X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fconfig.c;h=e4d67fedde2e219a18faf43cd42232ae397fc327;hb=04c5711506f17cc7403240c1f335527c6bccaa33;hp=017100b532dd955ce083f0dd2c805e0ca421aabd;hpb=fd8b582aa9ffa3ca4825f18b6e2602b34a1540ff;p=openldap

diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 017100b532..e4d67fedde 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -21,7 +21,7 @@
  */
 int		defsize = SLAPD_DEFAULT_SIZELIMIT;
 int		deftime = SLAPD_DEFAULT_TIMELIMIT;
-struct acl	*global_acl = NULL;
+AccessControl	*global_acl = NULL;
 int		global_default_access = ACL_READ;
 char		*replogfile;
 int		global_lastmod;
@@ -45,8 +45,10 @@ read_config( char *fname )
 	char	*line, *savefname, *saveline;
 	int	cargc, savelineno;
 	char	*cargv[MAXARGS];
-	int	lineno, i, rc;
-
+	int	lineno, i;
+#ifdef HAVE_TLS
+	int rc;
+#endif
 	struct berval *vals[2];
 	struct berval val;
 
@@ -220,7 +222,7 @@ read_config( char *fname )
 				char *dn = ch_strdup( cargv[1] );
 				(void) dn_normalize( dn );
 				charray_add( &be->be_suffix, dn );
-				(void) dn_upcase( dn );
+				(void) str2upper( dn );
 				charray_add( &be->be_nsuffix, dn );
 				free( dn );
 			}
@@ -238,7 +240,7 @@ read_config( char *fname )
                                Debug( LDAP_DEBUG_ANY,
 "%s: line %d: depth line must appear inside a database definition (ignored)\n",
                                    fname, lineno, 0 );
-                       } else if ((i = atoi(cargv[i])) < 0) {
+                       } else if ((i = atoi(cargv[1])) < 0) {
                                Debug( LDAP_DEBUG_ANY,
 "%s: line %d: depth must be positive (ignored)\n",
                                    fname, lineno, 0 );
@@ -262,7 +264,16 @@ read_config( char *fname )
 				    fname, lineno, 0 );
 			} else {
 				be->be_root_dn = ch_strdup( cargv[1] );
-				be->be_root_ndn = dn_normalize_case( ch_strdup( cargv[1] ) );
+				be->be_root_ndn = ch_strdup( cargv[1] );
+
+				if( dn_normalize_case( be->be_root_ndn ) == NULL ) {
+					free( be->be_root_dn );
+					free( be->be_root_ndn );
+					Debug( LDAP_DEBUG_ANY,
+"%s: line %d: rootdn DN is invalid\n",
+					   fname, lineno, 0 );
+					return( 1 );
+				}
 			}
 
 		/* set super-secret magic database password */
@@ -463,7 +474,12 @@ read_config( char *fname )
 				    fname, lineno, 0 );
 			} else {
 				be->be_update_ndn = ch_strdup( cargv[1] );
-				(void) dn_normalize_case( be->be_update_ndn );
+				if( dn_normalize_case( be->be_update_ndn ) == NULL ) {
+					Debug( LDAP_DEBUG_ANY,
+"%s: line %d: updatedn DN is invalid\n",
+					    fname, lineno, 0 );
+					return 1;
+				}
 			}
 
 		} else if ( strcasecmp( cargv[0], "updateref" ) == 0 ) {
@@ -629,6 +645,12 @@ read_config( char *fname )
 						      cargv[1] );
 			if ( rc )
 				return rc;
+		} else if ( !strcasecmp( cargv[0], "TLSVerifyClient" ) ) {
+			rc = ldap_pvt_tls_set_option( NULL,
+						      LDAP_OPT_X_TLS_REQUIRE_CERT,
+						      cargv[1] );
+			if ( rc )
+				return rc;
 
 #endif