mirror of
https://git.openldap.org/openldap/openldap.git
synced 2024-12-21 03:10:25 +08:00
ITS#4099, protect hosts_ctl with tcpd_mutex. From richton@nbcs.rutgers.edu.
This commit is contained in:
parent
82db113f32
commit
f8815bf833
@ -95,6 +95,9 @@ volatile sig_atomic_t slapd_abrupt_shutdown = 0;
|
|||||||
|
|
||||||
static struct slap_daemon {
|
static struct slap_daemon {
|
||||||
ldap_pvt_thread_mutex_t sd_mutex;
|
ldap_pvt_thread_mutex_t sd_mutex;
|
||||||
|
#ifdef HAVE_TCPD
|
||||||
|
ldap_pvt_thread_mutex_t tcpd_mutex;
|
||||||
|
#endif
|
||||||
|
|
||||||
ber_socket_t sd_nactives;
|
ber_socket_t sd_nactives;
|
||||||
int sd_nwriters;
|
int sd_nwriters;
|
||||||
@ -1197,6 +1200,10 @@ int slapd_daemon_init( const char *urls )
|
|||||||
ldap_charray_free( u );
|
ldap_charray_free( u );
|
||||||
ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
|
ldap_pvt_thread_mutex_init( &slap_daemon.sd_mutex );
|
||||||
|
|
||||||
|
#ifdef HAVE_TCPD
|
||||||
|
ldap_pvt_thread_mutex_init( &slap_daemon.tcpd_mutex );
|
||||||
|
#endif
|
||||||
|
|
||||||
return !i;
|
return !i;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1216,6 +1223,11 @@ slapd_daemon_destroy(void)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef HAVE_TCPD
|
||||||
|
ldap_pvt_thread_mutex_destroy( &slap_daemon.tcpd_mutex );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
ldap_pvt_thread_mutex_destroy( &slap_daemon.sd_mutex );
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1472,20 +1484,25 @@ slap_listener(
|
|||||||
#endif /* SLAPD_RLOOKUPS */
|
#endif /* SLAPD_RLOOKUPS */
|
||||||
|
|
||||||
#ifdef HAVE_TCPD
|
#ifdef HAVE_TCPD
|
||||||
if ( !hosts_ctl("slapd",
|
|
||||||
dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
|
|
||||||
peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN,
|
|
||||||
SLAP_STRING_UNKNOWN ))
|
|
||||||
{
|
{
|
||||||
/* DENY ACCESS */
|
int rc;
|
||||||
Statslog( LDAP_DEBUG_STATS,
|
ldap_pvt_thread_mutex_lock( &slap_daemon.tcpd_mutex );
|
||||||
"fd=%ld DENIED from %s (%s)\n",
|
rc = hosts_ctl("slapd",
|
||||||
(long) s,
|
|
||||||
dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
|
dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
|
||||||
peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN,
|
peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN,
|
||||||
0, 0 );
|
SLAP_STRING_UNKNOWN );
|
||||||
slapd_close(s);
|
ldap_pvt_thread_mutex_unlock( &slap_daemon.tcpd_mutex );
|
||||||
return 0;
|
if ( !rc ) {
|
||||||
|
/* DENY ACCESS */
|
||||||
|
Statslog( LDAP_DEBUG_STATS,
|
||||||
|
"fd=%ld DENIED from %s (%s)\n",
|
||||||
|
(long) s,
|
||||||
|
dnsname != NULL ? dnsname : SLAP_STRING_UNKNOWN,
|
||||||
|
peeraddr != NULL ? peeraddr : SLAP_STRING_UNKNOWN,
|
||||||
|
0, 0 );
|
||||||
|
slapd_close(s);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif /* HAVE_TCPD */
|
#endif /* HAVE_TCPD */
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user