reject registrations when back-monitor is not configured

[openldap] / servers / slapd / daemon.c

diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 53819525aa7aee15f56e69fedce1996d6496239b..a0125a19fc1248ba7f919d56d4112b8515d75805 100644 (file)
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -40,8 +40,6 @@
 
 #include "ldap_rq.h"
 
-#undef HAVE_EPOLL
-
 #if defined(HAVE_SYS_EPOLL_H) && defined(HAVE_EPOLL)
 #include <sys/epoll.h>
 #endif
@@ -76,14 +74,17 @@ struct runqueue_s slapd_rq;
 
 Listener **slap_listeners = NULL;
 
-#define SLAPD_LISTEN 10
+#ifndef SLAPD_LISTEN_BACKLOG
+#define SLAPD_LISTEN_BACKLOG 1024
+#endif
 
 static ber_socket_t wake_sds[2];
 static int emfile;
 
 static int waking;
-#define WAKE_LISTENER(w) \
-do { if (w && waking < 5) { waking++; tcp_write( wake_sds[1], "0", 1 ); } } while(0)
+#define WAKE_LISTENER(w) do { \
+       if ((w) && waking < 5) { waking++; tcp_write( wake_sds[1], "0", 1 ); } \
+       } while(0)
 
 volatile sig_atomic_t slapd_shutdown = 0, slapd_gentle_shutdown = 0;
 volatile sig_atomic_t slapd_abrupt_shutdown = 0;
@@ -203,7 +204,7 @@ static struct slap_daemon {
 #define SLAP_EVENT_FD(i)       SLAP_EV_PTRFD(revents[i].data.ptr)
 #define        SLAP_SOCK_SET_MUTE(s)   SLAP_SOCK_CLR_READ(s)
 #define        SLAP_SOCK_CLR_MUTE(s)   SLAP_SOCK_SET_READ(s)
-#define        SLAP_SOCK_IS_MUTE(s)    !SLAP_SOCK_IS_READ(s)
+#define        SLAP_SOCK_IS_MUTE(s)    (!SLAP_SOCK_IS_READ(s))
 
 #define SLAP_SOCK_SET_INIT     \
        slap_daemon.sd_epolls = ch_malloc(sizeof(struct epoll_event) * dtblsize * 2);   \
@@ -298,7 +299,7 @@ static struct slap_daemon {
 
 #define        SLAP_SOCK_SET_MUTE(s)   FD_CLR(s, &readfds)
 #define SLAP_SOCK_CLR_MUTE(s)  FD_SET(s, &readfds)
-#define        SLAP_SOCK_IS_MUTE(s)    FD_ISSET(s, &readfds)
+#define        SLAP_SOCK_IS_MUTE(s)    (!FD_ISSET(s, &readfds))
 
 #endif
 
@@ -555,9 +556,9 @@ static int get_url_perms(
 {
        int     i;
 
-       assert( exts );
-       assert( perms );
-       assert( crit );
+       assert( exts != NULL );
+       assert( perms != NULL );
+       assert( crit != NULL );
 
        *crit = 0;
        for ( i = 0; exts[ i ]; i++ ) {
@@ -1002,16 +1003,6 @@ static int slap_open_listener(
 #ifdef LDAP_PF_LOCAL
        case AF_LOCAL: {
                char *addr = ((struct sockaddr_un *)*sal)->sun_path;
-#if 0 /* don't muck with socket perms */
-               if ( chmod( addr, l.sl_perms ) < 0 && crit ) {
-                       int err = sock_errno();
-                       Debug( LDAP_DEBUG_ANY, "daemon: fchmod(%ld) failed errno=%d (%s)",
-                              (long) l.sl_sd, err, sock_errstr(err) );
-                       tcp_close( l.sl_sd );
-                       slap_free_listener_addresses(psal);
-                       return -1;
-               }
-#endif
                l.sl_name.bv_len = strlen(addr) + sizeof("PATH=") - 1;
                l.sl_name.bv_val = ber_memalloc( l.sl_name.bv_len + 1 );
                snprintf( l.sl_name.bv_val, l.sl_name.bv_len + 1, 
@@ -1369,12 +1360,15 @@ slapd_handle_listener(
 
                        if( getpeereid( s, &uid, &gid ) == 0 ) {
                                authid.bv_val = ch_malloc(
-                                       sizeof("uidnumber=4294967295+gidnumber=4294967295,"
-                                       "cn=peercred,cn=external,cn=auth"));
+                                       STRLENOF( "gidNumber=4294967295+uidNumber=4294967295,"
+                                       "cn=peercred,cn=external,cn=auth" ) + 1 );
                                authid.bv_len = sprintf( authid.bv_val,
-                                       "uidnumber=%d+gidnumber=%d,"
+                                       "gidNumber=%d+uidNumber=%d,"
                                        "cn=peercred,cn=external,cn=auth",
-                                       (int) uid, (int) gid);
+                                       (int) gid, (int) uid );
+                               assert( authid.bv_len <=
+                                       STRLENOF( "gidNumber=4294967295+uidNumber=4294967295,"
+                                       "cn=peercred,cn=external,cn=auth" ) );
                        }
                }
                dnsname = "local";
@@ -1523,7 +1517,7 @@ slapd_daemon_task(
                }
 #endif
 
-               if ( listen( slap_listeners[l]->sl_sd, SLAPD_LISTEN ) == -1 ) {
+               if ( listen( slap_listeners[l]->sl_sd, SLAPD_LISTEN_BACKLOG ) == -1 ) {
                        int err = sock_errno();
 
 #ifdef LDAP_PF_INET6
@@ -1578,7 +1572,10 @@ slapd_daemon_task(
                ber_socket_t i;
                int ns, nwriters;
                int at;
-               ber_socket_t nfds, nrfds, nwfds;
+               ber_socket_t nfds;
+#if SLAP_EVENTS_ARE_INDEXED
+               ber_socket_t nrfds, nwfds;
+#endif
 #define SLAPD_EBADF_LIMIT 16
 
                time_t  now;
@@ -1762,8 +1759,6 @@ slapd_daemon_task(
                        if ( !SLAP_EVENT_IS_READ( slap_listeners[l]->sl_sd ))
                                continue;
                        
-                       ns--;
-
                        rc = slapd_handle_listener(slap_listeners[l]);
 
 #ifdef LDAP_CONNECTIONLESS
@@ -1771,6 +1766,8 @@ slapd_daemon_task(
                        if ( rc ) continue;
 #endif
 
+                       ns--;
+
                        /* Don't need to look at this in the data loops */
                        SLAP_EVENT_CLR_READ( slap_listeners[l]->sl_sd );
                        SLAP_EVENT_CLR_WRITE( slap_listeners[l]->sl_sd );
@@ -1804,7 +1801,8 @@ slapd_daemon_task(
                        int     r, w;
 
                        r = SLAP_EVENT_IS_READ( i );
-                       w = SLAP_EVENT_IS_WRITE( i );
+                       /* writefds was not initialized if nwriters was zero */
+                       w = nwriters ? SLAP_EVENT_IS_WRITE( i ) : 0;
                        if ( r || w ) {
                                Debug( LDAP_DEBUG_CONNS, " %d%s%s", i,
                                    r ? "r" : "", w ? "w" : "" );
@@ -1920,6 +1918,10 @@ slapd_daemon_task(
 #endif
                         ) continue;
 
+                       /* Don't log internal wake events */
+                       if ( SLAP_EVENT_FD( i ) == wake_sds[0] )
+                               continue;
+
                        r = SLAP_EVENT_IS_READ( i );
                        w = SLAP_EVENT_IS_WRITE( i );
                        if ( r || w ) {
@@ -1941,6 +1943,10 @@ slapd_daemon_task(
                        if ( rc ) {
                                fd = SLAP_EVENT_FD( i );
 
+                               /* Ignore wake events, they were handled above */
+                               if ( fd == wake_sds[0] )
+                                       continue;
+
                                if( SLAP_EVENT_IS_WRITE( i ) ) {
                                        Debug( LDAP_DEBUG_CONNS,
                                                "daemon: write active on %d\n",
@@ -2006,9 +2012,6 @@ slapd_daemon_task(
                close_listeners ( 0 );
        }
 
-       free ( slap_listeners );
-       slap_listeners = NULL;
-
        if( !slapd_gentle_shutdown ) {
                slapd_abrupt_shutdown = 1;
                connections_shutdown();
@@ -2019,6 +2022,9 @@ slapd_daemon_task(
            ldap_pvt_thread_pool_backload(&connection_pool), 0, 0 );
        ldap_pvt_thread_pool_destroy(&connection_pool, 1);
 
+       free ( slap_listeners );
+       slap_listeners = NULL;
+
        return NULL;
 }
 
@@ -2056,7 +2062,7 @@ int slapd_daemon( void )
 
 }
 
-int sockinit(void)
+static int sockinit(void)
 {
 #if defined( HAVE_WINSOCK2 )
     WORD wVersionRequested;
@@ -2097,7 +2103,7 @@ int sockinit(void)
        return 0;
 }
 
-int sockdestroy(void)
+static int sockdestroy(void)
 {
 #if defined( HAVE_WINSOCK2 ) || defined( HAVE_WINSOCK )
        WSACleanup();