/* $OpenLDAP$ */
/*
- * Copyright 1998-2000 The OpenLDAP Foundation, All Rights Reserved.
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
* COPYING RESTRICTIONS APPLY, see COPYRIGHT file
*/
#include "portable.h"
#include <stdio.h>
-#include <ac/signal.h>
#include <ac/socket.h>
#include <ac/string.h>
#include <ac/time.h>
#endif /* LOG_LOCAL4 */
+static int check_config = 0;
static void
usage( char *name )
fprintf( stderr,
"usage: %s options\n", name );
fprintf( stderr,
- "\t-d level\tDebug Level" "\n"
- "\t-f filename\tConfiguration File\n"
+ "\t-d level\tDebug level" "\n"
+ "\t-f filename\tConfiguration file\n"
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
- "\t-g group\tGroup (id or name) to ran as\n"
+ "\t-g group\tGroup (id or name) to run as\n"
#endif
- "\t-h URLs\tList of URLs to serve\n"
+ "\t-h URLs\t\tList of URLs to serve\n"
#ifdef LOG_LOCAL4
- "\t-l sysloguser\tSyslog User (default: LOCAL4)\n"
+ "\t-l facility\tSyslog facility (default: LOCAL4)\n"
#endif
- "\t-n serverName\tservice name\n"
+ "\t-n serverName\tService name\n"
#ifdef HAVE_CHROOT
- "\t-r directory\n"
+ "\t-r directory\tSandbox directory to chroot to\n"
#endif
- "\t-s level\tSyslog Level\n"
+ "\t-s level\tSyslog level\n"
+ "\t-t\t\tCheck configuration file and exit\n"
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
- "\t-u user\tUser (id or name) to ran as\n"
+ "\t-u user\t\tUser (id or name) to run as\n"
#endif
);
}
#endif
while ( (i = getopt( argc, argv,
- "d:f:h:s:n:"
+ "d:f:h:s:n:t"
#ifdef HAVE_CHROOT
"r:"
#endif
serverName = ch_strdup( optarg );
break;
+ case 't':
+ check_config++;
+ break;
+
default:
usage( argv[0] );
rc = 1;
openlog( serverName, OPENLOG_OPTIONS );
#endif
- if( slapd_daemon_init( urls ) != 0 ) {
+ if( !check_config && slapd_daemon_init( urls ) != 0 ) {
rc = 1;
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 16 );
goto stop;
goto destroy;
}
- if ( schema_init( ) != 0 ) {
+ if ( slap_schema_init( ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_CRIT,
"main: schema initialization error\n" ));
goto destroy;
}
+#ifdef HAVE_TLS
+ /* Library defaults to full certificate checking. This is correct when
+ * a client is verifying a server because all servers should have a
+ * valid cert. But few clients have valid certs, so we want our default
+ * to be no checking. The config file can override this as usual.
+ */
+ rc = 0;
+ (void) ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
+#endif
+
if ( read_config( configfile ) != 0 ) {
rc = 1;
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );
+
+ if ( check_config ) {
+ fprintf( stderr, "config check failed\n" );
+ }
+
+ goto destroy;
+ }
+
+ if ( check_config ) {
+ rc = 0;
+ fprintf( stderr, "config check succeeded\n" );
goto destroy;
}
goto destroy;
}
- if ( schema_prep( ) != 0 ) {
+ if ( slap_schema_check( ) != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_CRIT,
"main: schema prep error\n"));
projects / openldap / blobdiff