From 66b581643f7fd7f2d4f9f85f3e118ffb054b1d7d Mon Sep 17 00:00:00 2001 From: Pierangelo Masarati Date: Sat, 12 Apr 2008 11:33:48 +0000 Subject: [PATCH] make pseudoroot-bind-defer TRUE by default (part of ITS#5440 fix) --- doc/man/man5/slapd-meta.5 | 3 ++- servers/slapd/back-meta/config.c | 4 ++-- servers/slapd/back-meta/init.c | 4 ++++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/doc/man/man5/slapd-meta.5 b/doc/man/man5/slapd-meta.5 index ff3f897f87..59488c2be5 100644 --- a/doc/man/man5/slapd-meta.5 +++ b/doc/man/man5/slapd-meta.5 @@ -139,11 +139,12 @@ If set before any target specification, it affects all targets, unless overridden by any per-target directive. .TP -.B pseudoroot-bind-defer {NO|yes} +.B pseudoroot-bind-defer {YES|no} This directive, when set to .BR yes , causes the authentication to the remote servers with the pseudo-root identity to be deferred until actually needed by subsequent operations. +Otherwise, all binds as the rootdn are propagated to the targets. .TP .B quarantine ,[;,[...]] diff --git a/servers/slapd/back-meta/config.c b/servers/slapd/back-meta/config.c index d1999cb22a..c655538fdf 100644 --- a/servers/slapd/back-meta/config.c +++ b/servers/slapd/back-meta/config.c @@ -802,7 +802,7 @@ meta_back_db_config( { if ( argc != 2 ) { Debug( LDAP_DEBUG_ANY, - "%s: line %d: \"[pseudo]root-bind-defer {FALSE|true}\" takes 1 argument\n", + "%s: line %d: \"[pseudo]root-bind-defer {TRUE|false}\" takes 1 argument\n", fname, lineno, 0 ); return( 1 ); } @@ -818,7 +818,7 @@ meta_back_db_config( default: Debug( LDAP_DEBUG_ANY, - "%s: line %d: \"[pseudo]root-bind-defer {FALSE|true}\": invalid arg \"%s\".\n", + "%s: line %d: \"[pseudo]root-bind-defer {TRUE|false}\": invalid arg \"%s\".\n", fname, lineno, argv[ 1 ] ); return 1; } diff --git a/servers/slapd/back-meta/init.c b/servers/slapd/back-meta/init.c index 0c77c4c209..cd98c4738d 100644 --- a/servers/slapd/back-meta/init.c +++ b/servers/slapd/back-meta/init.c @@ -99,6 +99,10 @@ meta_back_db_init( return -1; } + /* set default flags */ + mi->mi_flags = + META_BACK_F_DEFER_ROOTDN_BIND; + /* * At present the default is no default target; * this may change -- 2.39.5