Commit 2e3aa39a authored by Pierangelo Masarati's avatar Pierangelo Masarati
Browse files

fix back-relay configuration sanity checks

parent c32fc371
...@@ -7,7 +7,7 @@ OpenLDAP 2.3.38 Engineering ...@@ -7,7 +7,7 @@ OpenLDAP 2.3.38 Engineering
Fixed slapd select_backend/ManageDSAit (ITS#4986) Fixed slapd select_backend/ManageDSAit (ITS#4986)
Fixed slapd-bdb missing index warning (ITS#5037) Fixed slapd-bdb missing index warning (ITS#5037)
Fixed slapd-bdb Quick index for ID 0 (ITS#5052) Fixed slapd-bdb Quick index for ID 0 (ITS#5052)
Fixed slapd-relay multiple "relay" check (ITS#4322) Fixed slapd-relay configuration (ITS#4322,ITS#4340)
Fixed slapo-syncprov uninit'd vars (ITS#5048,#5049) Fixed slapo-syncprov uninit'd vars (ITS#5048,#5049)
Fixed libldap ldap_add_result_entry (ITS#5056) Fixed libldap ldap_add_result_entry (ITS#5056)
Removed lint Removed lint
......
...@@ -56,16 +56,70 @@ relay_back_db_config( ...@@ -56,16 +56,70 @@ relay_back_db_config(
return 1; return 1;
} }
if ( argc < 2 ) { switch ( argc ) {
fprintf( stderr, case 3:
"%s: line %d: missing relay suffix in \"relay <dn> [massage]\" line\n", if ( strcmp( argv[ 2 ], "massage" ) != 0 ) {
fname, lineno ); Debug( LDAP_DEBUG_ANY,
"%s: line %d: "
"unknown arg[#2]=\"%s\" "
"in \"relay <dn> [massage]\" line\n",
fname, lineno, argv[ 2 ] );
return 1;
}
if ( be->be_nsuffix == NULL ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: "
"\"relay\" directive "
"must appear after \"suffix\".\n",
fname, lineno, 0 );
return 1;
}
if ( !BER_BVISNULL( &be->be_nsuffix[ 1 ] ) ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: "
"relaying of multiple suffix "
"database not supported.\n",
fname, lineno, 0 );
return 1;
}
/* fallthru */
case 2:
break;
case 1:
Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing relay suffix "
"in \"relay <dn> [massage]\" line.\n",
fname, lineno, 0 );
return 1; return 1;
} else if ( argc > 3 ) { default:
fprintf( stderr, Debug( LDAP_DEBUG_ANY,
"%s: line %d: too many args in \"relay <dn> [massage]\" line\n", "%s: line %d: extra cruft "
fname, lineno ); "in \"relay <dn> [massage]\" line.\n",
fname, lineno, 0 );
return 1;
}
/* The man page says that the "relay" directive
* automatically instantiates slapo-rwm; I don't
* like this very much any more, I'd prefer to
* have automatic instantiation only when "massage"
* is specified, so one has better control on
* where the overlay gets instantiated, but this
* would break compatibility. One can still control
* where the overlay is instantiated by moving
* around the "relay" directive, although this could
* make slapd.conf a bit confusing. */
if ( overlay_config( be, "rwm" ) ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: unable to install "
"rwm overlay "
"in \"relay <dn> [massage]\" line\n",
fname, lineno, 0 );
return 1; return 1;
} }
...@@ -73,68 +127,55 @@ relay_back_db_config( ...@@ -73,68 +127,55 @@ relay_back_db_config(
dn.bv_len = strlen( argv[ 1 ] ); dn.bv_len = strlen( argv[ 1 ] );
rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL ); rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn, NULL );
if ( rc != LDAP_SUCCESS ) { if ( rc != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: " Debug( LDAP_DEBUG_ANY,
"relay dn \"%s\" is invalid " "%s: line %d: "
"in \"relay <dn> [massage]\" line\n", "relay dn \"%s\" is invalid "
fname, lineno, argv[ 1 ] ); "in \"relay <dn> [massage]\" line\n",
fname, lineno, argv[ 1 ] );
return 1; return 1;
} }
bd = select_backend( &ndn, 0, 1 ); bd = select_backend( &ndn, 0, 1 );
if ( bd == NULL ) { if ( bd == NULL ) {
fprintf( stderr, "%s: line %d: " Debug( LDAP_DEBUG_ANY,
"cannot find database " "%s: line %d: "
"of relay dn \"%s\" " "cannot find database "
"in \"relay <dn> [massage]\" line\n", "of relay dn \"%s\" "
fname, lineno, argv[ 1 ] ); "in \"relay <dn> [massage]\" line\n",
return 1; fname, lineno, argv[ 1 ] );
rc = 1;
} else if ( bd == be ) { goto relay_done;
fprintf( stderr, "%s: line %d: "
"relay dn \"%s\" would call self " } else if ( bd->be_private == be->be_private ) {
"in \"relay <dn> [massage]\" line\n", Debug( LDAP_DEBUG_ANY,
fname, lineno, pdn.bv_val ); "%s: line %d: "
return 1; "relay dn \"%s\" would call self "
"in \"relay <dn> [massage]\" line\n",
fname, lineno, pdn.bv_val );
rc = 1;
goto relay_done;
} }
ri->ri_realsuffix = ndn; ri->ri_realsuffix = ndn;
if ( overlay_config( be, "rwm" ) ) {
fprintf( stderr, "%s: line %d: unable to install "
"rwm overlay "
"in \"relay <dn> [massage]\" line\n",
fname, lineno );
return 1;
}
if ( argc == 3 ) { if ( argc == 3 ) {
char *cargv[ 4 ]; char *cargv[ 4 ];
if ( strcmp( argv[2], "massage" ) != 0 ) {
fprintf( stderr, "%s: line %d: "
"unknown directive \"%s\" "
"in \"relay <dn> [massage]\" line\n",
fname, lineno, argv[2] );
return 1;
}
cargv[ 0 ] = "rwm-suffixmassage"; cargv[ 0 ] = "rwm-suffixmassage";
cargv[ 1 ] = be->be_suffix[0].bv_val; cargv[ 1 ] = be->be_suffix[0].bv_val;
cargv[ 2 ] = pdn.bv_val; cargv[ 2 ] = pdn.bv_val;
cargv[ 3 ] = NULL; cargv[ 3 ] = NULL;
if ( be->be_config( be, fname, lineno, 3, cargv ) ) { rc = be->be_config( be, fname, lineno, 3, cargv );
return 1;
}
} }
relay_done:;
ch_free( pdn.bv_val ); ch_free( pdn.bv_val );
/* anything else */ return rc;
} else {
return SLAP_CONF_UNKNOWN;
} }
return 0; /* anything else */
return SLAP_CONF_UNKNOWN;
} }
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment