/* config.c - ldap backend configuration file routine */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
- */
-/* This is an altered version */
-/*
- * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
- *
- * Permission is granted to anyone to use this software for any purpose
- * on any computer system, and to alter it and redistribute it, subject
- * to the following restrictions:
- *
- * 1. The author is not responsible for the consequences of use of this
- * software, no matter how awful, even if they arise from flaws in it.
- *
- * 2. The origin of this software must not be misrepresented, either by
- * explicit claim or by omission. Since few users ever read sources,
- * credits should appear in the documentation.
- *
- * 3. Altered versions must be plainly marked as such, and must not be
- * misrepresented as being the original software. Since few users
- * ever read sources, credits should appear in the documentation.
- *
- * 4. This notice may not be removed or altered.
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
+ * Copyright 2003 The OpenLDAP Foundation.
+ * Portions Copyright 1999-2003 Howard Chu.
+ * Portions Copyright 2000-2003 Pierangelo Masarati.
+ * All rights reserved.
*
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
*
- * Copyright 2000, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
- *
- * This software is being modified by Pierangelo Masarati.
- * The previously reported conditions apply to the modified code as well.
- * Changes in the original code are highlighted where required.
- * Credits for the original code go to the author, Howard Chu.
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by the Howard Chu for inclusion
+ * in OpenLDAP Software and subsequently enhanced by Pierangelo
+ * Masarati.
*/
#include "portable.h"
return( 1 );
}
ber_str2bv( argv[1], 0, 1, &li->bindpw );
-
+
+#ifdef LDAP_BACK_PROXY_AUTHZ
+ /* name to use for proxyAuthz propagation */
+ } else if ( strcasecmp( argv[0], "proxyauthzdn" ) == 0 ) {
+ if (argc != 2) {
+ fprintf( stderr,
+ "%s: line %d: missing name in \"proxyauthzdn <name>\" line\n",
+ fname, lineno );
+ return( 1 );
+ }
+ ber_str2bv( argv[1], 0, 1, &li->proxyauthzdn );
+
+ /* password to use for proxyAuthz propagation */
+ } else if ( strcasecmp( argv[0], "proxyauthzpw" ) == 0 ) {
+ if (argc != 2) {
+ fprintf( stderr,
+ "%s: line %d: missing password in \"proxyauthzpw <password>\" line\n",
+ fname, lineno );
+ return( 1 );
+ }
+ ber_str2bv( argv[1], 0, 1, &li->proxyauthzpw );
+#endif /* LDAP_BACK_PROXY_AUTHZ */
+
/* save bind creds for referral rebinds? */
} else if ( strcasecmp( argv[0], "rebind-as-user" ) == 0 ) {
if (argc != 1) {
fname, lineno );
return( 1 );
}
- load_extop( (struct berval *)&slap_EXOP_WHOAMI, ldap_back_exop_whoami );
+ load_extop( (struct berval *)&slap_EXOP_WHOAMI,
+ 0, ldap_back_exop_whoami );
/* dn massaging */
} else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
}
ber_str2bv( argv[1], 0, 0, &bvnc );
- if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc ) != LDAP_SUCCESS ) {
+ if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
fname, lineno, bvnc.bv_val );
return( 1 );
}
ber_str2bv( argv[2], 0, 0, &brnc );
- if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc ) != LDAP_SUCCESS ) {
+ if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
fname, lineno, brnc.bv_val );
free( nvnc.bv_val );
return( rc );
#else /* !ENABLE_REWRITE */
- ber_bvarray_add( &li->suffix_massage, &pvnc );
- ber_bvarray_add( &li->suffix_massage, &nvnc );
+ ber_bvarray_add( &li->rwmap.rwm_suffix_massage, &pvnc );
+ ber_bvarray_add( &li->rwmap.rwm_suffix_massage, &nvnc );
- ber_bvarray_add( &li->suffix_massage, &prnc );
- ber_bvarray_add( &li->suffix_massage, &nrnc );
+ ber_bvarray_add( &li->rwmap.rwm_suffix_massage, &prnc );
+ ber_bvarray_add( &li->rwmap.rwm_suffix_massage, &nrnc );
#endif /* !ENABLE_REWRITE */
/* rewrite stuff ... */
/* anything else */
} else {
- fprintf( stderr, "%s: line %d: unknown directive \"%s\" "
- "in ldap database definition (ignored)\n",
- fname, lineno, argv[0] );
+ return SLAP_CONF_UNKNOWN;
}
return 0;
}
if ( op->oq_extended.rs_reqdata != NULL ) {
/* no request data should be provided */
rs->sr_text = "no request data expected";
- return LDAP_PROTOCOL_ERROR;
+ return rs->sr_err = LDAP_PROTOCOL_ERROR;
}
- {
- rs->sr_err = backend_check_restrictions( op, rs,
+ rs->sr_err = backend_check_restrictions( op, rs,
(struct berval *)&slap_EXOP_WHOAMI );
-
- if( rs->sr_err != LDAP_SUCCESS ) return rs->sr_err;
- }
+ if( rs->sr_err != LDAP_SUCCESS ) return rs->sr_err;
/* if auth'd by back-ldap and request is proxied, forward it */
if ( op->o_conn->c_authz_backend && !strcmp(op->o_conn->c_authz_backend->be_type, "ldap" ) && !dn_match(&op->o_ndn, &op->o_conn->c_ndn)) {
struct ldapconn *lc;
- LDAPControl c, *ctrls[2] = {&c, NULL};
+ LDAPControl c, *ctrls[2] = {NULL, NULL};
LDAPMessage *res;
Operation op2 = *op;
ber_int_t msgid;
+ ctrls[0] = &c;
op2.o_ndn = op->o_conn->c_ndn;
lc = ldap_back_getconn(&op2, rs);
if (!lc || !ldap_back_dobind( lc, op, rs )) {
projects / openldap / blobdiff