char *strtok_quote_ptr;
-int nSaslRegexp = 0;
-SaslRegexp_t *SaslRegexp = NULL;
-
#ifdef SLAPD_RLOOKUPS
int use_reverse_lookup = 1;
#else /* !SLAPD_RLOOKUPS */
lutil_salt_format( cargv[1] );
- /* set SASL host */
- } else if ( strcasecmp( cargv[0], "sasl-host" ) == 0 ) {
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d: missing host in \"sasl-host <host>\" line\n",
- fname, lineno ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing host in \"sasl-host <host>\" line\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
-
- if ( global_host != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d: already set sasl-host!\n",
- fname, lineno ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: already set sasl-host!\n",
- fname, lineno, 0 );
-#endif
-
- return 1;
-
- } else {
- global_host = ch_strdup( cargv[1] );
- }
-
- /* set SASL realm */
- } else if ( strcasecmp( cargv[0], "sasl-realm" ) == 0 ) {
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d: missing realm in \"sasl-realm <realm>\" line.\n",
- fname, lineno ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing realm in \"sasl-realm <realm>\" line\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
-
- if ( global_realm != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d: already set sasl-realm!\n",
- fname, lineno ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: already set sasl-realm!\n",
- fname, lineno, 0 );
-#endif
-
- return 1;
-
- } else {
- global_realm = ch_strdup( cargv[1] );
- }
-
- } else if ( !strcasecmp( cargv[0], "sasl-regexp" )
- || !strcasecmp( cargv[0], "saslregexp" ) )
- {
- int rc;
- if ( cargc != 3 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d: need 2 args in "
- "\"saslregexp <match> <replace>\"\n",
- fname, lineno ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: need 2 args in \"saslregexp <match> <replace>\"\n",
- fname, lineno, 0 );
-#endif
-
- return( 1 );
- }
- rc = slap_sasl_regexp_config( cargv[1], cargv[2] );
- if ( rc ) {
- return rc;
- }
-
- /* SASL security properties */
- } else if ( strcasecmp( cargv[0], "sasl-secprops" ) == 0 ) {
- char *txt;
-
- if ( cargc < 2 ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d: missing flags in "
- "\"sasl-secprops <properties>\" line\n",
- fname, lineno ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing flags in \"sasl-secprops <properties>\" line\n",
- fname, lineno, 0 );
-#endif
-
+#ifdef HAVE_CYRUS_SASL
+ /* SASL config options */
+ } else if ( strncasecmp( cargv[0], "sasl", 4 ) == 0 ) {
+ if ( slap_sasl_config( cargc, cargv, line, fname, lineno ) )
return 1;
- }
-
- txt = slap_sasl_secprops( cargv[1] );
- if ( txt != NULL ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d sas-secprops: %s\n",
- fname, lineno, txt ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: sasl-secprops: %s\n",
- fname, lineno, txt );
-#endif
-
- return 1;
- }
+#endif /* HAVE_CYRUS_SASL */
/* set UCDATA path */
} else if ( strcasecmp( cargv[0], "ucdata-path" ) == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO, "%s: line %d: "
"subordinate keyword must appear inside a database "
- "definition (ignored).\n", fname, lineno ));
+ "definition.\n", fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY, "%s: line %d: suffix line "
- "must appear inside a database definition (ignored)\n",
+ "must appear inside a database definition.\n",
fname, lineno, 0 );
#endif
+ return 1;
+
} else {
be->be_flags |= SLAP_BFLAG_GLUE_SUBORDINATE;
num_subordinates++;
"\"suffixAlias <alias> <aliased_dn>\" line\n",
fname, lineno, 0 );
#endif
-
return( 1 );
+
} else if ( cargc > 3 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
"%s: line %d: extra cruft in suffixAlias line (ignored)\n",
fname, lineno, 0 );
#endif
-
}
if ( be == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: suffixAlias line must appear inside a "
- "database definition (ignored).\n", fname, lineno ));
+ "database definition.\n", fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: suffixAlias line"
- " must appear inside a database definition (ignored)\n",
+ " must appear inside a database definition.\n",
fname, lineno, 0 );
#endif
+ return 1;
}
if ( load_ucdata( NULL ) < 0 ) return 1;
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: depth line must appear inside a database "
- "definition (ignored)\n", fname, lineno ));
+ "definition.\n", fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY,
-"%s: line %d: depth line must appear inside a database definition (ignored)\n",
+"%s: line %d: depth line must appear inside a database definition.\n",
fname, lineno, 0 );
#endif
+ return 1;
} else if ((i = atoi(cargv[1])) < 0) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
- "%s: line %d: depth must be positive (ignored).\n",
+ "%s: line %d: depth must be positive.\n",
fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY,
-"%s: line %d: depth must be positive (ignored)\n",
+"%s: line %d: depth must be positive.\n",
fname, lineno, 0 );
#endif
+ return 1;
} else {
return( 1 );
}
+
if ( be == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: rootdn line must appear inside a database "
- "definition (ignored).\n", fname, lineno ));
+ "definition.\n", fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY,
-"%s: line %d: rootdn line must appear inside a database definition (ignored)\n",
+"%s: line %d: rootdn line must appear inside a database definition.\n",
fname, lineno, 0 );
#endif
+ return 1;
} else {
struct berval dn;
if ( cargc < 2 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "%s: line %d: missing passwd in \"rootpw <passwd>\""
- " line\n", fname, lineno ));
+ "%s: line %d: missing passwd in \"rootpw <passwd>\""
+ " line\n", fname, lineno ));
#else
- Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing passwd in \"rootpw <passwd>\" line\n",
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "missing passwd in \"rootpw <passwd>\" line\n",
fname, lineno, 0 );
#endif
return( 1 );
}
+
if ( be == NULL ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_INFO,
- "%s: line %d: rootpw line must appear inside a database "
- "definition (ignored)\n", fname, lineno ));
+ LDAP_LOG(( "config", LDAP_LEVEL_INFO, "%s: line %d: "
+ "rootpw line must appear inside a database "
+ "definition.\n", fname, lineno ));
#else
- Debug( LDAP_DEBUG_ANY,
-"%s: line %d: rootpw line must appear inside a database definition (ignored)\n",
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "rootpw line must appear inside a database "
+ "definition.\n",
fname, lineno, 0 );
#endif
+ return 1;
} else {
+ Backend *tmp_be = select_backend( &be->be_rootndn, 0, 0 );
+
+ if( tmp_be != be ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_INFO,
+ "%s: line %d: "
+ "rootpw can only be set when rootdn is under suffix\n"
+ fname, lineno ));
+#else
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "rootpw can only be set when rootdn is under suffix\n",
+ fname, lineno, 0 );
+#endif
+ return 1;
+ }
+
be->be_rootpw.bv_val = ch_strdup( cargv[1] );
be->be_rootpw.bv_len = strlen( be->be_rootpw.bv_val );
}
} else if( strcasecmp( cargv[i], "bind_simple" ) == 0 ) {
disallows |= SLAP_DISALLOW_BIND_SIMPLE;
+ } else if( strcasecmp( cargv[i], "bind_simple_unprotected" ) == 0 ) {
+ disallows |= SLAP_DISALLOW_BIND_SIMPLE_UNPROTECTED;
+
} else if( strcasecmp( cargv[i], "bind_krbv4" ) == 0 ) {
disallows |= SLAP_DISALLOW_BIND_KRBV4;
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: replica line must appear inside "
- "a database definition (ignored).\n", fname, lineno ));
+ "a database definition.\n", fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY,
-"%s: line %d: replica line must appear inside a database definition (ignored)\n",
+"%s: line %d: replica line must appear inside a database definition\n",
fname, lineno, 0 );
#endif
+ return 1;
} else {
int nr = -1;
if ( i == cargc ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
- "%s: line %d: missing host in \"replica\" "
- "line (ignored)\n", fname, lineno ));
+ "%s: line %d: missing host in \"replica\" line\n",
+ fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY,
- "%s: line %d: missing host in \"replica\" line (ignored)\n",
+ "%s: line %d: missing host in \"replica\" line\n",
fname, lineno, 0 );
#endif
+ return 1;
} else if ( nr == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: unable to add"
- " replica \"%s\""
- " (ignored)\n",
+ " replica \"%s\"\n",
fname, lineno,
cargv[i] + 5 ));
#else
Debug( LDAP_DEBUG_ANY,
- "%s: line %d: unable to add replica \"%s\" (ignored)\n",
+ "%s: line %d: unable to add replica \"%s\"\n",
fname, lineno, cargv[i] + 5 );
#endif
+ return 1;
} else {
for ( i = 1; i < cargc; i++ ) {
if ( strncasecmp( cargv[i], "suffix=", 7 ) == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: updatedn line must appear inside "
- "a database definition (ignored)\n",
+ "a database definition\n",
fname, lineno ));
#else
Debug( LDAP_DEBUG_ANY,
-"%s: line %d: updatedn line must appear inside a database definition (ignored)\n",
+"%s: line %d: updatedn line must appear inside a database definition\n",
fname, lineno, 0 );
#endif
+ return 1;
} else {
struct berval dn;