X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fdaemon.c;h=3412fec5e4090afc03128da783faf2a06cae2587;hb=dacc0bfc7da20b4d0c669038a6289dc370098381;hp=95164cbe621b5531507b12928239534a5888f118;hpb=efc5e2d0e42d99ac21dc5fca3b81206ab1f4fc98;p=openldap

diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 95164cbe62..3412fec5e4 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -5,58 +5,44 @@
  *	Added locking of new_conn_mutex when traversing the c[] array.
  */
 
-#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <errno.h>
-#include <sys/time.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-#include <signal.h>
-#ifdef _AIX
-#include <sys/select.h>
-#endif
-#include "slap.h"
 #include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/ctype.h>
+#include <ac/errno.h>
+#include <ac/signal.h>
+#include <ac/socket.h>
+#include <ac/string.h>
+#include <ac/time.h>
+#include <ac/unistd.h>
+
 #include "ldapconfig.h"
-#ifdef NEED_FILIO
+#include "slap.h"
+
+#ifdef HAVE_SYS_FILIO_H
 #include <sys/filio.h>
-#else /* NEED_FILIO */
+#elif HAVE_SYS_IOCTL_H
 #include <sys/ioctl.h>
-#endif /* NEED_FILIO */
-#ifdef USE_SYSCONF
-#include <unistd.h>
-#endif /* USE_SYSCONF */
+#endif
 
-extern Operation	*op_add();
+#ifdef HAVE_TCPD
+#include <tcpd.h>
 
-#ifndef SYSERRLIST_IN_STDIO
-extern int		sys_nerr;
-extern char		*sys_errlist[];
-#endif
-extern time_t		currenttime;
-extern pthread_mutex_t	currenttime_mutex;
-extern int		active_threads;
-extern pthread_mutex_t	active_threads_mutex;
-extern pthread_mutex_t	new_conn_mutex;
-extern int		slapd_shutdown;
-extern pthread_t	listener_tid;
-extern int		num_conns;
-extern pthread_mutex_t	ops_mutex;
-extern int		g_argc;
-extern char		**g_argv;
+int allow_severity = LOG_INFO;
+int deny_severity = LOG_NOTICE;
+#endif /* TCP Wrappers */
 
 int		dtblsize;
 Connection	*c;
 
-static void	set_shutdown();
-static void	do_nothing();
+static volatile sig_atomic_t slapd_shutdown = 0;
+static void	set_shutdown(int sig);
+static void	do_nothing  (int sig);
 
-void
+void *
 slapd_daemon(
-    int	port
+    void *port
 )
 {
 	Operation		*o;
@@ -70,17 +56,20 @@ slapd_daemon(
 	FILE			*fp;
 	int			on = 1;
 
-#ifdef USE_SYSCONF
-        dtblsize = sysconf( _SC_OPEN_MAX );
-#else /* USE_SYSCONF */
-        dtblsize = getdtablesize();
-#endif /* USE_SYSCONF */
-	/*
-	 * Add greg@greg.rim.or.jp
-	 */
+#ifdef HAVE_SYSCONF
+	dtblsize = sysconf( _SC_OPEN_MAX );
+#elif HAVE_GETDTABLESIZE
+	dtblsize = getdtablesize();
+#else
+	dtblsize = FD_SETSIZE
+#endif
+
+#ifdef FD_SETSIZE
 	if(dtblsize > FD_SETSIZE) {
 		dtblsize = FD_SETSIZE;
 	}
+#endif	/* !FD_SETSIZE */
+
 	c = (Connection *) ch_calloc( 1, dtblsize * sizeof(Connection) );
 
 	for ( i = 0; i < dtblsize; i++ ) {
@@ -123,7 +112,7 @@ slapd_daemon(
 	(void) memset( (void *) &addr, '\0', sizeof(addr) );
 	addr.sin_family = AF_INET;
 	addr.sin_addr.s_addr = INADDR_ANY;
-	addr.sin_port = htons( port );
+	addr.sin_port = htons( (int)port );
 	if ( bind( tcps, (struct sockaddr *) &addr, sizeof(addr) ) == -1 ) {
 		Debug( LDAP_DEBUG_ANY, "bind() failed errno %d (%s)\n",
 		    errno, errno > -1 && errno < sys_nerr ? sys_errlist[errno] :
@@ -139,24 +128,16 @@ slapd_daemon(
 	}
 
 	(void) SIGNAL( SIGPIPE, SIG_IGN );
-#ifdef SIGSTKFLT
-	(void) SIGNAL( SIGSTKFLT, (void *) do_nothing );
-#else
-	(void) SIGNAL( SIGUSR1, (void *) do_nothing );
-#endif
-#ifdef SIGSTKFLT
-	(void) SIGNAL( SIGUNUSED, (void *) set_shutdown );
-#else
-	(void) SIGNAL( SIGUSR2, (void *) set_shutdown );
-#endif
-	(void) SIGNAL( SIGTERM, (void *) set_shutdown );
-	(void) SIGNAL( SIGINT, (void *) set_shutdown );
-	(void) SIGNAL( SIGHUP, (void *) set_shutdown );
+	(void) SIGNAL( LDAP_SIGUSR1, do_nothing );
+	(void) SIGNAL( LDAP_SIGUSR2, set_shutdown );
+	(void) SIGNAL( SIGTERM, set_shutdown );
+	(void) SIGNAL( SIGINT, set_shutdown );
+	(void) SIGNAL( SIGHUP, set_shutdown );
 
 	Debug( LDAP_DEBUG_ANY, "slapd starting\n", 0, 0, 0 );
 #ifdef SLAPD_PIDFILE
 	if ( (fp = fopen( SLAPD_PIDFILE, "w" )) != NULL ) {
-		fprintf( fp, "%d\n", getpid() );
+		fprintf( fp, "%d\n", (int) getpid() );
 		fclose( fp );
 	}
 #endif
@@ -177,10 +158,16 @@ slapd_daemon(
 		struct timeval		*tvp;
 		int			len, pid;
 
+		char	*client_name;
+		char	*client_addr;
+
 		FD_ZERO( &writefds );
 		FD_ZERO( &readfds );
 		FD_SET( tcps, &readfds );
 
+		zero.tv_sec = 0;
+		zero.tv_usec = 0;
+
 		pthread_mutex_lock( &active_threads_mutex );
 		Debug( LDAP_DEBUG_CONNS,
 		    "listening for connections on %d, activity on:",
@@ -201,18 +188,16 @@ slapd_daemon(
 		Debug( LDAP_DEBUG_CONNS, "\n", 0, 0, 0 );
 		pthread_mutex_unlock( &new_conn_mutex );
 
-		zero.tv_sec = 0;
-		zero.tv_usec = 0;
 		Debug( LDAP_DEBUG_CONNS, "before select active_threads %d\n",
 		    active_threads, 0, 0 );
-#ifdef PTHREAD_PREEMPTIVE
+#if defined( HAVE_YIELDING_SELECT ) || defined( NO_THREADS )
 		tvp = NULL;
 #else
 		tvp = active_threads ? &zero : NULL;
 #endif
 		pthread_mutex_unlock( &active_threads_mutex );
 
-		switch ( select( dtblsize, &readfds, &writefds, 0, tvp ) ) {
+		switch ( i = select( dtblsize, &readfds, &writefds, 0, tvp ) ) {
 		case -1:	/* failure - try again */
 			Debug( LDAP_DEBUG_CONNS,
 			    "select failed errno %d (%s)\n",
@@ -227,7 +212,7 @@ slapd_daemon(
 			continue;
 
 		default:	/* something happened - deal with it */
-			Debug( LDAP_DEBUG_CONNS, "select activity\n", 0, 0, 0 );
+			Debug( LDAP_DEBUG_CONNS, "select activity on %d descriptors\n", i, 0, 0 );
 			;	/* FALL */
 		}
 		pthread_mutex_lock( &currenttime_mutex );
@@ -249,8 +234,9 @@ slapd_daemon(
 			}
 			if ( ioctl( ns, FIONBIO, (caddr_t) &on ) == -1 ) {
 				Debug( LDAP_DEBUG_ANY,
-				    "FIONBIO ioctl on %d faled\n", ns, 0, 0 );
+				    "FIONBIO ioctl on %d failed\n", ns, 0, 0 );
 			}
+
 			c[ns].c_sb.sb_sd = ns;
 			Debug( LDAP_DEBUG_CONNS, "new connection on %d\n", ns,
 			    0, 0 );
@@ -258,43 +244,76 @@ slapd_daemon(
 			pthread_mutex_lock( &ops_mutex );
 			c[ns].c_connid = num_conns++;
 			pthread_mutex_unlock( &ops_mutex );
+
 			len = sizeof(from);
+
 			if ( getpeername( ns, (struct sockaddr *) &from, &len )
 			    == 0 ) {
-				char	*s;
-#ifdef REVERSE_LOOKUP
+				char *s;
+				client_addr = inet_ntoa( from.sin_addr );
+
+#if defined(SLAPD_RLOOKUPS) || defined(HAVE_TCPD)
 				hp = gethostbyaddr( (char *)
 				    &(from.sin_addr.s_addr),
 				    sizeof(from.sin_addr.s_addr), AF_INET );
-#else
-				hp = NULL;
-#endif
 
-				Statslog( LDAP_DEBUG_STATS,
-				    "conn=%d fd=%d connection from %s (%s)\n",
-				    c[ns].c_connid, ns, hp == NULL ? "unknown"
-				    : hp->h_name, inet_ntoa( from.sin_addr ),
-				    0 );
+				if(hp) {
+					client_name = hp->h_name;
 
-				if ( c[ns].c_addr != NULL ) {
-					free( c[ns].c_addr );
-				}
-				c[ns].c_addr = strdup( inet_ntoa(
-				    from.sin_addr ) );
-				if ( c[ns].c_domain != NULL ) {
-					free( c[ns].c_domain );
-				}
-				c[ns].c_domain = strdup( hp == NULL ? "" :
-				    hp->h_name );
-				/* normalize the domain */
-				for ( s = c[ns].c_domain; *s; s++ ) {
-					*s = TOLOWER( *s );
+					/* normalize the domain */
+					for ( s = client_name; *s; s++ ) {
+						*s = TOLOWER( *s );
+					}
+
+				} else {
+					client_name = NULL;
 				}
+#else
+				client_name = NULL;
+#endif
+
 			} else {
+				client_name = NULL;;
+				client_addr = NULL;
+			}
+
+#ifdef HAVE_TCPD
+			if(!hosts_ctl("slapd", client_name, client_addr,
+				STRING_UNKNOWN))
+			{
+				/* DENY ACCESS */
 				Statslog( LDAP_DEBUG_STATS,
-				    "conn=%d fd=%d connection from unknown\n",
-				    c[ns].c_connid, ns, 0, 0, 0 );
+			   	 "conn=%d fd=%d connection from %s (%s) denied.\n",
+			   	 	c[ns].c_connid, ns,
+						client_name == NULL ? "unknown" : client_name,
+						client_addr == NULL ? "unknown" : client_addr,
+			   	  0 );
+
+				close(ns);
+				pthread_mutex_unlock( &new_conn_mutex );
+				continue;
+			}
+#endif /* HAVE_TCPD */
+
+			Statslog( LDAP_DEBUG_STATS,
+			    "conn=%d fd=%d connection from %s (%s) accepted.\n",
+			    	c[ns].c_connid, ns,
+					client_name == NULL ? "unknown" : client_name,
+					client_addr == NULL ? "unknown" : client_addr,
+			     0 );
+
+			if ( c[ns].c_addr != NULL ) {
+				free( c[ns].c_addr );
 			}
+			c[ns].c_addr = ch_strdup( client_addr );
+
+			if ( c[ns].c_domain != NULL ) {
+				free( c[ns].c_domain );
+			}
+
+			c[ns].c_domain = ch_strdup( client_name == NULL
+				? "" : client_name );
+
 			pthread_mutex_lock( &c[ns].c_dnmutex );
 			if ( c[ns].c_dn != NULL ) {
 				free( c[ns].c_dn );
@@ -366,35 +385,24 @@ slapd_daemon(
 	    0 );
 	be_close();
 	Debug( LDAP_DEBUG_ANY, "slapd stopping\n", 0, 0, 0 );
+	return NULL;
 }
 
 static void
-set_shutdown()
+set_shutdown( int sig )
 {
-	Debug( LDAP_DEBUG_ANY, "slapd got shutdown signal\n", 0, 0, 0 );
+	Debug( LDAP_DEBUG_ANY, "slapd got shutdown signal %d\n", sig, 0, 0 );
 	slapd_shutdown = 1;
-#ifdef SIGSTKFLT
-	pthread_kill( listener_tid, SIGSTKFLT );
-#else
-	pthread_kill( listener_tid, SIGUSR1 );
-#endif
-#ifdef SIGUNUSED
-	(void) SIGNAL( SIGUNUSED, (void *) set_shutdown );
-#else
-	(void) SIGNAL( SIGUSR2, (void *) set_shutdown );
-#endif
-	(void) SIGNAL( SIGTERM, (void *) set_shutdown );
-	(void) SIGNAL( SIGINT, (void *) set_shutdown );
-	(void) SIGNAL( SIGHUP, (void *) set_shutdown );
+	pthread_kill( listener_tid, LDAP_SIGUSR1 );
+	(void) SIGNAL( LDAP_SIGUSR2, set_shutdown );
+	(void) SIGNAL( SIGTERM, set_shutdown );
+	(void) SIGNAL( SIGINT, set_shutdown );
+	(void) SIGNAL( SIGHUP, set_shutdown );
 }
 
 static void
-do_nothing()
+do_nothing( int sig )
 {
-	Debug( LDAP_DEBUG_TRACE, "slapd got do_nothing signal\n", 0, 0, 0 );
-#ifdef SIGSTKFLT
-	(void) SIGNAL( SIGSTKFLT, (void *) do_nothing );
-#else
-	(void) SIGNAL( SIGUSR1, (void *) do_nothing );
-#endif
+	Debug( LDAP_DEBUG_TRACE, "slapd got do_nothing signal %d\n", sig, 0, 0 );
+	(void) SIGNAL( LDAP_SIGUSR1, do_nothing );
 }