diff options
| author | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2008-06-06 19:27:32 -0400 |
|---|---|---|
| committer | Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | 2008-06-06 19:27:32 -0400 |
| commit | f6f243bda9f23a750c8b5622a5df70d445aaaf9a (patch) | |
| tree | 6bbcd8c6da4dd0ced1f728a49482de57b2466060 /src | |
| parent | 28ba5b9744b6233d5ad3d6da94d91fcf6ab49317 (diff) | |
- wire in to-be-written support for securenets
Diffstat (limited to 'src')
| -rw-r--r-- | src/dispatch.c | 25 |
1 files changed, 24 insertions, 1 deletions
diff --git a/src/dispatch.c b/src/dispatch.c index 79d1f8d..1bbdea8 100644 --- a/src/dispatch.c +++ b/src/dispatch.c @@ -103,6 +103,14 @@ struct dispatch_client_data { } dgram; }; +/* Perform securenets access control. */ +static bool_t +dispatch_access(struct plugin_state *state, struct sockaddr *client_addr) +{ + /* XXX */ + return TRUE; +} + /* Send a reply, unbuffered datagram version. */ static bool_t dispatch_reply_fragment_dgram(struct plugin_state *state, @@ -248,7 +256,7 @@ dispatch_dgram(struct plugin_state *state, int fd) &cdata.dgram.client_addrlen); slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, "datagram request (%d bytes)\n", reqsize); - +#ifdef HAVE_TCPD if ((request_set(state->request_info, RQ_CLIENT_SIN, &cdata.dgram.client_addr, 0) == NULL) || @@ -260,6 +268,14 @@ dispatch_dgram(struct plugin_state *state, int fd) slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, "datagram request permitted by tcp_wrappers\n"); } +#endif + if (dispatch_access(state, &cdata.dgram.client_addr) == 0) { + slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, + "datagram request denied by securenets\n"); + } else { + slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, + "datagram request permitted by securenets\n"); + } /* Handle the request. */ nis_process_request(state, dgram, reqsize, @@ -349,6 +365,13 @@ dispatch_accept_client(struct plugin_state *state, int fd) "tcp_wrappers allows client on %d\n", fd); } #endif + if (dispatch_access(state, &client->client_addr) == 0) { + slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, + "securenets rejected client on %d\n", fd); + } else { + slapi_log_error(SLAPI_LOG_PLUGIN, state->plugin_desc->spd_id, + "securenets allows client on %d\n", fd); + } flags = fcntl(fd, F_GETFL); if ((flags & O_NONBLOCK) == 0) { fcntl(fd, F_SETFL, flags | O_NONBLOCK); |