#include <ac/string.h>
#include <ac/ctype.h>
#include <ac/socket.h>
+#include <ac/errno.h>
#include "lutil.h"
#include "ldap_pvt.h"
#include "slap.h"
-#define MAXARGS 200
+#define MAXARGS 500
/*
* defaults for various global variables
*/
-int defsize = SLAPD_DEFAULT_SIZELIMIT;
-int deftime = SLAPD_DEFAULT_TIMELIMIT;
+struct slap_limits_set deflimit = {
+ SLAPD_DEFAULT_TIMELIMIT, /* backward compatible limits */
+ 0,
+
+ SLAPD_DEFAULT_SIZELIMIT, /* backward compatible limits */
+ 0,
+ -1 /* no limit on unchecked size */
+};
+
AccessControl *global_acl = NULL;
slap_access_t global_default_access = ACL_READ;
slap_mask_t global_restrictops = 0;
if ( (fp = fopen( fname, "r" )) == NULL ) {
ldap_syslog = 1;
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_ENTRY, "read_config: "
+ "could not open config file \"%s\": %s (%d)\n",
+ fname, strerror(errno), errno ));
+#else
Debug( LDAP_DEBUG_ANY,
- "could not open config file \"%s\" - absolute path?\n",
- fname, 0, 0 );
- perror( fname );
+ "could not open config file \"%s\": %s (%d)\n",
+ fname, strerror(errno), errno );
+#endif
return 1;
}
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_ENTRY,
- "read_config: reading config file %s\n", fname ));
+ "read_config: reading config file %s\n", fname ));
#else
Debug( LDAP_DEBUG_CONFIG, "reading config file %s\n", fname, 0, 0 );
#endif
return( 1 );
}
- /* set time limit */
+ /* set size limit */
} else if ( strcasecmp( cargv[0], "sizelimit" ) == 0 ) {
+ int rc = 0, i;
+ struct slap_limits_set *lim;
+
if ( cargc < 2 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
return( 1 );
}
+
if ( be == NULL ) {
- defsize = atoi( cargv[1] );
+ lim = &deflimit;
} else {
- be->be_sizelimit = atoi( cargv[1] );
+ lim = &be->be_def_limit;
+ }
+
+ for ( i = 1; i < cargc; i++ ) {
+ if ( strncasecmp( cargv[i], "size", 4 ) == 0 ) {
+ rc = parse_limit( cargv[i], lim );
+ } else {
+ lim->lms_s_soft = atoi( cargv[i] );
+ lim->lms_s_hard = 0;
+ }
+
+ if ( rc ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
+ "%s: line %d: unable "
+ "to parse value \"%s\" "
+ "in \"sizelimit "
+ "<limit>\" line.\n",
+ fname, lineno, cargv[i] ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: unable "
+ "to parse value \"%s\" "
+ "in \"sizelimit "
+ "<limit>\" line\n",
+ fname, lineno, cargv[i] );
+#endif
+ }
}
/* set time limit */
} else if ( strcasecmp( cargv[0], "timelimit" ) == 0 ) {
+ int rc = 0, i;
+ struct slap_limits_set *lim;
+
if ( cargc < 2 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
return( 1 );
}
+
if ( be == NULL ) {
- deftime = atoi( cargv[1] );
+ lim = &deflimit;
} else {
- be->be_timelimit = atoi( cargv[1] );
+ lim = &be->be_def_limit;
+ }
+
+ for ( i = 1; i < cargc; i++ ) {
+ if ( strncasecmp( cargv[i], "time", 4 ) == 0 ) {
+ rc = parse_limit( cargv[i], lim );
+ } else {
+ lim->lms_t_soft = atoi( cargv[i] );
+ lim->lms_t_hard = 0;
+ }
+
+ if ( rc ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
+ "%s: line %d: unable "
+ "to parse value \"%s\" "
+ "in \"timelimit "
+ "<limit>\" line.\n",
+ fname, lineno, cargv[i] ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: unable "
+ "to parse value \"%s\" "
+ "in \"timelimit "
+ "<limit>\" line\n",
+ fname, lineno, cargv[i] );
+#endif
+ }
+ }
+
+ /* set regex-based limits */
+ } else if ( strcasecmp( cargv[0], "limits" ) == 0 ) {
+ if ( be == NULL ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_WARNING,
+ "%s: line %d \"limits\" allowed only in database environment.\n",
+ fname, lineno ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d \"limits\" allowed only in database environment.\n%s",
+ fname, lineno, "" );
+#endif
+ return( 1 );
+ }
+
+ if ( parse_limits( be, fname, lineno, cargc, cargv ) ) {
+ return( 1 );
}
/* set database suffix */
if ( strncasecmp( cargv[i], "suffix=", 7 ) == 0 ) {
char *nsuffix = ch_strdup( cargv[i] + 7 );
if ( dn_normalize( nsuffix ) != NULL ) {
- charray_add( &be->be_replica[nr]->ri_nsuffix, nsuffix );
+ if ( select_backend( nsuffix, 0 ) == be ) {
+ charray_add( &be->be_replica[nr]->ri_nsuffix, nsuffix );
+ } else {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "config", LDAP_LEVEL_INFO,
+ "%s: line %d: suffix \"%s\" in \"replica\" line is not valid for backend (ignored)\n",
+ fname, lineno, cargv[i] + 7 ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "%s: line %d: suffix \"%s\" in \"replica\" line is not valid for backend (ignored)\n",
+ fname, lineno, cargv[i] + 7 );
+#endif
+ }
} else {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: unable to normalize suffix in \"replica\" line (ignored)\n",
fname, lineno ));
#else
- Debug( LDAP_DEBUG_ANY,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to normalize suffix in \"replica\" line (ignored)\n",
fname, lineno, 0 );
#endif
#endif /*SLAPD_MODULES*/
#ifdef HAVE_TLS
- } else if ( !strcasecmp( cargv[0], "TLSProtocol" ) ) {
- rc = ldap_pvt_tls_set_option( NULL,
- LDAP_OPT_X_TLS_PROTOCOL,
- cargv[1] );
- if ( rc )
- return rc;
-
} else if ( !strcasecmp( cargv[0], "TLSRandFile" ) ) {
rc = ldap_pvt_tls_set_option( NULL,
LDAP_OPT_X_TLS_RANDOM_FILE,
}
while ( fgets( buf, sizeof(buf), fp ) != NULL ) {
+ /* trim off \r\n or \n */
if ( (p = strchr( buf, '\n' )) != NULL ) {
+ if( p > buf && p[-1] == '\r' ) --p;
*p = '\0';
}
if ( ! isspace( (unsigned char) buf[0] ) ) {
projects / openldap / blobdiff