Commit 6e8f1b9b authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Sync with HEAD

parent a5cbf490
OpenLDAP 2.4 Change Log OpenLDAP 2.4 Change Log
OpenLDAP 2.4.0alpha Release OpenLDAP 2.4.1alpha Engineering
Changes not tracked Changes not tracked
...@@ -58,6 +58,11 @@ else ...@@ -58,6 +58,11 @@ else
echo "No guide" echo "No guide"
fi fi
if test -e $RELNAME/libraries/liblunicode/ucdata/uctable.h ; then
echo "touching uctable.h..."
touch $RELNAME/libraries/liblunicode/ucdata/uctable.h
fi
if test ! -e $RELNAME/build/version.sh ; then if test ! -e $RELNAME/build/version.sh ; then
echo "No build version" echo "No build version"
OL_STRING="something" OL_STRING="something"
......
...@@ -15,7 +15,7 @@ ...@@ -15,7 +15,7 @@
ol_package=OpenLDAP ol_package=OpenLDAP
ol_major=2 ol_major=2
ol_minor=4 ol_minor=4
ol_patch=0alpha ol_patch=X
ol_api_inc=20400 ol_api_inc=20400
ol_api_current=0 ol_api_current=0
ol_api_revision=0 ol_api_revision=0
......
...@@ -261,8 +261,10 @@ static int dodelete( ...@@ -261,8 +261,10 @@ static int dodelete(
return rc; return rc;
} }
if( verbose || code != LDAP_SUCCESS || if( code != LDAP_SUCCESS ) {
(matcheddn && *matcheddn) || (text && *text) || (refs && *refs) ) tool_perror( "ldap_delete", code, NULL, matcheddn, text, refs );
} else if ( verbose &&
((matcheddn && *matcheddn) || (text && *text) || (refs && *refs) ))
{ {
printf( _("Delete Result: %s (%d)\n"), printf( _("Delete Result: %s (%d)\n"),
ldap_err2string( code ), code ); ldap_err2string( code ), code );
......
...@@ -899,10 +899,17 @@ getNextPage: ...@@ -899,10 +899,17 @@ getNextPage:
} }
if (ldif < 2 ) { if (ldif < 2 ) {
char *realbase = base;
if ( realbase == NULL ) {
ldap_get_option( ld, LDAP_OPT_DEFBASE, (void **)&realbase );
}
printf( "#\n" ); printf( "#\n" );
printf(_("# LDAPv%d\n"), protocol); printf(_("# LDAPv%d\n"), protocol);
printf(_("# base <%s> with scope %s\n"), printf(_("# base <%s>%s with scope %s\n"),
base ? base : "", realbase ? realbase : "",
( realbase == NULL || realbase != base ) ? " (default)" : "",
((scope == LDAP_SCOPE_BASE) ? "baseObject" ((scope == LDAP_SCOPE_BASE) ? "baseObject"
: ((scope == LDAP_SCOPE_ONELEVEL) ? "oneLevel" : ((scope == LDAP_SCOPE_ONELEVEL) ? "oneLevel"
: ((scope == LDAP_SCOPE_SUBORDINATE) ? "children" : ((scope == LDAP_SCOPE_SUBORDINATE) ? "children"
...@@ -943,6 +950,10 @@ getNextPage: ...@@ -943,6 +950,10 @@ getNextPage:
} }
printf( _("\n#\n\n") ); printf( _("\n#\n\n") );
if ( realbase && realbase != base ) {
ldap_memfree( realbase );
}
} }
if ( infile == NULL ) { if ( infile == NULL ) {
...@@ -1512,12 +1523,27 @@ static int print_result( ...@@ -1512,12 +1523,27 @@ static int print_result(
if( text ) { if( text ) {
if( *text ) { if( *text ) {
if( !ldif ) { if( !ldif ) {
tool_write_ldif( LDIF_PUT_TEXT, "text", if ( err == LDAP_PARTIAL_RESULTS ) {
text, strlen(text) ); char *line;
} else {
fprintf( stderr, _("Additional information: %s\n"), text ); for ( line = text; line != NULL; ) {
} char *next = strchr( line, '\n' );
tool_write_ldif( LDIF_PUT_TEXT,
"text", line,
next ? next - line : strlen( line ) );
line = next ? next + 1 : NULL;
}
} else {
tool_write_ldif( LDIF_PUT_TEXT, "text",
text, strlen(text) );
}
} else {
fprintf( stderr, _("Additional information: %s\n"), text );
}
} }
ber_memfree( text ); ber_memfree( text );
......
#! /bin/sh #! /bin/sh
# From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.631.2.1 2006/04/11 16:07:14 kurt Exp . # From configure.in OpenLDAP: pkg/ldap/configure.in,v 1.633 2006/04/29 08:09:31 hyc Exp .
# Guess values for system-dependent variables and create Makefiles. # Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.59. # Generated by GNU Autoconf 2.59.
# #
...@@ -465,7 +465,7 @@ ac_includes_default="\ ...@@ -465,7 +465,7 @@ ac_includes_default="\
# include <unistd.h> # include <unistd.h>
#endif" #endif"
   
ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar OPENLDAP_LIBRELEASE OPENLDAP_LIBVERSION OPENLDAP_RELEASE_DATE top_builddir ldap_subdir CC AR CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE EGREP LN_S ECHO ac_ct_AR RANLIB ac_ct_RANLIB DLLTOOL ac_ct_DLLTOOL AS ac_ct_AS OBJDUMP ac_ct_OBJDUMP CPP LIBTOOL PERLBIN OL_MKDEP OL_MKDEP_FLAGS LTSTATIC LIBOBJS LIBSRCS PLAT WITH_SASL WITH_TLS WITH_MODULES_ENABLED WITH_ACI_ENABLED BUILD_THREAD BUILD_LIBS_DYNAMIC BUILD_SLAPD BUILD_SLAPI SLAPD_SLAPI_DEPEND BUILD_BDB BUILD_DNSSRV BUILD_HDB BUILD_LDAP BUILD_META BUILD_MONITOR BUILD_NULL BUILD_PASSWD BUILD_RELAY BUILD_PERL BUILD_SHELL BUILD_SQL BUILD_ACCESSLOG BUILD_AUDITLOG BUILD_DDS BUILD_DENYOP BUILD_DYNGROUP BUILD_DYNLIST BUILD_LASTMOD BUILD_PPOLICY BUILD_PROXYCACHE BUILD_REFINT BUILD_RETCODE BUILD_RWM BUILD_SEQMOD BUILD_SYNCPROV BUILD_TRANSLUCENT BUILD_UNIQUE BUILD_VALSORT BUILD_SLURPD LDAP_LIBS SLAPD_LIBS SLURPD_LIBS BDB_LIBS LTHREAD_LIBS LUTIL_LIBS WRAP_LIBS SLAPD_MODULES_CPPFLAGS SLAPD_MODULES_LDFLAGS SLAPD_NO_STATIC SLAPD_STATIC_BACKENDS SLAPD_DYNAMIC_BACKENDS SLAPD_STATIC_OVERLAYS SLAPD_DYNAMIC_OVERLAYS PERL_CPPFLAGS SLAPD_PERL_LDFLAGS MOD_PERL_LDFLAGS KRB4_LIBS KRB5_LIBS SASL_LIBS TLS_LIBS MODULES_LIBS SLAPI_LIBS LIBSLAPI LIBSLAPITOOLS AUTH_LIBS ICU_LIBS SLAPD_SLP_LIBS SLAPD_GMP_LIBS SLAPD_SQL_LDFLAGS SLAPD_SQL_LIBS SLAPD_SQL_INCLUDES LTLIBOBJS' ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS build build_cpu build_vendor build_os host host_cpu host_vendor host_os target target_cpu target_vendor target_os INSTALL_PROGRAM INSTALL_SCRIPT INSTALL_DATA CYGPATH_W PACKAGE VERSION ACLOCAL AUTOCONF AUTOMAKE AUTOHEADER MAKEINFO install_sh STRIP ac_ct_STRIP INSTALL_STRIP_PROGRAM mkdir_p AWK SET_MAKE am__leading_dot AMTAR am__tar am__untar OPENLDAP_LIBRELEASE OPENLDAP_LIBVERSION OPENLDAP_RELEASE_DATE top_builddir ldap_subdir CC AR CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT DEPDIR am__include am__quote AMDEP_TRUE AMDEP_FALSE AMDEPBACKSLASH CCDEPMODE am__fastdepCC_TRUE am__fastdepCC_FALSE EGREP LN_S ECHO ac_ct_AR RANLIB ac_ct_RANLIB DLLTOOL ac_ct_DLLTOOL AS ac_ct_AS OBJDUMP ac_ct_OBJDUMP CPP LIBTOOL PERLBIN OL_MKDEP OL_MKDEP_FLAGS LTSTATIC LIBOBJS LIBSRCS PLAT WITH_SASL WITH_TLS WITH_MODULES_ENABLED WITH_ACI_ENABLED BUILD_THREAD BUILD_LIBS_DYNAMIC BUILD_SLAPD BUILD_SLAPI SLAPD_SLAPI_DEPEND BUILD_BDB BUILD_DNSSRV BUILD_HDB BUILD_LDAP BUILD_META BUILD_MONITOR BUILD_NULL BUILD_PASSWD BUILD_RELAY BUILD_PERL BUILD_SHELL BUILD_SQL BUILD_ACCESSLOG BUILD_AUDITLOG BUILD_CONSTRAINT BUILD_DDS BUILD_DENYOP BUILD_DYNGROUP BUILD_DYNLIST BUILD_LASTMOD BUILD_PPOLICY BUILD_PROXYCACHE BUILD_REFINT BUILD_RETCODE BUILD_RWM BUILD_SEQMOD BUILD_SYNCPROV BUILD_TRANSLUCENT BUILD_UNIQUE BUILD_VALSORT BUILD_SLURPD LDAP_LIBS SLAPD_LIBS SLURPD_LIBS BDB_LIBS LTHREAD_LIBS LUTIL_LIBS WRAP_LIBS SLAPD_MODULES_CPPFLAGS SLAPD_MODULES_LDFLAGS SLAPD_NO_STATIC SLAPD_STATIC_BACKENDS SLAPD_DYNAMIC_BACKENDS SLAPD_STATIC_OVERLAYS SLAPD_DYNAMIC_OVERLAYS PERL_CPPFLAGS SLAPD_PERL_LDFLAGS MOD_PERL_LDFLAGS KRB4_LIBS KRB5_LIBS SASL_LIBS TLS_LIBS MODULES_LIBS SLAPI_LIBS LIBSLAPI LIBSLAPITOOLS AUTH_LIBS ICU_LIBS SLAPD_SLP_LIBS SLAPD_GMP_LIBS SLAPD_SQL_LDFLAGS SLAPD_SQL_LIBS SLAPD_SQL_INCLUDES LTLIBOBJS'
ac_subst_files='' ac_subst_files=''
   
# Initialize some variables set by options. # Initialize some variables set by options.
...@@ -1047,6 +1047,7 @@ SLAPD Overlay Options: ...@@ -1047,6 +1047,7 @@ SLAPD Overlay Options:
--enable-overlays enable all available overlays no|yes|mod --enable-overlays enable all available overlays no|yes|mod
--enable-accesslog In-Directory Access Logging overlay no|yes|mod [no] --enable-accesslog In-Directory Access Logging overlay no|yes|mod [no]
--enable-auditlog Audit Logging overlay no|yes|mod [no] --enable-auditlog Audit Logging overlay no|yes|mod [no]
--enable-constraint Attribute Constraint overlay no|yes|mod [no]
--enable-dds Dynamic Directory Services overlay no|yes|mod [no] --enable-dds Dynamic Directory Services overlay no|yes|mod [no]
--enable-denyop Deny Operation overlay no|yes|mod [no] --enable-denyop Deny Operation overlay no|yes|mod [no]
--enable-dyngroup Dynamic Group overlay no|yes|mod [no] --enable-dyngroup Dynamic Group overlay no|yes|mod [no]
...@@ -3074,6 +3075,7 @@ fi; ...@@ -3074,6 +3075,7 @@ fi;
   
Overlays="accesslog \ Overlays="accesslog \
auditlog \ auditlog \
constraint \
dds \ dds \
denyop \ denyop \
dyngroup \ dyngroup \
...@@ -3165,6 +3167,30 @@ else ...@@ -3165,6 +3167,30 @@ else
fi; fi;
# end --enable-auditlog # end --enable-auditlog
   
# OpenLDAP --enable-constraint
# Check whether --enable-constraint or --disable-constraint was given.
if test "${enable_constraint+set}" = set; then
enableval="$enable_constraint"
ol_arg=invalid
for ol_val in no yes mod ; do
if test "$enableval" = "$ol_val" ; then
ol_arg="$ol_val"
fi
done
if test "$ol_arg" = "invalid" ; then
{ { echo "$as_me:$LINENO: error: bad value $enableval for --enable-constraint" >&5
echo "$as_me: error: bad value $enableval for --enable-constraint" >&2;}
{ (exit 1); exit 1; }; }
fi
ol_enable_constraint="$ol_arg"
else
ol_enable_constraint=${ol_enable_overlays:-no}
fi;
# end --enable-constraint
# OpenLDAP --enable-dds # OpenLDAP --enable-dds
   
# Check whether --enable-dds or --disable-dds was given. # Check whether --enable-dds or --disable-dds was given.
...@@ -3794,6 +3820,7 @@ BUILD_SQL=no ...@@ -3794,6 +3820,7 @@ BUILD_SQL=no
   
BUILD_ACCESSLOG=no BUILD_ACCESSLOG=no
BUILD_AUDITLOG=no BUILD_AUDITLOG=no
BUILD_CONSTRAINT=no
BUILD_DDS=no BUILD_DDS=no
BUILD_DENYOP=no BUILD_DENYOP=no
BUILD_DYNGROUP=no BUILD_DYNGROUP=no
...@@ -5635,7 +5662,7 @@ ia64-*-hpux*) ...@@ -5635,7 +5662,7 @@ ia64-*-hpux*)
;; ;;
*-*-irix6*) *-*-irix6*)
# Find out which ABI we are using. # Find out which ABI we are using.
echo '#line 5638 "configure"' > conftest.$ac_ext echo '#line 5665 "configure"' > conftest.$ac_ext
if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5
(eval $ac_compile) 2>&5 (eval $ac_compile) 2>&5
ac_status=$? ac_status=$?
...@@ -7615,11 +7642,11 @@ else ...@@ -7615,11 +7642,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'` -e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:7618: $lt_compile\"" >&5) (eval echo "\"\$as_me:7645: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err) (eval "$lt_compile" 2>conftest.err)
ac_status=$? ac_status=$?
cat conftest.err >&5 cat conftest.err >&5
echo "$as_me:7622: \$? = $ac_status" >&5 echo "$as_me:7649: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized # The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output. # So say no if there are warnings other than the usual output.
...@@ -7877,11 +7904,11 @@ else ...@@ -7877,11 +7904,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'` -e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:7880: $lt_compile\"" >&5) (eval echo "\"\$as_me:7907: $lt_compile\"" >&5)
(eval "$lt_compile" 2>conftest.err) (eval "$lt_compile" 2>conftest.err)
ac_status=$? ac_status=$?
cat conftest.err >&5 cat conftest.err >&5
echo "$as_me:7884: \$? = $ac_status" >&5 echo "$as_me:7911: \$? = $ac_status" >&5
if (exit $ac_status) && test -s "$ac_outfile"; then if (exit $ac_status) && test -s "$ac_outfile"; then
# The compiler can only warn and ignore the option if not recognized # The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings other than the usual output. # So say no if there are warnings other than the usual output.
...@@ -7939,11 +7966,11 @@ else ...@@ -7939,11 +7966,11 @@ else
-e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \ -e 's:.*FLAGS}\{0,1\} :&$lt_compiler_flag :; t' \
-e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \ -e 's: [^ ]*conftest\.: $lt_compiler_flag&:; t' \
-e 's:$: $lt_compiler_flag:'` -e 's:$: $lt_compiler_flag:'`
(eval echo "\"\$as_me:7942: $lt_compile\"" >&5) (eval echo "\"\$as_me:7969: $lt_compile\"" >&5)
(eval "$lt_compile" 2>out/conftest.err) (eval "$lt_compile" 2>out/conftest.err)
ac_status=$? ac_status=$?
cat out/conftest.err >&5 cat out/conftest.err >&5
echo "$as_me:7946: \$? = $ac_status" >&5 echo "$as_me:7973: \$? = $ac_status" >&5
if (exit $ac_status) && test -s out/conftest2.$ac_objext if (exit $ac_status) && test -s out/conftest2.$ac_objext
then then
# The compiler can only warn and ignore the option if not recognized # The compiler can only warn and ignore the option if not recognized
...@@ -10187,7 +10214,7 @@ else ...@@ -10187,7 +10214,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 10190 "configure" #line 10217 "configure"
#include "confdefs.h" #include "confdefs.h"
   
#if HAVE_DLFCN_H #if HAVE_DLFCN_H
...@@ -10285,7 +10312,7 @@ else ...@@ -10285,7 +10312,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2 lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF cat > conftest.$ac_ext <<EOF
#line 10288 "configure" #line 10315 "configure"
#include "confdefs.h" #include "confdefs.h"
   
#if HAVE_DLFCN_H #if HAVE_DLFCN_H
...@@ -40173,6 +40200,22 @@ _ACEOF ...@@ -40173,6 +40200,22 @@ _ACEOF
   
fi fi
   
if test "$ol_enable_constraint" != no ; then
BUILD_CONSTRAINT=$ol_enable_constraint
if test "$ol_enable_constraint" = mod ; then
MFLAG=SLAPD_MOD_DYNAMIC
SLAPD_DYNAMIC_OVERLAYS="$SLAPD_DYNAMIC_OVERLAYS constraint.la"
else
MFLAG=SLAPD_MOD_STATIC
SLAPD_STATIC_OVERLAYS="$SLAPD_STATIC_OVERLAYS constraint.o"
fi
cat >>confdefs.h <<_ACEOF
#define SLAPD_OVER_CONSTRAINT $MFLAG
_ACEOF
fi
if test "$ol_enable_dds" != no ; then if test "$ol_enable_dds" != no ; then
BUILD_DDS=$ol_enable_dds BUILD_DDS=$ol_enable_dds
if test "$ol_enable_dds" = mod ; then if test "$ol_enable_dds" = mod ; then
...@@ -40529,6 +40572,7 @@ fi ...@@ -40529,6 +40572,7 @@ fi
   
   
   
   
   
# Check whether --with-xxinstall or --without-xxinstall was given. # Check whether --with-xxinstall or --without-xxinstall was given.
...@@ -41279,6 +41323,7 @@ s,@BUILD_SHELL@,$BUILD_SHELL,;t t ...@@ -41279,6 +41323,7 @@ s,@BUILD_SHELL@,$BUILD_SHELL,;t t
s,@BUILD_SQL@,$BUILD_SQL,;t t s,@BUILD_SQL@,$BUILD_SQL,;t t
s,@BUILD_ACCESSLOG@,$BUILD_ACCESSLOG,;t t s,@BUILD_ACCESSLOG@,$BUILD_ACCESSLOG,;t t
s,@BUILD_AUDITLOG@,$BUILD_AUDITLOG,;t t s,@BUILD_AUDITLOG@,$BUILD_AUDITLOG,;t t
s,@BUILD_CONSTRAINT@,$BUILD_CONSTRAINT,;t t
s,@BUILD_DDS@,$BUILD_DDS,;t t s,@BUILD_DDS@,$BUILD_DDS,;t t
s,@BUILD_DENYOP@,$BUILD_DENYOP,;t t s,@BUILD_DENYOP@,$BUILD_DENYOP,;t t
s,@BUILD_DYNGROUP@,$BUILD_DYNGROUP,;t t s,@BUILD_DYNGROUP@,$BUILD_DYNGROUP,;t t
...@@ -326,6 +326,7 @@ dnl ---------------------------------------------------------------- ...@@ -326,6 +326,7 @@ dnl ----------------------------------------------------------------
dnl SLAPD Overlay Options dnl SLAPD Overlay Options
Overlays="accesslog \ Overlays="accesslog \
auditlog \ auditlog \
constraint \
dds \ dds \
denyop \ denyop \
dyngroup \ dyngroup \
...@@ -351,6 +352,8 @@ OL_ARG_ENABLE(accesslog,[ --enable-accesslog In-Directory Access Logging ov ...@@ -351,6 +352,8 @@ OL_ARG_ENABLE(accesslog,[ --enable-accesslog In-Directory Access Logging ov
no, [no yes mod], ol_enable_overlays) no, [no yes mod], ol_enable_overlays)
OL_ARG_ENABLE(auditlog,[ --enable-auditlog Audit Logging overlay], OL_ARG_ENABLE(auditlog,[ --enable-auditlog Audit Logging overlay],
no, [no yes mod], ol_enable_overlays) no, [no yes mod], ol_enable_overlays)
OL_ARG_ENABLE(constraint,[ --enable-constraint Attribute Constraint overlay],
no, [no yes mod], ol_enable_overlays)
OL_ARG_ENABLE(dds,[ --enable-dds Dynamic Directory Services overlay], OL_ARG_ENABLE(dds,[ --enable-dds Dynamic Directory Services overlay],
no, [no yes mod], ol_enable_overlays) no, [no yes mod], ol_enable_overlays)
OL_ARG_ENABLE(denyop,[ --enable-denyop Deny Operation overlay], OL_ARG_ENABLE(denyop,[ --enable-denyop Deny Operation overlay],
...@@ -558,6 +561,7 @@ BUILD_SQL=no ...@@ -558,6 +561,7 @@ BUILD_SQL=no
BUILD_ACCESSLOG=no BUILD_ACCESSLOG=no
BUILD_AUDITLOG=no BUILD_AUDITLOG=no
BUILD_CONSTRAINT=no
BUILD_DDS=no BUILD_DDS=no
BUILD_DENYOP=no BUILD_DENYOP=no
BUILD_DYNGROUP=no BUILD_DYNGROUP=no
...@@ -2741,6 +2745,18 @@ if test "$ol_enable_auditlog" != no ; then ...@@ -2741,6 +2745,18 @@ if test "$ol_enable_auditlog" != no ; then
AC_DEFINE_UNQUOTED(SLAPD_OVER_AUDITLOG,$MFLAG,[define for Audit Logging overlay]) AC_DEFINE_UNQUOTED(SLAPD_OVER_AUDITLOG,$MFLAG,[define for Audit Logging overlay])
fi fi
if test "$ol_enable_constraint" != no ; then
BUILD_CONSTRAINT=$ol_enable_constraint
if test "$ol_enable_constraint" = mod ; then
MFLAG=SLAPD_MOD_DYNAMIC
SLAPD_DYNAMIC_OVERLAYS="$SLAPD_DYNAMIC_OVERLAYS constraint.la"
else
MFLAG=SLAPD_MOD_STATIC
SLAPD_STATIC_OVERLAYS="$SLAPD_STATIC_OVERLAYS constraint.o"
fi
AC_DEFINE_UNQUOTED(SLAPD_OVER_CONSTRAINT,$MFLAG,[define for Attribute Constraint overlay])
fi
if test "$ol_enable_dds" != no ; then if test "$ol_enable_dds" != no ; then
BUILD_DDS=$ol_enable_dds BUILD_DDS=$ol_enable_dds
if test "$ol_enable_dds" = mod ; then if test "$ol_enable_dds" = mod ; then
...@@ -2982,6 +2998,7 @@ dnl backends ...@@ -2982,6 +2998,7 @@ dnl backends
dnl overlays dnl overlays
AC_SUBST(BUILD_ACCESSLOG) AC_SUBST(BUILD_ACCESSLOG)
AC_SUBST(BUILD_AUDITLOG) AC_SUBST(BUILD_AUDITLOG)
AC_SUBST(BUILD_CONSTRAINT)
AC_SUBST(BUILD_DDS) AC_SUBST(BUILD_DDS)
AC_SUBST(BUILD_DENYOP) AC_SUBST(BUILD_DENYOP)
AC_SUBST(BUILD_DYNGROUP) AC_SUBST(BUILD_DYNGROUP)
......
...@@ -6,7 +6,7 @@ Public License. ...@@ -6,7 +6,7 @@ Public License.
This directory contains native slapd plugins for password mechanisms that This directory contains native slapd plugins for password mechanisms that
are not actively supported by the project. Currently this includes the are not actively supported by the project. Currently this includes the
Kerberos and Netscape MTA-MD5 password mechanisms. Kerberos, Netscape MTA-MD5 and RADIUS password mechanisms.
To use the Kerberos plugin, add: To use the Kerberos plugin, add:
...@@ -20,6 +20,15 @@ moduleload pw-netscape.so ...@@ -20,6 +20,15 @@ moduleload pw-netscape.so
to your slapd configuration file. to your slapd configuration file.
To use the RADIUS plugin, add:
moduleload pw-radius.so
to your slapd configuration file; optionally, the path to a configuration
file can be appended in the form
moduleload pw-radius.so config="/etc/radius.conf"
No Makefile is provided. Use a command line similar to: No Makefile is provided. Use a command line similar to:
gcc -shared -I../../../include -Wall -g -DHAVE_KRB5 -o pw-kerberos.so kerberos.c gcc -shared -I../../../include -Wall -g -DHAVE_KRB5 -o pw-kerberos.so kerberos.c
...@@ -32,3 +41,10 @@ The corresponding command for the Netscape plugin would be: ...@@ -32,3 +41,10 @@ The corresponding command for the Netscape plugin would be:
gcc -shared -I../../../include -Wall -g -o pw-netscape.so netscape.c gcc -shared -I../../../include -Wall -g -o pw-netscape.so netscape.c
The corresponding command for the RADIUS plugin would be:
gcc -shared -I../../../include -Wall -g -o pw-radius.so radius.c -lradius
(Actually, you might want to statically link the RADIUS client library
libradius.a into the module).
/* $OpenLDAP$ */
/*
* Copyright 1998-2006 The OpenLDAP Foundation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted only as authorized by the OpenLDAP
* Public License.
*
* A copy of this license is available in the file LICENSE in the
* top-level directory of the distribution or, alternatively, at
* <http://www.OpenLDAP.org/license.html>.
*/
#include <stdio.h>
#include <lber.h>
#include <lber_pvt.h> /* BER_BVC definition */
#include "lutil.h"
#include <ac/string.h>
#include <ac/unistd.h>
#include <radlib.h>
static LUTIL_PASSWD_CHK_FUNC chk_radius;
static const struct berval scheme = BER_BVC("{RADIUS}");
static char *config_filename;
static int
chk_radius(
const struct berval *sc,
const struct berval *passwd,
const struct berval *cred,
const char **text )
{
unsigned int i;
int rc = LUTIL_PASSWD_ERR;
struct rad_handle *h = NULL;
for ( i = 0; i < cred->bv_len; i++ ) {
if ( cred->bv_val[ i ] == '\0' ) {
return LUTIL_PASSWD_ERR; /* NUL character in cred */
}
}
if ( cred->bv_val[ i ] != '\0' ) {
return LUTIL_PASSWD_ERR; /* cred must behave like a string */
}
for ( i = 0; i < passwd->bv_len; i++ ) {
if ( passwd->bv_val[ i ] == '\0' ) {
return LUTIL_PASSWD_ERR; /* NUL character in password */
}
}
if ( passwd->bv_val[ i ] != '\0' ) {
return LUTIL_PASSWD_ERR; /* passwd must behave like a string */
}
h = rad_auth_open();
if ( h == NULL ) {
return LUTIL_PASSWD_ERR;
}
if ( rad_config( h, config_filename ) != 0 ) {
goto done;
}
if ( rad_create_request( h, RAD_ACCESS_REQUEST ) ) {
goto done;
}
if ( rad_put_string( h, RAD_USER_NAME, passwd->bv_val ) != 0 ) {
goto done;
}
if ( rad_put_string( h, RAD_USER_PASSWORD, cred->bv_val ) != 0 ) {
goto done;
}
if ( rad_send_request( h ) == RAD_ACCESS_ACCEPT ) {
rc = LUTIL_PASSWD_OK;
}
done:;
rad_close( h );
return rc;
}
int
init_module( int argc, char *argv[] )
{
int i;
for ( i = 0; i < argc; i++ ) {
if ( strncasecmp( argv[ i ], "config=", STRLENOF( "config=" ) ) == 0 ) {
/* FIXME: what if multiple loads of same module?
* does it make sense (e.g. override an existing one)? */
if ( config_filename == NULL ) {
config_filename = ber_strdup( &argv[ i ][ STRLENOF( "config=" ) ] );
}
} else {
fprintf( stderr, "init_module(radius): unknown arg#%d=\"%s\".\n",
i, argv[ i ] );
return 1;
}
}
return lutil_passwd_add( (struct berval *)&scheme, chk_radius, NULL );
}
...@@ -433,7 +433,7 @@ databases. ...@@ -433,7 +433,7 @@ databases.
This marks the beginning of a new {{TERM:BDB}} database instance. This marks the beginning of a new {{TERM:BDB}} database instance.
H4: olcAccess: to <what> [ by <who> <accesslevel> <control> ]+ H4: olcAccess: to <what> [ by <who> [<accesslevel>] [<control>] ]+
This directive grants access (specified by <accesslevel>) to a This directive grants access (specified by <accesslevel>) to a
set of entries and/or attributes (specified by <what>) by one or set of entries and/or attributes (specified by <what>) by one or
...@@ -1013,7 +1013,7 @@ The general form of the olcAccess configuration is: ...@@ -1013,7 +1013,7 @@ The general form of the olcAccess configuration is:
> olcAccess: <access directive> > olcAccess: <access directive>