fprintf( stderr,
"usage: %s options\n", name );
fprintf( stderr,
+ "\t-4\t\tIPv4 only\n"
+ "\t-6\t\tIPv6 only\n"
"\t-d level\tDebug level" "\n"
"\t-f filename\tConfiguration file\n"
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
while ( (i = getopt( argc, argv,
"d:f:h:s:n:t"
+#if LDAP_PF_INET6
+ "46"
+#endif
#ifdef HAVE_CHROOT
"r:"
#endif
#endif
)) != EOF ) {
switch ( i ) {
+#ifdef LDAP_PF_INET6
+ case '4':
+ slap_inet4or6 = AF_INET;
+ break;
+ case '6':
+ slap_inet4or6 = AF_INET6;
+ break;
+#endif
+
case 'h': /* listen URLs */
if ( urls != NULL ) free( urls );
urls = ch_strdup( optarg );
goto destroy;
}
+#ifdef HAVE_TLS
+ /* Library defaults to full certificate checking. This is correct when
+ * a client is verifying a server because all servers should have a
+ * valid cert. But few clients have valid certs, so we want our default
+ * to be no checking. The config file can override this as usual.
+ */
+ rc = 0;
+ (void) ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
+#endif
+
if ( read_config( configfile ) != 0 ) {
rc = 1;
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );