]> git.sur5r.net Git - openldap/blobdiff - servers/slapd/bconfig.c
projects / openldap / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fix arbitrary precision number display when no big number library is available
[openldap] / servers / slapd / bconfig.c
diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index a157ee49e8953670586544236ed189517813c727..624801ec882d84a92eb853f2af29b137626088a5 100644 (file)
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -32,6 +32,7 @@
 #include "slapi/slapi.h"
 #endif
 
+#include <ldif.h>
 #include <lutil.h>
 
 #include "config.h"
@@ -90,8 +91,8 @@ static ConfigFile cf_prv, *cfn = &cf_prv;
 
 static Avlnode *CfOcTree;
 
-static int config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs,
-       int *renumber );
+static int config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca,
+       SlapReply *rs, int *renumber );
 
 static ConfigDriver config_fname;
 static ConfigDriver config_cfdir;
@@ -147,7 +148,6 @@ enum {
        CFG_DIT,
        CFG_ATTR,
        CFG_ATOPT,
-       CFG_CHECK,
        CFG_REPLOG,
        CFG_ROOTDSE,
        CFG_LOGFILE,
@@ -160,6 +160,8 @@ enum {
        CFG_SASLSECP,
        CFG_SSTR_IF_MAX,
        CFG_SSTR_IF_MIN,
+
+       CFG_LAST
 };
 
 typedef struct {
@@ -224,6 +226,10 @@ static ConfigTable config_back_cf_table[] = {
                        "DESC 'File for slapd command line options' "
                        "EQUALITY caseIgnoreMatch "
                        "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
+       { "attributeoptions", NULL, 0, 0, 0, ARG_MAGIC|CFG_ATOPT,
+               &config_generic, "( OLcfgGlAt:5 NAME 'olcAttributeOptions' "
+                       "EQUALITY caseIgnoreMatch "
+                       "SYNTAX OMsDirectoryString )", NULL, NULL },
        { "attribute",  "attribute", 2, 0, 9,
                ARG_PAREN|ARG_MAGIC|CFG_ATTR|ARG_NO_DELETE|ARG_NO_INSERT,
                &config_generic, "( OLcfgGlAt:4 NAME 'olcAttributeTypes' "
@@ -231,11 +237,7 @@ static ConfigTable config_back_cf_table[] = {
                        "EQUALITY caseIgnoreMatch "
                        "SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
                                NULL, NULL },
-       { "attributeoptions", NULL, 0, 0, 0, ARG_MAGIC|CFG_ATOPT,
-               &config_generic, "( OLcfgGlAt:5 NAME 'olcAttributeOptions' "
-                       "EQUALITY caseIgnoreMatch "
-                       "SYNTAX OMsDirectoryString )", NULL, NULL },
-       { "authid-rewrite", NULL, 2, 0, 0,
+       { "authid-rewrite", NULL, 2, 0, STRLENOF( "authid-rewrite" ),
 #ifdef SLAP_AUTH_REWRITE
                ARG_MAGIC|CFG_REWRITE|ARG_NO_INSERT, &config_generic,
 #else
@@ -271,7 +273,7 @@ static ConfigTable config_back_cf_table[] = {
                &config_generic, "( OLcfgGlAt:13 NAME 'olcDatabase' "
                        "DESC 'The backend type for a database instance' "
                        "SUP olcBackend SINGLE-VALUE X-ORDERED 'SIBLINGS' )", NULL, NULL },
-       { "defaultSearchBase", "dn", 2, 2, 0, ARG_PRE_BI|ARG_PRE_DB|ARG_DN|ARG_MAGIC,
+       { "defaultSearchBase", "dn", 2, 2, 0, ARG_PRE_BI|ARG_PRE_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
                &config_search_base, "( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' "
                        "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
        { "disallows", "features", 2, 0, 8, ARG_PRE_DB|ARG_MAGIC,
@@ -307,7 +309,7 @@ static ConfigTable config_back_cf_table[] = {
        { "index_substr_any_len", "len", 2, 2, 0, ARG_INT|ARG_NONZERO,
                &index_substr_any_len, "( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' "
                        "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
-       { "index_substr_step", "step", 2, 2, 0, ARG_INT|ARG_NONZERO,
+       { "index_substr_any_step", "step", 2, 2, 0, ARG_INT|ARG_NONZERO,
                &index_substr_any_step, "( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' "
                        "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
        { "lastmod", "on|off", 2, 2, 0, ARG_DB|ARG_ON_OFF|ARG_MAGIC|CFG_LASTMOD,
@@ -416,7 +418,7 @@ static ConfigTable config_back_cf_table[] = {
 #endif
                "( OLcfgGlAt:49 NAME 'olcReverseLookup' "
                        "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
-       { "rootdn", "dn", 2, 2, 0, ARG_DB|ARG_DN|ARG_MAGIC,
+       { "rootdn", "dn", 2, 2, 0, ARG_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
                &config_rootdn, "( OLcfgDbAt:0.8 NAME 'olcRootDN' "
                        "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
        { "rootDSE", "file", 2, 2, 0, ARG_MAGIC|CFG_ROOTDSE,
@@ -455,10 +457,7 @@ static ConfigTable config_back_cf_table[] = {
                        "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
        { "saslRegexp", NULL, 3, 3, 0, ARG_MAGIC|CFG_AZREGEXP,
                &config_generic, NULL, NULL, NULL },
-       { "schemacheck", "on|off", 2, 2, 0, ARG_ON_OFF|ARG_MAGIC|CFG_CHECK,
-               &config_generic, "( OLcfgGlAt:57 NAME 'olcSchemaCheck' "
-                       "SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
-       { "schemadn", "dn", 2, 2, 0, ARG_MAY_DB|ARG_DN|ARG_MAGIC,
+       { "schemadn", "dn", 2, 2, 0, ARG_MAY_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
                &config_schema_dn, "( OLcfgGlAt:58 NAME 'olcSchemaDN' "
                        "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
        { "security", "factors", 2, 0, 0, ARG_MAY_DB|ARG_MAGIC,
@@ -481,7 +480,7 @@ static ConfigTable config_back_cf_table[] = {
 #endif
                "( OLcfgGlAt:63 NAME 'olcSrvtab' "
                        "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
-       { "suffix",     "suffix", 2, 2, 0, ARG_DB|ARG_DN|ARG_MAGIC,
+       { "suffix",     "suffix", 2, 2, 0, ARG_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
                &config_suffix, "( OLcfgDbAt:0.10 NAME 'olcSuffix' "
                        "SYNTAX OMsDN )", NULL, NULL },
        { "syncrepl", NULL, 0, 0, 0, ARG_DB|ARG_MAGIC,
@@ -559,7 +558,7 @@ static ConfigTable config_back_cf_table[] = {
                        "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
        { "ucdata-path", "path", 2, 2, 0, ARG_IGNORED,
                NULL, NULL, NULL, NULL },
-       { "updatedn", "dn", 2, 2, 0, ARG_DB|ARG_MAGIC,
+       { "updatedn", "dn", 2, 2, 0, ARG_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
                &config_updatedn, "( OLcfgDbAt:0.12 NAME 'olcUpdateDN' "
                        "SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
        { "updateref", "url", 2, 2, 0, ARG_DB|ARG_MAGIC,
@@ -604,7 +603,7 @@ static ConfigOCs cf_ocs[] = {
                 "olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
                 "olcRootDSE $ olcRootPW $ "
                 "olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
-                "olcSchemaCheck $ olcSecurity $ olcSizeLimit $ "
+                "olcSecurity $ olcSizeLimit $ "
                 "olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcSrvtab $ "
                 "olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
                 "olcTLSCACertificatePath $ olcTLSCertificateFile $ "
@@ -652,8 +651,8 @@ static ConfigOCs cf_ocs[] = {
                "NAME 'olcModuleList' "
                "DESC 'OpenLDAP dynamic module info' "
                "SUP olcConfig STRUCTURAL "
-               "MUST ( olcModulePath $ olcModuleLoad ) "
-               "MAY cn )", Cft_Module, NULL, cfAddModule },
+               "MAY ( cn $ olcModulePath $ olcModuleLoad ) )",
+               Cft_Module, NULL, cfAddModule },
 #endif
        { NULL, 0, NULL }
 };
@@ -696,7 +695,8 @@ config_generic(ConfigArgs *c) {
                        if ( !c->rvalue_vals ) rc = 1;
                        break;
                case CFG_RO:
-                       c->value_int = (c->be->be_restrictops & SLAP_RESTRICT_OP_WRITES) != 0;
+                       c->value_int = (c->be->be_restrictops & SLAP_RESTRICT_OP_WRITES) ==
+                               SLAP_RESTRICT_OP_WRITES;
                        break;
                case CFG_AZPOLICY:
                        c->value_string = ch_strdup( slap_sasl_getpolicy());
@@ -765,9 +765,6 @@ config_generic(ConfigArgs *c) {
                        }
                        break;
                        
-               case CFG_CHECK:
-                       c->value_int = global_schemacheck;
-                       break;
                case CFG_ACL: {
                        AccessControl *a;
                        char *src, *dst, ibuf[11];
@@ -840,7 +837,8 @@ config_generic(ConfigArgs *c) {
                        break;
                case CFG_MODPATH: {
                        ModPaths *mp = c->private;
-                       value_add_one( &c->rvalue_vals, &mp->mp_path );
+                       if ( !BER_BVISNULL( &mp->mp_path ))
+                               value_add_one( &c->rvalue_vals, &mp->mp_path );
 
                        rc = c->rvalue_vals ? 0 : 1;
                        }
@@ -885,7 +883,6 @@ config_generic(ConfigArgs *c) {
                case CFG_RO:
                case CFG_AZPOLICY:
                case CFG_DEPTH:
-               case CFG_CHECK:
                case CFG_LASTMOD:
                case CFG_SASLSECP:
                case CFG_SSTR_IF_MAX:
@@ -976,11 +973,14 @@ config_generic(ConfigArgs *c) {
                                c->be = LDAP_STAILQ_FIRST(&backendDB);
                        } else if ( !strcasecmp( c->argv[1], "frontend" )) {
                                c->be = frontendDB;
-                       } else if(!(c->be = backend_db_init(c->argv[1]))) {
-                               sprintf( c->msg, "<%s> failed init", c->argv[0] );
-                               Debug(LDAP_DEBUG_ANY, "%s: %s (%s)!\n",
-                                       c->log, c->msg, c->argv[1] );
-                               return(1);
+                       } else {
+                               c->be = backend_db_init(c->argv[1]);
+                               if ( !c->be ) {
+                                       sprintf( c->msg, "<%s> failed init", c->argv[0] );
+                                       Debug(LDAP_DEBUG_ANY, "%s: %s (%s)!\n",
+                                               c->log, c->msg, c->argv[1] );
+                                       return(1);
+                               }
                        }
                        break;
 
@@ -1088,13 +1088,6 @@ config_generic(ConfigArgs *c) {
                                        return(1);
                        break;
 
-               case CFG_CHECK:
-                       global_schemacheck = c->value_int;
-                       if(!global_schemacheck) Debug(LDAP_DEBUG_ANY, "%s: "
-                               "schema checking disabled! your mileage may vary!\n",
-                               c->log, 0, 0);
-                       break;
-
                case CFG_ACL:
                        parse_acl(c->be, c->fname, c->lineno, c->argc, c->argv, c->valx);
                        break;
@@ -1169,21 +1162,35 @@ config_generic(ConfigArgs *c) {
 
 #ifdef SLAPD_MODULES
                case CFG_MODLOAD:
+                       /* If we're just adding a module on an existing modpath,
+                        * make sure we've selected the current path.
+                        */
+                       if ( c->op == LDAP_MOD_ADD && c->private && modcur != c->private ) {
+                               modcur = c->private;
+                               /* This should never fail */
+                               if ( module_path( modcur->mp_path.bv_val )) {
+                                       sprintf( c->msg, "<%s> module path no longer valid",
+                                               c->argv[0] );
+                                       Debug(LDAP_DEBUG_ANY, "%s: %s (%s)\n",
+                                               c->log, c->msg, modcur->mp_path.bv_val );
+                                       return(1);
+                               }
+                       }
                        if(module_load(c->argv[1], c->argc - 2, (c->argc > 2) ? c->argv + 2 : NULL))
                                return(1);
                        /* Record this load on the current path */
                        {
                                struct berval bv;
-                               ModPaths *mp;
-                               char *ptr = c->line + STRLENOF("moduleload");
-                               while (!isspace(*ptr)) ptr++;
-                               while (isspace(*ptr)) ptr++;
+                               char *ptr;
+                               if ( c->op == SLAP_CONFIG_ADD ) {
+                                       ptr = c->line + STRLENOF("moduleload");
+                                       while (!isspace(*ptr)) ptr++;
+                                       while (isspace(*ptr)) ptr++;
+                               } else {
+                                       ptr = c->line;
+                               }
                                ber_str2bv(ptr, 0, 1, &bv);
-                               if ( c->op == SLAP_CONFIG_ADD )
-                                       mp = modcur;
-                               else
-                                       mp = c->private;
-                               ber_bvarray_add( &mp->mp_loads, &bv );
+                               ber_bvarray_add( &modcur->mp_loads, &bv );
                        }
                        break;
 
@@ -1204,8 +1211,7 @@ config_generic(ConfigArgs *c) {
                                mp->mp_loads = NULL;
                                modlast = mp;
                                c->private = mp;
-                               if ( c->op == SLAP_CONFIG_ADD )
-                                       modcur = mp;
+                               modcur = mp;
                        }
                        
                        break;
@@ -1222,9 +1228,27 @@ config_generic(ConfigArgs *c) {
 #ifdef SLAP_AUTH_REWRITE
                case CFG_REWRITE: {
                        struct berval bv;
+                       char *line;
+                       
                        if(slap_sasl_rewrite_config(c->fname, c->lineno, c->argc, c->argv))
                                return(1);
-                       ber_str2bv( c->line, 0, 1, &bv );
+
+                       if ( c->argc > 1 ) {
+                               char    *s;
+
+                               /* quote all args but the first */
+                               line = ldap_charray2str( c->argv, "\" \"" );
+                               ber_str2bv( line, 0, 0, &bv );
+                               s = strchr( bv.bv_val, '"' );
+                               assert( s != NULL );
+                               /* move the trailing quote of argv[0] to the end */
+                               AC_MEMCPY( s, s + 1, bv.bv_len - ( s - bv.bv_val ) );
+                               bv.bv_val[ bv.bv_len - 1 ] = '"';
+
+                       } else {
+                               ber_str2bv( c->argv[ 0 ], 0, 1, &bv );
+                       }
+                       
                        ber_bvarray_add( &authz_rewrites, &bv );
                        }
                        break;
@@ -1272,8 +1296,6 @@ config_cfdir(ConfigArgs *c) {
 
 static int
 config_search_base(ConfigArgs *c) {
-       struct berval dn;
-
        if(c->op == SLAP_CONFIG_EMIT) {
                int rc = 1;
                if (!BER_BVISEMPTY(&default_search_base)) {
@@ -1507,7 +1529,7 @@ config_overlay(ConfigArgs *c) {
                /* log error */
                Debug( SLAPD_DEBUG_CONFIG_ERROR, "%s: (optional) %s overlay \"%s\" configuration failed"
                        SLAPD_CONF_UNKNOWN_IGNORED ".\n",
-                       c->log, c->be == frontendDB ? "global " : "", c->argv[1][1]);
+                       c->log, c->be == frontendDB ? "global " : "", &c->argv[1][1]);
 #ifdef SLAPD_CONF_UNKNOWN_BAILOUT
                return 1;
 #endif /* SLAPD_CONF_UNKNOWN_BAILOUT */
@@ -1523,13 +1545,34 @@ config_overlay(ConfigArgs *c) {
 }
 
 static int
-config_suffix(ConfigArgs *c) {
+config_suffix(ConfigArgs *c)
+{
        Backend *tbe;
        struct berval pdn, ndn;
-       int rc;
+       char    *notallowed = NULL;
+
+       if ( c->be == frontendDB ) {
+               notallowed = "frontend";
+
+       } else if ( SLAP_MONITOR(c->be) ) {
+               notallowed = "monitor";
+
+       } else if ( SLAP_CONFIG(c->be) ) {
+               notallowed = "config";
+       }
+
+       if ( notallowed != NULL ) {
+               char    buf[ SLAP_TEXT_BUFLEN ] = { '\0' };
+
+               if ( !BER_BVISNULL( &c->value_dn ) ) {
+                       snprintf( buf, sizeof( buf ), "<%s> ", c->value_dn.bv_val );
+               }
 
-       if (c->be == frontendDB || SLAP_MONITOR(c->be) ||
-               SLAP_CONFIG(c->be)) return 1;
+               Debug(LDAP_DEBUG_ANY,
+                       "%s: suffix %snot allowed in %s database.\n",
+                       c->log, buf, notallowed );
+               return 1;
+       }
 
        if (c->op == SLAP_CONFIG_EMIT) {
                if ( c->be->be_suffix == NULL
@@ -1558,6 +1601,7 @@ config_suffix(ConfigArgs *c) {
                }
                return 0;
        }
+
 #ifdef SLAPD_MONITOR_DN
        if(!strcasecmp(c->argv[1], SLAPD_MONITOR_DN)) {
                sprintf( c->msg, "<%s> DN is reserved for monitoring slapd",
@@ -1815,6 +1859,7 @@ config_loglevel(ConfigArgs *c) {
        int i;
        char *next;
        slap_verbmasks loglevel_ops[] = {
+               { BER_BVC("Any"),       -1 },
                { BER_BVC("Trace"),     LDAP_DEBUG_TRACE },
                { BER_BVC("Packets"),   LDAP_DEBUG_PACKETS },
                { BER_BVC("Args"),      LDAP_DEBUG_ARGS },
@@ -1830,7 +1875,6 @@ config_loglevel(ConfigArgs *c) {
                { BER_BVC("Cache"),     LDAP_DEBUG_CACHE },
                { BER_BVC("Index"),     LDAP_DEBUG_INDEX },
                { BER_BVC("Sync"),      LDAP_DEBUG_SYNC },
-               { BER_BVC("Any"),       -1 },
                { BER_BVNULL,   0 }
        };
 
@@ -1851,7 +1895,7 @@ config_loglevel(ConfigArgs *c) {
        for( i=1; i < c->argc; i++ ) {
                int     level;
 
-               if ( isdigit( c->argv[i][0] ) ) {
+               if ( isdigit( c->argv[i][0] ) || c->argv[i][0] == '-' ) {
                        level = strtol( c->argv[i], &next, 10 );
                        if ( next == NULL || next[0] != '\0' ) {
                                sprintf( c->msg, "<%s> unable to parse level", c->argv[0] );
@@ -2241,7 +2285,7 @@ config_updateref(ConfigArgs *c) {
 
 static int
 config_include(ConfigArgs *c) {
-       unsigned long savelineno = c->lineno;
+       int savelineno = c->lineno;
        int rc;
        ConfigFile *cf;
        ConfigFile *cfsave = cfn;
@@ -2389,14 +2433,19 @@ config_find_base( CfEntryInfo *root, struct berval *dn, CfEntryInfo **last )
        return root;
 }
 
+typedef struct setup_cookie {
+       CfBackInfo *cfb;
+       ConfigArgs *ca;
+} setup_cookie;
+
 static int
 config_ldif_resp( Operation *op, SlapReply *rs )
 {
        if ( rs->sr_type == REP_SEARCH ) {
-               CfBackInfo *cfb = op->o_callback->sc_private;
+               setup_cookie *sc = op->o_callback->sc_private;
 
-               cfb->cb_got_ldif = 1;
-               rs->sr_err = config_add_internal( cfb, rs->sr_entry, NULL, NULL );
+               sc->cfb->cb_got_ldif = 1;
+               rs->sr_err = config_add_internal( sc->cfb, rs->sr_entry, sc->ca, NULL, NULL );
        }
        return rs->sr_err;
 }
@@ -2409,6 +2458,7 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) {
        ConfigTable *ct;
        char *argv[3];
        int rc = 0;
+       setup_cookie sc;
        slap_callback cb = { NULL, config_ldif_resp, NULL, NULL };
        Connection conn = {0};
        char opbuf[OPERATION_BUFFER_SIZE];
@@ -2485,7 +2535,9 @@ config_setup_ldif( BackendDB *be, const char *dir, int readit ) {
                op->ors_attrsonly = 0;
 
                op->o_callback = &cb;
-               cb.sc_private = cfb;
+               sc.cfb = cfb;
+               sc.ca = &c;
+               cb.sc_private = &sc;
 
                op->o_bd = &cfb->cb_db;
                rc = op->o_bd->be_search( op, &rs );
@@ -2557,12 +2609,17 @@ read_config(const char *fname, const char *dir) {
                        cfdir = SLAPD_DEFAULT_CONFIGDIR;
                }
                /* if fname is defaulted, try reading .d */
-               if ( config_setup_ldif( be, cfdir, !fname ))
+               rc = config_setup_ldif( be, cfdir, !fname );
+
+               /* It's OK if the base object doesn't exist yet */
+               if ( rc && rc != LDAP_NO_SUCH_OBJECT )
                        return 1;
 
                /* If we read the config from back-ldif, nothing to do here */
-               if ( cfb->cb_got_ldif )
-                       return 0;
+               if ( cfb->cb_got_ldif ) {
+                       rc = 0;
+                       goto done;
+               }
        }
 
        if ( fname )
@@ -2593,6 +2650,20 @@ read_config(const char *fname, const char *dir) {
                }
                break;
        }
+
+done:
+       if ( rc == 0 && BER_BVISNULL( &frontendDB->be_schemadn ) ) {
+               ber_str2bv( SLAPD_SCHEMA_DN, STRLENOF( SLAPD_SCHEMA_DN ), 1,
+                       &frontendDB->be_schemadn );
+               rc = dnNormalize( 0, NULL, NULL, &frontendDB->be_schemadn, &frontendDB->be_schemandn, NULL );
+               if ( rc != LDAP_SUCCESS ) {
+                       Debug(LDAP_DEBUG_ANY, "read_config: "
+                               "unable to normalize default schema DN \"%s\"\n",
+                               frontendDB->be_schemadn.bv_val, 0, 0 );
+                       /* must not happen */
+                       assert( 0 );
+               }
+       }
        return rc;
 }
 
@@ -2740,8 +2811,9 @@ check_vals( ConfigTable *ct, ConfigArgs *ca, void *ptr, int isAttr )
                        if ( idx ) ca->line = idx+1;
                }
                rc = config_parse_vals( ct, ca, i );
-               if ( rc )
+               if ( rc ) {
                        break;
+               }
        }
        return rc;
 }
@@ -2974,13 +3046,12 @@ cfAddOverlay( CfEntryInfo *p, Entry *e, struct config_args_s *ca )
 
 /* Parse an LDAP entry into config directives */
 static int
-config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
+config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca, SlapReply *rs, int *renum )
 {
        CfEntryInfo *ce, *last;
        ConfigOCs **colst;
        Attribute *a, *oc_at;
-       int i, j, nocs, rc = 0;
-       ConfigArgs ca = {0};
+       int i, nocs, rc = 0;
        struct berval pdn;
        ConfigTable *ct;
        char *ptr;
@@ -3004,15 +3075,17 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
        oc_at = attr_find( e->e_attrs, slap_schema.si_ad_objectClass );
        if ( !oc_at ) return LDAP_OBJECT_CLASS_VIOLATION;
 
+       memset( ca, 0, sizeof(ConfigArgs));
+
        /* Fake the coordinates based on whether we're part of an
         * LDAP Add or if reading the config dir
         */
        if ( rs ) {
-               ca.fname = "slapd";
-               ca.lineno = 0;
+               ca->fname = "slapd";
+               ca->lineno = 0;
        } else {
-               ca.fname = cfdir.bv_val;
-               ca.lineno = 1;
+               ca->fname = cfdir.bv_val;
+               ca->lineno = 1;
        }
 
        colst = count_ocs( oc_at, &nocs );
@@ -3023,8 +3096,8 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
        rc = LDAP_CONSTRAINT_VIOLATION;
        if ( colst[0]->co_type == Cft_Global && !last ) {
                cfn = &cf_prv;
-               ca.private = cfn;
-               ca.be = frontendDB;     /* just to get past check_vals */
+               ca->private = cfn;
+               ca->be = frontendDB;    /* just to get past check_vals */
                rc = LDAP_SUCCESS;
        }
 
@@ -3034,7 +3107,7 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
        if ( last ) {
                for ( i=0; i<nocs; i++ ) {
                        if ( colst[i]->co_ldadd &&
-                               ( rc = colst[i]->co_ldadd( last, e, &ca ))
+                               ( rc = colst[i]->co_ldadd( last, e, ca ))
                                        != LDAP_CONSTRAINT_VIOLATION ) {
                                break;
                        }
@@ -3070,7 +3143,7 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
        if ( rc )
                goto leave;
 
-       init_config_argv( &ca );
+       init_config_argv( ca );
 
        /* Make sure we process attrs in the required order */
        sort_attrs( e, colst, nocs );
@@ -3079,7 +3152,7 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
                if ( a == oc_at ) continue;
                ct = config_find_table( colst, nocs, a->a_desc );
                if ( !ct ) continue;    /* user data? */
-               rc = check_vals( ct, &ca, a, 1 );
+               rc = check_vals( ct, ca, a, 1 );
                if ( rc ) goto leave;
        }
 
@@ -3089,13 +3162,13 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
                ct = config_find_table( colst, nocs, a->a_desc );
                if ( !ct ) continue;    /* user data? */
                for (i=0; a->a_vals[i].bv_val; i++) {
-                       ca.line = a->a_vals[i].bv_val;
+                       ca->line = a->a_vals[i].bv_val;
                        if ( a->a_desc->ad_type->sat_flags & SLAP_AT_ORDERED ) {
-                               ptr = strchr( ca.line, '}' );
-                               if ( ptr ) ca.line = ptr+1;
+                               ptr = strchr( ca->line, '}' );
+                               if ( ptr ) ca->line = ptr+1;
                        }
-                       ca.valx = i;
-                       rc = config_parse_add( ct, &ca );
+                       ca->valx = i;
+                       rc = config_parse_add( ct, ca );
                        if ( rc ) {
                                rc = LDAP_OTHER;
                                goto leave;
@@ -3103,14 +3176,36 @@ config_add_internal( CfBackInfo *cfb, Entry *e, SlapReply *rs, int *renum )
                }
        }
 ok:
+       /* Newly added databases and overlays need to be started up */
+       if ( CONFIG_ONLINE_ADD( ca )) {
+               if ( colst[0]->co_type == Cft_Database ) {
+                       rc = backend_startup_one( ca->be );
+
+               } else if ( colst[0]->co_type == Cft_Overlay ) {
+                       if ( ca->bi->bi_db_open ) {
+                               BackendInfo *bi_orig = ca->be->bd_info;
+                               ca->be->bd_info = ca->bi;
+                               rc = ca->bi->bi_db_open( ca->be );
+                               ca->be->bd_info = bi_orig;
+                       }
+               }
+               if ( rc ) {
+                       sprintf( ca->msg, "<%s> failed startup", ca->argv[0] );
+                       Debug(LDAP_DEBUG_ANY, "%s: %s (%s)!\n",
+                               ca->log, ca->msg, ca->argv[1] );
+                       rc = LDAP_OTHER;
+                       goto leave;
+               }
+       }
+
        ce = ch_calloc( 1, sizeof(CfEntryInfo) );
        ce->ce_parent = last;
        ce->ce_entry = entry_dup( e );
        ce->ce_entry->e_private = ce;
        ce->ce_type = colst[0]->co_type;
-       ce->ce_be = ca.be;
-       ce->ce_bi = ca.bi;
-       ce->ce_private = ca.private;
+       ce->ce_be = ca->be;
+       ce->ce_bi = ca->bi;
+       ce->ce_private = ca->private;
        if ( !last ) {
                cfb->cb_root = ce;
        } else if ( last->ce_kids ) {
@@ -3124,7 +3219,15 @@ ok:
        }
 
 leave:
-       ch_free( ca.argv );
+       if ( rc ) {
+               if ( (colst[0]->co_type == Cft_Database) && ca->be ) {
+                       backend_destroy_one( ca->be );
+               } else if ( (colst[0]->co_type == Cft_Overlay) && ca->bi ) {
+                       overlay_destroy_one( ca->be, (slap_overinst *)ca->bi );
+               }
+       }
+
+       ch_free( ca->argv );
        if ( colst ) ch_free( colst );
        return rc;
 }
@@ -3136,8 +3239,8 @@ static int
 config_back_add( Operation *op, SlapReply *rs )
 {
        CfBackInfo *cfb;
-       CfEntryInfo *ce, *last;
        int renumber;
+       ConfigArgs ca;
 
        if ( !be_isroot( op ) ) {
                rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
@@ -3155,8 +3258,10 @@ config_back_add( Operation *op, SlapReply *rs )
         * 4) store entry in underlying database
         * 5) perform any necessary renumbering
         */
-       rs->sr_err = config_add_internal( cfb, op->ora_e, rs, &renumber );
-       if ( rs->sr_err == LDAP_SUCCESS && cfb->cb_use_ldif ) {
+       rs->sr_err = config_add_internal( cfb, op->ora_e, &ca, rs, &renumber );
+       if ( rs->sr_err != LDAP_SUCCESS ) {
+               rs->sr_text = ca.msg;
+       } else if ( cfb->cb_use_ldif ) {
                BackendDB *be = op->o_bd;
                slap_callback sc = { NULL, slap_null_cb, NULL, NULL };
                op->o_bd = &cfb->cb_db;
@@ -3179,14 +3284,13 @@ out:
 typedef struct delrec {
        struct delrec *next;
        int nidx;
-       int idx[0];
+       int idx[1];
 } delrec;
 
 static int
 config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
        ConfigArgs *ca )
 {
-       CfBackInfo *cfb = (CfBackInfo *)op->o_bd->be_private;
        int rc = LDAP_UNWILLING_TO_PERFORM;
        Modifications *ml;
        Entry *e = ce->ce_entry;
@@ -3220,8 +3324,6 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
                        int *idx = NULL;
                        if ( ct && ( ct->arg_type & ARG_NO_DELETE )) {
                                rc = LDAP_OTHER;
-                               snprintf( ca->msg, sizeof(ca->msg),
-                                       "<%s> cannot be deleted" );
                                snprintf(ca->msg, sizeof(ca->msg), "cannot delete %s",
                                        ml->sml_desc->ad_cname.bv_val );
                                goto out;
@@ -3238,7 +3340,7 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
                        if ( ct && ml->sml_values ) {
                                delrec *d;
                                for (i=0; ml->sml_values[i].bv_val; i++);
-                               d = ch_malloc( sizeof(delrec) + * sizeof(int));
+                               d = ch_malloc( sizeof(delrec) + (i - 1)* sizeof(int));
                                d->nidx = i;
                                d->next = NULL;
                                if ( dels ) {
@@ -3317,8 +3419,8 @@ config_modify_internal( CfEntryInfo *ce, Operation *op, SlapReply *rs,
        
        if(rc == LDAP_SUCCESS) {
                /* check that the entry still obeys the schema */
-               rc = entry_schema_check(op->o_bd, e, NULL,
-                                 &rs->sr_text, ca->msg, sizeof(ca->msg) );
+               rc = entry_schema_check(op->o_bd, e, NULL, 0,
+                       &rs->sr_text, ca->msg, sizeof(ca->msg) );
        }
        if ( rc == LDAP_SUCCESS ) {
                /* Basic syntax checks are OK. Do the actual settings. */
@@ -3541,7 +3643,6 @@ config_back_search( Operation *op, SlapReply *rs )
 {
        CfBackInfo *cfb;
        CfEntryInfo *ce, *last;
-       int rc;
 
        if ( !be_isroot( op ) ) {
                rs->sr_err = LDAP_INSUFFICIENT_ACCESS;
@@ -3776,12 +3877,11 @@ config_back_db_open( BackendDB *be )
        CfBackInfo *cfb = be->be_private;
        struct berval rdn;
        Entry *e, *parent;
-       CfEntryInfo *ce, *ceparent, *ceprev;
-       int i, rc;
+       CfEntryInfo *ce, *ceparent;
+       int i;
        BackendInfo *bi;
        BackendDB *bptr;
        ConfigArgs c;
-       ConfigTable *ct;
        Connection conn = {0};
        char opbuf[OPERATION_BUFFER_SIZE];
        Operation *op;
@@ -4015,9 +4115,10 @@ config_tool_entry_put( BackendDB *be, Entry *e, struct berval *text )
 {
        CfBackInfo *cfb = be->be_private;
        BackendInfo *bi = cfb->cb_db.bd_info;
+       ConfigArgs ca;
 
        if ( bi && bi->bi_tool_entry_put &&
-               config_add_internal( cfb, e, NULL, NULL ) == 0 )
+               config_add_internal( cfb, e, &ca, NULL, NULL ) == 0 )
                return bi->bi_tool_entry_put( &cfb->cb_db, e, text );
        else
                return NOID;
@@ -4111,6 +4212,9 @@ config_back_initialize( BackendInfo *bi )
        bi->bi_tool_entry_get = config_tool_entry_get;
        bi->bi_tool_entry_put = config_tool_entry_put;
 
+       /* Make sure we don't exceed the bits reserved for userland */
+       assert( ( ( CFG_LAST - 1 ) & ARGS_USERLAND ) == ( CFG_LAST - 1 ) );
+
        argv[3] = NULL;
        for (i=0; OidMacros[i].name; i++ ) {
                argv[1] = OidMacros[i].name;
Cloned from git://git.openldap.org/openldap.git