From 54de37c0e1ecb0d210624267a5f2fad17fadb005 Mon Sep 17 00:00:00 2001 From: Howard Chu Date: Fri, 17 Aug 2012 14:04:48 -0700 Subject: [PATCH] Initial config support for back-meta Currently just a direct replacement of slapd.conf parsing, no dynamic features yet. --- servers/slapd/back-ldap/back-ldap.h | 4 +- servers/slapd/back-ldap/config.c | 32 +- servers/slapd/back-ldap/init.c | 4 +- servers/slapd/back-ldap/proto-ldap.h | 4 +- servers/slapd/back-meta/back-meta.h | 8 - servers/slapd/back-meta/config.c | 1980 +++++++++++++------------- servers/slapd/back-meta/init.c | 5 +- servers/slapd/back-meta/proto-meta.h | 2 + servers/slapd/bconfig.c | 1 + 9 files changed, 1043 insertions(+), 997 deletions(-) diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h index 78c11c3179..62543239c6 100644 --- a/servers/slapd/back-ldap/back-ldap.h +++ b/servers/slapd/back-ldap/back-ldap.h @@ -455,9 +455,9 @@ typedef struct ldap_extra_t { int (*proxy_authz_ctrl)( Operation *op, SlapReply *rs, struct berval *bound_ndn, int version, slap_idassert_t *si, LDAPControl *ctrl ); int (*controls_free)( Operation *op, SlapReply *rs, LDAPControl ***pctrls ); - int (*idassert_authzfrom_parse_cf)( const char *fname, int lineno, const char *arg, slap_idassert_t *si ); + int (*idassert_authzfrom_parse)( struct config_args_s *ca, slap_idassert_t *si ); int (*idassert_passthru_parse_cf)( const char *fname, int lineno, const char *arg, slap_idassert_t *si ); - int (*idassert_parse_cf)( const char *fname, int lineno, int argc, char *argv[], slap_idassert_t *si ); + int (*idassert_parse)( struct config_args_s *ca, slap_idassert_t *si ); void (*retry_info_destroy)( slap_retry_info_t *ri ); int (*retry_info_parse)( char *in, slap_retry_info_t *ri, char *buf, ber_len_t buflen ); int (*retry_info_unparse)( slap_retry_info_t *ri, struct berval *bvout ); diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c index d19be79926..205c68011d 100644 --- a/servers/slapd/back-ldap/config.c +++ b/servers/slapd/back-ldap/config.c @@ -640,7 +640,7 @@ slap_retry_info_destroy( ri->ri_num = NULL; } -static int +int slap_idassert_authzfrom_parse( ConfigArgs *c, slap_idassert_t *si ) { struct berval bv; @@ -759,7 +759,7 @@ slap_idassert_passthru_parse( ConfigArgs *c, slap_idassert_t *si ) return 0; } -static int +int slap_idassert_parse( ConfigArgs *c, slap_idassert_t *si ) { int i; @@ -931,22 +931,6 @@ slap_idassert_parse( ConfigArgs *c, slap_idassert_t *si ) } /* NOTE: temporary, until back-meta is ported to back-config */ -int -slap_idassert_authzfrom_parse_cf( const char *fname, int lineno, const char *arg, slap_idassert_t *si ) -{ - ConfigArgs c = { 0 }; - char *argv[ 3 ]; - - snprintf( c.log, sizeof( c.log ), "%s: line %d", fname, lineno ); - c.argc = 2; - c.argv = argv; - argv[ 0 ] = "idassert-authzFrom"; - argv[ 1 ] = (char *)arg; - argv[ 2 ] = NULL; - - return slap_idassert_authzfrom_parse( &c, si ); -} - int slap_idassert_passthru_parse_cf( const char *fname, int lineno, const char *arg, slap_idassert_t *si ) { @@ -963,18 +947,6 @@ slap_idassert_passthru_parse_cf( const char *fname, int lineno, const char *arg, return slap_idassert_passthru_parse( &c, si ); } -int -slap_idassert_parse_cf( const char *fname, int lineno, int argc, char *argv[], slap_idassert_t *si ) -{ - ConfigArgs c = { 0 }; - - snprintf( c.log, sizeof( c.log ), "%s: line %d", fname, lineno ); - c.argc = argc; - c.argv = argv; - - return slap_idassert_parse( &c, si ); -} - static int ldap_back_cf_gen( ConfigArgs *c ) { diff --git a/servers/slapd/back-ldap/init.c b/servers/slapd/back-ldap/init.c index 6c4e7e86a2..27f858e927 100644 --- a/servers/slapd/back-ldap/init.c +++ b/servers/slapd/back-ldap/init.c @@ -35,9 +35,9 @@ static const ldap_extra_t ldap_extra = { ldap_back_proxy_authz_ctrl, ldap_back_controls_free, - slap_idassert_authzfrom_parse_cf, + slap_idassert_authzfrom_parse, slap_idassert_passthru_parse_cf, - slap_idassert_parse_cf, + slap_idassert_parse, slap_retry_info_destroy, slap_retry_info_parse, slap_retry_info_unparse, diff --git a/servers/slapd/back-ldap/proto-ldap.h b/servers/slapd/back-ldap/proto-ldap.h index 2887c07935..2891b07a56 100644 --- a/servers/slapd/back-ldap/proto-ldap.h +++ b/servers/slapd/back-ldap/proto-ldap.h @@ -101,9 +101,9 @@ extern int slap_retry_info_parse( char *in, slap_retry_info_t *ri, char *buf, ber_len_t buflen ); extern int slap_retry_info_unparse( slap_retry_info_t *ri, struct berval *bvout ); -extern int slap_idassert_authzfrom_parse_cf( const char *fname, int lineno, const char *arg, slap_idassert_t *si ); +extern int slap_idassert_authzfrom_parse( struct config_args_s *ca, slap_idassert_t *si ); extern int slap_idassert_passthru_parse_cf( const char *fname, int lineno, const char *arg, slap_idassert_t *si ); -extern int slap_idassert_parse_cf( const char *fname, int lineno, int argc, char *argv[], slap_idassert_t *si ); +extern int slap_idassert_parse( struct config_args_s *ca, slap_idassert_t *si ); extern int chain_initialize( void ); extern int pbind_initialize( void ); diff --git a/servers/slapd/back-meta/back-meta.h b/servers/slapd/back-meta/back-meta.h index 10895cb553..d5fa450331 100644 --- a/servers/slapd/back-meta/back-meta.h +++ b/servers/slapd/back-meta/back-meta.h @@ -124,14 +124,6 @@ ldap_back_map_attrs( int remap, char ***mapped_attrs ); -extern int ldap_back_map_config( - struct ldapmap *oc_map, - struct ldapmap *at_map, - const char *fname, - int lineno, - int argc, - char **argv ); - extern int ldap_back_filter_map_rewrite( dncookie *dc, diff --git a/servers/slapd/back-meta/config.c b/servers/slapd/back-meta/config.c index 362cd8e3a2..3e4129f2d7 100644 --- a/servers/slapd/back-meta/config.c +++ b/servers/slapd/back-meta/config.c @@ -28,12 +28,424 @@ #include #include "slap.h" +#include "config.h" #include "lutil.h" #include "../back-ldap/back-ldap.h" #include "back-meta.h" +static ConfigDriver meta_back_cf_gen; + +static int ldap_back_map_config( + ConfigArgs *c, + struct ldapmap *oc_map, + struct ldapmap *at_map ); + +enum { + LDAP_BACK_CFG_URI = 1, + LDAP_BACK_CFG_TLS, + LDAP_BACK_CFG_ACL_AUTHCDN, + LDAP_BACK_CFG_ACL_PASSWD, + LDAP_BACK_CFG_IDASSERT_AUTHZFROM, + LDAP_BACK_CFG_IDASSERT_BIND, + LDAP_BACK_CFG_REBIND, + LDAP_BACK_CFG_CHASE, + LDAP_BACK_CFG_T_F, + LDAP_BACK_CFG_TIMEOUT, + LDAP_BACK_CFG_IDLE_TIMEOUT, + LDAP_BACK_CFG_CONN_TTL, + LDAP_BACK_CFG_NETWORK_TIMEOUT, + LDAP_BACK_CFG_VERSION, + LDAP_BACK_CFG_SINGLECONN, + LDAP_BACK_CFG_USETEMP, + LDAP_BACK_CFG_CONNPOOLMAX, + LDAP_BACK_CFG_CANCEL, + LDAP_BACK_CFG_QUARANTINE, + LDAP_BACK_CFG_ST_REQUEST, + LDAP_BACK_CFG_NOREFS, + LDAP_BACK_CFG_NOUNDEFFILTER, + + LDAP_BACK_CFG_REWRITE, + + LDAP_BACK_CFG_SUFFIXM, + LDAP_BACK_CFG_MAP, + LDAP_BACK_CFG_SUBTREE_EX, + LDAP_BACK_CFG_SUBTREE_IN, + LDAP_BACK_CFG_DEFAULT_T, + LDAP_BACK_CFG_DNCACHE_TTL, + LDAP_BACK_CFG_BIND_TIMEOUT, + LDAP_BACK_CFG_ONERR, + LDAP_BACK_CFG_PSEUDOROOT_BIND_DEFER, + LDAP_BACK_CFG_PSEUDOROOTDN, + LDAP_BACK_CFG_PSEUDOROOTPW, + LDAP_BACK_CFG_NRETRIES, + LDAP_BACK_CFG_CLIENT_PR, + + LDAP_BACK_CFG_LAST +}; + +static ConfigTable metacfg[] = { + { "uri", "uri", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_URI, + meta_back_cf_gen, "( OLcfgDbAt:0.14 " + "NAME 'olcDbURI' " + "DESC 'URI (list) for remote DSA' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "tls", "what", 2, 0, 0, + ARG_MAGIC|LDAP_BACK_CFG_TLS, + meta_back_cf_gen, "( OLcfgDbAt:3.1 " + "NAME 'olcDbStartTLS' " + "DESC 'StartTLS' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "acl-authcDN", "DN", 2, 2, 0, + ARG_DN|ARG_MAGIC|LDAP_BACK_CFG_ACL_AUTHCDN, + meta_back_cf_gen, "( OLcfgDbAt:3.2 " + "NAME 'olcDbACLAuthcDn' " + "DESC 'Remote ACL administrative identity' " + "OBSOLETE " + "SYNTAX OMsDN " + "SINGLE-VALUE )", + NULL, NULL }, + /* deprecated, will be removed; aliases "acl-authcDN" */ + { "binddn", "DN", 2, 2, 0, + ARG_DN|ARG_MAGIC|LDAP_BACK_CFG_ACL_AUTHCDN, + meta_back_cf_gen, NULL, NULL, NULL }, + { "acl-passwd", "cred", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_ACL_PASSWD, + meta_back_cf_gen, "( OLcfgDbAt:3.3 " + "NAME 'olcDbACLPasswd' " + "DESC 'Remote ACL administrative identity credentials' " + "OBSOLETE " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + /* deprecated, will be removed; aliases "acl-passwd" */ + { "bindpw", "cred", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_ACL_PASSWD, + meta_back_cf_gen, NULL, NULL, NULL }, + { "idassert-bind", "args", 2, 0, 0, + ARG_MAGIC|LDAP_BACK_CFG_IDASSERT_BIND, + meta_back_cf_gen, "( OLcfgDbAt:3.7 " + "NAME 'olcDbIDAssertBind' " + "DESC 'Remote Identity Assertion administrative identity auth bind configuration' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "idassert-authzFrom", "authzRule", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_IDASSERT_AUTHZFROM, + meta_back_cf_gen, "( OLcfgDbAt:3.9 " + "NAME 'olcDbIDAssertAuthzFrom' " + "DESC 'Remote Identity Assertion authz rules' " + "EQUALITY caseIgnoreMatch " + "SYNTAX OMsDirectoryString " + "X-ORDERED 'VALUES' )", + NULL, NULL }, + { "rebind-as-user", "true|FALSE", 1, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_REBIND, + meta_back_cf_gen, "( OLcfgDbAt:3.10 " + "NAME 'olcDbRebindAsUser' " + "DESC 'Rebind as user' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, + { "chase-referrals", "true|FALSE", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_CHASE, + meta_back_cf_gen, "( OLcfgDbAt:3.11 " + "NAME 'olcDbChaseReferrals' " + "DESC 'Chase referrals' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, + { "t-f-support", "true|FALSE|discover", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_T_F, + meta_back_cf_gen, "( OLcfgDbAt:3.12 " + "NAME 'olcDbTFSupport' " + "DESC 'Absolute filters support' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "timeout", "timeout(list)", 2, 0, 0, + ARG_MAGIC|LDAP_BACK_CFG_TIMEOUT, + meta_back_cf_gen, "( OLcfgDbAt:3.14 " + "NAME 'olcDbTimeout' " + "DESC 'Per-operation timeouts' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "idle-timeout", "timeout", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_IDLE_TIMEOUT, + meta_back_cf_gen, "( OLcfgDbAt:3.15 " + "NAME 'olcDbIdleTimeout' " + "DESC 'connection idle timeout' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "conn-ttl", "ttl", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_CONN_TTL, + meta_back_cf_gen, "( OLcfgDbAt:3.16 " + "NAME 'olcDbConnTtl' " + "DESC 'connection ttl' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "network-timeout", "timeout", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_NETWORK_TIMEOUT, + meta_back_cf_gen, "( OLcfgDbAt:3.17 " + "NAME 'olcDbNetworkTimeout' " + "DESC 'connection network timeout' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "protocol-version", "version", 2, 2, 0, + ARG_MAGIC|ARG_INT|LDAP_BACK_CFG_VERSION, + meta_back_cf_gen, "( OLcfgDbAt:3.18 " + "NAME 'olcDbProtocolVersion' " + "DESC 'protocol version' " + "SYNTAX OMsInteger " + "SINGLE-VALUE )", + NULL, NULL }, + { "single-conn", "true|FALSE", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_SINGLECONN, + meta_back_cf_gen, "( OLcfgDbAt:3.19 " + "NAME 'olcDbSingleConn' " + "DESC 'cache a single connection per identity' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, + { "cancel", "ABANDON|ignore|exop", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_CANCEL, + meta_back_cf_gen, "( OLcfgDbAt:3.20 " + "NAME 'olcDbCancel' " + "DESC 'abandon/ignore/exop operations when appropriate' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "quarantine", "retrylist", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_QUARANTINE, + meta_back_cf_gen, "( OLcfgDbAt:3.21 " + "NAME 'olcDbQuarantine' " + "DESC 'Quarantine database if connection fails and retry according to rule' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "use-temporary-conn", "true|FALSE", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_USETEMP, + meta_back_cf_gen, "( OLcfgDbAt:3.22 " + "NAME 'olcDbUseTemporaryConn' " + "DESC 'Use temporary connections if the cached one is busy' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, + { "conn-pool-max", "", 2, 2, 0, + ARG_MAGIC|ARG_INT|LDAP_BACK_CFG_CONNPOOLMAX, + meta_back_cf_gen, "( OLcfgDbAt:3.23 " + "NAME 'olcDbConnectionPoolMax' " + "DESC 'Max size of privileged connections pool' " + "SYNTAX OMsInteger " + "SINGLE-VALUE )", + NULL, NULL }, +#ifdef SLAP_CONTROL_X_SESSION_TRACKING + { "session-tracking-request", "true|FALSE", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_ST_REQUEST, + meta_back_cf_gen, "( OLcfgDbAt:3.24 " + "NAME 'olcDbSessionTrackingRequest' " + "DESC 'Add session tracking control to proxied requests' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, +#endif /* SLAP_CONTROL_X_SESSION_TRACKING */ + { "norefs", "true|FALSE", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_NOREFS, + meta_back_cf_gen, "( OLcfgDbAt:3.25 " + "NAME 'olcDbNoRefs' " + "DESC 'Do not return search reference responses' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, + { "noundeffilter", "true|FALSE", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_NOUNDEFFILTER, + meta_back_cf_gen, "( OLcfgDbAt:3.26 " + "NAME 'olcDbNoUndefFilter' " + "DESC 'Do not propagate undefined search filters' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, + + { "rewrite", "arglist", 2, 4, STRLENOF( "rewrite" ), + ARG_STRING|ARG_MAGIC|LDAP_BACK_CFG_REWRITE, + meta_back_cf_gen, "( OLcfgDbAt:3.100 " + "NAME 'olcDbRewrite' " + "DESC 'DN rewriting rules' " + "SYNTAX OMsDirectoryString )", + NULL, NULL }, + { "suffixmassage", "virtual> [*|] *|]", 1, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_DEFAULT_T, + meta_back_cf_gen, "( OLcfgDbAt:3.105 " + "NAME 'olcDbDefaultTarget' " + "DESC 'Specify the default target' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "dncache-ttl", "ttl", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_DNCACHE_TTL, + meta_back_cf_gen, "( OLcfgDbAt:3.106 " + "NAME 'olcDbDnCacheTtl' " + "DESC 'dncache ttl' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "bind-timeout", "microseconds", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_BIND_TIMEOUT, + meta_back_cf_gen, "( OLcfgDbAt:3.107 " + "NAME 'olcDbBindTimeout' " + "DESC 'bind timeout' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "onerr", "CONTINUE|report|stop", 2, 2, 0, + ARG_MAGIC|LDAP_BACK_CFG_ONERR, + meta_back_cf_gen, "( OLcfgDbAt:3.108 " + "NAME 'olcDbOnErr' " + "DESC 'error handling' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "pseudoroot-bind-defer", "TRUE|false", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_PSEUDOROOT_BIND_DEFER, + meta_back_cf_gen, "( OLcfgDbAt:3.109 " + "NAME 'olcDbPseudoRootBindDefer' " + "DESC 'error handling' " + "SYNTAX OMsBoolean " + "SINGLE-VALUE )", + NULL, NULL }, + { "root-bind-defer", "TRUE|false", 2, 2, 0, + ARG_MAGIC|ARG_ON_OFF|LDAP_BACK_CFG_PSEUDOROOT_BIND_DEFER, + meta_back_cf_gen, NULL, NULL, NULL }, + { "pseudorootdn", "dn", 2, 2, 0, + ARG_MAGIC|ARG_DN|LDAP_BACK_CFG_PSEUDOROOTDN, + meta_back_cf_gen, NULL, NULL, NULL }, + { "pseudorootpw", "password", 2, 2, 0, + ARG_MAGIC|ARG_STRING|LDAP_BACK_CFG_PSEUDOROOTDN, + meta_back_cf_gen, NULL, NULL, NULL }, + { "nretries", "NEVER|forever|", 2, 2, 0, + ARG_MAGIC|ARG_STRING|LDAP_BACK_CFG_NRETRIES, + meta_back_cf_gen, "( OLcfgDbAt:3.110 " + "NAME 'olcDbNretries' " + "DESC 'retry handling' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + { "client-pr", "accept-unsolicited|disable|", 2, 2, 0, + ARG_MAGIC|ARG_STRING|LDAP_BACK_CFG_CLIENT_PR, + meta_back_cf_gen, "( OLcfgDbAt:3.111 " + "NAME 'olcDbClientPr' " + "DESC 'PagedResults handling' " + "SYNTAX OMsDirectoryString " + "SINGLE-VALUE )", + NULL, NULL }, + + { NULL, NULL, 0, 0, 0, ARG_IGNORED, + NULL, NULL, NULL, NULL } +}; + +#ifdef SLAP_CONTROL_X_SESSION_TRACKING +#define ST_ATTR "$ olcDbSessionTrackingRequest " +#else +#define ST_ATTR "" +#endif /* SLAP_CONTROL_X_SESSION_TRACKING */ + +#define TARGET_ATTRS \ + "$ olcDbCancel " \ + "$ olcDbChaseReferrals " \ + "$ olcDbClientPr " \ + "$ olcDbDefaultTarget " \ + "$ olcDbIdleTimeout " \ + "$ olcDbNetworkTimeout " \ + "$ olcDbNoRefs " \ + "$ olcDbNoUndefFilter " \ + "$ olcDbNretries " \ + "$ olcDbProtocolVersion " \ + ST_ATTR \ + "$ olcDbTFSupport " + +static ConfigOCs metaocs[] = { + { "( OLcfgDbOc:3.2 " + "NAME 'olcMetaConfig' " + "DESC 'Meta backend configuration' " + "SUP olcDatabaseConfig " + "MAY ( olcDbConnTtl " + "$ olcDbDnCacheTtl " + "$ olcDbOnErr " + "$ olcDbPseudoRootBindDefer " + "$ olcDbQuarantine " + "$ olcDbRebindAsUser " + "$ olcDbSingleConn " + "$ olcDbUseTemporaryConn " + "$ olcDbConnectionPoolMax " + + /* defaults, may be overridden per-target */ + TARGET_ATTRS + ") )", + Cft_Database, metacfg}, + { "( OLcfgDbOc:3.3 " + "NAME 'olcMetaTarget' " + "DESC 'Meta target configuration' " + "MUST olcDbURI " + "MAY ( olcDbACLAuthcDn " + "$ olcDbACLPasswd " + "$ olcDbBindTimeout " + "$ olcDbIDAssertAuthzFrom " + "$ olcDbIDAssertBind " + "$ olcDbMap " + "$ olcDbRewrite " + "$ olcDbSubtreeExclude " + "$ olcDbSubtreeInclude " + "$ olcDbSuffixMassage " + "$ olcDbTimeout " + "$ olcDbStartTLS " + + /* defaults may be inherited */ + TARGET_ATTRS + ") )", + Cft_Misc, metacfg, NULL /* meta_ldadd */}, + { NULL, 0, NULL } +}; + static int -meta_back_new_target( +meta_back_new_target( metatarget_t **mtp ) { char *rargv[ 3 ]; @@ -78,20 +490,6 @@ meta_back_new_target( return 0; } -static int -check_true_false( char *str ) -{ - if ( strcasecmp( str, "true" ) == 0 || strcasecmp( str, "yes" ) == 0 ) { - return 1; - } - - if ( strcasecmp( str, "false" ) == 0 || strcasecmp( str, "no" ) == 0 ) { - return 0; - } - - return -1; -} - int meta_subtree_destroy( metasubtree_t *ms ) { @@ -122,20 +520,16 @@ meta_subtree_destroy( metasubtree_t *ms ) static int meta_subtree_config( metatarget_t *mt, - int argc, - char **argv, - char *buf, - ber_len_t buflen, - char *log_prefix ) + ConfigArgs *c ) { meta_st_t type = META_ST_SUBTREE; char *pattern; struct berval ndn = BER_BVNULL; metasubtree_t *ms = NULL; - if ( strcasecmp( argv[0], "subtree-exclude" ) == 0 ) { + if ( c->type == LDAP_BACK_CFG_SUBTREE_EX ) { if ( mt->mt_subtree && !mt->mt_subtree_exclude ) { - snprintf( buf, buflen, + snprintf( c->cr_msg, sizeof(c->cr_msg), "\"subtree-exclude\" incompatible with previous \"subtree-include\" directives" ); return 1; } @@ -144,26 +538,13 @@ meta_subtree_config( } else { if ( mt->mt_subtree && mt->mt_subtree_exclude ) { - snprintf( buf, buflen, + snprintf( c->cr_msg, sizeof(c->cr_msg), "\"subtree-include\" incompatible with previous \"subtree-exclude\" directives" ); return 1; } } - switch ( argc ) { - case 1: - snprintf( buf, buflen, "missing pattern" ); - return 1; - - case 2: - break; - - default: - snprintf( buf, buflen, "too many args" ); - return 1; - } - - pattern = argv[1]; + pattern = c->argv[1]; if ( strncasecmp( pattern, "dn", STRLENOF( "dn" ) ) == 0 ) { char *style; @@ -189,13 +570,13 @@ meta_subtree_config( pattern = &style[STRLENOF( "regex" )]; } else { - snprintf( buf, buflen, "unknown style in \"dn.