Switch example slapd.conf to use mdb instead of bdb

[openldap] / servers / slapd / bconfig.c

diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c
index 8c823f208d4ffa8b5ea707cbca63992ce7ba999e..f9b5531e8bef57ff6b3792f99ac433c13121d580 100644 (file)
--- a/servers/slapd/bconfig.c
+++ b/servers/slapd/bconfig.c
@@ -199,6 +199,7 @@ enum {
        CFG_IX_HASH64,
        CFG_DISABLED,
        CFG_THREADQS,
+       CFG_TLS_ECNAME,
 
        CFG_LAST
 };
@@ -775,6 +776,14 @@ static ConfigTable config_back_cf_table[] = {
 #endif
                "( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' "
                        "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
+       { "TLSECName", NULL, 2, 2, 0,
+#ifdef HAVE_TLS
+               CFG_TLS_ECNAME|ARG_STRING|ARG_MAGIC, &config_tls_option,
+#else
+               ARG_IGNORED, NULL,
+#endif
+               "( OLcfgGlAt:96 NAME 'olcTLSECName' "
+                       "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
        { "TLSProtocolMin",     NULL, 2, 2, 0,
 #ifdef HAVE_TLS
                CFG_TLS_PROTOCOL_MIN|ARG_STRING|ARG_MAGIC, &config_tls_config,
@@ -859,8 +868,8 @@ static ConfigOCs cf_ocs[] = {
                 "olcTimeLimit $ olcTLSCACertificateFile $ "
                 "olcTLSCACertificatePath $ olcTLSCertificateFile $ "
                 "olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
-                "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ "
-                "olcTLSCRLFile $ olcToolThreads $ olcWriteTimeout $ "
+                "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ "
+                "olcTLSCRLFile $ olcTLSProtocolMin $ olcToolThreads $ olcWriteTimeout $ "
                 "olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ "
                 "olcDitContentRules $ olcLdapSyntaxes ) )", Cft_Global },
        { "( OLcfgGlOc:2 "
@@ -1717,6 +1726,8 @@ config_generic(ConfigArgs *c) {
                                        c->log, c->cr_msg, 0 );
                                return 1;
                        }
+                       if ( slapMode & SLAP_SERVER_MODE )
+                               ldap_pvt_thread_pool_queues(&connection_pool, c->value_int);
                        connection_pool_queues = c->value_int;  /* save for reference */
                        break;
 
@@ -4027,6 +4038,7 @@ config_tls_cleanup(ConfigArgs *c) {
                int opt = 1;
 
                ldap_pvt_tls_ctx_free( slap_tls_ctx );
+               slap_tls_ctx = NULL;
 
                /* Force new ctx to be created */
                rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt );
@@ -4035,6 +4047,11 @@ config_tls_cleanup(ConfigArgs *c) {
                        ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
                        /* This is a no-op if it's already loaded */
                        load_extop( &slap_EXOP_START_TLS, 0, starttls_extop );
+               } else {
+                       if ( rc == LDAP_NOT_SUPPORTED )
+                               rc = LDAP_UNWILLING_TO_PERFORM;
+                       else
+                               rc = LDAP_OTHER;
                }
        }
        return rc;
@@ -4052,6 +4069,7 @@ config_tls_option(ConfigArgs *c) {
        case CFG_TLS_CA_PATH:   flag = LDAP_OPT_X_TLS_CACERTDIR;        break;
        case CFG_TLS_CA_FILE:   flag = LDAP_OPT_X_TLS_CACERTFILE;       break;
        case CFG_TLS_DH_FILE:   flag = LDAP_OPT_X_TLS_DHFILE;   break;
+       case CFG_TLS_ECNAME:    flag = LDAP_OPT_X_TLS_ECNAME;   break;
 #ifdef HAVE_GNUTLS
        case CFG_TLS_CRL_FILE:  flag = LDAP_OPT_X_TLS_CRLFILE;  break;
 #endif