From eba8e268a84fa2112fcf7445f2aa53aec67ecce6 Mon Sep 17 00:00:00 2001
From: Arthur de Jong <arthur@arthurdejong.org>
Date: Wed, 1 Nov 2006 12:58:33 +0000
Subject: prevent recursive hostname lookups through ldap

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/libnss_ldapd@50 ef36b2f9-881f-0410-afb5-c4e39611909c
---
 nslcd.c | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

(limited to 'nslcd.c')

diff --git a/nslcd.c b/nslcd.c
index ee223fd..25db64e 100644
--- a/nslcd.c
+++ b/nslcd.c
@@ -41,6 +41,7 @@
 #ifdef HAVE_GRP_H
 #include <grp.h>
 #endif /* HAVE_GRP_H */
+#include <nss.h>
 
 #include "nslcd.h"
 #include "nslcd-server.h"
@@ -335,18 +336,10 @@ int main(int argc,char *argv[])
   /* clear the environment */
   /* TODO:implement */
 
-
-
-  /* prevent hostname lookups through recursive calls to nslcd */
-  /* Overwrite service selection for database DBNAME using specification
-   in STRING.
-   This function should only be used by system programs which have to
-   work around non-existing services (e.e., while booting).
-   Attention: Using this function repeatedly will slowly eat up the
-   whole memory since previous selection data cannot be freed.  */
-/*extern int __nss_configure_lookup (__const char *__dbname,
-                                   __const char *__string) __THROW;*/
-
+  /* disable ldap lookups of host names to avoid lookup loop
+     and fall back to files dns (a sensible default) */
+  if (__nss_configure_lookup("hosts","files dns"))
+    log_log(LOG_ERR,"unable to override hosts lookup method: %s",strerror(errno));
 
   /* check if we are already running */
   /* FIXME: implement */
-- 
cgit v1.2.3