ITS#6111 connection_state_closing() -> connection_valid()

[openldap] / servers / slapd / main.c

diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index 8c890e506de3f189891d61ee6c0b00c03c76842e..64d1876dc747acac227ebdfe235662b0c51ab2d5 100644 (file)
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2009 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -699,6 +699,7 @@ unhandled_option:;
        Debug( LDAP_DEBUG_ANY, "%s", Versionstr, 0, 0 );
 
        global_host = ldap_pvt_get_fqdn( NULL );
+       ber_str2bv( global_host, 0, 0, &global_host_bv );
 
        if( check == CHECK_NONE && slapd_daemon_init( urls ) != 0 ) {
                rc = 1;
@@ -736,6 +737,13 @@ unhandled_option:;
                SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
                goto destroy;
        }
+       /* Library defaults to full certificate checking. This is correct when
+        * a client is verifying a server because all servers should have a
+        * valid cert. But few clients have valid certs, so we want our default
+        * to be no checking. The config file can override this as usual.
+        */
+       rc = LDAP_OPT_X_TLS_NEVER;
+       (void) ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
 #endif
 
        rc = slap_init( serverMode, serverName );
@@ -785,7 +793,7 @@ unhandled_option:;
                }
        }
 
-       if ( glue_sub_attach( ) != 0 ) {
+       if ( glue_sub_attach( 0 ) != 0 ) {
                Debug( LDAP_DEBUG_ANY,
                    "subordinate config error\n",
                    0, 0, 0 );
@@ -832,6 +840,12 @@ unhandled_option:;
        }
 #endif
 
+#ifdef HAVE_CYRUS_SASL
+       if( sasl_host == NULL ) {
+               sasl_host = ch_strdup( global_host );
+       }
+#endif
+
        (void) SIGNAL( LDAP_SIGUSR1, slap_sig_wake );
        (void) SIGNAL( LDAP_SIGUSR2, slap_sig_shutdown );
 
@@ -916,6 +930,8 @@ unhandled_option:;
         */
        time( &starttime );
 
+       connections_init();
+
        if ( slap_startup( NULL ) != 0 ) {
                rc = 1;
                SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 21 );
@@ -984,6 +1000,8 @@ stop:
 
        controls_destroy();
 
+       filter_destroy();
+
        schema_destroy();
 
        lutil_passwd_destroy();
@@ -1013,6 +1031,8 @@ stop:
                ch_free( configdir );
        if ( urls )
                ch_free( urls );
+       if ( global_host )
+               ch_free( global_host );
 
        /* kludge, get symbols referenced */
        tavl_free( NULL, NULL );
@@ -1037,13 +1057,12 @@ wait4child( int sig )
     int save_errno = errno;
 
 #ifdef WNOHANG
-    errno = 0;
+    do
+        errno = 0;
 #ifdef HAVE_WAITPID
-    while ( waitpid( (pid_t)-1, NULL, WNOHANG ) > 0 || errno == EINTR )
-       ;       /* NULL */
+    while ( waitpid( (pid_t)-1, NULL, WNOHANG ) > 0 || errno == EINTR );
 #else
-    while ( wait3( NULL, WNOHANG, NULL ) > 0 || errno == EINTR )
-       ;       /* NULL */
+    while ( wait3( NULL, WNOHANG, NULL ) > 0 || errno == EINTR );
 #endif
 #else
     (void) wait( NULL );
@@ -1053,4 +1072,3 @@ wait4child( int sig )
 }
 
 #endif /* LDAP_SIGCHLD */
-