diff options
| author | Noriko Hosoi <nhosoi@redhat.com> | 2008-05-16 16:46:49 +0000 |
|---|---|---|
| committer | Noriko Hosoi <nhosoi@redhat.com> | 2008-05-16 16:46:49 +0000 |
| commit | f4cadfcc40326a6ce29cb4b2aafee568fc15bb05 (patch) | |
| tree | 6b53ba554b92ed780d769960146da2a038c99baa /ldap/servers/slapd/daemon.c | |
| parent | c6f0c0228924cf4984b0de6ce3e8e965a9c2d3ce (diff) | |
| download | ds-f4cadfcc40326a6ce29cb4b2aafee568fc15bb05.tar.gz ds-f4cadfcc40326a6ce29cb4b2aafee568fc15bb05.tar.xz ds-f4cadfcc40326a6ce29cb4b2aafee568fc15bb05.zip | |
Resolves: #436390
Summary: LDAPI: support auto-bind
Description:
1) Debugged the basic code of slapd_get_socket_peer, which is used for Solaris9
and HP-UX. The recvmsg call returns an error immediately if no data is waiting
to be received since the socket is set PR_SockOpt_Nonblocking (O_NONBLOCK). To
make slapd_get_socket_peer more robust, we have to retry recvmsg if it returns
EAGAIN. But set a retry count not to hang there.
2) Introduced c_local_valid in the Connection handle to tell the autobind
code that the uid/gid pair is valid or not.
3) Stops the automagic/unconditional auto-bind (the code used to be in
daemon.c).
4) Auto-bind is effective only when the client passes the SASL/EXTERNAL request.
Diffstat (limited to 'ldap/servers/slapd/daemon.c')
| -rw-r--r-- | ldap/servers/slapd/daemon.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c index 8bdd6521..71531b51 100644 --- a/ldap/servers/slapd/daemon.c +++ b/ldap/servers/slapd/daemon.c @@ -1963,11 +1963,13 @@ slapd_identify_local_user(Connection *conn) int ret = -1; uid_t uid = 0; gid_t gid = 0; + conn->c_local_valid = 0; if(0 == slapd_get_socket_peer(conn->c_prfd, &uid, &gid)) { conn->c_local_uid = uid; conn->c_local_gid = gid; + conn->c_local_valid = 1; ret = 0; } @@ -1983,6 +1985,11 @@ slapd_bind_local_user(Connection *conn) uid_t uid = conn->c_local_uid; gid_t gid = conn->c_local_gid; + if (!conn->c_local_valid) + { + goto bail; + } + /* observe configuration for auto binding */ /* bind at all? */ if(config_get_ldapi_bind_switch()) @@ -2338,16 +2345,12 @@ handle_new_connection(Connection_Table *ct, int tcps, PRFileDesc *pr_acceptfd, i #if defined(ENABLE_LDAPI) #if !defined( XP_WIN32 ) - /* ldapi */ - if( local ) - { - conn->c_unix_local = 1; + /* ldapi */ + if( local ) + { + conn->c_unix_local = 1; slapd_identify_local_user(conn); - -#if defined(ENABLE_AUTOBIND) - slapd_bind_local_user(conn); -#endif /* ENABLE_AUTOBIND */ - } + } #endif #endif /* ENABLE_LDAPI */ |