add a switch that enables/disables reverse lookups if configured with rlookups

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 28ba0d17a72c1f9989ede95bdbd89abf99a2742f..b5d69c67cd99eea9f267d489506e0bba2d17cb0b 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -59,6 +59,12 @@ int nSaslRegexp = 0;
 SaslRegexp_t *SaslRegexp = NULL;
 int sasl_external_x509dn_convert;
 
+#ifdef SLAPD_RLOOKUPS
+int use_reverse_lookup = 1;
+#else /* !SLAPD_RLOOKUPS */
+int use_reverse_lookup = 0;
+#endif /* !SLAPD_RLOOKUPS */
+
 static char    *fp_getline(FILE *fp, int *lineno);
 static void    fp_getline_init(int *lineno);
 static int     fp_parse_line(char *line, int *argcp, char **argv);
@@ -2240,6 +2246,54 @@ read_config( const char *fname )
 
 #endif
 
+               } else if ( !strcasecmp( cargv[0], "reverse-lookup" ) ) {
+#ifdef SLAPD_RLOOKUPS
+                       if ( cargc < 2 ) {
+#ifdef NEW_LOGGING
+                               LDAP_LOG(( "config", LDAP_LEVEL_INFO,
+                                          "%s: line %d: reverse-lookup: "
+                                          "missing \"on\" or \"off\"\n",
+                                          fname, lineno ));
+#else
+                               Debug( LDAP_DEBUG_ANY,
+"%s: line %d: reverse-lookup: missing \"on\" or \"off\"\n",
+                                       fname, lineno, 0 );
+#endif
+                               return( 1 );
+                       }
+
+                       if ( !strcasecmp( cargv[1], "on" ) ) {
+                               use_reverse_lookup = 1;
+                       } else if ( !strcasecmp( cargv[1], "off" ) ) {
+                               use_reverse_lookup = 0;
+                       } else {
+#ifdef NEW_LOGGING
+                               LDAP_LOG(( "config", LDAP_LEVEL_INFO,
+                                          "%s: line %d: reverse-lookup: "
+                                          "must be \"on\" (default) "
+                                          "or \"off\"\n",
+                                          fname, lineno ));
+#else
+                               Debug( LDAP_DEBUG_ANY,
+"%s: line %d: reverse-lookup: must be \"on\" (default) or \"off\"\n",
+                                       fname, lineno, 0 );
+#endif
+                               return( 1 );
+                       }
+
+#else /* !SLAPD_RLOOKUPS */
+#ifdef NEW_LOGGING
+                       LDAP_LOG(( "config", LDAP_LEVEL_INFO,
+                                  "%s: line %d: reverse lookups "
+                                  "are not configured (ignored).\n",
+                                  fname, lineno ));
+#else
+                       Debug( LDAP_DEBUG_ANY,
+"%s: line %d: reverse lookups are not configured (ignored).\n",
+                               fname, lineno, 0 );
+#endif
+#endif /* !SLAPD_RLOOKUPS */
+
                /* pass anything else to the current backend info/db config routine */
                } else {
                        if ( bi != NULL ) {

diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index a03da830b2f31c55c53f40b4218ef0181b7b1d53..64865406e20e91f748e91a14f5bfebd8f69ac222 100644 (file)
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -330,102 +330,6 @@ static int get_url_perms(
                if ( strncasecmp( type, LDAPI_MOD_URLEXT "=", sizeof(LDAPI_MOD_URLEXT "=") - 1 ) == 0 ) {
                        char    *value = type + sizeof(LDAPI_MOD_URLEXT "=") - 1;
                        mode_t  p = 0;
-
-#if 0
-                       if ( strlen( value ) != 9 ) {
-                               return LDAP_OTHER;
-                       }
-
-                       switch ( value[ 0 ] ) {
-                       case 'r':
-                               p |= S_IRUSR;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 1 ] ) {
-                       case 'w':
-                               p |= S_IWUSR;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 2 ] ) {
-                       case 'x':
-                               p |= S_IXUSR;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 3 ] ) {
-                       case 'r':
-                               p |= S_IRGRP;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 4 ] ) {
-                       case 'w':
-                               p |= S_IWGRP;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 5 ] ) {
-                       case 'x':
-                               p |= S_IXGRP;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 6 ] ) {
-                       case 'r':
-                               p |= S_IROTH;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 7 ] ) {
-                       case 'w':
-                               p |= S_IWOTH;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-
-                       switch ( value[ 8 ] ) {
-                       case 'x':
-                               p |= S_IXOTH;
-                               break;
-                       case '-':
-                               break;
-                       default:
-                               return LDAP_OTHER;
-                       } 
-#else
                        int     j;
 
                        if ( strlen(value) != 3 ) {
@@ -446,7 +350,6 @@ static int get_url_perms(
                                        return LDAP_OTHER;
                                }
                        } 
-#endif
 
                        *crit = c;
                        *perms = p;
@@ -1518,19 +1421,21 @@ slapd_daemon_task(
 #endif
                        ) {
 #ifdef SLAPD_RLOOKUPS
+                               if ( use_reverse_lookup ) {
 #  ifdef LDAP_PF_INET6
-                               if ( from.sa_addr.sa_family == AF_INET6 )
-                                       hp = gethostbyaddr(
-                                               (char *)&(from.sa_in6_addr.sin6_addr),
-                                               sizeof(from.sa_in6_addr.sin6_addr),
-                                               AF_INET6 );
-                               else
+                                       if ( from.sa_addr.sa_family == AF_INET6 )
+                                               hp = gethostbyaddr(
+                                                       (char *)&(from.sa_in6_addr.sin6_addr),
+                                                       sizeof(from.sa_in6_addr.sin6_addr),
+                                                       AF_INET6 );
+                                       else
 #  endif /* LDAP_PF_INET6 */
-                               hp = gethostbyaddr(
-                                       (char *) &(from.sa_in_addr.sin_addr),
-                                       sizeof(from.sa_in_addr.sin_addr),
-                                       AF_INET );
-                               dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
+                                       hp = gethostbyaddr(
+                                               (char *) &(from.sa_in_addr.sin_addr),
+                                               sizeof(from.sa_in_addr.sin_addr),
+                                               AF_INET );
+                                       dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
+                               }
 #else
                                dnsname = NULL;
 #endif /* SLAPD_RLOOKUPS */

diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index e23a04c549c52df318720db6ebec0bff7e729e48..41cd090c6857ca2054a95d578030d34b5e1c3dc9 100644 (file)
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -1039,6 +1039,8 @@ LDAP_SLAPD_V (AccessControl *) global_acl;
 
 LDAP_SLAPD_V (ber_socket_t)    dtblsize;
 
+LDAP_SLAPD_V (int)             use_reverse_lookup;
+
 /*
  * operations
  */