2 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4 * Copyright 1998-2006 The OpenLDAP Foundation.
5 * Portions Copyright 2003 Mark Benson.
6 * Portions Copyright 2002 John Morrissey.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted only as authorized by the OpenLDAP
13 * A copy of this license is available in file LICENSE in the
14 * top-level directory of the distribution or, alternatively, at
15 * <http://www.OpenLDAP.org/license.html>.
17 /* Portions Copyright (c) 1996 Regents of the University of Michigan.
18 * All rights reserved.
20 * Redistribution and use in source and binary forms are permitted
21 * provided that this notice is preserved and that due credit is given
22 * to the University of Michigan at Ann Arbor. The name of the University
23 * may not be used to endorse or promote products derived from this
24 * software without specific prior written permission. This software
25 * is provided ``as is'' without express or implied warranty.
28 * This work was originally developed by the University of Michigan
29 * (as part of U-MICH LDAP). Additional signficant contributors
37 * config.c - configuration file handling routines
44 #include <ac/stdlib.h>
45 #include <ac/string.h>
46 #include <ac/socket.h>
57 /* Forward declarations */
58 static void add_replica LDAP_P(( char **, int ));
59 static int parse_replica_line LDAP_P(( char **, int, Ri *));
60 static void parse_line LDAP_P(( char * ));
61 static char *slurpd_getline LDAP_P(( FILE * ));
62 static char *strtok_quote LDAP_P(( char *, char * ));
64 int cargc = 0, cargv_size = 0;
66 /* current config file line # */
69 char *slurpd_pid_file = NULL;
70 char *slurpd_args_file = NULL;
73 * Read the slapd config file, looking only for config options we're
74 * interested in. Since we haven't detached from the controlling
75 * terminal yet, we just perror() and fprintf here.
85 #define GOT_REPLOG_NO (0)
86 #define GOT_REPLOG_ONE (1)
87 #define GOT_REPLOG_YES (2)
88 #define GOT_REPLOG_DONE (3)
89 #define GOT_REPLOG_MASK (0xF)
90 #define GOT_REPLOG(i) ((i) & GOT_REPLOG_MASK)
91 #define GOT_REPLOG_SET(i,v) ((i) = ((i) & ~GOT_REPLOG_MASK) | ((v) & GOT_REPLOG_MASK))
93 #define GOT_REPLOG_PID (0x10)
94 #define GOT_REPLOG_ARGS (0x20)
95 #define GOT_REPLOG_INTERVAL (0x40)
96 int got_replog = GOT_REPLOG_NO;
99 * replica-pidfile and replica-argsfile can appear before any replog;
100 * in this case they're global (legacy behavior); otherwise, since
101 * each replog needs a slurpd, they can appear after a replogfile line;
102 * in that case, the replog specific values are used.
105 if ( cargv == NULL ) {
106 cargv = ch_calloc( ARGS_STEP + 1, sizeof(*cargv) );
107 cargv_size = ARGS_STEP + 1;
110 Debug( LDAP_DEBUG_CONFIG, "Config: opening config file \"%s\"\n",
113 if ( (fp = fopen( fname, "r" )) == NULL ) {
115 exit( EXIT_FAILURE );
119 while ( (line = slurpd_getline( fp )) != NULL ) {
120 /* skip comments and blank lines */
121 if ( line[0] == '#' || line[0] == '\0' ) {
125 Debug( LDAP_DEBUG_CONFIG, "Config: (%s)\n", line, 0, 0 );
130 fprintf( stderr, "line %d: bad config line (ignored)\n", lineno );
134 /* replication log file to which changes are appended */
135 if ( strcasecmp( cargv[0], "replogfile" ) == 0 ) {
137 * if slapd_replogfile has a value, the -r option was given,
138 * so use that value. If slapd_replogfile has length == 0,
139 * then we should use the value in the config file we're reading.
143 "line %d: missing filename in \"replogfile ",
145 fprintf( stderr, "<filename>\" line\n" );
146 exit( EXIT_FAILURE );
148 } else if ( cargc > 2 && *cargv[2] != '#' ) {
150 "line %d: extra cruft at the end of \"replogfile %s\"",
152 fprintf( stderr, "line (ignored)\n" );
155 LUTIL_SLASHPATH( cargv[1] );
156 if ( sglob->slapd_replogfile[0] == '\0' ) {
157 strcpy( sglob->slapd_replogfile, cargv[1] );
158 GOT_REPLOG_SET(got_replog, GOT_REPLOG_YES);
161 if ( strcmp( sglob->slapd_replogfile, cargv[1] ) == 0 ) {
162 GOT_REPLOG_SET(got_replog, GOT_REPLOG_YES);
164 } else if ( GOT_REPLOG(got_replog) == GOT_REPLOG_YES ) {
165 GOT_REPLOG_SET(got_replog, GOT_REPLOG_DONE);
168 GOT_REPLOG_SET(got_replog, GOT_REPLOG_ONE);
172 } else if ( strcasecmp( cargv[0], "replica" ) == 0 ) {
173 add_replica( cargv, cargc );
175 /* include another config file */
176 } else if ( strcasecmp( cargv[0], "include" ) == 0 ) {
181 Debug( LDAP_DEBUG_ANY,
182 "%s: line %d: missing filename in \"include <filename>\" line\n",
187 LUTIL_SLASHPATH( cargv[1] );
188 savefname = strdup( cargv[1] );
191 if ( slurpd_read_config( savefname ) != 0 ) {
196 lineno = savelineno - 1;
198 } else if ( strcasecmp( cargv[0], "replica-pidfile" ) == 0 ) {
200 Debug( LDAP_DEBUG_ANY,
201 "%s: line %d: missing file name in \"replica-pidfile <file>\" line\n",
207 switch ( GOT_REPLOG(got_replog) ) {
209 Debug( LDAP_DEBUG_CONFIG, "%s: line %d: "
210 "got replog specific replica-pidfile \"%s\".\n",
211 fname, lineno, cargv[1] );
213 LUTIL_SLASHPATH( cargv[1] );
214 if ( slurpd_pid_file != NULL ) {
215 ch_free( slurpd_pid_file );
217 slurpd_pid_file = ch_strdup( cargv[1] );
218 got_replog |= GOT_REPLOG_PID;
222 Debug( LDAP_DEBUG_CONFIG, "%s: line %d: "
223 "replica-pidfile \"%s\" not mine.\n",
224 fname, lineno, cargv[1] );
228 } else if ( strcasecmp( cargv[0], "replica-argsfile" ) == 0 ) {
230 Debug( LDAP_DEBUG_ANY,
231 "%s: line %d: missing file name in \"argsfile <file>\" line\n",
237 switch ( GOT_REPLOG(got_replog) ) {
239 Debug( LDAP_DEBUG_CONFIG, "%s: line %d: "
240 "got replog specific replica-argsfile \"%s\".\n",
241 fname, lineno, cargv[1] );
243 LUTIL_SLASHPATH( cargv[1] );
244 if ( slurpd_args_file != NULL ) {
245 ch_free( slurpd_args_file );
247 slurpd_args_file = ch_strdup( cargv[1] );
248 got_replog |= GOT_REPLOG_ARGS;
252 Debug( LDAP_DEBUG_CONFIG, "%s: line %d: "
253 "replica-argsfile \"%s\" not mine.\n",
254 fname, lineno, cargv[1] );
258 } else if ( strcasecmp( cargv[0], "replicationinterval" ) == 0 ) {
262 Debug( LDAP_DEBUG_ANY, "%s: line %d: missing interval in "
263 "\"replicationinterval <seconds>\" line\n",
268 if ( lutil_atoi( &c, cargv[1] ) != 0 || c < 1 ) {
269 Debug( LDAP_DEBUG_ANY, "%s: line %d: invalid interval "
270 "(%d) in \"replicationinterval <seconds>\" line\n",
276 switch ( GOT_REPLOG(got_replog) ) {
278 Debug( LDAP_DEBUG_CONFIG, "%s: line %d: "
279 "got replog specific replicationinterval \"%s\".\n",
280 fname, lineno, cargv[1] );
282 sglob->no_work_interval = c;
283 got_replog |= GOT_REPLOG_INTERVAL;
287 Debug( LDAP_DEBUG_CONFIG, "%s: line %d: "
288 "replicationinterval \"%s\" not mine.\n",
289 fname, lineno, cargv[1] );
296 Debug( LDAP_DEBUG_CONFIG,
297 "Config: ** configuration file successfully read and parsed\n",
306 * Parse one line of input.
316 for ( token = strtok_quote( line, " \t" ); token != NULL;
317 token = strtok_quote( NULL, " \t" ) )
319 if ( cargc == cargv_size - 1 ) {
321 tmp = ch_realloc( cargv, (cargv_size + ARGS_STEP) *
328 cargv_size += ARGS_STEP;
331 cargv[cargc++] = token;
349 if ( line != NULL ) {
352 while ( *next && strchr( sep, *next ) ) {
356 if ( *next == '\0' ) {
362 for ( inquote = 0; *next; ) {
370 AC_MEMCPY( next, next + 1, strlen( next + 1 ) + 1 );
375 AC_MEMCPY( next, next + 1, strlen( next + 1 ) + 1 );
376 next++; /* dont parse the escaped character */
381 if ( strchr( sep, *next ) != NULL ) {
394 #define CATLINE( buf ) { \
396 len = strlen( buf ); \
397 while ( lcur + len + 1 > lmax ) { \
399 line = (char *) ch_realloc( line, lmax ); \
401 strcpy( line + lcur, buf ); \
408 * Get a line of input.
416 static char buf[BUFSIZ];
418 static int lmax, lcur;
422 while ( fgets( buf, sizeof(buf), fp ) != NULL ) {
423 if ( (p = strchr( buf, '\n' )) != NULL ) {
424 if( p > buf && p[-1] == '\r' ) --p;
428 if ( ! isspace( (unsigned char) buf[0] ) ) {
432 /* change leading whitespace to space */
439 return( line[0] ? line : NULL );
444 * Add a node to the array of replicas.
454 nr = ++sglob->num_replicas;
455 sglob->replicas = (Ri **) ch_realloc( sglob->replicas,
456 ( nr + 1 ) * sizeof( Re * ));
457 if ( sglob->replicas == NULL ) {
458 fprintf( stderr, "out of memory, add_replica\n" );
459 exit( EXIT_FAILURE );
461 sglob->replicas[ nr ] = NULL;
463 if ( Ri_init( &(sglob->replicas[ nr - 1 ])) < 0 ) {
464 fprintf( stderr, "out of memory, Ri_init\n" );
465 exit( EXIT_FAILURE );
467 if ( parse_replica_line( cargv, cargc,
468 sglob->replicas[ nr - 1] ) < 0 ) {
469 /* Something bad happened - back out */
471 "Warning: failed to add replica \"%s:%d - ignoring replica\n",
472 sglob->replicas[ nr - 1 ]->ri_hostname == NULL ?
473 "(null)" : sglob->replicas[ nr - 1 ]->ri_hostname,
474 sglob->replicas[ nr - 1 ]->ri_port );
475 sglob->replicas[ nr - 1] = NULL;
476 sglob->num_replicas--;
478 Debug( LDAP_DEBUG_CONFIG,
479 "Config: ** successfully added replica \"%s:%d\"\n",
480 sglob->replicas[ nr - 1 ]->ri_hostname == NULL ?
481 "(null)" : sglob->replicas[ nr - 1 ]->ri_hostname,
482 sglob->replicas[ nr - 1 ]->ri_port, 0 );
483 sglob->replicas[ nr - 1]->ri_stel =
484 sglob->st->st_add( sglob->st,
485 sglob->replicas[ nr - 1 ] );
486 if ( sglob->replicas[ nr - 1]->ri_stel == NULL ) {
487 fprintf( stderr, "Failed to add status element structure\n" );
488 exit( EXIT_FAILURE );
496 * Parse a "replica" line from the config file. replica lines should be
497 * in the following format:
498 * replica host=<hostname:portnumber> binddn=<binddn>
499 * bindmethod="simple" credentials=<creds>
502 * <hostname:portnumber> describes the host name and port number where the
503 * replica is running,
505 * <binddn> is the DN to bind to the replica slapd as,
507 * bindmethod is "simple", and
509 * <creds> are the credentials (e.g. password) for binddn. <creds> are
510 * only used for bindmethod=simple.
512 * The "replica" config file line may be split across multiple lines. If
513 * a line begins with whitespace, it is considered a continuation of the
519 #define GOT_ALL ( GOT_HOST | GOT_DN | GOT_METHOD )
534 for ( i = 1; i < cargc; i++ ) {
535 if ( !strncasecmp( cargv[ i ], HOSTSTR, sizeof( HOSTSTR ) - 1 ) ) {
536 if ( gots & GOT_HOST ) {
537 fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
538 fprintf( stderr, "file, too many host or uri names specified, line %d\n",
542 val = cargv[ i ] + sizeof( HOSTSTR ); /* '\0' string terminator accounts for '=' */
543 if (( hp = strchr( val, ':' )) != NULL ) {
546 if ( lutil_atoi( &ri->ri_port, hp ) != 0 ) {
547 fprintf( stderr, "unable to parse port \"%s\", line %d\n",
552 if ( ri->ri_port <= 0 ) {
553 ri->ri_port = LDAP_PORT;
555 ri->ri_hostname = strdup( val );
557 } else if ( !strncasecmp( cargv[ i ], URISTR, sizeof( URISTR ) - 1 ) ) {
558 if ( gots & GOT_HOST ) {
559 fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
560 fprintf( stderr, "file, too many host or uri names specified, line %d\n",
564 if ( ldap_url_parse( cargv[ i ] + sizeof( URISTR ), &ludp ) != LDAP_SUCCESS ) {
565 fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
566 fprintf( stderr, "file, bad uri format specified, line %d\n",
570 if (ludp->lud_host == NULL) {
571 fprintf( stderr, "Error: Malformed \"replica\" line in slapd config " );
572 fprintf( stderr, "file, missing uri hostname, line %d\n",
576 ri->ri_hostname = strdup ( ludp->lud_host );
577 ri->ri_port = ludp->lud_port;
578 ri->ri_uri = strdup ( cargv[ i ] + sizeof( URISTR ) );
579 ldap_free_urldesc( ludp );
581 } else if ( !strncasecmp( cargv[ i ],
582 ATTRSTR, sizeof( ATTRSTR ) - 1 ) ) {
584 } else if ( !strncasecmp( cargv[ i ],
585 SUFFIXSTR, sizeof( SUFFIXSTR ) - 1 ) ) {
587 } else if ( !strncasecmp( cargv[i], STARTTLSSTR, sizeof(STARTTLSSTR)-1 )) {
588 val = cargv[ i ] + sizeof( STARTTLSSTR );
589 if( !strcasecmp( val, CRITICALSTR ) ) {
590 ri->ri_tls = TLS_CRITICAL;
594 } else if ( !strncasecmp( cargv[ i ], TLSSTR, sizeof( TLSSTR ) - 1 ) ) {
595 val = cargv[ i ] + sizeof( TLSSTR );
596 if( !strcasecmp( val, CRITICALSTR ) ) {
597 ri->ri_tls = TLS_CRITICAL;
601 } else if ( !strncasecmp( cargv[ i ],
602 BINDDNSTR, sizeof( BINDDNSTR ) - 1 ) ) {
603 val = cargv[ i ] + sizeof( BINDDNSTR );
604 ri->ri_bind_dn = strdup( val );
606 } else if ( !strncasecmp( cargv[ i ], BINDMETHSTR,
607 sizeof( BINDMETHSTR ) - 1 ) ) {
608 val = cargv[ i ] + sizeof( BINDMETHSTR );
609 if ( !strcasecmp( val, KERBEROSSTR )) {
610 fprintf( stderr, "Error: a bind method of \"kerberos\" was\n" );
611 fprintf( stderr, "specified in the slapd configuration file.\n" );
612 fprintf( stderr, "slurpd no longer supports Kerberos.\n" );
613 exit( EXIT_FAILURE );
614 } else if ( !strcasecmp( val, SIMPLESTR )) {
615 ri->ri_bind_method = LDAP_AUTH_SIMPLE;
617 } else if ( !strcasecmp( val, SASLSTR )) {
618 ri->ri_bind_method = LDAP_AUTH_SASL;
621 ri->ri_bind_method = -1;
623 } else if ( !strncasecmp( cargv[ i ],
624 SASLMECHSTR, sizeof( SASLMECHSTR ) - 1 ) ) {
625 val = cargv[ i ] + sizeof( SASLMECHSTR );
627 ri->ri_saslmech = strdup( val );
628 } else if ( !strncasecmp( cargv[ i ],
629 CREDSTR, sizeof( CREDSTR ) - 1 ) ) {
630 val = cargv[ i ] + sizeof( CREDSTR );
631 ri->ri_password = strdup( val );
632 } else if ( !strncasecmp( cargv[ i ],
633 SECPROPSSTR, sizeof( SECPROPSSTR ) - 1 ) ) {
634 val = cargv[ i ] + sizeof( SECPROPSSTR );
635 ri->ri_secprops = strdup( val );
636 } else if ( !strncasecmp( cargv[ i ],
637 REALMSTR, sizeof( REALMSTR ) - 1 ) ) {
638 val = cargv[ i ] + sizeof( REALMSTR );
639 ri->ri_realm = strdup( val );
640 } else if ( !strncasecmp( cargv[ i ],
641 AUTHCSTR, sizeof( AUTHCSTR ) - 1 ) ) {
642 val = cargv[ i ] + sizeof( AUTHCSTR );
643 ri->ri_authcId = strdup( val );
644 } else if ( !strncasecmp( cargv[ i ],
645 OLDAUTHCSTR, sizeof( OLDAUTHCSTR ) - 1 ) ) {
646 /* Old authcID is provided for some backwards compatibility */
647 val = cargv[ i ] + sizeof( OLDAUTHCSTR );
648 ri->ri_authcId = strdup( val );
649 } else if ( !strncasecmp( cargv[ i ],
650 AUTHZSTR, sizeof( AUTHZSTR ) - 1 ) ) {
651 val = cargv[ i ] + sizeof( AUTHZSTR );
652 ri->ri_authzId = strdup( val );
653 } else if ( !strncasecmp( cargv[ i ],
654 SRVTABSTR, sizeof( SRVTABSTR ) - 1 ) ) {
655 val = cargv[ i ] + sizeof( SRVTABSTR );
656 if ( ri->ri_srvtab != NULL ) {
657 free( ri->ri_srvtab );
659 ri->ri_srvtab = strdup( val );
662 "Error: parse_replica_line: unknown keyword \"%s\"\n",
667 if ( ri->ri_bind_method == LDAP_AUTH_SASL) {
668 if ((gots & GOT_MECH) == 0) {
669 fprintf( stderr, "Error: \"replica\" line needs SASLmech flag in " );
670 fprintf( stderr, "slapd config file, line %d\n", lineno );
673 } else if ( gots != GOT_ALL ) {
674 fprintf( stderr, "Error: Malformed \"replica\" line in slapd " );
675 fprintf( stderr, "config file, line %d\n", lineno );
projects / openldap / blob