X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;ds=sidebyside;f=servers%2Fslapd%2Fmain.c;h=5f841086c43acaee59bb80cc50dd4bbbf2b1d803;hb=f7e3566ceb66c65a5f581f073ceaead4d6b9e860;hp=9dc39c9f9f9dc995037a96d3c442fa832b5cece4;hpb=75e1f0ef68f3e61918da45cff85ad287d1622d1f;p=openldap

diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index 9dc39c9f9f..5f841086c4 100644
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -1,7 +1,7 @@
 /* $OpenLDAP$ */
 /* This work is part of OpenLDAP Software <http://www.openldap.org/>.
  *
- * Copyright 1998-2007 The OpenLDAP Foundation.
+ * Copyright 1998-2008 The OpenLDAP Foundation.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -305,7 +305,7 @@ usage( char *name )
 		"\t-g group\tGroup (id or name) to run as\n"
 #endif
 		"\t-h URLs\t\tList of URLs to serve\n"
-#ifdef LOG_LOCAL4
+#ifdef SLAP_DEFAULT_SYSLOG_USER
 		"\t-l facility\tSyslog facility (default: LOCAL4)\n"
 #endif
 		"\t-n serverName\tService name\n"
@@ -348,7 +348,7 @@ int main( int argc, char **argv )
 #if defined(HAVE_CHROOT)
 	char *sandbox = NULL;
 #endif
-#ifdef LOG_LOCAL4
+#ifdef SLAP_DEFAULT_SYSLOG_USER
 	int syslogUser = SLAP_DEFAULT_SYSLOG_USER;
 #endif
 	
@@ -441,7 +441,7 @@ int main( int argc, char **argv )
 
 	while ( (i = getopt( argc, argv,
 			     "c:d:f:F:h:n:o:s:tT:V"
-#if LDAP_PF_INET6
+#ifdef LDAP_PF_INET6
 				"46"
 #endif
 #ifdef HAVE_CHROOT
@@ -675,6 +675,7 @@ unhandled_option:;
 		if ( version > 1 ) goto stop;
 	}
 
+#if defined(LDAP_DEBUG) && defined(LDAP_SYSLOG)
 	{
 		char *logName;
 #ifdef HAVE_EBCDIC
@@ -686,13 +687,14 @@ unhandled_option:;
 
 #ifdef LOG_LOCAL4
 		openlog( logName, OPENLOG_OPTIONS, syslogUser );
-#elif LOG_DEBUG
+#elif defined LOG_DEBUG
 		openlog( logName, OPENLOG_OPTIONS );
 #endif
 #ifdef HAVE_EBCDIC
 		free( logName );
 #endif
 	}
+#endif /* LDAP_DEBUG && LDAP_SYSLOG */
 
 	Debug( LDAP_DEBUG_ANY, "%s", Versionstr, 0, 0 );
 
@@ -734,6 +736,13 @@ unhandled_option:;
 		SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 );
 		goto destroy;
 	}
+	/* Library defaults to full certificate checking. This is correct when
+	 * a client is verifying a server because all servers should have a
+	 * valid cert. But few clients have valid certs, so we want our default
+	 * to be no checking. The config file can override this as usual.
+	 */
+	rc = LDAP_OPT_X_TLS_NEVER;
+	(void) ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
 #endif
 
 	rc = slap_init( serverMode, serverName );
@@ -830,6 +839,12 @@ unhandled_option:;
 	}
 #endif
 
+#ifdef HAVE_CYRUS_SASL
+	if( sasl_host == NULL ) {
+		sasl_host = ch_strdup( global_host );
+	}
+#endif
+
 	(void) SIGNAL( LDAP_SIGUSR1, slap_sig_wake );
 	(void) SIGNAL( LDAP_SIGUSR2, slap_sig_shutdown );
 
@@ -914,6 +929,8 @@ unhandled_option:;
 	 */
 	time( &starttime );
 
+	connections_init();
+
 	if ( slap_startup( NULL ) != 0 ) {
 		rc = 1;
 		SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 21 );
@@ -982,6 +999,8 @@ stop:
 
 	controls_destroy();
 
+	filter_destroy();
+
 	schema_destroy();
 
 	lutil_passwd_destroy();