diff --git a/servers/slapd/back-monitor/listener.c b/servers/slapd/back-monitor/listener.c index 2f8b3b8037..6eac766056 100644 --- a/servers/slapd/back-monitor/listener.c +++ b/servers/slapd/back-monitor/listener.c @@ -99,9 +99,8 @@ monitor_subsys_listener_init( i, monitor_subsys[SLAPD_MONITOR_LISTENER].mss_dn.bv_val, i, - l[i]->sl_name, - - l[i]->sl_url ); + l[i]->sl_name.bv_val, + l[i]->sl_url.bv_val ); e = str2entry( buf ); if ( e == NULL ) { diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c index 241c600391..8d626aee56 100644 --- a/servers/slapd/connection.c +++ b/servers/slapd/connection.c @@ -320,10 +320,9 @@ static void connection_return( Connection *c ) long connection_init( ber_socket_t s, - const char* url, + Listener *listener, const char* dnsname, const char* peername, - const char* sockname, int tls_udp_option, slap_ssf_t ssf, const char *authid ) @@ -333,9 +332,9 @@ long connection_init( assert( connections != NULL ); + assert( listener != NULL ); assert( dnsname != NULL ); assert( peername != NULL ); - assert( sockname != NULL ); #ifndef HAVE_TLS assert( tls_udp_option != 1 ); @@ -420,14 +419,11 @@ long connection_init( c->c_ndn.bv_len = 0; c->c_groups = NULL; - c->c_listener_url.bv_val = NULL; - c->c_listener_url.bv_len = 0; + c->c_listener = NULL; c->c_peer_domain.bv_val = NULL; c->c_peer_domain.bv_len = 0; c->c_peer_name.bv_val = NULL; c->c_peer_name.bv_len = 0; - c->c_sock_name.bv_val = NULL; - c->c_sock_name.bv_len = 0; LDAP_STAILQ_INIT(&c->c_ops); LDAP_STAILQ_INIT(&c->c_pending_ops); @@ -462,10 +458,9 @@ long connection_init( assert( c->c_dn.bv_val == NULL ); assert( c->c_ndn.bv_val == NULL ); assert( c->c_groups == NULL ); - assert( c->c_listener_url.bv_val == NULL ); + assert( c->c_listener == NULL ); assert( c->c_peer_domain.bv_val == NULL ); assert( c->c_peer_name.bv_val == NULL ); - assert( c->c_sock_name.bv_val == NULL ); assert( LDAP_STAILQ_EMPTY(&c->c_ops) ); assert( LDAP_STAILQ_EMPTY(&c->c_pending_ops) ); assert( c->c_sasl_bind_mech.bv_val == NULL ); @@ -474,10 +469,9 @@ long connection_init( assert( c->c_sasl_bindop == NULL ); assert( c->c_currentber == NULL ); - ber_str2bv( url, 0, 1, &c->c_listener_url ); + c->c_listener = listener; ber_str2bv( dnsname, 0, 1, &c->c_peer_domain ); ber_str2bv( peername, 0, 1, &c->c_peer_name ); - ber_str2bv( sockname, 0, 1, &c->c_sock_name ); c->c_n_ops_received = 0; c->c_n_ops_executing = 0; @@ -633,12 +627,7 @@ connection_destroy( Connection *c ) c->c_activitytime = c->c_starttime = 0; connection2anonymous( c ); - - if(c->c_listener_url.bv_val != NULL) { - free(c->c_listener_url.bv_val); - c->c_listener_url.bv_val = NULL; - } - c->c_listener_url.bv_len = 0; + c->c_listener = NULL; if(c->c_peer_domain.bv_val != NULL) { free(c->c_peer_domain.bv_val); @@ -666,11 +655,6 @@ connection_destroy( Connection *c ) c->c_peer_name.bv_val = NULL; } c->c_peer_name.bv_len = 0; - if(c->c_sock_name.bv_val != NULL) { - free(c->c_sock_name.bv_val); - c->c_sock_name.bv_val = NULL; - } - c->c_sock_name.bv_len = 0; c->c_sasl_bind_in_progress = 0; if(c->c_sasl_bind_mech.bv_val != NULL) { diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c index 4fd8adf240..fd1d84f8a9 100644 --- a/servers/slapd/daemon.c +++ b/servers/slapd/daemon.c @@ -588,6 +588,9 @@ static int slap_open_listener( int socktype = SOCK_STREAM; /* default to COTS */ #ifdef LDAP_PF_LOCAL + /* + * use safe defaults + */ mode_t perms = S_IRWXU; int crit = 1; #endif @@ -607,7 +610,7 @@ static int slap_open_listener( return rc; } - l.sl_url = NULL; + l.sl_url.bv_val = NULL; #ifndef HAVE_TLS if( ldap_pvt_url_scheme2tls( lud->lud_scheme ) ) { @@ -831,8 +834,10 @@ static int slap_open_listener( slap_free_listener_addresses(psal); return -1; } - l.sl_name = ch_malloc( strlen(addr) + sizeof("PATH=") ); - sprintf( l.sl_name, "PATH=%s", addr ); + l.sl_name.bv_len = strlen(addr) + sizeof("PATH=") - 1; + l.sl_name.bv_val = ber_memalloc( l.sl_name.bv_len + 1 ); + snprintf( l.sl_name.bv_val, l.sl_name.bv_len + 1, + "PATH=%s", addr ); } break; #endif /* LDAP_PF_LOCAL */ @@ -847,9 +852,11 @@ static int slap_open_listener( s = inet_ntoa( ((struct sockaddr_in *) *sal)->sin_addr ); #endif port = ntohs( ((struct sockaddr_in *)*sal) ->sin_port ); - l.sl_name = ch_malloc( sizeof("IP=255.255.255.255:65535") ); - sprintf( l.sl_name, "IP=%s:%d", + l.sl_name.bv_val = ber_memalloc( sizeof("IP=255.255.255.255:65535") ); + snprintf( l.sl_name.bv_val, sizeof("IP=255.255.255.255:65535"), + "IP=%s:%d", s != NULL ? s : "unknown" , port ); + l.sl_name.bv_len = strlen( l.sl_name.bv_val ); } break; #ifdef LDAP_PF_INET6 @@ -858,8 +865,11 @@ static int slap_open_listener( inet_ntop( AF_INET6, &((struct sockaddr_in6 *)*sal)->sin6_addr, addr, sizeof addr); port = ntohs( ((struct sockaddr_in6 *)*sal)->sin6_port ); - l.sl_name = ch_malloc( strlen(addr) + sizeof("IP= 65535") ); - sprintf( l.sl_name, "IP=%s %d", addr, port ); + l.sl_name.bv_len = strlen(addr) + sizeof("IP= 65535"); + l.sl_name.bv_val = ber_memalloc( l.sl_name.bv_len ); + snprintf( l.sl_name.bv_val, l.sl_name.bv_len, "IP=%s %d", + addr, port ); + l.sl_name.bv_len = strlen( l.sl_name.bv_val ); } break; #endif /* LDAP_PF_INET6 */ @@ -876,7 +886,7 @@ static int slap_open_listener( } AC_MEMCPY(&l.sl_sa, *sal, addrlen); - l.sl_url = ch_strdup( url ); + ber_str2bv( url, 0, 1, &l.sl_url); li = ch_malloc( sizeof( Listener ) ); *li = l; slap_listeners[*cur] = li; @@ -887,7 +897,7 @@ static int slap_open_listener( slap_free_listener_addresses(psal); - if ( l.sl_url == NULL ) + if ( l.sl_url.bv_val == NULL ) { #ifdef NEW_LOGGING LDAP_LOG( CONNECTION, RESULTS, @@ -901,10 +911,11 @@ static int slap_open_listener( #ifdef NEW_LOGGING LDAP_LOG( CONNECTION, RESULTS, - "slap_open_listener: daemon initialized %s\n", l.sl_url, 0, 0 ); + "slap_open_listener: daemon initialized %s\n", + l.sl_url.bv_val, 0, 0 ); #else Debug( LDAP_DEBUG_TRACE, "daemon: initialized %s\n", - l.sl_url, 0, 0 ); + l.sl_url.bv_val, 0, 0 ); #endif return 0; } @@ -1071,10 +1082,10 @@ close_listeners( #endif /* LDAP_PF_LOCAL */ slapd_close( slap_listeners[l]->sl_sd ); } - if ( slap_listeners[l]->sl_url ) - free ( slap_listeners[l]->sl_url ); - if ( slap_listeners[l]->sl_name ) - free ( slap_listeners[l]->sl_name ); + if ( slap_listeners[l]->sl_url.bv_val ) + ber_memfree( slap_listeners[l]->sl_url.bv_val ); + if ( slap_listeners[l]->sl_name.bv_val ) + ber_memfree( slap_listeners[l]->sl_name.bv_val ); free ( slap_listeners[l] ); slap_listeners[l] = NULL; } @@ -1149,11 +1160,11 @@ slapd_daemon_task( #ifdef NEW_LOGGING LDAP_LOG( CONNECTION, ERR, "slapd_daemon_task: listen( %s, 5 ) failed errno=%d (%s)\n", - slap_listeners[l]->sl_url, err, sock_errstr(err) ); + slap_listeners[l]->sl_url.bv_val, err, sock_errstr(err) ); #else Debug( LDAP_DEBUG_ANY, "daemon: listen(%s, 5) failed errno=%d (%s)\n", - slap_listeners[l]->sl_url, err, + slap_listeners[l]->sl_url.bv_val, err, sock_errstr(err) ); #endif return( (void*)-1 ); @@ -1393,9 +1404,8 @@ slapd_daemon_task( */ if ( slap_listeners[l]->sl_is_udp < 2 ) { id = connection_init( - slap_listeners[l]->sl_sd, - slap_listeners[l]->sl_url, "", "", - slap_listeners[l]->sl_name, + slap_listeners[l]->sl_sd, + slap_listeners[l], "", "", 2, ssf, authid ); slap_listeners[l]->sl_is_udp++; } @@ -1621,10 +1631,9 @@ slapd_daemon_task( } id = connection_init(s, - slap_listeners[l]->sl_url, + slap_listeners[l], dnsname != NULL ? dnsname : "unknown", peername, - slap_listeners[l]->sl_name, #ifdef HAVE_TLS slap_listeners[l]->sl_is_tls, #else @@ -1638,24 +1647,29 @@ slapd_daemon_task( if( id < 0 ) { #ifdef NEW_LOGGING LDAP_LOG( CONNECTION, INFO, - "slapd_daemon_task: connection_init(%ld, %s, %s) failed.\n", - (long)s, peername, slap_listeners[l]->sl_name ); + "slapd_daemon_task: " + "connection_init(%ld, %s, %s) " + "failed.\n", + (long)s, peername, + slap_listeners[l]->sl_name.bv_val ); #else Debug( LDAP_DEBUG_ANY, - "daemon: connection_init(%ld, %s, %s) failed.\n", + "daemon: connection_init(%ld, %s, %s) " + "failed.\n", (long) s, peername, - slap_listeners[l]->sl_name ); + slap_listeners[l]->sl_name.bv_val ); #endif slapd_close(s); continue; } Statslog( LDAP_DEBUG_STATS, - "daemon: conn=%ld fd=%ld connection from %s (%s) accepted.\n", + "daemon: conn=%ld fd=%ld connection from %s " + "(%s) accepted.\n", id, (long) s, peername, - slap_listeners[l]->sl_name, + slap_listeners[l]->sl_name.bv_val, 0 ); slapd_add( s ); diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h index d7a963ed1b..7e9acb5d73 100644 --- a/servers/slapd/proto-slap.h +++ b/servers/slapd/proto-slap.h @@ -287,10 +287,9 @@ LDAP_SLAPD_F (int) connections_timeout_idle LDAP_P((time_t)); LDAP_SLAPD_F (long) connection_init LDAP_P(( ber_socket_t s, - const char* url, + Listener* url, const char* dnsname, const char* peername, - const char* sockname, int use_tls, slap_ssf_t ssf, const char *id )); diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index df6b9abe18..da5530b06c 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -1643,6 +1643,8 @@ typedef struct slap_gacl { char ga_ndn[1]; } GroupAssertion; +typedef struct slap_listener Listener; + /* * represents a connection from an ldap client */ @@ -1658,10 +1660,11 @@ typedef struct slap_conn { time_t c_activitytime; /* when the connection was last used */ unsigned long c_connid; /* id of this connection for stats*/ - struct berval c_listener_url; /* listener URL */ struct berval c_peer_domain; /* DNS name of client */ struct berval c_peer_name; /* peer name (trans=addr:port) */ - struct berval c_sock_name; /* sock name (trans=addr:port) */ + Listener *c_listener; +#define c_listener_url c_listener->sl_url /* listener URL */ +#define c_sock_name c_listener->sl_name /* sock name (trans=addr:port) */ /* only can be changed by binding thread */ int c_sasl_bind_in_progress; /* multi-op bind in progress */ @@ -1725,9 +1728,9 @@ typedef struct slap_conn { /* * listener; need to access it from monitor backend */ -typedef struct slap_listener { - char* sl_url; - char* sl_name; +struct slap_listener { + struct berval sl_url; + struct berval sl_name; #ifdef HAVE_TLS int sl_is_tls; #endif @@ -1737,7 +1740,7 @@ typedef struct slap_listener { ber_socket_t sl_sd; Sockaddr sl_sa; #define sl_addr sl_sa.sa_in_addr -} Listener; +}; #ifdef SLAPD_MONITOR /*