← Back to branch summary

~ttx/openldap/lucid-gssapi-495418

« back to all changes in this revision

Viewing changes to servers/slapd/config.c

  • Committer: Bazaar Package Importer
  • Author(s): Steve Langasek, Updated debconf translations
  • Date: 2009-07-28 10:17:15 UTC
  • mfrom: (1.1.4 upstream) (0.2.2 sid)
  • mto: (0.2.4 sid)
  • mto: This revision was merged to the branch mainline in revision 16.
  • Revision ID: james.westby@ubuntu.com-20090728101715-epwmqmsk0d3h22k3
http://bugs.debian.org/524770
http://bugs.debian.org/505191
http://bugs.debian.org/496749
http://bugs.debian.org/498116
http://bugs.debian.org/522965
http://bugs.debian.org/521804
* New upstream version.
  - Fixes FTBFS on ia64 with -fPIE. Closes: #524770.
  - Fixes some TLS issues with GnuTLS.  Closes: #505191.
* Update priority of libldap-2.4-2 to match the archive override.
* Add the missing ldapexop and ldapurl tools to ldap-utils, as well as the
  ldapurl(1) manpage.  Thanks to Peter Marschall for the patch.
  Closes: #496749.
* Bump build-dependency on debhelper to 6 instead of 5, since that's
  what we're using.  Closes: #498116.
* Set the default SLAPD_SERVICES to ldap:/// ldapi:///, instead of using
  the built-in default of ldap:/// only.
* Build-depend on libltdl-dev | libltdl3-dev (>= 1.4.3), for the package
  name change.  Closes: #522965.

[ Updated debconf translations ]
* Spanish, thanks to Francisco Javier Cuadrado <fcocuadrado@gmail.com>.
  Closes: #521804.

Show diffs side-by-side

added added

removed removed

Lines of Context:
servers/slapd/config.c
1
1
/* config.c - configuration file handling routines */
2
 
/* $OpenLDAP: pkg/ldap/servers/slapd/config.c,v 1.441.2.16 2008/04/14 22:20:28 quanah Exp $ */
 
2
/* $OpenLDAP: pkg/ldap/servers/slapd/config.c,v 1.441.2.24 2009/06/02 23:41:32 quanah Exp $ */
3
3
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
4
4
 *
5
 
 * Copyright 1998-2008 The OpenLDAP Foundation.
 
5
 * Copyright 1998-2009 The OpenLDAP Foundation.
6
6
 * All rights reserved.
7
7
 *
8
8
 * Redistribution and use in source and binary forms, with or without
62
62
slap_mask_t             global_disallows = 0;
63
63
int             global_gentlehup = 0;
64
64
int             global_idletimeout = 0;
 
65
int             global_writetimeout = 0;
65
66
char    *global_host = NULL;
 
67
struct berval global_host_bv = BER_BVNULL;
66
68
char    *global_realm = NULL;
67
69
char    *sasl_host = NULL;
68
70
char            **default_passwd_hash = NULL;
86
88
 
87
89
static int fp_getline(FILE *fp, ConfigArgs *c);
88
90
static void fp_getline_init(ConfigArgs *c);
89
 
static int fp_parse_line(ConfigArgs *c);
90
91
 
91
92
static char     *strtok_quote(char *line, char *sep, char **quote_ptr);
92
93
static char *strtok_quote_ldif(char **line);
144
145
        }
145
146
        if(Conf->min_args && (c->argc < Conf->min_args)) {
146
147
                snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> missing <%s> argument",
147
 
                        c->argv[0], Conf->what );
 
148
                        c->argv[0], Conf->what ? Conf->what : "" );
148
149
                Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: keyword %s\n", c->log, c->cr_msg, 0 );
149
150
                return(ARG_BAD_CONF);
150
151
        }
215
216
                        ch_free( c->value_ndn.bv_val );
216
217
                        ch_free( c->value_dn.bv_val );
217
218
                }
 
219
        } else if(arg_type == ARG_ATDESC) {
 
220
                const char *text = NULL;
 
221
                c->value_ad = NULL;
 
222
                rc = slap_str2ad( c->argv[1], &c->value_ad, &text );
 
223
                if ( rc != LDAP_SUCCESS ) {
 
224
                        snprintf( c->cr_msg, sizeof( c->cr_msg ), "<%s> invalid AttributeDescription %d (%s)",
 
225
                                c->argv[0], rc, text );
 
226
                        Debug(LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE, "%s: %s\n" , c->log, c->cr_msg, 0);
 
227
                        return(ARG_BAD_CONF);
 
228
                }
218
229
        } else {        /* all numeric */
219
230
                int j;
220
231
                iarg = 0; larg = 0; barg = 0;
365
376
                        case ARG_BERVAL:
366
377
                                *(struct berval *)ptr = c->value_bv;
367
378
                                break;
 
379
                        case ARG_ATDESC:
 
380
                                *(AttributeDescription **)ptr = c->value_ad;
 
381
                                break;
368
382
                }
369
383
        return(0);
370
384
}
442
456
                        break;
443
457
                case ARG_BERVAL:
444
458
                        ber_dupbv( &c->value_bv, (struct berval *)ptr ); break;
 
459
                case ARG_ATDESC:
 
460
                        c->value_ad = *(AttributeDescription **)ptr; break;
445
461
                }
446
462
        }
447
463
        if ( cf->arg_type & ARGS_TYPES) {
468
484
                                return 1;
469
485
                        }
470
486
                        break;
 
487
                case ARG_ATDESC:
 
488
                        if ( c->value_ad ) {
 
489
                                bv = c->value_ad->ad_cname;
 
490
                        } else {
 
491
                                return 1;
 
492
                        }
 
493
                        break;
471
494
                default:
472
495
                        bv.bv_val = NULL;
473
496
                        break;
716
739
 
717
740
                c->argc = 0;
718
741
                ch_free( c->tline );
719
 
                if ( fp_parse_line( c ) ) {
 
742
                if ( config_fp_parse_line( c ) ) {
720
743
                        rc = 1;
721
744
                        goto done;
722
745
                }
1200
1223
        { BER_BVC("tls_cacertdir="), offsetof(slap_bindconf, sb_tls_cacertdir), 's', 1, NULL },
1201
1224
        { BER_BVC("tls_reqcert="), offsetof(slap_bindconf, sb_tls_reqcert), 's', 1, NULL },
1202
1225
        { BER_BVC("tls_cipher_suite="), offsetof(slap_bindconf, sb_tls_cipher_suite), 's', 1, NULL },
 
1226
        { BER_BVC("tls_protocol_min="), offsetof(slap_bindconf, sb_tls_protocol_min), 's', 1, NULL },
1203
1227
#ifdef HAVE_OPENSSL_CRL
1204
1228
        { BER_BVC("tls_crlcheck="), offsetof(slap_bindconf, sb_tls_crlcheck), 's', 1, NULL },
1205
1229
#endif
1408
1432
        case LDAP_OPT_X_TLS_REQUIRE_CERT:
1409
1433
                keys = vfykeys;
1410
1434
                break;
 
1435
        case LDAP_OPT_X_TLS_PROTOCOL_MIN: {
 
1436
                char buf[8];
 
1437
                ldap_pvt_tls_get_option( ld, opt, &ival );
 
1438
                snprintf( buf, sizeof( buf ), "%d.%d",
 
1439
                        ( ival >> 8 ) & 0xff, ival & 0xff );
 
1440
                *val = ch_strdup( buf );
 
1441
                return 0;
 
1442
                }
1411
1443
        default:
1412
1444
                return -1;
1413
1445
        }
1519
1551
                ch_free( bc->sb_tls_cipher_suite );
1520
1552
                bc->sb_tls_cipher_suite = NULL;
1521
1553
        }
 
1554
        if ( bc->sb_tls_protocol_min ) {
 
1555
                ch_free( bc->sb_tls_protocol_min );
 
1556
                bc->sb_tls_protocol_min = NULL;
 
1557
        }
1522
1558
#ifdef HAVE_OPENSSL_CRL
1523
1559
        if ( bc->sb_tls_crlcheck ) {
1524
1560
                ch_free( bc->sb_tls_crlcheck );
1570
1606
        { "tls_cacert", offsetof(slap_bindconf, sb_tls_cacert), LDAP_OPT_X_TLS_CACERTFILE },
1571
1607
        { "tls_cacertdir", offsetof(slap_bindconf, sb_tls_cacertdir), LDAP_OPT_X_TLS_CACERTDIR },
1572
1608
        { "tls_cipher_suite", offsetof(slap_bindconf, sb_tls_cipher_suite), LDAP_OPT_X_TLS_CIPHER_SUITE },
 
1609
        { "tls_protocol_min", offsetof(slap_bindconf, sb_tls_protocol_min), LDAP_OPT_X_TLS_PROTOCOL_MIN },
1573
1610
        {0, 0}
1574
1611
};
1575
1612
 
1604
1641
                } else
1605
1642
                        newctx = 1;
1606
1643
        }
 
1644
        if ( bc->sb_tls_protocol_min ) {
 
1645
                rc = ldap_int_tls_config( ld, LDAP_OPT_X_TLS_PROTOCOL_MIN,
 
1646
                        bc->sb_tls_protocol_min );
 
1647
                if ( rc ) {
 
1648
                        Debug( LDAP_DEBUG_ANY,
 
1649
                                "bindconf_tls_set: failed to set tls_protocol_min to %s\n",
 
1650
                                        bc->sb_tls_protocol_min, 0, 0 );
 
1651
                        res = -1;
 
1652
                } else
 
1653
                        newctx = 1;
 
1654
        }
1607
1655
#ifdef HAVE_OPENSSL_CRL
1608
1656
        if ( bc->sb_tls_crlcheck ) {
1609
1657
                rc = ldap_int_tls_config( ld, LDAP_OPT_X_TLS_CRLCHECK,
1930
1978
        return(line[0] ? 1 : 0);
1931
1979
}
1932
1980
 
1933
 
static int
1934
 
fp_parse_line(ConfigArgs *c)
 
1981
int
 
1982
config_fp_parse_line(ConfigArgs *c)
1935
1983
{
1936
1984
        char *token;
1937
1985
        static char *const hide[] = {
1984
2032
                if ( frontendDB->be_schemadn.bv_val )
1985
2033
                        free( frontendDB->be_schemadn.bv_val );
1986
2034
                if ( frontendDB->be_acl )
1987
 
                        acl_destroy( frontendDB->be_acl, NULL );
 
2035
                        acl_destroy( frontendDB->be_acl );
1988
2036
        }
1989
2037
        free( line );
1990
2038
        if ( slapd_args_file )