ldap/servers
by Noriko Hosoi
ldap/servers/slapd/libglobs.c | 47 +++++++++++++++++++++++++++++++++++++-----
1 file changed, 42 insertions(+), 5 deletions(-)
New commits:
commit 94b123780b21e503b78bceca9d60904206ef91fa
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Wed Nov 7 17:21:09 2012 -0800
Trac Ticket #447 - Possible to add invalid attribute
to nsslapd-allowed-to-delete-attrs
https://fedorahosted.org/389/ticket/447
Fix description: This patch is adding a code to check if the value
of config parameter nsslapd-allowed-to-delete-attrs includes any
invalid attributes or not. If it does, the server ignores the
invalid ones, and the following search returns only the valid
attributes. Also, it is logged in the error log:
nsslapd-allowed-to-delete-attrs: Unknown attribute bogus will be
ignored
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index bd1062d..a7e504f 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -568,7 +568,7 @@ static struct config_get_and_set {
{CONFIG_AUDITLOG_LOGROTATIONTIMEUNIT_ATTRIBUTE, NULL,
log_set_rotationtimeunit, SLAPD_AUDIT_LOG,
(void**)&global_slapdFrontendConfig.auditlog_rotationunit,
- CONFIG_STRING_OR_UNKNOWN, INIT_AUDITLOG_ROTATIONUNIT},
+ CONFIG_STRING_OR_UNKNOWN, NULL, INIT_AUDITLOG_ROTATIONUNIT},
{CONFIG_PW_RESETFAILURECOUNT_ATTRIBUTE, config_set_pw_resetfailurecount,
NULL, 0,
(void**)&global_slapdFrontendConfig.pw_policy.pw_resetfailurecount,
@@ -6473,9 +6473,44 @@ config_set_allowed_to_delete_attrs( const char *attrname, char *value,
}
if (apply) {
+ char *vcopy = slapi_ch_strdup(value);
+ char **allowed = NULL, **s, *d;
+ struct config_get_and_set *cgas = 0;
+ int needcopy = 0;
+ allowed = slapi_str2charray_ext(vcopy, " ", 0);
+ for (s = allowed; s && *s; s++) ;
+ for (--s; s && *s && (s >= allowed); s--) {
+ cgas = (struct config_get_and_set *)PL_HashTableLookup(confighash,
+ *s);
+ if (!cgas && PL_strcasecmp(*s, "aci") /* aci is an exception */) {
+ slapi_log_error(SLAPI_LOG_FATAL, "config",
+ "%s: Unknown attribute %s will be ignored\n",
+ CONFIG_ALLOWED_TO_DELETE_ATTRIBUTE, *s);
+ charray_remove(allowed, *s, 1);
+ needcopy = 1;
+ s--;
+ }
+ }
+ if (needcopy) {
+ /* given value included unknown attribute,
+ * we need to re-create a value. */
+ /* reuse the duplicated string for the new attr value. */
+ for (s = allowed, d = vcopy; s && *s; s++) {
+ size_t slen = strlen(*s);
+ memmove(d, *s, slen);
+ d += slen;
+ memmove(d, " ", 1);
+ d++;
+ }
+ *(d-1) = '\0';
+ strcpy(value, vcopy); /* original value needs to be refreshed */
+ } else {
+ slapi_ch_free_string(&vcopy);
+ vcopy = slapi_ch_strdup(value);
+ }
CFG_LOCK_WRITE(slapdFrontendConfig);
slapi_ch_free_string(&(slapdFrontendConfig->allowed_to_delete_attrs));
- slapdFrontendConfig->allowed_to_delete_attrs = slapi_ch_strdup(value);
+ slapdFrontendConfig->allowed_to_delete_attrs = vcopy;
CFG_UNLOCK_WRITE(slapdFrontendConfig);
}
return retVal;
@@ -6618,17 +6653,19 @@ config_set(const char *attr, struct berval **values, char *errorbuf, int apply)
}
for (ii = 0; !retval && values && values[ii]; ++ii)
{
- if (cgas->setfunc)
+ if (cgas->setfunc) {
retval = (cgas->setfunc)(cgas->attr_name,
(char *)values[ii]->bv_val, errorbuf, apply);
- else if (cgas->logsetfunc)
+ } else if (cgas->logsetfunc) {
retval = (cgas->logsetfunc)(cgas->attr_name,
(char *)values[ii]->bv_val, cgas->whichlog,
errorbuf, apply);
- else
+ } else {
LDAPDebug(LDAP_DEBUG_ANY,
"config_set: the attribute %s is read only; ignoring new value %s\n",
attr, values[ii]->bv_val, 0);
+ }
+ values[ii]->bv_len = strlen((char *)values[ii]->bv_val);
}
break;
}
11 years, 5 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/libglobs.c | 897 ++++++++++++++++++++++++++++--------------
1 file changed, 609 insertions(+), 288 deletions(-)
New commits:
commit 90dd9bb3c1411daca353d055d90618e67aa1fa7e
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Tue Nov 6 18:15:46 2012 -0800
Trac Ticket #443 - Deleting attribute present in
nsslapd-allowed-to-delete-attrs returns Operations error
https://fedorahosted.org/389/ticket/443
Bug Description: Even if setting a config parameter to nsslapd-
allowed-to-delete-attrs, the value failed to delete if the type
was on|off or integer.
Fix Description: Store all the initial config param values in
ConfigList. If the attribute value is deleted, reset the initial
value.
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index dc8452a..bd1062d 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -125,6 +125,139 @@ static int config_set_onoff( const char *attrname, char *value,
static int config_set_schemareplace ( const char *attrname, char *value,
char *errorbuf, int apply );
+/* Keeping the initial values */
+/* CONFIG_INT/CONFIG_LONG */
+#define DEFAULT_LOG_ROTATIONSYNCHOUR "0"
+#define DEFAULT_LOG_ROTATIONSYNCMIN "0"
+#define DEFAULT_LOG_ROTATIONTIME "1"
+#define DEFAULT_LOG_ACCESS_MAXNUMLOGS "10"
+#define DEFAULT_LOG_MAXNUMLOGS "1"
+#define DEFAULT_LOG_EXPTIME "1"
+#define DEFAULT_LOG_ACCESS_MAXDISKSPACE "500"
+#define DEFAULT_LOG_MAXDISKSPACE "100"
+#define DEFAULT_LOG_MAXLOGSIZE "100"
+#define DEFAULT_LOG_MINFREESPACE "5"
+#define DEFAULT_ACCESSLOGLEVEL "256"
+#define DEFAULT_SIZELIMIT "2000"
+#define DEFAULT_TIMELIMIT "3600"
+#define DEFAULT_PAGEDSIZELIMIT "0"
+#define DEFAULT_IDLE_TIMEOUT "0"
+#define DEFAULT_MAXDESCRIPTORS "1024"
+#define DEFAULT_RESERVE_FDS "64"
+#define DEFAULT_MAX_BERSIZE "0"
+#define DEFAULT_MAX_THREADS "30"
+#define DEFAULT_MAX_THREADS_PER_CONN "5"
+#define DEFAULT_IOBLOCK_TIMEOUT "1800000"
+#define DEFAULT_OUTBOUND_LDAP_IO_TIMEOUT "300000"
+#define DEFAULT_MAX_FILTER_NEST_LEVEL "40"
+#define DEFAULT_GROUPEVALNESTLEVEL "0"
+#define DEFAULT_MAX_SASLIO_SIZE "2097152"
+#define DEFAULT_DISK_THRESHOLD "2097152"
+#define DEFAULT_DISK_GRACE_PERIOD "60"
+#define DEFAULT_LOCAL_SSF "71"
+#define DEFAULT_MIN_SSF "0"
+#define DEFAULT_PW_INHISTORY "6"
+#define DEFAULT_PW_GRACELIMIT "0"
+#define DEFAULT_PW_MINLENGTH "0"
+#define DEFAULT_PW_MINDIGITS "0"
+#define DEFAULT_PW_MINALPHAS "0"
+#define DEFAULT_PW_MINUPPERS "0"
+#define DEFAULT_PW_MINLOWERS "0"
+#define DEFAULT_PW_MINSPECIALS "0"
+#define DEFAULT_PW_MIN8BIT "0"
+#define DEFAULT_PW_MAXREPEATS "0"
+#define DEFAULT_PW_MINCATEGORIES "3"
+#define DEFAULT_PW_MINTOKENLENGTH "3"
+#define DEFAULT_PW_MAXAGE "8640000"
+#define DEFAULT_PW_MINAGE "0"
+#define DEFAULT_PW_WARNING "86400"
+#define DEFAULT_PW_MAXFAILURE "3"
+#define DEFAULT_PW_RESETFAILURECOUNT "600"
+#define DEFAULT_PW_LOCKDURATION "3600"
+#define DEFAULT_NDN_SIZE "20971520"
+#ifdef MEMPOOL_EXPERIMENTAL
+#define DEFAULT_MEMPOOL_MAXFREELIST "1024"
+#endif
+
+/* CONFIG_STRING... */
+#define INIT_ACCESSLOG_MODE "600"
+#define INIT_ERRORLOG_MODE "600"
+#define INIT_AUDITLOG_MODE "600"
+#define INIT_ACCESSLOG_ROTATIONUNIT "day"
+#define INIT_ERRORLOG_ROTATIONUNIT "week"
+#define INIT_AUDITLOG_ROTATIONUNIT "week"
+#define INIT_ACCESSLOG_EXPTIMEUNIT "month"
+#define INIT_ERRORLOG_EXPTIMEUNIT "month"
+#define INIT_AUDITLOG_EXPTIMEUNIT "month"
+#define DEFAULT_DIRECTORY_MANAGER "cn=Directory Manager"
+#define DEFAULT_UIDNUM_TYPE "uidNumber"
+#define DEFAULT_GIDNUM_TYPE "gidNumber"
+#define DEFAULT_LDAPI_SEARCH_BASE "dc=example,dc=com"
+#define DEFAULT_LDAPI_AUTO_DN "cn=peercred,cn=external,cn=auth"
+#define ENTRYUSN_IMPORT_INIT "0"
+#define DEFAULT_ALLOWED_TO_DELETE_ATTRS "nsslapd-listenhost nsslapd-securelistenhost nsslapd-defaultnamingcontext"
+#define SALTED_SHA1_SCHEME_NAME "SSHA"
+
+/* CONFIG_ON_OFF */
+int init_accesslog_rotationsync_enabled;
+int init_errorlog_rotationsync_enabled;
+int init_auditlog_rotationsync_enabled;
+int init_accesslog_logging_enabled;
+int init_accesslogbuffering;
+int init_errorlog_logging_enabled;
+int init_auditlog_logging_enabled;
+int init_auditlog_logging_hide_unhashed_pw;
+int init_csnlogging;
+int init_pw_unlock;
+int init_pw_must_change;
+int init_pwpolicy_local;
+int init_pw_lockout;
+int init_pw_history;
+int init_pw_is_global_policy;
+int init_pw_is_legacy;
+int init_pw_track_update_time;
+int init_pw_change;
+int init_pw_exp;
+int init_pw_syntax;
+int init_schemacheck;
+int init_ds4_compatible_schema;
+int init_schema_ignore_trailing_spaces;
+int init_enquote_sup_oc;
+int init_rewrite_rfc1274;
+int init_syntaxcheck;
+int init_syntaxlogging;
+int init_dn_validate_strict;
+int init_attrname_exceptions;
+int init_return_exact_case;
+int init_result_tweak;
+int init_plugin_track;
+int init_lastmod;
+int init_readonly;
+int init_accesscontrol;
+int init_nagle;
+int init_security;
+int init_ssl_check_hostname;
+int init_ldapi_switch;
+int init_ldapi_bind_switch;
+int init_ldapi_map_entries;
+int init_allow_unauth_binds;
+int init_require_secure_binds;
+int init_minssf_exclude_rootdse;
+int init_force_sasl_external;
+int init_slapi_counters;
+int init_entryusn_global;
+int init_disk_monitoring;
+int init_disk_logging_critical;
+int init_disk_preserve_logging;
+int init_ndn_cache_enabled;
+#ifdef MEMPOOL_EXPERIMENTAL
+int init_mempool_switch;
+#endif
+
+#define DEFAULT_SSLCLIENTAPTH "off"
+#define DEFAULT_ALLOW_ANON_ACCESS "on"
+#define DEFAULT_VALIDATE_CERT "warn"
+
static int
isInt(ConfigVarType type)
{
@@ -145,567 +278,740 @@ static struct config_get_and_set {
void** config_var_addr; /* address of member of slapdFrontendConfig struct */
ConfigVarType config_var_type; /* cast to this type when getting */
ConfigGetFunc getfunc; /* for special handling */
+ void *initvalue;
} ConfigList[] = {
{CONFIG_AUDITLOG_MODE_ATTRIBUTE, NULL,
log_set_mode, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_mode, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_mode,
+ CONFIG_STRING, NULL, INIT_AUDITLOG_MODE},
{CONFIG_AUDITLOG_LOGROTATIONSYNCENABLED_ATTRIBUTE, NULL,
log_set_rotationsync_enabled, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_rotationsync_enabled, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_rotationsync_enabled,
+ CONFIG_ON_OFF, NULL, &init_auditlog_rotationsync_enabled},
{CONFIG_AUDITLOG_LOGROTATIONSYNCHOUR_ATTRIBUTE, NULL,
log_set_rotationsynchour, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_rotationsynchour, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_rotationsynchour,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCHOUR},
{CONFIG_AUDITLOG_LOGROTATIONSYNCMIN_ATTRIBUTE, NULL,
log_set_rotationsyncmin, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_rotationsyncmin, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_rotationsyncmin,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCMIN},
{CONFIG_AUDITLOG_LOGROTATIONTIME_ATTRIBUTE, NULL,
log_set_rotationtime, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_rotationtime, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_rotationtime,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONTIME},
{CONFIG_ACCESSLOG_MODE_ATTRIBUTE, NULL,
log_set_mode, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_mode, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_mode,
+ CONFIG_STRING, NULL, INIT_ACCESSLOG_MODE},
{CONFIG_ACCESSLOG_MAXNUMOFLOGSPERDIR_ATTRIBUTE, NULL,
log_set_numlogsperdir, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_maxnumlogs, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_maxnumlogs,
+ CONFIG_INT, NULL, DEFAULT_LOG_ACCESS_MAXNUMLOGS},
{CONFIG_LOGLEVEL_ATTRIBUTE, config_set_errorlog_level,
NULL, 0,
(void**)&global_slapdFrontendConfig.errorloglevel,
- CONFIG_SPECIAL_ERRORLOGLEVEL, NULL},
+ CONFIG_SPECIAL_ERRORLOGLEVEL, NULL, NULL},
{CONFIG_ERRORLOG_LOGGING_ENABLED_ATTRIBUTE, NULL,
log_set_logging, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_logging_enabled, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_logging_enabled,
+ CONFIG_ON_OFF, NULL, &init_errorlog_logging_enabled},
{CONFIG_ERRORLOG_MODE_ATTRIBUTE, NULL,
log_set_mode, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_mode, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_mode,
+ CONFIG_STRING, NULL, INIT_ERRORLOG_MODE},
{CONFIG_ERRORLOG_LOGEXPIRATIONTIME_ATTRIBUTE, NULL,
log_set_expirationtime, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_exptime, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_exptime,
+ CONFIG_INT, NULL, DEFAULT_LOG_EXPTIME},
{CONFIG_ACCESSLOG_LOGGING_ENABLED_ATTRIBUTE, NULL,
log_set_logging, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_logging_enabled, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_logging_enabled,
+ CONFIG_ON_OFF, NULL, &init_accesslog_logging_enabled},
{CONFIG_PORT_ATTRIBUTE, config_set_port,
NULL, 0,
- (void**)&global_slapdFrontendConfig.port, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.port,
+ CONFIG_INT, NULL, NULL/* deletion is not allowed */},
{CONFIG_WORKINGDIR_ATTRIBUTE, config_set_workingdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.workingdir, CONFIG_STRING_OR_EMPTY, NULL},
+ (void**)&global_slapdFrontendConfig.workingdir,
+ CONFIG_STRING_OR_EMPTY, NULL, NULL/* deletion is not allowed */},
{CONFIG_MAXTHREADSPERCONN_ATTRIBUTE, config_set_maxthreadsperconn,
NULL, 0,
- (void**)&global_slapdFrontendConfig.maxthreadsperconn, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.maxthreadsperconn,
+ CONFIG_INT, NULL, DEFAULT_MAX_THREADS_PER_CONN},
{CONFIG_ACCESSLOG_LOGEXPIRATIONTIME_ATTRIBUTE, NULL,
log_set_expirationtime, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_exptime, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_exptime,
+ CONFIG_INT, NULL, DEFAULT_LOG_EXPTIME},
#ifndef _WIN32
{CONFIG_LOCALUSER_ATTRIBUTE, config_set_localuser,
NULL, 0,
- (void**)&global_slapdFrontendConfig.localuser, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.localuser,
+ CONFIG_STRING, NULL, NULL/* deletion is not allowed */},
#endif
{CONFIG_ERRORLOG_LOGROTATIONSYNCENABLED_ATTRIBUTE, NULL,
log_set_rotationsync_enabled, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_rotationsync_enabled, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_rotationsync_enabled,
+ CONFIG_ON_OFF, NULL, &init_errorlog_rotationsync_enabled},
{CONFIG_ERRORLOG_LOGROTATIONSYNCHOUR_ATTRIBUTE, NULL,
log_set_rotationsynchour, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_rotationsynchour, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_rotationsynchour,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCHOUR},
{CONFIG_ERRORLOG_LOGROTATIONSYNCMIN_ATTRIBUTE, NULL,
log_set_rotationsyncmin, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_rotationsyncmin, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_rotationsyncmin,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCMIN},
{CONFIG_ERRORLOG_LOGROTATIONTIME_ATTRIBUTE, NULL,
log_set_rotationtime, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_rotationtime, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_rotationtime,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONTIME},
{CONFIG_PW_INHISTORY_ATTRIBUTE, config_set_pw_inhistory,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_inhistory, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_inhistory,
+ CONFIG_INT, NULL, DEFAULT_PW_INHISTORY},
{CONFIG_PW_STORAGESCHEME_ATTRIBUTE, config_set_pw_storagescheme,
- NULL, 0, NULL, CONFIG_STRING, (ConfigGetFunc)config_get_pw_storagescheme},
+ NULL, 0, NULL,
+ CONFIG_STRING, (ConfigGetFunc)config_get_pw_storagescheme,
+ SALTED_SHA1_SCHEME_NAME},
{CONFIG_PW_UNLOCK_ATTRIBUTE, config_set_pw_unlock,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_unlock, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_unlock,
+ CONFIG_ON_OFF, NULL, &init_pw_unlock},
{CONFIG_PW_GRACELIMIT_ATTRIBUTE, config_set_pw_gracelimit,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_gracelimit, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_gracelimit,
+ CONFIG_INT, NULL, DEFAULT_PW_GRACELIMIT},
{CONFIG_ACCESSLOG_LOGROTATIONSYNCENABLED_ATTRIBUTE, NULL,
log_set_rotationsync_enabled, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_rotationsync_enabled, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_rotationsync_enabled,
+ CONFIG_ON_OFF, NULL, &init_accesslog_rotationsync_enabled},
{CONFIG_ACCESSLOG_LOGROTATIONSYNCHOUR_ATTRIBUTE, NULL,
log_set_rotationsynchour, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_rotationsynchour, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_rotationsynchour,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCHOUR},
{CONFIG_ACCESSLOG_LOGROTATIONSYNCMIN_ATTRIBUTE, NULL,
log_set_rotationsyncmin, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_rotationsyncmin, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_rotationsyncmin,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCMIN},
{CONFIG_ACCESSLOG_LOGROTATIONTIME_ATTRIBUTE, NULL,
log_set_rotationtime, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_rotationtime, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_rotationtime,
+ CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONTIME},
{CONFIG_PW_MUSTCHANGE_ATTRIBUTE, config_set_pw_must_change,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_must_change, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_must_change,
+ CONFIG_ON_OFF, NULL, &init_pw_must_change},
{CONFIG_PWPOLICY_LOCAL_ATTRIBUTE, config_set_pwpolicy_local,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pwpolicy_local, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pwpolicy_local,
+ CONFIG_ON_OFF, NULL, &init_pwpolicy_local},
{CONFIG_AUDITLOG_MAXLOGDISKSPACE_ATTRIBUTE, NULL,
log_set_maxdiskspace, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_maxdiskspace, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_maxdiskspace,
+ CONFIG_INT, NULL, DEFAULT_LOG_MAXDISKSPACE},
{CONFIG_SIZELIMIT_ATTRIBUTE, config_set_sizelimit,
NULL, 0,
- (void**)&global_slapdFrontendConfig.sizelimit, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.sizelimit,
+ CONFIG_INT, NULL, DEFAULT_SIZELIMIT},
{CONFIG_AUDITLOG_MAXLOGSIZE_ATTRIBUTE, NULL,
log_set_logsize, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_maxlogsize, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_maxlogsize,
+ CONFIG_INT, NULL, DEFAULT_LOG_MAXLOGSIZE},
{CONFIG_PW_WARNING_ATTRIBUTE, config_set_pw_warning,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_warning, CONFIG_LONG, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_warning,
+ CONFIG_LONG, NULL, DEFAULT_PW_WARNING},
{CONFIG_READONLY_ATTRIBUTE, config_set_readonly,
NULL, 0,
- (void**)&global_slapdFrontendConfig.readonly, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.readonly,
+ CONFIG_ON_OFF, NULL, &init_readonly},
{CONFIG_THREADNUMBER_ATTRIBUTE, config_set_threadnumber,
NULL, 0,
- (void**)&global_slapdFrontendConfig.threadnumber, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.threadnumber,
+ CONFIG_INT, NULL, DEFAULT_MAX_THREADS},
{CONFIG_PW_LOCKOUT_ATTRIBUTE, config_set_pw_lockout,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_lockout, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_lockout,
+ CONFIG_ON_OFF, NULL, &init_pw_lockout},
{CONFIG_ENQUOTE_SUP_OC_ATTRIBUTE, config_set_enquote_sup_oc,
NULL, 0,
- (void**)&global_slapdFrontendConfig.enquote_sup_oc, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.enquote_sup_oc,
+ CONFIG_ON_OFF, NULL, &init_enquote_sup_oc},
{CONFIG_LOCALHOST_ATTRIBUTE, config_set_localhost,
NULL, 0,
- (void**)&global_slapdFrontendConfig.localhost, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.localhost,
+ CONFIG_STRING, NULL, NULL/* deletion is not allowed */},
{CONFIG_IOBLOCKTIMEOUT_ATTRIBUTE, config_set_ioblocktimeout,
NULL, 0,
- (void**)&global_slapdFrontendConfig.ioblocktimeout, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.ioblocktimeout,
+ CONFIG_INT, NULL, DEFAULT_IOBLOCK_TIMEOUT},
{CONFIG_MAX_FILTER_NEST_LEVEL_ATTRIBUTE, config_set_max_filter_nest_level,
- NULL, 0, (void**)&global_slapdFrontendConfig.max_filter_nest_level,
- CONFIG_INT, NULL},
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.max_filter_nest_level,
+ CONFIG_INT, NULL, DEFAULT_MAX_FILTER_NEST_LEVEL},
{CONFIG_ERRORLOG_MAXLOGDISKSPACE_ATTRIBUTE, NULL,
log_set_maxdiskspace, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_maxdiskspace, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_maxdiskspace,
+ CONFIG_INT, NULL, DEFAULT_LOG_MAXDISKSPACE},
{CONFIG_PW_MINLENGTH_ATTRIBUTE, config_set_pw_minlength,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_minlength, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_minlength,
+ CONFIG_INT, NULL, DEFAULT_PW_MINLENGTH},
{CONFIG_PW_MINDIGITS_ATTRIBUTE, config_set_pw_mindigits,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_mindigits, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_mindigits,
+ CONFIG_INT, NULL, DEFAULT_PW_MINDIGITS},
{CONFIG_PW_MINALPHAS_ATTRIBUTE, config_set_pw_minalphas,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_minalphas, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_minalphas,
+ CONFIG_INT, NULL, DEFAULT_PW_MINALPHAS},
{CONFIG_PW_MINUPPERS_ATTRIBUTE, config_set_pw_minuppers,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_minuppers, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_minuppers,
+ CONFIG_INT, NULL, DEFAULT_PW_MINUPPERS},
{CONFIG_PW_MINLOWERS_ATTRIBUTE, config_set_pw_minlowers,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_minlowers, CONFIG_INT, NULL},
- {CONFIG_PW_MINSPECIALS_ATTRIBUTE, config_set_pw_minspecials,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_minspecials, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_minlowers,
+ CONFIG_INT, NULL, DEFAULT_PW_MINLOWERS},
+ {CONFIG_PW_MINSPECIALS_ATTRIBUTE, config_set_pw_minspecials,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_minspecials,
+ CONFIG_INT, NULL, DEFAULT_PW_MINSPECIALS},
{CONFIG_PW_MIN8BIT_ATTRIBUTE, config_set_pw_min8bit,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_min8bit, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_min8bit,
+ CONFIG_INT, NULL, DEFAULT_PW_MIN8BIT},
{CONFIG_PW_MAXREPEATS_ATTRIBUTE, config_set_pw_maxrepeats,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_maxrepeats, CONFIG_INT, NULL},
- {CONFIG_PW_MINCATEGORIES_ATTRIBUTE, config_set_pw_mincategories,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_mincategories, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_maxrepeats,
+ CONFIG_INT, NULL, DEFAULT_PW_MAXREPEATS},
+ {CONFIG_PW_MINCATEGORIES_ATTRIBUTE, config_set_pw_mincategories,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_mincategories,
+ CONFIG_INT, NULL, DEFAULT_PW_MINCATEGORIES},
{CONFIG_PW_MINTOKENLENGTH_ATTRIBUTE, config_set_pw_mintokenlength,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_mintokenlength, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_mintokenlength,
+ CONFIG_INT, NULL, DEFAULT_PW_MINTOKENLENGTH},
{CONFIG_ERRORLOG_ATTRIBUTE, config_set_errorlog,
NULL, 0,
- (void**)&global_slapdFrontendConfig.errorlog, CONFIG_STRING_OR_EMPTY, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog,
+ CONFIG_STRING_OR_EMPTY, NULL, NULL/* deletion is not allowed */},
{CONFIG_AUDITLOG_LOGEXPIRATIONTIME_ATTRIBUTE, NULL,
log_set_expirationtime, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_exptime, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_exptime,
+ CONFIG_INT, NULL, DEFAULT_LOG_EXPTIME},
{CONFIG_SCHEMACHECK_ATTRIBUTE, config_set_schemacheck,
NULL, 0,
- (void**)&global_slapdFrontendConfig.schemacheck, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.schemacheck,
+ CONFIG_ON_OFF, NULL, &init_schemacheck},
{CONFIG_SYNTAXCHECK_ATTRIBUTE, config_set_syntaxcheck,
NULL, 0,
- (void**)&global_slapdFrontendConfig.syntaxcheck, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.syntaxcheck,
+ CONFIG_ON_OFF, NULL, &init_syntaxcheck},
{CONFIG_SYNTAXLOGGING_ATTRIBUTE, config_set_syntaxlogging,
NULL, 0,
- (void**)&global_slapdFrontendConfig.syntaxlogging, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.syntaxlogging,
+ CONFIG_ON_OFF, NULL, &init_syntaxlogging},
{CONFIG_DN_VALIDATE_STRICT_ATTRIBUTE, config_set_dn_validate_strict,
NULL, 0,
- (void**)&global_slapdFrontendConfig.dn_validate_strict, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.dn_validate_strict,
+ CONFIG_ON_OFF, NULL, &init_dn_validate_strict},
{CONFIG_DS4_COMPATIBLE_SCHEMA_ATTRIBUTE, config_set_ds4_compatible_schema,
NULL, 0,
(void**)&global_slapdFrontendConfig.ds4_compatible_schema,
- CONFIG_ON_OFF, NULL},
+ CONFIG_ON_OFF, NULL, &init_ds4_compatible_schema},
{CONFIG_SCHEMA_IGNORE_TRAILING_SPACES,
config_set_schema_ignore_trailing_spaces, NULL, 0,
(void**)&global_slapdFrontendConfig.schema_ignore_trailing_spaces,
- CONFIG_ON_OFF, NULL},
+ CONFIG_ON_OFF, NULL, &init_schema_ignore_trailing_spaces},
{CONFIG_SCHEMAREPLACE_ATTRIBUTE, config_set_schemareplace, NULL, 0,
(void**)&global_slapdFrontendConfig.schemareplace,
- CONFIG_STRING_OR_OFF, NULL},
+ CONFIG_STRING_OR_OFF, NULL, CONFIG_SCHEMAREPLACE_STR_REPLICATION_ONLY},
{CONFIG_ACCESSLOG_MAXLOGDISKSPACE_ATTRIBUTE, NULL,
log_set_maxdiskspace, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_maxdiskspace, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_maxdiskspace,
+ CONFIG_INT, NULL, DEFAULT_LOG_ACCESS_MAXDISKSPACE},
{CONFIG_REFERRAL_ATTRIBUTE, (ConfigSetFunc)config_set_defaultreferral,
NULL, 0,
(void**)&global_slapdFrontendConfig.defaultreferral,
- CONFIG_SPECIAL_REFERRALLIST, NULL},
+ CONFIG_SPECIAL_REFERRALLIST, NULL, NULL/* deletion is not allowed */},
{CONFIG_PW_MAXFAILURE_ATTRIBUTE, config_set_pw_maxfailure,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_maxfailure, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_maxfailure,
+ CONFIG_INT, NULL, DEFAULT_PW_MAXFAILURE},
{CONFIG_ACCESSLOG_ATTRIBUTE, config_set_accesslog,
NULL, 0,
- (void**)&global_slapdFrontendConfig.accesslog, CONFIG_STRING_OR_EMPTY, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog,
+ CONFIG_STRING_OR_EMPTY, NULL, NULL/* deletion is not allowed */},
{CONFIG_LASTMOD_ATTRIBUTE, config_set_lastmod,
NULL, 0,
- (void**)&global_slapdFrontendConfig.lastmod, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.lastmod,
+ CONFIG_ON_OFF, NULL, &init_lastmod},
{CONFIG_ROOTPWSTORAGESCHEME_ATTRIBUTE, config_set_rootpwstoragescheme,
- NULL, 0, NULL, CONFIG_STRING, (ConfigGetFunc)config_get_rootpwstoragescheme},
+ NULL, 0, NULL,
+ CONFIG_STRING, (ConfigGetFunc)config_get_rootpwstoragescheme,
+ SALTED_SHA1_SCHEME_NAME},
{CONFIG_PW_HISTORY_ATTRIBUTE, config_set_pw_history,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_history, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_history,
+ CONFIG_ON_OFF, NULL, &init_pw_history},
{CONFIG_SECURITY_ATTRIBUTE, config_set_security,
NULL, 0,
- (void**)&global_slapdFrontendConfig.security, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.security,
+ CONFIG_ON_OFF, NULL, &init_security},
{CONFIG_PW_MAXAGE_ATTRIBUTE, config_set_pw_maxage,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_maxage, CONFIG_LONG, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_maxage,
+ CONFIG_LONG, NULL, DEFAULT_PW_MAXAGE},
{CONFIG_AUDITLOG_LOGROTATIONTIMEUNIT_ATTRIBUTE, NULL,
log_set_rotationtimeunit, SLAPD_AUDIT_LOG,
(void**)&global_slapdFrontendConfig.auditlog_rotationunit,
- CONFIG_STRING_OR_UNKNOWN, NULL},
+ CONFIG_STRING_OR_UNKNOWN, INIT_AUDITLOG_ROTATIONUNIT},
{CONFIG_PW_RESETFAILURECOUNT_ATTRIBUTE, config_set_pw_resetfailurecount,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_resetfailurecount, CONFIG_LONG, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_resetfailurecount,
+ CONFIG_LONG, NULL, DEFAULT_PW_RESETFAILURECOUNT},
{CONFIG_PW_ISGLOBAL_ATTRIBUTE, config_set_pw_is_global_policy,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_is_global_policy, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_is_global_policy,
+ CONFIG_ON_OFF, NULL, &init_pw_is_global_policy},
{CONFIG_PW_IS_LEGACY, config_set_pw_is_legacy_policy,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_is_legacy, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_is_legacy,
+ CONFIG_ON_OFF, NULL, &init_pw_is_legacy},
{CONFIG_PW_TRACK_LAST_UPDATE_TIME, config_set_pw_track_last_update_time,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_track_update_time, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_track_update_time,
+ CONFIG_ON_OFF, NULL, &init_pw_track_update_time},
{CONFIG_AUDITLOG_MAXNUMOFLOGSPERDIR_ATTRIBUTE, NULL,
log_set_numlogsperdir, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_maxnumlogs, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_maxnumlogs,
+ CONFIG_INT, NULL, DEFAULT_LOG_MAXNUMLOGS},
{CONFIG_ERRORLOG_LOGEXPIRATIONTIMEUNIT_ATTRIBUTE, NULL,
log_set_expirationtimeunit, SLAPD_ERROR_LOG,
(void**)&global_slapdFrontendConfig.errorlog_exptimeunit,
- CONFIG_STRING_OR_UNKNOWN, NULL},
+ CONFIG_STRING_OR_UNKNOWN, NULL, INIT_ERRORLOG_EXPTIMEUNIT},
/* errorlog list is read only, so no set func and no config var addr */
- {CONFIG_ERRORLOG_LIST_ATTRIBUTE, NULL, NULL, 0, NULL,
- CONFIG_CHARRAY, (ConfigGetFunc)config_get_errorlog_list},
+ {CONFIG_ERRORLOG_LIST_ATTRIBUTE, NULL,
+ NULL, 0, NULL,
+ CONFIG_CHARRAY, (ConfigGetFunc)config_get_errorlog_list, NULL},
{CONFIG_GROUPEVALNESTLEVEL_ATTRIBUTE, config_set_groupevalnestlevel,
NULL, 0,
- (void**)&global_slapdFrontendConfig.groupevalnestlevel, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.groupevalnestlevel,
+ CONFIG_INT, NULL, DEFAULT_GROUPEVALNESTLEVEL},
{CONFIG_ACCESSLOG_LOGEXPIRATIONTIMEUNIT_ATTRIBUTE, NULL,
log_set_expirationtimeunit, SLAPD_ACCESS_LOG,
(void**)&global_slapdFrontendConfig.accesslog_exptimeunit,
- CONFIG_STRING_OR_UNKNOWN, NULL},
+ CONFIG_STRING_OR_UNKNOWN, NULL, INIT_ACCESSLOG_EXPTIMEUNIT},
{CONFIG_ROOTPW_ATTRIBUTE, config_set_rootpw,
NULL, 0,
- (void**)&global_slapdFrontendConfig.rootpw, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.rootpw,
+ CONFIG_STRING, NULL, NULL/* deletion is not allowed */},
{CONFIG_PW_CHANGE_ATTRIBUTE, config_set_pw_change,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_change, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_change,
+ CONFIG_ON_OFF, NULL, &init_pw_change},
{CONFIG_ACCESSLOGLEVEL_ATTRIBUTE, config_set_accesslog_level,
NULL, 0,
- (void**)&global_slapdFrontendConfig.accessloglevel, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accessloglevel,
+ CONFIG_INT, NULL, DEFAULT_ACCESSLOGLEVEL},
{CONFIG_ERRORLOG_LOGROTATIONTIMEUNIT_ATTRIBUTE, NULL,
log_set_rotationtimeunit, SLAPD_ERROR_LOG,
(void**)&global_slapdFrontendConfig.errorlog_rotationunit,
- CONFIG_STRING_OR_UNKNOWN, NULL},
+ CONFIG_STRING_OR_UNKNOWN, NULL, INIT_ERRORLOG_ROTATIONUNIT},
{CONFIG_SECUREPORT_ATTRIBUTE, config_set_secureport,
NULL, 0,
- (void**)&global_slapdFrontendConfig.secureport, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.secureport,
+ CONFIG_INT, NULL, NULL/* deletion is not allowed */},
{CONFIG_BASEDN_ATTRIBUTE, config_set_basedn,
NULL, 0,
- (void**)&global_slapdFrontendConfig.certmap_basedn, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.certmap_basedn,
+ CONFIG_STRING, NULL, NULL/* deletion is not allowed */},
{CONFIG_TIMELIMIT_ATTRIBUTE, config_set_timelimit,
NULL, 0,
- (void**)&global_slapdFrontendConfig.timelimit, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.timelimit,
+ CONFIG_INT, NULL, DEFAULT_TIMELIMIT},
{CONFIG_ERRORLOG_MAXLOGSIZE_ATTRIBUTE, NULL,
log_set_logsize, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_maxlogsize, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_maxlogsize,
+ CONFIG_INT, NULL, DEFAULT_LOG_MAXLOGSIZE},
{CONFIG_RESERVEDESCRIPTORS_ATTRIBUTE, config_set_reservedescriptors,
NULL, 0,
- (void**)&global_slapdFrontendConfig.reservedescriptors, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.reservedescriptors,
+ CONFIG_INT, NULL, DEFAULT_RESERVE_FDS},
/* access log list is read only, no set func, no config var addr */
- {CONFIG_ACCESSLOG_LIST_ATTRIBUTE, NULL, NULL, 0,
- NULL, CONFIG_CHARRAY, (ConfigGetFunc)config_get_accesslog_list},
+ {CONFIG_ACCESSLOG_LIST_ATTRIBUTE, NULL,
+ NULL, 0, NULL,
+ CONFIG_CHARRAY, (ConfigGetFunc)config_get_accesslog_list, NULL},
{CONFIG_SVRTAB_ATTRIBUTE, config_set_srvtab,
NULL, 0,
- (void**)&global_slapdFrontendConfig.srvtab, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.srvtab,
+ CONFIG_STRING, NULL, ""},
{CONFIG_PW_EXP_ATTRIBUTE, config_set_pw_exp,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_exp, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_exp,
+ CONFIG_ON_OFF, NULL, &init_pw_exp},
{CONFIG_ACCESSCONTROL_ATTRIBUTE, config_set_accesscontrol,
NULL, 0,
- (void**)&global_slapdFrontendConfig.accesscontrol, CONFIG_ON_OFF, NULL},
- {CONFIG_AUDITLOG_LIST_ATTRIBUTE, NULL, NULL, 0,
- NULL, CONFIG_CHARRAY, (ConfigGetFunc)config_get_auditlog_list},
+ (void**)&global_slapdFrontendConfig.accesscontrol,
+ CONFIG_ON_OFF, NULL, &init_accesscontrol},
+ {CONFIG_AUDITLOG_LIST_ATTRIBUTE, NULL,
+ NULL, 0, NULL,
+ CONFIG_CHARRAY, (ConfigGetFunc)config_get_auditlog_list, NULL},
{CONFIG_ACCESSLOG_LOGROTATIONTIMEUNIT_ATTRIBUTE, NULL,
log_set_rotationtimeunit, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_rotationunit, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_rotationunit,
+ CONFIG_STRING, NULL, INIT_ACCESSLOG_ROTATIONUNIT},
{CONFIG_PW_LOCKDURATION_ATTRIBUTE, config_set_pw_lockduration,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_lockduration, CONFIG_LONG, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_lockduration,
+ CONFIG_LONG, NULL, DEFAULT_PW_LOCKDURATION},
{CONFIG_ACCESSLOG_MAXLOGSIZE_ATTRIBUTE, NULL,
log_set_logsize, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_maxlogsize, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_maxlogsize,
+ CONFIG_INT, NULL, DEFAULT_LOG_MAXLOGSIZE},
{CONFIG_IDLETIMEOUT_ATTRIBUTE, config_set_idletimeout,
NULL, 0,
- (void**)&global_slapdFrontendConfig.idletimeout, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.idletimeout,
+ CONFIG_INT, NULL, DEFAULT_IDLE_TIMEOUT},
{CONFIG_NAGLE_ATTRIBUTE, config_set_nagle,
NULL, 0,
- (void**)&global_slapdFrontendConfig.nagle, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.nagle,
+ CONFIG_ON_OFF, NULL, &init_nagle},
{CONFIG_ERRORLOG_MINFREEDISKSPACE_ATTRIBUTE, NULL,
log_set_mindiskspace, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_minfreespace, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_minfreespace,
+ CONFIG_INT, NULL, DEFAULT_LOG_MINFREESPACE},
{CONFIG_AUDITLOG_LOGGING_ENABLED_ATTRIBUTE, NULL,
log_set_logging, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_logging_enabled, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_logging_enabled,
+ CONFIG_ON_OFF, NULL, &init_auditlog_logging_enabled},
{CONFIG_AUDITLOG_LOGGING_HIDE_UNHASHED_PW, config_set_auditlog_unhashed_pw,
NULL, 0,
- (void**)&global_slapdFrontendConfig.auditlog_logging_hide_unhashed_pw, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_logging_hide_unhashed_pw,
+ CONFIG_ON_OFF, NULL, &init_auditlog_logging_hide_unhashed_pw},
{CONFIG_ACCESSLOG_BUFFERING_ATTRIBUTE, config_set_accesslogbuffering,
NULL, 0,
- (void**)&global_slapdFrontendConfig.accesslogbuffering, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.accesslogbuffering,
+ CONFIG_ON_OFF, NULL, &init_accesslogbuffering},
{CONFIG_CSNLOGGING_ATTRIBUTE, config_set_csnlogging,
NULL, 0,
- (void**)&global_slapdFrontendConfig.csnlogging, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.csnlogging,
+ CONFIG_ON_OFF, NULL, &init_csnlogging},
{CONFIG_AUDITLOG_LOGEXPIRATIONTIMEUNIT_ATTRIBUTE, NULL,
log_set_expirationtimeunit, SLAPD_AUDIT_LOG,
(void**)&global_slapdFrontendConfig.auditlog_exptimeunit,
- CONFIG_STRING_OR_UNKNOWN, NULL},
+ CONFIG_STRING_OR_UNKNOWN, NULL, INIT_AUDITLOG_EXPTIMEUNIT},
{CONFIG_PW_SYNTAX_ATTRIBUTE, config_set_pw_syntax,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_syntax, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_syntax,
+ CONFIG_ON_OFF, NULL, &init_pw_syntax},
{CONFIG_LISTENHOST_ATTRIBUTE, config_set_listenhost,
NULL, 0,
- (void**)&global_slapdFrontendConfig.listenhost, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.listenhost,
+ CONFIG_STRING, NULL, NULL/* NULL value is allowed */},
{CONFIG_LDAPI_FILENAME_ATTRIBUTE, config_set_ldapi_filename,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_filename, CONFIG_STRING, NULL},
- {CONFIG_LDAPI_SWITCH_ATTRIBUTE, config_set_ldapi_switch,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_switch, CONFIG_ON_OFF, NULL},
- {CONFIG_LDAPI_BIND_SWITCH_ATTRIBUTE, config_set_ldapi_bind_switch,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_bind_switch, CONFIG_ON_OFF, NULL},
- {CONFIG_LDAPI_ROOT_DN_ATTRIBUTE, config_set_ldapi_root_dn,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_root_dn, CONFIG_STRING, NULL},
- {CONFIG_LDAPI_MAP_ENTRIES_ATTRIBUTE, config_set_ldapi_map_entries,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_map_entries, CONFIG_ON_OFF, NULL},
- {CONFIG_LDAPI_UIDNUMBER_TYPE_ATTRIBUTE, config_set_ldapi_uidnumber_type,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_uidnumber_type, CONFIG_STRING, NULL},
- {CONFIG_LDAPI_GIDNUMBER_TYPE_ATTRIBUTE, config_set_ldapi_gidnumber_type,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_gidnumber_type, CONFIG_STRING, NULL},
- {CONFIG_LDAPI_SEARCH_BASE_DN_ATTRIBUTE, config_set_ldapi_search_base_dn,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_search_base_dn, CONFIG_STRING, NULL},
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_filename,
+ CONFIG_STRING, NULL, SLAPD_LDAPI_DEFAULT_FILENAME},
+ {CONFIG_LDAPI_SWITCH_ATTRIBUTE, config_set_ldapi_switch,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_switch,
+ CONFIG_ON_OFF, NULL, &init_ldapi_switch},
+ {CONFIG_LDAPI_BIND_SWITCH_ATTRIBUTE, config_set_ldapi_bind_switch,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_bind_switch,
+ CONFIG_ON_OFF, NULL, &init_ldapi_bind_switch},
+ {CONFIG_LDAPI_ROOT_DN_ATTRIBUTE, config_set_ldapi_root_dn,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_root_dn,
+ CONFIG_STRING, NULL, DEFAULT_DIRECTORY_MANAGER},
+ {CONFIG_LDAPI_MAP_ENTRIES_ATTRIBUTE, config_set_ldapi_map_entries,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_map_entries,
+ CONFIG_ON_OFF, NULL, &init_ldapi_map_entries},
+ {CONFIG_LDAPI_UIDNUMBER_TYPE_ATTRIBUTE, config_set_ldapi_uidnumber_type,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_uidnumber_type,
+ CONFIG_STRING, NULL, DEFAULT_UIDNUM_TYPE},
+ {CONFIG_LDAPI_GIDNUMBER_TYPE_ATTRIBUTE, config_set_ldapi_gidnumber_type,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_gidnumber_type,
+ CONFIG_STRING, NULL, DEFAULT_GIDNUM_TYPE},
+ {CONFIG_LDAPI_SEARCH_BASE_DN_ATTRIBUTE, config_set_ldapi_search_base_dn,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_search_base_dn,
+ CONFIG_STRING, NULL, DEFAULT_LDAPI_SEARCH_BASE},
#if defined(ENABLE_AUTO_DN_SUFFIX)
- {CONFIG_LDAPI_AUTO_DN_SUFFIX_ATTRIBUTE, config_set_ldapi_auto_dn_suffix,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.ldapi_auto_dn_suffix, CONFIG_STRING, NULL},
+ {CONFIG_LDAPI_AUTO_DN_SUFFIX_ATTRIBUTE, config_set_ldapi_auto_dn_suffix,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.ldapi_auto_dn_suffix,
+ CONFIG_STRING, NULL, DEFAULT_LDAPI_AUTO_DN},
#endif
{CONFIG_ANON_LIMITS_DN_ATTRIBUTE, config_set_anon_limits_dn,
- NULL, 0,
- (void**)&global_slapdFrontendConfig.anon_limits_dn, CONFIG_STRING, NULL},
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.anon_limits_dn,
+ CONFIG_STRING, NULL, ""},
{CONFIG_SLAPI_COUNTER_ATTRIBUTE, config_set_slapi_counters,
NULL, 0,
- (void**)&global_slapdFrontendConfig.slapi_counters, CONFIG_ON_OFF,
- (ConfigGetFunc)config_get_slapi_counters},
+ (void**)&global_slapdFrontendConfig.slapi_counters,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_slapi_counters,
+ &init_slapi_counters},
{CONFIG_ACCESSLOG_MINFREEDISKSPACE_ATTRIBUTE, NULL,
log_set_mindiskspace, SLAPD_ACCESS_LOG,
- (void**)&global_slapdFrontendConfig.accesslog_minfreespace, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.accesslog_minfreespace,
+ CONFIG_INT, NULL, DEFAULT_LOG_MINFREESPACE},
{CONFIG_ERRORLOG_MAXNUMOFLOGSPERDIR_ATTRIBUTE, NULL,
log_set_numlogsperdir, SLAPD_ERROR_LOG,
- (void**)&global_slapdFrontendConfig.errorlog_maxnumlogs, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.errorlog_maxnumlogs,
+ CONFIG_INT, NULL, DEFAULT_LOG_MAXNUMLOGS},
{CONFIG_SECURELISTENHOST_ATTRIBUTE, config_set_securelistenhost,
NULL, 0,
- (void**)&global_slapdFrontendConfig.securelistenhost, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.securelistenhost,
+ CONFIG_STRING, NULL, NULL/* NULL value is allowed */},
{CONFIG_AUDITLOG_MINFREEDISKSPACE_ATTRIBUTE, NULL,
log_set_mindiskspace, SLAPD_AUDIT_LOG,
- (void**)&global_slapdFrontendConfig.auditlog_minfreespace, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog_minfreespace,
+ CONFIG_INT, NULL, DEFAULT_LOG_MINFREESPACE},
{CONFIG_ROOTDN_ATTRIBUTE, config_set_rootdn,
NULL, 0,
- (void**)&global_slapdFrontendConfig.rootdn, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.rootdn,
+ CONFIG_STRING, NULL, DEFAULT_DIRECTORY_MANAGER},
{CONFIG_PW_MINAGE_ATTRIBUTE, config_set_pw_minage,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pw_policy.pw_minage, CONFIG_LONG, NULL},
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_minage,
+ CONFIG_LONG, NULL, DEFAULT_PW_MINAGE},
{CONFIG_AUDITFILE_ATTRIBUTE, config_set_auditlog,
NULL, 0,
- (void**)&global_slapdFrontendConfig.auditlog, CONFIG_STRING_OR_EMPTY, NULL},
+ (void**)&global_slapdFrontendConfig.auditlog,
+ CONFIG_STRING_OR_EMPTY, NULL, NULL/* deletion is not allowed */},
{CONFIG_RETURN_EXACT_CASE_ATTRIBUTE, config_set_return_exact_case,
NULL, 0,
- (void**)&global_slapdFrontendConfig.return_exact_case, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.return_exact_case,
+ CONFIG_ON_OFF, NULL, &init_return_exact_case},
{CONFIG_RESULT_TWEAK_ATTRIBUTE, config_set_result_tweak,
NULL, 0,
- (void**)&global_slapdFrontendConfig.result_tweak, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.result_tweak,
+ CONFIG_ON_OFF, NULL, &init_result_tweak},
{CONFIG_PLUGIN_BINDDN_TRACKING_ATTRIBUTE, config_set_plugin_tracking,
NULL, 0,
- (void**)&global_slapdFrontendConfig.plugin_track, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.plugin_track,
+ CONFIG_ON_OFF, NULL, &init_plugin_track},
{CONFIG_ATTRIBUTE_NAME_EXCEPTION_ATTRIBUTE, config_set_attrname_exceptions,
NULL, 0,
- (void**)&global_slapdFrontendConfig.attrname_exceptions, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.attrname_exceptions,
+ CONFIG_ON_OFF, NULL, &init_attrname_exceptions},
{CONFIG_MAXBERSIZE_ATTRIBUTE, config_set_maxbersize,
NULL, 0,
- (void**)&global_slapdFrontendConfig.maxbersize, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.maxbersize,
+ CONFIG_INT, NULL, DEFAULT_MAX_BERSIZE},
{CONFIG_MAXSASLIOSIZE_ATTRIBUTE, config_set_maxsasliosize,
NULL, 0,
- (void**)&global_slapdFrontendConfig.maxsasliosize, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.maxsasliosize,
+ CONFIG_INT, NULL, DEFAULT_MAX_SASLIO_SIZE},
{CONFIG_VERSIONSTRING_ATTRIBUTE, config_set_versionstring,
NULL, 0,
- (void**)&global_slapdFrontendConfig.versionstring, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.versionstring,
+ CONFIG_STRING, NULL, SLAPD_VERSION_STR},
{CONFIG_REFERRAL_MODE_ATTRIBUTE, config_set_referral_mode,
NULL, 0,
- (void**)&global_slapdFrontendConfig.refer_url, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.refer_url,
+ CONFIG_STRING, NULL, NULL/* deletion is not allowed */},
#if !defined(_WIN32) && !defined(AIX)
{CONFIG_MAXDESCRIPTORS_ATTRIBUTE, config_set_maxdescriptors,
NULL, 0,
- (void**)&global_slapdFrontendConfig.maxdescriptors, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.maxdescriptors,
+ CONFIG_INT, NULL, DEFAULT_MAXDESCRIPTORS},
#endif
{CONFIG_CONNTABLESIZE_ATTRIBUTE, config_set_conntablesize,
NULL, 0,
- (void**)&global_slapdFrontendConfig.conntablesize, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.conntablesize,
+ CONFIG_INT, NULL, NULL/* deletion is not allowed */},
{CONFIG_SSLCLIENTAUTH_ATTRIBUTE, config_set_SSLclientAuth,
NULL, 0,
- (void **)&global_slapdFrontendConfig.SSLclientAuth, CONFIG_SPECIAL_SSLCLIENTAUTH, NULL},
+ (void **)&global_slapdFrontendConfig.SSLclientAuth,
+ CONFIG_SPECIAL_SSLCLIENTAUTH, NULL, DEFAULT_SSLCLIENTAPTH},
{CONFIG_SSL_CHECK_HOSTNAME_ATTRIBUTE, config_set_ssl_check_hostname,
- NULL, 0, NULL, CONFIG_ON_OFF, (ConfigGetFunc)config_get_ssl_check_hostname},
- {CONFIG_CONFIG_ATTRIBUTE, 0, NULL, 0, (void**)SLAPD_CONFIG_DN,
- CONFIG_CONSTANT_STRING, NULL},
+ NULL, 0, NULL,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_ssl_check_hostname,
+ &init_ssl_check_hostname},
+ {CONFIG_CONFIG_ATTRIBUTE, 0,
+ NULL, 0, (void**)SLAPD_CONFIG_DN,
+ CONFIG_CONSTANT_STRING, NULL, NULL/* deletion is not allowed */},
{CONFIG_HASH_FILTERS_ATTRIBUTE, config_set_hash_filters,
- NULL, 0, NULL, CONFIG_ON_OFF, (ConfigGetFunc)config_get_hash_filters},
+ NULL, 0, NULL,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_hash_filters,
+ NULL/* deletion is not allowed */},
/* instance dir; used by admin tasks */
{CONFIG_INSTDIR_ATTRIBUTE, config_set_instancedir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.instancedir, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.instancedir,
+ CONFIG_STRING, NULL, NULL/* deletion is not allowed */},
/* parameterizing schema dir */
{CONFIG_SCHEMADIR_ATTRIBUTE, config_set_schemadir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.schemadir, CONFIG_STRING, NULL},
+ (void**)&global_slapdFrontendConfig.schemadir,
+ CONFIG_STRING, NULL, NULL/* deletion is not allowed */},
/* parameterizing lock dir */
{CONFIG_LOCKDIR_ATTRIBUTE, config_set_lockdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.lockdir, CONFIG_STRING, (ConfigGetFunc)config_get_lockdir},
+ (void**)&global_slapdFrontendConfig.lockdir,
+ CONFIG_STRING, (ConfigGetFunc)config_get_lockdir,
+ NULL/* deletion is not allowed */},
/* parameterizing tmp dir */
{CONFIG_TMPDIR_ATTRIBUTE, config_set_tmpdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.tmpdir, CONFIG_STRING, (ConfigGetFunc)config_get_tmpdir},
+ (void**)&global_slapdFrontendConfig.tmpdir,
+ CONFIG_STRING, (ConfigGetFunc)config_get_tmpdir,
+ NULL/* deletion is not allowed */},
/* parameterizing cert dir */
{CONFIG_CERTDIR_ATTRIBUTE, config_set_certdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.certdir, CONFIG_STRING, (ConfigGetFunc)config_get_certdir},
+ (void**)&global_slapdFrontendConfig.certdir,
+ CONFIG_STRING, (ConfigGetFunc)config_get_certdir,
+ NULL/* deletion is not allowed */},
/* parameterizing ldif dir */
{CONFIG_LDIFDIR_ATTRIBUTE, config_set_ldifdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.ldifdir, CONFIG_STRING, (ConfigGetFunc)config_get_ldifdir},
+ (void**)&global_slapdFrontendConfig.ldifdir,
+ CONFIG_STRING, (ConfigGetFunc)config_get_ldifdir,
+ NULL/* deletion is not allowed */},
/* parameterizing bak dir */
{CONFIG_BAKDIR_ATTRIBUTE, config_set_bakdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.bakdir, CONFIG_STRING, (ConfigGetFunc)config_get_bakdir},
+ (void**)&global_slapdFrontendConfig.bakdir,
+ CONFIG_STRING, (ConfigGetFunc)config_get_bakdir,
+ NULL/* deletion is not allowed */},
/* parameterizing sasl plugin path */
{CONFIG_SASLPATH_ATTRIBUTE, config_set_saslpath,
NULL, 0,
- (void**)&global_slapdFrontendConfig.saslpath, CONFIG_STRING, (ConfigGetFunc)config_get_saslpath},
+ (void**)&global_slapdFrontendConfig.saslpath,
+ CONFIG_STRING, (ConfigGetFunc)config_get_saslpath,
+ NULL/* deletion is not allowed */},
/* parameterizing run dir */
{CONFIG_RUNDIR_ATTRIBUTE, config_set_rundir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.rundir, CONFIG_STRING, (ConfigGetFunc)config_get_rundir},
+ (void**)&global_slapdFrontendConfig.rundir,
+ CONFIG_STRING, (ConfigGetFunc)config_get_rundir,
+ NULL/* deletion is not allowed */},
{CONFIG_REWRITE_RFC1274_ATTRIBUTE, config_set_rewrite_rfc1274,
NULL, 0,
- (void**)&global_slapdFrontendConfig.rewrite_rfc1274, CONFIG_ON_OFF, NULL},
+ (void**)&global_slapdFrontendConfig.rewrite_rfc1274,
+ CONFIG_ON_OFF, NULL, &init_rewrite_rfc1274},
{CONFIG_OUTBOUND_LDAP_IO_TIMEOUT_ATTRIBUTE,
config_set_outbound_ldap_io_timeout,
NULL, 0,
(void **)&global_slapdFrontendConfig.outbound_ldap_io_timeout,
- CONFIG_INT, NULL},
+ CONFIG_INT, NULL, DEFAULT_OUTBOUND_LDAP_IO_TIMEOUT},
{CONFIG_UNAUTH_BINDS_ATTRIBUTE, config_set_unauth_binds_switch,
NULL, 0,
- (void**)&global_slapdFrontendConfig.allow_unauth_binds, CONFIG_ON_OFF,
- (ConfigGetFunc)config_get_unauth_binds_switch},
+ (void**)&global_slapdFrontendConfig.allow_unauth_binds,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_unauth_binds_switch,
+ &init_allow_unauth_binds},
{CONFIG_REQUIRE_SECURE_BINDS_ATTRIBUTE, config_set_require_secure_binds,
NULL, 0,
- (void**)&global_slapdFrontendConfig.require_secure_binds, CONFIG_ON_OFF,
- (ConfigGetFunc)config_get_require_secure_binds},
+ (void**)&global_slapdFrontendConfig.require_secure_binds,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_require_secure_binds,
+ &init_require_secure_binds},
{CONFIG_ANON_ACCESS_ATTRIBUTE, config_set_anon_access_switch,
NULL, 0,
- (void**)&global_slapdFrontendConfig.allow_anon_access, CONFIG_SPECIAL_ANON_ACCESS_SWITCH,
- (ConfigGetFunc)config_get_anon_access_switch},
+ (void**)&global_slapdFrontendConfig.allow_anon_access,
+ CONFIG_SPECIAL_ANON_ACCESS_SWITCH,
+ (ConfigGetFunc)config_get_anon_access_switch,
+ DEFAULT_ALLOW_ANON_ACCESS},
{CONFIG_LOCALSSF_ATTRIBUTE, config_set_localssf,
NULL, 0,
- (void**)&global_slapdFrontendConfig.localssf, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.localssf,
+ CONFIG_INT, NULL, DEFAULT_LOCAL_SSF},
{CONFIG_MINSSF_ATTRIBUTE, config_set_minssf,
NULL, 0,
- (void**)&global_slapdFrontendConfig.minssf, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.minssf,
+ CONFIG_INT, NULL, DEFAULT_MIN_SSF},
{CONFIG_MINSSF_EXCLUDE_ROOTDSE, config_set_minssf_exclude_rootdse,
NULL, 0,
(void**)&global_slapdFrontendConfig.minssf_exclude_rootdse,
- CONFIG_ON_OFF,
- (ConfigGetFunc)config_get_minssf_exclude_rootdse},
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_minssf_exclude_rootdse,
+ &init_minssf_exclude_rootdse},
{CONFIG_FORCE_SASL_EXTERNAL_ATTRIBUTE, config_set_force_sasl_external,
NULL, 0,
- (void**)&global_slapdFrontendConfig.force_sasl_external, CONFIG_ON_OFF,
- (ConfigGetFunc)config_get_force_sasl_external},
+ (void**)&global_slapdFrontendConfig.force_sasl_external,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_force_sasl_external,
+ &init_force_sasl_external},
{CONFIG_ENTRYUSN_GLOBAL, config_set_entryusn_global,
NULL, 0,
- (void**)&global_slapdFrontendConfig.entryusn_global, CONFIG_ON_OFF,
- (ConfigGetFunc)config_get_entryusn_global},
+ (void**)&global_slapdFrontendConfig.entryusn_global,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_entryusn_global,
+ &init_entryusn_global},
{CONFIG_ENTRYUSN_IMPORT_INITVAL, config_set_entryusn_import_init,
NULL, 0,
(void**)&global_slapdFrontendConfig.entryusn_import_init,
- CONFIG_STRING, (ConfigGetFunc)config_get_entryusn_import_init},
+ CONFIG_STRING, (ConfigGetFunc)config_get_entryusn_import_init,
+ ENTRYUSN_IMPORT_INIT},
{CONFIG_ALLOWED_TO_DELETE_ATTRIBUTE, config_set_allowed_to_delete_attrs,
NULL, 0,
(void**)&global_slapdFrontendConfig.allowed_to_delete_attrs,
- CONFIG_STRING, (ConfigGetFunc)config_get_allowed_to_delete_attrs},
+ CONFIG_STRING, (ConfigGetFunc)config_get_allowed_to_delete_attrs,
+ DEFAULT_ALLOWED_TO_DELETE_ATTRS },
{CONFIG_VALIDATE_CERT_ATTRIBUTE, config_set_validate_cert_switch,
NULL, 0,
(void**)&global_slapdFrontendConfig.validate_cert,
CONFIG_SPECIAL_VALIDATE_CERT_SWITCH,
- (ConfigGetFunc)config_get_validate_cert_switch},
+ (ConfigGetFunc)config_get_validate_cert_switch, DEFAULT_VALIDATE_CERT},
{CONFIG_PAGEDSIZELIMIT_ATTRIBUTE, config_set_pagedsizelimit,
NULL, 0,
- (void**)&global_slapdFrontendConfig.pagedsizelimit, CONFIG_INT, NULL},
+ (void**)&global_slapdFrontendConfig.pagedsizelimit,
+ CONFIG_INT, NULL, DEFAULT_PAGEDSIZELIMIT},
{CONFIG_DEFAULT_NAMING_CONTEXT, config_set_default_naming_context,
NULL, 0,
(void**)&global_slapdFrontendConfig.default_naming_context,
- CONFIG_STRING, (ConfigGetFunc)config_get_default_naming_context},
+ CONFIG_STRING, (ConfigGetFunc)config_get_default_naming_context, NULL},
{CONFIG_DISK_MONITORING, config_set_disk_monitoring,
NULL, 0,
- (void**)&global_slapdFrontendConfig.disk_monitoring, CONFIG_ON_OFF,
- (ConfigGetFunc)config_get_disk_monitoring},
+ (void**)&global_slapdFrontendConfig.disk_monitoring,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_disk_monitoring,
+ &init_disk_monitoring},
{CONFIG_DISK_THRESHOLD, config_set_disk_threshold,
NULL, 0,
- (void**)&global_slapdFrontendConfig.disk_threshold, CONFIG_INT,
- (ConfigGetFunc)config_get_disk_threshold},
+ (void**)&global_slapdFrontendConfig.disk_threshold,
+ CONFIG_INT, (ConfigGetFunc)config_get_disk_threshold,
+ DEFAULT_DISK_THRESHOLD},
{CONFIG_DISK_GRACE_PERIOD, config_set_disk_grace_period,
NULL, 0,
(void**)&global_slapdFrontendConfig.disk_grace_period,
- CONFIG_INT, (ConfigGetFunc)config_get_disk_grace_period},
+ CONFIG_INT, (ConfigGetFunc)config_get_disk_grace_period,
+ DEFAULT_DISK_GRACE_PERIOD},
{CONFIG_DISK_LOGGING_CRITICAL, config_set_disk_logging_critical,
NULL, 0,
(void**)&global_slapdFrontendConfig.disk_logging_critical,
- CONFIG_ON_OFF, (ConfigGetFunc)config_get_disk_logging_critical},
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_disk_logging_critical,
+ &init_disk_logging_critical},
{CONFIG_DISK_PRESERVE_LOGGING, config_set_disk_preserve_logging,
NULL, 0,
(void**)&global_slapdFrontendConfig.disk_preserve_logging,
- CONFIG_ON_OFF, (ConfigGetFunc)config_get_disk_preserve_logging},
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_disk_preserve_logging,
+ &init_disk_preserve_logging},
{CONFIG_NDN_CACHE, config_set_ndn_cache_enabled,
NULL, 0,
- (void**)&global_slapdFrontendConfig.ndn_cache_enabled, CONFIG_INT,
- (ConfigGetFunc)config_get_ndn_cache_enabled},
+ (void**)&global_slapdFrontendConfig.ndn_cache_enabled,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_ndn_cache_enabled,
+ &init_ndn_cache_enabled},
{CONFIG_NDN_CACHE_SIZE, config_set_ndn_cache_max_size,
NULL, 0,
(void**)&global_slapdFrontendConfig.ndn_cache_max_size,
- CONFIG_INT, (ConfigGetFunc)config_get_ndn_cache_size},
+ CONFIG_INT, (ConfigGetFunc)config_get_ndn_cache_size, DEFAULT_NDN_SIZE},
#ifdef MEMPOOL_EXPERIMENTAL
,{CONFIG_MEMPOOL_SWITCH_ATTRIBUTE, config_set_mempool_switch,
NULL, 0,
- (void**)&global_slapdFrontendConfig.mempool_switch, CONFIG_ON_OFF, (ConfigGetFunc)config_get_mempool_switch},
+ (void**)&global_slapdFrontendConfig.mempool_switch,
+ CONFIG_ON_OFF, (ConfigGetFunc)config_get_mempool_switch,
+ &init_mempool_switch},
{CONFIG_MEMPOOL_MAXFREELIST_ATTRIBUTE, config_set_mempool_maxfreelist,
NULL, 0,
- (void**)&global_slapdFrontendConfig.mempool_maxfreelist, CONFIG_INT, (ConfigGetFunc)config_get_mempool_maxfreelist}
+ (void**)&global_slapdFrontendConfig.mempool_maxfreelist,
+ CONFIG_INT, (ConfigGetFunc)config_get_mempool_maxfreelist,
+ DEFAULT_MEMPOOL_MAXFREELIST}
#endif /* MEMPOOL_EXPERIMENTAL */
};
@@ -943,21 +1249,21 @@ FrontendConfig_init () {
cfg->port = LDAP_PORT;
cfg->secureport = LDAPS_PORT;
cfg->ldapi_filename = slapi_ch_strdup(SLAPD_LDAPI_DEFAULT_FILENAME);
- cfg->ldapi_switch = LDAP_OFF;
- cfg->ldapi_bind_switch = LDAP_OFF;
- cfg->ldapi_root_dn = slapi_ch_strdup("cn=Directory Manager");
- cfg->ldapi_map_entries = LDAP_OFF;
- cfg->ldapi_uidnumber_type = slapi_ch_strdup("uidNumber");
- cfg->ldapi_gidnumber_type = slapi_ch_strdup("gidNumber");
+ init_ldapi_switch = cfg->ldapi_switch = LDAP_OFF;
+ init_ldapi_bind_switch = cfg->ldapi_bind_switch = LDAP_OFF;
+ cfg->ldapi_root_dn = slapi_ch_strdup(DEFAULT_DIRECTORY_MANAGER);
+ init_ldapi_map_entries = cfg->ldapi_map_entries = LDAP_OFF;
+ cfg->ldapi_uidnumber_type = slapi_ch_strdup(DEFAULT_UIDNUM_TYPE);
+ cfg->ldapi_gidnumber_type = slapi_ch_strdup(DEFAULT_GIDNUM_TYPE);
/* These DNs are no need to be normalized. */
- cfg->ldapi_search_base_dn = slapi_ch_strdup("dc=example,dc=com");
+ cfg->ldapi_search_base_dn = slapi_ch_strdup(DEFAULT_LDAPI_SEARCH_BASE);
#if defined(ENABLE_AUTO_DN_SUFFIX)
- cfg->ldapi_auto_dn_suffix = slapi_ch_strdup("cn=peercred,cn=external,cn=auth");
+ cfg->ldapi_auto_dn_suffix = slapi_ch_strdup(DEFAULT_LDAPI_AUTO_DN);
#endif
- cfg->allow_unauth_binds = LDAP_OFF;
- cfg->require_secure_binds = LDAP_OFF;
+ init_allow_unauth_binds = cfg->allow_unauth_binds = LDAP_OFF;
+ init_require_secure_binds = cfg->require_secure_binds = LDAP_OFF;
cfg->allow_anon_access = SLAPD_ANON_ACCESS_ON;
- cfg->slapi_counters = LDAP_ON;
+ init_slapi_counters = cfg->slapi_counters = LDAP_ON;
cfg->threadnumber = SLAPD_DEFAULT_MAX_THREADS;
cfg->maxthreadsperconn = SLAPD_DEFAULT_MAX_THREADS_PER_CONN;
cfg->reservedescriptors = SLAPD_DEFAULT_RESERVE_FDS;
@@ -968,8 +1274,8 @@ FrontendConfig_init () {
cfg->maxsasliosize = SLAPD_DEFAULT_MAX_SASLIO_SIZE;
cfg->localssf = SLAPD_DEFAULT_LOCAL_SSF;
cfg->minssf = SLAPD_DEFAULT_MIN_SSF;
- cfg->minssf_exclude_rootdse = LDAP_OFF; /* minssf is applied to rootdse,
- by default */
+ /* minssf is applied to rootdse, by default */
+ init_minssf_exclude_rootdse = cfg->minssf_exclude_rootdse = LDAP_OFF;
cfg->validate_cert = SLAPD_VALIDATE_CERT_WARN;
#ifdef _WIN32
@@ -982,17 +1288,19 @@ FrontendConfig_init () {
#endif /* USE_SYSCONF */
#endif /* _WIN32 */
- cfg->accesscontrol = LDAP_ON;
- cfg->security = LDAP_OFF;
- cfg->ssl_check_hostname = LDAP_ON;
- cfg->return_exact_case = LDAP_ON;
- cfg->result_tweak = LDAP_OFF;
+ init_accesscontrol = cfg->accesscontrol = LDAP_ON;
+ init_nagle = cfg->nagle = LDAP_OFF;
+ init_security = cfg->security = LDAP_OFF;
+ init_ssl_check_hostname = cfg->ssl_check_hostname = LDAP_ON;
+ init_return_exact_case = cfg->return_exact_case = LDAP_ON;
+ init_result_tweak = cfg->result_tweak = LDAP_OFF;
+ init_attrname_exceptions = cfg->attrname_exceptions = LDAP_OFF;
cfg->reservedescriptors = SLAPD_DEFAULT_RESERVE_FDS;
cfg->useroc = slapi_ch_strdup ( "" );
cfg->userat = slapi_ch_strdup ( "" );
/* kexcoff: should not be initialized by default here
- cfg->rootpwstoragescheme = pw_name2scheme( SHA1_SCHEME_NAME );
- cfg->pw_storagescheme = pw_name2scheme( SHA1_SCHEME_NAME );
+ cfg->rootpwstoragescheme = pw_name2scheme( SALTED_SHA1_SCHEME_NAME );
+ cfg->pw_storagescheme = pw_name2scheme( SALTED_SHA1_SCHEME_NAME );
*/
cfg->slapd_type = 0;
cfg->versionstring = SLAPD_VERSION_STR;
@@ -1000,24 +1308,29 @@ FrontendConfig_init () {
cfg->pagedsizelimit = 0;
cfg->timelimit = SLAPD_DEFAULT_TIMELIMIT;
cfg->anon_limits_dn = slapi_ch_strdup("");
- cfg->schemacheck = LDAP_ON;
- cfg->syntaxcheck = LDAP_OFF;
- cfg->plugin_track = LDAP_OFF;
- cfg->syntaxlogging = LDAP_OFF;
- cfg->dn_validate_strict = LDAP_OFF;
- cfg->ds4_compatible_schema = LDAP_OFF;
- cfg->enquote_sup_oc = LDAP_OFF;
- cfg->lastmod = LDAP_ON;
- cfg->rewrite_rfc1274 = LDAP_OFF;
+ init_schemacheck = cfg->schemacheck = LDAP_ON;
+ init_syntaxcheck = cfg->syntaxcheck = LDAP_OFF;
+ init_plugin_track = cfg->plugin_track = LDAP_OFF;
+ init_syntaxlogging = cfg->syntaxlogging = LDAP_OFF;
+ init_dn_validate_strict = cfg->dn_validate_strict = LDAP_OFF;
+ init_ds4_compatible_schema = cfg->ds4_compatible_schema = LDAP_OFF;
+ init_enquote_sup_oc = cfg->enquote_sup_oc = LDAP_OFF;
+ init_lastmod = cfg->lastmod = LDAP_ON;
+ init_rewrite_rfc1274 = cfg->rewrite_rfc1274 = LDAP_OFF;
cfg->schemareplace = slapi_ch_strdup( CONFIG_SCHEMAREPLACE_STR_REPLICATION_ONLY );
- cfg->schema_ignore_trailing_spaces = SLAPD_DEFAULT_SCHEMA_IGNORE_TRAILING_SPACES;
- cfg->force_sasl_external = LDAP_OFF; /* do not force sasl external by default - let clients abide by the LDAP standards and send us a SASL/EXTERNAL bind if that's what they want to do */
-
- cfg->pwpolicy_local = LDAP_OFF;
- cfg->pw_policy.pw_change = LDAP_ON;
- cfg->pw_policy.pw_must_change = LDAP_OFF;
- cfg->pw_policy.pw_syntax = LDAP_OFF;
- cfg->pw_policy.pw_exp = LDAP_OFF;
+ init_schema_ignore_trailing_spaces = cfg->schema_ignore_trailing_spaces =
+ SLAPD_DEFAULT_SCHEMA_IGNORE_TRAILING_SPACES;
+ /* do not force sasl external by default -
+ * let clients abide by the LDAP standards and send us a SASL/EXTERNAL bind
+ * if that's what they want to do */
+ init_force_sasl_external = cfg->force_sasl_external = LDAP_OFF;
+
+ init_readonly = cfg->readonly = LDAP_OFF;
+ init_pwpolicy_local = cfg->pwpolicy_local = LDAP_OFF;
+ init_pw_change = cfg->pw_policy.pw_change = LDAP_ON;
+ init_pw_must_change = cfg->pw_policy.pw_must_change = LDAP_OFF;
+ init_pw_syntax = cfg->pw_policy.pw_syntax = LDAP_OFF;
+ init_pw_exp = cfg->pw_policy.pw_exp = LDAP_OFF;
cfg->pw_policy.pw_minlength = 8;
cfg->pw_policy.pw_mindigits = 0;
cfg->pw_policy.pw_minalphas = 0;
@@ -1031,80 +1344,84 @@ FrontendConfig_init () {
cfg->pw_policy.pw_maxage = 8640000; /* 100 days */
cfg->pw_policy.pw_minage = 0;
cfg->pw_policy.pw_warning = 86400; /* 1 day */
- cfg->pw_policy.pw_history = LDAP_OFF;
+ init_pw_history = cfg->pw_policy.pw_history = LDAP_OFF;
cfg->pw_policy.pw_inhistory = 6;
- cfg->pw_policy.pw_lockout = LDAP_OFF;
+ init_pw_lockout = cfg->pw_policy.pw_lockout = LDAP_OFF;
cfg->pw_policy.pw_maxfailure = 3;
- cfg->pw_policy.pw_unlock = LDAP_ON;
+ init_pw_unlock = cfg->pw_policy.pw_unlock = LDAP_ON;
cfg->pw_policy.pw_lockduration = 3600; /* 60 minutes */
cfg->pw_policy.pw_resetfailurecount = 600; /* 10 minutes */
cfg->pw_policy.pw_gracelimit = 0;
- cfg->pw_policy.pw_is_legacy = LDAP_ON;
- cfg->pw_policy.pw_track_update_time = LDAP_OFF;
- cfg->pw_is_global_policy = LDAP_OFF;
+ init_pw_is_legacy = cfg->pw_policy.pw_is_legacy = LDAP_ON;
+ init_pw_track_update_time = cfg->pw_policy.pw_track_update_time = LDAP_OFF;
+ init_pw_is_global_policy = cfg->pw_is_global_policy = LDAP_OFF;
- cfg->accesslog_logging_enabled = LDAP_ON;
- cfg->accesslog_mode = slapi_ch_strdup("600");
+ init_accesslog_logging_enabled = cfg->accesslog_logging_enabled = LDAP_ON;
+ cfg->accesslog_mode = slapi_ch_strdup(INIT_ACCESSLOG_MODE);
cfg->accesslog_maxnumlogs = 10;
cfg->accesslog_maxlogsize = 100;
cfg->accesslog_rotationtime = 1;
- cfg->accesslog_rotationunit = slapi_ch_strdup("day");
- cfg->accesslog_rotationsync_enabled = LDAP_OFF;
+ cfg->accesslog_rotationunit = slapi_ch_strdup(INIT_ACCESSLOG_ROTATIONUNIT);
+ init_accesslog_rotationsync_enabled =
+ cfg->accesslog_rotationsync_enabled = LDAP_OFF;
cfg->accesslog_rotationsynchour = 0;
cfg->accesslog_rotationsyncmin = 0;
cfg->accesslog_maxdiskspace = 500;
cfg->accesslog_minfreespace = 5;
cfg->accesslog_exptime = 1;
- cfg->accesslog_exptimeunit = slapi_ch_strdup("month");
+ cfg->accesslog_exptimeunit = slapi_ch_strdup(INIT_ACCESSLOG_EXPTIMEUNIT);
cfg->accessloglevel = 256;
- cfg->accesslogbuffering = LDAP_ON;
- cfg->csnlogging = LDAP_ON;
+ init_accesslogbuffering = cfg->accesslogbuffering = LDAP_ON;
+ init_csnlogging = cfg->csnlogging = LDAP_ON;
- cfg->errorlog_logging_enabled = LDAP_ON;
- cfg->errorlog_mode = slapi_ch_strdup("600");
+ init_errorlog_logging_enabled = cfg->errorlog_logging_enabled = LDAP_ON;
+ cfg->errorlog_mode = slapi_ch_strdup(INIT_ERRORLOG_MODE);
cfg->errorlog_maxnumlogs = 1;
cfg->errorlog_maxlogsize = 100;
cfg->errorlog_rotationtime = 1;
- cfg->errorlog_rotationunit = slapi_ch_strdup ("week");
- cfg->errorlog_rotationsync_enabled = LDAP_OFF;
+ cfg->errorlog_rotationunit = slapi_ch_strdup (INIT_ERRORLOG_ROTATIONUNIT);
+ init_errorlog_rotationsync_enabled =
+ cfg->errorlog_rotationsync_enabled = LDAP_OFF;
cfg->errorlog_rotationsynchour = 0;
cfg->errorlog_rotationsyncmin = 0;
cfg->errorlog_maxdiskspace = 100;
cfg->errorlog_minfreespace = 5;
cfg->errorlog_exptime = 1;
- cfg->errorlog_exptimeunit = slapi_ch_strdup("month");
+ cfg->errorlog_exptimeunit = slapi_ch_strdup(INIT_ERRORLOG_EXPTIMEUNIT);
cfg->errorloglevel = 0;
- cfg->auditlog_logging_enabled = LDAP_OFF;
- cfg->auditlog_mode = slapi_ch_strdup("600");
+ init_auditlog_logging_enabled = cfg->auditlog_logging_enabled = LDAP_OFF;
+ cfg->auditlog_mode = slapi_ch_strdup(INIT_AUDITLOG_MODE);
cfg->auditlog_maxnumlogs = 1;
cfg->auditlog_maxlogsize = 100;
cfg->auditlog_rotationtime = 1;
- cfg->auditlog_rotationunit = slapi_ch_strdup ("week");
- cfg->auditlog_rotationsync_enabled = LDAP_OFF;
+ cfg->auditlog_rotationunit = slapi_ch_strdup(INIT_AUDITLOG_ROTATIONUNIT);
+ init_auditlog_rotationsync_enabled =
+ cfg->auditlog_rotationsync_enabled = LDAP_OFF;
cfg->auditlog_rotationsynchour = 0;
cfg->auditlog_rotationsyncmin = 0;
cfg->auditlog_maxdiskspace = 100;
cfg->auditlog_minfreespace = 5;
cfg->auditlog_exptime = 1;
- cfg->auditlog_exptimeunit = slapi_ch_strdup("month");
- cfg->auditlog_logging_hide_unhashed_pw = LDAP_ON;
+ cfg->auditlog_exptimeunit = slapi_ch_strdup(INIT_AUDITLOG_EXPTIMEUNIT);
+ init_auditlog_logging_hide_unhashed_pw =
+ cfg->auditlog_logging_hide_unhashed_pw = LDAP_ON;
- cfg->entryusn_global = LDAP_OFF;
- cfg->entryusn_import_init = slapi_ch_strdup("0");
+ init_entryusn_global = cfg->entryusn_global = LDAP_OFF;
+ cfg->entryusn_import_init = slapi_ch_strdup(ENTRYUSN_IMPORT_INIT);
cfg->allowed_to_delete_attrs = slapi_ch_strdup("nsslapd-listenhost nsslapd-securelistenhost nsslapd-defaultnamingcontext");
cfg->default_naming_context = NULL; /* store normalized dn */
- cfg->disk_monitoring = LDAP_OFF;
+ init_disk_monitoring = cfg->disk_monitoring = LDAP_OFF;
cfg->disk_threshold = 2097152; /* 2 mb */
cfg->disk_grace_period = 60; /* 1 hour */
- cfg->disk_preserve_logging = LDAP_OFF;
- cfg->disk_logging_critical = LDAP_OFF;
- cfg->ndn_cache_enabled = LDAP_OFF;
+ init_disk_preserve_logging = cfg->disk_preserve_logging = LDAP_OFF;
+ init_disk_logging_critical = cfg->disk_logging_critical = LDAP_OFF;
+ init_ndn_cache_enabled = cfg->ndn_cache_enabled = LDAP_OFF;
cfg->ndn_cache_max_size = NDN_DEFAULT_SIZE;
#ifdef MEMPOOL_EXPERIMENTAL
- cfg->mempool_switch = LDAP_ON;
+ init_mempool_switch = cfg->mempool_switch = LDAP_ON;
cfg->mempool_maxfreelist = 1024;
cfg->system_page_size = sysconf(_SC_PAGE_SIZE); /* not to get every time; no set, get only */
{
@@ -1219,8 +1536,8 @@ config_value_is_null( const char *attrname, const char *value, char *errorbuf,
int or_zero_length )
{
if ( NULL == value || ( or_zero_length && *value == '\0' )) {
- PR_snprintf( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: NULL value",
- attrname );
+ PR_snprintf( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
+ "%s: deleting the value is not allowed.", attrname );
return 1;
}
@@ -2721,7 +3038,6 @@ config_set_security( const char *attrname, char *value, char *errorbuf, int appl
return retVal;
}
-
static int
config_set_onoff ( const char *attrname, char *value, int *configvalue,
char *errorbuf, int apply )
@@ -2734,7 +3050,10 @@ config_set_onoff ( const char *attrname, char *value, int *configvalue,
}
if ( strcasecmp ( value, "on" ) != 0 &&
- strcasecmp ( value, "off") != 0 ) {
+ strcasecmp ( value, "off") != 0 &&
+ /* initializing the value */
+ (*(int *)value != LDAP_ON) &&
+ (*(int *)value != LDAP_OFF)) {
PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE,
"%s: invalid value \"%s\". Valid values are \"on\" or \"off\".",
attrname, value );
@@ -2750,9 +3069,10 @@ config_set_onoff ( const char *attrname, char *value, int *configvalue,
if ( strcasecmp ( value, "on" ) == 0 ) {
*configvalue = LDAP_ON;
- }
- else if ( strcasecmp ( value, "off" ) == 0 ) {
+ } else if ( strcasecmp ( value, "off" ) == 0 ) {
*configvalue = LDAP_OFF;
+ } else {
+ *configvalue = *(int *)value;
}
CFG_UNLOCK_WRITE(slapdFrontendConfig);
@@ -3691,7 +4011,8 @@ config_set_errorlog_level( const char *attrname, char *value, char *errorbuf, in
int
-config_set_accesslog_level( const char *attrname, char *value, char *errorbuf, int apply ) {
+config_set_accesslog_level( const char *attrname, char *value, char *errorbuf, int apply )
+{
int retVal = LDAP_SUCCESS;
long level = 0;
char *endp = NULL;
@@ -4805,7 +5126,7 @@ config_get_accesslog(){
}
char *
-config_get_errorlog( ){
+config_get_errorlog(){
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
char *retVal;
@@ -6284,10 +6605,10 @@ config_set(const char *attr, struct berval **values, char *errorbuf, int apply)
if ((NULL == values) &&
config_allowed_to_delete_attrs(cgas->attr_name)) {
if (cgas->setfunc) {
- retval = (cgas->setfunc)(cgas->attr_name, NULL,
+ retval = (cgas->setfunc)(cgas->attr_name, cgas->initvalue,
errorbuf, apply);
} else if (cgas->logsetfunc) {
- retval = (cgas->logsetfunc)(cgas->attr_name, NULL,
+ retval = (cgas->logsetfunc)(cgas->attr_name, cgas->initvalue,
cgas->whichlog, errorbuf, apply);
} else {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
11 years, 5 months
Branch '389-ds-base-1.2.11' - ldap/servers
by Nathan Kinder
ldap/servers/plugins/replication/windows_connection.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 98b809ba580530d9418e7bbf857e1ff2b79f75c8
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Tue Nov 6 07:58:58 2012 -0800
Ticket #503 - Improve AD version in winsync log message
When enabling replication level logging, winsync prints out what
version of Windows/AD it detects. If it detects win2k3 or later, it
prints out "detected win2k3 peer". This can be confusing if you are
running a later version, such as win2k8. The code is really trying
to detect if we can use certain operations that only started being
supported in win2k3. This patch changes the message to match this
logic by printing "detected win2k3 or later peer".
diff --git a/ldap/servers/plugins/replication/windows_connection.c b/ldap/servers/plugins/replication/windows_connection.c
index 0393627..105c205 100644
--- a/ldap/servers/plugins/replication/windows_connection.c
+++ b/ldap/servers/plugins/replication/windows_connection.c
@@ -1333,7 +1333,7 @@ windows_conn_connect(Repl_Connection *conn)
if (CONN_IS_WIN2K3 == supports)
{
windows_private_set_iswin2k3(conn->agmt,1);
- LDAPDebug( LDAP_DEBUG_REPL, "windows_conn_connect : detected Win2k3 peer\n", 0, 0, 0 );
+ LDAPDebug( LDAP_DEBUG_REPL, "windows_conn_connect : detected Win2k3 or later peer\n", 0, 0, 0 );
} else
{
windows_private_set_iswin2k3(conn->agmt,0);
11 years, 5 months
ldap/servers
by Nathan Kinder
ldap/servers/plugins/replication/windows_connection.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit e3357b44187acf3f43ad52a62c78911bea620b88
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Tue Nov 6 07:58:58 2012 -0800
Ticket #503 - Improve AD version in winsync log message
When enabling replication level logging, winsync prints out what
version of Windows/AD it detects. If it detects win2k3 or later, it
prints out "detected win2k3 peer". This can be confusing if you are
running a later version, such as win2k8. The code is really trying
to detect if we can use certain operations that only started being
supported in win2k3. This patch changes the message to match this
logic by printing "detected win2k3 or later peer".
diff --git a/ldap/servers/plugins/replication/windows_connection.c b/ldap/servers/plugins/replication/windows_connection.c
index 0393627..105c205 100644
--- a/ldap/servers/plugins/replication/windows_connection.c
+++ b/ldap/servers/plugins/replication/windows_connection.c
@@ -1333,7 +1333,7 @@ windows_conn_connect(Repl_Connection *conn)
if (CONN_IS_WIN2K3 == supports)
{
windows_private_set_iswin2k3(conn->agmt,1);
- LDAPDebug( LDAP_DEBUG_REPL, "windows_conn_connect : detected Win2k3 peer\n", 0, 0, 0 );
+ LDAPDebug( LDAP_DEBUG_REPL, "windows_conn_connect : detected Win2k3 or later peer\n", 0, 0, 0 );
} else
{
windows_private_set_iswin2k3(conn->agmt,0);
11 years, 5 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/ldaputil.c | 33 ++++++++++++++++++++++++++++++---
1 file changed, 30 insertions(+), 3 deletions(-)
New commits:
commit 996034bc98d0f2ef33bdf70ae226fd4410b88075
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Nov 2 16:43:48 2012 -0700
Trac Ticket #190 - Un-resolvable server in replication
agreement produces unclear error message
https://fedorahosted.org/389/ticket/190
Fix description: This patch retrieves more info such as hostname
and error code from getaddrinfo in case ldap_sasl_bind does not
return any useful information about the failure. E.g.,
Error: could not send bind request for id [(anon)] mech [EXTERNAL]:
error -1 (Can't contact LDAP server)
-5987 (Invalid function argument.)
-2 (Name or service not known "your_host_name")
Error: could not send bind request for id [<binddn>] mech [SIMPLE]:
error -1 (Can't contact LDAP server)
-5987 (Invalid function argument.)
107 (Transport endpoint is not connected "your_host_name")
diff --git a/ldap/servers/slapd/ldaputil.c b/ldap/servers/slapd/ldaputil.c
index 7d77644..1c67e51 100644
--- a/ldap/servers/slapd/ldaputil.c
+++ b/ldap/servers/slapd/ldaputil.c
@@ -1083,15 +1083,42 @@ slapi_ldap_bind(
mech ? mech : "SIMPLE",
bindid, creds);
if ((rc = ldap_sasl_bind(ld, bindid, mech, &bvcreds, serverctrls,
- NULL /* clientctrls */, &mymsgid))) {
+ NULL /* clientctrls */, &mymsgid))) {
+ char *myhostname = NULL;
+ char *copy = NULL;
+ char *ptr = NULL;
+ int myerrno = errno;
+ int gaierr;
+
+ ldap_get_option(ld, LDAP_OPT_HOST_NAME, &myhostname);
+ if (myhostname) {
+ ptr = strchr(myhostname, ':');
+ if (ptr) {
+ copy = slapi_ch_strdup(myhostname);
+ *(copy + (ptr - myhostname)) = '\0';
+ myhostname = copy;
+ }
+ }
+
+ if (0 == myerrno) {
+ struct addrinfo *result = NULL;
+ gaierr = getaddrinfo(myhostname, NULL, NULL, &result);
+ myerrno = errno;
+ if (result) {
+ freeaddrinfo(result);
+ }
+ }
slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_bind",
"Error: could not send bind request for id "
- "[%s] mech [%s]: error %d (%s) %d (%s) %d (%s)\n",
+ "[%s] mech [%s]: error %d (%s) %d (%s) %d (%s \"%s\")\n",
bindid ? bindid : "(anon)",
mech ? mech : "SIMPLE",
rc, ldap_err2string(rc),
PR_GetError(), slapd_pr_strerror(PR_GetError()),
- errno, slapd_system_strerror(errno));
+ myerrno ? myerrno : gaierr,
+ myerrno ? slapd_system_strerror(myerrno) : gai_strerror(gaierr),
+ myhostname ? myhostname : "unknown host");
+ slapi_ch_free_string(©);
goto done;
}
11 years, 5 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/ldbm_add.c | 74 ++++++++++++++--------------
ldap/servers/slapd/back-ldbm/ldbm_compare.c | 6 +-
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 20 +++----
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 24 ++++-----
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 26 ++++-----
ldap/servers/slapd/back-ldbm/ldbm_search.c | 9 +--
6 files changed, 82 insertions(+), 77 deletions(-)
New commits:
commit e229bb45b418371d83af302f3d24f881ca32bd41
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Fri Nov 2 14:36:38 2012 -0700
Coverity fixes
13107,13108: Explicit null deferenced
Bug description: "Explicit null dereferenced" error was introduced
by commit 7f81635990fa340e2db5c1b14a8d1ba10fa53887
Trac Ticket #391 - Slapd crashes when deleting backends
while operations are still in progress
Fix description: Added codes to check if the inst variable is NULL
or not. If NULL, skip accessing the instance variable and return
an error.
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index cf2676e..1fd2240 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -78,7 +78,7 @@ ldbm_back_add( Slapi_PBlock *pb )
{
backend *be;
struct ldbminfo *li;
- ldbm_instance *inst;
+ ldbm_instance *inst = NULL;
const char *dn = NULL;
Slapi_Entry *e = NULL;
struct backentry *tombstoneentry = NULL;
@@ -102,7 +102,7 @@ ldbm_back_add( Slapi_PBlock *pb )
modify_context ruv_c = {0};
int parent_found = 0;
int ruv_c_init = 0;
- int rc;
+ int rc = 0;
int addingentry_id_assigned= 0;
int addingentry_in_cache= 0;
int tombstone_in_cache= 0;
@@ -132,12 +132,12 @@ ldbm_back_add( Slapi_PBlock *pb )
is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV);
inst = (ldbm_instance *) be->be_instance_info;
- if (inst->inst_ref_count) {
+ if (inst && inst->inst_ref_count) {
slapi_counter_increment(inst->inst_ref_count);
} else {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "ldbm_add: instance %s does not exist.\n",
- inst->inst_name);
+ "ldbm_add: instance \"%s\" does not exist.\n",
+ inst ? inst->inst_name : "null instance");
goto error_return;
}
@@ -1060,13 +1060,15 @@ error_return:
{
if ( addingentry_in_cache )
{
- CACHE_REMOVE(&inst->inst_cache, addingentry);
+ if (inst) {
+ CACHE_REMOVE(&inst->inst_cache, addingentry);
+ }
addingentry_in_cache = 0;
}
backentry_clear_entry(addingentry); /* e is released in the frontend */
backentry_free( &addingentry ); /* release the backend wrapper, here */
}
- if(tombstone_in_cache)
+ if(tombstone_in_cache && inst)
{
CACHE_RETURN(&inst->inst_cache, &tombstoneentry);
}
@@ -1075,8 +1077,9 @@ error_return:
dblayer_remember_disk_filled(li);
ldbm_nasty("Add",80,rc);
disk_full = 1;
+ } else if (0 == rc) {
+ rc = SLAPI_FAIL_GENERAL;
}
-
diskfull_return:
if (disk_full) {
rc= return_on_disk_full(li);
@@ -1121,33 +1124,34 @@ diskfull_return:
}
common_return:
- if (addingentry_in_cache && addingentry)
- {
- if (entryrdn_get_switch()) { /* subtree-rename: on */
- /* since adding the entry to the entry cache was successful,
- * let's add the dn to dncache, if not yet done. */
- struct backdn *bdn = dncache_find_id(&inst->inst_dncache,
- addingentry->ep_id);
- if (bdn) { /* already in the dncache */
- CACHE_RETURN(&inst->inst_dncache, &bdn);
- } else { /* not in the dncache yet */
- Slapi_DN *addingsdn =
- slapi_sdn_dup(slapi_entry_get_sdn(addingentry->ep_entry));
- if (addingsdn) {
- bdn = backdn_init(addingsdn, addingentry->ep_id, 0);
- if (bdn) {
- CACHE_ADD( &inst->inst_dncache, bdn, NULL );
- CACHE_RETURN(&inst->inst_dncache, &bdn);
- slapi_log_error(SLAPI_LOG_CACHE, "ldbm_back_add",
- "set %s to dn cache\n", dn);
- }
- }
- }
- }
- CACHE_RETURN( &inst->inst_cache, &addingentry );
- }
- if (inst->inst_ref_count) {
- slapi_counter_decrement(inst->inst_ref_count);
+ if (inst) {
+ if (addingentry_in_cache && addingentry) {
+ if (entryrdn_get_switch()) { /* subtree-rename: on */
+ /* since adding the entry to the entry cache was successful,
+ * let's add the dn to dncache, if not yet done. */
+ struct backdn *bdn = dncache_find_id(&inst->inst_dncache,
+ addingentry->ep_id);
+ if (bdn) { /* already in the dncache */
+ CACHE_RETURN(&inst->inst_dncache, &bdn);
+ } else { /* not in the dncache yet */
+ Slapi_DN *addingsdn =
+ slapi_sdn_dup(slapi_entry_get_sdn(addingentry->ep_entry));
+ if (addingsdn) {
+ bdn = backdn_init(addingsdn, addingentry->ep_id, 0);
+ if (bdn) {
+ CACHE_ADD( &inst->inst_dncache, bdn, NULL );
+ CACHE_RETURN(&inst->inst_dncache, &bdn);
+ slapi_log_error(SLAPI_LOG_CACHE, "ldbm_back_add",
+ "set %s to dn cache\n", dn);
+ }
+ }
+ }
+ }
+ CACHE_RETURN( &inst->inst_cache, &addingentry );
+ }
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
}
/* bepost op needs to know this result */
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &ldap_result_code);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_compare.c b/ldap/servers/slapd/back-ldbm/ldbm_compare.c
index e201ca6..12b6aa5 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_compare.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_compare.c
@@ -74,12 +74,12 @@ ldbm_back_compare( Slapi_PBlock *pb )
}
inst = (ldbm_instance *) be->be_instance_info;
- if (inst->inst_ref_count) {
+ if (inst && inst->inst_ref_count) {
slapi_counter_increment(inst->inst_ref_count);
} else {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "ldbm_compare: instance %s does not exist.\n",
- inst->inst_name);
+ "ldbm_compare: instance \"%s\" does not exist.\n",
+ inst ? inst->inst_name : "null instance");
return -1;
}
/* get the namespace dn */
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 5661bfa..683d324 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -146,12 +146,12 @@ ldbm_back_delete( Slapi_PBlock *pb )
delete_tombstone_entry = operation_is_flag_set(operation, OP_FLAG_TOMBSTONE_ENTRY);
inst = (ldbm_instance *) be->be_instance_info;
- if (inst->inst_ref_count) {
+ if (inst && inst->inst_ref_count) {
slapi_counter_increment(inst->inst_ref_count);
} else {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "ldbm_delete: instance %s does not exist.\n",
- inst->inst_name);
+ "ldbm_delete: instance \"%s\" does not exist.\n",
+ inst ? inst->inst_name : "null instance");
goto error_return;
}
@@ -1116,7 +1116,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
goto common_return;
error_return:
- if (tombstone_in_cache)
+ if (inst && tombstone_in_cache)
{
CACHE_REMOVE( &inst->inst_cache, tombstone );
CACHE_RETURN( &inst->inst_cache, &tombstone );
@@ -1186,7 +1186,7 @@ common_return:
for the post op plugins */
slapi_pblock_set( pb, SLAPI_DELETE_BEPREOP_ENTRY, orig_entry );
}
- if (tombstone_in_cache)
+ if (inst && tombstone_in_cache)
{
CACHE_RETURN( &inst->inst_cache, &tombstone );
tombstone = NULL;
@@ -1208,14 +1208,14 @@ common_return:
}
/* Need to return to cache after post op plugins are called */
- if (retval) { /* error case */
- if (e) {
+ if (inst) {
+ if (retval && e) { /* error case */
cache_unlock_entry( &inst->inst_cache, e );
CACHE_RETURN( &inst->inst_cache, &e );
}
- }
- if (inst->inst_ref_count) {
- slapi_counter_decrement(inst->inst_ref_count);
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
}
if (ruv_c_init) {
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 9cb872a..0db1f87 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -368,12 +368,12 @@ ldbm_back_modify( Slapi_PBlock *pb )
{
goto error_return;
}
- if (inst->inst_ref_count) {
+ if (inst && inst->inst_ref_count) {
slapi_counter_increment(inst->inst_ref_count);
} else {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "ldbm_modify: instance %s does not exist.\n",
- inst->inst_name);
+ "ldbm_modify: instance \"%s\" does not exist.\n",
+ inst ? inst->inst_name : "null instance");
goto error_return;
}
@@ -795,7 +795,7 @@ error_return:
}
/* if ec is in cache, remove it, then add back e if we still have it */
- if (ec_in_cache) {
+ if (inst && ec_in_cache) {
CACHE_REMOVE( &inst->inst_cache, ec );
/* if ec was in cache, e was not - add back e */
if (e) {
@@ -807,7 +807,7 @@ error_return:
common_return:
slapi_mods_done(&smods);
- if (ec_in_cache)
+ if (inst && ec_in_cache)
{
cache_unlock_entry( &inst->inst_cache, ec);
CACHE_RETURN( &inst->inst_cache, &ec );
@@ -817,12 +817,14 @@ common_return:
backentry_free(&ec);
}
- if (e!=NULL) {
- cache_unlock_entry( &inst->inst_cache, e);
- CACHE_RETURN( &inst->inst_cache, &e);
- }
- if (inst->inst_ref_count) {
- slapi_counter_decrement(inst->inst_ref_count);
+ if (inst) {
+ if (e) {
+ cache_unlock_entry( &inst->inst_cache, e);
+ CACHE_RETURN( &inst->inst_cache, &e);
+ }
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
}
/* result code could be used in the bepost plugin functions. */
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index ef73904..98b30dc 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -63,7 +63,7 @@ int
ldbm_back_modrdn( Slapi_PBlock *pb )
{
backend *be;
- ldbm_instance *inst;
+ ldbm_instance *inst = NULL;
struct ldbminfo *li;
struct backentry *e= NULL;
struct backentry *ec= NULL;
@@ -191,12 +191,12 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
return( -1 );
}
- if (inst->inst_ref_count) {
+ if (inst && inst->inst_ref_count) {
slapi_counter_increment(inst->inst_ref_count);
} else {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "ldbm_modrdn: instance %s does not exist.\n",
- inst->inst_name);
+ "ldbm_modrdn: instance \"%s\" does not exist.\n",
+ inst ? inst->inst_name : "null instance");
return( -1 );
}
@@ -1177,7 +1177,7 @@ error_return:
/* make sure caller doesn't attempt to free this */
slapi_pblock_set( pb, SLAPI_ENTRY_POST_OP, postentry );
}
- if (e && entryrdn_get_switch())
+ if (e && entryrdn_get_switch() && inst)
{
struct backdn *bdn = dncache_find_id(&inst->inst_dncache, e->ep_id);
CACHE_REMOVE(&inst->inst_dncache, bdn);
@@ -1186,7 +1186,7 @@ error_return:
if(children)
{
int i = 0;
- if (child_entries && *child_entries)
+ if (child_entries && *child_entries && inst)
{
if (entryrdn_get_switch()) /* subtree-rename: on */
{
@@ -1208,7 +1208,7 @@ error_return:
}
}
}
- if (entryrdn_get_switch() && child_dns && *child_dns)
+ if (entryrdn_get_switch() && child_dns && *child_dns && inst)
{
for (i = 0; child_dns[i] != NULL; i++) {
CACHE_REMOVE( &inst->inst_dncache, child_dns[i] );
@@ -1282,10 +1282,10 @@ common_return:
if (ec) {
/* remove the new entry from the cache if the op failed -
otherwise, leave it in */
- if (ec_in_cache && retval) {
- CACHE_REMOVE( &inst->inst_cache, ec );
- }
- if (ec_in_cache) {
+ if (ec_in_cache && inst) {
+ if (retval) {
+ CACHE_REMOVE( &inst->inst_cache, ec );
+ }
CACHE_RETURN( &inst->inst_cache, &ec );
} else {
backentry_free( &ec );
@@ -1296,12 +1296,12 @@ common_return:
/* put e back in the cache if the modrdn failed */
if (e) {
- if (!e_in_cache && retval) {
+ if (!e_in_cache && retval && inst) {
CACHE_ADD(&inst->inst_cache, e, NULL);
e_in_cache = 1;
}
}
- if (inst->inst_ref_count) {
+ if (inst && inst->inst_ref_count) {
slapi_counter_decrement(inst->inst_ref_count);
}
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c
index 652424e..5f085f9 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_search.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c
@@ -363,19 +363,18 @@ ldbm_back_search( Slapi_PBlock *pb )
slapi_pblock_set( pb, SLAPI_TXN, txn.back_txn_txn );
}
- inst = (ldbm_instance *) be->be_instance_info;
-
if (NULL == basesdn) {
slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL,
"Null target DN", 0, NULL );
return( -1 );
}
- if (inst->inst_ref_count) {
+ inst = (ldbm_instance *) be->be_instance_info;
+ if (inst && inst->inst_ref_count) {
slapi_counter_increment(inst->inst_ref_count);
} else {
LDAPDebug1Arg(LDAP_DEBUG_ANY,
- "ldbm_search: instance %s does not exist.\n",
- inst->inst_name);
+ "ldbm_search: instance \"%s\" does not exist.\n",
+ inst ? inst->inst_name : "null instance");
return( -1 );
}
base = slapi_sdn_get_dn(basesdn);
11 years, 5 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/back-ldbm.h | 4 --
ldap/servers/slapd/back-ldbm/dblayer.c | 22 +++++++----
ldap/servers/slapd/back-ldbm/id2entry.c | 6 +++
ldap/servers/slapd/back-ldbm/import-merge.c | 4 +-
ldap/servers/slapd/back-ldbm/instance.c | 4 ++
ldap/servers/slapd/back-ldbm/ldbm_add.c | 18 +++++++--
ldap/servers/slapd/back-ldbm/ldbm_bind.c | 33 ++++++++++++----
ldap/servers/slapd/back-ldbm/ldbm_compare.c | 18 +++++++--
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 13 ++++++
ldap/servers/slapd/back-ldbm/ldbm_index_config.c | 8 +++-
ldap/servers/slapd/back-ldbm/ldbm_instance_config.c | 3 +
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 11 +++++
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 12 ++++++
ldap/servers/slapd/back-ldbm/ldbm_search.c | 39 +++++++++++---------
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 3 +
ldap/servers/slapd/back-ldbm/misc.c | 10 ++++-
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 3 +
ldap/servers/slapd/back-ldbm/vlv.c | 2 -
18 files changed, 163 insertions(+), 50 deletions(-)
New commits:
commit 7f81635990fa340e2db5c1b14a8d1ba10fa53887
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Fri Oct 26 12:09:18 2012 -0700
Trac Ticket #391 - Slapd crashes when deleting backends
while operations are still in progress
https://fedorahosted.org/389/ticket/391
Bug Description: Deleting backend code ldbm_instance_delete_instance_
entry_callback had no checking for the ordinary operations accessing
the backend instance. Even if some operations are still in progress,
the backend instance could be deleted and it crashes the server.
Fix Description: Backend struct ldbm_instance had a member inst_ref_
count, which was not used. This patch converts the type PRInt32 to
Slapi_Counter and increments it when the backend instance is in use.
The delete code checks the counter and if it is greater than 0, it
returns SLAPI_DSE_CALLBACK_ERROR.
diff --git a/ldap/servers/slapd/back-ldbm/back-ldbm.h b/ldap/servers/slapd/back-ldbm/back-ldbm.h
index fb45a9f..39fd950 100644
--- a/ldap/servers/slapd/back-ldbm/back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/back-ldbm.h
@@ -735,10 +735,8 @@ typedef struct ldbm_instance {
int inst_flags; /* see above */
PRLock *inst_config_mutex;
-
- PRInt32 *inst_ref_count; /* Keeps track of how many operations
+ Slapi_Counter *inst_ref_count; /* Keeps track of how many operations
* are currently using this instance */
-
char *inst_dir_name; /* The name of the directory in the db
* directory that holds the index files
* for this instance. Relative to the
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
index ed7d770..26007f4 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -3103,14 +3103,20 @@ out:
slapi_ch_free((void**)&rel_path);
/* close the database handle to avoid handle leak */
if (dbp && (return_value != 0)) {
- dblayer_close_file(dbp);
+ dblayer_close_file(&dbp);
}
return return_value;
}
-int dblayer_close_file(DB *db)
+int
+dblayer_close_file(DB **db)
{
- return db->close(db,0);
+ if (db) {
+ DB *dbp = *db;
+ *db = NULL; /* To avoid to leave stale DB, set NULL before closing. */
+ return dbp->close(dbp, 0);
+ }
+ return 1;
}
/*
@@ -3163,7 +3169,7 @@ int dblayer_get_index_file(backend *be, struct attrinfo *a, DB** ppDB, int open_
*/
PR_AtomicIncrement(&a->ai_dblayer_count);
- if (NULL != a->ai_dblayer) {
+ if (a->ai_dblayer && ((dblayer_handle*)(a->ai_dblayer))->dblayer_dbp) {
/* This means that the pointer is valid, so we should return it. */
*ppDB = ((dblayer_handle*)(a->ai_dblayer))->dblayer_dbp;
return 0;
@@ -3173,7 +3179,7 @@ int dblayer_get_index_file(backend *be, struct attrinfo *a, DB** ppDB, int open_
* again.
*/
PR_Lock(inst->inst_handle_list_mutex);
- if (NULL != a->ai_dblayer) {
+ if (a->ai_dblayer && ((dblayer_handle*)(a->ai_dblayer))->dblayer_dbp) {
/* another thread set the handle while we were waiting on the lock */
*ppDB = ((dblayer_handle*)(a->ai_dblayer))->dblayer_dbp;
PR_Unlock(inst->inst_handle_list_mutex);
@@ -3316,6 +3322,7 @@ int dblayer_erase_index_file_ex(backend *be, struct attrinfo *a,
if (0 == dblayer_get_index_file(be, a, &db, 0 /* Don't create an index file
if it does not exist. */)) {
+ if(use_lock) slapi_rwlock_wrlock(pEnv->dblayer_env_lock); /* We will be causing logging activity */
/* first, remove the file handle for this index, if we have it open */
PR_Lock(inst->inst_handle_list_mutex);
if (a->ai_dblayer) {
@@ -3340,7 +3347,7 @@ int dblayer_erase_index_file_ex(backend *be, struct attrinfo *a,
DS_Sleep(DBLAYER_CACHE_DELAY);
PR_Lock(inst->inst_handle_list_mutex);
}
- dblayer_close_file(handle->dblayer_dbp);
+ dblayer_close_file(&(handle->dblayer_dbp));
/* remove handle from handle-list */
if (inst->inst_handle_head == handle) {
@@ -3372,7 +3379,7 @@ int dblayer_erase_index_file_ex(backend *be, struct attrinfo *a,
p = dbNamep + dbbasenamelen;
sprintf(p, "%c%s%s",
get_sep(dbNamep), a->ai_type, LDBM_FILENAME_SUFFIX);
- rc = dblayer_db_remove_ex(pEnv, dbNamep, 0, use_lock);
+ rc = dblayer_db_remove_ex(pEnv, dbNamep, 0, 0);
a->ai_dblayer = NULL;
if (dbNamep != dbName)
slapi_ch_free_string(&dbNamep);
@@ -3386,6 +3393,7 @@ int dblayer_erase_index_file_ex(backend *be, struct attrinfo *a,
/* no handle to close */
}
PR_Unlock(inst->inst_handle_list_mutex);
+ if(use_lock) slapi_rwlock_unlock(pEnv->dblayer_env_lock);
}
diff --git a/ldap/servers/slapd/back-ldbm/id2entry.c b/ldap/servers/slapd/back-ldbm/id2entry.c
index e278a2a..4d9c111 100644
--- a/ldap/servers/slapd/back-ldbm/id2entry.c
+++ b/ldap/servers/slapd/back-ldbm/id2entry.c
@@ -382,6 +382,12 @@ id2entry( backend *be, ID id, back_txn *txn, int *err )
"(rdn=%s, ID=%d)\n", rdn, id);
/* Try rdn as dn. Could be RUV. */
normdn = slapi_ch_strdup(rdn);
+ } else if (NULL == normdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, ID2ENTRY,
+ "<= id2entry( %lu ) entryrdn_lookup_dn returned NULL. "
+ "Index file may be deleted or corrupted.\n",
+ (u_long)id);
+ goto bail;
}
sdn = slapi_sdn_new_normdn_byval((const char *)normdn);
bdn = backdn_init(sdn, id, 0);
diff --git a/ldap/servers/slapd/back-ldbm/import-merge.c b/ldap/servers/slapd/back-ldbm/import-merge.c
index 9d7af3e..d5be665 100644
--- a/ldap/servers/slapd/back-ldbm/import-merge.c
+++ b/ldap/servers/slapd/back-ldbm/import-merge.c
@@ -593,7 +593,7 @@ static int import_merge_one_file(ImportWorkerInfo *worker, int passes,
}
preclose_ret = ret;
/* Now close the files */
- dblayer_close_file(output_file);
+ dblayer_close_file(&output_file);
/* Close the cursors */
/* Close and delete the files */
for (i = 0; i < passes; i++) {
@@ -605,7 +605,7 @@ static int import_merge_one_file(ImportWorkerInfo *worker, int passes,
if (0 != ret) {
import_log_notice(worker->job, "MERGE FAIL 4");
}
- ret = dblayer_close_file(db);
+ ret = dblayer_close_file(&db);
if (0 != ret) {
import_log_notice(worker->job, "MERGE FAIL 5");
}
diff --git a/ldap/servers/slapd/back-ldbm/instance.c b/ldap/servers/slapd/back-ldbm/instance.c
index 6aa8212..e172279 100644
--- a/ldap/servers/slapd/back-ldbm/instance.c
+++ b/ldap/servers/slapd/back-ldbm/instance.c
@@ -123,6 +123,9 @@ int ldbm_instance_create(backend *be, char *name)
goto error;
}
+ /* Keeps track of how many operations are currently using this instance */
+ inst->inst_ref_count = slapi_counter_new();
+
inst->inst_be = be;
inst->inst_li = li;
be->be_instance_info = inst;
@@ -411,6 +414,7 @@ ldbm_instance_destructor(void **arg)
LDAPDebug(LDAP_DEBUG_ANY, "Destructor for instance %s called\n",
inst->inst_name, 0, 0);
+ slapi_counter_destroy(&(inst->inst_ref_count));
slapi_ch_free_string(&inst->inst_name);
PR_DestroyLock(inst->inst_config_mutex);
slapi_ch_free_string(&inst->inst_dir_name);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index b8989fc..cf2676e 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -132,7 +132,15 @@ ldbm_back_add( Slapi_PBlock *pb )
is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV);
inst = (ldbm_instance *) be->be_instance_info;
-
+ if (inst->inst_ref_count) {
+ slapi_counter_increment(inst->inst_ref_count);
+ } else {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_add: instance %s does not exist.\n",
+ inst->inst_name);
+ goto error_return;
+ }
+
/* sdn & parentsdn need to be initialized before "goto *_return" */
slapi_sdn_init(&parentsdn);
@@ -878,8 +886,9 @@ ldbm_back_add( Slapi_PBlock *pb )
continue;
}
if (retval != 0) {
- LDAPDebug( LDAP_DEBUG_ANY, "add: attempt to index %lu failed\n",
- (u_long)addingentry->ep_id, 0, 0 );
+ LDAPDebug2Args(LDAP_DEBUG_ANY,
+ "add: attempt to index %lu failed (rc=%d)\n",
+ (u_long)addingentry->ep_id, retval);
ADD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
@@ -1137,6 +1146,9 @@ common_return:
}
CACHE_RETURN( &inst->inst_cache, &addingentry );
}
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
/* bepost op needs to know this result */
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &ldap_result_code);
/* JCMREPL - The bepostop is called even if the operation fails. */
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_bind.c b/ldap/servers/slapd/back-ldbm/ldbm_bind.c
index 24c0b4f..f1dad38 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_bind.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_bind.c
@@ -50,7 +50,7 @@ typedef enum LDAPWAEnum {
LDAPWA_NoDomainAttr = -3,
LDAPWA_InvalidCredentials = -2,
LDAPWA_Failure = -1,
- LDAPWA_Success= 0
+ LDAPWA_Success= 0
} LDAPWAStatus;
int
@@ -211,6 +211,7 @@ ldbm_back_bind( Slapi_PBlock *pb )
Slapi_Value **bvals;
entry_address *addr;
back_txn txn = {NULL};
+ int rc = SLAPI_BIND_SUCCESS;
/* get parameters */
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
@@ -226,10 +227,19 @@ ldbm_back_bind( Slapi_PBlock *pb )
}
inst = (ldbm_instance *) be->be_instance_info;
+ if (inst->inst_ref_count) {
+ slapi_counter_increment(inst->inst_ref_count);
+ } else {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_bind: instance %s does not exist.\n",
+ inst->inst_name);
+ return( SLAPI_BIND_FAIL );
+ }
/* always allow noauth simple binds (front end will send the result) */
if ( method == LDAP_AUTH_SIMPLE && cred->bv_len == 0 ) {
- return( SLAPI_BIND_ANONYMOUS );
+ rc = SLAPI_BIND_ANONYMOUS;
+ goto bail;
}
/*
@@ -237,7 +247,8 @@ ldbm_back_bind( Slapi_PBlock *pb )
* and sending errors if the entry does not exist.
*/
if (( e = find_entry( pb, be, addr, &txn )) == NULL ) {
- return( SLAPI_BIND_FAIL );
+ rc = SLAPI_BIND_FAIL;
+ goto bail;
}
switch ( method ) {
@@ -253,7 +264,8 @@ ldbm_back_bind( Slapi_PBlock *pb )
slapi_send_ldap_result( pb, LDAP_INAPPROPRIATE_AUTH, NULL,
NULL, 0, NULL );
CACHE_RETURN( &inst->inst_cache, &e );
- return( SLAPI_BIND_FAIL );
+ rc = SLAPI_BIND_FAIL;
+ goto bail;
}
bvals= attr_get_present_values(attr);
slapi_value_init_berval(&cv,cred);
@@ -269,7 +281,8 @@ ldbm_back_bind( Slapi_PBlock *pb )
NULL, 0, NULL );
CACHE_RETURN( &inst->inst_cache, &e );
value_done(&cv);
- return( SLAPI_BIND_FAIL );
+ rc = SLAPI_BIND_FAIL;
+ goto bail;
}
value_done(&cv);
}
@@ -279,11 +292,15 @@ ldbm_back_bind( Slapi_PBlock *pb )
slapi_send_ldap_result( pb, LDAP_STRONG_AUTH_NOT_SUPPORTED, NULL,
"auth method not supported", 0, NULL );
CACHE_RETURN( &inst->inst_cache, &e );
- return( SLAPI_BIND_FAIL );
+ rc = SLAPI_BIND_FAIL;
+ goto bail;
}
CACHE_RETURN( &inst->inst_cache, &e );
-
+bail:
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
/* success: front end will send result */
- return( SLAPI_BIND_SUCCESS );
+ return rc;
}
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_compare.c b/ldap/servers/slapd/back-ldbm/ldbm_compare.c
index e9761ec..e201ca6 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_compare.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_compare.c
@@ -61,7 +61,6 @@ ldbm_back_compare( Slapi_PBlock *pb )
Slapi_DN *namespace_dn;
back_txn txn = {NULL};
-
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li );
slapi_pblock_get( pb, SLAPI_TARGET_ADDRESS, &addr);
@@ -75,16 +74,25 @@ ldbm_back_compare( Slapi_PBlock *pb )
}
inst = (ldbm_instance *) be->be_instance_info;
+ if (inst->inst_ref_count) {
+ slapi_counter_increment(inst->inst_ref_count);
+ } else {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_compare: instance %s does not exist.\n",
+ inst->inst_name);
+ return -1;
+ }
/* get the namespace dn */
namespace_dn = (Slapi_DN*)slapi_be_getsuffix(be, 0);
if ( (e = find_entry( pb, be, addr, &txn )) == NULL ) {
- return( -1 ); /* error result sent by find_entry() */
+ ret = -1; /* error result sent by find_entry() */
+ goto bail;
}
err = slapi_access_allowed (pb, e->ep_entry, type, bval, SLAPI_ACL_COMPARE);
if ( err != LDAP_SUCCESS ) {
- slapi_send_ldap_result( pb, err, NULL, NULL, 0, NULL );
+ slapi_send_ldap_result( pb, err, NULL, NULL, 0, NULL );
ret = 1;
} else {
@@ -117,5 +125,9 @@ ldbm_back_compare( Slapi_PBlock *pb )
}
CACHE_RETURN( &inst->inst_cache, &e );
+bail:
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
return( ret );
}
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 57cc3b7..5661bfa 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -146,6 +146,14 @@ ldbm_back_delete( Slapi_PBlock *pb )
delete_tombstone_entry = operation_is_flag_set(operation, OP_FLAG_TOMBSTONE_ENTRY);
inst = (ldbm_instance *) be->be_instance_info;
+ if (inst->inst_ref_count) {
+ slapi_counter_increment(inst->inst_ref_count);
+ } else {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_delete: instance %s does not exist.\n",
+ inst->inst_name);
+ goto error_return;
+ }
/* The dblock serializes writes to the database,
* which reduces deadlocking in the db code,
@@ -1206,6 +1214,9 @@ common_return:
CACHE_RETURN( &inst->inst_cache, &e );
}
}
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
if (ruv_c_init) {
modify_term(&ruv_c, be);
@@ -1214,7 +1225,7 @@ common_return:
diskfull_return:
if(ldap_result_code!=-1)
{
- slapi_send_ldap_result( pb, ldap_result_code, NULL, ldap_result_message, 0, NULL );
+ slapi_send_ldap_result( pb, ldap_result_code, NULL, ldap_result_message, 0, NULL );
}
modify_term(&parent_modify_c,be);
if (rc == 0 && opcsn && !is_fixup_operation && !delete_tombstone_entry)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_index_config.c b/ldap/servers/slapd/back-ldbm/ldbm_index_config.c
index 2775785..e2bec79 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_index_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_index_config.c
@@ -167,6 +167,13 @@ ldbm_instance_index_config_delete_callback(Slapi_PBlock *pb, Slapi_Entry* e, Sla
returntext[0] = '\0';
*returncode = LDAP_SUCCESS;
+
+ if (slapi_counter_get_value(inst->inst_ref_count) > 0) {
+ *returncode = LDAP_UNAVAILABLE;
+ rc = SLAPI_DSE_CALLBACK_ERROR;
+ }
+
+ *returncode = LDAP_SUCCESS;
slapi_entry_attr_find(e, "cn", &attr);
slapi_attr_first_value(attr, &sval);
@@ -184,7 +191,6 @@ ldbm_instance_index_config_delete_callback(Slapi_PBlock *pb, Slapi_Entry* e, Sla
rc = SLAPI_DSE_CALLBACK_ERROR;
}
}
-
return rc;
}
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
index f41bd88..34d9bf5 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
@@ -1194,7 +1194,8 @@ ldbm_instance_delete_instance_entry_callback(Slapi_PBlock *pb, Slapi_Entry* entr
}
/* check if some online task is happening */
- if (instance_set_busy(inst) != 0) {
+ if ((instance_set_busy(inst) != 0) ||
+ (slapi_counter_get_value(inst->inst_ref_count) > 0)) {
LDAPDebug(LDAP_DEBUG_ANY, "ldbm: '%s' is in the middle of a task. "
"Cancel the task or wait for it to finish, "
"then try again.\n", instance_name, 0, 0);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 1eaaaae..9cb872a 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -368,6 +368,14 @@ ldbm_back_modify( Slapi_PBlock *pb )
{
goto error_return;
}
+ if (inst->inst_ref_count) {
+ slapi_counter_increment(inst->inst_ref_count);
+ } else {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_modify: instance %s does not exist.\n",
+ inst->inst_name);
+ goto error_return;
+ }
/* no need to check the dn syntax as this is a replicated op */
if(!repl_op){
@@ -813,6 +821,9 @@ common_return:
cache_unlock_entry( &inst->inst_cache, e);
CACHE_RETURN( &inst->inst_cache, &e);
}
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
/* result code could be used in the bepost plugin functions. */
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &ldap_result_code);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index 00e0d61..ef73904 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -191,6 +191,15 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
return( -1 );
}
+ if (inst->inst_ref_count) {
+ slapi_counter_increment(inst->inst_ref_count);
+ } else {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_modrdn: instance %s does not exist.\n",
+ inst->inst_name);
+ return( -1 );
+ }
+
/* The dblock serializes writes to the database,
* which reduces deadlocking in the db code,
* which means that we run faster.
@@ -1292,6 +1301,9 @@ common_return:
e_in_cache = 1;
}
}
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
moddn_unlock_and_return_entry(be,&e);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c
index 5fbea24..652424e 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_search.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c
@@ -169,6 +169,9 @@ ldbm_back_search_cleanup(Slapi_PBlock *pb,
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
inst = (ldbm_instance *) be->be_instance_info;
CACHE_RETURN(&inst->inst_cache, &e); /* NULL e is handled correctly */
+ if (inst->inst_ref_count) {
+ slapi_counter_decrement(inst->inst_ref_count);
+ }
if(sort_control!=NULL)
{
@@ -343,6 +346,7 @@ ldbm_back_search( Slapi_PBlock *pb )
int backend_count = 1;
static int print_once = 1;
back_txn txn = {NULL};
+ int rc = 0;
slapi_pblock_get( pb, SLAPI_BACKEND, &be );
slapi_pblock_get( pb, SLAPI_OPERATION, &operation);
@@ -366,6 +370,14 @@ ldbm_back_search( Slapi_PBlock *pb )
"Null target DN", 0, NULL );
return( -1 );
}
+ if (inst->inst_ref_count) {
+ slapi_counter_increment(inst->inst_ref_count);
+ } else {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "ldbm_search: instance %s does not exist.\n",
+ inst->inst_name);
+ return( -1 );
+ }
base = slapi_sdn_get_dn(basesdn);
/* Initialize the result set structure here because we need to use it during search processing */
@@ -383,9 +395,8 @@ ldbm_back_search( Slapi_PBlock *pb )
sort = slapi_control_present( controls, LDAP_CONTROL_SORTREQUEST, &sort_spec, &is_sorting_critical_orig );
if(sort)
{
- int r= parse_sort_spec(sort_spec, &sort_control);
- if(r!=0)
- {
+ rc = parse_sort_spec(sort_spec, &sort_control);
+ if (rc) {
/* Badly formed SORT control */
return ldbm_back_search_cleanup(pb, li, sort_control,
LDAP_PROTOCOL_ERROR, "Sort Control",
@@ -401,12 +412,11 @@ ldbm_back_search( Slapi_PBlock *pb )
{
if(sort)
{
- int r = vlv_parse_request_control( be, vlv_spec, &vlv_request_control );
- if(r!=LDAP_SUCCESS)
- {
+ rc = vlv_parse_request_control( be, vlv_spec, &vlv_request_control );
+ if (rc != LDAP_SUCCESS) {
/* Badly formed VLV control */
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, "VLV Control", SLAPI_FAIL_GENERAL,
+ rc, "VLV Control", SLAPI_FAIL_GENERAL,
&vlv_request_control, NULL);
}
{
@@ -421,13 +431,12 @@ ldbm_back_search( Slapi_PBlock *pb )
/* This dn is normalized. */
PR_snprintf(dn,sizeof(dn),"dn: oid=%s,cn=features,cn=config",LDAP_CONTROL_VLVREQUEST);
feature= slapi_str2entry(dn,0);
- r= plugin_call_acl_plugin (pb, feature, dummyAttrs, NULL, SLAPI_ACL_READ, ACLPLUGIN_ACCESS_DEFAULT, NULL);
+ rc = plugin_call_acl_plugin (pb, feature, dummyAttrs, NULL, SLAPI_ACL_READ, ACLPLUGIN_ACCESS_DEFAULT, NULL);
slapi_entry_free(feature);
- if(r!=LDAP_SUCCESS)
- {
+ if (rc != LDAP_SUCCESS) {
/* Client isn't allowed to do this. */
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, "VLV Control", SLAPI_FAIL_GENERAL,
+ rc, "VLV Control", SLAPI_FAIL_GENERAL,
&vlv_request_control, NULL);
}
}
@@ -650,22 +659,20 @@ ldbm_back_search( Slapi_PBlock *pb )
*/
if (virtual_list_view && (NULL != candidates))
{
- int r = 0;
IDList *idl = NULL;
Slapi_Filter *filter = NULL;
slapi_pblock_get( pb, SLAPI_SEARCH_FILTER, &filter );
- r = vlv_filter_candidates(be, pb, candidates, basesdn,
+ rc = vlv_filter_candidates(be, pb, candidates, basesdn,
scope, filter, &idl,
lookthrough_limit, time_up);
- if(r == 0)
- {
+ if (rc == 0) {
idl_free(candidates);
candidates= idl;
}
else
{
return ldbm_back_search_cleanup(pb, li, sort_control,
- r, NULL, -1,
+ rc, NULL, -1,
&vlv_request_control, e);
}
}
diff --git a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
index 9c024ca..578701a 100644
--- a/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
+++ b/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
@@ -684,7 +684,8 @@ int ldbm_back_ldif2ldbm( Slapi_PBlock *pb )
}
/* check if an import/restore is already ongoing... */
- if (instance_set_busy(inst) != 0) {
+ if ((instance_set_busy(inst) != 0) ||
+ (slapi_counter_get_value(inst->inst_ref_count) > 0)) {
LDAPDebug(LDAP_DEBUG_ANY, "ldbm: '%s' is already in the middle of "
"another task and cannot be disturbed.\n",
inst->inst_name, 0, 0);
diff --git a/ldap/servers/slapd/back-ldbm/misc.c b/ldap/servers/slapd/back-ldbm/misc.c
index a56069b..cfc5e5c 100644
--- a/ldap/servers/slapd/back-ldbm/misc.c
+++ b/ldap/servers/slapd/back-ldbm/misc.c
@@ -174,7 +174,7 @@ compute_entry_tombstone_rdn(const char *entryrdn, const char *uniqueid)
int instance_set_busy(ldbm_instance *inst)
{
PR_Lock(inst->inst_config_mutex);
- if (inst->inst_flags & INST_FLAG_BUSY) {
+ if (is_instance_busy(inst)) {
PR_Unlock(inst->inst_config_mutex);
return -1;
}
@@ -187,7 +187,7 @@ int instance_set_busy(ldbm_instance *inst)
int instance_set_busy_and_readonly(ldbm_instance *inst)
{
PR_Lock(inst->inst_config_mutex);
- if (inst->inst_flags & INST_FLAG_BUSY) {
+ if (is_instance_busy(inst)) {
PR_Unlock(inst->inst_config_mutex);
return -1;
}
@@ -280,6 +280,12 @@ is_anyinstance_busy(struct ldbminfo *li)
return rval;
}
+int
+is_instance_busy(ldbm_instance *inst)
+{
+ return inst->inst_flags & INST_FLAG_BUSY;
+}
+
/*
* delete the given file/directory and its sub files/directories
*/
diff --git a/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h b/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
index 80bf329..daf6d05 100644
--- a/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
@@ -150,7 +150,7 @@ int dblayer_database_size(struct ldbminfo *li, unsigned int *size);
int dblayer_terminate(struct ldbminfo *li);
int dblayer_close_indexes(backend *be);
int dblayer_open_file(backend *be, char* indexname, int create, struct attrinfo *ai, DB **ppDB);
-int dblayer_close_file(DB *db);
+int dblayer_close_file(DB **db);
void dblayer_sys_pages(size_t *pagesize, size_t *pages, size_t *procpages, size_t *availpages);
int dblayer_is_cachesize_sane(size_t *cachesize);
void dblayer_remember_disk_filled(struct ldbminfo *li);
@@ -375,6 +375,7 @@ void instance_set_not_busy(ldbm_instance *inst);
void allinstance_set_busy(struct ldbminfo *li);
void allinstance_set_not_busy(struct ldbminfo *li);
int is_anyinstance_busy(struct ldbminfo *li);
+int is_instance_busy(ldbm_instance *inst);
int ldbm_delete_dirs(char *path);
int mkdir_p(char *dir, unsigned int mode);
int is_fullpath(char *path);
diff --git a/ldap/servers/slapd/back-ldbm/vlv.c b/ldap/servers/slapd/back-ldbm/vlv.c
index 7172104..cf68bb3 100644
--- a/ldap/servers/slapd/back-ldbm/vlv.c
+++ b/ldap/servers/slapd/back-ldbm/vlv.c
@@ -159,7 +159,7 @@ int vlv_DeleteSearchEntry(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entr
int vlv_DeleteIndexEntry(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry* entryAfter, int *returncode, char *returntext, void *arg)
{
ldbm_instance *inst = (ldbm_instance*)arg;
- if (inst && (inst->inst_flags & INST_FLAG_BUSY)) {
+ if (inst && is_instance_busy(inst)) {
LDAPDebug( LDAP_DEBUG_ANY,
"Backend instance: '%s' is already in the middle of "
"another task and cannot be disturbed.\n",
11 years, 5 months
ldap/servers
by Noriko Hosoi
ldap/servers/plugins/acl/aclparse.c | 74 +++++++++++++++++++++---------------
1 file changed, 45 insertions(+), 29 deletions(-)
New commits:
commit caf2febf0d8c9f31e1cc2ca9404465eaf10eaf63
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Tue Oct 30 13:03:22 2012 -0700
Trac Ticket #448 - Possible to set invalid macros in Macro ACIs
https://fedorahosted.org/389/ticket/448
Bug description: Syntax checking code in acl did not check the
macro syntax. Thus, invalide macro such as ($bogus.description)
could have been unexpectedly added.
Fix description: This patch adds the checking code: If acl contains
a keyword starting with "($" or "[$", only one of "($dn)", "[$dn]",
or "($attr." is allowed.
diff --git a/ldap/servers/plugins/acl/aclparse.c b/ldap/servers/plugins/acl/aclparse.c
index 39d9f6c..28c01b9 100644
--- a/ldap/servers/plugins/acl/aclparse.c
+++ b/ldap/servers/plugins/acl/aclparse.c
@@ -141,15 +141,16 @@ acl_parse(char * str, aci_t *aci_item, char **errbuf)
*/
f = aci_item->target;
if (aci_item->aci_type & ACI_TARGET_DN) {
- char *avaType;
- struct berval *avaValue;
- const char *dn;
+ char *avaType;
+ struct berval *avaValue;
+ const char *dn;
- dn = slapi_sdn_get_ndn ( aci_item->aci_sdn );
- slapi_filter_get_ava ( f, &avaType, &avaValue );
+ dn = slapi_sdn_get_ndn(aci_item->aci_sdn);
+ slapi_filter_get_ava(f, &avaType, &avaValue);
- if (!slapi_dn_issuffix( avaValue->bv_val, dn))
- return ACL_INVALID_TARGET;
+ if (!slapi_dn_issuffix(avaValue->bv_val, dn)) {
+ return ACL_INVALID_TARGET;
+ }
}
}
@@ -159,9 +160,9 @@ acl_parse(char * str, aci_t *aci_item, char **errbuf)
** We need to keep it for macros too as it needs to be expnaded at eval time.
**
*/
- if ( (aci_item->aci_elevel != ACI_ELEVEL_USERDN_ANYONE) &&
- !(aci_item->aci_type & ACI_TARGET_MACRO_DN) ) {
- slapi_ch_free ( (void **) & aci_item->targetFilterStr );
+ if ((aci_item->aci_elevel != ACI_ELEVEL_USERDN_ANYONE) &&
+ !(aci_item->aci_type & ACI_TARGET_MACRO_DN)) {
+ slapi_ch_free((void **)&aci_item->targetFilterStr);
}
/*
@@ -176,7 +177,7 @@ acl_parse(char * str, aci_t *aci_item, char **errbuf)
"acl_parse: A macro in a subject ($dn) must have a macro in the target.\n");
return(ACL_INVALID_TARGET);
}
-
+
return 0;
}
@@ -225,15 +226,14 @@ __aclp__parse_aci(char *str, aci_t *aci_item, char **errbuf)
switch(*str) {
case 'v':
type = ACI_ACLTXT;
-
- if ( 0 != (rv= __aclp__sanity_check_acltxt(aci_item, str ) ) ) {
-
+ rv = __aclp__sanity_check_acltxt(aci_item, str);
+ if (rv) {
return rv;
}
break;
case 't':
- if (strncmp(str, aci_targetattrfilters,targetattrfilterslen ) == 0) {
+ if (strncmp(str, aci_targetattrfilters,targetattrfilterslen ) == 0) {
type = ACI_TARGET_ATTR;
@@ -245,7 +245,7 @@ __aclp__parse_aci(char *str, aci_t *aci_item, char **errbuf)
if (0 != (rv = __acl__init_targetattrfilters(aci_item, str))) {
return rv;
}
- } else if (strncmp(str, aci_targetattr,targetattrlen ) == 0) {
+ } else if (strncmp(str, aci_targetattr,targetattrlen ) == 0) {
type = ACI_TARGET_ATTR;
if ( (s = strstr( str, "!=" )) != NULL ) {
@@ -459,12 +459,14 @@ __aclp__parse_aci(char *str, aci_t *aci_item, char **errbuf)
static int
__aclp__sanity_check_acltxt (aci_t *aci_item, char *str)
{
- NSErr_t errp;
- char *s;
- ACLListHandle_t *handle = NULL;
- char *newstr = NULL;
- char *word;
- char *next;
+ NSErr_t errp;
+ char *s;
+ ACLListHandle_t *handle = NULL;
+ char *newstr = NULL;
+ char *word;
+ char *next;
+ const char *brkstr = " ;";
+ int checkversion = 0;
memset (&errp, 0, sizeof(NSErr_t));
newstr = str;
@@ -484,14 +486,28 @@ __aclp__sanity_check_acltxt (aci_t *aci_item, char *str)
}
newstr = slapi_ch_strdup (str);
- word = ldap_utf8strtok_r(newstr, " ", &next);
- if (strcasecmp (word, "version") == 0) {
- word = ldap_utf8strtok_r(NULL, " ", &next);
- if (atoi(word) != 3) {
- slapi_ch_free ( (void **) &newstr );
- return ACL_INCORRECT_ACI_VERSION;
+ for (word = ldap_utf8strtok_r(newstr, brkstr, &next); word;
+ word = ldap_utf8strtok_r(NULL, brkstr, &next)) {
+ if (0 == strcasecmp(word, "version")) {
+ checkversion = 1;
+ } else if (checkversion) {
+ checkversion = 0;
+ if ('3' != *word) {
+ slapi_ch_free ( (void **) &newstr );
+ return ACL_INCORRECT_ACI_VERSION;
+ }
+ } else if ((s = strstr(word, "($")) || (s = strstr(word, "[$"))) {
+ if ((0 != strncasecmp(s, ACL_RULE_MACRO_DN_KEY,
+ sizeof(ACL_RULE_MACRO_DN_KEY) - 1)) &&
+ (0 != strncasecmp(s, ACL_RULE_MACRO_DN_LEVELS_KEY,
+ sizeof(ACL_RULE_MACRO_DN_LEVELS_KEY) - 1)) &&
+ (0 != strncasecmp(s, ACL_RULE_MACRO_ATTR_KEY,
+ sizeof(ACL_RULE_MACRO_ATTR_KEY) - 1))) {
+ slapi_ch_free ( (void **) &newstr );
+ return ACL_SYNTAX_ERR;
+ }
}
- }
+ }
slapi_ch_free ( (void **) &newstr );
/* We need to normalize the DNs in the userdn and group dn
11 years, 5 months