/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
- * Copyright 2005-2006 The OpenLDAP Foundation.
+ * Copyright 2005-2007 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
{ "sockbuf_max_incoming_auth", "max", 2, 2, 0, ARG_BER_LEN_T,
&sockbuf_max_incoming_auth, "( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth' "
"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
- { "srvtab", "file", 2, 2, 0,
-#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
- ARG_STRING, &ldap_srvtab,
-#else
- ARG_IGNORED, NULL,
-#endif
- "( OLcfgGlAt:63 NAME 'olcSrvtab' "
- "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
{ "subordinate", "[advertise]", 1, 2, 0, ARG_DB|ARG_MAGIC,
&config_subordinate, "( OLcfgDbAt:0.15 NAME 'olcSubordinate' "
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
"olcRootDSE $ "
"olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
"olcSecurity $ olcSizeLimit $ "
- "olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ olcSrvtab $ "
+ "olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ "
"olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
"olcTLSCACertificatePath $ olcTLSCertificateFile $ "
"olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
break;
case CFG_ROOTDSE:
- if(read_root_dse_file(c->argv[1])) {
+ if(root_dse_read_file(c->argv[1])) {
snprintf( c->msg, sizeof( c->msg ), "<%s> could not read file", c->argv[0] );
Debug(LDAP_DEBUG_ANY, "%s: %s %s\n",
c->log, c->msg, c->argv[1] );
free(pdn.bv_val);
free(ndn.bv_val);
} else if(tbe) {
- char *type = tbe->bd_info->bi_type;
+ BackendDB *b2 = tbe;
- if ( overlay_is_over( tbe ) ) {
- slap_overinfo *oi = (slap_overinfo *)tbe->bd_info->bi_private;
- type = oi->oi_orig->bi_type;
- }
+ /* Does tbe precede be? */
+ while (( b2 = LDAP_STAILQ_NEXT(b2, be_next )) && b2 && b2 != c->be );
- snprintf( c->msg, sizeof( c->msg ), "<%s> namingContext \"%s\" already served by "
- "a preceding %s database serving namingContext",
- c->argv[0], pdn.bv_val, type );
- Debug(LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
- c->log, c->msg, tbe->be_suffix[0].bv_val);
- free(pdn.bv_val);
- free(ndn.bv_val);
- return(1);
- } else if(pdn.bv_len == 0 && default_search_nbase.bv_len) {
+ if ( b2 ) {
+ char *type = tbe->bd_info->bi_type;
+
+ if ( overlay_is_over( tbe ) ) {
+ slap_overinfo *oi = (slap_overinfo *)tbe->bd_info->bi_private;
+ type = oi->oi_orig->bi_type;
+ }
+
+ snprintf( c->msg, sizeof( c->msg ), "<%s> namingContext \"%s\" "
+ "already served by a preceding %s database",
+ c->argv[0], pdn.bv_val, type );
+ Debug(LDAP_DEBUG_ANY, "%s: %s serving namingContext \"%s\"\n",
+ c->log, c->msg, tbe->be_suffix[0].bv_val);
+ free(pdn.bv_val);
+ free(ndn.bv_val);
+ return(1);
+ }
+ }
+ if(pdn.bv_len == 0 && default_search_nbase.bv_len) {
Debug(LDAP_DEBUG_ANY, "%s: suffix DN empty and default search "
"base provided \"%s\" (assuming okay)\n",
c->log, default_search_base.bv_val, 0);
slap_verbmasks disallowable_ops[] = {
{ BER_BVC("bind_anon"), SLAP_DISALLOW_BIND_ANON },
{ BER_BVC("bind_simple"), SLAP_DISALLOW_BIND_SIMPLE },
- { BER_BVC("bind_krb4"), SLAP_DISALLOW_BIND_KRBV4 },
{ BER_BVC("tls_2_anon"), SLAP_DISALLOW_TLS_2_ANON },
{ BER_BVC("tls_authc"), SLAP_DISALLOW_TLS_AUTHC },
{ BER_BVNULL, 0 }
static int
config_tls_config(ConfigArgs *c) {
int i, flag;
- slap_verbmasks crlkeys[] = {
- { BER_BVC("none"), LDAP_OPT_X_TLS_CRL_NONE },
- { BER_BVC("peer"), LDAP_OPT_X_TLS_CRL_PEER },
- { BER_BVC("all"), LDAP_OPT_X_TLS_CRL_ALL },
- { BER_BVNULL, 0 }
- };
- slap_verbmasks vfykeys[] = {
- { BER_BVC("never"), LDAP_OPT_X_TLS_NEVER },
- { BER_BVC("demand"), LDAP_OPT_X_TLS_DEMAND },
- { BER_BVC("try"), LDAP_OPT_X_TLS_TRY },
- { BER_BVC("hard"), LDAP_OPT_X_TLS_HARD },
- { BER_BVNULL, 0 }
- }, *keys;
switch(c->type) {
- case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; keys = crlkeys; break;
- case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; keys = vfykeys; break;
+ case CFG_TLS_CRLCHECK: flag = LDAP_OPT_X_TLS_CRLCHECK; break;
+ case CFG_TLS_VERIFY: flag = LDAP_OPT_X_TLS_REQUIRE_CERT; break;
default:
Debug(LDAP_DEBUG_ANY, "%s: "
"unknown tls_option <0x%x>\n",
return 1;
}
if (c->op == SLAP_CONFIG_EMIT) {
- ldap_pvt_tls_get_option( slap_tls_ld, flag, &c->value_int );
- for (i=0; !BER_BVISNULL(&keys[i].word); i++) {
- if (keys[i].mask == c->value_int) {
- c->value_string = ch_strdup( keys[i].word.bv_val );
- return 0;
- }
- }
- return 1;
+ return slap_tls_get_config( slap_tls_ld, flag, &c->value_string );
} else if ( c->op == LDAP_MOD_DELETE ) {
int i = 0;
return ldap_pvt_tls_set_option( slap_tls_ld, flag, &i );
if ( !last ) {
cfb->cb_root = ce;
} else if ( last->ce_kids ) {
- CfEntryInfo *c2;
-
- for (c2=last->ce_kids; c2 && c2->ce_sibs; c2 = c2->ce_sibs);
+ CfEntryInfo *c2, **cprev;
- c2->ce_sibs = ce;
+ /* Advance to first of this type */
+ cprev = &last->ce_kids;
+ for ( c2 = *cprev; c2 && c2->ce_type != ce->ce_type; ) {
+ cprev = &c2->ce_sibs;
+ c2 = c2->ce_sibs;
+ }
+ /* Account for the (-1) frontendDB entry */
+ if ( ce->ce_type == Cft_Database ) {
+ if ( ca->be == frontendDB )
+ ibase = 0;
+ else if ( ibase != -1 )
+ ibase++;
+ }
+ /* Append */
+ if ( ibase < 0 ) {
+ for (c2 = *cprev; c2 && c2->ce_type == ce->ce_type;) {
+ cprev = &c2->ce_sibs;
+ c2 = c2->ce_sibs;
+ }
+ } else {
+ /* Insert */
+ int i;
+ for ( i=0; i<ibase; i++ ) {
+ c2 = *cprev;
+ cprev = &c2->ce_sibs;
+ }
+ }
+ ce->ce_sibs = *cprev;
+ *cprev = ce;
} else {
last->ce_kids = ce;
}
ldap_pvt_thread_pool_pause( &connection_pool );
if ( ce->ce_type == Cft_Schema ) {
+ req_modrdn_s modr = op->oq_modrdn;
struct berval rdn;
Attribute *a;
rs->sr_err = config_rename_attr( rs, ce->ce_entry, &rdn, &a );
ce->ce_parent, a, &op->orr_newrdn, &op->orr_nnewrdn,
cfb->cb_use_ldif );
}
+ op->oq_modrdn = modr;
} else {
CfEntryInfo *ce2, *cebase, **cprev, **cbprev, *ceold;
req_modrdn_s modr = op->oq_modrdn;
{
struct berval schema_dn = BER_BVC(SCHEMA_RDN "," CONFIG_RDN);
ConfigArgs c = {0};
- ConfigFile *cf = cfb->cb_config;
CfEntryInfo *ce, *last;
Entry *e;
projects / openldap / blobdiff