[Pkg-openldap-devel] [openldap] 20/29: r1566 at pulsar: torsten | 2005-03-26 02:02:15 +0100 * servers/slapd/daemon.c: Actually change the permissions of the unix socket if requested using an ldapi url with x-mod.

[Timo Aaltonen]

This is an automated email from the git hooks/post-receive script.

tjaalton-guest pushed a commit to annotated tag 2.2.23-0.pre6
in repository openldap.

commit c469fc06263bac4fd4465a1fa5b15eba2cfefd30
Author: Torsten Landschoff <torsten at debian.org>
Date:   Sat Mar 26 00:58:43 2005 +0000

     r1566 at pulsar:  torsten | 2005-03-26 02:02:15 +0100
      * servers/slapd/daemon.c: Actually change the permissions of the
        unix socket if requested using an ldapi url with x-mod.
---
 debian/changelog       |    2 ++
 servers/slapd/daemon.c |   26 ++++++++++++++++----------
 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index f4f296c..f1ca2d1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -35,6 +35,8 @@ openldap2.2 (2.2.23-0.pre6) experimental; urgency=low
       create_new_configuration.
     + debian/DB_CONFIG: Example DB_CONFIG that is installed.
     + debian/slapd.examples: Mark DB_CONFIG as an example.
+  * servers/slapd/daemon.c: Actually change the permissions of the 
+    unix socket if requested using an ldapi url with x-mod.
 
  -- 
 
diff --git a/servers/slapd/daemon.c b/servers/slapd/daemon.c
index 071b909..e5dc120 100644
--- a/servers/slapd/daemon.c
+++ b/servers/slapd/daemon.c
@@ -369,6 +369,12 @@ static void slap_free_listener_addresses(struct sockaddr **sal)
 	ch_free(sal);
 }
 
+enum {
+  PERMS_UNSET,
+  PERMS_CRITICAL,
+  PERMS_OPTIONAL
+};
+
 #if defined(LDAP_PF_LOCAL) || defined(SLAP_X_LISTENER_MOD)
 static int get_url_perms(
 	char 	**exts,
@@ -381,13 +387,13 @@ static int get_url_perms(
 	assert( perms );
 	assert( crit );
 
-	*crit = 0;
+	*crit = PERMS_UNSET;
 	for ( i = 0; exts[ i ]; i++ ) {
 		char	*type = exts[ i ];
-		int	c = 0;
+		int	c = PERMS_OPTIONAL;
 
 		if ( type[ 0 ] == '!' ) {
-			c = 1;
+			c = PERMS_CRITICAL;
 			type++;
 		}
 
@@ -649,7 +655,7 @@ static int slap_open_listener(
 	/*
 	 * use safe defaults
 	 */
-	int	crit = 1;
+	int	crit = PERMS_UNSET;
 #endif /* LDAP_PF_LOCAL || SLAP_X_LISTENER_MOD */
 
 	rc = ldap_url_parse( url, &lud );
@@ -888,8 +894,7 @@ static int slap_open_listener(
 #ifdef LDAP_PF_LOCAL
 	case AF_LOCAL: {
 		char *addr = ((struct sockaddr_un *)*sal)->sun_path;
-#if 0 /* don't muck with socket perms */
-		if ( chmod( addr, l.sl_perms ) < 0 && crit ) {
+		if (crit != PERMS_UNSET && (chmod( addr, l.sl_perms ) < 0)) {
 			int err = sock_errno();
 #ifdef NEW_LOGGING
 			LDAP_LOG( CONNECTION, INFO, 
@@ -899,11 +904,12 @@ static int slap_open_listener(
 			Debug( LDAP_DEBUG_ANY, "daemon: fchmod(%ld) failed errno=%d (%s)",
 			       (long) l.sl_sd, err, sock_errstr(err) );
 #endif
-			tcp_close( l.sl_sd );
-			slap_free_listener_addresses(psal);
-			return -1;
+			if(crit == PERMS_CRITICAL) {
+		 		tcp_close( l.sl_sd );
+				slap_free_listener_addresses(psal);
+				return -1;
+			}
 		}
-#endif
 		l.sl_name.bv_len = strlen(addr) + sizeof("PATH=") - 1;
 		l.sl_name.bv_val = ber_memalloc( l.sl_name.bv_len + 1 );
 		snprintf( l.sl_name.bv_val, l.sl_name.bv_len + 1, 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openldap/openldap.git