add logs; fix bug in group/dn selection logic

[openldap] / servers / slapd / config.c

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 03ed198d51a2917fd77dd7b939653eda5c0c3130..dd9fb612c2afc17da6f44f82559669fade3ed2c8 100644 (file)
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -54,7 +54,8 @@ struct slap_limits_set deflimit = {
        0,
        -1,                             /* no limit on unchecked size */
        0,                              /* page limit */
-       0                               /* hide number of entries left */
+       0,                              /* hide number of entries left */
+       0                               /* number of total entries returned by pagedResults equal to hard limit */
 };
 
 AccessControl  *global_acl = NULL;
@@ -73,11 +74,11 @@ char                *ldap_srvtab = "";
 char           **default_passwd_hash = NULL;
 int            cargc = 0, cargv_size = 0;
 char   **cargv;
-struct berval default_search_base = { 0, NULL };
-struct berval default_search_nbase = { 0, NULL };
+struct berval default_search_base = BER_BVNULL;
+struct berval default_search_nbase = BER_BVNULL;
 unsigned               num_subordinates = 0;
-struct berval global_schemadn = { 0, NULL };
-struct berval global_schemandn = { 0, NULL };
+struct berval global_schemadn = BER_BVNULL;
+struct berval global_schemandn = BER_BVNULL;
 
 ber_len_t sockbuf_max_incoming = SLAP_SB_MAX_INCOMING_DEFAULT;
 ber_len_t sockbuf_max_incoming_auth= SLAP_SB_MAX_INCOMING_AUTH;
@@ -682,19 +683,25 @@ read_config( const char *fname, int depth )
 
                        lutil_salt_format( cargv[1] );
 
-               /* SASL config options */
-               } else if ( strncasecmp( cargv[0], "sasl", 4 ) == 0 ) {
-                       if ( slap_sasl_config( cargc, cargv, line, fname, lineno ) )
-                               return 1;
-#ifdef SLAP_X_SASL_REWRITE
+#ifdef SLAP_SASL_REWRITE
                /* use authid rewrite instead of sasl regexp */
-               } else if ( strncasecmp( cargv[0], "authid-rewrite", sizeof("authid-rewrite") - 1 ) == 0 ) {
+               } else if ( strncasecmp( cargv[0], "auth-rewrite",
+                       sizeof("auth-rewrite") - 1 ) == 0 )
+               {
                        int rc = slap_sasl_rewrite_config( fname, lineno,
                                        cargc, cargv );
                        if ( rc ) {
                                return rc;
                        }
-#endif /* SLAP_X_SASL_REWRITE */
+#endif /* SLAP_SASL_REWRITE */
+
+               /* Auth + SASL config options */
+               } else if ( !strncasecmp( cargv[0], "auth", sizeof("auth")-1 ) ||
+                       !strncasecmp( cargv[0], "sasl", sizeof("sasl")-1 ))
+               {
+                       if ( slap_sasl_config( cargc, cargv, line, fname, lineno ) )
+                               return 1;
+
 
                } else if ( strcasecmp( cargv[0], "schemadn" ) == 0 ) {
                        struct berval dn;
@@ -960,7 +967,7 @@ read_config( const char *fname, int depth )
                                return 1;
 
                        } else {
-                               be->be_flags |= SLAP_BFLAG_GLUE_SUBORDINATE;
+                               SLAP_DBFLAGS(be) |= SLAP_DBFLAG_GLUE_SUBORDINATE;
                                num_subordinates++;
                        }
 
@@ -978,8 +985,21 @@ read_config( const char *fname, int depth )
 #endif
                                return 1;
 
-                       } else if ( overlay_config( be, cargv[1] )) {
-                               return 1;
+                       } else {
+                               if ( cargv[1][0] == '-' && overlay_config( be, &cargv[1][1] ) ) {
+                                       /* log error */
+#ifdef NEW_LOGGING
+                                       LDAP_LOG( CONFIG, INFO, "%s: line %d: "
+                                               "(optional) overlay \"%s\" configuration "
+                                               "failed (ignored)\n", fname, lineno, &cargv[1][1] );
+#else
+                                       Debug( LDAP_DEBUG_ANY, "%s: line %d: "
+                                               "(optional) overlay \"%s\" configuration "
+                                               "failed (ignored)\n", fname, lineno, &cargv[1][1] );
+#endif
+                               } else if ( overlay_config( be, cargv[1] ) ) {
+                                       return 1;
+                               }
                        }
 
                /* set database suffix */
@@ -1801,12 +1821,25 @@ read_config( const char *fname, int depth )
                                            "a database definition.\n", fname, lineno, 0);
 #endif
                                return 1;
-                       } else {
-                               if ( add_syncrepl( be, cargv, cargc )) {
-                                       return 1;
-                               }
+
+                       } else if ( SLAP_SHADOW( be )) {
+#ifdef NEW_LOGGING
+                               LDAP_LOG( CONFIG, INFO, 
+                                       "%s: line %d: syncrepl: database already shadowed.\n",
+                                       fname, lineno, 0);
+#else
+                               Debug( LDAP_DEBUG_ANY,
+                                       "%s: line %d: syncrepl: database already shadowed.\n",
+                                       fname, lineno, 0);
+#endif
+                               return 1;
+
+                       } else if ( add_syncrepl( be, cargv, cargc )) {
+                               return 1;
                        }
 
+                       SLAP_DBFLAGS(be) |= ( SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SYNC_SHADOW );
+
                /* list of replicas of the data in this backend (master only) */
                } else if ( strcasecmp( cargv[0], "replica" ) == 0 ) {
                        if ( cargc < 2 ) {
@@ -2010,6 +2043,18 @@ read_config( const char *fname, int depth )
 #endif
                                return 1;
 
+                       } else if ( SLAP_SHADOW(be) ) {
+#ifdef NEW_LOGGING
+                               LDAP_LOG( CONFIG, INFO, 
+                                       "%s: line %d: updatedn: database already shadowed.\n",
+                                       fname, lineno, 0);
+#else
+                               Debug( LDAP_DEBUG_ANY,
+                                       "%s: line %d: updatedn: database already shadowed.\n",
+                                       fname, lineno, 0);
+#endif
+                               return 1;
+
                        } else {
                                struct berval dn;
 
@@ -2031,7 +2076,9 @@ read_config( const char *fname, int depth )
 #endif
                                        return 1;
                                }
+
                        }
+                       SLAP_DBFLAGS(be) |= ( SLAP_DBFLAG_SHADOW | SLAP_DBFLAG_SLURP_SHADOW );
 
                } else if ( strcasecmp( cargv[0], "updateref" ) == 0 ) {
                        if ( cargc < 2 ) {
@@ -2059,14 +2106,14 @@ read_config( const char *fname, int depth )
 #endif
                                return 1;
 
-                       } else if ( !be->be_update_ndn.bv_len ) {
+                       } else if ( !SLAP_SHADOW(be) ) {
 #ifdef NEW_LOGGING
                                LDAP_LOG( CONFIG, INFO, "%s: line %d: "
-                                       "updateref line must come after updatedn.\n",
+                                       "updateref line must come after syncrepl or updatedn.\n",
                                        fname, lineno , 0 );
 #else
                                Debug( LDAP_DEBUG_ANY, "%s: line %d: "
-                                       "updateref line must after updatedn.\n",
+                                       "updateref line must after syncrepl or updatedn.\n",
                                    fname, lineno, 0 );
 #endif
                                return 1;
@@ -2087,8 +2134,9 @@ read_config( const char *fname, int depth )
 
                        vals[0].bv_val = cargv[1];
                        vals[0].bv_len = strlen( vals[0].bv_val );
-                       if( value_add( &be->be_update_refs, vals ) )
+                       if( value_add( &be->be_update_refs, vals ) ) {
                                return LDAP_OTHER;
+                       }
 
                /* replication log file to which changes are appended */
                } else if ( strcasecmp( cargv[0], "replogfile" ) == 0 ) {
@@ -2156,13 +2204,13 @@ read_config( const char *fname, int depth )
                        }
                        if ( strcasecmp( cargv[1], "on" ) == 0 ) {
                                if ( be ) {
-                                       be->be_flags &= ~SLAP_BFLAG_NOLASTMOD;
+                                       SLAP_DBFLAGS(be) &= ~SLAP_DBFLAG_NOLASTMOD;
                                } else {
                                        lastmod = 1;
                                }
                        } else {
                                if ( be ) {
-                                       be->be_flags |= SLAP_BFLAG_NOLASTMOD;
+                                       SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NOLASTMOD;
                                } else {
                                        lastmod = 0;
                                }
@@ -2913,7 +2961,7 @@ add_syncrepl(
                        si->si_provideruri == NULL ? "(null)" : si->si_provideruri, 0, 0 );
 #endif
                if ( !si->si_schemachecking ) {
-                       be->be_flags |= SLAP_BFLAG_NO_SCHEMA_CHECK;
+                       SLAP_DBFLAGS(be) |= SLAP_DBFLAG_NO_SCHEMA_CHECK;
                }
                si->si_be = be;
                LDAP_STAILQ_INSERT_TAIL( &be->be_syncinfo, si, si_next );