There is a obvious errors in aclNBCheck in the patch. It should read:
/* Force ident lookups if configured */
if (Config.onoff.ident_lookup && !*checklist->ident) {
identStart(&checklist->me, &checklist->src,
aclLookupIdentDone, checklist);
return;
}
aclCheck(checklist);
}
I'll try to return with a corrected and isolated patch for ident later
today.
/Henrik
Henrik Nordstrom wrote:
>
> The last day I have been working on transforming the ident acl into a
> normal ACL which invokes ident when needed. While doing this a number of
> other areas have been touched as well when I passed by them and that is
> why the patch looks the way it does..
>
> * Rewrote ident.c to be a separate module, with proper cbdata checks.
> * Moved everything that has to do with invoking ident to acl.c.
> * Moved accel-only access check to acl.c.
> * Moved acl checklist to the request structure. This is to allow reuse
> of looked up information in later access checks. Access list is now sent
> to aclNBCheck instead of aclChecklistCreate.
> * Changed some one-letter variable names to their full name.
> * Deny fast ACL checks if deny and lookup required.
> * Removed most arguments from aclCheckListCreate. It now takes request
> and source/destination addresses (sockaddr_in to include port).
> * Rewrote/added some of the documentation in cbdata.c
> * Added acl type src_port.
> * Changed the username used in logging and redirector to be: (1)
> proxy_auth, (2) ident, (3) "-".
>
> I had planned to split this patch into 3 or 4 separate patches, but due
> to lack of time I have not done this yet.
>
> /Henrik
Received on Tue Jul 29 2003 - 13:15:55 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:02 MST