Install *.schema only

[openldap] / servers / slapd / connection.c

diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index 54dedfb3c0c90b019635fb0d528c4f15bec8ed00..a2231eb5ed38bcc81ce5e702ebd891bec9124f3c 100644 (file)
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -1,6 +1,6 @@
 /* $OpenLDAP$ */
 /*
- * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
  * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
  */
 
@@ -590,7 +590,6 @@ void connection_closing( Connection *c )
        /* c_mutex must be locked by caller */
 
        if( c->c_conn_state != SLAP_C_CLOSING ) {
-
                Debug( LDAP_DEBUG_TRACE,
                        "connection_closing: readying conn=%ld sd=%d for close\n",
                        c->c_connid, ber_pvt_sb_get_desc( c->c_sb ), 0 );
@@ -601,8 +600,6 @@ void connection_closing( Connection *c )
                /* don't listen on this port anymore */
                slapd_clr_read( ber_pvt_sb_get_desc( c->c_sb ), 1 );
 
-               /* shutdown I/O -- not yet implemented */
-
                /* abandon active operations */
                connection_abandon( c );
 
@@ -817,16 +814,12 @@ operations_error:
                break;
 
        case LDAP_REQ_BIND:
+               conn->c_sasl_bind_in_progress =
+                       rc == LDAP_SASL_BIND_IN_PROGRESS ? 1 : 0;
+
                if( conn->c_conn_state == SLAP_C_BINDING) {
                        conn->c_conn_state = SLAP_C_ACTIVE;
                }
-               /*
-                * Is this ever the case? For now, rely on
-                * the backend to set this.
-                */
-               if ( rc == LDAP_SASL_BIND_IN_PROGRESS ) {
-                       conn->c_sasl_bind_in_progress = 1;
-               }
        }
 
        ldap_pvt_thread_mutex_lock( &active_threads_mutex );
@@ -885,6 +878,9 @@ int connection_read(ber_socket_t s)
        if ( c->c_is_tls && c->c_needs_tls_accept ) {
                rc = ldap_pvt_tls_accept( c->c_sb, NULL );
                if ( rc < 0 ) {
+                       struct timeval tv;
+                       fd_set rfd;
+
                        Debug( LDAP_DEBUG_TRACE,
                               "connection_read(%d): TLS accept error error=%d id=%ld, closing\n",
                               s, rc, c->c_connid );
@@ -892,6 +888,21 @@ int connection_read(ber_socket_t s)
                        c->c_needs_tls_accept = 0;
                        /* connections_mutex and c_mutex are locked */
                        connection_closing( c );
+
+                       /* Drain input before close, to allow SSL error codes
+                        * to propagate to client. */
+                       FD_ZERO(&rfd);
+                       FD_SET(s, &rfd);
+                       ber_pvt_sb_set_readahead(c->c_sb, 0);
+                       for (rc=1; rc>0;)
+                       {
+                           char buf[4096];
+                           tv.tv_sec = 1;
+                           tv.tv_usec = 0;
+                           rc = select(s+1, &rfd, NULL, NULL, &tv);
+                           if (rc == 1)
+                               rc = ber_pvt_sb_read(c->c_sb, buf, sizeof(buf));
+                       }
                        connection_close( c );
                } else if ( rc == 0 ) {
                        c->c_needs_tls_accept = 0;
@@ -958,7 +969,7 @@ connection_input(
 
                Debug( LDAP_DEBUG_TRACE,
                        "ber_get_next on fd %d failed errno=%d (%s)\n",
-                       ber_pvt_sb_get_desc( conn->c_sb ), err, STRERROR(err) );
+                       ber_pvt_sb_get_desc( conn->c_sb ), err, sock_errstr(err) );
                Debug( LDAP_DEBUG_TRACE,
                        "\t*** got %ld of %lu so far\n",
                        (long) ( conn->c_currentber->ber_buf