}
#endif
-/* #define CONNECTION_INPUT_LOOP 1 */
-#define DATA_READY_LOOP 1
+#define CONNECTION_INPUT_LOOP 1
+/* #define DATA_READY_LOOP 1 */
do
{
long id;
slap_ssf_t ssf = 0;
char *authid = NULL;
+#ifdef SLAPD_RLOOKUPS
+ char *hebuf = NULL;
+#endif
char *dnsname = NULL;
char *peeraddr = NULL;
if ( use_reverse_lookup ) {
struct hostent he;
int herr;
- char *ha = NULL;
- hp = NULL;
+ struct hostent *hp = NULL;
# ifdef LDAP_PF_INET6
if ( from.sa_addr.sa_family == AF_INET6 )
ldap_pvt_gethostbyaddr_a(
(char *)&(from.sa_in6_addr.sin6_addr),
sizeof(from.sa_in6_addr.sin6_addr),
- AF_INET6, &he, &ha,
+ AF_INET6, &he, &hebuf,
&hp, &herr );
else
# endif /* LDAP_PF_INET6 */
ldap_pvt_gethostbyaddr_a(
(char *) &(from.sa_in_addr.sin_addr),
sizeof(from.sa_in_addr.sin_addr),
- AF_INET, &he, &ha, &hp, &herr );
+ AF_INET, &he, &hebuf, &hp, &herr );
dnsname = hp ? ldap_pvt_str2lower( hp->h_name ) : NULL;
- if (ha) ldap_memfree( ha );
}
#else
dnsname = NULL;
{
/* DENY ACCESS */
Statslog( LDAP_DEBUG_STATS,
- "fd=%ld host access from %s (%s) denied.\n",
+ "fd=%ld DENIED from %s (%s)",
(long) s,
dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN,
authid );
if( authid ) ch_free(authid);
+#ifdef SLAPD_RLOOKUPS
+ if( hebuf ) ldap_memfree(hebuf);
+#endif
if( id < 0 ) {
#ifdef NEW_LOGGING
}
Statslog( LDAP_DEBUG_STATS,
- "daemon: conn=%ld fd=%ld connection from %s "
- "(%s) accepted.\n",
+ "conn=%ld fd=%ld ACCEPT from %s "
+ "(%s)\n",
id, (long) s,
peername,
slap_listeners[l]->sl_name.bv_val,
/* Nothing to do if no authzID was given */
if ( !auxvals[1].name || !auxvals[1].values ) {
conn->c_sasl_dn = authcDN;
- return SASL_OK;
+ goto ok;
}
AC_MEMCPY( &authzDN, auxvals[1].values[0], sizeof(authzDN) );
}
conn->c_sasl_dn = authzDN;
+ok:
+ if (conn->c_sasl_bindop) {
+ Statslog( LDAP_DEBUG_STATS,
+ "conn=%lu op=%lu BIND authcid=\"%s\"\n",
+ conn->c_connid, conn->c_sasl_bindop->o_opid,
+ auth_identity, 0, 0);
+ }
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, ENTRY,
#endif
conn->c_sasl_dn = authcDN;
- *errstr = NULL;
- return SASL_OK;
+ goto ok;
}
rc = slap_sasl_getdn( conn, (char *)authzid, 0, realm, &authzDN, FLAG_GETDN_AUTHZID );
if( rc != LDAP_SUCCESS ) {
ch_free( authzDN.bv_val );
return SASL_NOAUTHZ;
}
+ conn->c_sasl_dn = authzDN;
+ok:
#ifdef NEW_LOGGING
LDAP_LOG( TRANSPORT, RESULTS,
"slap_sasl_authorize: conn %d authorization allowed\n",
(long) (conn ? conn->c_connid : -1), 0, 0 );
#endif
- conn->c_sasl_dn = authzDN;
+ if (conn->c_sasl_bindop) {
+ Statslog( LDAP_DEBUG_STATS,
+ "conn=%lu op=%lu BIND authcid=\"%s\"\n",
+ conn->c_connid, conn->c_sasl_bindop->o_opid,
+ auth_identity, 0, 0);
+ }
+
*errstr = NULL;
return SASL_OK;
}
}
rc = slap_parseURI( ®out, &dn, &scope, &filter );
+ if( regout.bv_val ) ch_free( regout.bv_val );
if( rc != LDAP_SUCCESS ) {
goto FINISHED;
}