X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fmain.c;h=fa008ee2cff64d22bd77aa1d9b08ab38746e3e14;hb=7fe91339dfd08d6c4168c8493f5c1f0faca6ba54;hp=119e24a9554d70cc8f1514a6e2fb5bd7b4804c8f;hpb=581c1ff6c74f5eb281b5e0052b2a5ca84a7679bd;p=openldap diff --git a/servers/slapd/main.c b/servers/slapd/main.c index 119e24a955..fa008ee2cf 100644 --- a/servers/slapd/main.c +++ b/servers/slapd/main.c @@ -1,7 +1,7 @@ /* $OpenLDAP$ */ /* This work is part of OpenLDAP Software . * - * Copyright 1998-2006 The OpenLDAP Foundation. + * Copyright 1998-2009 The OpenLDAP Foundation. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -98,24 +98,23 @@ const char Versionstr[] = OPENLDAP_PACKAGE " " OPENLDAP_VERSION " Standalone LDAP Server (slapd)"; #endif -#define CHECK_NONE 0x00 -#define CHECK_CONFIG 0x01 +#define CHECK_NONE 0x00 +#define CHECK_CONFIG 0x01 +#define CHECK_LOGLEVEL 0x02 static int check = CHECK_NONE; static int version = 0; void *slap_tls_ctx; - -#ifdef LOG_LOCAL4 -#define DEFAULT_SYSLOG_USER LOG_LOCAL4 -#endif /* LOG_LOCAL4 */ +LDAP *slap_tls_ld; static int slapd_opt_slp( const char *val, void *arg ) { #ifdef HAVE_SLP /* NULL is default */ - if ( val == NULL || strcasecmp( val, "on" ) == 0 ) { + if ( val == NULL || *val == '(' || strcasecmp( val, "on" ) == 0 ) { slapd_register_slp = 1; + slapd_slp_attrs = (val != NULL && *val == '(') ? val : NULL; } else if ( strcasecmp( val, "off" ) == 0 ) { slapd_register_slp = 0; @@ -154,12 +153,13 @@ struct option_helper { void *oh_arg; const char *oh_usage; } option_helpers[] = { - { BER_BVC("slp"), slapd_opt_slp, NULL, "slp[={on|off}] enable/disable SLP" }, + { BER_BVC("slp"), slapd_opt_slp, NULL, "slp[={on|off|(attrs)}] enable/disable SLP using (attrs)" }, { BER_BVNULL, 0, NULL, NULL } }; +#if defined(LDAP_DEBUG) && defined(LDAP_SYSLOG) #ifdef LOG_LOCAL4 -static int +int parse_syslog_user( const char *arg, int *syslogUser ) { static slap_verbmasks syslogUsers[] = { @@ -179,12 +179,12 @@ parse_syslog_user( const char *arg, int *syslogUser ) #endif /* LOG_DAEMON */ { BER_BVNULL, 0 } }; - int i = verb_to_mask( optarg, syslogUsers ); + int i = verb_to_mask( arg, syslogUsers ); if ( BER_BVISNULL( &syslogUsers[ i ].word ) ) { Debug( LDAP_DEBUG_ANY, "unrecognized syslog user \"%s\".\n", - optarg, 0, 0 ); + arg, 0, 0 ); return 1; } @@ -194,7 +194,7 @@ parse_syslog_user( const char *arg, int *syslogUser ) } #endif /* LOG_LOCAL4 */ -static int +int parse_syslog_level( const char *arg, int *levelp ) { static slap_verbmasks str2syslog_level[] = { @@ -220,6 +220,7 @@ parse_syslog_level( const char *arg, int *levelp ) return 0; } +#endif /* LDAP_DEBUG && LDAP_SYSLOG */ int parse_debug_unknowns( char **unknowns, int *levelp ) @@ -304,7 +305,7 @@ usage( char *name ) "\t-g group\tGroup (id or name) to run as\n" #endif "\t-h URLs\t\tList of URLs to serve\n" -#ifdef LOG_LOCAL4 +#ifdef SLAP_DEFAULT_SYSLOG_USER "\t-l facility\tSyslog facility (default: LOCAL4)\n" #endif "\t-n serverName\tService name\n" @@ -347,8 +348,8 @@ int main( int argc, char **argv ) #if defined(HAVE_CHROOT) char *sandbox = NULL; #endif -#ifdef LOG_LOCAL4 - int syslogUser = DEFAULT_SYSLOG_USER; +#ifdef SLAP_DEFAULT_SYSLOG_USER + int syslogUser = SLAP_DEFAULT_SYSLOG_USER; #endif int g_argc = argc; @@ -369,6 +370,7 @@ int main( int argc, char **argv ) size_t l; int slapd_pid_file_unlink = 0, slapd_args_file_unlink = 0; + int firstopt = 1; #ifdef CSRIMALLOC FILE *leakfile; @@ -394,7 +396,7 @@ int main( int argc, char **argv ) #ifdef HAVE_NT_SERVICE_MANAGER { - int *i; + int *ip; char *newConfigFile; char *newConfigDir; char *newUrls; @@ -406,9 +408,9 @@ int main( int argc, char **argv ) regService = serverName; } - i = (int*)lutil_getRegParam( regService, "DebugLevel" ); - if ( i != NULL ) { - slap_debug = *i; + ip = (int*)lutil_getRegParam( regService, "DebugLevel" ); + if ( ip != NULL ) { + slap_debug = *ip; Debug( LDAP_DEBUG_ANY, "new debug level from registry is: %d\n", slap_debug, 0, 0 ); } @@ -439,18 +441,18 @@ int main( int argc, char **argv ) while ( (i = getopt( argc, argv, "c:d:f:F:h:n:o:s:tT:V" -#if LDAP_PF_INET6 +#ifdef LDAP_PF_INET6 "46" #endif #ifdef HAVE_CHROOT "r:" #endif -#ifdef LDAP_SYSLOG +#if defined(LDAP_DEBUG) && defined(LDAP_SYSLOG) "S:" -#endif #ifdef LOG_LOCAL4 "l:" #endif +#endif #if defined(HAVE_SETUID) && defined(HAVE_SETGID) "u:g:" #endif @@ -501,6 +503,11 @@ int main( int argc, char **argv ) case 'd': { /* set debug level and 'do not detach' flag */ int level = 0; + if ( strcmp( optarg, "?" ) == 0 ) { + check |= CHECK_LOGLEVEL; + break; + } + no_detach = 1; if ( parse_debug_level( optarg, &level, &debug_unknowns ) ) { goto destroy; @@ -525,7 +532,6 @@ int main( int argc, char **argv ) case 'o': { char *val = strchr( optarg, '=' ); struct berval opt; - int i; opt.bv_val = optarg; @@ -557,6 +563,11 @@ int main( int argc, char **argv ) } case 's': /* set syslog level */ + if ( strcmp( optarg, "?" ) == 0 ) { + check |= CHECK_LOGLEVEL; + break; + } + if ( parse_debug_level( optarg, &ldap_syslog, &syslog_unknowns ) ) { goto destroy; } @@ -568,7 +579,6 @@ int main( int argc, char **argv ) goto destroy; } break; -#endif /* LDAP_DEBUG && LDAP_SYSLOG */ #ifdef LOG_LOCAL4 case 'l': /* set syslog local user */ @@ -577,6 +587,7 @@ int main( int argc, char **argv ) } break; #endif +#endif /* LDAP_DEBUG && LDAP_SYSLOG */ #ifdef HAVE_CHROOT case 'r': @@ -613,6 +624,12 @@ int main( int argc, char **argv ) break; case 'T': + if ( firstopt == 0 ) { + fprintf( stderr, "warning: \"-T %s\" " + "should be the first option.\n", + optarg ); + } + /* try full option string first */ for ( i = 0; tools[i].name; i++ ) { if ( strcmp( optarg, &tools[i].name[4] ) == 0 ) { @@ -643,6 +660,10 @@ unhandled_option:; SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 15 ); goto stop; } + + if ( firstopt ) { + firstopt = 0; + } } ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &slap_debug); @@ -654,6 +675,7 @@ unhandled_option:; if ( version > 1 ) goto stop; } +#if defined(LDAP_DEBUG) && defined(LDAP_SYSLOG) { char *logName; #ifdef HAVE_EBCDIC @@ -665,16 +687,19 @@ unhandled_option:; #ifdef LOG_LOCAL4 openlog( logName, OPENLOG_OPTIONS, syslogUser ); -#elif LOG_DEBUG +#elif defined LOG_DEBUG openlog( logName, OPENLOG_OPTIONS ); #endif #ifdef HAVE_EBCDIC free( logName ); #endif } +#endif /* LDAP_DEBUG && LDAP_SYSLOG */ Debug( LDAP_DEBUG_ANY, "%s", Versionstr, 0, 0 ); + global_host = ldap_pvt_get_fqdn( NULL ); + if( check == CHECK_NONE && slapd_daemon_init( urls ) != 0 ) { rc = 1; SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 16 ); @@ -704,7 +729,21 @@ unhandled_option:; extops_init(); lutil_passwd_init(); - slap_op_init(); + +#ifdef HAVE_TLS + rc = ldap_create( &slap_tls_ld ); + if ( rc ) { + SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 20 ); + goto destroy; + } + /* Library defaults to full certificate checking. This is correct when + * a client is verifying a server because all servers should have a + * valid cert. But few clients have valid certs, so we want our default + * to be no checking. The config file can override this as usual. + */ + rc = LDAP_OPT_X_TLS_NEVER; + (void) ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc ); +#endif rc = slap_init( serverMode, serverName ); if ( rc ) { @@ -736,6 +775,11 @@ unhandled_option:; syslog_unknowns = NULL; if ( rc ) goto destroy; + } + + if ( check & CHECK_LOGLEVEL ) { + rc = 0; + goto destroy; } if ( check & CHECK_CONFIG ) { @@ -748,7 +792,7 @@ unhandled_option:; } } - if ( glue_sub_attach( ) != 0 ) { + if ( glue_sub_attach( 0 ) != 0 ) { Debug( LDAP_DEBUG_ANY, "subordinate config error\n", 0, 0, 0 ); @@ -776,19 +820,13 @@ unhandled_option:; } { - void *def_ctx = NULL; - - /* Save existing default ctx, if any */ - ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &def_ctx ); + int opt = 1; /* Force new ctx to be created */ - ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, NULL ); - - rc = ldap_pvt_tls_init_def_ctx( 1 ); + rc = ldap_pvt_tls_set_option( slap_tls_ld, LDAP_OPT_X_TLS_NEWCTX, &opt ); if( rc == 0 ) { - ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx ); - /* Restore previous ctx */ - ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_CTX, def_ctx ); + /* The ctx's refcount is bumped up here */ + ldap_pvt_tls_get_option( slap_tls_ld, LDAP_OPT_X_TLS_CTX, &slap_tls_ctx ); load_extop( &slap_EXOP_START_TLS, 0, starttls_extop ); } else if ( rc != LDAP_NOT_SUPPORTED ) { Debug( LDAP_DEBUG_ANY, @@ -801,6 +839,12 @@ unhandled_option:; } #endif +#ifdef HAVE_CYRUS_SASL + if( sasl_host == NULL ) { + sasl_host = ch_strdup( global_host ); + } +#endif + (void) SIGNAL( LDAP_SIGUSR1, slap_sig_wake ); (void) SIGNAL( LDAP_SIGUSR2, slap_sig_shutdown ); @@ -885,6 +929,8 @@ unhandled_option:; */ time( &starttime ); + connections_init(); + if ( slap_startup( NULL ) != 0 ) { rc = 1; SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 21 ); @@ -912,6 +958,9 @@ shutdown: rc |= slap_shutdown( NULL ); destroy: + if ( check & CHECK_LOGLEVEL ) { + (void)loglevel_print( stdout ); + } /* remember an error during destroy */ rc |= slap_destroy(); @@ -925,8 +974,6 @@ destroy: module_kill(); #endif - slap_op_destroy(); - extops_kill(); supported_feature_destroy(); @@ -952,14 +999,22 @@ stop: controls_destroy(); + filter_destroy(); + schema_destroy(); lutil_passwd_destroy(); #ifdef HAVE_TLS + if ( slap_tls_ld ) { + ldap_pvt_tls_ctx_free( slap_tls_ctx ); + ldap_unbind_ext( slap_tls_ld, NULL, NULL ); + } ldap_pvt_tls_destroy(); #endif + slap_sasl_regexp_destroy(); + if ( slapd_pid_file_unlink ) { unlink( slapd_pid_file ); } @@ -975,6 +1030,11 @@ stop: ch_free( configdir ); if ( urls ) ch_free( urls ); + if ( global_host ) + ch_free( global_host ); + + /* kludge, get symbols referenced */ + tavl_free( NULL, NULL ); #ifdef CSRIMALLOC mal_dumpleaktrace( leakfile );