/* $OpenLDAP$ */
/*
- * Copyright 1998-1999 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
#include "portable.h"
+#include "slapi_common.h"
#include <stdio.h>
-#include <ac/signal.h>
#include <ac/socket.h>
#include <ac/string.h>
#include <ac/time.h>
#include <ac/unistd.h>
#include <ac/wait.h>
-#include <ac/signal.h>
#include <ac/errno.h>
+#include "ldap_pvt.h"
+
+
#include "slap.h"
+#include "slapi.h"
#include "lutil.h"
+#include "ldif.h"
#ifdef LDAP_SIGCHLD
static RETSIGTYPE wait4child( int sig );
#ifdef HAVE_NT_SERVICE_MANAGER
#define MAIN_RETURN(x) return
-struct sockaddr_in bind_addr;
-
-/* in nt_main.c */
-LIBLUTIL_F (SERVICE_STATUS) SLAPDServiceStatus;
-LIBLUTIL_F (SERVICE_STATUS_HANDLE) hSLAPDServiceStatus;
-extern ldap_pvt_thread_cond_t started_event, stopped_event;
-extern int is_NT_Service;
+static struct sockaddr_in bind_addr;
-void CommenceStartupProcessing( LPCTSTR serviceName,
+void CommenceStartupProcessing( LPCTSTR serverName,
void(*stopper)(int));
void ReportSlapdShutdownComplete( void );
void *getRegParam( char *svc, char *value );
#define DEFAULT_SYSLOG_USER LOG_LOCAL4
typedef struct _str2intDispatch {
- char *stringVal;
- int abbr;
- int intVal;
+ char *stringVal;
+ int abbr;
+ int intVal;
} STRDISP, *STRDISP_P;
/* table to compute syslog-options to integer */
-static STRDISP syslog_types[] = {
+static STRDISP syslog_types[] = {
{ "LOCAL0", sizeof("LOCAL0"), LOG_LOCAL0 },
{ "LOCAL1", sizeof("LOCAL1"), LOG_LOCAL1 },
{ "LOCAL2", sizeof("LOCAL2"), LOG_LOCAL2 },
static int cnvt_str2int( char *, STRDISP_P, int );
-#endif /* LOG_LOCAL4 */
+#endif /* LOG_LOCAL4 */
+static int check_config = 0;
static void
usage( char *name )
fprintf( stderr,
"usage: %s options\n", name );
fprintf( stderr,
-#if LDAP_CONNECTIONLESS
- "\t-c\t\tEnable (experimental) Connectionless LDAP\n"
-#endif
- "\t-d level\tDebug Level" "\n"
- "\t-f filename\tConfiguration File\n"
+ "\t-4\t\tIPv4 only\n"
+ "\t-6\t\tIPv6 only\n"
+ "\t-d level\tDebug level" "\n"
+ "\t-f filename\tConfiguration file\n"
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
- "\t-g group\tGroup (id or name) to ran as\n"
+ "\t-g group\tGroup (id or name) to run as\n"
#endif
- "\t-h URLs\tList of URLs to serve\n"
+ "\t-h URLs\t\tList of URLs to serve\n"
#ifdef LOG_LOCAL4
- "\t-l sysloguser\tSyslog User (default: LOCAL4)\n"
-#endif
-#ifdef HAVE_NT_EVENT_LOG
- "\t-n NTserviceName\tNT service name\n"
-#endif
-
- "\t-p port\tLDAP Port\n"
-#ifdef HAVE_TLS
- "\t-P port\tLDAP over TLS Port\n"
+ "\t-l facility\tSyslog facility (default: LOCAL4)\n"
#endif
- "\t-s level\tSyslog Level\n"
-#ifdef SLAPD_BDB2
- "\t-t\t\tEnable BDB2 timing\n"
+ "\t-n serverName\tService name\n"
+#ifdef HAVE_CHROOT
+ "\t-r directory\tSandbox directory to chroot to\n"
#endif
+ "\t-s level\tSyslog level\n"
+ "\t-t\t\tCheck configuration file and exit\n"
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
- "\t-u user\tUser (id or name) to ran as\n"
+ "\t-u user\t\tUser (id or name) to run as\n"
#endif
);
}
#endif
{
int i, no_detach = 0;
- int rc;
+ int rc = 1;
char *urls = NULL;
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
char *username = NULL;
char *groupname = NULL;
#endif
+#if defined(HAVE_CHROOT)
+ char *sandbox = NULL;
+#endif
#ifdef LOG_LOCAL4
- int syslogUser = DEFAULT_SYSLOG_USER;
+ int syslogUser = DEFAULT_SYSLOG_USER;
#endif
+
+ int g_argc = argc;
+ char **g_argv = argv;
-#ifdef HAVE_NT_EVENT_LOG
- char *NTservice = SERVICE_NAME;
-#endif
#ifdef HAVE_NT_SERVICE_MANAGER
char *configfile = ".\\slapd.conf";
#else
char *configfile = SLAPD_DEFAULT_CONFIGFILE;
#endif
- char *serverName;
- int serverMode = SLAP_SERVER_MODE;
-
- int port = LDAP_PORT;
-#ifdef HAVE_TLS
- int tls_port = LDAPS_PORT;
-#else
- int tls_port = 0;
-#endif
+ char *serverName = NULL;
+ int serverMode = SLAP_SERVER_MODE;
#ifdef CSRIMALLOC
FILE *leakfile;
}
#endif
- g_argc = argc;
- g_argv = argv;
#ifdef HAVE_NT_SERVICE_MANAGER
{
int *i;
char *newConfigFile;
+ char *newUrls;
+ char *regService = NULL;
if ( is_NT_Service ) {
- CommenceStartupProcessing( NTservice, slap_sig_shutdown );
+ serverName = argv[0];
+ CommenceStartupProcessing( serverName, slap_sig_shutdown );
+ if ( strcmp(serverName, SERVICE_NAME) )
+ regService = serverName;
}
- i = (int*)getRegParam( NULL, "Port" );
- if ( i != NULL )
- {
- port = *i;
- Debug ( LDAP_DEBUG_ANY, "new port from registry is: %d\n", port, 0, 0 );
- }
-#ifdef HAVE_TLS
- i = (int*)getRegParam( NULL, "TLSPort" );
- if ( i != NULL )
- {
- tls_port = *i;
- Debug ( LDAP_DEBUG_ANY, "new TLS port from registry is: %d\n", tls_port, 0, 0 );
- }
-#endif
- i = (int*)getRegParam( NULL, "DebugLevel" );
+ i = (int*)getRegParam( regService, "DebugLevel" );
if ( i != NULL )
{
slap_debug = *i;
+#ifdef NEW_LOGGING
+ lutil_log_initialize( argc, argv );
+ LDAP_LOG( SLAPD, INFO,
+ "main: new debug level from registry is: %d\n",
+ slap_debug, 0, 0 );
+#else
Debug( LDAP_DEBUG_ANY, "new debug level from registry is: %d\n", slap_debug, 0, 0 );
+#endif
+ }
+
+ newUrls = (char *) getRegParam(regService, "Urls");
+ if (newUrls)
+ {
+ if (urls)
+ ch_free(urls);
+
+ urls = ch_strdup(newUrls);
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, INFO,
+ "main: new urls from registry: %s\n", urls, 0, 0 );
+#else
+ Debug(LDAP_DEBUG_ANY, "new urls from registry: %s\n",
+ urls, 0, 0);
+#endif
+
}
- newConfigFile = (char*)getRegParam( NULL, "ConfigFile" );
+
+ newConfigFile = (char*)getRegParam( regService, "ConfigFile" );
if ( newConfigFile != NULL )
{
configfile = newConfigFile;
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, INFO,
+ "main: new config file from registry is: %s\n", configfile, 0, 0 );
+#else
Debug ( LDAP_DEBUG_ANY, "new config file from registry is: %s\n", configfile, 0, 0 );
+#endif
+
}
}
#endif
while ( (i = getopt( argc, argv,
- "d:f:h:p:s:"
+ "d:f:h:s:n:t"
+#if LDAP_PF_INET6
+ "46"
+#endif
+#ifdef HAVE_CHROOT
+ "r:"
+#endif
#ifdef LOG_LOCAL4
"l:"
#endif
-#ifdef SLAPD_BDB2
- "t"
-#endif
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
"u:g:"
-#endif
-#ifdef LDAP_CONNECTIONLESS
- "c"
-#endif
-#ifdef HAVE_NT_EVENT_LOG
- "n:"
-#endif
-#ifdef HAVE_TLS
- "P:"
#endif
)) != EOF ) {
switch ( i ) {
+#ifdef LDAP_PF_INET6
+ case '4':
+ slap_inet4or6 = AF_INET;
+ break;
+ case '6':
+ slap_inet4or6 = AF_INET6;
+ break;
+#endif
+
case 'h': /* listen URLs */
if ( urls != NULL ) free( urls );
urls = ch_strdup( optarg );
- break;
+ break;
case 'd': /* set debug level and 'do not detach' flag */
no_detach = 1;
configfile = ch_strdup( optarg );
break;
- case 'p': { /* port on which to listen */
- int p = atoi( optarg );
- if(! p ) {
- fprintf(stderr, "-p %s must be numeric\n", optarg);
- } else if( p < 0 || p >= 1<<16) {
- fprintf(stderr, "-p %s invalid\n", optarg);
- } else {
- port = p;
- }
- } break;
-
-#ifdef HAVE_TLS
- case 'P': { /* port on which to listen for TLS */
- int p = atoi( optarg );
- if(! p ) {
- fprintf(stderr, "-P %s must be numeric\n", optarg);
- } else if( p < 0 || p >= 1<<16) {
- fprintf(stderr, "-P %s invalid\n", optarg);
- } else {
- tls_port = p;
- }
- } break;
-#endif
-
case 's': /* set syslog level */
ldap_syslog = atoi( optarg );
break;
break;
#endif
-#ifdef LDAP_CONNECTIONLESS
- case 'c': /* do connectionless (udp) */
- /* udp = 1; */
- fprintf( stderr, "connectionless support not supported");
- exit( EXIT_FAILURE );
- break;
-#endif
-
-#ifdef SLAPD_BDB2
- case 't': /* timed server */
- serverMode |= SLAP_TIMED_MODE;
+#ifdef HAVE_CHROOT
+ case 'r':
+ if( sandbox ) free(sandbox);
+ sandbox = ch_strdup( optarg );
break;
#endif
break;
#endif /* SETUID && GETUID */
-#ifdef HAVE_NT_EVENT_LOG
case 'n': /* NT service name */
- NTservice = ch_strdup( optarg );
+ if( serverName != NULL ) free( serverName );
+ serverName = ch_strdup( optarg );
break;
-#endif
+
+ case 't':
+ check_config++;
+ break;
+
default:
usage( argv[0] );
rc = 1;
}
}
+#ifdef NEW_LOGGING
+ lutil_log_initialize( argc, argv );
+#else
+ lutil_set_debug_level( "slapd", slap_debug );
ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &slap_debug);
ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &slap_debug);
ldif_debug = slap_debug;
+#endif
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, INFO, "%s", Versionstr, 0, 0 );
+#else
Debug( LDAP_DEBUG_TRACE, "%s", Versionstr, 0, 0 );
+#endif
+
- if ( (serverName = strrchr( argv[0], *LDAP_DIRSEP )) == NULL ) {
- serverName = ch_strdup( argv[0] );
- } else {
- serverName = ch_strdup( serverName + 1 );
+ if( serverName == NULL ) {
+ if ( (serverName = strrchr( argv[0], *LDAP_DIRSEP )) == NULL ) {
+ serverName = argv[0];
+ } else {
+ serverName = serverName + 1;
+ }
}
#ifdef LOG_LOCAL4
openlog( serverName, OPENLOG_OPTIONS );
#endif
- if( slapd_daemon_init( urls, port, tls_port ) != 0 ) {
+ if( !check_config && slapd_daemon_init( urls ) != 0 ) {
rc = 1;
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 16 );
goto stop;
}
+#if defined(HAVE_CHROOT)
+ if ( sandbox ) {
+ if ( chdir( sandbox ) ) {
+ perror("chdir");
+ rc = 1;
+ goto stop;
+ }
+ if ( chroot( sandbox ) ) {
+ perror("chroot");
+ rc = 1;
+ goto stop;
+ }
+ }
+#endif
+
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
if ( username != NULL || groupname != NULL ) {
slap_init_user( username, groupname );
}
#endif
+ extops_init();
+
#ifdef SLAPD_MODULES
if ( module_init() != 0 ) {
rc = 1;
goto destroy;
}
- if ( read_config( configfile ) != 0 ) {
+ if ( slap_schema_init( ) != 0 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( OPERATION, CRIT, "main: schema initialization error\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "schema initialization error\n",
+ 0, 0, 0 );
+#endif
+
+ goto destroy;
+ }
+
+#ifdef HAVE_TLS
+ /* Library defaults to full certificate checking. This is correct when
+ * a client is verifying a server because all servers should have a
+ * valid cert. But few clients have valid certs, so we want our default
+ * to be no checking. The config file can override this as usual.
+ */
+ rc = 0;
+ (void) ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
+#endif
+
+#ifdef LDAP_SLAPI
+ if ( slapi_init() != 0 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( OPERATION, CRIT, "main: slapi initialization error\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "slapi initialization error\n",
+ 0, 0, 0 );
+#endif
+
+ goto destroy;
+ }
+#endif /* LDAP_SLAPI */
+
+ if ( read_config( configfile, 0 ) != 0 ) {
rc = 1;
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );
+
+ if ( check_config ) {
+ fprintf( stderr, "config check failed\n" );
+ }
+
+ goto destroy;
+ }
+
+ if ( check_config ) {
+ rc = 0;
+ fprintf( stderr, "config check succeeded\n" );
+ goto destroy;
+ }
+
+ if ( glue_sub_init( ) != 0 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, CRIT, "main: subordinate config error\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "subordinate config error\n",
+ 0, 0, 0 );
+#endif
+ goto destroy;
+ }
+
+ if ( slap_schema_check( ) != 0 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, CRIT, "main: schema prep error\n", 0, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "schema prep error\n",
+ 0, 0, 0 );
+#endif
+
goto destroy;
}
#ifdef HAVE_TLS
- ldap_pvt_tls_init();
- ldap_pvt_tls_init_def_ctx();
+ rc = ldap_pvt_tls_init();
+ if( rc != 0) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, CRIT, "main: tls init failed: %d\n", rc, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "main: TLS init failed: %d\n",
+ 0, 0, 0 );
+#endif
+ rc = 1;
+ SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
+ goto destroy;
+ }
+
+ rc = ldap_pvt_tls_init_def_ctx();
+ if( rc != 0) {
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, CRIT, "main: tls init def ctx failed: %d\n", rc, 0, 0 );
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "main: TLS init def ctx failed: %d\n",
+ rc, 0, 0 );
+#endif
+ rc = 1;
+ SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
+ goto destroy;
+ }
#endif
(void) SIGNAL( LDAP_SIGUSR1, slap_sig_wake );
if ( slap_startup( NULL ) != 0 ) {
rc = 1;
- SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
+ SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 21 );
goto shutdown;
}
{
FILE *fp;
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, INFO, "main: slapd starting.\n", 0, 0, 0 );
+#else
Debug( LDAP_DEBUG_ANY, "slapd starting\n", 0, 0, 0 );
+#endif
+
if (( slapd_pid_file != NULL ) &&
(( fp = fopen( slapd_pid_file, "w" )) != NULL ))
}
#ifdef HAVE_NT_EVENT_LOG
- LogSlapdStartedEvent( NTservice, slap_debug, configfile, urls );
+ if (is_NT_Service)
+ LogSlapdStartedEvent( serverName, slap_debug, configfile, urls );
#endif
rc = slapd_daemon();
module_kill();
#endif
+ extops_kill();
+
stop:
#ifdef HAVE_NT_EVENT_LOG
- LogSlapdStoppedEvent( NTservice );
+ if (is_NT_Service)
+ LogSlapdStoppedEvent( serverName );
#endif
+#ifdef NEW_LOGGING
+ LDAP_LOG( SLAPD, CRIT, "main: slapd stopped.\n", 0, 0, 0 );
+#else
Debug( LDAP_DEBUG_ANY, "slapd stopped.\n", 0, 0, 0 );
+#endif
+
#ifdef HAVE_NT_SERVICE_MANAGER
ReportSlapdShutdownComplete();
#endif
slapd_daemon_destroy();
+ schema_destroy();
+
+#ifdef HAVE_TLS
+ ldap_pvt_tls_destroy();
+#endif
+
+ config_destroy();
+
#ifdef CSRIMALLOC
mal_dumpleaktrace( leakfile );
#endif
#ifdef WNOHANG
errno = 0;
#ifdef HAVE_WAITPID
- while ( waitpid( (pid_t)-1, NULL, WNOHANG ) >= 0 || errno == EINTR )
+ while ( waitpid( (pid_t)-1, NULL, WNOHANG ) > 0 || errno == EINTR )
; /* NULL */
#else
- while ( wait3( NULL, WNOHANG, NULL ) >= 0 || errno == EINTR )
+ while ( wait3( NULL, WNOHANG, NULL ) > 0 || errno == EINTR )
; /* NULL */
#endif
#else
(void) wait( NULL );
#endif
- (void) SIGNAL( sig, wait4child );
+ (void) SIGNAL_REINSTALL( sig, wait4child );
errno = save_errno;
}
-#endif /* SIGCHLD || SIGCLD */
+#endif /* LDAP_SIGCHLD */
#ifdef LOG_LOCAL4
static int
cnvt_str2int( char *stringVal, STRDISP_P dispatcher, int defaultVal )
{
- int retVal = defaultVal;
+ int retVal = defaultVal;
STRDISP_P disp;
for (disp = dispatcher; disp->stringVal; disp++) {
- if (!strncasecmp (stringVal, disp->stringVal, disp->abbr)) {
+ if (!strncasecmp (stringVal, disp->stringVal, disp->abbr)) {
- retVal = disp->intVal;
- break;
+ retVal = disp->intVal;
+ break;
- }
+ }
}
return (retVal);
}
-#endif /* LOG_LOCAL4 */
+#endif /* LOG_LOCAL4 */