static int version = 0;
void *slap_tls_ctx;
+LDAP *slap_tls_ld;
#ifdef LOG_LOCAL4
#define DEFAULT_SYSLOG_USER LOG_LOCAL4
{
#ifdef HAVE_SLP
/* NULL is default */
- if ( val == NULL || strcasecmp( val, "on" ) == 0 ) {
+ if ( val == NULL || *val == '(' || strcasecmp( val, "on" ) == 0 ) {
slapd_register_slp = 1;
+ slapd_slp_attrs = (val != NULL && *val == '(') ? val : NULL;
} else if ( strcasecmp( val, "off" ) == 0 ) {
slapd_register_slp = 0;
void *oh_arg;
const char *oh_usage;
} option_helpers[] = {
- { BER_BVC("slp"), slapd_opt_slp, NULL, "slp[={on|off}] enable/disable SLP" },
+ { BER_BVC("slp"), slapd_opt_slp, NULL, "slp[={on|off|(attrs)}] enable/disable SLP using (attrs)" },
{ BER_BVNULL, 0, NULL, NULL }
};
lutil_passwd_init();
slap_op_init();
+#ifdef HAVE_TLS
+ rc = ldap_create( &slap_tls_ld );
+ if ( rc ) {
+ SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
+ goto destroy;
+ }
+#endif
+
rc = slap_init( serverMode, serverName );
if ( rc ) {
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 18 );
}
{
- void *def_ctx = NULL;
-
- /* Save existing default ctx, if any */
- ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &def_ctx );
+ int opt = 1;
/* Force new ctx to be created */
- ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, NULL );
-
- rc = ldap_pvt_tls_init_def_ctx( 1 );
+ rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt );
if( rc == 0 ) {
- ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
- /* Restore previous ctx */
- ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, def_ctx );
+ /* The ctx's refcount is bumped up here */
+ ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx );
load_extop( &slap_EXOP_START_TLS, 0, starttls_extop );
} else if ( rc != LDAP_NOT_SUPPORTED ) {
Debug( LDAP_DEBUG_ANY,
lutil_passwd_destroy();
#ifdef HAVE_TLS
+ /* Setting it to itself decreases refcount, allowing it to be freed
+ * when the LD is freed.
+ */
+ if ( slap_tls_ld ) {
+ ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, slap_tls_ctx );
+ ldap_unbind( slap_tls_ld );
+ }
ldap_pvt_tls_destroy();
#endif