/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2005-2006 The OpenLDAP Foundation.
+ * Copyright 2005-2007 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
{ "sockbuf_max_incoming_auth", "max", 2, 2, 0, ARG_BER_LEN_T,
&sockbuf_max_incoming_auth, "( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
- { "srvtab", "file", 2, 2, 0,
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- ARG_STRING, &ldap_srvtab,
-#else
- ARG_IGNORED, NULL,
-#endif
- "( OLcfgGlAt:63 NAME 'olcSrvtab' "
- "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "subordinate", "[advertise]", 1, 2, 0, ARG_DB|ARG_MAGIC,
&config_subordinate, "( OLcfgDbAt:0.15 NAME 'olcSubordinate' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
"olcRootDSE $ "
"olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
"olcSecurity $ olcSizeLimit $ "
- "olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcSrvtab $ "
+ "olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ "
"olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
"olcTLSCACertificatePath $ olcTLSCertificateFile $ "
"olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
break;
case CFG_ROOTDSE:
- if(read_root_dse_file(c->argv[1])) {
+ if(root_dse_read_file(c->argv[1])) {
snprintf( c->msg, sizeof( c->msg ), "<%s> could not read file", c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s %s\n",
c->log, c->msg, c->argv[1] );
slap_verbmasks disallowable_ops[] = {
{ BER_BVC("bind_anon"), SLAP_DISALLOW_BIND_ANON },
{ BER_BVC("bind_simple"), SLAP_DISALLOW_BIND_SIMPLE },
- { BER_BVC("bind_krb4"), SLAP_DISALLOW_BIND_KRBV4 },
{ BER_BVC("tls_2_anon"), SLAP_DISALLOW_TLS_2_ANON },
{ BER_BVC("tls_authc"), SLAP_DISALLOW_TLS_AUTHC },
{ BER_BVNULL, 0 }
static int
config_tls_config(ConfigArgs *c) {
int i, flag;
- slap_verbmasks crlkeys[] = {
- { BER_BVC("none"), LDAP_OPT_X_TLS_CRL_NONE },
- { BER_BVC("peer"), LDAP_OPT_X_TLS_CRL_PEER },
- { BER_BVC("all"), LDAP_OPT_X_TLS_CRL_ALL },
- { BER_BVNULL, 0 }
- };
- slap_verbmasks vfykeys[] = {
- { BER_BVC("never"), LDAP_OPT_X_TLS_NEVER },
- { BER_BVC("demand"), LDAP_OPT_X_TLS_DEMAND },
- { BER_BVC("try"), LDAP_OPT_X_TLS_TRY },
- { BER_BVC("hard"), LDAP_OPT_X_TLS_HARD },
- { BER_BVNULL, 0 }
- }, *keys;
switch(c->type) {
- case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; keys = crlkeys; break;
- case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; keys = vfykeys; break;
+ case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; break;
+ case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; break;
default:
Debug(LDAP_DEBUG_ANY, "%s: "
"unknown tls_option <0x%x>\n",
return 1;
}
if (c->op == SLAP_CONFIG_EMIT) {
- ldap_pvt_tls_get_option( slap_tls_ld, flag, &c->value_int );
- for (i=0; !BER_BVISNULL(&keys[i].word); i++) {
- if (keys[i].mask == c->value_int) {
- c->value_string = ch_strdup( keys[i].word.bv_val );
- return 0;
- }
- }
- return 1;
+ return slap_tls_get_config( slap_tls_ld, flag, &c->value_string );
} else if ( c->op == LDAP_MOD_DELETE ) {
int i = 0;
return ldap_pvt_tls_set_option( slap_tls_ld, flag, &i );
{
struct berval schema_dn = BER_BVC(SCHEMA_RDN "," CONFIG_RDN);
ConfigArgs c = {0};
- ConfigFile *cf = cfb->cb_config;
CfEntryInfo *ce, *last;
Entry *e;