* OLcfgOv{Oc|At}:18 -> memberof
* OLcfgOv{Oc|At}:19 -> collect
* OLcfgOv{Oc|At}:20 -> retcode
+ * OLcfgOv{Oc|At}:21 -> sssvlv
*/
/* alphabetical ordering */
{ "password-crypt-salt-format", "salt", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_SALT,
&config_generic, "( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
- { "password-hash", "hash", 2, 2, 0, ARG_MAGIC,
+ { "password-hash", "hash", 2, 0, 0, ARG_MAGIC,
&config_passwd_hash, "( OLcfgGlAt:36 NAME 'olcPasswordHash' "
"EQUALITY caseIgnoreMatch "
"SYNTAX OMsDirectoryString )", NULL, NULL },
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "sasl-authz-policy", NULL, 2, 2, 0, ARG_MAGIC|CFG_AZPOLICY,
&config_generic, NULL, NULL, NULL },
+ { "sasl-auxprops", NULL, 2, 0, 0,
+#ifdef HAVE_CYRUS_SASL
+ ARG_STRING|ARG_UNIQUE, &slap_sasl_auxprops,
+#else
+ ARG_IGNORED, NULL,
+#endif
+ "( OLcfgGlAt:89 NAME 'olcSaslAuxprops' "
+ "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "sasl-host", "host", 2, 2, 0,
#ifdef HAVE_CYRUS_SASL
ARG_STRING|ARG_UNIQUE, &sasl_host,
&config_updateref, "( OLcfgDbAt:0.13 NAME 'olcUpdateRef' "
"EQUALITY caseIgnoreMatch "
"SUP labeledURI )", NULL, NULL },
+ { "writetimeout", "timeout", 2, 2, 0, ARG_INT,
+ &global_writetimeout, "( OLcfgGlAt:88 NAME 'olcWriteTimeout' "
+ "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
{ NULL, NULL, 0, 0, 0, ARG_IGNORED,
NULL, NULL, NULL, NULL }
};
"olcPluginLogFile $ olcReadOnly $ olcReferral $ "
"olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
"olcRootDSE $ "
- "olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
+ "olcSaslAuxprops $ olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
"olcSecurity $ olcServerID $ olcSizeLimit $ "
"olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ "
"olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
"olcTLSCACertificatePath $ olcTLSCertificateFile $ "
"olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
"olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ "
- "olcTLSCRLFile $ olcToolThreads $ "
+ "olcTLSCRLFile $ olcToolThreads $ olcWriteTimeout $ "
"olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ "
"olcDitContentRules $ olcLdapSyntaxes ) )", Cft_Global },
{ "( OLcfgGlOc:2 "
case CFG_LIMITS:
/* FIXME: there is no limits_free function */
+ if ( c->valx < 0 ) {
+ limits_destroy( c->be->be_limits );
+ c->be->be_limits = NULL;
+
+ } else {
+ int cnt, num = -1;
+
+ if ( c->be->be_limits ) {
+ for ( num = 0; c->be->be_limits[ num ]; num++ )
+ /* just count */ ;
+ }
+
+ if ( c->valx >= num ) {
+ return 1;
+ }
+
+ if ( num == 1 ) {
+ limits_destroy( c->be->be_limits );
+ c->be->be_limits = NULL;
+
+ } else {
+ limits_free_one( c->be->be_limits[ c->valx ] );
+
+ for ( cnt = c->valx; cnt < num; cnt++ ) {
+ c->be->be_limits[ cnt ] = c->be->be_limits[ cnt + 1 ];
+ }
+ }
+ }
+ break;
+
case CFG_ATOPT:
/* FIXME: there is no ad_option_free function */
case CFG_ROOTDSE:
*sip = si;
if (( slapMode & SLAP_SERVER_MODE ) && c->argc > 2 ) {
- Listener **l = slapd_get_listeners();
- int i, isMe = 0;
-
- /* Try a straight compare with Listener strings */
- for ( i=0; l && l[i]; i++ ) {
- if ( !strcasecmp( c->argv[2], l[i]->sl_url.bv_val )) {
- isMe = 1;
- break;
- }
- }
-
- /* If hostname is empty, or is localhost, or matches
- * our hostname, this serverID refers to this host.
- * Compare it against listeners and ports.
- */
- if ( !isMe && ( !lud->lud_host || !lud->lud_host[0] ||
- !strncasecmp("localhost", lud->lud_host,
- STRLENOF("localhost")) ||
- !strcasecmp( global_host, lud->lud_host ))) {
-
- for ( i=0; l && l[i]; i++ ) {
- LDAPURLDesc *lu2;
- ldap_url_parse( l[i]->sl_url.bv_val, &lu2 );
- do {
- if ( strcasecmp( lud->lud_scheme,
- lu2->lud_scheme ))
- break;
- if ( lud->lud_port != lu2->lud_port )
- break;
- /* Listener on ANY address */
- if ( !lu2->lud_host || !lu2->lud_host[0] ) {
- isMe = 1;
- break;
- }
- /* URL on ANY address */
- if ( !lud->lud_host || !lud->lud_host[0] ) {
- isMe = 1;
- break;
- }
- /* Listener has specific host, must
- * match it
- */
- if ( !strcasecmp( lud->lud_host,
- lu2->lud_host )) {
- isMe = 1;
- break;
- }
- } while(0);
- ldap_free_urldesc( lu2 );
- if ( isMe ) {
- break;
- }
- }
- }
- if ( isMe ) {
+ Listener *l = config_check_my_url( c->argv[2], lud );
+ if ( l ) {
slap_serverID = si->si_num;
Debug( LDAP_DEBUG_CONFIG,
"%s: SID=%d (listener=%s)\n",
c->log, slap_serverID,
- l[i]->sl_url.bv_val );
+ l->sl_url.bv_val );
}
}
if ( c->argc > 2 )
break;
case CFG_MIRRORMODE:
- if(!SLAP_SHADOW(c->be)) {
+ if(c->value_int && !SLAP_SHADOW(c->be)) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> database is not a shadow",
c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s\n",
config_subordinate(ConfigArgs *c)
{
int rc = 1;
- int advertise;
+ int advertise = 0;
switch( c->op ) {
case SLAP_CONFIG_EMIT:
break;
case LDAP_MOD_ADD:
case SLAP_CONFIG_ADD:
- advertise = ( c->argc == 2 && !strcasecmp( c->argv[1], "advertise" ));
+ if ( c->be->be_nsuffix == NULL ) {
+ /* log error */
+ snprintf( c->cr_msg, sizeof( c->cr_msg),
+ "subordinate configuration needs a suffix" );
+ Debug( LDAP_DEBUG_ANY,
+ "%s: %s.\n",
+ c->log, c->cr_msg, 0 );
+ rc = 1;
+ break;
+ }
+
+ if ( c->argc == 2 ) {
+ if ( strcasecmp( c->argv[1], "advertise" ) == 0 ) {
+ advertise = 1;
+
+ } else if ( strcasecmp( c->argv[1], "TRUE" ) != 0 ) {
+ /* log error */
+ snprintf( c->cr_msg, sizeof( c->cr_msg),
+ "subordinate must be \"TRUE\" or \"advertise\"" );
+ Debug( LDAP_DEBUG_ANY,
+ "%s: suffix \"%s\": %s.\n",
+ c->log, c->be->be_suffix[0].bv_val, c->cr_msg );
+ rc = 1;
+ break;
+ }
+ }
+
rc = glue_sub_add( c->be, advertise, CONFIG_ONLINE_ADD( c ));
break;
}
+
return rc;
}
int level;
if ( isdigit((unsigned char)c->argv[i][0]) || c->argv[i][0] == '-' ) {
- if( lutil_atoi( &level, c->argv[i] ) != 0 ) {
+ if( lutil_atoix( &level, c->argv[i], 0 ) != 0 ) {
snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> unable to parse level", c->argv[0] );
Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
c->log, c->cr_msg, c->argv[i]);
}
#ifdef HAVE_TLS
+static int
+config_tls_cleanup(ConfigArgs *c) {
+ int rc = 0;
+
+ if ( slap_tls_ld ) {
+ int opt = 1;
+
+ ldap_pvt_tls_ctx_free( slap_tls_ctx );
+
+ /* Force new ctx to be created */
+ rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt );
+ if( rc == 0 ) {
+ /* The ctx's refcount is bumped up here */
+ ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
+ /* This is a no-op if it's already loaded */
+ load_extop( &slap_EXOP_START_TLS, 0, starttls_extop );
+ }
+ }
+ return rc;
+}
+
static int
config_tls_option(ConfigArgs *c) {
int flag;
if (c->op == SLAP_CONFIG_EMIT) {
return ldap_pvt_tls_get_option( ld, flag, &c->value_string );
} else if ( c->op == LDAP_MOD_DELETE ) {
+ c->cleanup = config_tls_cleanup;
return ldap_pvt_tls_set_option( ld, flag, NULL );
}
ch_free(c->value_string);
+ c->cleanup = config_tls_cleanup;
return(ldap_pvt_tls_set_option(ld, flag, c->argv[1]));
}
return slap_tls_get_config( slap_tls_ld, flag, &c->value_string );
} else if ( c->op == LDAP_MOD_DELETE ) {
int i = 0;
+ c->cleanup = config_tls_cleanup;
return ldap_pvt_tls_set_option( slap_tls_ld, flag, &i );
}
ch_free( c->value_string );
+ c->cleanup = config_tls_cleanup;
if ( isdigit( (unsigned char)c->argv[1][0] ) ) {
if ( lutil_atoi( &i, c->argv[1] ) != 0 ) {
Debug(LDAP_DEBUG_ANY, "%s: "
}
}
+ if ( op->o_abandon ) {
+ rs->sr_err = SLAPD_ABANDON;
+ goto out;
+ }
ldap_pvt_thread_pool_pause( &connection_pool );
/* Strategy:
slap_mods_opattrs( op, &op->orm_modlist, 1 );
- if ( do_pause )
+ if ( do_pause ) {
+ if ( op->o_abandon ) {
+ rs->sr_err = SLAPD_ABANDON;
+ goto out;
+ }
ldap_pvt_thread_pool_pause( &connection_pool );
+ }
/* Strategy:
* 1) perform the Modify on the cached Entry.
goto out;
}
+ if ( op->o_abandon ) {
+ rs->sr_err = SLAPD_ABANDON;
+ goto out;
+ }
ldap_pvt_thread_pool_pause( &connection_pool );
if ( ce->ce_type == Cft_Schema ) {
rs->sr_err = LDAP_NO_SUCH_OBJECT;
} else if ( ce->ce_kids ) {
rs->sr_err = LDAP_UNWILLING_TO_PERFORM;
+ } else if ( op->o_abandon ) {
+ rs->sr_err = SLAPD_ABANDON;
} else if ( ce->ce_type == Cft_Overlay ){
char *iptr;
int count, ixold;
projects / openldap / blobdiff