-static sasl_security_properties_t sasl_secprops;
-#endif /* HAVE_CYRUS_SASL */
-
-#include "ldap_pvt.h"
-#include "lber_pvt.h"
-#include <lutil.h>
-
-int slap_sasl_config( int cargc, char **cargv, char *line,
- const char *fname, int lineno )
-{
- /* set SASL proxy authorization policy */
- if ( strcasecmp( cargv[0], "sasl-authz-policy" ) == 0 ) {
- if ( cargc != 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: missing policy in"
- " \"sasl-authz-policy <policy>\" line\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing policy in"
- " \"sasl-authz-policy <policy>\" line\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
- if ( slap_sasl_setpolicy( cargv[1] ) ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: unable "
- "to parse value \"%s\" "
- "in \"sasl-authz-policy "
- "<policy>\" line.\n",
- fname, lineno, cargv[1] );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: unable "
- "to parse value \"%s\" "
- "in \"sasl-authz-policy "
- "<policy>\" line\n",
- fname, lineno, cargv[1] );
-#endif
- return( 1 );
- }
-
- } else if ( !strcasecmp( cargv[0], "sasl-regexp" )
- || !strcasecmp( cargv[0], "saslregexp" ) )
- {
- int rc;
- if ( cargc != 3 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: need 2 args in "
- "\"saslregexp <match> <replace>\"\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: need 2 args in "
- "\"saslregexp <match> <replace>\"\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
- rc = slap_sasl_regexp_config( cargv[1], cargv[2] );
- if ( rc ) {
- return rc;
- }
-
-#ifdef HAVE_CYRUS_SASL
- /* set SASL host */
- } else if ( strcasecmp( cargv[0], "sasl-host" ) == 0 ) {
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: missing host in \"sasl-host <host>\" line\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing host in \"sasl-host <host>\" line\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
-
- if ( global_host != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: already set sasl-host!\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: already set sasl-host!\n",
- fname, lineno, 0 );
-#endif
-
- return 1;
-
- } else {
- global_host = ch_strdup( cargv[1] );
- }
-
- /* set SASL realm */
- } else if ( strcasecmp( cargv[0], "sasl-realm" ) == 0 ) {
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
- "missing realm in \"sasl-realm <realm>\" line.\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY, "%s: line %d: "
- "missing realm in \"sasl-realm <realm>\" line.\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
-
- if ( global_realm != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: already set sasl-realm!\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: already set sasl-realm!\n",
- fname, lineno, 0 );
-#endif
-
- return 1;