#define S_ISREG(m) (((m) & _S_IFMT) == _S_IFREG)
#endif
-#if HAVE_UNISTD_H
+#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include "lutil_ldap.h"
#include "config.h"
-#ifdef HAVE_TLS
-#include <openssl/ssl.h>
-#endif
-
#define ARGS_STEP 512
/*
int global_idletimeout = 0;
char *global_host = NULL;
char *global_realm = NULL;
-char *ldap_srvtab = "";
char **default_passwd_hash = NULL;
struct berval default_search_base = BER_BVNULL;
struct berval default_search_nbase = BER_BVNULL;
return(0);
}
if(arg_type & ARG_OFFSET) {
- if (c->be && (!overlay_is_over(c->be) ||
- ((slap_overinfo *)c->be->bd_info)->oi_orig == c->bi))
+ if (c->be && c->table == Cft_Database)
ptr = c->be->be_private;
else if (c->bi)
ptr = c->bi->bi_private;
if ( rc ) return rc;
} else {
if ( cf->arg_type & ARG_OFFSET ) {
- if (c->be && (!overlay_is_over(c->be) ||
- ((slap_overinfo *)c->be->bd_info)->oi_orig == c->bi))
+ if (c->be && c->table == Cft_Database)
ptr = c->be->be_private;
else if ( c->bi )
ptr = c->bi->bi_private;
ct = config_find_keyword( cft, c );
if ( ct ) {
+ c->table = Cft_Global;
rc = config_add_vals( ct, c );
if ( !rc ) continue;
if ( c->bi->bi_cf_ocs ) {
ct = config_find_keyword( c->bi->bi_cf_ocs->co_table, c );
if ( ct ) {
+ c->table = c->bi->bi_cf_ocs->co_type;
rc = config_add_vals( ct, c );
}
}
if ( c->be->be_cf_ocs ) {
ct = config_find_keyword( c->be->be_cf_ocs->co_table, c );
if ( ct ) {
+ c->table = c->be->be_cf_ocs->co_type;
rc = config_add_vals( ct, c );
}
}
{ BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL },
{ BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'i', 0, versionkey },
{ BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'i', 0, methkey },
+ { BER_BVC("timeout="), offsetof(slap_bindconf, sb_timeout_api), 'i', 0, NULL },
+ { BER_BVC("network-timeout="), offsetof(slap_bindconf, sb_timeout_net), 'i', 0, NULL },
{ BER_BVC("binddn="), offsetof(slap_bindconf, sb_binddn), 'b', 1, (slap_verbmasks *)dnNormalize },
{ BER_BVC("credentials="), offsetof(slap_bindconf, sb_cred), 'b', 1, NULL },
{ BER_BVC("saslmech="), offsetof(slap_bindconf, sb_saslmech), 'b', 0, NULL },
{ BER_BVC("secprops="), offsetof(slap_bindconf, sb_secprops), 's', 0, NULL },
{ BER_BVC("realm="), offsetof(slap_bindconf, sb_realm), 'b', 0, NULL },
- { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 0, (slap_verbmasks *)authzNormalize },
+ { BER_BVC("authcID="), offsetof(slap_bindconf, sb_authcId), 'b', 1, NULL },
{ BER_BVC("authzID="), offsetof(slap_bindconf, sb_authzId), 'b', 1, (slap_verbmasks *)authzNormalize },
#ifdef HAVE_TLS
{ BER_BVC("starttls="), offsetof(slap_bindconf, sb_tls), 'i', 0, tlskey },
- /* NOTE: replace "11" with the actual index
+ /* NOTE: replace "13" with the actual index
* of the first TLS-related line */
-#define aux_TLS (bindkey+11) /* beginning of TLS keywords */
+#define aux_TLS (bindkey+13) /* beginning of TLS keywords */
{ BER_BVC("tls_cert="), offsetof(slap_bindconf, sb_tls_cert), 's', 1, NULL },
{ BER_BVC("tls_key="), offsetof(slap_bindconf, sb_tls_key), 's', 1, NULL },
*val = NULL;
switch( opt ) {
+#ifdef HAVE_TLS
case LDAP_OPT_X_TLS_CRLCHECK:
keys = crlkeys;
break;
case LDAP_OPT_X_TLS_REQUIRE_CERT:
keys = vfykeys;
break;
+#endif
default:
return -1;
}
int
bindconf_tls_unparse( slap_bindconf *bc, struct berval *bv )
{
+#ifdef HAVE_TLS
return slap_cf_aux_table_unparse( bc, bv, aux_TLS );
+#endif
+ return -1;
}
int
BER_BVZERO( &bc->sb_authzId );
}
#ifdef HAVE_TLS
-#if 0
- if ( bc->sb_tls_ctx ) {
- SSL_CTX_free( bc->sb_tls_ctx );
- bc->sb_tls_ctx = NULL;
- }
-#endif
if ( bc->sb_tls_cert ) {
ch_free( bc->sb_tls_cert );
bc->sb_tls_cert = NULL;
int opt = 0;
if ( bc->sb_tls_ctx ) {
- SSL_CTX_free( bc->sb_tls_ctx );
+ ldap_pvt_tls_ctx_free( bc->sb_tls_ctx );
bc->sb_tls_ctx = NULL;
}
rc = ldap_set_option( ld, LDAP_OPT_X_TLS_NEWCTX, &opt );
{
LDAP *ld = NULL;
int rc;
+ struct timeval tv;
/* Init connection to master */
rc = ldap_initialize( &ld, sb->sb_uri.bv_val );
(const void *)&sb->sb_version );
}
+ if ( sb->sb_timeout_api ) {
+ tv.tv_sec = sb->sb_timeout_api;
+ tv.tv_usec = 0;
+ ldap_set_option( ld, LDAP_OPT_TIMEOUT, &tv );
+ }
+
+ if ( sb->sb_timeout_net ) {
+ tv.tv_sec = sb->sb_timeout_net;
+ tv.tv_usec = 0;
+ ldap_set_option( ld, LDAP_OPT_NETWORK_TIMEOUT, &tv );
+ }
+
#ifdef HAVE_TLS
if ( sb->sb_tls_do_init ) {
rc = bindconf_tls_set( sb, ld );
rc = SLAP_CONF_UNKNOWN;
ct = config_find_keyword( be->be_cf_ocs->co_table, &c );
- if ( ct )
+ if ( ct ) {
+ c.table = be->be_cf_ocs->co_type;
rc = config_add_vals( ct, &c );
+ }
return rc;
}