Add back-ndb

[openldap] / servers / slapd / main.c

diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index 86b61dd0e254df0555173c3e5f3174fc77ba3e16..5f841086c43acaee59bb80cc50dd4bbbf2b1d803 100644 (file)
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -736,6 +736,13 @@ unhandled_option:;
                SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
                goto destroy;
        }
+       /* Library defaults to full certificate checking. This is correct when
+        * a client is verifying a server because all servers should have a
+        * valid cert. But few clients have valid certs, so we want our default
+        * to be no checking. The config file can override this as usual.
+        */
+       rc = LDAP_OPT_X_TLS_NEVER;
+       (void) ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
 #endif
 
        rc = slap_init( serverMode, serverName );
@@ -832,6 +839,12 @@ unhandled_option:;
        }
 #endif
 
+#ifdef HAVE_CYRUS_SASL
+       if( sasl_host == NULL ) {
+               sasl_host = ch_strdup( global_host );
+       }
+#endif
+
        (void) SIGNAL( LDAP_SIGUSR1, slap_sig_wake );
        (void) SIGNAL( LDAP_SIGUSR2, slap_sig_shutdown );
 
@@ -916,6 +929,8 @@ unhandled_option:;
         */
        time( &starttime );
 
+       connections_init();
+
        if ( slap_startup( NULL ) != 0 ) {
                rc = 1;
                SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 21 );