From 695508813ddd00b2bb584d438556d7165b9a7103 Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Tue, 29 Dec 1998 21:45:08 +0000
Subject: [PATCH] Fix --disable-crypt and --disable-cleartext mutex declaration
 should be moved from slapd/main.c to slapd/init.c so we don't have ripple
 changes through slapd/tools.

---
 clients/tools/ldappasswd.c             |  8 ++++++++
 libraries/liblutil/passwd.c            | 15 +++++++++------
 servers/slapd/back-ldbm/bind.c         |  6 ++++--
 servers/slapd/back-ldbm/init.c         |  7 -------
 servers/slapd/backend.c                | 14 +++++++++++++-
 servers/slapd/init.c                   |  3 +++
 servers/slapd/main.c                   |  3 +++
 servers/slapd/proto-slap.h             |  3 +++
 servers/slapd/tools/ldbmtest.c         |  3 +++
 servers/slapd/tools/ldif2id2children.c |  3 +++
 servers/slapd/tools/ldif2id2entry.c    |  3 +++
 servers/slapd/tools/ldif2index.c       |  3 +++
 servers/slapd/tools/ldif2ldbm.c        |  3 +++
 13 files changed, 58 insertions(+), 16 deletions(-)

diff --git a/clients/tools/ldappasswd.c b/clients/tools/ldappasswd.c
index 54b5bc4bf5..26a621c988 100644
--- a/clients/tools/ldappasswd.c
+++ b/clients/tools/ldappasswd.c
@@ -155,12 +155,15 @@ gen_pass (unsigned int len)
 	return ((char *)salt.salt);
 }
 
+#ifdef SLAPD_CLEARTEXT
 char *
 hash_none (const char *pw_in, Salt * salt)
 {
 	return (STRDUP (pw_in));
 }
+#endif
 
+#ifdef SLAPD_CRYPT
 char *
 hash_crypt (const char *pw_in, Salt * salt)
 {
@@ -189,6 +192,7 @@ hash_crypt (const char *pw_in, Salt * salt)
 	}
 	return (STRDUP (crypted_pw));
 }
+#endif
 
 char *
 hash_md5 (const char *pw_in, Salt * salt)
@@ -222,8 +226,12 @@ hash_sha1 (const char *pw_in, Salt * salt)
 
 static Hash hashes[] =
 {
+#ifdef SLAPD_CLEARTEXT
 	{"none",  4, hash_none,  0, HASHTYPE_NONE,  HASHTYPE_NONE,  0},
+#endif
+#ifdef SLAPD_CRYPT
 	{"crypt", 5, hash_crypt, 1, HASHTYPE_CRYPT, HASHTYPE_CRYPT, 2},
+#endif
 	{"md5",   3, hash_md5,   0, HASHTYPE_MD5,   HASHTYPE_SMD5,  0},
 	{"smd5",  4, hash_md5,   1, HASHTYPE_SMD5,  HASHTYPE_SMD5,  4},
 	{"sha",   3, hash_sha1,  0, HASHTYPE_SHA1,  HASHTYPE_SSHA1, 0},
diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c
index 7a74aa9989..ff698f944a 100644
--- a/libraries/liblutil/passwd.c
+++ b/libraries/liblutil/passwd.c
@@ -31,12 +31,7 @@ lutil_passwd(
 		return -1;
 	}
 
-	if (strncasecmp(passwd, "{CRYPT}", sizeof("{CRYPT}") - 1) == 0 ) {
-		const char *p = passwd + (sizeof("{CRYPT}") - 1);
-
-		return( strcmp(p, crypt(cred, p)) );
-
-	} else if (strncasecmp(passwd, "{MD5}", sizeof("{MD5}") - 1) == 0 ) {
+	if (strncasecmp(passwd, "{MD5}", sizeof("{MD5}") - 1) == 0 ) {
 		lutil_MD5_CTX MD5context;
 		unsigned char MD5digest[16];
 		char base64digest[25];  /* ceiling(sizeof(input)/3) * 4 + 1 */
@@ -74,6 +69,14 @@ lutil_passwd(
 		}
 
 		return( strcmp(p, base64digest) );
+
+#ifdef SLAPD_CRYPT
+	} else if (strncasecmp(passwd, "{CRYPT}", sizeof("{CRYPT}") - 1) == 0 ) {
+		const char *p = passwd + (sizeof("{CRYPT}") - 1);
+
+		return( strcmp(p, crypt(cred, p)) );
+
+#endif
 	}
 
 #ifdef SLAPD_CLEARTEXT
diff --git a/servers/slapd/back-ldbm/bind.c b/servers/slapd/back-ldbm/bind.c
index 144650686b..23bb40491a 100644
--- a/servers/slapd/back-ldbm/bind.c
+++ b/servers/slapd/back-ldbm/bind.c
@@ -19,8 +19,6 @@
 extern int	krbv4_ldap_auth();
 #endif
 
-pthread_mutex_t crypt_mutex;
-
 static int
 crypted_value_find(
 	struct berval       **vals,
@@ -35,13 +33,17 @@ crypted_value_find(
 		if ( syntax != SYNTAX_BIN ) {
 			int result;
 
+#ifdef SLAPD_CRYPT
 			pthread_mutex_lock( &crypt_mutex );
+#endif
 
 			result = lutil_passwd(
 				(char*) cred->bv_val,
 				(char*) vals[i]->bv_val);
 
+#ifdef SLAPD_CRYPT
 			pthread_mutex_unlock( &crypt_mutex );
+#endif
 
 			return result;
 
diff --git a/servers/slapd/back-ldbm/init.c b/servers/slapd/back-ldbm/init.c
index 6580fa5331..36ebbc963c 100644
--- a/servers/slapd/back-ldbm/init.c
+++ b/servers/slapd/back-ldbm/init.c
@@ -19,10 +19,6 @@ ldbm_back_init(
 	char		*argv[ 4 ];
 	int		i;
 
-#ifdef SLAPD_CRYPT
-	extern pthread_mutex_t crypt_mutex;
-#endif /* SLAPD_CRYPT */
-
 	/* allocate backend-specific stuff */
 	li = (struct ldbminfo *) ch_calloc( 1, sizeof(struct ldbminfo) );
 
@@ -70,9 +66,6 @@ ldbm_back_init(
 	pthread_mutex_init( &li->li_cache.c_mutex, pthread_mutexattr_default );
 	pthread_mutex_init( &li->li_nextid_mutex, pthread_mutexattr_default );
 	pthread_mutex_init( &li->li_dbcache_mutex, pthread_mutexattr_default );
-#ifdef SLAPD_CRYPT
-	pthread_mutex_init( &crypt_mutex, pthread_mutexattr_default );
-#endif /* SLAPD_CRYPT */
 	pthread_cond_init( &li->li_dbcache_cv, pthread_condattr_default );
 	for ( i = 0; i < MAXDBCACHE; i++ ) {
 		pthread_mutex_init( &li->li_dbcache[i].dbc_mutex,
diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c
index 2593616328..c3b5d33283 100644
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -210,11 +210,23 @@ be_isroot( Backend *be, char *dn )
 int
 be_isroot_pw( Backend *be, char *dn, struct berval *cred )
 {
+	int result;
+
 	if ( ! be_isroot( be, dn ) ) {
 		return( 0 );
 	}
 
-	return( lutil_passwd( cred->bv_val, be->be_rootpw ) == 0 );
+#ifdef SLAPD_CRYPT
+	pthread_mutex_lock( &crypt_mutex );
+#endif
+
+	result = lutil_passwd( cred->bv_val, be->be_rootpw );
+
+#ifdef SLAPD_CRYPT
+	pthread_mutex_unlock( &crypt_mutex );
+#endif
+
+	return result == 0;
 }
 
 void
diff --git a/servers/slapd/init.c b/servers/slapd/init.c
index 05c965f078..e93479432c 100644
--- a/servers/slapd/init.c
+++ b/servers/slapd/init.c
@@ -21,4 +21,7 @@ init( void )
 	pthread_mutex_init( &replog_mutex, pthread_mutexattr_default );
 	pthread_mutex_init( &ops_mutex, pthread_mutexattr_default );
 	pthread_mutex_init( &num_sent_mutex, pthread_mutexattr_default );
+#ifdef SLAPD_CRYPT
+	pthread_mutex_init( &crypt_mutex, pthread_mutexattr_default );
+#endif
 }
diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index 57ecbe44f2..8f5df3bd7b 100644
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -40,6 +40,9 @@ pthread_mutex_t	currenttime_mutex;
 int		active_threads;
 pthread_mutex_t	active_threads_mutex;
 pthread_mutex_t	new_conn_mutex;
+#ifdef SLAPD_CRYPT
+pthread_mutex_t crypt_mutex;
+#endif
 long		ops_initiated;
 long		ops_completed;
 int		num_conns;
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index 2d26a5cb4e..f213ac202e 100644
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -248,6 +248,9 @@ extern pthread_mutex_t	new_conn_mutex;
 extern pthread_mutex_t	num_sent_mutex;
 extern pthread_mutex_t	ops_mutex;
 extern pthread_mutex_t	replog_mutex;
+#ifdef SLAPD_CRYPT
+extern pthread_mutex_t	crypt_mutex;
+#endif
 extern pthread_t	listener_tid;
 extern struct acl	*global_acl;
 extern struct objclass	*global_oc;
diff --git a/servers/slapd/tools/ldbmtest.c b/servers/slapd/tools/ldbmtest.c
index ddda1aae12..0868b97d0c 100644
--- a/servers/slapd/tools/ldbmtest.c
+++ b/servers/slapd/tools/ldbmtest.c
@@ -52,6 +52,9 @@ pthread_mutex_t	currenttime_mutex;
 pthread_mutex_t	replog_mutex;
 pthread_mutex_t	ops_mutex;
 pthread_mutex_t	regex_mutex;
+#ifdef SLAPD_CRYPT
+pthread_mutex_t	crypt_mutex;
+#endif
 
 int
 main( int argc, char **argv )
diff --git a/servers/slapd/tools/ldif2id2children.c b/servers/slapd/tools/ldif2id2children.c
index ded23471aa..f662a0e4c4 100644
--- a/servers/slapd/tools/ldif2id2children.c
+++ b/servers/slapd/tools/ldif2id2children.c
@@ -34,6 +34,9 @@ pthread_mutex_t	currenttime_mutex;
 pthread_mutex_t	replog_mutex;
 pthread_mutex_t	ops_mutex;
 pthread_mutex_t	regex_mutex;
+#ifdef SLAPD_CRYPT
+pthread_mutex_t	crypt_mutex;
+#endif
 
 static char	*tailorfile;
 static char	*inputfile;
diff --git a/servers/slapd/tools/ldif2id2entry.c b/servers/slapd/tools/ldif2id2entry.c
index 4f923656ae..391988207f 100644
--- a/servers/slapd/tools/ldif2id2entry.c
+++ b/servers/slapd/tools/ldif2id2entry.c
@@ -31,6 +31,9 @@ pthread_mutex_t	currenttime_mutex;
 pthread_mutex_t	replog_mutex;
 pthread_mutex_t	ops_mutex;
 pthread_mutex_t	regex_mutex;
+#ifdef SLAPD_CRYPT
+pthread_mutex_t	crypt_mutex;
+#endif
 
 static char	*tailorfile;
 static char	*inputfile;
diff --git a/servers/slapd/tools/ldif2index.c b/servers/slapd/tools/ldif2index.c
index 7c996cb7ec..336b9ba0d3 100644
--- a/servers/slapd/tools/ldif2index.c
+++ b/servers/slapd/tools/ldif2index.c
@@ -33,6 +33,9 @@ pthread_mutex_t	currenttime_mutex;
 pthread_mutex_t	replog_mutex;
 pthread_mutex_t	ops_mutex;
 pthread_mutex_t	regex_mutex;
+#ifdef SLAPD_CRYPT
+pthread_mutex_t	crypt_mutex;
+#endif
 
 
 static void
diff --git a/servers/slapd/tools/ldif2ldbm.c b/servers/slapd/tools/ldif2ldbm.c
index c25c763189..0686e58bb8 100644
--- a/servers/slapd/tools/ldif2ldbm.c
+++ b/servers/slapd/tools/ldif2ldbm.c
@@ -37,6 +37,9 @@ pthread_mutex_t	currenttime_mutex;
 pthread_mutex_t	replog_mutex;
 pthread_mutex_t	ops_mutex;
 pthread_mutex_t	regex_mutex;
+#ifdef SLAPD_CRYPT
+pthread_mutex_t	crypt_mutex;
+#endif
 
 static void fork_child( char *prog, char *args[] );
 static void	wait4kids( int nkidval );
-- 
2.39.5