Kurt Zeilenga
6939c53170
Happy new year
2003-01-03 20:20:47 +00:00
Kurt Zeilenga
f43bf6b283
cleanup
2002-12-20 04:08:06 +00:00
Howard Chu
0e69c86461
Fix Statslog messages
2002-12-17 00:23:36 +00:00
Howard Chu
40b651afb1
Fix previous commit, was freeing name from rev-lookup too soon.
2002-12-16 00:58:05 +00:00
Howard Chu
ee571c54a4
Must use reentrant gethostbyaddr for reverse lookups. Other threads may
...
be doing lookups too (e.g., SASL/GSSAPI)
2002-12-11 16:36:36 +00:00
Kurt Zeilenga
56ebd53e51
expand authid buffer
2002-12-08 07:56:49 +00:00
Kurt Zeilenga
7c4445aed4
Avoid magic constant (32) in allocation. Use sizeof instead
2002-12-07 18:34:25 +00:00
Kurt Zeilenga
eb41333e4c
Use getpeereid(3) where available else use *_PEERCRED replacment function
2002-12-04 06:17:32 +00:00
Luke Howard
daf7d0c0eb
Support SO_PEERCRED SASL EXTERNAL authorization.
2002-12-04 04:14:44 +00:00
Kurt Zeilenga
e1f2ed9bc1
Delete some old (bad) statslog messages
2002-11-11 18:38:57 +00:00
Pierangelo Masarati
dea2420569
beautify "unknown"
2002-10-26 18:51:24 +00:00
Pierangelo Masarati
8558b8808e
actually, get_perms is needed by ldapi:// rgeardless of -DSLAP_X_LISTENER_MOD
2002-10-26 10:02:41 +00:00
Kurt Zeilenga
36569048ff
Add "allow update_anon"
...
Fix -USLAP_X_LISTENER_MOD builds
2002-10-25 18:47:24 +00:00
Pierangelo Masarati
97e526cb2d
add restrictions related to listeners in form of file permissions
...
(see in slapd(8) the description on how to enforce file permissions
on sockets in ldapi schema); at present, only user permissions are
used as follows: the url extension x-mod=-rwxrwxrwx is used; only
the user permisisons are considered, e.g. the first set of rwx;
"r" means read is allowed from that listener
"w" means write is allowed on that listener
"x" means bind is not required on that listener
these restrictions ADD to those already present, and are actually
checked AFTER the other restrictions, but BEFORE ACLs, so they can
be used to apply gross restrictions but should not be viewed as
a replacement of ACLs. To compile this, #define SLAP_X_LISTENER_MOD
2002-10-25 16:43:44 +00:00
Pierangelo Masarati
956f1d16aa
listener:
...
- use bervals for url and sockname
- pass connection_init() the listener struct pointer instead of each value
- don't copy them in the Connection struct 'cause they're not going to change
- define macros for legacy usage of c_listener_url and c_sockname
2002-10-24 10:03:52 +00:00
Pierangelo Masarati
fdd586a6b7
change socket permission syntax (to reuse function for other purposes)
2002-10-23 14:12:01 +00:00
Howard Chu
e6d10b9590
Revert previous commit. More thought needed re: IPV4 vs IPv6 failures
2002-10-09 21:18:51 +00:00
Howard Chu
2e538e19d4
ITS#2132, give up at first bind failure
2002-10-09 20:45:13 +00:00
Howard Chu
b9bd44b047
Fix ITS#2132, give up if listener fails to open
2002-10-09 18:57:50 +00:00
Howard Chu
bdf9b3ae1b
Fix ITS#1033 slapd hangs with GNU Pth - don't write to the wakefd
...
more than once at any given time.
2002-09-21 03:52:16 +00:00
Kurt Zeilenga
3eb21d8a6c
Misc cleanup
2002-09-16 21:50:55 +00:00
Kurt Zeilenga
23efa07a99
use ldap_charray_*() instead of charray_*()
2002-08-24 00:55:24 +00:00
Howard Chu
5a01db28e3
Moved slap_strcopy, slap_strncopy to lutil_strcopy, lutil_strncopy
2002-07-27 00:24:02 +00:00
Stig Venaas
bf5e3a15ca
Use AF_INET instead of AF_UNSPEC when IPv6 disabled
2002-07-12 15:36:33 +00:00
Julius Enarusai
6107ba67d2
Coverted LDAP_LOG macro to use subsystem ID int values instead of string values
2002-07-11 20:33:24 +00:00
Stig Venaas
62139b6ef3
Set peeraddr also for IPv6, fixes ITS#1918
2002-07-05 20:29:15 +00:00
Stig Venaas
804490a8b1
Use IPV6_V6ONLY on IPv6 sockets if available. This way we only get IPv6
...
packets on the IPv6 socket, and we receive only IPv6 with -6.
2002-06-27 13:20:37 +00:00
Stig Venaas
6d025001da
Ignore error if listen on socket bound to 0.0.0.0 fails and already
...
listening on socket bound to ::
2002-06-27 12:41:09 +00:00
Kurt Zeilenga
27fdd04153
Add -4/-6 flags to slapd to force use of IPv4 or IPv6
2002-06-15 22:01:39 +00:00
Kurt Zeilenga
faf91f1f1f
Update to the 'gentle SIGHUP' patch. (ITS#1679)
...
- Let write operations return unwilling-to-perform after
'gentle shutdown' has been initiated.
- Change -1 to 2 in slapd_gentle_shutdown and slapd_shutdown, since
sig_atomic_t can be unsigned (ITS#1736). The 'gentle SIGHUP' patch
is older than ITS#1736 but was applied later, so it reintroduced
the problem.
Hallvard B. Furuseth <h.b.furuseth@usit.uio.no>, June 2002.
2002-06-12 15:43:19 +00:00
Howard Chu
b89c4539b9
Fix Listeners: handles multiple addresses for a given hostname, copies
...
sockaddr into Listener structure.
2002-06-06 10:33:18 +00:00
Kurt Zeilenga
19eca33ca3
Gentile HUP shutdown from Hallvard
2002-06-03 16:47:43 +00:00
Howard Chu
efecf4e121
ITS#1733 eliminate o_abandonmutex
2002-04-11 08:03:40 +00:00
Howard Chu
98e3499b05
ITS#1736 slapd_shutdown can be unsigned
2002-04-11 07:28:30 +00:00
Pierangelo Masarati
f4dba925ff
add a switch that enables/disables reverse lookups if configured with rlookups
2002-04-03 15:40:49 +00:00
Pierangelo Masarati
6174cb6529
improvement of permission handling of local sockets (ITS#1660, issue 2)
2002-03-23 16:07:19 +00:00
Howard Chu
f0a453dfca
Fix ITS#1615
2002-03-07 20:23:48 +00:00
Pierangelo Masarati
4f2ff1c108
uses URL extensions to set socket permissions other than default
...
URL Syntax:
ldapi://[<path>[/????[!]x-mod=<mod>]]
where <path> is the URL-encoded path of the socket (i.e. use %2F instead
of '/' for UNIX filenames!) and <mod> is 3*[w|-] (all we need is write
permission to the socket, read/execute permissions are ignored; however,
they're set when opening the listener). The critical flag (the optional
'!' if not used ignores the result of the chmod() operation.
2002-01-28 20:26:55 +00:00
Pierangelo Masarati
eb14feac7e
provisions for user-supplied permissions
2002-01-28 17:57:53 +00:00
Pierangelo Masarati
f00f86bf22
another round at cleaning it up: better naming, more attributes and so
2002-01-28 17:21:52 +00:00
Pierangelo Masarati
619f772459
listener monitor
2002-01-11 11:43:35 +00:00
Pierangelo Masarati
5dfbf93687
need this outside for back monitor ...
2002-01-11 10:46:58 +00:00
Kurt Zeilenga
0e2af54a3f
Update copyright statements
2002-01-04 21:17:25 +00:00
Howard Chu
bbcb0f8a7f
Replace strcat with slap_strcopy
2001-12-26 16:25:18 +00:00
Howard Chu
8ad557e4ec
fix from jon@symas.com - inet_ntoa on uninitialized sockaddr
2001-12-17 22:46:59 +00:00
Howard Chu
826056e75b
More thorough backend_destroy. Added config_destroy. Destroy slap_listeners.
...
Plugged other small leaks.
2001-12-15 12:05:58 +00:00
Kurt Zeilenga
b4ccbc2722
ITS#1413 suggested fix
...
(I think I fixed this by other means, but this does no harm)
2001-12-07 17:25:34 +00:00
Howard Chu
0552b1c53f
NT updates from jon@symas.com.
2001-12-07 04:03:25 +00:00
Kurt Zeilenga
b5504a1c36
Clean up some misplaced 'extern' declarations (should be headers)
2001-12-04 19:57:09 +00:00
Pierangelo Masarati
aee3600276
minor cleanup
2001-11-17 16:18:07 +00:00