X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fconfig.c;h=1b612e8aab48b8a01c0e21ac830d43001007535b;hb=fb2d3926ce4714b83f76c059a18a0d67d12b8019;hp=43cc60c1bb58fe68269e9d0c642d906574699cfc;hpb=bbdc0bcd009635c0d18276da3f4e065955ea6529;p=openldap diff --git a/servers/slapd/config.c b/servers/slapd/config.c index 43cc60c1bb..1b612e8aab 100644 --- a/servers/slapd/config.c +++ b/servers/slapd/config.c @@ -36,7 +36,14 @@ #include #include + +#ifndef S_ISREG +#define S_ISREG(m) (((m) & _S_IFMT) == _S_IFREG) +#endif + +#if HAVE_UNISTD_H #include +#endif #include "slap.h" #ifdef LDAP_SLAPI @@ -150,14 +157,10 @@ int config_check_vals(ConfigTable *Conf, ConfigArgs *c, int check_only ) { snprintf( c->msg, sizeof( c->msg ), "<%s> extra cruft after <%s>", c->argv[0], Conf->what ); -#ifdef LDAP_DEVEL ignored = ""; -#endif /* LDAP_DEVEL */ Debug(LDAP_DEBUG_CONFIG, "%s: %s%s.\n", c->log, c->msg, ignored ); -#ifdef LDAP_DEVEL return(ARG_BAD_CONF); -#endif /* LDAP_DEVEL */ } if((arg_syn & ARG_DB) && !c->be) { snprintf( c->msg, sizeof( c->msg ), "<%s> only allowed within database declaration", @@ -475,45 +478,18 @@ config_get_vals(ConfigTable *cf, ConfigArgs *c) int init_config_attrs(ConfigTable *ct) { - LDAPAttributeType *at; int i, code; - const char *err; for (i=0; ct[i].name; i++ ) { - int freeit = 0; - if ( !ct[i].attribute ) continue; - at = ldap_str2attributetype( ct[i].attribute, - &code, &err, LDAP_SCHEMA_ALLOW_ALL ); - if ( !at ) { - fprintf( stderr, "init_config_attrs: AttributeType \"%s\": %s, %s\n", - ct[i].attribute, ldap_scherr2str(code), err ); - return code; - } - - code = at_add( at, 0, NULL, &err ); - if ( code ) { - if ( code == SLAP_SCHERR_ATTR_DUP ) { - freeit = 1; - - } else { - ldap_attributetype_free( at ); - fprintf( stderr, "init_config_attrs: AttributeType \"%s\": %s, %s\n", - ct[i].attribute, scherr2str(code), err ); - return code; - } - } - code = slap_str2ad( at->at_names[0], &ct[i].ad, &err ); - if ( freeit || code ) { - ldap_attributetype_free( at ); - } else { - ldap_memfree( at ); - } + code = register_at( ct[i].attribute, &ct[i].ad, 1 ); if ( code ) { - fprintf( stderr, "init_config_attrs: AttributeType \"%s\": %s\n", - ct[i].attribute, err ); + fprintf( stderr, "init_config_attrs: register_at failed\n" ); return code; } +#ifndef LDAP_DEVEL + ct[i].ad->ad_type->sat_flags |= SLAP_AT_HIDE; +#endif } return 0; @@ -521,32 +497,17 @@ init_config_attrs(ConfigTable *ct) { int init_config_ocs( ConfigOCs *ocs ) { - int i; + int i, code; for (i=0;ocs[i].co_def;i++) { - LDAPObjectClass *oc; - int code; - const char *err; - - oc = ldap_str2objectclass( ocs[i].co_def, &code, &err, - LDAP_SCHEMA_ALLOW_ALL ); - if ( !oc ) { - fprintf( stderr, "init_config_ocs: objectclass \"%s\": %s, %s\n", - ocs[i].co_def, ldap_scherr2str(code), err ); - return code; - } - code = oc_add(oc,0,NULL,&err); - if ( code && code != SLAP_SCHERR_CLASS_DUP ) { - fprintf( stderr, "init_config_ocs: objectclass \"%s\": %s, %s\n", - ocs[i].co_def, scherr2str(code), err ); - ldap_objectclass_free(oc); + code = register_oc( ocs[i].co_def, &ocs[i].co_oc, 1 ); + if ( code ) { + fprintf( stderr, "init_config_ocs: register_oc failed\n" ); return code; } - ocs[i].co_oc = oc_find(oc->oc_names[0]); - if ( code ) - ldap_objectclass_free(oc); - else - ldap_memfree(oc); +#ifndef LDAP_DEVEL + ocs[i].co_oc->soc_flags |= SLAP_OC_HIDE; +#endif } return 0; } @@ -880,14 +841,21 @@ done: /* restrictops, allows, disallows, requires, loglevel */ int -verb_to_mask(const char *word, slap_verbmasks *v) { +bverb_to_mask(struct berval *bword, slap_verbmasks *v) { int i; for(i = 0; !BER_BVISNULL(&v[i].word); i++) { - if(!strcasecmp(word, v[i].word.bv_val)) break; + if(!ber_bvstrcasecmp(bword, &v[i].word)) break; } return(i); } +int +verb_to_mask(const char *word, slap_verbmasks *v) { + struct berval bword; + ber_str2bv( word, 0, 0, &bword ); + return bverb_to_mask( &bword, v ); +} + int verbs_to_mask(int argc, char *argv[], slap_verbmasks *v, slap_mask_t *m) { int i, j; @@ -1041,8 +1009,15 @@ static slap_verbmasks methkey[] = { { BER_BVNULL, 0 } }; +static slap_verbmasks versionkey[] = { + { BER_BVC("2"), LDAP_VERSION2 }, + { BER_BVC("3"), LDAP_VERSION3 }, + { BER_BVNULL, 0 } +}; + static slap_cf_aux_table bindkey[] = { { BER_BVC("uri="), offsetof(slap_bindconf, sb_uri), 'b', 1, NULL }, + { BER_BVC("version="), offsetof(slap_bindconf, sb_version), 'd', 0, versionkey }, { BER_BVC("bindmethod="), offsetof(slap_bindconf, sb_method), 'd', 0, methkey }, { BER_BVC("binddn="), offsetof(slap_bindconf, sb_binddn), 'b', 1, NULL }, { BER_BVC("credentials="), offsetof(slap_bindconf, sb_cred), 'b', 1, NULL }, @@ -1151,7 +1126,7 @@ slap_cf_aux_table_parse( const char *word, void *dst, slap_cf_aux_table *tab0, L int slap_cf_aux_table_unparse( void *src, struct berval *bv, slap_cf_aux_table *tab0 ) { - char buf[BUFSIZ], *ptr; + char buf[AC_LINE_MAX], *ptr; slap_cf_aux_table *tab; struct berval tmp; @@ -1285,10 +1260,12 @@ void bindconf_free( slap_bindconf *bc ) { BER_BVZERO( &bc->sb_authzId ); } #ifdef HAVE_TLS +#if 0 if ( bc->sb_tls_ctx ) { SSL_CTX_free( bc->sb_tls_ctx ); bc->sb_tls_ctx = NULL; } +#endif if ( bc->sb_tls_cert ) { ch_free( bc->sb_tls_cert ); bc->sb_tls_cert = NULL; @@ -1403,7 +1380,7 @@ int bindconf_tls_set( slap_bindconf *bc, LDAP *ld ) * note: should move "version" into bindconf... */ int -slap_client_connect( LDAP **ldp, slap_bindconf *sb, int version ) +slap_client_connect( LDAP **ldp, slap_bindconf *sb ) { LDAP *ld = NULL; int rc; @@ -1418,9 +1395,9 @@ slap_client_connect( LDAP **ldp, slap_bindconf *sb, int version ) return rc; } - if ( version != 0 ) { + if ( sb->sb_version != 0 ) { ldap_set_option( ld, LDAP_OPT_PROTOCOL_VERSION, - (const void *)&version ); + (const void *)&sb->sb_version ); } #ifdef HAVE_TLS @@ -1435,8 +1412,8 @@ slap_client_connect( LDAP **ldp, slap_bindconf *sb, int version ) if ( rc ) { Debug( LDAP_DEBUG_ANY, "slap_client_connect: " - "TLS context initialization failed\n", - 0, 0, 0 ); + "URI=%s TLS context initialization failed (%d)\n", + sb->sb_uri.bv_val, rc, 0 ); return rc; } #endif @@ -1446,11 +1423,12 @@ slap_client_connect( LDAP **ldp, slap_bindconf *sb, int version ) rc = ldap_start_tls_s( ld, NULL, NULL ); if ( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, - "slap_client_connect: " + "slap_client_connect: URI=%s " "%s, ldap_start_tls failed (%d)\n", + sb->sb_uri.bv_val, sb->sb_tls == SB_TLS_CRITICAL ? "Error" : "Warning", - rc, 0 ); + rc ); if ( sb->sb_tls == SB_TLS_CRITICAL ) { goto done; } @@ -1499,9 +1477,9 @@ slap_client_connect( LDAP **ldp, slap_bindconf *sb, int version ) if ( rc != LDAP_SUCCESS ) { static struct berval bv_GSSAPI = BER_BVC( "GSSAPI" ); - Debug( LDAP_DEBUG_ANY, "slap_client_connect: " + Debug( LDAP_DEBUG_ANY, "slap_client_connect: URI=%s " "ldap_sasl_interactive_bind_s failed (%d)\n", - rc, 0, 0 ); + sb->sb_uri.bv_val, rc, 0 ); /* FIXME (see above comment) */ /* if Kerberos credentials cache is not active, retry */ @@ -1527,7 +1505,9 @@ slap_client_connect( LDAP **ldp, slap_bindconf *sb, int version ) &sb->sb_cred, NULL, NULL, NULL ); if ( rc != LDAP_SUCCESS ) { Debug( LDAP_DEBUG_ANY, "slap_client_connect: " - "ldap_sasl_bind_s failed (%d)\n", rc, 0, 0 ); + "URI=%s DN=\"%s\" " + "ldap_sasl_bind_s failed (%d)\n", + sb->sb_uri.bv_val, sb->sb_binddn.bv_val, rc ); goto done; } } @@ -1604,7 +1584,7 @@ strtok_quote( char *line, char *sep, char **quote_ptr ) return( tmp ); } -static char buf[BUFSIZ]; +static char buf[AC_LINE_MAX]; static char *line; static size_t lmax, lcur; @@ -1612,7 +1592,7 @@ static size_t lmax, lcur; do { \ size_t len = strlen( buf ); \ while ( lcur + len + 1 > lmax ) { \ - lmax += BUFSIZ; \ + lmax += AC_LINE_MAX; \ line = (char *) ch_realloc( line, lmax ); \ } \ strcpy( line + lcur, buf ); \