/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2005-2011 The OpenLDAP Foundation.
+ * Copyright 2005-2012 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* OLcfg{Bk|Db}{Oc|At}:0 -> common
* OLcfg{Bk|Db}{Oc|At}:1 -> back-bdb(/back-hdb)
* OLcfg{Bk|Db}{Oc|At}:2 -> back-ldif
- * OLcfg{Bk|Db}{Oc|At}:3 -> back-ldap
+ * OLcfg{Bk|Db}{Oc|At}:3 -> back-ldap/meta
* OLcfg{Bk|Db}{Oc|At}:4 -> back-monitor
* OLcfg{Bk|Db}{Oc|At}:5 -> back-relay
* OLcfg{Bk|Db}{Oc|At}:6 -> back-sql(/back-ndb)
} ServerID;
static ServerID *sid_list;
+static ServerID *sid_set;
typedef struct voidList {
struct voidList *vl_next;
break;
case CFG_MIRRORMODE:
if ( SLAP_SHADOW(c->be))
- c->value_int = (SLAP_SINGLE_SHADOW(c->be) == 0);
+ c->value_int = (SLAP_MULTIMASTER(c->be) != 0);
else
rc = 1;
break;
case CFG_AZPOLICY:
case CFG_DEPTH:
case CFG_LASTMOD:
- case CFG_MIRRORMODE:
case CFG_MONITORING:
case CFG_SASLSECP:
case CFG_SSTR_IF_MAX:
snprintf(c->log, sizeof( c->log ), "change requires slapd restart");
break;
+ case CFG_MIRRORMODE:
+ SLAP_DBFLAGS(c->be) &= ~SLAP_DBFLAG_MULTI_SHADOW;
+ if(SLAP_SHADOW(c->be))
+ SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_SINGLE_SHADOW;
+ break;
+
case CFG_SALT:
ch_free( passwd_salt );
passwd_salt = NULL;
si; si = *sip, i++ ) {
if ( c->valx == -1 || i == c->valx ) {
*sip = si->si_next;
+ if ( sid_set == si )
+ sid_set = NULL;
ch_free( si );
if ( c->valx >= 0 )
break;
/* else prev is NULL, append to end of global list */
}
if(parse_oc(c, &oc, prev)) return(1);
- if (!cfn->c_oc_head) cfn->c_oc_head = oc;
+ if (!cfn->c_oc_head || !c->valx) cfn->c_oc_head = oc;
if (cfn->c_oc_tail == prev) cfn->c_oc_tail = oc;
}
break;
/* else prev is NULL, append to end of global list */
}
if(parse_at(c, &at, prev)) return(1);
- if (!cfn->c_at_head) cfn->c_at_head = at;
+ if (!cfn->c_at_head || !c->valx) cfn->c_at_head = at;
if (cfn->c_at_tail == prev) cfn->c_at_tail = at;
}
break;
/* else prev is NULL, append to end of global list */
}
if ( parse_syn( c, &syn, prev ) ) return(1);
- if ( !cfn->c_syn_head ) cfn->c_syn_head = syn;
+ if ( !cfn->c_syn_head || !c->valx ) cfn->c_syn_head = syn;
if ( cfn->c_syn_tail == prev ) cfn->c_syn_tail = syn;
}
break;
Debug( LDAP_DEBUG_CONFIG,
"%s: SID=0x%03x\n",
c->log, slap_serverID, 0 );
+ sid_set = si;
}
si->si_next = NULL;
si->si_num = num;
if (( slapMode & SLAP_SERVER_MODE ) && c->argc > 2 ) {
Listener *l = config_check_my_url( c->argv[2], lud );
if ( l ) {
+ if ( sid_set ) {
+ ldap_free_urldesc( lud );
+ snprintf( c->cr_msg, sizeof( c->cr_msg ),
+ "<%s> multiple server ID URLs matched, only one is allowed", c->argv[0] );
+ Debug(LDAP_DEBUG_ANY, "%s: %s %s\n",
+ c->log, c->cr_msg, c->argv[1] );
+ return 1;
+ }
slap_serverID = si->si_num;
Debug( LDAP_DEBUG_CONFIG,
"%s: SID=0x%03x (listener=%s)\n",
c->log, slap_serverID,
l->sl_url.bv_val );
+ sid_set = si;
}
}
if ( c->argc > 2 )
c->log, c->cr_msg, 0 );
return(1);
}
- if(c->value_int)
+ if(c->value_int) {
SLAP_DBFLAGS(c->be) &= ~SLAP_DBFLAG_SINGLE_SHADOW;
- else
+ SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_MULTI_SHADOW;
+ } else {
SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_SINGLE_SHADOW;
+ SLAP_DBFLAGS(c->be) &= ~SLAP_DBFLAG_MULTI_SHADOW;
+ }
break;
case CFG_MONITORING:
}
#endif
- if (SLAP_DB_ONE_SUFFIX( c->be ) && c->be->be_suffix ) {
+ if (SLAP_DB_ONE_SUFFIX( c->be ) && c->be->be_suffix &&
+ !BER_BVISNULL( &c->be->be_suffix[0] )) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> Only one suffix is allowed on this %s backend",
c->argv[0], c->be->bd_info->bi_type );
Debug(LDAP_DEBUG_ANY, "%s: %s\n",
if ( !c->line ) {
c->be->be_restrictops = 0;
} else {
- restrictops = verb_to_mask( c->line, restrictable_ops );
- c->be->be_restrictops ^= restrictops;
+ i = verb_to_mask( c->line, restrictable_ops );
+ c->be->be_restrictops &= ~restrictable_ops[i].mask;
}
return 0;
}
if ( !c->line ) {
global_allows = 0;
} else {
- allows = verb_to_mask( c->line, allowable_ops );
- global_allows ^= allows;
+ i = verb_to_mask( c->line, allowable_ops );
+ global_allows &= ~allowable_ops[i].mask;
}
return 0;
}
if ( !c->line ) {
global_disallows = 0;
} else {
- disallows = verb_to_mask( c->line, disallowable_ops );
- global_disallows ^= disallows;
+ i = verb_to_mask( c->line, disallowable_ops );
+ global_disallows &= ~disallowable_ops[i].mask;
}
return 0;
}
if ( !c->line ) {
c->be->be_requires = 0;
} else {
- requires = verb_to_mask( c->line, requires_ops );
- c->be->be_requires ^= requires;
+ i = verb_to_mask( c->line, requires_ops );
+ c->be->be_requires &= ~requires_ops[i].mask;
}
return 0;
}
if ( !c->line ) {
config_syslog = 0;
} else {
- int level = verb_to_mask( c->line, loglevel_ops );
- config_syslog ^= level;
+ i = verb_to_mask( c->line, loglevel_ops );
+ config_syslog &= ~loglevel_ops[i].mask;
}
if ( slapMode & SLAP_SERVER_MODE ) {
ldap_syslog = config_syslog;
}
} else {
- SLAP_DBFLAGS(c->be) |= (SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SINGLE_SHADOW | flag);
+ SLAP_DBFLAGS(c->be) |= (SLAP_DBFLAG_SHADOW | flag);
+ if ( !SLAP_MULTIMASTER( c->be ))
+ SLAP_DBFLAGS(c->be) |= SLAP_DBFLAG_SINGLE_SHADOW;
}
return 0;
assert( 0 );
}
}
+ if ( rc == 0 && ( slapMode & SLAP_SERVER_MODE ) && sid_list ) {
+ if ( !BER_BVISEMPTY( &sid_list->si_url ) && !sid_set ) {
+ Debug(LDAP_DEBUG_ANY, "read_config: no serverID / URL match found. "
+ "Check slapd -h arguments.\n", 0,0,0 );
+ rc = LDAP_OTHER;
+ }
+ }
return rc;
}
}
}
- /* count related kids */
- for (nsibs=0, ce=parent->ce_kids; ce; ce=ce->ce_sibs) {
- if ( ce->ce_type == ce_type ) nsibs++;
+ /* count related kids.
+ * For entries of type Cft_Misc, only count siblings with same RDN type
+ */
+ if ( ce_type == Cft_Misc ) {
+ rdn.bv_val = e->e_nname.bv_val;
+ ptr1 = strchr( rdn.bv_val, '=' );
+ assert( ptr1 != NULL );
+
+ rdn.bv_len = ptr1 - rdn.bv_val;
+
+ for (nsibs=0, ce=parent->ce_kids; ce; ce=ce->ce_sibs) {
+ struct berval rdn2;
+ if ( ce->ce_type != ce_type )
+ continue;
+
+ dnRdn( &ce->ce_entry->e_nname, &rdn2 );
+
+ ptr1 = strchr( rdn2.bv_val, '=' );
+ assert( ptr1 != NULL );
+
+ rdn2.bv_len = ptr1 - rdn2.bv_val;
+ if ( bvmatch( &rdn, &rdn2 ))
+ nsibs++;
+ }
+ } else {
+ for (nsibs=0, ce=parent->ce_kids; ce; ce=ce->ce_sibs) {
+ if ( ce->ce_type == ce_type ) nsibs++;
+ }
}
/* account for -1 frontend */
CfBackInfo *cfb;
CfEntryInfo *ce, *last, *ce2;
- slap_mask_t mask;
-
cfb = (CfBackInfo *)op->o_bd->be_private;
ce = config_find_base( cfb->cb_root, &op->o_req_ndn, &last );
rs->sr_matched = last->ce_entry->e_name.bv_val;
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else if ( ce->ce_kids ) {
- rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ rs->sr_err = LDAP_NOT_ALLOWED_ON_NONLEAF;
} else if ( op->o_abandon ) {
rs->sr_err = SLAPD_ABANDON;
} else if ( ce->ce_type == Cft_Overlay ||
int count, ixold;
ldap_pvt_thread_pool_pause( &connection_pool );
-
- overlay_remove( ce->ce_be, (slap_overinst *)ce->ce_bi );
if ( ce->ce_type == Cft_Overlay ){
overlay_remove( ce->ce_be, (slap_overinst *)ce->ce_bi, op );
return 0;
}
-