/* config.c - configuration file handling routines */
/* $OpenLDAP$ */
-/*
- * Copyright 1998-2003 The OpenLDAP Foundation, All Rights Reserved.
- * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2004 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* Portions Copyright (c) 1995 Regents of the University of Michigan.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that this notice is preserved and that due credit is given
+ * to the University of Michigan at Ann Arbor. The name of the University
+ * may not be used to endorse or promote products derived from this
+ * software without specific prior written permission. This software
+ * is provided ``as is'' without express or implied warranty.
*/
#include "portable.h"
#include "ldap_pvt.h"
#include "slap.h"
#ifdef LDAP_SLAPI
-#include "slapi.h"
+#include "slapi/slapi.h"
#endif
#include "lutil.h"
0,
-1, /* no limit on unchecked size */
0, /* page limit */
- 0 /* hide number of entries left */
+ 0, /* hide number of entries left */
+ 0 /* number of total entries returned by pagedResults equal to hard limit */
};
AccessControl *global_acl = NULL;
char *global_host = NULL;
char *global_realm = NULL;
char *ldap_srvtab = "";
-char *default_passwd_hash = NULL;
+char **default_passwd_hash = NULL;
int cargc = 0, cargv_size = 0;
char **cargv;
-struct berval default_search_base = { 0, NULL };
-struct berval default_search_nbase = { 0, NULL };
+struct berval default_search_base = BER_BVNULL;
+struct berval default_search_nbase = BER_BVNULL;
unsigned num_subordinates = 0;
-struct berval global_schemadn = { 0, NULL };
-struct berval global_schemandn = { 0, NULL };
+struct berval global_schemadn = BER_BVNULL;
+struct berval global_schemandn = BER_BVNULL;
ber_len_t sockbuf_max_incoming = SLAP_SB_MAX_INCOMING_DEFAULT;
ber_len_t sockbuf_max_incoming_auth= SLAP_SB_MAX_INCOMING_AUTH;
int slapi_plugins_used = 0;
#endif
-static char *fp_getline(FILE *fp, int *lineno);
-static void fp_getline_init(int *lineno);
-static int fp_parse_line(int lineno, char *line);
+static char *fp_getline(FILE *fp, int *lineno);
+static void fp_getline_init(int *lineno);
+static int fp_parse_line(int lineno, char *line);
static char *strtok_quote(char *line, char *sep);
-static int load_ucdata(char *path);
+static int load_ucdata(char *path);
-static int add_syncrepl LDAP_P(( Backend *, char **, int ));
-static int parse_syncrepl_line LDAP_P(( char **, int, syncinfo_t *));
+static int add_syncrepl LDAP_P(( Backend *, char **, int ));
+static int parse_syncrepl_line LDAP_P(( char **, int, syncinfo_t *));
int
read_config( const char *fname, int depth )
return 1;
}
-
- if ( lutil_passwd_scheme( cargv[1] ) == 0 ) {
+ for(i = 1; i < cargc; i++) {
+ if ( lutil_passwd_scheme( cargv[i] ) == 0 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( CONFIG, CRIT,
+ "%s: line %d: password scheme \"%s\" not available\n",
+ fname, lineno, cargv[i] );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: password scheme \"%s\" not available\n",
+ fname, lineno, cargv[i] );
+#endif
+ } else {
+ ldap_charray_add( &default_passwd_hash, cargv[i] );
+ }
+ }
+ if( !default_passwd_hash ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT,
- "%s: line %d: password scheme \"%s\" not available\n",
- fname, lineno, cargv[1] );
+ "%s: line %d: no valid hashes found\n",
+ fname, lineno, 0 );
#else
Debug( LDAP_DEBUG_ANY,
- "%s: line %d: password scheme \"%s\" not available\n",
- fname, lineno, cargv[1] );
-#endif
+ "%s: line %d: no valid hashes found\n",
+ fname, lineno, 0 );
return 1;
+#endif
}
- default_passwd_hash = ch_strdup( cargv[1] );
-
} else if ( strcasecmp( cargv[0], "password-crypt-salt-format" ) == 0 )
{
if ( cargc < 2 ) {
lutil_salt_format( cargv[1] );
- /* SASL config options */
- } else if ( strncasecmp( cargv[0], "sasl", 4 ) == 0 ) {
+#ifdef SLAP_SASL_REWRITE
+ /* use authid rewrite instead of sasl regexp */
+ } else if ( strncasecmp( cargv[0], "auth-rewrite",
+ sizeof("auth-rewrite") - 1 ) == 0 )
+ {
+ int rc = slap_sasl_rewrite_config( fname, lineno,
+ cargc, cargv );
+ if ( rc ) {
+ return rc;
+ }
+#endif /* SLAP_SASL_REWRITE */
+
+ /* Auth + SASL config options */
+ } else if ( !strncasecmp( cargv[0], "auth", sizeof("auth")-1 ) ||
+ !strncasecmp( cargv[0], "sasl", sizeof("sasl")-1 ))
+ {
if ( slap_sasl_config( cargc, cargv, line, fname, lineno ) )
return 1;
+
} else if ( strcasecmp( cargv[0], "schemadn" ) == 0 ) {
struct berval dn;
if ( cargc < 2 ) {
for ( i = 1; i < cargc; i++ ) {
if ( strncasecmp( cargv[i], "size", 4 ) == 0 ) {
- rc = parse_limit( cargv[i], lim );
+ rc = limits_parse_one( cargv[i], lim );
if ( rc ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT,
for ( i = 1; i < cargc; i++ ) {
if ( strncasecmp( cargv[i], "time", 4 ) == 0 ) {
- rc = parse_limit( cargv[i], lim );
+ rc = limits_parse_one( cargv[i], lim );
if ( rc ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, CRIT,
return( 1 );
}
- if ( parse_limits( be, fname, lineno, cargc, cargv ) ) {
+ if ( limits_parse( be, fname, lineno, cargc, cargv ) ) {
return( 1 );
}
return 1;
} else {
- be->be_flags |= SLAP_BFLAG_GLUE_SUBORDINATE;
+ SLAP_DBFLAGS(be) |= SLAP_DBFLAG_GLUE_SUBORDINATE;
num_subordinates++;
}
#endif
return 1;
- } else if ( overlay_config( be, cargv[1] )) {
- return 1;
+ } else {
+ if ( cargv[1][0] == '-' && overlay_config( be, &cargv[1][1] ) ) {
+ /* log error */
+#ifdef NEW_LOGGING
+ LDAP_LOG( CONFIG, INFO, "%s: line %d: "
+ "(optional) overlay \"%s\" configuration "
+ "failed (ignored)\n", fname, lineno, &cargv[1][1] );
+#else
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+ "(optional) overlay \"%s\" configuration "
+ "failed (ignored)\n", fname, lineno, &cargv[1][1] );
+#endif
+ } else if ( overlay_config( be, cargv[1] ) ) {
+ return 1;
+ }
}
/* set database suffix */
"a database definition.\n", fname, lineno, 0);
#endif
return 1;
- } else {
- if ( add_syncrepl( be, cargv, cargc )) {
- return 1;
- }
+
+ } else if ( SLAP_SHADOW( be )) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( CONFIG, INFO,
+ "%s: line %d: syncrepl: database already shadowed.\n",
+ fname, lineno, 0);
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: syncrepl: database already shadowed.\n",
+ fname, lineno, 0);
+#endif
+ return 1;
+
+ } else if ( add_syncrepl( be, cargv, cargc )) {
+ return 1;
}
+ SLAP_DBFLAGS(be) |= ( SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SYNC_SHADOW );
+
/* list of replicas of the data in this backend (master only) */
} else if ( strcasecmp( cargv[0], "replica" ) == 0 ) {
if ( cargc < 2 ) {
}
}
+ } else if ( strcasecmp( cargv[0], "replicationInterval" ) == 0 ) {
+ /* ignore */
+
/* dn of slave entity allowed to write to replica */
} else if ( strcasecmp( cargv[0], "updatedn" ) == 0 ) {
if ( cargc < 2 ) {
#endif
return 1;
+ } else if ( SLAP_SHADOW(be) ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( CONFIG, INFO,
+ "%s: line %d: updatedn: database already shadowed.\n",
+ fname, lineno, 0);
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: updatedn: database already shadowed.\n",
+ fname, lineno, 0);
+#endif
+ return 1;
+
} else {
struct berval dn;
#endif
return 1;
}
+
}
+ SLAP_DBFLAGS(be) |= ( SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SLURP_SHADOW );
} else if ( strcasecmp( cargv[0], "updateref" ) == 0 ) {
if ( cargc < 2 ) {
#endif
return 1;
- } else if ( !be->be_update_ndn.bv_len ) {
+ } else if ( !SLAP_SHADOW(be) ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, INFO, "%s: line %d: "
- "updateref line must come after updatedn.\n",
+ "updateref line must come after syncrepl or updatedn.\n",
fname, lineno , 0 );
#else
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
- "updateref line must after updatedn.\n",
+ "updateref line must after syncrepl or updatedn.\n",
fname, lineno, 0 );
#endif
return 1;
vals[0].bv_val = cargv[1];
vals[0].bv_len = strlen( vals[0].bv_val );
- if( value_add( &be->be_update_refs, vals ) )
+ if( value_add( &be->be_update_refs, vals ) ) {
return LDAP_OTHER;
+ }
/* replication log file to which changes are appended */
} else if ( strcasecmp( cargv[0], "replogfile" ) == 0 ) {
}
if ( strcasecmp( cargv[1], "on" ) == 0 ) {
if ( be ) {
- be->be_flags &= ~SLAP_BFLAG_NOLASTMOD;
+ SLAP_DBFLAGS(be) &= ~SLAP_DBFLAG_NOLASTMOD;
} else {
lastmod = 1;
}
} else {
if ( be ) {
- be->be_flags |= SLAP_BFLAG_NOLASTMOD;
+ SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NOLASTMOD;
} else {
lastmod = 0;
}
}
#endif /* notdef */
- if ( netscape_plugin( be, fname, lineno, cargc, cargv )
+ if ( slapi_int_read_config( be, fname, lineno, cargc, cargv )
!= LDAP_SUCCESS ) {
return( 1 );
}
/* pass anything else to the current backend info/db config routine */
} else {
if ( bi != NULL ) {
- if ( bi->bi_config == 0 ) {
+ if ( bi->bi_config ) {
+ rc = (*bi->bi_config)( bi, fname, lineno, cargc, cargv );
+
+ switch ( rc ) {
+ case 0:
+ break;
+
+ case SLAP_CONF_UNKNOWN:
#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, INFO,
- "%s: line %d: unknown directive \"%s\" inside "
- "backend info definition (ignored).\n",
- fname, lineno, cargv[0] );
+ LDAP_LOG( CONFIG, INFO,
+ "%s: line %d: unknown directive \"%s\" inside "
+ "backend info definition (ignored).\n",
+ fname, lineno, cargv[0] );
#else
- Debug( LDAP_DEBUG_ANY,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unknown directive \"%s\" inside backend info definition (ignored)\n",
- fname, lineno, cargv[0] );
+ fname, lineno, cargv[0] );
#endif
+ break;
- } else {
- if ( (*bi->bi_config)( bi, fname, lineno, cargc, cargv )
- != 0 )
- {
- return( 1 );
+ default:
+ return 1;
}
}
+
} else if ( be != NULL ) {
- if ( be->be_config == 0 ) {
+ if ( be->be_config ) {
+ rc = (*be->be_config)( be, fname, lineno, cargc, cargv );
+
+ switch ( rc ) {
+ case 0:
+ break;
+
+ case SLAP_CONF_UNKNOWN:
#ifdef NEW_LOGGING
- LDAP_LOG( CONFIG, INFO,
- "%s: line %d: uknown directive \"%s\" inside "
- "backend database definition (ignored).\n",
- fname, lineno, cargv[0] );
+ LDAP_LOG( CONFIG, INFO,
+ "%s: line %d: unknown directive \"%s\" inside "
+ "backend database definition (ignored).\n",
+ fname, lineno, cargv[0] );
#else
- Debug( LDAP_DEBUG_ANY,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unknown directive \"%s\" inside backend database definition (ignored)\n",
- fname, lineno, cargv[0] );
+ fname, lineno, cargv[0] );
#endif
+ break;
- } else {
- if ( (*be->be_config)( be, fname, lineno, cargc, cargv )
- != 0 )
- {
- return( 1 );
+ default:
+ return 1;
}
}
+
} else {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, INFO,
if ( slapd_pid_file )
free ( slapd_pid_file );
if ( default_passwd_hash )
- free( default_passwd_hash );
+ ldap_charray_free( default_passwd_hash );
acl_destroy( global_acl, NULL );
}
if ( si->si_rid == si_entry->si_rid ) {
#ifdef NEW_LOGGING
LDAP_LOG( CONFIG, ERR,
- "add_syncrepl: duplicaetd replica id\n", 0, 0,0 );
+ "add_syncrepl: duplicated replica id\n", 0, 0,0 );
#else
Debug( LDAP_DEBUG_ANY,
- "add_syncrepl: duplicated replica id\n",0, 0, 0 );
+ "add_syncrepl: duplicated replica id\n",0, 0, 0 );
#endif
duplicated_replica_id = 1;
break;
ch_free( si->si_filterstr.bv_val );
}
if ( si_entry->si_attrs ) {
- int i;
+ int i = 0;
while ( si_entry->si_attrs[i] != NULL ) {
ch_free( si_entry->si_attrs[i] );
i++;
si->si_provideruri == NULL ? "(null)" : si->si_provideruri, 0, 0 );
#endif
if ( !si->si_schemachecking ) {
- be->be_flags |= SLAP_BFLAG_NO_SCHEMA_CHECK;
+ SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK;
}
si->si_be = be;
LDAP_STAILQ_INSERT_TAIL( &be->be_syncinfo, si, si_next );
si->si_scope = LDAP_SCOPE_BASE;
} else if ( !strncasecmp( val, "one", sizeof( "one" ) - 1 )) {
si->si_scope = LDAP_SCOPE_ONELEVEL;
+#ifdef LDAP_SCOPE_SUBORDINATE
+ } else if ( !strcasecmp( val, "subordinate" ) ||
+ !strcasecmp( val, "children" ))
+ {
+ si->si_scope = LDAP_SCOPE_SUBORDINATE;
+#endif
} else if ( !strncasecmp( val, "sub", sizeof( "sub" ) - 1 )) {
si->si_scope = LDAP_SCOPE_SUBTREE;
} else {