-int slap_sasl_config( int cargc, char **cargv, char *line,
- const char *fname, int lineno )
-{
- /* set SASL proxy authorization policy */
- if ( !strcasecmp( cargv[0], "authz-policy" ) ||
- !strcasecmp( cargv[0], "sasl-authz-policy" ))
- {
- if ( cargc != 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: missing policy in"
- " \"%s <policy>\" line\n",
- cargv[0], fname, lineno );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing policy in"
- " \"%s <policy>\" line\n",
- cargv[0], fname, lineno );
-#endif
-
- return( 1 );
- }
- if ( slap_sasl_setpolicy( cargv[1] ) ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
- "unable to parse value \"%s\" in \"authz-policy "
- "<policy>\" line.\n",
- fname, lineno, cargv[1] );
-#else
- Debug( LDAP_DEBUG_ANY, "%s: line %d: "
- "unable to parse value \"%s\" in \"authz-policy "
- "<policy>\" line.\n",
- fname, lineno, cargv[1] );
-#endif
- return( 1 );
- }
-
- } else if ( !strcasecmp( cargv[0], "authz-regexp" ) ||
- !strcasecmp( cargv[0], "sasl-regexp" ) ||
- !strcasecmp( cargv[0], "saslregexp" ) )
- {
- int rc;
- if ( cargc != 3 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: need 2 args in "
- "\"authz-regexp <match> <replace>\"\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: need 2 args in "
- "\"authz-regexp <match> <replace>\"\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
- rc = slap_sasl_regexp_config( cargv[1], cargv[2] );
- if ( rc ) {
- return rc;
- }
-
-#ifdef HAVE_CYRUS_SASL
- /* set SASL host */
- } else if ( strcasecmp( cargv[0], "sasl-host" ) == 0 ) {
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: missing host in \"sasl-host <host>\" line\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing host in \"sasl-host <host>\" line\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
-
- if ( global_host != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: already set sasl-host!\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: already set sasl-host!\n",
- fname, lineno, 0 );
-#endif
-
- return 1;
-
- } else {
- global_host = ch_strdup( cargv[1] );
- }
-
- /* set SASL realm */
- } else if ( strcasecmp( cargv[0], "sasl-realm" ) == 0 ) {
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
- "missing realm in \"sasl-realm <realm>\" line.\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY, "%s: line %d: "
- "missing realm in \"sasl-realm <realm>\" line.\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
-
- if ( global_realm != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: already set sasl-realm!\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: already set sasl-realm!\n",
- fname, lineno, 0 );
-#endif
-
- return 1;
-
- } else {
- global_realm = ch_strdup( cargv[1] );
- }
-
- /* SASL security properties */
- } else if ( strcasecmp( cargv[0], "sasl-secprops" ) == 0 ) {
- char *txt;
-
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT, "%s: line %d: "
- "missing flags in \"sasl-secprops <properties>\" line\n",
- fname, lineno, 0 );
-#else
- Debug( LDAP_DEBUG_ANY, "%s: line %d: "
- "missing flags in \"sasl-secprops <properties>\" line\n",
- fname, lineno, 0 );
-#endif
-
- return 1;
- }
-
- txt = slap_sasl_secprops( cargv[1] );
- if ( txt != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, CRIT,
- "%s: line %d sasl-secprops: %s\n",
- fname, lineno, txt );
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: sasl-secprops: %s\n",
- fname, lineno, txt );
-#endif
-
- return 1;
- }
-#endif /* HAVE_CYRUS_SASL */
- }
-
- return LDAP_SUCCESS;
-}
-