X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fbconfig.c;h=e12a89aeb8d3bfb92155c0828fba3b003122d00a;hb=a12bedc2d8643dcc45435943908777c67a9de9d3;hp=def6daf20135d49a56c03eae2c7c9f56482104a8;hpb=8442047d2d1e99d78022a0aaf7234aa0a58830a3;p=openldap diff --git a/servers/slapd/bconfig.c b/servers/slapd/bconfig.c index def6daf201..e12a89aeb8 100644 --- a/servers/slapd/bconfig.c +++ b/servers/slapd/bconfig.c @@ -198,6 +198,8 @@ enum { CFG_LTHREADS, CFG_IX_HASH64, CFG_DISABLED, + CFG_THREADQS, + CFG_TLS_ECNAME, CFG_LAST }; @@ -683,6 +685,14 @@ static ConfigTable config_back_cf_table[] = { #endif "( OLcfgGlAt:66 NAME 'olcThreads' " "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL }, + { "threadqueues", "count", 2, 2, 0, +#ifdef NO_THREADS + ARG_IGNORED, NULL, +#else + ARG_INT|ARG_MAGIC|CFG_THREADQS, &config_generic, +#endif + "( OLcfgGlAt:95 NAME 'olcThreadQueues' " + "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL }, { "timelimit", "limit", 2, 0, 0, ARG_MAY_DB|ARG_MAGIC, &config_timelimit, "( OLcfgGlAt:67 NAME 'olcTimeLimit' " "SYNTAX OMsDirectoryString )", NULL, NULL }, @@ -766,6 +776,14 @@ static ConfigTable config_back_cf_table[] = { #endif "( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' " "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL }, + { "TLSECName", NULL, 2, 2, 0, +#ifdef HAVE_TLS + CFG_TLS_ECNAME|ARG_STRING|ARG_MAGIC, &config_tls_option, +#else + ARG_IGNORED, NULL, +#endif + "( OLcfgGlAt:96 NAME 'olcTLSECName' " + "SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL }, { "TLSProtocolMin", NULL, 2, 2, 0, #ifdef HAVE_TLS CFG_TLS_PROTOCOL_MIN|ARG_STRING|ARG_MAGIC, &config_tls_config, @@ -835,7 +853,8 @@ static ConfigOCs cf_ocs[] = { "olcDisallows $ olcGentleHUP $ olcIdleTimeout $ " "olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ " "olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexHash64 $ " - "olcIndexIntLen $ olcLocalSSF $ olcLogFile $ olcLogLevel $ " + "olcIndexIntLen $ " + "olcListenerThreads $ olcLocalSSF $ olcLogFile $ olcLogLevel $ " "olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ " "olcPluginLogFile $ olcReadOnly $ olcReferral $ " "olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ " @@ -845,11 +864,12 @@ static ConfigOCs cf_ocs[] = { "olcSecurity $ olcServerID $ olcSizeLimit $ " "olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ " "olcTCPBuffer $ " - "olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ " + "olcThreads $ olcThreadQueues $ " + "olcTimeLimit $ olcTLSCACertificateFile $ " "olcTLSCACertificatePath $ olcTLSCertificateFile $ " "olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ " - "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ " - "olcTLSCRLFile $ olcToolThreads $ olcWriteTimeout $ " + "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ olcTLSECName $ " + "olcTLSCRLFile $ olcTLSProtocolMin $ olcToolThreads $ olcWriteTimeout $ " "olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ " "olcDitContentRules $ olcLdapSyntaxes ) )", Cft_Global }, { "( OLcfgGlOc:2 " @@ -947,6 +967,9 @@ config_generic(ConfigArgs *c) { case CFG_THREADS: c->value_int = connection_pool_max; break; + case CFG_THREADQS: + c->value_int = connection_pool_queues; + break; case CFG_TTHREADS: c->value_int = slap_tool_thread_max; break; @@ -1314,6 +1337,7 @@ config_generic(ConfigArgs *c) { /* single-valued attrs, no-ops */ case CFG_CONCUR: case CFG_THREADS: + case CFG_THREADQS: case CFG_TTHREADS: case CFG_LTHREADS: case CFG_RO: @@ -1693,6 +1717,20 @@ config_generic(ConfigArgs *c) { connection_pool_max = c->value_int; /* save for reference */ break; + case CFG_THREADQS: + if ( c->value_int < 1 ) { + snprintf( c->cr_msg, sizeof( c->cr_msg ), + "threadqueuess=%d smaller than minimum value 1", + c->value_int ); + Debug(LDAP_DEBUG_ANY, "%s: %s.\n", + c->log, c->cr_msg, 0 ); + return 1; + } + if ( slapMode & SLAP_SERVER_MODE ) + ldap_pvt_thread_pool_queues(&connection_pool, c->value_int); + connection_pool_queues = c->value_int; /* save for reference */ + break; + case CFG_TTHREADS: if ( slapMode & SLAP_TOOL_MODE ) ldap_pvt_thread_pool_maxthreads(&connection_pool, c->value_int); @@ -4000,6 +4038,7 @@ config_tls_cleanup(ConfigArgs *c) { int opt = 1; ldap_pvt_tls_ctx_free( slap_tls_ctx ); + slap_tls_ctx = NULL; /* Force new ctx to be created */ rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt ); @@ -4008,6 +4047,11 @@ config_tls_cleanup(ConfigArgs *c) { ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx ); /* This is a no-op if it's already loaded */ load_extop( &slap_EXOP_START_TLS, 0, starttls_extop ); + } else { + if ( rc == LDAP_NOT_SUPPORTED ) + rc = LDAP_UNWILLING_TO_PERFORM; + else + rc = LDAP_OTHER; } } return rc; @@ -4025,6 +4069,7 @@ config_tls_option(ConfigArgs *c) { case CFG_TLS_CA_PATH: flag = LDAP_OPT_X_TLS_CACERTDIR; break; case CFG_TLS_CA_FILE: flag = LDAP_OPT_X_TLS_CACERTFILE; break; case CFG_TLS_DH_FILE: flag = LDAP_OPT_X_TLS_DHFILE; break; + case CFG_TLS_ECNAME: flag = LDAP_OPT_X_TLS_ECNAME; break; #ifdef HAVE_GNUTLS case CFG_TLS_CRL_FILE: flag = LDAP_OPT_X_TLS_CRLFILE; break; #endif @@ -4067,7 +4112,7 @@ config_tls_config(ConfigArgs *c) { } ch_free( c->value_string ); c->cleanup = config_tls_cleanup; - if ( isdigit( (unsigned char)c->argv[1][0] ) ) { + if ( isdigit( (unsigned char)c->argv[1][0] ) && c->type != CFG_TLS_PROTOCOL_MIN ) { if ( lutil_atoi( &i, c->argv[1] ) != 0 ) { Debug(LDAP_DEBUG_ANY, "%s: " "unable to parse %s \"%s\"\n", @@ -6758,7 +6803,7 @@ config_build_schema_inc( ConfigArgs *c, CfEntryInfo *ceparent, for (; cf; cf=cf->c_sibs, c->depth++) { if ( !cf->c_at_head && !cf->c_cr_head && !cf->c_oc_head && - !cf->c_om_head && !cf->c_syn_head ) continue; + !cf->c_om_head && !cf->c_syn_head && !cf->c_kids ) continue; c->value_dn.bv_val = c->log; LUTIL_SLASHPATH( cf->c_file.bv_val ); bv.bv_val = strrchr(cf->c_file.bv_val, LDAP_DIRSEP[0]);