X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fdaemon.c;h=fad697b1dd9f078561a578e3fbe543b1eba787b3;hb=1fbbc1181152a32c1b9b82342ad6d63034ec7fbb;hp=ab931923500e932759339554728b08710912f7f1;hpb=daf7d0c0ebc1bbb5b46b60e9969e296ed1c864da;p=openldap diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index ab93192350..fad697b1dd 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -1,6 +1,6 @@ /* $OpenLDAP$ */ /* - * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved. + * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved. * COPYING RESTRICTIONS APPLY, see COPYRIGHT file */ @@ -1383,6 +1383,9 @@ slapd_daemon_task( long id; slap_ssf_t ssf = 0; char *authid = NULL; +#ifdef SLAPD_RLOOKUPS + char *hebuf = NULL; +#endif char *dnsname = NULL; char *peeraddr = NULL; @@ -1555,19 +1558,19 @@ slapd_daemon_task( case AF_LOCAL: sprintf( peername, "PATH=%s", from.sa_un_addr.sun_path ); ssf = LDAP_PVT_SASL_LOCAL_SSF; -# ifdef SO_PEERCRED { - struct ucred peercred; - size_t peercred_len = sizeof(peercred); - - if (getsockopt( s, SOL_SOCKET, SO_PEERCRED, - (void *)&peercred, &peercred_len ) == 0 && - peercred_len == sizeof(peercred) ) { - authid = ch_malloc(sizeof("uidNumber=+gidNumber=+,cn=peercred,cn=external,cn=auth") + 32); - sprintf(authid, "uidNumber=%d+gidNumber=%d,cn=peercred,cn=external,cn=auth", peercred.uid, peercred.gid); + uid_t uid; + gid_t gid; + + if( getpeereid( s, &uid, &gid ) == 0 ) { + authid = ch_malloc( + sizeof("uidNumber=4294967295+gidNumber=4294967295," + "cn=peercred,cn=external,cn=auth")); + sprintf(authid, "uidNumber=%d+gidNumber=%d," + "cn=peercred,cn=external,cn=auth", + uid, gid); } } -# endif /* SO_PEERCRED */ dnsname = "local"; break; #endif /* LDAP_PF_LOCAL */ @@ -1612,18 +1615,22 @@ slapd_daemon_task( ) { #ifdef SLAPD_RLOOKUPS if ( use_reverse_lookup ) { + struct hostent he; + int herr; + struct hostent *hp = NULL; # ifdef LDAP_PF_INET6 if ( from.sa_addr.sa_family == AF_INET6 ) - hp = gethostbyaddr( + ldap_pvt_gethostbyaddr_a( (char *)&(from.sa_in6_addr.sin6_addr), sizeof(from.sa_in6_addr.sin6_addr), - AF_INET6 ); + AF_INET6, &he, &hebuf, + &hp, &herr ); else # endif /* LDAP_PF_INET6 */ - hp = gethostbyaddr( + ldap_pvt_gethostbyaddr_a( (char *) &(from.sa_in_addr.sin_addr), sizeof(from.sa_in_addr.sin_addr), - AF_INET ); + AF_INET, &he, &hebuf, &hp, &herr ); dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL; } #else @@ -1638,7 +1645,7 @@ slapd_daemon_task( { /* DENY ACCESS */ Statslog( LDAP_DEBUG_STATS, - "fd=%ld host access from %s (%s) denied.\n", + "fd=%ld DENIED from %s (%s)", (long) s, dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN, peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN, @@ -1662,6 +1669,9 @@ slapd_daemon_task( authid ); if( authid ) ch_free(authid); +#ifdef SLAPD_RLOOKUPS + if( hebuf ) ldap_memfree(hebuf); +#endif if( id < 0 ) { #ifdef NEW_LOGGING @@ -1684,8 +1694,7 @@ slapd_daemon_task( } Statslog( LDAP_DEBUG_STATS, - "daemon: conn=%ld fd=%ld connection from %s " - "(%s) accepted.\n", + "conn=%ld fd=%ld ACCEPT from %s (%s)\n", id, (long) s, peername, slap_listeners[l]->sl_name.bv_val,