plug one-time leak

[openldap] / servers / slapd / slapcommon.c

diff --git a/servers/slapd/slapcommon.c b/servers/slapd/slapcommon.c
index ab0048db057d5503371b599a2d00fff29ec5bdae..5c273c605d6d4dc1f5b13eeae25194c785b15deb 100644 (file)
--- a/servers/slapd/slapcommon.c
+++ b/servers/slapd/slapcommon.c
@@ -36,6 +36,7 @@
 
 #include "slapcommon.h"
 #include "lutil.h"
+#include "ldif.h"
 
 tool_vars tool_globals;
 
@@ -44,22 +45,24 @@ static char *leakfilename;
 static FILE *leakfile;
 #endif
 
+static LDIFFP dummy;
+
 static void
 usage( int tool, const char *progname )
 {
        char *options = NULL;
        fprintf( stderr,
-               "usage: %s [-v] [-c] [-d debuglevel] [-f configfile]",
+               "usage: %s [-v] [-d debuglevel] [-f configfile] [-F configdir]",
                progname );
 
        switch( tool ) {
        case SLAPACL:
-               options = "\n\t[-U authcID | -D authcDN]"
-                       " -b DN [attr[/access][:value]] [...]\n";
+               options = "\n\t[-U authcID | -D authcDN] [-X authzID | -o authzDN=<DN>]"
+                       "\n\t-b DN -o <var>[=<val>] [-u] [attr[/access][:value]] [...]\n";
                break;
 
        case SLAPADD:
-               options = "\n\t[-n databasenumber | -b suffix]\n"
+               options = " [-c]\n\t[-n databasenumber | -b suffix]\n"
                        "\t[-l ldiffile] [-q] [-u] [-w]\n";
                break;
 
@@ -68,16 +71,16 @@ usage( int tool, const char *progname )
                break;
 
        case SLAPCAT:
-               options = "\n\t[-n databasenumber | -b suffix]"
+               options = " [-c]\n\t[-n databasenumber | -b suffix]"
                        " [-l ldiffile] [-a filter]\n";
                break;
 
        case SLAPDN:
-               options = " DN [...]\n";
+               options = "\n\t[-N | -P] DN [...]\n";
                break;
 
        case SLAPINDEX:
-               options = "\n\t[-n databasenumber | -b suffix] [-q]\n";
+               options = " [-c]\n\t[-n databasenumber | -b suffix] [-q]\n";
                break;
 
        case SLAPTEST:
@@ -91,6 +94,65 @@ usage( int tool, const char *progname )
        exit( EXIT_FAILURE );
 }
 
+static int
+parse_slapacl( void )
+{
+       size_t  len;
+       char    *p;
+
+       p = strchr( optarg, '=' );
+       if ( p == NULL ) {
+               return -1;
+       }
+
+       len = p - optarg;
+       p++;
+
+       if ( strncasecmp( optarg, "sockurl", len ) == 0 ) {
+               if ( !BER_BVISNULL( &listener_url ) ) {
+                       ber_memfree( listener_url.bv_val );
+               }
+               ber_str2bv( p, 0, 1, &listener_url );
+
+       } else if ( strncasecmp( optarg, "domain", len ) == 0 ) {
+               if ( !BER_BVISNULL( &peer_domain ) ) {
+                       ber_memfree( peer_domain.bv_val );
+               }
+               ber_str2bv( p, 0, 1, &peer_domain );
+
+       } else if ( strncasecmp( optarg, "peername", len ) == 0 ) {
+               if ( !BER_BVISNULL( &peer_name ) ) {
+                       ber_memfree( peer_name.bv_val );
+               }
+               ber_str2bv( p, 0, 1, &peer_name );
+
+       } else if ( strncasecmp( optarg, "sockname", len ) == 0 ) {
+               if ( !BER_BVISNULL( &sock_name ) ) {
+                       ber_memfree( sock_name.bv_val );
+               }
+               ber_str2bv( p, 0, 1, &sock_name );
+
+       } else if ( strncasecmp( optarg, "ssf", len ) == 0 ) {
+               ssf = atoi( p );
+
+       } else if ( strncasecmp( optarg, "transport_ssf", len ) == 0 ) {
+               transport_ssf = atoi( p );
+
+       } else if ( strncasecmp( optarg, "tls_ssf", len ) == 0 ) {
+               tls_ssf = atoi( p );
+
+       } else if ( strncasecmp( optarg, "sasl_ssf", len ) == 0 ) {
+               sasl_ssf = atoi( p );
+
+       } else if ( strncasecmp( optarg, "authzDN", len ) == 0 ) {
+               ber_str2bv( p, 0, 1, &authzDN );
+
+       } else {
+               return -1;
+       }
+
+       return 0;
+}
 
 /*
  * slap_tool_init - initialize slap utility, handle program options.
@@ -107,8 +169,8 @@ slap_tool_init(
        int argc, char **argv )
 {
        char *options;
-       char *conffile = SLAPD_DEFAULT_CONFIGFILE;
-       char *confdir = SLAPD_DEFAULT_CONFIGDIR;
+       char *conffile = NULL;
+       char *confdir = NULL;
        struct berval base = BER_BVNULL;
        char *filterstr = NULL;
        char *subtree = NULL;
@@ -137,7 +199,7 @@ slap_tool_init(
                break;
 
        case SLAPDN:
-               options = "d:f:F:v";
+               options = "d:f:F:NPv";
                mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
                break;
 
@@ -157,7 +219,7 @@ slap_tool_init(
                break;
 
        case SLAPACL:
-               options = "b:D:d:f:F:U:v";
+               options = "b:D:d:f:F:o:uU:vX:";
                mode |= SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
                break;
 
@@ -205,10 +267,30 @@ slap_tool_init(
                        ber_str2bv( optarg, 0, 0, &mech );
                        break;
 
+               case 'N':
+                       if ( dn_mode && dn_mode != SLAP_TOOL_LDAPDN_NORMAL ) {
+                               usage( tool, progname );
+                       }
+                       dn_mode = SLAP_TOOL_LDAPDN_NORMAL;
+                       break;
+
                case 'n':       /* which config file db to index */
                        dbnum = atoi( optarg );
                        break;
 
+               case 'o':
+                       if ( parse_slapacl() ) {
+                               usage( tool, progname );
+                       }
+                       break;
+
+               case 'P':
+                       if ( dn_mode && dn_mode != SLAP_TOOL_LDAPDN_PRETTY ) {
+                               usage( tool, progname );
+                       }
+                       dn_mode = SLAP_TOOL_LDAPDN_PRETTY;
+                       break;
+
                case 'q':       /* turn on quick */
                        mode |= SLAP_TOOL_QUICK;
                        break;
@@ -297,9 +379,10 @@ slap_tool_init(
        ldap_syslog = 0;
 
        if ( ldiffile == NULL ) {
-               ldiffp = tool == SLAPCAT ? stdout : stdin;
+               dummy.fp = tool == SLAPCAT ? stdout : stdin;
+               ldiffp = &dummy;
 
-       } else if ((ldiffp = fopen( ldiffile, tool == SLAPCAT ? "w" : "r" ))
+       } else if ((ldiffp = ldif_open( ldiffile, tool == SLAPCAT ? "w" : "r" ))
                == NULL )
        {
                perror( ldiffile );
@@ -344,7 +427,8 @@ slap_tool_init(
        rc = read_config( conffile, confdir );
 
        if ( rc != 0 ) {
-               fprintf( stderr, "%s: bad configuration file!\n", progname );
+               fprintf( stderr, "%s: bad configuration %s!\n",
+                       progname, confdir ? "directory" : "file" );
                exit( EXIT_FAILURE );
        }
 
@@ -437,17 +521,22 @@ slap_tool_init(
                /* If the named base is a glue master, operate on the
                 * entire context
                 */
-               if (SLAP_GLUE_INSTANCE(be)) {
+               if ( SLAP_GLUE_INSTANCE( be ) ) {
                        nosubordinates = 1;
                }
 
        } else if ( dbnum == -1 ) {
+               /* no suffix and no dbnum specified, just default to
+                * the first available database
+                */
                if ( nbackends <= 0 ) {
                        fprintf( stderr, "No available databases\n" );
                        exit( EXIT_FAILURE );
                }
                LDAP_STAILQ_FOREACH( be, &backendDB, be_next ) {
                        dbnum++;
+
+                       /* db #0 is cn=config, don't select it as a default */
                        if ( dbnum < 1 ) continue;
                
                        if ( SLAP_MONITOR(be))
@@ -469,19 +558,19 @@ slap_tool_init(
                        exit( EXIT_FAILURE );
                }
                
-               if ( nosubordinates == 0 && dbnum > 0 ) {
+               if ( nosubordinates == 0 && dbnum > 1 ) {
                        Debug( LDAP_DEBUG_ANY,
                                "The first database does not allow %s;"
                                " using the first available one (%d)\n",
-                               progname, dbnum + 1, 0 );
+                               progname, dbnum, 0 );
                }
 
        } else if ( dbnum < 0 || dbnum > (nbackends-1) ) {
                fprintf( stderr,
                        "Database number selected via -n is out of range\n"
-                       "Must be in the range 1 to %d"
-                       " (number of databases in the config file)\n",
-                       nbackends );
+                       "Must be in the range 0 to %d"
+                       " (number of configured databases)\n",
+                       nbackends-1 );
                exit( EXIT_FAILURE );
 
        } else {
@@ -497,8 +586,16 @@ startup:;
        mal_leaktrace(1);
 #endif
 
-       if ( !dryrun && slap_startup( be ) ) {
+       if ( conffile != NULL ) {
+               ch_free( conffile );
+       }
+
+       if ( ldiffile != NULL ) {
+               ch_free( ldiffile );
+       }
 
+       /* slapdn doesn't specify a backend to startup */
+       if ( !dryrun && tool != SLAPDN && slap_startup( be ) ) {
                switch ( tool ) {
                case SLAPTEST:
                        fprintf( stderr, "slap_startup failed "
@@ -517,10 +614,10 @@ startup:;
 
 void slap_tool_destroy( void )
 {
-       if ( !dryrun && be != NULL ) {
+       if ( !dryrun ) {
                slap_shutdown( be );
+               slap_destroy();
        }
-       slap_destroy();
 #ifdef SLAPD_MODULES
        if ( slapMode == SLAP_SERVER_MODE ) {
        /* always false. just pulls in necessary symbol references. */