- return 0;
}
#endif
op = slap_op_alloc( ber, msgid, tag, conn->c_n_ops_received++ );
+ op->vrFilter = NULL;
+
op->o_pagedresults_state = conn->c_pagedresults_state;
#ifdef LDAP_CONNECTIONLESS