ludp->lud_dn[ 0 ] = '\0';
- for ( tmpludp = ludp->lud_next; tmpludp; tmpludp = tmpludp->lud_next ) {
+ /* check all, to apply the scope check on the first one */
+ for ( tmpludp = ludp; tmpludp; tmpludp = tmpludp->lud_next ) {
if ( tmpludp->lud_dn != NULL && tmpludp->lud_dn[ 0 ] != '\0' ) {
fprintf( stderr, "%s: line %d: "
"multiple URIs must have "
return( 1 );
}
+
+ if ( tmpludp->lud_scope == LDAP_SCOPE_BASE ) {
+ tmpludp->lud_scope = LDAP_SCOPE_DEFAULT;
+ }
}
li->targets[ i ]->mt_uri = ldap_url_list2urls( ludp );
li->network_timeout = atol(argv[ 1 ]);
/* name to use for meta_back_group */
- } else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
+ } else if ( strcasecmp( argv[ 0 ], "acl-authcDN" ) == 0
+ || strcasecmp( argv[ 0 ], "binddn" ) == 0 )
+ {
int i = li->ntargets-1;
struct berval dn;
return 1;
}
+ if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
+ fprintf( stderr, "%s: line %d: "
+ "\"binddn\" statement is deprecated; "
+ "use \"acl-authcDN\" instead\n",
+ fname, lineno );
+ /* FIXME: some day we'll need to throw an error */
+ }
+
dn.bv_val = argv[ 1 ];
dn.bv_len = strlen( argv[ 1 ] );
if ( dnNormalize( 0, NULL, NULL, &dn, &li->targets[ i ]->mt_binddn,
}
/* password to use for meta_back_group */
- } else if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
+ } else if ( strcasecmp( argv[ 0 ], "acl-passwd" ) == 0
+ || strcasecmp( argv[ 0 ], "bindpw" ) == 0 )
+ {
int i = li->ntargets-1;
if ( i < 0 ) {
fname, lineno );
return 1;
}
+
+ if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
+ fprintf( stderr, "%s: line %d: "
+ "\"bindpw\" statement is deprecated; "
+ "use \"acl-passwd\" instead\n",
+ fname, lineno );
+ /* FIXME: some day we'll need to throw an error */
+ }
+
ber_str2bv( argv[ 1 ], 0L, 1, &li->targets[ i ]->mt_bindpw );
/* save bind creds for referral rebinds? */
fname, lineno );
return( 1 );
}
- li->savecred = 1;
+
+ li->flags |= LDAP_BACK_F_SAVECRED;
+
+ } else if ( strcasecmp( argv[0], "chase-referrals" ) == 0 ) {
+ if ( argc != 1 ) {
+ fprintf( stderr,
+ "%s: line %d: \"chase-referrals\" takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ li->flags |= LDAP_BACK_F_CHASE_REFERRALS;
+
+ } else if ( strcasecmp( argv[0], "dont-chase-referrals" ) == 0 ) {
+ if ( argc != 1 ) {
+ fprintf( stderr,
+ "%s: line %d: \"dont-chase-referrals\" takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+
+ li->flags &= ~LDAP_BACK_F_CHASE_REFERRALS;
+
+ } else if ( strncasecmp( argv[0], "tls-", STRLENOF( "tls-" ) ) == 0 ) {
+
+ /* start tls */
+ if ( strcasecmp( argv[0], "tls-start" ) == 0 ) {
+ if ( argc != 1 ) {
+ fprintf( stderr,
+ "%s: line %d: tls-start takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+ li->flags |= ( LDAP_BACK_F_USE_TLS | LDAP_BACK_F_TLS_CRITICAL );
+
+ /* try start tls */
+ } else if ( strcasecmp( argv[0], "tls-try-start" ) == 0 ) {
+ if ( argc != 1 ) {
+ fprintf( stderr,
+ "%s: line %d: tls-try-start takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+ li->flags &= ~LDAP_BACK_F_TLS_CRITICAL;
+ li->flags |= LDAP_BACK_F_USE_TLS;
+
+ /* propagate start tls */
+ } else if ( strcasecmp( argv[0], "tls-propagate" ) == 0 ) {
+ if ( argc != 1 ) {
+ fprintf( stderr,
+ "%s: line %d: tls-propagate takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+ li->flags |= ( LDAP_BACK_F_PROPAGATE_TLS | LDAP_BACK_F_TLS_CRITICAL );
+
+ /* try start tls */
+ } else if ( strcasecmp( argv[0], "tls-try-propagate" ) == 0 ) {
+ if ( argc != 1 ) {
+ fprintf( stderr,
+ "%s: line %d: tls-try-propagate takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+ li->flags &= ~LDAP_BACK_F_TLS_CRITICAL;
+ li->flags |= LDAP_BACK_F_PROPAGATE_TLS;
+ }
/* name to use as pseudo-root dn */
} else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {