From 20a05ed4f28ccf22c1348c1d66f3fa06a456072f Mon Sep 17 00:00:00 2001
From: Kurt Zeilenga <kurt@openldap.org>
Date: Wed, 22 May 2002 16:25:20 +0000
Subject: [PATCH] Suck in latest changes from HEAD
---
build/openldap.m4 | 22 +
build/version.sh | 6 +-
configure | 1654 ++++++++++---------
configure.in | 31 +-
contrib/ldaptcl/ldaperr.tcl | 54 +
doc/man/man1/ldappasswd.1 | 170 ++
doc/man/man1/ud.1 | 38 +-
doc/man/man3/lber-decode.3 | 482 +++---
doc/man/man3/lber-encode.3 | 360 ++--
doc/man/man3/lber-memory.3 | 50 +
doc/man/man3/lber-types.3 | 164 ++
doc/man/man3/ldap.3 | 364 +---
doc/man/man3/ldap_abandon.3 | 53 +-
doc/man/man3/ldap_add.3 | 70 +-
doc/man/man3/ldap_bind.3 | 289 ++--
doc/man/man3/ldap_compare.3 | 15 +-
doc/man/man3/ldap_delete.3 | 15 +-
doc/man/man3/ldap_error.3 | 63 +-
doc/man/man3/ldap_first_attribute.3 | 61 +-
doc/man/man3/ldap_first_entry.3 | 38 +-
doc/man/man3/ldap_first_message.3 | 84 +
doc/man/man3/ldap_first_reference.3 | 73 +
doc/man/man3/ldap_get_dn.3 | 227 ++-
doc/man/man3/ldap_get_values.3 | 26 +-
doc/man/man3/ldap_parse_result.3 | 106 ++
doc/man/man3/ldap_schema.3 | 2 +-
doc/man/man5/ldap.conf.5 | 167 ++
doc/man/man5/slapd-bdb.5 | 106 ++
doc/man/man5/slapd-dnssrv.5 | 30 +
doc/man/man5/slapd-ldap.5 | 119 ++
doc/man/man5/slapd-ldbm.5 | 126 ++
doc/man/man5/slapd-meta.5 | 668 ++++++++
doc/man/man5/slapd-null.5 | 51 +
doc/man/man5/slapd-passwd.5 | 42 +
doc/man/man5/slapd-perl.5 | 175 ++
doc/man/man5/slapd-shell.5 | 168 ++
doc/man/man5/slapd-sql.5 | 383 +++++
doc/man/man5/slapd-tcl.5 | 269 +++
doc/man/man5/slapd.access.5 | 6 +-
doc/man/man5/slapd.conf.5 | 276 +---
doc/man/man5/slapd.replog.5 | 24 +-
doc/man/man5/ud.conf.5 | 31 +-
doc/man/man8/mail500.8 | 24 +-
doc/man/man8/slapd.8 | 2 +-
include/Makefile.in | 77 +
include/ldap.h | 2 +
include/ldap_config.h.in | 71 +
include/ldap_config.nt | 63 +
include/ldap_defaults.h | 93 ++
include/ldap_pvt.h | 4 +-
include/ldap_pvt_uc.h | 5 +
include/portable.h.in | 3 +
include/portable.nt | 3 +
libraries/libldap/Makefile.in | 65 +
libraries/libldap/cyrus.c | 10 +-
libraries/libldap/filter.c | 392 +++++
libraries/libldap/getdn.c | 166 +-
libraries/libldap/ldap-int.h | 1 +
libraries/libldap/result.c | 9 +-
libraries/libldap/tls.c | 490 +++---
libraries/libldap/utf-8.c | 89 +-
libraries/libldap_r/Makefile.in | 71 +
libraries/liblunicode/Makefile.in | 2 +-
libraries/liblutil/debug.c | 301 ++++
libraries/liblutil/sha1.c | 276 ++++
libraries/liblutil/uuid.c | 316 ++++
libraries/librewrite/RATIONALE | 2 +
libraries/librewrite/rewrite-int.h | 557 +++++++
servers/slapd/Makefile.in | 384 +++++
servers/slapd/add.c | 1 -
servers/slapd/back-bdb/attribute.c | 3 +-
servers/slapd/back-bdb/delete.c | 3 +-
servers/slapd/back-bdb/dn2id.c | 20 +-
servers/slapd/back-bdb/group.c | 3 +-
servers/slapd/back-bdb/id2entry.c | 3 +-
servers/slapd/back-bdb/idl.c | 9 +-
servers/slapd/back-bdb/init.c | 11 +-
servers/slapd/back-bdb/key.c | 4 +
servers/slapd/back-bdb/modify.c | 4 +-
servers/slapd/back-bdb/modrdn.c | 3 +-
servers/slapd/back-bdb/referral.c | 3 +-
servers/slapd/back-bdb/search.c | 6 +-
servers/slapd/back-dnssrv/init.c | 90 +
servers/slapd/back-ldap/back-ldap.h | 134 ++
servers/slapd/back-ldap/bind.c | 35 +-
servers/slapd/back-ldap/config.c | 174 +-
servers/slapd/back-ldap/init.c | 201 +++
servers/slapd/back-ldap/search.c | 36 +-
servers/slapd/back-ldap/suffixmassage.c | 12 +-
servers/slapd/back-ldap/unbind.c | 3 +
servers/slapd/back-ldbm/idl.c | 30 +-
servers/slapd/back-ldbm/init.c | 1 +
servers/slapd/back-ldbm/search.c | 6 +-
servers/slapd/back-meta/Documentation | 1 +
servers/slapd/back-meta/bind.c | 2 +-
servers/slapd/back-meta/config.c | 594 +++++++
servers/slapd/back-meta/search.c | 4 +-
servers/slapd/back-monitor/database.c | 178 ++
servers/slapd/back-monitor/init.c | 13 +-
servers/slapd/back-null/README | 15 +-
servers/slapd/back-passwd/back-passwd.h | 13 +
servers/slapd/back-passwd/external.h | 16 +
servers/slapd/back-passwd/init.c | 77 +
servers/slapd/back-passwd/search.c | 50 +-
servers/slapd/back-perl/SampleLDAP.pm | 174 +-
servers/slapd/back-perl/bind.c | 4 +-
servers/slapd/back-shell/abandon.c | 4 +-
servers/slapd/back-shell/add.c | 41 +-
servers/slapd/back-shell/bind.c | 41 +-
servers/slapd/back-shell/compare.c | 50 +-
servers/slapd/back-shell/config.c | 83 +-
servers/slapd/back-shell/delete.c | 39 +-
servers/slapd/back-shell/fork.c | 328 +++-
servers/slapd/back-shell/init.c | 111 +-
servers/slapd/back-shell/modify.c | 67 +-
servers/slapd/back-shell/modrdn.c | 64 +-
servers/slapd/back-shell/result.c | 50 +-
servers/slapd/back-shell/search.c | 4 +-
servers/slapd/back-shell/searchexample.conf | 9 +-
servers/slapd/back-shell/searchexample.sh | 9 +-
servers/slapd/back-shell/shell.h | 80 +-
servers/slapd/back-shell/unbind.c | 42 +-
servers/slapd/back-sql/docs/concept | 1 +
servers/slapd/backend.c | 68 +-
servers/slapd/backglue.c | 16 +-
servers/slapd/bind.c | 5 +-
servers/slapd/config.c | 107 +-
servers/slapd/connection.c | 22 +-
servers/slapd/controls.c | 64 +
servers/slapd/delete.c | 2 +-
servers/slapd/dn.c | 10 +-
servers/slapd/entry.c | 11 +-
servers/slapd/extended.c | 12 +
servers/slapd/filter.c | 726 ++++++++
servers/slapd/limits.c | 21 +-
servers/slapd/main.c | 10 +
servers/slapd/matchedValues.c | 418 +++++
servers/slapd/mods.c | 19 -
servers/slapd/passwd.c | 43 +-
servers/slapd/proto-slap.h | 23 +-
servers/slapd/repl.c | 22 +-
servers/slapd/result.c | 258 ++-
servers/slapd/root_dse.c | 4 +-
servers/slapd/sasl.c | 419 +++--
servers/slapd/saslauthz.c | 256 +--
servers/slapd/schema/core.schema | 544 ++++++
servers/slapd/schema_init.c | 2 +-
servers/slapd/slap.h | 48 +-
servers/slapd/suffixalias.c | 81 +
servers/slapd/tools/Makefile.in | 3 +-
servers/slapd/tools/slapadd.c | 4 +-
servers/slurpd/Makefile.in | 53 +
servers/slurpd/admin.c | 16 +-
servers/slurpd/args.c | 86 +-
servers/slurpd/config.c | 38 +-
servers/slurpd/globals.c | 34 +-
servers/slurpd/ldap_op.c | 91 +-
servers/slurpd/main.c | 2 +
servers/slurpd/re.c | 1 +
servers/slurpd/reject.c | 3 +-
servers/slurpd/replica.c | 1 +
servers/slurpd/replog.c | 5 +-
servers/slurpd/ri.c | 2 +
servers/slurpd/sanity.c | 59 +-
servers/slurpd/slurp.h | 211 ++-
tests/progs/Makefile.in | 36 +
tests/progs/slapd-tester.c | 417 +++++
tests/scripts/test002-populate | 64 +-
tests/scripts/test003-search | 10 +-
tests/scripts/test005-modrdn | 224 ++-
tests/scripts/test006-acls | 105 +-
tests/scripts/test007-replication | 152 +-
tests/scripts/test009-referral | 145 ++
tests/scripts/test010-passwd | 147 ++
tests/scripts/test011-subtree-repl | 259 +++
tests/scripts/test012-glue | 138 ++
tests/scripts/test013-language | 115 ++
tests/scripts/test015-xsearch | 4 +
178 files changed, 15485 insertions(+), 3746 deletions(-)
create mode 100644 contrib/ldaptcl/ldaperr.tcl
create mode 100644 doc/man/man1/ldappasswd.1
create mode 100644 doc/man/man3/lber-memory.3
create mode 100644 doc/man/man3/lber-types.3
create mode 100644 doc/man/man3/ldap_first_message.3
create mode 100644 doc/man/man3/ldap_first_reference.3
create mode 100644 doc/man/man3/ldap_parse_result.3
create mode 100644 doc/man/man5/ldap.conf.5
create mode 100644 doc/man/man5/slapd-bdb.5
create mode 100644 doc/man/man5/slapd-dnssrv.5
create mode 100644 doc/man/man5/slapd-ldap.5
create mode 100644 doc/man/man5/slapd-ldbm.5
create mode 100644 doc/man/man5/slapd-meta.5
create mode 100644 doc/man/man5/slapd-null.5
create mode 100644 doc/man/man5/slapd-passwd.5
create mode 100644 doc/man/man5/slapd-perl.5
create mode 100644 doc/man/man5/slapd-shell.5
create mode 100644 doc/man/man5/slapd-sql.5
create mode 100644 doc/man/man5/slapd-tcl.5
create mode 100644 include/Makefile.in
create mode 100644 include/ldap_config.h.in
create mode 100644 include/ldap_config.nt
create mode 100644 include/ldap_defaults.h
create mode 100644 libraries/libldap/Makefile.in
create mode 100644 libraries/libldap_r/Makefile.in
create mode 100644 libraries/liblutil/debug.c
create mode 100644 libraries/liblutil/sha1.c
create mode 100644 libraries/liblutil/uuid.c
create mode 100644 libraries/librewrite/RATIONALE
create mode 100644 libraries/librewrite/rewrite-int.h
create mode 100644 servers/slapd/Makefile.in
create mode 100644 servers/slapd/back-dnssrv/init.c
create mode 100644 servers/slapd/back-ldap/back-ldap.h
create mode 100644 servers/slapd/back-ldap/init.c
create mode 100644 servers/slapd/back-meta/Documentation
create mode 100644 servers/slapd/back-meta/config.c
create mode 100644 servers/slapd/back-monitor/database.c
create mode 100644 servers/slapd/back-passwd/back-passwd.h
create mode 100644 servers/slapd/back-passwd/external.h
create mode 100644 servers/slapd/back-passwd/init.c
create mode 100644 servers/slapd/back-sql/docs/concept
create mode 100644 servers/slapd/matchedValues.c
create mode 100644 servers/slapd/schema/core.schema
create mode 100644 servers/slapd/suffixalias.c
create mode 100644 servers/slurpd/Makefile.in
create mode 100644 tests/progs/Makefile.in
create mode 100644 tests/progs/slapd-tester.c
create mode 100755 tests/scripts/test009-referral
create mode 100755 tests/scripts/test010-passwd
create mode 100755 tests/scripts/test011-subtree-repl
create mode 100755 tests/scripts/test012-glue
create mode 100755 tests/scripts/test013-language
diff --git a/build/openldap.m4 b/build/openldap.m4
index 81a7c8c66d..21f8f2b5ef 100644
--- a/build/openldap.m4
+++ b/build/openldap.m4
@@ -1183,3 +1183,25 @@ AC_DEFUN(OL_FUNC_GETHOSTBYADDR_R_NARGS,
fi
])dnl
dnl
+dnl --------------------------------------------------------------------
+dnl Check for Cyrus SASL version compatility, need 2.1.3 or newer
+AC_DEFUN([OL_SASL_COMPAT],
+[AC_CACHE_CHECK([Cyrus SASL library version], [ol_cv_sasl_compat],[
+ AC_EGREP_CPP(__sasl_compat,[
+#ifdef HAVE_SASL_SASL_H
+#include <sasl/sasl.h>
+#else
+#include <sasl.h>
+#endif
+
+/* require 2.1.3 or later */
+#if SASL_VERSION_MAJOR == 1 && SASL_VERSION_MINOR >= 5
+ char *__sasl_compat = "1.5.x okay";
+#elif SASL_VERSION_MAJOR == 2 && SASL_VERSION_MINOR > 1
+ __sasl_compat "2.2+ or better okay (we guess)";
+#elif SASL_VERSION_MAJOR == 2 && SASL_VERSION_MINOR == 1 \
+ && SASL_VERSION_STEP >=3
+ __sasl_compat = "2.1.3+ or better okay";
+#endif
+ ], [ol_cv_sasl_compat=yes], [ol_cv_sasl_compat=no])])
+])
diff --git a/build/version.sh b/build/version.sh
index f3f780568f..fdf427994d 100755
--- a/build/version.sh
+++ b/build/version.sh
@@ -7,9 +7,9 @@
ol_package=OpenLDAP
ol_major=2
ol_minor=1
-ol_patch=1beta
-ol_api_inc=20101
-ol_api_lib=2:101:0
+ol_patch=X
+ol_api_inc=20102
+ol_api_lib=2:102:0
if test $ol_patch != X ; then
ol_version=${ol_major}.${ol_minor}.${ol_patch}
diff --git a/configure b/configure
index 7735f125e9..ae55fd228a 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# $OpenLDAP$
-# from OpenLDAP: pkg/ldap/configure.in,v 1.408.2.4 2002/04/15 16:06:32 kurt Exp
+# from OpenLDAP: pkg/ldap/configure.in,v 1.420 2002/05/18 00:06:32 hyc Exp
# Copyright 1998-2002 The OpenLDAP Foundation. All Rights Reserved.
#
@@ -2865,7 +2865,6 @@ BUILD_SQL_DYNAMIC=static
SLAPD_MODULES_LDFLAGS=
SLAPD_MODULES_CPPFLAGS=
-SLAPD_MODULES_LIST=
SLAPD_STATIC_BACKENDS=
SLAPD_DYNAMIC_BACKENDS=
@@ -2902,7 +2901,7 @@ SLAPD_SLP_LIBS=
# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
# ./install, which can be erroneously created by make from ./install.sh.
echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6
-echo "configure:2906: checking for a BSD compatible install" >&5
+echo "configure:2905: checking for a BSD compatible install" >&5
if test -z "$INSTALL"; then
if eval "test \"\${ac_cv_path_install+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -2983,7 +2982,7 @@ do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:2987: checking for $ac_word" >&5
+echo "configure:2986: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3035,7 +3034,7 @@ do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:3039: checking for $ac_word" >&5
+echo "configure:3038: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3067,7 +3066,8 @@ done
fi
-for ac_prog in ar gar
+if test -z "${AR}"; then
+ for ac_prog in ar gar
do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
@@ -3100,9 +3100,14 @@ fi
test -n "$AR" && break
done
-test -n "$AR" || AR="ar"
+test -n "$AR" || AR="missing"
+ if test "${AR}" = "missing" ; then
+ { echo "configure: error: Unable to locate ar(1). Check PATH or set AR." 1>&2; exit 1; }
+ fi
+fi
+
# Find the correct PATH separator. Usually this is `:', but
@@ -3117,12 +3122,12 @@ if test "X${PATH_SEPARATOR+set}" != Xset; then
fi
echo $ac_n "checking for Cygwin environment""... $ac_c" 1>&6
-echo "configure:3121: checking for Cygwin environment" >&5
+echo "configure:3126: checking for Cygwin environment" >&5
if eval "test \"\${ac_cv_cygwin+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 3126 "configure"
+#line 3131 "configure"
#include "confdefs.h"
int main() {
@@ -3133,7 +3138,7 @@ int main() {
return __CYGWIN__;
; return 0; }
EOF
-if { (eval echo configure:3137: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3142: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_cygwin=yes
else
@@ -3149,19 +3154,19 @@ echo "$ac_t""$ac_cv_cygwin" 1>&6
CYGWIN=
test "$ac_cv_cygwin" = yes && CYGWIN=yes
echo $ac_n "checking for mingw32 environment""... $ac_c" 1>&6
-echo "configure:3153: checking for mingw32 environment" >&5
+echo "configure:3158: checking for mingw32 environment" >&5
if eval "test \"\${ac_cv_mingw32+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 3158 "configure"
+#line 3163 "configure"
#include "confdefs.h"
int main() {
return __MINGW32__;
; return 0; }
EOF
-if { (eval echo configure:3165: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3170: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_mingw32=yes
else
@@ -3177,19 +3182,19 @@ echo "$ac_t""$ac_cv_mingw32" 1>&6
MINGW32=
test "$ac_cv_mingw32" = yes && MINGW32=yes
echo $ac_n "checking for EMX OS/2 environment""... $ac_c" 1>&6
-echo "configure:3181: checking for EMX OS/2 environment" >&5
+echo "configure:3186: checking for EMX OS/2 environment" >&5
if eval "test \"\${ac_cv_emxos2+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 3186 "configure"
+#line 3191 "configure"
#include "confdefs.h"
int main() {
return __EMX__;
; return 0; }
EOF
-if { (eval echo configure:3193: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3198: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_emxos2=yes
else
@@ -3205,7 +3210,7 @@ echo "$ac_t""$ac_cv_emxos2" 1>&6
EMXOS2=
test "$ac_cv_emxos2" = yes && EMXOS2=yes
echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:3209: checking how to run the C preprocessor" >&5
+echo "configure:3214: checking how to run the C preprocessor" >&5
# On Suns, sometimes $CPP names a directory.
if test -n "$CPP" && test -d "$CPP"; then
CPP=
@@ -3220,13 +3225,13 @@ else
# On the NeXT, cc -E runs the code through the compiler's parser,
# not just through cpp.
cat > conftest.$ac_ext <<EOF
-#line 3224 "configure"
+#line 3229 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3230: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:3235: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -3237,13 +3242,13 @@ else
rm -rf conftest*
CPP="${CC-cc} -E -traditional-cpp"
cat > conftest.$ac_ext <<EOF
-#line 3241 "configure"
+#line 3246 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3247: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:3252: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -3254,13 +3259,13 @@ else
rm -rf conftest*
CPP="${CC-cc} -nologo -E"
cat > conftest.$ac_ext <<EOF
-#line 3258 "configure"
+#line 3263 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:3264: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:3269: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -3310,7 +3315,7 @@ fi
# Extract the first word of "gcc", so it can be a program name with args.
set dummy gcc; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:3314: checking for $ac_word" >&5
+echo "configure:3319: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3340,7 +3345,7 @@ if test -z "$CC"; then
# Extract the first word of "cc", so it can be a program name with args.
set dummy cc; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:3344: checking for $ac_word" >&5
+echo "configure:3349: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3391,7 +3396,7 @@ fi
# Extract the first word of "cl", so it can be a program name with args.
set dummy cl; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:3395: checking for $ac_word" >&5
+echo "configure:3400: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_CC+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3423,7 +3428,7 @@ fi
fi
echo $ac_n "checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) works""... $ac_c" 1>&6
-echo "configure:3427: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) works" >&5
+echo "configure:3432: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) works" >&5
ac_ext=c
# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
@@ -3434,12 +3439,12 @@ cross_compiling=$ac_cv_prog_cc_cross
cat > conftest.$ac_ext << EOF
-#line 3438 "configure"
+#line 3443 "configure"
#include "confdefs.h"
main(){return(0);}
EOF
-if { (eval echo configure:3443: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:3448: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
ac_cv_prog_cc_works=yes
# If we can't run a trivial program, we are probably using a cross compiler.
if (./conftest; exit) 2>/dev/null; then
@@ -3465,12 +3470,12 @@ if test $ac_cv_prog_cc_works = no; then
{ echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
fi
echo $ac_n "checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
-echo "configure:3469: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "configure:3474: checking whether the C compiler ($CC $CFLAGS $CPPFLAGS $LDFLAGS) is a cross-compiler" >&5
echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
cross_compiling=$ac_cv_prog_cc_cross
echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
-echo "configure:3474: checking whether we are using GNU C" >&5
+echo "configure:3479: checking whether we are using GNU C" >&5
if eval "test \"\${ac_cv_prog_gcc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3479,7 +3484,7 @@ else
yes;
#endif
EOF
-if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:3483: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:3488: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
ac_cv_prog_gcc=yes
else
ac_cv_prog_gcc=no
@@ -3498,7 +3503,7 @@ ac_test_CFLAGS="${CFLAGS+set}"
ac_save_CFLAGS="$CFLAGS"
CFLAGS=
echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
-echo "configure:3502: checking whether ${CC-cc} accepts -g" >&5
+echo "configure:3507: checking whether ${CC-cc} accepts -g" >&5
if eval "test \"\${ac_cv_prog_cc_g+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3541,7 +3546,7 @@ ac_prog=ld
if test "$GCC" = yes; then
# Check if gcc -print-prog-name=ld gives a path.
echo $ac_n "checking for ld used by GCC""... $ac_c" 1>&6
-echo "configure:3545: checking for ld used by GCC" >&5
+echo "configure:3550: checking for ld used by GCC" >&5
case $host in
*-*-mingw*)
# gcc leaves a trailing carriage return which upsets mingw
@@ -3571,10 +3576,10 @@ echo "configure:3545: checking for ld used by GCC" >&5
esac
elif test "$with_gnu_ld" = yes; then
echo $ac_n "checking for GNU ld""... $ac_c" 1>&6
-echo "configure:3575: checking for GNU ld" >&5
+echo "configure:3580: checking for GNU ld" >&5
else
echo $ac_n "checking for non-GNU ld""... $ac_c" 1>&6
-echo "configure:3578: checking for non-GNU ld" >&5
+echo "configure:3583: checking for non-GNU ld" >&5
fi
if eval "test \"\${lt_cv_path_LD+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -3609,7 +3614,7 @@ else
fi
test -z "$LD" && { echo "configure: error: no acceptable ld found in \$PATH" 1>&2; exit 1; }
echo $ac_n "checking if the linker ($LD) is GNU ld""... $ac_c" 1>&6
-echo "configure:3613: checking if the linker ($LD) is GNU ld" >&5
+echo "configure:3618: checking if the linker ($LD) is GNU ld" >&5
if eval "test \"\${lt_cv_prog_gnu_ld+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3626,7 +3631,7 @@ with_gnu_ld=$lt_cv_prog_gnu_ld
echo $ac_n "checking for $LD option to reload object files""... $ac_c" 1>&6
-echo "configure:3630: checking for $LD option to reload object files" >&5
+echo "configure:3635: checking for $LD option to reload object files" >&5
if eval "test \"\${lt_cv_ld_reload_flag+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3638,7 +3643,7 @@ reload_flag=$lt_cv_ld_reload_flag
test -n "$reload_flag" && reload_flag=" $reload_flag"
echo $ac_n "checking for BSD-compatible nm""... $ac_c" 1>&6
-echo "configure:3642: checking for BSD-compatible nm" >&5
+echo "configure:3647: checking for BSD-compatible nm" >&5
if eval "test \"\${lt_cv_path_NM+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3676,7 +3681,7 @@ NM="$lt_cv_path_NM"
echo "$ac_t""$NM" 1>&6
echo $ac_n "checking whether ln -s works""... $ac_c" 1>&6
-echo "configure:3680: checking whether ln -s works" >&5
+echo "configure:3685: checking whether ln -s works" >&5
if eval "test \"\${ac_cv_prog_LN_S+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3697,7 +3702,7 @@ else
fi
echo $ac_n "checking how to recognise dependant libraries""... $ac_c" 1>&6
-echo "configure:3701: checking how to recognise dependant libraries" >&5
+echo "configure:3706: checking how to recognise dependant libraries" >&5
if eval "test \"\${lt_cv_deplibs_check_method+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3880,13 +3885,13 @@ file_magic_cmd=$lt_cv_file_magic_cmd
deplibs_check_method=$lt_cv_deplibs_check_method
echo $ac_n "checking for object suffix""... $ac_c" 1>&6
-echo "configure:3884: checking for object suffix" >&5
+echo "configure:3889: checking for object suffix" >&5
if eval "test \"\${ac_cv_objext+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
rm -f conftest*
echo 'int i = 1;' > conftest.$ac_ext
-if { (eval echo configure:3890: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:3895: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
for ac_file in conftest.*; do
case $ac_file in
*.c) ;;
@@ -3907,7 +3912,7 @@ ac_objext=$ac_cv_objext
echo $ac_n "checking for executable suffix""... $ac_c" 1>&6
-echo "configure:3911: checking for executable suffix" >&5
+echo "configure:3916: checking for executable suffix" >&5
if eval "test \"\${ac_cv_exeext+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -3917,7 +3922,7 @@ else
rm -f conftest*
echo 'int main () { return 0; }' > conftest.$ac_ext
ac_cv_exeext=
- if { (eval echo configure:3921: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+ if { (eval echo configure:3926: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
for file in conftest.*; do
case $file in
*.c | *.C | *.o | *.obj | *.xcoff) ;;
@@ -3948,7 +3953,7 @@ fi
# Check for command to grab the raw symbol name followed by C symbol from nm.
echo $ac_n "checking command to parse $NM output""... $ac_c" 1>&6
-echo "configure:3952: checking command to parse $NM output" >&5
+echo "configure:3957: checking command to parse $NM output" >&5
if eval "test \"\${lt_cv_sys_global_symbol_pipe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4028,10 +4033,10 @@ void nm_test_func(){}
int main(){nm_test_var='a';nm_test_func();return(0);}
EOF
- if { (eval echo configure:4032: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+ if { (eval echo configure:4037: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
# Now try to grab the symbols.
nlist=conftest.nm
- if { (eval echo configure:4035: \"$NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist\") 1>&5; (eval $NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) 2>&5; } && test -s "$nlist"; then
+ if { (eval echo configure:4040: \"$NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist\") 1>&5; (eval $NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \> $nlist) 2>&5; } && test -s "$nlist"; then
# Try sorting and uniquifying the output.
if sort "$nlist" | uniq > "$nlist"T; then
mv -f "$nlist"T "$nlist"
@@ -4082,7 +4087,7 @@ EOF
save_CFLAGS="$CFLAGS"
LIBS="conftstm.$ac_objext"
CFLAGS="$CFLAGS$no_builtin_flag"
- if { (eval echo configure:4086: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+ if { (eval echo configure:4091: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
pipe_works=yes
fi
LIBS="$save_LIBS"
@@ -4131,17 +4136,17 @@ for ac_hdr in dlfcn.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:4135: checking for $ac_hdr" >&5
+echo "configure:4140: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4140 "configure"
+#line 4145 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:4145: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:4150: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -4176,7 +4181,7 @@ case $deplibs_check_method in
file_magic*)
if test "$file_magic_cmd" = '$MAGIC_CMD'; then
echo $ac_n "checking for ${ac_tool_prefix}file""... $ac_c" 1>&6
-echo "configure:4180: checking for ${ac_tool_prefix}file" >&5
+echo "configure:4185: checking for ${ac_tool_prefix}file" >&5
if eval "test \"\${lt_cv_path_MAGIC_CMD+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4238,7 +4243,7 @@ fi
if test -z "$lt_cv_path_MAGIC_CMD"; then
if test -n "$ac_tool_prefix"; then
echo $ac_n "checking for file""... $ac_c" 1>&6
-echo "configure:4242: checking for file" >&5
+echo "configure:4247: checking for file" >&5
if eval "test \"\${lt_cv_path_MAGIC_CMD+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4309,7 +4314,7 @@ esac
# Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args.
set dummy ${ac_tool_prefix}ranlib; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4313: checking for $ac_word" >&5
+echo "configure:4318: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_RANLIB+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4341,7 +4346,7 @@ if test -n "$ac_tool_prefix"; then
# Extract the first word of "ranlib", so it can be a program name with args.
set dummy ranlib; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4345: checking for $ac_word" >&5
+echo "configure:4350: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_RANLIB+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4376,7 +4381,7 @@ fi
# Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args.
set dummy ${ac_tool_prefix}strip; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4380: checking for $ac_word" >&5
+echo "configure:4385: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_STRIP+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4408,7 +4413,7 @@ if test -n "$ac_tool_prefix"; then
# Extract the first word of "strip", so it can be a program name with args.
set dummy strip; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4412: checking for $ac_word" >&5
+echo "configure:4417: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_STRIP+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4457,8 +4462,8 @@ test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes
case $host in
*-*-irix6*)
# Find out which ABI we are using.
- echo '#line 4461 "configure"' > conftest.$ac_ext
- if { (eval echo configure:4462: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+ echo '#line 4466 "configure"' > conftest.$ac_ext
+ if { (eval echo configure:4467: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
case `/usr/bin/file conftest.$ac_objext` in
*32-bit*)
LD="${LD-ld} -32"
@@ -4479,7 +4484,7 @@ case $host in
SAVE_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -belf"
echo $ac_n "checking whether the C compiler needs -belf""... $ac_c" 1>&6
-echo "configure:4483: checking whether the C compiler needs -belf" >&5
+echo "configure:4488: checking whether the C compiler needs -belf" >&5
if eval "test \"\${lt_cv_cc_needs_belf+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4492,14 +4497,14 @@ ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$a
cross_compiling=$ac_cv_prog_cc_cross
cat > conftest.$ac_ext <<EOF
-#line 4496 "configure"
+#line 4501 "configure"
#include "confdefs.h"
int main() {
; return 0; }
EOF
-if { (eval echo configure:4503: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4508: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
lt_cv_cc_needs_belf=yes
else
@@ -4529,7 +4534,7 @@ echo "$ac_t""$lt_cv_cc_needs_belf" 1>&6
# Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args.
set dummy ${ac_tool_prefix}dlltool; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4533: checking for $ac_word" >&5
+echo "configure:4538: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_DLLTOOL+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4561,7 +4566,7 @@ if test -n "$ac_tool_prefix"; then
# Extract the first word of "dlltool", so it can be a program name with args.
set dummy dlltool; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4565: checking for $ac_word" >&5
+echo "configure:4570: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_DLLTOOL+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4596,7 +4601,7 @@ fi
# Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args.
set dummy ${ac_tool_prefix}as; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4600: checking for $ac_word" >&5
+echo "configure:4605: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_AS+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4628,7 +4633,7 @@ if test -n "$ac_tool_prefix"; then
# Extract the first word of "as", so it can be a program name with args.
set dummy as; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4632: checking for $ac_word" >&5
+echo "configure:4637: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_AS+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4663,7 +4668,7 @@ fi
# Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args.
set dummy ${ac_tool_prefix}objdump; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4667: checking for $ac_word" >&5
+echo "configure:4672: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_OBJDUMP+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4695,7 +4700,7 @@ if test -n "$ac_tool_prefix"; then
# Extract the first word of "objdump", so it can be a program name with args.
set dummy objdump; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:4699: checking for $ac_word" >&5
+echo "configure:4704: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_OBJDUMP+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -4731,12 +4736,12 @@ fi
# recent cygwin and mingw systems supply a stub DllMain which the user
# can override, but on older systems we have to supply one
echo $ac_n "checking if libtool should supply DllMain function""... $ac_c" 1>&6
-echo "configure:4735: checking if libtool should supply DllMain function" >&5
+echo "configure:4740: checking if libtool should supply DllMain function" >&5
if eval "test \"\${lt_cv_need_dllmain+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4740 "configure"
+#line 4745 "configure"
#include "confdefs.h"
int main() {
@@ -4744,7 +4749,7 @@ extern int __attribute__((__stdcall__)) DllMain(void*, int, void*);
DllMain (0, 0, 0);
; return 0; }
EOF
-if { (eval echo configure:4748: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4753: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
lt_cv_need_dllmain=no
else
@@ -4765,19 +4770,19 @@ echo "$ac_t""$lt_cv_need_dllmain" 1>&6
SAVE_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -mdll"
echo $ac_n "checking how to link DLLs""... $ac_c" 1>&6
-echo "configure:4769: checking how to link DLLs" >&5
+echo "configure:4774: checking how to link DLLs" >&5
if eval "test \"\${lt_cv_cc_dll_switch+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 4774 "configure"
+#line 4779 "configure"
#include "confdefs.h"
int main() {
; return 0; }
EOF
-if { (eval echo configure:4781: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:4786: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
lt_cv_cc_dll_switch=-mdll
else
@@ -4891,7 +4896,7 @@ set dummy $CC
compiler="$2"
echo $ac_n "checking for objdir""... $ac_c" 1>&6
-echo "configure:4895: checking for objdir" >&5
+echo "configure:4900: checking for objdir" >&5
rm -f .libs 2>/dev/null
mkdir .libs 2>/dev/null
if test -d .libs; then
@@ -4918,7 +4923,7 @@ test -z "$pic_mode" && pic_mode=default
# in isolation, and that seeing it set (from the cache) indicates that
# the associated values are set (in the cache) correctly too.
echo $ac_n "checking for $compiler option to produce PIC""... $ac_c" 1>&6
-echo "configure:4922: checking for $compiler option to produce PIC" >&5
+echo "configure:4927: checking for $compiler option to produce PIC" >&5
if eval "test \"\${lt_cv_prog_cc_pic+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -5070,21 +5075,21 @@ else
# Check to make sure the pic_flag actually works.
echo $ac_n "checking if $compiler PIC flag $lt_cv_prog_cc_pic works""... $ac_c" 1>&6
-echo "configure:5074: checking if $compiler PIC flag $lt_cv_prog_cc_pic works" >&5
+echo "configure:5079: checking if $compiler PIC flag $lt_cv_prog_cc_pic works" >&5
if eval "test \"\${lt_cv_prog_cc_pic_works+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS $lt_cv_prog_cc_pic -DPIC"
cat > conftest.$ac_ext <<EOF
-#line 5081 "configure"
+#line 5086 "configure"
#include "confdefs.h"
int main() {
; return 0; }
EOF
-if { (eval echo configure:5088: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:5093: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
case $host_os in
hpux9* | hpux10* | hpux11*)
@@ -5136,7 +5141,7 @@ if test -n "$lt_cv_prog_cc_shlib"; then
fi
echo $ac_n "checking if $compiler static flag $lt_cv_prog_cc_static works""... $ac_c" 1>&6
-echo "configure:5140: checking if $compiler static flag $lt_cv_prog_cc_static works" >&5
+echo "configure:5145: checking if $compiler static flag $lt_cv_prog_cc_static works" >&5
if eval "test \"\${lt_cv_prog_cc_static_works+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -5144,14 +5149,14 @@ else
save_LDFLAGS="$LDFLAGS"
LDFLAGS="$LDFLAGS $lt_cv_prog_cc_static"
cat > conftest.$ac_ext <<EOF
-#line 5148 "configure"
+#line 5153 "configure"
#include "confdefs.h"
int main() {
; return 0; }
EOF
-if { (eval echo configure:5155: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:5160: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
lt_cv_prog_cc_static_works=yes
else
@@ -5178,7 +5183,7 @@ can_build_shared="$lt_cv_prog_cc_can_build_shared"
# Check to see if options -o and -c are simultaneously supported by compiler
echo $ac_n "checking if $compiler supports -c -o file.$ac_objext""... $ac_c" 1>&6
-echo "configure:5182: checking if $compiler supports -c -o file.$ac_objext" >&5
+echo "configure:5187: checking if $compiler supports -c -o file.$ac_objext" >&5
if eval "test \"\${lt_cv_compiler_c_o+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -5197,7 +5202,7 @@ chmod -w .
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -o out/conftest2.$ac_objext"
compiler_c_o=no
-if { (eval echo configure:5201: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.$ac_objext; then
+if { (eval echo configure:5206: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.$ac_objext; then
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings
if test -s out/conftest.err; then
@@ -5226,7 +5231,7 @@ echo "$ac_t""$compiler_c_o" 1>&6
if test x"$compiler_c_o" = x"yes"; then
# Check to see if we can write to a .lo
echo $ac_n "checking if $compiler supports -c -o file.lo""... $ac_c" 1>&6
-echo "configure:5230: checking if $compiler supports -c -o file.lo" >&5
+echo "configure:5235: checking if $compiler supports -c -o file.lo" >&5
if eval "test \"\${lt_cv_compiler_o_lo+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -5237,14 +5242,14 @@ else
save_objext="$ac_objext"
ac_objext=lo
cat > conftest.$ac_ext <<EOF
-#line 5241 "configure"
+#line 5246 "configure"
#include "confdefs.h"
int main() {
int some_variable = 0;
; return 0; }
EOF
-if { (eval echo configure:5248: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:5253: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings
@@ -5275,7 +5280,7 @@ hard_links="nottested"
if test "$compiler_c_o" = no && test "$need_locks" != no; then
# do not overwrite the value of need_locks provided by the user
echo $ac_n "checking if we can lock with hard links""... $ac_c" 1>&6
-echo "configure:5279: checking if we can lock with hard links" >&5
+echo "configure:5284: checking if we can lock with hard links" >&5
hard_links=yes
$rm conftest*
ln conftest.a conftest.b 2>/dev/null && hard_links=no
@@ -5294,20 +5299,20 @@ fi
if test "$GCC" = yes; then
# Check to see if options -fno-rtti -fno-exceptions are supported by compiler
echo $ac_n "checking if $compiler supports -fno-rtti -fno-exceptions""... $ac_c" 1>&6
-echo "configure:5298: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
+echo "configure:5303: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
echo "int some_variable = 0;" > conftest.$ac_ext
save_CFLAGS="$CFLAGS"
CFLAGS="$CFLAGS -fno-rtti -fno-exceptions -c conftest.$ac_ext"
compiler_rtti_exceptions=no
cat > conftest.$ac_ext <<EOF
-#line 5304 "configure"
+#line 5309 "configure"
#include "confdefs.h"
int main() {
int some_variable = 0;
; return 0; }
EOF
-if { (eval echo configure:5311: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:5316: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
# The compiler can only warn and ignore the option if not recognized
# So say no if there are warnings
@@ -5334,7 +5339,7 @@ fi
# See if the linker supports building shared libraries.
echo $ac_n "checking whether the linker ($LD) supports shared libraries""... $ac_c" 1>&6
-echo "configure:5338: checking whether the linker ($LD) supports shared libraries" >&5
+echo "configure:5343: checking whether the linker ($LD) supports shared libraries" >&5
allow_undefined_flag=
no_undefined_flag=
@@ -6018,7 +6023,7 @@ test "$ld_shlibs" = no && can_build_shared=no
# Check hardcoding attributes.
echo $ac_n "checking how to hardcode library paths into programs""... $ac_c" 1>&6
-echo "configure:6022: checking how to hardcode library paths into programs" >&5
+echo "configure:6027: checking how to hardcode library paths into programs" >&5
hardcode_action=
if test -n "$hardcode_libdir_flag_spec" || \
test -n "$runpath_var"; then
@@ -6046,7 +6051,7 @@ echo "$ac_t""$hardcode_action" 1>&6
striplib=
old_striplib=
echo $ac_n "checking whether stripping libraries is possible""... $ac_c" 1>&6
-echo "configure:6050: checking whether stripping libraries is possible" >&5
+echo "configure:6055: checking whether stripping libraries is possible" >&5
if test -n "$STRIP" && $STRIP -V 2>&1 | grep "GNU strip" >/dev/null; then
test -z "$old_striplib" && old_striplib="$STRIP --strip-debug"
test -z "$striplib" && striplib="$STRIP --strip-unneeded"
@@ -6060,7 +6065,7 @@ test -z "$deplibs_check_method" && deplibs_check_method=unknown
# PORTME Fill in your ld.so characteristics
echo $ac_n "checking dynamic linker characteristics""... $ac_c" 1>&6
-echo "configure:6064: checking dynamic linker characteristics" >&5
+echo "configure:6069: checking dynamic linker characteristics" >&5
library_names_spec=
libname_spec='lib$name'
soname_spec=
@@ -6457,11 +6462,11 @@ test "$dynamic_linker" = no && can_build_shared=no
# Report the final consequences.
echo $ac_n "checking if libtool supports shared libraries""... $ac_c" 1>&6
-echo "configure:6461: checking if libtool supports shared libraries" >&5
+echo "configure:6466: checking if libtool supports shared libraries" >&5
echo "$ac_t""$can_build_shared" 1>&6
echo $ac_n "checking whether to build shared libraries""... $ac_c" 1>&6
-echo "configure:6465: checking whether to build shared libraries" >&5
+echo "configure:6470: checking whether to build shared libraries" >&5
test "$can_build_shared" = "no" && enable_shared=no
# On AIX, shared libraries and static libraries use the same namespace, and
@@ -6484,7 +6489,7 @@ esac
echo "$ac_t""$enable_shared" 1>&6
echo $ac_n "checking whether to build static libraries""... $ac_c" 1>&6
-echo "configure:6488: checking whether to build static libraries" >&5
+echo "configure:6493: checking whether to build static libraries" >&5
# Make sure either enable_shared or enable_static is yes.
test "$enable_shared" = yes || enable_static=yes
echo "$ac_t""$enable_static" 1>&6
@@ -6525,12 +6530,12 @@ else
*)
echo $ac_n "checking for shl_load""... $ac_c" 1>&6
-echo "configure:6529: checking for shl_load" >&5
+echo "configure:6534: checking for shl_load" >&5
if eval "test \"\${ac_cv_func_shl_load+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6534 "configure"
+#line 6539 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char shl_load(); below. */
@@ -6554,7 +6559,7 @@ f = shl_load;
; return 0; }
EOF
-if { (eval echo configure:6558: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6563: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_shl_load=yes"
else
@@ -6572,7 +6577,7 @@ if eval "test \"`echo '$ac_cv_func_'shl_load`\" = yes"; then
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for shl_load in -ldld""... $ac_c" 1>&6
-echo "configure:6576: checking for shl_load in -ldld" >&5
+echo "configure:6581: checking for shl_load in -ldld" >&5
ac_lib_var=`echo dld'_'shl_load | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -6580,7 +6585,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ldld $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 6584 "configure"
+#line 6589 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -6591,7 +6596,7 @@ int main() {
shl_load()
; return 0; }
EOF
-if { (eval echo configure:6595: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6600: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -6610,12 +6615,12 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for dlopen""... $ac_c" 1>&6
-echo "configure:6614: checking for dlopen" >&5
+echo "configure:6619: checking for dlopen" >&5
if eval "test \"\${ac_cv_func_dlopen+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 6619 "configure"
+#line 6624 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char dlopen(); below. */
@@ -6639,7 +6644,7 @@ f = dlopen;
; return 0; }
EOF
-if { (eval echo configure:6643: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6648: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_dlopen=yes"
else
@@ -6657,7 +6662,7 @@ if eval "test \"`echo '$ac_cv_func_'dlopen`\" = yes"; then
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for dlopen in -ldl""... $ac_c" 1>&6
-echo "configure:6661: checking for dlopen in -ldl" >&5
+echo "configure:6666: checking for dlopen in -ldl" >&5
ac_lib_var=`echo dl'_'dlopen | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -6665,7 +6670,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ldl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 6669 "configure"
+#line 6674 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -6676,7 +6681,7 @@ int main() {
dlopen()
; return 0; }
EOF
-if { (eval echo configure:6680: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6685: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -6695,7 +6700,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for dlopen in -lsvld""... $ac_c" 1>&6
-echo "configure:6699: checking for dlopen in -lsvld" >&5
+echo "configure:6704: checking for dlopen in -lsvld" >&5
ac_lib_var=`echo svld'_'dlopen | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -6703,7 +6708,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lsvld $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 6707 "configure"
+#line 6712 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -6714,7 +6719,7 @@ int main() {
dlopen()
; return 0; }
EOF
-if { (eval echo configure:6718: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6723: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -6733,7 +6738,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for dld_link in -ldld""... $ac_c" 1>&6
-echo "configure:6737: checking for dld_link in -ldld" >&5
+echo "configure:6742: checking for dld_link in -ldld" >&5
ac_lib_var=`echo dld'_'dld_link | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -6741,7 +6746,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ldld $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 6745 "configure"
+#line 6750 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -6752,7 +6757,7 @@ int main() {
dld_link()
; return 0; }
EOF
-if { (eval echo configure:6756: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:6761: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -6808,7 +6813,7 @@ fi
LIBS="$lt_cv_dlopen_libs $LIBS"
echo $ac_n "checking whether a program can dlopen itself""... $ac_c" 1>&6
-echo "configure:6812: checking whether a program can dlopen itself" >&5
+echo "configure:6817: checking whether a program can dlopen itself" >&5
if eval "test \"\${lt_cv_dlopen_self+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -6818,7 +6823,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 6822 "configure"
+#line 6827 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -6879,7 +6884,7 @@ int main ()
exit (status);
}
EOF
- if { (eval echo configure:6883: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} 2>/dev/null; then
+ if { (eval echo configure:6888: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} 2>/dev/null; then
(./conftest; exit; ) 2>/dev/null
lt_status=$?
case x$lt_status in
@@ -6902,7 +6907,7 @@ echo "$ac_t""$lt_cv_dlopen_self" 1>&6
if test "x$lt_cv_dlopen_self" = xyes; then
LDFLAGS="$LDFLAGS $link_static_flag"
echo $ac_n "checking whether a statically linked program can dlopen itself""... $ac_c" 1>&6
-echo "configure:6906: checking whether a statically linked program can dlopen itself" >&5
+echo "configure:6911: checking whether a statically linked program can dlopen itself" >&5
if eval "test \"\${lt_cv_dlopen_self_static+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -6912,7 +6917,7 @@ else
lt_dlunknown=0; lt_dlno_uscore=1; lt_dlneed_uscore=2
lt_status=$lt_dlunknown
cat > conftest.$ac_ext <<EOF
-#line 6916 "configure"
+#line 6921 "configure"
#include "confdefs.h"
#if HAVE_DLFCN_H
@@ -6973,7 +6978,7 @@ int main ()
exit (status);
}
EOF
- if { (eval echo configure:6977: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} 2>/dev/null; then
+ if { (eval echo configure:6982: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} 2>/dev/null; then
(./conftest; exit; ) 2>/dev/null
lt_status=$?
case x$lt_status in
@@ -7022,14 +7027,14 @@ if test "$enable_shared" = yes && test "$GCC" = yes; then
# systems, -lgcc has to come before -lc. If gcc already passes -lc
# to ld, don't add -lc before -lgcc.
echo $ac_n "checking whether -lc should be explicitly linked in""... $ac_c" 1>&6
-echo "configure:7026: checking whether -lc should be explicitly linked in" >&5
+echo "configure:7031: checking whether -lc should be explicitly linked in" >&5
if eval "test \"\${lt_cv_archive_cmds_need_lc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
$rm conftest*
echo 'static int dummy;' > conftest.$ac_ext
- if { (eval echo configure:7033: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+ if { (eval echo configure:7038: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
soname=conftest
lib=conftest
libobjs=conftest.$ac_objext
@@ -7042,7 +7047,7 @@ else
libname=conftest
save_allow_undefined_flag=$allow_undefined_flag
allow_undefined_flag=
- if { (eval echo configure:7046: \"$archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\") 1>&5; (eval $archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5; }
+ if { (eval echo configure:7051: \"$archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1\") 1>&5; (eval $archive_cmds 2\>\&1 \| grep \" -lc \" \>/dev/null 2\>\&1) 2>&5; }
then
lt_cv_archive_cmds_need_lc=no
else
@@ -7629,7 +7634,7 @@ do
# Extract the first word of "$ac_prog", so it can be a program name with args.
set dummy $ac_prog; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:7633: checking for $ac_word" >&5
+echo "configure:7638: checking for $ac_word" >&5
if eval "test \"\${ac_cv_prog_AWK+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -7660,7 +7665,7 @@ done
# test for ln hardlink support
echo $ac_n "checking whether ln works""... $ac_c" 1>&6
-echo "configure:7664: checking whether ln works" >&5
+echo "configure:7669: checking whether ln works" >&5
if eval "test \"\${ol_cv_prog_LN_H+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -7683,7 +7688,7 @@ else
fi
echo $ac_n "checking whether ln -s works""... $ac_c" 1>&6
-echo "configure:7687: checking whether ln -s works" >&5
+echo "configure:7692: checking whether ln -s works" >&5
if eval "test \"\${ac_cv_prog_LN_S+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -7707,7 +7712,7 @@ fi
# Extract the first word of "sendmail", so it can be a program name with args.
set dummy sendmail; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:7711: checking for $ac_word" >&5
+echo "configure:7716: checking for $ac_word" >&5
if eval "test \"\${ac_cv_path_SENDMAIL+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -7743,7 +7748,7 @@ fi
# Extract the first word of "vi", so it can be a program name with args.
set dummy vi; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:7747: checking for $ac_word" >&5
+echo "configure:7752: checking for $ac_word" >&5
if eval "test \"\${ac_cv_path_EDITOR+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -7782,7 +7787,7 @@ if test $ol_enable_perl != no ; then
# Extract the first word of "perl", so it can be a program name with args.
set dummy perl; ac_word=$2
echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
-echo "configure:7786: checking for $ac_word" >&5
+echo "configure:7791: checking for $ac_word" >&5
if eval "test \"\${ac_cv_path_PERLBIN+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -7833,7 +7838,7 @@ fi
fi
echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
-echo "configure:7837: checking how to run the C preprocessor" >&5
+echo "configure:7842: checking how to run the C preprocessor" >&5
# On Suns, sometimes $CPP names a directory.
if test -n "$CPP" && test -d "$CPP"; then
CPP=
@@ -7848,13 +7853,13 @@ else
# On the NeXT, cc -E runs the code through the compiler's parser,
# not just through cpp.
cat > conftest.$ac_ext <<EOF
-#line 7852 "configure"
+#line 7857 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:7858: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:7863: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -7865,13 +7870,13 @@ else
rm -rf conftest*
CPP="${CC-cc} -E -traditional-cpp"
cat > conftest.$ac_ext <<EOF
-#line 7869 "configure"
+#line 7874 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:7875: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:7880: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -7882,13 +7887,13 @@ else
rm -rf conftest*
CPP="${CC-cc} -nologo -E"
cat > conftest.$ac_ext <<EOF
-#line 7886 "configure"
+#line 7891 "configure"
#include "confdefs.h"
#include <assert.h>
Syntax Error
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:7892: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:7897: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
:
@@ -7927,12 +7932,12 @@ fi
echo $ac_n "checking for Cygwin environment""... $ac_c" 1>&6
-echo "configure:7931: checking for Cygwin environment" >&5
+echo "configure:7936: checking for Cygwin environment" >&5
if eval "test \"\${ac_cv_cygwin+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7936 "configure"
+#line 7941 "configure"
#include "confdefs.h"
int main() {
@@ -7943,7 +7948,7 @@ int main() {
return __CYGWIN__;
; return 0; }
EOF
-if { (eval echo configure:7947: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:7952: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_cygwin=yes
else
@@ -7959,19 +7964,19 @@ echo "$ac_t""$ac_cv_cygwin" 1>&6
CYGWIN=
test "$ac_cv_cygwin" = yes && CYGWIN=yes
echo $ac_n "checking for mingw32 environment""... $ac_c" 1>&6
-echo "configure:7963: checking for mingw32 environment" >&5
+echo "configure:7968: checking for mingw32 environment" >&5
if eval "test \"\${ac_cv_mingw32+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 7968 "configure"
+#line 7973 "configure"
#include "confdefs.h"
int main() {
return __MINGW32__;
; return 0; }
EOF
-if { (eval echo configure:7975: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:7980: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_mingw32=yes
else
@@ -7990,7 +7995,7 @@ test "$ac_cv_mingw32" = yes && MINGW32=yes
echo $ac_n "checking for executable suffix""... $ac_c" 1>&6
-echo "configure:7994: checking for executable suffix" >&5
+echo "configure:7999: checking for executable suffix" >&5
if eval "test \"\${ac_cv_exeext+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -8000,7 +8005,7 @@ else
rm -f conftest*
echo 'int main () { return 0; }' > conftest.$ac_ext
ac_cv_exeext=
- if { (eval echo configure:8004: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
+ if { (eval echo configure:8009: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; }; then
for file in conftest.*; do
case $file in
*.c | *.C | *.o | *.obj | *.xcoff) ;;
@@ -8021,13 +8026,13 @@ echo "$ac_t""${ac_cv_exeext}" 1>&6
ac_exeext=$EXEEXT
echo $ac_n "checking for object suffix""... $ac_c" 1>&6
-echo "configure:8025: checking for object suffix" >&5
+echo "configure:8030: checking for object suffix" >&5
if eval "test \"\${ac_cv_objext+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
rm -f conftest*
echo 'int i = 1;' > conftest.$ac_ext
-if { (eval echo configure:8031: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8036: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
for ac_file in conftest.*; do
case $ac_file in
*.c) ;;
@@ -8051,7 +8056,7 @@ EOF
echo $ac_n "checking for be_app in -lbe""... $ac_c" 1>&6
-echo "configure:8055: checking for be_app in -lbe" >&5
+echo "configure:8060: checking for be_app in -lbe" >&5
ac_lib_var=`echo be'_'be_app | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -8059,7 +8064,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lbe -lroot -lnet $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8063 "configure"
+#line 8068 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -8070,7 +8075,7 @@ int main() {
be_app()
; return 0; }
EOF
-if { (eval echo configure:8074: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8079: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -8096,7 +8101,7 @@ fi
echo $ac_n "checking for ${CC-cc} option to accept ANSI C""... $ac_c" 1>&6
-echo "configure:8100: checking for ${CC-cc} option to accept ANSI C" >&5
+echo "configure:8105: checking for ${CC-cc} option to accept ANSI C" >&5
if eval "test \"\${am_cv_prog_cc_stdc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -8113,7 +8118,7 @@ for ac_arg in "" -qlanglvl=ansi -std1 -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIO
do
CC="$ac_save_CC $ac_arg"
cat > conftest.$ac_ext <<EOF
-#line 8117 "configure"
+#line 8122 "configure"
#include "confdefs.h"
#include <stdarg.h>
#include <stdio.h>
@@ -8150,7 +8155,7 @@ return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1];
; return 0; }
EOF
-if { (eval echo configure:8154: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8159: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
am_cv_prog_cc_stdc="$ac_arg"; break
else
@@ -8184,7 +8189,7 @@ if test -z "${MKDEP}"; then
OL_MKDEP="${CC-cc}"
if test -z "${MKDEP_FLAGS}"; then
echo $ac_n "checking for ${OL_MKDEP} depend flag""... $ac_c" 1>&6
-echo "configure:8188: checking for ${OL_MKDEP} depend flag" >&5
+echo "configure:8193: checking for ${OL_MKDEP} depend flag" >&5
if eval "test \"\${ol_cv_mkdep+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -8194,7 +8199,7 @@ else
cat > conftest.c <<EOF
noCode;
EOF
- if { ac_try='$OL_MKDEP $flag conftest.c'; { (eval echo configure:8198: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } \
+ if { ac_try='$OL_MKDEP $flag conftest.c'; { (eval echo configure:8203: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } \
| egrep '^conftest\.'"${ac_objext}" >/dev/null 2>&1
then
if test ! -f conftest."${ac_object}" ; then
@@ -8227,7 +8232,7 @@ if test "${ol_cv_mkdep}" = no ; then
fi
echo $ac_n "checking for afopen in -ls""... $ac_c" 1>&6
-echo "configure:8231: checking for afopen in -ls" >&5
+echo "configure:8236: checking for afopen in -ls" >&5
ac_lib_var=`echo s'_'afopen | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -8235,7 +8240,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ls $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8239 "configure"
+#line 8244 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -8246,7 +8251,7 @@ int main() {
afopen()
; return 0; }
EOF
-if { (eval echo configure:8250: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8255: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -8280,17 +8285,17 @@ if test $ol_enable_modules != no ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:8284: checking for $ac_hdr" >&5
+echo "configure:8289: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8289 "configure"
+#line 8294 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:8294: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:8299: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -8322,7 +8327,7 @@ done
fi
echo $ac_n "checking for lt_dlinit in -lltdl""... $ac_c" 1>&6
-echo "configure:8326: checking for lt_dlinit in -lltdl" >&5
+echo "configure:8331: checking for lt_dlinit in -lltdl" >&5
ac_lib_var=`echo ltdl'_'lt_dlinit | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -8330,7 +8335,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lltdl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8334 "configure"
+#line 8339 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -8341,7 +8346,7 @@ int main() {
lt_dlinit()
; return 0; }
EOF
-if { (eval echo configure:8345: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8350: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -8388,13 +8393,13 @@ fi
# test for EBCDIC
echo $ac_n "checking for EBCDIC""... $ac_c" 1>&6
-echo "configure:8392: checking for EBCDIC" >&5
+echo "configure:8397: checking for EBCDIC" >&5
if eval "test \"\${ol_cv_cpp_ebcdic+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8398 "configure"
+#line 8403 "configure"
#include "confdefs.h"
#if !('M' == 0xd4)
@@ -8403,7 +8408,7 @@ else
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:8407: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:8412: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -8427,12 +8432,12 @@ EOF
fi
echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
-echo "configure:8431: checking for ANSI C header files" >&5
+echo "configure:8436: checking for ANSI C header files" >&5
if eval "test \"\${ol_cv_header_stdc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8436 "configure"
+#line 8441 "configure"
#include "confdefs.h"
#include <stdlib.h>
#include <stdarg.h>
@@ -8440,7 +8445,7 @@ else
#include <float.h>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:8444: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:8449: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -8457,7 +8462,7 @@ rm -f conftest*
if test $ol_cv_header_stdc = yes; then
# SunOS 4.x string.h does not declare mem*, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 8461 "configure"
+#line 8466 "configure"
#include "confdefs.h"
#include <string.h>
EOF
@@ -8475,7 +8480,7 @@ fi
if test $ol_cv_header_stdc = yes; then
# ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 8479 "configure"
+#line 8484 "configure"
#include "confdefs.h"
#include <stdlib.h>
EOF
@@ -8496,7 +8501,7 @@ if test "$cross_compiling" = yes; then
:
else
cat > conftest.$ac_ext <<EOF
-#line 8500 "configure"
+#line 8505 "configure"
#include "confdefs.h"
#include <ctype.h>
#ifndef HAVE_EBCDIC
@@ -8514,7 +8519,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
exit (0); }
EOF
-if { (eval echo configure:8518: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:8523: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
:
else
@@ -8548,12 +8553,12 @@ for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr that defines DIR""... $ac_c" 1>&6
-echo "configure:8552: checking for $ac_hdr that defines DIR" >&5
+echo "configure:8557: checking for $ac_hdr that defines DIR" >&5
if eval "test \"\${ac_cv_header_dirent_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8557 "configure"
+#line 8562 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <$ac_hdr>
@@ -8561,7 +8566,7 @@ int main() {
DIR *dirp = 0;
; return 0; }
EOF
-if { (eval echo configure:8565: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8570: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
eval "ac_cv_header_dirent_$ac_safe=yes"
else
@@ -8586,7 +8591,7 @@ done
# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix.
if test $ac_header_dirent = dirent.h; then
echo $ac_n "checking for opendir in -ldir""... $ac_c" 1>&6
-echo "configure:8590: checking for opendir in -ldir" >&5
+echo "configure:8595: checking for opendir in -ldir" >&5
ac_lib_var=`echo dir'_'opendir | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -8594,7 +8599,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ldir $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8598 "configure"
+#line 8603 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -8605,7 +8610,7 @@ int main() {
opendir()
; return 0; }
EOF
-if { (eval echo configure:8609: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8614: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -8627,7 +8632,7 @@ fi
else
echo $ac_n "checking for opendir in -lx""... $ac_c" 1>&6
-echo "configure:8631: checking for opendir in -lx" >&5
+echo "configure:8636: checking for opendir in -lx" >&5
ac_lib_var=`echo x'_'opendir | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -8635,7 +8640,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lx $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8639 "configure"
+#line 8644 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -8646,7 +8651,7 @@ int main() {
opendir()
; return 0; }
EOF
-if { (eval echo configure:8650: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8655: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -8669,12 +8674,12 @@ fi
fi
echo $ac_n "checking for sys/wait.h that is POSIX.1 compatible""... $ac_c" 1>&6
-echo "configure:8673: checking for sys/wait.h that is POSIX.1 compatible" >&5
+echo "configure:8678: checking for sys/wait.h that is POSIX.1 compatible" >&5
if eval "test \"\${ac_cv_header_sys_wait_h+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8678 "configure"
+#line 8683 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/wait.h>
@@ -8690,7 +8695,7 @@ wait (&s);
s = WIFEXITED (s) ? WEXITSTATUS (s) : 1;
; return 0; }
EOF
-if { (eval echo configure:8694: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:8699: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_header_sys_wait_h=yes
else
@@ -8711,12 +8716,12 @@ EOF
fi
echo $ac_n "checking POSIX termios""... $ac_c" 1>&6
-echo "configure:8715: checking POSIX termios" >&5
+echo "configure:8720: checking POSIX termios" >&5
if eval "test \"\${am_cv_sys_posix_termios+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8720 "configure"
+#line 8725 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <unistd.h>
@@ -8726,7 +8731,7 @@ int main() {
tcgetattr(0, 0);
; return 0; }
EOF
-if { (eval echo configure:8730: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8735: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
am_cv_sys_posix_termios=yes
else
@@ -8742,7 +8747,7 @@ echo "$ac_t""$am_cv_sys_posix_termios" 1>&6
echo $ac_n "checking whether use of TIOCGWINSZ requires sys/ioctl.h""... $ac_c" 1>&6
-echo "configure:8746: checking whether use of TIOCGWINSZ requires sys/ioctl.h" >&5
+echo "configure:8751: checking whether use of TIOCGWINSZ requires sys/ioctl.h" >&5
if eval "test \"\${am_cv_sys_tiocgwinsz_needs_sys_ioctl_h+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -8751,7 +8756,7 @@ else
gwinsz_in_termios_h=no
if test $am_cv_sys_posix_termios = yes; then
cat > conftest.$ac_ext <<EOF
-#line 8755 "configure"
+#line 8760 "configure"
#include "confdefs.h"
#include <sys/types.h>
# include <termios.h>
@@ -8771,7 +8776,7 @@ rm -f conftest*
if test $gwinsz_in_termios_h = no; then
cat > conftest.$ac_ext <<EOF
-#line 8775 "configure"
+#line 8780 "configure"
#include "confdefs.h"
#include <sys/types.h>
# include <sys/ioctl.h>
@@ -8855,17 +8860,17 @@ for ac_hdr in \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:8859: checking for $ac_hdr" >&5
+echo "configure:8864: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8864 "configure"
+#line 8869 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:8869: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:8874: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -8895,12 +8900,12 @@ done
echo $ac_n "checking for dlopen""... $ac_c" 1>&6
-echo "configure:8899: checking for dlopen" >&5
+echo "configure:8904: checking for dlopen" >&5
if eval "test \"\${ac_cv_func_dlopen+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 8904 "configure"
+#line 8909 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char dlopen(); below. */
@@ -8924,7 +8929,7 @@ f = dlopen;
; return 0; }
EOF
-if { (eval echo configure:8928: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8933: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_dlopen=yes"
else
@@ -8942,7 +8947,7 @@ if eval "test \"`echo '$ac_cv_func_'dlopen`\" = yes"; then
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for dlopen in -ldl""... $ac_c" 1>&6
-echo "configure:8946: checking for dlopen in -ldl" >&5
+echo "configure:8951: checking for dlopen in -ldl" >&5
ac_lib_var=`echo dl'_'dlopen | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -8950,7 +8955,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ldl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 8954 "configure"
+#line 8959 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -8961,7 +8966,7 @@ int main() {
dlopen()
; return 0; }
EOF
-if { (eval echo configure:8965: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:8970: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -8992,7 +8997,7 @@ fi
echo $ac_n "checking for sigset in -lV3""... $ac_c" 1>&6
-echo "configure:8996: checking for sigset in -lV3" >&5
+echo "configure:9001: checking for sigset in -lV3" >&5
ac_lib_var=`echo V3'_'sigset | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9000,7 +9005,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lV3 $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9004 "configure"
+#line 9009 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -9011,7 +9016,7 @@ int main() {
sigset()
; return 0; }
EOF
-if { (eval echo configure:9015: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9020: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -9040,12 +9045,12 @@ fi
echo $ac_n "checking for winsock""... $ac_c" 1>&6
-echo "configure:9044: checking for winsock" >&5
+echo "configure:9049: checking for winsock" >&5
save_LIBS="$LIBS"
for curlib in ws2_32 wsock32; do
LIBS="$LIBS -l$curlib"
cat > conftest.$ac_ext <<EOF
-#line 9049 "configure"
+#line 9054 "configure"
#include "confdefs.h"
char socket@12();
@@ -9062,7 +9067,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:9066: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9071: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
have_winsock=yes
else
@@ -9097,12 +9102,12 @@ echo "$ac_t""$have_winsock" 1>&6
echo $ac_n "checking for socket""... $ac_c" 1>&6
-echo "configure:9101: checking for socket" >&5
+echo "configure:9106: checking for socket" >&5
if eval "test \"\${ac_cv_func_socket+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 9106 "configure"
+#line 9111 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char socket(); below. */
@@ -9126,7 +9131,7 @@ f = socket;
; return 0; }
EOF
-if { (eval echo configure:9130: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9135: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_socket=yes"
else
@@ -9145,7 +9150,7 @@ else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for main in -lsocket""... $ac_c" 1>&6
-echo "configure:9149: checking for main in -lsocket" >&5
+echo "configure:9154: checking for main in -lsocket" >&5
ac_lib_var=`echo socket'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9153,14 +9158,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lsocket $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9157 "configure"
+#line 9162 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:9164: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9169: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -9188,7 +9193,7 @@ else
fi
echo $ac_n "checking for main in -lnet""... $ac_c" 1>&6
-echo "configure:9192: checking for main in -lnet" >&5
+echo "configure:9197: checking for main in -lnet" >&5
ac_lib_var=`echo net'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9196,14 +9201,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lnet $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9200 "configure"
+#line 9205 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:9207: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9212: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -9231,7 +9236,7 @@ else
fi
echo $ac_n "checking for main in -lnsl_s""... $ac_c" 1>&6
-echo "configure:9235: checking for main in -lnsl_s" >&5
+echo "configure:9240: checking for main in -lnsl_s" >&5
ac_lib_var=`echo nsl_s'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9239,14 +9244,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lnsl_s $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9243 "configure"
+#line 9248 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:9250: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9255: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -9274,7 +9279,7 @@ else
fi
echo $ac_n "checking for main in -lnsl""... $ac_c" 1>&6
-echo "configure:9278: checking for main in -lnsl" >&5
+echo "configure:9283: checking for main in -lnsl" >&5
ac_lib_var=`echo nsl'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9282,14 +9287,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lnsl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9286 "configure"
+#line 9291 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:9293: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9298: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -9317,7 +9322,7 @@ else
fi
echo $ac_n "checking for socket in -linet""... $ac_c" 1>&6
-echo "configure:9321: checking for socket in -linet" >&5
+echo "configure:9326: checking for socket in -linet" >&5
ac_lib_var=`echo inet'_'socket | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9325,7 +9330,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-linet $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9329 "configure"
+#line 9334 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -9336,7 +9341,7 @@ int main() {
socket()
; return 0; }
EOF
-if { (eval echo configure:9340: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9345: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -9364,7 +9369,7 @@ else
fi
echo $ac_n "checking for main in -lgen""... $ac_c" 1>&6
-echo "configure:9368: checking for main in -lgen" >&5
+echo "configure:9373: checking for main in -lgen" >&5
ac_lib_var=`echo gen'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9372,14 +9377,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lgen $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9376 "configure"
+#line 9381 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:9383: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9388: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -9411,12 +9416,12 @@ fi
echo $ac_n "checking for select""... $ac_c" 1>&6
-echo "configure:9415: checking for select" >&5
+echo "configure:9420: checking for select" >&5
if eval "test \"\${ac_cv_func_select+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 9420 "configure"
+#line 9425 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char select(); below. */
@@ -9440,7 +9445,7 @@ f = select;
; return 0; }
EOF
-if { (eval echo configure:9444: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9449: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_select=yes"
else
@@ -9463,7 +9468,7 @@ fi
if test "${ac_cv_header_winsock_h}" != yes; then
echo $ac_n "checking types of arguments for select()""... $ac_c" 1>&6
-echo "configure:9467: checking types of arguments for select()" >&5
+echo "configure:9472: checking types of arguments for select()" >&5
if eval "test \"\${ac_cv_func_select_arg234+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -9477,7 +9482,7 @@ else
for ac_cv_func_select_arg1 in 'int' 'size_t' 'unsigned long' 'unsigned'; do
for ac_cv_func_select_arg5 in 'struct timeval *' 'const struct timeval *'; do
cat > conftest.$ac_ext <<EOF
-#line 9481 "configure"
+#line 9486 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
@@ -9496,7 +9501,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:9500: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:9505: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_not_found=no ; break 3
else
@@ -9541,17 +9546,17 @@ for ac_hdr in regex.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:9545: checking for $ac_hdr" >&5
+echo "configure:9550: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 9550 "configure"
+#line 9555 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:9555: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:9560: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -9582,14 +9587,14 @@ if test "$ac_cv_header_regex_h" != yes ; then
fi
echo $ac_n "checking for library containing regfree""... $ac_c" 1>&6
-echo "configure:9586: checking for library containing regfree" >&5
+echo "configure:9591: checking for library containing regfree" >&5
if eval "test \"\${ac_cv_search_regfree+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_func_search_save_LIBS="$LIBS"
ac_cv_search_regfree="no"
cat > conftest.$ac_ext <<EOF
-#line 9593 "configure"
+#line 9598 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -9600,7 +9605,7 @@ int main() {
regfree()
; return 0; }
EOF
-if { (eval echo configure:9604: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9609: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ac_cv_search_regfree="none required"
else
@@ -9611,7 +9616,7 @@ rm -f conftest*
test "$ac_cv_search_regfree" = "no" && for ac_lib in regex gnuregex; do
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9615 "configure"
+#line 9620 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -9622,7 +9627,7 @@ int main() {
regfree()
; return 0; }
EOF
-if { (eval echo configure:9626: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9631: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ac_cv_search_regfree="-l$ac_lib"
break
@@ -9645,7 +9650,7 @@ fi
echo $ac_n "checking for compatible POSIX regex""... $ac_c" 1>&6
-echo "configure:9649: checking for compatible POSIX regex" >&5
+echo "configure:9654: checking for compatible POSIX regex" >&5
if eval "test \"\${ol_cv_c_posix_regex+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -9654,7 +9659,7 @@ else
ol_cv_c_posix_regex=cross
else
cat > conftest.$ac_ext <<EOF
-#line 9658 "configure"
+#line 9663 "configure"
#include "confdefs.h"
#include <sys/types.h>
@@ -9680,7 +9685,7 @@ main()
return rc;
}
EOF
-if { (eval echo configure:9684: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:9689: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_c_posix_regex=yes
else
@@ -9706,17 +9711,17 @@ for ac_hdr in sys/uuid.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:9710: checking for $ac_hdr" >&5
+echo "configure:9715: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 9715 "configure"
+#line 9720 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:9720: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:9725: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -9746,14 +9751,14 @@ if test $ac_cv_header_sys_uuid_h = yes ; then
save_LIBS="$LIBS"
echo $ac_n "checking for library containing uuid_to_str""... $ac_c" 1>&6
-echo "configure:9750: checking for library containing uuid_to_str" >&5
+echo "configure:9755: checking for library containing uuid_to_str" >&5
if eval "test \"\${ac_cv_search_uuid_to_str+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_func_search_save_LIBS="$LIBS"
ac_cv_search_uuid_to_str="no"
cat > conftest.$ac_ext <<EOF
-#line 9757 "configure"
+#line 9762 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -9764,7 +9769,7 @@ int main() {
uuid_to_str()
; return 0; }
EOF
-if { (eval echo configure:9768: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9773: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ac_cv_search_uuid_to_str="none required"
else
@@ -9775,7 +9780,7 @@ rm -f conftest*
test "$ac_cv_search_uuid_to_str" = "no" && for ac_lib in uuid; do
LIBS="-l$ac_lib $ac_func_search_save_LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9779 "configure"
+#line 9784 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -9786,7 +9791,7 @@ int main() {
uuid_to_str()
; return 0; }
EOF
-if { (eval echo configure:9790: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9795: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ac_cv_search_uuid_to_str="-l$ac_lib"
break
@@ -9821,11 +9826,11 @@ fi
if test $have_uuid = no ; then
echo $ac_n "checking to see if -lrpcrt4 is needed for win32 UUID support""... $ac_c" 1>&6
-echo "configure:9825: checking to see if -lrpcrt4 is needed for win32 UUID support" >&5
+echo "configure:9830: checking to see if -lrpcrt4 is needed for win32 UUID support" >&5
save_LIBS="$LIBS"
LIBS="$LIBS -lrpcrt4"
cat > conftest.$ac_ext <<EOF
-#line 9829 "configure"
+#line 9834 "configure"
#include "confdefs.h"
char UuidCreate@4();
@@ -9838,7 +9843,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:9842: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9847: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
need_rpcrt=yes
else
@@ -9857,12 +9862,12 @@ fi
ol_link_dnssrv=no
echo $ac_n "checking for res_query""... $ac_c" 1>&6
-echo "configure:9861: checking for res_query" >&5
+echo "configure:9866: checking for res_query" >&5
if eval "test \"\${ac_cv_func_res_query+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 9866 "configure"
+#line 9871 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char res_query(); below. */
@@ -9886,7 +9891,7 @@ f = res_query;
; return 0; }
EOF
-if { (eval echo configure:9890: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9895: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_res_query=yes"
else
@@ -9907,12 +9912,12 @@ fi
if test $ac_cv_func_res_query = no ; then
echo $ac_n "checking for __res_query""... $ac_c" 1>&6
-echo "configure:9911: checking for __res_query" >&5
+echo "configure:9916: checking for __res_query" >&5
if eval "test \"\${ac_cv_func___res_query+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 9916 "configure"
+#line 9921 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char __res_query(); below. */
@@ -9936,7 +9941,7 @@ f = __res_query;
; return 0; }
EOF
-if { (eval echo configure:9940: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9945: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func___res_query=yes"
else
@@ -9960,7 +9965,7 @@ fi
if test $ac_cv_func_res_query = no ; then
echo $ac_n "checking for res_query in -lbind""... $ac_c" 1>&6
-echo "configure:9964: checking for res_query in -lbind" >&5
+echo "configure:9969: checking for res_query in -lbind" >&5
ac_lib_var=`echo bind'_'res_query | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -9968,7 +9973,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lbind $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 9972 "configure"
+#line 9977 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -9979,7 +9984,7 @@ int main() {
res_query()
; return 0; }
EOF
-if { (eval echo configure:9983: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:9988: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10011,7 +10016,7 @@ fi
if test $ac_cv_func_res_query = no ; then
echo $ac_n "checking for __res_query in -lbind""... $ac_c" 1>&6
-echo "configure:10015: checking for __res_query in -lbind" >&5
+echo "configure:10020: checking for __res_query in -lbind" >&5
ac_lib_var=`echo bind'_'__res_query | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10019,7 +10024,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lbind $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10023 "configure"
+#line 10028 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -10030,7 +10035,7 @@ int main() {
__res_query()
; return 0; }
EOF
-if { (eval echo configure:10034: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10039: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10062,7 +10067,7 @@ fi
if test $ac_cv_func_res_query = no ; then
echo $ac_n "checking for res_query in -lresolv""... $ac_c" 1>&6
-echo "configure:10066: checking for res_query in -lresolv" >&5
+echo "configure:10071: checking for res_query in -lresolv" >&5
ac_lib_var=`echo resolv'_'res_query | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10070,7 +10075,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lresolv $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10074 "configure"
+#line 10079 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -10081,7 +10086,7 @@ int main() {
res_query()
; return 0; }
EOF
-if { (eval echo configure:10085: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10090: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10113,7 +10118,7 @@ fi
if test $ac_cv_func_res_query = no ; then
echo $ac_n "checking for __res_query in -lresolv""... $ac_c" 1>&6
-echo "configure:10117: checking for __res_query in -lresolv" >&5
+echo "configure:10122: checking for __res_query in -lresolv" >&5
ac_lib_var=`echo resolv'_'__res_query | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10121,7 +10126,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lresolv $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10125 "configure"
+#line 10130 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -10132,7 +10137,7 @@ int main() {
__res_query()
; return 0; }
EOF
-if { (eval echo configure:10136: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10141: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10180,12 +10185,12 @@ fi
for ac_func in getaddrinfo gai_strerror inet_ntop
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:10184: checking for $ac_func" >&5
+echo "configure:10189: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10189 "configure"
+#line 10194 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -10209,7 +10214,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:10213: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10218: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -10241,13 +10246,13 @@ if test $ac_cv_func_getaddrinfo = no -o $ac_cv_func_inet_ntop = no ; then
fi
elif test $ol_enable_ipv6 != no ; then
echo $ac_n "checking INET6_ADDRSTRLEN""... $ac_c" 1>&6
-echo "configure:10245: checking INET6_ADDRSTRLEN" >&5
+echo "configure:10250: checking INET6_ADDRSTRLEN" >&5
if eval "test \"\${ol_cv_inet6_addrstrlen+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10251 "configure"
+#line 10256 "configure"
#include "confdefs.h"
# include <netinet/in.h>
@@ -10282,17 +10287,17 @@ if test $ol_enable_local != no ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:10286: checking for $ac_hdr" >&5
+echo "configure:10291: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10291 "configure"
+#line 10296 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:10296: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:10301: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -10339,17 +10344,17 @@ if test $ol_with_kerberos = yes -o $ol_with_kerberos = auto \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:10343: checking for $ac_hdr" >&5
+echo "configure:10348: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10348 "configure"
+#line 10353 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:10353: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:10358: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -10381,17 +10386,17 @@ done
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:10385: checking for $ac_hdr" >&5
+echo "configure:10390: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10390 "configure"
+#line 10395 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:10395: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:10400: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -10425,7 +10430,7 @@ done
if test $krb5_impl = mit; then
echo $ac_n "checking for main in -lk5crypto""... $ac_c" 1>&6
-echo "configure:10429: checking for main in -lk5crypto" >&5
+echo "configure:10434: checking for main in -lk5crypto" >&5
ac_lib_var=`echo k5crypto'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10433,14 +10438,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lk5crypto $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10437 "configure"
+#line 10442 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:10444: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10449: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10463,7 +10468,7 @@ fi
echo $ac_n "checking for main in -lkrb5""... $ac_c" 1>&6
-echo "configure:10467: checking for main in -lkrb5" >&5
+echo "configure:10472: checking for main in -lkrb5" >&5
ac_lib_var=`echo krb5'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10471,14 +10476,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lkrb5 -l$krb5crypto -lcom_err $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10475 "configure"
+#line 10480 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:10482: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10487: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10503,7 +10508,7 @@ fi
elif test $krb5_impl = heimdal; then
echo $ac_n "checking for main in -ldes""... $ac_c" 1>&6
-echo "configure:10507: checking for main in -ldes" >&5
+echo "configure:10512: checking for main in -ldes" >&5
ac_lib_var=`echo des'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10511,14 +10516,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ldes $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10515 "configure"
+#line 10520 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:10522: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10527: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10541,7 +10546,7 @@ fi
echo $ac_n "checking for main in -lkrb5""... $ac_c" 1>&6
-echo "configure:10545: checking for main in -lkrb5" >&5
+echo "configure:10550: checking for main in -lkrb5" >&5
ac_lib_var=`echo krb5'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10549,14 +10554,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lkrb5 -l$krb5crypto -lasn1 -lroken -lcom_err $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10553 "configure"
+#line 10558 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:10560: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10565: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10619,17 +10624,17 @@ if test $ol_link_krb5 = yes -a \( $ol_with_kerberos = yes -o \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:10623: checking for $ac_hdr" >&5
+echo "configure:10628: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10628 "configure"
+#line 10633 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:10633: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:10638: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -10659,7 +10664,7 @@ done
if test $ac_cv_header_kerberosIV_krb_h = yes ; then
if test $krb5_impl = mit; then
echo $ac_n "checking for main in -lkrb4""... $ac_c" 1>&6
-echo "configure:10663: checking for main in -lkrb4" >&5
+echo "configure:10668: checking for main in -lkrb4" >&5
ac_lib_var=`echo krb4'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10667,14 +10672,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lkrb4 -ldes425 -lkrb5 -l$krb5crypto -lcom_err $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10671 "configure"
+#line 10676 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:10678: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10683: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10699,7 +10704,7 @@ fi
elif test $krb5_impl = heimdal; then
echo $ac_n "checking for main in -lkrb4""... $ac_c" 1>&6
-echo "configure:10703: checking for main in -lkrb4" >&5
+echo "configure:10708: checking for main in -lkrb4" >&5
ac_lib_var=`echo krb4'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10707,14 +10712,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lkrb4 -lkrb5 -l$krb5crypto -lasn1 -lroken -lcom_err $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10711 "configure"
+#line 10716 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:10718: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10723: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10756,7 +10761,7 @@ EOF
echo $ac_n "checking for des_debug in Kerberos libraries""... $ac_c" 1>&6
-echo "configure:10760: checking for des_debug in Kerberos libraries" >&5
+echo "configure:10765: checking for des_debug in Kerberos libraries" >&5
if eval "test \"\${ol_cv_var_des_debug+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -10764,7 +10769,7 @@ else
save_LIBS="$LIBS"
LIBS="$KRB4_LIBS $KRB5_LIBS $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10768 "configure"
+#line 10773 "configure"
#include "confdefs.h"
#include <kerberosIV/krb.h>
@@ -10777,7 +10782,7 @@ des_debug = 1;
; return 0; }
EOF
-if { (eval echo configure:10781: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10786: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_var_des_debug=yes
else
@@ -10816,17 +10821,17 @@ if test $ol_with_kerberos = yes -o $ol_with_kerberos = auto \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:10820: checking for $ac_hdr" >&5
+echo "configure:10825: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10825 "configure"
+#line 10830 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:10830: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:10835: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -10855,7 +10860,7 @@ done
if test $ac_cv_header_krb_h = yes ; then
echo $ac_n "checking for main in -lkrb""... $ac_c" 1>&6
-echo "configure:10859: checking for main in -lkrb" >&5
+echo "configure:10864: checking for main in -lkrb" >&5
ac_lib_var=`echo krb'_'main | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10863,14 +10868,14 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lkrb -ldes $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10867 "configure"
+#line 10872 "configure"
#include "confdefs.h"
int main() {
main()
; return 0; }
EOF
-if { (eval echo configure:10874: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:10879: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -10940,17 +10945,17 @@ if test $ol_with_tls != no ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:10944: checking for $ac_hdr" >&5
+echo "configure:10949: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 10949 "configure"
+#line 10954 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:10954: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:10959: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -10979,7 +10984,7 @@ done
if test $ac_cv_header_openssl_ssl_h = yes -o $ac_cv_header_ssl_h = yes ; then
echo $ac_n "checking for SSLeay_add_ssl_algorithms in -lssl""... $ac_c" 1>&6
-echo "configure:10983: checking for SSLeay_add_ssl_algorithms in -lssl" >&5
+echo "configure:10988: checking for SSLeay_add_ssl_algorithms in -lssl" >&5
ac_lib_var=`echo ssl'_'SSLeay_add_ssl_algorithms | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -10987,7 +10992,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lssl -lcrypto $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 10991 "configure"
+#line 10996 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -10998,7 +11003,7 @@ int main() {
SSLeay_add_ssl_algorithms()
; return 0; }
EOF
-if { (eval echo configure:11002: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11007: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -11023,7 +11028,7 @@ fi
if test $have_ssleay = no ; then
echo $ac_n "checking for SSL_library_init in -lssl""... $ac_c" 1>&6
-echo "configure:11027: checking for SSL_library_init in -lssl" >&5
+echo "configure:11032: checking for SSL_library_init in -lssl" >&5
ac_lib_var=`echo ssl'_'SSL_library_init | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -11031,7 +11036,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lssl -lcrypto $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 11035 "configure"
+#line 11040 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -11042,7 +11047,7 @@ int main() {
SSL_library_init()
; return 0; }
EOF
-if { (eval echo configure:11046: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11051: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -11068,7 +11073,7 @@ fi
if test $have_ssleay = no ; then
echo $ac_n "checking for ssl3_accept in -lssl""... $ac_c" 1>&6
-echo "configure:11072: checking for ssl3_accept in -lssl" >&5
+echo "configure:11077: checking for ssl3_accept in -lssl" >&5
ac_lib_var=`echo ssl'_'ssl3_accept | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -11076,7 +11081,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lssl -lcrypto -lRSAglue -lrsaref $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 11080 "configure"
+#line 11085 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -11087,7 +11092,7 @@ int main() {
ssl3_accept()
; return 0; }
EOF
-if { (eval echo configure:11091: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11096: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -11168,12 +11173,12 @@ for ac_func in \
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:11172: checking for $ac_func" >&5
+echo "configure:11177: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11177 "configure"
+#line 11182 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -11197,7 +11202,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:11201: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11206: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -11226,19 +11231,19 @@ if test "$ac_cv_func_ctime_r" = no ; then
ol_cv_func_ctime_r_nargs=0
else
echo $ac_n "checking number of arguments of ctime_r""... $ac_c" 1>&6
-echo "configure:11230: checking number of arguments of ctime_r" >&5
+echo "configure:11235: checking number of arguments of ctime_r" >&5
if eval "test \"\${ol_cv_func_ctime_r_nargs+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11235 "configure"
+#line 11240 "configure"
#include "confdefs.h"
#include <time.h>
int main() {
time_t ti; char *buffer; ctime_r(&ti,buffer,32);
; return 0; }
EOF
-if { (eval echo configure:11242: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:11247: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_func_ctime_r_nargs3=yes
else
@@ -11250,14 +11255,14 @@ fi
rm -f conftest*
cat > conftest.$ac_ext <<EOF
-#line 11254 "configure"
+#line 11259 "configure"
#include "confdefs.h"
#include <time.h>
int main() {
time_t ti; char *buffer; ctime_r(&ti,buffer);
; return 0; }
EOF
-if { (eval echo configure:11261: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:11266: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_func_ctime_r_nargs2=yes
else
@@ -11297,12 +11302,12 @@ fi
if test "$ac_cv_func_gethostbyname_r" = yes ; then
echo $ac_n "checking number of arguments of gethostbyname_r""... $ac_c" 1>&6
-echo "configure:11301: checking number of arguments of gethostbyname_r" >&5
+echo "configure:11306: checking number of arguments of gethostbyname_r" >&5
if eval "test \"\${ol_cv_func_gethostbyname_r_nargs+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11306 "configure"
+#line 11311 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/socket.h>
@@ -11316,7 +11321,7 @@ struct hostent hent; char buffer[BUFSIZE];
buffer, bufsize, &h_errno);
; return 0; }
EOF
-if { (eval echo configure:11320: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:11325: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_func_gethostbyname_r_nargs5=yes
else
@@ -11328,7 +11333,7 @@ fi
rm -f conftest*
cat > conftest.$ac_ext <<EOF
-#line 11332 "configure"
+#line 11337 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/socket.h>
@@ -11343,7 +11348,7 @@ struct hostent hent;struct hostent *rhent;
&rhent, &h_errno);
; return 0; }
EOF
-if { (eval echo configure:11347: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:11352: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_func_gethostbyname_r_nargs6=yes
else
@@ -11384,12 +11389,12 @@ fi
if test "$ac_cv_func_gethostbyaddr_r" = yes ; then
echo $ac_n "checking number of arguments of gethostbyaddr_r""... $ac_c" 1>&6
-echo "configure:11388: checking number of arguments of gethostbyaddr_r" >&5
+echo "configure:11393: checking number of arguments of gethostbyaddr_r" >&5
if eval "test \"\${ol_cv_func_gethostbyaddr_r_nargs+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11393 "configure"
+#line 11398 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/socket.h>
@@ -11405,7 +11410,7 @@ struct hostent hent; char buffer[BUFSIZE];
alen, AF_INET, &hent, buffer, bufsize, &h_errno);
; return 0; }
EOF
-if { (eval echo configure:11409: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:11414: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_func_gethostbyaddr_r_nargs7=yes
else
@@ -11417,7 +11422,7 @@ fi
rm -f conftest*
cat > conftest.$ac_ext <<EOF
-#line 11421 "configure"
+#line 11426 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/socket.h>
@@ -11435,7 +11440,7 @@ struct hostent hent;
&rhent, &h_errno);
; return 0; }
EOF
-if { (eval echo configure:11439: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:11444: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_func_gethostbyaddr_r_nargs8=yes
else
@@ -11498,12 +11503,12 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \
echo $ac_n "checking for _beginthread""... $ac_c" 1>&6
-echo "configure:11502: checking for _beginthread" >&5
+echo "configure:11507: checking for _beginthread" >&5
if eval "test \"\${ac_cv_func__beginthread+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11507 "configure"
+#line 11512 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char _beginthread(); below. */
@@ -11527,7 +11532,7 @@ f = _beginthread;
; return 0; }
EOF
-if { (eval echo configure:11531: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11536: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func__beginthread=yes"
else
@@ -11583,17 +11588,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:11587: checking for $ac_hdr" >&5
+echo "configure:11592: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11592 "configure"
+#line 11597 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:11597: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:11602: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -11622,13 +11627,13 @@ done
if test $ac_cv_header_pthread_h = yes ; then
echo $ac_n "checking POSIX thread version""... $ac_c" 1>&6
-echo "configure:11626: checking POSIX thread version" >&5
+echo "configure:11631: checking POSIX thread version" >&5
if eval "test \"\${ol_cv_pthread_version+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11632 "configure"
+#line 11637 "configure"
#include "confdefs.h"
# include <pthread.h>
@@ -11650,7 +11655,7 @@ rm -f conftest*
cat > conftest.$ac_ext <<EOF
-#line 11654 "configure"
+#line 11659 "configure"
#include "confdefs.h"
# include <pthread.h>
@@ -11703,12 +11708,12 @@ EOF
echo $ac_n "checking for LinuxThreads pthread.h""... $ac_c" 1>&6
-echo "configure:11707: checking for LinuxThreads pthread.h" >&5
+echo "configure:11712: checking for LinuxThreads pthread.h" >&5
if eval "test \"\${ol_cv_header_linux_threads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11712 "configure"
+#line 11717 "configure"
#include "confdefs.h"
#include <pthread.h>
EOF
@@ -11735,12 +11740,12 @@ EOF
echo $ac_n "checking for GNU Pth pthread.h""... $ac_c" 1>&6
-echo "configure:11739: checking for GNU Pth pthread.h" >&5
+echo "configure:11744: checking for GNU Pth pthread.h" >&5
if eval "test \"\${ol_cv_header_gnu_pth_pthread_h+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11744 "configure"
+#line 11749 "configure"
#include "confdefs.h"
#include <pthread.h>
#ifdef _POSIX_THREAD_IS_GNU_PTH
@@ -11769,17 +11774,17 @@ echo "$ac_t""$ol_cv_header_gnu_pth_pthread_h" 1>&6
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:11773: checking for $ac_hdr" >&5
+echo "configure:11778: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 11778 "configure"
+#line 11783 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:11783: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:11788: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -11809,14 +11814,14 @@ done
echo $ac_n "checking for pthread_create in default libraries""... $ac_c" 1>&6
-echo "configure:11813: checking for pthread_create in default libraries" >&5
+echo "configure:11818: checking for pthread_create in default libraries" >&5
if eval "test \"\${ol_cv_pthread_create+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 11820 "configure"
+#line 11825 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -11897,7 +11902,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:11901: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:11906: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_create=yes
else
@@ -11909,7 +11914,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 11913 "configure"
+#line 11918 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -11995,7 +12000,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:11999: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12004: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_create=yes
else
@@ -12020,7 +12025,7 @@ echo "$ac_t""$ol_cv_pthread_create" 1>&6
if test "$ol_link_threads" = no ; then
# try -kthread
echo $ac_n "checking for pthread link with -kthread""... $ac_c" 1>&6
-echo "configure:12024: checking for pthread link with -kthread" >&5
+echo "configure:12029: checking for pthread link with -kthread" >&5
if eval "test \"\${ol_cv_pthread_kthread+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -12031,7 +12036,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 12035 "configure"
+#line 12040 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12112,7 +12117,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:12116: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12121: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_kthread=yes
else
@@ -12124,7 +12129,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 12128 "configure"
+#line 12133 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12210,7 +12215,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:12214: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12219: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_kthread=yes
else
@@ -12240,7 +12245,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -pthread
echo $ac_n "checking for pthread link with -pthread""... $ac_c" 1>&6
-echo "configure:12244: checking for pthread link with -pthread" >&5
+echo "configure:12249: checking for pthread link with -pthread" >&5
if eval "test \"\${ol_cv_pthread_pthread+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -12251,7 +12256,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 12255 "configure"
+#line 12260 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12332,7 +12337,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:12336: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12341: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_pthread=yes
else
@@ -12344,7 +12349,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 12348 "configure"
+#line 12353 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12430,7 +12435,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:12434: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12439: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_pthread=yes
else
@@ -12460,7 +12465,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -pthreads
echo $ac_n "checking for pthread link with -pthreads""... $ac_c" 1>&6
-echo "configure:12464: checking for pthread link with -pthreads" >&5
+echo "configure:12469: checking for pthread link with -pthreads" >&5
if eval "test \"\${ol_cv_pthread_pthreads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -12471,7 +12476,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 12475 "configure"
+#line 12480 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12552,7 +12557,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:12556: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12561: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_pthreads=yes
else
@@ -12564,7 +12569,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 12568 "configure"
+#line 12573 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12650,7 +12655,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:12654: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12659: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_pthreads=yes
else
@@ -12680,7 +12685,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -mthreads
echo $ac_n "checking for pthread link with -mthreads""... $ac_c" 1>&6
-echo "configure:12684: checking for pthread link with -mthreads" >&5
+echo "configure:12689: checking for pthread link with -mthreads" >&5
if eval "test \"\${ol_cv_pthread_mthreads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -12691,7 +12696,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 12695 "configure"
+#line 12700 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12772,7 +12777,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:12776: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:12781: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_mthreads=yes
else
@@ -12784,7 +12789,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 12788 "configure"
+#line 12793 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12870,7 +12875,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:12874: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:12879: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_mthreads=yes
else
@@ -12900,7 +12905,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -thread
echo $ac_n "checking for pthread link with -thread""... $ac_c" 1>&6
-echo "configure:12904: checking for pthread link with -thread" >&5
+echo "configure:12909: checking for pthread link with -thread" >&5
if eval "test \"\${ol_cv_pthread_thread+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -12911,7 +12916,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 12915 "configure"
+#line 12920 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -12992,7 +12997,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:12996: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:13001: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_thread=yes
else
@@ -13004,7 +13009,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 13008 "configure"
+#line 13013 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13090,7 +13095,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:13094: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:13099: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_thread=yes
else
@@ -13121,7 +13126,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthread -lmach -lexc -lc_r
echo $ac_n "checking for pthread link with -lpthread -lmach -lexc -lc_r""... $ac_c" 1>&6
-echo "configure:13125: checking for pthread link with -lpthread -lmach -lexc -lc_r" >&5
+echo "configure:13130: checking for pthread link with -lpthread -lmach -lexc -lc_r" >&5
if eval "test \"\${ol_cv_pthread_lpthread_lmach_lexc_lc_r+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -13132,7 +13137,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 13136 "configure"
+#line 13141 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13213,7 +13218,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:13217: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:13222: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lpthread_lmach_lexc_lc_r=yes
else
@@ -13225,7 +13230,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 13229 "configure"
+#line 13234 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13311,7 +13316,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:13315: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:13320: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthread_lmach_lexc_lc_r=yes
else
@@ -13341,7 +13346,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthread -lmach -lexc
echo $ac_n "checking for pthread link with -lpthread -lmach -lexc""... $ac_c" 1>&6
-echo "configure:13345: checking for pthread link with -lpthread -lmach -lexc" >&5
+echo "configure:13350: checking for pthread link with -lpthread -lmach -lexc" >&5
if eval "test \"\${ol_cv_pthread_lpthread_lmach_lexc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -13352,7 +13357,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 13356 "configure"
+#line 13361 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13433,7 +13438,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:13437: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:13442: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lpthread_lmach_lexc=yes
else
@@ -13445,7 +13450,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 13449 "configure"
+#line 13454 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13531,7 +13536,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:13535: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:13540: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthread_lmach_lexc=yes
else
@@ -13562,7 +13567,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthread -Wl,-woff,85
echo $ac_n "checking for pthread link with -lpthread -Wl,-woff,85""... $ac_c" 1>&6
-echo "configure:13566: checking for pthread link with -lpthread -Wl,-woff,85" >&5
+echo "configure:13571: checking for pthread link with -lpthread -Wl,-woff,85" >&5
if eval "test \"\${ol_cv_pthread_lib_lpthread_woff+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -13573,7 +13578,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 13577 "configure"
+#line 13582 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13654,7 +13659,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:13658: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:13663: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lib_lpthread_woff=yes
else
@@ -13666,7 +13671,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 13670 "configure"
+#line 13675 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13752,7 +13757,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:13756: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:13761: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lib_lpthread_woff=yes
else
@@ -13783,7 +13788,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthread
echo $ac_n "checking for pthread link with -lpthread""... $ac_c" 1>&6
-echo "configure:13787: checking for pthread link with -lpthread" >&5
+echo "configure:13792: checking for pthread link with -lpthread" >&5
if eval "test \"\${ol_cv_pthread_lpthread+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -13794,7 +13799,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 13798 "configure"
+#line 13803 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13875,7 +13880,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:13879: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:13884: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lpthread=yes
else
@@ -13887,7 +13892,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 13891 "configure"
+#line 13896 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -13973,7 +13978,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:13977: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:13982: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthread=yes
else
@@ -14003,7 +14008,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lc_r
echo $ac_n "checking for pthread link with -lc_r""... $ac_c" 1>&6
-echo "configure:14007: checking for pthread link with -lc_r" >&5
+echo "configure:14012: checking for pthread link with -lc_r" >&5
if eval "test \"\${ol_cv_pthread_lc_r+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -14014,7 +14019,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 14018 "configure"
+#line 14023 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14095,7 +14100,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:14099: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:14104: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lc_r=yes
else
@@ -14107,7 +14112,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 14111 "configure"
+#line 14116 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14193,7 +14198,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:14197: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:14202: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lc_r=yes
else
@@ -14224,7 +14229,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -threads
echo $ac_n "checking for pthread link with -threads""... $ac_c" 1>&6
-echo "configure:14228: checking for pthread link with -threads" >&5
+echo "configure:14233: checking for pthread link with -threads" >&5
if eval "test \"\${ol_cv_pthread_threads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -14235,7 +14240,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 14239 "configure"
+#line 14244 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14316,7 +14321,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:14320: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:14325: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_threads=yes
else
@@ -14328,7 +14333,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 14332 "configure"
+#line 14337 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14414,7 +14419,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:14418: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:14423: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_threads=yes
else
@@ -14445,7 +14450,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthreads -lmach -lexc -lc_r
echo $ac_n "checking for pthread link with -lpthreads -lmach -lexc -lc_r""... $ac_c" 1>&6
-echo "configure:14449: checking for pthread link with -lpthreads -lmach -lexc -lc_r" >&5
+echo "configure:14454: checking for pthread link with -lpthreads -lmach -lexc -lc_r" >&5
if eval "test \"\${ol_cv_pthread_lpthreads_lmach_lexc_lc_r+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -14456,7 +14461,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 14460 "configure"
+#line 14465 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14537,7 +14542,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:14541: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:14546: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lpthreads_lmach_lexc_lc_r=yes
else
@@ -14549,7 +14554,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 14553 "configure"
+#line 14558 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14635,7 +14640,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:14639: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:14644: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthreads_lmach_lexc_lc_r=yes
else
@@ -14665,7 +14670,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthreads -lmach -lexc
echo $ac_n "checking for pthread link with -lpthreads -lmach -lexc""... $ac_c" 1>&6
-echo "configure:14669: checking for pthread link with -lpthreads -lmach -lexc" >&5
+echo "configure:14674: checking for pthread link with -lpthreads -lmach -lexc" >&5
if eval "test \"\${ol_cv_pthread_lpthreads_lmach_lexc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -14676,7 +14681,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 14680 "configure"
+#line 14685 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14757,7 +14762,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:14761: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:14766: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lpthreads_lmach_lexc=yes
else
@@ -14769,7 +14774,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 14773 "configure"
+#line 14778 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14855,7 +14860,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:14859: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:14864: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthreads_lmach_lexc=yes
else
@@ -14885,7 +14890,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthreads -lexc
echo $ac_n "checking for pthread link with -lpthreads -lexc""... $ac_c" 1>&6
-echo "configure:14889: checking for pthread link with -lpthreads -lexc" >&5
+echo "configure:14894: checking for pthread link with -lpthreads -lexc" >&5
if eval "test \"\${ol_cv_pthread_lpthreads_lexc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -14896,7 +14901,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 14900 "configure"
+#line 14905 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -14977,7 +14982,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:14981: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:14986: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lpthreads_lexc=yes
else
@@ -14989,7 +14994,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 14993 "configure"
+#line 14998 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -15075,7 +15080,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:15079: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:15084: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lpthreads_lexc=yes
else
@@ -15106,7 +15111,7 @@ fi
if test "$ol_link_threads" = no ; then
# try -lpthreads
echo $ac_n "checking for pthread link with -lpthreads""... $ac_c" 1>&6
-echo "configure:15110: checking for pthread link with -lpthreads" >&5
+echo "configure:15115: checking for pthread link with -lpthreads" >&5
if eval "test \"\${ol_cv_pthread_lib_lpthreads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -15117,7 +15122,7 @@ else
if test "$cross_compiling" = yes; then
cat > conftest.$ac_ext <<EOF
-#line 15121 "configure"
+#line 15126 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -15198,7 +15203,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:15202: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15207: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_pthread_lib_lpthreads=yes
else
@@ -15210,7 +15215,7 @@ fi
rm -f conftest*
else
cat > conftest.$ac_ext <<EOF
-#line 15214 "configure"
+#line 15219 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -15296,7 +15301,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:15300: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:15305: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_lib_lpthreads=yes
else
@@ -15338,12 +15343,12 @@ EOF
for ac_func in sched_yield pthread_yield
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:15342: checking for $ac_func" >&5
+echo "configure:15347: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 15347 "configure"
+#line 15352 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -15367,7 +15372,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:15371: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15376: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -15395,7 +15400,7 @@ done
if test $ac_cv_func_sched_yield = no -a \
$ac_cv_func_pthread_yield = no ; then
echo $ac_n "checking for sched_yield in -lrt""... $ac_c" 1>&6
-echo "configure:15399: checking for sched_yield in -lrt" >&5
+echo "configure:15404: checking for sched_yield in -lrt" >&5
ac_lib_var=`echo rt'_'sched_yield | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -15403,7 +15408,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lrt $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 15407 "configure"
+#line 15412 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -15414,7 +15419,7 @@ int main() {
sched_yield()
; return 0; }
EOF
-if { (eval echo configure:15418: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15423: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -15446,12 +15451,12 @@ fi
for ac_func in thr_yield
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:15450: checking for $ac_func" >&5
+echo "configure:15455: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 15455 "configure"
+#line 15460 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -15475,7 +15480,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:15479: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15484: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -15509,12 +15514,12 @@ done
for ac_func in pthread_kill pthread_rwlock_destroy
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:15513: checking for $ac_func" >&5
+echo "configure:15518: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 15518 "configure"
+#line 15523 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -15538,7 +15543,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:15542: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15547: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -15564,13 +15569,13 @@ done
echo $ac_n "checking for pthread_detach with <pthread.h>""... $ac_c" 1>&6
-echo "configure:15568: checking for pthread_detach with <pthread.h>" >&5
+echo "configure:15573: checking for pthread_detach with <pthread.h>" >&5
if eval "test \"\${ol_cv_func_pthread_detach+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 15574 "configure"
+#line 15579 "configure"
#include "confdefs.h"
#include <pthread.h>
@@ -15582,7 +15587,7 @@ int main() {
pthread_detach(NULL);
; return 0; }
EOF
-if { (eval echo configure:15586: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15591: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_func_pthread_detach=yes
else
@@ -15614,12 +15619,12 @@ EOF
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:15618: checking for $ac_func" >&5
+echo "configure:15623: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 15623 "configure"
+#line 15628 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -15643,7 +15648,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:15647: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15652: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -15672,12 +15677,12 @@ done
for ac_func in pthread_kill_other_threads_np
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:15676: checking for $ac_func" >&5
+echo "configure:15681: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 15681 "configure"
+#line 15686 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -15701,7 +15706,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:15705: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:15710: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -15726,7 +15731,7 @@ fi
done
echo $ac_n "checking for LinuxThreads implementation""... $ac_c" 1>&6
-echo "configure:15730: checking for LinuxThreads implementation" >&5
+echo "configure:15735: checking for LinuxThreads implementation" >&5
if eval "test \"\${ol_cv_sys_linux_threads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -15739,7 +15744,7 @@ echo "$ac_t""$ol_cv_sys_linux_threads" 1>&6
echo $ac_n "checking for LinuxThreads consistency""... $ac_c" 1>&6
-echo "configure:15743: checking for LinuxThreads consistency" >&5
+echo "configure:15748: checking for LinuxThreads consistency" >&5
if eval "test \"\${ol_cv_linux_threads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -15764,7 +15769,7 @@ echo "$ac_t""$ol_cv_linux_threads" 1>&6
fi
echo $ac_n "checking if pthread_create() works""... $ac_c" 1>&6
-echo "configure:15768: checking if pthread_create() works" >&5
+echo "configure:15773: checking if pthread_create() works" >&5
if eval "test \"\${ol_cv_pthread_create_works+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -15773,7 +15778,7 @@ else
ol_cv_pthread_create_works=yes
else
cat > conftest.$ac_ext <<EOF
-#line 15777 "configure"
+#line 15782 "configure"
#include "confdefs.h"
/* pthread test headers */
#include <pthread.h>
@@ -15859,7 +15864,7 @@ int main(argc, argv)
}
EOF
-if { (eval echo configure:15863: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:15868: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_create_works=yes
else
@@ -15881,7 +15886,7 @@ echo "$ac_t""$ol_cv_pthread_create_works" 1>&6
if test $ol_with_yielding_select = auto ; then
echo $ac_n "checking if select yields when using pthreads""... $ac_c" 1>&6
-echo "configure:15885: checking if select yields when using pthreads" >&5
+echo "configure:15890: checking if select yields when using pthreads" >&5
if eval "test \"\${ol_cv_pthread_select_yields+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -15890,7 +15895,7 @@ else
ol_cv_pthread_select_yields=cross
else
cat > conftest.$ac_ext <<EOF
-#line 15894 "configure"
+#line 15899 "configure"
#include "confdefs.h"
#include <sys/types.h>
@@ -15966,7 +15971,7 @@ int main(argc, argv)
exit(2);
}
EOF
-if { (eval echo configure:15970: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:15975: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_pthread_select_yields=no
else
@@ -16010,17 +16015,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16014: checking for $ac_hdr" >&5
+echo "configure:16019: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16019 "configure"
+#line 16024 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16024: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16029: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16050,12 +16055,12 @@ done
ol_with_threads=found
echo $ac_n "checking for cthread_fork""... $ac_c" 1>&6
-echo "configure:16054: checking for cthread_fork" >&5
+echo "configure:16059: checking for cthread_fork" >&5
if eval "test \"\${ac_cv_func_cthread_fork+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16059 "configure"
+#line 16064 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char cthread_fork(); below. */
@@ -16079,7 +16084,7 @@ f = cthread_fork;
; return 0; }
EOF
-if { (eval echo configure:16083: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16088: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_cthread_fork=yes"
else
@@ -16101,7 +16106,7 @@ fi
if test $ol_link_threads = no ; then
echo $ac_n "checking for cthread_fork with -all_load""... $ac_c" 1>&6
-echo "configure:16105: checking for cthread_fork with -all_load" >&5
+echo "configure:16110: checking for cthread_fork with -all_load" >&5
if eval "test \"\${ol_cv_cthread_all_load+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -16109,7 +16114,7 @@ else
save_LIBS="$LIBS"
LIBS="-all_load $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 16113 "configure"
+#line 16118 "configure"
#include "confdefs.h"
#include <mach/cthreads.h>
int main() {
@@ -16118,7 +16123,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:16122: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16127: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_cthread_all_load=yes
else
@@ -16148,12 +16153,12 @@ echo "$ac_t""$ol_cv_cthread_all_load" 1>&6
save_LIBS="$LIBS"
LIBS="$LIBS -lthreads"
echo $ac_n "checking for cthread_fork""... $ac_c" 1>&6
-echo "configure:16152: checking for cthread_fork" >&5
+echo "configure:16157: checking for cthread_fork" >&5
if eval "test \"\${ac_cv_func_cthread_fork+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16157 "configure"
+#line 16162 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char cthread_fork(); below. */
@@ -16177,7 +16182,7 @@ f = cthread_fork;
; return 0; }
EOF
-if { (eval echo configure:16181: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16186: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_cthread_fork=yes"
else
@@ -16227,17 +16232,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16231: checking for $ac_hdr" >&5
+echo "configure:16236: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16236 "configure"
+#line 16241 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16241: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16246: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16266,7 +16271,7 @@ done
if test $ac_cv_header_pth_h = yes ; then
echo $ac_n "checking for pth_version in -lpth""... $ac_c" 1>&6
-echo "configure:16270: checking for pth_version in -lpth" >&5
+echo "configure:16275: checking for pth_version in -lpth" >&5
ac_lib_var=`echo pth'_'pth_version | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -16274,7 +16279,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lpth $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 16278 "configure"
+#line 16283 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -16285,7 +16290,7 @@ int main() {
pth_version()
; return 0; }
EOF
-if { (eval echo configure:16289: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16294: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -16330,17 +16335,17 @@ if test $ol_with_threads = auto -o $ol_with_threads = yes \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16334: checking for $ac_hdr" >&5
+echo "configure:16339: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16339 "configure"
+#line 16344 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16344: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16349: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16368,7 +16373,7 @@ done
if test $ac_cv_header_thread_h = yes -a $ac_cv_header_synch_h = yes ; then
echo $ac_n "checking for thr_create in -lthread""... $ac_c" 1>&6
-echo "configure:16372: checking for thr_create in -lthread" >&5
+echo "configure:16377: checking for thr_create in -lthread" >&5
ac_lib_var=`echo thread'_'thr_create | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -16376,7 +16381,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lthread $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 16380 "configure"
+#line 16385 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -16387,7 +16392,7 @@ int main() {
thr_create()
; return 0; }
EOF
-if { (eval echo configure:16391: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16396: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -16427,12 +16432,12 @@ EOF
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:16431: checking for $ac_func" >&5
+echo "configure:16436: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16436 "configure"
+#line 16441 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -16456,7 +16461,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:16460: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16465: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -16487,17 +16492,17 @@ done
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16491: checking for $ac_hdr" >&5
+echo "configure:16496: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16496 "configure"
+#line 16501 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16501: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16506: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16525,7 +16530,7 @@ done
if test $ac_cv_header_lwp_lwp_h = yes ; then
echo $ac_n "checking for lwp_create in -llwp""... $ac_c" 1>&6
-echo "configure:16529: checking for lwp_create in -llwp" >&5
+echo "configure:16534: checking for lwp_create in -llwp" >&5
ac_lib_var=`echo lwp'_'lwp_create | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -16533,7 +16538,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-llwp $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 16537 "configure"
+#line 16542 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -16544,7 +16549,7 @@ int main() {
lwp_create()
; return 0; }
EOF
-if { (eval echo configure:16548: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16553: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -16597,17 +16602,17 @@ if test $ol_with_threads = manual ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16601: checking for $ac_hdr" >&5
+echo "configure:16606: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16606 "configure"
+#line 16611 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16611: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16616: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16636,12 +16641,12 @@ done
for ac_func in sched_yield pthread_yield
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:16640: checking for $ac_func" >&5
+echo "configure:16645: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16645 "configure"
+#line 16650 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -16665,7 +16670,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:16669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16674: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -16691,12 +16696,12 @@ done
echo $ac_n "checking for LinuxThreads pthread.h""... $ac_c" 1>&6
-echo "configure:16695: checking for LinuxThreads pthread.h" >&5
+echo "configure:16700: checking for LinuxThreads pthread.h" >&5
if eval "test \"\${ol_cv_header_linux_threads+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16700 "configure"
+#line 16705 "configure"
#include "confdefs.h"
#include <pthread.h>
EOF
@@ -16726,17 +16731,17 @@ EOF
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16730: checking for $ac_hdr" >&5
+echo "configure:16735: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16735 "configure"
+#line 16740 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16740: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16745: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16766,17 +16771,17 @@ done
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16770: checking for $ac_hdr" >&5
+echo "configure:16775: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16775 "configure"
+#line 16780 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16780: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16785: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16806,17 +16811,17 @@ done
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16810: checking for $ac_hdr" >&5
+echo "configure:16815: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16815 "configure"
+#line 16820 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16820: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16825: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -16875,20 +16880,20 @@ EOF
echo $ac_n "checking for thread specific errno""... $ac_c" 1>&6
-echo "configure:16879: checking for thread specific errno" >&5
+echo "configure:16884: checking for thread specific errno" >&5
if eval "test \"\${ol_cv_errno_thread_specific+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16885 "configure"
+#line 16890 "configure"
#include "confdefs.h"
#include <errno.h>
int main() {
errno = 0;
; return 0; }
EOF
-if { (eval echo configure:16892: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16897: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_errno_thread_specific=yes
else
@@ -16904,20 +16909,20 @@ fi
echo "$ac_t""$ol_cv_errno_thread_specific" 1>&6
echo $ac_n "checking for thread specific h_errno""... $ac_c" 1>&6
-echo "configure:16908: checking for thread specific h_errno" >&5
+echo "configure:16913: checking for thread specific h_errno" >&5
if eval "test \"\${ol_cv_h_errno_thread_specific+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16914 "configure"
+#line 16919 "configure"
#include "confdefs.h"
#include <netdb.h>
int main() {
h_errno = 0;
; return 0; }
EOF
-if { (eval echo configure:16921: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:16926: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_h_errno_thread_specific=yes
else
@@ -16975,17 +16980,17 @@ if test $ol_with_ldbm_api = auto \
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:16979: checking for $ac_hdr" >&5
+echo "configure:16984: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 16984 "configure"
+#line 16989 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:16989: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:16994: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -17013,13 +17018,13 @@ done
if test $ac_cv_header_db_185_h = yes -o $ac_cv_header_db_h = yes; then
echo $ac_n "checking if Berkeley DB header compatibility""... $ac_c" 1>&6
-echo "configure:17017: checking if Berkeley DB header compatibility" >&5
+echo "configure:17022: checking if Berkeley DB header compatibility" >&5
if eval "test \"\${ol_cv_header_db1+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 17023 "configure"
+#line 17028 "configure"
#include "confdefs.h"
#if HAVE_DB_185_H
@@ -17056,7 +17061,7 @@ echo "$ac_t""$ol_cv_header_db1" 1>&6
ol_cv_lib_db=no
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (default)""... $ac_c" 1>&6
-echo "configure:17060: checking for Berkeley DB link (default)" >&5
+echo "configure:17065: checking for Berkeley DB link (default)" >&5
if eval "test \"\${ol_cv_db_none+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17066,7 +17071,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17070 "configure"
+#line 17075 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17113,7 +17118,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17117: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17122: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_none=yes
else
@@ -17137,7 +17142,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb4)""... $ac_c" 1>&6
-echo "configure:17141: checking for Berkeley DB link (-ldb4)" >&5
+echo "configure:17146: checking for Berkeley DB link (-ldb4)" >&5
if eval "test \"\${ol_cv_db_db4+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17147,7 +17152,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17151 "configure"
+#line 17156 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17194,7 +17199,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17198: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17203: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db4=yes
else
@@ -17218,7 +17223,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb)""... $ac_c" 1>&6
-echo "configure:17222: checking for Berkeley DB link (-ldb)" >&5
+echo "configure:17227: checking for Berkeley DB link (-ldb)" >&5
if eval "test \"\${ol_cv_db_db+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17228,7 +17233,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17232 "configure"
+#line 17237 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17275,7 +17280,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17279: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17284: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db=yes
else
@@ -17299,7 +17304,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb3)""... $ac_c" 1>&6
-echo "configure:17303: checking for Berkeley DB link (-ldb3)" >&5
+echo "configure:17308: checking for Berkeley DB link (-ldb3)" >&5
if eval "test \"\${ol_cv_db_db3+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17309,7 +17314,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17313 "configure"
+#line 17318 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17356,7 +17361,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17360: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17365: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db3=yes
else
@@ -17380,7 +17385,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb2)""... $ac_c" 1>&6
-echo "configure:17384: checking for Berkeley DB link (-ldb2)" >&5
+echo "configure:17389: checking for Berkeley DB link (-ldb2)" >&5
if eval "test \"\${ol_cv_db_db2+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17390,7 +17395,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17394 "configure"
+#line 17399 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17437,7 +17442,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17441: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17446: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db2=yes
else
@@ -17461,7 +17466,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb1)""... $ac_c" 1>&6
-echo "configure:17465: checking for Berkeley DB link (-ldb1)" >&5
+echo "configure:17470: checking for Berkeley DB link (-ldb1)" >&5
if eval "test \"\${ol_cv_db_db1+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17471,7 +17476,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17475 "configure"
+#line 17480 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17518,7 +17523,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17522: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17527: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db1=yes
else
@@ -17553,17 +17558,17 @@ for ac_hdr in db.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:17557: checking for $ac_hdr" >&5
+echo "configure:17562: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 17562 "configure"
+#line 17567 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:17567: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:17572: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -17593,7 +17598,7 @@ if test $ac_cv_header_db_h = yes; then
ol_cv_lib_db=no
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (default)""... $ac_c" 1>&6
-echo "configure:17597: checking for Berkeley DB link (default)" >&5
+echo "configure:17602: checking for Berkeley DB link (default)" >&5
if eval "test \"\${ol_cv_db_none+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17603,7 +17608,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17607 "configure"
+#line 17612 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17650,7 +17655,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17654: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17659: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_none=yes
else
@@ -17674,7 +17679,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb4)""... $ac_c" 1>&6
-echo "configure:17678: checking for Berkeley DB link (-ldb4)" >&5
+echo "configure:17683: checking for Berkeley DB link (-ldb4)" >&5
if eval "test \"\${ol_cv_db_db4+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17684,7 +17689,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17688 "configure"
+#line 17693 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17731,7 +17736,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17735: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17740: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db4=yes
else
@@ -17755,7 +17760,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb)""... $ac_c" 1>&6
-echo "configure:17759: checking for Berkeley DB link (-ldb)" >&5
+echo "configure:17764: checking for Berkeley DB link (-ldb)" >&5
if eval "test \"\${ol_cv_db_db+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17765,7 +17770,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17769 "configure"
+#line 17774 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17812,7 +17817,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17816: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17821: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db=yes
else
@@ -17836,7 +17841,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb3)""... $ac_c" 1>&6
-echo "configure:17840: checking for Berkeley DB link (-ldb3)" >&5
+echo "configure:17845: checking for Berkeley DB link (-ldb3)" >&5
if eval "test \"\${ol_cv_db_db3+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17846,7 +17851,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17850 "configure"
+#line 17855 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17893,7 +17898,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17897: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17902: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db3=yes
else
@@ -17917,7 +17922,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb2)""... $ac_c" 1>&6
-echo "configure:17921: checking for Berkeley DB link (-ldb2)" >&5
+echo "configure:17926: checking for Berkeley DB link (-ldb2)" >&5
if eval "test \"\${ol_cv_db_db2+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -17927,7 +17932,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 17931 "configure"
+#line 17936 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -17974,7 +17979,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:17978: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:17983: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db2=yes
else
@@ -17998,7 +18003,7 @@ fi
if test $ol_cv_lib_db = no ; then
echo $ac_n "checking for Berkeley DB link (-ldb1)""... $ac_c" 1>&6
-echo "configure:18002: checking for Berkeley DB link (-ldb1)" >&5
+echo "configure:18007: checking for Berkeley DB link (-ldb1)" >&5
if eval "test \"\${ol_cv_db_db1+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -18008,7 +18013,7 @@ else
LIBS="$ol_DB_LIB $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 18012 "configure"
+#line 18017 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -18055,7 +18060,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:18059: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18064: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_db_db1=yes
else
@@ -18081,7 +18086,7 @@ fi
if test "$ol_cv_lib_db" != no ; then
ol_cv_berkeley_db=yes
echo $ac_n "checking for Berkeley DB thread support""... $ac_c" 1>&6
-echo "configure:18085: checking for Berkeley DB thread support" >&5
+echo "configure:18090: checking for Berkeley DB thread support" >&5
if eval "test \"\${ol_cv_berkeley_db_thread+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -18095,7 +18100,7 @@ else
ol_cv_berkeley_db_thread=cross
else
cat > conftest.$ac_ext <<EOF
-#line 18099 "configure"
+#line 18104 "configure"
#include "confdefs.h"
#ifdef HAVE_DB_185_H
@@ -18162,7 +18167,7 @@ main()
return rc;
}
EOF
-if { (eval echo configure:18166: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:18171: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_berkeley_db_thread=yes
else
@@ -18223,13 +18228,13 @@ if test $ol_enable_bdb = yes -a $ol_link_ldbm != berkeley ; then
{ echo "configure: error: BDB: BerkeleyDB not available" 1>&2; exit 1; }
elif test $ol_enable_bdb != no -a $ol_link_ldbm = berkeley ; then
echo $ac_n "checking Berkeley DB version for BDB backend""... $ac_c" 1>&6
-echo "configure:18227: checking Berkeley DB version for BDB backend" >&5
+echo "configure:18232: checking Berkeley DB version for BDB backend" >&5
if eval "test \"\${ol_cv_bdb_compat+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18233 "configure"
+#line 18238 "configure"
#include "confdefs.h"
#include <db.h>
@@ -18276,18 +18281,18 @@ fi
if test $ol_with_ldbm_api = auto -o $ol_with_ldbm_api = mdbm ; then
echo $ac_n "checking for MDBM library""... $ac_c" 1>&6
-echo "configure:18280: checking for MDBM library" >&5
+echo "configure:18285: checking for MDBM library" >&5
if eval "test \"\${ol_cv_lib_mdbm+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ol_LIBS="$LIBS"
echo $ac_n "checking for mdbm_set_chain""... $ac_c" 1>&6
-echo "configure:18286: checking for mdbm_set_chain" >&5
+echo "configure:18291: checking for mdbm_set_chain" >&5
if eval "test \"\${ac_cv_func_mdbm_set_chain+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18291 "configure"
+#line 18296 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char mdbm_set_chain(); below. */
@@ -18311,7 +18316,7 @@ f = mdbm_set_chain;
; return 0; }
EOF
-if { (eval echo configure:18315: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18320: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_mdbm_set_chain=yes"
else
@@ -18330,7 +18335,7 @@ else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for mdbm_set_chain in -lmdbm""... $ac_c" 1>&6
-echo "configure:18334: checking for mdbm_set_chain in -lmdbm" >&5
+echo "configure:18339: checking for mdbm_set_chain in -lmdbm" >&5
ac_lib_var=`echo mdbm'_'mdbm_set_chain | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -18338,7 +18343,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lmdbm $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 18342 "configure"
+#line 18347 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -18349,7 +18354,7 @@ int main() {
mdbm_set_chain()
; return 0; }
EOF
-if { (eval echo configure:18353: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18358: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -18384,17 +18389,17 @@ echo "$ac_t""$ol_cv_lib_mdbm" 1>&6
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:18388: checking for $ac_hdr" >&5
+echo "configure:18393: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18393 "configure"
+#line 18398 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:18398: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:18403: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -18421,7 +18426,7 @@ fi
done
echo $ac_n "checking for db""... $ac_c" 1>&6
-echo "configure:18425: checking for db" >&5
+echo "configure:18430: checking for db" >&5
if eval "test \"\${ol_cv_mdbm+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -18454,18 +18459,18 @@ fi
if test $ol_with_ldbm_api = auto -o $ol_with_ldbm_api = gdbm ; then
echo $ac_n "checking for GDBM library""... $ac_c" 1>&6
-echo "configure:18458: checking for GDBM library" >&5
+echo "configure:18463: checking for GDBM library" >&5
if eval "test \"\${ol_cv_lib_gdbm+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ol_LIBS="$LIBS"
echo $ac_n "checking for gdbm_open""... $ac_c" 1>&6
-echo "configure:18464: checking for gdbm_open" >&5
+echo "configure:18469: checking for gdbm_open" >&5
if eval "test \"\${ac_cv_func_gdbm_open+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18469 "configure"
+#line 18474 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char gdbm_open(); below. */
@@ -18489,7 +18494,7 @@ f = gdbm_open;
; return 0; }
EOF
-if { (eval echo configure:18493: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18498: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_gdbm_open=yes"
else
@@ -18508,7 +18513,7 @@ else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for gdbm_open in -lgdbm""... $ac_c" 1>&6
-echo "configure:18512: checking for gdbm_open in -lgdbm" >&5
+echo "configure:18517: checking for gdbm_open in -lgdbm" >&5
ac_lib_var=`echo gdbm'_'gdbm_open | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -18516,7 +18521,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lgdbm $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 18520 "configure"
+#line 18525 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -18527,7 +18532,7 @@ int main() {
gdbm_open()
; return 0; }
EOF
-if { (eval echo configure:18531: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18536: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -18562,17 +18567,17 @@ echo "$ac_t""$ol_cv_lib_gdbm" 1>&6
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:18566: checking for $ac_hdr" >&5
+echo "configure:18571: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18571 "configure"
+#line 18576 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:18576: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:18581: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -18599,7 +18604,7 @@ fi
done
echo $ac_n "checking for db""... $ac_c" 1>&6
-echo "configure:18603: checking for db" >&5
+echo "configure:18608: checking for db" >&5
if eval "test \"\${ol_cv_gdbm+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -18633,18 +18638,18 @@ fi
if test $ol_with_ldbm_api = ndbm ; then
echo $ac_n "checking for NDBM library""... $ac_c" 1>&6
-echo "configure:18637: checking for NDBM library" >&5
+echo "configure:18642: checking for NDBM library" >&5
if eval "test \"\${ol_cv_lib_ndbm+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ol_LIBS="$LIBS"
echo $ac_n "checking for dbm_open""... $ac_c" 1>&6
-echo "configure:18643: checking for dbm_open" >&5
+echo "configure:18648: checking for dbm_open" >&5
if eval "test \"\${ac_cv_func_dbm_open+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18648 "configure"
+#line 18653 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char dbm_open(); below. */
@@ -18668,7 +18673,7 @@ f = dbm_open;
; return 0; }
EOF
-if { (eval echo configure:18672: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18677: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_dbm_open=yes"
else
@@ -18687,7 +18692,7 @@ else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for dbm_open in -lndbm""... $ac_c" 1>&6
-echo "configure:18691: checking for dbm_open in -lndbm" >&5
+echo "configure:18696: checking for dbm_open in -lndbm" >&5
ac_lib_var=`echo ndbm'_'dbm_open | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -18695,7 +18700,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lndbm $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 18699 "configure"
+#line 18704 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -18706,7 +18711,7 @@ int main() {
dbm_open()
; return 0; }
EOF
-if { (eval echo configure:18710: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18715: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -18726,7 +18731,7 @@ else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for dbm_open in -ldbm""... $ac_c" 1>&6
-echo "configure:18730: checking for dbm_open in -ldbm" >&5
+echo "configure:18735: checking for dbm_open in -ldbm" >&5
ac_lib_var=`echo dbm'_'dbm_open | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -18734,7 +18739,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ldbm $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 18738 "configure"
+#line 18743 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -18745,7 +18750,7 @@ int main() {
dbm_open()
; return 0; }
EOF
-if { (eval echo configure:18749: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18754: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -18782,17 +18787,17 @@ echo "$ac_t""$ol_cv_lib_ndbm" 1>&6
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:18786: checking for $ac_hdr" >&5
+echo "configure:18791: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18791 "configure"
+#line 18796 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:18796: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:18801: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -18819,7 +18824,7 @@ fi
done
echo $ac_n "checking for db""... $ac_c" 1>&6
-echo "configure:18823: checking for db" >&5
+echo "configure:18828: checking for db" >&5
if eval "test \"\${ol_cv_ndbm+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -18876,17 +18881,17 @@ if test $ol_enable_wrappers != no ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:18880: checking for $ac_hdr" >&5
+echo "configure:18885: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 18885 "configure"
+#line 18890 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:18890: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:18895: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -18908,11 +18913,11 @@ if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
EOF
echo $ac_n "checking for TCP wrappers library""... $ac_c" 1>&6
-echo "configure:18912: checking for TCP wrappers library" >&5
+echo "configure:18917: checking for TCP wrappers library" >&5
save_LIBS="$LIBS"
LIBS="$LIBS -lwrap"
cat > conftest.$ac_ext <<EOF
-#line 18916 "configure"
+#line 18921 "configure"
#include "confdefs.h"
#include <tcpd.h>
@@ -18927,7 +18932,7 @@ hosts_access(req)
; return 0; }
EOF
-if { (eval echo configure:18931: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18936: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
echo "$ac_t""-lwrap" 1>&6
have_wrappers=yes
@@ -18939,7 +18944,7 @@ else
LIBS="$LIBS -lnsl"
cat > conftest.$ac_ext <<EOF
-#line 18943 "configure"
+#line 18948 "configure"
#include "confdefs.h"
#include <tcpd.h>
@@ -18954,7 +18959,7 @@ hosts_access(req)
; return 0; }
EOF
-if { (eval echo configure:18958: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:18963: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
echo "$ac_t""-lwrap -lnsl" 1>&6
have_wrappers=yes
@@ -18994,12 +18999,12 @@ fi
if test $ol_enable_syslog != no ; then
echo $ac_n "checking for openlog""... $ac_c" 1>&6
-echo "configure:18998: checking for openlog" >&5
+echo "configure:19003: checking for openlog" >&5
if eval "test \"\${ac_cv_func_openlog+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19003 "configure"
+#line 19008 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char openlog(); below. */
@@ -19023,7 +19028,7 @@ f = openlog;
; return 0; }
EOF
-if { (eval echo configure:19027: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19032: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_openlog=yes"
else
@@ -19052,7 +19057,7 @@ fi
ol_link_sql=no
if test $ol_enable_sql != no ; then
echo $ac_n "checking for SQLDriverConnect in -liodbc""... $ac_c" 1>&6
-echo "configure:19056: checking for SQLDriverConnect in -liodbc" >&5
+echo "configure:19061: checking for SQLDriverConnect in -liodbc" >&5
ac_lib_var=`echo iodbc'_'SQLDriverConnect | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19060,7 +19065,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-liodbc $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19064 "configure"
+#line 19069 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19071,7 +19076,7 @@ int main() {
SQLDriverConnect()
; return 0; }
EOF
-if { (eval echo configure:19075: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19080: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19096,7 +19101,7 @@ fi
ol_link_sql="-liodbc"
else
echo $ac_n "checking for SQLDriverConnect in -lodbc""... $ac_c" 1>&6
-echo "configure:19100: checking for SQLDriverConnect in -lodbc" >&5
+echo "configure:19105: checking for SQLDriverConnect in -lodbc" >&5
ac_lib_var=`echo odbc'_'SQLDriverConnect | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19104,7 +19109,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lodbc $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19108 "configure"
+#line 19113 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19115,7 +19120,7 @@ int main() {
SQLDriverConnect()
; return 0; }
EOF
-if { (eval echo configure:19119: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19124: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19154,17 +19159,17 @@ for ac_hdr in termcap.h ncurses.h
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:19158: checking for $ac_hdr" >&5
+echo "configure:19163: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19163 "configure"
+#line 19168 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:19168: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:19173: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -19193,7 +19198,7 @@ done
if test $ol_link_termcap = no ; then
echo $ac_n "checking for tputs in -ltermcap""... $ac_c" 1>&6
-echo "configure:19197: checking for tputs in -ltermcap" >&5
+echo "configure:19202: checking for tputs in -ltermcap" >&5
ac_lib_var=`echo termcap'_'tputs | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19201,7 +19206,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-ltermcap $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19205 "configure"
+#line 19210 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19212,7 +19217,7 @@ int main() {
tputs()
; return 0; }
EOF
-if { (eval echo configure:19216: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19221: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19245,7 +19250,7 @@ fi
if test $ol_link_termcap = no ; then
echo $ac_n "checking for initscr in -lncurses""... $ac_c" 1>&6
-echo "configure:19249: checking for initscr in -lncurses" >&5
+echo "configure:19254: checking for initscr in -lncurses" >&5
ac_lib_var=`echo ncurses'_'initscr | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19253,7 +19258,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lncurses $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19257 "configure"
+#line 19262 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19264,7 +19269,7 @@ int main() {
initscr()
; return 0; }
EOF
-if { (eval echo configure:19268: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19273: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19310,17 +19315,17 @@ if test $ol_with_cyrus_sasl != no ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:19314: checking for $ac_hdr" >&5
+echo "configure:19319: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19319 "configure"
+#line 19324 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:19324: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:19329: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -19349,7 +19354,7 @@ done
if test $ac_cv_header_sasl_sasl_h = yes -o $ac_cv_header_sasl_h = yes; then
echo $ac_n "checking for sasl_client_init in -lsasl2""... $ac_c" 1>&6
-echo "configure:19353: checking for sasl_client_init in -lsasl2" >&5
+echo "configure:19358: checking for sasl_client_init in -lsasl2" >&5
ac_lib_var=`echo sasl2'_'sasl_client_init | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19357,7 +19362,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lsasl2 $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19361 "configure"
+#line 19366 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19368,7 +19373,7 @@ int main() {
sasl_client_init()
; return 0; }
EOF
-if { (eval echo configure:19372: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19377: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19387,7 +19392,7 @@ if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for sasl_client_init in -lsasl""... $ac_c" 1>&6
-echo "configure:19391: checking for sasl_client_init in -lsasl" >&5
+echo "configure:19396: checking for sasl_client_init in -lsasl" >&5
ac_lib_var=`echo sasl'_'sasl_client_init | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19395,7 +19400,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lsasl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19399 "configure"
+#line 19404 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19406,7 +19411,7 @@ int main() {
sasl_client_init()
; return 0; }
EOF
-if { (eval echo configure:19410: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19415: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19441,6 +19446,52 @@ fi
fi
fi
else
+ echo $ac_n "checking Cyrus SASL library version""... $ac_c" 1>&6
+echo "configure:19451: checking Cyrus SASL library version" >&5
+if eval "test \"\${ol_cv_sasl_compat+set}\" = set"; then
+ echo $ac_n "(cached) $ac_c" 1>&6
+else
+
+ cat > conftest.$ac_ext <<EOF
+#line 19457 "configure"
+#include "confdefs.h"
+
+#ifdef HAVE_SASL_SASL_H
+#include <sasl/sasl.h>
+#else
+#include <sasl.h>
+#endif
+
+/* require 2.1.3 or later */
+#if SASL_VERSION_MAJOR == 1 && SASL_VERSION_MINOR >= 5
+ char *__sasl_compat = "1.5.x okay";
+#elif SASL_VERSION_MAJOR == 2 && SASL_VERSION_MINOR > 1
+ __sasl_compat "2.2+ or better okay (we guess)";
+#elif SASL_VERSION_MAJOR == 2 && SASL_VERSION_MINOR == 1 \
+ && SASL_VERSION_STEP >=3
+ __sasl_compat = "2.1.3+ or better okay";
+#endif
+
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+ egrep "__sasl_compat" >/dev/null 2>&1; then
+ rm -rf conftest*
+ ol_cv_sasl_compat=yes
+else
+ rm -rf conftest*
+ ol_cv_sasl_compat=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ol_cv_sasl_compat" 1>&6
+
+ if test $ol_cv_sasl_compat = no ; then
+ ol_link_sasl=no
+ { echo "configure: error: Cyrus SASL library located but incompatible" 1>&2; exit 1; }
+ fi
+
cat >> confdefs.h <<\EOF
#define HAVE_CYRUS_SASL 1
EOF
@@ -19485,13 +19536,13 @@ if test $ol_with_fetch != no ; then
ol_LIBS=$LIBS
LIBS="-lfetch -lcom_err $LIBS"
echo $ac_n "checking fetch(3) library""... $ac_c" 1>&6
-echo "configure:19489: checking fetch(3) library" >&5
+echo "configure:19540: checking fetch(3) library" >&5
if eval "test \"\${ol_cv_lib_fetch+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19495 "configure"
+#line 19546 "configure"
#include "confdefs.h"
#include <sys/param.h>
@@ -19501,7 +19552,7 @@ int main() {
struct url *u = fetchParseURL("file:///");
; return 0; }
EOF
-if { (eval echo configure:19505: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19556: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_lib_fetch=yes
else
@@ -19539,17 +19590,17 @@ if test $ol_with_readline != no ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:19543: checking for $ac_hdr" >&5
+echo "configure:19594: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19548 "configure"
+#line 19599 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:19553: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:19604: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -19580,7 +19631,7 @@ done
save_LIBS="$LIBS"
LIBS="$TERMCAP_LIBS $LIBS"
echo $ac_n "checking for readline in -lreadline""... $ac_c" 1>&6
-echo "configure:19584: checking for readline in -lreadline" >&5
+echo "configure:19635: checking for readline in -lreadline" >&5
ac_lib_var=`echo readline'_'readline | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19588,7 +19639,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lreadline $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19592 "configure"
+#line 19643 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19599,7 +19650,7 @@ int main() {
readline()
; return 0; }
EOF
-if { (eval echo configure:19603: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19654: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19641,12 +19692,12 @@ fi
if test $ol_enable_crypt != no ; then
echo $ac_n "checking for crypt""... $ac_c" 1>&6
-echo "configure:19645: checking for crypt" >&5
+echo "configure:19696: checking for crypt" >&5
if eval "test \"\${ac_cv_func_crypt+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19650 "configure"
+#line 19701 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char crypt(); below. */
@@ -19670,7 +19721,7 @@ f = crypt;
; return 0; }
EOF
-if { (eval echo configure:19674: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19725: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_crypt=yes"
else
@@ -19689,7 +19740,7 @@ else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for crypt in -lcrypt""... $ac_c" 1>&6
-echo "configure:19693: checking for crypt in -lcrypt" >&5
+echo "configure:19744: checking for crypt in -lcrypt" >&5
ac_lib_var=`echo crypt'_'crypt | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19697,7 +19748,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lcrypt $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19701 "configure"
+#line 19752 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19708,7 +19759,7 @@ int main() {
crypt()
; return 0; }
EOF
-if { (eval echo configure:19712: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19763: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19751,12 +19802,12 @@ fi
if test $ol_enable_proctitle != no ; then
echo $ac_n "checking for setproctitle""... $ac_c" 1>&6
-echo "configure:19755: checking for setproctitle" >&5
+echo "configure:19806: checking for setproctitle" >&5
if eval "test \"\${ac_cv_func_setproctitle+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19760 "configure"
+#line 19811 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char setproctitle(); below. */
@@ -19780,7 +19831,7 @@ f = setproctitle;
; return 0; }
EOF
-if { (eval echo configure:19784: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19835: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_setproctitle=yes"
else
@@ -19799,7 +19850,7 @@ else
echo "$ac_t""no" 1>&6
echo $ac_n "checking for setproctitle in -lutil""... $ac_c" 1>&6
-echo "configure:19803: checking for setproctitle in -lutil" >&5
+echo "configure:19854: checking for setproctitle in -lutil" >&5
ac_lib_var=`echo util'_'setproctitle | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19807,7 +19858,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lutil $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19811 "configure"
+#line 19862 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19818,7 +19869,7 @@ int main() {
setproctitle()
; return 0; }
EOF
-if { (eval echo configure:19822: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19873: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19858,17 +19909,17 @@ if test $ol_enable_slp != no ; then
do
ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
-echo "configure:19862: checking for $ac_hdr" >&5
+echo "configure:19913: checking for $ac_hdr" >&5
if eval "test \"\${ac_cv_header_$ac_safe+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19867 "configure"
+#line 19918 "configure"
#include "confdefs.h"
#include <$ac_hdr>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:19872: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:19923: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -19897,7 +19948,7 @@ done
if test $ac_cv_header_slp_h = yes ; then
echo $ac_n "checking for SLPOpen in -lslp""... $ac_c" 1>&6
-echo "configure:19901: checking for SLPOpen in -lslp" >&5
+echo "configure:19952: checking for SLPOpen in -lslp" >&5
ac_lib_var=`echo slp'_'SLPOpen | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -19905,7 +19956,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lslp $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 19909 "configure"
+#line 19960 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -19916,7 +19967,7 @@ int main() {
SLPOpen()
; return 0; }
EOF
-if { (eval echo configure:19920: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:19971: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -19951,12 +20002,12 @@ EOF
fi
echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
-echo "configure:19955: checking for ANSI C header files" >&5
+echo "configure:20006: checking for ANSI C header files" >&5
if eval "test \"\${ac_cv_header_stdc+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 19960 "configure"
+#line 20011 "configure"
#include "confdefs.h"
#include <stdlib.h>
#include <stdarg.h>
@@ -19964,7 +20015,7 @@ else
#include <float.h>
EOF
ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
-{ (eval echo configure:19968: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+{ (eval echo configure:20019: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
if test -z "$ac_err"; then
rm -rf conftest*
@@ -19981,7 +20032,7 @@ rm -f conftest*
if test $ac_cv_header_stdc = yes; then
# SunOS 4.x string.h does not declare mem*, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 19985 "configure"
+#line 20036 "configure"
#include "confdefs.h"
#include <string.h>
EOF
@@ -19999,7 +20050,7 @@ fi
if test $ac_cv_header_stdc = yes; then
# ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
cat > conftest.$ac_ext <<EOF
-#line 20003 "configure"
+#line 20054 "configure"
#include "confdefs.h"
#include <stdlib.h>
EOF
@@ -20020,7 +20071,7 @@ if test "$cross_compiling" = yes; then
:
else
cat > conftest.$ac_ext <<EOF
-#line 20024 "configure"
+#line 20075 "configure"
#include "confdefs.h"
#include <ctype.h>
#if ((' ' & 0x0FF) == 0x020)
@@ -20038,7 +20089,7 @@ if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
exit (0); }
EOF
-if { (eval echo configure:20042: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:20093: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
:
else
@@ -20062,12 +20113,12 @@ EOF
fi
echo $ac_n "checking for mode_t""... $ac_c" 1>&6
-echo "configure:20066: checking for mode_t" >&5
+echo "configure:20117: checking for mode_t" >&5
if eval "test \"\${ac_cv_type_mode_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20071 "configure"
+#line 20122 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -20098,12 +20149,12 @@ EOF
fi
echo $ac_n "checking for off_t""... $ac_c" 1>&6
-echo "configure:20102: checking for off_t" >&5
+echo "configure:20153: checking for off_t" >&5
if eval "test \"\${ac_cv_type_off_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20107 "configure"
+#line 20158 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -20134,12 +20185,12 @@ EOF
fi
echo $ac_n "checking for pid_t""... $ac_c" 1>&6
-echo "configure:20138: checking for pid_t" >&5
+echo "configure:20189: checking for pid_t" >&5
if eval "test \"\${ac_cv_type_pid_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20143 "configure"
+#line 20194 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -20170,19 +20221,19 @@ EOF
fi
echo $ac_n "checking for ptrdiff_t""... $ac_c" 1>&6
-echo "configure:20174: checking for ptrdiff_t" >&5
+echo "configure:20225: checking for ptrdiff_t" >&5
if eval "test \"\${am_cv_type_ptrdiff_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20179 "configure"
+#line 20230 "configure"
#include "confdefs.h"
#include <stddef.h>
int main() {
ptrdiff_t p
; return 0; }
EOF
-if { (eval echo configure:20186: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20237: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
am_cv_type_ptrdiff_t=yes
else
@@ -20203,12 +20254,12 @@ EOF
fi
echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6
-echo "configure:20207: checking return type of signal handlers" >&5
+echo "configure:20258: checking return type of signal handlers" >&5
if eval "test \"\${ac_cv_type_signal+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20212 "configure"
+#line 20263 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <signal.h>
@@ -20225,7 +20276,7 @@ int main() {
int i;
; return 0; }
EOF
-if { (eval echo configure:20229: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20280: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_type_signal=void
else
@@ -20244,12 +20295,12 @@ EOF
echo $ac_n "checking for size_t""... $ac_c" 1>&6
-echo "configure:20248: checking for size_t" >&5
+echo "configure:20299: checking for size_t" >&5
if eval "test \"\${ac_cv_type_size_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20253 "configure"
+#line 20304 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -20281,12 +20332,12 @@ fi
echo $ac_n "checking for ssize_t""... $ac_c" 1>&6
-echo "configure:20285: checking for ssize_t" >&5
+echo "configure:20336: checking for ssize_t" >&5
if eval "test \"\${ac_cv_type_ssize_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20290 "configure"
+#line 20341 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -20317,12 +20368,12 @@ EOF
fi
echo $ac_n "checking for caddr_t""... $ac_c" 1>&6
-echo "configure:20321: checking for caddr_t" >&5
+echo "configure:20372: checking for caddr_t" >&5
if eval "test \"\${ac_cv_type_caddr_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20326 "configure"
+#line 20377 "configure"
#include "confdefs.h"
#include <sys/types.h>
#if STDC_HEADERS
@@ -20354,12 +20405,12 @@ fi
echo $ac_n "checking for socklen_t""... $ac_c" 1>&6
-echo "configure:20358: checking for socklen_t" >&5
+echo "configure:20409: checking for socklen_t" >&5
if eval "test \"\${ol_cv_type_socklen_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20363 "configure"
+#line 20414 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_TYPES_H
@@ -20373,7 +20424,7 @@ int main() {
socklen_t len;
; return 0; }
EOF
-if { (eval echo configure:20377: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20428: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_type_socklen_t=yes
else
@@ -20394,12 +20445,12 @@ EOF
fi
echo $ac_n "checking for member st_blksize in aggregate type struct stat""... $ac_c" 1>&6
-echo "configure:20398: checking for member st_blksize in aggregate type struct stat" >&5
+echo "configure:20449: checking for member st_blksize in aggregate type struct stat" >&5
if eval "test \"\${ac_cv_c_struct_member_st_blksize+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20403 "configure"
+#line 20454 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/stat.h>
@@ -20407,7 +20458,7 @@ int main() {
struct stat foo; foo.st_blksize;
; return 0; }
EOF
-if { (eval echo configure:20411: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20462: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_c_struct_member_st_blksize=yes
else
@@ -20429,12 +20480,12 @@ EOF
fi
echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6
-echo "configure:20433: checking whether time.h and sys/time.h may both be included" >&5
+echo "configure:20484: checking whether time.h and sys/time.h may both be included" >&5
if eval "test \"\${ac_cv_header_time+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20438 "configure"
+#line 20489 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/time.h>
@@ -20443,7 +20494,7 @@ int main() {
struct tm *tp;
; return 0; }
EOF
-if { (eval echo configure:20447: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20498: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_header_time=yes
else
@@ -20464,12 +20515,12 @@ EOF
fi
echo $ac_n "checking whether struct tm is in sys/time.h or time.h""... $ac_c" 1>&6
-echo "configure:20468: checking whether struct tm is in sys/time.h or time.h" >&5
+echo "configure:20519: checking whether struct tm is in sys/time.h or time.h" >&5
if eval "test \"\${ac_cv_struct_tm+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20473 "configure"
+#line 20524 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <time.h>
@@ -20477,7 +20528,7 @@ int main() {
struct tm *tp; tp->tm_sec;
; return 0; }
EOF
-if { (eval echo configure:20481: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20532: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_struct_tm=time.h
else
@@ -20498,12 +20549,12 @@ EOF
fi
echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6
-echo "configure:20502: checking for uid_t in sys/types.h" >&5
+echo "configure:20553: checking for uid_t in sys/types.h" >&5
if eval "test \"\${ac_cv_type_uid_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20507 "configure"
+#line 20558 "configure"
#include "confdefs.h"
#include <sys/types.h>
EOF
@@ -20532,19 +20583,19 @@ EOF
fi
echo $ac_n "checking for sig_atomic_t""... $ac_c" 1>&6
-echo "configure:20536: checking for sig_atomic_t" >&5
+echo "configure:20587: checking for sig_atomic_t" >&5
if eval "test \"\${ol_cv_type_sig_atomic_t+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20541 "configure"
+#line 20592 "configure"
#include "confdefs.h"
#include <signal.h>
int main() {
sig_atomic_t atomic;
; return 0; }
EOF
-if { (eval echo configure:20548: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20599: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_type_sig_atomic_t=yes
else
@@ -20568,13 +20619,13 @@ EOF
# test for pw_gecos in struct passwd
echo $ac_n "checking struct passwd for pw_gecos""... $ac_c" 1>&6
-echo "configure:20572: checking struct passwd for pw_gecos" >&5
+echo "configure:20623: checking struct passwd for pw_gecos" >&5
if eval "test \"\${ol_cv_struct_passwd_pw_gecos+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20578 "configure"
+#line 20629 "configure"
#include "confdefs.h"
#include <pwd.h>
int main() {
@@ -20584,7 +20635,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:20588: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20639: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_struct_passwd_pw_gecos=yes
else
@@ -20606,13 +20657,13 @@ fi
# test for pw_passwd in struct passwd
echo $ac_n "checking struct passwd for pw_passwd""... $ac_c" 1>&6
-echo "configure:20610: checking struct passwd for pw_passwd" >&5
+echo "configure:20661: checking struct passwd for pw_passwd" >&5
if eval "test \"\${ol_cv_struct_passwd_pw_passwd+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20616 "configure"
+#line 20667 "configure"
#include "confdefs.h"
#include <pwd.h>
int main() {
@@ -20622,7 +20673,7 @@ int main() {
; return 0; }
EOF
-if { (eval echo configure:20626: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20677: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_struct_passwd_pw_passwd=yes
else
@@ -20644,7 +20695,7 @@ fi
echo $ac_n "checking if toupper() requires islower()""... $ac_c" 1>&6
-echo "configure:20648: checking if toupper() requires islower()" >&5
+echo "configure:20699: checking if toupper() requires islower()" >&5
if eval "test \"\${ol_cv_c_upper_lower+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -20653,7 +20704,7 @@ else
ol_cv_c_upper_lower=safe
else
cat > conftest.$ac_ext <<EOF
-#line 20657 "configure"
+#line 20708 "configure"
#include "confdefs.h"
#include <ctype.h>
@@ -20665,7 +20716,7 @@ main()
exit(1);
}
EOF
-if { (eval echo configure:20669: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:20720: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ol_cv_c_upper_lower=no
else
@@ -20688,12 +20739,12 @@ EOF
fi
echo $ac_n "checking for working const""... $ac_c" 1>&6
-echo "configure:20692: checking for working const" >&5
+echo "configure:20743: checking for working const" >&5
if eval "test \"\${ac_cv_c_const+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20697 "configure"
+#line 20748 "configure"
#include "confdefs.h"
int main() {
@@ -20742,7 +20793,7 @@ ccp = (char const *const *) p;
; return 0; }
EOF
-if { (eval echo configure:20746: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20797: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_c_const=yes
else
@@ -20763,12 +20814,12 @@ EOF
fi
echo $ac_n "checking if compiler understands volatile""... $ac_c" 1>&6
-echo "configure:20767: checking if compiler understands volatile" >&5
+echo "configure:20818: checking if compiler understands volatile" >&5
if eval "test \"\${ol_cv_c_volatile+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 20772 "configure"
+#line 20823 "configure"
#include "confdefs.h"
int x, y, z;
int main() {
@@ -20777,7 +20828,7 @@ volatile int a; int * volatile b = x ? &y : &z;
*b = 0;
; return 0; }
EOF
-if { (eval echo configure:20781: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20832: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_c_volatile=yes
else
@@ -20807,14 +20858,14 @@ EOF
else
echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6
-echo "configure:20811: checking whether byte ordering is bigendian" >&5
+echo "configure:20862: checking whether byte ordering is bigendian" >&5
if eval "test \"\${ac_cv_c_bigendian+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
ac_cv_c_bigendian=unknown
# See if sys/param.h defines the BYTE_ORDER macro.
cat > conftest.$ac_ext <<EOF
-#line 20818 "configure"
+#line 20869 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/param.h>
@@ -20825,11 +20876,11 @@ int main() {
#endif
; return 0; }
EOF
-if { (eval echo configure:20829: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20880: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
# It does; now see whether it defined to BIG_ENDIAN or not.
cat > conftest.$ac_ext <<EOF
-#line 20833 "configure"
+#line 20884 "configure"
#include "confdefs.h"
#include <sys/types.h>
#include <sys/param.h>
@@ -20840,7 +20891,7 @@ int main() {
#endif
; return 0; }
EOF
-if { (eval echo configure:20844: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20895: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_c_bigendian=yes
else
@@ -20860,7 +20911,7 @@ if test "$cross_compiling" = yes; then
{ echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; }
else
cat > conftest.$ac_ext <<EOF
-#line 20864 "configure"
+#line 20915 "configure"
#include "confdefs.h"
main () {
/* Are we little or big endian? From Harbison&Steele. */
@@ -20873,7 +20924,7 @@ main () {
exit (u.c[sizeof (long) - 1] == 1);
}
EOF
-if { (eval echo configure:20877: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:20928: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_c_bigendian=no
else
@@ -20899,13 +20950,13 @@ fi
fi
echo $ac_n "checking size of short""... $ac_c" 1>&6
-echo "configure:20903: checking size of short" >&5
+echo "configure:20954: checking size of short" >&5
if eval "test \"\${ac_cv_sizeof_short+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
for ac_size in 4 8 1 2 16 ; do # List sizes in rough order of prevalence.
cat > conftest.$ac_ext <<EOF
-#line 20909 "configure"
+#line 20960 "configure"
#include "confdefs.h"
#include "confdefs.h"
#include <sys/types.h>
@@ -20915,7 +20966,7 @@ int main() {
switch (0) case 0: case (sizeof (short) == $ac_size):;
; return 0; }
EOF
-if { (eval echo configure:20919: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:20970: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_sizeof_short=$ac_size
else
@@ -20938,13 +20989,13 @@ EOF
echo $ac_n "checking size of int""... $ac_c" 1>&6
-echo "configure:20942: checking size of int" >&5
+echo "configure:20993: checking size of int" >&5
if eval "test \"\${ac_cv_sizeof_int+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
for ac_size in 4 8 1 2 16 ; do # List sizes in rough order of prevalence.
cat > conftest.$ac_ext <<EOF
-#line 20948 "configure"
+#line 20999 "configure"
#include "confdefs.h"
#include "confdefs.h"
#include <sys/types.h>
@@ -20954,7 +21005,7 @@ int main() {
switch (0) case 0: case (sizeof (int) == $ac_size):;
; return 0; }
EOF
-if { (eval echo configure:20958: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:21009: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_sizeof_int=$ac_size
else
@@ -20977,13 +21028,13 @@ EOF
echo $ac_n "checking size of long""... $ac_c" 1>&6
-echo "configure:20981: checking size of long" >&5
+echo "configure:21032: checking size of long" >&5
if eval "test \"\${ac_cv_sizeof_long+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
for ac_size in 4 8 1 2 16 ; do # List sizes in rough order of prevalence.
cat > conftest.$ac_ext <<EOF
-#line 20987 "configure"
+#line 21038 "configure"
#include "confdefs.h"
#include "confdefs.h"
#include <sys/types.h>
@@ -20993,7 +21044,7 @@ int main() {
switch (0) case 0: case (sizeof (long) == $ac_size):;
; return 0; }
EOF
-if { (eval echo configure:20997: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:21048: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ac_cv_sizeof_long=$ac_size
else
@@ -21044,7 +21095,7 @@ EOF
echo $ac_n "checking for 8-bit clean memcmp""... $ac_c" 1>&6
-echo "configure:21048: checking for 8-bit clean memcmp" >&5
+echo "configure:21099: checking for 8-bit clean memcmp" >&5
if eval "test \"\${ac_cv_func_memcmp_clean+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
@@ -21052,7 +21103,7 @@ else
ac_cv_func_memcmp_clean=no
else
cat > conftest.$ac_ext <<EOF
-#line 21056 "configure"
+#line 21107 "configure"
#include "confdefs.h"
main()
@@ -21062,7 +21113,7 @@ main()
}
EOF
-if { (eval echo configure:21066: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+if { (eval echo configure:21117: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
then
ac_cv_func_memcmp_clean=yes
else
@@ -21080,12 +21131,12 @@ echo "$ac_t""$ac_cv_func_memcmp_clean" 1>&6
test $ac_cv_func_memcmp_clean = no && LIBOBJS="$LIBOBJS memcmp.${ac_objext}"
echo $ac_n "checking for strftime""... $ac_c" 1>&6
-echo "configure:21084: checking for strftime" >&5
+echo "configure:21135: checking for strftime" >&5
if eval "test \"\${ac_cv_func_strftime+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21089 "configure"
+#line 21140 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char strftime(); below. */
@@ -21109,7 +21160,7 @@ f = strftime;
; return 0; }
EOF
-if { (eval echo configure:21113: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21164: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_strftime=yes"
else
@@ -21131,7 +21182,7 @@ else
echo "$ac_t""no" 1>&6
# strftime is in -lintl on SCO UNIX.
echo $ac_n "checking for strftime in -lintl""... $ac_c" 1>&6
-echo "configure:21135: checking for strftime in -lintl" >&5
+echo "configure:21186: checking for strftime in -lintl" >&5
ac_lib_var=`echo intl'_'strftime | sed 'y%./+-:%__p__%'`
if eval "test \"\${ac_cv_lib_$ac_lib_var+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
@@ -21139,7 +21190,7 @@ else
ac_save_LIBS="$LIBS"
LIBS="-lintl $LIBS"
cat > conftest.$ac_ext <<EOF
-#line 21143 "configure"
+#line 21194 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
@@ -21150,7 +21201,7 @@ int main() {
strftime()
; return 0; }
EOF
-if { (eval echo configure:21154: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21205: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_lib_$ac_lib_var=yes"
else
@@ -21178,12 +21229,12 @@ fi
echo $ac_n "checking for inet_aton()""... $ac_c" 1>&6
-echo "configure:21182: checking for inet_aton()" >&5
+echo "configure:21233: checking for inet_aton()" >&5
if eval "test \"\${ol_cv_func_inet_aton+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21187 "configure"
+#line 21238 "configure"
#include "confdefs.h"
#ifdef HAVE_SYS_TYPES_H
@@ -21205,7 +21256,7 @@ struct in_addr in;
int rc = inet_aton( "255.255.255.255", &in );
; return 0; }
EOF
-if { (eval echo configure:21209: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21260: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_func_inet_aton=yes
else
@@ -21227,12 +21278,12 @@ EOF
echo $ac_n "checking for _spawnlp""... $ac_c" 1>&6
-echo "configure:21231: checking for _spawnlp" >&5
+echo "configure:21282: checking for _spawnlp" >&5
if eval "test \"\${ac_cv_func__spawnlp+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21236 "configure"
+#line 21287 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char _spawnlp(); below. */
@@ -21256,7 +21307,7 @@ f = _spawnlp;
; return 0; }
EOF
-if { (eval echo configure:21260: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21311: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func__spawnlp=yes"
else
@@ -21280,12 +21331,12 @@ fi
echo $ac_n "checking for _snprintf""... $ac_c" 1>&6
-echo "configure:21284: checking for _snprintf" >&5
+echo "configure:21335: checking for _snprintf" >&5
if eval "test \"\${ac_cv_func__snprintf+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21289 "configure"
+#line 21340 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char _snprintf(); below. */
@@ -21309,7 +21360,7 @@ f = _snprintf;
; return 0; }
EOF
-if { (eval echo configure:21313: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21364: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func__snprintf=yes"
else
@@ -21335,12 +21386,12 @@ fi
echo $ac_n "checking for _vsnprintf""... $ac_c" 1>&6
-echo "configure:21339: checking for _vsnprintf" >&5
+echo "configure:21390: checking for _vsnprintf" >&5
if eval "test \"\${ac_cv_func__vsnprintf+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21344 "configure"
+#line 21395 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char _vsnprintf(); below. */
@@ -21364,7 +21415,7 @@ f = _vsnprintf;
; return 0; }
EOF
-if { (eval echo configure:21368: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21419: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func__vsnprintf=yes"
else
@@ -21390,12 +21441,12 @@ fi
echo $ac_n "checking for vprintf""... $ac_c" 1>&6
-echo "configure:21394: checking for vprintf" >&5
+echo "configure:21445: checking for vprintf" >&5
if eval "test \"\${ac_cv_func_vprintf+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21399 "configure"
+#line 21450 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char vprintf(); below. */
@@ -21419,7 +21470,7 @@ f = vprintf;
; return 0; }
EOF
-if { (eval echo configure:21423: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21474: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_vprintf=yes"
else
@@ -21443,12 +21494,12 @@ fi
if test "$ac_cv_func_vprintf" != yes; then
echo $ac_n "checking for _doprnt""... $ac_c" 1>&6
-echo "configure:21447: checking for _doprnt" >&5
+echo "configure:21498: checking for _doprnt" >&5
if eval "test \"\${ac_cv_func__doprnt+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21452 "configure"
+#line 21503 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char _doprnt(); below. */
@@ -21472,7 +21523,7 @@ f = _doprnt;
; return 0; }
EOF
-if { (eval echo configure:21476: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21527: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func__doprnt=yes"
else
@@ -21501,12 +21552,12 @@ if test $ac_cv_func_vprintf = yes ; then
for ac_func in vsnprintf vsprintf
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:21505: checking for $ac_func" >&5
+echo "configure:21556: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21510 "configure"
+#line 21561 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -21530,7 +21581,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:21534: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21585: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -21583,6 +21634,7 @@ for ac_func in \
read \
recv \
recvfrom \
+ recvmsg \
setpwfile \
setgid \
setegid \
@@ -21611,12 +21663,12 @@ for ac_func in \
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:21615: checking for $ac_func" >&5
+echo "configure:21667: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21620 "configure"
+#line 21672 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -21640,7 +21692,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:21644: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21696: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -21668,12 +21720,12 @@ done
for ac_func in getopt
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
-echo "configure:21672: checking for $ac_func" >&5
+echo "configure:21724: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21677 "configure"
+#line 21729 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
@@ -21697,7 +21749,7 @@ f = $ac_func;
; return 0; }
EOF
-if { (eval echo configure:21701: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21753: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
@@ -21730,13 +21782,13 @@ fi
# Check Configuration
echo $ac_n "checking declaration of sys_errlist""... $ac_c" 1>&6
-echo "configure:21734: checking declaration of sys_errlist" >&5
+echo "configure:21786: checking declaration of sys_errlist" >&5
if eval "test \"\${ol_cv_dcl_sys_errlist+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21740 "configure"
+#line 21792 "configure"
#include "confdefs.h"
#include <stdio.h>
@@ -21749,7 +21801,7 @@ int main() {
char *c = (char *) *sys_errlist
; return 0; }
EOF
-if { (eval echo configure:21753: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+if { (eval echo configure:21805: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_dcl_sys_errlist=yes
ol_cv_have_sys_errlist=yes
@@ -21772,20 +21824,20 @@ EOF
echo $ac_n "checking existence of sys_errlist""... $ac_c" 1>&6
-echo "configure:21776: checking existence of sys_errlist" >&5
+echo "configure:21828: checking existence of sys_errlist" >&5
if eval "test \"\${ol_cv_have_sys_errlist+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
-#line 21782 "configure"
+#line 21834 "configure"
#include "confdefs.h"
#include <errno.h>
int main() {
char *c = (char *) *sys_errlist
; return 0; }
EOF
-if { (eval echo configure:21789: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+if { (eval echo configure:21841: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_have_sys_errlist=yes
else
@@ -21922,7 +21974,6 @@ EOF
BUILD_BDB=mod
BUILD_BDB_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-bdb/back_bdb.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-bdb"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-bdb"
@@ -21943,7 +21994,6 @@ EOF
BUILD_DNSSRV=mod
BUILD_DNSSRV_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-dnssrv/back_dnssrv.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-dnssrv"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-dnssrv"
@@ -21964,7 +22014,6 @@ EOF
BUILD_LDAP=mod
BUILD_LDAP_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-ldap/back_ldap.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-ldap"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-ldap"
@@ -21986,7 +22035,6 @@ EOF
BUILD_LDBM=mod
BUILD_LDBM_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-ldbm/back_ldbm.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-ldbm"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-ldbm"
@@ -22006,6 +22054,8 @@ EOF
BUILD_SLAPD=yes
BUILD_META=yes
+ BUILD_LDAP=yes
+ BUILD_REWRITE=yes
if test "$ol_with_meta_module" != static ; then
cat >> confdefs.h <<\EOF
#define SLAPD_META_DYNAMIC 1
@@ -22013,7 +22063,6 @@ EOF
BUILD_META=mod
BUILD_META_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-meta/back_meta.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-meta"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-meta"
@@ -22034,7 +22083,6 @@ EOF
BUILD_MONITOR=mod
BUILD_MONITOR_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-monitor/back_monitor.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-monitor"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-monitor"
@@ -22055,7 +22103,6 @@ EOF
BUILD_NULL=mod
BUILD_NULL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-null/back_null.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-null"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-null"
@@ -22076,7 +22123,6 @@ EOF
BUILD_PASSWD=mod
BUILD_PASSWD_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-passwd/back_passwd.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-passwd"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-passwd"
@@ -22097,7 +22143,6 @@ EOF
BUILD_PERL=mod
BUILD_PERL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-perl/back_perl.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-perl"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-perl"
@@ -22118,7 +22163,6 @@ EOF
BUILD_SHELL=mod
BUILD_SHELL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-shell/back_shell.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-shell"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-shell"
@@ -22139,7 +22183,6 @@ EOF
BUILD_SQL=mod
BUILD_SQL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-sql/back_sql.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-sql"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-sql"
@@ -22164,7 +22207,6 @@ fi
if test "$ac_cv_mingw32" = yes ; then
PLAT=NT
SLAPD_MODULES_LDFLAGS=
- SLAPD_MODULES_LIST=
else
PLAT=UNIX
fi
@@ -22232,7 +22274,6 @@ fi
-
# Check whether --with-xxinstall or --without-xxinstall was given.
@@ -22463,7 +22504,6 @@ s%@LUTIL_LIBS@%$LUTIL_LIBS%g
s%@WRAP_LIBS@%$WRAP_LIBS%g
s%@SLAPD_MODULES_CPPFLAGS@%$SLAPD_MODULES_CPPFLAGS%g
s%@SLAPD_MODULES_LDFLAGS@%$SLAPD_MODULES_LDFLAGS%g
-s%@SLAPD_MODULES_LIST@%$SLAPD_MODULES_LIST%g
s%@SLAPD_STATIC_BACKENDS@%$SLAPD_STATIC_BACKENDS%g
s%@SLAPD_DYNAMIC_BACKENDS@%$SLAPD_DYNAMIC_BACKENDS%g
s%@PERL_CPPFLAGS@%$PERL_CPPFLAGS%g
diff --git a/configure.in b/configure.in
index e5a2602fe1..788050637b 100644
--- a/configure.in
+++ b/configure.in
@@ -526,7 +526,6 @@ BUILD_SQL_DYNAMIC=static
SLAPD_MODULES_LDFLAGS=
SLAPD_MODULES_CPPFLAGS=
-SLAPD_MODULES_LIST=
SLAPD_STATIC_BACKENDS=
SLAPD_DYNAMIC_BACKENDS=
@@ -611,7 +610,13 @@ dnl The default CFLAGS is empty NOT whatever AC_PROG_CC sets.
dnl (for now, let autoconf sort this out)
dnl CFLAGS=${CFLAGS-""}
-AC_CHECK_PROGS(AR,ar gar,ar)
+if test -z "${AR}"; then
+ AC_CHECK_PROGS(AR,ar gar,missing)
+
+ if test "${AR}" = "missing" ; then
+ AC_MSG_ERROR([Unable to locate ar(1). Check PATH or set AR.])
+ fi
+fi
AC_LIBTOOL_WIN32_DLL
AC_LIBTOOL_DLOPEN
@@ -2129,6 +2134,12 @@ if test $ol_with_cyrus_sasl != no ; then
fi
fi
else
+ OL_SASL_COMPAT
+ if test $ol_cv_sasl_compat = no ; then
+ ol_link_sasl=no
+ AC_MSG_ERROR([Cyrus SASL library located but incompatible])
+ fi
+
AC_DEFINE(HAVE_CYRUS_SASL,1,[define if you have Cyrus SASL])
SASL_LIBS="$ol_link_sasl"
if test $ol_enable_spasswd != no ; then
@@ -2369,6 +2380,7 @@ AC_CHECK_FUNCS( \
read \
recv \
recvfrom \
+ recvmsg \
setpwfile \
setgid \
setegid \
@@ -2478,7 +2490,6 @@ if test "$ol_enable_bdb" != no ; then
[define to support dynamic BDB backend])
BUILD_BDB=mod
BUILD_BDB_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-bdb/back_bdb.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-bdb"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-bdb"
@@ -2494,7 +2505,6 @@ if test "$ol_link_dnssrv" != no ; then
[define to support dynamic DNS SRV backend])
BUILD_DNSSRV=mod
BUILD_DNSSRV_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-dnssrv/back_dnssrv.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-dnssrv"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-dnssrv"
@@ -2510,7 +2520,6 @@ if test "$ol_enable_ldap" != no ; then
[define to support dynamic LDAP backend])
BUILD_LDAP=mod
BUILD_LDAP_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-ldap/back_ldap.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-ldap"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-ldap"
@@ -2527,7 +2536,6 @@ if test "$ol_link_ldbm" != no -a $ol_enable_ldbm != no; then
[define to support dynamic LDBM backend])
BUILD_LDBM=mod
BUILD_LDBM_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-ldbm/back_ldbm.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-ldbm"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-ldbm"
@@ -2544,12 +2552,13 @@ if test "$ol_enable_meta" != no ; then
AC_DEFINE(SLAPD_META,1,[define to support LDAP Metadirectory backend])
BUILD_SLAPD=yes
BUILD_META=yes
+ BUILD_LDAP=yes
+ BUILD_REWRITE=yes
if test "$ol_with_meta_module" != static ; then
AC_DEFINE(SLAPD_META_DYNAMIC,1,
[define to support dynamic LDAP Metadirectory backend])
BUILD_META=mod
BUILD_META_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-meta/back_meta.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-meta"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-meta"
@@ -2565,7 +2574,6 @@ if test "$ol_enable_monitor" != no ; then
[define to support dynamic cn=Monitor backend])
BUILD_MONITOR=mod
BUILD_MONITOR_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-monitor/back_monitor.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-monitor"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-monitor"
@@ -2581,7 +2589,6 @@ if test "$ol_enable_null" != no ; then
[define to support dynamic NULL backend])
BUILD_NULL=mod
BUILD_NULL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-null/back_null.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-null"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-null"
@@ -2597,7 +2604,6 @@ if test "$ol_enable_passwd" != no ; then
[define to support dynamic PASSWD backend])
BUILD_PASSWD=mod
BUILD_PASSWD_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-passwd/back_passwd.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-passwd"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-passwd"
@@ -2613,7 +2619,6 @@ if test "$ol_link_perl" != no ; then
[define to support dynamic PERL backend])
BUILD_PERL=mod
BUILD_PERL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-perl/back_perl.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-perl"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-perl"
@@ -2629,7 +2634,6 @@ if test "$ol_enable_shell" != no ; then
[define to support dynamic SHELL backend])
BUILD_SHELL=mod
BUILD_SHELL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-shell/back_shell.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-shell"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-shell"
@@ -2645,7 +2649,6 @@ if test "$ol_link_sql" != no ; then
[define to support dynamic SQL backend])
BUILD_SQL=mod
BUILD_SQL_DYNAMIC=shared
- SLAPD_MODULES_LIST="$SLAPD_MODULES_LIST -dlopen \$(SLAP_DIR)back-sql/back_sql.la"
SLAPD_DYNAMIC_BACKENDS="$SLAPD_DYNAMIC_BACKENDS back-sql"
else
SLAPD_STATIC_BACKENDS="$SLAPD_STATIC_BACKENDS back-sql"
@@ -2672,7 +2675,6 @@ dnl
if test "$ac_cv_mingw32" = yes ; then
PLAT=NT
SLAPD_MODULES_LDFLAGS=
- SLAPD_MODULES_LIST=
else
PLAT=UNIX
fi
@@ -2719,7 +2721,6 @@ AC_SUBST(WRAP_LIBS)
AC_SUBST(SLAPD_MODULES_CPPFLAGS)
AC_SUBST(SLAPD_MODULES_LDFLAGS)
-AC_SUBST(SLAPD_MODULES_LIST)
AC_SUBST(SLAPD_STATIC_BACKENDS)
AC_SUBST(SLAPD_DYNAMIC_BACKENDS)
diff --git a/contrib/ldaptcl/ldaperr.tcl b/contrib/ldaptcl/ldaperr.tcl
new file mode 100644
index 0000000000..e9f85683eb
--- /dev/null
+++ b/contrib/ldaptcl/ldaperr.tcl
@@ -0,0 +1,54 @@
+#
+# ldaperr.tcl: scan ldap.h for error return codes for initializing
+# errorCode table.
+#
+
+proc genstrings {path} {
+ set fp [open $path]
+ while {[gets $fp line] != -1 &&
+ ![string match "#define LDAP_SUCCESS*" $line]} { }
+ puts "/* This file automatically generated, hand edit at your own risk! */"
+ puts -nonewline "char *ldaptclerrorcode\[\] = {
+ NULL"
+ while {[gets $fp line] != -1} {
+ if {[clength $line] == 0 || [ctype space $line]} continue
+ if {[string match *typedef* $line]} break
+ if {![string match #define* $line]} continue
+ if {![string match "#define LDAP_*" $line]} continue
+ if {[string match "*LDAP_RANGE*" $line]} continue
+ if {[string match "*LDAP_API_RESULT*" $line]} continue
+ if {[string match {*\\} $line]} {
+ append line [gets $fp]
+ }
+ lassign $line define macro value
+ set ldap_errcode($macro) $value
+ }
+ #parray ldap_errcode
+ foreach i [array names ldap_errcode] {
+ set value $ldap_errcode($i)
+ #puts stderr "checking $value"
+ if [regexp {^[A-Z_]} $value] {
+ if [info exists ldap_errcode($value)] {
+ set value $ldap_errcode($value)
+ set ldap_errcode($i) $value
+ }
+ }
+ set ldap_errname($value) $i
+ }
+ set lasterr 0
+ foreach value [lsort -integer [array names ldap_errname]] {
+ incr lasterr
+ while {$lasterr < $value} {
+ puts -nonewline ",\n\tNULL"
+ incr lasterr
+ }
+ puts -nonewline ",\n\t\"$ldap_errname($value)\""
+ }
+ puts "\n};"
+ puts "#define LDAPTCL_MAXERR\t$value"
+}
+
+#cmdtrace on
+if !$tcl_interactive {
+ genstrings [lindex $argv 0]
+}
diff --git a/doc/man/man1/ldappasswd.1 b/doc/man/man1/ldappasswd.1
new file mode 100644
index 0000000000..a23f875c51
--- /dev/null
+++ b/doc/man/man1/ldappasswd.1
@@ -0,0 +1,170 @@
+.TH LDAPPASSWD 1 "20 August 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.SH NAME
+ldappasswd \- change the password of an LDAP entry
+.SH SYNOPSIS
+.B ldappasswd
+[\c
+.BR \-A ]
+[\c
+.BI \-a \ oldPasswd\fR]
+[\c
+.BR \-C ]
+[\c
+.BI \-D \ binddn\fR]
+[\c
+.BI \-d \ debuglevel\fR]
+[\c
+.BI \-H \ ldapuri\fR]
+[\c
+.BI \-h \ ldaphost\fR]
+[\c
+.BR \-n ]
+[\c
+.BI \-p \ ldapport\fR]
+[\c
+.BR \-S ]
+[\c
+.BI \-s \ newPasswd\fR]
+[\c
+.BR \-v ]
+[\c
+.BR \-W ]
+[\c
+.BI \-w \ passwd\fR]
+[\c
+.BR \-O \ security-properties ]
+[\c
+.BR \-I ]
+[\c
+.BR \-Q ]
+[\c
+.BI \-U \ authcid\fR]
+[\c
+.BR \-x ]
+[\c
+.BI \-X \ authzid\fR]
+[\c
+.BI \-Y \ mech\fR]
+[\c
+.BR \-Z[Z] ]
+[\c
+.IR user ]
+.SH DESCRIPTION
+.B ldappasswd
+is a tool to set the password of an LDAP user.
+.B ldappasswd
+uses the LDAPv3 Password Modify (RFC 3062) extended operation.
+.LP
+.B ldappasswd
+sets the password of associated with the user [or an optionally
+specified
+.IR user ].
+If the new
+password is not specified on the command line and the user
+doesn't enable prompting, the server will be asked to generate
+a password for the user.
+.LP
+.B ldappasswd
+is neither designed nor intended to be a replacement for
+.BR passwd (1)
+and should not be installed as such.
+.SH OPTIONS
+.TP
+.BI \-A
+Prompt for old password.
+This is used instead of specifying the password on the command line.
+.TP
+.BI \-a \ oldPasswd
+Set the old password to \fIoldPasswd\fP.
+.TP
+.B \-C
+Automatically chase referrals.
+.TP
+.B \-x
+Use simple authentication instead of SASL.
+.TP
+.BI \-D \ binddn
+Use the Distinguished Name \fIbinddn\fP to bind to the LDAP directory.
+.TP
+.BI \-d \ debuglevel
+Set the LDAP debugging level to \fIdebuglevel\fP.
+.B ldappasswd
+must be compiled with LDAP_DEBUG defined for this option to have any effect.
+.TP
+.BI \-H \ ldapuri
+Specify URI(s) referring to the ldap server(s).
+.TP
+.BI \-h \ ldaphost
+Specify an alternate host on which the ldap server is running.
+Deprecated in favor of -H.
+.TP
+.BI \-p \ ldapport
+Specify an alternate TCP port where the ldap server is listening.
+Deprecated in favor of -H.
+.TP
+.B \-n
+Do not set password. (Can be useful when used in conjunction with
+.BR \-v \ or
+.BR \-d )
+.TP
+.BI \-S
+Prompt for new password.
+This is used instead of specifying the password on the command line.
+.TP
+.BI \-s \ newPasswd
+Set the new password to \fInewPasswd\fP.
+.TP
+.B \-v
+Increase the verbosity of output. Can be specified multiple times.
+.TP
+.BI \-W
+Prompt for bind password.
+This is used instead of specifying the password on the command line.
+.TP
+.BI \-w \ passwd
+Use \fIpasswd\fP as the password to bind with.
+.TP
+.BI \-O \ security-properties
+Specify SASL security properties.
+.TP
+.B \-I
+Enable SASL Interactive mode. Always prompt. Default is to prompt
+only as needed.
+.TP
+.B \-Q
+Enable SASL Quiet mode. Never prompt.
+.TP
+.BI \-U \ authcid
+Specify the authentication ID for SASL bind. The form of the ID
+depends on the actual SASL mechanism used.
+.TP
+.BI \-X \ authzid
+Specify the requested authorization ID for SASL bind.
+.I authzid
+must be one of the following formats:
+.BI dn: <distinguished name>
+or
+.BI u: <username>\fP.
+.TP
+.BI \-Y \ mech
+Specify the SASL mechanism to be used for authentication. If it's not
+specified, the program will choose the best mechanism the server knows.
+.TP
+.B \-Z[Z]
+Issue StartTLS (Transport Layer Security) extended operation. If you use
+.BR \-ZZ ,
+the command will require the operation to be successful
+.SH SEE ALSO
+.BR ldap_sasl_bind (3),
+.BR ldap_extended_operation (3),
+.BR ldap_start_tls_s (3)
+.SH AUTHOR
+The OpenLDAP Project <http://www.openldap.org/>
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man1/ud.1 b/doc/man/man1/ud.1
index 43284a7f74..c1eb3bc5ca 100644
--- a/doc/man/man1/ud.1
+++ b/doc/man/man1/ud.1
@@ -1,16 +1,21 @@
-.TH UD 1 "18 March 1993" "U-M LDAP LDVERSION"
+.TH UD 1 "20 August 2000" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.UC 6
.SH NAME
-ud \- interactive X.500 Directory Server query program
+ud \- interactive LDAP Directory Server query program
.SH SYNOPSIS
.B ud
-[-Dv] [-s
+[\c
+.BR -Dv ]
+.RB [ -s
.IR server ]
-[-d
+.RB [ -d
.IR debug-mask ]
-[-l
+.RB [ -l
.IR ldap-debug-mask ]
-[-f
+.RB [ -f
.IR file ]
.SH DESCRIPTION
.IR ud
@@ -18,7 +23,7 @@ is used to interogate a directory server via the Lightweight Directory
Access Protocol (LDAP).
.SH OPTIONS
.TP 1i
-.B \-s
+.BI \-s \ server
Used to specify the name of an LDAP server to which
.B ud
should connect. If this
@@ -34,7 +39,7 @@ the name
can be resolved (presumably through the use of a CNAME or A record in the DNS
and the appropriate search path specified in the resolver config file).
.TP 1i
-.B \-d
+.BI \-d \ debug-mask
Sets the
.B ud
debug mask to the value specified.
@@ -42,10 +47,10 @@ Values for the mask can be dumped by using the
.IR \-D
flag.
.TP 1i
-.B \-f
+.BI \-f \ file
Sets the configuration file to the name specified.
.TP 1i
-.B \-l
+.BI \-l \ ldap-debug-mask
Sets the LDAP debug mask to the value specified.
.TP 1i
.B \-v
@@ -56,9 +61,15 @@ command.
.B \-D
Prints out a list of valid ud debug masks.
.SH FILES
-ETCDIR/ud.conf The ud configuration file.
+.TP
+.I ETCDIR/ud.conf
+system-wide ud configuration file
+.TP
+.I $HOME/.udrc
+personal ud configuration file, overriding system file
.SH "SEE ALSO"
.BR ud.conf (5),
+.BR ldap.conf (5),
.BR ldap (3)
.SH DIAGNOSTICS
.B ud
@@ -71,3 +82,8 @@ uses the ldap_perror() routine to print an informative diagnostic.
Too numerous to mention.
.SH AUTHOR
Bryan Beecher, University of Michigan
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/lber-decode.3 b/doc/man/man3/lber-decode.3
index e05fb33c4b..b0ff540d00 100644
--- a/doc/man/man3/lber-decode.3
+++ b/doc/man/man3/lber-decode.3
@@ -1,163 +1,45 @@
-.TH LBER-DECODE 3 "18 November 1994"
+.TH LBER_DECODE 3 "25 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
-ber_get_next, ber_skiptag, ber_peek_tag, ber_scanf, ber_get_int, ber_get_stringb, ber_get_stringa, ber_get_null, ber_get_boolean, ber_get_bitstring, ber_first_element, ber_next_element \- LBER simplified Basic Encoding Rules library routines for decoding
+ber_get_next, ber_skip_tag, ber_peek_tag, ber_scanf, ber_get_int,
+ber_get_enum, ber_get_stringb, ber_get_stringa, ber_get_stringal,
+ber_get_stringbv, ber_get_null, ber_get_boolean, ber_get_bitstring,
+ber_first_element, ber_next_element
+\- LBER simplified Basic Encoding Rules library routines for decoding
.SH SYNOPSIS
-.nf
-.ft B
-#include <lber.h>
-.ft
-.fi
+.B #include <lber.h>
.LP
-.nf
-.ft B
-typedef struct berelement {
- char *ber_buf;
- char *ber_ptr;
- char *ber_end;
- struct seqorset *ber_sos;
- int ber_tag;
- int ber_usertag;
-} BerElement;
-.ft
-.fi
+.BI "ber_tag_t ber_get_next(Sockbuf *" sb ", ber_len_t *" len ", BerElement *" ber ");"
.LP
-.nf
-.ft B
-typedef struct sockbuf {
- int sb_sd;
- BerElement sb_ber;
-} Sockbuf;
-.ft
-.fi
+.BI "ber_tag_t ber_skip_tag(BerElement *" ber ", ber_len_t *" len ");"
.LP
-.nf
-.ft B
-typedef struct berval {
- unsigned long bv_len;
- char *bv_val;
-};
-.ft
-.fi
+.BI "ber_tag_t ber_peek_tag(BerElement *" ber ", ber_len_t *" len ");"
.LP
-.nf
-.ft B
-ber_get_next(sb, len, ber)
-Sockbuf *sb;
-unsigned long \(**len;
-BerElement \(**ber;
-.ft
-.fi
+.BI "ber_tag_t ber_scanf(BerElement *" ber ", const char *" fmt ", ...);"
.LP
-.nf
-.ft B
-ber_skip_tag(ber, len)
-BerElement \(**ber;
-unsigned long \(**len;
-.ft
-.fi
+.BI "ber_tag_t ber_get_int(BerElement *" ber ", ber_int_t *" num ");"
.LP
-.nf
-.ft B
-ber_peek_tag(ber, len)
-BerElement \(**ber;
-unsigned long \(**len;
-.ft
-.fi
+.BI "ber_tag_t ber_get_enum(BerElement *" ber ", ber_int_t *" num ");"
.LP
-.nf
-.ft B
-ber_get_int(ber, num)
-BerElement \(**ber;
-long \(**num;
-.ft
-.fi
+.BI "ber_tag_t ber_get_stringb(BerElement *" ber ", char *" buf ", ber_len_t *" len ");"
.LP
-.nf
-.ft B
-ber_get_stringb(ber, buf, len)
-BerElement \(**ber;
-char \(**buf;
-unsigned long \(**len;
-.ft
-.fi
+.BI "ber_tag_t ber_get_stringa(BerElement *" ber ", char **" buf ");"
.LP
-.nf
-.ft B
-ber_get_stringa(ber, buf)
-BerElement \(**ber;
-char \(***buf;
-.ft
-.fi
+.BI "ber_tag_t ber_get_stringal(BerElement *" ber ", struct berval **" bv ");"
.LP
-.nf
-.ft B
-ber_get_stringal(ber, bv)
-BerElement \(**ber;
-struct berval \(***bv;
-.ft
-.fi
+.BI "ber_tag_t ber_get_stringbv(BerElement *" ber ", struct berval *" bv ", int " alloc ");"
.LP
-.nf
-.ft B
-ber_get_null(ber)
-BerElement \(**ber;
-.ft
-.fi
+.BI "ber_tag_t ber_get_null(BerElement *" ber ");"
.LP
-.nf
-.ft B
-ber_get_boolean(ber, bool)
-BerElement \(**ber;
-int \(**bool;
-.ft
-.fi
+.BI "ber_tag_t ber_get_boolean(BerElement *" ber ", ber_int_t *" bool ");"
.LP
-.nf
-.ft B
-ber_get_bitstringa(ber, buf, blen)
-BerElement \(**ber;
-char \(***buf;
-unsigned long \(**blen;
-.ft
-.fi
+.BI "ber_tag_t ber_get_bitstringa(BerElement *" ber ", char **" buf ", ber_len_t *" blen ");"
.LP
-.nf
-.ft B
-ber_first_element(ber, len, cookie)
-BerElement \(**ber;
-unsigned long \(**len;
-char \(***cookie;
-.ft
-.fi
+.BI "ber_tag_t ber_first_element(BerElement *" ber ", ber_len_t *" len ", char **" cookie ");"
.LP
-.nf
-.ft B
-ber_next_element(ber, len, cookie)
-BerElement \(**ber;
-unsigned long \(**len;
-char \(**cookie;
-.ft
-.fi
-.LP
-.nf
-.ft B
-ber_scanf(ber, fmt [, arg...] )
-BerElement \(**ber;
-char \(**fmt;
-.ft
-.fi
-.LP
-.nf
-.ft B
-ber_bvfree(bv)
-struct berval \(**bv;
-.ft
-.fi
-.LP
-.nf
-.ft B
-ber_bvecfree(bvec)
-struct berval \(***bvec;
+.BI "ber_tag_t ber_next_element(BerElement *" ber ", ber_len_t *" len ", const char *" cookie ");"
.SH DESCRIPTION
.LP
These routines provide a subroutine interface to a simplified
@@ -165,37 +47,47 @@ implementation of the Basic Encoding Rules of ASN.1. The version
of BER these routines support is the one defined for the LDAP
protocol. The encoding rules are the same as BER, except that
only definite form lengths are used, and bitstrings and octet strings
-are always encoded in primitive form. In addition, these lightweight
-BER routines restrict tags and class to fit in a single octet (this
-means the actual tag must be less than 31). When a "tag" is specified
-in the descriptions below, it refers to the tag, class, and primitive
-or constructed bit in the first octet of the encoding. This man page
-describes the decoding routines in the lber library. See lber-encode(3)
+are always encoded in primitive form. This man page
+describes the decoding routines in the lber library. See
+.BR lber-encode (3)
for details on the corresponding encoding routines.
-.LP
-Normally, the only routines that need be called by an application
-are ber_get_next() to get the next BER element and ber_scanf()
-to do the actual decoding. In some cases, ber_peek_tag() may also
-need to be called in normal usage. The other routines are provided for those
-applications that need more control than ber_scanf() provides. In
+Consult
+.BR lber-types (3)
+for information about types, allocators, and deallocators.
+.LP
+Normally, the only routines that need to be called by an application
+are
+.BR ber_get_next ()
+to get the next BER element and
+.BR ber_scanf ()
+to do the actual decoding. In some cases,
+.BR ber_peek_tag ()
+may also need to be called in normal usage. The other routines are
+provided for those applications that need more control than
+.BR ber_scanf ()
+provides. In
general, these routines return the tag of the element decoded, or
--1 if an error occurred.
-.LP
-The ber_get_next() routine is used to read the next BER element from
-the given Sockbuf, \fIsb\fP. A Sockbuf consists of the descriptor
-(usually socket, but a file descriptor works just as well) from which
-to read, and a BerElement structure used
-to maintain a buffer. On the first call, the \fIsb_ber\fP struct should
-be zeroed. It strips off and returns the
-leading tag byte, strips off and returns the length of the
-entire element in \fIlen\fP,
-and sets up \fIber\fP for subsequent calls to ber_scanf() et al to decode
-the element.
-.LP
-The ber_scanf() routine is used to decode a BER element in much the
-same way that scanf(3) works. It reads from \fIber\fP, a pointer to a
-BerElement such as returned by ber_get_next(), interprets the
-bytes according to the format string \fIfmt\fP, and stores the
+LBER_ERROR if an error occurred.
+.LP
+The
+.BR ber_get_next ()
+routine is used to read the next BER element from the given Sockbuf,
+\fIsb\fP. It strips off and returns the leading tag, strips off and
+returns the length of the entire element in \fIlen\fP, and sets up
+\fIber\fP for subsequent calls to
+.BR ber_scanf ()
+et al to decode the element. See
+.BR lber-sockbuf (3)
+for details of the Sockbuf implementation of the \fIsb\fP parameter.
+.LP
+The
+.BR ber_scanf ()
+routine is used to decode a BER element in much the same way that
+.BR scanf (3)
+works. It reads from \fIber\fP, a pointer to a BerElement
+such as returned by
+.BR ber_get_next (),
+interprets the bytes according to the format string \fIfmt\fP, and stores the
results in its additional arguments. The format string contains
conversion specifications which are used to direct the interpretation
of the BER element. The format string can contain the following
@@ -203,97 +95,193 @@ characters.
.RS
.LP
.TP 3
-.SM a
+.B a
Octet string. A char ** should be supplied. Memory is allocated,
filled with the contents of the octet string, null-terminated, and
-returned in the parameter.
+returned in the parameter. The caller should free the returned
+string using
+.BR ber_memfree ().
+.TP
+.B s
+Octet string. A char * buffer should be supplied, followed by a pointer to a
+ber_len_t initialized to the size of the buffer. Upon return, the
+null-terminated octet string is put into the buffer, and the
+ber_len_t is set to the actual size of the octet string.
+.TP
+.B O
+Octet string. A struct ber_val ** should be supplied, which upon
+return points to a dynamically allocated struct berval
+containing the octet string and its length.
+The caller should free the returned structure using
+.BR ber_bvfree ().
+.TP
+.B o
+Octet string. A struct ber_val * should be supplied, which upon
+return contains the dynamically allocated
+octet string and its length. The caller should free the returned octet
+string using
+.BR ber_memfree ().
.TP
-.SM s
-Octet string. A char * buffer should be supplied, followed by a pointer
-to an integer initialized to the size of the buffer. Upon return, the
-null-terminated octet string is put into the buffer, and the integer is
-set to the actual size of the octet string.
+.B m
+Octet string. A struct ber_val * should be supplied, which upon return
+contains the octet string and its length. The string resides in memory
+assigned to the BerElement, and must not be freed by the caller.
.TP
-.SM O
-Octet string. A struct ber_val ** should be supplied, which upon return
-points to a malloced struct berval containing the octet string and its
-length. ber_bvfree() can be called to free the malloced memory.
+.B b
+Boolean. A pointer to a ber_int_t should be supplied.
.TP
-.SM b
-Boolean. A pointer to an integer should be supplied.
+.B e
+Enumeration. A pointer to a ber_int_t should be supplied.
.TP
-.SM i
-Integer. A pointer to an integer should be supplied.
+.B i
+Integer. A pointer to a ber_int_t should be supplied.
.TP
-.SM B
-Bitstring. A char ** should be supplied which will point to the malloced
-bits, followed by an unsigned long *, which will point to the length
+.B B
+Bitstring. A char ** should be supplied which will point to the
+dynamically allocated
+bits, followed by a ber_len_t *, which will point to the length
(in bits) of the bitstring returned.
.TP
-.SM n
+.B n
Null. No parameter is required. The element is simply skipped if
it is recognized.
.TP
-.SM v
+.B v
Sequence of octet strings. A char *** should be supplied, which upon
-return points to a malloced null-terminated array of char *'s
+return points to a dynamically allocated null-terminated array of char *'s
containing the octet strings. NULL is returned if the sequence is empty.
+The caller should free the returned array and octet strings using
+.BR ber_memvfree ().
.TP
-.SM V
+.B V
Sequence of octet strings with lengths.
A struct berval *** should be supplied, which upon
-return points to a malloced null-terminated array of struct berval *'s
+return points to a dynamically allocated null-terminated array of
+struct berval *'s
containing the octet strings and their lengths.
-NULL is returned if the sequence is empty. ber_bvecfree() can be called
-to free the malloced memory.
+NULL is returned if the sequence is empty.
+The caller should free the returned structures using
+.BR ber_bvecfree ().
.TP
-.SM x
+.B W
+Sequence of octet strings with lengths.
+A BerVarray * should be supplied, which upon
+return points to a dynamically allocated array of
+struct berval's
+containing the octet strings and their lengths. The array is terminated
+by a struct berval with a NULL bv_val string pointer.
+NULL is returned if the sequence is empty.
+The caller should free the returned structures using
+.BR ber_bvarray_free ().
+.TP
+.B M
+Sequence of octet strings with lengths. This is a generalized form
+of the previous three formats.
+A void ** (ptr) should be supplied, followed by a ber_len_t * (len)
+and a ber_len_t (off).
+Upon return (ptr) will point to a dynamically allocated array
+whose elements are all of size (*len). A struct berval will be filled
+starting at offset (off) in each element. The strings in each struct
+berval reside in memory assigned to the BerElement and must not be
+freed by the caller. The array is terminated by a struct berval
+with a NULL bv_val string pointer. NULL is returned if the sequence
+is empty. The number of elements in the array is also stored
+in (*len) on return. The caller should free the returned array using
+.BR ber_memfree ().
+.TP
+.B l
+Length of the next element. A pointer to a ber_len_t should be supplied.
+.TP
+.B t
+Tag of the next element. A pointer to a ber_tag_t should be supplied.
+.TP
+.B T
+Skip element and return its tag. A pointer to a ber_tag_t should be supplied.
+.TP
+.B x
Skip element. The next element is skipped.
.TP
-.SM {
+.B {
Begin sequence. No parameter is required. The initial sequence tag
and length are skipped.
.TP
-.SM }
+.B }
End sequence. No parameter is required and no action is taken.
.TP
-.SM [
+.B [
Begin set. No parameter is required. The initial set tag
and length are skipped.
.TP
-.SM ]
+.B ]
End set. No parameter is required and no action is taken.
.RE
.LP
-The ber_get_int() routine tries to interpret the next element as an integer,
+The
+.BR ber_get_int ()
+routine tries to interpret the next element as an integer,
returning the result in \fInum\fP. The tag of whatever it finds is returned
-on success, -1 on failure.
+on success, LBER_ERROR (\-1) on failure.
.LP
-The ber_get_stringb() routine is used to read an octet string into a
+The
+.BR ber_get_stringb ()
+routine is used to read an octet string into a
preallocated buffer. The \fIlen\fP parameter should be initialized to
the size of the buffer, and will contain the length of the octet string
read upon return. The buffer should be big enough to take the octet
string value plus a terminating NULL byte.
.LP
-The ber_get_stringa() routine is used to malloc space into which an octet
-string is read.
-.LP
-The ber_get_stringal() routine is used to malloc space into which an octet
-string and its length are read. It takes a struct berval **, and returns
-the result in this parameter.
-.LP
-The ber_get_null() routine is used to read a NULL element. It returns
+The
+.BR ber_get_stringa ()
+routine is used to dynamically allocate space into
+which an octet string is read.
+The caller should free the returned string using
+.BR ber_memfree().
+.LP
+The
+.BR ber_get_stringal ()
+routine is used to dynamically allocate space
+into which an octet string and its length are read. It takes a
+struct berval **, and returns the result in this parameter.
+The caller should free the returned structure using
+.BR ber_bvfree().
+.LP
+The
+.BR ber_get_stringbv ()
+routine is used to read an octet string and its length into the
+provided struct berval *. If the \fIalloc\fP parameter is zero, the string
+will reside in memory assigned to the BerElement, and must not be freed
+by the caller. If the \fIalloc\fP parameter is non-zero, the string will be
+copied into dynamically allocated space which should be returned using
+.BR ber_memfree ().
+.LP
+The
+.BR ber_get_null ()
+routine is used to read a NULL element. It returns
the tag of the element it skips over.
.LP
-The ber_get_boolean() routine is used to read a boolean value. It is called
-the same way that ber_get_int() is called.
-.LP
-The ber_get_bitstringa() routine is used to read a bitstring value. It
-takes a char ** which will hold the malloced bits, followed by an
-unsigned long *, which will point to the length (in bits) of the
-bitstring returned.
-.LP
-The ber_first_element() routine is used to return the tag and length
+The
+.BR ber_get_boolean ()
+routine is used to read a boolean value. It is called the same way that
+.BR ber_get_int ()
+is called.
+.LP
+The
+.BR ber_get_enum ()
+routine is used to read a enumeration value. It is called the same way that
+.BR ber_get_int ()
+is called.
+.LP
+The
+.BR ber_get_bitstringa ()
+routine is used to read a bitstring value. It
+takes a char ** which will hold the dynamically allocated bits, followed by an
+ber_len_t *, which will point to the length (in bits) of the bitstring returned.
+The caller should free the returned string using
+.BR ber_memfree ().
+.LP
+The
+.BR ber_first_element ()
+routine is used to return the tag and length
of the first element in a set or sequence. It also returns in \fIcookie\fP
a magic cookie parameter that should be passed to subsequent calls to
ber_next_element(), which returns similar information.
@@ -322,37 +310,45 @@ the following ASN.1 object:
}
.fi
.LP
-The element can be decoded using ber_scanf() as follows.
+The element can be decoded using
+.BR ber_scanf ()
+as follows.
.LP
.nf
- int scope, ali, size, time, attrsonly;
+ ber_int_t scope, deref, size, time, attrsonly;
char *dn, **attrs;
+ ber_tag_t tag;
+
+ tag = ber_scanf( ber, "{aeeiib{v}}",
+ &dn, &scope, &deref,
+ &size, &time, &attrsonly, &attrs );
- if ( ber_scanf( ber, "{aiiiib{v}}", &dn, &scope, &ali,
- &size, &time, &attrsonly, &attrs ) == -1 )
+ if( tag == LBER_ERROR ) {
/* error */
- else
+ } else {
/* success */
+ }
+
+ ber_memfree( dn );
+ ber_memvfree( attrs );
.fi
.SH ERRORS
-If an error occurs during decoding, generally these routines return -1.
+If an error occurs during decoding, generally these routines return
+LBER_ERROR (\-1).
.LP
.SH NOTES
.LP
The return values for all of these functions are declared in the
-<lber.h> header file. Some routines may malloc memory.
+.B <lber.h>
+header file. Some routines may dynamically allocate memory
+which must be freed by the caller using supplied deallocation routines.
.SH SEE ALSO
-.BR lber-encode (3)
-.BR ldap-parse (3)
-.BR ldap-sync (3)
-.BR ldap-async (3)
-.LP
-Yeong, W., Howes, T., and Hardcastle-Kille, S., "Lightweight Directory Access
-Protocol", OSI-DS-26, April 1992.
-.LP
-Information Processing - Open Systems Interconnection - Model and Notation -
-Service Definition - Specification of Basic Encoding Rules for Abstract
-Syntax Notation One, International Organization for Standardization,
-International Standard 8825.
-.SH AUTHOR
-Tim Howes, University of Michigan
+.BR lber-encode (3),
+.BR lber-memory (3),
+.BR lber-sockbuf (3),
+.BR lber-types (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/lber-encode.3 b/doc/man/man3/lber-encode.3
index 01304810b7..be7302cb79 100644
--- a/doc/man/man3/lber-encode.3
+++ b/doc/man/man3/lber-encode.3
@@ -1,140 +1,39 @@
-.TH LBER-ENCODE 3 "15 June 1992"
+.TH LBER_ENCODE 3 "25 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
-ber_alloc, ber_flush, ber_printf, ber_put_int, ber_put_ostring, ber_put_string, ber_put_null, ber_put_boolean, ber_put_bitstring, ber_start_seq, ber_start_set, ber_put_seq, ber_put_set \- LBER simplified Basic Encoding Rules library routines for encoding
+ber_alloc_t, ber_flush, ber_printf, ber_put_int, ber_put_enum, ber_put_ostring, ber_put_string, ber_put_null, ber_put_boolean, ber_put_bitstring, ber_start_seq, ber_start_set, ber_put_seq, ber_put_set \- LBER simplified Basic Encoding Rules library routines for encoding
.SH SYNOPSIS
-.nf
-.ft B
-#include <lber.h>
-.ft
-.fi
+.B #include <lber.h>
.LP
-.nf
-.ft B
-typedef struct berelement {
- char *ber_buf;
- char *ber_ptr;
- char *ber_end;
- struct seqorset *ber_sos;
- int ber_tag;
- int ber_usertag;
-} BerElement;
-.ft
-.fi
+.BI "BerElement *ber_alloc_t(int " options ");"
.LP
-.nf
-.ft B
-typedef struct sockbuf {
- int sb_sd;
- BerElement sb_ber;
-} Sockbuf;
-.ft
-.fi
+.BI "int ber_flush(Sockbuf *" sb ", BerElement *" ber ", int " freeit ");"
.LP
-.nf
-.ft B
-BerElement *ber_alloc()
-.ft
-.fi
+.BI "int ber_printf(BerElement *" ber ", const char *" fmt ", ...);"
.LP
-.nf
-.ft B
-ber_flush(sb, ber, freeit)
-Sockbuf *sb;
-BerElement *ber;
-int freeit;
-.ft
-.fi
+.BI "int ber_put_int(BerElement *" ber ", ber_int_t " num ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_printf(ber, fmt [, arg... ] )
-BerElement *ber;
-char \(**fmt;
-.ft
-.fi
+.BI "int ber_put_enum(BerElement *" ber ", ber_int_t " num ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_put_int(ber, num, tag)
-BerElement *ber;
-long num;
-char tag;
-.ft
-.fi
+.BI "int ber_put_ostring(BerElement *" ber ", const char *" str ", ber_len_t " len ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_put_ostring(ber, str, len, tag)
-BerElement *ber;
-char \(**str;
-unsigned long len;
-char tag;
-.ft
-.fi
+.BI "int ber_put_string(BerElement *" ber ", const char *" str ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_put_string(ber, str, tag)
-BerElement *ber;
-char \(**str;
-char tag;
-.ft
-.fi
+.BI "int ber_put_null(BerElement *" ber ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_put_null(ber, tag)
-BerElement *ber;
-char tag;
-.ft
-.fi
+.BI "int ber_put_boolean(BerElement *" ber ", ber_int_t " bool ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_put_boolean(ber, bool, tag)
-BerElement *ber;
-int bool;
-char tag;
-.ft
-.fi
+.BI "int ber_put_bitstring(BerElement *" ber ", const char *" str ", ber_len_t " blen ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_put_bitstring(ber, str, blen, tag)
-BerElement *ber;
-char *str;
-int blen;
-char tag;
-.ft
-.fi
+.BI "int ber_start_seq(BerElement *" ber ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_start_seq(ber, tag)
-BerElement *ber;
-char tag;
-.ft
-.fi
+.BI "int ber_start_set(BerElement *" ber ", ber_tag_t " tag ");"
.LP
-.nf
-.ft B
-ber_start_set(ber, tag)
-BerElement *ber;
-char tag;
-.ft
-.fi
-.LP
-.nf
-.ft B
-ber_put_seq(ber)
-BerElement *ber;
-.ft
-.fi
+.BI "int ber_put_seq(BerElement *" ber ");"
.LP
-.nf
-.ft B
-ber_put_set(ber)
-BerElement *ber;
+.BI "int ber_put_set(BerElement *" ber ");"
.SH DESCRIPTION
.LP
These routines provide a subroutine interface to a simplified
@@ -142,113 +41,168 @@ implementation of the Basic Encoding Rules of ASN.1. The version
of BER these routines support is the one defined for the LDAP
protocol. The encoding rules are the same as BER, except that
only definite form lengths are used, and bitstrings and octet strings
-are always encoded in primitive form. In addition, these lightweight
-BER routines restrict tags and class to fit in a single octet (this
-means the actual tag must be less than 31). When a "tag" is specified
-in the descriptions below, it refers to the tag, class, and primitive
-or constructed bit in the first octet of the encoding. This
+are always encoded in primitive form. This
man page describes the encoding routines in the lber library. See
-lber-decode(3) for details on the corresponding decoding routines.
-.LP
-Normally, the only routines that need be called by an application
-are ber_alloc() to allocate a BER element for encoding, ber_printf()
-to do the actual encoding, and ber_flush() to actually write the
-element. The other routines are provided for those
-applications that need more control than ber_printf() provides. In
+.BR lber-decode (3)
+for details on the corresponding decoding routines. Consult
+.BR lber-types (3)
+for information about types, allocators, and deallocators.
+.LP
+Normally, the only routines that need to be called by an application
+are
+.BR ber_alloc_t ()
+to allocate a BER element for encoding,
+.BR ber_printf ()
+to do the actual encoding, and
+.BR ber_flush ()
+to actually write the element. The other routines are provided for those
+applications that need more control than
+.BR ber_printf ()
+provides. In
general, these routines return the length of the element encoded, or
--1 if an error occurred.
-.LP
-The ber_alloc() routine is used to allocate a new BER element. The
-ber_flush() routine is used to actually write the element to a socket
-(or file) descriptor, once it has been fully encoded (using ber_printf()
-and friends). The \fIsb\fP structure contains the descriptor and a
-BerElement used for input buffering. Only the \fIsb_sd\fP field is relevant
-to the ber_flush() routine.
-.LP
-The ber_printf() routine is used to encode a BER element in much the
-same way that sprintf(3) works. One important difference, though, is
+LBER_ERROR if an error occurred.
+.LP
+The
+.BR ber_alloc_t ()
+routine is used to allocate a new BER element. It
+should be called with an argument of LBER_USE_DER.
+.LP
+The
+.BR ber_flush ()
+routine is used to actually write the element to a socket
+(or file) descriptor, once it has been fully encoded (using
+.BR ber_printf ()
+and friends). See
+.BR lber-sockbuf (3)
+for more details on the Sockbuf implementation of the \fIsb\fP parameter.
+If the \fIfreeit\fP parameter is non-zero, the supplied \fIber\fP will
+be freed after its contents have been flushed.
+.LP
+The
+.BR ber_printf ()
+routine is used to encode a BER element in much the same way that
+.BR sprintf (3)
+works. One important difference, though, is
that some state information is kept with the \fIber\fP parameter so
-that multiple calls can be made to ber_printf() to append things to
-the end of the BER element. Ber_printf() writes to \fIber\fP, a pointer to a
-BerElement such as returned by ber_alloc(). It interprets and
+that multiple calls can be made to
+.BR ber_printf ()
+to append things to the end of the BER element.
+.BR Ber_printf ()
+writes to \fIber\fP, a pointer to a BerElement such as returned by
+.BR ber_alloc_t ().
+It interprets and
formats its arguments according to the format string \fIfmt\fP.
The format string can contain the following characters:
.RS
.LP
.TP 3
-.SM b
-Boolean. An integer parameter should be supplied. A boolean element
+.B b
+Boolean. An ber_int_t parameter should be supplied. A boolean element
is output.
.TP
-.SM i
-Integer. An integer parameter should be supplied. An integer element
+.B e
+Enumeration. An ber_int_t parameter should be supplied. An
+enumeration element is output.
+.TP
+.B i
+Integer. An ber_int_t parameter should be supplied. An integer element
is output.
.TP
-.SM B
+.B B
Bitstring. A char * pointer to the start of the bitstring is supplied,
followed by the number of bits in the bitstring. A bitstring element
is output.
.TP
-.SM n
+.B n
Null. No parameter is required. A null element is output.
.TP
-.SM o
+.B o
Octet string. A char * is supplied, followed by the length of the
string pointed to. An octet string element is output.
.TP
-.SM s
+.B O
+Octet string. A struct berval * is supplied.
+An octet string element is output.
+.TP
+.B s
Octet string. A null-terminated string is supplied. An octet string
element is output, not including the trailing NULL octet.
.TP
-.SM t
-Tag. An int specifying the tag to give the next element is provided.
-This works across calls.
+.B t
+Tag. A ber_tag_t specifying the tag to give the next element
+is provided. This works across calls.
.TP
-.SM v
+.B v
Several octet strings. A null-terminated array of char *'s is
supplied. Note that a construct like '{v}' is required to get
an actual SEQUENCE OF octet strings.
.TP
-.SM {
+.B V
+Several octet strings. A null-terminated array of struct berval *'s
+is supplied. Note that a construct like '{V}' is required to get
+an actual SEQUENCE OF octet strings.
+.TP
+.B W
+Several octet strings. An array of struct berval's is supplied. The
+array is terminated by a struct berval with a NULL bv_val.
+Note that a construct like '{W}' is required to get
+an actual SEQUENCE OF octet strings.
+.TP
+.B {
Begin sequence. No parameter is required.
.TP
-.SM }
+.B }
End sequence. No parameter is required.
.TP
-.SM [
+.B [
Begin set. No parameter is required.
.TP
-.SM ]
+.B ]
End set. No parameter is required.
.RE
.LP
-The ber_put_int() routine writes the integer element \fInum\fP to
-the BER element \fIber\fP.
+The
+.BR ber_put_int ()
+routine writes the integer element \fInum\fP to the BER element \fIber\fP.
.LP
-The ber_put_boolean() routine writes the boolean value given by
-\fIbool\fP to the BER element.
+The
+.BR ber_put_enum ()
+routine writes the enumeration element \fInum\fP to the BER element \fIber\fP.
.LP
-The ber_put_bitstring() routine writes \fIblen\fP bits starting
+The
+.BR ber_put_boolean ()
+routine writes the boolean value given by \fIbool\fP to the BER element.
+.LP
+The
+.BR ber_put_bitstring ()
+routine writes \fIblen\fP bits starting
at \fIstr\fP as a bitstring value to the given BER element. Note
that \fIblen\fP is the length \fIin bits\fP of the bitstring.
.LP
-The ber_put_ostring() routine writes \fIlen\fP bytes starting at
+The
+.BR ber_put_ostring ()
+routine writes \fIlen\fP bytes starting at
\fIstr\fP to the BER element as an octet string.
.LP
-The ber_put_string() routine writes the null-terminated string (minus
+The
+.BR ber_put_string ()
+routine writes the null-terminated string (minus
the terminating '\0') to the BER element as an octet string.
.LP
-The ber_put_null() routine writes a NULL element to the BER element.
-.LP
-The ber_start_seq() routine is used to start a sequence in the BER
-element. The ber_start_set() routine works similarly.
-The end of the sequence or set is marked by the nearest matching
-call to ber_put_seq() or ber_put_set(), respectively.
-.LP
-The ber_first_element() routine is used to return the tag and length
-of the first element in a set or sequence. It also returns in \fIcookie\fP
-a magic cookie parameter that should be passed to subsequent calls to
-ber_next_element(), which returns similar information.
+The
+.BR ber_put_null ()
+routine writes a NULL element to the BER element.
+.LP
+The
+.BR ber_start_seq ()
+routine is used to start a sequence in the BER element. The
+.BR ber_start_set ()
+routine works similarly.
+The end of the sequence or set is marked by the nearest matching call to
+.BR ber_put_seq ()
+or
+.BR ber_put_set (),
+respectively.
.SH EXAMPLES
Assuming the following variable declarations, and that the variables
have been assigned appropriately, an lber encoding of
@@ -278,38 +232,42 @@ the following ASN.1 object:
can be achieved like so:
.LP
.nf
- int scope, ali, size, time, attrsonly;
+ int rc;
+ ber_int_t scope, ali, size, time, attrsonly;
char *dn, **attrs;
+ BerElement *ber;
/* ... fill in values ... */
- if ( (ber = ber_alloc()) == NULLBER )
+
+ ber = ber_alloc_t( LBER_USE_DER );
+
+ if ( ber == NULL ) {
/* error */
+ }
+
+ rc = ber_printf( ber, "{siiiib{v}}", dn, scope, ali,
+ size, time, attrsonly, attrs );
- if ( ber_printf( ber, "{siiiib{v}}", dn, scope, ali,
- size, time, attrsonly, attrs ) == -1 )
+ if( rc == LBER_ERROR ) {
/* error */
- else
+ } else {
/* success */
+ }
.fi
.SH ERRORS
-If an error occurs during encoding, generally these routines return -1.
+If an error occurs during encoding, generally these routines return LBER_ERROR.
.LP
.SH NOTES
.LP
The return values for all of these functions are declared in the
<lber.h> header file.
.SH SEE ALSO
-.BR ldap-async (3)
-.BR ldap-sync (3)
-.BR ldap-parse (3)
-.BR lber-decode (3)
-.LP
-Yeong, W., Howes, T., and Hardcastle-Kille, S., "Lightweight Directory Access
-Protocol", OSI-DS-26, April 1992.
-.LP
-Information Processing - Open Systems Interconnection - Model and Notation -
-Service Definition - Specification of Basic Encoding Rules for Abstract
-Syntax Notation One, International Organization for Standardization,
-International Standard 8825.
-.SH AUTHOR
-Tim Howes, University of Michigan
+.BR lber-decode (3),
+.BR lber-memory (3),
+.BR lber-sockbuf (3),
+.BR lber-types (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/lber-memory.3 b/doc/man/man3/lber-memory.3
new file mode 100644
index 0000000000..2cf9d32332
--- /dev/null
+++ b/doc/man/man3/lber-memory.3
@@ -0,0 +1,50 @@
+.TH LBER_MEMORY 3 "25 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.SH NAME
+ber_memalloc, ber_memcalloc, ber_memrealloc, ber_memfree, ber_memvfree \- LBER memory allocators
+.SH SYNOPSIS
+.B #include <lber.h>
+.LP
+.BI "void *ber_memalloc(ber_len_t " bytes ");"
+.LP
+.BI "void *ber_memcalloc(ber_len_t " nelems ", ber_len_t " bytes ");"
+.LP
+.BI "void *ber_memrealloc(void *" ptr ", ber_len_t " bytes ");"
+.LP
+.BI "void ber_memfree(void *" ptr ");"
+.LP
+.BI "void ber_memvfree(void **" vec ");"
+.SH DESCRIPTION
+.LP
+These routines are used to allocate/deallocate memory used/returned
+by the Lightweight BER library as required by
+.BR lber-encode (3)
+and
+.BR lber-decode (3).
+.BR ber_memalloc (),
+.BR ber_memcalloc (),
+.BR ber_memrealloc (),
+and
+.BR ber_memfree ()
+are used exactly like the standard
+.BR malloc (3),
+.BR calloc (3),
+.BR realloc (3),
+and
+.BR free (3)
+routines, respectively. The
+.BR ber_memvfree ()
+routine is used to free a dynamically allocated array of pointers to
+arbitrary dynamically allocated objects.
+.SH SEE ALSO
+.BR lber-decode (3),
+.BR lber-encode (3),
+.BR lber-types (3)
+.LP
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/lber-types.3 b/doc/man/man3/lber-types.3
new file mode 100644
index 0000000000..0a8b020b76
--- /dev/null
+++ b/doc/man/man3/lber-types.3
@@ -0,0 +1,164 @@
+.TH LBER_TYPES 3 "25 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.SH NAME
+ber_int_t, ber_uint_t, ber_len_t, ber_slen_t, ber_tag_t \- LBER types
+.SH SYNOPSIS
+.B #include <lber.h>
+.LP
+.nf
+.ft B
+typedef impl_tag_t ber_tag_t;
+typedef impl_int_t ber_int_t;
+typedef impl_uint_t ber_uint_t;
+typedef impl_len_t ber_len_t;
+typedef impl_slen_t ber_slen_t;
+
+typedef struct berval {
+ ber_len_t bv_len;
+ char *bv_val;
+} BerValue, *BerVarray;
+
+typedef struct berelement BerElement;
+.ft
+.fi
+.LP
+.BI "void ber_bvfree(struct berval *" bv ");"
+.LP
+.BI "void ber_bvecfree(struct berval **" bvec ");"
+.LP
+.BI "void ber_bvecadd(struct berval ***" bvec ", struct berval *" bv ");"
+.LP
+.BI "void ber_bvarray_free(struct berval *" bvarray ");"
+.LP
+.BI "void ber_bvarray_add(BerVarray *" bvarray ", BerValue *" bv ");"
+.LP
+.BI "struct berval *ber_bvdup(const struct berval *" bv ");"
+.LP
+.BI "struct berval *ber_dupbv(const struct berval *" dst ", struct berval *" src ");"
+.LP
+.BI "struct berval *ber_bvstr(const char *" str ");"
+.LP
+.BI "struct berval *ber_bvstrdup(const char *" str ");"
+.LP
+.BI "struct berval *ber_str2bv(const char *" str ", ber_len_t " len ", int " dup ", struct berval *" bv ");"
+.LP
+.BI "void ber_free(BerElement *" ber ", int " freebuf ");"
+.SH DESCRIPTION
+.LP
+The following are the basic types and structures defined for use
+with the Lightweight BER library.
+.LP
+.B ber_int_t
+is a signed integer of at least 32 bits. It is commonly equivalent to
+.BR int .
+.B ber_uint_t
+is the unsigned variant of
+.BR ber_int_t .
+.LP
+.B ber_len_t
+is an unsigned integer of at least 32 bits used to represent a length.
+It is commonly equivalent to a
+.BR size_t .
+.B ber_slen_t
+is the signed variant to
+.BR ber_len_t .
+.LP
+.B ber_tag_t
+is an unsigned integer of at least 32 bits used to represent a
+BER tag. It is commonly equivalent to a
+.BR unsigned\ long .
+.LP
+The actual definitions of the integral impl_TYPE_t types are platform
+specific.
+.LP
+.BR BerValue ,
+commonly used as
+.BR struct\ berval ,
+is used to hold an arbitrary sequence of octets.
+.B bv_val
+points to
+.B bv_len
+octets.
+.B bv_val
+is not necessarly terminated by a NUL (zero) octet.
+.BR ber_bvfree ()
+frees a BerValue, pointed to by \fIbv\fP, returned from this API. If \fIbv\fP
+is NULL, the routine does nothing.
+.LP
+.BR ber_bvecfree ()
+frees an array of BerValues (and the array), pointed to by \fIbvec\fP,
+returned from this API. If \fIbvec\fP is NULL, the routine does nothing.
+.BR ber_bvecadd ()
+appends the \fIbv\fP pointer to the \fIbvec\fP array. Space for the array
+is allocated as needed. The end of the array is marked by a NULL pointer.
+.LP
+.BR ber_bvarray_free ()
+frees an array of BerValues (and the array), pointed to by \fIbvarray\fP,
+returned from this API. If \fIbvarray\fP is NULL, the routine does nothing.
+.BR ber_bvarray_add ()
+appends the contents of the BerValue pointed to by \fIbv\fP to the
+\fIbvarray\fP array. Space for the new element is allocated as needed.
+The end of the array is marked by a BerValue with a NULL bv_val field.
+.LP
+.BR ber_bvdup ()
+returns a copy of a BerValue. The routine returns NULL upon error
+(e.g. out of memory). The caller should use
+.BR ber_bvfree ()
+to deallocate the resulting BerValue.
+.BR ber_dupbv ()
+copies a BerValue from \fIsrc\fP to \fIdst\fP. If \fIdst\fP is NULL a
+new BerValue will be allocated to hold the copy. The routine returns NULL
+upon error, otherwise it returns a pointer to the copy. If \fIdst\fP is
+NULL the caller should use
+.BR ber_bvfree ()
+to deallocate the resulting BerValue, otherwise
+.BR ber_memfree ()
+should be used to deallocate the \fIdst->bv_val\fP. (The
+.BR ber_bvdup ()
+function is internally implemented as ber_dupbv(NULL, bv).
+.BR ber_bvdup ()
+is provided only for compatibility with an expired draft of the LDAP C API;
+.BR ber_dupbv ()
+is the preferred interface.)
+.LP
+.BR ber_bvstr ()
+returns a BerValue containing the string pointed to by \fIstr\fP.
+.BR ber_bvstrdup ()
+returns a BerValue containing a copy of the string pointed to by \fIstr\fP.
+.BR ber_str2bv ()
+returns a BerValue containing the string pointed to by \fIstr\fP, whose
+length may be optionally specified in \fIlen\fP. If \fIdup\fP is non-zero,
+the BerValue will contain a copy of \fIstr\fP. If \fIlen\fP is zero, the
+number of bytes to copy will be determined by
+.BR strlen (3),
+otherwise \fIlen\fP bytes will be copied. If \fIbv\fP is non-NULL, the result
+will be stored in the given BerValue, otherwise a new BerValue will be
+allocated to store the result. NOTE: Both
+.BR ber_bvstr ()
+and
+.BR ber_bvstrdup ()
+are implemented as macros using
+.BR ber_str2bv ()
+in this version of the library.
+.LP
+.B BerElement
+is an opaque structure used to maintain state information used in
+encoding and decoding. BerElement structures are created using
+.BR ber_alloc_t (3)
+and
+.BR ber_init (3).
+.BR ber_free ()
+frees a BerElement pointed to by \fIber\fP. If \fIber\fP is NULL, the routine
+does nothing. If \fIfreebuf\fP is zero, the internal buffer is not freed.
+.SH SEE ALSO
+.BR lber-encode (3),
+.BR lber-decode (3),
+.BR lber-memory (3)
+.LP
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap.3 b/doc/man/man3/ldap.3
index 8f2c20e9e0..2b3c97b6ac 100644
--- a/doc/man/man3/ldap.3
+++ b/doc/man/man3/ldap.3
@@ -1,59 +1,64 @@
-.TH LDAP 3 "13 November 1995" "U-M LDAP LDVERSION"
+.TH LDAP 3 "13 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
-ldap - Lightweight Directory Access Protocol package
+ldap - OpenLDAP Lightweight Directory Access Protocol API
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
.ft
.fi
.SH DESCRIPTION
.LP
-The Lightweight Directory Access Protocol provides TCP/IP access to
-the X.500 Directory or to a stand-alone LDAP server.
-The University of Michigan LDAP package includes a stand-alone server in
+The Lightweight Directory Access Protocol provides access to X.500
+directory services. The services may be stand\-alone or part of
+a distributed directory service. This API supports LDAP over TCP
+(RFC2251), LDAP over SSL, and LDAP over IPC (UNIX domain sockets).
+This API supports SASL (RFC2829) and Start TLS (RFC2830). This
+API is based upon IETF C LDAP API draft specification, a work in
+progress.
+.LP
+The OpenLDAP Software package includes a stand\-alone server in
.BR slapd (8),
-an LDAP to X.500 gateway in
-.BR ldapd (8),
various LDAP clients, and an LDAP client library used to provide
programmatic access to the LDAP protocol. This man page gives an
overview of the LDAP library routines.
.LP
Both synchronous and asynchronous APIs are provided. Also included are
various routines to parse the results returned from these routines.
-These routines are found in the libldap.a library.
+These routines are found in the \-lldap library.
.LP
-The basic interaction is as follows. A connection is made to an LDAP
-server by calling
-.BR ldap_open (3).
-An LDAP bind operation is performed by calling
-one of
-.BR ldap_bind (3)
-and friends. Next, other operations are performed
+The basic interaction is as follows. A session handle is
+created using
+.BR ldap_init (3)
+or
+.BR ldap_initialize (3).
+(The
+.BR ldap_initialize (3)
+routine is preferred, but is not part of the draft specification.)
+The underlying session is established upon first use which is
+commonly an LDAP bind operation. The LDAP bind operation is
+performed by calling
+.BR ldap_sasl_bind (3)
+or one of its friends. Next, other operations are performed
by calling one of the synchronous or asynchronous routines (e.g.,
-.BR ldap_search_s (3)
+.BR ldap_search_ext_s (3)
or
-.BR ldap_search (3)
+.BR ldap_search_ext (3)
followed by
.BR ldap_result (3)).
Results returned from these routines are interpreted by calling the
-LDAP parsing routines. The LDAP association is terminated by calling
-.BR ldap_unbind (3).
+LDAP parsing routines such as
+.BR ldap_parse_result (3).
+The LDAP association and underlying connection is terminated by calling
+.BR ldap_unbind_ext (3).
Errors can be interpreted by calling
-.BR ldap_perror (3).
-The
-.BR ldap_set_rebind_proc (3)
-routine can be used to set a routine to be called back when an LDAP bind
-operation needs to occur when handling a client referral.
+.BR ldap_err2string (3).
.SH SEARCH FILTERS
-Search filters to be passed to the ldap search routines can be
-constructed by hand, or by calling the
-.BR ldap_getfilter (3)
-routines, which use the
-.BR ldapgetfilter.conf (5)
-file to turn a string (presumably that a user has typed) into a series
-of search filters.
+Search filters to be passed to the ldap search routines are to be
+constructed by hand and should conform to RFC 2254.
.SH DISPLAYING RESULTS
Results obtained from the ldap search routines can be output by hand,
by calling
@@ -67,84 +72,60 @@ and
.BR ldap_next_attribute (3)
to step through an entry's attributes, and
.BR ldap_get_values (3)
-to retrieve a given attribute's value, and then calling
-.BR printf (3)
-or whatever to display the values.
-.LP
-Alternatively, the entry can be output automatically by calling
-the
-.BR ldap_entry2text (3),
-.BR ldap_entry2text_search (3),
-.BR ldap_entry2html (3),
-or
-.BR ldap_entry2html_search (3)
-routines. These routines look up the object
-class of the entry they are passed in the
-.BR ldaptemplates.conf (5)
-file to decide which attributes to display and how to display them.
-Output is handled via a routine passed in as a parameter.
+to retrieve a given attribute's values. Attribute values
+may or may not be displayable.
+.SH CONTROLS
+This library supports both LDAP Version 2 and Version 3, with the Version 2
+protocol selected by default.
+LDAP Version 3 operations can be extended through the use of controls. Controls
+can be sent to a server or returned to the client with any LDAP message.
+Extended versions of the standard routines are available for use with
+controls. These routines are generally named by adding
+.BR _ext
+to the regular routine's name.
.SH UNIFORM RESOURCE LOCATORS (URLS)
The
.BR ldap_url (3)
-routines can be used test a URL to see if it is an LDAP URL, to parse LDAP
+routines can be used to test a URL to see if it is an LDAP URL, to parse LDAP
URLs into their component pieces, and to initiate searches directly using
an LDAP URL.
-.SH USER FRIENDLY NAMING
-The
-.BR ldap_ufn (3)
-routines implement a user friendly naming
-scheme via LDAP. This scheme allows you to look up entries
-using fuzzy, untyped names like "mark smith, umich, us".
.SH CACHING
The
.BR ldap_cache (3)
routines implement a local client caching scheme,
providing a substantial performance increase for repeated queries.
+Caching is experiemental.
.SH UTILITY ROUTINES
Also provided are various utility routines. The
.BR ldap_sort (3)
routines are used to sort the entries and values returned via
-the ldap search routines. The
-.BR ldap_friendly (3)
-routines are
-used to map from short two letter country codes (or other strings)
-to longer "friendlier" names. The
-.BR ldap_charset (3)
-routines can be used to translate to and from the T.61 character
-set used for many character strings in the LDAP protocol.
-.SH CONNECTIONLESS ACCESS
-The
-.BR cldap_search_s (3)
-routine allows you to access the directory
-via Connectionless LDAP (CLDAP), which is similar to LDAP but
-operates over UDP, obviating the need to set up and tear down
-a connection by calling
-.BR ldap_open (3),
-.BR ldap_bind (3),
-and
-.BR ldap_unbind (3).
-.BR cldap_open (3)
-should be called before using
-.BR cldap_search_s (3).
-All the same getfilter, parsing, and display that can be used
-with regular LDAP routines can be used with the CLDAP routines.
+the ldap search routines.
.SH BER LIBRARY
Also included in the distribution is a set of lightweight Basic
Encoding Rules routines. These routines are used by the LDAP library
routines to encode and decode LDAP protocol elements using the
(slightly simplified) Basic Encoding Rules defined by LDAP. They are
-not normally used directly by an LDAP application program. The
-routines provide a printf and scanf-like interface, as well as
-lower-level access. These routines are found in the liblber.a
-library.
+not normally used directly by an LDAP application program except
+in the handling of controls and extended operations. The
+routines provide a printf and scanf\-like interface, as well as
+lower\-level access. These routines are discussed in
+.BR lber\-decode (3),
+.BR lber\-encode (3),
+.BR lber\-memory (3),
+and
+.BR lber\-types (3).
.SH INDEX
.TP 20
.SM ldap_open(3)
-open a connection to an LDAP server
+open a connection to an LDAP server (deprecated, use
+.BR ldap_init (3))
.TP
.SM ldap_init(3)
initialize the LDAP library without opening a connection to a server
.TP
+.SM ldap_initialize(3)
+initialize the LDAP library without opening a connection to a server
+.TP
.SM ldap_result(3)
wait for the result from an asynchronous operation
.TP
@@ -169,21 +150,6 @@ asynchronously bind to the directory using simple authentication
.SM ldap_simple_bind_s(3)
synchronously bind to the directory using simple authentication
.TP
-.SM ldap_kerberos_bind_s(3)
-synchronously bind to the directory using kerberos authentication
-.TP
-.SM ldap_kerberos_bind1(3)
-asynchronously bind to the LDAP server using kerberos authentication
-.TP
-.SM ldap_kerberos_bind1_s(3)
-synchronously bind to the LDAP server using kerberos authentication
-.TP
-.SM ldap_kerberos_bind2(3)
-asynchronously bind to the DSA using kerberos authentication
-.TP
-.SM ldap_kerberos_bind2_s(3)
-synchronously bind to the DSA using kerberos authentication
-.TP
.SM ldap_unbind(3)
synchronously unbind from the LDAP server and close the connection
.TP
@@ -192,10 +158,7 @@ equivalent to
.BR ldap_unbind (3)
.TP
.SM ldap_memfree (3)
-dispose of memory allocated by LDAP routines (this is only used on the
-Microsoft Windows platforms; use
-.BR free (3)
-on all other platforms).
+dispose of memory allocated by LDAP routines.
.TP
.SM ldap_enable_cache(3)
enable LDAP client caching
@@ -219,10 +182,10 @@ uncache a request
set cache options
.TP
.SM ldap_compare(3)
-asynchronous compare to a directory entry
+asynchronously compare to a directory entry
.TP
.SM ldap_compare_s(3)
-synchronous compare to a directory entry
+synchronously compare to a directory entry
.TP
.SM ldap_delete(3)
asynchronously delete an entry
@@ -230,60 +193,6 @@ asynchronously delete an entry
.SM ldap_delete_s(3)
synchronously delete an entry
.TP
-.SM ldap_init_templates(3)
-initialize display template routines from a file
-.TP
-.SM ldap_init_templates_buf(3)
-initialize display template routines from a buffer
-.TP
-.SM ldap_free_templates(3)
-free display template routine memory
-.TP
-.SM ldap_first_disptmpl(3)
-get first display template
-.TP
-.SM ldap_next_disptmpl(3)
-get next display template
-.TP
-.SM ldap_oc2template(3)
-return template appropriate for objectclass
-.TP
-.SM ldap_name2template(3)
-return named template
-.TP
-.SM ldap_tmplattrs(3)
-return attributes needed by template
-.TP
-.SM ldap_first_tmplrow(3)
-return first row of displayable items in a template
-.TP
-.SM ldap_next_tmplrow(3)
-return next row of displayable items in a template
-.TP
-.SM ldap_first_tmplcol(3)
-return first column of displayable items in a template
-.TP
-.SM ldap_next_tmplcol(3)
-return next column of displayable items in a template
-.TP
-.SM ldap_entry2text(3)
-display an entry as text using a display template
-.TP
-.SM ldap_entry2text_search(3)
-search for and display an entry as text using a display template
-.TP
-.SM ldap_vals2text(3)
-display values as text
-.TP
-.SM ldap_entry2html(3)
-display an entry as HTML (HyperText Markup Language) using a display template
-.TP
-.SM ldap_entry2html_search(3)
-search for and display an entry as HTML using a display template
-.TP
-.SM ldap_vals2html(3)
-display values as HTML
-.TP
.SM ldap_perror(3)
print an LDAP error indication to standard error
.TP
@@ -294,7 +203,7 @@ LDAP error indication
extract LDAP error indication from LDAP result
.TP
.SM ldap_errlist(3)
-list of ldap errors and their meanings
+list of LDAP errors and their meanings
.TP
.SM ldap_err2string(3)
convert LDAP error indication to a string
@@ -314,32 +223,20 @@ return next entry in a chain of search results
.SM ldap_count_entries(3)
return number of entries in a search result
.TP
-.SM ldap_friendly_name(3)
-map from unfriendly to friendly names
-.TP
-.SM ldap_free_friendlymap(3)
-free resources used by ldap_friendly(3)
-.TP
.SM ldap_get_dn(3)
extract the DN from an entry
.TP
.SM ldap_explode_dn(3)
convert a DN into its component parts
.TP
-.SM ldap_explode_dns(3)
-convert a DNS-style DN into its component parts (experimental)
-.TP
-.SM ldap_is_dns_dn(3)
-check to see if a DN is a DNS-style DN (experimental)
-.TP
-.SM ldap_dn2ufn(3)
-convert a DN into user friendly form
+.SM ldap_explode_rdn(3)
+convert an RDN into its component parts
.TP
.SM ldap_get_values(3)
return an attribute's values
.TP
.SM ldap_get_values_len(3)
-return an attribute values with lengths
+return an attribute's values with lengths
.TP
.SM ldap_value_free(3)
free memory allocated by ldap_get_values(3)
@@ -353,27 +250,6 @@ return number of values
.SM ldap_count_values_len(3)
return number of values
.TP
-.SM ldap_init_getfilter(3)
-initialize getfilter routines from a file
-.TP
-.SM ldap_init_getfilter_buf(3)
-initialize getfilter routines from a buffer
-.TP
-.SM ldap_getfilter_free(3)
-free resources allocated by ldap_init_getfilter(3)
-.TP
-.SM ldap_getfirstfilter(3)
-return first search filter
-.TP
-.SM ldap_getnextfilter(3)
-return next search filter
-.TP
-.SM ldap_build_filter(3)
-construct an LDAP search filter from a pattern
-.TP
-.SM ldap_setfilteraffixes(3)
-set prefix and suffix for search filters
-.TP
.SM ldap_modify(3)
asynchronously modify an entry
.TP
@@ -390,7 +266,7 @@ asynchronously modify the RDN of an entry
synchronously modify the RDN of an entry
.TP
.SM ldap_modrdn(3)
-depreciated - use ldap_modrdn2(3)
+deprecated - use ldap_modrdn2(3)
.TP
.SM ldap_modrdn_s(3)
depreciated - use ldap_modrdn2_s(3)
@@ -398,6 +274,12 @@ depreciated - use ldap_modrdn2_s(3)
.SM ldap_msgfree(3)
free results allocated by ldap_result(3)
.TP
+.SM ldap_msgtype(3)
+return the message type of a message from ldap_result(3)
+.TP
+.SM ldap_msgid(3)
+return the message id of a message from ldap_result(3)
+.TP
.SM ldap_search(3)
asynchronously search the directory
.TP
@@ -407,54 +289,12 @@ synchronously search the directory
.SM ldap_search_st(3)
synchronously search the directory with timeout
.TP
-.SM ldap_ufn_search_s(3)
-user friendly search the directory
-.TP
-.SM ldap_ufn_search_c(3)
-user friendly search the directory with cancel
-.TP
-.SM ldap_ufn_search_ct(3)
-user friendly search the directory with cancel and timeout
-.TP
-.SM ldap_ufn_setfilter(3)
-set filter file used by ldap_ufn(3) routines
-.TP
-.SM ldap_ufn_setprefix(3)
-set prefix used by ldap_ufn(3) routines
-.TP
-.SM ldap_ufn_timeout(3)
-set timeout used by ldap_ufn(3) routines
-.TP
.SM ldap_is_ldap_url(3)
check a URL string to see if it is an LDAP URL
.TP
.SM ldap_url_parse(3)
break up an LDAP URL string into its components
.TP
-.SM ldap_url_search(3)
-asynchronously search using an LDAP URL
-.TP
-.SM ldap_url_search_s(3)
-synchronously search using an LDAP URL
-.TP
-.SM ldap_url_search_st(3)
-synchronously search using an LDAP URL and a timeout
-.TP
-.SM ldap_init_searchprefs(3)
-initialize searchprefs routines from a file
-.TP
-.SM ldap_init_searchprefs_buf(3)
-initialize searchprefs routines from a buffer
-.TP
-.SM ldap_free_searchprefs(3)
-free memory allocated by searchprefs routines
-.TP
-.SM ldap_first_searchobj(3)
-return first searchpref object
-.TP
-.SM ldap_next_searchobj(3)
-return next searchpref object
-.TP
.SM ldap_sort_entries(3)
sort a list of search results
.TP
@@ -463,39 +303,15 @@ sort a list of attribute values
.TP
.SM ldap_sort_strcasecmp(3)
case insensitive string comparison
-.TP
-.SM ldap_set_string_translators(3)
-set character set translation routines used by LDAP library
-.TP
-.SM ldap_t61_to_8859(3)
-translate from ISO-8859 characters to the T.61 characters
-.TP
-.SM ldap_8859_to_t61(3)
-translate from T.61 characters to the ISO-8859 characters
-.TP
-.SM ldap_translate_from_t61(3)
-translate from the T.61 character set to another character set
-.TP
-.SM ldap_translate_to_t61(3)
-translate to the T.61 character set from another character set
-.TP
-.SM ldap_enable_translation(3)
-enable or disable character translation for an LDAP entry result
-.TP
-.SM cldap_open(3)
-open a connectionless LDAP (CLDAP) session
-.TP
-.SM cldap_search_s(3)
-perform a search using connectionless LDAP
-.TP
-.SM cldap_setretryinfo(3)
-set retry and timeout information using connectionless LDAP
-.TP
-.SM cldap_close(3)
-terminate a connectionless LDAP session
.SH SEE ALSO
-.BR ldapd (8),
-.BR slapd (8)
-.SH AUTHORS
-Tim Howes, Mark Smith, Gordon Good, Lance Sloan, and Steve Rothwell from
-the University of Michigan, along with help from lots of others.
+.BR slapd (8),
+.BR draft-ietf-ldapext-ldap-c-api-xx.txt \ <http://www.ietf.org>
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
+.LP
+These API manual pages are based upon descriptions provided in the
+IETF C LDAP API Internet Draft, a work in progress, edited by
+Mark Smith.
diff --git a/doc/man/man3/ldap_abandon.3 b/doc/man/man3/ldap_abandon.3
index 770513cb3d..a5266937ed 100644
--- a/doc/man/man3/ldap_abandon.3
+++ b/doc/man/man3/ldap_abandon.3
@@ -1,17 +1,19 @@
-.TH LDAP_ABANDON 3 "1 December 1994" "U-M LDAP LDVERSION"
+.TH LDAP_ABANDON 3 "13 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
-ldap_abandon \- Abandon an LDAP operation in progress
+ldap_abandon, ldap_abandon_ext \- Abandon an LDAP operation in progress
.SH SYNOPSIS
.nf
-.ft B
-#include <lber.h>
-#include <ldap.h>
-.LP
-.ft B
-int ldap_abandon(ld, msgid)
-.ft
-LDAP *ld;
-int msgid;
+.B #include <ldap.h>
+.sp
+.BI "int ldap_abandon(LDAP *" ld ", int " msgid ");"
+.sp
+.BI "int ldap_abandon_ext(LDAP *" ld ", int " msgid ","
+.RS
+.BI "LDAPControl *" sctrls "[], LDAPControl *" cctrls "[]);"
+.fi
.SH DESCRIPTION
The
.B ldap_abandon()
@@ -30,13 +32,34 @@ it sends an LDAP abandon operation to the the LDAP server.
The caller can expect that the result of an abandoned operation
will not be returned from a future call to
.BR ldap_result (3).
+.LP
+.B ldap_abandon_ext()
+is equivalent to
+.B ldap_abandon()
+except that it allows server and client controls to be passed
+in
+.I sctrls
+and
+.IR cctrls ,
+respectively.
.SH ERRORS
.B ldap_abandon()
returns 0 if everything goes ok, -1 otherwise,
-setting \fIld_errno\fP appropriately. See
+setting \fIld_errno\fP with an appropriate LDAP error code.
+.LP
+.B ldap_abandon_ext()
+directly returns an LDAP error code indicating success or failure of the
+operation.
+.LP
+See
.BR ldap_error (3)
for details.
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_result(3),
-.B ldap_error(3)
+.BR ldap (3),
+.BR ldap_result (3),
+.BR ldap_error (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_add.3 b/doc/man/man3/ldap_add.3
index 85290ad94e..fbd33a321d 100644
--- a/doc/man/man3/ldap_add.3
+++ b/doc/man/man3/ldap_add.3
@@ -1,25 +1,27 @@
-.TH LDAP_ADD 3 "15 November 1994" "U-M LDAP LDVERSION"
+.TH LDAP_ADD 3 "13 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
-ldap_add, ldap_add_s \- Perform an LDAP add operation
+ldap_add, ldap_add_s, ldap_add_ext, ldap_add_ext_s \- Perform an LDAP add operation
.SH SYNOPSIS
.nf
-.ft B
-#include <lber.h>
-#include <ldap.h>
-.LP
-.ft B
-int ldap_add(ld, dn, attrs)
-.ft
-LDAP *ld;
-char *dn;
-LDAPMod *attrs[];
-.LP
-.ft B
-int ldap_add_s(ld, dn, attrs)
-.ft
-LDAP *ld;
-char *dn;
-LDAPMod *attrs[];
+.B #include <ldap.h>
+.sp
+.BI "int ldap_add(LDAP *" ld ", const char *" dn ", LDAPMOD *" attrs "[]);"
+.sp
+.BI "int ldap_add_s(LDAP *" ld ", const char *" dn ", LDAPMod *" attrs "[]);"
+.sp
+.BI "int ldap_add_ext(LDAP *" ld ", const char *" dn ", LDAPMOD *" attrs "[],"
+.RS
+.BI "LDAPControl *" sctrls "[], LDAPControl *" cctrls "[], int *" msgidp ");"
+.RE
+.sp
+.BI "int ldap_add_ext_s(LDAP *" ld ", const char *" dn ", LDAPMOD *" attrs "[],"
+.RS
+.BI "LDAPControl *" sctrls "[], LDAPControl *" cctrls "[]);"
+.RE
+.fi
.SH DESCRIPTION
The
.B ldap_add_s()
@@ -47,6 +49,23 @@ routine works just like
but it is asynchronous. It returns the message id of the request it
initiated. The result of this operation can be obtained by calling
.BR ldap_result (3).
+.LP
+The
+.B ldap_add_ext()
+routine allows server and client controls to be specified to extend
+the add request. This routine is asynchronous like
+.BR ldap_add() ,
+but its return value is an LDAP error code. It stores the message id
+of the request in the integer pointed to
+by
+.IR msgidp .
+.LP
+The
+.B ldap_add_ext_s()
+routine is the synchronous version of
+.BR ldap_add_ext() .
+It also returns an LDAP error code indicating success or failure
+of the operation.
.SH ERRORS
.B ldap_add()
returns -1 in case of error initiating the request, and
@@ -55,6 +74,15 @@ to indicate the error.
.B ldap_add_s()
will return an LDAP error code
directly (LDAP_SUCCESS if everything went ok, some error otherwise).
+.B ldap_add_ext()
+and
+.B ldap_add_ext_s()
+also directly return LDAP error codes.
.SH SEE ALSO
-.BR ldap(3),
-.B ldap_modify(3)
+.BR ldap (3),
+.BR ldap_modify (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_bind.3 b/doc/man/man3/ldap_bind.3
index c172b28c3a..16ce233d33 100644
--- a/doc/man/man3/ldap_bind.3
+++ b/doc/man/man3/ldap_bind.3
@@ -1,95 +1,98 @@
-.TH LDAP_BIND 3 "28 March 1996" "U-M LDAP LDVERSION"
+.TH LDAP_BIND 3 "13 January 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
-ldap_bind, ldap_bind_s, ldap_simple_bind, ldap_simple_bind_s, ldap_kerberos_bind_s, ldap_kerberos_bind1, ldap_kerberos_bind1_s, ldap_kerberos_bind2, ldap_kerberos_bind2_s, ldap_unbind, ldap_unbind_s, ldap_set_rebind_proc \- LDAP bind routines
+ldap_bind, ldap_bind_s, ldap_simple_bind, ldap_simple_bind_s, ldap_kerberos_bind_s, ldap_kerberos_bind1, ldap_kerberos_bind1_s, ldap_kerberos_bind2, ldap_kerberos_bind2_s, ldap_sasl_bind, ldap_sasl_bind_s, ldap_sasl_interactive_bind_s, ldap_parse_sasl_bind_result, ldap_unbind, ldap_unbind_s \- LDAP bind routines
.SH SYNOPSIS
.nf
-.ft B
-#include <lber.h>
-#include <ldap.h>
-.LP
-.ft B
-int ldap_bind(ld, who, cred, method)
-.ft
-LDAP *ld;
-char *who, *cred;
-int method;
-.LP
-.ft B
-int ldap_bind_s(ld, who, cred, method)
-.ft
-LDAP *ld;
-char *who, *cred;
-int method;
-.LP
-.ft B
-int ldap_simple_bind(ld, who, passwd)
-.ft
-LDAP *ld;
-char *who, *passwd;
-.LP
-.ft B
-int ldap_simple_bind_s(ld, who, passwd)
-.ft
-LDAP *ld;
-char *who, *passwd;
-.LP
-.ft B
-int ldap_kerberos_bind_s(ld, who)
-.ft
-LDAP *ld;
-char *who;
-.LP
-.ft B
-int ldap_kerberos_bind1(ld, who)
-.ft
-LDAP *ld;
-char *who;
-.LP
-.ft B
-int ldap_kerberos_bind1_s(ld, who)
-.ft
-LDAP *ld;
-char *who;
-.LP
-.ft B
-int ldap_kerberos_bind2(ld, who)
-.ft
-LDAP *ld;
-char *who;
-.LP
-.ft B
-int ldap_kerberos_bind2_s(ld, who)
-.ft
-LDAP *ld;
-char *who;
-.LP
-.ft B
-int ldap_unbind(ld)
-.ft
-LDAP *ld;
-.LP
-.ft B
-int ldap_unbind_s(ld)
-.ft
-LDAP *ld;
-.LP
-.ft B
-void ldap_set_rebind_proc( ld, rebindproc )
-.ft
-LDAP *ld;
-int (*rebindproc)();
+.B #include <ldap.h>
+.LP
+.BI "int ldap_bind(LDAP *" ld ", const char *" who ", const char *" cred ","
+.RS
+.BI "int " method ");"
+.RE
+.LP
+.BI "int ldap_bind_s(LDAP *" ld ", const char *" who ", const char *" cred ","
+.RS
+.BI "int " method ");"
+.RE
+.LP
+.BI "int ldap_simple_bind(LDAP *" ld ", const char *" who ", const char *" passwd ");"
+.LP
+.BI "int ldap_simple_bind_s(LDAP *" ld ", const char *" who ", const char *" passwd ");"
+.LP
+.BI "int ldap_kerberos_bind_s(LDAP *" ld ", const char *" who ");"
+.LP
+.BI "int ldap_kerberos_bind1(LDAP *" ld ", const char *" who ");"
+.LP
+.BI "int ldap_kerberos_bind1_s(LDAP *" ld ", const char *" who ");"
+.LP
+.BI "int ldap_kerberos_bind2(LDAP *" ld ", const char *" who ");"
+.LP
+.BI "int ldap_kerberos_bind2_s(LDAP *" ld ", const char *" who ");"
+.LP
+.BI "int ldap_sasl_bind(LDAP *" ld ", const char *" dn ", const char *" mechanism ","
+.RS
+.BI "struct berval *" cred ", LDAPControl *" sctrls "[],"
+.BI "LDAPControl *" cctrls "[], int *" msgidp ");"
+.RE
+.LP
+.BI "int ldap_sasl_bind_s(LDAP *" ld ", const char *" dn ", const char *" mechanism ","
+.RS
+.BI "struct berval *" cred ", LDAPControl *" sctrls "[],"
+.BI "LDAPControl *" cctrls "[], struct berval **" servercredp ");"
+.RE
+.LP
+.BI "int ldap_parse_sasl_bind_result(LDAP *" ld ", LDAPMessage *" res ","
+.RS
+.BI "struct berval **" servercredp ", int " freeit ");"
+.RE
+.LP
+.BI "int ldap_sasl_interactive_bind_s(LDAP *" ld ", const char *" dn ","
+.RS
+.BI "const char *" mechs ", struct berval *" cred ","
+.BI "LDAPControl *" sctrls "[], LDAPControl *" cctrls "[],"
+.BI "unsigned " flags ", LDAP_SASL_INTERACT_PROC *" interact ","
+.BI "void *" defaults ");"
+.RE
+.LP
+.BI "int ldap_unbind(LDAP *" ld ");"
+.LP
+.BI "int ldap_unbind_s(LDAP *" ld ");"
+.\" .LP
+.\" .ft B
+.\" void ldap_set_rebind_proc( ld, rebindproc )
+.\" .ft
+.\" LDAP *ld;
+.\" int (*rebindproc)();
.SH DESCRIPTION
.LP
These routines provide various interfaces to the LDAP bind operation.
-After a connection is made to an LDAP server using
-.BR ldap_open (3),
-an LDAP bind operation must be performed before other operations can
-be attempted over the conection. Both synchronous and asynchronous
-versions of each variant of the bind call are provided. There are
-three types of calls, providing simple authentication, kerberos
-authentication, and general routines to do either one. All routines
+After an association with an LDAP server is made using
+.BR ldap_init (3),
+an LDAP bind operation should be performed before other operations are
+attempted over the connection. An LDAP bind is required when using
+Version 2 of the LDAP protocol; it is optional for Version 3 but is
+usually needed due to security considerations.
+.LP
+There are many types of bind calls, providing simple authentication, Kerberos
+version 4 authentication, and general routines to do either one, as
+well as calls using
+.B SASL
+(Simple Authentication and Security Layer)
+that can negotiate one of many different kinds of authentication.
+Both synchronous and asynchronous versions of each variant of the bind
+call are provided. All routines
take \fIld\fP as their first parameter, as returned from
-.BR ldap_open (3).
+.BR ldap_init (3).
+.LP
+Kerberos version 4 has been superseded by Kerberos version 5, and the
+Kerberos version 4 support is only provided for backward compatibility. The
+SASL interfaces should be used for new applications. SASL provides
+a general interface for using Kerberos versions 4 and 5 and many other
+security systems.
+.LP
.SH SIMPLE AUTHENTICATION
The simplest form of the bind call is
.BR ldap_simple_bind_s() .
@@ -107,23 +110,38 @@ operation can be obtained by a subsequent call to
.SH KERBEROS AUTHENTICATION
If the LDAP library and LDAP server being contacted have been
compiled with the KERBEROS option defined,
-Kerberos version 4 authentication can be accomplished by calling
-the
-.BR ldap_kerberos_bind_s()
-routine. It assumes the user already
-has obtained a ticket granting ticket. It takes \fIwho\fP, the DN
-of the entry to bind as. This routine does both steps of the
-kerberos binding process synchronously. The
+Kerberos version 4 authentication can be performed. As mentioned above,
+these Kerberos routines are provided only for backward compatibility.
+.LP
+These routines assume the user already
+has obtained a ticket granting ticket. The routines take \fIwho\fP, the DN
+of the entry to bind as. The
+.B ldap_kerberos_bind_s()
+routine does both steps of the Kerberos binding process synchronously. The
.B ldap_kerberos_bind1_s()
and
.B ldap_kerberos_bind2_s()
routines allow synchronous access to the
-individual steps, authenticating to the LDAP server and DSA, respectively.
+individual steps, authenticating to the LDAP server and X.500 DSA, respectively.
The
.B ldap_kerberos_bind1()
and
.B ldap_kerberos_bind2()
routines provide equivalent asynchronous access.
+.LP
+The
+.B ldap_kerberos_bind_s()
+routine is used to perform both authentication steps when contacting
+an LDAP server that is a gateway to an X.500 DSA. This kind of server
+configuration is only supported in the (very old) University of Michigan LDAP
+release. The OpenLDAP package no longer provides this gateway server.
+The standalone LDAP server provided in OpenLDAP may still be configured
+with Kerberos version 4 support, but it only requires one authentication
+step, and will return an error if the second step is attempted. Therefore,
+only the
+.B ldap_kerberos_bind1()
+routine or its synchronous equivalent may be used when contacting an
+OpenLDAP server.
.SH GENERAL AUTHENTICATION
The
.B ldap_bind()
@@ -134,12 +152,14 @@ authentication method to use needs to be selected at runtime. They
both take an extra \fImethod\fP parameter selecting the authentication
method to use. It should be set to one of LDAP_AUTH_SIMPLE,
LDAP_AUTH_KRBV41, or LDAP_AUTH_KRBV42, to select simple authentication,
-kerberos authentication to the LDAP server, or kerberos authentication
-to the DSA, respectively.
+Kerberos authentication to the LDAP server, or Kerberos authentication
+to the X.500 DSA, respectively.
.B ldap_bind()
returns the message id of the request it initiates.
.B ldap_bind_s()
returns an LDAP error indication.
+.SH SASL AUTHENTICATION
+Description still under construction...
.SH UNBINDING
The
.B ldap_unbind()
@@ -152,38 +172,38 @@ The
call is just another name for
.BR ldap_unbind() ;
both of these calls are synchronous in nature.
-.SH RE-BINDING WHILE FOLLOWING REFERRALS
-The
-.B ldap_set_rebind_proc()
-call is used to set a routine that will be called back to obtain bind
-credentials used when a new server is contacted during the following of
-an LDAP referral. Note that this function is only available when the
-LDAP libraries are compiled with LDAP_REFERRALS defined and is only
-used when the ld_options field in the LDAP structure has
-LDAP_OPT_REFERRALS set (this is the default). If
-.B ldap_set_rebind_proc()
-is never called, or if it is called with a NULL \fIrebindproc\fP
-parameter, an unauthenticated simple LDAP bind will always be done
-when chasing referrals.
-.LP
-\fIrebindproc\fP should be a function that is declared like this:
-.LP
-.nf
-int rebindproc( LDAP *ld, char **whop, char **credp,
- int *methodp, int freeit );
-.fi
-.LP
-The LDAP library will first call the rebindproc to obtain the
-referral bind credentials, and the \fIfreeit\fP parameter will be
-zero. The \fIwhop\fP, \fIcredp\fP, and \fImethodp\fP should be
-set as appropriate. If the rebindproc returns LDAP_SUCCESS, referral
-processing continues, and the rebindproc will be called a second
-time with \fIfreeit\fP non-zero to give your application a chance to
-free any memory allocated in the previous call.
-.LP
-If anything but LDAP_SUCCESS is returned by the first call to
-the rebindproc, then referral processing is stopped and that error code
-is returned for the original LDAP operation.
+.\" .SH RE-BINDING WHILE FOLLOWING REFERRALS
+.\" The
+.\" .B ldap_set_rebind_proc()
+.\" call is used to set a routine that will be called back to obtain bind
+.\" credentials used when a new server is contacted during the following of
+.\" an LDAP referral. Note that this function is only available when the
+.\" LDAP libraries are compiled with LDAP_REFERRALS defined and is only
+.\" used when the ld_options field in the LDAP structure has
+.\" LDAP_OPT_REFERRALS set (this is the default). If
+.\" .B ldap_set_rebind_proc()
+.\" is never called, or if it is called with a NULL \fIrebindproc\fP
+.\" parameter, an unauthenticated simple LDAP bind will always be done
+.\" when chasing referrals.
+.\" .LP
+.\" \fIrebindproc\fP should be a function that is declared like this:
+.\" .LP
+.\" .nf
+.\" int rebindproc( LDAP *ld, char **whop, char **credp,
+.\" int *methodp, int freeit );
+.\" .fi
+.\" .LP
+.\" The LDAP library will first call the rebindproc to obtain the
+.\" referral bind credentials, and the \fIfreeit\fP parameter will be
+.\" zero. The \fIwhop\fP, \fIcredp\fP, and \fImethodp\fP should be
+.\" set as appropriate. If the rebindproc returns LDAP_SUCCESS, referral
+.\" processing continues, and the rebindproc will be called a second
+.\" time with \fIfreeit\fP non-zero to give your application a chance to
+.\" free any memory allocated in the previous call.
+.\" .LP
+.\" If anything but LDAP_SUCCESS is returned by the first call to
+.\" the rebindproc, then referral processing is stopped and that error code
+.\" is returned for the original LDAP operation.
.SH ERRORS
Asynchronous routines will return -1 in case of error, setting the
\fIld_errno\fP parameter of the \fIld\fP structure. Synchronous
@@ -191,6 +211,15 @@ routines return whatever \fIld_errno\fP is set to. See
.BR ldap_error (3)
for more information.
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_error(3),
-.BR ldap_open(3)
+.BR ldap (3),
+.BR ldap_error (3),
+.BR ldap_open (3),
+.B RFC 2222
+(http://www.ietf.org),
+.B Cyrus SASL
+(http://asg.web.cmu.edu/sasl/)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_compare.3 b/doc/man/man3/ldap_compare.3
index 3df8ca9c6b..b4971eb45d 100644
--- a/doc/man/man3/ldap_compare.3
+++ b/doc/man/man3/ldap_compare.3
@@ -1,10 +1,12 @@
-.TH LDAP_COMPARE 3 "15 November 1994" "U-M LDAP LDVERSION"
+.TH LDAP_COMPARE 3 "22 September 1998" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldap_compare, ldap_compare_s \- Perform an LDAP compare operation
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
.LP
.ft B
@@ -47,5 +49,10 @@ non-negative message id of the request if things went ok.
.SH BUGS
There is no way to compare binary values, but there should be.
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_error(3)
+.BR ldap (3),
+.BR ldap_error (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_delete.3 b/doc/man/man3/ldap_delete.3
index 3149890d84..9390106367 100644
--- a/doc/man/man3/ldap_delete.3
+++ b/doc/man/man3/ldap_delete.3
@@ -1,10 +1,12 @@
-.TH LDAP_DELETE 3 "15 November 1994" "U-M LDAP LDVERSION"
+.TH LDAP_DELETE 3 "22 September 1998" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldap_delete, ldap_delete_s \- Perform an LDAP delete operation
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
.LP
.ft B
@@ -44,5 +46,10 @@ and friends.
returns -1 if something went wrong initiating the request. It returns the
non-negative message id of the request if things went ok.
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_error(3)
+.BR ldap (3),
+.BR ldap_error (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_error.3 b/doc/man/man3/ldap_error.3
index c517b7e6e3..da99aa6231 100644
--- a/doc/man/man3/ldap_error.3
+++ b/doc/man/man3/ldap_error.3
@@ -1,44 +1,33 @@
-.TH LDAP_ERROR 3 "15 November 1994" "U-M LDAP LDVERSION"
+.TH LDAP_ERROR 3 "23 July 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldap_perror, ld_errno, ldap_result2error, ldap_errlist, ldap_err2string \- LDAP protocol error handling routines
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
.LP
.ft B
-struct ldaperror {
- int e_code;
- char *e_reason;
-};
+char *ldap_err2string( int err );
.LP
.ft B
-struct ldaperror ldap_errlist[];
+void ldap_perror( LDAP *ld, const char *s )
.LP
.ft B
-char *ldap_err2string(err)
-.ft
-int err;
-.LP
-.ft B
-void ldap_perror(ld, s)
-.ft
-LDAP *ld;
-char *s;
-.LP
-.ft B
-int ldap_result2error(ld, res, freeit)
-.ft
-LDAP *ld;
-LDAPMessage *res;
-int freeit;
+int ldap_result2error( LDAP *ld, LDAPMessage *res, int freeit )
.SH DESCRIPTION
These routines provide interpretation of the various error codes
-returned by the LDAP protocol and LDAP library routines, and assigned
-to the
-.I ld_errno
-field in the \fIld\fP structure.
+returned by the LDAP protocol and LDAP library routines or associated
+with an LDAP session. The error code associated with an LDAP session
+is accessible using
+.BR ldap_get_option (3)
+and
+.BR ldap_set_option (3)
+with the
+.B LDAP_OPT_ERROR_NUMBER
+option.
.LP
The
.B ldap_result2error()
@@ -57,15 +46,11 @@ field in \fIld\fP is set and returned.
.LP
The returned value can be passed to
.B ldap_err2string()
-or looked up in
-.B ldap_errlist[]
to get a text description of the message. The string
returned from
.B ldap_err2string()
is a pointer to a static area that
-should not be modified. The last element in the
-.B ldap_errlist[]
-array is signaled by an error code of -1.
+should not be modified.
.LP
The
.B ldap_perror()
@@ -189,7 +174,7 @@ An unknown error occurred.
The LDAP library can't contact the LDAP server.
.TP
.SM LDAP_LOCAL_ERROR
-Some local error occurred. This is usually a failed malloc.
+Some local error occurred. This is usually a failed dynamic memory allocation.
.TP
.SM LDAP_ENCODING_ERROR
An error was encountered encoding parameters to send to the LDAP server.
@@ -212,8 +197,14 @@ An ldap routine was called with a bad parameter (e.g., a NULL ld
pointer, etc.).
.TP
.SM LDAP_NO_MEMORY
-An memory allocation (e.g., malloc(3)) call failed in an ldap
+An memory allocation (e.g., malloc(3) or other dynamic memory
+allocator) call failed in an ldap
library routine.
.SH SEE ALSO
-.BR ldap(3),
-.BR perror(3)
+.BR ldap (3),
+.BR perror (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_first_attribute.3 b/doc/man/man3/ldap_first_attribute.3
index 452a928bf1..ec9fd54b43 100644
--- a/doc/man/man3/ldap_first_attribute.3
+++ b/doc/man/man3/ldap_first_attribute.3
@@ -1,25 +1,21 @@
-.TH LDAP_FIRST_ATTRIBUTE 3 "25 November 1994" "U-M LDAP LDVERSION"
+.TH LDAP_FIRST_ATTRIBUTE 3 "23 July 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldap_first_attribute, ldap_next_attribute \- step through LDAP entry attributes
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
.LP
.ft B
-char *ldap_first_attribute(ld, entry, berptr)
-.ft
-LDAP *ld;
-LDAPMessage *entry;
-BerElement **berptr;
+char *ldap_first_attribute(
+ LDAP *ld, LDAPMessage entry, BerElement **berptr )
.LP
.ft B
-char *ldap_next_attribute(ld, entry, ber)
-.ft
-LDAP *ld;
-LDAPMessage *entry;
-BerElement *ber;
+char *ldap_next_attribute(
+ LDAP *ld, LDAPMessage entry, BerElement *ber )
.SH DESCRIPTION
The
.B ldap_first_attribute()
@@ -32,26 +28,19 @@ takes an \fIentry\fP as returned by
.BR ldap_first_entry (3)
or
.BR ldap_next_entry (3)
-and returns a pointer to a per-connection buffer
-containing the first attribute type in the entry. The return value
-should be treated as if it is a pointer to a static area (i.e.,
-.BR strdup (3)
-it if you want to save it).
+and returns a pointer to character string
+containing the first attribute description in the entry.
+.B ldap_next_attribute()
+returns the next attribute description in the entry.
.LP
It also returns, in \fIberptr\fP, a pointer to a BerElement it has
allocated to keep track of its current position. This pointer should
be passed to subsequent calls to
.B ldap_next_attribute()
and is used used
-to effectively step through the entry's attributes. This pointer
-is freed by
-.B ldap_next_attribute()
-when there are no more attributes (that
-is, when
-.B ldap_next_attribute()
-returns NULL). Otherwise, the caller is
-responsible for freeing the BerElement pointed to by \fIberptr\fP when
-it is no longer needed by calling
+to effectively step through the entry's attributes. The caller is
+solely responsible for freeing the BerElement pointed to by \fIberptr\fP
+when it is no longer needed by calling
.BR ber_free (3).
When calling
.BR ber_free (3)
@@ -69,11 +58,17 @@ for a description of possible error codes.
.SH NOTES
The
.B ldap_first_attribute()
-routine mallocs memory that may need to
-be freed by the caller via
-.BR ber_free (3).
+and
+.B ldap_next_attribute()
+return dynamically allocated memory that must be freed by the caller via
+.BR ldap_memfree (3).
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_first_entry(3),
-.BR ldap_get_values(3),
-.BR ldap_error(3)
+.BR ldap (3),
+.BR ldap_first_entry (3),
+.BR ldap_get_values (3),
+.BR ldap_error (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_first_entry.3 b/doc/man/man3/ldap_first_entry.3
index 368ad0ffff..9df89ebf52 100644
--- a/doc/man/man3/ldap_first_entry.3
+++ b/doc/man/man3/ldap_first_entry.3
@@ -1,29 +1,22 @@
-.TH LDAP_FIRST_ENTRY 3 "25 November 1994" "U-M LDAP LDVERSION"
+.TH LDAP_FIRST_ENTRY 3 "23 July 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldap_first_entry, ldap_next_entry, ldap_count_entries \- LDAP result entry parsing and counting routines
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
.LP
.ft B
-ldap_count_entries(ld, result)
-.ft
-LDAP *ld;
-LDAPMessage *result;
+int ldap_count_entries( LDAP *ld, LDAPMessage *result )
.LP
.ft B
-LDAPMessage *ldap_first_entry(ld, result)
-.ft
-LDAP *ld;
-LDAPMessage *result;
+LDAPMessage *ldap_first_entry( LDAP *ld, LDAPMessage *result )
.LP
.ft B
-LDAPMessage *ldap_next_entry(ld, entry)
-.ft
-LDAP *ld;
-LDAPMessage *entry;
+LDAPMessage *ldap_next_entry( LDAP *ld, LDAPMessage *entry )
.SH DESCRIPTION
.LP
These routines are used to parse results received from
@@ -75,9 +68,14 @@ is set appropriately. See
.BR ldap_error (3)
for a description of possible error codes.
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_result(3),
-.BR ldap_search(3),
-.BR ldap_first_attribute(3),
-.BR ldap_get_values(3),
-.BR ldap_get_dn(3)
+.BR ldap (3),
+.BR ldap_result (3),
+.BR ldap_search (3),
+.BR ldap_first_attribute (3),
+.BR ldap_get_values (3),
+.BR ldap_get_dn (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_first_message.3 b/doc/man/man3/ldap_first_message.3
new file mode 100644
index 0000000000..f341319d3c
--- /dev/null
+++ b/doc/man/man3/ldap_first_message.3
@@ -0,0 +1,84 @@
+.TH LDAP_FIRST_MESSAGE 3 "19 September 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.SH NAME
+ldap_first_message, ldap_next_message, ldap_count_messages \- Stepping
+through messages in a result chain
+.SH SYNOPSIS
+.nf
+.ft B
+#include <ldap.h>
+.LP
+.ft B
+int ldap_count_messages( LDAP *ld, LDAPMessage *result )
+.LP
+.ft B
+LDAPMessage *ldap_first_message( LDAP *ld, LDAPMessage *result )
+.LP
+.ft B
+LDAPMessage *ldap_next_message( LDAP *ld, LDAPMessage *message )
+.SH DESCRIPTION
+.LP
+These routines are used to step through the messages in a result chain
+received from
+.BR ldap_result (3) .
+For search operations, the result chain can contain referral, entry
+and result messages. The
+.BR ldap_msgtype (3)
+function can be used to distinguish between the different message types.
+.LP
+The
+.B ldap_first_message()
+routine is used to retrieve the first message in a result chain.
+It takes the \fIresult\fP as returned by a call to
+.BR ldap_result (3) ,
+.BR ldap_search_s (3)
+or
+.BR ldap_search_st (3)
+and returns a pointer to the first message in the result chain.
+.LP
+This pointer should be supplied on a subsequent call to
+.B ldap_next_message()
+to get the next message, the result of which should be
+supplied to the next call to
+.BR ldap_next_message() ,
+etc.
+.B ldap_next_message()
+will return NULL when there are no more messages.
+.LP
+These functions are useful when using routines like
+.BR ldap_parse_result (3)
+that only operate on the first result in the chain.
+.LP
+A count of the number of messages in the result chain can be obtained
+by calling
+.BR ldap_count_messages() .
+It can also be used to count the number of remaining messages in a chain
+if called with a message, entry or reference returned by
+.B ldap_first_message() ,
+.B ldap_next_message() ,
+.BR ldap_first_entry (3) ,
+.BR ldap_next_entry (3) ,
+.BR ldap_first_reference (3) ,
+.BR ldap_next_reference (3) .
+.SH ERRORS
+If an error occurs in
+.B ldap_first_message()
+or
+.BR ldap_next_message() ,
+NULL is returned. If an error occurs in
+.BR ldap_count_messages() ,
+-1 is returned.
+.SH SEE ALSO
+.BR ldap (3),
+.BR ldap_search (3),
+.BR ldap_result (3),
+.BR ldap_parse_result (3),
+.BR ldap_first_entry (3),
+.BR ldap_first_reference (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_first_reference.3 b/doc/man/man3/ldap_first_reference.3
new file mode 100644
index 0000000000..fe9bda4b9c
--- /dev/null
+++ b/doc/man/man3/ldap_first_reference.3
@@ -0,0 +1,73 @@
+.TH LDAP_FIRST_REFERENCE 3 "19 September 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.SH NAME
+ldap_first_reference, ldap_next_reference, ldap_count_references \- Stepping
+through continuation references in a result chain
+.SH SYNOPSIS
+.nf
+.ft B
+#include <ldap.h>
+.LP
+.ft B
+int ldap_count_references( LDAP *ld, LDAPMessage *result )
+.LP
+.ft B
+LDAPMessage *ldap_first_reference( LDAP *ld, LDAPMessage *result )
+.LP
+.ft B
+LDAPMessage *ldap_next_reference( LDAP *ld, LDAPMessage *reference )
+.SH DESCRIPTION
+.LP
+These routines are used to step through the continuation references in a
+result chain received from
+.BR ldap_result (3)
+or the synchronous LDAP search operation routines.
+.LP
+The
+.B ldap_first_reference()
+routine is used to retrieve the first reference message in a
+result chain. It takes the \fIresult\fP as returned by a call to
+.BR ldap_result (3) ,
+.BR ldap_search_s (3)
+or
+.BR ldap_search_st (3)
+and returns a pointer to the first reference message in the
+result chain.
+.LP
+This pointer should be supplied on a subsequent call to
+.B ldap_next_reference()
+to get the next reference message, the result of which should be
+supplied to the next call to
+.BR ldap_next_reference() ,
+etc.
+.B ldap_next_reference()
+will return NULL when there are no more reference messages.
+The reference messages returned from these calls are used by
+.BR ldap_parse_reference (3)
+to extract referrals and controls.
+.LP
+A count of the number of reference messages in the search result can be
+obtained by calling
+.BR ldap_count_references() .
+It can also be used to count the number of reference messages remaining
+in a result chain.
+.SH ERRORS
+If an error occurs in
+.B ldap_first_reference()
+or
+.BR ldap_next_reference() ,
+NULL is returned. If an error occurs in
+.BR ldap_count_references() ,
+-1 is returned.
+.SH SEE ALSO
+.BR ldap (3),
+.BR ldap_result (3),
+.BR ldap_search (3),
+.BR ldap_parse_reference (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_get_dn.3 b/doc/man/man3/ldap_get_dn.3
index 55530fcbd4..c86c0de6f7 100644
--- a/doc/man/man3/ldap_get_dn.3
+++ b/doc/man/man3/ldap_get_dn.3
@@ -1,44 +1,46 @@
-.TH LDAP_GET_DN 3 "16 June 1995" "U-M LDAP LDVERSION"
+.TH LDAP_GET_DN 3 "22 July 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
-ldap_get_dn, ldap_explode_dn, ldap_dn2ufn, ldap_is_dns_dn, ldap_explode_dns \- LDAP DN handling routines
+ldap_get_dn, ldap_explode_dn, ldap_explode_rdn, ldap_dn2ufn \- LDAP DN handling routines
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
.LP
.ft B
-char *ldap_get_dn(ld, entry)
-.ft
-LDAP *ld;
-LDAPMessage *entry;
+char *ldap_get_dn( LDAP *ld, LDAPMessage *entry )
.LP
.ft B
-char **ldap_explode_dn(dn, notypes)
-.ft
-char *dn;
-int notypes;
+char **ldap_explode_dn( const char *dn, int notypes )
.LP
.ft B
-char *ldap_dn2ufn(dn)
-.ft
-char *dn;
+char **ldap_explode_rdn( const char *rdn, int notypes )
.LP
.ft B
-int ldap_is_dns_dn(dn)
-.ft
-char *dn;
+char *ldap_dn2ufn( const char * dn )
.LP
.ft B
-char **ldap_explode_dns(dn)
-.ft
-char *dn;
+char *ldap_dn2dcedn( const char * dn )
+.LP
+.ft B
+char *ldap_dcedn2dn( const char * dn )
+.LP
+.ft B
+char *ldap_dn2ad_canonical( const char * dn )
+.LP
+.ft B
+int ldap_str2dn( const char *str, LDAPDN **dn, unsigned flags )
+.LP
+.ft B
+int ldap_dn2str( LDAPDN *dn, char **str, unsigned flags )
.SH DESCRIPTION
These routines allow LDAP entry names (Distinguished Names, or DNs)
to be obtained, parsed, converted to a user-friendly form, and tested.
-A DN has the form described in RFC 1779 "A String Representation of
-Distinguished Names", unless it is an experimental DNS-style DN
-which takes the form of an RFC 822 mail address.
+A DN has the form described in
+RFC 2253 "Lightweight Directory Access Protocol (v3):
+UTF-8 String Representation of Distinguished Names".
.LP
The
.B ldap_get_dn()
@@ -47,10 +49,9 @@ routine takes an \fIentry\fP as returned by
or
.BR ldap_next_entry (3)
and returns a copy of
-the entry's DN. Space for the DN will have been obtained via
-.BR malloc (3),
-and should be freed by the caller by a call to
-.BR free (3).
+the entry's DN. Space for the DN will be obtained dynamically
+and should be freed by the caller using
+.BR ldap_memfree (3).
.LP
The
.B ldap_explode_dn()
@@ -68,30 +69,135 @@ c=US" would return as either { "cn=Bob", "c=US", NULL } or { "Bob",
The result can be freed by calling
.BR ldap_value_free (3).
.LP
+Similarly, the
+.B ldap_explode_rdn()
+routine takes an RDN as returned by
+.B ldap_explode_dn(dn,0)
+and breaks it up into its "type=value" component parts (or just "value",
+if the \fInotypes\fP parameter is set). Note the value is not
+unescaped. The result can be freed by calling
+.BR ldap_value_free (3).
+.LP
.B ldap_dn2ufn()
is used to turn a DN as returned by
-.B ldap_get_dn()
-into a more user-friendly form, stripping off type names. See
-RFC 1781 "Using the Directory to Achieve User Friendly Naming"
-for more details on the UFN format. The space for the UFN returned
-is obtained by a call to
-.BR malloc (3),
-and the user is responsible for freeing it via a call to
-.BR free (3).
-.LP
-.B ldap_is_dns_dn()
-returns non-zero if the dn string is an experimental
-DNS-style DN (generally in the form of an RFC 822 e-mail address). It
-returns zero if the dn appears to be an RFC 1779 format DN.
-.LP
-.B ldap_explode_dns()
-takes a DNS-style DN and breaks it up into its
-component parts.
-.B ldap_explode_dns()
-returns a NULL-terminated array.
-For example, the DN "mcs.umich.edu" will return { "mcs", "umich", "edu",
-NULL }. The result can be freed by calling
-.BR ldap_value_free (3).
+.BR ldap_get_dn (3)
+into a more user-friendly form, stripping off all type names. See
+"Using the Directory to Achieve User Friendly Naming" (RFC 1781)
+for more details on the UFN format. Due to the ambigious nature
+of the format, it is generally only used for display purposes.
+The space for the UFN returned is obtained dynamically and the user
+is responsible for freeing it via a call to
+.BR ldap_memfree (3).
+.LP
+.B ldap_dn2dcedn()
+is used to turn a DN as returned by
+.BR ldap_get_dn (3)
+into a DCE-style DN, e.g. a string with most-significant to least
+significant rdns separated by slashes ('/'); rdn components
+are separated by commas (',').
+Only printable chars (e.g. LDAPv2 printable string) are allowed,
+at least in this implementation.
+.B ldap_dcedn2dn()
+performs the opposite operation.
+.B ldap_dn2ad_canonical()
+turns a DN into a AD canonical name, which is basically a DCE dn
+with attribute types omitted.
+The trailing domain, if present, is turned in a DNS-like domain.
+The space for the returned value is obtained dynamically and the user
+is responsible for freeing it via a call to
+.BR ldap_memfree (3).
+.LP
+.B ldap_str2dn()
+parses a string representation of a distinguished name contained in
+.B str
+into its components,
+which are stored in
+.B dn
+as
+.B ldap_ava
+structures, arranged in
+.B LDAPAVA,
+.B LDAPRDN,
+and
+.B LDAPDN
+terms, defined as:
+.nf
+.ft B
+
+typedef struct ldap_ava {
+ char *la_attr;
+ struct berval *la_value;
+ unsigned la_flags;
+} LDAPAVA;
+
+typedef LDAPAVA** LDAPRDN;
+typedef LDAPRDN** LDAPDN;
+
+.ft
+.fi
+The attribute types and the attribute values are not normalized.
+The
+.B la_flags
+can be either
+.B LDAP_AVA_STRING
+or
+.B LDAP_AVA_BINARY,
+the latter meaning that the value is BER/DER encoded and thus must
+be represented as, quoting from RFC 2253, " ... an
+octothorpe character ('#' ASCII 35) followed by the hexadecimal
+representation of each of the bytes of the BER encoding of the X.500
+AttributeValue."
+The
+.B flags
+parameter to
+.B ldap_str2dn()
+can be
+.LP
+.nf
+ LDAP_DN_FORMAT_LDAPV3
+ LDAP_DN_FORMAT_LDAPV2
+ LDAP_DN_FORMAT_DCE
+
+.fi
+which defines what DN syntax is expected (according to RFC 2253,
+RFC 1779 and DCE, respectively).
+The format can be \fIOR\fPed to the flags
+.LP
+.nf
+ LDAP_DN_P_NO_SPACES
+ LDAP_DN_P_NO_SPACE_AFTER_RDN
+ ...
+ LDAP_DN_PEDANTIC
+
+.fi
+The latter is a shortcut for all the previous limitations.
+.LP
+.B LDAP_DN_P_NO_SPACES
+does not allow extra spaces in the dn; the default is to silently
+eliminate spaces around AVA separators ('='), RDN component separators
+('+' for LDAPv3/LDAPv2 or ',' for DCE) and RDN separators
+(',' LDAPv3/LDAPv2 or '/' for DCE).
+.LP
+.B LDAP_DN_P_NO_SPACE_AFTER_RDN
+does not allow a single space after RDN separators.
+.LP
+.B ldap_dn2str()
+performs the inverse operation, yielding in
+.B str
+a string representation of
+.B dn.
+It allows the same values for
+.B flags
+as
+.B ldap_str2dn(),
+plus
+.LP
+.nf
+ LDAP_DN_FORMAT_UFN
+ LDAP_DN_FORMAT_AD_CANONICAL
+
+.fi
+for user-friendly naming (RFC 1781) and AD canonical.
.SH ERRORS
If an error occurs in
.BR ldap_get_dn() ,
@@ -101,16 +207,25 @@ field in the \fIld\fP parameter is set to indicate the error. See
.BR ldap_error (3)
for a description of possible error codes.
.BR ldap_explode_dn() ,
-.B ldap_explode_dns()
+.BR ldap_explode_rdn() ,
+.B ldap_dn2ufn(),
+.B ldap_dn2dcedn(),
+.B ldap_dcedn2dn(),
and
-.B ldap_dn2ufn()
+.B ldap_dn2ad_canonical()
will return NULL with
.BR errno (3)
set appropriately in case of trouble.
.SH NOTES
-These routines malloc memory that the caller must free.
+These routines dynamically allocate memory that the caller must free.
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_first_entry(3),
-.BR ldap_error(3),
-.BR ldap_value_free(3)
+.BR ldap (3),
+.BR ldap_error (3),
+.BR ldap_first_entry (3),
+.BR ldap_memfree (3),
+.BR ldap_value_free (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_get_values.3 b/doc/man/man3/ldap_get_values.3
index ac0dcdb6b3..e9acf3d207 100644
--- a/doc/man/man3/ldap_get_values.3
+++ b/doc/man/man3/ldap_get_values.3
@@ -1,16 +1,14 @@
-.TH LDAP_GET_VALUES 3 "25 November 1994" "U-M LDAP LDVERSION"
+.TH LDAP_GET_VALUES 3 "22 September 1998" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
ldap_get_values, ldap_get_values_len, ldap_count_values \- LDAP attribute value handling routines
.SH SYNOPSIS
.nf
.ft B
-#include <lber.h>
#include <ldap.h>
-typedef struct berval {
- unsigned long bv_len;
- char *bv_val;
-};
.LP
.ft B
char **ldap_get_values(ld, entry, attr)
@@ -91,9 +89,15 @@ indicate the error. See
.BR ldap_error (3)
for a description of possible error codes.
.SH NOTES
-These routines malloc memory that the caller must free.
+These routines dynamically allocate memory which the caller must free
+using the supplied routines.
.SH SEE ALSO
-.BR ldap(3),
-.BR ldap_first_entry(3),
-.BR ldap_first_attribute(3),
-.BR ldap_error(3)
+.BR ldap (3),
+.BR ldap_first_entry (3),
+.BR ldap_first_attribute (3),
+.BR ldap_error (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_parse_result.3 b/doc/man/man3/ldap_parse_result.3
new file mode 100644
index 0000000000..d30115ac77
--- /dev/null
+++ b/doc/man/man3/ldap_parse_result.3
@@ -0,0 +1,106 @@
+.TH LDAP_PARSE_RESULT 3 "10 October 2001" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.SH NAME
+ldap_parse_result \- Parsing results
+.SH SYNOPSIS
+.nf
+.ft B
+#include <ldap.h>
+.LP
+.ft B
+int ldap_parse_result( LDAP *ld, LDAPMessage *result,
+ int *errcodep, char **matcheddnp, char **errmsgp,
+ char ***referralsp, LDAPControl ***serverctrlsp, int freeit )
+.LP
+.ft B
+int ldap_parse_sasl_bind_result( LDAP *ld, LDAPMessage *result,
+ struct berval **servercredp, int freeit )
+.LP
+.ft B
+int ldap_parse_extended_result( LDAP *ld, LDAPMessage *result,
+ char **retoidp, struct berval **retdatap, int freeit )
+.SH DESCRIPTION
+.LP
+These routines are used to extract information from a result message.
+They will operate on the first result message in a chain of search
+results (skipping past other message types). They take the \fIresult\fP
+as returned by a call to
+.BR ldap_result (3),
+.BR ldap_search_s (3)
+or
+.BR ldap_search_st (3).
+In addition to
+.BR ldap_parse_result() ,
+the routines
+.B ldap_parse_sasl_bind_result()
+and
+.B ldap_parse_extended_result()
+are used to get all the result information from SASL bind and extended
+operations.
+.LP
+The \fIerrcodep\fP parameter will be filled in with the result code from
+the result message.
+.LP
+The server might supply a matched DN string in the message indicating
+how much of a name in a request was recognized. The \fImatcheddnp\fP
+parameter will be filled in with this string if supplied, else it will
+be NULL. If a string is returned, it should be freed using
+.BR ldap_memfree (3).
+.LP
+The \fIerrmsgp\fP parameter will be filled in with the error message
+field from the parsed message. This string should be freed using
+.BR ldap_memfree (3).
+.LP
+The \fIreferralsp\fP parameter will be filled in with an allocated array of
+referral strings from the parsed message. This array should be freed using
+.BR ldap_value_free (3).
+If no referrals were returned, \fI*referralsp\fP is set to NULL.
+.LP
+The \fIserverctrlsp\fP parameter will be filled in with an allocated array of
+controls copied from the parsed message. The array should be freed using
+.BR ldap_controls_free (3).
+If no controls were returned, \fI*serverctrlsp\fP is set to NULL.
+.LP
+The \fIfreeit\fP parameter determines whether the parsed message is
+freed or not after the extraction. Any non-zero value will make it
+free the message. The
+.BR ldap_msgfree (3)
+routine can also be used to free the message later.
+.LP
+For SASL bind results, the \fIservercredp\fP parameter will be filled in
+with an allocated berval structure containing the credentials from the
+server if present. The structure should be freed using
+.BR ber_bvfree (3).
+.LP
+For extended results, the \fIretoidp\fP parameter will be filled in
+with the dotted-OID text representation of the name of the extended
+operation response. The string should be freed using
+.BR ldap_memfree (3).
+If no OID was returned, \fI*retoidp\fP is set to NULL.
+.LP
+For extended results, the \fIretdatap\fP parameter will be filled in
+with a pointer to a berval structure containing the data from the
+extended operation response. The structure should be freed using
+.BR ber_bvfree (3).
+If no data were returned, \fI*retdatap\fP is set to NULL.
+.LP
+For all the above result parameters, NULL values can be used in calls
+in order to ignore certain fields.
+.SH ERRORS
+Upon success LDAP_SUCCESS is returned. Otherwise the values of the
+result parameters are undefined.
+.SH SEE ALSO
+.BR ldap (3),
+.BR ldap_result (3),
+.BR ldap_search (3),
+.BR ldap_memfree (3),
+.BR ldap_get_values (3),
+.BR ldap_controls_free (3),
+.BR lber-types (3)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man3/ldap_schema.3 b/doc/man/man3/ldap_schema.3
index 11a7bfc739..27c6446671 100644
--- a/doc/man/man3/ldap_schema.3
+++ b/doc/man/man3/ldap_schema.3
@@ -320,7 +320,7 @@ Duplicate option.
Unexpected end of data.
.SH SEE ALSO
-.BR ldap (3),
+.BR ldap (3)
.SH ACKNOWLEDGEMENTS
.B OpenLDAP
is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
diff --git a/doc/man/man5/ldap.conf.5 b/doc/man/man5/ldap.conf.5
new file mode 100644
index 0000000000..85ed4e245f
--- /dev/null
+++ b/doc/man/man5/ldap.conf.5
@@ -0,0 +1,167 @@
+.TH LDAP.CONF 5 "6 May 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.UC 6
+.SH NAME
+ldap.conf, .ldaprc \- ldap configuration file
+.SH SYNOPSIS
+ETCDIR/ldap.conf
+\fP.ldaprc\fP
+.SH DESCRIPTION
+The
+.I ldap.conf
+configuration file is used to set system-wide defaults to be applied when
+running
+.I ldap
+clients. If the environment variable \fBLDAPNOINIT\fP is defined, all
+defaulting is disabled.
+.LP
+Each user may specify an optional configuration file,
+.IR ldaprc
+or
+.IR .ldaprc ,
+in his/her home directory which will be used to override the system-wide
+defaults file.
+The file
+.IR ldaprc
+in the current working directory is also used.
+.LP
+Additional configuration files can be specified using
+the \fBLDAPCONF\fP and \fBLDAPRC\fP environment variables.
+\fBLDAPCONF\fP may be set the path of a configuration file. This
+path can be absolute or relative to current working directory.
+The \fBLDAPRC\fP, if defined, should be a basename of a file
+in the current working directory or in the user's home directory.
+.LP
+Environmental variables may also be used to augment the file based defaults.
+The name of the option is the as listed but with a prefix of \fBLDAP\fP.
+For example, to define \fBBASE\fP via the environment, define the variable
+\fBLDAPBASE\fP to desired value.
+.LP
+Some options are user\-only. Such options are ignored if present
+in the
+.IR ldap.conf
+(or file specified by
+.BR LDAPCONF ).
+.SH OPTIONS
+The different configuration options are:
+.TP 1i
+\fBBASE <base>\fP
+Used to specify the default base DN to use when performing ldap operations.
+The base must be specified as a Distinguished Name in LDAP format.
+.TP 1i
+\fBBINDDN <dn>\fP
+Used to specify the default bind DN to use when performing ldap operations.
+The bind DN must be specified as a Distinguished Name in LDAP format.
+This is a user\-only option.
+.TP 1i
+\fBHOST <name[:port] ...>\fP
+Used to specify the name(s) of an LDAP server(s) to which
+.I ldap
+library should connect to. Each server's name can be specified as a
+domain-style name or an IP address and optionally followed a ':' and
+the port number the ldap server is listening on. A space separated
+listed of host may be provided.
+.TP 1i
+\fBPORT <port>\fP
+Used to specify the port used with connecting to LDAP servers(s).
+The port may be specified as a number.
+.TP 1i
+\fBSASL_SECPROPS <properties>\fP
+Used to specify Cyrus SASL security properties.
+The
+.B none
+flag (without any other properities) causes the flag properites
+defaults ("noanonymous,noplain") to be cleared.
+The
+.B noplain
+flag disables mechanisms susceptible to simple passive attacks.
+The
+.B noactive
+flag disables mechanisms susceptible to active attacks.
+The
+.B nodict
+flag disables mechanisms susceptible to passive dictionary attacks.
+The
+.B noanonyous
+flag disables mechanisms which support anonymous login.
+The
+.B forwardsec
+flag require forward secrecy between sessions.
+The
+.B passcred
+require mechanisms which pass client credentials (and allow
+mechanisms which can pass credentials to do so).
+The
+.B minssf=<factor>
+property specifies the minimum acceptable
+.I security strength factor
+as an integer approximate to effective key length used for
+encryption. 0 (zero) implies no protection, 1 implies integrity
+protection only, 56 allows DES or other weak ciphers, 112
+allows triple DES and other strong ciphers, 128 allows RC4,
+Blowfish and other modern strong ciphers. The default is 0.
+The
+.B maxssf=<factor>
+property specifies the maximum acceptable
+.I security strength factor
+as an integer (see minssf description). The default is INT_MAX.
+The
+.B maxbufsize=<factor>
+property specifies the maximum security layer receive buffer
+size allowed. 0 disables security layers. The default is 65536.
+.TP 1i
+\fBSIZELIMIT <integer>\fP
+Used to specify a size limit to use when performing searches. The
+number should be an non-negative integer. \fISIZELIMIT\fP of zero (0)
+specifies unlimited search size.
+.TP 1i
+\fBTIMELIMIT <integer>\fP
+Used to specify a time limit to use when performing searches. The
+number should be an non-negative integer. \fITIMELIMIT\fP of zero (0)
+specifies unlimited search time to be used.
+.TP 1i
+\fBDEREF <never|searching|finding|always>\fP
+Specify how aliases dereferencing is done. \fIDEREF\fP should
+be set to one of
+.B never,
+.B always,
+.B search,
+or
+.B find
+to specify that aliases are never dereferenced, always dereferenced,
+dereferenced when searching, or dereferenced only when locating the
+base object for the search. The default is to never dereference aliases.
+.SH "ENVIRONMENT VARIABLES"
+.TP
+LDAPNOINIT
+disable all defaulting
+.TP
+LDAPCONF
+path of a configuration file
+.TP
+LDAPRC
+basename of ldaprc file in $HOME or $CWD
+.TP
+LDAP<option-name>
+Set <option-name> as from ldap.conf
+.SH FILES
+.TP
+.I ETCDIR/ldap.conf
+system-wide ldap configuration file
+.TP
+.I $HOME/ldaprc, $HOME/.ldaprc
+user ldap configuration file
+.TP
+.I $CWD/ldaprc
+local ldap configuration file
+.SH "SEE ALSO"
+.BR ldap (3)
+.SH AUTHOR
+Kurt Zeilenga, The OpenLDAP Project
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man5/slapd-bdb.5 b/doc/man/man5/slapd-bdb.5
new file mode 100644
index 0000000000..0dfdb8ba9e
--- /dev/null
+++ b/doc/man/man5/slapd-bdb.5
@@ -0,0 +1,106 @@
+.TH SLAPD-BDB 5 "30 April 2002" "OpenLDAP LDVERSION"
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapd-bdb \- BDB backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The BDB backend to
+.BR slapd (8)
+is the recommended backend for a normal slapd database.
+It uses the Sleepycat BerkelyDB package to store data.
+It makes extensive use of indexing and caching to speed data access.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the BDB backend database.
+That is, they must follow a "database bdb" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.TP
+.B cachesize <integer>
+Specify the size in entries of the in-memory cache maintained
+by the BDB backend database instance.
+The default is 1000 entries.
+.TP
+.B checkpoint <kbyte> <min>
+Specify the frequency for checkpointing the database transaction log.
+A checkpoint operation flushes the database buffers to disk and writes
+a checkpoint record in the log.
+The checkpoint will occur if either <kbyte> data has been written or
+<min> minutes have passed since the last checkpoint.
+Both arguments default to zero, in which case they are ignored.
+See the Berkeley DB reference guide for more details.
+.TP
+.B dbnosync
+Specify that on-disk database contents should not be immediately
+synchronized with in memory changes.
+Enabling this option may improve performance at the expense of data
+security.
+.TP
+.B directory <directory>
+Specify the directory where the BDB files containing this database and
+associated indexes live.
+A separate directory must be specified for each database.
+The default is
+.BR LOCALSTATEDIR/openldap-data .
+.TP
+.B dirtyread
+Allow reads of modified but not yet committed data.
+Usually transactions are isolated to prevent other operations from
+accessing uncommitted data.
+This option may improve performance, but may also return inconsistent
+results if the data comes from a transaction that is later aborted.
+In this case, the modified data is discarded and a subsequent search
+will return a different result.
+.TP
+.B
+index {<attrlist>|default} [pres,eq,approx,sub,<special>]
+Specify the indexes to maintain for the given attribute (or
+list of attributes).
+Some attributes only support a subset of indexes.
+If only an <attr> is given, the indices specified for \fBdefault\fR
+are maintained.
+Note that setting a default does not imply that all attributes will be
+indexed.
+
+A number of special index parameters may be specified.
+The index type
+.B sub
+can be decomposed into
+.BR subinitial ,
+.BR subany ,\ and
+.B subfinal
+indices.
+The special type
+.B nolang
+may be specified to disallow use of this index by language subtypes.
+The special type
+.B nosubtypes
+may be specified to disallow use of this index by named subtypes.
+Note: changing index settings requires rebuilding indices, see
+.BR slapindex (8).
+.TP
+.B lockdetect {oldest|youngest|fewest|random|default}
+Specify which transaction to abort when a deadlock is detected.
+The default is the same as
+.BR random .
+.TP
+.B mode <integer>
+Specify the file protection mode that newly created database
+index files should have.
+The default is 0600.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8),
+.BR slapadd (8),
+.BR slapcat (8),
+.BR slapindex (8).
diff --git a/doc/man/man5/slapd-dnssrv.5 b/doc/man/man5/slapd-dnssrv.5
new file mode 100644
index 0000000000..9e3fbdf3aa
--- /dev/null
+++ b/doc/man/man5/slapd-dnssrv.5
@@ -0,0 +1,30 @@
+.TH SLAPD-DNSSRV 5 "3 May 2002" "OpenLDAP LDVERSION"
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapd-dnssrv \- DNS SRV referral backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The DNSSRV backend to
+.BR slapd (8)
+serves up referrals based upon SRV resource records held in
+the Domain Name System.
+.SH CONFIGURATION
+The DNSSRV backend has no backend nor database specific options.
+It is configured simply by "database dnssrv" followed a suffix
+directive, e.g. suffix "".
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.br
+.SH SEE ALSO
+\fB"OpenLDAP Root Service - An experimental LDAP referral
+service"\fR [RFC 3088],
+.br
+\fB"OpenLDAP LDAP Root Service"\fR <http://www.openldap.org/faq/?file=393)>,
+.br
+.BR slapd.conf (5),
+.BR slapd (8)
diff --git a/doc/man/man5/slapd-ldap.5 b/doc/man/man5/slapd-ldap.5
new file mode 100644
index 0000000000..192d0e7159
--- /dev/null
+++ b/doc/man/man5/slapd-ldap.5
@@ -0,0 +1,119 @@
+.TH SLAPD-LDAP 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapd-ldap \- LDAP backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The LDAP backend to
+.BR slapd (8)
+is not an actual database; instead it acts as a proxy to forward incoming
+requests to another LDAP server. While processing requests it will also
+chase referrals, so that referrals are fully processed instead of being
+returned to the slapd client.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the LDAP backend database.
+That is, they must follow a "database ldap" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.LP
+Note: It is strongly recommended to set
+.RS
+lastmod off
+.RE
+for every
+.B ldap
+and
+.B meta
+database.
+This is because operational attributes related to entry creation and
+modification should not be used, as they could be passed to the target
+servers, generating an error.
+.TP
+.B uri <ldapurl>
+LDAP server to use.
+.TP
+.B server <hostport>
+Obsolete option; same as `uri ldap://<hostport>/'.
+.TP
+.B binddn "<administrative DN for access control purposes>"
+DN which is used to query the target server for acl checking; it
+should have read access on the target server to attributes used on the
+proxy for acl checking.
+There is no risk of giving away such values; they are only used to
+check permissions.
+.TP
+.B bindpw <password>
+Password used with the bind DN above.
+.TP
+.B rebind-as-user
+If this option is given, the client's bind credentials are remembered
+for rebinds when chasing referrals.
+.TP
+.B suffixmassage <suffix> <massaged (remote) suffix>
+DNs ending with <suffix> in a request are changed to end with <remote
+suffix> before sending the request to the remote server, and <remote
+suffix> in the results are changed back to <suffix> before returning
+them to the client.
+The <suffix> field must be defined as a valid suffix (or suffixAlias?)
+for the current database.
+.TP
+.B map "{attribute | objectclass} {<local name> | *} [<foreign name> | *]"
+Map attribute names and object classes from the foreign server to
+different values on the local slapd.
+The reason is that some attributes might not be part of the local
+slapd's schema, some attribute names might be different but serve the
+same purpose, etc.
+If local or foreign name is `*', the name is preserved.
+If foreign name is missing, the name is dropped.
+Local name `*' and no foreign name means unmapped attributes are
+removed, while local name = foreign name = `*' means unmapped
+attributes are preserved.
+.TP
+.B rewrite*
+The rewrite options are described in the "REWRITING" section of the
+.BR slapd-meta (5)
+manual page.
+.SH EXAMPLES
+This maps the OpenLDAP objectclass `groupOfNames' to the Active
+Directory objectclass `group':
+.LP
+.RS
+.nf
+map objectclass groupOfNames group
+.fi
+.RE
+.LP
+This presents a limited attribute set from the foreign
+server:
+.LP
+.RS
+.nf
+map attribute cn *
+map attribute sn *
+map attribute manager *
+map attribute description *
+map attribute *
+.fi
+.RE
+.LP
+These lines map cn, sn, manager, and description to themselves, and
+any other attribute gets "removed" from the object before it is sent
+to the client (or sent up to the LDAP server). This is obviously a
+simplistic example, but you get the point.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd-meta (5),
+.BR slapd (8),
+.BR ldap (3).
+
diff --git a/doc/man/man5/slapd-ldbm.5 b/doc/man/man5/slapd-ldbm.5
new file mode 100644
index 0000000000..3fd0c3bff1
--- /dev/null
+++ b/doc/man/man5/slapd-ldbm.5
@@ -0,0 +1,126 @@
+.TH SLAPD-LDBM 5 "30 April 2002" "OpenLDAP LDVERSION"
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapd-ldbm \- LDBM backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The LDBM backend to
+.BR slapd (8)
+is a database which uses one of BerkelyDB, Gnu DBM, MDBM or NDBM to
+store data.
+It makes extensive use of indexing and caching to speed data access.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the LDBM backend database.
+That is, they must follow a "database ldbm" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.TP
+.B cachesize <integer>
+Specify the size in entries of the in-memory cache maintained
+by the LDBM backend database instance.
+The default is 1000 entries.
+.TP
+.B dbcachesize <integer>
+Specify the size in bytes of the in-memory cache associated with each
+open index file.
+If not supported by the underlying database method, this option is
+ignored without comment.
+The default is 100000 bytes.
+.TP
+.B dbnolocking
+Specify that no database locking should be performed.
+Enabling this option may improve performance at the expense of data security.
+Do NOT run any slap tools while slapd is running.
+.TP
+.B dbnosync
+Specify that on-disk database contents should not be immediately
+synchronized with in memory changes.
+Enabling this option may improve performance at the expense of data
+security.
+.TP
+.B dbsync <frequency> <maxdelays> <delayinterval>
+Flush dirty database buffers to disk every
+.B <seconds>
+seconds.
+Implies
+.B dbnosync
+(ie. indvidual updates are no longer written to disk).
+It attempts to avoid syncs during periods of peak activity by waiting
+.B <delayinterval>
+seconds if the server is busy, repeating this delay up to
+.B <maxdelays>
+times before proceeding.
+It is an attempt to provide higher write performance with some amount
+of data security.
+Note that it may still be possible to get an inconsistent database if
+the underlying engine fills its cache and writes out individual pages
+and slapd crashes or is killed before the next sync.
+.B <maxdelays>
+and
+.B <delayinterval>
+are optional and default to
+.B 12
+and
+.B 5
+respectively, giving a total elapsed delay of 60 seconds before a sync
+will occur.
+.B <maxdelays>
+may be zero, and
+.B <delayinterval>
+must be 1 or greater.
+.TP
+.B directory <directory>
+Specify the directory where the LDBM files containing this database and
+associated indexes live.
+A separate directory must be specified for each database.
+The default is
+.BR LOCALSTATEDIR/openldap-data .
+.TP
+.B
+index {<attrlist>|default} [pres,eq,approx,sub,<special>]
+Specify the indexes to maintain for the given attribute (or
+list of attributes).
+Some attributes only support a subset of indexes.
+If only an <attr> is given, the indices specified for \fBdefault\fR
+are maintained.
+Note that setting a default does not imply that all attributes will be
+indexed.
+
+A number of special index parameters may be specified.
+The index type
+.B sub
+can be decomposed into
+.BR subinitial ,
+.BR subany ,\ and
+.B subfinal
+indices.
+The special type
+.B nolang
+may be specified to disallow use of this index by language subtypes.
+The special type
+.B nosubtypes
+may be specified to disallow use of this index by named subtypes.
+Note: changing index settings requires rebuilding indices, see
+.BR slapindex (8).
+.TP
+.B mode <integer>
+Specify the file protection mode that newly created database
+index files should have.
+The default is 0600.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8),
+.BR slapadd (8),
+.BR slapcat (8),
+.BR slapindex (8).
diff --git a/doc/man/man5/slapd-meta.5 b/doc/man/man5/slapd-meta.5
new file mode 100644
index 0000000000..6671174e4d
--- /dev/null
+++ b/doc/man/man5/slapd-meta.5
@@ -0,0 +1,668 @@
+.TH SLAPD-META 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+.\" Copying restrictions apply. See the COPYRIGHT file.
+.\" Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
+.\" $OpenLDAP$
+.\"
+.\" Portions of this document should probably be moved to slapd-ldap(5)
+.\" and maybe manual pages for librewrite.
+.\"
+.SH NAME
+slapd-meta \- metadirectory backend
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The
+.B meta
+backend to
+.BR slapd (8)
+performs basic LDAP proxying with respect to a set of remote LDAP
+servers, called "targets".
+The information contained in these servers can be presented as
+belonging to a single Directory Information Tree (DIT).
+.LP
+A basic knowledge of the functionality of the
+.BR slapd\-ldap (5)
+backend is recommended.
+This backend has been designed as an enhancement of the ldap backend.
+The two backends share many features (actually they also share
+portions of code).
+While the
+.B ldap
+backend is intended to proxy operations directed to a single server, the
+.B meta
+backend is mainly intended for proxying of multiple servers and possibly
+naming context masquerading.
+These features, although useful in many scenarios, may result in
+excessive overhead for some applications, so its use should be
+carefully considered.
+In the examples section, some typical scenarios will be discussed.
+.SH EXAMPLES
+There are examples in various places in this document, as well as in the
+slapd/back-meta/data/ directory in the OpenLDAP source tree.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the META backend database.
+That is, they must follow a "database meta" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.LP
+Note: as with the
+.B ldap
+backend, operational attributes related to entry creation/modification
+should not be used, as they would be passed to the target servers,
+generating an error.
+Moreover, it makes little sense to use such attributes in proxying, as
+the proxy server doesn't actually store data, so it should have no
+knowledge of such attributes.
+While code to strip the modification attributes has been put in place
+(and #ifdef'd), it implies unmotivated overhead.
+So it is strongly recommended to set
+.RS
+lastmod off
+.RE
+for every
+.B ldap
+and
+.B meta
+backend.
+.SH SPECIAL CONFIGURATION DIRECTIVES
+Target configuration starts with the "uri" directive.
+All the configuration directives that are not specific to targets
+should be defined first for clarity, including those that are common
+to all backends.
+They are:
+.TP
+.B default-target none
+This directive forces the backend to reject all those operations
+that must resolve to a single target in case none or multiple
+targets are selected.
+They include: add, delete, modify, modrdn; compare is not included, as
+well as bind since, as they don't alter entries, in case of multiple
+matches an attempt is made to perform the operation on any candidate
+target, with the constraint that at most one must succeed.
+This directive can also be used when processing targets to mark a
+specific target as default.
+.TP
+.B dncache-ttl {forever|disabled|<ttl>}
+This directive sets the time-to-live of the DN cache.
+This caches the target that holds a given DN to speed up target
+selection in case multiple targets would result from an uncached
+search; forever means cache never expires; disabled means no DN
+caching; otherwise a valid ( > 0 ) ttl in seconds is required.
+.SH TARGET SPECIFICATION
+Target specification starts with a "uri" directive:
+.TP
+.B uri <protocol>://[<host>[:<port>]]/<naming context>
+The "server" directive that was allowed in the LDAP backend (although
+deprecated) has been discarded in the Meta backend.
+The <protocol> part can be anything ldap_initialize(3) accepts
+({ldap|ldaps|ldapi} and variants); <host> and <port> may be omitted,
+defaulting to whatever is set in /etc/ldap.conf.
+The <naming context> part is mandatory.
+It must end with one of the naming contexts defined for the backend,
+e.g.:
+.LP
+.RS
+.nf
+suffix "\fBdc=foo,dc=com\fP"
+uri "ldap://x.foo.com/dc=x,\fBdc=foo,dc=com\fP"
+.fi
+.RE
+.LP
+The <naming context> part doesn't need to be unique across the targets;
+it may also match one of the values of the "suffix" directive.
+.TP
+.B default-target [<target>]
+The "default-target" directive can also be used during target specification.
+With no arguments it marks the current target as the default.
+The optional number marks target <target> as the default one, starting
+from 1.
+Target <target> must be defined.
+.TP
+.B binddn "<administrative DN for access control purposes>"
+This directive, as in the LDAP backend, allows to define the DN that is
+used to query the target server for acl checking; it should have read
+access on the target server to attributes used on the proxy for acl
+checking.
+There is no risk of giving away such values; they are only used to
+check permissions.
+.TP
+.B bindpw <password for access control purposes>
+This directive sets the password for acl checking in conjunction
+with the above mentioned "binddn" directive.
+.TP
+.B pseudorootdn "<substitute DN in case of rootdn bind>"
+This directive, if present, sets the DN that will be substituted to
+the bind DN if a bind with the backend's "rootdn" succeeds.
+The true "rootdn" of the target server ought not be used; an arbitrary
+administrative DN should used instead.
+.TP
+.B pseudorootpw "<substitute password in case of rootdn bind>"
+This directive sets the credential that will be used in case a bind
+with the backend's "rootdn" succeeds, and the bind is propagated to
+the target using the "pseudorootdn" DN.
+.LP
+Note: cleartext credentials must be supplied here; as a consequence,
+using the pseudorootdn/pseudorootpw directives is inherently unsafe.
+.TP
+.B rewrite* ...
+The rewrite options are described in the "REWRITING" section.
+.TP
+.B suffixmassage "<virtual naming context>" "<real naming context>"
+All the directives starting with "rewrite" refer to the rewrite engine
+that has been added to slapd.
+The "suffixmassage" directive was introduced in the LDAP backend to
+allow suffix massaging while proxying.
+It has been obsoleted by the rewriting tools.
+However, both for backward compatibility and for ease of configuration
+when simple suffix massage is required, it has been preserved.
+It wraps the basic rewriting instructions that perform suffix
+massaging.
+.LP
+Note: this also fixes a flaw in suffix massaging, which operated
+on (case insensitive) DNs instead of normalized DNs,
+so "dc=foo, dc=com" would not match "dc=foo,dc=com".
+.LP
+See the "REWRITING" section.
+.TP
+.B map {objectClass|attribute} {<source>|*} [<dest>|*]
+This maps object classes and attributes as in the LDAP backend.
+See
+.BR slapd-ldap (5).
+.SH SCENARIOS
+A powerful (and in some sense dangerous) rewrite engine has been added
+to both the LDAP and Meta backends.
+While the former can gain limited beneficial effects from rewriting
+stuff, the latter can become an amazingly powerful tool.
+.LP
+Consider a couple of scenarios first.
+.LP
+1) Two directory servers share two levels of naming context;
+say "dc=a,dc=foo,dc=com" and "dc=b,dc=foo,dc=com".
+Then, an unambiguous Meta database can be configured as:
+.LP
+.RS
+.nf
+database meta
+suffix "\fBdc=foo,dc=com\fP"
+uri "ldap://a.foo.com/dc=a,\fBdc=foo,dc=com\fP"
+uri "ldap://b.foo.com/dc=b,\fBdc=foo,dc=com\fP"
+.fi
+.RE
+.LP
+Operations directed to a specific target can be easily resolved
+because there are no ambiguities.
+The only operation that may resolve to multiple targets is a search
+with base "dc=foo,dc=com" and scope at least "one", which results in
+spawning two searches to the targets.
+.LP
+2a) Two directory servers don't share any portion of naming context,
+but they'd present as a single DIT
+[Caveat: uniqueness of (massaged) entries among the two servers is
+assumed; integrity checks risk to incur in excessive overhead and have
+not been implemented].
+Say we have "dc=bar,dc=org" and "o=Foo,c=US",
+and we'd like them to appear as branches of "dc=foo,dc=com", say
+"dc=a,dc=foo,dc=com" and "dc=b,dc=foo,dc=com".
+Then we need to configure our Meta backend as:
+.LP
+.RS
+.nf
+database meta
+suffix "dc=foo,dc=com"
+
+uri "ldap://a.bar.com/\fBdc=a,dc=foo,dc=com\fP"
+suffixmassage "\fBdc=a,dc=foo,dc=com\fP" "dc=bar,dc=org"
+
+uri "ldap://b.foo.com/\fBdc=b,dc=foo,dc=com\fP"
+suffixmassage "\fBdc=b,dc=foo,dc=com\fP" "o=Foo,c=US"
+.fi
+.RE
+.LP
+Again, operations can be resolved without ambiguity, although
+some rewriting is required.
+Notice that the virtual naming context of each target is a branch of
+the database's naming context; it is rewritten back and forth when
+operations are performed towards the target servers.
+What "back and forth" means will be clarified later.
+.LP
+When a search with base "dc=foo,dc=com" is attempted, if the
+scope is "base" it fails with "no such object"; in fact, the
+common root of the two targets (prior to massaging) does not
+exist.
+If the scope is "one", both targets are contacted with the base
+replaced by each target's base; the scope is derated to "base".
+In general, a scope "one" search is honored, and the scope is derated,
+only when the incoming base is at most one level lower of a target's
+naming context (prior to massaging).
+.LP
+Finally, if the scope is "sub" the incoming base is replaced
+by each target's unmassaged naming context, and the scope
+is not altered.
+.LP
+2b) Consider the above reported scenario with the two servers
+sharing the same naming context:
+.LP
+.RS
+.nf
+database meta
+suffix "\fBdc=foo,dc=com\fP"
+
+uri "ldap://a.bar.com/\fBdc=foo,dc=com\fP"
+suffixmassage "\fBdc=foo,dc=com\fP" "dc=bar,dc=org"
+
+uri "ldap://b.foo.com/\fBdc=foo,dc=com\fP"
+suffixmassage "\fBdc=foo,dc=com\fP" "o=Foo,c=US"
+.fi
+.RE
+.LP
+All the previous considerations hold, except that now there is
+no way to unambiguously resolve a DN.
+In this case, all the operations that require an unambiguous target
+selection will fail unless the DN is already cached or a default
+target has been set.
+Practical configurations may result as a combination of all the
+above scenarios.
+.SH ACLs
+Note on ACLs: at present you may add whatever ACL rule you desire
+to to the Meta (and LDAP) backends.
+However, the meaning of an ACL on a proxy may require some
+considerations.
+Two philosophies may be considered:
+.LP
+a) the remote server dictates the permissions; the proxy simply passes
+back what it gets from the remote server.
+.LP
+b) the remote server unveils "everything"; the proxy is responsible
+for protecting data from unauthorized access.
+.LP
+Of course the latter sounds unreasonable, but it is not.
+It is possible to imagine scenarios in which a remote host discloses
+data that can be considered "public" inside an intranet, and a proxy
+that connects it to the internet may impose additional constraints.
+To this purpose, the proxy should be able to comply with all the ACL
+matching criteria that the server supports.
+This has been achieved with regard to all the criteria supported by
+slapd except a special subtle case (please drop me a note if you can
+find other exceptions: <ando@openldap.org>).
+The rule
+.LP
+.RS
+.nf
+access to dn="<dn>" attr=<attr>
+ by dnattr=<dnattr> read
+ by * none
+.fi
+.RE
+.LP
+cannot be matched iff the attribute that is being requested, <attr>,
+is NOT <dnattr>, and the attribute that determines membership,
+<dnattr>, has not been requested (e.g. in a search)
+.LP
+In fact this ACL is resolved by slapd using the portion of entry it
+retrieved from the remote server without requiring any further
+intervention of the backend, so, if the <dnattr> attribute has not
+been fetched, the match cannot be assessed because the attribute is
+not present, not because no value matches the requirement!
+.LP
+Note on ACLs and attribute mapping: ACLs are applied to the mapped
+attributes; for instance, if the attribute locally known as "foo" is
+mapped to "bar" on a remote server, then local ACLs apply to attribute
+"foo" and are totally unaware of its remote name.
+The remote server will check permissions for "bar", and the local
+server will possibly enforce additional restrictions to "foo".
+.\"
+.\" If this section is moved, also update the reference in
+.\" libraries/librewrite/RATIONALE.
+.\"
+.SH REWRITING
+A string is rewritten according to a set of rules, called a `rewrite
+context'.
+The rules are based on Regular Expressions (POSIX regex) with
+substring matching; extensions are planned to allow basic variable
+substitution and map resolution of substrings.
+The behavior of pattern matching/substitution can be altered by a set
+of flags.
+.LP
+The underlying concept is to build a lightweight rewrite module
+for the slapd server (initially dedicated to the LDAP backend).
+.SH Passes
+An incoming string is matched agains a set of rules.
+Rules are made of a match pattern, a substitution pattern and a set of
+actions.
+In case of match a string rewriting is performed according to the
+substitution pattern that allows to refer to substrings matched in the
+incoming string.
+The actions, if any, are finally performed.
+The substitution pattern allows map resolution of substrings.
+A map is a generic object that maps a substitution pattern to a value.
+.SH "Pattern Matching Flags"
+.TP
+.B `C'
+honors case in matching (default is case insensitive)
+.TP
+.B `R'
+use POSIX Basic Regular Expressions (default is Extended)
+.SH "Action Flags"
+.TP
+.B `:'
+apply the rule once only (default is recursive)
+.TP
+.B `@'
+stop applying rules in case of match.
+.TP
+.B `#'
+stop current operation if the rule matches, and issue an `unwilling to
+perform' error.
+.TP
+.B `G{n}'
+jump n rules back and forth (watch for loops!).
+Note that `G{1}' is implicit in every rule.
+.TP
+.B `I'
+ignores errors in rule; this means, in case of error, e.g. issued by a
+map, the error is treated as a missed match.
+The `unwilling to perform' is not overridden.
+.LP
+The ordering of the flags is significant.
+For instance: `IG{2}' means ignore errors and jump two lines ahead
+both in case of match and in case of error, while `G{2}I' means ignore
+errors, but jump thwo lines ahead only in case of match.
+.LP
+More flags (mainly Action Flags) will be added as needed.
+.SH "Pattern matching:"
+See
+.BR regex (7).
+.SH "Substitution Pattern Syntax:"
+Everything starting with `%' requires substitution;
+.LP
+the only obvious exception is `%%', which is left as is;
+.LP
+the basic substitution is `%d', where `d' is a digit;
+0 means the whole string, while 1-9 is a submatch, as discussed in
+.BR regex (7);
+.LP
+a `%' followed by a `{' invokes an advanced substitution.
+The pattern is:
+.LP
+.RS
+`%' `{' [ <op> ] <name> `(' <substitution> `)' `}'
+.RE
+.LP
+where <name> must be a legal name for the map, i.e.
+.LP
+.RS
+.nf
+<name> ::= [a-z][a-z0-9]* (case insensitive)
+<op> ::= `>' `|' `&' `&&' `*' `**' `$'
+.fi
+.RE
+.LP
+and <substitution> must be a legal substitution
+pattern, with no limits on the nesting level.
+.LP
+The operators are:
+.TP
+.B >
+sub context invocation; <name> must be a legal, already defined
+rewrite context name
+.TP
+.B |
+external command invocation; <name> must refer to a legal, already
+defined command name (NOT IMPL.)
+.TP
+.B &
+variable assignment; <name> defines a variable in the running
+operation structure which can be dereferenced later; operator
+.B &
+assigns a variable in the rewrite context scope; operator
+.B &&
+assigns a variable that scopes the entire session, e.g. its value
+can be derefenced later by other rewrite contexts
+.TP
+.B *
+variable dereferencing; <name> must refer to a variable that is
+defined and assigned for the running operation; operator
+.B *
+dereferences a variable scoping the rewrite context; operator
+.B **
+dereferences a variable scoping the whole session, e.g. the value
+is passed across rewrite contexts
+.TP
+.B $
+parameter dereferencing; <name> must refer to an existing parameter;
+the idea is to make some run-time parameters set by the system
+available to the rewrite engine, as the client host name, the bind DN
+if any, constant parameters initialized at config time, and so on;
+no parameter is currently set by either
+.B back\-ldap
+or
+.BR back\-meta ,
+but constant parameters can be defined in the configuration file
+by using the
+.B rewriteParam
+directive.
+.LP
+Substitution escaping has been delegated to the `%' symbol,
+which is used instead of `\e' in string substitution patterns
+because `\e' is already escaped by slapd's low level parsing routines;
+as a consequence,
+.BR regex (7)
+escaping requires two `\e' symbols, e.g. `\fB.*\e.foo\e.bar\fP' must
+be written as `\fB.*\e\e.foo\e\e.bar\fP'.
+.\"
+.\" The symbol can be altered at will by redefining the related macro in
+.\" "rewrite-int.h".
+.\"
+.SH "Rewrite context:"
+A rewrite context is a set of rules which are applied in sequence.
+The basic idea is to have an application initialize a rewrite
+engine (think of Apache's mod_rewrite ...) with a set of rewrite
+contexts; when string rewriting is required, one invokes the
+appropriate rewrite context with the input string and obtains the
+newly rewritten one if no errors occur.
+.LP
+Each basic server operation is associated to a rewrite context;
+they are divided in two main groups: client \-> server and
+server \-> client rewriting.
+.LP
+client -> server:
+.LP
+.RS
+.nf
+(default) if defined and no specific context
+ is available
+bindDn bind
+searchBase search
+searchFilter search
+compareDn compare
+addDn add
+modifyDn modify
+modrDn modrdn
+newSuperiorDn modrdn
+deleteDn delete
+.fi
+.RE
+.LP
+server -> client:
+.LP
+.RS
+.nf
+searchResult search (only if defined; no default;
+ acts on DN and DN-syntax attributes
+ of search results)
+matchedDn all ops (only if defined; no default;
+ NOT IMPL. except in search)
+.fi
+.RE
+.LP
+.SH "Basic configuration syntax"
+.TP
+.B rewriteEngine { on | off }
+If `on', the requested rewriting is performed; if `off', no
+rewriting takes place (an easy way to stop rewriting without
+altering too much the configuration file).
+.TP
+.B rewriteContext <context name> "[ alias <aliased context name> ]"
+<Context name> is the name that identifies the context, i.e. the name
+used by the application to refer to the set of rules it contains.
+It is used also to reference sub contexts in string rewriting.
+A context may aliase another one.
+In this case the alias context contains no rule, and any reference to
+it will result in accessing the aliased one.
+.TP
+.B rewriteRule "<regex pattern>" "<substitution pattern>" "[ <flags> ]"
+Determines how a tring can be rewritten if a pattern is matched.
+Examples are reported below.
+.SH "Additional configuration syntax:"
+.TP
+.B rewriteMap "<map name>" "<map type>" "[ <map attrs> ]"
+Allows to define a map that transforms substring rewriting into
+something else.
+The map is referenced inside the substitution pattern of a rule.
+.TP
+.B rewriteParam <param name> <param value>
+Sets a value with global scope, that can be dereferenced by the
+command `%{$paramName}'.
+.TP
+.B rewriteMaxPasses <number of passes>
+Sets the maximum number of total rewriting passes that can be
+performed in a single rewrite operation (to avoid loops).
+.SH "Configuration examples:"
+.nf
+# set to `off' to disable rewriting
+rewriteEngine on
+
+# Everything defined here goes into the `default' context.
+# This rule changes the naming context of anything sent
+# to `dc=home,dc=net' to `dc=OpenLDAP, dc=org'
+
+rewriteRule "(.*)dc=home,[ ]?dc=net"
+ "%1dc=OpenLDAP, dc=org" ":"
+
+# since a pretty/normalized DN does not include spaces
+# after rdn separators, e.g. `,', this rule suffices:
+
+rewriteRule "(.*)dc=home,dc=net"
+ "%1dc=OpenLDAP,dc=org" ":"
+
+# Start a new context (ends input of the previous one).
+# This rule adds blanks between DN parts if not present.
+rewriteContext addBlanks
+rewriteRule "(.*),([^ ].*)" "%1, %2"
+
+# This one eats blanks
+rewriteContext eatBlanks
+rewriteRule "(.*),[ ](.*)" "%1,%2"
+
+# Here control goes back to the default rewrite
+# context; rules are appended to the existing ones.
+# anything that gets here is piped into rule `addBlanks'
+rewriteContext default
+rewriteRule ".*" "%{>addBlanks(%0)}" ":"
+
+.\" # Anything with `uid=username' is looked up in
+.\" # /etc/passwd for gecos (I know it's nearly useless,
+.\" # but it is there just as a guideline to implementing
+.\" # custom maps).
+.\" # Note the `I' flag that leaves `uid=username' in place
+.\" # if `username' does not have a valid account, and the
+.\" # `:' that forces the rule to be processed exactly once.
+.\" rewriteContext uid2Gecos
+.\" rewriteRule "(.*)uid=([a-z0-9]+),(.+)"
+.\" "%1cn=%2{xpasswd},%3" "I:"
+.\"
+.\" # Finally, in a bind, if one uses a `uid=username' DN,
+.\" # it is rewritten in `cn=name surname' if possible.
+.\" rewriteContext bindDn
+.\" rewriteRule ".*" "%{>addBlanks(%{>uid2Gecos(%0)})}" ":"
+.\"
+# Rewrite the search base according to `default' rules.
+rewriteContext searchBase alias default
+
+# Search results with OpenLDAP DN are rewritten back with
+# `dc=home,dc=net' naming context, with spaces eaten.
+rewriteContext searchResult
+rewriteRule "(.*[^ ]?)[ ]?dc=OpenLDAP,[ ]?dc=org"
+ "%{>eatBlanks(%1)}dc=home,dc=net" ":"
+
+# Bind with email instead of full DN: we first need
+# an ldap map that turns attributes into a DN (the
+# argument used when invoking the map is appended to
+# the URI and acts as the filter portion)
+rewriteMap ldap attr2dn "ldap://host/dc=my,dc=org?dn?sub"
+
+# Then we need to detect DN made up of a single email,
+# e.g. `mail=someone@example.com'; note that the rule
+# in case of match stops rewriting; in case of error,
+# it is ignored. In case we are mapping virtual
+# to real naming contexts, we also need to rewrite
+# regular DNs, because the definition of a bindDn
+# rewrite context overrides the default definition.
+rewriteContext bindDn
+rewriteRule "^mail=[^,]+@[^,]+$" "%{attr2dn(%0)}" "@I"
+
+# This is a rather sophisticated example. It massages a
+# search filter in case who performs the search has
+# administrative privileges. First we need to keep
+# track of the bind DN of the incoming request, which is
+# stored in a variable called `binddn' with session scope,
+# and left in place to allow regular binding:
+rewriteContext bindDn
+rewriteRule ".+" "%{&&binddn(%0)}%0" ":"
+
+# A search filter containing `uid=' is rewritten only
+# if an appropriate DN is bound.
+# To do this, in the first rule the bound DN is
+# dereferenced, while the filter is decomposed in a
+# prefix, in the value of the `uid=<arg>' AVA, and
+# in a suffix. A tag `<>' is appended to the DN.
+# If the DN refers to an entry in the `ou=admin' subtree,
+# the filter is rewritten OR-ing the `uid=<arg>' with
+# `cn=<arg>'; otherwise it is left as is. This could be
+# useful, for instance, to allow apache's auth_ldap-1.4
+# module to authenticate users with both `uid' and
+# `cn', but only if the request comes from a possible
+# `cn=Web auth,ou=admin,dc=home,dc=net' user.
+rewriteContext searchFilter
+rewriteRule "(.*\e\e()uid=([a-z0-9_]+)(\e\e).*)"
+ "%{**binddn}<>%{&prefix(%1)}%{&arg(%2)}%{&suffix(%3)}"
+ ":I"
+rewriteRule "[^,]+,ou=admin,dc=home,dc=net"
+ "%{*prefix}|(uid=%{*arg})(cn=%{*arg})%{*suffix}" "@I"
+rewriteRule ".*<>" "%{*prefix}uid=%{*arg}%{*suffix}" ":"
+.fi
+.SH "LDAP Proxy resolution (a possible evolution of slapd\-ldap(5)):"
+In case the rewritten DN is an LDAP URI, the operation is initiated
+towards the host[:port] indicated in the uri, if it does not refer
+to the local server.
+E.g.:
+.LP
+.nf
+ rewriteRule '^cn=root,.*' '%0' 'G{3}'
+ rewriteRule '^cn=[a-l].*' 'ldap://ldap1.my.org/%0' '@'
+ rewriteRule '^cn=[m-z].*' 'ldap://ldap2.my.org/%0' '@'
+ rewriteRule '.*' 'ldap://ldap3.my.org/%0' '@'
+.fi
+.LP
+(Rule 1 is simply there to illustrate the `G{n}' action; it could have
+been written:
+.LP
+.nf
+ rewriteRule '^cn=root,.*' 'ldap://ldap3.my.org/%0' '@'
+.fi
+.LP
+with the advantage of saving one rewrite pass ...)
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd\-ldap (5),
+.BR slapd (8),
+.BR regex (7).
diff --git a/doc/man/man5/slapd-null.5 b/doc/man/man5/slapd-null.5
new file mode 100644
index 0000000000..fad41f5560
--- /dev/null
+++ b/doc/man/man5/slapd-null.5
@@ -0,0 +1,51 @@
+.TH SLAPD-NULL 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.SH NAME
+slapd-null \- Null backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The Null backend to
+.BR slapd (8)
+is surely the most useful part of
+.BR slapd :
+.br
+- Searches return success but no entries.
+.br
+- Compares return compareFalse.
+.br
+- Updates return success (unless readonly is on) but do nothing.
+.br
+- Binds fail unless the database option "bind on" is given.
+.br
+Inspired by the /dev/null device.
+.SH CONFIGURATION
+This
+.B slapd.conf
+option applies to the NULL backend database.
+That is, it must follow a "database null" line and come before
+any subsequent "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.TP
+.B bind <on/off>
+Allow binds as DNs in this backend's suffix.
+The default is "off".
+.SH EXAMPLE
+Here is a possible slapd.conf extract using the Null backend:
+.LP
+.RS
+.nf
+database null
+suffix "cn=Nothing"
+bind on
+.fi
+.RE
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8).
diff --git a/doc/man/man5/slapd-passwd.5 b/doc/man/man5/slapd-passwd.5
new file mode 100644
index 0000000000..6765d2e3c5
--- /dev/null
+++ b/doc/man/man5/slapd-passwd.5
@@ -0,0 +1,42 @@
+.TH SLAPD-PASSWD 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapd-passwd \- /etc/passwd backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The PASSWD backend to
+.BR slapd (8)
+serves up the user account information listed in the system
+.BR passwd (5)
+file.
+The DN of each entry is "uid=<username>,<suffix>".
+Note that non-base searches scan the the entire passwd file, and
+are best suited for hosts with small passwd files.
+.SH CONFIGURATION
+This
+.B slapd.conf
+option applies to the PASSWD backend database.
+That is, it must follow a "database passwd" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.TP
+.B file <filename>
+Specifies an alternate passwd file to use.
+The default is
+.BR /etc/passwd .
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.TP
+/etc/passwd
+user account information
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8),
+.BR passwd (5).
diff --git a/doc/man/man5/slapd-perl.5 b/doc/man/man5/slapd-perl.5
new file mode 100644
index 0000000000..d544a4412d
--- /dev/null
+++ b/doc/man/man5/slapd-perl.5
@@ -0,0 +1,175 @@
+.TH SLAPD-PERL 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.SH NAME
+slapd-perl \- Perl backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The Perl backend to
+.BR slapd (8)
+works by embedding a
+.BR perl (1)
+interpreter into
+.BR slapd (8).
+Any perl database section of the configuration file
+.BR slapd.conf (5)
+must then specify what Perl module to use.
+.B Slapd
+then creates a new Perl object that handles all the requests for that
+particular instance of the backend.
+.LP
+You will need to create a method for each one of the
+following actions:
+.LP
+.nf
+ * new # creates a new object,
+ * search # performs the ldap search,
+ * compare # does a compare,
+ * modify # modifies an entry,
+ * add # adds an entry to backend,
+ * modrdn # modifies an entry's rdn,
+ * delete # deletes an ldap entry,
+ * config # process unknown config file lines,
+ * init # called after backend is initialized.
+.fi
+.LP
+Unless otherwise specified, the methods return the result code
+which will be returned to the client. Unimplemented actions
+can just return unwillingToPerform (53).
+.TP
+.B new
+This method is called when the configuration file encounters a
+.B perlmod
+line.
+The module in that line is then effectively `use'd into the perl
+interpreter, then the \fBnew\fR method is called to create a new
+object.
+Note that multiple instances of that object may be instantiated, as
+with any perl object.
+.\" .LP
+The
+.B new
+method receives the class name as argument.
+.TP
+.B search
+This method is called when a search request comes from a client.
+It arguments are as follows:
+.nf
+ * object reference
+ * base DN
+ * scope
+ * alias deferencing policy
+ * size limit
+ * time limit
+ * filter string
+ * attributes only flag (1 for yes)
+ * list of attributes to return (may be empty)
+.fi
+.LP
+Return value: (resultcode, ldif-entry, ldif-entry, ...)
+.TP
+.B compare
+This method is called when a compare request comes from a client.
+Its arguments are as follows.
+.nf
+ * object reference
+ * dn
+ * attribute assertion string
+.fi
+.LP
+.TP
+.B modify
+This method is called when a modify request comes from a client.
+Its arguments are as follows.
+.nf
+ * object reference
+ * dn
+ * a list formatted as follows
+ ({ "ADD" | "DELETE" | "REPLACE" },
+ attributetype, value...)...
+.fi
+.LP
+.TP
+.B add
+This method is called when a add request comes from a client.
+Its arguments are as follows.
+.nf
+ * object reference
+ * entry in string format
+.fi
+.LP
+.TP
+.B modrdn
+This method is called when a modrdn request comes from a client.
+Its arguments are as follows.
+.nf
+ * object reference
+ * dn
+ * new rdn
+ * delete old dn flag (1 means yes)
+.fi
+.LP
+.TP
+.B delete
+This method is called when a delete request comes from a client.
+Its arguments are as follows.
+.nf
+ * object reference
+ * dn
+.fi
+.LP
+.TP
+.B config
+This method is called with unknown
+.BR slapd.conf (5)
+configuration file lines.
+Its arguments are as follows.
+.nf
+ * object reference
+ * array of arguments on line
+.fi
+.LP
+Return value: nonzero if this is not a valid option.
+.TP
+.B init
+This method is called after backend is initialized.
+Its argument is as follows.
+.nf
+ * object reference
+.fi
+.LP
+Return value: nonzero if initialization failed.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the PERL backend database.
+That is, they must follow a "database perl" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.TP
+.B perlModulePath /path/to/libs
+Add the path to the @INC variable.
+.TP
+.B perlModule ModName
+`Use' the module name ModName from ModName.pm
+.TP
+.B filterSearchResults
+Search results are candidates that need to be filtered (with the
+filter in the search request), rather than search results to be
+returned directly to the client.
+.SH EXAMPLE
+There is an example Perl module `SampleLDAP' in the slapd/back-perl/
+direcetory in the OpenLDAP source tree.
+.SH WARNING
+The interface of this backend to the perl module MAY change.
+Any suggestions would greatly be appreciated.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8),
+.BR perl (1).
diff --git a/doc/man/man5/slapd-shell.5 b/doc/man/man5/slapd-shell.5
new file mode 100644
index 0000000000..0beee6d657
--- /dev/null
+++ b/doc/man/man5/slapd-shell.5
@@ -0,0 +1,168 @@
+.TH SLAPD-SHELL 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
+.\" $OpenLDAP$
+.SH NAME
+slapd-shell \- Shell backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The Shell backend to
+.BR slapd (8)
+executes external programs to implement operations, and is designed to
+make it easy to tie an existing database to the
+.B slapd
+front-end.
+.SH WARNING
+.B "This backend's calling conventions have changed since OpenLDAP 2.0."
+The operations receive a new "opid:" (operation ID) line, to be used
+instead of "msgid:".
+The "msgid:" line will be removed in a future version.
+Also, abandon now gets a new "abandonid:" line.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the SHELL backend database.
+That is, they must follow a "database shell" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.LP
+These options specify the pathname and arguments of the program to
+execute in response to the given LDAP operation.
+Each option is followed by the input lines that the program receives:
+.TP
+.B abandon <pathname> <argument>...
+.nf
+ABANDON
+opid: <operation ID>
+msgid: <message ID of operation to abandon>
+<repeat { "suffix:" <database suffix DN> }>
+abandonid: <operation ID of operation to abandon>
+.fi
+.TP
+.B add <pathname> <argument>...
+.nf
+ADD
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+<entry in LDIF format>
+.fi
+.TP
+.B bind <pathname> <argument>...
+.nf
+BIND
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+dn: <DN>
+method: <method number>
+credlen: <length of <credentials>>
+cred: <credentials>
+.fi
+.TP
+.B compare <pathname> <argument>...
+.nf
+COMPARE
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+dn: <DN>
+<attribute>: <value>
+.fi
+.TP
+.B delete <pathname> <argument>...
+.nf
+DELETE
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+dn: <DN>
+.fi
+.TP
+.B modify <pathname> <argument>...
+.nf
+MODIFY
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+dn: <DN>
+<repeat {
+ <"add"/"delete"/"replace">: <attribute>
+ <repeat { <attribute>: <value> }>
+ -
+}>
+.fi
+.TP
+.B modrdn <pathname> <argument>...
+.nf
+MODRDN
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+dn: <DN>
+newrdn: <new RDN>
+deleteoldrdn: <0 or 1>
+<if new superior is specified: "newSuperior: <DN>">
+.fi
+.TP
+.B search <pathname> <argument>...
+.nf
+SEARCH
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+base: <base DN>
+scope: <0-2, see ldap.h>
+deref: <0-3, see ldap.h>
+sizelimit: <size limit>
+timelimit: <time limit>
+filter: <filter>
+attrsonly: <0 or 1>
+attrs: <"all" or space-separated attribute list>
+.fi
+.TP
+.B unbind <pathname> <argument>...
+.nf
+UNBIND
+opid: <operation ID>
+msgid: <message ID>
+<repeat { "suffix:" <database suffix DN> }>
+dn: <bound DN>
+.fi
+.LP
+An
+.I operation ID
+is a "connection ID/message ID" string identifying an operation.
+.LP
+Note that you need only supply configuration lines for those commands you
+want the backend to handle.
+Operations for which a command is not supplied will be refused with an
+"unwilling to perform" error.
+.LP
+The commands - except \fBabandon\fP and \fBunbind\fP - should output:
+.RS
+.nf
+RESULT
+code: <integer>
+matched: <matched DN>
+info: <text>
+.fi
+.RE
+where only RESULT is mandatory.
+The \fBsearch\fP RESULT should be preceded by the entries in LDIF
+format, each entry followed by a blank line.
+Lines starting with `#' or `DEBUG:' are ignored.
+.SH EXAMPLE
+There is an example search script in the slapd/back-shell/ directory
+in the OpenLDAP source tree.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8),
+.BR sh (1).
diff --git a/doc/man/man5/slapd-sql.5 b/doc/man/man5/slapd-sql.5
new file mode 100644
index 0000000000..b01e04df86
--- /dev/null
+++ b/doc/man/man5/slapd-sql.5
@@ -0,0 +1,383 @@
+.TH SLAPD-SQL 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.SH NAME
+slapd-sql \- SQL backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The primary purpose of this backend (8) to
+.BR slapd (8)
+is to PRESENT information stored in some RDBMS as an LDAP subtree
+without any programming (some SQL and maybe stored procedures can't be
+considered programming, anyway ;).
+.LP
+That is, for example, when you (some ISP) have account information you
+use in an RDBMS, and want to use modern solutions that expect such
+information in LDAP (to authenticate users, make email lookups etc.).
+Or you want to synchronize or distribute information between different
+sites/applications that use RDBMSes and/or LDAP.
+Or whatever else...
+.LP
+It is NOT designed as a general-purpose backend that uses RDBMS instead
+of BerkeleyDB (as the standard BDB backend does), though it can be
+used as such with several limitations.
+You can take a look at
+.B http://www.openldap.org/faq/index.cgi?file=378
+(OpenLDAP FAQ-O-Matic/General LDAP FAQ/Directories vs. conventional
+databases) to find out more on this point.
+.LP
+The idea (detailed below) is to use some metainformation to translate
+LDAP queries to SQL queries, leaving relational schema untouched, so
+that old applications can continue using it without any
+modifications.
+This allows SQL and LDAP applications to inter-operate without
+replication, and exchange data as needed.
+.LP
+The SQL backend is designed to be tunable to virtually any relational
+schema without having to change source (through that metainformation
+mentioned).
+Also, it uses ODBC to connect to RDBMSes, and is highly configurable
+for SQL dialects RDBMSes may use, so it may be used for integration
+and distribution of data on different RDBMSes, OSes, hosts etc., in
+other words, in highly heterogeneous environment.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the SQL backend database.
+That is, they must follow a "database sql" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.TP
+.B dbname <datasource name>
+The name of the ODBC datasource to use.
+.LP
+.B dbhost <hostname>
+.br
+.B dbuser <username>
+.br
+.B dbpasswd <password>
+.RS
+These three options are generally unneeded, because this information is already
+taken from the datasource.
+Use them if you need to override datasource settings.
+Also, several RDBMS' drivers tend to require explicit passing of user/password,
+even if those are given in datasource.
+.RE
+.TP
+.B subtree_cond <SQL expression>
+Specifies a where-clause template used to form a subtree search condition.
+It may differ from one SQL dialect to another (see samples).
+.TP
+.B oc_query <SQL expression>
+The default is
+.B "SELECT id, name, keytbl, keycol, create_proc, delete_proc, expect_return FROM ldap_oc_mappings"
+.TP
+.B at_query <SQL expression>
+The default is
+.B "SELECT name, sel_expr, from_tbls, join_where, add_proc, delete_proc, param_order, expect_return FROM ldap_attr_mappings WHERE oc_map_id=?"
+.TP
+.B insentry_query <SQL expression>
+The default is
+.B "INSERT INTO ldap_entries (dn, oc_map_id, parent, keyval) VALUES (?, ?, ?, ?)"
+.TP
+.B delentry_query <SQL expression>
+The default is
+.B "DELETE FROM ldap_entries WHERE id=?"
+
+These four options specify SQL query templates for loading schema mapping
+metainformation,
+adding and deleting entries to ldap_entries, etc.
+All these and subtree_cond should have the given default values.
+For the current value it is recommended to look at the sources,
+or in the log output when slapd starts with "-d 5" or greater.
+.TP
+.B upper_func <SQL function name>
+Specifies the name of a function that converts a given value to uppercase.
+This is used for CIS matching when the RDBMS is case sensitive.
+
+.SH METAINFORMATION USED
+.LP
+Almost everything mentioned later is illustrated in examples located
+in the
+.B slapd/back-sql/rdbms_depend/
+directory in the OpenLDAP source tree, and contains scripts for
+generating sample database for Oracle, MS SQL Server and mySQL.
+.LP
+The first thing that one must arrange is what set of LDAP
+object classes can present your RDBMS information.
+.LP
+The easiest way is to create an objectclass for each entity you had in
+ER-diagram when designing your relational schema.
+Any relational schema, no matter how normalized it is, was designed
+after some model of your application's domain (for instance, accounts,
+services etc. in ISP), and is used in terms of its entities, not just
+tables of normalized schema.
+It means that for every attribute of every such instance there is an
+effective SQL query that loads its values.
+.LP
+Also you might want your object classes to conform to some of the standard
+schemas like inetOrgPerson etc.
+.LP
+Nevertheless, when you think it out, we must define a way to translate
+LDAP operation requests to (a series of) SQL queries.
+Let us deal with the SEARCH operation.
+.LP
+Example:
+Let's suppose that we store information about persons working in our
+organization in two tables:
+.LP
+.nf
+ PERSONS PHONES
+ ---------- -------------
+ id integer id integer
+ first_name varchar pers_id integer references persons(id)
+ last_name varchar phone
+ middle_name varchar
+ ...
+.fi
+.LP
+(PHONES contains telephone numbers associated with persons).
+A person can have several numbers, then PHONES contains several
+records with corresponding pers_id, or no numbers (and no records in
+PHONES with such pers_id).
+An LDAP objectclass to present such information could look like this:
+.LP
+.nf
+ person
+ -------
+ MUST cn
+ MAY telephoneNumber $ firstName $ lastName
+ ...
+.fi
+.LP
+To fetch all values for cn attribute given person ID, we construct the
+query:
+.LP
+.nf
+ SELECT CONCAT(persons.first_name,' ',persons.last_name)
+ AS cn FROM persons WHERE persons.id=?
+.fi
+.LP
+for telephoneNumber we can use:
+.LP
+.nf
+ SELECT phones.phone AS telephoneNumber FROM persons,phones
+ WHERE persons.id=phones.pers.id AND persons.id=?
+.fi
+.LP
+If we wanted to service LDAP requests with filters like
+(telephoneNumber=123*), we would construct something like:
+.LP
+.nf
+ SELECT ... FROM persons,phones
+ WHERE persons.id=phones.pers.id
+ AND persons.id=?
+ AND phones.phone like '123%'
+.fi
+.LP
+So, if we had information about what tables contain values for each
+attribute, how to join these tables and arrange these values, we could
+try to automatically generate such statements, and translate search
+filters to SQL WHERE clauses.
+.LP
+To store such information, we add three more tables to our schema
+and fill it with data (see samples):
+.LP
+.nf
+ ldap_oc_mappings (some columns are not listed for clarity)
+ ---------------
+ id=1
+ name="person"
+ keytbl="persons"
+ keycol="id"
+.fi
+.LP
+This table defines a mapping between objectclass (its name held in the
+"name" column), and a table that holds the primary key for corresponding
+entities.
+For instance, in our example, the person entity, which we are trying
+to present as "person" objectclass, resides in two tables (persons and
+phones), and is identified by the persons.id column (that we will call
+the primary key for this entity).
+Keytbl and keycol thus contain "persons" (name of the table), and "id"
+(name of the column).
+.LP
+.nf
+ ldap_attr_mappings (some columns are not listed for clarity)
+ -----------
+ id=1
+ oc_id=1
+ name="cn"
+ sel_expr="CONCAT(persons.first_name,' ',persons.last_name)"
+ from_tbls="persons"
+ join_where=NULL
+ ************
+ id=<n>
+ oc_map_id=1
+ name="telephoneNumber"
+ sel_expr="phones.phone"
+ from_tbls="persons,phones"
+ join_where="phones.pers_id=persons.id"
+.fi
+.LP
+This table defines mappings between LDAP attributes and SQL queries
+that load their values.
+Note that, unlike LDAP schema, these are not
+.B attribute types
+- the attribute "cn" for "person" objectclass can
+have its values in different tables than "cn" for some other objectclass,
+so attribute mappings depend on objectclass mappings (unlike attribute
+types in LDAP schema, which are indifferent to objectclasses).
+Thus, we have oc_map_id column with link to oc_mappings table.
+.LP
+Now we cut the SQL query that loads values for a given attribute into 3 parts.
+First goes into sel_expr column - this is the expression we had
+between SELECT and FROM keywords, which defines WHAT to load.
+Next is table list - text between FROM and WHERE keywords.
+It may contain aliases for convenience (see examples).
+The last is part of the where clause, which (if it exists at all) expresses the
+condition for joining the table containing values with the table
+containing the primary key (foreign key equality and such).
+If values are in the same table as the primary key, then this column is
+left NULL (as for cn attribute above).
+.LP
+Having this information in parts, we are able to not only construct
+queries that load attribute values by id of entry (for this we could
+store SQL query as a whole), but to construct queries that load id's
+of objects that correspond to a given search filter (or at least part of
+it).
+See below for examples.
+.LP
+.nf
+ ldap_entries
+ ------------
+ id=1
+ dn=<dn you choose>
+ oc_map_id=...
+ parent=<parent record id>
+ keyval=<value of primary key>
+.fi
+.LP
+This table defines mappings between DNs of entries in your LDAP tree,
+and values of primary keys for corresponding relational data.
+It has recursive structure (parent column references id column of the
+same table), which allows you to add any tree structure(s) to your
+flat relational data.
+Having id of objectclass mapping, we can determine table and column
+for primary key, and keyval stores value of it, thus defining the exact
+tuple corresponding to the LDAP entry with this DN.
+.LP
+Note that such design (see exact SQL table creation query) implies one
+important constraint - the key must be an integer.
+But all that I know about well-designed schemas makes me think that it's
+not very narrow ;) If anyone needs support for different types for
+keys - he may want to write a patch, and submit it to OpenLDAP ITS,
+then I'll include it.
+.LP
+Also, several people complained that they don't really need very
+structured trees, and they don't want to update one more table every
+time they add or delete an instance in the relational schema.
+Those people can use a view instead of a real table for ldap_entries, something
+like this (by Robin Elfrink):
+.LP
+.nf
+ CREATE VIEW ldap_entries (id, dn, oc_map_id, parent, keyval)
+ AS SELECT (1000000000+userid),
+ UPPER(CONCAT(CONCAT('cn=',gecos),',o=MyCompany,c=NL')),
+ 1, 0, userid FROM unixusers UNION
+ SELECT (2000000000+groupnummer),
+ UPPER(CONCAT(CONCAT('cn=',groupnaam),',o=MyCompany,c=NL')),
+ 2, 0, groupnummer FROM groups;
+.fi
+.LP
+.SH Typical SQL backend operation
+Having metainformation loaded, the SQL backend uses these tables to
+determine a set of primary keys of candidates (depending on search
+scope and filter).
+It tries to do it for each objectclass registered in ldap_objclasses.
+.LP
+Example:
+for our query with filter (telephoneNumber=123*) we would get the following
+query generated (which loads candidate IDs)
+.LP
+.nf
+ SELECT ldap_entries.id,persons.id, 'person' AS objectClass,
+ ldap_entries.dn AS dn
+ FROM ldap_entries,persons,phones
+ WHERE persons.id=ldap_entries.keyval
+ AND ldap_entries.objclass=?
+ AND ldap_entries.parent=?
+ AND phones.pers_id=persons.id
+ AND (phones.phone LIKE '123%')
+.fi
+.LP
+(for ONELEVEL search)
+or "... AND dn=?" (for BASE search)
+or "... AND dn LIKE '%?'" (for SUBTREE)
+.LP
+Then, for each candidate, we load the requested attributes using
+per-attribute queries like
+.LP
+.nf
+ SELECT phones.phone AS telephoneNumber
+ FROM persons,phones
+ WHERE persons.id=? AND phones.pers_id=persons.id
+.fi
+.LP
+Then, we use test_filter() from the frontend API to test the entry for a full
+LDAP search filter match (since we cannot effectively make sense of
+SYNTAX of corresponding LDAP schema attribute, we translate the filter
+into the most relaxed SQL condition to filter candidates), and send it to
+the user.
+.LP
+ADD, DELETE, MODIFY operations are also performed on per-attribute
+metainformation (add_proc etc.).
+In those fields one can specify an SQL statement or stored procedure
+call which can add, or delete given values of a given attribute, using
+the given entry keyval (see examples -- mostly ORACLE and MSSQL - since
+there're no stored procs in mySQL).
+.LP
+We just add more columns to oc_mappings and attr_mappings, holding
+statements to execute (like create_proc, add_proc, del_proc etc.), and
+flags governing the order of parameters passed to those statements.
+Please see samples to find out what are the parameters passed, and other
+information on this matter - they are self-explanatory for those familiar
+with concept expressed above.
+.LP
+.SH common techniques (referrals, multiclassing etc.)
+First of all, lets remember that among other major differences to the
+complete LDAP data model, the concept above does not directly support
+such things as multiple objectclasses per entry, and referrals.
+Fortunately, they are easy to adopt in this scheme.
+The SQL backend suggests two more tables being added to the schema -
+ldap_entry_objectclasses(entry_id,oc_name), and
+ldap_referrals(entry_id,url).
+.LP
+The first contains any number of objectclass names that corresponding
+entries will be found by, in addition to that mentioned in
+mapping.
+The SQL backend automatically adds attribute mapping for the "objectclass"
+attribute to each objectclass mapping that loads values from this table.
+So, you may, for instance, have a mapping for inetOrgPerson, and use it
+for queries for "person" objectclass...
+.LP
+The second table contains any number of referrals associated with a given entry.
+The SQL backend automatically adds attribute mapping for "ref" attribute
+to each objectclass mapping that loads values from this table.
+So, if you add objectclass "referral" to this entry, and make one or
+more tuples in ldap_referrals for this entry (they will be seen as
+values of "ref" attribute), you will have slapd return a referral, as
+described in the Administrators Guide.
+.LP
+.SH EXAMPLES
+There are example SQL modules in the slapd/back-sql/rdbms_depend/
+directory in the OpenLDAP source tree.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8).
diff --git a/doc/man/man5/slapd-tcl.5 b/doc/man/man5/slapd-tcl.5
new file mode 100644
index 0000000000..9a95c9e70b
--- /dev/null
+++ b/doc/man/man5/slapd-tcl.5
@@ -0,0 +1,269 @@
+.TH SLAPD-TCL 5 "2 May 2002" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.SH NAME
+slapd-tcl \- Tcl backend to slapd
+.SH SYNOPSIS
+ETCDIR/slapd.conf
+.SH DESCRIPTION
+The Tcl backend to
+.BR slapd (8)
+works by embedding a
+.BR Tcl (3tcl)
+interpreter into
+.BR slapd (8).
+Any tcl database section of the configuration file
+.BR slapd.conf (5)
+must then specify what Tcl script to use.
+.SH WARNING
+.B "This backend's calling conventions have changed since OpenLDAP 2.0."
+Previously, the 2nd argument to the procs was a message ID.
+Now they are an "operation ID" string.
+Also, proc abandon now gets a new
+.B abandonid
+argument.
+.SH CONFIGURATION
+These
+.B slapd.conf
+options apply to the TCL backend database.
+That is, they must follow a "database tcl" line and come before any
+subsequent "backend" or "database" lines.
+Other database options are described in the
+.BR slapd.conf (5)
+manual page.
+.TP
+.B scriptpath <filename.tcl>
+The full path to the tcl script used for this database.
+.LP
+.B search <proc>
+.br
+.B add <proc>
+.br
+.B delete <proc>
+.br
+.B modify <proc>
+.br
+.B bind <proc>
+.br
+.B unbind <proc>
+.br
+.B modrdn <proc>
+.br
+.B compare <proc>
+.br
+.B abandon <proc>
+.RS
+The procs for each ldap function.
+They refer to the tcl procs in the `scriptpath' script that handles them.
+.RE
+.TP
+.B tclrealm <interpreter name>
+This is one of the biggest pluses of using the tcl backend.
+The realm lets you group several databases to the same interpreter.
+This basically means they share the same global variables and proc space.
+So global variables, as well as all the procs, are callable between databases.
+If no tclrealm is specified, it is put into the "default" realm.
+.SH Variables passed to the procs
+.TP
+.B abandon { action opid suffix abandonid }
+.nf
+action - Always equal to ABANDON.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es) associated with the
+ call. Each one is an entry in a tcl
+ formatted list (surrounded by {}'s).
+abandonid - The opid of the operation to abandon.
+.fi
+.TP
+.B add "{ action opid suffix entry }"
+.nf
+action - Always equal to ADD.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+entry - Full entry to add. Each "type: val" is
+ an element in a tcl formatted list.
+.fi
+.TP
+.B bind "{ action opid suffix dn method cred_len cred }"
+.nf
+action - Always equal to BIND.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+dn - DN being bound to.
+method - One of the ldap authentication methods.
+cred_len - Length of cred.
+cred - Credentials being used to authenticate,
+ according to RFC. If this value is empty,
+ then it should be considered an anonymous
+ bind (??)
+.fi
+.TP
+.B compare "{ action opid suffix dn ava_type ava_value }"
+.nf
+action - Always equal to COMPARE.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+dn - DN for compare.
+ava_type - Type for comparison.
+ava_value - Value to compare.
+.fi
+.TP
+.B delete "{ action opid suffix dn }"
+.nf
+action - Always equal to DELETE.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+dn - DN to delete.
+.fi
+.TP
+.B modify "{ action opid suffix dn mods }"
+.nf
+action - Always equal to MODIFY.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+dn - DN to modify.
+mods - Tcl list of modifications.
+ The list is formatted in this way:
+
+ {
+ { {op: type} {type: val} }
+ { {op: type} {type: val} {type: val} }
+ ...
+ }
+
+ Newlines are not present in the actual var,
+ they are present here for clarification.
+ "op" is the type of modification
+ (ADD, DELETE, REPLACE).
+.fi
+.TP
+.B modrdn "{ action opid suffix dn newrdn deleteoldrdn }"
+.nf
+action - Always equal to MODRDN.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+dn - DN whose RDN is being renamed.
+newrdn - New RDN.
+deleteoldrdn - Boolean stating whether or not the
+ old RDN should be removed after being renamed.
+.fi
+.TP
+.B
+search { action opid suffix base scope deref \
+sizelimit timelimit filterstr attrsonly attrlist }
+.nf
+action - Always equal to SEARCH.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+base - Base for this search.
+scope - Scope of search, ( 0 | 1 | 2 ).
+deref - Alias dereferencing ( 0 | 1 | 2 | 3 ).
+sizelimit - Maximum number of entries to return.
+timelimit - Time limit for search.
+filterstr - Filter string as sent by the requester.
+attrsonly - Boolean for whether to list only the
+ attributes, and not values as well.
+attrlist - Tcl list if to retrieve.
+.fi
+.TP
+.B unbind "{ action opid suffix dn }"
+.nf
+action - Always equal to UNBIND.
+opid - The opid of this ldap operation.
+suffix - List of suffix(es), as above.
+dn - DN to unbind.
+.fi
+.LP
+An
+.I opid
+(operation ID) is a "connection ID/message ID" string identifying an
+operation.
+.LP
+.SH Return Method and Syntax
+There are only 2 return types.
+All procs must return a result to show status of the operation.
+The result is in this form:
+.LP
+.RS
+.nf
+{ RESULT {code: <integer>} {matched: <partialdn>}
+ {info: <string>} {} }
+.fi
+.RE
+.LP
+This is best accomplished with this type of tcl code
+.LP
+.RS
+.nf
+ lappend ret_val "RESULT"
+ lappend ret_val "code: 0"
+ lappend ret_val ""
+ return $ret_val
+.fi
+.RE
+.LP
+The final empty string (item in list) is necessary to point to the end
+of list.
+The `code', `matched', and `info' values are not necessary, and
+default values are given if not specified.
+The `code' value is usually an LDAP error in decimal notation from
+ldap.h.
+The `info', may be sent back to the client, depending on the
+function.
+In the bind proc, LDAP uses the value of `code' to indicate whether or
+not the authentication is acceptable.
+.LP
+The other type of return is for searches.
+It is similar format to the shell backend return (as is most of the
+syntax here).
+Its format follows:
+.LP
+.RS
+.nf
+{dn: o=Company, c=US} {attr: val} {objectclass: val} {}
+{dn: o=CompanyB, c=US} {attr: val} {objectclass: val} {}
+.fi
+.RE
+.LP
+Again, newlines are for visual purposes here.
+Also note the {} marking the end of the entry (same effect as a
+newline in ldif format).
+Here is some example code again, showing a full search proc example.
+.LP
+.RS
+.nf
+# Note that `args' lets you lump all possible args
+# into one var, used here for simplicity of example
+proc ldap:search { args } {
+ # ...perform some operations...
+
+ lappend ret_val "dn: $rdn,$base"
+ lappend ret_val "objectclass: $objcl"
+ lappend ret_val "sn: $rdn"
+ lappend ret_val "mail: $email"
+ lappend ret_val ""
+ # Now setup the result
+ lappend ret_val "RESULT"
+ lappend ret_val "code: 0"
+ lappend ret_val ""
+ return $ret_val
+}
+.fi
+.RE
+.LP
+NOTE: Newlines in the return value is acceptable in search entries
+(i.e. when returning base64 encoded binary entries).
+.LP
+.SH Builtin Commands and Variables
+.TP
+.B ldap:debug <msg>
+Allows you to send debug messages through OpenLDAP's native debugging
+system, this is sent as a LDAP_DEBUG_ANY and will be logged.
+Useful for debugging scripts or logging bind failures.
+.SH FILES
+.TP
+ETCDIR/slapd.conf
+default slapd configuration file
+.SH SEE ALSO
+.BR slapd.conf (5),
+.BR slapd (8),
+.BR Tcl (3tcl).
diff --git a/doc/man/man5/slapd.access.5 b/doc/man/man5/slapd.access.5
index 1e2f396489..4b30c60e84 100644
--- a/doc/man/man5/slapd.access.5
+++ b/doc/man/man5/slapd.access.5
@@ -1,4 +1,4 @@
-.TH SLAPD.ACCESS 5 "28 Oct 2001" "OpenLDAP LDVERSION"
+.TH SLAPD.ACCESS 5 "30 April 2002" "OpenLDAP LDVERSION"
.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
@@ -51,7 +51,7 @@ are used.
Arguments that should be replaced by actual text are shown in brackets <>.
The structure of the access control directives is
.TP
-.B access to <what> [ by <who> <access> [ <control> ] ]+
+.B access to <what> "[ by <who> <access> [ <control> ] ]+"
Grant access (specified by
.BR <access> )
to a set of entries and/or attributes (specified by
@@ -412,7 +412,9 @@ or the (even more silly) example
which grants everybody search and compare privileges, and adds read
privileges to authenticated users.
.SH FILES
+.TP
ETCDIR/slapd.conf
+default slapd configuration file
.SH SEE ALSO
.BR slapd (8),
.LP
diff --git a/doc/man/man5/slapd.conf.5 b/doc/man/man5/slapd.conf.5
index 827134160f..3c9ed2bc52 100644
--- a/doc/man/man5/slapd.conf.5
+++ b/doc/man/man5/slapd.conf.5
@@ -1,4 +1,4 @@
-.TH SLAPD.CONF 5 "26 January 2002" "OpenLDAP LDVERSION"
+.TH SLAPD.CONF 5 "2 May 2002" "OpenLDAP LDVERSION"
.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.\" $OpenLDAP$
@@ -56,22 +56,23 @@ backslash character (`\\'), the character should be preceded by a
backslash character.
.LP
The specific configuration options available are discussed below in the
-Global Configuration Options, General Backend Options, General Database
-Options, LDBM Database-Specific Options,
-Shell Database-Specific Options, and Password
-Database-Specific Options sections. Refer to the "OpenLDAP
-Administrator's Guide" for more details on the slapd configuration
-file.
+Global Configuration Options, General Backend Options, and General Database
+Options. Backend-specific options are discussed in the
+.B slapd-<backend>(5)
+manual pages. Refer to the "OpenLDAP Administrator's Guide" for more
+details on the slapd configuration file.
.SH GLOBAL CONFIGURATION OPTIONS
Options described in this section apply to all backends, unless specifically
overridden in a backend definition. Arguments that should be replaced by
actual text are shown in brackets <>.
.TP
-.B access to <what> [ by <who> <access> <control> ]+
+.B access to <what> "[ by <who> <access> <control> ]+"
Grant access (specified by <access>) to a set of entries and/or
attributes (specified by <what>) by one or more requestors (specified
by <who>).
-See the "OpenLDAP's Administrator's Guide" for details.
+See
+.BR slapd.access (5)
+and the "OpenLDAP's Administrator's Guide" for details.
.TP
.B allow <features>
Specify a set of features (separated by white space) to
@@ -91,11 +92,11 @@ server's command line options
if started without the debugging command line option.
.HP
.hy 0
-.B attributetype (\ <oid> [NAME\ <name>] [OBSOLETE]\
+.B attributetype "(\ <oid> [NAME\ <name>] [OBSOLETE]\
[DESC\ <description>]\
[SUP\ <oid>] [EQUALITY\ <oid>] [ORDERING\ <oid>]\
[SUBSTR\ <oid>] [SYNTAX\ <oidlen>] [SINGLE\-VALUE] [COLLECTIVE]\
- [NO\-USER\-MODIFICATION] [USAGE\ <attributeUsage>]\ )
+ [NO\-USER\-MODIFICATION] [USAGE\ <attributeUsage>]\ )"
.RS
Specify an attribute type using the LDAPv3 syntax defined in RFC 2252.
The slapd parser extends the RFC 2252 definition by allowing string
@@ -252,7 +253,7 @@ to allow any level of depth match, not including the exact match;
.BR regex
explicitly requires the (default) match based on regular expression
pattern, as detailed in
-.BR regex(7).
+.BR regex (7).
Finally,
.B anonymous
matches unbound operations; the
@@ -402,9 +403,9 @@ option are only usable if slapd was compiled with --enable-modules.
Specify a list of directories to search for loadable modules. Typically
the path is colon-separated but this depends on the operating system.
.HP
-.B objectclass ( <oid> [NAME <name>] [DESC <description] [OBSOLETE]\
+.B objectclass "( <oid> [NAME <name>] [DESC <description] [OBSOLETE]\
[SUP <oids>] [{ ABSTRACT | STRUCTURAL | AUXILIARY }] [MUST <oids>]\
- [MAY <oids>] )
+ [MAY <oids>] )"
.RS
Specify an objectclass using the LDAPv3 syntax defined in RFC 2252.
The slapd parser extends the RFC 2252 definition by allowing string
@@ -415,7 +416,7 @@ objectidentifier
description.) Object classes are "STRUCTURAL" by default.
.RE
.TP
-.B objectidentifier <name> { <oid> | <name>[:<suffix>] }
+.B objectidentifier <name> "{ <oid> | <name>[:<suffix>] }"
Define a string name that equates to the given OID. The string can be used
in place of the numeric OID in objectclass and attribute definitions. The
name can also be used with a suffix of the form ":xx" in which case the
@@ -787,7 +788,11 @@ depending on which backend will serve the database.
.SH GENERAL DATABASE OPTIONS
Options in this section only apply to the configuration file section
for the database in which they are defined. They are supported by every
-type of backend.
+type of backend. Note that the
+.B database
+and at least one
+.B suffix
+option are mandatory for each database.
.TP
.B database <databasetype>
Mark the beginning of a new database instance definition. <databasetype>
@@ -910,6 +915,8 @@ and \fB{CRYPT}\fP passwords are not recommended. If empty
Specify the DN suffix of queries that will be passed to this
backend database. Multiple suffix lines can be given and at least one is
required for each database definition.
+If the suffix of one database is "inside" that of another, the database
+with the inner suffix must come first in the configuration file.
.TP
.B suffixalias <alias> <aliased suffix>
Specify an alternate suffix that may be used to reference an already defined
@@ -941,207 +948,62 @@ Specify the referral to pass back when
.BR slapd (8)
is asked to modify a replicated local database.
If specified multiple times, each url is provided.
-.\" .SH LDBM BACKEND-SPECIFIC OPTIONS
-.\" Options in this category only apply to the LDBM backend. That is,
-.\" they must follow "backend ldbm" line and come before any subsequent
-.\" "backend" or "database" lines. The LDBM backend is a high-performance
-.\" database that makes extensive use of indexing and caching to speed
-.\" data access.
-.SH BDB DATABASE-SPECIFIC OPTIONS
-Options in this category only apply to the BDB databases. That is,
-they must follow "database bdb" line and come before any subsequent
-"backend" or "database" lines.
-.TP
-.B cachesize <integer>
-Specify the size in entries of the in-memory cache maintained
-by the BDB backend database instance. The default is 1000 entries.
-.TP
-.B checkpoint <kbyte> <min>
-Specify the frequency for checkpointing the database transaction log.
-A checkpoint operation flushes the database buffers to disk and writes
-a checkpoint record in the log. The checkpoint will occur if either
-<kbyte> data has been written or <min> minutes have passed since the
-last checkpoint. Both arguments default to zero, in which case they are ignored.
-See the Berkeley DB reference guide for more details.
-.TP
-.B dbnosync
-Specify that on-disk database contents should not be immediately
-synchronized with in memory changes. Enabling this option may improve
-performance at the expense of data security.
-.TP
-.B directory <directory>
-Specify the directory where the BDB files containing this database and
-associated indexes live. A separate directory must be specified for
-each database. The default is
-.BR LOCALSTATEDIR/openldap-data .
-.TP
-.B dirtyread
-Allow reads of modified but not yet committed data. Usually transactions
-are isolated to prevent other operations from accessing uncommitted data.
-This option may improve performance, but may also return inconsistent
-results if the data comes from a transaction that is later aborted. In
-this case, the modified data is discarded and a subsequent search will
-return a different result.
-.TP
-.B
-index {<attrlist>|default} [pres,eq,approx,sub,<special>]
-See the description for LDBM.
-.TP
-.B lockdetect {oldest|youngest|fewest|random|default}
-Specify which transaction to abort when a deadlock is detected. The
-default is the same as
-.BR random .
-.TP
-.B mode <integer>
-Specify the file protection mode that newly created database
-index files should have. The default is 0600.
-
-.SH LDBM DATABASE-SPECIFIC OPTIONS
-Options in this category only apply to the LDBM databases. That is,
-they must follow "database ldbm" line and come before any subsequent
-"backend" or "database" lines.
-.TP
-.B cachesize <integer>
-Specify the size in entries of the in-memory cache maintained
-by the LDBM backend database instance. The default is 1000 entries.
-.TP
-.B dbcachesize <integer>
-Specify the size in bytes of the in-memory cache associated
-with each open index file. If not supported by the underlying database
-method, this option is ignored without comment. The default is 100000 bytes.
-.TP
-.B dbnolocking
-Specify that no database locking should be performed.
-Enabling this option may improve performance at the expense of data security.
-Do NOT run any slap tools while slapd is running.
-.TP
-.B dbnosync
-Specify that on-disk database contents should not be immediately
-synchronized with in memory changes. Enabling this option may improve
-performance at the expense of data security.
-.TP
-.B dbsync <frequency> <maxdelays> <delayinterval>
-Flush dirty database buffers to disk every
-.B <seconds>
-seconds. Implies
-.B dbnosync
-(ie. indvidual updates are no longer written to disk). It attempts to avoid
-syncs during periods of peak activity by waiting
-.B <delayinterval>
-seconds if the server is busy, repeating this delay up to
-.B <maxdelays>
-times before proceeding.
-It is an attempt to provide higher write performance with some amount of data
-security. Note that it may still be possible to get an inconsistent
-database if the underlying engine fills its cache and writes out individual
-pages and slapd crashes or is killed before the next sync.
-.B <maxdelays>
-and
-.B <delayinterval>
-are optional and default to
-.B 12
-and
-.B 5
-respectively, giving a total elapsed delay of 60 seconds before a sync
-will occur.
-.B <maxdelays>
-may be zero, and
-.B <delayinterval>
-must be 1 or greater.
-.TP
-.B directory <directory>
-Specify the directory where the LDBM files containing this database and
-associated indexes live. A separate directory must be specified for
-each database. The default is
-.BR LOCALSTATEDIR/openldap-data .
-.TP
-.B
-index {<attrlist>|default} [pres,eq,approx,sub,<special>]
-Specify the indexes to maintain for the given attribute (or
-list of attributes). Some attributes only support a subset
-of indexes. If only an <attr> is given, the indices specified
-for \fBdefault\fR are maintained. Note that setting a default
-does not imply that all attributes will be indexed.
+.SH DATABASE-SPECIFIC OPTIONS
+Each database may allow specific configuration options; they are
+documented separately in the
+.BR slapd-<backend> (5)
+manual pages.
+.SH EXAMPLES
+.LP
+Here is a short example of a configuration file:
+.LP
+.RS
+.nf
+include SYSCONFDIR/schema/core.schema
+pidfile LOCALSTATEDIR/slapd.pid
-A number of special index parameters may be
-specified.
-The index type
-.B sub
-can be decomposed into
-.BR subinitial ,
-.BR subany ,\ and
-.B subfinal
-indices.
-The special type
-.B nolang
-may be specified to disallow use of this index by language subtypes.
-The special type
-.B nosubtypes
-may be specified to disallow use of this index by named subtypes.
-Note: changing index settings requires rebuilding indices, see
-.BR slapindex (8).
-.TP
-.B mode <integer>
-Specify the file protection mode that newly created database
-index files should have. The default is 0600.
-.SH SHELL DATABASE-SPECIFIC OPTIONS
-Options in this category only apply to the SHELL backend database. That is,
-they must follow a "database shell" line and come before any subsequent
-"backend" or "database" lines. The Shell backend executes external programs to
-implement operations, and is designed to make it easy to tie an existing
-database to the
-.B slapd
-front-end.
-.TP
-.B bind <pathname>
-.TP
-.B unbind <pathname>
-.TP
-.B search <pathname>
-.TP
-.B compare <pathname>
-.TP
-.B modify <pathname>
-.TP
-.B modrdn <pathname>
-.TP
-.B add <pathname>
-.TP
-.B delete <pathname>
-.TP
-.B abandon <pathname>
-These options specify the pathname of the command to execute in response
-to the given LDAP operation.
+database bdb
+suffix "dc=our-domain,dc=com"
+# The database directory MUST exist prior to
+# running slapd AND should only be accessible
+# by the slapd/tools. Mode 700 recommended.
+directory LOCALSTATEDIR/openldap-data
+# Indices to maintain
+index objectClass eq
+index cn,sn,mail pres,eq,approx,sub
-Note that you need only supply configuration lines for those commands you
-want the backend to handle. Operations for which a command is not
-supplied will be refused with an "unwilling to perform" error.
-.SH PASSWORD DATABASE-SPECIFIC OPTIONS
-Options in this category only apply to the PASSWD backend database.
-That is, they must follow a "database passwd" line and come before any
-subsequent "backend" or "database" lines. The PASSWD database serves up the user
-account information listed in the system
-.BR passwd (5)
-file.
-.TP
-.B file <filename>
-Specifies an alternate passwd file to use. The default is
-.B /etc/passwd.
-.SH OTHER DATABASE-SPECIFIC OPTIONS
-Other databases may allow specific configuration options; they will be
-documented separately since most of these databases are very specific
-or experimental.
-.SH EXAMPLE
-"OpenLDAP Administrator's Guide" contains an annotated
+# We serve small clients that do not handle referrals,
+# so handle remote lookups on their behalf.
+database ldap
+suffix ""
+uri ldap://ldap.some-server.com/
+lastmod off
+.fi
+.RE
+.LP
+"OpenLDAP Administrator's Guide" contains a longer annotated
example of a configuration file.
+The original ETCDIR/slapd.conf is another example.
.SH FILES
+.TP
ETCDIR/slapd.conf
+default slapd configuration file
.SH SEE ALSO
.BR ldap (3),
+.BR slapd-bdb (5),
+.BR slapd-dnssrv (5),
+.BR slapd-ldap (5),
+.BR slapd-ldbm (5),
+.BR slapd-meta (5),
+.BR slapd-null (5),
+.BR slapd-passwd (5),
+.BR slapd-perl (5),
+.BR slapd-shell (5),
+.BR slapd-sql (5),
+.BR slapd-tcl (5),
.BR slapd.replog (5),
.BR slapd.access (5),
.BR locale (5),
-.BR passwd (5),
.BR slapd (8),
.BR slapadd (8),
.BR slapcat (8),
diff --git a/doc/man/man5/slapd.replog.5 b/doc/man/man5/slapd.replog.5
index 83d0cc69fd..46586e2c22 100644
--- a/doc/man/man5/slapd.replog.5
+++ b/doc/man/man5/slapd.replog.5
@@ -1,4 +1,7 @@
-.TH SLAPD.REPLOG 5 "11 April 1995" "U-M LDAP LDVERSION"
+.TH SLAPD.REPLOG 5 "20 August 2000" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
slapd.replog \- slapd replication log format
.SH SYNOPSIS
@@ -7,7 +10,7 @@ slapd.replog.lock
.SH DESCRIPTION
.LP
The file slapd.replog is produced by the stand-alone LDAP daemon,
-.IR slapd ,
+.BR slapd (8),
when changes are made to its local database that are to be
propagated to one or more replica
.IR slapd s.
@@ -17,7 +20,7 @@ or deletion from the
.I slapd
database. The file is meant to be read
and processed by
-.IR slurpd ,
+.BR slurpd (8),
the stand-alone LDAP update replication daemon. The records are
separated by a blank line. Each record has the following format.
.LP
@@ -125,7 +128,7 @@ on one of each type of change.
replica: truelies.rs.itd.umich.edu
replica: judgmentday.rs.itd.umich.edu
time: 797612941
- dn: cn=Babs Jensen, o=U of M, c=US
+ dn: cn=Babs Jensen,dc=example,dc=com
changetype: add
objectclass: person
cn: babs
@@ -135,7 +138,7 @@ on one of each type of change.
replica: truelies.rs.itd.umich.edu
replica: judgmentday.rs.itd.umich.edu
time: 797612973
- dn: cn=Babs Jensen, o=U of M, c=US
+ dn: cn=Babs Jensen,dc=example,dc=com
changetype: modify
add: description
description: the fabulous babs
@@ -143,16 +146,25 @@ on one of each type of change.
replica: truelies.rs.itd.umich.edu
replica: judgmentday.rs.itd.umich.edu
time: 797613020
- dn: cn=Babs Jensen, o=U of M, c=US
+ dn: cn=Babs Jensen,dc=example,dc=com
changetype: modrdn
newrdn: cn=Barbara J Jensen
deleteoldrdn: 0
.fi
.SH FILES
+.TP
slapd.replog
+slapd replication log file
+.TP
slapd.replog.lock
+lockfile for slapd.replog
.SH SEE ALSO
.BR ldap (3),
.BR ldif (5),
.BR slapd (8),
.BR slurpd (8)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man5/ud.conf.5 b/doc/man/man5/ud.conf.5
index 13575bf7ea..8dbd40a0eb 100644
--- a/doc/man/man5/ud.conf.5
+++ b/doc/man/man5/ud.conf.5
@@ -1,9 +1,12 @@
-.TH UD.CONF 5 "18 March 1993" "U-M LDAP LDVERSION"
+.TH UD.CONF 5 "20 August 2000" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.UC 6
.SH NAME
ud.conf \- ud configuration file
.SH SYNOPSIS
-/etc/ud.conf
+ETCDIR/ud.conf
.SH DESCRIPTION
The
.I ud
@@ -17,13 +20,13 @@ configuration file.
.SH OPTIONS
The different configuration options are:
.TP 1i
-\fBserver <name>\fP
+\fBHOST <name>\fP
Used to specify the name of an LDAP server to which
.I ud
should connect. There may be only one entry per config file.
The server's name can be specified as a domain-style name or an IP address.
.TP 1i
-\fBbase <base>\fP
+\fBBASE <base>\fP
Used to specify the search base to use when performing search operations.
The base may be changed by those using
.I ud
@@ -33,7 +36,7 @@ command.
There may be only one entry per config file.
The base must be specified as a Distinguished Name in LDAP format.
.TP 1i
-\fBgroupbase <base>\fP
+\fBGROUPBASE <base>\fP
Used to specify the base used when creating groups.
The base may be changed by those using
.I ud
@@ -43,7 +46,7 @@ command.
There may be only one entry per config file.
The base must be specified as a Distinguished Name in LDAP format.
.TP 1i
-\fBsearch <algorithm>\fP
+\fBSEARCH <algorithm>\fP
Used to specify a search algorithm to use when performing searches. More than
one algorithm may be specified, and each is tried in turn until a suitable
response is found.
@@ -88,9 +91,19 @@ For example,
causes this algorithm to be applied when the number of fields is exactly equal
to one. If there is exactly one field, the token is looked up as a UID.
.SH FILES
-.I /etc/ud.conf
+.TP
+.I ETCDIR/ud.conf
+system-wide ud configuration file
+.TP
+.I $HOME/.udrc
+personal ud configuration file, overriding system file
.SH "SEE ALSO"
-ud(1),
-ldap(3)
+.BR ud (1),
+.BR ldap (3)
.SH AUTHOR
Bryan Beecher, University of Michigan
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man8/mail500.8 b/doc/man/man8/mail500.8
index fd9bffb105..58c157ed25 100644
--- a/doc/man/man8/mail500.8
+++ b/doc/man/man8/mail500.8
@@ -1,14 +1,17 @@
-.TH MAIL500 8C "30 November 1994" "U-M LDAP LDVERSION"
+.TH MAIL500 8C "20 August 2000" "OpenLDAP LDVERSION"
+.\" $OpenLDAP$
+.\" Copyright 1998-2002 The OpenLDAP Foundation All Rights Reserved.
+.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
.SH NAME
mail500 \- X.500 capable mailer
.LP
fax500 \- X.500 capable fax delivery agent
.SH SYNOPSIS
-.B ETCDIR/mail500 [\-d level] [\-f mailfrom]
+.B LIBEXECDIR/mail500 [\-d level] [\-f mailfrom]
.B [\-h hostname] [\-l ldaphost]
.B [\-m address] [\-v vacationhost]
.LP
-.B ETCDIR/fax500 [\-d level] [\-f mailfrom]
+.B LIBEXECDIR/fax500 [\-d level] [\-f mailfrom]
.B [\-h hostname] [\-l ldaphost]
.B [\-m address]
.SH DESCRIPTION
@@ -253,8 +256,8 @@ The mail500 and fax500 mailers should be defined similar to this in the
sendmail.cf file:
.LP
.nf
-Mmail500, P=ETCDIR/mail500, F=DFMSmnXuh, A=mail500 -f $f -h $h -m $n@$w $u
-Mfax500, P=ETCDIR/fax500, F=DFMSmnXuh, A=fax500 -f $f -h $h -m $n@$w $u
+Mmail500, P=LIBEXECDIR/mail500, F=DFMSmnXuh, A=mail500 -f $f -h $h -m $n@$w $u
+Mfax500, P=LIBEXECDIR/fax500, F=DFMSmnXuh, A=fax500 -f $f -h $h -m $n@$w $u
.fi
.LP
This defines how mail500/fax500 will be treated by sendmail and what
@@ -282,6 +285,11 @@ would behave appropriately based on how they were invoked. Unfortunately,
several new features (e.g. vacation support) were added to mail500
but not to fax500.
.SH "SEE ALSO"
-.BR ldap(3),
-.BR sendmail.cf(5),
-.BR sendmail(8),
+.BR ldap (3),
+.BR sendmail.cf (5),
+.BR sendmail (8)
+.SH ACKNOWLEDGEMENTS
+.B OpenLDAP
+is developed and maintained by The OpenLDAP Project (http://www.openldap.org/).
+.B OpenLDAP
+is derived from University of Michigan LDAP 3.3 Release.
diff --git a/doc/man/man8/slapd.8 b/doc/man/man8/slapd.8
index 4a92d7aad4..842aade8e4 100644
--- a/doc/man/man8/slapd.8
+++ b/doc/man/man8/slapd.8
@@ -169,7 +169,7 @@ on voluminous debugging which will be printed on standard error, type:
.LP
.nf
.ft tt
- LIBEXECDIR/slapd -f ETCDIR/slapd.conf -d 255
+ LIBEXECDIR/slapd -f /var/tmp/slapd.conf -d 255
.ft
.fi
.LP
diff --git a/include/Makefile.in b/include/Makefile.in
new file mode 100644
index 0000000000..5d090b8418
--- /dev/null
+++ b/include/Makefile.in
@@ -0,0 +1,77 @@
+# $OpenLDAP$
+## Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+## COPYING RESTRICTIONS APPLY, See COPYRIGHT file
+##
+## include Makefile.in for OpenLDAP
+
+all-local: ldap_config.h FORCE
+
+install-local: FORCE
+ -$(MKDIR) $(DESTDIR)$(includedir)
+ for header in $(srcdir)/lber.h lber_types.h \
+ $(srcdir)/ldap.h $(srcdir)/ldap_cdefs.h \
+ $(srcdir)/ldap_schema.h $(srcdir)/ldap_utf8.h \
+ ldap_features.h; \
+ do \
+ $(INSTALL) $(INSTALLFLAGS) -m 644 $$header $(DESTDIR)$(includedir); \
+ done
+
+clean-local: FORCE
+ $(RM) ldap_config.h
+
+veryclean-local: clean-local FORCE
+ $(RM) portable.h lber_types.h ldap_features.h
+
+depend-local: ldap_config.h FORCE
+
+LDAP_CONFIG=$(srcdir)/ldap_config.h.in
+
+ldap_config.h: $(LDAP_CONFIG) Makefile
+ @$(RM) $@
+ @echo "Making $@"
+ @echo "/* Generated from $(LDAP_CONFIG) on `date` */" > $@; \
+ if test $(PLAT) = NT; then \
+ sysconfdir=`cygpath -w $(sysconfdir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ datadir=`cygpath -w $(datadir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ bindir=`cygpath -w $(bindir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ sbindir=`cygpath -w $(sbindir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ libexecdir=`cygpath -w $(libexecdir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ localstatedir=`cygpath -w $(localstatedir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ editor=`cygpath -w $(EDITOR) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ sendmail=`cygpath -w $(SENDMAIL) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ else \
+ sysconfdir=$(sysconfdir); \
+ datadir=$(datadir); \
+ bindir=$(bindir); \
+ sbindir=$(sbindir); \
+ libexecdir=$(libexecdir); \
+ localstatedir=$(localstatedir); \
+ editor=$(EDITOR); \
+ sendmail=$(SENDMAIL); \
+ fi; \
+ $(SED) \
+ -e "s;%SYSCONFDIR%;$$sysconfdir;" \
+ -e "s;%DATADIR%;$$datadir;" \
+ -e "s;%BINDIR%;$$bindir;" \
+ -e "s;%SBINDIR%;$$sbindir;" \
+ -e "s;%LIBEXECDIR%;$$libexecdir;" \
+ -e "s;%RUNDIR%;$$localstatedir;" \
+ -e "s;%EDITOR%;$$editor;" \
+ -e "s;%SENDMAIL%;$$sendmail;" \
+ $(LDAP_CONFIG) >> $@; \
+ $(CHMOD) 444 $@
+
+all-common: all-local
+install-common: all-common install-local
+clean-common: clean-local
+veryclean-common: veryclean-local
+depend-common: depend-local
+
diff --git a/include/ldap.h b/include/ldap.h
index fd9d231e13..a55d528ca4 100644
--- a/include/ldap.h
+++ b/include/ldap.h
@@ -188,6 +188,8 @@ typedef struct ldapcontrol {
#define LDAP_CONTROL_VLVREQUEST "2.16.840.1.113730.3.4.9"
#define LDAP_CONTROL_VLVRESPONSE "2.16.840.1.113730.3.4.10"
+#define LDAP_CONTROL_VALUESRETURNFILTER "1.2.826.0.1.334810.2.3"
+
/* LDAP Unsolicited Notifications */
#define LDAP_NOTICE_OF_DISCONNECTION "1.3.6.1.4.1.1466.20036"
#define LDAP_NOTICE_DISCONNECT LDAP_NOTICE_OF_DISCONNECTION
diff --git a/include/ldap_config.h.in b/include/ldap_config.h.in
new file mode 100644
index 0000000000..705466c861
--- /dev/null
+++ b/include/ldap_config.h.in
@@ -0,0 +1,71 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, Redwood City, California, USA
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License. A copy of this license is available at
+ * http://www.OpenLDAP.org/license.html or in file LICENSE in the
+ * top-level directory of the distribution.
+ */
+
+/*
+ * This file works in confunction with OpenLDAP configure system.
+ * If you do no like the values below, adjust your configure options.
+ */
+
+#ifndef _LDAP_CONFIG_H
+#define _LDAP_CONFIG_H
+
+/* directory separator */
+#ifndef LDAP_DIRSEP
+#ifndef _WIN32
+#define LDAP_DIRSEP "/"
+#else
+#define LDAP_DIRSEP "\\"
+#endif
+#endif
+
+/* directory for temporary files */
+#if defined(_WIN32)
+# define LDAP_TMPDIR "C:\\." /* we don't have much of a choice */
+#elif defined( _P_tmpdir )
+# define LDAP_TMPDIR _P_tmpdir
+#elif defined( P_tmpdir )
+# define LDAP_TMPDIR P_tmpdir
+#elif defined( _PATH_TMPDIR )
+# define LDAP_TMPDIR _PATH_TMPDIR
+#else
+# define LDAP_TMPDIR LDAP_DIRSEP "tmp"
+#endif
+
+/* directories */
+#ifndef LDAP_BINDIR
+#define LDAP_BINDIR "%BINDIR%"
+#endif
+#ifndef LDAP_SBINDIR
+#define LDAP_SBINDIR "%SBINDIR%"
+#endif
+#ifndef LDAP_DATADIR
+#define LDAP_DATADIR "%DATADIR%"
+#endif
+#ifndef LDAP_SYSCONFDIR
+#define LDAP_SYSCONFDIR "%SYSCONFDIR%"
+#endif
+#ifndef LDAP_LIBEXECDIR
+#define LDAP_LIBEXECDIR "%LIBEXECDIR%"
+#endif
+#ifndef LDAP_RUNDIR
+#define LDAP_RUNDIR "%RUNDIR%"
+#endif
+
+/* command locations */
+#ifndef LDAP_EDITOR
+#define LDAP_EDITOR "%EDITOR%"
+#endif
+#ifndef LDAP_SENDMAIL
+#define LDAP_SENDMAIL "%SENDMAIL%"
+#endif
+
+#endif /* _LDAP_CONFIG_H */
diff --git a/include/ldap_config.nt b/include/ldap_config.nt
new file mode 100644
index 0000000000..18646ac9e0
--- /dev/null
+++ b/include/ldap_config.nt
@@ -0,0 +1,63 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, Redwood City, California, USA
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted only
+ * as authorized by the OpenLDAP Public License. A copy of this
+ * license is available at http://www.OpenLDAP.org/license.html or
+ * in file LICENSE in the top-level directory of the distribution.
+ */
+
+/*
+ * This file works in confunction with OpenLDAP setup.mak system.
+ * If you do no like the values below, adjust your configure options.
+ */
+
+#ifndef _LDAP_CONFIG_H
+#define _LDAP_CONFIG_H
+
+/* directory separator */
+#ifndef LDAP_DIRSEP
+#define LDAP_DIRSEP "\\"
+#endif
+
+/* directory for temporary files */
+#if defined( _P_tmpdir )
+#define LDAP_TMPDIR _P_tmpdir
+#else
+#define LDAP_TMPDIR "\\"
+#endif
+
+/* directories */
+#ifndef LDAP_PREFIX
+#define LDAP_PREFIX "C:\\OpenLDAP"
+#endif
+#ifndef LDAP_BINDIR
+#define LDAP_BINDIR LDAP_PREFIX "\\bin"
+#endif
+#ifndef LDAP_SBINDIR
+#define LDAP_SBINDIR LDAP_PREFIX "\\sbin"
+#endif
+#ifndef LDAP_DATADIR
+#define LDAP_DATADIR LDAP_PREFIX "\\share"
+#endif
+#ifndef LDAP_SYSCONFDIR
+#define LDAP_SYSCONFDIR LDAP_PREFIX "\\sysconf"
+#endif
+#ifndef LDAP_LIBEXECDIR
+#define LDAP_LIBEXECDIR LDAP_PREFIX "\\libexec"
+#endif
+#ifndef LDAP_RUNDIR
+#define LDAP_RUNDIR LDAP_PREFIX "\\run"
+#endif
+
+/* command locations */
+#ifndef LDAP_EDITOR
+#define LDAP_EDITOR "%EDITOR%"
+#endif
+#ifndef LDAP_SENDMAIL
+#define LDAP_SENDMAIL "%SENDMAIL%"
+#endif
+
+#endif /* _LDAP_CONFIG_H */
diff --git a/include/ldap_defaults.h b/include/ldap_defaults.h
new file mode 100644
index 0000000000..5c2570ed62
--- /dev/null
+++ b/include/ldap_defaults.h
@@ -0,0 +1,93 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, Redwood City, California, USA
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License. A copy of this license is available at
+ * http://www.OpenLDAP.org/license.html or in file LICENSE in the
+ * top-level directory of the distribution.
+ */
+/* Portions
+ * Copyright (c) 1994 Regents of the University of Michigan.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that this notice is preserved and that due credit is given
+ * to the University of Michigan at Ann Arbor. The name of the University
+ * may not be used to endorse or promote products derived from this
+ * software without specific prior written permission. This software
+ * is provided ``as is'' without express or implied warranty.
+ */
+
+/*
+ * This file controls defaults for OpenLDAP package.
+ * You probably do not need to edit the defaults provided by this file.
+ */
+
+#ifndef _LDAP_DEFAULTS_H
+#define _LDAP_DEFAULTS_H
+
+
+#include <ldap_config.h>
+
+#define LDAP_CONF_FILE LDAP_SYSCONFDIR LDAP_DIRSEP "ldap.conf"
+#define LDAP_USERRC_FILE "ldaprc"
+#define LDAP_ENV_PREFIX "LDAP"
+
+/* default ldapi:// socket */
+#define LDAPI_SOCK LDAP_RUNDIR LDAP_DIRSEP "ldapi"
+
+/*
+ * MAIL500 MAILER DEFINITIONS
+ */
+ /* max number of ambiguous matches reported */
+#define MAIL500_MAXAMBIGUOUS 10
+ /* max subscribers allowed (size limit when searching for them ) */
+#define MAIL500_MAXGROUPMEMBERS LDAP_NO_LIMIT
+ /* timeout for all searches */
+#define MAIL500_TIMEOUT 180
+ /* sendmail location - mail500 needs to exec this */
+#define MAIL500_SENDMAIL LDAP_SENDMAIL
+
+/*
+ * UD DEFINITIONS
+ */
+ /* default config file locations */
+#define FILTERFILE LDAP_SYSCONFDIR LDAP_DIRSEP "ldapfilter.conf"
+ /* ud configuration file */
+#define UD_CONFIG_FILE LDAP_SYSCONFDIR LDAP_DIRSEP "ud.conf"
+ /* default editor */
+#define UD_DEFAULT_EDITOR LDAP_EDITOR
+ /* default bbasename of user config file */
+#define UD_USER_CONFIG_FILE ".udrc"
+ /* default base where groups are created */
+#define UD_WHERE_GROUPS_ARE_CREATED ""
+ /* default base below which all groups live */
+#define UD_WHERE_ALL_GROUPS_LIVE ""
+
+/*
+ * SLAPD DEFINITIONS
+ */
+ /* location of the default slapd config file */
+#define SLAPD_DEFAULT_CONFIGFILE LDAP_SYSCONFDIR LDAP_DIRSEP "slapd.conf"
+#define SLAPD_DEFAULT_DB_DIR LDAP_DATADIR LDAP_DIRSEP "openldap-data"
+#define SLAPD_DEFAULT_DB_MODE 0600
+#define SLAPD_DEFAULT_UCDATA LDAP_DATADIR LDAP_DIRSEP "ucdata"
+ /* default max deref depth for aliases */
+#define SLAPD_DEFAULT_MAXDEREFDEPTH 15
+ /* default sizelimit on number of entries from a search */
+#define SLAPD_DEFAULT_SIZELIMIT 500
+ /* default timelimit to spend on a search */
+#define SLAPD_DEFAULT_TIMELIMIT 3600
+ /* minimum max ids that a single index entry can map to in ldbm */
+#define SLAPD_LDBM_MIN_MAXIDS (8192-4)
+
+/* the following DNs must be normalized! */
+ /* dn of the default subschema subentry */
+#define SLAPD_SCHEMA_DN "cn=Subschema"
+ /* dn of the default "monitor" subentry */
+#define SLAPD_MONITOR_DN "cn=Monitor"
+
+#endif /* _LDAP_CONFIG_H */
diff --git a/include/ldap_pvt.h b/include/ldap_pvt.h
index d1d73eba21..4edb4096f2 100644
--- a/include/ldap_pvt.h
+++ b/include/ldap_pvt.h
@@ -181,9 +181,9 @@ LDAP_F (int) ldap_pvt_tls_init_default_ctx LDAP_P(( void ));
typedef int LDAPDN_rewrite_dummy LDAP_P (( void *dn, unsigned flags ));
-LDAP_F (char *) ldap_pvt_tls_get_my_dn LDAP_P(( void *ctx,
+LDAP_F (int) ldap_pvt_tls_get_my_dn LDAP_P(( void *ctx, struct berval *dn,
LDAPDN_rewrite_dummy *func, unsigned flags ));
-LDAP_F (char *) ldap_pvt_tls_get_peer_dn LDAP_P(( void *ctx,
+LDAP_F (int) ldap_pvt_tls_get_peer_dn LDAP_P(( void *ctx, struct berval *dn,
LDAPDN_rewrite_dummy *func, unsigned flags ));
LDAP_F (int) ldap_pvt_tls_get_strength LDAP_P(( void *ctx ));
diff --git a/include/ldap_pvt_uc.h b/include/ldap_pvt_uc.h
index 6a2e4af264..521713ddc4 100644
--- a/include/ldap_pvt_uc.h
+++ b/include/ldap_pvt_uc.h
@@ -39,6 +39,11 @@ typedef unsigned long ldap_unicode_t;
#define ldap_utf8_to_unicode( p ) ldap_utf8_to_ucs4((p))
#define ldap_unicode_to_utf8( c, buf ) ldap_ucs4_to_ucs4((c),(buf))
+/* Convert a string with csize octets per character to UTF-8 */
+LDAP_F( int ) ldap_ucs_to_utf8s LDAP_P((
+ struct berval *ucs, int csize, struct berval *utf8s ));
+
+
/* returns the number of bytes in the UTF-8 string */
LDAP_F (ber_len_t) ldap_utf8_bytes( const char * );
/* returns the number of UTF-8 characters in the string */
diff --git a/include/portable.h.in b/include/portable.h.in
index f2ddab282d..654de6d662 100644
--- a/include/portable.h.in
+++ b/include/portable.h.in
@@ -224,6 +224,9 @@
/* Define if you have the recvfrom function. */
#undef HAVE_RECVFROM
+/* Define if you have the recvmsg function. */
+#undef HAVE_RECVMSG
+
/* Define if you have the sched_yield function. */
#undef HAVE_SCHED_YIELD
diff --git a/include/portable.nt b/include/portable.nt
index 921b3dd20e..8715d81a97 100644
--- a/include/portable.nt
+++ b/include/portable.nt
@@ -243,6 +243,9 @@
/* Define if you have the recvfrom function. */
/* #undef HAVE_RECVFROM */
+/* Define if you have the recvmsg function. */
+/* #undef HAVE_RECVMSG */
+
/* Define if you have the sched_yield function. */
/* #undef HAVE_SCHED_YIELD */
diff --git a/libraries/libldap/Makefile.in b/libraries/libldap/Makefile.in
new file mode 100644
index 0000000000..389bf3bbd9
--- /dev/null
+++ b/libraries/libldap/Makefile.in
@@ -0,0 +1,65 @@
+# $OpenLDAP$
+## Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+## COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+##
+## Makefile.in for LDAP -lldap
+##
+LIBRARY = libldap.la
+
+PROGRAMS = apitest dntest ftest ltest
+
+SRCS = bind.c open.c result.c error.c compare.c search.c \
+ controls.c messages.c references.c extended.c cyrus.c \
+ modify.c add.c modrdn.c delete.c abandon.c cache.c \
+ getfilter.c sasl.c sbind.c kbind.c unbind.c \
+ filter.c free.c dsparse.c sort.c \
+ getdn.c getentry.c getattr.c getvalues.c addentry.c \
+ request.c os-ip.c url.c sortctrl.c vlvctrl.c \
+ init.c options.c print.c string.c util-int.c schema.c \
+ charray.c tls.c os-local.c dnssrv.c utf-8.c utf-8-conv.c
+OBJS = bind.lo open.lo result.lo error.lo compare.lo search.lo \
+ controls.lo messages.lo references.lo extended.lo cyrus.lo \
+ modify.lo add.lo modrdn.lo delete.lo abandon.lo cache.lo \
+ getfilter.lo sasl.lo sbind.lo kbind.lo unbind.lo \
+ filter.lo free.lo dsparse.lo sort.lo \
+ getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
+ request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \
+ init.lo options.lo print.lo string.lo util-int.lo schema.lo \
+ charray.lo tls.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo
+
+LDAP_INCDIR= ../../include
+LDAP_LIBDIR= ../../libraries
+
+LIB_DEFS = -DLDAP_LIBRARY
+
+XLIBS = $(LIBRARY) $(LDAP_LIBLBER_LA) $(LDAP_LIBLUTIL_A)
+XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
+NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+
+apitest: $(XLIBS) apitest.o
+ $(LTLINK) -o $@ apitest.o $(LIBS)
+dntest: $(XLIBS) dntest.o
+ $(LTLINK) -o $@ dntest.o $(LIBS)
+ftest: $(XLIBS) ftest.o
+ $(LTLINK) -o $@ ftest.o $(LIBS)
+ltest: $(XLIBS) test.o
+ $(LTLINK) -o $@ test.o $(LIBS)
+
+CFFILES=ldap.conf ldapfilter.conf
+
+install-local: $(CFFILES) FORCE
+ -$(MKDIR) $(DESTDIR)$(libdir)
+ $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
+ -$(MKDIR) $(DESTDIR)$(sysconfdir)
+ @for i in $(CFFILES); do \
+ if test ! -f $(DESTDIR)$(sysconfdir)/$$i; then \
+ echo "installing $$i in $(sysconfdir)"; \
+ echo "$(INSTALL) $(INSTALLFLAGS) -m 644 $(srcdir)/$$i $(DESTDIR)$(sysconfdir)/$$i"; \
+ $(INSTALL) $(INSTALLFLAGS) -m 644 $(srcdir)/$$i $(DESTDIR)$(sysconfdir)/$$i; \
+ else \
+ echo "PRESERVING EXISTING CONFIGURATION FILE $(sysconfdir)/$$i" ; \
+ fi; \
+ $(INSTALL) $(INSTALLFLAGS) -m 644 $(srcdir)/$$i $(DESTDIR)$(sysconfdir)/$$i.default; \
+ done
+
diff --git a/libraries/libldap/cyrus.c b/libraries/libldap/cyrus.c
index 6aa10edfab..c35eb0d5a9 100644
--- a/libraries/libldap/cyrus.c
+++ b/libraries/libldap/cyrus.c
@@ -291,6 +291,7 @@ sb_sasl_write( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
{
struct sb_sasl_data *p;
int ret;
+ unsigned *max;
assert( sbiod != NULL );
assert( SOCKBUF_VALID( sbiod->sbiod_sb ) );
@@ -307,9 +308,13 @@ sb_sasl_write( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
/* now encode the next packet. */
#if SASL_VERSION_MAJOR >= 2
ber_pvt_sb_buf_init( &p->buf_out );
+ sasl_getprop( p->sasl_context, SASL_MAXOUTBUF, (const void **)&max );
#else
ber_pvt_sb_buf_destroy( &p->buf_out );
+ sasl_getprop( p->sasl_context, SASL_MAXOUTBUF, (void **)&max );
#endif
+ if ( len > *max - 100 )
+ len = *max - 100; /* For safety margin */
ret = sasl_encode( p->sasl_context, buf, len,
(SASL_CONST char **)&p->buf_out.buf_base,
(unsigned *)&p->buf_out.buf_size );
@@ -456,9 +461,9 @@ ldap_int_sasl_open(
rc = sasl_client_new( "ldap", host, session_callbacks,
SASL_SECURITY_LAYER, &ctx );
#endif
- LDAP_FREE( session_callbacks );
if ( rc != SASL_OK ) {
+ LDAP_FREE( session_callbacks );
ld->ld_errno = sasl_err2ldap( rc );
return ld->ld_errno;
}
@@ -472,6 +477,7 @@ ldap_int_sasl_open(
#endif
lc->lconn_sasl_ctx = ctx;
+ lc->lconn_sasl_cbs = session_callbacks;
if( ssf ) {
#if SASL_VERSION_MAJOR >= 2
@@ -504,6 +510,8 @@ int ldap_int_sasl_close( LDAP *ld, LDAPConn *lc )
if( ctx != NULL ) {
sasl_dispose( &ctx );
lc->lconn_sasl_ctx = NULL;
+ LDAP_FREE( lc->lconn_sasl_cbs );
+ lc->lconn_sasl_cbs = NULL;
}
return LDAP_SUCCESS;
diff --git a/libraries/libldap/filter.c b/libraries/libldap/filter.c
index fe0fab327b..7d40d1ceb4 100644
--- a/libraries/libldap/filter.c
+++ b/libraries/libldap/filter.c
@@ -22,6 +22,14 @@
#include "ldap-int.h"
+static int put_simple_vrFilter LDAP_P((
+ BerElement *ber,
+ char *str ));
+
+static int put_vrFilter_list LDAP_P((
+ BerElement *ber,
+ char *str ));
+
static char *put_complex_filter LDAP_P((
BerElement *ber,
char *str,
@@ -799,3 +807,387 @@ put_substring_filter( BerElement *ber, char *type, char *val )
return 0;
}
+
+int
+ldap_pvt_put_vrFilter( BerElement *ber, const char *str_in )
+{
+ int rc;
+ char *freeme;
+ char *str;
+ char *next;
+ int parens, balance, escape;
+
+ /*
+ * A ValuesReturnFilter looks like this:
+ *
+ * ValuesReturnFilter ::= SEQUENCE OF SimpleFilterItem
+ * SimpleFilterItem ::= CHOICE {
+ * equalityMatch [3] AttributeValueAssertion,
+ * substrings [4] SubstringFilter,
+ * greaterOrEqual [5] AttributeValueAssertion,
+ * lessOrEqual [6] AttributeValueAssertion,
+ * present [7] AttributeType,
+ * approxMatch [8] AttributeValueAssertion,
+ * extensibleMatch [9] SimpleMatchingAssertion -- LDAPv3
+ * }
+ *
+ * SubstringFilter ::= SEQUENCE {
+ * type AttributeType,
+ * SEQUENCE OF CHOICE {
+ * initial [0] IA5String,
+ * any [1] IA5String,
+ * final [2] IA5String
+ * }
+ * }
+ *
+ * SimpleMatchingAssertion ::= SEQUENCE { -- LDAPv3
+ * matchingRule [1] MatchingRuleId OPTIONAL,
+ * type [2] AttributeDescription OPTIONAL,
+ * matchValue [3] AssertionValue }
+ */
+
+#ifdef NEW_LOGGING
+ LDAP_LOG (( "filter", LDAP_LEVEL_ARGS, "ldap_pvt_put_vrFilter: \"%s\"\n",
+ str_in ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "put_vrFilter: \"%s\"\n", str_in, 0, 0 );
+#endif
+
+ freeme = LDAP_STRDUP( str_in );
+ if( freeme == NULL ) return LDAP_NO_MEMORY;
+ str = freeme;
+
+ parens = 0;
+ while ( *str ) {
+ switch ( *str ) {
+ case '(': /*')'*/
+ str++;
+ parens++;
+
+ /* skip spaces */
+ while( LDAP_SPACE( *str ) ) str++;
+
+ switch ( *str ) {
+ case '(':
+ if ( (next = find_right_paren( str )) == NULL ) {
+ rc = -1;
+ goto done;
+ }
+
+ *next = '\0';
+
+ if ( put_vrFilter_list( ber, str ) == -1 ) {
+ rc = -1;
+ goto done;
+ }
+
+ /* close the '(' */
+ *next++ = ')';
+
+ str = next;
+
+ parens--;
+ break;
+
+
+ default:
+#ifdef NEW_LOGGING
+ LDAP_LOG (( "filter", LDAP_LEVEL_DETAIL1,
+ "ldap_pvt_put_vrFilter: simple\n" ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "put_vrFilter: simple\n",
+ 0, 0, 0 );
+#endif
+
+ balance = 1;
+ escape = 0;
+ next = str;
+
+ while ( *next && balance ) {
+ if ( escape == 0 ) {
+ if ( *next == '(' ) {
+ balance++;
+ } else if ( *next == ')' ) {
+ balance--;
+ }
+ }
+
+ if ( *next == '\\' && ! escape ) {
+ escape = 1;
+ } else {
+ escape = 0;
+ }
+
+ if ( balance ) next++;
+ }
+
+ if ( balance != 0 ) {
+ rc = -1;
+ goto done;
+ }
+
+ *next = '\0';
+
+ if ( put_simple_vrFilter( ber, str ) == -1 ) {
+ rc = -1;
+ goto done;
+ }
+
+ *next++ = /*'('*/ ')';
+
+ str = next;
+ parens--;
+ break;
+ }
+ break;
+
+ case /*'('*/ ')':
+#ifdef NEW_LOGGING
+ LDAP_LOG (( "filter", LDAP_LEVEL_DETAIL1,
+ "ldap_pvt_put_filter: end\n" ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "put_filter: end\n",
+ 0, 0, 0 );
+#endif
+ if ( ber_printf( ber, /*"["*/ "]" ) == -1 ) {
+ rc = -1;
+ goto done;
+ }
+ str++;
+ parens--;
+ break;
+
+ case ' ':
+ str++;
+ break;
+
+ default: /* assume it's a simple type=value filter */
+#ifdef NEW_LOGGING
+ LDAP_LOG (( "filter", LDAP_LEVEL_DETAIL1,
+ "ldap_pvt_put_filter: default\n" ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "put_filter: default\n",
+ 0, 0, 0 );
+#endif
+ next = strchr( str, '\0' );
+ if ( put_simple_filter( ber, str ) == -1 ) {
+ rc = -1;
+ goto done;
+ }
+ str = next;
+ break;
+ }
+ }
+
+ rc = parens ? -1 : 0;
+
+done:
+ LDAP_FREE( freeme );
+ return rc;
+}
+
+int
+put_vrFilter( BerElement *ber, const char *str_in )
+{
+ int rc =0;
+
+ if ( ber_printf( ber, "{" /*"}"*/ ) == -1 ) {
+ rc = -1;
+ }
+
+ rc = ldap_pvt_put_vrFilter( ber, str_in );
+
+ if ( ber_printf( ber, /*"{"*/ "N}" ) == -1 ) {
+ rc = -1;
+ }
+
+ return rc;
+}
+
+static int
+put_vrFilter_list( BerElement *ber, char *str )
+{
+ char *next = NULL;
+ char save;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG (( "filter", LDAP_LEVEL_ARGS,
+ "put_vrFilter_list \"%s\"\n", str ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "put_vrFilter_list \"%s\"\n",
+ str, 0, 0 );
+#endif
+
+ while ( *str ) {
+ while ( *str && LDAP_SPACE( (unsigned char) *str ) ) {
+ str++;
+ }
+ if ( *str == '\0' ) break;
+
+ if ( (next = find_right_paren( str + 1 )) == NULL ) {
+ return -1;
+ }
+ save = *++next;
+
+ /* now we have "(filter)" with str pointing to it */
+ *next = '\0';
+ if ( ldap_pvt_put_vrFilter( ber, str ) == -1 ) return -1;
+ *next = save;
+ str = next;
+ }
+
+ return 0;
+}
+
+static int
+put_simple_vrFilter(
+ BerElement *ber,
+ char *str )
+{
+ char *s;
+ char *value;
+ ber_tag_t ftype;
+ int rc = -1;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG (( "filter", LDAP_LEVEL_ARGS,
+ "put_simple_vrFilter: \"%s\"\n", str ));
+#else
+ Debug( LDAP_DEBUG_TRACE, "put_simple_vrFilter: \"%s\"\n",
+ str, 0, 0 );
+#endif
+
+ str = LDAP_STRDUP( str );
+ if( str == NULL ) return -1;
+
+ if ( (s = strchr( str, '=' )) == NULL ) {
+ goto done;
+ }
+
+ value = s + 1;
+ *s-- = '\0';
+
+ switch ( *s ) {
+ case '<':
+ ftype = LDAP_FILTER_LE;
+ *s = '\0';
+ break;
+
+ case '>':
+ ftype = LDAP_FILTER_GE;
+ *s = '\0';
+ break;
+
+ case '~':
+ ftype = LDAP_FILTER_APPROX;
+ *s = '\0';
+ break;
+
+ case ':':
+ /* According to ValuesReturnFilter control definition
+ * extensible filters are off the form:
+ * type [:rule] := value
+ * or :rule := value
+ */
+ ftype = LDAP_FILTER_EXT;
+ *s = '\0';
+
+ {
+ char *rule = strchr( str, ':' );
+ *rule++ = '\0';
+
+ if( rule == NULL ) {
+ /* must have attribute */
+ if( !ldap_is_desc( str ) ) {
+ goto done;
+ }
+ rule = "";
+
+ } else {
+ *rule++ = '\0';
+ }
+
+
+ if ( *str == '\0' && ( !rule || *rule == '\0' ) ) {
+ /* must have either type or rule */
+ goto done;
+ }
+
+ if ( *str != '\0' && !ldap_is_desc( str ) ) {
+ goto done;
+ }
+
+ if ( rule && *rule != '\0' && !ldap_is_oid( rule ) ) {
+ goto done;
+ }
+
+ rc = ber_printf( ber, "t{" /*"}"*/, ftype );
+
+ if( rc != -1 && rule && *rule != '\0' ) {
+ rc = ber_printf( ber, "ts", LDAP_FILTER_EXT_OID, rule );
+ }
+
+ if( rc != -1 && *str != '\0' ) {
+ rc = ber_printf( ber, "ts", LDAP_FILTER_EXT_TYPE, str );
+ }
+
+ if( rc != -1 ) {
+ ber_slen_t len = ldap_pvt_filter_value_unescape( value );
+
+ if( len >= 0 ) {
+ rc = ber_printf( ber, "to",
+ LDAP_FILTER_EXT_VALUE, value, len );
+ } else {
+ rc = -1;
+ }
+ }
+
+ if( rc != -1 ) {
+ rc = ber_printf( ber, /*"{"*/ "N}" );
+ }
+ }
+ goto done;
+
+ default:
+ if( !ldap_is_desc( str ) ) {
+ goto done;
+
+ } else {
+ char *nextstar = ldap_pvt_find_wildcard( value );
+
+ if ( nextstar == NULL ) {
+ goto done;
+
+ } else if ( *nextstar == '\0' ) {
+ ftype = LDAP_FILTER_EQUALITY;
+
+ } else if ( strcmp( value, "*" ) == 0 ) {
+ ftype = LDAP_FILTER_PRESENT;
+
+ } else {
+ rc = put_substring_filter( ber, str, value );
+ goto done;
+ }
+ } break;
+ }
+
+ if( !ldap_is_desc( str ) ) goto done;
+
+ if ( ftype == LDAP_FILTER_PRESENT ) {
+ rc = ber_printf( ber, "ts", ftype, str );
+
+ } else {
+ ber_slen_t len = ldap_pvt_filter_value_unescape( value );
+
+ if( len >= 0 ) {
+ rc = ber_printf( ber, "t{soN}",
+ ftype, str, value, len );
+ }
+ }
+
+done:
+ if( rc != -1 ) rc = 0;
+ LDAP_FREE( str );
+ return rc;
+}
+
diff --git a/libraries/libldap/getdn.c b/libraries/libldap/getdn.c
index df8ecf7cad..bec27bc7da 100644
--- a/libraries/libldap/getdn.c
+++ b/libraries/libldap/getdn.c
@@ -3315,66 +3315,149 @@ int
ldap_X509dn2bv( void *x509_name, struct berval *bv, LDAPDN_rewrite_func *func,
unsigned flags )
{
- LDAPDN *newDN = NULL;
- LDAPRDN *newRDN = NULL;
+ LDAPDN *newDN;
+ LDAPRDN *newRDN;
+ LDAPAVA *newAVA, *baseAVA;
X509_NAME_ENTRY *ne;
ASN1_OBJECT *obj;
ASN1_STRING *str;
- char oidbuf[2048];
- int i, j, nrdns, rc = LDAP_NO_MEMORY;
+ char oids[8192], *oidptr = oids, *oidbuf = NULL;
+ void *ptrs[2048];
+ int i, j, k = 0, navas, nrdns, rc = LDAP_SUCCESS;
+ int set = -1;
+ size_t dnsize, oidrem = sizeof(oids), oidsize = 0;
+ int csize;
- struct berval Type;
struct berval Val;
assert( bv );
bv->bv_len = 0;
bv->bv_val = NULL;
- nrdns = X509_NAME_entry_count( x509_name );
- newDN = (LDAPDN *)LDAP_MALLOC( sizeof(LDAPDN) + sizeof(LDAPRDN *)
- * (nrdns+1) );
- if ( newDN == NULL )
- return LDAP_NO_MEMORY;
+ /* Get the number of AVAs. This is not necessarily the same as
+ * the number of RDNs.
+ */
+ navas = X509_NAME_entry_count( x509_name );
+
+ /* Get the last element, to see how many RDNs there are */
+ ne = X509_NAME_get_entry( x509_name, navas - 1 );
+ nrdns = ne->set + 1;
+
+ /* Allocate the DN/RDN/AVA stuff as a single block */
+ dnsize = sizeof(LDAPDN) + sizeof(LDAPRDN *) * (nrdns+1);
+ dnsize += sizeof(LDAPRDN) * nrdns + sizeof(LDAPAVA *) * (navas+nrdns);
+ dnsize += sizeof(LDAPAVA) * navas;
+ if (dnsize > sizeof(ptrs)) {
+ newDN = (LDAPDN *)LDAP_MALLOC( dnsize );
+ if ( newDN == NULL )
+ return LDAP_NO_MEMORY;
+ } else {
+ newDN = (LDAPDN *)ptrs;
+ }
newDN[0] = (LDAPRDN**)(newDN+1);
+ newDN[0][nrdns] = NULL;
+ newRDN = (LDAPRDN*)(newDN[0] + nrdns+1);
+ newAVA = (LDAPAVA*)(newRDN + navas + nrdns*2);
+ baseAVA = newAVA;
- /* Retrieve RDNs in reverse order; LDAP is backwards from X.500.
- * The OpenSSL library appears to allow only 1 AVA per RDN.
- */
- for ( i = nrdns - 1, j = 0; i >= 0; i--, j++ ) {
- newDN[0][j] = NULL;
+ /* Retrieve RDNs in reverse order; LDAP is backwards from X.500. */
+ for ( i = nrdns - 1, j = 0; i >= 0; i-- ) {
ne = X509_NAME_get_entry( x509_name, i );
obj = X509_NAME_ENTRY_get_object( ne );
str = X509_NAME_ENTRY_get_data( ne );
+ /* If set changed, move to next RDN */
+ if ( set != ne->set ) {
+ /* If this is not the first time, end the
+ * previous RDN and advance.
+ */
+ if ( j > 0 ) {
+ newRDN[0][k] = NULL;
+ newRDN = (LDAPRDN*)(newRDN[0]+k+1);
+ }
+ newDN[0][j++] = newRDN;
+
+ newRDN[0] = (LDAPAVA**)(newRDN+1);
+ k = 0;
+ set = ne->set;
+ }
+ newAVA->la_private = NULL;
+ newAVA->la_flags = LDAP_AVA_STRING;
+
if ( !func ) {
int n = OBJ_obj2nid( obj );
if (n == NID_undef)
goto get_oid;
- Type.bv_val = (char *)OBJ_nid2sn( n );
- Type.bv_len = strlen( Type.bv_val );
+ newAVA->la_attr.bv_val = (char *)OBJ_nid2sn( n );
+ newAVA->la_attr.bv_len = strlen( newAVA->la_attr.bv_val );
} else {
-get_oid: Type.bv_val = oidbuf;
- Type.bv_len = OBJ_obj2txt( oidbuf, sizeof( oidbuf ), obj, 1 );
+get_oid: newAVA->la_attr.bv_val = oidptr;
+ newAVA->la_attr.bv_len = OBJ_obj2txt( oidptr, oidrem, obj, 1 );
+ oidptr += newAVA->la_attr.bv_len + 1;
+ oidrem -= newAVA->la_attr.bv_len + 1;
+
+ /* Running out of OID buffer space? */
+ if (oidrem < 128) {
+ if ( oidsize == 0 ) {
+ oidsize = sizeof(oids) * 2;
+ oidrem = oidsize;
+ oidbuf = LDAP_MALLOC( oidsize );
+ if ( oidbuf == NULL ) goto nomem;
+ oidptr = oidbuf;
+ } else {
+ char *old = oidbuf;
+ oidbuf = LDAP_REALLOC( oidbuf, oidsize*2 );
+ if ( oidbuf == NULL ) goto nomem;
+ /* Buffer moved! Fix AVA pointers */
+ if ( old != oidbuf ) {
+ LDAPAVA *a;
+ long dif = oidbuf - old;
+
+ for (a=baseAVA; a<=newAVA; a++){
+ if (a->la_attr.bv_val >= old &&
+ a->la_attr.bv_val <= (old + oidsize))
+ a->la_attr.bv_val += dif;
+ }
+ }
+ oidptr = oidbuf + oidsize - oidrem;
+ oidrem += oidsize;
+ oidsize *= 2;
+ }
+ }
}
- Val.bv_len = str->length;
Val.bv_val = str->data;
-
- newRDN = (LDAPRDN *)LDAP_MALLOC( sizeof(LDAPRDN) + sizeof(LDAPAVA *) * 2);
- if ( newRDN == NULL )
- goto nomem;
-
- newRDN[0] = (LDAPAVA**)(newRDN+1);
- newRDN[0][0] = ldapava_new( &Type, &Val, LDAP_AVA_STRING );
- if ( newRDN[0][0] == NULL )
- goto nomem;
-
- newRDN[0][1] = NULL;
- newDN[0][j] = newRDN;
- newRDN = NULL;
+ Val.bv_len = str->length;
+ switch( str->type ) {
+ case V_ASN1_UNIVERSALSTRING:
+ /* This uses 32-bit ISO 10646-1 */
+ csize = 4; goto to_utf8;
+ case V_ASN1_BMPSTRING:
+ /* This uses 16-bit ISO 10646-1 */
+ csize = 2; goto to_utf8;
+ case V_ASN1_T61STRING:
+ /* This uses 8-bit, assume ISO 8859-1 */
+ csize = 1;
+to_utf8: rc = ldap_ucs_to_utf8s( &Val, csize, &newAVA->la_value );
+ if (rc != LDAP_SUCCESS) goto nomem;
+ newAVA->la_flags = LDAP_AVA_NONPRINTABLE;
+ break;
+ case V_ASN1_UTF8STRING:
+ newAVA->la_flags = LDAP_AVA_NONPRINTABLE;
+ /* This is already in UTF-8 encoding */
+ case V_ASN1_IA5STRING:
+ case V_ASN1_PRINTABLESTRING:
+ /* These are always 7-bit strings */
+ ber_dupbv( &newAVA->la_value, &Val );
+ default:
+ ;
+ }
+ newRDN[0][k] = newAVA;
+ newAVA++;
+ k++;
}
- newDN[0][j] = NULL;
+ newRDN[0][k] = NULL;
if ( func ) {
rc = func( newDN, flags );
@@ -3383,15 +3466,16 @@ get_oid: Type.bv_val = oidbuf;
}
rc = ldap_dn2bv( newDN, bv, LDAP_DN_FORMAT_LDAPV3 );
- ldap_dnfree( newDN );
-
- return rc;
nomem:
- if ( newRDN )
- LDAP_FREE( newRDN );
- if ( newDN )
- ldap_dnfree( newDN );
+ for (;baseAVA < newAVA; baseAVA++) {
+ LDAP_FREE( baseAVA->la_value.bv_val );
+ }
+
+ if ( oidsize != 0 )
+ LDAP_FREE( oidbuf );
+ if ( newDN != (LDAPDN*) ptrs )
+ LDAP_FREE( newDN );
return rc;
}
#endif /* HAVE_TLS */
diff --git a/libraries/libldap/ldap-int.h b/libraries/libldap/ldap-int.h
index 4ad20dd9f4..cd10cde790 100644
--- a/libraries/libldap/ldap-int.h
+++ b/libraries/libldap/ldap-int.h
@@ -189,6 +189,7 @@ typedef struct ldap_conn {
#endif
#ifdef HAVE_CYRUS_SASL
void *lconn_sasl_ctx;
+ void *lconn_sasl_cbs;
#endif
int lconn_refcnt;
time_t lconn_lastused; /* time */
diff --git a/libraries/libldap/result.c b/libraries/libldap/result.c
index 5905f43afa..f409afcc9e 100644
--- a/libraries/libldap/result.c
+++ b/libraries/libldap/result.c
@@ -647,8 +647,13 @@ try_read1msg(
{
tmpber = *ber; /* struct copy */
if ( v3ref == 1 ) {
- /* V3 search reference or V3 referral successfully chased */
- refer_cnt = 0;
+ /* V3 search reference or V3 referral
+ * sucessfully chased. If this message
+ * is a search result, then it has no more
+ * outstanding referrals.
+ */
+ if ( tag == LDAP_RES_SEARCH_RESULT )
+ refer_cnt = 0;
} else if ( ber_scanf( &tmpber, "{iaa}", &lderr,
&lr->lr_res_matched, &lr->lr_res_error )
!= LBER_ERROR ) {
diff --git a/libraries/libldap/tls.c b/libraries/libldap/tls.c
index 9aa0775bc9..f1d4fc1345 100644
--- a/libraries/libldap/tls.c
+++ b/libraries/libldap/tls.c
@@ -41,7 +41,7 @@ static char *tls_opt_certfile = NULL;
static char *tls_opt_keyfile = NULL;
static char *tls_opt_cacertfile = NULL;
static char *tls_opt_cacertdir = NULL;
-static int tls_opt_require_cert = 0;
+static int tls_opt_require_cert = LDAP_OPT_X_TLS_DEMAND;
static char *tls_opt_ciphersuite = NULL;
static char *tls_opt_randfile = NULL;
@@ -183,14 +183,14 @@ ldap_pvt_tls_init_def_ctx( void )
ERR_peek_error() ));
#else
Debug( LDAP_DEBUG_ANY,
- "TLS: could not allocate default ctx (%lu).\n",
+ "TLS: could not allocate default ctx (%lu).\n",
ERR_peek_error(),0,0);
#endif
goto error_exit;
}
+
if ( tls_opt_ciphersuite &&
- !SSL_CTX_set_cipher_list( tls_def_ctx,
- tls_opt_ciphersuite ) )
+ !SSL_CTX_set_cipher_list( tls_def_ctx, tls_opt_ciphersuite ) )
{
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_init_def_ctx: "
@@ -198,21 +198,23 @@ ldap_pvt_tls_init_def_ctx( void )
tls_opt_ciphersuite ));
#else
Debug( LDAP_DEBUG_ANY,
- "TLS: could not set cipher list %s.\n",
- tls_opt_ciphersuite, 0, 0 );
+ "TLS: could not set cipher list %s.\n",
+ tls_opt_ciphersuite, 0, 0 );
#endif
tls_report_error();
goto error_exit;
}
+
if (tls_opt_cacertfile != NULL || tls_opt_cacertdir != NULL) {
if ( !SSL_CTX_load_verify_locations( tls_def_ctx,
- tls_opt_cacertfile,
- tls_opt_cacertdir )
- || !SSL_CTX_set_default_verify_paths( tls_def_ctx ) )
+ tls_opt_cacertfile, tls_opt_cacertdir ) ||
+ !SSL_CTX_set_default_verify_paths( tls_def_ctx ) )
{
#ifdef NEW_LOGGING
- LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_init_def_ctx: "
- "TLS could not load verify locations (file:`%s',dir:`%s').\n",
+ LDAP_LOG (( "tls", LDAP_LEVEL_ERR,
+ "ldap_pvt_tls_init_def_ctx: "
+ "TLS could not load verify locations "
+ "(file:`%s',dir:`%s').\n",
tls_opt_cacertfile ? tls_opt_cacertfile : "",
tls_opt_cacertdir ? tls_opt_cacertdir : "" ));
#else
@@ -225,6 +227,7 @@ ldap_pvt_tls_init_def_ctx( void )
tls_report_error();
goto error_exit;
}
+
calist = get_ca_list( tls_opt_cacertfile, tls_opt_cacertdir );
if ( !calist ) {
#ifdef NEW_LOGGING
@@ -242,65 +245,70 @@ ldap_pvt_tls_init_def_ctx( void )
tls_report_error();
goto error_exit;
}
+
SSL_CTX_set_client_CA_list( tls_def_ctx, calist );
}
+
if ( tls_opt_keyfile &&
- !SSL_CTX_use_PrivateKey_file( tls_def_ctx,
- tls_opt_keyfile,
- SSL_FILETYPE_PEM ) )
+ !SSL_CTX_use_PrivateKey_file( tls_def_ctx,
+ tls_opt_keyfile, SSL_FILETYPE_PEM ) )
{
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_init_def_ctx: "
"TLS could not use key file `%s'.\n", tls_opt_keyfile ));
#else
Debug( LDAP_DEBUG_ANY,
- "TLS: could not use key file `%s'.\n",
- tls_opt_keyfile,0,0);
+ "TLS: could not use key file `%s'.\n",
+ tls_opt_keyfile,0,0);
#endif
tls_report_error();
goto error_exit;
}
+
if ( tls_opt_certfile &&
- !SSL_CTX_use_certificate_file( tls_def_ctx,
- tls_opt_certfile,
- SSL_FILETYPE_PEM ) )
+ !SSL_CTX_use_certificate_file( tls_def_ctx,
+ tls_opt_certfile, SSL_FILETYPE_PEM ) )
{
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_init_def_ctx: "
"TLS could not use certificate `%s'.\n", tls_opt_certfile ));
#else
Debug( LDAP_DEBUG_ANY,
- "TLS: could not use certificate `%s'.\n",
- tls_opt_certfile,0,0);
+ "TLS: could not use certificate `%s'.\n",
+ tls_opt_certfile,0,0);
#endif
tls_report_error();
goto error_exit;
}
+
if ( ( tls_opt_certfile || tls_opt_keyfile ) &&
- !SSL_CTX_check_private_key( tls_def_ctx ) )
+ !SSL_CTX_check_private_key( tls_def_ctx ) )
{
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_init_def_ctx: "
"TLS private key mismatch.\n" ));
#else
Debug( LDAP_DEBUG_ANY,
- "TLS: private key mismatch.\n",
- 0,0,0);
+ "TLS: private key mismatch.\n",
+ 0,0,0);
#endif
tls_report_error();
goto error_exit;
}
+
if ( tls_opt_trace ) {
SSL_CTX_set_info_callback( tls_def_ctx, tls_info_cb );
}
+
i = SSL_VERIFY_NONE;
if ( tls_opt_require_cert ) {
i = SSL_VERIFY_PEER;
if ( tls_opt_require_cert == LDAP_OPT_X_TLS_DEMAND ||
- tls_opt_require_cert == LDAP_OPT_X_TLS_HARD ) {
+ tls_opt_require_cert == LDAP_OPT_X_TLS_HARD ) {
i |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
}
}
+
SSL_CTX_set_verify( tls_def_ctx, i,
tls_opt_require_cert == LDAP_OPT_X_TLS_ALLOW ?
tls_verify_ok : tls_verify_cb );
@@ -311,6 +319,7 @@ ldap_pvt_tls_init_def_ctx( void )
ldap_pvt_thread_mutex_unlock( &tls_def_ctx_mutex );
#endif
return 0;
+
error_exit:
if ( tls_def_ctx != NULL ) {
SSL_CTX_free( tls_def_ctx );
@@ -370,17 +379,17 @@ update_flags( Sockbuf *sb, SSL * ssl, int rc )
sb->sb_trans_needs_read = 0;
sb->sb_trans_needs_write = 0;
- if (err == SSL_ERROR_WANT_READ)
- {
- sb->sb_trans_needs_read = 1;
- return 1;
- } else if (err == SSL_ERROR_WANT_WRITE)
- {
- sb->sb_trans_needs_write = 1;
- return 1;
- } else if (err == SSL_ERROR_WANT_CONNECT)
- {
- return 1;
+
+ if (err == SSL_ERROR_WANT_READ) {
+ sb->sb_trans_needs_read = 1;
+ return 1;
+
+ } else if (err == SSL_ERROR_WANT_WRITE) {
+ sb->sb_trans_needs_write = 1;
+ return 1;
+
+ } else if (err == SSL_ERROR_WANT_CONNECT) {
+ return 1;
}
return 0;
}
@@ -405,8 +414,9 @@ sb_tls_setup( Sockbuf_IO_Desc *sbiod, void *arg )
assert( sbiod != NULL );
p = LBER_MALLOC( sizeof( *p ) );
- if ( p == NULL )
+ if ( p == NULL ) {
return -1;
+ }
p->ssl = (SSL *)arg;
p->sbiod = sbiod;
@@ -514,9 +524,10 @@ sb_tls_write( Sockbuf_IO_Desc *sbiod, void *buf, ber_len_t len)
if (err == SSL_ERROR_WANT_WRITE ) {
sbiod->sbiod_sb->sb_trans_needs_write = 1;
errno = EWOULDBLOCK;
- }
- else
+
+ } else {
sbiod->sbiod_sb->sb_trans_needs_write = 0;
+ }
return ret;
}
@@ -542,8 +553,7 @@ sb_tls_bio_create( BIO *b ) {
static int
sb_tls_bio_destroy( BIO *b )
{
- if ( b == NULL )
- return 0;
+ if ( b == NULL ) return 0;
b->ptr = NULL; /* sb_tls_remove() will free it */
b->init = 0;
@@ -557,19 +567,20 @@ sb_tls_bio_read( BIO *b, char *buf, int len )
struct tls_data *p;
int ret;
- if ( buf == NULL || len <= 0 )
- return 0;
+ if ( buf == NULL || len <= 0 ) return 0;
p = (struct tls_data *)b->ptr;
- if ( p == NULL || p->sbiod == NULL )
+ if ( p == NULL || p->sbiod == NULL ) {
return 0;
+ }
ret = LBER_SBIOD_READ_NEXT( p->sbiod, buf, len );
BIO_clear_retry_flags( b );
- if ( ret < 0 && errno == EWOULDBLOCK )
+ if ( ret < 0 && errno == EWOULDBLOCK ) {
BIO_set_retry_read( b );
+ }
return ret;
}
@@ -580,19 +591,20 @@ sb_tls_bio_write( BIO *b, const char *buf, int len )
struct tls_data *p;
int ret;
- if ( buf == NULL || len <= 0 )
- return 0;
+ if ( buf == NULL || len <= 0 ) return 0;
p = (struct tls_data *)b->ptr;
- if ( p == NULL || p->sbiod == NULL )
+ if ( p == NULL || p->sbiod == NULL ) {
return 0;
+ }
ret = LBER_SBIOD_WRITE_NEXT( p->sbiod, (char *)buf, len );
BIO_clear_retry_flags( b );
- if ( ret < 0 && errno == EWOULDBLOCK )
+ if ( ret < 0 && errno == EWOULDBLOCK ) {
BIO_set_retry_write( b );
+ }
return ret;
}
@@ -680,20 +692,24 @@ ldap_int_tls_connect( LDAP *ld, LDAPConn *conn )
#ifdef HAVE_WINSOCK
errno = WSAGetLastError();
#endif
+
if ( err <= 0 ) {
if ( update_flags( sb, ssl, err )) {
return 1;
}
+
if ((err = ERR_peek_error())) {
char buf[256];
ld->ld_error = LDAP_STRDUP(ERR_error_string(err, buf));
}
+
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_int_tls_connect: "
"TLS can't connect.\n" ));
#else
Debug( LDAP_DEBUG_ANY,"TLS: can't connect.\n",0,0,0);
#endif
+
ber_sockbuf_remove_io( sb, &sb_tls_sbio,
LBER_SBIOD_LEVEL_TRANSPORT );
#ifdef LDAP_DEBUG
@@ -718,10 +734,11 @@ ldap_pvt_tls_accept( Sockbuf *sb, void *ctx_arg )
if ( HAS_TLS( sb ) ) {
ber_sockbuf_ctrl( sb, LBER_SB_OPT_GET_SSL, (void *)&ssl );
+
} else {
ssl = alloc_handle( ctx_arg );
- if ( ssl == NULL )
- return -1;
+ if ( ssl == NULL ) return -1;
+
#ifdef LDAP_DEBUG
ber_sockbuf_add_io( sb, &ber_sockbuf_io_debug,
LBER_SBIOD_LEVEL_TRANSPORT, (void *)"tls_" );
@@ -736,14 +753,15 @@ ldap_pvt_tls_accept( Sockbuf *sb, void *ctx_arg )
errno = WSAGetLastError();
#endif
if ( err <= 0 ) {
- if ( update_flags( sb, ssl, err ))
- return 1;
+ if ( update_flags( sb, ssl, err )) return 1;
+
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_accept: "
"TLS can't accept.\n" ));
#else
Debug( LDAP_DEBUG_ANY,"TLS: can't accept.\n",0,0,0 );
#endif
+
tls_report_error();
ber_sockbuf_remove_io( sb, &sb_tls_sbio,
LBER_SBIOD_LEVEL_TRANSPORT );
@@ -760,9 +778,7 @@ ldap_pvt_tls_accept( Sockbuf *sb, void *ctx_arg )
int
ldap_pvt_tls_inplace ( Sockbuf *sb )
{
- if ( HAS_TLS( sb ) )
- return(1);
- return(0);
+ return HAS_TLS( sb ) ? 1 : 0;
}
void *
@@ -781,59 +797,59 @@ ldap_pvt_tls_sb_ctx( Sockbuf *sb )
int
ldap_pvt_tls_get_strength( void *s )
{
- SSL_CIPHER *c;
+ SSL_CIPHER *c;
- c = SSL_get_current_cipher((SSL *)s);
- return SSL_CIPHER_get_bits(c, NULL);
+ c = SSL_get_current_cipher((SSL *)s);
+ return SSL_CIPHER_get_bits(c, NULL);
}
-char *
-ldap_pvt_tls_get_my_dn( void *s, LDAPDN_rewrite_dummy *func, unsigned flags )
+int
+ldap_pvt_tls_get_my_dn( void *s, struct berval *dn, LDAPDN_rewrite_dummy *func, unsigned flags )
{
X509 *x;
X509_NAME *xn;
- struct berval dn;
+ int rc;
x = SSL_get_certificate((SSL *)s);
- if (!x) return NULL;
-
+ if (!x) return LDAP_INVALID_CREDENTIALS;
+
xn = X509_get_subject_name(x);
- ldap_X509dn2bv(xn, &dn, (LDAPDN_rewrite_func *)func, flags );
+ rc = ldap_X509dn2bv(xn, dn, (LDAPDN_rewrite_func *)func, flags );
X509_free(x);
- return dn.bv_val;
+ return rc;
}
static X509 *
tls_get_cert( SSL *s )
{
- /* If peer cert was bad, treat as if no cert was given */
- if (SSL_get_verify_result(s)) {
- /* If we can send an alert, do so */
- if (SSL_version(s) != SSL2_VERSION) {
- ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_BAD_CERTIFICATE);
+ /* If peer cert was bad, treat as if no cert was given */
+ if (SSL_get_verify_result(s)) {
+ /* If we can send an alert, do so */
+ if (SSL_version(s) != SSL2_VERSION) {
+ ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_BAD_CERTIFICATE);
+ }
+ return NULL;
}
- return NULL;
- }
- return SSL_get_peer_certificate(s);
+ return SSL_get_peer_certificate(s);
}
-char *
-ldap_pvt_tls_get_peer_dn( void *s, LDAPDN_rewrite_dummy *func, unsigned flags )
+int
+ldap_pvt_tls_get_peer_dn( void *s, struct berval *dn, LDAPDN_rewrite_dummy *func, unsigned flags )
{
X509 *x;
X509_NAME *xn;
- struct berval dn;
+ int rc;
x = tls_get_cert((SSL *)s);
- if (!x) return NULL;
-
+ if (!x) return LDAP_INVALID_CREDENTIALS;
+
xn = X509_get_subject_name(x);
- ldap_X509dn2bv(xn, &dn, (LDAPDN_rewrite_func *)func, flags);
+ rc = ldap_X509dn2bv(xn, dn, (LDAPDN_rewrite_func *)func, flags);
X509_free(x);
- return dn.bv_val;
+ return rc;
}
char *
@@ -845,9 +861,7 @@ ldap_pvt_tls_get_peer_hostname( void *s )
int ret;
x = tls_get_cert((SSL *)s);
-
- if (!x)
- return NULL;
+ if (!x) return NULL;
xn = X509_get_subject_name(x);
@@ -865,8 +879,8 @@ ldap_pvt_tls_get_peer_hostname( void *s )
int
ldap_pvt_tls_check_hostname( void *s, const char *name_in )
{
- int i, ret = LDAP_LOCAL_ERROR;
- X509 *x;
+ int i, ret = LDAP_LOCAL_ERROR;
+ X509 *x;
const char *name;
if( ldap_int_hostname &&
@@ -877,123 +891,134 @@ ldap_pvt_tls_check_hostname( void *s, const char *name_in )
name = name_in;
}
- x = tls_get_cert((SSL *)s);
- if (!x)
- {
+ x = tls_get_cert((SSL *)s);
+ if (!x) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_check_hostname: "
- "TLS unable to get peer certificate.\n" ));
+ LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_check_hostname: "
+ "TLS unable to get peer certificate.\n" ));
#else
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get peer certificate.\n",
- 0, 0, 0 );
+ Debug( LDAP_DEBUG_ANY,
+ "TLS: unable to get peer certificate.\n",
+ 0, 0, 0 );
#endif
- return ret;
- }
-
- i = X509_get_ext_by_NID(x, NID_subject_alt_name, -1);
- if (i >= 0)
- {
- X509_EXTENSION *ex;
- STACK_OF(GENERAL_NAME) *alt;
+ /* If this was a fatal condition, things would have
+ * aborted long before now.
+ */
+ return LDAP_SUCCESS;
+ }
- ex = X509_get_ext(x, i);
- alt = X509V3_EXT_d2i(ex);
- if (alt)
- {
- int n, len1, len2 = 0;
- char *domain;
- GENERAL_NAME *gn;
- X509V3_EXT_METHOD *method;
-
- len1 = strlen(name);
- n = sk_GENERAL_NAME_num(alt);
- domain = strchr(name, '.');
- if (domain)
- len2 = len1 - (domain-name);
- for (i=0; i<n; i++)
- {
- gn = sk_GENERAL_NAME_value(alt, i);
- if (gn->type == GEN_DNS)
- {
- char *sn = ASN1_STRING_data(gn->d.ia5);
- int sl = ASN1_STRING_length(gn->d.ia5);
+ i = X509_get_ext_by_NID(x, NID_subject_alt_name, -1);
+ if (i >= 0) {
+ X509_EXTENSION *ex;
+ STACK_OF(GENERAL_NAME) *alt;
+
+ ex = X509_get_ext(x, i);
+ alt = X509V3_EXT_d2i(ex);
+ if (alt) {
+ int n, len1, len2 = 0;
+ char *domain;
+ GENERAL_NAME *gn;
+ X509V3_EXT_METHOD *method;
+
+ len1 = strlen(name);
+ n = sk_GENERAL_NAME_num(alt);
+ domain = strchr(name, '.');
+ if (domain) {
+ len2 = len1 - (domain-name);
+ }
+ for (i=0; i<n; i++) {
+ gn = sk_GENERAL_NAME_value(alt, i);
+ if (gn->type == GEN_DNS) {
+ char *sn = ASN1_STRING_data(gn->d.ia5);
+ int sl = ASN1_STRING_length(gn->d.ia5);
+
+ /* Is this an exact match? */
+ if ((len1 == sl) && !strncasecmp(name, sn, len1)) {
+ break;
+ }
+
+ /* Is this a wildcard match? */
+ if ((*sn == '*') && domain && (len2 == sl-1) &&
+ !strncasecmp(domain, sn+1, len2))
+ {
+ break;
+ }
- /* Is this an exact match? */
- if ((len1 == sl) && !strncasecmp(name, sn, len1))
- break;
+#if 0
+ /* Is this a RFC 2549 style wildcard match? */
+ if ((*sn == '.') && domain && (len2 == sl) &&
+ !strncasecmp(domain, sn, len2))
+ {
+ break;
+ }
+#endif
+ }
+ }
- /* Is this a wildcard match? */
- if ((*sn == '*') && domain && (len2 == sl-1) &&
- !strncasecmp(domain, sn+1, len2))
- break;
+ method = X509V3_EXT_get(ex);
+ method->ext_free(alt);
+ if (i < n) { /* Found a match */
+ ret = LDAP_SUCCESS;
+ }
}
- }
- method = X509V3_EXT_get(ex);
- method->ext_free(alt);
- if (i < n) /* Found a match */
- ret = LDAP_SUCCESS;
}
- }
- if (ret != LDAP_SUCCESS)
- {
- X509_NAME *xn;
- char buf[2048];
+ if (ret != LDAP_SUCCESS) {
+ X509_NAME *xn;
+ char buf[2048];
- xn = X509_get_subject_name(x);
+ xn = X509_get_subject_name(x);
- if (X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf))
- == -1)
- {
+ if( X509_NAME_get_text_by_NID( xn, NID_commonName,
+ buf, sizeof(buf)) == -1)
+ {
#ifdef NEW_LOGGING
- LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_check_hostname: "
- "TLS unable to get common name from peer certificate.\n" ));
+ LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_check_hostname: "
+ "TLS unable to get common name from peer certificate.\n" ));
#else
- Debug( LDAP_DEBUG_ANY,
- "TLS: unable to get common name from peer certificate.\n",
- 0, 0, 0 );
+ Debug( LDAP_DEBUG_ANY,
+ "TLS: unable to get common name from peer certificate.\n",
+ 0, 0, 0 );
#endif
- } else if (strcasecmp(name, buf))
- {
+
+ } else if (strcasecmp(name, buf)) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_check_hostname: "
- "TLS hostname (%s) does not match "
- "common name in certificate (%s).\n", name, buf ));
+ LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "ldap_pvt_tls_check_hostname: "
+ "TLS hostname (%s) does not match "
+ "common name in certificate (%s).\n", name, buf ));
#else
- Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
- "common name in certificate (%s).\n",
- name, buf, 0 );
+ Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
+ "common name in certificate (%s).\n",
+ name, buf, 0 );
#endif
- ret = LDAP_CONNECT_ERROR;
- } else
- {
- ret = LDAP_SUCCESS;
+ ret = LDAP_CONNECT_ERROR;
+
+ } else {
+ ret = LDAP_SUCCESS;
+ }
}
- }
- X509_free(x);
- return ret;
+ X509_free(x);
+ return ret;
}
const char *
ldap_pvt_tls_get_peer_issuer( void *s )
{
#if 0 /* currently unused; see ldap_pvt_tls_get_peer_dn() if needed */
- X509 *x;
- X509_NAME *xn;
- char buf[2048], *p;
-
- x = SSL_get_peer_certificate((SSL *)s);
-
- if (!x)
- return NULL;
-
- xn = X509_get_issuer_name(x);
- p = LDAP_STRDUP(X509_NAME_oneline(xn, buf, sizeof(buf)));
- X509_free(x);
- return p;
+ X509 *x;
+ X509_NAME *xn;
+ char buf[2048], *p;
+
+ x = SSL_get_peer_certificate((SSL *)s);
+
+ if (!x) return NULL;
+
+ xn = X509_get_issuer_name(x);
+ p = LDAP_STRDUP(X509_NAME_oneline(xn, buf, sizeof(buf)));
+ X509_free(x);
+ return p;
#else
- return NULL;
+ return NULL;
#endif
}
@@ -1013,19 +1038,25 @@ ldap_int_tls_config( LDAP *ld, int option, const char *arg )
case LDAP_OPT_X_TLS_REQUIRE_CERT:
case LDAP_OPT_X_TLS:
i = -1;
- if ( strcasecmp( arg, "never" ) == 0 )
+ if ( strcasecmp( arg, "never" ) == 0 ) {
i = LDAP_OPT_X_TLS_NEVER ;
- if ( strcasecmp( arg, "demand" ) == 0 )
+
+ } else if ( strcasecmp( arg, "demand" ) == 0 ) {
i = LDAP_OPT_X_TLS_DEMAND ;
- if ( strcasecmp( arg, "allow" ) == 0 )
+
+ } else if ( strcasecmp( arg, "allow" ) == 0 ) {
i = LDAP_OPT_X_TLS_ALLOW ;
- if ( strcasecmp( arg, "try" ) == 0 )
+
+ } else if ( strcasecmp( arg, "try" ) == 0 ) {
i = LDAP_OPT_X_TLS_TRY ;
- if ( ( strcasecmp( arg, "hard" ) == 0 ) ||
- ( strcasecmp( arg, "on" ) == 0 ) ||
- ( strcasecmp( arg, "yes" ) == 0) ||
- ( strcasecmp( arg, "true" ) == 0 ) )
+
+ } else if ( ( strcasecmp( arg, "hard" ) == 0 ) ||
+ ( strcasecmp( arg, "on" ) == 0 ) ||
+ ( strcasecmp( arg, "yes" ) == 0) ||
+ ( strcasecmp( arg, "true" ) == 0 ) )
+ {
i = LDAP_OPT_X_TLS_HARD ;
+ }
if (i >= 0) {
return ldap_pvt_tls_set_option( ld, option, &i );
@@ -1063,10 +1094,11 @@ ldap_pvt_tls_get_option( LDAP *ld, int option, void *arg )
*(int *)arg = lo->ldo_tls_mode;
break;
case LDAP_OPT_X_TLS_CTX:
- if ( ld == NULL )
+ if ( ld == NULL ) {
*(void **)arg = (void *) tls_def_ctx;
- else
+ } else {
*(void **)arg = ld->ld_defconn->lconn_tls_ctx;
+ }
break;
case LDAP_OPT_X_TLS_CACERTFILE:
*(char **)arg = tls_opt_cacertfile ?
@@ -1246,15 +1278,16 @@ ldap_int_tls_start ( LDAP *ld, LDAPConn *conn, LDAPURLDesc *srv )
* set SASL properties to TLS ssf and authid
*/
{
- char *authid;
+ struct berval authid = { 0, NULL };
ber_len_t ssf;
/* we need to let SASL know */
ssf = ldap_pvt_tls_get_strength( ssl );
- authid = ldap_pvt_tls_get_my_dn( ssl, NULL, 0 );
+ /* failure is OK, we just can't use SASL EXTERNAL */
+ (void) ldap_pvt_tls_get_my_dn( ssl, &authid, NULL, 0 );
- (void) ldap_int_sasl_external( ld, conn, authid, ssf );
- LDAP_FREE( authid );
+ (void) ldap_int_sasl_external( ld, conn, authid.bv_val, ssf );
+ LDAP_FREE( authid.bv_val );
}
return LDAP_SUCCESS;
@@ -1276,47 +1309,49 @@ tls_info_cb( SSL *ssl, int where, int ret )
op = "undefined";
}
- if ( where & SSL_CB_LOOP ) {
+ if ( where & SSL_CB_LOOP ) {
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_DETAIL1, "tls_info_cb: "
"TLS trace: %s:%s\n", op, SSL_state_string_long( ssl ) ));
#else
Debug( LDAP_DEBUG_TRACE,
- "TLS trace: %s:%s\n",
- op, SSL_state_string_long( ssl ), 0 );
+ "TLS trace: %s:%s\n",
+ op, SSL_state_string_long( ssl ), 0 );
#endif
+
} else if ( where & SSL_CB_ALERT ) {
- op = ( where & SSL_CB_READ ) ? "read" : "write";
+ op = ( where & SSL_CB_READ ) ? "read" : "write";
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_DETAIL1, "tls_info_cb: "
"TLS trace: SSL3 alert %s:%s:%s\n", op,
- SSL_alert_type_string_long( ret ),
- SSL_alert_desc_string_long( ret) ));
+ SSL_alert_type_string_long( ret ),
+ SSL_alert_desc_string_long( ret) ));
#else
Debug( LDAP_DEBUG_TRACE,
- "TLS trace: SSL3 alert %s:%s:%s\n",
- op,
- SSL_alert_type_string_long( ret ),
- SSL_alert_desc_string_long( ret) );
+ "TLS trace: SSL3 alert %s:%s:%s\n",
+ op,
+ SSL_alert_type_string_long( ret ),
+ SSL_alert_desc_string_long( ret) );
#endif
+
} else if ( where & SSL_CB_EXIT ) {
- if ( ret == 0 ) {
+ if ( ret == 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "tls_info_cb: "
"TLS trace: %s:failed in %s\n", op, SSL_state_string_long( ssl ) ));
#else
Debug( LDAP_DEBUG_TRACE,
- "TLS trace: %s:failed in %s\n",
- op, SSL_state_string_long( ssl ), 0 );
+ "TLS trace: %s:failed in %s\n",
+ op, SSL_state_string_long( ssl ), 0 );
#endif
- } else if ( ret < 0 ) {
+ } else if ( ret < 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "tls_info_cb: "
"TLS trace: %s:error in %s\n", op, SSL_state_string_long( ssl ) ));
#else
Debug( LDAP_DEBUG_TRACE,
- "TLS trace: %s:error in %s\n",
- op, SSL_state_string_long( ssl ), 0 );
+ "TLS trace: %s:error in %s\n",
+ op, SSL_state_string_long( ssl ), 0 );
#endif
}
}
@@ -1351,12 +1386,21 @@ tls_verify_cb( int ok, X509_STORE_CTX *ctx )
"TLS certificate verification: depth: %d, err: %d: "
"subject: %s, issuer: %s\n", errdepth, errnum,
sname ? sname : "-unknown-", iname ? iname : "-unknown-" ));
+ if ( !ok ) {
+ LDAP_LOG (( "tls", LDAP_LEVEL_ERR, "TLS certificate verification: Error, %s\n",
+ X509_verify_cert_error_string(errnum)));
+ }
#else
Debug( LDAP_DEBUG_TRACE,
- "TLS certificate verification: depth: %d, err: %d, subject: %s,",
- errdepth, errnum,
- sname ? sname : "-unknown-" );
+ "TLS certificate verification: depth: %d, err: %d, subject: %s,",
+ errdepth, errnum,
+ sname ? sname : "-unknown-" );
Debug( LDAP_DEBUG_TRACE, " issuer: %s\n", iname ? iname : "-unknown-", 0, 0 );
+ if ( !ok ) {
+ Debug( LDAP_DEBUG_ANY,
+ "TLS certificate verification: Error, %s\n",
+ X509_verify_cert_error_string(errnum), 0, 0 );
+ }
#endif
if ( sname )
CRYPTO_free ( sname );
@@ -1377,21 +1421,21 @@ tls_verify_ok( int ok, X509_STORE_CTX *ctx )
static void
tls_report_error( void )
{
- unsigned long l;
- char buf[200];
- const char *file;
- int line;
+ unsigned long l;
+ char buf[200];
+ const char *file;
+ int line;
- while ( ( l = ERR_get_error_line( &file, &line ) ) != 0 ) {
+ while ( ( l = ERR_get_error_line( &file, &line ) ) != 0 ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "tls", LDAP_LEVEL_ERR,
- "tls_report_error: TLS %s %s:%d\n",
- ERR_error_string( l, buf ), file, line ));
+ LDAP_LOG (( "tls", LDAP_LEVEL_ERR,
+ "tls_report_error: TLS %s %s:%d\n",
+ ERR_error_string( l, buf ), file, line ));
#else
- Debug( LDAP_DEBUG_ANY, "TLS: %s %s:%d\n",
- ERR_error_string( l, buf ), file, line );
+ Debug( LDAP_DEBUG_ANY, "TLS: %s %s:%d\n",
+ ERR_error_string( l, buf ), file, line );
#endif
- }
+ }
}
static RSA *
@@ -1429,7 +1473,7 @@ tls_seed_PRNG( const char *randfile )
if (randfile == NULL) {
/* The seed file is $RANDFILE if defined, otherwise $HOME/.rnd.
* If $HOME is not set or buffer too small to hold the pathname,
- * an error occurs. - From RAND_file_name() man page.
+ * an error occurs. - From RAND_file_name() man page.
* The fact is that when $HOME is NULL, .rnd is used.
*/
randfile = RAND_file_name( buffer, sizeof( buffer ) );
diff --git a/libraries/libldap/utf-8.c b/libraries/libldap/utf-8.c
index a241a6313c..ab42cfbf5e 100644
--- a/libraries/libldap/utf-8.c
+++ b/libraries/libldap/utf-8.c
@@ -164,12 +164,21 @@ int ldap_x_ucs4_to_utf8( ldap_ucs4_t c, char *buf )
{
int len=0;
unsigned char* p = buf;
- if(buf == NULL) return 0;
- if ( c < 0 ) {
- /* not a valid Unicode character */
+ /* not a valid Unicode character */
+ if ( c < 0 ) return 0;
+
+ /* Just return length, don't convert */
+ if(buf == NULL) {
+ if( c < 0x80 ) return 1;
+ else if( c < 0x800 ) return 2;
+ else if( c < 0x10000 ) return 3;
+ else if( c < 0x200000 ) return 4;
+ else if( c < 0x4000000 ) return 5;
+ else return 6;
+ }
- } else if( c < 0x80 ) {
+ if( c < 0x80 ) {
p[len++] = c;
} else if( c < 0x800 ) {
@@ -203,10 +212,80 @@ int ldap_x_ucs4_to_utf8( ldap_ucs4_t c, char *buf )
p[len++] = 0x80 | ( c & 0x3f );
}
- buf[len] = '\0';
return len;
}
+#define LDAP_UCS_UTF8LEN(c) \
+ c < 0 ? 0 : (c < 0x80 ? 1 : (c < 0x800 ? 2 : (c < 0x10000 ? 3 : \
+ (c < 0x200000 ? 4 : (c < 0x4000000 ? 5 : 6)))))
+
+/* Convert a string to UTF-8 format. The input string is expected to
+ * have characters of 1, 2, or 4 octets (in network byte order)
+ * corresponding to the ASN.1 T61STRING, BMPSTRING, and UNIVERSALSTRING
+ * types respectively. (Here T61STRING just means that there is one
+ * octet per character and characters may use the high bit of the octet.
+ * The characters are assumed to use ISO mappings, no provision is made
+ * for converting from T.61 coding rules to Unicode.)
+ */
+
+int
+ldap_ucs_to_utf8s( struct berval *ucs, int csize, struct berval *utf8s )
+{
+ unsigned char *in, *end;
+ char *ptr;
+ ldap_ucs4_t u;
+ int i, l = 0;
+
+ utf8s->bv_val = NULL;
+ utf8s->bv_len = 0;
+
+ in = (unsigned char *)ucs->bv_val;
+
+ /* Make sure we stop at an even multiple of csize */
+ end = in + ( ucs->bv_len & ~(csize-1) );
+
+ for (; in < end; ) {
+ u = *in++;
+ if (csize > 1) {
+ u <<= 8;
+ u |= *in++;
+ }
+ if (csize > 2) {
+ u <<= 8;
+ u |= *in++;
+ u <<= 8;
+ u |= *in++;
+ }
+ i = LDAP_UCS_UTF8LEN(u);
+ if (i == 0)
+ return LDAP_INVALID_SYNTAX;
+ l += i;
+ }
+
+ utf8s->bv_val = LDAP_MALLOC( l+1 );
+ if (utf8s->bv_val == NULL)
+ return LDAP_NO_MEMORY;
+ utf8s->bv_len = l;
+
+ ptr = utf8s->bv_val;
+ for (in = (unsigned char *)ucs->bv_val; in < end; ) {
+ u = *in++;
+ if (csize > 1) {
+ u <<= 8;
+ u |= *in++;
+ }
+ if (csize > 2) {
+ u <<= 8;
+ u |= *in++;
+ u <<= 8;
+ u |= *in++;
+ }
+ ptr += ldap_x_ucs4_to_utf8(u, ptr);
+ }
+ *ptr = '\0';
+ return LDAP_SUCCESS;
+}
+
/*
* Advance to the next UTF-8 character
*
diff --git a/libraries/libldap_r/Makefile.in b/libraries/libldap_r/Makefile.in
new file mode 100644
index 0000000000..4a3342bbda
--- /dev/null
+++ b/libraries/libldap_r/Makefile.in
@@ -0,0 +1,71 @@
+# $OpenLDAP$
+## Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+## COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+##
+## Makefile.in for LDAP -lldap
+##
+LIBRARY = libldap_r.la
+
+PROGRAMS = apitest ltest
+
+XXDIR = $(srcdir)/../libldap
+XXSRCS = apitest.c test.c extended.c \
+ bind.c controls.c open.c result.c error.c compare.c search.c \
+ modify.c add.c modrdn.c delete.c abandon.c cache.c cyrus.c \
+ getfilter.c sasl.c sbind.c kbind.c unbind.c \
+ filter.c free.c dsparse.c sort.c \
+ getdn.c getentry.c getattr.c getvalues.c addentry.c \
+ request.c os-ip.c url.c sortctrl.c vlvctrl.c \
+ init.c options.c print.c string.c util-int.c schema.c \
+ charray.c tls.c os-local.c dnssrv.c utf-8.c utf-8-conv.c
+SRCS = threads.c rdwr.c tpool.c \
+ thr_posix.c thr_cthreads.c thr_thr.c thr_lwp.c thr_nt.c \
+ thr_pth.c thr_stub.c
+OBJS = threads.lo rdwr.lo tpool.lo \
+ thr_posix.lo thr_cthreads.lo thr_thr.lo thr_lwp.lo thr_nt.lo \
+ thr_pth.lo thr_stub.lo \
+ extended.lo \
+ bind.lo controls.lo open.lo result.lo error.lo compare.lo search.lo \
+ modify.lo add.lo modrdn.lo delete.lo abandon.lo cache.lo cyrus.lo \
+ getfilter.lo sasl.lo sbind.lo kbind.lo unbind.lo \
+ filter.lo free.lo dsparse.lo sort.lo \
+ getdn.lo getentry.lo getattr.lo getvalues.lo addentry.lo \
+ request.lo os-ip.lo url.lo sortctrl.lo vlvctrl.lo \
+ init.lo options.lo print.lo string.lo util-int.lo schema.lo \
+ charray.lo tls.lo os-local.lo dnssrv.lo utf-8.lo utf-8-conv.lo
+
+LDAP_INCDIR= ../../include
+LDAP_LIBDIR= ../../libraries
+
+LIB_DEFS = -DLDAP_LIBRARY
+
+XDEFS = -DLDAP_R_COMPILE -I$(XXDIR)
+XLIBS = $(LIBRARY) $(LDAP_LIBLBER_LA) $(LDAP_LIBLUTIL_A)
+XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
+XXXLIBS = $(LTHREAD_LIBS)
+NT_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+UNIX_LINK_LIBS = $(LDAP_LIBLBER_LA) $(AC_LIBS) $(SECURITY_LIBS)
+
+.links : Makefile
+ @for i in $(XXSRCS); do \
+ $(RM) $$i ; \
+ $(LN_S) $(XXDIR)/$$i . ; \
+ done
+ touch .links
+
+$(XXSRCS) : .links
+
+clean-local: FORCE
+ @$(RM) .links
+
+depend-common: .links
+
+apitest: $(XLIBS) apitest.o
+ $(LTLINK) -o $@ apitest.o $(LIBS)
+ltest: $(XLIBS) test.o
+ $(LTLINK) -o $@ test.o $(LIBS)
+
+install-local: $(CFFILES) FORCE
+ -$(MKDIR) $(DESTDIR)$(libdir)
+ $(LTINSTALL) $(INSTALLFLAGS) -m 644 $(LIBRARY) $(DESTDIR)$(libdir)
+
diff --git a/libraries/liblunicode/Makefile.in b/libraries/liblunicode/Makefile.in
index 6bf119d2ff..5316d023ae 100644
--- a/libraries/liblunicode/Makefile.in
+++ b/libraries/liblunicode/Makefile.in
@@ -42,6 +42,6 @@ install-local: $(PROGRAMS) FORCE
$(XXSRCS) : .links
clean-local: FORCE
- @$(RM) *.dat .links
+ @$(RM) *.dat .links $(XXHEADERS)
depend-common: .links
diff --git a/libraries/liblutil/debug.c b/libraries/liblutil/debug.c
new file mode 100644
index 0000000000..1d47361d8e
--- /dev/null
+++ b/libraries/liblutil/debug.c
@@ -0,0 +1,301 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/stdarg.h>
+#include <ac/stdlib.h>
+#include <ac/string.h>
+#include <ac/time.h>
+
+#ifdef LDAP_SYSLOG
+#include <ac/syslog.h>
+#endif
+
+#include "ldap_log.h"
+#include "ldap_defaults.h"
+#include "lber.h"
+
+struct DEBUGLEVEL
+{
+ char *subsystem;
+ int level;
+};
+
+static struct DEBUGLEVEL **levelArray;
+static long numLevels = 0;
+
+static FILE *log_file = NULL;
+static int global_level = 0;
+
+#ifdef LDAP_SYSLOG
+static int use_syslog = 0;
+
+static int debug2syslog(int l) {
+ switch (l) {
+ case LDAP_LEVEL_EMERG: return LOG_EMERG;
+ case LDAP_LEVEL_ALERT: return LOG_ALERT;
+ case LDAP_LEVEL_CRIT: return LOG_CRIT;
+ case LDAP_LEVEL_ERR: return LOG_ERR;
+ case LDAP_LEVEL_WARNING: return LOG_WARNING;
+ case LDAP_LEVEL_NOTICE: return LOG_NOTICE;
+ case LDAP_LEVEL_INFO: return LOG_INFO;
+ }
+ return LOG_DEBUG;
+}
+#endif
+
+static char *lutil_levels[] = {"emergency", "alert", "critical",
+ "error", "warning", "notice",
+ "information", "entry", "args",
+ "results", "detail1", "detail2",
+ NULL};
+
+int lutil_mnem2level( const char *level )
+{
+ int i;
+ for( i = 0; lutil_levels[i] != NULL; i++ )
+ {
+ if ( !strcasecmp( level, lutil_levels[i] ) )
+ {
+ return i;
+ }
+ }
+ return 0;
+}
+
+static void addSubsys( const char *subsys, int level )
+{
+ int i, j;
+
+ if ( !strcasecmp( subsys, "global") ) global_level = level;
+
+ for( i = 0; i < numLevels; i++ )
+ {
+ if ( levelArray[i] == NULL )
+ {
+ levelArray[i] = (struct DEBUGLEVEL*)ber_memalloc( sizeof( struct DEBUGLEVEL ) );
+ levelArray[i]->subsystem = (char*)ber_memalloc( strlen( subsys ) + 1 );
+ strcpy ( levelArray[i]->subsystem, subsys );
+ levelArray[i]->level = level;
+ return;
+ }
+ if( !strcasecmp( subsys, levelArray[i]->subsystem ) )
+ {
+ levelArray[i]->level = level;
+ return;
+ }
+ }
+ levelArray = (struct DEBUGLEVEL**)ber_memrealloc( levelArray, sizeof( struct DEBUGLEVEL* ) * (numLevels + 10) );
+ for( j = numLevels; j < (numLevels + 10); j++ )
+ {
+ levelArray[j] = NULL;
+ }
+ numLevels += 10;
+ levelArray[i] = (struct DEBUGLEVEL*)ber_memalloc( sizeof( struct DEBUGLEVEL ) );
+ levelArray[i]->subsystem = (char*)ber_memalloc( strlen( subsys ) + 1 );
+ strcpy( levelArray[i]->subsystem, subsys );
+ levelArray[i]->level = level;
+ return;
+}
+
+void lutil_set_debug_level( const char* subsys, int level )
+{
+ addSubsys( subsys, level );
+}
+
+int lutil_debug_file( FILE *file )
+{
+ log_file = file;
+ ber_set_option( NULL, LBER_OPT_LOG_PRINT_FILE, file );
+
+ return 0;
+}
+
+void lutil_log_int(
+ FILE* file,
+ const char *subsys, int level,
+ const char *fmt, va_list vl )
+{
+#ifdef HAVE_WINSOCK
+ time_t now;
+ struct tm *today;
+#endif
+ int i;
+
+ if ( levelArray == NULL ) return; /* logging isn't set up */
+
+ /*
+ * Look for the subsystem in the level array. When we find it,
+ * break out of the loop.
+ */
+ for( i = 0; i < numLevels; i++ ) {
+ if ( levelArray[i] == NULL ) break;
+ if ( ! strcasecmp( levelArray[i]->subsystem, subsys ) ) break;
+ }
+
+ /*
+ * If we didn't find the subsystem, or the set level is less than
+ * the requested output level, don't output it.
+ */
+ if ( (level > global_level) &&
+ ((i > numLevels ) || (levelArray[i] == NULL) || ( level > levelArray[i]->level )) )
+ {
+ return;
+ }
+
+#ifdef LDAP_SYSLOG
+ /* we're configured to use syslog */
+ if( use_syslog ) {
+ vsyslog( debug2syslog(level), fmt, vl );
+ return;
+ }
+#endif
+
+#if 0
+#ifdef HAVE_WINSOCK
+ if( log_file == NULL ) {
+ log_file = fopen( LDAP_RUNDIR LDAP_DIRSEP "openldap.log", "w" );
+
+ if ( log_file == NULL )
+ log_file = fopen( "openldap.log", "w" );
+
+ if ( log_file == NULL )
+ return;
+
+ ber_set_option( NULL, LBER_OPT_LOG_PRINT_FILE, log_file );
+ }
+#endif
+#endif
+
+ if( file == NULL ) {
+ /*
+ * Use stderr unless file was specified via:
+ * ber_set_option( NULL, LBER_OPT_LOG_PRINT_FILE, file)
+ */
+ file = stderr;
+ }
+
+#ifdef HAVE_WINSOCK
+ /*
+ * Stick the time in the buffer to output when using Winsock
+ * as NT can't pipe to a timestamp program like Unix can.
+ * This, of course, makes some logs hard to read.
+ */
+ time( &now );
+ today = localtime( &now );
+ fprintf( file, "%4d%02d%02d:%02d:%02d:%02d ",
+ today->tm_year + 1900, today->tm_mon + 1,
+ today->tm_mday, today->tm_hour,
+ today->tm_min, today->tm_sec );
+#endif
+
+ /*
+ * format the output data.
+ */
+ vfprintf( file, fmt, vl );
+}
+
+/*
+ * The primary logging routine. Takes the subsystem being logged from, the
+ * level of the log output and the format and data. Send this on to the
+ * internal routine with the print file, if any.
+ */
+void lutil_log( const char *subsys, int level, const char *fmt, ... )
+{
+ FILE* outfile = NULL;
+ va_list vl;
+ va_start( vl, fmt );
+ ber_get_option( NULL, LBER_OPT_LOG_PRINT_FILE, &outfile );
+ lutil_log_int( outfile, subsys, level, fmt, vl );
+ va_end( vl );
+}
+
+void lutil_log_initialize(int argc, char **argv)
+{
+ int i;
+ /*
+ * Start by setting the hook for the libraries to use this logging
+ * routine.
+ */
+ ber_set_option( NULL, LBER_OPT_LOG_PROC, (void*)lutil_log_int );
+
+ if ( argc == 0 ) return;
+ /*
+ * Now go through the command line options to set the debugging
+ * levels
+ */
+ for( i = 0; i < argc; i++ )
+ {
+ char *next = argv[i];
+ if ( i < argc-1 && next[0] == '-' && next[1] == 'd' )
+ {
+ char subsys[64];
+ int level;
+ char *optarg = argv[i+1];
+ char *index = strchr( optarg, '=' );
+ if ( index != NULL )
+ {
+ *index = 0;
+ strcpy ( subsys, optarg );
+ level = atoi( index+1 );
+ if ( level <= 0 ) level = lutil_mnem2level( index + 1 );
+ lutil_set_debug_level( subsys, level );
+ *index = '=';
+ }
+ else
+ {
+ global_level = atoi( optarg );
+ /*
+ * if a negative number was used, make the global level the
+ * maximum sane level.
+ */
+ if ( global_level < 0 ) global_level = 65535;
+ }
+ }
+ }
+}
+
+void (lutil_debug)( int debug, int level, const char *fmt, ... )
+{
+ char buffer[4096];
+ va_list vl;
+
+ if ( !(level & debug ) )
+ return;
+
+#ifdef HAVE_WINSOCK
+ if( log_file == NULL ) {
+ log_file = fopen( LDAP_RUNDIR LDAP_DIRSEP "openldap.log", "w" );
+
+ if ( log_file == NULL )
+ log_file = fopen( "openldap.log", "w" );
+
+ if ( log_file == NULL )
+ return;
+
+ ber_set_option( NULL, LBER_OPT_LOG_PRINT_FILE, log_file );
+ }
+#endif
+ va_start( vl, fmt );
+
+#ifdef HAVE_VSNPRINTF
+ vsnprintf( buffer, sizeof(buffer), fmt, vl );
+#else
+ vsprintf( buffer, fmt, vl );
+#endif
+ buffer[sizeof(buffer)-1] = '\0';
+
+ if( log_file != NULL ) {
+ fputs( buffer, log_file );
+ fflush( log_file );
+ }
+
+ fputs( buffer, stderr );
+ va_end( vl );
+}
diff --git a/libraries/liblutil/sha1.c b/libraries/liblutil/sha1.c
new file mode 100644
index 0000000000..3ef447e823
--- /dev/null
+++ b/libraries/liblutil/sha1.c
@@ -0,0 +1,276 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+/* Acquired from:
+ * $OpenBSD: sha1.c,v 1.9 1997/07/23 21:12:32 kstailey Exp $ */
+
+/*
+ * SHA-1 in C
+ * By Steve Reid <steve@edmweb.com>
+ * 100% Public Domain
+ *
+ * Test Vectors (from FIPS PUB 180-1)
+ * "abc"
+ * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D
+ * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
+ * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1
+ * A million repetitions of "a"
+ * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F
+ */
+
+/*
+ * This code assumes uint32 is 32 bits and char is 8 bits
+ */
+
+#include "portable.h"
+#include <ac/param.h>
+#include <ac/string.h>
+#include <ac/socket.h>
+#include <ac/bytes.h>
+
+#include "lutil_sha1.h"
+
+#ifdef LUTIL_SHA1_BYTES
+
+/* undefining this will cause pointer alignment errors */
+#define SHA1HANDSOFF /* Copies data before messing with it. */
+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits))))
+
+/*
+ * blk0() and blk() perform the initial expand.
+ * I got the idea of expanding during the round function from SSLeay
+ */
+#if BYTE_ORDER == LITTLE_ENDIAN
+# define blk0(i) (block[i] = (rol(block[i],24)&0xFF00FF00) \
+ |(rol(block[i],8)&0x00FF00FF))
+#else
+# define blk0(i) block[i]
+#endif
+#define blk(i) (block[i&15] = rol(block[(i+13)&15]^block[(i+8)&15] \
+ ^block[(i+2)&15]^block[i&15],1))
+
+/*
+ * (R0+R1), R2, R3, R4 are the different operations (rounds) used in SHA1
+ */
+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30);
+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30);
+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30);
+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30);
+
+
+/*
+ * Hash a single 512-bit block. This is the core of the algorithm.
+ */
+void
+lutil_SHA1Transform( uint32 *state, const unsigned char *buffer )
+{
+ uint32 a, b, c, d, e;
+
+#ifdef SHA1HANDSOFF
+ uint32 block[16];
+ (void)AC_MEMCPY(block, buffer, 64);
+#else
+ uint32 *block = (u_int32 *) buffer;
+#endif
+
+ /* Copy context->state[] to working vars */
+ a = state[0];
+ b = state[1];
+ c = state[2];
+ d = state[3];
+ e = state[4];
+
+ /* 4 rounds of 20 operations each. Loop unrolled. */
+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3);
+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7);
+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11);
+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15);
+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19);
+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23);
+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27);
+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31);
+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35);
+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39);
+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43);
+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47);
+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51);
+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55);
+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59);
+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63);
+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67);
+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71);
+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75);
+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79);
+
+ /* Add the working vars back into context.state[] */
+ state[0] += a;
+ state[1] += b;
+ state[2] += c;
+ state[3] += d;
+ state[4] += e;
+
+ /* Wipe variables */
+ a = b = c = d = e = 0;
+}
+
+
+/*
+ * lutil_SHA1Init - Initialize new context
+ */
+void
+lutil_SHA1Init( lutil_SHA1_CTX *context )
+{
+
+ /* SHA1 initialization constants */
+ context->state[0] = 0x67452301;
+ context->state[1] = 0xEFCDAB89;
+ context->state[2] = 0x98BADCFE;
+ context->state[3] = 0x10325476;
+ context->state[4] = 0xC3D2E1F0;
+ context->count[0] = context->count[1] = 0;
+}
+
+
+/*
+ * Run your data through this.
+ */
+void
+lutil_SHA1Update(
+ lutil_SHA1_CTX *context,
+ const unsigned char *data,
+ uint32 len
+)
+{
+ u_int i, j;
+
+ j = context->count[0];
+ if ((context->count[0] += len << 3) < j)
+ context->count[1] += (len>>29)+1;
+ j = (j >> 3) & 63;
+ if ((j + len) > 63) {
+ (void)AC_MEMCPY(&context->buffer[j], data, (i = 64-j));
+ lutil_SHA1Transform(context->state, context->buffer);
+ for ( ; i + 63 < len; i += 64)
+ lutil_SHA1Transform(context->state, &data[i]);
+ j = 0;
+ } else {
+ i = 0;
+ }
+ (void)AC_MEMCPY(&context->buffer[j], &data[i], len - i);
+}
+
+
+/*
+ * Add padding and return the message digest.
+ */
+void
+lutil_SHA1Final( unsigned char *digest, lutil_SHA1_CTX *context )
+{
+ u_int i;
+ unsigned char finalcount[8];
+
+ for (i = 0; i < 8; i++) {
+ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)]
+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */
+ }
+ lutil_SHA1Update(context, (unsigned char *)"\200", 1);
+ while ((context->count[0] & 504) != 448)
+ lutil_SHA1Update(context, (unsigned char *)"\0", 1);
+ lutil_SHA1Update(context, finalcount, 8); /* Should cause a SHA1Transform() */
+
+ if (digest) {
+ for (i = 0; i < 20; i++)
+ digest[i] = (unsigned char)
+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255);
+ }
+}
+
+
+/* sha1hl.c
+ * ----------------------------------------------------------------------------
+ * "THE BEER-WARE LICENSE" (Revision 42):
+ * <phk@login.dkuug.dk> wrote this file. As long as you retain this notice you
+ * can do whatever you want with this stuff. If we meet some day, and you think
+ * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
+ * ----------------------------------------------------------------------------
+ */
+
+#if defined(LIBC_SCCS) && !defined(lint)
+static char rcsid[] = "$OpenBSD: sha1hl.c,v 1.1 1997/07/12 20:06:03 millert Exp $";
+#endif /* LIBC_SCCS and not lint */
+
+#include <stdio.h>
+#include <ac/stdlib.h>
+
+#include <ac/errno.h>
+#include <ac/unistd.h>
+
+#ifdef HAVE_SYS_FILE_H
+#include <sys/file.h>
+#endif
+
+#ifdef HAVE_IO_H
+#include <io.h>
+#endif
+
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+
+
+/* ARGSUSED */
+char *
+lutil_SHA1End( lutil_SHA1_CTX *ctx, char *buf )
+{
+ int i;
+ char *p = buf;
+ unsigned char digest[20];
+ static const char hex[]="0123456789abcdef";
+
+ if (p == NULL && (p = malloc(41)) == NULL)
+ return 0;
+
+ lutil_SHA1Final(digest,ctx);
+ for (i = 0; i < 20; i++) {
+ p[i + i] = hex[digest[i] >> 4];
+ p[i + i + 1] = hex[digest[i] & 0x0f];
+ }
+ p[i + i] = '\0';
+ return(p);
+}
+
+char *
+lutil_SHA1File( char *filename, char *buf )
+{
+ unsigned char buffer[BUFSIZ];
+ lutil_SHA1_CTX ctx;
+ int fd, num, oerrno;
+
+ lutil_SHA1Init(&ctx);
+
+ if ((fd = open(filename,O_RDONLY)) < 0)
+ return(0);
+
+ while ((num = read(fd, buffer, sizeof(buffer))) > 0)
+ lutil_SHA1Update(&ctx, buffer, num);
+
+ oerrno = errno;
+ close(fd);
+ errno = oerrno;
+ return(num < 0 ? 0 : lutil_SHA1End(&ctx, buf));
+}
+
+char *
+lutil_SHA1Data( const unsigned char *data, size_t len, char *buf )
+{
+ lutil_SHA1_CTX ctx;
+
+ lutil_SHA1Init(&ctx);
+ lutil_SHA1Update(&ctx, data, len);
+ return(lutil_SHA1End(&ctx, buf));
+}
+
+#endif
diff --git a/libraries/liblutil/uuid.c b/libraries/liblutil/uuid.c
new file mode 100644
index 0000000000..d93c364eb8
--- /dev/null
+++ b/libraries/liblutil/uuid.c
@@ -0,0 +1,316 @@
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+/* Portions
+ * Copyright 2000, John E. Schimmel, All rights reserved.
+ * This software is not subject to any license of Mirapoint, Inc.
+ *
+ * This is free software; you can redistribute and use it
+ * under the same terms as OpenLDAP itself.
+ */
+/*
+ * Sorry this file is so scary, but it needs to run on a wide range of
+ * platforms. The only exported routine is lutil_uuidstr() which is all
+ * that LDAP cares about. It generates a new uuid and returns it in
+ * in string form.
+ */
+#include "portable.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+
+#include <ac/stdlib.h>
+
+#ifdef HAVE_UUID_TO_STR
+# include <sys/uuid.h>
+#elif defined( _WIN32 )
+# include <rpc.h>
+#else
+# include <ac/socket.h>
+# include <ac/time.h>
+
+ /* 100 usec intervals from 10/10/1582 to 1/1/1970 */
+# define UUID_TPLUS 0x01B21DD2138140LL
+
+# ifdef HAVE_SYS_SYSCTL_H
+# include <net/if.h>
+# include <sys/sysctl.h>
+# include <net/route.h>
+# endif
+#endif
+
+#include <lutil.h>
+
+/* not needed for Windows */
+#if !defined(HAVE_UUID_TO_STR) && !defined(_WIN32)
+static unsigned char *
+lutil_eaddr( void )
+{
+ static unsigned char zero[6];
+ static unsigned char eaddr[6];
+
+#ifdef HAVE_SYS_SYSCTL_H
+ size_t needed;
+ int mib[6];
+ char *buf, *next, *lim;
+ struct if_msghdr *ifm;
+ struct sockaddr_dl *sdl;
+
+ if (memcmp(eaddr, zero, sizeof(eaddr))) {
+ return eaddr;
+ }
+
+ mib[0] = CTL_NET;
+ mib[1] = PF_ROUTE;
+ mib[3] = 0;
+ mib[3] = 0;
+ mib[4] = NET_RT_IFLIST;
+ mib[5] = 0;
+
+ if (sysctl(mib, sizeof(mib), NULL, &needed, NULL, 0) < 0) {
+ return NULL;
+ }
+
+ buf = malloc(needed);
+ if( buf == NULL ) return NULL;
+
+ if (sysctl(mib, sizeof(mib), buf, &needed, NULL, 0) < 0) {
+ free(buf);
+ return NULL;
+ }
+
+ lim = buf + needed;
+ for (next = buf; next < lim; next += ifm->ifm_msglen) {
+ ifm = (struct if_msghdr *)next;
+ sdl = (struct sockaddr_dl *)(ifm + 1);
+
+ if ( sdl->sdl_family != AF_LINK || sdl->sdl_alen == 6 ) {
+ AC_MEMCPY(eaddr,
+ (unsigned char *)sdl->sdl_data + sdl->sdl_nlen,
+ sizeof(eaddr));
+ free(buf);
+ return eaddr;
+ }
+ }
+
+ free(buf);
+ return NULL;
+
+#elif defined (SIOCGIFADDR)
+ char buf[sizeof(struct ifreq) * 32];
+ struct ifconf ifc;
+ struct ifreq *ifr;
+ struct sockaddr *sa;
+ struct sockaddr_dl *sdl;
+ unsigned char *p;
+ int s, i;
+
+ if (memcmp(eaddr, zero, sizeof(eaddr))) {
+ return eaddr;
+ }
+
+ s = socket( AF_INET, SOCK_DGRAM, 0 );
+ if ( s < 0 ) {
+ return NULL;
+ }
+
+ ifc.ifc_len = sizeof( buf );
+ ifc.ifc_buf = buf;
+ memset( buf, 0, sizeof( buf ) );
+
+ i = ioctl( s, SIOCGIFCONF, (char *)&ifc );
+ close( s );
+
+ if( i < 0 ) {
+ return NULL;
+ }
+
+ for ( i = 0; i < ifc.ifc_len; ) {
+ ifr = (struct ifreq *)&ifc.ifc_buf[i];
+ sa = &ifr->ifr_addr;
+
+ if ( sa->sa_len > sizeof( ifr->ifr_addr ) ) {
+ i += sizeof( ifr->ifr_name ) + sa->sa_len;
+ } else {
+ i += sizeof( *ifr );
+ }
+
+ if ( sa->sa_family != AF_LINK ) {
+ continue;
+ }
+
+ sdl = (struct sockaddr_dl *)sa;
+
+ if ( sdl->sdl_alen == 6 ) {
+ AC_MEMCPY(eaddr,
+ (unsigned char *)sdl->sdl_data + sdl->sdl_nlen,
+ sizeof(eaddr));
+ return eaddr;
+ }
+ }
+
+ return NULL;
+
+#else
+ if (memcmp(eaddr, zero, sizeof(eaddr)) == 0) {
+ /* XXX - who knows? */
+ lutil_entropy( eaddr, sizeof(eaddr) );
+ eaddr[0] |= 0x80; /* turn it into a mutlicast address */
+ }
+
+ return eaddr;
+#endif
+}
+#endif
+
+/*
+** All we really care about is an ISO UUID string. The format of a UUID is:
+** field octet note
+** time_low 0-3 low field of the timestamp
+** time_mid 4-5 middle field of timestamp
+** time_hi_and_version 6-7 high field of timestamp and
+** version number
+** clock_seq_hi_and_resv 8 high field of clock sequence
+** and variant
+** clock_seq_low 9 low field of clock sequence
+** node 10-15 spacially unique identifier
+**
+** We use DCE version one, and the DCE variant. Our unique identifier is
+** the first ethernet address on the system.
+*/
+size_t
+lutil_uuidstr( char *buf, size_t len )
+{
+#ifdef HAVE_UUID_TO_STR
+ uuid_t uu = {0};
+ unsigned rc;
+ char *s;
+ size_t l;
+
+ uuid_create( &uu, &rc );
+ if ( rc != uuid_s_ok ) {
+ return 0;
+ }
+
+ uuid_to_str( &uu, &s, &rc );
+ if ( rc != uuid_s_ok ) {
+ return 0;
+ }
+
+ l = strlen( s );
+ if ( l >= len ) {
+ free( s );
+ return 0;
+ }
+
+ strncpy( buf, s, len );
+ free( s );
+
+ return l;
+
+#elif defined( _WIN32 )
+ UUID uuid;
+ unsigned char *uuidstr;
+ size_t uuidlen;
+
+ if( UuidCreate( &uuid ) != RPC_S_OK ) {
+ return 0;
+ }
+
+ if( UuidToString( &uuid, &uuidstr ) != RPC_S_OK ) {
+ return 0;
+ }
+
+ uuidlen = strlen( uuidstr );
+ if( uuidlen >= len ) {
+ return 0;
+ }
+
+ strncpy( buf, uuidstr, len );
+ RpcStringFree( &uuidstr );
+
+ return uuidlen;
+
+#else
+ struct timeval tv;
+ unsigned long long tl;
+ unsigned char *nl;
+ unsigned short t2, t3, s1;
+ unsigned int t1;
+
+ /*
+ * Theoretically we should delay if seq wraps within 100usec but for now
+ * systems are not fast enough to worry about it.
+ */
+ static int inited = 0;
+ static unsigned short seq;
+
+ if (!inited) {
+ lutil_entropy( (unsigned char *) &seq, sizeof(seq) );
+ inited++;
+ }
+
+#ifdef HAVE_GETTIMEOFDAY
+ gettimeofday( &tv, 0 );
+#else
+ time( &tv.tv_sec );
+ tv.tv_usec = 0;
+#endif
+
+ tl = ( tv.tv_sec * 10000000LL ) + ( tv.tv_usec * 10LL ) + UUID_TPLUS;
+ nl = lutil_eaddr();
+
+ t1 = tl & 0xffffffff; /* time_low */
+ t2 = ( tl >> 32 ) & 0xffff; /* time_mid */
+ t3 = ( ( tl >> 48 ) & 0x0fff ) | 0x1000; /* time_hi_and_version */
+ s1 = ( ++seq & 0x1fff ) | 0x8000; /* clock_seq_and_reserved */
+
+ t1 = snprintf( buf, len,
+ "%08x-%04x-%04x-%04x-%02x%02x%02x%02x%02x%02x",
+ t1, (unsigned) t2, (unsigned) t3, (unsigned) s1,
+ (unsigned) nl[0], (unsigned) nl[1],
+ (unsigned) nl[2], (unsigned) nl[3],
+ (unsigned) nl[4], (unsigned) nl[5] );
+
+ return (t1 < len) ? t1 : 0;
+#endif
+}
+
+#ifdef TEST
+int
+main(int argc, char **argv)
+{
+ char buf1[8], buf2[64];
+
+#ifndef HAVE_UUID_TO_STR
+ unsigned char *p = lutil_eaddr();
+
+ if( p ) {
+ printf( "Ethernet Address: %02x:%02x:%02x:%02x:%02x:%02x\n",
+ (unsigned) p[0], (unsigned) p[1], (unsigned) p[2],
+ (unsigned) p[3], (unsigned) p[4], (unsigned) p[5]);
+ }
+#endif
+
+ if ( lutil_uuidstr( buf1, sizeof( buf1 ) ) ) {
+ printf( "UUID: %s\n", buf1 );
+ } else {
+ fprintf( stderr, "too short: %ld\n", (long) sizeof( buf1 ) );
+ }
+
+ if ( lutil_uuidstr( buf2, sizeof( buf2 ) ) ) {
+ printf( "UUID: %s\n", buf2 );
+ } else {
+ fprintf( stderr, "too short: %ld\n", (long) sizeof( buf2 ) );
+ }
+
+ if ( lutil_uuidstr( buf2, sizeof( buf2 ) ) ) {
+ printf( "UUID: %s\n", buf2 );
+ } else {
+ fprintf( stderr, "too short: %ld\n", (long) sizeof( buf2 ) );
+ }
+
+ return 0;
+}
+#endif
diff --git a/libraries/librewrite/RATIONALE b/libraries/librewrite/RATIONALE
new file mode 100644
index 0000000000..c8fa38695c
--- /dev/null
+++ b/libraries/librewrite/RATIONALE
@@ -0,0 +1,2 @@
+The workings of the rewrite library are described in the
+REWRITING section of the slapd-meta(5) manual page.
diff --git a/libraries/librewrite/rewrite-int.h b/libraries/librewrite/rewrite-int.h
new file mode 100644
index 0000000000..28e47e46c6
--- /dev/null
+++ b/libraries/librewrite/rewrite-int.h
@@ -0,0 +1,557 @@
+/******************************************************************************
+ *
+ * Copyright (C) 2000 Pierangelo Masarati, <ando@sys-net.it>
+ * All rights reserved.
+ *
+ * Permission is granted to anyone to use this software for any purpose
+ * on any computer system, and to alter it and redistribute it, subject
+ * to the following restrictions:
+ *
+ * 1. The author is not responsible for the consequences of use of this
+ * software, no matter how awful, even if they arise from flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission. Since few users ever read sources,
+ * credits should appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software. Since few users
+ * ever read sources, credits should appear in the documentation.
+ *
+ * 4. This notice may not be removed or altered.
+ *
+ ******************************************************************************/
+
+#ifndef REWRITE_INT_H
+#define REWRITE_INT_H
+
+/*
+ * These are required by every file of the library, so they're included here
+ */
+#include <ac/stdlib.h>
+#include <ac/string.h>
+#include <ac/syslog.h>
+#include <ac/regex.h>
+#include <ac/socket.h>
+#include <ac/unistd.h>
+#include <ac/ctype.h>
+
+#include <lber.h>
+#include <ldap.h>
+#include "../libldap/ldap-int.h"
+
+#include <avl.h>
+
+#include <rewrite.h>
+
+/* Uncomment to use ldap pvt threads */
+#define USE_REWRITE_LDAP_PVT_THREADS
+#include <ldap_pvt_thread.h>
+
+/*
+ * For details, see RATIONALE.
+ */
+
+#define REWRITE_MAX_MATCH 11 /* 0: overall string; 1-9: submatches */
+#define REWRITE_MAX_PASSES 100
+
+/*
+ * Submatch escape char
+ */
+/* the '\' conflicts with slapd.conf parsing */
+/* #define REWRITE_SUBMATCH_ESCAPE '\\' */
+#define REWRITE_SUBMATCH_ESCAPE '%'
+
+/*
+ * REGEX flags
+ */
+
+#define REWRITE_FLAG_HONORCASE 'C'
+#define REWRITE_FLAG_BASICREGEX 'R'
+
+/*
+ * Action flags
+ */
+#define REWRITE_FLAG_EXECONCE ':'
+#define REWRITE_FLAG_STOP '@'
+#define REWRITE_FLAG_UNWILLING '#'
+#define REWRITE_FLAG_GOTO 'G' /* requires an arg */
+#define REWRITE_FLAG_IGNORE_ERR 'I'
+
+/*
+ * Map operators
+ */
+#define REWRITE_OPERATOR_SUBCONTEXT '>'
+#define REWRITE_OPERATOR_COMMAND '|'
+#define REWRITE_OPERATOR_VARIABLE_SET '&'
+#define REWRITE_OPERATOR_VARIABLE_GET '*'
+#define REWRITE_OPERATOR_PARAM_GET '$'
+
+
+/***********
+ * PRIVATE *
+ ***********/
+
+/*
+ * Action
+ */
+struct rewrite_action {
+ struct rewrite_action *la_next;
+
+#define REWRITE_ACTION_STOP 0x0001
+#define REWRITE_ACTION_UNWILLING 0x0002
+#define REWRITE_ACTION_GOTO 0x0003
+#define REWRITE_ACTION_IGNORE_ERR 0x0004
+ int la_type;
+ void *la_args;
+};
+
+/*
+ * Map
+ */
+struct rewrite_map {
+
+ /*
+ * Legacy stuff
+ */
+#define REWRITE_MAP_XFILEMAP 0x0001 /* Rough implementation! */
+#define REWRITE_MAP_XPWDMAP 0x0002 /* uid -> gecos */
+#define REWRITE_MAP_XLDAPMAP 0x0003 /* Not implemented yet! */
+
+ /*
+ * Maps with args
+ */
+#define REWRITE_MAP_SUBCONTEXT 0x0101
+
+#define REWRITE_MAP_SET_OP_VAR 0x0102
+#define REWRITE_MAP_SETW_OP_VAR 0x0103
+#define REWRITE_MAP_GET_OP_VAR 0x0104
+#define REWRITE_MAP_SET_SESN_VAR 0x0105
+#define REWRITE_MAP_SETW_SESN_VAR 0x0106
+#define REWRITE_MAP_GET_SESN_VAR 0x0107
+#define REWRITE_MAP_GET_PARAM 0x0108
+#define REWRITE_MAP_BUILTIN 0x0109
+ int lm_type;
+
+ char *lm_name;
+ void *lm_data;
+
+ /*
+ * Old maps store private data in _lm_args;
+ * new maps store the substitution pattern in _lm_subst
+ */
+ union {
+ void *_lm_args;
+ struct rewrite_subst *_lm_subst;
+ } lm_union;
+#define lm_args lm_union._lm_args
+#define lm_subst lm_union._lm_subst
+
+#ifdef USE_REWRITE_LDAP_PVT_THREADS
+ ldap_pvt_thread_mutex_t lm_mutex;
+#endif /* USE_REWRITE_LDAP_PVT_THREADS */
+};
+
+/*
+ * Builtin maps
+ */
+struct rewrite_builtin_map {
+#define REWRITE_BUILTIN_MAP_LDAP 0x0201
+ int lb_type;
+ char *lb_name;
+ void *lb_private;
+
+#ifdef USE_REWRITE_LDAP_PVT_THREADS
+ ldap_pvt_thread_mutex_t lb_mutex;
+#endif /* USE_REWRITE_LDAP_PVT_THREADS */
+};
+
+/*
+ * Submatch substitution
+ */
+struct rewrite_submatch {
+#define REWRITE_SUBMATCH_ASIS 0x0000
+#define REWRITE_SUBMATCH_XMAP 0x0001
+#define REWRITE_SUBMATCH_MAP_W_ARG 0x0002
+ int ls_type;
+ struct rewrite_map *ls_map;
+ int ls_submatch;
+ /*
+ * The first one represents the index of the submatch in case
+ * the map has single submatch as argument;
+ * the latter represents the map argument scheme in case
+ * the map has substitution string argument form
+ */
+};
+
+/*
+ * Pattern substitution
+ */
+struct rewrite_subst {
+ size_t lt_subs_len;
+ struct berval **lt_subs;
+
+ int lt_num_submatch;
+ struct rewrite_submatch **lt_submatch;
+};
+
+/*
+ * Rule
+ */
+struct rewrite_rule {
+ struct rewrite_rule *lr_next;
+ struct rewrite_rule *lr_prev;
+
+ char *lr_pattern;
+ char *lr_subststring;
+ char *lr_flagstring;
+ regex_t lr_regex;
+
+ /*
+ * I was thinking about some kind of per-rule mutex, but there's
+ * probably no need, because rules after compilation are only read;
+ * however, I need to check whether regexec is reentrant ...
+ */
+
+ struct rewrite_subst *lr_subst;
+
+#define REWRITE_REGEX_ICASE REG_ICASE
+#define REWRITE_REGEX_EXTENDED REG_EXTENDED
+ int lr_flags;
+
+#define REWRITE_RECURSE 0x0001
+#define REWRITE_EXEC_ONCE 0x0002
+ int lr_mode;
+
+ struct rewrite_action *lr_action;
+};
+
+/*
+ * Rewrite Context (set of rules)
+ */
+struct rewrite_context {
+ char *lc_name;
+ struct rewrite_context *lc_alias;
+ struct rewrite_rule *lc_rule;
+};
+
+/*
+ * Session
+ */
+struct rewrite_session {
+ void *ls_cookie;
+ Avlnode *ls_vars;
+#ifdef USE_REWRITE_LDAP_PVT_THREADS
+ ldap_pvt_thread_rdwr_t ls_vars_mutex;
+#endif /* USE_REWRITE_LDAP_PVT_THREADS */
+};
+
+/*
+ * Variable
+ */
+struct rewrite_var {
+ char *lv_name;
+ struct berval lv_value;
+};
+
+/*
+ * Operation
+ */
+struct rewrite_op {
+ int lo_num_passes;
+ int lo_depth;
+ char *lo_string;
+ char *lo_result;
+ Avlnode *lo_vars;
+ const void *lo_cookie;
+};
+
+
+/**********
+ * PUBLIC *
+ **********/
+
+/*
+ * Rewrite info
+ */
+struct rewrite_info {
+ Avlnode *li_context;
+ Avlnode *li_maps;
+ /*
+ * No global mutex because maps are read only at
+ * config time
+ */
+ Avlnode *li_params;
+ Avlnode *li_cookies;
+ int li_num_cookies;
+
+#ifdef USE_REWRITE_LDAP_PVT_THREADS
+ ldap_pvt_thread_rdwr_t li_params_mutex;
+ ldap_pvt_thread_rdwr_t li_cookies_mutex;
+#endif /* USE_REWRITE_LDAP_PVT_THREADS */
+
+ /*
+ * Default to `off';
+ * use `rewriteEngine {on|off}' directive to alter
+ */
+ int li_state;
+
+ /*
+ * Defaults to REWRITE_MAXPASSES;
+ * use `rewriteMaxPasses numPasses' directive to alter
+ */
+#define REWRITE_MAXPASSES 100
+ int li_max_passes;
+
+ /*
+ * Behavior in case a NULL or non-existent context is required
+ */
+ int li_rewrite_mode;
+};
+
+/***********
+ * PRIVATE *
+ ***********/
+
+LDAP_REWRITE_V (struct rewrite_context*) __curr_context;
+
+/*
+ * Maps
+ */
+
+/*
+ * Parses a map (also in legacy 'x' version)
+ */
+LDAP_REWRITE_F (struct rewrite_map *)
+rewrite_map_parse(
+ struct rewrite_info *info,
+ const char *s,
+ const char **end
+);
+
+LDAP_REWRITE_F (struct rewrite_map *)
+rewrite_xmap_parse(
+ struct rewrite_info *info,
+ const char *s,
+ const char **end
+);
+
+/*
+ * Resolves key in val by means of map (also in legacy 'x' version)
+ */
+LDAP_REWRITE_F (int)
+rewrite_map_apply(
+ struct rewrite_info *info,
+ struct rewrite_op *op,
+ struct rewrite_map *map,
+ struct berval *key,
+ struct berval *val
+);
+
+LDAP_REWRITE_F (int)
+rewrite_xmap_apply(
+ struct rewrite_info *info,
+ struct rewrite_op *op,
+ struct rewrite_map *map,
+ struct berval *key,
+ struct berval *val
+);
+
+
+/*
+ * Submatch substitution
+ */
+
+/*
+ * Compiles a substitution pattern
+ */
+LDAP_REWRITE_F (struct rewrite_subst *)
+rewrite_subst_compile(
+ struct rewrite_info *info,
+ const char *result
+);
+
+/*
+ * Substitutes a portion of rewritten string according to substitution
+ * pattern using submatches
+ */
+LDAP_REWRITE_F (int)
+rewrite_subst_apply(
+ struct rewrite_info *info,
+ struct rewrite_op *op,
+ struct rewrite_subst *subst,
+ const char *string,
+ const regmatch_t *match,
+ struct berval *val
+);
+
+
+/*
+ * Rules
+ */
+
+/*
+ * Compiles the rule and appends it at the running context
+ */
+LDAP_REWRITE_F (int)
+rewrite_rule_compile(
+ struct rewrite_info *info,
+ struct rewrite_context *context,
+ const char *pattern,
+ const char *result,
+ const char *flagstring
+);
+
+/*
+ * Rewrites string according to rule; may return:
+ * REWRITE_REGEXEC_OK: fine; if *result != NULL rule matched
+ * and rewrite succeeded.
+ * REWRITE_REGEXEC_STOP: fine, rule matched; stop processing
+ * following rules
+ * REWRITE_REGEXEC_UNWILL: rule matched; force 'unwilling to perform'
+ * REWRITE_REGEXEC_ERR: an error occurred
+ */
+LDAP_REWRITE_F (int)
+rewrite_rule_apply(
+ struct rewrite_info *info,
+ struct rewrite_op *op,
+ struct rewrite_rule *rule,
+ const char *string,
+ char **result
+);
+
+/*
+ * Sessions
+ */
+
+/*
+ * Fetches a struct rewrite_session
+ */
+LDAP_REWRITE_F (struct rewrite_session *)
+rewrite_session_find(
+ struct rewrite_info *info,
+ const void *cookie
+);
+
+/*
+ * Defines and inits a variable with session scope
+ */
+LDAP_REWRITE_F (int)
+rewrite_session_var_set(
+ struct rewrite_info *info,
+ const void *cookie,
+ const char *name,
+ const char *value
+);
+
+/*
+ * Gets a var with session scope
+ */
+LDAP_REWRITE_F (int)
+rewrite_session_var_get(
+ struct rewrite_info *info,
+ const void *cookie,
+ const char *name,
+ struct berval *val
+);
+
+/*
+ * Deletes a session
+ */
+LDAP_REWRITE_F (int)
+rewrite_session_delete(
+ struct rewrite_info *info,
+ const void *cookie
+);
+
+/*
+ * Destroys the cookie tree
+ */
+LDAP_REWRITE_F (int)
+rewrite_session_destroy(
+ struct rewrite_info *info
+);
+
+
+/*
+ * Vars
+ */
+
+/*
+ * Finds a var
+ */
+LDAP_REWRITE_F (struct rewrite_var *)
+rewrite_var_find(
+ Avlnode *tree,
+ const char *name
+);
+
+/*
+ * Inserts a newly created var
+ */
+LDAP_REWRITE_F (struct rewrite_var *)
+rewrite_var_insert(
+ Avlnode **tree,
+ const char *name,
+ const char *value
+);
+
+/*
+ * Sets/inserts a var
+ */
+LDAP_REWRITE_F (struct rewrite_var *)
+rewrite_var_set(
+ Avlnode **tree,
+ const char *name,
+ const char *value,
+ int insert
+);
+
+/*
+ * Deletes a var tree
+ */
+LDAP_REWRITE_F (int)
+rewrite_var_delete(
+ Avlnode *tree
+);
+
+
+/*
+ * Contexts
+ */
+
+/*
+ * Finds the context named rewriteContext in the context tree
+ */
+LDAP_REWRITE_F (struct rewrite_context *)
+rewrite_context_find(
+ struct rewrite_info *info,
+ const char *rewriteContext
+);
+
+/*
+ * Creates a new context called rewriteContext and stores in into the tree
+ */
+LDAP_REWRITE_F (struct rewrite_context *)
+rewrite_context_create(
+ struct rewrite_info *info,
+ const char *rewriteContext
+);
+
+/*
+ * Rewrites string according to context; may return:
+ * OK: fine; if *result != NULL rule matched and rewrite succeeded.
+ * STOP: fine, rule matched; stop processing following rules
+ * UNWILL: rule matched; force 'unwilling to perform'
+ */
+LDAP_REWRITE_F (int)
+rewrite_context_apply(
+ struct rewrite_info *info,
+ struct rewrite_op *op,
+ struct rewrite_context *context,
+ const char *string,
+ char **result
+);
+
+#endif /* REWRITE_INT_H */
+
diff --git a/servers/slapd/Makefile.in b/servers/slapd/Makefile.in
new file mode 100644
index 0000000000..4171610221
--- /dev/null
+++ b/servers/slapd/Makefile.in
@@ -0,0 +1,384 @@
+# $OpenLDAP$
+##
+## Makefile.in for slapd
+##
+PROGRAMS=slapd
+XPROGRAMS=sslapd libbackends.a .backend
+XSRCS=version.c
+
+NT_SRCS = nt_svc.c
+NT_OBJS = nt_svc.o ../../libraries/liblutil/slapdmsg.res
+
+SRCS = main.c daemon.c connection.c search.c filter.c add.c charray.c \
+ attr.c entry.c config.c backend.c result.c operation.c \
+ dn.c compare.c modify.c delete.c modrdn.c ch_malloc.c \
+ value.c ava.c bind.c unbind.c abandon.c filterentry.c \
+ phonetic.c acl.c str2filter.c aclparse.c init.c user.c \
+ repl.c lock.c controls.c extended.c kerberos.c passwd.c \
+ schema.c schema_check.c schema_init.c schema_prep.c \
+ schemaparse.c ad.c at.c mr.c syntax.c oc.c saslauthz.c \
+ oidm.c starttls.c index.c sets.c referral.c \
+ root_dse.c sasl.c module.c suffixalias.c mra.c mods.c \
+ limits.c backglue.c operational.c matchedValues.c \
+ $(@PLAT@_SRCS)
+
+OBJS = main.o daemon.o connection.o search.o filter.o add.o charray.o \
+ attr.o entry.o config.o backend.o result.o operation.o \
+ dn.o compare.o modify.o delete.o modrdn.o ch_malloc.o \
+ value.o ava.o bind.o unbind.o abandon.o filterentry.o \
+ phonetic.o acl.o str2filter.o aclparse.o init.o user.o \
+ repl.o lock.o controls.o extended.o kerberos.o passwd.o \
+ schema.o schema_check.o schema_init.o schema_prep.o \
+ schemaparse.o ad.o at.o mr.o syntax.o oc.o saslauthz.o \
+ oidm.o starttls.o index.o sets.o referral.o \
+ root_dse.o sasl.o module.o suffixalias.o mra.o mods.o \
+ limits.o backglue.o operational.o matchedValues.o \
+ $(@PLAT@_OBJS)
+
+LDAP_INCDIR= ../../include
+LDAP_LIBDIR= ../../libraries
+
+SLAP_DIR=
+SLAPD_STATIC_BACKENDS=@SLAPD_STATIC_BACKENDS@
+SLAPD_DYNAMIC_BACKENDS=@SLAPD_DYNAMIC_BACKENDS@
+
+XDEFS = $(MODULES_CPPFLAGS)
+XLDFLAGS = $(MODULES_LDFLAGS)
+
+XLIBS = libbackends.a $(SLAPD_L)
+XXLIBS = $(LDBM_LIBS) $(SLAPD_LIBS) $(SECURITY_LIBS) $(LDIF_LIBS) $(LUTIL_LIBS)
+XXXLIBS = $(LTHREAD_LIBS) $(MODULES_LIBS)
+
+BUILD_OPT = "--enable-slapd"
+BUILD_SRV = @BUILD_SLAPD@
+
+all-local-srv: all-cffiles
+
+NT_SLAPD_DEPENDS = slapd.exp
+NT_SLAPD_OBJECTS = slapd.exp symdummy.o $(OBJS) version.o
+
+UNIX_SLAPD_DEPENDS = libbackends.a version.o $(SLAPD_L)
+UNIX_SLAPD_OBJECTS = $(OBJS) version.o
+
+SLAPD_DEPENDS = $(@PLAT@_SLAPD_DEPENDS)
+SLAPD_OBJECTS = $(@PLAT@_SLAPD_OBJECTS)
+
+# Notes about slapd for Windows
+# =============================
+# slapd.exe must export all of its global symbols, just like a DLL.
+# The purpose of this is to allow dynamic modules (dynamic backends
+# or external dynamic modules) to bind with the symbols at run-time.
+#
+# Exporting symbols from an .EXE is a bit tricky and involves multiple
+# steps. First a .DEF file must be generated. The .DEF file indicates
+# the set of symbols that are to be exported. Many times, it's possible
+# to manually create this file with an editor. However, with slapd,
+# we want to export EVERY global symbol that it knows about (NOT including
+# symbols that are imported from other DLLs). The set of symbols to
+# export INCLUDES symbols from all static libraries that slapd gets
+# linked with, e.g. avl, ldbm, ldif, lunicode, lutil, etc. This list
+# will also include liblber and libldap_r if they were built as static
+# libraries. ALSO included will be symbols from other STATIC libraries
+# outside the domain of the OpenLDAP source tree, e.g. regex, ltdl,
+# crypto, ssl, sasl, etc. (If these libraries are dynamic, we won't want
+# to include their symbols in the list). The correct set of symbols
+# CAN be determined at build time. The slapd.def target automatically
+# determines the correct set of symbols and generates the slapd.def file.
+#
+# The slapd.def file, serving multiple purposes, will:
+#
+# 1) be used to generate libslapd.a, the import library for slapd.exe.
+#
+# 2) be used to generate the symdummy.c file.
+#
+# 3) be used to help create slapd.exp, the binary-formated slapd export file.
+#
+# The import library is used by dynamic modules at link time. With this
+# library, dynamic modules indicate to the linker that it will resolve
+# these symbols from the slapd.exe binary at run-time. Of course, whenever
+# a module imports dynamic symbols, those symbols should be marked with
+# the __declspec(dllimport) directive in the header files that the dynamic
+# modules build with. In OpenLDAP, this is handled automatically in the
+# header files. (See ldap_cdefs.h for an explanation). Writers of
+# dynamic backend modules should keep in mind that slapd.exe might export
+# other global symbols that are not part of OpenLDAP (e.g. regex, ltdl,
+# crypto, ssl, sasl, etc.) When a writer actually uses (i.e. imports) these
+# symbols, he must verify that the header files from these external packages
+# include a mechanism to mark imported symbols with the __declspec(dllimport)
+# directive. Whether or not such a mechanism exists, the writer must be
+# able to include these directives appropriately when their symbols are
+# being imported from slapd.exe. The directive is not completely necessary
+# for functions, but it is required for variables.
+#
+# The symdummy.c file basically references EVERY symbol available to slapd.exe,
+# including symbols that slapd.exe never actually refereneced. The file
+# is compiled and included at link time. Without this object file, slapd.exe
+# would NOT export symbols that it never referenced. The reason that these
+# symbols must still be exported is because a dynamic module may want to
+# use a symbol even if it had not been referenced by slapd.exe.
+#
+
+#
+# slapd.def REALLY depends upon all slapd objects and all static libraries
+# included in $(LIBS), including static libraries outside of OpenLDAP.
+# When slapd.def is built, the absolute paths to all static libraries
+# (both inside and outside of OpenLDAP) are generated. We don't have
+# any way to include this generated list as a dependency of slapd.def (sigh).
+# Thus, we do the best we can by depending on version.o, which depends
+# on its own very long list of dependencies.
+#
+slapd.def: libbackends.a version.o
+ @for i in $(LDFLAGS) ; do \
+ path=`expr "$$i" : "-L\(.*\)"`; \
+ if test $$? != 0; then continue; fi; \
+ paths="$$paths $$path"; \
+ done; \
+ objs=""; \
+ for i in $(OBJS) version.o $(LIBS) ; do \
+ obj="" ; \
+ case $$i in \
+ -l*) \
+ done="" ;\
+ base=`expr "$$i" : "-l\(.*\)"`; \
+ for p in $$paths ; do \
+ for ext in la dll a ; do \
+ path=$$p/lib$$base.$$ext; \
+ test ! -f $$path && continue; \
+ if test $$ext = la ; then \
+ for t in dlname old_library ; do \
+ line=`grep "^$$t=" $$path`; \
+ lib=`expr "$$line" : "[^']*'\(.*\)'"`; \
+ test -n "$$lib" && test -f $$p/$$lib && \
+ path=$$p/$$lib && break; \
+ done; \
+ test $$t = dlname && ext=dll; \
+ test $$t = old_library && ext=a; \
+ fi; \
+ if test $$ext = a ; then \
+ obj=$$path; \
+ fi; \
+ done=done; \
+ break; \
+ done; \
+ test -n "$$done" && break; \
+ done; \
+ test -z "$$obj" && continue; \
+ ;; \
+ *.o | *.a) \
+ obj=$$i; \
+ esac; \
+ objs="$$objs $$obj"; \
+ done; \
+ echo dlltool --exclude-symbols main,ServiceMain@8 --export-all-symbols \
+ --output-def $@.tmp $$objs; \
+ dlltool --exclude-symbols main,ServiceMain@8 --export-all-symbols \
+ --output-def $@.tmp $$objs;
+ echo EXPORTS > $@
+ $(SED) -e 1,2d -e 's/ @ [0-9][0-9]*//' $@.tmp | sort >> $@
+ $(RM) $@.tmp
+
+symdummy.c: slapd.def
+ $(RM) $@
+ @echo "generating $@..."; \
+ echo "static void never_called() {" > $@.tmp; \
+ cat $< | while read line; \
+ do \
+ set dummy $$line; \
+ case $$# in \
+ 3) \
+ echo "int $$2();" >> $@; \
+ echo "$$2();" >> $@.tmp; \
+ ;; \
+ 4) \
+ echo "extern int $$2;" >> $@; \
+ echo "$$2 = 0;" >> $@.tmp; \
+ ;; \
+ esac; \
+ done; \
+ echo "" >> $@; \
+ echo "}" >> $@.tmp; \
+ cat $@.tmp >> $@; \
+ $(RM) $@.tmp
+
+libslapd.a: symdummy.o
+ dlltool --dllname slapd.exe --input-def slapd.def --output-lib $@
+
+slapd.exp: libslapd.a
+ @echo $(LTLINK) -Wl,--base-file,slapd.base -o slapd \
+ $(OBJS) symdummy.o version.o $(LIBS) $(WRAP_LIBS); \
+ $(LTLINK) -Wl,--base-file,slapd.base -o slapd \
+ $(OBJS) symdummy.o version.o $(LIBS) $(WRAP_LIBS)
+ $(RM) slapd.exe
+ @echo dlltool --dllname slapd.exe --input-def slapd.def \
+ --base-file slapd.base --output-exp $@; \
+ dlltool --dllname slapd.exe --input-def slapd.def \
+ --base-file slapd.base --output-exp $@; \
+ echo $(LTLINK) -Wl,--base-file,slapd.base -o slapd $@ \
+ $(OBJS) symdummy.o version.o $(LIBS) $(WRAP_LIBS); \
+ $(LTLINK) -Wl,--base-file,slapd.base -o slapd $@ \
+ $(OBJS) symdummy.o version.o $(LIBS) $(WRAP_LIBS)
+ $(RM) slapd.exe
+ @echo dlltool --dllname slapd.exe --input-def slapd.def \
+ --base-file slapd.base --output-exp $@; \
+ dlltool --dllname slapd.exe --input-def slapd.def \
+ --base-file slapd.base --output-exp $@
+
+slapd: $(SLAPD_DEPENDS)
+ $(LTLINK) -o $@ $(SLAPD_OBJECTS) $(LIBS) $(WRAP_LIBS)
+ @if test -n "$(SLAPD_DYNAMIC_BACKENDS)"; then \
+ echo "building dynamic backends..."; \
+ for i in XX $(SLAPD_DYNAMIC_BACKENDS); do \
+ if test $$i != XX; then \
+ echo " "; echo " cd $$i; $(MAKE) $(MFLAGS) all"; \
+ ( cd $$i; $(MAKE) $(MFLAGS) all ); \
+ if test $$? != 0; then exit 1; fi; \
+ fi; \
+ done; \
+ echo " "; \
+ fi
+ cd tools; $(MAKE) $(MFLAGS) all
+
+sslapd: version.o
+ $(LTLINK) -static -o $@ $(OBJS) version.o $(LIBS) $(WRAP_LIBS)
+
+#
+# In Windows, dynamic backends have to be built after slapd. For this
+# reason, we only build static backends now and dynamic backends later.
+#
+.backend: FORCE
+ @if test -n "$(SLAPD_STATIC_BACKENDS)"; then \
+ echo "building static backends..."; \
+ for i in XX $(SLAPD_STATIC_BACKENDS); do \
+ if test $$i != XX; then \
+ echo " "; echo " cd $$i; $(MAKE) $(MFLAGS) all"; \
+ ( cd $$i; $(MAKE) $(MFLAGS) all ); \
+ if test $$? != 0; then exit 1; fi; \
+ fi; \
+ done; \
+ echo " "; \
+ fi
+
+libbackends.a: .backend
+ @$(RM) -r tmp
+ @$(MKDIR) tmp
+ @-for i in back-*/*.a; do \
+ ( \
+ cd tmp; \
+ $(AR) x ../$$i; \
+ pre=`echo $$i | $(SED) -e 's/\/.*$$//' -e 's/back-//'`; \
+ for j in *.o; do \
+ mv $$j $${pre}$$j; \
+ done; \
+ $(AR) ruv libbackends.a *.o 2>&1 | grep -v truncated; \
+ $(RM) *.o __.SYMDEF ________64ELEL_ ; \
+ echo "added backend library $$i"; \
+ echo ""; \
+ ); \
+ done
+ @mv -f tmp/libbackends.a ./libbackends.a
+ @$(RM) -r tmp
+ @if test ! -z "$(RANLIB)" ; then \
+ $(RANLIB) libbackends.a; \
+ fi
+ @ls -l libbackends.a; echo ""
+
+version.c: $(OBJS) $(SLAPD_LIBDEPEND)
+ @-$(RM) $@
+ $(MKVERSION) -s -n Versionstr slapd > $@
+
+depend-local-srv: FORCE
+ @for i in back-* shell-backends tools; do \
+ if test -d $$i -a -f $$i/Makefile ; then \
+ echo; echo " cd $$i; $(MAKE) $(MFLAGS) depend"; \
+ ( cd $$i; $(MAKE) $(MFLAGS) depend ); \
+ if test $$? != 0 ; then exit 1; fi ; \
+ fi; \
+ done
+ @echo ""
+
+clean-local:
+ rm -f *.exp *.def *.base *.a *.objs symdummy.c
+
+clean-local-srv: FORCE
+ @for i in back-* shell-backends tools; do \
+ if test -d $$i -a -f $$i/Makefile ; then \
+ echo; echo " cd $$i; $(MAKE) $(MFLAGS) clean"; \
+ ( cd $$i; $(MAKE) $(MFLAGS) clean ); \
+ if test $$? != 0 ; then exit 1; fi ; \
+ fi; \
+ done
+ rm -f *.tmp all-cffiles
+
+veryclean-local-srv: FORCE
+ @for i in back-* shell-backends tools; do \
+ if test -d $$i -a -f $$i/Makefile ; then \
+ echo; echo " cd $$i; $(MAKE) $(MFLAGS) clean"; \
+ ( cd $$i; $(MAKE) $(MFLAGS) veryclean ); \
+ fi; \
+ done
+
+install-local-srv: install-slapd install-conf install-schema install-tools
+
+install-slapd: FORCE
+ -$(MKDIR) $(DESTDIR)$(libexecdir)
+ -$(MKDIR) $(DESTDIR)$(localstatedir)
+ $(LTINSTALL) $(INSTALLFLAGS) -s -m 755 \
+ slapd$(EXEEXT) $(DESTDIR)$(libexecdir)
+ @for i in back-* shell-backends tools; do \
+ if test -d $$i -a -f $$i/Makefile ; then \
+ echo; echo " cd $$i; $(MAKE) $(MFLAGS) install"; \
+ ( cd $$i; $(MAKE) $(MFLAGS) install ); \
+ if test $$? != 0 ; then exit 1; fi ; \
+ fi; \
+ done
+
+all-cffiles: slapd
+ @if test $(PLAT) = NT; then \
+ sysconfdir=`cygpath -w $(sysconfdir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ localstatedir=`cygpath -w $(localstatedir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ moduledir=`cygpath -w $(moduledir) | \
+ $(SED) -e 's/\\\\/\\\\\\\\\\\\\\\\/g'`; \
+ else \
+ sysconfdir=$(sysconfdir); \
+ localstatedir=$(localstatedir); \
+ moduledir=$(moduledir); \
+ fi; \
+ $(SED) -e "s;%SYSCONFDIR%;$$sysconfdir;" \
+ -e "s;%LOCALSTATEDIR%;$$localstatedir;" \
+ -e "s;%MODULEDIR%;$$moduledir;" \
+ $(srcdir)/slapd.conf > slapd.conf.tmp ; \
+ touch all-cffiles
+
+install-schema: FORCE
+ @-$(MKDIR) $(DESTDIR)$(schemadir)
+ for i in $(srcdir)/schema/*.schema ; do \
+ SF=`basename $$i` ; \
+ SD="$(DESTDIR)$(schemadir)/$$SF" ; \
+ if test ! -f $$SD ; then \
+ echo "installing $$SF in $(schemadir)" ; \
+ echo $(INSTALL) $(INSTALLFLAGS) -m 444 $$i $$SD ; \
+ $(INSTALL) $(INSTALLFLAGS) -m 444 $$i $$SD ; \
+ else \
+ echo "PRESERVING EXISTING SCHEMA FILE $$SD" ; \
+ fi ; \
+ $(INSTALL) $(INSTALLFLAGS) -m 444 $$i $$SD.default ; \
+ done
+
+install-conf: FORCE
+ @-$(MKDIR) $(DESTDIR)$(sysconfdir)
+ @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-data
+ $(INSTALL) $(INSTALLFLAGS) -m 600 slapd.conf.tmp $(DESTDIR)$(sysconfdir)/slapd.conf.default
+ if test ! -f $(DESTDIR)$(sysconfdir)/slapd.conf; then \
+ echo "installing slapd.conf in $(sysconfdir)"; \
+ echo "$(INSTALL) $(INSTALLFLAGS) -m 600 slapd.conf.tmp $(DESTDIR)$(sysconfdir)/slapd.conf"; \
+ $(INSTALL) $(INSTALLFLAGS) -m 600 slapd.conf.tmp $(DESTDIR)$(sysconfdir)/slapd.conf; \
+ else \
+ echo "PRESERVING EXISTING CONFIGURATION FILE $(DESTDIR)$(sysconfdir)/slapd.conf" ; \
+ fi
+
+install-tools: FORCE
+ @-$(MKDIR) $(DESTDIR)$(sbindir)
+ (cd tools; $(MAKE) $(MFLAGS) install)
+
diff --git a/servers/slapd/add.c b/servers/slapd/add.c
index 3c5c66a9dd..3d308ea8c1 100644
--- a/servers/slapd/add.c
+++ b/servers/slapd/add.c
@@ -137,7 +137,6 @@ do_add( Connection *conn, Operation *op )
#endif
send_ldap_result( conn, op, rc = LDAP_PROTOCOL_ERROR,
NULL, "no values for attribute type", NULL, NULL );
- free( tmp.sml_type.bv_val );
goto done;
}
mod = (Modifications *) ch_malloc( sizeof(Modifications) );
diff --git a/servers/slapd/back-bdb/attribute.c b/servers/slapd/back-bdb/attribute.c
index d9dccddab9..38203b994d 100644
--- a/servers/slapd/back-bdb/attribute.c
+++ b/servers/slapd/back-bdb/attribute.c
@@ -30,7 +30,7 @@ bdb_attribute(
BerVarray *vals )
{
struct bdb_info *bdb = (struct bdb_info *) be->be_private;
- struct bdb_op_info *boi = (struct bdb_op_info *) op->o_private;
+ struct bdb_op_info *boi = NULL;
DB_TXN *txn = NULL;
Entry *e;
int i, j = 0, rc;
@@ -60,6 +60,7 @@ bdb_attribute(
target ? target->e_ndn : "", 0, 0 );
#endif
+ if( op ) boi = (struct bdb_op_info *) op->o_private;
if( boi != NULL && be == boi->boi_bdb ) {
txn = boi->boi_txn;
}
diff --git a/servers/slapd/back-bdb/delete.c b/servers/slapd/back-bdb/delete.c
index 4905609305..dcaf399faf 100644
--- a/servers/slapd/back-bdb/delete.c
+++ b/servers/slapd/back-bdb/delete.c
@@ -25,7 +25,8 @@ bdb_delete(
struct bdb_info *bdb = (struct bdb_info *) be->be_private;
Entry *matched;
struct berval pdn = {0, NULL};
- Entry *e, *p = NULL;
+ Entry *e = NULL;
+ Entry *p = NULL;
int rc;
const char *text;
int manageDSAit = get_manageDSAit( op );
diff --git a/servers/slapd/back-bdb/dn2id.c b/servers/slapd/back-bdb/dn2id.c
index 6511e6706b..d9792904fb 100644
--- a/servers/slapd/back-bdb/dn2id.c
+++ b/servers/slapd/back-bdb/dn2id.c
@@ -39,6 +39,8 @@ bdb_dn2id_add(
DBTzero( &key );
key.size = e->e_nname.bv_len + 2;
+ key.ulen = key.size;
+ key.flags = DB_DBT_USERMEM;
buf = ch_malloc( key.size );
key.data = buf;
buf[0] = DN_BASE_PREFIX;
@@ -84,6 +86,7 @@ bdb_dn2id_add(
dnParent( &ptr, &pdn );
key.size = pdn.bv_len + 2;
+ key.ulen = key.size;
pdn.bv_val[-1] = DN_ONE_PREFIX;
key.data = pdn.bv_val-1;
ptr = pdn;
@@ -124,6 +127,7 @@ bdb_dn2id_add(
dnParent( &ptr, &pdn );
key.size = pdn.bv_len + 2;
+ key.ulen = key.size;
key.data = pdn.bv_val - 1;
ptr = pdn;
}
@@ -189,7 +193,7 @@ bdb_dn2id_delete(
if( !be_issuffix( be, &ptr )) {
buf[0] = DN_SUBTREE_PREFIX;
- rc = bdb_idl_delete_key( be, db, txn, &key, e->e_id );
+ rc = db->del( db, txn, &key, 0 );
if( rc != 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG (( "db2id", LDAP_LEVEL_ERR,
@@ -206,6 +210,7 @@ bdb_dn2id_delete(
dnParent( &ptr, &pdn );
key.size = pdn.bv_len + 2;
+ key.ulen = key.size;
pdn.bv_val[-1] = DN_ONE_PREFIX;
key.data = pdn.bv_val - 1;
ptr = pdn;
@@ -245,6 +250,7 @@ bdb_dn2id_delete(
dnParent( &ptr, &pdn );
key.size = pdn.bv_len + 2;
+ key.ulen = key.size;
key.data = pdn.bv_val - 1;
ptr = pdn;
}
@@ -528,6 +534,8 @@ bdb_dn2idl(
DBTzero( &key );
key.size = dn->bv_len + 2;
+ key.ulen = key.size;
+ key.flags = DB_DBT_USERMEM;
key.data = ch_malloc( key.size );
((char *)key.data)[0] = prefix;
AC_MEMCPY( &((char *)key.data)[1], dn->bv_val, key.size - 1 );
@@ -736,7 +744,7 @@ int bdb_build_tree(
* Note that this code always uses be_suffix[0], so defining
* multiple suffixes for a single backend won't work!
*/
- rdns = ldap_explode_dn(be->be_nsuffix[0]->bv_val, 0);
+ rdns = ldap_explode_dn(be->be_nsuffix[0].bv_val, 0);
for (i=0; rdns[i]; i++);
bdb->bi_nrdns = i;
charray_free(rdns);
@@ -775,8 +783,8 @@ int bdb_fix_dn(
ldap_pvt_thread_rdwr_rlock(&bdb->bi_tree_rdwr);
o = bdb_find_id_node(id, bdb->bi_tree);
- rlen = be->be_suffix[0]->bv_len + 1;
- nrlen = be->be_nsuffix[0]->bv_len + 1;
+ rlen = be->be_suffix[0].bv_len + 1;
+ nrlen = be->be_nsuffix[0].bv_len + 1;
for (n = o; n && n->i_parent; n=n->i_parent) {
rlen += n->i_rdn->rdn.bv_len + 1;
nrlen += n->i_rdn->nrdn.bv_len + 1;
@@ -795,8 +803,8 @@ int bdb_fix_dn(
}
ldap_pvt_thread_rdwr_runlock(&bdb->bi_tree_rdwr);
- strcpy(ptr, be->be_suffix[0]->bv_val);
- strcpy(nptr, be->be_nsuffix[0]->bv_val);
+ strcpy(ptr, be->be_suffix[0].bv_val);
+ strcpy(nptr, be->be_nsuffix[0].bv_val);
return 0;
}
diff --git a/servers/slapd/back-bdb/group.c b/servers/slapd/back-bdb/group.c
index 70d1523be9..2000de5209 100644
--- a/servers/slapd/back-bdb/group.c
+++ b/servers/slapd/back-bdb/group.c
@@ -34,7 +34,7 @@ bdb_group(
)
{
struct bdb_info *bdb = (struct bdb_info *) be->be_private;
- struct bdb_op_info *boi = (struct bdb_op_info *) op->o_private;
+ struct bdb_op_info *boi = NULL;
DB_TXN *txn = NULL;
Entry *e;
int rc = 1;
@@ -71,6 +71,7 @@ bdb_group(
target->e_ndn, 0, 0 );
#endif
+ if( op ) boi = (struct bdb_op_info *) op->o_private;
if( boi != NULL && be == boi->boi_bdb ) {
txn = boi->boi_txn;
}
diff --git a/servers/slapd/back-bdb/id2entry.c b/servers/slapd/back-bdb/id2entry.c
index b7789a647c..10ec1637a5 100644
--- a/servers/slapd/back-bdb/id2entry.c
+++ b/servers/slapd/back-bdb/id2entry.c
@@ -193,6 +193,7 @@ int bdb_entry_return(
attrs_free( e->e_attrs );
}
+#ifndef BDB_HIER
/* See if the DNs were changed by modrdn */
if( e->e_nname.bv_val < e->e_bv.bv_val || e->e_nname.bv_val >
e->e_bv.bv_val + e->e_bv.bv_len ) {
@@ -201,7 +202,7 @@ int bdb_entry_return(
e->e_name.bv_val = NULL;
e->e_nname.bv_val = NULL;
}
-#ifdef BDB_HIER
+#else
/* We had to construct the dn and ndn as well, in a single block */
if( e->e_name.bv_val ) {
free( e->e_name.bv_val );
diff --git a/servers/slapd/back-bdb/idl.c b/servers/slapd/back-bdb/idl.c
index ec193efeec..175faa0bbd 100644
--- a/servers/slapd/back-bdb/idl.c
+++ b/servers/slapd/back-bdb/idl.c
@@ -684,9 +684,12 @@ bdb_idl_delete_key(
if ( rc == 0 ) {
if ( tmp != 0 ) {
/* Not a range, just delete it */
- data.data = &id;
- rc = cursor->c_get( cursor, key, &data,
- DB_GET_BOTH | DB_RMW );
+ if (tmp != id) {
+ /* position to correct item */
+ tmp = id;
+ rc = cursor->c_get( cursor, key, &data,
+ DB_GET_BOTH | DB_RMW );
+ }
if ( rc == 0 ) {
rc = cursor->c_del( cursor, 0 );
if ( rc != 0 ) {
diff --git a/servers/slapd/back-bdb/init.c b/servers/slapd/back-bdb/init.c
index 0283e3170b..8563b3ee83 100644
--- a/servers/slapd/back-bdb/init.c
+++ b/servers/slapd/back-bdb/init.c
@@ -171,11 +171,11 @@ bdb_db_open( BackendDB *be )
u_int32_t flags;
#ifdef NEW_LOGGING
- LDAP_LOG(( "init", LDAP_LEVEL_ARGS, "bdb_db_open: %s\n", be->be_suffix[0]->bv_val ));
+ LDAP_LOG(( "init", LDAP_LEVEL_ARGS, "bdb_db_open: %s\n", be->be_suffix[0].bv_val ));
#else
Debug( LDAP_DEBUG_ARGS,
"bdb_db_open: %s\n",
- be->be_suffix[0]->bv_val, 0, 0 );
+ be->be_suffix[0].bv_val, 0, 0 );
#endif
/* we should check existance of dbenv_home and db_directory */
@@ -195,7 +195,7 @@ bdb_db_open( BackendDB *be )
flags = DB_INIT_MPOOL | DB_THREAD | DB_CREATE
| DB_INIT_LOCK | DB_INIT_LOG | DB_INIT_TXN | DB_RECOVER;
- bdb->bi_dbenv->set_errpfx( bdb->bi_dbenv, be->be_suffix[0]->bv_val );
+ bdb->bi_dbenv->set_errpfx( bdb->bi_dbenv, be->be_suffix[0].bv_val );
bdb->bi_dbenv->set_errcall( bdb->bi_dbenv, bdb_errcall );
#ifndef NO_THREADS
bdb->bi_dbenv->set_lk_detect( bdb->bi_dbenv, bdb->bi_lock_detect );
@@ -479,6 +479,9 @@ bdb_initialize(
#endif
#ifdef LDAP_CONTROL_NOOP
LDAP_CONTROL_NOOP,
+#endif
+#ifdef LDAP_CONTROL_VALUESRETURNFILTER
+ LDAP_CONTROL_VALUESRETURNFILTER,
#endif
NULL
};
@@ -558,7 +561,7 @@ bdb_initialize(
bi->bi_extended = bdb_extended;
-#if 0
+#if 1
/*
* these routines (and their callers) are not yet designed
* to work with transaction. Using them may cause deadlock.
diff --git a/servers/slapd/back-bdb/key.c b/servers/slapd/back-bdb/key.c
index ea6433fa6e..a6b490f101 100644
--- a/servers/slapd/back-bdb/key.c
+++ b/servers/slapd/back-bdb/key.c
@@ -38,6 +38,8 @@ bdb_key_read(
DBTzero( &key );
bv2DBT(k,&key);
+ key.ulen = key.size;
+ key.flags = DB_DBT_USERMEM;
rc = bdb_idl_fetch_key( be, db, txn, &key, ids );
@@ -88,6 +90,8 @@ bdb_key_change(
DBTzero( &key );
bv2DBT(k,&key);
+ key.ulen = key.size;
+ key.flags = DB_DBT_USERMEM;
if (op == SLAP_INDEX_ADD_OP) {
/* Add values */
diff --git a/servers/slapd/back-bdb/modify.c b/servers/slapd/back-bdb/modify.c
index cb5d9cce31..9fece09c88 100644
--- a/servers/slapd/back-bdb/modify.c
+++ b/servers/slapd/back-bdb/modify.c
@@ -241,8 +241,8 @@ bdb_modify(
{
struct bdb_info *bdb = (struct bdb_info *) be->be_private;
int rc;
- Entry *matched;
- Entry *e;
+ Entry *matched = NULL;
+ Entry *e = NULL;
int manageDSAit = get_manageDSAit( op );
const char *text = NULL;
char textbuf[SLAP_TEXT_BUFLEN];
diff --git a/servers/slapd/back-bdb/modrdn.c b/servers/slapd/back-bdb/modrdn.c
index 8221b8b060..cb1e1517eb 100644
--- a/servers/slapd/back-bdb/modrdn.c
+++ b/servers/slapd/back-bdb/modrdn.c
@@ -31,7 +31,8 @@ bdb_modrdn(
struct berval p_dn, p_ndn;
struct berval new_dn = {0, NULL}, new_ndn = {0, NULL};
int isroot = -1;
- Entry *e, *p = NULL;
+ Entry *e = NULL;
+ Entry *p = NULL;
Entry *matched;
int rc;
const char *text;
diff --git a/servers/slapd/back-bdb/referral.c b/servers/slapd/back-bdb/referral.c
index 7899c89be7..3517492c79 100644
--- a/servers/slapd/back-bdb/referral.c
+++ b/servers/slapd/back-bdb/referral.c
@@ -23,7 +23,8 @@ bdb_referrals(
{
struct bdb_info *bdb = (struct bdb_info *) be->be_private;
int rc = LDAP_SUCCESS;
- Entry *e = NULL, *matched;
+ Entry *e = NULL;
+ Entry *matched = NULL;
if( op->o_tag == LDAP_REQ_SEARCH ) {
/* let search take care of itself */
diff --git a/servers/slapd/back-bdb/search.c b/servers/slapd/back-bdb/search.c
index 6297633eb8..9887feb342 100644
--- a/servers/slapd/back-bdb/search.c
+++ b/servers/slapd/back-bdb/search.c
@@ -209,7 +209,7 @@ bdb_search(
/* if requested limit higher than hard limit, abort */
} else if ( tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_t_hard == 0 ) {
+ if ( limit->lms_t_hard == 0 && tlimit > limit->lms_t_soft ) {
tlimit = limit->lms_t_soft;
/* positive hard limit means abort */
@@ -231,7 +231,7 @@ bdb_search(
/* if requested limit higher than hard limit, abort */
} else if ( slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_s_hard == 0 ) {
+ if ( limit->lms_s_hard == 0 && slimit > limit->lms_s_soft ) {
slimit = limit->lms_s_soft;
/* positive hard limit means abort */
@@ -294,7 +294,7 @@ bdb_search(
if ( !isroot && limit->lms_s_unchecked != -1 ) {
if ( BDB_IDL_N(candidates) > (unsigned) limit->lms_s_unchecked ) {
send_search_result( conn, op,
- LDAP_UNWILLING_TO_PERFORM,
+ LDAP_ADMINLIMIT_EXCEEDED,
NULL, NULL, NULL, NULL, 0 );
rc = 1;
goto done;
diff --git a/servers/slapd/back-dnssrv/init.c b/servers/slapd/back-dnssrv/init.c
new file mode 100644
index 0000000000..3363644477
--- /dev/null
+++ b/servers/slapd/back-dnssrv/init.c
@@ -0,0 +1,90 @@
+/* init.c - initialize ldap backend */
+/* $OpenLDAP$ */
+/*
+ * Copyright 2000-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/socket.h>
+
+#include "slap.h"
+#include "external.h"
+
+#ifdef SLAPD_DNSSRV_DYNAMIC
+
+int back_dnssrv_LTX_init_module(int argc, char *argv[])
+{
+ BackendInfo bi;
+
+ memset( &bi, '\0', sizeof(bi) );
+ bi.bi_type = "dnssrv";
+ bi.bi_init = dnssrv_back_initialize;
+
+ backend_add( &bi );
+ return 0;
+}
+
+#endif /* SLAPD_DNSSRV_DYNAMIC */
+
+int
+dnssrv_back_initialize(
+ BackendInfo *bi )
+{
+ static char *controls[] = {
+ LDAP_CONTROL_MANAGEDSAIT,
+ LDAP_CONTROL_VALUESRETURNFILTER,
+ NULL
+ };
+
+ bi->bi_controls = controls;
+
+ bi->bi_open = 0;
+ bi->bi_config = 0;
+ bi->bi_close = 0;
+ bi->bi_destroy = 0;
+
+ bi->bi_db_init = 0;
+ bi->bi_db_destroy = 0;
+ bi->bi_db_config = dnssrv_back_db_config;
+ bi->bi_db_open = 0;
+ bi->bi_db_close = 0;
+
+ bi->bi_chk_referrals = dnssrv_back_referrals;
+
+ bi->bi_op_bind = dnssrv_back_bind;
+ bi->bi_op_search = dnssrv_back_search;
+ bi->bi_op_compare = 0 /* dnssrv_back_compare */;
+ bi->bi_op_modify = 0;
+ bi->bi_op_modrdn = 0;
+ bi->bi_op_add = 0;
+ bi->bi_op_delete = 0;
+ bi->bi_op_abandon = 0;
+ bi->bi_op_unbind = 0;
+
+ bi->bi_extended = 0;
+ bi->bi_acl_group = 0;
+ bi->bi_acl_attribute = 0;
+
+ bi->bi_connection_init = 0;
+ bi->bi_connection_destroy = 0;
+
+ return 0;
+}
+
+int
+dnssrv_back_db_init(
+ Backend *be )
+{
+ return 0;
+}
+
+int
+dnssrv_back_db_destroy(
+ Backend *be )
+{
+ return 0;
+}
diff --git a/servers/slapd/back-ldap/back-ldap.h b/servers/slapd/back-ldap/back-ldap.h
new file mode 100644
index 0000000000..3145ddd881
--- /dev/null
+++ b/servers/slapd/back-ldap/back-ldap.h
@@ -0,0 +1,134 @@
+/* back-ldap.h - ldap backend header file */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+/* This is an altered version */
+/*
+ * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
+ *
+ * Permission is granted to anyone to use this software for any purpose
+ * on any computer system, and to alter it and redistribute it, subject
+ * to the following restrictions:
+ *
+ * 1. The author is not responsible for the consequences of use of this
+ * software, no matter how awful, even if they arise from flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission. Since few users ever read sources,
+ * credits should appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software. Since few users
+ * ever read sources, credits should appear in the documentation.
+ *
+ * 4. This notice may not be removed or altered.
+ *
+ *
+ *
+ * Copyright 2000, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
+ *
+ * This software is being modified by Pierangelo Masarati.
+ * The previously reported conditions apply to the modified code as well.
+ * Changes in the original code are highlighted where required.
+ * Credits for the original code go to the author, Howard Chu.
+ */
+
+#ifndef SLAPD_LDAP_H
+#define SLAPD_LDAP_H
+
+#include "external.h"
+
+/* String rewrite library */
+#ifdef ENABLE_REWRITE
+#include "rewrite.h"
+#endif /* ENABLE_REWRITE */
+
+LDAP_BEGIN_DECL
+
+struct slap_conn;
+struct slap_op;
+
+struct ldapconn {
+ struct slap_conn *conn;
+ LDAP *ld;
+ struct berval cred;
+ struct berval bound_dn;
+ int bound;
+};
+
+struct ldapmap {
+ int drop_missing;
+
+ Avlnode *map;
+ Avlnode *remap;
+};
+
+struct ldapmapping {
+ struct berval src;
+ struct berval dst;
+};
+
+struct ldapinfo {
+ char *url;
+ char *binddn;
+ char *bindpw;
+ ldap_pvt_thread_mutex_t conn_mutex;
+ int savecred;
+ Avlnode *conntree;
+#ifdef ENABLE_REWRITE
+ struct rewrite_info *rwinfo;
+#else /* !ENABLE_REWRITE */
+ BerVarray suffix_massage;
+#endif /* !ENABLE_REWRITE */
+
+ struct ldapmap oc_map;
+ struct ldapmap at_map;
+};
+
+struct ldapconn *ldap_back_getconn(struct ldapinfo *li, struct slap_conn *conn,
+ struct slap_op *op);
+int ldap_back_dobind(struct ldapconn *lc, Operation *op);
+int ldap_back_map_result(int err);
+int ldap_back_op_result(struct ldapconn *lc, Operation *op);
+int back_ldap_LTX_init_module(int argc, char *argv[]);
+
+void ldap_back_dn_massage(struct ldapinfo *li, struct berval *dn,
+ struct berval *res, int normalized, int tofrom);
+
+extern int ldap_back_conn_cmp( const void *c1, const void *c2);
+extern int ldap_back_conn_dup( void *c1, void *c2 );
+
+int mapping_cmp (const void *, const void *);
+int mapping_dup (void *, void *);
+
+void ldap_back_map_init ( struct ldapmap *lm, struct ldapmapping ** );
+void ldap_back_map ( struct ldapmap *map, struct berval *s, struct berval *m,
+ int remap );
+char *
+ldap_back_map_filter(
+ struct ldapmap *at_map,
+ struct ldapmap *oc_map,
+ struct berval *f,
+ int remap
+);
+char **
+ldap_back_map_attrs(
+ struct ldapmap *at_map,
+ AttributeName *a,
+ int remap
+);
+
+extern void mapping_free ( struct ldapmapping *mapping );
+
+#ifdef ENABLE_REWRITE
+extern int suffix_massage_config( struct rewrite_info *info,
+ struct berval *pvnc, struct berval *nvnc,
+ struct berval *prnc, struct berval *nrnc);
+extern int ldap_dnattr_rewrite( struct rewrite_info *rwinfo, BerVarray a_vals, void *cookie );
+#endif /* ENABLE_REWRITE */
+
+LDAP_END_DECL
+
+#endif
diff --git a/servers/slapd/back-ldap/bind.c b/servers/slapd/back-ldap/bind.c
index 064bca788e..2c1af55ef7 100644
--- a/servers/slapd/back-ldap/bind.c
+++ b/servers/slapd/back-ldap/bind.c
@@ -49,6 +49,8 @@
#define PRINT_CONNTREE 0
+static LDAP_REBIND_PROC ldap_back_rebind;
+
int
ldap_back_bind(
Backend *be,
@@ -111,8 +113,19 @@ ldap_back_bind(
lc->bound = 1;
}
+ if ( li->savecred ) {
+ if ( lc->cred.bv_val )
+ ch_free( lc->cred.bv_val );
+ ber_dupbv( &lc->cred, cred );
+ ldap_set_rebind_proc( lc->ld, ldap_back_rebind, lc );
+ }
+
+ if ( lc->bound_dn.bv_val )
+ ch_free( lc->bound_dn.bv_val );
if ( mdn.bv_val != dn->bv_val ) {
- free( mdn.bv_val );
+ lc->bound_dn = mdn;
+ } else {
+ ber_dupbv( &lc->bound_dn, dn );
}
return( rc );
@@ -219,6 +232,9 @@ ldap_back_getconn(struct ldapinfo *li, Connection *conn, Operation *op)
lc->conn = conn;
lc->ld = ld;
+ lc->cred.bv_len = 0;
+ lc->cred.bv_val = NULL;
+
#ifdef ENABLE_REWRITE
/*
* Sets a cookie for the rewrite session
@@ -341,7 +357,7 @@ ldap_back_dobind(struct ldapconn *lc, Operation *op)
return( lc->bound );
}
- if (ldap_bind_s(lc->ld, lc->bound_dn.bv_val, NULL, LDAP_AUTH_SIMPLE) !=
+ if (ldap_bind_s(lc->ld, lc->bound_dn.bv_val, lc->cred.bv_val, LDAP_AUTH_SIMPLE) !=
LDAP_SUCCESS) {
ldap_back_op_result(lc, op);
return( 0 );
@@ -349,6 +365,21 @@ ldap_back_dobind(struct ldapconn *lc, Operation *op)
return( lc->bound = 1 );
}
+/*
+ * ldap_back_rebind
+ *
+ * This is a callback used for chasing referrals using the same
+ * credentials as the original user on this session.
+ */
+static int
+ldap_back_rebind( LDAP *ld, LDAP_CONST char *url, ber_tag_t request,
+ ber_int_t msgid, void *params )
+{
+ struct ldapconn *lc = params;
+
+ return ldap_bind_s( ld, lc->bound_dn.bv_val, lc->cred.bv_val, LDAP_AUTH_SIMPLE );
+}
+
/* Map API errors to protocol errors... */
int
diff --git a/servers/slapd/back-ldap/config.c b/servers/slapd/back-ldap/config.c
index 87e4fe40a0..f40fd8273f 100644
--- a/servers/slapd/back-ldap/config.c
+++ b/servers/slapd/back-ldap/config.c
@@ -111,13 +111,23 @@ ldap_back_db_config(
}
li->bindpw = ch_strdup(argv[1]);
+ /* save bind creds for referral rebinds? */
+ } else if ( strcasecmp( argv[0], "rebind-as-user" ) == 0 ) {
+ if (argc != 1) {
+ fprintf( stderr,
+ "%s: line %d: rebind-as-user takes no arguments\n",
+ fname, lineno );
+ return( 1 );
+ }
+ li->savecred = 1;
+
/* dn massaging */
} else if ( strcasecmp( argv[0], "suffixmassage" ) == 0 ) {
-#ifndef ENABLE_REWRITE
- struct berval *bd2, *nd2;
-#endif /* ENABLE_REWRITE */
BackendDB *tmp_be;
- struct berval bdn, ndn;
+ struct berval bvnc, nvnc, pvnc, brnc, nrnc, prnc;
+#ifdef ENABLE_REWRITE
+ int rc;
+#endif /* ENABLE_REWRITE */
/*
* syntax:
@@ -138,41 +148,48 @@ ldap_back_db_config(
return( 1 );
}
- bdn.bv_val = argv[1];
- bdn.bv_len = strlen(bdn.bv_val);
- if ( dnNormalize2( NULL, &bdn, &ndn ) != LDAP_SUCCESS ) {
+ ber_str2bv( argv[1], 0, 0, &bvnc );
+ if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc ) != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
- fname, lineno, bdn.bv_val );
+ fname, lineno, bvnc.bv_val );
return( 1 );
}
- tmp_be = select_backend( &ndn, 0, 0 );
- ch_free( ndn.bv_val );
+ tmp_be = select_backend( &nvnc, 0, 0 );
if ( tmp_be != NULL && tmp_be != be ) {
fprintf( stderr, "%s: line %d: suffix already in use"
" by another backend in"
" \"suffixMassage <suffix>"
" <massaged suffix>\"\n",
fname, lineno );
- return( 1 );
+ free( nvnc.bv_val );
+ free( pvnc.bv_val );
+ return( 1 );
}
- bdn.bv_val = argv[2];
- bdn.bv_len = strlen(bdn.bv_val);
- if ( dnNormalize2( NULL, &bdn, &ndn ) != LDAP_SUCCESS ) {
+ ber_str2bv( argv[2], 0, 0, &brnc );
+ if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc ) != LDAP_SUCCESS ) {
fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
- fname, lineno, bdn.bv_val );
+ fname, lineno, brnc.bv_val );
+ free( nvnc.bv_val );
+ free( pvnc.bv_val );
return( 1 );
}
- tmp_be = select_backend( &ndn, 0, 0 );
- ch_free( ndn.bv_val );
+
+#if 0
+ tmp_be = select_backend( &nrnc, 0, 0 );
if ( tmp_be != NULL ) {
fprintf( stderr, "%s: line %d: massaged suffix"
" already in use by another backend in"
" \"suffixMassage <suffix>"
" <massaged suffix>\"\n",
fname, lineno );
+ free( nvnc.bv_val );
+ free( pvnc.bv_val );
+ free( nrnc.bv_val );
+ free( prnc.bv_val );
return( 1 );
}
+#endif
#ifdef ENABLE_REWRITE
/*
@@ -181,26 +198,31 @@ ldap_back_db_config(
* FIXME: no extra rewrite capabilities should be added
* to the database
*/
- return suffix_massage_config( li->rwinfo, argc, argv );
+ rc = suffix_massage_config( li->rwinfo, &pvnc, &nvnc, &prnc, &nrnc );
+ free( nvnc.bv_val );
+ free( pvnc.bv_val );
+ free( nrnc.bv_val );
+ free( prnc.bv_val );
+
+ return( rc );
+
#else /* !ENABLE_REWRITE */
- bd2 = ber_bvstrdup( argv[1] );
- ber_bvecadd( &li->suffix_massage, bd2 );
- nd2 = NULL;
- dnNormalize( NULL, bd2, &nd2 );
- ber_bvecadd( &li->suffix_massage, nd2 );
+ ber_bvarray_add( &li->suffix_massage, &pvnc );
+ ber_bvarray_add( &li->suffix_massage, &nvnc );
- bd2 = ber_bvstrdup( argv[2] );
- ber_bvecadd( &li->suffix_massage, bd2 );
- nd2 = NULL;
- dnNormalize( NULL, bd2, &nd2 );
- ber_bvecadd( &li->suffix_massage, nd2 );
+ ber_bvarray_add( &li->suffix_massage, &prnc );
+ ber_bvarray_add( &li->suffix_massage, &nrnc );
#endif /* !ENABLE_REWRITE */
-#ifdef ENABLE_REWRITE
/* rewrite stuff ... */
} else if ( strncasecmp( argv[0], "rewrite", 7 ) == 0 ) {
+#ifdef ENABLE_REWRITE
return rewrite_parse( li->rwinfo, fname, lineno, argc, argv );
-#endif /* ENABLE_REWRITE */
+
+#else /* !ENABLE_REWRITE */
+ fprintf( stderr, "%s: line %d: rewrite capabilities "
+ "are not enabled\n", fname, lineno );
+#endif /* !ENABLE_REWRITE */
/* objectclass/attribute mapping */
} else if ( strcasecmp( argv[0], "map" ) == 0 ) {
@@ -331,35 +353,20 @@ suffix_massage_regexize( const char *s )
}
static char *
-suffix_massage_patternize( const char *s, int normalize )
+suffix_massage_patternize( const char *s )
{
- struct berval dn = { 0, NULL }, odn = { 0, NULL };
- int rc;
+ ber_len_t len;
char *res;
- dn.bv_val = ( char * )s;
- dn.bv_len = strlen( s );
-
- if ( normalize ) {
- rc = dnNormalize2( NULL, &dn, &odn );
- } else {
- rc = dnPretty2( NULL, &dn, &odn );
- }
+ len = strlen( s );
- if ( rc != LDAP_SUCCESS ) {
- return NULL;
- }
-
- res = ch_calloc( sizeof( char ), odn.bv_len + sizeof( "%1" ) );
+ res = ch_calloc( sizeof( char ), len + sizeof( "%1" ) );
if ( res == NULL ) {
return NULL;
}
strcpy( res, "%1" );
- strcpy( res + sizeof( "%1" ) - 1, odn.bv_val );
-
- /* FIXME: what FREE should I use? */
- free( odn.bv_val );
+ strcpy( res + sizeof( "%1" ) - 1, s );
return res;
}
@@ -367,42 +374,45 @@ suffix_massage_patternize( const char *s, int normalize )
int
suffix_massage_config(
struct rewrite_info *info,
- int argc,
- char **argv
+ struct berval *pvnc,
+ struct berval *nvnc,
+ struct berval *prnc,
+ struct berval *nrnc
)
{
char *rargv[ 5 ];
+ int line = 0;
rargv[ 0 ] = "rewriteEngine";
rargv[ 1 ] = "on";
rargv[ 2 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 1, 2, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "default";
rargv[ 2 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 2, 2, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
rargv[ 0 ] = "rewriteRule";
- rargv[ 1 ] = suffix_massage_regexize( argv[ 1 ] );
- rargv[ 2 ] = suffix_massage_patternize( argv[ 2 ], 0 );
+ rargv[ 1 ] = suffix_massage_regexize( pvnc->bv_val );
+ rargv[ 2 ] = suffix_massage_patternize( prnc->bv_val );
rargv[ 3 ] = ":";
rargv[ 4 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 3, 4, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
ch_free( rargv[ 1 ] );
ch_free( rargv[ 2 ] );
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "searchResult";
rargv[ 2 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 4, 2, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
rargv[ 0 ] = "rewriteRule";
- rargv[ 1 ] = suffix_massage_regexize( argv[ 2 ] );
- rargv[ 2 ] = suffix_massage_patternize( argv[ 1 ], 0 );
+ rargv[ 1 ] = suffix_massage_regexize( prnc->bv_val );
+ rargv[ 2 ] = suffix_massage_patternize( pvnc->bv_val );
rargv[ 3 ] = ":";
rargv[ 4 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 5, 4, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
ch_free( rargv[ 1 ] );
ch_free( rargv[ 2 ] );
@@ -419,30 +429,54 @@ suffix_massage_config(
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "searchFilter";
rargv[ 2 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 6, 2, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
+
+#if 1 /* rewrite filters */
+ {
+ /*
+ * Note: this is far more optimistic than desirable:
+ * for any AVA value ending with the virtual naming
+ * context the terminal part will be replaced by the
+ * real naming context; a better solution would be to
+ * walk the filter looking for DN-valued attributes,
+ * and only rewrite those that require rewriting
+ */
+ char vbuf[LDAP_FILT_MAXSIZ], rbuf[LDAP_FILT_MAXSIZ];
+
+ snprintf( vbuf, sizeof( vbuf ), "(.*)%s\\)(.*)", nvnc->bv_val );
+ snprintf( rbuf, sizeof( rbuf ), "%%1%s)%%2", nrnc->bv_val );
+
+ rargv[ 0 ] = "rewriteRule";
+ rargv[ 1 ] = vbuf;
+ rargv[ 2 ] = rbuf;
+ rargv[ 3 ] = ":";
+ rargv[ 4 ] = NULL;
+ rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
+ }
+#endif /* rewrite filters */
-#if 0 /* matched is not normalized */
+#if 0 /* "matched" is not normalized */
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "matchedDn";
rargv[ 2 ] = "alias";
rargv[ 3 ] = "searchResult";
rargv[ 4 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 7, 4, rargv );
-#else /* normalize matched */
+ rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
+#else /* normalize "matched" */
rargv[ 0 ] = "rewriteContext";
rargv[ 1 ] = "matchedDn";
rargv[ 2 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 7, 2, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 2, rargv );
rargv[ 0 ] = "rewriteRule";
- rargv[ 1 ] = suffix_massage_regexize( argv[ 2 ] );
- rargv[ 2 ] = suffix_massage_patternize( argv[ 1 ], 1 );
+ rargv[ 1 ] = suffix_massage_regexize( prnc->bv_val );
+ rargv[ 2 ] = suffix_massage_patternize( nvnc->bv_val );
rargv[ 3 ] = ":";
rargv[ 4 ] = NULL;
- rewrite_parse( info, "<suffix massage>", 8, 4, rargv );
+ rewrite_parse( info, "<suffix massage>", ++line, 4, rargv );
ch_free( rargv[ 1 ] );
ch_free( rargv[ 2 ] );
-#endif /* normalize matched */
+#endif /* normalize "matched" */
return 0;
}
diff --git a/servers/slapd/back-ldap/init.c b/servers/slapd/back-ldap/init.c
new file mode 100644
index 0000000000..2b4a1c81f9
--- /dev/null
+++ b/servers/slapd/back-ldap/init.c
@@ -0,0 +1,201 @@
+/* init.c - initialize ldap backend */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+/* This is an altered version */
+/*
+ * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
+ *
+ * Permission is granted to anyone to use this software for any purpose
+ * on any computer system, and to alter it and redistribute it, subject
+ * to the following restrictions:
+ *
+ * 1. The author is not responsible for the consequences of use of this
+ * software, no matter how awful, even if they arise from flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission. Since few users ever read sources,
+ * credits should appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software. Since few users
+ * ever read sources, credits should appear in the documentation.
+ *
+ * 4. This notice may not be removed or altered.
+ *
+ *
+ *
+ * Copyright 2000, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
+ *
+ * This software is being modified by Pierangelo Masarati.
+ * The previously reported conditions apply to the modified code as well.
+ * Changes in the original code are highlighted where required.
+ * Credits for the original code go to the author, Howard Chu.
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/socket.h>
+
+#include "slap.h"
+#include "back-ldap.h"
+
+#ifdef SLAPD_LDAP_DYNAMIC
+
+int back_ldap_LTX_init_module(int argc, char *argv[]) {
+ BackendInfo bi;
+
+ memset( &bi, '\0', sizeof(bi) );
+ bi.bi_type = "ldap";
+ bi.bi_init = ldap_back_initialize;
+
+ backend_add(&bi);
+ return 0;
+}
+
+#endif /* SLAPD_LDAP_DYNAMIC */
+
+int
+ldap_back_initialize(
+ BackendInfo *bi
+)
+{
+ bi->bi_open = 0;
+ bi->bi_config = 0;
+ bi->bi_close = 0;
+ bi->bi_destroy = 0;
+
+ bi->bi_db_init = ldap_back_db_init;
+ bi->bi_db_config = ldap_back_db_config;
+ bi->bi_db_open = 0;
+ bi->bi_db_close = 0;
+ bi->bi_db_destroy = ldap_back_db_destroy;
+
+ bi->bi_op_bind = ldap_back_bind;
+ bi->bi_op_unbind = 0;
+ bi->bi_op_search = ldap_back_search;
+ bi->bi_op_compare = ldap_back_compare;
+ bi->bi_op_modify = ldap_back_modify;
+ bi->bi_op_modrdn = ldap_back_modrdn;
+ bi->bi_op_add = ldap_back_add;
+ bi->bi_op_delete = ldap_back_delete;
+ bi->bi_op_abandon = 0;
+
+ bi->bi_extended = 0;
+
+ bi->bi_acl_group = ldap_back_group;
+ bi->bi_acl_attribute = ldap_back_attribute;
+ bi->bi_chk_referrals = 0;
+
+ bi->bi_connection_init = 0;
+ bi->bi_connection_destroy = ldap_back_conn_destroy;
+
+ return 0;
+}
+
+int
+ldap_back_db_init(
+ Backend *be
+)
+{
+ struct ldapinfo *li;
+ struct ldapmapping *mapping;
+
+ li = (struct ldapinfo *) ch_calloc( 1, sizeof(struct ldapinfo) );
+ if ( li == NULL ) {
+ return -1;
+ }
+
+#ifdef ENABLE_REWRITE
+ li->rwinfo = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
+ if ( li->rwinfo == NULL ) {
+ ch_free( li );
+ return -1;
+ }
+#endif /* ENABLE_REWRITE */
+
+ ldap_pvt_thread_mutex_init( &li->conn_mutex );
+
+ ldap_back_map_init( &li->at_map, &mapping );
+
+ be->be_private = li;
+
+ return 0;
+}
+
+static void
+conn_free(
+ struct ldapconn *lc
+)
+{
+ ldap_unbind( lc->ld );
+ if ( lc->bound_dn.bv_val ) {
+ ch_free( lc->bound_dn.bv_val );
+ }
+ if ( lc->cred.bv_val ) {
+ ch_free( lc->cred.bv_val );
+ }
+ ch_free( lc );
+}
+
+void
+mapping_free ( struct ldapmapping *mapping )
+{
+ ch_free( mapping->src.bv_val );
+ ch_free( mapping->dst.bv_val );
+ ch_free( mapping );
+}
+
+int
+ldap_back_db_destroy(
+ Backend *be
+)
+{
+ struct ldapinfo *li;
+
+ if (be->be_private) {
+ li = (struct ldapinfo *)be->be_private;
+
+ ldap_pvt_thread_mutex_lock( &li->conn_mutex );
+
+ if (li->url) {
+ ch_free(li->url);
+ li->url = NULL;
+ }
+ if (li->binddn) {
+ ch_free(li->binddn);
+ li->binddn = NULL;
+ }
+ if (li->bindpw) {
+ ch_free(li->bindpw);
+ li->bindpw = NULL;
+ }
+ if (li->conntree) {
+ avl_free( li->conntree, (AVL_FREE) conn_free );
+ }
+#ifdef ENABLE_REWRITE
+ if (li->rwinfo) {
+ rewrite_info_delete( li->rwinfo );
+ }
+#else /* !ENABLE_REWRITE */
+ if (li->suffix_massage) {
+ ber_bvarray_free( li->suffix_massage );
+ }
+#endif /* !ENABLE_REWRITE */
+
+ avl_free( li->oc_map.remap, NULL );
+ avl_free( li->oc_map.map, (AVL_FREE) mapping_free );
+ avl_free( li->at_map.remap, NULL );
+ avl_free( li->at_map.map, (AVL_FREE) mapping_free );
+
+ ldap_pvt_thread_mutex_unlock( &li->conn_mutex );
+ ldap_pvt_thread_mutex_destroy( &li->conn_mutex );
+ }
+
+ ch_free( be->be_private );
+ return 0;
+}
diff --git a/servers/slapd/back-ldap/search.c b/servers/slapd/back-ldap/search.c
index 00777661d0..4f107a4f38 100644
--- a/servers/slapd/back-ldap/search.c
+++ b/servers/slapd/back-ldap/search.c
@@ -99,7 +99,7 @@ ldap_back_search(
/* if requested limit higher than hard limit, abort */
if ( !isroot && tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_t_hard == 0 ) {
+ if ( limit->lms_t_hard == 0 && tlimit > limit->lms_t_soft ) {
tlimit = limit->lms_t_soft;
/* positive hard limit means abort */
@@ -117,7 +117,7 @@ ldap_back_search(
/* if requested limit higher than hard limit, abort */
if ( !isroot && slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_s_hard == 0 ) {
+ if ( limit->lms_s_hard == 0 && slimit > limit->lms_s_soft ) {
slimit = limit->lms_s_soft;
/* positive hard limit means abort */
@@ -258,7 +258,7 @@ fail:;
for ( count=0, rc=0;
rc != -1;
- rc = ldap_result(lc->ld, LDAP_RES_ANY, 0, &tv, &res))
+ rc = ldap_result(lc->ld, msgid, 0, &tv, &res))
{
/* check for abandon */
if (op->o_abandon) {
@@ -452,6 +452,7 @@ ldap_send_entry(
} else if ( attr->a_desc == slap_schema.si_ad_objectClass
|| attr->a_desc == slap_schema.si_ad_structuralObjectClass ) {
int i, last;
+ assert( attr->a_vals );
for ( last = 0; attr->a_vals[last].bv_val; last++ ) ;
for ( i = 0, bv = attr->a_vals; bv->bv_val; bv++, i++ ) {
ldap_back_map(&li->oc_map, bv, &mapped, 1);
@@ -474,12 +475,11 @@ ldap_send_entry(
}
}
-#ifdef ENABLE_REWRITE
/*
* It is necessary to try to rewrite attributes with
* dn syntax because they might be used in ACLs as
* members of groups; since ACLs are applied to the
- * rewritten stuff, no dn-based subecj clause could
+ * rewritten stuff, no dn-based subject clause could
* be used at the ldap backend side (see
* http://www.OpenLDAP.org/faq/data/cache/452.html)
* The problem can be overcome by moving the dn-based
@@ -489,18 +489,22 @@ ldap_send_entry(
} else if ( strcmp( attr->a_desc->ad_type->sat_syntax->ssyn_oid,
SLAPD_DN_SYNTAX ) == 0 ) {
int i;
+ assert( attr->a_vals );
for ( i = 0, bv = attr->a_vals; bv->bv_val; bv++, i++ ) {
- char *newval;
+ struct berval newval;
+#ifdef ENABLE_REWRITE
switch ( rewrite_session( li->rwinfo,
"searchResult",
bv->bv_val,
- lc->conn, &newval )) {
+ lc->conn,
+ &newval.bv_val )) {
case REWRITE_REGEXEC_OK:
/* left as is */
- if ( newval == NULL ) {
+ if ( newval.bv_val == NULL ) {
break;
}
+ newval.bv_len = strlen( newval.bv_val );
#ifdef NEW_LOGGING
LDAP_LOG(( "backend",
LDAP_LEVEL_DETAIL1,
@@ -508,17 +512,16 @@ ldap_send_entry(
" attr=%s:"
" \"%s\" -> \"%s\"\n",
attr->a_desc->ad_type->sat_cname.bv_val,
- bv->bv_val, newval ));
+ bv->bv_val,
+ newval.bv_val ));
#else /* !NEW_LOGGING */
Debug( LDAP_DEBUG_ARGS,
"rw> searchResult on attr=%s: \"%s\" -> \"%s\"\n",
attr->a_desc->ad_type->sat_cname.bv_val,
- bv->bv_val, newval );
+ bv->bv_val, newval.bv_val );
#endif /* !NEW_LOGGING */
free( bv->bv_val );
- bv->bv_val = newval;
- bv->bv_len = strlen( newval );
-
+ *bv = newval;
break;
case REWRITE_REGEXEC_UNWILLING:
@@ -531,8 +534,11 @@ ldap_send_entry(
*/
break;
}
+#else /* !ENABLE_REWRITE */
+ ldap_back_dn_massage( li, bv, &newval, 0, 0 );
+ *bv = newval;
+#endif /* !ENABLE_REWRITE */
}
-#endif /* ENABLE_REWRITE */
}
*attrp = attr;
@@ -547,7 +553,7 @@ ldap_send_entry(
ch_free(attr);
}
- if ( ent.e_dn && ent.e_dn != bdn.bv_val )
+ if ( ent.e_dn && ( ent.e_dn != bdn.bv_val ) )
free( ent.e_dn );
if ( ent.e_ndn )
free( ent.e_ndn );
diff --git a/servers/slapd/back-ldap/suffixmassage.c b/servers/slapd/back-ldap/suffixmassage.c
index 0847740f02..d24af0e275 100644
--- a/servers/slapd/back-ldap/suffixmassage.c
+++ b/servers/slapd/back-ldap/suffixmassage.c
@@ -55,6 +55,8 @@ ldap_back_dn_massage(
{
int i, src, dst;
+ assert( res );
+
if ( dn == NULL ) {
res->bv_val = NULL;
res->bv_len = 0;
@@ -74,9 +76,9 @@ ldap_back_dn_massage(
}
for ( i = 0;
- li->suffix_massage[i] != NULL;
+ li->suffix_massage[i].bv_val != NULL;
i += 4 ) {
- int aliasLength = li->suffix_massage[i+src]->bv_len;
+ int aliasLength = li->suffix_massage[i+src].bv_len;
int diff = dn->bv_len - aliasLength;
if ( diff < 0 ) {
@@ -91,11 +93,11 @@ ldap_back_dn_massage(
/* XXX or an escaped separator... oh well */
}
- if ( !strcmp( li->suffix_massage[i+src]->bv_val, &dn->bv_val[diff] ) ) {
- res->bv_len = diff + li->suffix_massage[i+dst]->bv_len;
+ if ( !strcmp( li->suffix_massage[i+src].bv_val, &dn->bv_val[diff] ) ) {
+ res->bv_len = diff + li->suffix_massage[i+dst].bv_len;
res->bv_val = ch_malloc( res->bv_len + 1 );
strncpy( res->bv_val, dn->bv_val, diff );
- strcpy( &res->bv_val[diff], li->suffix_massage[i+dst]->bv_val );
+ strcpy( &res->bv_val[diff], li->suffix_massage[i+dst].bv_val );
#ifdef NEW_LOGGING
LDAP_LOG (( "suffixmassage", LDAP_LEVEL_ARGS,
"ldap_back_dn_massage: converted \"%s\" to \"%s\"\n",
diff --git a/servers/slapd/back-ldap/unbind.c b/servers/slapd/back-ldap/unbind.c
index f3f5617d5d..a15452721a 100644
--- a/servers/slapd/back-ldap/unbind.c
+++ b/servers/slapd/back-ldap/unbind.c
@@ -97,6 +97,9 @@ ldap_back_conn_destroy(
if ( lc->bound_dn.bv_val ) {
ch_free( lc->bound_dn.bv_val );
}
+ if ( lc->cred.bv_val ) {
+ ch_free( lc->cred.bv_val );
+ }
ch_free( lc );
}
diff --git a/servers/slapd/back-ldbm/idl.c b/servers/slapd/back-ldbm/idl.c
index 2fe5d6fd04..60ca3e6594 100644
--- a/servers/slapd/back-ldbm/idl.c
+++ b/servers/slapd/back-ldbm/idl.c
@@ -1058,6 +1058,9 @@ idl_intersection(
if ( ID_BLOCK_ALLIDS( b ) ) {
return( idl_dup( a ) );
}
+ if ( ID_BLOCK_NIDS(a) == 0 || ID_BLOCK_NIDS(b) == 0 ) {
+ return( NULL );
+ }
n = idl_dup( idl_min( a, b ) );
@@ -1066,24 +1069,21 @@ idl_intersection(
idl_check(b);
#endif
- for ( ni = 0, ai = 0, bi = 0; ai < ID_BLOCK_NIDS(a); ai++ ) {
- if ( ID_BLOCK_ID(a, ai) < ID_BLOCK_ID(b, bi) ) {
- continue;
- }
- for ( ;
- bi < ID_BLOCK_NIDS(b) && ID_BLOCK_ID(b, bi) < ID_BLOCK_ID(a, ai);
- bi++ )
- {
- ; /* NULL */
- }
-
- if ( bi == ID_BLOCK_NIDS(b) ) {
- break;
- }
-
+ for ( ni = 0, ai = 0, bi = 0; ; ) {
if ( ID_BLOCK_ID(b, bi) == ID_BLOCK_ID(a, ai) ) {
ID_BLOCK_ID(n, ni++) = ID_BLOCK_ID(a, ai);
+ ai++;
bi++;
+ if ( ai >= ID_BLOCK_NIDS(a) || bi >= ID_BLOCK_NIDS(b) )
+ break;
+ } else if ( ID_BLOCK_ID(a, ai) < ID_BLOCK_ID(b, bi) ) {
+ ai++;
+ if ( ai >= ID_BLOCK_NIDS(a) )
+ break;
+ } else {
+ bi++;
+ if ( bi >= ID_BLOCK_NIDS(b) )
+ break;
}
}
diff --git a/servers/slapd/back-ldbm/init.c b/servers/slapd/back-ldbm/init.c
index ada60432c2..d3e16e31c9 100644
--- a/servers/slapd/back-ldbm/init.c
+++ b/servers/slapd/back-ldbm/init.c
@@ -37,6 +37,7 @@ ldbm_back_initialize(
{
static char *controls[] = {
LDAP_CONTROL_MANAGEDSAIT,
+ LDAP_CONTROL_VALUESRETURNFILTER,
NULL
};
diff --git a/servers/slapd/back-ldbm/search.c b/servers/slapd/back-ldbm/search.c
index a82ffe7f90..91549f1b8b 100644
--- a/servers/slapd/back-ldbm/search.c
+++ b/servers/slapd/back-ldbm/search.c
@@ -223,7 +223,7 @@ searchit:
/* if candidates exceed to-be-checked entries, abort */
if ( !isroot && limit->lms_s_unchecked != -1 ) {
if ( ID_BLOCK_NIDS( candidates ) > (unsigned) limit->lms_s_unchecked ) {
- send_search_result( conn, op, LDAP_UNWILLING_TO_PERFORM,
+ send_search_result( conn, op, LDAP_ADMINLIMIT_EXCEEDED,
NULL, NULL, NULL, NULL, 0 );
rc = 0;
goto done;
@@ -248,7 +248,7 @@ searchit:
/* if requested limit higher than hard limit, abort */
} else if ( tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_t_hard == 0 ) {
+ if ( limit->lms_t_hard == 0 && tlimit > limit->lms_t_soft ) {
tlimit = limit->lms_t_soft;
/* positive hard limit means abort */
@@ -270,7 +270,7 @@ searchit:
/* if requested limit higher than hard limit, abort */
} else if ( slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_s_hard == 0 ) {
+ if ( limit->lms_s_hard == 0 && slimit > limit->lms_s_soft ) {
slimit = limit->lms_s_soft;
/* positive hard limit means abort */
diff --git a/servers/slapd/back-meta/Documentation b/servers/slapd/back-meta/Documentation
new file mode 100644
index 0000000000..2971614a61
--- /dev/null
+++ b/servers/slapd/back-meta/Documentation
@@ -0,0 +1 @@
+The Meta Backend is described in the slapd-meta(5) manual page.
diff --git a/servers/slapd/back-meta/bind.c b/servers/slapd/back-meta/bind.c
index 1850679628..808bb68909 100644
--- a/servers/slapd/back-meta/bind.c
+++ b/servers/slapd/back-meta/bind.c
@@ -424,7 +424,7 @@ meta_back_op_result( struct metaconn *lc, Operation *op )
err = ldap_back_map_result( err );
#ifdef NEW_LOGGING
- LDAP_LOG(( "backend", LDAP_DEBUG_ANY,
+ LDAP_LOG(( "backend", LDAP_LEVEL_RESULTS,
"meta_back_op_result: target"
" <%d> sending msg \"%s\""
" (matched \"%s\")\n",
diff --git a/servers/slapd/back-meta/config.c b/servers/slapd/back-meta/config.c
new file mode 100644
index 0000000000..7b8f7cf6e5
--- /dev/null
+++ b/servers/slapd/back-meta/config.c
@@ -0,0 +1,594 @@
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ *
+ * Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
+ *
+ * This work has been developed to fulfill the requirements
+ * of SysNet s.n.c. <http:www.sys-net.it> and it has been donated
+ * to the OpenLDAP Foundation in the hope that it may be useful
+ * to the Open Source community, but WITHOUT ANY WARRANTY.
+ *
+ * Permission is granted to anyone to use this software for any purpose
+ * on any computer system, and to alter it and redistribute it, subject
+ * to the following restrictions:
+ *
+ * 1. The author and SysNet s.n.c. are not responsible for the consequences
+ * of use of this software, no matter how awful, even if they arise from
+ * flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission. Since few users ever read sources,
+ * credits should appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software. Since few users
+ * ever read sources, credits should appear in the documentation.
+ * SysNet s.n.c. cannot be responsible for the consequences of the
+ * alterations.
+ *
+ * 4. This notice may not be removed or altered.
+ *
+ *
+ * This software is based on the backend back-ldap, implemented
+ * by Howard Chu <hyc@highlandsun.com>, and modified by Mark Valence
+ * <kurash@sassafras.com>, Pierangelo Masarati <ando@sys-net.it> and other
+ * contributors. The contribution of the original software to the present
+ * implementation is acknowledged in this copyright statement.
+ *
+ * A special acknowledgement goes to Howard for the overall architecture
+ * (and for borrowing large pieces of code), and to Mark, who implemented
+ * from scratch the attribute/objectclass mapping.
+ *
+ * The original copyright statement follows.
+ *
+ * Copyright 1999, Howard Chu, All rights reserved. <hyc@highlandsun.com>
+ *
+ * Permission is granted to anyone to use this software for any purpose
+ * on any computer system, and to alter it and redistribute it, subject
+ * to the following restrictions:
+ *
+ * 1. The author is not responsible for the consequences of use of this
+ * software, no matter how awful, even if they arise from flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission. Since few users ever read sources,
+ * credits should appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software. Since few users
+ * ever read sources, credits should appear in the
+ * documentation.
+ *
+ * 4. This notice may not be removed or altered.
+ *
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
+#include "slap.h"
+#include "../back-ldap/back-ldap.h"
+#include "back-meta.h"
+
+static struct metatarget *
+new_target( void )
+{
+ struct metatarget *lt;
+ struct ldapmapping *mapping;
+
+ lt = ch_calloc( sizeof( struct metatarget ), 1 );
+ if ( lt == NULL ) {
+ return NULL;
+ }
+
+ lt->rwinfo = rewrite_info_init( REWRITE_MODE_USE_DEFAULT );
+ if ( lt->rwinfo == NULL ) {
+ free( lt );
+ return NULL;
+ }
+
+ ldap_back_map_init( <->at_map, &mapping );
+
+ return lt;
+}
+
+int
+meta_back_db_config(
+ BackendDB *be,
+ const char *fname,
+ int lineno,
+ int argc,
+ char **argv
+)
+{
+ struct metainfo *li = ( struct metainfo * )be->be_private;
+
+ if ( li == NULL ) {
+ fprintf( stderr,
+ "%s: line %d: meta backend info is null!\n",
+ fname, lineno );
+ return 1;
+ }
+
+ /* URI of server to query */
+ if ( strcasecmp( argv[ 0 ], "uri" ) == 0 ) {
+ int i = li->ntargets;
+#if 0
+ int j;
+#endif /* uncomment if uri MUST be a branch of suffix */
+ LDAPURLDesc *ludp;
+ char *last;
+ struct berval dn;
+ int rc;
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: missing address"
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ ++li->ntargets;
+
+ li->targets = ch_realloc( li->targets,
+ sizeof( struct metatarget *)*li->ntargets );
+ if ( li->targets == NULL ) {
+ fprintf( stderr,
+ "%s: line %d: out of memory while storing server name"
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ if ( ( li->targets[ i ] = new_target() ) == NULL ) {
+ fprintf( stderr,
+ "%s: line %d: unable to init server"
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ /*
+ * uri MUST be legal!
+ */
+ if ( ldap_url_parse( argv[ 1 ], &ludp ) != LDAP_SUCCESS ) {
+ fprintf( stderr,
+ "%s: line %d: unable to parse URI"
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ /*
+ * uri MUST have the <dn> part!
+ */
+ if ( ludp->lud_dn == NULL || ludp->lud_dn[ 0 ] == '\0' ) {
+ fprintf( stderr,
+ "%s: line %d: missing <naming context> "
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ /*
+ * copies and stores uri and suffix
+ */
+ dn.bv_val = ludp->lud_dn;
+ dn.bv_len = strlen( ludp->lud_dn );
+
+ rc = dnPrettyNormal( NULL, &dn, &li->targets[ i ]->psuffix,
+ &li->targets[ i ]->suffix );
+ if( rc != LDAP_SUCCESS ) {
+ fprintf( stderr, "%s: line %d: "
+ "target '%s' DN is invalid\n",
+ fname, lineno, argv[ 1 ] );
+ return( 1 );
+ }
+
+ li->targets[ i ]->uri = ch_strdup( argv[ 1 ] );
+ last = strstr( li->targets[ i ]->uri, ludp->lud_dn );
+ assert( last != NULL );
+ last[ 0 ] = '\0';
+
+ /*
+ * uri MUST be a branch of suffix!
+ */
+#if 0 /* too strict a constraint */
+ if ( select_backend( &li->targets[ i ]->suffix, 0, 0 ) != be ) {
+ fprintf( stderr,
+ "%s: line %d: <naming context> of URI does not refer to current backend"
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+#else
+ /*
+ * uri MUST be a branch of a suffix!
+ */
+ if ( select_backend( &li->targets[ i ]->suffix, 0, 0 ) == NULL ) {
+ fprintf( stderr,
+ "%s: line %d: <naming context> of URI does not resolve to a backend"
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+#endif
+
+#if 0
+ /*
+ * uri MUST not be used by other URIs!
+ *
+ * FIXME: this limitation may be removed,
+ * or worked out, at least, in some manner
+ */
+ for ( j = 0; j < i-1; j++ ) {
+ if ( dn_match( &li->targets[ i ]->suffix,
+ &li->targets[ j ]->suffix ) ) {
+ fprintf( stderr,
+ "%s: line %d: naming context \"%s\" already used"
+ " in \"uri <protocol>://<server>[:port]/<naming context>\" line\n",
+ fname, lineno, last+1 );
+ return 1;
+ }
+ }
+#endif
+
+ ldap_free_urldesc( ludp );
+
+#if 0
+ fprintf(stderr, "%s: line %d: URI \"%s\", suffix \"%s\"\n",
+ fname, lineno, li->targets[ i ]->uri,
+ li->targets[ i ]->psuffix.bv_val );
+#endif
+
+ /* default target directive */
+ } else if ( strcasecmp( argv[ 0 ], "default-target" ) == 0 ) {
+ int i = li->ntargets-1;
+
+ if ( argc == 1 ) {
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: \"default-target\" alone need be"
+ " inside a \"uri\" directive\n",
+ fname, lineno );
+ return 1;
+ }
+ li->defaulttarget = i;
+ } else {
+ if ( strcasecmp( argv[ 1 ], "none" ) == 0 ) {
+ if ( i >= 0 ) {
+ fprintf( stderr,
+ "%s: line %d: \"default-target none\""
+ " should go before uri definitions\n",
+ fname, lineno );
+ }
+ li->defaulttarget = META_DEFAULT_TARGET_NONE;
+ } else {
+ int n = atoi( argv[ 1 ] );
+ if ( n < 1 || n >= i ) {
+ fprintf( stderr,
+ "%s: line %d: illegal target number %d\n",
+ fname, lineno, n );
+ return 1;
+ }
+ li->defaulttarget = n-1;
+ }
+ }
+
+ /* ttl of dn cache */
+ } else if ( strcasecmp( argv[ 0 ], "dncache-ttl" ) == 0 ) {
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: missing ttl in \"dncache-ttl <ttl>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ if ( strcasecmp( argv[ 1 ], "forever" ) == 0 ) {
+ li->cache.ttl = META_DNCACHE_FOREVER;
+ } else if ( strcasecmp( argv[ 1 ], "disabled" ) == 0 ) {
+ li->cache.ttl = META_DNCACHE_DISABLED;
+ } else {
+ li->cache.ttl = atol( argv[ 1 ] );
+ }
+
+ /* name to use for meta_back_group */
+ } else if ( strcasecmp( argv[ 0 ], "binddn" ) == 0 ) {
+ int i = li->ntargets-1;
+ struct berval dn;
+
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: need \"uri\" directive first\n",
+ fname, lineno );
+ }
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: missing name in \"binddn <name>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ dn.bv_val = argv[ 1 ];
+ dn.bv_len = strlen( argv[ 1 ] );
+ if ( dnNormalize2( NULL, &dn, &li->targets[ i ]->binddn ) != LDAP_SUCCESS ) {
+ fprintf( stderr, "%s: line %d: "
+ "bind DN '%s' is invalid\n",
+ fname, lineno, argv[ 1 ] );
+ return( 1 );
+ }
+
+ /* password to use for meta_back_group */
+ } else if ( strcasecmp( argv[ 0 ], "bindpw" ) == 0 ) {
+ int i = li->ntargets-1;
+
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: need \"uri\" directive first\n",
+ fname, lineno );
+ }
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: missing password in \"bindpw <password>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+ ber_str2bv( argv[ 1 ], 0L, 1, &li->targets[ i ]->bindpw );
+
+ /* name to use as pseudo-root dn */
+ } else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
+ int i = li->ntargets-1;
+ struct berval dn;
+
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: need \"uri\" directive first\n",
+ fname, lineno );
+ }
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: missing name in \"pseudorootdn <name>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+
+ dn.bv_val = argv[ 1 ];
+ dn.bv_len = strlen( argv[ 1 ] );
+ if ( dnNormalize2( NULL, &dn, &li->targets[ i ]->pseudorootdn ) != LDAP_SUCCESS ) {
+ fprintf( stderr, "%s: line %d: "
+ "pseudoroot DN '%s' is invalid\n",
+ fname, lineno, argv[ 1 ] );
+ return( 1 );
+ }
+
+ /* password to use as pseudo-root */
+ } else if ( strcasecmp( argv[ 0 ], "pseudorootpw" ) == 0 ) {
+ int i = li->ntargets-1;
+
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: need \"uri\" directive first\n",
+ fname, lineno );
+ }
+
+ if ( argc != 2 ) {
+ fprintf( stderr,
+ "%s: line %d: missing password in \"pseudorootpw <password>\" line\n",
+ fname, lineno );
+ return 1;
+ }
+ ber_str2bv( argv[ 1 ], 0L, 1, &li->targets[ i ]->pseudorootpw );
+
+ /* dn massaging */
+ } else if ( strcasecmp( argv[ 0 ], "suffixmassage" ) == 0 ) {
+ BackendDB *tmp_be;
+ int i = li->ntargets-1;
+ struct berval dn, nvnc, pvnc, nrnc, prnc;
+
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: need \"uri\" directive first\n",
+ fname, lineno );
+ return 1;
+ }
+
+ /*
+ * syntax:
+ *
+ * suffixmassage <suffix> <massaged suffix>
+ *
+ * the <suffix> field must be defined as a valid suffix
+ * (or suffixAlias?) for the current database;
+ * the <massaged suffix> shouldn't have already been
+ * defined as a valid suffix or suffixAlias for the
+ * current server
+ */
+ if ( argc != 3 ) {
+ fprintf( stderr,
+ "%s: line %d: syntax is \"suffixMassage <suffix> <massaged suffix>\"\n",
+ fname, lineno );
+ return 1;
+ }
+
+ dn.bv_val = argv[ 1 ];
+ dn.bv_len = strlen( argv[ 1 ] );
+ if ( dnPrettyNormal( NULL, &dn, &pvnc, &nvnc ) != LDAP_SUCCESS ) {
+ fprintf( stderr, "%s: line %d: "
+ "suffix '%s' is invalid\n",
+ fname, lineno, argv[ 1 ] );
+ return 1;
+ }
+
+ tmp_be = select_backend( &nvnc, 0, 0 );
+ if ( tmp_be != NULL && tmp_be != be ) {
+ fprintf( stderr,
+ "%s: line %d: suffix already in use by another backend in"
+ " \"suffixMassage <suffix> <massaged suffix>\"\n",
+ fname, lineno );
+ free( pvnc.bv_val );
+ free( nvnc.bv_val );
+ return 1;
+ }
+
+ dn.bv_val = argv[ 2 ];
+ dn.bv_len = strlen( argv[ 2 ] );
+ if ( dnPrettyNormal( NULL, &dn, &prnc, &nrnc ) != LDAP_SUCCESS ) {
+ fprintf( stderr, "%s: line %d: "
+ "massaged suffix '%s' is invalid\n",
+ fname, lineno, argv[ 2 ] );
+ free( pvnc.bv_val );
+ free( nvnc.bv_val );
+ return 1;
+ }
+
+#if 0
+ tmp_be = select_backend( &nrnc, 0, 0 );
+ if ( tmp_be != NULL ) {
+ fprintf( stderr,
+ "%s: line %d: massaged suffix already in use by another backend in"
+ " \"suffixMassage <suffix> <massaged suffix>\"\n",
+ fname, lineno );
+ free( pvnc.bv_val );
+ free( nvnc.bv_val );
+ free( prnc.bv_val );
+ free( nrnc.bv_val );
+ return 1;
+ }
+#endif
+
+ /*
+ * The suffix massaging is emulated by means of the
+ * rewrite capabilities
+ * FIXME: no extra rewrite capabilities should be added
+ * to the database
+ */
+ return suffix_massage_config( li->targets[ i ]->rwinfo,
+ &pvnc, &nvnc, &prnc, &nrnc );
+
+ /* rewrite stuff ... */
+ } else if ( strncasecmp( argv[ 0 ], "rewrite", 7 ) == 0 ) {
+ int i = li->ntargets-1;
+
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: need \"uri\" directive first\n",
+ fname, lineno );
+ }
+
+ return rewrite_parse( li->targets[ i ]->rwinfo, fname, lineno,
+ argc, argv );
+
+ /* objectclass/attribute mapping */
+ } else if ( strcasecmp( argv[ 0 ], "map" ) == 0 ) {
+ struct ldapmap *map;
+ struct ldapmapping *mapping;
+ char *src, *dst;
+ int i = li->ntargets-1;
+
+ if ( i < 0 ) {
+ fprintf( stderr,
+ "%s: line %d: need \"uri\" directive first\n",
+ fname, lineno );
+ }
+
+
+ if ( argc < 3 || argc > 4 ) {
+ fprintf( stderr,
+ "%s: line %d: syntax is \"map {objectclass | attribute} {<source> | *} [<dest> | *]\"\n",
+ fname, lineno );
+ return 1;
+ }
+
+ if ( strcasecmp( argv[ 1 ], "objectClass" ) == 0 ) {
+ map = &li->targets[ i ]->oc_map;
+ } else if ( strcasecmp( argv[ 1 ], "attribute" ) == 0 ) {
+ map = &li->targets[ i ]->at_map;
+ } else {
+ fprintf( stderr,
+ "%s: line %d: syntax is \"map {objectclass | attribute} {<source> | *} [<dest> | *]\"\n",
+ fname, lineno );
+ return 1;
+ }
+
+ if ( strcasecmp( argv[ 2 ], "*" ) != 0 ) {
+ src = argv[ 2 ];
+ if ( argc < 4 ) {
+ dst = "";
+ } else if ( strcasecmp( argv[ 3 ], "*" ) == 0 ) {
+ dst = src;
+ } else {
+ dst = argv[ 3 ];
+ }
+ } else {
+ if ( argc < 4 ) {
+ map->drop_missing = 1;
+ return 0;
+ }
+ if ( strcasecmp( argv[ 3 ], "*" ) == 0 ) {
+ map->drop_missing = 0;
+ return 0;
+ }
+
+ src = argv[ 3 ];
+ dst = src;
+ }
+
+ if ( ( map == &li->targets[ i ]->at_map )
+ && ( strcasecmp( src, "objectclass" ) == 0
+ || strcasecmp( dst, "objectclass" ) == 0 ) ) {
+ fprintf( stderr,
+ "%s: line %d: objectclass attribute cannot be mapped\n",
+ fname, lineno );
+ }
+
+ mapping = ch_calloc( 2, sizeof( struct ldapmapping ) );
+ if ( mapping == NULL ) {
+ fprintf( stderr,
+ "%s: line %d: out of memory\n",
+ fname, lineno );
+ return 1;
+ }
+ ber_str2bv( src, 0, 1, &mapping->src );
+ ber_str2bv( dst, 0, 1, &mapping->dst );
+ if ( *dst != 0 ) {
+ mapping[ 1 ].src = mapping->dst;
+ mapping[ 1 ].dst = mapping->src;
+ } else {
+ mapping[ 1 ].src = mapping->src;
+ mapping[ 1 ].dst = mapping->dst;
+ }
+
+ if ( avl_find( map->map, ( caddr_t )mapping,
+ mapping_cmp ) != NULL
+ || avl_find( map->remap, ( caddr_t )&mapping[ 1 ],
+ mapping_cmp ) != NULL) {
+ fprintf( stderr,
+ "%s: line %d: duplicate mapping found (ignored)\n",
+ fname, lineno );
+ return 0;
+ }
+
+ avl_insert( &map->map, ( caddr_t )mapping,
+ mapping_cmp, mapping_dup );
+ avl_insert( &map->remap, ( caddr_t )&mapping[ 1 ],
+ mapping_cmp, mapping_dup );
+
+ /* anything else */
+ } else {
+ fprintf( stderr,
+ "%s: line %d: unknown directive \"%s\" in meta database definition"
+ " (ignored)\n",
+ fname, lineno, argv[0] );
+ }
+ return 0;
+}
+
diff --git a/servers/slapd/back-meta/search.c b/servers/slapd/back-meta/search.c
index 6e8f2def32..7d00e2a2ff 100644
--- a/servers/slapd/back-meta/search.c
+++ b/servers/slapd/back-meta/search.c
@@ -159,7 +159,7 @@ meta_back_search(
/* if requested limit higher than hard limit, abort */
if ( !isroot && tlimit > limit->lms_t_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_t_hard == 0 ) {
+ if ( limit->lms_t_hard == 0 && tlimit > limit->lms_t_soft ) {
tlimit = limit->lms_t_soft;
/* positive hard limit means abort */
@@ -177,7 +177,7 @@ meta_back_search(
/* if requested limit higher than hard limit, abort */
if ( !isroot && slimit > limit->lms_s_hard ) {
/* no hard limit means use soft instead */
- if ( limit->lms_s_hard == 0 ) {
+ if ( limit->lms_s_hard == 0 && slimit > limit->lms_s_soft ) {
slimit = limit->lms_s_soft;
/* positive hard limit means abort */
diff --git a/servers/slapd/back-monitor/database.c b/servers/slapd/back-monitor/database.c
new file mode 100644
index 0000000000..bfc1eded08
--- /dev/null
+++ b/servers/slapd/back-monitor/database.c
@@ -0,0 +1,178 @@
+/* database.c - deals with database subsystem */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+/*
+ * Copyright 2001, Pierangelo Masarati, All rights reserved. <ando@sys-net.it>
+ *
+ * This work has beed deveolped for the OpenLDAP Foundation
+ * in the hope that it may be useful to the Open Source community,
+ * but WITHOUT ANY WARRANTY.
+ *
+ * Permission is granted to anyone to use this software for any purpose
+ * on any computer system, and to alter it and redistribute it, subject
+ * to the following restrictions:
+ *
+ * 1. The author and SysNet s.n.c. are not responsible for the consequences
+ * of use of this software, no matter how awful, even if they arise from
+ * flaws in it.
+ *
+ * 2. The origin of this software must not be misrepresented, either by
+ * explicit claim or by omission. Since few users ever read sources,
+ * credits should appear in the documentation.
+ *
+ * 3. Altered versions must be plainly marked as such, and must not be
+ * misrepresented as being the original software. Since few users
+ * ever read sources, credits should appear in the documentation.
+ * SysNet s.n.c. cannot be responsible for the consequences of the
+ * alterations.
+ *
+ * 4. This notice may not be removed or altered.
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include "slap.h"
+#include "back-monitor.h"
+
+int
+monitor_subsys_database_init(
+ BackendDB *be
+)
+{
+ struct monitorinfo *mi;
+ Entry *e, *e_database, *e_tmp;
+ int i;
+ struct monitorentrypriv *mp;
+ AttributeDescription *ad_nc = slap_schema.si_ad_namingContexts;
+ AttributeDescription *ad_seeAlso = NULL;
+ const char *text = NULL;
+
+ assert( be != NULL );
+ assert( monitor_ad_desc != NULL );
+
+ mi = ( struct monitorinfo * )be->be_private;
+
+ if ( monitor_cache_get( mi,
+ &monitor_subsys[SLAPD_MONITOR_DATABASE].mss_ndn,
+ &e_database ) ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_CRIT,
+ "monitor_subsys_database_init: "
+ "unable to get entry '%s'\n",
+ monitor_subsys[SLAPD_MONITOR_DATABASE].mss_ndn.bv_val ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "monitor_subsys_database_init: "
+ "unable to get entry '%s'\n%s%s",
+ monitor_subsys[SLAPD_MONITOR_DATABASE].mss_ndn.bv_val,
+ "", "" );
+#endif
+ return( -1 );
+ }
+
+ if ( slap_str2ad( "seeAlso", &ad_seeAlso, &text ) != LDAP_SUCCESS ) {
+ return( -1 );
+ }
+
+ e_tmp = NULL;
+ for ( i = nBackendDB; i--; ) {
+ char buf[1024];
+ int j;
+
+ be = &backendDB[i];
+
+ snprintf( buf, sizeof( buf ),
+ "dn: cn=Database %d,%s\n"
+ SLAPD_MONITOR_OBJECTCLASSES
+ "cn: Database %d\n"
+ "description: %s",
+ i,
+ monitor_subsys[SLAPD_MONITOR_DATABASE].mss_dn.bv_val,
+ i,
+ be->bd_info->bi_type );
+
+ e = str2entry( buf );
+ if ( e == NULL ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_CRIT,
+ "monitor_subsys_database_init: "
+ "unable to create entry 'cn=Database %d,%s'\n",
+ i,
+ monitor_subsys[SLAPD_MONITOR_DATABASE].mss_ndn.bv_val ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "monitor_subsys_database_init: "
+ "unable to create entry 'cn=Database %d,%s'\n%s",
+ i,
+ monitor_subsys[SLAPD_MONITOR_DATABASE].mss_ndn.bv_val,
+ "" );
+#endif
+ return( -1 );
+ }
+
+ attr_merge( e, ad_nc, be->be_suffix );
+ attr_merge( e_database, ad_nc, be->be_suffix );
+
+ for ( j = nBackendInfo; j--; ) {
+ if ( &backendInfo[ j ] == be->bd_info ) {
+ struct berval bv[ 2 ];
+
+ /* we check the pointer; the test on the
+ * string should be more reliable */
+ assert( strcasecmp( backendInfo[ j ].bi_type,
+ be->bd_info->bi_type ) == 0 );
+
+ snprintf( buf, sizeof( buf ),
+ "cn=Backend %d,%s",
+ j, monitor_subsys[SLAPD_MONITOR_BACKEND].mss_dn.bv_val );
+ bv[ 0 ].bv_val = buf;
+ bv[ 0 ].bv_len = strlen( buf );
+ bv[ 1 ].bv_val = NULL;
+ attr_merge( e, ad_seeAlso, bv );
+ break;
+ }
+ }
+ /* we must find it! */
+ assert( j >= 0 );
+
+ mp = ( struct monitorentrypriv * )ch_calloc( sizeof( struct monitorentrypriv ), 1 );
+ e->e_private = ( void * )mp;
+ mp->mp_next = e_tmp;
+ mp->mp_children = NULL;
+ mp->mp_info = &monitor_subsys[SLAPD_MONITOR_DATABASE];
+ mp->mp_flags = monitor_subsys[SLAPD_MONITOR_DATABASE].mss_flags
+ | MONITOR_F_SUB;
+
+ if ( monitor_cache_add( mi, e ) ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_CRIT,
+ "monitor_subsys_database_init: "
+ "unable to add entry 'cn=Database %d,%s'\n",
+ i,
+ monitor_subsys[SLAPD_MONITOR_DATABASE].mss_ndn.bv_val ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "monitor_subsys_database_init: "
+ "unable to add entry 'cn=Database %d,%s'\n",
+ i,
+ monitor_subsys[SLAPD_MONITOR_DATABASE].mss_ndn.bv_val,
+ 0 );
+#endif
+ return( -1 );
+ }
+
+ e_tmp = e;
+ }
+
+ mp = ( struct monitorentrypriv * )e_database->e_private;
+ mp->mp_children = e_tmp;
+
+ monitor_cache_release( mi, e_database );
+
+ return( 0 );
+}
+
diff --git a/servers/slapd/back-monitor/init.c b/servers/slapd/back-monitor/init.c
index e855ae1c54..b8637dd0d8 100644
--- a/servers/slapd/back-monitor/init.c
+++ b/servers/slapd/back-monitor/init.c
@@ -163,6 +163,7 @@ monitor_back_initialize(
{
static char *controls[] = {
LDAP_CONTROL_MANAGEDSAIT,
+ LDAP_CONTROL_VALUESRETURNFILTER,
NULL
};
@@ -226,7 +227,7 @@ monitor_back_db_init(
struct monitorentrypriv *mp;
int i, rc;
char buf[1024], *end_of_line;
- struct berval dn, *ndn;
+ struct berval dn, ndn;
const char *text;
struct berval bv[2];
@@ -249,11 +250,10 @@ monitor_back_db_init(
/* indicate system schema supported */
be->be_flags |= SLAP_BFLAG_MONITOR;
- ndn = NULL;
dn.bv_val = SLAPD_MONITOR_DN;
dn.bv_len = sizeof( SLAPD_MONITOR_DN ) - 1;
- rc = dnNormalize( NULL, &dn, &ndn );
+ rc = dnNormalize2( NULL, &dn, &ndn );
if( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_CRIT,
@@ -266,8 +266,9 @@ monitor_back_db_init(
return -1;
}
- ber_bvecadd( &be->be_suffix, ber_dupbv( NULL, &dn ) );
- ber_bvecadd( &be->be_nsuffix, ndn );
+ ber_dupbv( &bv[0], &dn );
+ ber_bvarray_add( &be->be_suffix, &bv[0] );
+ ber_bvarray_add( &be->be_nsuffix, &ndn );
mi = ( struct monitorinfo * )ch_calloc( sizeof( struct monitorinfo ), 1 );
ldap_pvt_thread_mutex_init( &mi->mi_cache_mutex );
@@ -522,7 +523,7 @@ monitor_back_db_config(
)
{
#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_DEBUG_CONFIG,
+ LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"line %d of file '%s' will be ignored\n", lineno, fname ));
#else
Debug( LDAP_DEBUG_CONFIG,
diff --git a/servers/slapd/back-null/README b/servers/slapd/back-null/README
index a2d8cb11fd..300afd9703 100644
--- a/servers/slapd/back-null/README
+++ b/servers/slapd/back-null/README
@@ -1,14 +1 @@
-Null Backend Interface for OpenLDAP
-
-The Null backend is surely the most useful part of slapd:
-- Searches return success but no entries.
-- Compares return compareFalse.
-- Updates return success (unless readonly is on) but do nothing.
-- Binds fail unless the database option "bind on" is given.
- The "bind" option is "off" by default.
-Inspired by the /dev/null device.
-
-slapd.conf example:
- database null
- suffix "cn=Nothing"
- bind on
+The Null Backend is described in the slapd-null(5) manual page.
diff --git a/servers/slapd/back-passwd/back-passwd.h b/servers/slapd/back-passwd/back-passwd.h
new file mode 100644
index 0000000000..4f2b9080d6
--- /dev/null
+++ b/servers/slapd/back-passwd/back-passwd.h
@@ -0,0 +1,13 @@
+/* $OpenLDAP$ */
+#ifndef _BACK_PASSWD_H
+#define _BACK_PASSWD_H
+
+#include "external.h"
+
+LDAP_BEGIN_DECL
+
+extern ldap_pvt_thread_mutex_t passwd_mutex;
+
+LDAP_END_DECL
+
+#endif /* _BACK_PASSWD_H */
diff --git a/servers/slapd/back-passwd/external.h b/servers/slapd/back-passwd/external.h
new file mode 100644
index 0000000000..a8a02889cb
--- /dev/null
+++ b/servers/slapd/back-passwd/external.h
@@ -0,0 +1,16 @@
+/* $OpenLDAP$ */
+#ifndef _PASSWD_EXTERNAL_H
+#define _PASSWD_EXTERNAL_H
+
+LDAP_BEGIN_DECL
+
+extern BI_init passwd_back_initialize;
+extern BI_destroy passwd_back_destroy;
+
+extern BI_op_search passwd_back_search;
+
+extern BI_db_config passwd_back_db_config;
+
+LDAP_END_DECL
+
+#endif /* _PASSWD_EXTERNAL_H */
diff --git a/servers/slapd/back-passwd/init.c b/servers/slapd/back-passwd/init.c
new file mode 100644
index 0000000000..1bb6ad284d
--- /dev/null
+++ b/servers/slapd/back-passwd/init.c
@@ -0,0 +1,77 @@
+/* init.c - initialize passwd backend */
+/* $OpenLDAP$ */
+
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/socket.h>
+
+#include "slap.h"
+#include "back-passwd.h"
+
+ldap_pvt_thread_mutex_t passwd_mutex;
+
+#ifdef SLAPD_PASSWD_DYNAMIC
+
+int back_passwd_LTX_init_module(int argc, char *argv[]) {
+ BackendInfo bi;
+
+ memset( &bi, '\0', sizeof(bi) );
+ bi.bi_type = "passwd";
+ bi.bi_init = passwd_back_initialize;
+
+ backend_add(&bi);
+ return 0;
+}
+
+#endif /* SLAPD_PASSWD_DYNAMIC */
+
+int
+passwd_back_initialize(
+ BackendInfo *bi
+)
+{
+ ldap_pvt_thread_mutex_init( &passwd_mutex );
+
+ bi->bi_open = 0;
+ bi->bi_config = 0;
+ bi->bi_close = 0;
+ bi->bi_destroy = passwd_back_destroy;
+
+ bi->bi_db_init = 0;
+ bi->bi_db_config = passwd_back_db_config;
+ bi->bi_db_open = 0;
+ bi->bi_db_close = 0;
+ bi->bi_db_destroy = 0;
+
+ bi->bi_op_bind = 0;
+ bi->bi_op_unbind = 0;
+ bi->bi_op_search = passwd_back_search;
+ bi->bi_op_compare = 0;
+ bi->bi_op_modify = 0;
+ bi->bi_op_modrdn = 0;
+ bi->bi_op_add = 0;
+ bi->bi_op_delete = 0;
+ bi->bi_op_abandon = 0;
+
+ bi->bi_extended = 0;
+
+ bi->bi_acl_group = 0;
+ bi->bi_acl_attribute = 0;
+ bi->bi_chk_referrals = 0;
+
+ bi->bi_connection_init = 0;
+ bi->bi_connection_destroy = 0;
+
+ return 0;
+}
+
+int
+passwd_back_destroy(
+ BackendInfo *bi
+)
+{
+ ldap_pvt_thread_mutex_destroy( &passwd_mutex );
+ return 0;
+}
diff --git a/servers/slapd/back-passwd/search.c b/servers/slapd/back-passwd/search.c
index 83db8ae5fe..34e077bb66 100644
--- a/servers/slapd/back-passwd/search.c
+++ b/servers/slapd/back-passwd/search.c
@@ -13,9 +13,11 @@
#include <pwd.h>
#include "slap.h"
-#include "external.h"
+#include "back-passwd.h"
#include <ldap_pvt.h>
+static void pw_start( Backend *be );
+
static Entry *pw2entry(
Backend *be,
struct passwd *pw,
@@ -59,14 +61,6 @@ passwd_back_search(
slimit = (slimit > be->be_sizelimit || slimit < 1) ? be->be_sizelimit
: slimit;
- endpwent();
-
-#ifdef HAVE_SETPWFILE
- if ( be->be_private != NULL ) {
- (void) setpwfile( (char *) be->be_private );
- }
-#endif /* HAVE_SETPWFILE */
-
/* Handle a query for the base of this backend */
if ( be_issuffix( be, nbase ) ) {
struct berval vals[2];
@@ -130,10 +124,13 @@ passwd_back_search(
if ( scope != LDAP_SCOPE_BASE ) {
/* check all our "children" */
+ ldap_pvt_thread_mutex_lock( &passwd_mutex );
+ pw_start( be );
for ( pw = getpwent(); pw != NULL; pw = getpwent() ) {
/* check for abandon */
if ( op->o_abandon ) {
endpwent();
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
return( -1 );
}
@@ -142,12 +139,14 @@ passwd_back_search(
send_ldap_result( conn, op, LDAP_TIMELIMIT_EXCEEDED,
NULL, NULL, NULL, NULL );
endpwent();
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
return( 0 );
}
if ( !(e = pw2entry( be, pw, &text )) ) {
err = LDAP_OPERATIONS_ERROR;
endpwent();
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
goto done;
}
@@ -157,6 +156,7 @@ passwd_back_search(
send_ldap_result( conn, op, LDAP_SIZELIMIT_EXCEEDED,
NULL, NULL, NULL, NULL );
endpwent();
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
return( 0 );
}
@@ -168,6 +168,7 @@ passwd_back_search(
entry_free( e );
}
endpwent();
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
}
} else {
@@ -180,9 +181,9 @@ passwd_back_search(
*/
if( !be_issuffix( be, &parent ) ) {
int i;
- for( i=0; be->be_nsuffix[i] != NULL; i++ ) {
- if( dnIsSuffix( nbase, be->be_nsuffix[i] ) ) {
- matched = be->be_suffix[i]->bv_val;
+ for( i=0; be->be_nsuffix[i].bv_val != NULL; i++ ) {
+ if( dnIsSuffix( nbase, &be->be_nsuffix[i] ) ) {
+ matched = be->be_suffix[i].bv_val;
break;
}
}
@@ -201,13 +202,18 @@ passwd_back_search(
goto done;
}
+ ldap_pvt_thread_mutex_lock( &passwd_mutex );
+ pw_start( be );
if ( (pw = getpwnam( rdn[0][0]->la_value.bv_val )) == NULL ) {
matched = parent.bv_val;
err = LDAP_NO_SUCH_OBJECT;
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
goto done;
}
- if ( !(e = pw2entry( be, pw, &text )) ) {
+ e = pw2entry( be, pw, &text );
+ ldap_pvt_thread_mutex_unlock( &passwd_mutex );
+ if ( !e ) {
err = LDAP_OPERATIONS_ERROR;
goto done;
}
@@ -231,6 +237,20 @@ done:
return( 0 );
}
+static void
+pw_start(
+ Backend *be
+)
+{
+ endpwent();
+
+#ifdef HAVE_SETPWFILE
+ if ( be->be_private != NULL ) {
+ (void) setpwfile( (char *) be->be_private );
+ }
+#endif /* HAVE_SETPWFILE */
+}
+
static Entry *
pw2entry( Backend *be, struct passwd *pw, const char **text )
{
@@ -262,12 +282,12 @@ pw2entry( Backend *be, struct passwd *pw, const char **text )
*/
pwlen = strlen( pw->pw_name );
- vals[0].bv_len = (sizeof("uid=,")-1) + ( pwlen + be->be_suffix[0]->bv_len );
+ vals[0].bv_len = (sizeof("uid=,")-1) + ( pwlen + be->be_suffix[0].bv_len );
vals[0].bv_val = ch_malloc( vals[0].bv_len + 1 );
/* rdn attribute type should be a configuratable item */
sprintf( vals[0].bv_val, "uid=%s,%s",
- pw->pw_name, be->be_suffix[0]->bv_val );
+ pw->pw_name, be->be_suffix[0].bv_val );
rc = dnNormalize2( NULL, vals, &bv );
if( rc != LDAP_SUCCESS ) {
diff --git a/servers/slapd/back-perl/SampleLDAP.pm b/servers/slapd/back-perl/SampleLDAP.pm
index 6bbcd0e5a3..c6a8f9ea5d 100644
--- a/servers/slapd/back-perl/SampleLDAP.pm
+++ b/servers/slapd/back-perl/SampleLDAP.pm
@@ -1,158 +1,13 @@
-
-=head1 Introduction
-
-This is a sample Perl module for the OpenLDAP server slapd.
-It also contains the documentation that you will need to
-get up and going.
-
-WARNING: the interfaces of this backen to the perl module
-MAY change. Any suggestions would greatly be appreciated.
-
-
-=head1 Overview
-
-The Perl back end works by embedding a Perl interpreter into
-the slapd backend. Then when the configuration file indicates
-that we are going to be using a Perl backend it will get an
-option that tells it what module to use. It then creates a
-new Perl object that handles all the request for that particular
-instance of the back end.
-
-
-=head1 Interface
-
-You will need to create a method for each one of the
-following actions that you wish to handle.
-
- * new # Creates a new object.
- * search # Performs the ldap search
- * compare # does a compare
- * modify # modify's and entry
- * add # adds an entry to back end
- * modrdn # modifies a an entries rdn
- * delete # deletes an ldap entry
- * config # process unknown config file lines
- * init # called after backend is initialized
-
-=head2 new
-
-This method is called when the config file encounters a
-B<perlmod> line. The module in that line is then effectively
-used into the perl interpreter, then the new method is called
-to create a new object. Note that multiple instances of that
-object may be instantiated, as with any perl object.
-
-The new method doesn't receive any arguments other than the
-class name.
-
-RETURN:
-
-=head2 search
-
-This method is called when a search request comes from a client.
-It arguments are as follow.
-
- * obj reference
- * base DN
- * scope
- * alias deferencing policy
- * size limit
- * time limit
- * filter string
- * attributes only flag ( 1 for yes )
- * list of attributes that are to be returned. (could be empty)
-
-RETURN:
-
-=head2 compare
-
-This method is called when a compare request comes from a client.
-Its arguments are as follows.
-
- * obj reference
- * dn
- * attribute assertion string
-
-RETURN:
-
-=head2 modify
-
-This method is called when a modify request comes from a client.
-Its arguments are as follows.
-
- * obj reference
- * dn
- * lists formatted as follows
- { ADD | DELETE | REPLACE }, key, value
-
-RETURN:
-
-=head2 add
-
-This method is called when a add request comes from a client.
-Its arguments are as follows.
-
- * obj reference
- * entry in string format.
-
-RETURN:
-
-=head2 modrdn
-
-This method is called when a modrdn request comes from a client.
-Its arguments are as follows.
-
- * obj reference
- * dn
- * new rdn
- * delete old dn flage ( 1 means yes )
-
-RETURN:
-
-=head2 delete
-
-This method is called when a delete request comes from a client.
-Its arguments are as follows.
-
- * obj reference
- * dn
-
-RETURN:
-
-=head2 config
-
- * obj reference
- * arrray of arguments on line
-
-RETURN: non zero value if this is not a valid option.
-
-=head2 init
-
- * obj reference
-
-RETURN: non zero value if initialization failed.
-
-=head1 Configuration
-
-The perl section of the config file recognizes the following
-options. It should also be noted that any option not recoginized
-will be sent to the B<config> method of the perl module as noted
-above.
-
- database perl # startn section for the perl database
-
- suffix "o=AnyOrg, c=US"
-
- perlModulePath /path/to/libs # addes the path to @INC variable same
- # as "use lib '/path/to/libs'"
-
- perlModule ModName # use the module name ModName from ModName.pm
-
- filterSearchResults # search results are candidates that need to be
- # filtered, rather than search results to be
- # returned directly to the client
-
-=cut
+# This is a sample Perl module for the OpenLDAP server slapd.
+#
+# $OpenLDAP$
+#
+# Usage: Add something this to slapd.conf:
+#
+# database perl
+# suffix "o=AnyOrg, c=US"
+# perlModulePath /path/to/this/file
+# perlModule SampleLDAP
package SampleLDAP;
@@ -169,6 +24,11 @@ sub new
return $this;
}
+sub init
+{
+ return 0;
+}
+
sub search
{
my $this = shift;
@@ -247,7 +107,7 @@ sub add
my ( $dn ) = ( $entryStr =~ /dn:\s(.*)$/m );
#
- # This needs to be here untill a normalize dn is
+ # This needs to be here until a normalized dn is
# passed to this routine.
#
$dn = uc( $dn );
@@ -296,5 +156,3 @@ sub config
}
1;
-
-
diff --git a/servers/slapd/back-perl/bind.c b/servers/slapd/back-perl/bind.c
index a286224563..05ecf4d338 100644
--- a/servers/slapd/back-perl/bind.c
+++ b/servers/slapd/back-perl/bind.c
@@ -85,7 +85,9 @@ perl_back_bind(
Debug( LDAP_DEBUG_ANY, "Perl BIND returned 0x%04x\n", return_code, 0, 0 );
- send_ldap_result( conn, op, return_code, NULL, NULL, NULL, NULL );
+ /* frontend will send result on success (0) */
+ if( return_code != LDAP_SUCCESS )
+ send_ldap_result( conn, op, return_code, NULL, NULL, NULL, NULL );
return ( return_code );
}
diff --git a/servers/slapd/back-shell/abandon.c b/servers/slapd/back-shell/abandon.c
index 2eccb51f12..cae990af5b 100644
--- a/servers/slapd/back-shell/abandon.c
+++ b/servers/slapd/back-shell/abandon.c
@@ -29,7 +29,7 @@ shell_back_abandon(
Operation *o;
/* no abandon command defined - just kill the process handling it */
- if ( si->si_abandon == NULL ) {
+ if ( IS_NULLCMD( si->si_abandon ) ) {
ldap_pvt_thread_mutex_lock( &conn->c_mutex );
pid = -1;
LDAP_STAILQ_FOREACH( o, &conn->c_ops, o_next ) {
@@ -65,8 +65,10 @@ shell_back_abandon(
/* write out the request to the abandon process */
fprintf( wfp, "ABANDON\n" );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
fprintf( wfp, "msgid: %d\n", msgid );
print_suffixes( wfp, be );
+ fprintf( wfp, "abandonid: %ld/%d\n", op->o_connid, msgid );
fclose( wfp );
/* no result from abandon */
diff --git a/servers/slapd/back-shell/add.c b/servers/slapd/back-shell/add.c
index 89f054cc9c..134416866b 100644
--- a/servers/slapd/back-shell/add.c
+++ b/servers/slapd/back-shell/add.c
@@ -1,16 +1,21 @@
/* add.c - shell backend add function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
#include "slap.h"
#include "shell.h"
-extern pthread_mutex_t entry2str_mutex;
-extern char *entry2str();
-
-void
+int
shell_back_add(
Backend *be,
Connection *conn,
@@ -22,29 +27,31 @@ shell_back_add(
FILE *rfp, *wfp;
int len;
- if ( si->si_add == NULL ) {
+ if ( IS_NULLCMD( si->si_add ) ) {
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "add not implemented" );
- return;
+ "add not implemented", NULL, NULL );
+ return( -1 );
}
- if ( (op->o_private = forkandexec( si->si_add, &rfp, &wfp )) == -1 ) {
+ if ( (op->o_private = (void *) forkandexec( si->si_add, &rfp, &wfp )) == (void *) -1 ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
- "could not fork/exec" );
- return;
+ "could not fork/exec", NULL, NULL );
+ return( -1 );
}
/* write out the request to the add process */
fprintf( wfp, "ADD\n" );
- fprintf( wfp, "msgid: %d\n", op->o_msgid );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
+ fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
- pthread_mutex_lock( &entry2str_mutex );
- fprintf( wfp, "%s", entry2str( e, &len, 0 ) );
- pthread_mutex_unlock( &entry2str_mutex );
+ ldap_pvt_thread_mutex_lock( &entry2str_mutex );
+ fprintf( wfp, "%s", entry2str( e, &len ) );
+ ldap_pvt_thread_mutex_unlock( &entry2str_mutex );
fclose( wfp );
/* read in the result and send it along */
read_and_send_results( be, conn, op, rfp, NULL, 0 );
fclose( rfp );
+ return( 0 );
}
diff --git a/servers/slapd/back-shell/bind.c b/servers/slapd/back-shell/bind.c
index dea149e410..fe36059215 100644
--- a/servers/slapd/back-shell/bind.c
+++ b/servers/slapd/back-shell/bind.c
@@ -1,9 +1,17 @@
/* bind.c - shell backend bind function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/socket.h>
+#include <ac/string.h>
+
#include "slap.h"
#include "shell.h"
@@ -12,35 +20,38 @@ shell_back_bind(
Backend *be,
Connection *conn,
Operation *op,
- char *dn,
+ struct berval *dn,
+ struct berval *ndn,
int method,
- struct berval *cred
+ struct berval *cred,
+ struct berval *edn
)
{
struct shellinfo *si = (struct shellinfo *) be->be_private;
FILE *rfp, *wfp;
int rc;
- if ( si->si_bind == NULL ) {
+ if ( IS_NULLCMD( si->si_bind ) ) {
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "bind not implemented" );
- return;
+ "bind not implemented", NULL, NULL );
+ return( -1 );
}
- if ( (op->o_private = forkandexec( si->si_bind, &rfp, &wfp ))
- == -1 ) {
+ if ( (op->o_private = (void *) forkandexec( si->si_bind, &rfp, &wfp ))
+ == (void *) -1 ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
- "could not fork/exec" );
- return;
+ "could not fork/exec", NULL, NULL );
+ return( -1 );
}
/* write out the request to the bind process */
fprintf( wfp, "BIND\n" );
- fprintf( wfp, "msgid: %d\n", op->o_msgid );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
+ fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn );
+ fprintf( wfp, "dn: %s\n", dn->bv_val );
fprintf( wfp, "method: %d\n", method );
- fprintf( wfp, "credlen: %d\n", cred->bv_len );
+ fprintf( wfp, "credlen: %lu\n", cred->bv_len );
fprintf( wfp, "cred: %s\n", cred->bv_val ); /* XXX */
fclose( wfp );
diff --git a/servers/slapd/back-shell/compare.c b/servers/slapd/back-shell/compare.c
index 48dfbb553b..b5ef2d24eb 100644
--- a/servers/slapd/back-shell/compare.c
+++ b/servers/slapd/back-shell/compare.c
@@ -1,47 +1,65 @@
/* compare.c - shell backend compare function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
#include "slap.h"
#include "shell.h"
-void
+int
shell_back_compare(
Backend *be,
Connection *conn,
Operation *op,
- char *dn,
- Ava *ava
+ struct berval *dn,
+ struct berval *ndn,
+ AttributeAssertion *ava
)
{
struct shellinfo *si = (struct shellinfo *) be->be_private;
FILE *rfp, *wfp;
- if ( si->si_compare == NULL ) {
+ if ( IS_NULLCMD( si->si_compare ) ) {
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "compare not implemented" );
- return;
+ "compare not implemented", NULL, NULL );
+ return( -1 );
}
- if ( (op->o_private = forkandexec( si->si_compare, &rfp, &wfp ))
- == -1 ) {
+ if ( (op->o_private = (void *) forkandexec( si->si_compare, &rfp, &wfp ))
+ == (void *) -1 ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
- "could not fork/exec" );
- return;
+ "could not fork/exec", NULL, NULL );
+ return( -1 );
}
+ /*
+ * FIX ME: This should use LDIF routines so that binary
+ * values are properly dealt with
+ */
+
/* write out the request to the compare process */
fprintf( wfp, "COMPARE\n" );
- fprintf( wfp, "msgid: %d\n", op->o_msgid );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
+ fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn );
- fprintf( wfp, "%s: %s\n", ava->ava_type, ava->ava_value.bv_val );
+ fprintf( wfp, "dn: %s\n", dn->bv_val );
+ fprintf( wfp, "%s: %s\n",
+ ava->aa_desc->ad_cname.bv_val,
+ ava->aa_value.bv_val /* could be binary! */ );
fclose( wfp );
/* read in the result and send it along */
read_and_send_results( be, conn, op, rfp, NULL, 0 );
fclose( rfp );
+ return( 0 );
}
diff --git a/servers/slapd/back-shell/config.c b/servers/slapd/back-shell/config.c
index 5d2fa1c19a..7c1e14e7ff 100644
--- a/servers/slapd/back-shell/config.c
+++ b/servers/slapd/back-shell/config.c
@@ -1,17 +1,46 @@
/* config.c - shell backend configuration file routine */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
#include "slap.h"
#include "shell.h"
-extern char **charray_dup();
+#ifdef SHELL_SURROGATE_PARENT
+
+static struct berval make_cmd_info(
+ char **args
+)
+{
+ struct berval ret = { 0, 0 };
+ int i;
+ ber_len_t offset;
+ for( i = 0; args[i] != NULL; i++ )
+ ret.bv_len += strlen( args[i] ) + 1;
+ ret.bv_val = ch_malloc( ret.bv_len );
+ offset = 0;
+ for( i = 0; args[i] != NULL; i++ ) {
+ strcpy( ret.bv_val + offset, args[i] );
+ offset += strlen( args[i] ) + 1;
+ }
+ return ret;
+}
+
+#endif /* SHELL_SURROGATE_PARENT */
-shell_back_config(
- Backend *be,
- char *fname,
+int
+shell_back_db_config(
+ BackendDB *be,
+ const char *fname,
int lineno,
int argc,
char **argv
@@ -22,7 +51,7 @@ shell_back_config(
if ( si == NULL ) {
fprintf( stderr, "%s: line %d: shell backend info is null!\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
/* command + args to exec for binds */
@@ -31,9 +60,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"bind <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_bind = charray_dup( &argv[1] );
+ si->si_bind = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for unbinds */
} else if ( strcasecmp( argv[0], "unbind" ) == 0 ) {
@@ -41,9 +70,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"unbind <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_unbind = charray_dup( &argv[1] );
+ si->si_unbind = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for searches */
} else if ( strcasecmp( argv[0], "search" ) == 0 ) {
@@ -51,9 +80,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"search <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_search = charray_dup( &argv[1] );
+ si->si_search = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for compares */
} else if ( strcasecmp( argv[0], "compare" ) == 0 ) {
@@ -61,9 +90,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"compare <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_compare = charray_dup( &argv[1] );
+ si->si_compare = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for modifies */
} else if ( strcasecmp( argv[0], "modify" ) == 0 ) {
@@ -71,9 +100,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"modify <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_modify = charray_dup( &argv[1] );
+ si->si_modify = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for modrdn */
} else if ( strcasecmp( argv[0], "modrdn" ) == 0 ) {
@@ -81,9 +110,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"modrdn <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_modrdn = charray_dup( &argv[1] );
+ si->si_modrdn = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for add */
} else if ( strcasecmp( argv[0], "add" ) == 0 ) {
@@ -91,9 +120,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"add <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_add = charray_dup( &argv[1] );
+ si->si_add = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for delete */
} else if ( strcasecmp( argv[0], "delete" ) == 0 ) {
@@ -101,9 +130,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"delete <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_delete = charray_dup( &argv[1] );
+ si->si_delete = MAKE_CMD_INFO( &argv[1] );
/* command + args to exec for abandon */
} else if ( strcasecmp( argv[0], "abandon" ) == 0 ) {
@@ -111,9 +140,9 @@ shell_back_config(
fprintf( stderr,
"%s: line %d: missing executable in \"abandon <executable>\" line\n",
fname, lineno );
- exit( 1 );
+ return( 1 );
}
- si->si_abandon = charray_dup( &argv[1] );
+ si->si_abandon = MAKE_CMD_INFO( &argv[1] );
/* anything else */
} else {
@@ -121,4 +150,6 @@ shell_back_config(
"%s: line %d: unknown directive \"%s\" in shell database definition (ignored)\n",
fname, lineno, argv[0] );
}
+
+ return 0;
}
diff --git a/servers/slapd/back-shell/delete.c b/servers/slapd/back-shell/delete.c
index 0dc3439c00..e675f8062e 100644
--- a/servers/slapd/back-shell/delete.c
+++ b/servers/slapd/back-shell/delete.c
@@ -1,44 +1,55 @@
/* delete.c - shell backend delete function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
#include "slap.h"
#include "shell.h"
-void
+int
shell_back_delete(
Backend *be,
Connection *conn,
Operation *op,
- char *dn
+ struct berval *dn,
+ struct berval *ndn
)
{
struct shellinfo *si = (struct shellinfo *) be->be_private;
FILE *rfp, *wfp;
- if ( si->si_delete == NULL ) {
+ if ( IS_NULLCMD( si->si_delete ) ) {
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "delete not implemented" );
- return;
+ "delete not implemented", NULL, NULL );
+ return( -1 );
}
- if ( (op->o_private = forkandexec( si->si_delete, &rfp, &wfp ))
- == -1 ) {
+ if ( (op->o_private = (void *) forkandexec( si->si_delete, &rfp, &wfp ))
+ == (void *) -1 ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
- "could not fork/exec" );
- return;
+ "could not fork/exec", NULL, NULL );
+ return( -1 );
}
/* write out the request to the delete process */
fprintf( wfp, "DELETE\n" );
- fprintf( wfp, "msgid: %d\n", op->o_msgid );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
+ fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn );
+ fprintf( wfp, "dn: %s\n", dn->bv_val );
fclose( wfp );
/* read in the results and send them along */
read_and_send_results( be, conn, op, rfp, NULL, 0 );
fclose( rfp );
+ return( 0 );
}
diff --git a/servers/slapd/back-shell/fork.c b/servers/slapd/back-shell/fork.c
index aff0e5bbe4..fc1c0768c3 100644
--- a/servers/slapd/back-shell/fork.c
+++ b/servers/slapd/back-shell/fork.c
@@ -1,22 +1,242 @@
/* fork.c - fork and exec a process, connecting stdin/out w/pipes */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/errno.h>
+#include <ac/string.h>
+#include <ac/socket.h>
+#include <ac/unistd.h>
+
#include "slap.h"
+#include "shell.h"
+
+#ifdef SHELL_SURROGATE_PARENT
+
+#include <sys/uio.h>
+
+/* Use several socketpairs to the surrogate parent, because *
+ * a single communication channel to it could be a bottleneck */
+ldap_pvt_thread_mutex_t shell_surrogate_fd_mutex[2];
+int shell_surrogate_fd[2] = { -1, -1 };
+/* Index to shell_surrogate_fd, and its mutex */
+ldap_pvt_thread_mutex_t shell_surrogate_index_mutex;
+static int shell_surrogate_index = 1;
+
+pid_t shell_surrogate_pid = -1;
+
+#define nread( fd, buf, len ) n_rw( 0, fd, buf, len )
+#define nwrite( fd, buf, len ) n_rw( 1, fd, buf, len )
+
+static int
+n_rw(
+ int do_write,
+ int fd,
+ void *buf,
+ int len
+)
+{
+ int ret = 0, i;
+ while( len ) {
+ for(;;) {
+ i = (do_write
+ ? write( fd, buf, len )
+ : read( fd, buf, len ));
+ if( i < 0 ) {
+ if( errno == EINTR )
+ continue;
+ if( ret == 0 )
+ ret = -1;
+ }
+ break;
+ }
+ if( i <= 0 )
+ break;
+ ret += i;
+ buf = (char *)buf + i;
+ len -= i;
+ }
+ return ret;
+}
+
+void
+make_surrogate_parent( void )
+{
+ int pair[2][2], io[2], i, j, p, argc;
+ ber_len_t len, buflen, offset;
+ char *buf, **argv;
+ pid_t pid;
+
+ if( socketpair( AF_LOCAL, SOCK_STREAM, 0, pair[0] ) < 0 ||
+ socketpair( AF_LOCAL, SOCK_STREAM, 0, pair[1] ) < 0 ) {
+ Debug( LDAP_DEBUG_ANY, "socketpair failed\n", 0, 0, 0 );
+ exit( EXIT_FAILURE );
+ }
+ fflush( NULL );
+ switch( fork() ) {
+ case -1:
+ Debug( LDAP_DEBUG_ANY, "fork failed\n", 0, 0, 0 );
+ exit( EXIT_FAILURE );
+ case 0:
+ break;
+ default:
+ shell_surrogate_fd[0] = pair[0][0];
+ shell_surrogate_fd[1] = pair[1][0];
+ close( pair[0][1] );
+ close( pair[1][1] );
+ return;
+ }
+
+ /* Close unused file descriptors */
+ for( i = 3, j = 32; j && i < 1024; i++ )
+ if( i != pair[0][1] && i != pair[1][1] && close( i ) < 0 )
+ --j;
+ else if( j < 32 )
+ j = 32;
+
+ /* Surrogate parent running */
+
+ buflen = 0;
+ buf = NULL;
+ argc = 0;
+ argv = NULL;
+ p = 0;
+
+ for(;;) {
+ /* Read file descriptors io[] from socket */
+ static char dummy;
+ static struct iovec iov = { &dummy, 1 };
+ struct msghdr msg;
+# ifdef CMSG_SPACE
+ union {
+ struct cmsghdr cm;
+ char control[CMSG_SPACE(sizeof(io))];
+ } control_un;
+ struct cmsghdr *cmptr;
+ msg.msg_control = control_un.control;
+ msg.msg_controllen = sizeof(control_un.control);
+# else
+ msg.msg_accrights = (caddr_t) io;
+ msg.msg_accrightslen = sizeof(io);
+# endif
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_flags = 0;
+ switch( recvmsg( pair[p][1], &msg, MSG_WAITALL ) ) {
+ case -1:
+ if( errno == EINTR )
+ continue;
+ _exit( EXIT_FAILURE );
+ case 0:
+ _exit( EXIT_SUCCESS );
+ }
+# ifdef CMSG_SPACE
+ if( (cmptr = CMSG_FIRSTHDR(&msg)) == NULL ||
+ cmptr->cmsg_len != CMSG_LEN(sizeof(io)) ||
+ cmptr->cmsg_level != SOL_SOCKET ||
+ cmptr->cmsg_type != SCM_RIGHTS ) {
+ fputs( "bad descriptor message received\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+ memcpy( io, CMSG_DATA( cmptr ), sizeof(io) );
+# else
+ if( msg.msg_accrightslen != sizeof(io) ) {
+ fputs( "bad descriptor message received\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+# endif
+
+ /* Read length of arguments and then arguments from socket */
+ if( nread( pair[p][1], &len, sizeof(len) ) != sizeof(len) ) {
+ fputs( "bad descriptor message received\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+ if( buflen < len ) {
+ buf = realloc( buf, buflen = len );
+ if( buf == NULL ) {
+ fputs( "realloc failed\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+ }
+ if( nread( pair[p][1], buf, len ) != len ) {
+ fputs( "bad descriptor message received\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+ i = 0;
+ offset = 0;
+ while( offset < len ) {
+ if( i >= argc-1 ) {
+ argc += i + 10;
+ argv = realloc( argv, argc * sizeof(*argv) );
+ if( argv == NULL ) {
+ fputs( "realloc failed\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+ }
+ argv[i++] = buf + offset;
+ offset += strlen( buf + offset ) + 1;
+ }
+ argv[i] = NULL;
+
+ /* Run program */
+ pid = fork();
+ switch( pid )
+ {
+ case 0: /* child */
+ if( dup2( io[0], 0 ) == -1 || dup2( io[1], 1 ) == -1 ) {
+ fputs( "dup2 failed\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+ close( io[0] );
+ close( io[1] );
+ close( pair[0][1] );
+ close( pair[1][1] );
+ execv( argv[0], argv );
+
+ fputs( "execv failed\n", stderr );
+ exit( EXIT_FAILURE );
+
+ case -1: /* trouble */
+ fputs( "fork failed\n", stderr );
+ break;
+
+ default: /* parent */
+ close( io[0] );
+ close( io[1] );
+ break;
+ }
+ if( nwrite( pair[p][1], &pid,
+ sizeof(pid_t) ) != sizeof(pid_t) ) {
+ fputs( "could not send pid\n", stderr );
+ exit( EXIT_FAILURE );
+ }
+ p ^= 1;
+ }
+}
+#endif /* SHELL_SURROGATE_PARENT */
+pid_t
forkandexec(
- char **args,
+ Cmd_info args,
FILE **rfp,
FILE **wfp
)
{
- int p2c[2], c2p[2];
- int pid;
+ int p2c[2] = { -1, -1 }, c2p[2];
+ pid_t pid;
if ( pipe( p2c ) != 0 || pipe( c2p ) != 0 ) {
Debug( LDAP_DEBUG_ANY, "pipe failed\n", 0, 0, 0 );
+ close( p2c[0] );
+ close( p2c[1] );
return( -1 );
}
@@ -26,30 +246,102 @@ forkandexec(
* parent *rfp <- c2p[0] | c2p[1] <- stdout child
*/
- switch ( (pid = fork()) ) {
- case 0: /* child */
- close( p2c[1] );
- close( c2p[0] );
+#ifdef SHELL_SURROGATE_PARENT
+
+ {
+ int io[2] = { p2c[0], c2p[1] }, i, c;
+ static char dummy = '\0';
+ static struct iovec iov = { &dummy, 1 };
+ struct msghdr msg;
+# ifdef CMSG_SPACE
+ union {
+ struct cmsghdr cm;
+ char control[CMSG_SPACE(sizeof(io))];
+ } control_un;
+ struct cmsghdr *cmptr;
+ msg.msg_control = control_un.control;
+ msg.msg_controllen = sizeof(control_un.control);
+ cmptr = CMSG_FIRSTHDR(&msg);
+ cmptr->cmsg_len = CMSG_LEN(sizeof(io));
+ cmptr->cmsg_level = SOL_SOCKET;
+ cmptr->cmsg_type = SCM_RIGHTS;
+ memcpy( CMSG_DATA(cmptr), io, sizeof(io) );
+# else
+ msg.msg_accrights = (caddr_t) io;
+ msg.msg_accrightslen = sizeof(io);
+# endif
+ msg.msg_name = NULL;
+ msg.msg_namelen = 0;
+ msg.msg_iov = &iov;
+ msg.msg_iovlen = 1;
+ msg.msg_flags = 0;
+ ldap_pvt_thread_mutex_lock( &shell_surrogate_index_mutex );
+ i = shell_surrogate_index ^= 1;
+ ldap_pvt_thread_mutex_unlock( &shell_surrogate_index_mutex );
+ ldap_pvt_thread_mutex_lock( &shell_surrogate_fd_mutex[i] );
+ c = (sendmsg( shell_surrogate_fd[i], &msg, 0 ) == 1 &&
+ nwrite( shell_surrogate_fd[i], &args.bv_len,
+ sizeof(args.bv_len) ) == sizeof(args.bv_len) &&
+ nwrite( shell_surrogate_fd[i], args.bv_val,
+ args.bv_len ) == args.bv_len &&
+ nread( shell_surrogate_fd[i], &pid,
+ sizeof(pid) ) == sizeof(pid));
+ ldap_pvt_thread_mutex_unlock( &shell_surrogate_fd_mutex[i] );
+ close( p2c[0] );
+ close( c2p[1] );
+ if ( !c ) {
+ Debug( LDAP_DEBUG_ANY, "process creation failed\n", 0, 0, 0 );
+ close( p2c[1] );
+ close( c2p[0] );
+ close( shell_surrogate_fd[0] );
+ close( shell_surrogate_fd[1] );
+ shell_surrogate_fd[0] =
+ shell_surrogate_fd[1] = -1;
+ return( -1 );
+ }
+ }
+
+#else /* !SHELL_SURROGATE_PARENT */
+
+ fflush( NULL );
+# ifdef HAVE_THR
+ pid = fork1();
+# else
+ pid = fork();
+# endif
+ if ( pid == 0 ) { /* child */
+ /*
+ * child could deadlock here due to resources locked
+ * by our parent
+ *
+ * If so, configure --without-threads.
+ */
if ( dup2( p2c[0], 0 ) == -1 || dup2( c2p[1], 1 ) == -1 ) {
Debug( LDAP_DEBUG_ANY, "dup2 failed\n", 0, 0, 0 );
- exit( -1 );
+ exit( EXIT_FAILURE );
}
-
+ }
+ close( p2c[0] );
+ close( c2p[1] );
+ if ( pid <= 0 ) {
+ close( p2c[1] );
+ close( c2p[0] );
+ }
+ switch ( pid ) {
+ case 0:
execv( args[0], args );
Debug( LDAP_DEBUG_ANY, "execv failed\n", 0, 0, 0 );
- exit( -1 );
+ exit( EXIT_FAILURE );
case -1: /* trouble */
Debug( LDAP_DEBUG_ANY, "fork failed\n", 0, 0, 0 );
return( -1 );
-
- default: /* parent */
- close( p2c[0] );
- close( c2p[1] );
- break;
}
+#endif /* SHELL_SURROGATE_PARENT */
+
+ /* parent */
if ( (*rfp = fdopen( c2p[0], "r" )) == NULL || (*wfp = fdopen( p2c[1],
"w" )) == NULL ) {
Debug( LDAP_DEBUG_ANY, "fdopen failed\n", 0, 0, 0 );
diff --git a/servers/slapd/back-shell/init.c b/servers/slapd/back-shell/init.c
index 1df9c4b265..03ab2d1801 100644
--- a/servers/slapd/back-shell/init.c
+++ b/servers/slapd/back-shell/init.c
@@ -1,18 +1,123 @@
/* init.c - initialize shell backend */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/socket.h>
+#include <ac/unistd.h>
+
#include "slap.h"
#include "shell.h"
-shell_back_init(
+#ifdef SLAPD_SHELL_DYNAMIC
+
+int back_shell_LTX_init_module(int argc, char *argv[]) {
+ BackendInfo bi;
+
+ memset( &bi, '\0', sizeof(bi) );
+ bi.bi_type = "shell";
+ bi.bi_init = shell_back_initialize;
+
+ backend_add(&bi);
+ return 0;
+}
+
+#endif /* SLAPD_SHELL_DYNAMIC */
+
+int
+shell_back_initialize(
+ BackendInfo *bi
+)
+{
+ bi->bi_open = 0;
+ bi->bi_config = 0;
+ bi->bi_close = 0;
+ bi->bi_destroy = shell_back_destroy;
+
+ bi->bi_db_init = shell_back_db_init;
+ bi->bi_db_config = shell_back_db_config;
+ bi->bi_db_open = 0;
+ bi->bi_db_close = 0;
+ bi->bi_db_destroy = shell_back_db_destroy;
+
+ bi->bi_op_bind = shell_back_bind;
+ bi->bi_op_unbind = shell_back_unbind;
+ bi->bi_op_search = shell_back_search;
+ bi->bi_op_compare = shell_back_compare;
+ bi->bi_op_modify = shell_back_modify;
+ bi->bi_op_modrdn = shell_back_modrdn;
+ bi->bi_op_add = shell_back_add;
+ bi->bi_op_delete = shell_back_delete;
+ bi->bi_op_abandon = shell_back_abandon;
+
+ bi->bi_extended = 0;
+
+ bi->bi_acl_group = 0;
+ bi->bi_acl_attribute = 0;
+ bi->bi_chk_referrals = 0;
+
+ bi->bi_connection_init = 0;
+ bi->bi_connection_destroy = 0;
+
+#ifdef SHELL_SURROGATE_PARENT
+ ldap_pvt_thread_mutex_init( &shell_surrogate_index_mutex );
+ ldap_pvt_thread_mutex_init( &shell_surrogate_fd_mutex[0] );
+ ldap_pvt_thread_mutex_init( &shell_surrogate_fd_mutex[1] );
+#endif
+
+ return 0;
+}
+
+int
+shell_back_destroy(
+ BackendInfo *bi
+)
+{
+#ifdef SHELL_SURROGATE_PARENT
+ ldap_pvt_thread_mutex_destroy( &shell_surrogate_index_mutex );
+ ldap_pvt_thread_mutex_destroy( &shell_surrogate_fd_mutex[0] );
+ ldap_pvt_thread_mutex_destroy( &shell_surrogate_fd_mutex[1] );
+ if ( shell_surrogate_fd[0] >= 0 ) {
+ close( shell_surrogate_fd[0] );
+ close( shell_surrogate_fd[1] );
+ }
+ if ( shell_surrogate_pid >= 0 )
+ kill( shell_surrogate_pid, SIGTERM );
+#endif
+
+ return 0;
+}
+
+int
+shell_back_db_init(
Backend *be
)
{
struct shellinfo *si;
+#ifdef SHELL_SURROGATE_PARENT
+ if ( shell_surrogate_fd[0] < 0 )
+ make_surrogate_parent();
+#endif
+
si = (struct shellinfo *) ch_calloc( 1, sizeof(struct shellinfo) );
be->be_private = si;
+
+ return si == NULL;
+}
+
+int
+shell_back_db_destroy(
+ Backend *be
+)
+{
+ free( be->be_private );
+ return 0;
}
diff --git a/servers/slapd/back-shell/modify.c b/servers/slapd/back-shell/modify.c
index d05b79639d..5acddbe994 100644
--- a/servers/slapd/back-shell/modify.c
+++ b/servers/slapd/back-shell/modify.c
@@ -1,67 +1,86 @@
/* modify.c - shell backend modify function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
#include "slap.h"
#include "shell.h"
-void
+int
shell_back_modify(
Backend *be,
Connection *conn,
Operation *op,
- char *dn,
- LDAPMod *mods
+ struct berval *dn,
+ struct berval *ndn,
+ Modifications *ml
)
{
+ Modification *mod;
struct shellinfo *si = (struct shellinfo *) be->be_private;
FILE *rfp, *wfp;
int i;
- if ( si->si_modify == NULL ) {
+ if ( IS_NULLCMD( si->si_modify ) ) {
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "modify not implemented" );
- return;
+ "modify not implemented", NULL, NULL );
+ return( -1 );
}
- if ( (op->o_private = forkandexec( si->si_modify, &rfp, &wfp ))
- == -1 ) {
+ if ( (op->o_private = (void *) forkandexec( si->si_modify, &rfp, &wfp ))
+ == (void *) -1 ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
- "could not fork/exec" );
- return;
+ "could not fork/exec", NULL, NULL );
+ return( -1 );
}
/* write out the request to the modify process */
fprintf( wfp, "MODIFY\n" );
- fprintf( wfp, "msgid: %d\n", op->o_msgid );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
+ fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn );
- for ( ; mods != NULL; mods = mods->mod_next ) {
- switch ( mods->mod_op & ~LDAP_MOD_BVALUES ) {
+ fprintf( wfp, "dn: %s\n", dn->bv_val );
+ for ( ; ml != NULL; ml = ml->sml_next ) {
+ mod = &ml->sml_mod;
+
+ /* FIXME: should use LDIF routines to deal with binary data */
+
+ switch ( mod->sm_op ) {
case LDAP_MOD_ADD:
- fprintf( wfp, "add: %s", mods->mod_type );
+ fprintf( wfp, "add: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
case LDAP_MOD_DELETE:
- fprintf( wfp, "delete: %s", mods->mod_type );
+ fprintf( wfp, "delete: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
case LDAP_MOD_REPLACE:
- fprintf( wfp, "replace: %s", mods->mod_type );
+ fprintf( wfp, "replace: %s\n", mod->sm_desc->ad_cname.bv_val );
break;
}
- for ( i = 0; mods->mod_bvalues != NULL && mods->mod_bvalues[i]
- != NULL; i++ ) {
- fprintf( wfp, "%s: %s\n", mods->mod_type,
- mods->mod_bvalues[i]->bv_val );
+ if( mod->sm_bvalues != NULL ) {
+ for ( i = 0; mod->sm_bvalues[i].bv_val != NULL; i++ ) {
+ fprintf( wfp, "%s: %s\n", mod->sm_desc->ad_cname.bv_val,
+ mod->sm_bvalues[i].bv_val /* binary! */ );
+ }
}
+
+ fprintf( wfp, "-\n" );
}
fclose( wfp );
/* read in the results and send them along */
read_and_send_results( be, conn, op, rfp, NULL, 0 );
fclose( rfp );
+ return( 0 );
}
diff --git a/servers/slapd/back-shell/modrdn.c b/servers/slapd/back-shell/modrdn.c
index 9fd793317d..e2c7d64d5f 100644
--- a/servers/slapd/back-shell/modrdn.c
+++ b/servers/slapd/back-shell/modrdn.c
@@ -1,48 +1,78 @@
/* modrdn.c - shell backend modrdn function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+/*
+ * LDAP v3 newSuperior support.
+ *
+ * Copyright 1999, Juan C. Gomez, All rights reserved.
+ * This software is not subject to any license of Silicon Graphics
+ * Inc. or Purdue University.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * without restriction or fee of any kind as long as this notice
+ * is preserved.
+ *
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/socket.h>
+#include <ac/string.h>
+
#include "slap.h"
#include "shell.h"
-void
+int
shell_back_modrdn(
Backend *be,
Connection *conn,
Operation *op,
- char *dn,
- char *newrdn,
- int deleteoldrdn
+ struct berval *dn,
+ struct berval *ndn,
+ struct berval *newrdn,
+ struct berval *nnewrdn,
+ int deleteoldrdn,
+ struct berval *newSuperior,
+ struct berval *nnewSuperior
)
{
struct shellinfo *si = (struct shellinfo *) be->be_private;
FILE *rfp, *wfp;
- if ( si->si_modrdn == NULL ) {
+ if ( IS_NULLCMD( si->si_modrdn ) ) {
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "modrdn not implemented" );
- return;
+ "modrdn not implemented", NULL, NULL );
+ return( -1 );
}
- if ( (op->o_private = forkandexec( si->si_modrdn, &rfp, &wfp ))
- == -1 ) {
+ if ( (op->o_private = (void *) forkandexec( si->si_modrdn, &rfp, &wfp ))
+ == (void *) -1 ) {
send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
- "could not fork/exec" );
- return;
+ "could not fork/exec", NULL, NULL );
+ return( -1 );
}
/* write out the request to the modrdn process */
fprintf( wfp, "MODRDN\n" );
- fprintf( wfp, "msgid: %d\n", op->o_msgid );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
+ fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn );
- fprintf( wfp, "newrdn: %s\n", newrdn );
+ fprintf( wfp, "dn: %s\n", dn->bv_val );
+ fprintf( wfp, "newrdn: %s\n", newrdn->bv_val );
fprintf( wfp, "deleteoldrdn: %d\n", deleteoldrdn ? 1 : 0 );
+ if (newSuperior != NULL) {
+ fprintf( wfp, "newSuperior: %s\n", newSuperior->bv_val );
+ }
fclose( wfp );
/* read in the results and send them along */
read_and_send_results( be, conn, op, rfp, NULL, 0 );
fclose( rfp );
+ return( 0 );
}
diff --git a/servers/slapd/back-shell/result.c b/servers/slapd/back-shell/result.c
index 675aa1f144..ded78f03c4 100644
--- a/servers/slapd/back-shell/result.c
+++ b/servers/slapd/back-shell/result.c
@@ -1,21 +1,29 @@
/* result.c - shell backend result reading function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/errno.h>
+#include <ac/string.h>
+#include <ac/socket.h>
+#include <ac/unistd.h>
+
#include "slap.h"
#include "shell.h"
-extern Entry *str2entry();
-
int
read_and_send_results(
Backend *be,
Connection *conn,
Operation *op,
FILE *fp,
- char **attrs,
+ AttributeName *attrs,
int attrsonly
)
{
@@ -31,17 +39,35 @@ read_and_send_results(
buf[0] = '\0';
bsize = BUFSIZ;
bp = buf;
- while ( fgets( line, sizeof(line), fp ) != NULL ) {
+ while ( !feof(fp) ) {
+ errno = 0;
+ if ( fgets( line, sizeof(line), fp ) == NULL ) {
+ if ( errno == EINTR ) continue;
+
+ Debug( LDAP_DEBUG_ANY, "shell: fgets failed: %s (%d)\n",
+ strerror(errno), errno, 0 );
+ break;
+ }
+
Debug( LDAP_DEBUG_SHELL, "shell search reading line (%s)\n",
line, 0, 0 );
+
+ /* ignore lines beginning with # (LDIFv1 comments) */
+ if ( *line == '#' ) {
+ continue;
+ }
+
/* ignore lines beginning with DEBUG: */
if ( strncasecmp( line, "DEBUG:", 6 ) == 0 ) {
continue;
}
+
len = strlen( line );
while ( bp + len - buf > bsize ) {
+ size_t offset = bp - buf;
bsize += BUFSIZ;
buf = (char *) ch_realloc( buf, bsize );
+ bp = &buf[offset];
}
strcpy( bp, line );
bp += len;
@@ -56,8 +82,8 @@ read_and_send_results(
Debug( LDAP_DEBUG_ANY, "str2entry(%s) failed\n",
buf, 0, 0 );
} else {
- send_search_entry( be, conn, op, e, attrs,
- attrsonly );
+ send_search_entry( be, conn, op, e,
+ attrs, attrsonly, NULL );
entry_free( e );
}
@@ -68,7 +94,7 @@ read_and_send_results(
/* otherwise, front end will send this result */
if ( err != 0 || op->o_tag != LDAP_REQ_BIND ) {
- send_ldap_result( conn, op, err, matched, info );
+ send_ldap_result( conn, op, err, matched, info, NULL, NULL );
}
free( buf );
@@ -84,7 +110,7 @@ print_suffixes(
{
int i;
- for ( i = 0; be->be_suffix[i] != NULL; i++ ) {
- fprintf( fp, "suffix: %s\n", be->be_suffix[i] );
+ for ( i = 0; be->be_suffix[i].bv_val != NULL; i++ ) {
+ fprintf( fp, "suffix: %s\n", be->be_suffix[i].bv_val );
}
}
diff --git a/servers/slapd/back-shell/search.c b/servers/slapd/back-shell/search.c
index 0c99883071..a1579e20e2 100644
--- a/servers/slapd/back-shell/search.c
+++ b/servers/slapd/back-shell/search.c
@@ -33,11 +33,10 @@ shell_back_search(
)
{
struct shellinfo *si = (struct shellinfo *) be->be_private;
- int i;
FILE *rfp, *wfp;
AttributeName *an;
- if ( si->si_search == NULL ) {
+ if ( IS_NULLCMD( si->si_search ) ) {
send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
"search not implemented", NULL, NULL );
return( -1 );
@@ -52,6 +51,7 @@ shell_back_search(
/* write out the request to the search process */
fprintf( wfp, "SEARCH\n" );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
fprintf( wfp, "base: %s\n", base->bv_val );
diff --git a/servers/slapd/back-shell/searchexample.conf b/servers/slapd/back-shell/searchexample.conf
index 4defa4ba65..41fda5e5d0 100644
--- a/servers/slapd/back-shell/searchexample.conf
+++ b/servers/slapd/back-shell/searchexample.conf
@@ -1,4 +1,9 @@
-referral ldap://ldap.itd.umich.edu
+# $OpenLDAP$
+## Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+## COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+
+include /usr/local/etc/openldap/schema/core.schema
+
database shell
-suffix "o=university of michigan, c=us"
+suffix "dc=example,dc=com"
search /usr/local/etc/searchexample.sh
diff --git a/servers/slapd/back-shell/searchexample.sh b/servers/slapd/back-shell/searchexample.sh
index 26b70fefbd..f93ac5e769 100644
--- a/servers/slapd/back-shell/searchexample.sh
+++ b/servers/slapd/back-shell/searchexample.sh
@@ -1,4 +1,7 @@
-#!/bin/sh
+#! /bin/sh
+# $OpenLDAP$
+## Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+## COPYING RESTRICTIONS APPLY, see COPYRIGHT file
while [ 1 ]; do
read TAG VALUE
@@ -20,11 +23,13 @@ LOGIN=`echo $FILTER | sed -e 's/.*=\(.*\))/\1/'`
PWLINE=`grep -i "^$LOGIN" /etc/passwd`
-sleep 60
+#sleep 60
# if we found an entry that matches
if [ $? = 0 ]; then
echo $PWLINE | awk -F: '{
printf("dn: cn=%s,%s\n", $1, base);
+ printf("objectclass: top\n");
+ printf("objectclass: person\n");
printf("cn: %s\n", $1);
printf("cn: %s\n", $5);
printf("sn: %s\n", $1);
diff --git a/servers/slapd/back-shell/shell.h b/servers/slapd/back-shell/shell.h
index 5ef493c045..25b7aaf28d 100644
--- a/servers/slapd/back-shell/shell.h
+++ b/servers/slapd/back-shell/shell.h
@@ -1,13 +1,75 @@
/* shell.h - shell backend header file */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#ifndef SLAPD_SHELL_H
+#define SLAPD_SHELL_H
+
+#include "external.h"
+
+LDAP_BEGIN_DECL
+
+#if defined(HAVE_RECVMSG) && !defined(NO_THREADS)
+# define SHELL_SURROGATE_PARENT
+#endif
+
+#ifdef SHELL_SURROGATE_PARENT
+
+extern ldap_pvt_thread_mutex_t shell_surrogate_index_mutex;
+extern ldap_pvt_thread_mutex_t shell_surrogate_fd_mutex[2];
+extern int shell_surrogate_fd[2];
+extern pid_t shell_surrogate_pid;
+
+typedef struct berval Cmd_info;
+#define MAKE_CMD_INFO(args) make_cmd_info( args )
+#define IS_NULLCMD(cmd) ((cmd).bv_val == NULL)
+
+extern void make_surrogate_parent LDAP_P(( void ));
+
+#else /* !SHELL_SURROGATE_PARENT */
+
+typedef char **Cmd_info;
+#define MAKE_CMD_INFO(args) charray_dup( args )
+#define IS_NULLCMD(cmd) ((cmd) == NULL)
+
+#endif /* SHELL_SURROGATE_PARENT */
struct shellinfo {
- char **si_bind; /* cmd + args to exec for bind */
- char **si_unbind; /* cmd + args to exec for unbind */
- char **si_search; /* cmd + args to exec for search */
- char **si_compare; /* cmd + args to exec for compare */
- char **si_modify; /* cmd + args to exec for modify */
- char **si_modrdn; /* cmd + args to exec for modrdn */
- char **si_add; /* cmd + args to exec for add */
- char **si_delete; /* cmd + args to exec for delete */
- char **si_abandon; /* cmd + args to exec for abandon */
+ Cmd_info si_bind; /* cmd + args to exec for bind */
+ Cmd_info si_unbind; /* cmd + args to exec for unbind */
+ Cmd_info si_search; /* cmd + args to exec for search */
+ Cmd_info si_compare; /* cmd + args to exec for compare */
+ Cmd_info si_modify; /* cmd + args to exec for modify */
+ Cmd_info si_modrdn; /* cmd + args to exec for modrdn */
+ Cmd_info si_add; /* cmd + args to exec for add */
+ Cmd_info si_delete; /* cmd + args to exec for delete */
+ Cmd_info si_abandon; /* cmd + args to exec for abandon */
};
+
+struct slap_backend_db;
+struct slap_conn;
+struct slap_op;
+
+extern pid_t forkandexec LDAP_P((
+ Cmd_info args,
+ FILE **rfp,
+ FILE **wfp));
+
+extern void print_suffixes LDAP_P((
+ FILE *fp,
+ struct slap_backend_db *bd));
+
+extern int read_and_send_results LDAP_P((
+ struct slap_backend_db *bd,
+ struct slap_conn *conn,
+ struct slap_op *op,
+ FILE *fp,
+ AttributeName *attrs,
+ int attrsonly));
+
+LDAP_END_DECL
+
+#endif
diff --git a/servers/slapd/back-shell/unbind.c b/servers/slapd/back-shell/unbind.c
index 649fe96c13..a4327f99e2 100644
--- a/servers/slapd/back-shell/unbind.c
+++ b/servers/slapd/back-shell/unbind.c
@@ -1,45 +1,49 @@
/* unbind.c - shell backend unbind function */
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+
+#include "portable.h"
#include <stdio.h>
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
+
+#include <ac/socket.h>
+#include <ac/string.h>
+
#include "slap.h"
#include "shell.h"
-void
+int
shell_back_unbind(
Backend *be,
Connection *conn,
- Operation *op,
- char *dn,
- int method,
- struct berval *cred
+ Operation *op
)
{
struct shellinfo *si = (struct shellinfo *) be->be_private;
FILE *rfp, *wfp;
- if ( si->si_unbind == NULL ) {
- send_ldap_result( conn, op, LDAP_UNWILLING_TO_PERFORM, NULL,
- "unbind not implemented" );
- return;
+ if ( IS_NULLCMD( si->si_unbind ) ) {
+ return 0;
}
- if ( (op->o_private = forkandexec( si->si_unbind, &rfp, &wfp ))
- == -1 ) {
- send_ldap_result( conn, op, LDAP_OPERATIONS_ERROR, NULL,
- "could not fork/exec" );
- return;
+ if ( (op->o_private = (void *) forkandexec( si->si_unbind, &rfp, &wfp ))
+ == (void *) -1 ) {
+ return 0;
}
/* write out the request to the unbind process */
fprintf( wfp, "UNBIND\n" );
- fprintf( wfp, "msgid: %d\n", op->o_msgid );
+ fprintf( wfp, "opid: %ld/%ld\n", op->o_connid, (long) op->o_msgid );
+ fprintf( wfp, "msgid: %ld\n", (long) op->o_msgid );
print_suffixes( wfp, be );
- fprintf( wfp, "dn: %s\n", dn );
+ fprintf( wfp, "dn: %s\n", (conn->c_dn.bv_len ? conn->c_dn.bv_val : "") );
fclose( wfp );
/* no response to unbind */
fclose( rfp );
+
+ return 0;
}
diff --git a/servers/slapd/back-sql/docs/concept b/servers/slapd/back-sql/docs/concept
new file mode 100644
index 0000000000..ed2904762f
--- /dev/null
+++ b/servers/slapd/back-sql/docs/concept
@@ -0,0 +1 @@
+The SQL backend is described in the slapd-sql(5) manual page.
diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c
index 1fbeecde21..7d7414aaa8 100644
--- a/servers/slapd/backend.c
+++ b/servers/slapd/backend.c
@@ -17,6 +17,7 @@
#include "slap.h"
#include "lutil.h"
+#include "lber_pvt.h"
/*
* If a module is configured as dynamic, its header should not
@@ -247,11 +248,11 @@ int backend_startup(Backend *be)
#ifdef NEW_LOGGING
LDAP_LOG(( "backend", LDAP_LEVEL_DETAIL1,
"backend_startup: starting \"%s\"\n",
- be->be_suffix[0]->bv_val ));
+ be->be_suffix[0].bv_val ));
#else
Debug( LDAP_DEBUG_TRACE,
"backend_startup: starting \"%s\"\n",
- be->be_suffix[0]->bv_val, 0, 0 );
+ be->be_suffix[0].bv_val, 0, 0 );
#endif
if ( be->bd_info->bi_open ) {
@@ -424,8 +425,8 @@ int backend_destroy(void)
if ( bd->bd_info->bi_db_destroy ) {
bd->bd_info->bi_db_destroy( bd );
}
- ber_bvecfree( bd->be_suffix );
- ber_bvecfree( bd->be_nsuffix );
+ ber_bvarray_free( bd->be_suffix );
+ ber_bvarray_free( bd->be_nsuffix );
if ( bd->be_rootdn.bv_val ) free( bd->be_rootdn.bv_val );
if ( bd->be_rootndn.bv_val ) free( bd->be_rootndn.bv_val );
if ( bd->be_rootpw.bv_val ) free( bd->be_rootpw.bv_val );
@@ -539,7 +540,7 @@ select_backend(
for ( i = 0; i < nbackends; i++ ) {
for ( j = 0; backends[i].be_nsuffix != NULL &&
- backends[i].be_nsuffix[j] != NULL; j++ )
+ backends[i].be_nsuffix[j].bv_val != NULL; j++ )
{
if (( backends[i].be_flags & SLAP_BFLAG_GLUE_SUBORDINATE )
&& noSubs )
@@ -547,7 +548,7 @@ select_backend(
continue;
}
- len = backends[i].be_nsuffix[j]->bv_len;
+ len = backends[i].be_nsuffix[j].bv_len;
if ( len > dnlen ) {
/* suffix is longer than DN */
@@ -564,7 +565,7 @@ select_backend(
continue;
}
- if ( strcmp( backends[i].be_nsuffix[j]->bv_val,
+ if ( strcmp( backends[i].be_nsuffix[j].bv_val,
&dn->bv_val[dnlen-len] ) == 0 )
{
if( be == NULL ) {
@@ -592,8 +593,8 @@ be_issuffix(
{
int i;
- for ( i = 0; be->be_nsuffix != NULL && be->be_nsuffix[i] != NULL; i++ ) {
- if ( ber_bvcmp( be->be_nsuffix[i], bvsuffix ) == 0 ) {
+ for ( i = 0; be->be_nsuffix != NULL && be->be_nsuffix[i].bv_val != NULL; i++ ) {
+ if ( ber_bvcmp( &be->be_nsuffix[i], bvsuffix ) == 0 ) {
return( 1 );
}
}
@@ -767,7 +768,7 @@ backend_check_restrictions(
Backend *be,
Connection *conn,
Operation *op,
- const void *opdata,
+ struct berval *opdata,
const char **text )
{
int rc;
@@ -776,6 +777,8 @@ backend_check_restrictions(
slap_mask_t opflag;
slap_ssf_set_t *ssf;
int updateop = 0;
+ int starttls = 0;
+ int session = 0;
if( be ) {
rc = backend_check_controls( be, conn, op, text );
@@ -801,6 +804,7 @@ backend_check_restrictions(
break;
case LDAP_REQ_BIND:
opflag = SLAP_RESTRICT_OP_BIND;
+ session++;
break;
case LDAP_REQ_COMPARE:
opflag = SLAP_RESTRICT_OP_COMPARE;
@@ -811,7 +815,35 @@ backend_check_restrictions(
break;
case LDAP_REQ_EXTENDED:
opflag = SLAP_RESTRICT_OP_EXTENDED;
+
+ if( !opdata ) {
+ /* treat unspecified as a modify */
+ opflag = SLAP_RESTRICT_OP_MODIFY;
+ updateop++;
+ break;
+ }
+
+ {
+ struct berval bv = BER_BVC( LDAP_EXOP_START_TLS );
+ if( ber_bvcmp( opdata, &bv ) == 0 ) {
+ session++;
+ starttls++;
+ break;
+ }
+ }
+
+ {
+ struct berval bv = BER_BVC( LDAP_EXOP_X_WHO_AM_I );
+ if( ber_bvcmp( opdata, &bv ) == 0 ) {
+ break;
+ }
+ }
+
+ /* treat everything else as a modify */
+ opflag = SLAP_RESTRICT_OP_MODIFY;
+ updateop++;
break;
+
case LDAP_REQ_MODIFY:
updateop++;
opflag = SLAP_RESTRICT_OP_MODIFY;
@@ -824,6 +856,7 @@ backend_check_restrictions(
opflag = SLAP_RESTRICT_OP_SEARCH;
break;
case LDAP_REQ_UNBIND:
+ session++;
opflag = 0;
break;
default:
@@ -831,16 +864,9 @@ backend_check_restrictions(
return LDAP_OTHER;
}
- if ( op->o_tag != LDAP_REQ_EXTENDED
- || strcmp( (const char *) opdata, LDAP_EXOP_START_TLS ) )
- {
+ if ( !starttls ) {
/* these checks don't apply to StartTLS */
- if( op->o_tag == LDAP_REQ_EXTENDED ) {
- /* threat other extended operations as update ops */
- updateop++;
- }
-
if( op->o_transport_ssf < ssf->sss_transport ) {
*text = "transport confidentiality required";
return LDAP_CONFIDENTIALITY_REQUIRED;
@@ -893,10 +919,8 @@ backend_check_restrictions(
}
}
- if ( op->o_tag != LDAP_REQ_BIND && ( op->o_tag != LDAP_REQ_EXTENDED ||
- strcmp( (const char *) opdata, LDAP_EXOP_START_TLS ) ) )
- {
- /* these checks don't apply to Bind or StartTLS */
+ if ( !session ) {
+ /* these checks don't apply to Bind, StartTLS, or Unbind */
if( requires & SLAP_REQUIRE_STRONG ) {
/* should check mechanism */
diff --git a/servers/slapd/backglue.c b/servers/slapd/backglue.c
index 0eccc8b8ac..e2afd09156 100644
--- a/servers/slapd/backglue.c
+++ b/servers/slapd/backglue.c
@@ -63,7 +63,7 @@ glue_back_select (
bv.bv_val = (char *) dn;
for (i = 0; i<gi->nodes; i++) {
- if (dnIsSuffix(&bv, gi->n[i].be->be_nsuffix[0])) {
+ if (dnIsSuffix(&bv, &gi->n[i].be->be_nsuffix[0])) {
return gi->n[i].be;
}
}
@@ -360,20 +360,20 @@ glue_back_search (
if (scope == LDAP_SCOPE_ONELEVEL &&
dn_match(&gi->n[i].pdn, ndn)) {
rc = be->be_search (be, conn, op,
- be->be_suffix[0], be->be_nsuffix[0],
+ &be->be_suffix[0], &be->be_nsuffix[0],
LDAP_SCOPE_BASE, deref,
s2limit, t2limit, filter, filterstr,
attrs, attrsonly);
} else if (scope == LDAP_SCOPE_SUBTREE &&
- dnIsSuffix(be->be_nsuffix[0], ndn)) {
+ dnIsSuffix(&be->be_nsuffix[0], ndn)) {
rc = be->be_search (be, conn, op,
- be->be_suffix[0], be->be_nsuffix[0],
+ &be->be_suffix[0], &be->be_nsuffix[0],
scope, deref,
s2limit, t2limit, filter, filterstr,
attrs, attrsonly);
- } else if (dnIsSuffix(&bv, be->be_nsuffix[0])) {
+ } else if (dnIsSuffix(&bv, &be->be_nsuffix[0])) {
rc = be->be_search (be, conn, op, dn, ndn,
scope, deref,
s2limit, t2limit, filter, filterstr,
@@ -833,7 +833,7 @@ glue_sub_init( )
if (be->be_flags & SLAP_BFLAG_GLUE_LINKED) {
continue;
}
- if (!dnIsSuffix(be->be_nsuffix[0], b1->be_nsuffix[0])) {
+ if (!dnIsSuffix(&be->be_nsuffix[0], &b1->be_nsuffix[0])) {
continue;
}
cont--;
@@ -890,7 +890,7 @@ glue_sub_init( )
gi->nodes * sizeof(gluenode));
}
gi->n[gi->nodes].be = be;
- dnParent( be->be_nsuffix[0], &gi->n[gi->nodes].pdn );
+ dnParent( &be->be_nsuffix[0], &gi->n[gi->nodes].pdn );
gi->nodes++;
}
if (gi) {
@@ -898,7 +898,7 @@ glue_sub_init( )
gi = (glueinfo *)ch_realloc(gi,
sizeof(glueinfo) + gi->nodes * sizeof(gluenode));
gi->n[gi->nodes].be = gi->be;
- dnParent( b1->be_nsuffix[0], &gi->n[gi->nodes].pdn );
+ dnParent( &b1->be_nsuffix[0], &gi->n[gi->nodes].pdn );
gi->nodes++;
b1->be_private = gi;
b1->bd_info = bi;
diff --git a/servers/slapd/bind.c b/servers/slapd/bind.c
index b2b4d32b4a..cbbb1383f6 100644
--- a/servers/slapd/bind.c
+++ b/servers/slapd/bind.c
@@ -265,7 +265,7 @@ do_bind(
}
/* check restrictions */
- rc = backend_check_restrictions( NULL, conn, op, mech.bv_val, &text );
+ rc = backend_check_restrictions( NULL, conn, op, &mech, &text );
if( rc != LDAP_SUCCESS ) {
send_ldap_result( conn, op, rc,
NULL, text, NULL, NULL );
@@ -367,7 +367,8 @@ do_bind(
text = "anonymous bind disallowed";
} else {
- rc = backend_check_restrictions( NULL, conn, op, mech.bv_val, &text );
+ rc = backend_check_restrictions( NULL, conn, op,
+ &mech, &text );
}
/*
diff --git a/servers/slapd/config.c b/servers/slapd/config.c
index 94bd2f5dac..23a4599f06 100644
--- a/servers/slapd/config.c
+++ b/servers/slapd/config.c
@@ -18,7 +18,7 @@
#include "ldap_pvt.h"
#include "slap.h"
-#define MAXARGS 500
+#define ARGS_STEP 512
/*
* defaults for various global variables
@@ -45,6 +45,8 @@ char *global_host = NULL;
char *global_realm = NULL;
char *ldap_srvtab = "";
char *default_passwd_hash = NULL;
+int cargc = 0, cargv_size = 0;
+char **cargv;
struct berval default_search_base = { 0, NULL };
struct berval default_search_nbase = { 0, NULL };
unsigned num_subordinates = 0;
@@ -68,7 +70,7 @@ int use_reverse_lookup = 0;
static char *fp_getline(FILE *fp, int *lineno);
static void fp_getline_init(int *lineno);
-static int fp_parse_line(int lineno, char *line, int *argcp, char **argv);
+static int fp_parse_line(int lineno, char *line);
static char *strtok_quote(char *line, char *sep);
static int load_ucdata(char *path);
@@ -78,8 +80,7 @@ read_config( const char *fname )
{
FILE *fp;
char *line, *savefname, *saveline;
- int cargc, savelineno;
- char *cargv[MAXARGS+1];
+ int savelineno;
int lineno, i;
int rc;
struct berval vals[2];
@@ -90,6 +91,9 @@ read_config( const char *fname )
vals[1].bv_val = NULL;
+ cargv = ch_calloc( ARGS_STEP + 1, sizeof(*cargv) );
+ cargv_size = ARGS_STEP + 1;
+
if ( (fp = fopen( fname, "r" )) == NULL ) {
ldap_syslog = 1;
#ifdef NEW_LOGGING
@@ -123,7 +127,7 @@ read_config( const char *fname )
/* fp_parse_line is destructive, we save a copy */
saveline = ch_strdup( line );
- if ( fp_parse_line( lineno, line, &cargc, cargv ) != 0 ) {
+ if ( fp_parse_line( lineno, line ) != 0 ) {
return( 1 );
}
@@ -858,9 +862,7 @@ read_config( const char *fname )
/* set database suffix */
} else if ( strcasecmp( cargv[0], "suffix" ) == 0 ) {
Backend *tmp_be;
- struct berval dn;
- struct berval *pdn = NULL;
- struct berval *ndn = NULL;
+ struct berval dn, pdn, ndn;
if ( cargc < 2 ) {
#ifdef NEW_LOGGING
@@ -919,10 +921,8 @@ read_config( const char *fname )
dn.bv_val = cargv[1];
dn.bv_len = strlen( cargv[1] );
- pdn = ch_malloc( sizeof( struct berval ));
- ndn = ch_malloc( sizeof( struct berval ));
- rc = dnPrettyNormal( NULL, &dn, pdn, ndn );
+ rc = dnPrettyNormal( NULL, &dn, &pdn, &ndn );
if( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
@@ -936,7 +936,7 @@ read_config( const char *fname )
return( 1 );
}
- tmp_be = select_backend( ndn, 0, 0 );
+ tmp_be = select_backend( &ndn, 0, 0 );
if ( tmp_be == be ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
@@ -947,25 +947,25 @@ read_config( const char *fname )
"already served by this backend (ignored)\n",
fname, lineno, 0 );
#endif
- ber_bvfree( pdn );
- ber_bvfree( ndn );
+ free( pdn.bv_val );
+ free( ndn.bv_val );
} else if ( tmp_be != NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: suffix already served by a preceding "
"backend \"%s\"\n", fname, lineno,
- tmp_be->be_suffix[0]->bv_val ));
+ tmp_be->be_suffix[0].bv_val ));
#else
Debug( LDAP_DEBUG_ANY, "%s: line %d: suffix "
"already served by a preceeding backend \"%s\"\n",
- fname, lineno, tmp_be->be_suffix[0]->bv_val );
+ fname, lineno, tmp_be->be_suffix[0].bv_val );
#endif
- ber_bvfree( pdn );
- ber_bvfree( ndn );
+ free( pdn.bv_val );
+ free( ndn.bv_val );
return( 1 );
- } else if( pdn->bv_len == 0 && default_search_nbase.bv_len ) {
+ } else if( pdn.bv_len == 0 && default_search_nbase.bv_len ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: suffix DN empty and default search "
@@ -979,14 +979,14 @@ read_config( const char *fname )
#endif
}
- ber_bvecadd( &be->be_suffix, pdn );
- ber_bvecadd( &be->be_nsuffix, ndn );
+ ber_bvarray_add( &be->be_suffix, &pdn );
+ ber_bvarray_add( &be->be_nsuffix, &ndn );
/* set database suffixAlias */
} else if ( strcasecmp( cargv[0], "suffixAlias" ) == 0 ) {
Backend *tmp_be;
- struct berval alias, *palias, nalias;
- struct berval aliased, *paliased, naliased;
+ struct berval alias, palias, nalias;
+ struct berval aliased, paliased, naliased;
if ( cargc < 2 ) {
#ifdef NEW_LOGGING
@@ -1046,9 +1046,8 @@ read_config( const char *fname )
alias.bv_val = cargv[1];
alias.bv_len = strlen( cargv[1] );
- palias = ch_malloc(sizeof(struct berval));
- rc = dnPrettyNormal( NULL, &alias, palias, &nalias );
+ rc = dnPrettyNormal( NULL, &alias, &palias, &nalias );
if( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
@@ -1069,22 +1068,21 @@ read_config( const char *fname )
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: suffixAlias served by a preceeding "
"backend \"%s\"\n",
- fname, lineno, tmp_be->be_suffix[0]->bv_val ));
+ fname, lineno, tmp_be->be_suffix[0].bv_val ));
#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: suffixAlias served by"
" a preceeding backend \"%s\"\n",
- fname, lineno, tmp_be->be_suffix[0]->bv_val );
+ fname, lineno, tmp_be->be_suffix[0].bv_val );
#endif
- ber_bvfree( palias );
+ free( palias.bv_val );
return -1;
}
aliased.bv_val = cargv[2];
aliased.bv_len = strlen( cargv[2] );
- paliased = ch_malloc(sizeof(struct berval));
- rc = dnPrettyNormal( NULL, &aliased, paliased, &naliased );
+ rc = dnPrettyNormal( NULL, &aliased, &paliased, &naliased );
if( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
@@ -1095,7 +1093,7 @@ read_config( const char *fname )
"%s: line %d: aliased DN is invalid\n",
fname, lineno, 0 );
#endif
- ber_bvfree( palias );
+ free( palias.bv_val );
return( 1 );
}
@@ -1106,20 +1104,20 @@ read_config( const char *fname )
LDAP_LOG(( "config", LDAP_LEVEL_INFO,
"%s: line %d: suffixAlias derefs to a different backend "
"a preceeding backend \"%s\"\n",
- fname, lineno, tmp_be->be_suffix[0]->bv_val ));
+ fname, lineno, tmp_be->be_suffix[0].bv_val ));
#else
Debug( LDAP_DEBUG_ANY,
"%s: line %d: suffixAlias derefs to differnet backend"
" a preceeding backend \"%s\"\n",
- fname, lineno, tmp_be->be_suffix[0]->bv_val );
+ fname, lineno, tmp_be->be_suffix[0].bv_val );
#endif
- ber_bvfree( palias );
- ber_bvfree( paliased );
+ free( palias.bv_val );
+ free( paliased.bv_val );
return -1;
}
- ber_bvecadd( &be->be_suffixAlias, palias );
- ber_bvecadd( &be->be_suffixAlias, paliased );
+ ber_bvarray_add( &be->be_suffixAlias, &palias );
+ ber_bvarray_add( &be->be_suffixAlias, &paliased );
/* set max deref depth */
} else if ( strcasecmp( cargv[0], "maxDerefDepth" ) == 0 ) {
@@ -2163,7 +2161,7 @@ read_config( const char *fname )
}
if (module_path( cargv[1] )) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "cofig", LDAP_LEVEL_CRIT,
+ LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
"%s: line %d: failed to set module search path to %s.\n",
fname, lineno, cargv[1] ));
#else
@@ -2351,16 +2349,14 @@ read_config( const char *fname )
static int
fp_parse_line(
int lineno,
- char *line,
- int *argcp,
- char **argv
+ char *line
)
{
char * token;
char * logline;
char logbuf[sizeof("pseudorootpw ***")];
- *argcp = 0;
+ cargc = 0;
token = strtok_quote( line, " \t" );
logline = line;
@@ -2383,21 +2379,28 @@ fp_parse_line(
*strtok_quote_ptr = '\0';
for ( ; token != NULL; token = strtok_quote( NULL, " \t" ) ) {
- if ( *argcp == MAXARGS ) {
+ if ( cargc == cargv_size - 1 ) {
+ char **tmp;
+ tmp = ch_realloc( cargv, (cargv_size + ARGS_STEP) *
+ sizeof(*cargv) );
+ if ( tmp == NULL ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "config", LDAP_LEVEL_CRIT,
- "fp_parse_line: too many tokens (%d max).\n",
- MAXARGS ));
+ LDAP_LOG(( "config", LDAP_LEVEL_ERR,
+ "line %d: out of memory\n",
+ lineno ));
#else
- Debug( LDAP_DEBUG_ANY, "Too many tokens (max %d)\n",
- MAXARGS, 0, 0 );
+ Debug( LDAP_DEBUG_ANY,
+ "line %d: out of memory\n",
+ lineno, 0, 0 );
#endif
-
- return( 1 );
+ return -1;
+ }
+ cargv = tmp;
+ cargv_size += ARGS_STEP;
}
- argv[(*argcp)++] = token;
+ cargv[cargc++] = token;
}
- argv[*argcp] = NULL;
+ cargv[cargc] = NULL;
return 0;
}
diff --git a/servers/slapd/connection.c b/servers/slapd/connection.c
index 50fba1a220..a93af0d116 100644
--- a/servers/slapd/connection.c
+++ b/servers/slapd/connection.c
@@ -1189,7 +1189,7 @@ int connection_read(ber_socket_t s)
} else if ( rc == 0 ) {
void *ssl;
- char *authid;
+ struct berval authid = { 0, NULL };
c->c_needs_tls_accept = 0;
@@ -1201,9 +1201,21 @@ int connection_read(ber_socket_t s)
c->c_ssf = c->c_tls_ssf;
}
- authid = dnX509peerNormalize( ssl );
- slap_sasl_external( c, c->c_tls_ssf, authid );
- if ( authid ) free( authid );
+ rc = dnX509peerNormalize( ssl, &authid );
+ if ( rc != LDAP_SUCCESS ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "connection", LDAP_LEVEL_INFO,
+ "connection_read: conn %lu unable to get TLS client DN, error %d\n",
+ c->c_connid, rc));
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "connection_read(%d): unable to get TLS client DN "
+ "error=%d id=%lu\n",
+ s, rc, c->c_connid );
+#endif
+ }
+ slap_sasl_external( c, c->c_tls_ssf, authid.bv_val );
+ if ( authid.bv_val ) free( authid.bv_val );
}
connection_return( c );
ldap_pvt_thread_mutex_unlock( &connections_mutex );
@@ -1411,6 +1423,8 @@ connection_input(
op = slap_op_alloc( ber, msgid, tag, conn->c_n_ops_received++ );
+ op->vrFilter = NULL;
+
op->o_pagedresults_state = conn->c_pagedresults_state;
#ifdef LDAP_CONNECTIONLESS
diff --git a/servers/slapd/controls.c b/servers/slapd/controls.c
index b475dd1af4..16ea8cb6cc 100644
--- a/servers/slapd/controls.c
+++ b/servers/slapd/controls.c
@@ -47,6 +47,7 @@ static SLAP_CTRL_PARSE_FN parseManageDSAit;
static SLAP_CTRL_PARSE_FN parseSubentries;
static SLAP_CTRL_PARSE_FN parseNoOp;
static SLAP_CTRL_PARSE_FN parsePagedResults;
+static SLAP_CTRL_PARSE_FN parseValuesReturnFilter;
static struct slap_control {
char *sc_oid;
@@ -72,6 +73,11 @@ static struct slap_control {
{ LDAP_CONTROL_PAGEDRESULTS_REQUEST,
SLAP_CTRL_SEARCH, NULL,
parsePagedResults },
+#endif
+#ifdef LDAP_CONTROL_VALUESRETURNFILTER
+ { LDAP_CONTROL_VALUESRETURNFILTER,
+ SLAP_CTRL_SEARCH, NULL,
+ parseValuesReturnFilter },
#endif
{ NULL }
};
@@ -527,3 +533,61 @@ static int parsePagedResults (
return LDAP_SUCCESS;
}
#endif
+
+#ifdef LDAP_CONTROL_VALUESRETURNFILTER
+int parseValuesReturnFilter (
+ Connection *conn,
+ Operation *op,
+ LDAPControl *ctrl,
+ const char **text )
+{
+ int rc;
+ BerElement *ber;
+ struct berval fstr = { 0, NULL };
+ const char *err_msg = "";
+
+ if ( op->o_valuesreturnfilter != SLAP_NO_CONTROL ) {
+ *text = "valuesreturnfilter control specified multiple times";
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ ber = ber_init( &(ctrl->ldctl_value) );
+ if (ber == NULL) {
+ *text = "internal error";
+ return LDAP_OTHER;
+ }
+
+ rc = get_vrFilter( conn, ber, &(op->vrFilter), &err_msg);
+
+ if( rc != LDAP_SUCCESS ) {
+ text = &err_msg;
+ if( rc == SLAPD_DISCONNECT ) {
+ send_ldap_disconnect( conn, op,
+ LDAP_PROTOCOL_ERROR, *text );
+ } else {
+ send_ldap_result( conn, op, rc,
+ NULL, *text, NULL, NULL );
+ }
+ if( fstr.bv_val != NULL) free( fstr.bv_val );
+ if( op->vrFilter != NULL) vrFilter_free( op->vrFilter );
+
+ } else {
+ vrFilter2bv( op->vrFilter, &fstr );
+ }
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
+ "parseValuesReturnFilter: conn %d vrFilter: %s\n", conn->c_connid,
+ fstr.bv_len ? fstr.bv_val : "empty" ));
+#else
+ Debug( LDAP_DEBUG_ARGS, " vrFilter: %s\n",
+ fstr.bv_len ? fstr.bv_val : "empty", 0, 0 );
+#endif
+
+ op->o_valuesreturnfilter = ctrl->ldctl_iscritical
+ ? SLAP_CRITICAL_CONTROL
+ : SLAP_NONCRITICAL_CONTROL;
+
+ return LDAP_SUCCESS;
+}
+#endif
diff --git a/servers/slapd/delete.c b/servers/slapd/delete.c
index 38324be6ea..37a59aa1ea 100644
--- a/servers/slapd/delete.c
+++ b/servers/slapd/delete.c
@@ -66,7 +66,7 @@ do_delete(
if( ( rc = get_ctrls( conn, op, 1 ) ) != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG(( "oepration", LDAP_LEVEL_ERR,
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
"do_delete: conn %d get_ctrls failed\n", conn->c_connid ));
#else
Debug( LDAP_DEBUG_ANY, "do_delete: get_ctrls failed\n", 0, 0, 0 );
diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c
index 6c59b455c7..75a349b433 100644
--- a/servers/slapd/dn.c
+++ b/servers/slapd/dn.c
@@ -624,7 +624,8 @@ dnParent(
/* one-level dn */
if ( p == NULL ) {
- *pdn = slap_empty_bv;
+ pdn->bv_len = 0;
+ pdn->bv_val = dn->bv_val + dn->bv_len;
return;
}
@@ -844,9 +845,10 @@ dnX509normalize( void *x509_name, struct berval *out )
/*
* Get the TLS session's peer's DN into a normalized LDAP DN
*/
-char *
-dnX509peerNormalize( void *ssl )
+int
+dnX509peerNormalize( void *ssl, struct berval *dn )
{
- return ldap_pvt_tls_get_peer_dn( ssl, (LDAPDN_rewrite_dummy *)LDAPDN_rewrite, 0 );
+
+ return ldap_pvt_tls_get_peer_dn( ssl, dn, (LDAPDN_rewrite_dummy *)LDAPDN_rewrite, 0 );
}
#endif
diff --git a/servers/slapd/entry.c b/servers/slapd/entry.c
index 48afbf5d9d..8a1106e974 100644
--- a/servers/slapd/entry.c
+++ b/servers/slapd/entry.c
@@ -109,8 +109,6 @@ str2entry( char *s )
}
if ( strcasecmp( type, "dn" ) == 0 ) {
- struct berval *pdn = NULL;
-
free( type );
if ( e->e_dn != NULL ) {
@@ -131,22 +129,21 @@ str2entry( char *s )
}
rc = dnPrettyNormal( NULL, &vals[0], &e->e_name, &e->e_nname );
- free( vals[0].bv_val );
if( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_DETAIL1, "str2entry: "
"entry %ld has invalid DN \"%s\"\n",
- (long) e->e_id,
- pdn->bv_val ? pdn->bv_val : "" ));
+ (long) e->e_id, vals[0].bv_val ));
#else
Debug( LDAP_DEBUG_ANY, "str2entry: "
"entry %ld has invalid DN \"%s\"\n",
- (long) e->e_id,
- pdn->bv_val ? pdn->bv_val : "", 0 );
+ (long) e->e_id, vals[0].bv_val, 0 );
#endif
entry_free( e );
+ free( vals[0].bv_val );
return NULL;
}
+ free( vals[0].bv_val );
continue;
}
diff --git a/servers/slapd/extended.c b/servers/slapd/extended.c
index 64e8cc2df4..ace5cb55f1 100644
--- a/servers/slapd/extended.c
+++ b/servers/slapd/extended.c
@@ -32,6 +32,7 @@
#include <ac/string.h>
#include "slap.h"
+#include "lber_pvt.h"
static struct extop_list {
struct extop_list *next;
@@ -307,6 +308,7 @@ whoami_extop (
const char ** text,
BerVarray * refs )
{
+ int rc;
struct berval *bv;
if ( reqdata != NULL ) {
@@ -315,6 +317,16 @@ whoami_extop (
return LDAP_PROTOCOL_ERROR;
}
+ {
+ int rc;
+ struct berval whoami = BER_BVC( LDAP_EXOP_X_WHO_AM_I );
+
+ rc = backend_check_restrictions( conn->c_authz_backend,
+ conn, op, &whoami, text );
+
+ if( rc != LDAP_SUCCESS ) return rc;
+ }
+
bv = (struct berval *) ch_malloc( sizeof(struct berval) );
if( op->o_dn.bv_len ) {
bv->bv_len = op->o_dn.bv_len + sizeof("dn:")-1;
diff --git a/servers/slapd/filter.c b/servers/slapd/filter.c
index 16124c0c31..dc6359619d 100644
--- a/servers/slapd/filter.c
+++ b/servers/slapd/filter.c
@@ -30,6 +30,17 @@ static int filter_escape_value(
struct berval *in,
struct berval *out );
+static void simple_vrFilter2bv(
+ ValuesReturnFilter *f,
+ struct berval *fstr );
+
+static int get_simple_vrFilter(
+ Connection *conn,
+ BerElement *ber,
+ ValuesReturnFilter **f,
+ const char **text );
+
+
int
get_filter(
Connection *conn,
@@ -796,3 +807,718 @@ static int filter_escape_value(
out->bv_val[out->bv_len] = '\0';
return LDAP_SUCCESS;
}
+
+static int
+get_simple_vrFilter(
+ Connection *conn,
+ BerElement *ber,
+ ValuesReturnFilter **filt,
+ const char **text )
+{
+ ber_tag_t tag;
+ ber_len_t len;
+ int err;
+ ValuesReturnFilter *f;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ENTRY, "get_simple_vrFilter: conn %d\n",
+ conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "begin get_simple_vrFilter\n", 0, 0, 0 );
+#endif
+
+ tag = ber_peek_tag( ber, &len );
+
+ if( tag == LBER_ERROR ) {
+ *text = "error decoding filter";
+ return SLAPD_DISCONNECT;
+ }
+
+ f = (ValuesReturnFilter *) ch_malloc( sizeof(ValuesReturnFilter) );
+ f->f_next = NULL;
+
+ err = LDAP_SUCCESS;
+ f->f_choice = tag;
+
+ switch ( f->f_choice ) {
+ case LDAP_FILTER_EQUALITY:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL2,
+ "get_simple_vrFilter: conn %d EQUALITY\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "EQUALITY\n", 0, 0, 0 );
+#endif
+ err = get_ava( ber, &f->f_ava, SLAP_MR_EQUALITY, text );
+ if ( err != LDAP_SUCCESS ) {
+ break;
+ }
+
+ assert( f->f_ava != NULL );
+ break;
+
+ case LDAP_FILTER_SUBSTRINGS:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_simple_vrFilter: conn %d SUBSTRINGS\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "SUBSTRINGS\n", 0, 0, 0 );
+#endif
+ err = get_substring_filter( conn, ber, (Filter *)f, text );
+ break;
+
+ case LDAP_FILTER_GE:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_simple_vrFilter: conn %d GE\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "GE\n", 0, 0, 0 );
+#endif
+ err = get_ava( ber, &f->f_ava, SLAP_MR_ORDERING, text );
+ if ( err != LDAP_SUCCESS ) {
+ break;
+ }
+ break;
+
+ case LDAP_FILTER_LE:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_simple_vrFilter: conn %d LE\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "LE\n", 0, 0, 0 );
+#endif
+ err = get_ava( ber, &f->f_ava, SLAP_MR_ORDERING, text );
+ if ( err != LDAP_SUCCESS ) {
+ break;
+ }
+ break;
+
+ case LDAP_FILTER_PRESENT: {
+ struct berval type;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_simple_vrFilter: conn %d PRESENT\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "PRESENT\n", 0, 0, 0 );
+#endif
+ if ( ber_scanf( ber, "m", &type ) == LBER_ERROR ) {
+ err = SLAPD_DISCONNECT;
+ *text = "error decoding filter";
+ break;
+ }
+
+ f->f_desc = NULL;
+ err = slap_bv2ad( &type, &f->f_desc, text );
+
+ if( err != LDAP_SUCCESS ) {
+ /* unrecognized attribute description or other error */
+ f->f_choice = SLAPD_FILTER_COMPUTED;
+ f->f_result = LDAP_COMPARE_FALSE;
+ err = LDAP_SUCCESS;
+ break;
+ }
+ } break;
+
+ case LDAP_FILTER_APPROX:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_simple_vrFilter: conn %d APPROX\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "APPROX\n", 0, 0, 0 );
+#endif
+ err = get_ava( ber, &f->f_ava, SLAP_MR_EQUALITY_APPROX, text );
+ if ( err != LDAP_SUCCESS ) {
+ break;
+ }
+ break;
+
+ case LDAP_FILTER_EXT:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_simple_vrFilter: conn %d EXTENSIBLE\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "EXTENSIBLE\n", 0, 0, 0 );
+#endif
+
+ err = get_mra( ber, &f->f_mra, text );
+ if ( err != LDAP_SUCCESS ) {
+ break;
+ }
+
+ assert( f->f_mra != NULL );
+ break;
+
+ default:
+ (void) ber_scanf( ber, "x" ); /* skip the element */
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ERR,
+ "get_simple_vrFilter: conn %d unknown filter type=%lu\n",
+ conn->c_connid, f->f_choice ));
+#else
+ Debug( LDAP_DEBUG_ANY, "get_simple_vrFilter: unknown filter type=%lu\n",
+ f->f_choice, 0, 0 );
+#endif
+ f->f_choice = SLAPD_FILTER_COMPUTED;
+ f->f_result = SLAPD_COMPARE_UNDEFINED;
+ break;
+ }
+
+ if ( err != LDAP_SUCCESS ) {
+ if( err != SLAPD_DISCONNECT ) {
+ /* ignore error */
+ f->f_choice = SLAPD_FILTER_COMPUTED;
+ f->f_result = SLAPD_COMPARE_UNDEFINED;
+ err = LDAP_SUCCESS;
+ *filt = f;
+
+ } else {
+ free(f);
+ }
+
+ } else {
+ *filt = f;
+ }
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL2,
+ "get_simple_vrFilter: conn %d exit\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "end get_simple_vrFilter %d\n", err, 0, 0 );
+#endif
+ return( err );
+}
+
+int
+get_vrFilter( Connection *conn, BerElement *ber,
+ ValuesReturnFilter **f,
+ const char **text )
+{
+ /*
+ * A ValuesReturnFilter looks like this:
+ *
+ * ValuesReturnFilter ::= SEQUENCE OF SimpleFilterItem
+ * SimpleFilterItem ::= CHOICE {
+ * equalityMatch [3] AttributeValueAssertion,
+ * substrings [4] SubstringFilter,
+ * greaterOrEqual [5] AttributeValueAssertion,
+ * lessOrEqual [6] AttributeValueAssertion,
+ * present [7] AttributeType,
+ * approxMatch [8] AttributeValueAssertion,
+ * extensibleMatch [9] SimpleMatchingAssertion -- LDAPv3
+ * }
+ *
+ * SubstringFilter ::= SEQUENCE {
+ * type AttributeType,
+ * SEQUENCE OF CHOICE {
+ * initial [0] IA5String,
+ * any [1] IA5String,
+ * final [2] IA5String
+ * }
+ * }
+ *
+ * SimpleMatchingAssertion ::= SEQUENCE { -- LDAPv3
+ * matchingRule [1] MatchingRuleId OPTIONAL,
+ * type [2] AttributeDescription OPTIONAL,
+ * matchValue [3] AssertionValue }
+ */
+
+ ValuesReturnFilter **new;
+ ber_tag_t tag;
+ ber_len_t len;
+ char *last;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ENTRY,
+ "get_vrFilter: conn %d start\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "begin get_vrFilter\n", 0, 0, 0 );
+#endif
+
+ tag = ber_peek_tag( ber, &len );
+
+ if( tag == LBER_ERROR ) {
+ *text = "error decoding vrFilter";
+ return SLAPD_DISCONNECT;
+ }
+
+ if( tag != LBER_SEQUENCE ) {
+ *text = "error decoding vrFilter, expect SEQUENCE tag";
+ return SLAPD_DISCONNECT;
+ }
+
+ new = f;
+ for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
+ tag = ber_next_element( ber, &len, last ) )
+ {
+ int err = get_simple_vrFilter( conn, ber, new, text );
+ if ( err != LDAP_SUCCESS )
+ return( err );
+ new = &(*new)->f_next;
+ }
+ *new = NULL;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ENTRY,
+ "get_vrFilter: conn %d exit\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "end get_vrFilter\n", 0, 0, 0 );
+#endif
+ return( LDAP_SUCCESS );
+}
+
+void
+vrFilter_free( ValuesReturnFilter *f )
+{
+ ValuesReturnFilter *p, *next;
+
+ if ( f == NULL ) {
+ return;
+ }
+
+ for ( p = f; p != NULL; p = next ) {
+ next = p->f_next;
+
+ switch ( f->f_choice ) {
+ case LDAP_FILTER_PRESENT:
+ break;
+
+ case LDAP_FILTER_EQUALITY:
+ case LDAP_FILTER_GE:
+ case LDAP_FILTER_LE:
+ case LDAP_FILTER_APPROX:
+ ava_free( f->f_ava, 1 );
+ break;
+
+ case LDAP_FILTER_SUBSTRINGS:
+ if ( f->f_sub_initial.bv_val != NULL ) {
+ free( f->f_sub_initial.bv_val );
+ }
+ ber_bvarray_free( f->f_sub_any );
+ if ( f->f_sub_final.bv_val != NULL ) {
+ free( f->f_sub_final.bv_val );
+ }
+ ch_free( f->f_sub );
+ break;
+
+ case LDAP_FILTER_EXT:
+ mra_free( f->f_mra, 1 );
+ break;
+
+ case SLAPD_FILTER_COMPUTED:
+ break;
+
+ default:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ERR,
+ "filter_free: unknown filter type %lu\n", f->f_choice ));
+#else
+ Debug( LDAP_DEBUG_ANY, "filter_free: unknown filter type=%lu\n",
+ f->f_choice, 0, 0 );
+#endif
+ break;
+ }
+
+ free( f );
+ }
+}
+
+
+void
+vrFilter2bv( ValuesReturnFilter *f, struct berval *fstr )
+{
+ int i;
+ ValuesReturnFilter *p;
+ struct berval tmp;
+ ber_len_t len;
+
+ if ( f == NULL ) {
+ ber_str2bv( "No filter!", sizeof("No filter!")-1, 1, fstr );
+ return;
+ }
+
+ fstr->bv_len = sizeof("()") - 1;
+ fstr->bv_val = malloc( fstr->bv_len + 128 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "()");
+
+ for ( p = f; p != NULL; p = p->f_next ) {
+ len = fstr->bv_len;
+
+ simple_vrFilter2bv( p, &tmp );
+
+ fstr->bv_len += tmp.bv_len;
+ fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
+
+ snprintf( &fstr->bv_val[len-1], tmp.bv_len + 2,
+ /*"("*/ "%s)", tmp.bv_val );
+
+ ch_free( tmp.bv_val );
+ }
+}
+
+static void
+simple_vrFilter2bv( ValuesReturnFilter *f, struct berval *fstr )
+{
+ int i;
+ ValuesReturnFilter *p;
+ struct berval tmp;
+ ber_len_t len;
+
+ if ( f == NULL ) {
+ ber_str2bv( "No filter!", sizeof("No filter!")-1, 1, fstr );
+ return;
+ }
+
+ switch ( f->f_choice ) {
+ case LDAP_FILTER_EQUALITY:
+ filter_escape_value( &f->f_av_value, &tmp );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(=)") - 1 );
+ fstr->bv_val = malloc( fstr->bv_len + 1 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+
+ ber_memfree( tmp.bv_val );
+ break;
+
+ case LDAP_FILTER_GE:
+ filter_escape_value( &f->f_av_value, &tmp );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(>=)") - 1 );
+ fstr->bv_val = malloc( fstr->bv_len + 1 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s>=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+
+ ber_memfree( tmp.bv_val );
+ break;
+
+ case LDAP_FILTER_LE:
+ filter_escape_value( &f->f_av_value, &tmp );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(<=)") - 1 );
+ fstr->bv_val = malloc( fstr->bv_len + 1 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s<=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+
+ ber_memfree( tmp.bv_val );
+ break;
+
+ case LDAP_FILTER_APPROX:
+ filter_escape_value( &f->f_av_value, &tmp );
+
+ fstr->bv_len = f->f_av_desc->ad_cname.bv_len +
+ tmp.bv_len + ( sizeof("(~=)") - 1 );
+ fstr->bv_val = malloc( fstr->bv_len + 1 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s~=%s)",
+ f->f_av_desc->ad_cname.bv_val,
+ tmp.bv_val );
+ ber_memfree( tmp.bv_val );
+ break;
+
+ case LDAP_FILTER_SUBSTRINGS:
+ fstr->bv_len = f->f_sub_desc->ad_cname.bv_len +
+ ( sizeof("(=*)") - 1 );
+ fstr->bv_val = malloc( fstr->bv_len + 128 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
+ f->f_sub_desc->ad_cname.bv_val );
+
+ if ( f->f_sub_initial.bv_val != NULL ) {
+ len = fstr->bv_len;
+
+ filter_escape_value( &f->f_sub_initial, &tmp );
+
+ fstr->bv_len += tmp.bv_len;
+ fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
+
+ snprintf( &fstr->bv_val[len-2], tmp.bv_len+3,
+ /* "(attr=" */ "%s*)",
+ tmp.bv_val );
+
+ ber_memfree( tmp.bv_val );
+ }
+
+ if ( f->f_sub_any != NULL ) {
+ for ( i = 0; f->f_sub_any[i].bv_val != NULL; i++ ) {
+ len = fstr->bv_len;
+ filter_escape_value( &f->f_sub_any[i], &tmp );
+
+ fstr->bv_len += tmp.bv_len + 1;
+ fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
+
+ snprintf( &fstr->bv_val[len-1], tmp.bv_len+3,
+ /* "(attr=[init]*[any*]" */ "%s*)",
+ tmp.bv_val );
+ ber_memfree( tmp.bv_val );
+ }
+ }
+
+ if ( f->f_sub_final.bv_val != NULL ) {
+ len = fstr->bv_len;
+
+ filter_escape_value( &f->f_sub_final, &tmp );
+
+ fstr->bv_len += tmp.bv_len;
+ fstr->bv_val = ch_realloc( fstr->bv_val, fstr->bv_len + 1 );
+
+ snprintf( &fstr->bv_val[len-1], tmp.bv_len+3,
+ /* "(attr=[init*][any*]" */ "%s)",
+ tmp.bv_val );
+
+ ber_memfree( tmp.bv_val );
+ }
+
+ break;
+
+ case LDAP_FILTER_PRESENT:
+ fstr->bv_len = f->f_desc->ad_cname.bv_len +
+ ( sizeof("(=*)") - 1 );
+ fstr->bv_val = malloc( fstr->bv_len + 1 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s=*)",
+ f->f_desc->ad_cname.bv_val );
+ break;
+
+ case LDAP_FILTER_EXT:
+ filter_escape_value( &f->f_mr_value, &tmp );
+
+ fstr->bv_len = f->f_mr_desc->ad_cname.bv_len +
+ ( f->f_mr_dnattrs ? sizeof(":dn")-1 : 0 ) +
+ ( f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_len+1 : 0 ) +
+ tmp.bv_len + ( sizeof("(:=)") - 1 );
+ fstr->bv_val = malloc( fstr->bv_len + 1 );
+
+ snprintf( fstr->bv_val, fstr->bv_len + 1, "(%s%s%s%s:=%s)",
+ f->f_mr_desc->ad_cname.bv_val,
+ f->f_mr_dnattrs ? ":dn" : "",
+ f->f_mr_rule_text.bv_len ? ":" : "",
+ f->f_mr_rule_text.bv_len ? f->f_mr_rule_text.bv_val : "",
+ tmp.bv_val );
+ ber_memfree( tmp.bv_val );
+ break;
+
+ case SLAPD_FILTER_COMPUTED:
+ ber_str2bv(
+ f->f_result == LDAP_COMPARE_FALSE ? "(?=false)" :
+ f->f_result == LDAP_COMPARE_TRUE ? "(?=true)" :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? "(?=undefined)" :
+ "(?=error)",
+ f->f_result == LDAP_COMPARE_FALSE ? sizeof("(?=false)")-1 :
+ f->f_result == LDAP_COMPARE_TRUE ? sizeof("(?=true)")-1 :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? sizeof("(?=undefined)")-1 :
+ sizeof("(?=error)")-1,
+ 1, fstr );
+ break;
+
+ default:
+ ber_str2bv( "(?=unknown)", sizeof("(?=unknown)")-1, 1, fstr );
+ break;
+ }
+}
+
+static int
+get_substring_vrFilter(
+ Connection *conn,
+ BerElement *ber,
+ ValuesReturnFilter *f,
+ const char **text )
+{
+ ber_tag_t tag;
+ ber_len_t len;
+ ber_tag_t rc;
+ struct berval value;
+ char *last;
+ struct berval bv;
+ *text = "error decoding filter";
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ENTRY,
+ "get_substring_filter: conn %d begin\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "begin get_substring_filter\n", 0, 0, 0 );
+#endif
+ if ( ber_scanf( ber, "{m" /*}*/, &bv ) == LBER_ERROR ) {
+ return SLAPD_DISCONNECT;
+ }
+
+ f->f_sub = ch_calloc( 1, sizeof(SubstringsAssertion) );
+ f->f_sub_desc = NULL;
+ rc = slap_bv2ad( &bv, &f->f_sub_desc, text );
+
+ if( rc != LDAP_SUCCESS ) {
+ text = NULL;
+ ch_free( f->f_sub );
+ f->f_choice = SLAPD_FILTER_COMPUTED;
+ f->f_result = SLAPD_COMPARE_UNDEFINED;
+ return LDAP_SUCCESS;
+ }
+
+ f->f_sub_initial.bv_val = NULL;
+ f->f_sub_any = NULL;
+ f->f_sub_final.bv_val = NULL;
+
+ for ( tag = ber_first_element( ber, &len, &last ); tag != LBER_DEFAULT;
+ tag = ber_next_element( ber, &len, last ) )
+ {
+ unsigned usage;
+
+ rc = ber_scanf( ber, "m", &value );
+ if ( rc == LBER_ERROR ) {
+ rc = SLAPD_DISCONNECT;
+ goto return_error;
+ }
+
+ if ( value.bv_val == NULL || value.bv_len == 0 ) {
+ rc = LDAP_INVALID_SYNTAX;
+ goto return_error;
+ }
+
+ switch ( tag ) {
+ case LDAP_SUBSTRING_INITIAL:
+ usage = SLAP_MR_SUBSTR_INITIAL;
+ break;
+
+ case LDAP_SUBSTRING_ANY:
+ usage = SLAP_MR_SUBSTR_ANY;
+ break;
+
+ case LDAP_SUBSTRING_FINAL:
+ usage = SLAP_MR_SUBSTR_FINAL;
+ break;
+
+ default:
+ rc = LDAP_PROTOCOL_ERROR;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ERR,
+ "get_filter_substring: conn %d unknown substring choice=%ld\n",
+ conn->c_connid, (long)tag ));
+#else
+ Debug( LDAP_DEBUG_FILTER,
+ " unknown substring choice=%ld\n",
+ (long) tag, 0, 0 );
+#endif
+ goto return_error;
+ }
+
+ /* valiate using equality matching rule validator! */
+ rc = value_validate( f->f_sub_desc->ad_type->sat_equality,
+ &value, text );
+ if( rc != LDAP_SUCCESS ) {
+ goto return_error;
+ }
+
+ rc = value_normalize( f->f_sub_desc, usage,
+ &value, &bv, text );
+ if( rc != LDAP_SUCCESS ) {
+ goto return_error;
+ }
+
+ value = bv;
+
+ rc = LDAP_PROTOCOL_ERROR;
+
+ switch ( tag ) {
+ case LDAP_SUBSTRING_INITIAL:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_substring_filter: conn %d INITIAL\n",
+ conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " INITIAL\n", 0, 0, 0 );
+#endif
+
+ if ( f->f_sub_initial.bv_val != NULL
+ || f->f_sub_any != NULL
+ || f->f_sub_final.bv_val != NULL )
+ {
+ free( value.bv_val );
+ goto return_error;
+ }
+
+ f->f_sub_initial = value;
+ break;
+
+ case LDAP_SUBSTRING_ANY:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_substring_filter: conn %d ANY\n",
+ conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " ANY\n", 0, 0, 0 );
+#endif
+
+ if ( f->f_sub_final.bv_val != NULL ) {
+ free( value.bv_val );
+ goto return_error;
+ }
+
+ ber_bvarray_add( &f->f_sub_any, &value );
+ break;
+
+ case LDAP_SUBSTRING_FINAL:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "get_substring_filter: conn %d FINAL\n",
+ conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " FINAL\n", 0, 0, 0 );
+#endif
+
+ if ( f->f_sub_final.bv_val != NULL ) {
+ free( value.bv_val );
+ goto return_error;
+ }
+
+ f->f_sub_final = value;
+ break;
+
+ default:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_INFO,
+ "get_substring_filter: conn %d unknown substring type %ld\n",
+ conn->c_connid, (long)tag ));
+#else
+ Debug( LDAP_DEBUG_FILTER,
+ " unknown substring type=%ld\n",
+ (long) tag, 0, 0 );
+#endif
+
+ free( value.bv_val );
+
+return_error:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_INFO,
+ "get_substring_filter: conn %d error %ld\n",
+ conn->c_connid, (long)rc ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " error=%ld\n",
+ (long) rc, 0, 0 );
+#endif
+ free( f->f_sub_initial.bv_val );
+ ber_bvarray_free( f->f_sub_any );
+ free( f->f_sub_final.bv_val );
+ ch_free( f->f_sub );
+ return rc;
+ }
+ }
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ENTRY,
+ "get_substring_filter: conn %d exit\n", conn->c_connid ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "end get_substring_filter\n", 0, 0, 0 );
+#endif
+ return( LDAP_SUCCESS );
+}
+
diff --git a/servers/slapd/limits.c b/servers/slapd/limits.c
index 01011a7250..c33726e711 100644
--- a/servers/slapd/limits.c
+++ b/servers/slapd/limits.c
@@ -120,6 +120,10 @@ get_limits(
}
break;
+ case SLAP_LIMITS_ANY:
+ *limit = &lm[0]->lm_limits;
+ return( 0 );
+
default:
assert( 0 ); /* unreachable */
return( -1 );
@@ -179,6 +183,7 @@ add_limits(
case SLAP_LIMITS_ANONYMOUS:
case SLAP_LIMITS_USERS:
+ case SLAP_LIMITS_ANY:
lm->lm_type = type;
lm->lm_dn_pat.bv_val = NULL;
lm->lm_dn_pat.bv_len = 0;
@@ -264,7 +269,10 @@ parse_limits(
*/
pattern = argv[1];
- if ( strcasecmp( pattern, "anonymous" ) == 0 ) {
+ if ( strcmp( pattern, "*" ) == 0) {
+ type = SLAP_LIMITS_ANY;
+
+ } else if ( strcasecmp( pattern, "anonymous" ) == 0 ) {
type = SLAP_LIMITS_ANONYMOUS;
} else if ( strcasecmp( pattern, "users" ) == 0 ) {
@@ -342,6 +350,17 @@ parse_limits(
/* skip '=' (required) */
pattern++;
+
+ /* trim obvious cases */
+ if ( strcmp( pattern, "*" ) == 0 ) {
+ type = SLAP_LIMITS_ANY;
+ pattern = NULL;
+
+ } else if ( ( type == SLAP_LIMITS_REGEX || type == SLAP_LIMITS_UNDEFINED )
+ && strcmp( pattern, ".*" ) == 0 ) {
+ type = SLAP_LIMITS_ANY;
+ pattern = NULL;
+ }
}
}
diff --git a/servers/slapd/main.c b/servers/slapd/main.c
index 62249eeaf2..b48f222450 100644
--- a/servers/slapd/main.c
+++ b/servers/slapd/main.c
@@ -381,6 +381,16 @@ int main( int argc, char **argv )
goto destroy;
}
+#ifdef HAVE_TLS
+ /* Library defaults to full certificate checking. This is correct when
+ * a client is verifying a server because all servers should have a
+ * valid cert. But few clients have valid certs, so we want our default
+ * to be no checking. The config file can override this as usual.
+ */
+ rc = 0;
+ (void) ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
+#endif
+
if ( read_config( configfile ) != 0 ) {
rc = 1;
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );
diff --git a/servers/slapd/matchedValues.c b/servers/slapd/matchedValues.c
new file mode 100644
index 0000000000..ac953f111e
--- /dev/null
+++ b/servers/slapd/matchedValues.c
@@ -0,0 +1,418 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1999-2002 The OpenLDAP Foundation.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted only
+ * as authorized by the OpenLDAP Public License. A copy of this
+ * license is available at http://www.OpenLDAP.org/license.html or
+ * in file LICENSE in the top-level directory of the distribution.
+ */
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/string.h>
+#include <ac/socket.h>
+
+#include "slap.h"
+
+#include "../../libraries/liblber/lber-int.h"
+
+static int test_mra_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ MatchingRuleAssertion *mra,
+ char ***e_flags
+);
+
+static int
+test_substrings_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ ValuesReturnFilter *f,
+ char ***e_flags
+);
+
+static int
+test_presence_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ AttributeDescription *desc,
+ char ***e_flags
+);
+
+static int
+test_ava_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ AttributeAssertion *ava,
+ int type,
+ char ***e_flags
+);
+
+
+int
+filter_matched_values(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ char ***e_flags
+)
+{
+ ValuesReturnFilter *f;
+ int rc = LDAP_SUCCESS;
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ENTRY,
+ "filter_matched_values: begin\n" ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "=> filter_matched_values\n", 0, 0, 0 );
+#endif
+
+ for ( f = op->vrFilter; f != NULL; f = f->f_next ) {
+ switch ( f->f_choice ) {
+ case SLAPD_FILTER_COMPUTED:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "test_vrFilter: COMPUTED %s (%d)\n",
+ f->f_result == LDAP_COMPARE_FALSE ? "false" :
+ f->f_result == LDAP_COMPARE_TRUE ? "true" :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? "undefined" :
+ "error",
+ f->f_result ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " COMPUTED %s (%d)\n",
+ f->f_result == LDAP_COMPARE_FALSE ? "false" :
+ f->f_result == LDAP_COMPARE_TRUE ? "true" :
+ f->f_result == SLAPD_COMPARE_UNDEFINED ? "undefined" : "error",
+ f->f_result, 0 );
+#endif
+ /*This type of filter does not affect the result */
+ rc = LDAP_SUCCESS;
+ break;
+
+ case LDAP_FILTER_EQUALITY:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "test_vrFilter: EQUALITY\n" ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " EQUALITY\n", 0, 0, 0 );
+#endif
+ rc = test_ava_vrFilter( be, conn, op, e, f->f_ava,
+ LDAP_FILTER_EQUALITY, e_flags );
+ if( rc == -1 ) {
+ return rc;
+ }
+ break;
+
+ case LDAP_FILTER_SUBSTRINGS:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "test_vrFilter SUBSTRINGS\n" ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " SUBSTRINGS\n", 0, 0, 0 );
+#endif
+
+ rc = test_substrings_vrFilter( be, conn, op, e,
+ f, e_flags );
+ if( rc == -1 ) {
+ return rc;
+ }
+ break;
+
+ case LDAP_FILTER_PRESENT:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "test_vrFilter: PRESENT\n" ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " PRESENT\n", 0, 0, 0 );
+#endif
+ rc = test_presence_vrFilter( be, conn, op, e,
+ f->f_desc, e_flags );
+ if( rc == -1 ) {
+ return rc;
+ }
+ break;
+
+ case LDAP_FILTER_GE:
+ rc = test_ava_vrFilter( be, conn, op, e, f->f_ava,
+ LDAP_FILTER_GE, e_flags );
+ if( rc == -1 ) {
+ return rc;
+ }
+ break;
+
+ case LDAP_FILTER_LE:
+ rc = test_ava_vrFilter( be, conn, op, e, f->f_ava,
+ LDAP_FILTER_LE, e_flags );
+ if( rc == -1 ) {
+ return rc;
+ }
+ break;
+
+ case LDAP_FILTER_EXT:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_DETAIL1,
+ "test_vrFilter: EXT\n" ));
+#else
+ Debug( LDAP_DEBUG_FILTER, " EXT\n", 0, 0, 0 );
+#endif
+ rc = test_mra_vrFilter( be, conn, op, e,
+ f->f_mra, e_flags );
+ if( rc == -1 ) {
+ return rc;
+ }
+ break;
+
+ default:
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_INFO,
+ "test_vrFilter: unknown filter type %lu\n",
+ f->f_choice ));
+#else
+ Debug( LDAP_DEBUG_ANY, " unknown filter type %lu\n",
+ f->f_choice, 0, 0 );
+#endif
+ rc = LDAP_PROTOCOL_ERROR;
+ }
+ }
+
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "filter", LDAP_LEVEL_ENTRY,
+ "filter_matched_values: return=%d\n", rc ));
+#else
+ Debug( LDAP_DEBUG_FILTER, "<= filter_matched_values %d\n", rc, 0, 0 );
+#endif
+ return( rc );
+}
+
+static int
+test_ava_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ AttributeAssertion *ava,
+ int type,
+ char ***e_flags
+)
+{
+ int i, j;
+ Attribute *a;
+
+ if ( !access_allowed( be, conn, op, e,
+ ava->aa_desc, &ava->aa_value, ACL_SEARCH, NULL ) )
+ {
+ return LDAP_INSUFFICIENT_ACCESS;
+ }
+
+ for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+
+ MatchingRule *mr;
+ struct berval *bv;
+
+ if ( !is_ad_subtype( a->a_desc, ava->aa_desc ) ) {
+ continue;
+ }
+
+ switch ( type ) {
+ case LDAP_FILTER_APPROX:
+ mr = a->a_desc->ad_type->sat_approx;
+ if( mr != NULL ) break;
+
+ /* use EQUALITY matching rule if no APPROX rule */
+ case LDAP_FILTER_EQUALITY:
+ mr = a->a_desc->ad_type->sat_equality;
+ break;
+
+ case LDAP_FILTER_GE:
+ case LDAP_FILTER_LE:
+ mr = a->a_desc->ad_type->sat_ordering;
+ break;
+
+ default:
+ mr = NULL;
+ }
+
+ if( mr == NULL ) {
+ continue;
+
+ }
+
+ for ( bv = a->a_vals, j=0; bv->bv_val != NULL; bv++, j++ ) {
+ int ret;
+ int rc;
+ const char *text;
+
+ rc = value_match( &ret, a->a_desc, mr,
+ SLAP_MR_ASSERTION_SYNTAX_MATCH, bv, &ava->aa_value, &text );
+ if( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ switch ( type ) {
+ case LDAP_FILTER_EQUALITY:
+ case LDAP_FILTER_APPROX:
+ if ( ret == 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ break;
+
+ case LDAP_FILTER_GE:
+ if ( ret >= 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ break;
+
+ case LDAP_FILTER_LE:
+ if ( ret <= 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ break;
+ }
+ }
+ }
+ return( LDAP_SUCCESS );
+}
+
+static int
+test_presence_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ AttributeDescription *desc,
+ char ***e_flags
+)
+{
+ int i, j;
+ Attribute *a;
+
+ if ( !access_allowed( be, conn, op, e, desc, NULL, ACL_SEARCH, NULL ) ) {
+ return LDAP_INSUFFICIENT_ACCESS;
+ }
+
+ for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ struct berval *bv;
+
+ if ( !is_ad_subtype( a->a_desc, desc ) ) {
+ continue;
+ }
+
+ for ( bv = a->a_vals, j=0; bv->bv_val != NULL; bv++, j++ );
+ memset( (*e_flags)[i], 1, j);
+ }
+
+ return( LDAP_SUCCESS );
+}
+
+static int
+test_substrings_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ ValuesReturnFilter *f,
+ char ***e_flags
+)
+{
+ int i, j;
+ Attribute *a;
+
+ if ( !access_allowed( be, conn, op, e,
+ f->f_sub_desc, NULL, ACL_SEARCH, NULL ) )
+ {
+ return LDAP_INSUFFICIENT_ACCESS;
+ }
+
+ for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ MatchingRule *mr = a->a_desc->ad_type->sat_substr;
+ struct berval *bv;
+
+ if ( !is_ad_subtype( a->a_desc, f->f_sub_desc ) ) {
+ continue;
+ }
+
+ if( mr == NULL ) {
+ continue;
+ }
+
+ for ( bv = a->a_vals, j = 0; bv->bv_val != NULL; bv++, j++ ) {
+ int ret;
+ int rc;
+ const char *text;
+
+ rc = value_match( &ret, a->a_desc, mr,
+ SLAP_MR_ASSERTION_SYNTAX_MATCH,
+ bv, f->f_sub, &text );
+
+ if( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ if ( ret == 0 ) {
+ (*e_flags)[i][j] = 1;
+ }
+ }
+ }
+
+ return LDAP_SUCCESS;
+}
+
+static int test_mra_vrFilter(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ MatchingRuleAssertion *mra,
+ char ***e_flags
+)
+{
+ int i, j;
+ Attribute *a;
+
+ if( !access_allowed( be, conn, op, e,
+ mra->ma_desc, &mra->ma_value, ACL_SEARCH, NULL ) )
+ {
+ return LDAP_INSUFFICIENT_ACCESS;
+ }
+
+ for (a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ struct berval *bv;
+
+ if ( !is_ad_subtype( a->a_desc, mra->ma_desc ) ) {
+ return( LDAP_SUCCESS );
+ }
+
+ for ( bv = a->a_vals, j = 0; bv->bv_val != NULL; bv++, j++ ) {
+ int ret;
+ int rc;
+ const char *text;
+
+ rc = value_match( &ret, a->a_desc, mra->ma_rule,
+ SLAP_MR_ASSERTION_SYNTAX_MATCH,
+ bv, &mra->ma_value,
+ &text );
+
+ if( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ if ( ret ) {
+ (*e_flags)[i][j] = 1;
+ }
+ }
+ }
+
+ return LDAP_SUCCESS;
+}
diff --git a/servers/slapd/mods.c b/servers/slapd/mods.c
index 529b4e74b2..f57cf41dab 100644
--- a/servers/slapd/mods.c
+++ b/servers/slapd/mods.c
@@ -303,22 +303,3 @@ slap_mods_free(
}
}
-void
-slap_modlist_free(
- LDAPModList *ml
-)
-{
- LDAPModList *next;
-
- for ( ; ml != NULL; ml = next ) {
- next = ml->ml_next;
-
- if (ml->ml_type)
- free( ml->ml_type );
-
- if ( ml->ml_bvalues != NULL )
- ber_bvecfree( ml->ml_bvalues );
-
- free( ml );
- }
-}
diff --git a/servers/slapd/passwd.c b/servers/slapd/passwd.c
index 8382f284ae..3a8ddd9c1d 100644
--- a/servers/slapd/passwd.c
+++ b/servers/slapd/passwd.c
@@ -16,6 +16,7 @@
#include "slap.h"
+#include <lber_pvt.h>
#include <lutil.h>
int passwd_extop(
@@ -38,28 +39,34 @@ int passwd_extop(
return LDAP_STRONG_AUTH_REQUIRED;
}
- if( conn->c_authz_backend != NULL && conn->c_authz_backend->be_extended ) {
- if( conn->c_authz_backend->be_restrictops & SLAP_RESTRICT_OP_MODIFY ) {
- *text = "authorization database is read only";
- rc = LDAP_UNWILLING_TO_PERFORM;
+ if( conn->c_authz_backend == NULL || !conn->c_authz_backend->be_extended ) {
+ *text = "operation not supported for current user";
+ return LDAP_UNWILLING_TO_PERFORM;
+ }
- } else if( conn->c_authz_backend->be_update_ndn.bv_len ) {
- /* we SHOULD return a referral in this case */
- *refs = referral_rewrite( conn->c_authz_backend->be_update_refs,
- NULL, NULL, LDAP_SCOPE_DEFAULT );
- rc = LDAP_REFERRAL;
+ {
+ struct berval passwd = BER_BVC( LDAP_EXOP_MODIFY_PASSWD );
- } else {
- rc = conn->c_authz_backend->be_extended(
- conn->c_authz_backend, conn, op,
- reqoid, reqdata,
- rspoid, rspdata, rspctrls,
- text, refs );
- }
+ rc = backend_check_restrictions( conn->c_authz_backend,
+ conn, op, &passwd, text );
+ }
+
+ if( rc != LDAP_SUCCESS ) {
+ return rc;
+ }
+
+ if( conn->c_authz_backend->be_update_ndn.bv_len ) {
+ /* we SHOULD return a referral in this case */
+ *refs = referral_rewrite( conn->c_authz_backend->be_update_refs,
+ NULL, NULL, LDAP_SCOPE_DEFAULT );
+ rc = LDAP_REFERRAL;
} else {
- *text = "operation not supported for current user";
- rc = LDAP_UNWILLING_TO_PERFORM;
+ rc = conn->c_authz_backend->be_extended(
+ conn->c_authz_backend, conn, op,
+ reqoid, reqdata,
+ rspoid, rspdata, rspctrls,
+ text, refs );
}
return rc;
diff --git a/servers/slapd/proto-slap.h b/servers/slapd/proto-slap.h
index 3559936721..7b2a65a980 100644
--- a/servers/slapd/proto-slap.h
+++ b/servers/slapd/proto-slap.h
@@ -184,7 +184,7 @@ LDAP_SLAPD_F( int ) backend_check_restrictions LDAP_P((
BackendDB *be,
Connection *conn,
Operation *op,
- const void *opdata,
+ struct berval *opdata,
const char **text ));
LDAP_SLAPD_F( int ) backend_check_referrals LDAP_P((
@@ -406,7 +406,7 @@ LDAP_SLAPD_F (void) dnParent LDAP_P(( struct berval *dn, struct berval *pdn ));
LDAP_SLAPD_F (int) dnX509normalize LDAP_P(( void *x509_name, struct berval *out ));
-LDAP_SLAPD_F (char *) dnX509peerNormalize LDAP_P(( void *ssl ));
+LDAP_SLAPD_F (int) dnX509peerNormalize LDAP_P(( void *ssl, struct berval *dn ));
/*
* entry.c
@@ -464,6 +464,14 @@ LDAP_SLAPD_F (int) get_filter LDAP_P((
LDAP_SLAPD_F (void) filter_free LDAP_P(( Filter *f ));
LDAP_SLAPD_F (void) filter2bv LDAP_P(( Filter *f, struct berval *bv ));
+LDAP_SLAPD_F (int) get_vrFilter( Connection *conn, BerElement *ber,
+ ValuesReturnFilter **f,
+ const char **text );
+
+LDAP_SLAPD_F (void) vrFilter_free( ValuesReturnFilter *f );
+LDAP_SLAPD_F (void) vrFilter2bv( ValuesReturnFilter *f, struct berval *fstr );
+
+
/*
* filterentry.c
*/
@@ -511,6 +519,16 @@ LDAP_SLAPD_F (FILE *) lock_fopen LDAP_P(( const char *fname,
const char *type, FILE **lfp ));
LDAP_SLAPD_F (int) lock_fclose LDAP_P(( FILE *fp, FILE *lfp ));
+/*
+ * matchedValues.c
+ */
+LDAP_SLAPD_F (int) filter_matched_values(
+ Backend *be,
+ Connection *conn,
+ Operation *op,
+ Entry *e,
+ char ***e_flags );
+
/*
* modify.c
*/
@@ -815,6 +833,7 @@ LDAP_SLAPD_F (int) slap_sasl_bind LDAP_P((
* saslauthz.c
*/
LDAP_SLAPD_F (void) slap_sasl2dn LDAP_P((
+ Connection *conn,
struct berval *saslname,
struct berval *dn ));
LDAP_SLAPD_F (int) slap_sasl_authorized LDAP_P((
diff --git a/servers/slapd/repl.c b/servers/slapd/repl.c
index 6f2b3ac262..4f0105b3e9 100644
--- a/servers/slapd/repl.c
+++ b/servers/slapd/repl.c
@@ -55,23 +55,23 @@ add_replica_suffix(
const char *suffix
)
{
- struct berval dn, *ndn = NULL;
+ struct berval dn, ndn;
int rc;
dn.bv_val = (char *) suffix;
dn.bv_len = strlen( dn.bv_val );
- rc = dnNormalize( NULL, &dn, &ndn );
+ rc = dnNormalize2( NULL, &dn, &ndn );
if( rc != LDAP_SUCCESS ) {
return 2;
}
- if ( select_backend( ndn, 0, 0 ) != be ) {
- ber_bvfree( ndn );
+ if ( select_backend( &ndn, 0, 0 ) != be ) {
+ free( ndn.bv_val );
return 1;
}
- ber_bvecadd( &be->be_replica[nr]->ri_nsuffix, ndn );
+ ber_bvarray_add( &be->be_replica[nr]->ri_nsuffix, &ndn );
return 0;
}
@@ -139,13 +139,13 @@ replog(
if ( be->be_replica[i]->ri_nsuffix != NULL ) {
int j;
- for ( j = 0; be->be_replica[i]->ri_nsuffix[j]; j++ ) {
- if ( dnIsSuffix( ndn, be->be_replica[i]->ri_nsuffix[j] ) ) {
+ for ( j = 0; be->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) {
+ if ( dnIsSuffix( ndn, &be->be_replica[i]->ri_nsuffix[j] ) ) {
break;
}
}
- if ( !be->be_replica[i]->ri_nsuffix[j] ) {
+ if ( !be->be_replica[i]->ri_nsuffix[j].bv_val ) {
/* do not add "replica:" line */
continue;
}
@@ -195,13 +195,13 @@ replog(
if ( be->be_replica[i]->ri_nsuffix != NULL ) {
int j;
- for ( j = 0; be->be_replica[i]->ri_nsuffix[j]; j++ ) {
- if ( dnIsSuffix( ndn, be->be_replica[i]->ri_nsuffix[j] ) ) {
+ for ( j = 0; be->be_replica[i]->ri_nsuffix[j].bv_val; j++ ) {
+ if ( dnIsSuffix( ndn, &be->be_replica[i]->ri_nsuffix[j] ) ) {
break;
}
}
- if ( !be->be_replica[i]->ri_nsuffix[j] ) {
+ if ( !be->be_replica[i]->ri_nsuffix[j].bv_val ) {
/* do not add "replica:" line */
continue;
}
diff --git a/servers/slapd/result.c b/servers/slapd/result.c
index 4343f90794..83906f6418 100644
--- a/servers/slapd/result.c
+++ b/servers/slapd/result.c
@@ -134,7 +134,7 @@ static long send_ldap_ber(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_ldap_ber: conn %d ber_flush failed err=%d (%s)\n",
+ "send_ldap_ber: conn %lu ber_flush failed err=%d (%s)\n",
conn ? conn->c_connid : 0, err, sock_errstr(err) ));
#else
Debug( LDAP_DEBUG_CONNS, "ber_flush failed errno=%d reason=\"%s\"\n",
@@ -198,18 +198,18 @@ send_ldap_response(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_ldap_response: conn %d msgid=%ld tag=%ld err=%ld\n",
- conn ? conn->c_connid : 0, (long)msgid, (long)tag, (long)err ));
+ "send_ldap_response: conn %lu msgid=%d tag=%lu err=%d\n",
+ conn ? conn->c_connid : 0, msgid, tag, err ));
#else
Debug( LDAP_DEBUG_TRACE,
- "send_ldap_response: msgid=%ld tag=%ld err=%ld\n",
- (long) msgid, (long) tag, (long) err );
+ "send_ldap_response: msgid=%d tag=%lu err=%d\n",
+ msgid, tag, err );
#endif
if( ref ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
- "send_ldap_response: conn %d ref=\"%s\"\n",
+ "send_ldap_response: conn %lu ref=\"%s\"\n",
conn ? conn->c_connid : 0,
ref[0].bv_val ? ref[0].bv_val : "NULL" ));
#else
@@ -226,7 +226,7 @@ send_ldap_response(
if (rc != sizeof(struct sockaddr)) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_ldap_response: conn %d ber_write failed\n",
+ "send_ldap_response: conn %lu ber_write failed\n",
conn ? conn->c_connid : 0 ));
#else
Debug( LDAP_DEBUG_ANY, "ber_write failed\n", 0, 0, 0 );
@@ -286,7 +286,7 @@ send_ldap_response(
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_ldap_response: conn %d ber_printf failed\n",
+ "send_ldap_response: conn %lu ber_printf failed\n",
conn ? conn->c_connid : 0 ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
@@ -303,7 +303,7 @@ send_ldap_response(
if ( bytes < 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_ldap_response: conn %d ber write failed\n",
+ "send_ldap_response: conn %lu ber write failed\n",
conn ? conn->c_connid : 0 ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -343,7 +343,7 @@ send_ldap_disconnect(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_ldap_disconnect: conn %d %d:%s\n",
+ "send_ldap_disconnect: conn %lu %d:%s\n",
conn ? conn->c_connid : 0, err, text ? text : "" ));
#else
Debug( LDAP_DEBUG_TRACE,
@@ -368,9 +368,8 @@ send_ldap_disconnect(
reqoid, NULL, NULL, NULL );
Statslog( LDAP_DEBUG_STATS,
- "conn=%ld op=%ld DISCONNECT tag=%lu err=%ld text=%s\n",
- (long) op->o_connid, (long) op->o_opid,
- (unsigned long) tag, (long) err, text ? text : "" );
+ "conn=%lu op=%lu DISCONNECT tag=%lu err=%d text=%s\n",
+ op->o_connid, op->o_opid, tag, err, text ? text : "" );
}
void
@@ -392,18 +391,18 @@ send_ldap_result(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_ldap_result : conn %ld op=%ld p=%d\n",
- (long)op->o_connid, (long)op->o_opid, op->o_protocol ));
+ "send_ldap_result : conn %lu op=%lu p=%d\n",
+ op->o_connid, op->o_opid, op->o_protocol ));
#else
Debug( LDAP_DEBUG_TRACE,
- "send_ldap_result: conn=%ld op=%ld p=%d\n",
- (long) op->o_connid, (long) op->o_opid, op->o_protocol );
+ "send_ldap_result: conn=%lu op=%lu p=%d\n",
+ op->o_connid, op->o_opid, op->o_protocol );
#endif
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ARGS,
- "send_ldap_result: conn=%ld err=%d matched=\"%s\" text=\"%s\"\n",
- (long)op->o_connid, err, matched ? matched : "", text ? text : "" ));
+ "send_ldap_result: conn=%lu err=%d matched=\"%s\" text=\"%s\"\n",
+ op->o_connid, err, matched ? matched : "", text ? text : "" ));
#else
Debug( LDAP_DEBUG_ARGS,
"send_ldap_result: err=%d matched=\"%s\" text=\"%s\"\n",
@@ -448,9 +447,8 @@ send_ldap_result(
NULL, NULL, NULL, ctrls );
Statslog( LDAP_DEBUG_STATS,
- "conn=%ld op=%ld RESULT tag=%lu err=%ld text=%s\n",
- (long) op->o_connid, (long) op->o_opid,
- (unsigned long) tag, (long) err, text ? text : "" );
+ "conn=%lu op=%lu RESULT tag=%lu err=%d text=%s\n",
+ op->o_connid, op->o_opid, tag, err, text ? text : "" );
if( tmp != NULL ) {
ch_free(tmp);
@@ -474,11 +472,11 @@ send_ldap_sasl(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_ldap_sasl: conn %d err=%ld len=%ld\n",
- op->o_connid, (long)err, cred ? cred->bv_len : -1 ));
+ "send_ldap_sasl: conn %lu err=%d len=%lu\n",
+ op->o_connid, err, cred ? cred->bv_len : -1 ));
#else
- Debug( LDAP_DEBUG_TRACE, "send_ldap_sasl: err=%ld len=%ld\n",
- (long) err, cred ? cred->bv_len : -1, NULL );
+ Debug( LDAP_DEBUG_TRACE, "send_ldap_sasl: err=%d len=%ld\n",
+ err, cred ? (long) cred->bv_len : -1, NULL );
#endif
@@ -508,15 +506,15 @@ send_ldap_extended(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_ldap_extended: conn %d err=%ld oid=%s len=%ld\n",
- op->o_connid, (long)err, rspoid ? rspoid : "",
- rspdata != NULL ? (long)rspdata->bv_len : (long)0 ));
+ "send_ldap_extended: conn %lu err=%d oid=%s len=%ld\n",
+ op->o_connid, err, rspoid ? rspoid : "",
+ rspdata != NULL ? rspdata->bv_len : 0 ));
#else
Debug( LDAP_DEBUG_TRACE,
- "send_ldap_extended err=%ld oid=%s len=%ld\n",
- (long) err,
+ "send_ldap_extended err=%d oid=%s len=%ld\n",
+ err,
rspoid ? rspoid : "",
- rspdata != NULL ? (long) rspdata->bv_len : (long) 0 );
+ rspdata != NULL ? rspdata->bv_len : 0 );
#endif
@@ -555,7 +553,8 @@ send_search_result(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_search_result: conn %d err=%d matched=\"%s\"\n",
+ "send_search_result: conn %lu err=%d "
+ "matched=\"%s\" text=\"%s\"\n",
op->o_connid, err, matched ? matched : "",
text ? text : "" ));
#else
@@ -596,12 +595,11 @@ send_search_result(
{
char nbuf[64];
- sprintf( nbuf, "%ld nentries=%d", (long) err, nentries );
+ sprintf( nbuf, "%d nentries=%d", err, nentries );
Statslog( LDAP_DEBUG_STATS,
- "conn=%ld op=%ld SEARCH RESULT tag=%lu err=%s text=%s\n",
- (long) op->o_connid, (long) op->o_opid,
- (unsigned long) tag, nbuf, text ? text : "" );
+ "conn=%lu op=%lu SEARCH RESULT tag=%lu err=%s text=%s\n",
+ op->o_connid, op->o_opid, tag, nbuf, text ? text : "" );
}
if (tmp != NULL) {
@@ -628,7 +626,7 @@ send_search_entry(
char berbuf[256];
BerElement *ber = (BerElement *)berbuf;
Attribute *a, *aa;
- int i, rc=-1, bytes;
+ int i, j, rc=-1, bytes;
char *edn;
int userattrs;
int opattrs;
@@ -637,6 +635,12 @@ send_search_entry(
AttributeDescription *ad_entry = slap_schema.si_ad_entry;
+ /* a_flags: array of flags telling if the i-th element will be
+ * returned or filtered out
+ * e_flags: array of a_flags
+ */
+ char *a_flags, **e_flags;
+
if (op->o_callback && op->o_callback->sc_sendentry) {
return op->o_callback->sc_sendentry( be, conn, op, e, attrs,
attrsonly, ctrls );
@@ -644,7 +648,7 @@ send_search_entry(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_search_entry: conn %d dn=\"%s\"%s\n",
+ "send_search_entry: conn %lu dn=\"%s\"%s\n",
op->o_connid, e->e_dn,
attrsonly ? " (attrsOnly)" : "" ));
#else
@@ -658,7 +662,8 @@ send_search_entry(
{
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO,
- "send_search_entry: conn %d access to entry (%s) not allowed\n",
+ "send_search_entry: conn %lu access "
+ "to entry (%s) not allowed\n",
op->o_connid, e->e_dn ));
#else
Debug( LDAP_DEBUG_ACL,
@@ -679,7 +684,7 @@ send_search_entry(
if (rc != sizeof(struct sockaddr)) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: conn %lu ber_printf failed\n",
conn ? conn->c_connid : 0 ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
@@ -692,7 +697,7 @@ send_search_entry(
rc = ber_printf( ber, "{is{t{O{" /*}}}*/,
op->o_msgid, "", LDAP_RES_SEARCH_ENTRY, &e->e_name );
} else
-#endif
+#endif /* LDAP_CONNECTIONLESS */
{
rc = ber_printf( ber, "{it{O{" /*}}}*/, op->o_msgid,
LDAP_RES_SEARCH_ENTRY, &e->e_name );
@@ -701,7 +706,7 @@ send_search_entry(
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: conn %lu ber_printf failed\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
@@ -721,7 +726,54 @@ send_search_entry(
opattrs = ( attrs == NULL ) ? 0
: an_find( attrs, &AllOper );
- for ( a = e->e_attrs; a != NULL; a = a->a_next ) {
+ /* create an array of arrays of flags. Each flag corresponds
+ * to particular value of attribute an equals 1 if value matches
+ * to ValuesReturnFilter or 0 if not
+ */
+ for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next ) i++;
+ e_flags = ch_malloc ( i * sizeof(a_flags) );
+
+ for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ for ( j = 0; a->a_vals[j].bv_val != NULL; j++ );
+
+ a_flags = ch_calloc ( j, sizeof(char) );
+ /* If no ValuesReturnFilter control return everything */
+ if ( op->vrFilter == NULL ){
+ memset(a_flags, 1, j);
+ }
+ e_flags[i] = a_flags;
+ }
+
+ if ( op->vrFilter != NULL ){
+
+ rc = filter_matched_values(be, conn, op, e, &e_flags) ;
+
+ if ( rc == -1 ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
+ "send_search_entry: conn %lu "
+ "matched values filtering failed\n",
+ conn ? conn->c_connid : 0 ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "matched values filtering failed\n", 0, 0, 0 );
+#endif
+ ber_free( ber, 1 );
+
+ /* free e_flags */
+ for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ free( e_flags[i] );
+ }
+ free( e_flags );
+
+ send_ldap_result( conn, op, LDAP_OTHER,
+ NULL, "matched values filtering error",
+ NULL, NULL );
+ goto error_return;
+ }
+ }
+
+ for ( a = e->e_attrs, j = 0; a != NULL; a = a->a_next, j++ ) {
AttributeDescription *desc = a->a_desc;
if ( attrs == NULL ) {
@@ -751,7 +803,8 @@ send_search_entry(
{
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO, "send_search_entry: "
- "conn %d access to attribute %s not allowed\n",
+ "conn %lu access to attribute %s "
+ "not allowed\n",
op->o_connid, desc->ad_cname.bv_val ));
#else
Debug( LDAP_DEBUG_ACL, "acl: "
@@ -764,13 +817,19 @@ send_search_entry(
if (( rc = ber_printf( ber, "{O[" /*]}*/ , &desc->ad_cname )) == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: "
+ "conn %lu ber_printf failed\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
#endif
ber_free_buf( ber );
+ /* free e_flags */
+ for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ free( e_flags[i] );
+ }
+ free( e_flags );
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encoding description error", NULL, NULL );
goto error_return;
@@ -783,22 +842,30 @@ send_search_entry(
{
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO,
- "send_search_entry: conn %d "
- "access to attribute %s, value %d not allowed\n",
- op->o_connid, desc->ad_cname.bv_val, i ));
+ "send_search_entry: conn %lu "
+ "access to attribute %s, "
+ "value %d not allowed\n",
+ op->o_connid,
+ desc->ad_cname.bv_val, i ));
#else
Debug( LDAP_DEBUG_ACL,
- "acl: access to attribute %s, value %d not allowed\n",
- desc->ad_cname.bv_val, i, 0 );
+ "acl: access to attribute %s, "
+ "value %d not allowed\n",
+ desc->ad_cname.bv_val, i, 0 );
#endif
continue;
}
+ if ( e_flags[j][i] == 0 ){
+ continue;
+ }
+
if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed.\n",
+ "send_search_entry: conn %lu "
+ "ber_printf failed.\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -806,8 +873,14 @@ send_search_entry(
#endif
ber_free_buf( ber );
+ /* free e_flags */
+ for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ free( e_flags[i] );
+ }
+ free( e_flags );
send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encoding values error", NULL, NULL );
+ NULL, "encoding values error",
+ NULL, NULL );
goto error_return;
}
}
@@ -816,19 +889,31 @@ send_search_entry(
if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: conn %lu "
+ "ber_printf failed\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
#endif
ber_free_buf( ber );
+ /* free e_flags */
+ for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ free( e_flags[i] );
+ }
+ free( e_flags );
send_ldap_result( conn, op, LDAP_OTHER,
NULL, "encode end error", NULL, NULL );
goto error_return;
}
}
+ /* free e_flags */
+ for ( a = e->e_attrs, i=0; a != NULL; a = a->a_next, i++ ) {
+ free( e_flags[i] );
+ }
+ free( e_flags );
+
/* eventually will loop through generated operational attributes */
/* only have subschemaSubentry implemented */
aa = backend_operational( be, conn, op, e, attrs, opattrs );
@@ -863,12 +948,13 @@ send_search_entry(
{
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO,
- "send_search_entry: conn %s "
+ "send_search_entry: conn %lu "
"access to attribute %s not allowed\n",
op->o_connid, desc->ad_cname.bv_val ));
#else
- Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s not allowed\n",
- desc->ad_cname.bv_val, 0, 0 );
+ Debug( LDAP_DEBUG_ACL, "acl: access to attribute %s "
+ "not allowed\n",
+ desc->ad_cname.bv_val, 0, 0 );
#endif
continue;
@@ -878,7 +964,8 @@ send_search_entry(
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: conn %lu "
+ "ber_printf failed\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
@@ -898,13 +985,16 @@ send_search_entry(
{
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO,
- "send_search_entry: conn %d "
- "access to %s, value %d not allowed\n",
- op->o_connid, desc->ad_cname.bv_val, i ));
+ "send_search_entry: conn %lu "
+ "access to %s, value %d "
+ "not allowed\n",
+ op->o_connid,
+ desc->ad_cname.bv_val, i ));
#else
Debug( LDAP_DEBUG_ACL,
- "acl: access to attribute %s, value %d not allowed\n",
- desc->ad_cname.bv_val, i, 0 );
+ "acl: access to attribute %s, "
+ "value %d not allowed\n",
+ desc->ad_cname.bv_val, i, 0 );
#endif
continue;
@@ -913,7 +1003,9 @@ send_search_entry(
if (( rc = ber_printf( ber, "O", &a->a_vals[i] )) == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: "
+ "conn %lu ber_printf "
+ "failed\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -922,7 +1014,8 @@ send_search_entry(
ber_free_buf( ber );
send_ldap_result( conn, op, LDAP_OTHER,
- NULL, "encoding values error", NULL, NULL );
+ NULL, "encoding values error",
+ NULL, NULL );
attrs_free( aa );
goto error_return;
}
@@ -932,7 +1025,8 @@ send_search_entry(
if (( rc = ber_printf( ber, /*{[*/ "]N}" )) == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: conn %lu "
+ "ber_printf failed\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
@@ -957,7 +1051,7 @@ send_search_entry(
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_entry: conn %d ber_printf failed\n",
+ "send_search_entry: conn %lu ber_printf failed\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY, "ber_printf failed\n", 0, 0, 0 );
@@ -975,7 +1069,7 @@ send_search_entry(
if ( bytes < 0 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_ldap_response: conn %d ber write failed.\n",
+ "send_ldap_response: conn %lu ber write failed.\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -992,12 +1086,12 @@ send_search_entry(
num_pdu_sent++;
ldap_pvt_thread_mutex_unlock( &num_sent_mutex );
- Statslog( LDAP_DEBUG_STATS2, "conn=%ld op=%ld ENTRY dn=\"%s\"\n",
- (long) conn->c_connid, (long) op->o_opid, e->e_dn, 0, 0 );
+ Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu ENTRY dn=\"%s\"\n",
+ conn->c_connid, op->o_opid, e->e_dn, 0, 0 );
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_search_entry: conn %d exit.\n",
+ "send_search_entry: conn %lu exit.\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_TRACE, "<= send_search_entry\n", 0, 0, 0 );
@@ -1030,7 +1124,7 @@ send_search_reference(
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_search_reference: conn %d dn=\"%s\"\n",
+ "send_search_reference: conn %lu dn=\"%s\"\n",
op->o_connid, e->e_dn ));
#else
Debug( LDAP_DEBUG_TRACE,
@@ -1044,7 +1138,8 @@ send_search_reference(
{
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO,
- "send_search_reference: conn %d access to entry %s not allowed\n",
+ "send_search_reference: conn %lu "
+ "access to entry %s not allowed\n",
op->o_connid, e->e_dn ));
#else
Debug( LDAP_DEBUG_ACL,
@@ -1060,11 +1155,13 @@ send_search_reference(
{
#ifdef NEW_LOGGING
LDAP_LOG(( "acl", LDAP_LEVEL_INFO,
- "send_search_reference: conn %d access to reference not allowed.\n",
+ "send_search_reference: conn %lu access "
+ "to reference not allowed.\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ACL,
- "send_search_reference: access to reference not allowed\n",
+ "send_search_reference: access "
+ "to reference not allowed\n",
0, 0, 0 );
#endif
@@ -1074,7 +1171,7 @@ send_search_reference(
if( refs == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_reference: null ref in (%s).\n",
+ "send_search_reference: conn %lu null ref in (%s).\n",
op->o_connid, e->e_dn ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -1101,7 +1198,8 @@ send_search_reference(
if ( rc == -1 ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ERR,
- "send_search_reference: conn %d ber_printf failed.\n",
+ "send_search_reference: conn %lu "
+ "ber_printf failed.\n",
op->o_connid ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -1123,12 +1221,12 @@ send_search_reference(
num_pdu_sent++;
ldap_pvt_thread_mutex_unlock( &num_sent_mutex );
- Statslog( LDAP_DEBUG_STATS2, "conn=%ld op=%ld REF dn=\"%s\"\n",
- (long) conn->c_connid, (long) op->o_opid, e->e_dn, 0, 0 );
+ Statslog( LDAP_DEBUG_STATS2, "conn=%lu op=%lu REF dn=\"%s\"\n",
+ conn->c_connid, op->o_opid, e->e_dn, 0, 0 );
#ifdef NEW_LOGGING
LDAP_LOG(( "operation", LDAP_LEVEL_ENTRY,
- "send_search_reference: conn %d exit.\n", op->o_connid ));
+ "send_search_reference: conn %lu exit.\n", op->o_connid ));
#else
Debug( LDAP_DEBUG_TRACE, "<= send_search_reference\n", 0, 0, 0 );
#endif
diff --git a/servers/slapd/root_dse.c b/servers/slapd/root_dse.c
index b52e3558b4..5db42c0f70 100644
--- a/servers/slapd/root_dse.c
+++ b/servers/slapd/root_dse.c
@@ -93,8 +93,8 @@ root_dse_info(
if ( backends[i].be_flags & SLAP_BFLAG_GLUE_SUBORDINATE ) {
continue;
}
- for ( j = 0; backends[i].be_suffix[j] != NULL; j++ ) {
- vals[0] = *backends[i].be_suffix[j];
+ for ( j = 0; backends[i].be_suffix[j].bv_val != NULL; j++ ) {
+ vals[0] = backends[i].be_suffix[j];
attr_merge( e, ad_namingContexts, vals );
}
}
diff --git a/servers/slapd/sasl.c b/servers/slapd/sasl.c
index a6bcb45099..ba1cdb0c2f 100644
--- a/servers/slapd/sasl.c
+++ b/servers/slapd/sasl.c
@@ -26,6 +26,7 @@
#if SASL_VERSION_MAJOR >= 2
#include <lutil.h>
+#include <sasl/saslplug.h>
#define SASL_CONST const
#else
#define SASL_CONST
@@ -161,43 +162,57 @@ int slap_sasl_getdn( Connection *conn, char *id, int len,
dn->bv_val = NULL;
dn->bv_len = 0;
- /* Blatantly anonymous ID */
- if( id &&
- ( id[sizeof( "anonymous" )-1] == '\0'
- || id[sizeof( "anonymous" )-1] == '@' ) &&
- !strncasecmp( id, "anonymous", sizeof( "anonymous" )-1) ) {
- return( LDAP_SUCCESS );
+ if ( id ) {
+ if ( len == 0 ) len = strlen( id );
+
+ /* Blatantly anonymous ID */
+ if ( len == sizeof("anonymous") - 1 &&
+ !strcasecmp( id, "anonymous" ) ) {
+ return( LDAP_SUCCESS );
+ }
+ } else {
+ len = 0;
}
+
ctx = conn->c_sasl_context;
- if ( len == 0 ) len = strlen( id );
- /* An authcID needs to be converted to authzID form */
+ /* An authcID needs to be converted to authzID form. Set the
+ * values directly into *dn; they will be normalized later. (and
+ * normalizing always makes a new copy.) An ID from a TLS certificate
+ * is already normalized, so copy it and skip normalization.
+ */
if( flags & FLAG_GETDN_AUTHCID ) {
+#ifdef HAVE_TLS
if( conn->c_is_tls && conn->c_sasl_bind_mech.bv_len == ext_bv.bv_len
&& ( strcasecmp( ext_bv.bv_val, conn->c_sasl_bind_mech.bv_val ) == 0 ) ) {
/* X.509 DN is already normalized */
do_norm = 0;
is_dn = SET_DN;
+ ber_str2bv( id, len, 1, dn );
- } else {
+ } else
+#endif
+ {
/* convert to u:<username> form */
is_dn = SET_U;
+ dn->bv_val = id;
+ dn->bv_len = len;
}
- ber_str2bv( id, len, 1, dn );
}
if( !is_dn ) {
if( !strncasecmp( id, "u:", sizeof("u:")-1 )) {
is_dn = SET_U;
- ber_str2bv( id+2, len-2, 1, dn );
+ dn->bv_val = id+2;
+ dn->bv_len = len-2;
} else if ( !strncasecmp( id, "dn:", sizeof("dn:")-1) ) {
is_dn = SET_DN;
- ber_str2bv( id+3, len-3, 1, dn );
+ dn->bv_val = id+3;
+ dn->bv_len = len-3;
}
}
- /* An authzID must be properly prefixed */
- if( (flags & FLAG_GETDN_AUTHZID) && !is_dn ) {
- free( dn->bv_val );
+ /* No other possibilities from here */
+ if( !is_dn ) {
dn->bv_val = NULL;
dn->bv_len = 0;
return( LDAP_INAPPROPRIATE_AUTH );
@@ -205,10 +220,14 @@ int slap_sasl_getdn( Connection *conn, char *id, int len,
/* Username strings */
if( is_dn == SET_U ) {
- char *p;
+ char *p, *realm;
len = dn->bv_len + sizeof("uid=")-1 + sizeof(",cn=auth")-1;
- if( user_realm && *user_realm ) {
+ /* username may have embedded realm name */
+ if( realm = strchr( dn->bv_val, '@') ) {
+ *realm++ = '\0';
+ len += sizeof(",cn=")-2;
+ } else if( user_realm && *user_realm ) {
len += strlen( user_realm ) + sizeof(",cn=")-1;
}
@@ -220,20 +239,24 @@ int slap_sasl_getdn( Connection *conn, char *id, int len,
c1 = dn->bv_val;
dn->bv_val = ch_malloc( len+1 );
p = slap_strcopy( dn->bv_val, "uid=" );
- p = slap_strcopy( p, c1 );
- ch_free( c1 );
+ p = slap_strncopy( p, c1, dn->bv_len );
- if( user_realm && *user_realm ) {
+ if( realm ) {
+ int rlen = dn->bv_len - ( realm - c1 );
+ p = slap_strcopy( p, ",cn=" );
+ p = slap_strncopy( p, realm, rlen );
+ realm[-1] = '@';
+ } else if( user_realm && *user_realm ) {
p = slap_strcopy( p, ",cn=" );
p = slap_strcopy( p, user_realm );
}
+
if( conn->c_sasl_bind_mech.bv_len ) {
p = slap_strcopy( p, ",cn=" );
p = slap_strcopy( p, conn->c_sasl_bind_mech.bv_val );
}
p = slap_strcopy( p, ",cn=auth" );
dn->bv_len = p - dn->bv_val;
- is_dn = SET_DN;
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
@@ -243,38 +266,144 @@ int slap_sasl_getdn( Connection *conn, char *id, int len,
#endif
}
- /* DN strings that are a cn=auth identity to run through regexp */
- if( is_dn == SET_DN )
- {
- slap_sasl2dn( dn, &dn2 );
- if( dn2.bv_val ) {
+ /* All strings are in DN form now. Normalize if needed. */
+ if ( do_norm ) {
+ rc = dnNormalize2( NULL, dn, &dn2 );
+
+ /* User DNs were constructed above and must be freed now */
+ if ( is_dn == SET_U )
ch_free( dn->bv_val );
- *dn = dn2;
- do_norm = 0; /* slap_sasl2dn normalizes */
+
+ if ( rc != LDAP_SUCCESS ) {
+ dn->bv_val = NULL;
+ dn->bv_len = 0;
+ return rc;
+ }
+ *dn = dn2;
+ }
+
+ /* Run thru regexp */
+ slap_sasl2dn( conn, dn, &dn2 );
+ if( dn2.bv_val ) {
+ ch_free( dn->bv_val );
+ *dn = dn2;
#ifdef NEW_LOGGING
- LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
- "slap_sasl_getdn: dn:id converted to %s.\n", dn->bv_val ));
+ LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
+ "slap_sasl_getdn: dn:id converted to %s.\n", dn->bv_val ));
#else
- Debug( LDAP_DEBUG_TRACE, "getdn: dn:id converted to %s\n",
- dn->bv_val, 0, 0 );
+ Debug( LDAP_DEBUG_TRACE, "getdn: dn:id converted to %s\n",
+ dn->bv_val, 0, 0 );
#endif
+ }
+
+ return( LDAP_SUCCESS );
+}
+
+#if SASL_VERSION_MAJOR >= 2
+static const char *slap_propnames[] = { "*authcDN", "*authzDN", NULL };
+
+static void
+slap_auxprop_lookup(
+ void *glob_context,
+ sasl_server_params_t *sparams,
+ unsigned flags,
+ const char *user,
+ unsigned ulen)
+{
+ int rc, i, last;
+ struct berval dn;
+ const struct propval *list;
+ BerVarray vals, bv;
+ AttributeDescription *ad;
+ const char *text;
+
+ list = sparams->utils->prop_get( sparams->propctx );
+
+ /* Find our DN first */
+ for( i = 0, last = 0; list[i].name; i++ ) {
+ if ( list[i].name[0] == '*' ) {
+ if ( (flags & SASL_AUXPROP_AUTHZID) &&
+ !strcmp( list[i].name, slap_propnames[1] ) ) {
+ if ( list[i].values && list[i].values[0] )
+ AC_MEMCPY( &dn, list[i].values[0], sizeof( dn ) );
+ if ( !last ) last = i;
+ break;
+ }
+ if ( !strcmp( list[i].name, slap_propnames[0] ) ) {
+ if ( !last ) last = i;
+ if ( list[i].values && list[i].values[0] ) {
+ AC_MEMCPY( &dn, list[i].values[0], sizeof( dn ) );
+ if ( !(flags & SASL_AUXPROP_AUTHZID) )
+ break;
+ }
+ }
}
}
- if ( do_norm ) {
- rc = dnNormalize2( NULL, dn, &dn2 );
- free(dn->bv_val);
+ /* Now fetch the rest */
+ for( i = 0; i < last; i++ ) {
+ const char *name = list[i].name;
+
+ if ( name[0] == '*' ) {
+ if ( flags & SASL_AUXPROP_AUTHZID ) continue;
+ name++;
+ } else if ( !(flags & SASL_AUXPROP_AUTHZID ) )
+ continue;
+
+ if ( list[i].values ) {
+ if ( !(flags & SASL_AUXPROP_OVERRIDE) ) continue;
+ sparams->utils->prop_erase( sparams->propctx, list[i].name );
+ }
+ ad = NULL;
+ rc = slap_str2ad( name, &ad, &text );
if ( rc != LDAP_SUCCESS ) {
- *dn = slap_empty_bv;
- return rc;
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "sasl", LDAP_LEVEL_DETAIL1,
+ "slap_auxprop: str2ad(%s): %s\n", name, text ));
+#else
+ Debug( LDAP_DEBUG_TRACE,
+ "slap_auxprop: str2ad(%s): %s\n", name, text, 0 );
+#endif
+ rc = slap_str2undef_ad( name, &ad, &text );
+ if ( rc != LDAP_SUCCESS ) continue;
}
- *dn = dn2;
+ rc = backend_attribute( NULL,NULL,NULL,NULL, &dn, ad, &vals );
+ if ( rc != LDAP_SUCCESS ) continue;
+ for ( bv = vals; bv->bv_val; bv++ ) {
+ sparams->utils->prop_set( sparams->propctx, list[i].name,
+ bv->bv_val, bv->bv_len );
+ }
+ ber_bvarray_free( vals );
}
+}
- return( LDAP_SUCCESS );
+static sasl_auxprop_plug_t slap_auxprop_plugin = {
+ 0, /* Features */
+ 0, /* spare */
+ NULL, /* glob_context */
+ NULL, /* auxprop_free */
+ slap_auxprop_lookup,
+ "slapd", /* name */
+ NULL /* spare */
+};
+
+static int
+slap_auxprop_init(
+ const sasl_utils_t *utils,
+ int max_version,
+ int *out_version,
+ sasl_auxprop_plug_t **plug,
+ const char *plugname)
+{
+ if ( !out_version | !plug ) return SASL_BADPARAM;
+
+ if ( max_version < SASL_AUXPROP_PLUG_VERSION ) return SASL_BADVERS;
+
+ *out_version = SASL_AUXPROP_PLUG_VERSION;
+ *plug = &slap_auxprop_plugin;
+ return SASL_OK;
}
-#if SASL_VERSION_MAJOR >= 2
static int
slap_sasl_checkpass(
sasl_conn_t *sconn,
@@ -342,7 +471,12 @@ slap_sasl_checkpass(
return rc;
}
-#if 0 /* CANON isn't for what you think it does. */
+/* Convert a SASL authcid or authzid into a DN. Store the DN in an
+ * auxiliary property, so that we can refer to it in sasl_authorize
+ * without interfering with anything else. Also, the SASL username
+ * buffer is constrained to 256 characters, and our DNs could be
+ * much longer (totally arbitrary length)...
+ */
static int
slap_sasl_canonicalize(
sasl_conn_t *sconn,
@@ -356,8 +490,11 @@ slap_sasl_canonicalize(
unsigned *out_len)
{
Connection *conn = (Connection *)context;
+ struct propctx *props = sasl_auxprop_getctx( sconn );
+ struct propval auxvals[3];
struct berval dn;
- int rc;
+ int rc, which;
+ const char *names[2];
*out_len = 0;
@@ -365,53 +502,79 @@ slap_sasl_canonicalize(
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
"slap_sasl_canonicalize: conn %d %s=\"%s\"\n",
conn ? conn->c_connid : -1,
- (flags == SASL_CU_AUTHID) ? "authcid" : "authzid",
+ (flags & SASL_CU_AUTHID) ? "authcid" : "authzid",
in ? in : "<empty>" ));
#else
Debug( LDAP_DEBUG_ARGS, "SASL Canonicalize [conn=%ld]: "
"%s=\"%s\"\n",
conn ? conn->c_connid : -1,
- (flags == SASL_CU_AUTHID) ? "authcid" : "authzid",
+ (flags & SASL_CU_AUTHID) ? "authcid" : "authzid",
in ? in : "<empty>" );
#endif
+ /* If name is too big, just truncate. We don't care, we're
+ * using DNs, not the usernames.
+ */
+ if ( inlen > out_max )
+ inlen = out_max-1;
+
+ /* See if we need to add request, can only do it once */
+ prop_getnames( props, slap_propnames, auxvals );
+ if ( !auxvals[0].name )
+ prop_request( props, slap_propnames );
+
+ if ( flags & SASL_CU_AUTHID )
+ which = 0;
+ else
+ which = 1;
+
+ /* Already been here? */
+ if ( auxvals[which].values )
+ goto done;
+
+ if ( flags == SASL_CU_AUTHZID ) {
+ /* If we got unqualified authzid's, they probably came from SASL
+ * itself just passing the authcid to us. Look inside the oparams
+ * structure to see if that's true. (HACK: the out_len pointer is
+ * the address of a member of a sasl_out_params_t structure...)
+ */
+ sasl_out_params_t dummy;
+ int offset = (void *)&dummy.ulen - (void *)&dummy.authid;
+ char **authid = (void *)out_len - offset;
+ if ( *authid && !strcmp( in, *authid ) )
+ goto done;
+ }
+
rc = slap_sasl_getdn( conn, (char *)in, inlen, (char *)user_realm, &dn,
- (flags == SASL_CU_AUTHID) ? FLAG_GETDN_AUTHCID : FLAG_GETDN_AUTHZID );
+ (flags & SASL_CU_AUTHID) ? FLAG_GETDN_AUTHCID : FLAG_GETDN_AUTHZID );
if ( rc != LDAP_SUCCESS ) {
sasl_seterror( sconn, 0, ldap_err2string( rc ) );
return SASL_NOAUTHZ;
}
- if ( out_max < dn.bv_len ) {
- return SASL_BUFOVER;
- }
-
- AC_MEMCPY( out, dn.bv_val, dn.bv_len );
- out[dn.bv_len] = '\0';
-
- *out_len = dn.bv_len;
-
- ch_free( dn.bv_val );
+ names[0] = slap_propnames[which];
+ names[1] = NULL;
+ prop_set( props, names[0], (char *)&dn, sizeof( dn ) );
+
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
"slap_sasl_canonicalize: conn %d %s=\"%s\"\n",
conn ? conn->c_connid : -1,
- (flags == SASL_CU_AUTHID) ? "authcDN" : "authzDN",
- out ));
+ names[0]+1, dn.bv_val ));
#else
Debug( LDAP_DEBUG_ARGS, "SASL Canonicalize [conn=%ld]: "
"%s=\"%s\"\n",
conn ? conn->c_connid : -1,
- (flags == SASL_CU_AUTHID) ? "authcDN" : "authzDN",
- out );
+ names[0]+1, dn.bv_val );
#endif
+done: AC_MEMCPY( out, in, inlen );
+ out[inlen] = '\0';
+
+ *out_len = inlen;
return SASL_OK;
}
-#endif
-
-#define CANON_BUF_SIZE 256 /* from saslint.h */
static int
slap_sasl_authorize(
@@ -423,12 +586,12 @@ slap_sasl_authorize(
unsigned alen,
const char *def_realm,
unsigned urlen,
- struct propctx *propctx)
+ struct propctx *props)
{
Connection *conn = (Connection *)context;
+ struct propval auxvals[3];
struct berval authcDN, authzDN;
- char *realm;
- int rc, equal = 1, ext = 0;
+ int rc;
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
@@ -440,66 +603,16 @@ slap_sasl_authorize(
conn ? conn->c_connid : -1, auth_identity, requested_user );
#endif
- if ( requested_user )
- equal = !strcmp( auth_identity, requested_user );
-
- /* If using SASL-EXTERNAL, don't modify the ID in any way */
- if ( conn->c_is_tls && conn->c_sasl_bind_mech.bv_len == ext_bv.bv_len
- && ( strcasecmp( ext_bv.bv_val, conn->c_sasl_bind_mech.bv_val ) == 0 ) ) {
- ext = 1;
- realm = NULL;
- } else {
- /* Else look for an embedded realm in the name */
- realm = strchr( auth_identity, '@' );
- if ( realm ) *realm++ = '\0';
- }
-
- rc = slap_sasl_getdn( conn, auth_identity, alen, realm ? realm : (char *)def_realm,
- &authcDN, FLAG_GETDN_AUTHCID );
- if ( realm )
- realm[-1] = '@';
-
- if ( rc != LDAP_SUCCESS ) {
- sasl_seterror( sconn, 0, ldap_err2string( rc ) );
- return SASL_NOAUTHZ;
- }
-
- if ( equal ) {
- if ( authcDN.bv_len > CANON_BUF_SIZE ) {
- free( authcDN.bv_val );
- return SASL_BUFOVER;
- }
- AC_MEMCPY( requested_user, authcDN.bv_val, authcDN.bv_len );
-
+ prop_getnames( props, slap_propnames, auxvals );
+
+ /* Nothing to do if no authzID was given */
+ if ( !auxvals[1].name || !auxvals[1].values )
return SASL_OK;
- }
-
- if ( ext ) {
- realm = NULL;
- } else {
- realm = strchr( requested_user, '@' );
- if ( realm ) *realm++ = '\0';
- }
-
- rc = slap_sasl_getdn( conn, requested_user, rlen, realm ? realm : (char *)def_realm,
- &authzDN, FLAG_GETDN_AUTHZID );
- if ( realm )
- realm[-1] = '@';
-
- if ( rc != LDAP_SUCCESS ) {
- free( authcDN.bv_val );
- sasl_seterror( sconn, 0, ldap_err2string( rc ) );
- return SASL_NOAUTHZ;
- }
-
- if (authzDN.bv_len > CANON_BUF_SIZE) {
- free( authcDN.bv_val );
- free( authzDN.bv_val );
- return SASL_BUFOVER;
- }
+
+ AC_MEMCPY( &authcDN, auxvals[0].values[0], sizeof(authcDN) );
+ AC_MEMCPY( &authzDN, auxvals[1].values[0], sizeof(authzDN) );
rc = slap_sasl_authorized( &authcDN, &authzDN );
- free( authcDN.bv_val );
if ( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_INFO,
@@ -512,11 +625,8 @@ slap_sasl_authorize(
#endif
sasl_seterror( sconn, 0, "not authorized" );
- free( authzDN.bv_val );
return SASL_NOAUTHZ;
}
- AC_MEMCPY( requested_user, authzDN.bv_val, authzDN.bv_len );
- free( authzDN.bv_val );
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
@@ -527,7 +637,6 @@ slap_sasl_authorize(
" authorization allowed\n",
(long) (conn ? conn->c_connid : -1), 0, 0 );
#endif
-
return SASL_OK;
}
#else
@@ -540,9 +649,9 @@ slap_sasl_authorize(
const char **errstr)
{
struct berval authcDN, authzDN;
- int rc, ext = 0;
+ int rc;
Connection *conn = context;
- char *realm, *xrealm;
+ char *realm;
*user = NULL;
@@ -576,16 +685,7 @@ slap_sasl_authorize(
/* Convert the identities to DN's. If no authzid was given, client will
be bound as the DN matching their username */
- if ( conn->c_is_tls && conn->c_sasl_bind_mech.bv_len == ext_bv.bv_len
- && ( strcasecmp( ext_bv.bv_val, conn->c_sasl_bind_mech.bv_val ) == 0 ) ) {
- ext = 1;
- xrealm = NULL;
- } else {
- xrealm = strchr( authcid, '@' );
- if ( xrealm ) *xrealm++ = '\0';
- }
- rc = slap_sasl_getdn( conn, (char *)authcid, 0, xrealm ? xrealm : realm, &authcDN, FLAG_GETDN_AUTHCID );
- if ( xrealm ) xrealm[-1] = '@';
+ rc = slap_sasl_getdn( conn, (char *)authcid, 0, realm, &authcDN, FLAG_GETDN_AUTHCID );
if( rc != LDAP_SUCCESS ) {
*errstr = ldap_err2string( rc );
return SASL_NOAUTHZ;
@@ -604,14 +704,7 @@ slap_sasl_authorize(
*errstr = NULL;
return SASL_OK;
}
- if ( ext ) {
- xrealm = NULL;
- } else {
- xrealm = strchr( authzid, '@' );
- if ( xrealm ) *xrealm++ = '\0';
- }
- rc = slap_sasl_getdn( conn, (char *)authzid, 0, xrealm ? xrealm : realm, &authzDN, FLAG_GETDN_AUTHZID );
- if ( xrealm ) xrealm[-1] = '@';
+ rc = slap_sasl_getdn( conn, (char *)authzid, 0, realm, &authzDN, FLAG_GETDN_AUTHZID );
if( rc != LDAP_SUCCESS ) {
ch_free( authcDN.bv_val );
*errstr = ldap_err2string( rc );
@@ -713,6 +806,9 @@ int slap_sasl_init( void )
ldap_pvt_sasl_mutex_unlock,
ldap_pvt_sasl_mutex_dispose );
+#if SASL_VERSION_MAJOR >= 2
+ sasl_auxprop_add_plugin( "slapd", slap_auxprop_init );
+#endif
/* should provide callbacks for logging */
/* server name should be configurable */
rc = sasl_server_init( server_callbacks, "slapd" );
@@ -792,11 +888,9 @@ int slap_sasl_open( Connection *conn )
session_callbacks[cb++].context = conn;
#if SASL_VERSION_MAJOR >= 2
-#if 0 /* CANON isn't for what you think it does. */
session_callbacks[cb].id = SASL_CB_CANON_USER;
session_callbacks[cb].proc = &slap_sasl_canonicalize;
session_callbacks[cb++].context = conn;
-#endif
/* XXXX: this should be conditional */
session_callbacks[cb].id = SASL_CB_SERVER_USERDB_CHECKPASS;
@@ -1075,6 +1169,34 @@ int slap_sasl_bind(
response.bv_len = reslen;
if ( sc == SASL_OK ) {
+#if SASL_VERSION_MAJOR >= 2
+ struct propctx *props = sasl_auxprop_getctx( ctx );
+ struct propval vals[3];
+ sasl_ssf_t *ssf = NULL;
+
+ prop_getnames( props, slap_propnames, vals );
+
+ AC_MEMCPY( edn, vals[0].values[0], sizeof(*edn) );
+ if ( vals[1].name && vals[1].values ) {
+ ch_free( edn->bv_val );
+ AC_MEMCPY( edn, vals[1].values[0], sizeof(*edn) );
+ }
+
+ rc = LDAP_SUCCESS;
+
+ (void) sasl_getprop( ctx, SASL_SSF, (void *)&ssf );
+ *ssfp = ssf ? *ssf : 0;
+
+ if( *ssfp ) {
+ ldap_pvt_thread_mutex_lock( &conn->c_mutex );
+ conn->c_sasl_layers++;
+ ldap_pvt_thread_mutex_unlock( &conn->c_mutex );
+ }
+
+ send_ldap_sasl( conn, op, rc,
+ NULL, NULL, NULL, NULL,
+ response.bv_len ? &response : NULL );
+#else
char *username = NULL;
sc = sasl_getprop( ctx,
@@ -1113,6 +1235,7 @@ int slap_sasl_bind(
NULL, NULL, NULL, NULL,
response.bv_len ? &response : NULL );
}
+#endif
} else if ( sc == SASL_CONTINUE ) {
send_ldap_sasl( conn, op, rc = LDAP_SASL_BIND_IN_PROGRESS,
diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c
index c13726b0b1..d196a4f084 100644
--- a/servers/slapd/saslauthz.c
+++ b/servers/slapd/saslauthz.c
@@ -29,12 +29,12 @@
#endif
#include <ldap_pvt.h>
-#endif
/* URI format: ldap://<host>/<base>[?[<attrs>][?[<scope>][?[<filter>]]]] */
static int slap_parseURI( struct berval *uri,
- struct berval *searchbase, int *scope, Filter **filter )
+ struct berval *searchbase, int *scope, Filter **filter,
+ struct berval *fstr )
{
struct berval bv;
int rc;
@@ -46,6 +46,11 @@ static int slap_parseURI( struct berval *uri,
*scope = -1;
*filter = NULL;
+ if ( fstr ) {
+ fstr->bv_val = NULL;
+ fstr->bv_len = 0;
+ }
+
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
"slap_parseURI: parsing %s\n", uri->bv_val ));
@@ -86,6 +91,8 @@ is_dn: bv.bv_len = uri->bv_len - (bv.bv_val - uri->bv_val);
*filter = str2filter( ludp->lud_filter );
if ( *filter == NULL )
rc = LDAP_PROTOCOL_ERROR;
+ else if ( fstr )
+ ber_str2bv( ludp->lud_filter, 0, 1, fstr );
}
/* Grab the searchbase */
@@ -100,6 +107,47 @@ is_dn: bv.bv_len = uri->bv_len - (bv.bv_val - uri->bv_val);
return( rc );
}
+static int slap_sasl_rx_off(char *rep, int *off)
+{
+ const char *c;
+ int n;
+
+ /* Precompile replace pattern. Find the $<n> placeholders */
+ off[0] = -2;
+ n = 1;
+ for ( c = rep; *c; c++ ) {
+ if ( *c == '\\' && c[1] ) {
+ c++;
+ continue;
+ }
+ if ( *c == '$' ) {
+ if ( n == SASLREGEX_REPLACE ) {
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "sasl", LDAP_LEVEL_ERR,
+ "slap_sasl_regexp_config: \"%s\" has too many $n "
+ "placeholders (max %d)\n",
+ rep, SASLREGEX_REPLACE ));
+#else
+ Debug( LDAP_DEBUG_ANY,
+ "SASL replace pattern %s has too many $n "
+ "placeholders (max %d)\n",
+ rep, SASLREGEX_REPLACE, 0 );
+#endif
+
+ return( LDAP_OPERATIONS_ERROR );
+ }
+ off[n] = c - rep;
+ n++;
+ }
+ }
+
+ /* Final placeholder, after the last $n */
+ off[n] = c - rep;
+ n++;
+ off[n] = -1;
+ return( LDAP_SUCCESS );
+}
+#endif /* HAVE_CYRUS_SASL */
int slap_sasl_regexp_config( const char *match, const char *replace )
{
@@ -108,6 +156,7 @@ int slap_sasl_regexp_config( const char *match, const char *replace )
int rc, n;
SaslRegexp_t *reg;
struct berval bv, nbv;
+ Filter *filter;
SaslRegexp = (SaslRegexp_t *) ch_realloc( (char *) SaslRegexp,
(nSaslRegexp + 1) * sizeof(SaslRegexp_t) );
@@ -129,20 +178,21 @@ int slap_sasl_regexp_config( const char *match, const char *replace )
reg->sr_match = nbv.bv_val;
ber_str2bv( replace, 0, 0, &bv );
- rc = dnNormalize2( NULL, &bv, &nbv );
+ rc = slap_parseURI( &bv, ®->sr_replace.dn, ®->sr_replace.scope,
+ &filter, ®->sr_replace.filter );
+ if ( filter ) filter_free( filter );
if ( rc ) {
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ERR,
- "slap_sasl_regexp_config: \"%s\" could not be normalized.\n",
+ "slap_sasl_regexp_config: \"%s\" could not be parsed.\n",
replace ));
#else
Debug( LDAP_DEBUG_ANY,
- "SASL replace pattern %s could not be normalized.\n",
+ "SASL replace pattern %s could not be parsed.\n",
replace, 0, 0 );
#endif
return( rc );
}
- reg->sr_replace = nbv.bv_val;
/* Precompile matching pattern */
rc = regcomp( ®->sr_workspace, reg->sr_match, REG_EXTENDED|REG_ICASE );
@@ -160,40 +210,14 @@ int slap_sasl_regexp_config( const char *match, const char *replace )
return( LDAP_OPERATIONS_ERROR );
}
- /* Precompile replace pattern. Find the $<n> placeholders */
- reg->sr_offset[0] = -2;
- n = 1;
- for ( c = reg->sr_replace; *c; c++ ) {
- if ( *c == '\\' && c[1] ) {
- c++;
- continue;
- }
- if ( *c == '$' ) {
- if ( n == SASLREGEX_REPLACE ) {
-#ifdef NEW_LOGGING
- LDAP_LOG(( "sasl", LDAP_LEVEL_ERR,
- "slap_sasl_regexp_config: \"%s\" has too many $n "
- "placeholders (max %d)\n",
- reg->sr_replace, SASLREGEX_REPLACE ));
-#else
- Debug( LDAP_DEBUG_ANY,
- "SASL replace pattern %s has too many $n "
- "placeholders (max %d)\n",
- reg->sr_replace, SASLREGEX_REPLACE, 0 );
-#endif
+ rc = slap_sasl_rx_off( reg->sr_replace.dn.bv_val, reg->sr_dn_offset );
+ if ( rc != LDAP_SUCCESS ) return rc;
- return( LDAP_OPERATIONS_ERROR );
- }
- reg->sr_offset[n] = c - reg->sr_replace;
- n++;
- }
+ if (reg->sr_replace.filter.bv_val ) {
+ rc = slap_sasl_rx_off( reg->sr_replace.filter.bv_val, reg->sr_fi_offset );
+ if ( rc != LDAP_SUCCESS ) return rc;
}
- /* Final placeholder, after the last $n */
- reg->sr_offset[n] = c - reg->sr_replace;
- n++;
- reg->sr_offset[n] = -1;
-
nSaslRegexp++;
#endif
return( LDAP_SUCCESS );
@@ -202,17 +226,65 @@ int slap_sasl_regexp_config( const char *match, const char *replace )
#ifdef HAVE_CYRUS_SASL
+/* Perform replacement on regexp matches */
+static void slap_sasl_rx_exp( char *rep, int *off, regmatch_t *str,
+ char *saslname, struct berval *out )
+{
+ int i, n, len, insert;
+
+ /* Get the total length of the final URI */
+
+ n=1;
+ len = 0;
+ while( off[n] >= 0 ) {
+ /* Len of next section from replacement string (x,y,z above) */
+ len += off[n] - off[n-1] - 2;
+ if( off[n+1] < 0)
+ break;
+
+ /* Len of string from saslname that matched next $i (b,d above) */
+ i = rep[ off[n] + 1 ] - '0';
+ len += str[i].rm_eo - str[i].rm_so;
+ n++;
+ }
+ out->bv_val = ch_malloc( len + 1 );
+ out->bv_len = len;
+
+ /* Fill in URI with replace string, replacing $i as we go */
+ n=1;
+ insert = 0;
+ while( off[n] >= 0) {
+ /* Paste in next section from replacement string (x,y,z above) */
+ len = off[n] - off[n-1] - 2;
+ strncpy( out->bv_val+insert, rep + off[n-1] + 2, len);
+ insert += len;
+ if( off[n+1] < 0)
+ break;
+
+ /* Paste in string from saslname that matched next $i (b,d above) */
+ i = rep[ off[n] + 1 ] - '0';
+ len = str[i].rm_eo - str[i].rm_so;
+ strncpy( out->bv_val+insert, saslname + str[i].rm_so, len );
+ insert += len;
+
+ n++;
+ }
+
+ out->bv_val[insert] = '\0';
+}
+
/* Take the passed in SASL name and attempt to convert it into an
LDAP URI to find the matching LDAP entry, using the pattern matching
strings given in the saslregexp config file directive(s) */
-static int slap_sasl_regexp( struct berval *in, struct berval *out )
+
+static int slap_sasl_regexp( struct berval *in, SaslUri_t *out )
{
char *saslname = in->bv_val;
- int i, n, len, insert;
+ char *scope[] = { "base", "one", "sub" };
SaslRegexp_t *reg;
+ int i;
- out->bv_val = NULL;
- out->bv_len = 0;
+ memset( out, 0, sizeof( *out ) );
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
@@ -240,53 +312,25 @@ static int slap_sasl_regexp( struct berval *in, struct berval *out )
* replace pattern of the form "x$1y$2z". The returned string needs
* to replace the $1,$2 with the strings that matched (b.*) and (d.*)
*/
+ slap_sasl_rx_exp( reg->sr_replace.dn.bv_val, reg->sr_dn_offset,
+ reg->sr_strings, saslname, &out->dn );
+ if ( reg->sr_replace.filter.bv_val )
+ slap_sasl_rx_exp( reg->sr_replace.filter.bv_val,
+ reg->sr_fi_offset, reg->sr_strings, saslname, &out->filter );
+
+ out->scope = reg->sr_replace.scope;
- /* Get the total length of the final URI */
-
- n=1;
- len = 0;
- while( reg->sr_offset[n] >= 0 ) {
- /* Len of next section from replacement string (x,y,z above) */
- len += reg->sr_offset[n] - reg->sr_offset[n-1] - 2;
- if( reg->sr_offset[n+1] < 0)
- break;
-
- /* Len of string from saslname that matched next $i (b,d above) */
- i = reg->sr_replace[ reg->sr_offset[n] + 1 ] - '0';
- len += reg->sr_strings[i].rm_eo - reg->sr_strings[i].rm_so;
- n++;
- }
- out->bv_val = ch_malloc( len + 1 );
- out->bv_len = len;
-
- /* Fill in URI with replace string, replacing $i as we go */
- n=1;
- insert = 0;
- while( reg->sr_offset[n] >= 0) {
- /* Paste in next section from replacement string (x,y,z above) */
- len = reg->sr_offset[n] - reg->sr_offset[n-1] - 2;
- strncpy( out->bv_val+insert, reg->sr_replace + reg->sr_offset[n-1] + 2, len);
- insert += len;
- if( reg->sr_offset[n+1] < 0)
- break;
-
- /* Paste in string from saslname that matched next $i (b,d above) */
- i = reg->sr_replace[ reg->sr_offset[n] + 1 ] - '0';
- len = reg->sr_strings[i].rm_eo - reg->sr_strings[i].rm_so;
- strncpy( out->bv_val+insert, saslname + reg->sr_strings[i].rm_so, len );
- insert += len;
-
- n++;
- }
-
- out->bv_val[insert] = '\0';
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
- "slap_sasl_regexp: converted SASL name to %s\n", out->bv_val ));
+ "slap_sasl_regexp: converted SASL name to ldap:///%s??%s?%s\n",
+ out->dn.bv_val, scope[out->scope], out->filter.bv_val ?
+ out->filter.bv_val : "" ));
#else
Debug( LDAP_DEBUG_TRACE,
- "slap_sasl_regexp: converted SASL name to %s\n", out->bv_val, 0, 0 );
+ "slap_sasl_regexp: converted SASL name to ldap:///%s??%s?%s\n",
+ out->dn.bv_val, scope[out->scope], out->filter.bv_val ?
+ out->filter.bv_val : "" );
#endif
return( 1 );
@@ -339,15 +383,14 @@ static int sasl_sc_sasl2dn( BackendDB *be, Connection *conn, Operation *o,
* entry, return the DN of that one entry.
*/
-void slap_sasl2dn( struct berval *saslname, struct berval *dn )
+void slap_sasl2dn( Connection *conn, struct berval *saslname, struct berval *dn )
{
- struct berval uri = {0, NULL};
- struct berval searchbase = {0, NULL};
- int rc, scope;
+ int rc;
Backend *be;
Filter *filter=NULL;
slap_callback cb = {sasl_sc_r, sasl_sc_s, sasl_sc_sasl2dn, NULL};
Operation op = {0};
+ SaslUri_t uri;
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
@@ -360,39 +403,40 @@ void slap_sasl2dn( struct berval *saslname, struct berval *dn )
dn->bv_len = 0;
cb.sc_private = dn;
- /* Convert the SASL name into an LDAP URI */
+ /* Convert the SASL name into a minimal URI */
if( !slap_sasl_regexp( saslname, &uri ) )
goto FINISHED;
- rc = slap_parseURI( &uri, &searchbase, &scope, &filter );
- if( rc ) {
- goto FINISHED;
- }
+ if ( uri.filter.bv_val )
+ filter = str2filter( uri.filter.bv_val );
+
+ /* Must do an internal search */
+
+ be = select_backend( &uri.dn, 0, 1 );
+
+ conn->c_authz_backend = be;
/* Massive shortcut: search scope == base */
- if( scope == LDAP_SCOPE_BASE ) {
- *dn = searchbase;
- searchbase.bv_len = 0;
- searchbase.bv_val = NULL;
+ if( uri.scope == LDAP_SCOPE_BASE ) {
+ *dn = uri.dn;
+ uri.dn.bv_len = 0;
+ uri.dn.bv_val = NULL;
goto FINISHED;
}
- /* Must do an internal search */
-
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_DETAIL1,
"slap_sasl2dn: performing internal search (base=%s, scope=%d)\n",
- searchbase.bv_val, scope ));
+ uri.dn.bv_val, uri.scope ));
#else
Debug( LDAP_DEBUG_TRACE,
"slap_sasl2dn: performing internal search (base=%s, scope=%d)\n",
- searchbase.bv_val, scope, 0 );
+ uri.dn.bv_val, uri.scope, 0 );
#endif
- be = select_backend( &searchbase, 0, 1 );
if(( be == NULL ) || ( be->be_search == NULL))
goto FINISHED;
- suffix_alias( be, &searchbase );
+ suffix_alias( be, &uri.dn );
op.o_tag = LDAP_REQ_SEARCH;
op.o_protocol = LDAP_VERSION3;
@@ -400,14 +444,14 @@ void slap_sasl2dn( struct berval *saslname, struct berval *dn )
op.o_callback = &cb;
op.o_time = slap_get_time();
- (*be->be_search)( be, /*conn*/NULL, &op, /*base*/NULL, &searchbase,
- scope, /*deref=*/1, /*sizelimit=*/1, /*time=*/0, filter, /*fstr=*/NULL,
+ (*be->be_search)( be, /*conn*/NULL, &op, /*base*/NULL, &uri.dn,
+ uri.scope, /*deref=*/1, /*sizelimit=*/1, /*time=*/0, filter, /*fstr=*/NULL,
/*attrs=*/NULL, /*attrsonly=*/0 );
FINISHED:
- if( searchbase.bv_len ) ch_free( searchbase.bv_val );
+ if( uri.dn.bv_len ) ch_free( uri.dn.bv_val );
+ if( uri.filter.bv_len ) ch_free( uri.filter.bv_val );
if( filter ) filter_free( filter );
- if( uri.bv_val ) ch_free( uri.bv_val );
#ifdef NEW_LOGGING
LDAP_LOG(( "sasl", LDAP_LEVEL_ENTRY,
@@ -468,7 +512,7 @@ int slap_sasl_match( struct berval *rule, struct berval *assertDN, struct berval
"===>slap_sasl_match: comparing DN %s to rule %s\n", assertDN->bv_val, rule->bv_val, 0 );
#endif
- rc = slap_parseURI( rule, &searchbase, &scope, &filter );
+ rc = slap_parseURI( rule, &searchbase, &scope, &filter, NULL );
if( rc != LDAP_SUCCESS )
goto CONCLUDED;
diff --git a/servers/slapd/schema/core.schema b/servers/slapd/schema/core.schema
new file mode 100644
index 0000000000..1d30110108
--- /dev/null
+++ b/servers/slapd/schema/core.schema
@@ -0,0 +1,544 @@
+# $OpenLDAP$
+#
+# OpenLDAP Core schema
+#
+# Includes LDAPv3 schema items from:
+# RFC 2251-RFC2256 (LDAPv3)
+#
+# select standard track schema items:
+# RFC 2587 (PKI)
+# RFC 2079 (URI)
+# RFC 1274 (uid/dc)
+# RFC 2247 (dc/dcObject)
+# RFC 2589 (Dynamic Directory Services)
+#
+# select informational schema items:
+# RFC 2377 (uidObject)
+
+#
+# Standard attribute types from RFC 2256
+#
+
+# system schema
+#attributetype ( 2.5.4.0 NAME 'objectClass'
+# DESC 'RFC2256: object classes of the entity'
+# EQUALITY objectIdentifierMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
+
+# system schema
+#attributetype ( 2.5.4.1 NAME ( 'aliasedObjectName' 'aliasedEntryName' )
+# DESC 'RFC2256: name of aliased object'
+# EQUALITY distinguishedNameMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE )
+
+attributetype ( 2.5.4.2 NAME 'knowledgeInformation'
+ DESC 'RFC2256: knowledge information'
+ EQUALITY caseIgnoreMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
+
+# system schema
+#attributetype ( 2.5.4.3 NAME ( 'cn' 'commonName' )
+# DESC 'RFC2256: common name(s) for which the entity is known by'
+# SUP name )
+
+attributetype ( 2.5.4.4 NAME ( 'sn' 'surname' )
+ DESC 'RFC2256: last (family) name(s) for which the entity is known by'
+ SUP name )
+
+attributetype ( 2.5.4.5 NAME 'serialNumber'
+ DESC 'RFC2256: serial number of the entity'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{64} )
+
+attributetype ( 2.5.4.6 NAME ( 'c' 'countryName' )
+ DESC 'RFC2256: ISO-3166 country 2-letter code'
+ SUP name SINGLE-VALUE )
+
+attributetype ( 2.5.4.7 NAME ( 'l' 'localityName' )
+ DESC 'RFC2256: locality which this object resides in'
+ SUP name )
+
+attributetype ( 2.5.4.8 NAME ( 'st' 'stateOrProvinceName' )
+ DESC 'RFC2256: state or province which this object resides in'
+ SUP name )
+
+attributetype ( 2.5.4.9 NAME ( 'street' 'streetAddress' )
+ DESC 'RFC2256: street address of this object'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+attributetype ( 2.5.4.10 NAME ( 'o' 'organizationName' )
+ DESC 'RFC2256: organization this object belongs to'
+ SUP name )
+
+attributetype ( 2.5.4.11 NAME ( 'ou' 'organizationalUnitName' )
+ DESC 'RFC2256: organizational unit this object belongs to'
+ SUP name )
+
+attributetype ( 2.5.4.12 NAME 'title'
+ DESC 'RFC2256: title associated with the entity'
+ SUP name )
+
+attributetype ( 2.5.4.13 NAME 'description'
+ DESC 'RFC2256: descriptive information'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{1024} )
+
+# Obsoleted by enhancedSearchGuide
+attributetype ( 2.5.4.14 NAME 'searchGuide'
+ DESC 'RFC2256: search guide, obsoleted by enhancedSearchGuide'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.25 )
+
+attributetype ( 2.5.4.15 NAME 'businessCategory'
+ DESC 'RFC2256: business category'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+attributetype ( 2.5.4.16 NAME 'postalAddress'
+ DESC 'RFC2256: postal address'
+ EQUALITY caseIgnoreListMatch
+ SUBSTR caseIgnoreListSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
+
+attributetype ( 2.5.4.17 NAME 'postalCode'
+ DESC 'RFC2256: postal code'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
+
+attributetype ( 2.5.4.18 NAME 'postOfficeBox'
+ DESC 'RFC2256: Post Office Box'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )
+
+attributetype ( 2.5.4.19 NAME 'physicalDeliveryOfficeName'
+ DESC 'RFC2256: Physical Delivery Office Name'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )
+
+attributetype ( 2.5.4.20 NAME 'telephoneNumber'
+ DESC 'RFC2256: Telephone Number'
+ EQUALITY telephoneNumberMatch
+ SUBSTR telephoneNumberSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.50{32} )
+
+attributetype ( 2.5.4.21 NAME 'telexNumber'
+ DESC 'RFC2256: Telex Number'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.52 )
+
+attributetype ( 2.5.4.22 NAME 'teletexTerminalIdentifier'
+ DESC 'RFC2256: Teletex Terminal Identifier'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.51 )
+
+attributetype ( 2.5.4.23 NAME ( 'facsimileTelephoneNumber' 'fax' )
+ DESC 'RFC2256: Facsimile (Fax) Telephone Number'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.22 )
+
+attributetype ( 2.5.4.24 NAME 'x121Address'
+ DESC 'RFC2256: X.121 Address'
+ EQUALITY numericStringMatch
+ SUBSTR numericStringSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{15} )
+
+attributetype ( 2.5.4.25 NAME 'internationaliSDNNumber'
+ DESC 'RFC2256: international ISDN number'
+ EQUALITY numericStringMatch
+ SUBSTR numericStringSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.36{16} )
+
+attributetype ( 2.5.4.26 NAME 'registeredAddress'
+ DESC 'RFC2256: registered postal address'
+ SUP postalAddress
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )
+
+attributetype ( 2.5.4.27 NAME 'destinationIndicator'
+ DESC 'RFC2256: destination indicator'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44{128} )
+
+attributetype ( 2.5.4.28 NAME 'preferredDeliveryMethod'
+ DESC 'RFC2256: preferred delivery method'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.14
+ SINGLE-VALUE )
+
+attributetype ( 2.5.4.29 NAME 'presentationAddress'
+ DESC 'RFC2256: presentation address'
+ EQUALITY presentationAddressMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.43
+ SINGLE-VALUE )
+
+attributetype ( 2.5.4.30 NAME 'supportedApplicationContext'
+ DESC 'RFC2256: supported application context'
+ EQUALITY objectIdentifierMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 )
+
+attributetype ( 2.5.4.31 NAME 'member'
+ DESC 'RFC2256: member of a group'
+ SUP distinguishedName )
+
+attributetype ( 2.5.4.32 NAME 'owner'
+ DESC 'RFC2256: owner (of the object)'
+ SUP distinguishedName )
+
+attributetype ( 2.5.4.33 NAME 'roleOccupant'
+ DESC 'RFC2256: occupant of role'
+ SUP distinguishedName )
+
+attributetype ( 2.5.4.34 NAME 'seeAlso'
+ DESC 'RFC2256: DN of related object'
+ SUP distinguishedName )
+
+# system schema
+#attributetype ( 2.5.4.35 NAME 'userPassword'
+# DESC 'RFC2256/2307: password of user'
+# EQUALITY octetStringMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
+
+# Must be transferred using ;binary
+attributetype ( 2.5.4.36 NAME 'userCertificate'
+ DESC 'RFC2256: X.509 user certificate, use ;binary'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
+
+# Must be transferred using ;binary
+attributetype ( 2.5.4.37 NAME 'cACertificate'
+ DESC 'RFC2256: X.509 CA certificate, use ;binary'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.8 )
+
+# Must be transferred using ;binary
+attributetype ( 2.5.4.38 NAME 'authorityRevocationList'
+ DESC 'RFC2256: X.509 authority revocation list, use ;binary'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
+
+# Must be transferred using ;binary
+attributetype ( 2.5.4.39 NAME 'certificateRevocationList'
+ DESC 'RFC2256: X.509 certificate revocation list, use ;binary'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
+
+# Must be stored and requested in the binary form
+attributetype ( 2.5.4.40 NAME 'crossCertificatePair'
+ DESC 'RFC2256: X.509 cross certificate pair, use ;binary'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.10 )
+
+# 2.5.4.41 is defined above as it's used for subtyping
+#attributetype ( 2.5.4.41 NAME 'name'
+# EQUALITY caseIgnoreMatch
+# SUBSTR caseIgnoreSubstringsMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
+
+attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
+ DESC 'RFC2256: first name(s) for which the entity is known by'
+ SUP name )
+
+attributetype ( 2.5.4.43 NAME 'initials'
+ DESC 'RFC2256: initials of some or all of names, but not the surname(s).'
+ SUP name )
+
+attributetype ( 2.5.4.44 NAME 'generationQualifier'
+ DESC 'RFC2256: name qualifier indicating a generation'
+ SUP name )
+
+attributetype ( 2.5.4.45 NAME 'x500UniqueIdentifier'
+ DESC 'RFC2256: X.500 unique identifier'
+ EQUALITY bitStringMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.6 )
+
+attributetype ( 2.5.4.46 NAME 'dnQualifier'
+ DESC 'RFC2256: DN qualifier'
+ EQUALITY caseIgnoreMatch
+ ORDERING caseIgnoreOrderingMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 )
+
+attributetype ( 2.5.4.47 NAME 'enhancedSearchGuide'
+ DESC 'RFC2256: enhanced search guide'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.21 )
+
+attributetype ( 2.5.4.48 NAME 'protocolInformation'
+ DESC 'RFC2256: protocol information'
+ EQUALITY protocolInformationMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.42 )
+
+# 2.5.4.49 is defined above as it's used for subtyping
+#attributetype ( 2.5.4.49 NAME 'distinguishedName'
+# EQUALITY distinguishedNameMatch
+# SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 )
+
+attributetype ( 2.5.4.50 NAME 'uniqueMember'
+ DESC 'RFC2256: unique member of a group'
+ EQUALITY uniqueMemberMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.34 )
+
+attributetype ( 2.5.4.51 NAME 'houseIdentifier'
+ DESC 'RFC2256: house identifier'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
+
+# Must be transferred using ;binary
+attributetype ( 2.5.4.52 NAME 'supportedAlgorithms'
+ DESC 'RFC2256: supported algorithms'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.49 )
+
+# Must be transferred using ;binary
+attributetype ( 2.5.4.53 NAME 'deltaRevocationList'
+ DESC 'RFC2256: delta revocation list; use ;binary'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.9 )
+
+attributetype ( 2.5.4.54 NAME 'dmdName'
+ DESC 'RFC2256: name of DMD'
+ SUP name )
+
+
+# Standard object classes from RFC2256
+
+# system schema
+#objectclass ( 2.5.6.1 NAME 'alias'
+# DESC 'RFC2256: an alias'
+# SUP top STRUCTURAL
+# MUST aliasedObjectName )
+
+objectclass ( 2.5.6.2 NAME 'country'
+ DESC 'RFC2256: a country'
+ SUP top STRUCTURAL
+ MUST c
+ MAY ( searchGuide $ description ) )
+
+objectclass ( 2.5.6.3 NAME 'locality'
+ DESC 'RFC2256: a locality'
+ SUP top STRUCTURAL
+ MAY ( street $ seeAlso $ searchGuide $ st $ l $ description ) )
+
+objectclass ( 2.5.6.4 NAME 'organization'
+ DESC 'RFC2256: an organization'
+ SUP top STRUCTURAL
+ MUST o
+ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
+ x121Address $ registeredAddress $ destinationIndicator $
+ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
+ telephoneNumber $ internationaliSDNNumber $
+ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
+ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
+
+objectclass ( 2.5.6.5 NAME 'organizationalUnit'
+ DESC 'RFC2256: an organizational unit'
+ SUP top STRUCTURAL
+ MUST ou
+ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
+ x121Address $ registeredAddress $ destinationIndicator $
+ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
+ telephoneNumber $ internationaliSDNNumber $
+ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
+ postalAddress $ physicalDeliveryOfficeName $ st $ l $ description ) )
+
+objectclass ( 2.5.6.6 NAME 'person'
+ DESC 'RFC2256: a person'
+ SUP top STRUCTURAL
+ MUST ( sn $ cn )
+ MAY ( userPassword $ telephoneNumber $ seeAlso $ description ) )
+
+objectclass ( 2.5.6.7 NAME 'organizationalPerson'
+ DESC 'RFC2256: an organizational person'
+ SUP person STRUCTURAL
+ MAY ( title $ x121Address $ registeredAddress $ destinationIndicator $
+ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
+ telephoneNumber $ internationaliSDNNumber $
+ facsimileTelephoneNumber $ street $ postOfficeBox $ postalCode $
+ postalAddress $ physicalDeliveryOfficeName $ ou $ st $ l ) )
+
+objectclass ( 2.5.6.8 NAME 'organizationalRole'
+ DESC 'RFC2256: an organizational role'
+ SUP top STRUCTURAL
+ MUST cn
+ MAY ( x121Address $ registeredAddress $ destinationIndicator $
+ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
+ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
+ seeAlso $ roleOccupant $ preferredDeliveryMethod $ street $
+ postOfficeBox $ postalCode $ postalAddress $
+ physicalDeliveryOfficeName $ ou $ st $ l $ description ) )
+
+objectclass ( 2.5.6.9 NAME 'groupOfNames'
+ DESC 'RFC2256: a group of names (DNs)'
+ SUP top STRUCTURAL
+ MUST ( member $ cn )
+ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
+
+objectclass ( 2.5.6.10 NAME 'residentialPerson'
+ DESC 'RFC2256: an residential person'
+ SUP person STRUCTURAL
+ MUST l
+ MAY ( businessCategory $ x121Address $ registeredAddress $
+ destinationIndicator $ preferredDeliveryMethod $ telexNumber $
+ teletexTerminalIdentifier $ telephoneNumber $ internationaliSDNNumber $
+ facsimileTelephoneNumber $ preferredDeliveryMethod $ street $
+ postOfficeBox $ postalCode $ postalAddress $
+ physicalDeliveryOfficeName $ st $ l ) )
+
+objectclass ( 2.5.6.11 NAME 'applicationProcess'
+ DESC 'RFC2256: an application process'
+ SUP top STRUCTURAL
+ MUST cn
+ MAY ( seeAlso $ ou $ l $ description ) )
+
+objectclass ( 2.5.6.12 NAME 'applicationEntity'
+ DESC 'RFC2256: an application entity'
+ SUP top STRUCTURAL
+ MUST ( presentationAddress $ cn )
+ MAY ( supportedApplicationContext $ seeAlso $ ou $ o $ l $
+ description ) )
+
+objectclass ( 2.5.6.13 NAME 'dSA'
+ DESC 'RFC2256: a directory system agent (a server)'
+ SUP applicationEntity STRUCTURAL
+ MAY knowledgeInformation )
+
+objectclass ( 2.5.6.14 NAME 'device'
+ DESC 'RFC2256: a device'
+ SUP top STRUCTURAL
+ MUST cn
+ MAY ( serialNumber $ seeAlso $ owner $ ou $ o $ l $ description ) )
+
+objectclass ( 2.5.6.15 NAME 'strongAuthenticationUser'
+ DESC 'RFC2256: a strong authentication user'
+ SUP top AUXILIARY
+ MUST userCertificate )
+
+objectclass ( 2.5.6.16 NAME 'certificationAuthority'
+ DESC 'RFC2256: a certificate authority'
+ SUP top AUXILIARY
+ MUST ( authorityRevocationList $ certificateRevocationList $
+ cACertificate ) MAY crossCertificatePair )
+
+objectclass ( 2.5.6.17 NAME 'groupOfUniqueNames'
+ DESC 'RFC2256: a group of unique names (DN and Unique Identifier)'
+ SUP top STRUCTURAL
+ MUST ( uniqueMember $ cn )
+ MAY ( businessCategory $ seeAlso $ owner $ ou $ o $ description ) )
+
+objectclass ( 2.5.6.18 NAME 'userSecurityInformation'
+ DESC 'RFC2256: a user security information'
+ SUP top AUXILIARY
+ MAY ( supportedAlgorithms ) )
+
+objectclass ( 2.5.6.16.2 NAME 'certificationAuthority-V2'
+ SUP certificationAuthority
+ AUXILIARY MAY ( deltaRevocationList ) )
+
+objectclass ( 2.5.6.19 NAME 'cRLDistributionPoint'
+ SUP top STRUCTURAL
+ MUST ( cn )
+ MAY ( certificateRevocationList $ authorityRevocationList $
+ deltaRevocationList ) )
+
+objectclass ( 2.5.6.20 NAME 'dmd'
+ SUP top STRUCTURAL
+ MUST ( dmdName )
+ MAY ( userPassword $ searchGuide $ seeAlso $ businessCategory $
+ x121Address $ registeredAddress $ destinationIndicator $
+ preferredDeliveryMethod $ telexNumber $ teletexTerminalIdentifier $
+ telephoneNumber $ internationaliSDNNumber $ facsimileTelephoneNumber $
+ street $ postOfficeBox $ postalCode $ postalAddress $
+ physicalDeliveryOfficeName $ st $ l $ description ) )
+
+#
+# Object Classes from RFC 2587
+#
+objectclass ( 2.5.6.21 NAME 'pkiUser'
+ DESC 'RFC2587: a PKI user'
+ SUP top AUXILIARY
+ MUST userCertificate )
+
+objectclass ( 2.5.6.22 NAME 'pkiCA'
+ DESC 'RFC2587: PKI certificate authority'
+ SUP top AUXILIARY
+ MAY ( authorityRevocationList $ certificateRevocationList $
+ cACertificate $ crossCertificatePair ) )
+
+objectclass ( 2.5.6.23 NAME 'deltaCRL'
+ DESC 'RFC2587: PKI user'
+ SUP top AUXILIARY
+ MAY deltaRevocationList )
+
+#
+# Standard Track URI label schema from RFC 2079
+#
+attributetype ( 1.3.6.1.4.1.250.1.57 NAME 'labeledURI'
+ DESC 'RFC2079: Uniform Resource Identifier with optional label'
+ EQUALITY caseExactMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+objectclass ( 1.3.6.1.4.1.250.3.15 NAME 'labeledURIObject'
+ DESC 'RFC2079: object that contains the URI attribute type'
+ MAY ( labeledURI )
+ SUP top AUXILIARY )
+
+#
+# Derived from RFC 1274, but with new "short names"
+#
+attributetype ( 0.9.2342.19200300.100.1.1
+ NAME ( 'uid' 'userid' )
+ DESC 'RFC1274: user identifier'
+ EQUALITY caseIgnoreMatch
+ SUBSTR caseIgnoreSubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{256} )
+
+attributetype ( 0.9.2342.19200300.100.1.3
+ NAME ( 'mail' 'rfc822Mailbox' )
+ DESC 'RFC1274: RFC822 Mailbox'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
+
+objectclass ( 0.9.2342.19200300.100.4.19 NAME 'simpleSecurityObject'
+ DESC 'RFC1274: simple security object'
+ SUP top AUXILIARY
+ MUST userPassword )
+
+# RFC 1274 + RFC 2247
+attributetype ( 0.9.2342.19200300.100.1.25
+ NAME ( 'dc' 'domainComponent' )
+ DESC 'RFC1274/2247: domain component'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE )
+
+# RFC 2247
+objectclass ( 1.3.6.1.4.1.1466.344 NAME 'dcObject'
+ DESC 'RFC2247: domain component object'
+ SUP top AUXILIARY MUST dc )
+
+# RFC 2377
+objectclass ( 1.3.6.1.1.3.1 NAME 'uidObject'
+ DESC 'RFC2377: uid object'
+ SUP top AUXILIARY MUST uid )
+
+# From COSINE Pilot
+attributetype ( 0.9.2342.19200300.100.1.37
+ NAME 'associatedDomain'
+ DESC 'RFC1274: domain associated with object'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
+
+# From U-Mich
+attributetype ( 1.3.6.1.4.1.250.1.32
+ NAME ( 'krbName' 'kerberosName' )
+ DESC 'Kerberos principal associated with object'
+ EQUALITY caseIgnoreIA5Match
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
+ SINGLE-VALUE )
+
+# RFC 2459
+attributetype ( 1.2.840.113549.1.9.1
+ NAME ( 'email' 'emailAddress' 'pkcs9email' )
+ DESC 'RFC2459: legacy attribute for email addresses in DNs'
+ EQUALITY caseIgnoreIA5Match
+ SUBSTR caseIgnoreIA5SubstringsMatch
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{128} )
+
diff --git a/servers/slapd/schema_init.c b/servers/slapd/schema_init.c
index ff204a1903..f37cbf19ce 100644
--- a/servers/slapd/schema_init.c
+++ b/servers/slapd/schema_init.c
@@ -274,7 +274,7 @@ nameUIDValidate(
rc = dnValidate( NULL, &dn );
- ber_memfree( &dn );
+ ber_memfree( dn.bv_val );
return rc;
}
diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h
index 123b7b06bd..62ddc37bcc 100644
--- a/servers/slapd/slap.h
+++ b/servers/slapd/slap.h
@@ -713,6 +713,32 @@ typedef struct slap_filter {
/* compare routines can return undefined */
#define SLAPD_COMPARE_UNDEFINED ((ber_int_t) -1)
+typedef struct slap_valuesreturnfilter {
+ ber_tag_t f_choice;
+
+ union vrf_un_u {
+ /* precomputed result */
+ ber_int_t f_un_result;
+
+ /* DN */
+ char *f_un_dn;
+
+ /* present */
+ AttributeDescription *f_un_desc;
+
+ /* simple value assertion */
+ AttributeAssertion *f_un_ava;
+
+ /* substring assertion */
+ SubstringsAssertion *f_un_ssa;
+
+ /* matching rule assertion */
+ MatchingRuleAssertion *f_un_mra;
+ } f_un;
+
+ struct slap_valuesreturnfilter *f_next;
+} ValuesReturnFilter;
+
/*
* represents an attribute (description + values)
*/
@@ -998,7 +1024,7 @@ LDAP_SLAPD_V (int) slapMode;
struct slap_replica_info {
char *ri_host; /* supersedes be_replica */
- struct berval **ri_nsuffix; /* array of suffixes this replica accepts */
+ BerVarray ri_nsuffix; /* array of suffixes this replica accepts */
AttributeName *ri_attrs; /* attrs to replicate, NULL=all */
int ri_exclude; /* 1 => exclude ri_attrs */
};
@@ -1025,6 +1051,7 @@ struct slap_limits {
#define SLAP_LIMITS_REGEX 0x0005
#define SLAP_LIMITS_ANONYMOUS 0x0006
#define SLAP_LIMITS_USERS 0x0007
+#define SLAP_LIMITS_ANY 0x0008
regex_t lm_dn_regex; /* regex data for REGEX */
/*
@@ -1139,9 +1166,9 @@ struct slap_backend_db {
slap_ssf_set_t be_ssf_set;
/* these should be renamed from be_ to bd_ */
- struct berval **be_suffix; /* the DN suffixes of data in this backend */
- struct berval **be_nsuffix; /* the normalized DN suffixes in this backend */
- struct berval **be_suffixAlias; /* pairs of DN suffix aliases and deref values */
+ BerVarray be_suffix; /* the DN suffixes of data in this backend */
+ BerVarray be_nsuffix; /* the normalized DN suffixes in this backend */
+ BerVarray be_suffixAlias; /* pairs of DN suffix aliases and deref values */
struct berval be_rootdn; /* the magic "root" name (DN) for this db */
struct berval be_rootndn; /* the magic "root" normalized name (DN) for this db */
struct berval be_rootpw; /* the magic "root" password for this db */
@@ -1442,6 +1469,7 @@ typedef struct slap_op {
char o_noop;
char o_subentries;
char o_subentries_visibility;
+ char o_valuesreturnfilter;
char o_pagedresults;
ber_int_t o_pagedresults_size;
@@ -1459,6 +1487,7 @@ typedef struct slap_op {
void *o_private; /* anything the backend needs */
LDAP_STAILQ_ENTRY(slap_op) o_next; /* next operation in list */
+ ValuesReturnFilter *vrFilter; /* Structure represents ValuesReturnFilter */
} Operation;
#define get_manageDSAit(op) ((int)(op)->o_managedsait)
@@ -1561,12 +1590,19 @@ typedef struct slap_conn {
#define SASL_AUTHZ_SOURCE_ATTR "saslAuthzTo"
#define SASL_AUTHZ_DEST_ATTR "saslAuthzFrom"
+typedef struct sasl_uri {
+ struct berval dn;
+ struct berval filter;
+ int scope;
+} SaslUri_t;
+
typedef struct sasl_regexp {
char *sr_match; /* regexp match pattern */
- char *sr_replace; /* regexp replace pattern */
+ SaslUri_t sr_replace; /* regexp replace pattern */
regex_t sr_workspace; /* workspace for regexp engine */
regmatch_t sr_strings[SASLREGEX_REPLACE]; /* strings matching $1,$2 ... */
- int sr_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */
+ int sr_dn_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */
+ int sr_fi_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */
} SaslRegexp_t;
/*
diff --git a/servers/slapd/suffixalias.c b/servers/slapd/suffixalias.c
new file mode 100644
index 0000000000..faf68b95b4
--- /dev/null
+++ b/servers/slapd/suffixalias.c
@@ -0,0 +1,81 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1999-2002 The OpenLDAP Foundation, All Rights Reserved.
+ *
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file in the top level
+ * directory of this package.
+ */
+/* Portions
+ * Copyright (c) 1998 Will Ballantyne, ITSD, Government of BC
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms are permitted
+ * provided that this notice is preserved and that due credit is given
+ * to ITSD, Government of BC. The name of ITSD
+ * may not be used to endorse or promote products derived from this
+ * software without specific prior written permission. This software
+ * is provided ``as is'' without express or implied warranty.
+ */
+
+#include "portable.h"
+
+#include <stdio.h>
+#include <ac/string.h>
+#include <ac/socket.h>
+#include "slap.h"
+
+/*
+ * given a normalized uppercased dn (or root part),
+ * return an aliased dn if any of the alias suffixes match
+ */
+void suffix_alias(
+ Backend *be,
+ struct berval *dn )
+{
+ int i, dnLength;
+
+ if(dn == NULL || be == NULL || dn->bv_len == 0)
+ return;
+
+ dnLength = dn->bv_len;
+
+ for ( i = 0;
+ be->be_suffixAlias != NULL && be->be_suffixAlias[i].bv_val != NULL;
+ i += 2 )
+ {
+ int aliasLength = be->be_suffixAlias[i].bv_len;
+ int diff = dnLength - aliasLength;
+
+ if ( diff < 0 ) {
+ /* alias is longer than dn */
+ continue;
+ } else if ( diff > 0 ) {
+ if ( ! DN_SEPARATOR(dn->bv_val[diff-1]) ) {
+ /* boundary is not at a DN separator */
+ continue;
+ }
+ /* At a DN Separator */
+ /* XXX or an escaped separator... oh well */
+ }
+
+ if (!strcmp(be->be_suffixAlias[i].bv_val, &dn->bv_val[diff])) {
+ char *oldDN = dn->bv_val;
+ dn->bv_len = diff + be->be_suffixAlias[i+1].bv_len;
+ dn->bv_val = ch_malloc( dn->bv_len + 1 );
+ strncpy( dn->bv_val, oldDN, diff );
+ strcpy( &dn->bv_val[diff], be->be_suffixAlias[i+1].bv_val );
+#ifdef NEW_LOGGING
+ LDAP_LOG(( "operation", LDAP_LEVEL_INFO,
+ "suffix_alias: converted \"%s\" to \"%s\"\n",
+ oldDN, dn->bv_val ));
+#else
+ Debug( LDAP_DEBUG_ARGS,
+ "suffix_alias: converted \"%s\" to \"%s\"\n",
+ oldDN, dn->bv_val, 0);
+#endif
+
+ free (oldDN);
+ break;
+ }
+ }
+}
diff --git a/servers/slapd/tools/Makefile.in b/servers/slapd/tools/Makefile.in
index 6310473b83..1e8f1525d3 100644
--- a/servers/slapd/tools/Makefile.in
+++ b/servers/slapd/tools/Makefile.in
@@ -20,9 +20,8 @@ LDAP_INCDIR= ../../../include
LDAP_LIBDIR= ../../../libraries
SLAP_DIR=../
-SLAPD_MODULES = @SLAPD_MODULES_LIST@
XDEFS = $(MODULES_CPPFLAGS)
-XLDFLAGS = $(MODULES_LDFLAGS) $(SLAPD_MODULES)
+XLDFLAGS = $(MODULES_LDFLAGS)
XLIBS = $(SLAPD_L) $(LDBM_LIBS)
XXLIBS = $(SLAPD_LIBS) \
diff --git a/servers/slapd/tools/slapadd.c b/servers/slapd/tools/slapadd.c
index ad18fe9c6b..d14114c50c 100644
--- a/servers/slapd/tools/slapadd.c
+++ b/servers/slapd/tools/slapadd.c
@@ -83,12 +83,12 @@ main( int argc, char **argv )
fprintf( stderr, "%s: line %d: "
"database (%s) not configured to hold \"%s\"\n",
progname, lineno,
- be ? be->be_suffix[0]->bv_val : "<none>",
+ be ? be->be_suffix[0].bv_val : "<none>",
e->e_dn );
fprintf( stderr, "%s: line %d: "
"database (%s) not configured to hold \"%s\"\n",
progname, lineno,
- be ? be->be_nsuffix[0]->bv_val : "<none>",
+ be ? be->be_nsuffix[0].bv_val : "<none>",
e->e_ndn );
rc = EXIT_FAILURE;
entry_free( e );
diff --git a/servers/slurpd/Makefile.in b/servers/slurpd/Makefile.in
new file mode 100644
index 0000000000..03b264ad53
--- /dev/null
+++ b/servers/slurpd/Makefile.in
@@ -0,0 +1,53 @@
+# $OpenLDAP$
+## Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+## COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+##
+## Makefile.in for slurpd
+##
+
+PROGRAMS = slurpd
+XPROGRAMS = sslurpd
+
+XSRCS = version.c
+
+SRCS = admin.c args.c ch_malloc.c config.c \
+ fm.c globals.c ldap_op.c lock.c main.c re.c \
+ reject.c replica.c replog.c ri.c rq.c sanity.c st.c
+OBJS = admin.o args.o ch_malloc.o config.o \
+ fm.o globals.o ldap_op.o lock.o main.o re.o \
+ reject.o replica.o replog.o ri.o rq.o sanity.o st.o
+
+LDAP_INCDIR= ../../include
+LDAP_LIBDIR= ../../libraries
+
+BUILD_OPT = "--enable-slurpd"
+BUILD_SRV = @BUILD_SLURPD@
+
+all-local-srv: $(PROGRAMS)
+
+# $(LTHREAD_LIBS) must be last!
+XLIBS = $(SLURPD_L)
+XXLIBS = $(SLURPD_LIBS) $(SECURITY_LIBS) \
+ $(LDIF_LIBS) $(LUTIL_LIBS)
+XXXLIBS = $(LTHREAD_LIBS)
+
+slurpd: version.o
+ $(LTLINK) -o $@ $(OBJS) version.o $(LIBS)
+
+sslurpd: version.o
+ $(LTLINK) -static -o $@ $(OBJS) version.o $(LIBS)
+
+version.c: $(OBJS) $(SLURPD_L)
+ @-$(RM) $@
+ $(MKVERSION) slurpd > $@
+
+install-local-srv: FORCE
+ -$(MKDIR) $(DESTDIR)$(libexecdir)
+ @-$(INSTALL) -m 700 -d $(DESTDIR)$(localstatedir)/openldap-slurp
+ @( \
+ for prg in $(PROGRAMS); do \
+ $(LTINSTALL) $(INSTALLFLAGS) -s -m 755 $$prg$(EXEEXT) \
+ $(DESTDIR)$(libexecdir); \
+ done \
+ )
+
diff --git a/servers/slurpd/admin.c b/servers/slurpd/admin.c
index 6a58b40c4c..758c06abf5 100644
--- a/servers/slurpd/admin.c
+++ b/servers/slurpd/admin.c
@@ -1,3 +1,8 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
/*
* Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
@@ -15,9 +20,12 @@
* reconfiguration of slurpd.
*/
+#include "portable.h"
#include <stdio.h>
-#include <signal.h>
+#include <ac/stdlib.h>
+
+#include <ac/signal.h>
#include "slurp.h"
#include "globals.h"
@@ -33,9 +41,9 @@
* slurpd receives a USR2 signal, it will dump its replication
* queue to the disk file given by SLURPD_DUMPFILE.
*/
-void
-do_admin()
+RETSIGTYPE
+do_admin( int sig )
{
sglob->rq->rq_dump( sglob->rq );
- (void) SIGNAL( SIGUSR2, (void *) do_admin );
+ (void) SIGNAL_REINSTALL( sig, do_admin );
}
diff --git a/servers/slurpd/args.c b/servers/slurpd/args.c
index b3cc935df8..4262952524 100644
--- a/servers/slurpd/args.c
+++ b/servers/slurpd/args.c
@@ -1,3 +1,8 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
/*
* Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
@@ -14,26 +19,31 @@
* args.c - process command-line arguments, and set appropriate globals.
*/
+#include "portable.h"
+
#include <stdio.h>
-#include <string.h>
-#include <lber.h>
+#include <ac/stdlib.h>
+#include <ac/string.h>
+#include <ac/time.h>
+#include <ac/unistd.h>
+
#include <ldap.h>
#include "slurp.h"
#include "globals.h"
-static int
+static void
usage( char *name )
{
fprintf( stderr, "usage: %s\t[-d debug-level] [-s syslog-level]\n", name );
fprintf( stderr, "\t\t[-f slapd-config-file] [-r replication-log-file]\n" );
-#ifdef KERBEROS
+#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
fprintf( stderr, "\t\t[-t tmp-dir] [-o] [-k srvtab-file]\n" );
-#else /* KERBEROS */
+#else /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
fprintf( stderr, "\t\t[-t tmp-dir] [-o]\n" );
-#endif /* KERBEROS */
+#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
}
@@ -49,20 +59,20 @@ doargs(
)
{
int i;
- extern char *optarg;
int rflag = 0;
- if ( (g->myname = strrchr( argv[0], '/' )) == NULL ) {
+ if ( (g->myname = strrchr( argv[0], LDAP_DIRSEP[0] )) == NULL ) {
g->myname = strdup( argv[0] );
} else {
g->myname = strdup( g->myname + 1 );
}
- while ( (i = getopt( argc, argv, "hd:f:r:t:k:o" )) != EOF ) {
+ while ( (i = getopt( argc, argv, "d:f:or:t:" )) != EOF ) {
switch ( i ) {
-#ifdef LDAP_DEBUG
- case 'd': /* turn on debugging */
+ case 'd': /* set debug level and 'do not detach' flag */
+ g->no_detach = 1;
if ( optarg[0] == '?' ) {
+#ifdef LDAP_DEBUG
printf( "Debug levels:\n" );
printf( "\tLDAP_DEBUG_TRACE\t%d\n",
LDAP_DEBUG_TRACE );
@@ -82,38 +92,35 @@ doargs(
LDAP_DEBUG_ACL );
printf( "\tLDAP_DEBUG_ANY\t\t%d\n",
LDAP_DEBUG_ANY );
+ puts( "\tThe -d flag also prevents slurpd from detaching." );
+#endif /* LDAP_DEBUG */
+ puts( "\tDebugging is disabled. -d 0 prevents slurpd from detaching." );
return( -1 );
- } else {
- ldap_debug = atoi( optarg );
}
- break;
-#else /* LDAP_DEBUG */
- case 'd': /* can't enable debugging - not built with debug code */
- fprintf( stderr, "must compile with LDAP_DEBUG for debugging\n" );
- break;
+#ifdef LDAP_DEBUG
+ ldap_debug |= atoi( optarg );
+#else /* !LDAP_DEBUG */
+ if ( atoi( optarg ) != 0 )
+ /* can't enable debugging - not built with debug code */
+ fputs( "must compile with LDAP_DEBUG for debugging\n",
+ stderr );
#endif /* LDAP_DEBUG */
+ break;
case 'f': /* slapd config file */
g->slapd_configfile = strdup( optarg );
break;
+ case 'o':
+ g->one_shot_mode = 1;
+ break;
case 'r': /* slapd replog file */
- strcpy( g->slapd_replogfile, optarg );
+ strncpy( g->slapd_replogfile, optarg,
+ sizeof(g->slapd_replogfile)-1 );
+ g->slapd_replogfile[sizeof(g->slapd_replogfile)-1] = '\0';
rflag++;
break;
case 't': /* dir to use for our copies of replogs */
- g->slurpd_rdir = strdup( optarg );
- break;
- case 'k': /* name of kerberos srvtab file */
-#ifdef KERBEROS
- g->default_srvtab = strdup( optarg );
-#else /* KERBEROS */
- fprintf( stderr, "must compile with KERBEROS to use -k option\n" );
-#endif /* KERBEROS */
- break;
- case 'h':
- usage( g->myname );
- return( -1 );
- case 'o':
- g->one_shot_mode = 1;
+ g->slurpd_rdir = (char *)malloc (strlen(optarg) + sizeof("/replica"));
+ sprintf(g->slurpd_rdir, "%s" LDAP_DIRSEP "replica", optarg);
break;
default:
usage( g->myname );
@@ -128,21 +135,22 @@ doargs(
}
/* Set location/name of our private copy of the slapd replog file */
- sprintf( g->slurpd_replogfile, "%s/%s", g->slurpd_rdir,
+ sprintf( g->slurpd_replogfile, "%s" LDAP_DIRSEP "%s", g->slurpd_rdir,
DEFAULT_SLURPD_REPLOGFILE );
/* Set location/name of the slurpd status file */
- sprintf( g->slurpd_status_file, "%s/%s", g->slurpd_rdir,
+ sprintf( g->slurpd_status_file, "%s" LDAP_DIRSEP "%s", g->slurpd_rdir,
DEFAULT_SLURPD_STATUS_FILE );
+ ber_set_option(NULL, LBER_OPT_DEBUG_LEVEL, &ldap_debug);
+ ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, &ldap_debug);
+ ldif_debug = ldap_debug;
+
#ifdef LOG_LOCAL4
openlog( g->myname, OPENLOG_OPTIONS, LOG_LOCAL4 );
-#else
+#elif LOG_DEBUG
openlog( g->myname, OPENLOG_OPTIONS );
#endif
return 0;
-
}
-
-
diff --git a/servers/slurpd/config.c b/servers/slurpd/config.c
index db08952915..bd47c26a61 100644
--- a/servers/slurpd/config.c
+++ b/servers/slurpd/config.c
@@ -34,15 +34,17 @@
#include "slurp.h"
#include "globals.h"
-#define MAXARGS 500
+#define ARGS_STEP 512
/* Forward declarations */
static void add_replica LDAP_P(( char **, int ));
static int parse_replica_line LDAP_P(( char **, int, Ri *));
-static void parse_line LDAP_P(( char *, int *, char ** ));
+static void parse_line LDAP_P(( char * ));
static char *getline LDAP_P(( FILE * ));
static char *strtok_quote LDAP_P(( char *, char * ));
+int cargc = 0, cargv_size = 0;
+char **cargv;
/* current config file line # */
static int lineno;
@@ -60,8 +62,9 @@ slurpd_read_config(
{
FILE *fp;
char *line;
- int cargc;
- char *cargv[MAXARGS];
+
+ cargv = ch_calloc( ARGS_STEP + 1, sizeof(*cargv) );
+ cargv_size = ARGS_STEP + 1;
#ifdef NEW_LOGGING
LDAP_LOG (( "config", LDAP_LEVEL_ARGS,
@@ -90,7 +93,7 @@ slurpd_read_config(
Debug( LDAP_DEBUG_CONFIG, "Config: (%s)\n", line, 0, 0 );
#endif
- parse_line( line, &cargc, cargv );
+ parse_line( line );
if ( cargc < 1 ) {
fprintf( stderr, "line %d: bad config line (ignored)\n", lineno );
@@ -172,19 +175,30 @@ slurpd_read_config(
*/
static void
parse_line(
- char *line,
- int *argcp,
- char **argv
+ char *line
)
{
char * token;
- *argcp = 0;
+ cargc = 0;
for ( token = strtok_quote( line, " \t" ); token != NULL;
- token = strtok_quote( NULL, " \t" ) ) {
- argv[(*argcp)++] = token;
+ token = strtok_quote( NULL, " \t" ) )
+ {
+ if ( cargc == cargv_size - 1 ) {
+ char **tmp;
+ tmp = ch_realloc( cargv, (cargv_size + ARGS_STEP) *
+ sizeof(*cargv) );
+ if (tmp == NULL) {
+ cargc = 0;
+ return;
+ }
+ cargv = tmp;
+ cargv_size += ARGS_STEP;
+ }
+
+ cargv[cargc++] = token;
}
- argv[*argcp] = NULL;
+ cargv[cargc] = NULL;
}
diff --git a/servers/slurpd/globals.c b/servers/slurpd/globals.c
index f8630323cb..0bd0329ba0 100644
--- a/servers/slurpd/globals.c
+++ b/servers/slurpd/globals.c
@@ -1,3 +1,8 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
/*
* Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
@@ -14,22 +19,32 @@
* globals.c - initialization code for global data
*/
+#include "portable.h"
+
#include <stdio.h>
+#include <ac/stdlib.h>
+#include <ac/string.h>
+
#include "slurp.h"
#include "globals.h"
Globals *sglob;
int ldap_syslog = 0;
+#ifdef LOG_DEBUG
int ldap_syslog_level = LOG_DEBUG;
+#else
+int ldap_syslog_level = 0;
+#endif
int ldap_debug = 0;
/*
* Initialize the globals
*/
-Globals *init_globals()
+Globals *
+init_globals( void )
{
Globals *g;
@@ -43,30 +58,27 @@ Globals *init_globals()
g->slurpd_shutdown = 0;
g->num_replicas = 0;
g->replicas = NULL;
- g->slurpd_rdir = DEFAULT_SLURPD_REPLICA_DIR;
+ g->slurpd_rdir = DEFAULT_SLURPD_REPLICA_DIR "/replica";
strcpy( g->slurpd_status_file, DEFAULT_SLURPD_STATUS_FILE );
g->slapd_replogfile[ 0 ] = '\0';
g->slurpd_replogfile[ 0 ] = '\0';
g->slurpd_status_file[ 0 ] = '\0';
g->one_shot_mode = 0;
+ g->no_detach = 0;
g->myname = NULL;
g->srpos = 0L;
if ( St_init( &(g->st)) < 0 ) {
fprintf( stderr, "Cannot initialize status data\n" );
- exit( 1 );
+ exit( EXIT_FAILURE );
}
- pthread_mutex_init( &(g->rej_mutex), pthread_mutexattr_default );
+ ldap_pvt_thread_mutex_init( &(g->rej_mutex) );
if ( Rq_init( &(g->rq)) < 0 ) {
fprintf( stderr, "Cannot initialize queue\n" );
- exit( 1 );
+ exit( EXIT_FAILURE );
}
-#ifdef KERBEROS
+#ifdef LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND
g->default_srvtab = SRVTAB;
-#endif /* KERBEROS */
-#if defined( THREAD_SUNOS4_LWP )
- g->tsl_list = NULL;
- mon_create( &g->tsl_mon );
-#endif /* THREAD_SUNOS4_LWP */
+#endif /* LDAP_API_FEATURE_X_OPENLDAP_V2_KBIND */
return g;
}
diff --git a/servers/slurpd/ldap_op.c b/servers/slurpd/ldap_op.c
index 2d63daefaf..66145f59e5 100644
--- a/servers/slurpd/ldap_op.c
+++ b/servers/slurpd/ldap_op.c
@@ -85,7 +85,7 @@ do_ldap(
lderr = op_ldap_add( ri, re, errmsg );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( " ldap_op", LDAP_LEVEL_ERR, "do_ldap: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_ldap: "
"Error: ldap_add_s failed adding \"%s\": %s\n",
*errmsg ? *errmsg : ldap_err2string( lderr ), re->re_dn ));
#else
@@ -101,7 +101,7 @@ do_ldap(
lderr = op_ldap_modify( ri, re, errmsg );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( " ldap_op", LDAP_LEVEL_ERR, "do_ldap: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_ldap: "
"Error: ldap_modify_s failed modifying \"%s\": %s\n",
*errmsg ? *errmsg : ldap_err2string( lderr ), re->re_dn ));
#else
@@ -117,7 +117,7 @@ do_ldap(
lderr = op_ldap_delete( ri, re, errmsg );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( " ldap_op", LDAP_LEVEL_ERR, "do_ldap: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_ldap: "
"Error: ldap_delete_s failed deleting \"%s\": %s\n",
*errmsg ? *errmsg : ldap_err2string( lderr ), re->re_dn ));
#else
@@ -133,7 +133,7 @@ do_ldap(
lderr = op_ldap_modrdn( ri, re, errmsg );
if ( lderr != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( " ldap_op", LDAP_LEVEL_ERR, "do_ldap: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_ldap: "
"Error: ldap_modrdn_s failed modifying %s: %s\n",
*errmsg ? *errmsg : ldap_err2string( lderr ), re->re_dn ));
#else
@@ -147,7 +147,7 @@ do_ldap(
default:
#ifdef NEW_LOGGING
- LDAP_LOG (( " ldap_op", LDAP_LEVEL_ERR, "do_ldap: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_ldap: "
"Error: bad op \"%d\", dn = \"%s\"\n",
re->re_changetype, re->re_dn ));
#else
@@ -221,7 +221,7 @@ op_ldap_add(
/* Perform the operation */
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ARGS,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ARGS,
"op_ldap_add: replica %s:%d - add dn \"%s\"\n",
ri->ri_hostname, ri->ri_port, re->re_dn ));
#else
@@ -235,7 +235,7 @@ op_ldap_add(
} else {
*errmsg = "No modifications to do";
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_add: Error: no mods to do (%s)!\n", re->re_dn ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -277,7 +277,7 @@ op_ldap_modify(
if ( re->re_mods == NULL ) {
*errmsg = "No arguments given";
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modify: Error: no arguments\n" ));
#else
Debug( LDAP_DEBUG_ANY, "Error: op_ldap_modify: no arguments\n",
@@ -330,7 +330,7 @@ op_ldap_modify(
default:
if ( state == AWAITING_OP ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modify: Error: unknown mod type \"%s\"\n", type ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -348,7 +348,7 @@ op_ldap_modify(
*/
if ( strcasecmp( type, ldm->mod_type )) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modify: Error: "
"malformed modify op, %s: %s (expecting \"%s\")\n",
type, value, ldm->mod_type ));
@@ -375,7 +375,7 @@ op_ldap_modify(
if ( nops > 0 ) {
/* Actually perform the LDAP operation */
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_DETAIL1,
+ LDAP_LOG (( "operation", LDAP_LEVEL_DETAIL1,
"op_ldap_modify: replica %s:%d - modify dn \"%s\"\n",
ri->ri_hostname, ri->ri_port, re->re_dn ));
#else
@@ -404,7 +404,7 @@ op_ldap_delete(
int rc;
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ARGS,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ARGS,
"op_ldap_delete: replica %s:%d - delete dn \"%s\"\n",
ri->ri_hostname, ri->ri_port, re->re_dn ));
#else
@@ -447,7 +447,7 @@ op_ldap_modrdn(
if ( re->re_mods == NULL ) {
*errmsg = "No arguments given";
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modrdn: Error: no arguments\n" ));
#else
Debug( LDAP_DEBUG_ANY, "Error: op_ldap_modrdn: no arguments\n",
@@ -463,7 +463,7 @@ op_ldap_modrdn(
if ( !strcmp( mi[ i ].mi_type, T_NEWRDNSTR )) {
if( state & GOT_NEWRDN ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modrdn: Error: multiple newrdn arg \"%s\"\n",
mi[ i ].mi_val ));
#else
@@ -481,7 +481,7 @@ op_ldap_modrdn(
} else if ( !strcmp( mi[ i ].mi_type, T_DELOLDRDNSTR )) {
if( state & GOT_DELOLDRDN ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modrdn: Error: multiple deleteoldrdn arg \"%s\"\n",
mi[ i ].mi_val ));
#else
@@ -500,7 +500,7 @@ op_ldap_modrdn(
drdnflag = 1;
} else {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modrdn: Error: bad deleteoldrdn arg \"%s\"\n",
mi[ i ].mi_val ));
#else
@@ -515,7 +515,7 @@ op_ldap_modrdn(
} else if ( !strcmp( mi[ i ].mi_type, T_NEWSUPSTR )) {
if( state & GOT_NEWSUP ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modrdn: Error: multiple newsuperior arg \"%s\"\n",
mi[ i ].mi_val ));
#else
@@ -532,7 +532,7 @@ op_ldap_modrdn(
} else {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modrdn: Error: bad type \"%s\"\n",
mi[ i ].mi_type ));
#else
@@ -549,7 +549,7 @@ op_ldap_modrdn(
*/
if ( !GOT_ALL_MODDN(state) ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"op_ldap_modrdn: Error: missing arguments\n" ));
#else
Debug( LDAP_DEBUG_ANY, "Error: op_ldap_modrdn: missing arguments\n",
@@ -563,12 +563,15 @@ op_ldap_modrdn(
if ( ldap_debug & LDAP_DEBUG_ARGS ) {
char buf[ 256 ];
char *buf2;
- sprintf( buf, "%s:%d", ri->ri_hostname, ri->ri_port );
- buf2 = (char *) ch_malloc( strlen( re->re_dn ) + strlen( mi->mi_val )
- + 10 );
- sprintf( buf2, "(\"%s\" -> \"%s\")", re->re_dn, mi->mi_val );
+ int buf2len = strlen( re->re_dn ) + strlen( mi->mi_val ) + 11;
+
+ snprintf( buf, sizeof(buf), "%s:%d", ri->ri_hostname, ri->ri_port );
+
+ buf2 = (char *) ch_malloc( buf2len );
+ snprintf( buf2, buf2len, "(\"%s\" -> \"%s\")", re->re_dn, mi->mi_val );
+
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ARGS,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ARGS,
"op_ldap_modrdn: replica %s - modify rdn %s (flag: %d)\n",
buf, buf2, drdnflag ));
#else
@@ -709,7 +712,7 @@ do_unbind(
rc = ldap_unbind( ri->ri_ldp );
if ( rc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"do_unbind: ldap_unbind failed for %s:%d: %s\n",
ri->ri_hostname, ri->ri_port, ldap_err2string( rc ) ));
#else
@@ -748,7 +751,7 @@ do_bind(
if ( ri == NULL ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: null ri ptr\n" ));
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: null ri ptr\n" ));
#else
Debug( LDAP_DEBUG_ANY, "Error: do_bind: null ri ptr\n", 0, 0, 0 );
#endif
@@ -759,7 +762,7 @@ do_bind(
ldrc = ldap_unbind( ri->ri_ldp );
if ( ldrc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"do_bind: ldap_unbind failed: %s\n", ldap_err2string( ldrc ) ));
#else
Debug( LDAP_DEBUG_ANY,
@@ -771,7 +774,7 @@ do_bind(
}
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ARGS,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ARGS,
"do_bind: Initializing session to %s:%d\n",
ri->ri_hostname, ri->ri_port ));
#else
@@ -782,7 +785,7 @@ do_bind(
ri->ri_ldp = ldap_init( ri->ri_hostname, ri->ri_port );
if ( ri->ri_ldp == NULL ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR,
"do_bind: ldap_init (%s, %d) failed: %s\n",
ri->ri_hostname, ri->ri_port, sys_errlist[ errno ] ));
#else
@@ -799,7 +802,7 @@ do_bind(
if( err != LDAP_OPT_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: ",
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: ",
"Error: ldap_set_option(%s, LDAP_OPT_VERSION, 3) failed!\n",
ri->ri_hostname ));
#else
@@ -824,7 +827,7 @@ do_bind(
if( err != LDAP_OPT_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: ",
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: ",
"Error: ldap_set_option(%s, REFERRALS, OFF) failed!\n",
ri->ri_hostname ));
#else
@@ -845,7 +848,7 @@ do_bind(
if( err != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: ",
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: ",
"%s: ldap_start_tls failed: %s (%d)\n",
ri->ri_tls == TLS_CRITICAL ? "Error" : "Warning",
ldap_err2string( err ), err ));
@@ -870,7 +873,7 @@ do_bind(
* Bind with a plaintext password.
*/
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ARGS,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ARGS,
"do_bind: bind to %s:%d as %s (simple)\n",
ri->ri_hostname, ri->ri_port, ri->ri_bind_dn ));
#else
@@ -881,7 +884,7 @@ do_bind(
ri->ri_password );
if ( ldrc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: "
"Error: ldap_simple_bind_s for %s:%d failed: %s\n",
ri->ri_hostname, ri->ri_port, ldap_err2string( ldrc ) ));
#else
@@ -898,7 +901,7 @@ do_bind(
case AUTH_SASL:
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ARGS,
+ LDAP_LOG (( "operation", LDAP_LEVEL_ARGS,
"do_bind: bind to %s as %s via %s (SASL)\n",
ri->ri_hostname, ri->ri_authcId, ri->ri_saslmech ));
#else
@@ -914,7 +917,7 @@ do_bind(
if( err != LDAP_OPT_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: "
"Error: ldap_set_option(%s,SECPROPS,\"%s\") failed!\n",
ri->ri_hostname, ri->ri_secprops ));
#else
@@ -938,7 +941,7 @@ do_bind(
LDAP_SASL_QUIET, lutil_sasl_interact, defaults );
if ( ldrc != LDAP_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: "
"Error: LDAP SASL for %s:%d failed: %s\n",
ri->ri_hostname, ri->ri_port, ldap_err2string( ldrc ) ));
#else
@@ -957,7 +960,7 @@ do_bind(
break;
#else
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: "
"Error: do_bind: SASL not supported %s:%d\n",
ri->ri_hostname, ri->ri_port ));
#else
@@ -972,7 +975,7 @@ do_bind(
default:
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: "
"Error: do_bind: unknown auth type \"%d\" for %s:%d\n",
ri->ri_bind_method, ri->ri_hostname, ri->ri_port ));
#else
@@ -1001,7 +1004,7 @@ do_bind(
if( err != LDAP_OPT_SUCCESS ) {
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_ERR, "do_bind: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_ERR, "do_bind: "
"ldap_set_option(%s, SERVER_CONTROLS, ManageDSAit) failed!\n",
ri->ri_hostname ));
#else
@@ -1038,13 +1041,13 @@ dump_ldm_array(
for ( i = 0; ldmarr[ i ] != NULL; i++ ) {
ldm = ldmarr[ i ];
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_INFO, "dump_ldm_array: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_INFO, "dump_ldm_array: "
"Trace (%ld): *** ldmarr[ %d ] contents:\n",
(long) getpid(), i ));
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_INFO, "dump_ldm_array: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_INFO, "dump_ldm_array: "
"Trace (%ld): *** ldm->mod_op: %d\n",
(long) getpid(), ldm->mod_op ));
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_INFO, "dump_ldm_array: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_INFO, "dump_ldm_array: "
"Trace (%ld): *** ldm->mod_type: %s\n",
(long) getpid(), ldm->mod_type ));
#else
@@ -1064,7 +1067,7 @@ dump_ldm_array(
sprintf( msgbuf, "***** bv[ %d ] len = %ld, val = <%s>",
j, b->bv_len, b->bv_val );
#ifdef NEW_LOGGING
- LDAP_LOG (( "ldap_op", LDAP_LEVEL_INFO, "dump_ldm_array: "
+ LDAP_LOG (( "operation", LDAP_LEVEL_INFO, "dump_ldm_array: "
"Trace (%ld):%s\n", (long) getpid(), msgbuf ));
#else
Debug( LDAP_DEBUG_TRACE,
diff --git a/servers/slurpd/main.c b/servers/slurpd/main.c
index 7a391221b5..8965ff0f79 100644
--- a/servers/slurpd/main.c
+++ b/servers/slurpd/main.c
@@ -111,8 +111,10 @@ main(
* Detach from the controlling terminal
* unless the -d flag is given or in one-shot mode.
*/
+#ifndef HAVE_WINSOCK
if ( ! (sglob->no_detach || sglob->one_shot_mode) )
lutil_detach( 0, 0 );
+#endif
/*
* Start the main file manager thread (in fm.c).
diff --git a/servers/slurpd/re.c b/servers/slurpd/re.c
index 7fd254893c..b921728ef0 100644
--- a/servers/slurpd/re.c
+++ b/servers/slurpd/re.c
@@ -27,6 +27,7 @@
#include <stdio.h>
+#include <ac/stdlib.h>
#include <ac/errno.h>
#include <ac/socket.h>
#include <ac/string.h>
diff --git a/servers/slurpd/reject.c b/servers/slurpd/reject.c
index d3346cf509..a8f2f657b7 100644
--- a/servers/slurpd/reject.c
+++ b/servers/slurpd/reject.c
@@ -26,6 +26,7 @@
#include <stdio.h>
+#include <ac/stdlib.h>
#include <ac/errno.h>
#include <ac/unistd.h>
@@ -56,7 +57,7 @@ write_reject(
int rc;
ldap_pvt_thread_mutex_lock( &sglob->rej_mutex );
- sprintf( rejfile, "%s/%s:%d.rej", sglob->slurpd_rdir,
+ sprintf( rejfile, "%s" LDAP_DIRSEP "%s:%d.rej", sglob->slurpd_rdir,
ri->ri_hostname, ri->ri_port );
if ( access( rejfile, F_OK ) < 0 ) {
diff --git a/servers/slurpd/replica.c b/servers/slurpd/replica.c
index 9bb77ca8ef..f5bf393cb1 100644
--- a/servers/slurpd/replica.c
+++ b/servers/slurpd/replica.c
@@ -23,6 +23,7 @@
#include "portable.h"
#include <stdio.h>
+#include <ac/stdlib.h>
#include "slurp.h"
#include "globals.h"
diff --git a/servers/slurpd/replog.c b/servers/slurpd/replog.c
index a93f9040d5..f43965b8e7 100644
--- a/servers/slurpd/replog.c
+++ b/servers/slurpd/replog.c
@@ -24,6 +24,7 @@
#include <stdio.h>
+#include <ac/stdlib.h>
#include <ac/errno.h>
#include <ac/param.h>
#include <ac/string.h>
@@ -71,7 +72,7 @@ copy_replog(
* with a fatal error.
*/
strcpy( buf, src );
- if (( p = strrchr( buf, '/' )) == NULL ) {
+ if (( p = strrchr( buf, LDAP_DIRSEP[0] )) == NULL ) {
strcpy( buf, "." );
} else {
*p = '\0';
@@ -89,7 +90,7 @@ copy_replog(
return( -1 );
}
strcpy( buf, dst );
- if (( p = strrchr( buf, '/' )) == NULL ) {
+ if (( p = strrchr( buf, LDAP_DIRSEP[0] )) == NULL ) {
strcpy( buf, "." );
} else {
*p = '\0';
diff --git a/servers/slurpd/ri.c b/servers/slurpd/ri.c
index 5dbdaf855d..f7f2227875 100644
--- a/servers/slurpd/ri.c
+++ b/servers/slurpd/ri.c
@@ -53,7 +53,9 @@ Ri_process(
char *errmsg;
(void) SIGNAL( LDAP_SIGUSR1, do_nothing );
+#ifdef SIGPIPE
(void) SIGNAL( SIGPIPE, SIG_IGN );
+#endif
if ( ri == NULL ) {
#ifdef NEW_LOGGING
LDAP_LOG (( "ri", LDAP_LEVEL_ERR, "Ri_process: "
diff --git a/servers/slurpd/sanity.c b/servers/slurpd/sanity.c
index 04be7db86a..271b1f1cb4 100644
--- a/servers/slurpd/sanity.c
+++ b/servers/slurpd/sanity.c
@@ -1,3 +1,8 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
/*
* Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
@@ -18,13 +23,16 @@
* feedback to the users.
*/
+#include "portable.h"
+
#include <stdio.h>
-#include <unistd.h>
-#include <string.h>
+
+#include <ac/stdlib.h>
+#include <ac/unistd.h>
+#include <ac/string.h>
#include "slurp.h"
#include "globals.h"
-#include "portable.h"
#define FC_DIRBAD 1
#define FC_DIRUNREAD 2
@@ -37,11 +45,7 @@
/*
* Forward declarations
*/
-#ifdef NEEDPROTOS
-static unsigned int filecheck( char * );
-#else /* NEEDPROTOS */
-static unsigned int filecheck();
-#endif /* NEEDPROTOS */
+static unsigned int filecheck LDAP_P(( char * ));
@@ -58,7 +62,7 @@ static unsigned int filecheck();
*/
int
-sanity()
+sanity( void )
{
int err = 0;
int rc;
@@ -67,7 +71,7 @@ sanity()
* Are there any replicas listed in the slapd config file?
*/
if ( sglob->replicas == NULL ) {
- fprintf( stderr, "No replicas in slapd config file \"%s\"!\n",
+ fprintf( stderr, "No replicas in slapd.conf file \"%s\"!\n",
sglob->slapd_configfile );
err++;
}
@@ -77,20 +81,24 @@ sanity()
* that the slapd replogfile is readable, if it exists.
*/
if ( sglob->slapd_replogfile == NULL ) {
- fprintf( stderr, "Fatal error: no \"replogfile\" directive given\n" );
+ fprintf( stderr, "Fatal error: no \"replogfile\" "
+ "slapd.conf directive given\n" );
err++;
} else {
rc = filecheck( sglob->slapd_replogfile );
if ( rc & FC_DIRBAD ) {
- fprintf( stderr, "Error: %s: directory does not exist\n",
+ fprintf( stderr, "Error: %s: directory specified in "
+ "\"replogfile\" slapd.conf directive does not exist\n",
sglob->slapd_replogfile );
err++;
} else if ( rc & FC_DIRUNREAD ) {
- fprintf( stderr, "Error: %s: directory not readable\n",
+ fprintf( stderr, "Error: %s: directory specified in "
+ "\"replogfile\" slapd.conf directive is not readable\n",
sglob->slapd_replogfile );
err++;
} else if (!( rc & FC_FILEBAD) && ( rc & FC_FILEUNREAD )) {
- fprintf( stderr, "Error: %s: file not readable\n",
+ fprintf( stderr, "Error: %s: file specified in "
+ "\"replogfile\" slapd.conf directive is not readable\n",
sglob->slapd_replogfile );
err++;
}
@@ -106,19 +114,21 @@ sanity()
} else {
rc = filecheck( sglob->slurpd_replogfile );
if ( rc & FC_DIRBAD ) {
- fprintf( stderr, "Error: %s: directory does not exist\n",
+ fprintf( stderr, "Error: %s: slurpd \"replogfile\" "
+ "directory does not exist\n",
sglob->slurpd_replogfile );
err++;
} else if ( rc & FC_DIRUNREAD ) {
- fprintf( stderr, "Error: %s: directory not readable\n",
+ fprintf( stderr, "Error: %s: slurpd \"replogfile\" "
+ "directory not readable\n",
sglob->slurpd_replogfile );
err++;
} else if ( !( rc & FC_FILEBAD ) && ( rc & FC_FILEUNREAD )) {
- fprintf( stderr, "Error: %s: file not readable\n",
+ fprintf( stderr, "Error: %s: slurpd \"replogfile\" not readable\n",
sglob->slurpd_replogfile );
err++;
} else if ( !( rc & FC_FILEBAD ) && ( rc & FC_FILEUNWRITE )) {
- fprintf( stderr, "Error: %s: file not writeable\n",
+ fprintf( stderr, "Error: %s: slurpd \"replogfile\" not writeable\n",
sglob->slurpd_replogfile );
err++;
}
@@ -130,19 +140,19 @@ sanity()
*/
rc = filecheck( sglob->slurpd_status_file );
if ( rc & FC_DIRBAD ) {
- fprintf( stderr, "Error: %s: directory does not exist\n",
+ fprintf( stderr, "Error: %s: status directory does not exist\n",
sglob->slurpd_status_file );
err++;
} else if ( rc & FC_DIRUNREAD ) {
- fprintf( stderr, "Error: %s: directory not readable\n",
+ fprintf( stderr, "Error: %s: status directory not readable\n",
sglob->slurpd_status_file );
err++;
} else if ( !( rc & FC_FILEBAD ) && ( rc & FC_FILEUNREAD )) {
- fprintf( stderr, "Error: %s: file not readable\n",
+ fprintf( stderr, "Error: %s: status file not readable\n",
sglob->slurpd_status_file );
err++;
} else if ( !( rc & FC_FILEBAD ) && ( rc & FC_FILEUNWRITE )) {
- fprintf( stderr, "Error: %s: file not writeable\n",
+ fprintf( stderr, "Error: %s: status file not writeable\n",
sglob->slurpd_status_file );
err++;
}
@@ -175,8 +185,8 @@ filecheck(
char *p;
unsigned int ret = 0;
- strcpy( dir, sglob->slapd_replogfile );
- p = strrchr( dir, '/' );
+ strcpy( dir, f );
+ p = strrchr( dir, LDAP_DIRSEP[0] );
if ( p != NULL ) {
*p = '\0';
}
@@ -201,4 +211,3 @@ filecheck(
return ret;
}
-
diff --git a/servers/slurpd/slurp.h b/servers/slurpd/slurp.h
index 622cd38374..0cb25e3736 100644
--- a/servers/slurpd/slurp.h
+++ b/servers/slurpd/slurp.h
@@ -1,3 +1,8 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
/*
* Copyright (c) 1996 Regents of the University of Michigan.
* All rights reserved.
@@ -15,22 +20,37 @@
#ifndef _SLURPD_H_
#define _SLURPD_H_
-#define LDAP_SYSLOG
+#if !defined(HAVE_WINSOCK) && !defined(LDAP_SYSLOG)
+#define LDAP_SYSLOG 1
+#endif
+
+#include <ac/errno.h>
+#include <ac/param.h>
+#include <ac/signal.h>
+#include <ac/syslog.h>
+#include <ac/time.h>
-#include <syslog.h>
-#include <errno.h>
#include <sys/types.h>
-#include <sys/param.h>
-#include "lber.h"
-#include "ldap.h"
-#include "lthread.h"
-#include "portable.h"
-#include "ldapconfig.h"
+
+#include <ldap.h>
+
+#undef ldap_debug
+#define ldap_debug slurp_debug
+#include "ldap_log.h"
+
+#include "ldap_pvt_thread.h"
+#include "ldap_defaults.h"
#include "ldif.h"
+#ifdef HAVE_WINSOCK
+#define ftruncate(a,b) _chsize(a,b)
+#define truncate(a,b) _lclose( _lcreat(a, 0))
+#define S_IRGRP 0
+#define S_IWGRP 0
+#endif
/* Default directory for slurpd's private copy of replication logs */
-#define DEFAULT_SLURPD_REPLICA_DIR "/usr/tmp"
+#define DEFAULT_SLURPD_REPLICA_DIR LDAP_RUNDIR LDAP_DIRSEP "openldap-slurp"
/* Default name for slurpd's private copy of the replication log */
#define DEFAULT_SLURPD_REPLOGFILE "slurpd.replog"
@@ -39,7 +59,7 @@
#define DEFAULT_SLURPD_STATUS_FILE "slurpd.status"
/* slurpd dump file - contents of rq struct are written here (debugging) */
-#define SLURPD_DUMPFILE "/tmp/slurpd.dump"
+#define SLURPD_DUMPFILE LDAP_TMPDIR LDAP_DIRSEP "slurpd.dump"
/* default srvtab file. Can be overridden */
#define SRVTAB "/etc/srvtab"
@@ -56,9 +76,15 @@
/* Maximum line length we can read from replication log */
#define REPLBUFLEN 256
-/* We support simple (plaintext password) and kerberos authentication */
+/* TLS flags */
+#define TLS_OFF 0
+#define TLS_ON 1
+#define TLS_CRITICAL 2
+
+/* We support simple (plaintext password) and SASL authentication */
#define AUTH_SIMPLE 1
#define AUTH_KERBEROS 2
+#define AUTH_SASL 3
/* Rejection records are prefaced with this string */
#define ERROR_STR "ERROR"
@@ -78,6 +104,8 @@
#define T_DELETECTSTR "delete"
#define T_DELETECT 6
#define T_MODRDNCTSTR "modrdn"
+#define T_MODDNCTSTR "moddn"
+#define T_RENAMECTSTR "rename"
#define T_MODRDNCT 7
#define T_MODOPADDSTR "add"
@@ -90,30 +118,46 @@
#define T_MODSEP 11
#define T_NEWRDNSTR "newrdn"
-#define T_DRDNFLAGSTR "deleteoldrdn"
+#define T_DELOLDRDNSTR "deleteoldrdn"
+#define T_NEWSUPSTR "newsuperior"
#define T_ERR -1
/* Config file keywords */
#define HOSTSTR "host"
+#define ATTRSTR "attr"
+#define SUFFIXSTR "suffix"
#define BINDDNSTR "binddn"
#define BINDMETHSTR "bindmethod"
#define KERBEROSSTR "kerberos"
#define SIMPLESTR "simple"
+#define SASLSTR "sasl"
#define CREDSTR "credentials"
-#define BINDPSTR "bindprincipal"
+#define OLDAUTHCSTR "bindprincipal"
+#define AUTHCSTR "authcID"
+#define AUTHZSTR "authzID"
#define SRVTABSTR "srvtab"
+#define SASLMECHSTR "saslmech"
+#define REALMSTR "realm"
+#define SECPROPSSTR "secprops"
+#define TLSSTR "tls"
+#define TLSCRITICALSTR "critical"
#define REPLICA_SLEEP_TIME ( 10 )
/* Enumeration of various types of bind failures */
-#define BIND_OK 0
-#define BIND_ERR_BADLDP 1
-#define BIND_ERR_OPEN 2
-#define BIND_ERR_BAD_ATYPE 3
+#define BIND_OK 0
+#define BIND_ERR_BADLDP 1
+#define BIND_ERR_OPEN 2
+#define BIND_ERR_BAD_ATYPE 3
#define BIND_ERR_SIMPLE_FAILED 4
#define BIND_ERR_KERBEROS_FAILED 5
-#define BIND_ERR_BADRI 6
+#define BIND_ERR_BADRI 6
+#define BIND_ERR_VERSION 7
+#define BIND_ERR_REFERRALS 8
+#define BIND_ERR_MANAGEDSAIT 9
+#define BIND_ERR_SASL_FAILED 10
+#define BIND_ERR_TLS_FAILED 11
/* Return codes for do_ldap() */
#define DO_LDAP_OK 0
@@ -135,6 +179,7 @@
#define RETRY_SLEEP_TIME 60
+LDAP_BEGIN_DECL
/*
* ****************************************************************************
@@ -160,27 +205,32 @@ typedef struct rh {
* Notes:
* - Private data should not be manipulated expect by Ri member functions.
*/
-typedef struct ri {
-
+typedef struct ri Ri;
+struct ri {
/* Private data */
char *ri_hostname; /* canonical hostname of replica */
int ri_port; /* port where slave slapd running */
LDAP *ri_ldp; /* LDAP struct for this replica */
+ int ri_tls; /* TLS: 0=no, 1=yes, 2=critical */
int ri_bind_method; /* AUTH_SIMPLE or AUTH_KERBEROS */
char *ri_bind_dn; /* DN to bind as when replicating */
- char *ri_password; /* Password for AUTH_SIMPLE */
- char *ri_principal; /* principal for kerberos bind */
+ char *ri_password; /* Password for any method */
+ char *ri_secprops; /* SASL security properties */
+ char *ri_realm; /* realm for any mechanism */
+ char *ri_authcId; /* authentication ID for any mechanism */
+ char *ri_authzId; /* authorization ID for any mechanism */
char *ri_srvtab; /* srvtab file for kerberos bind */
+ char *ri_saslmech; /* SASL mechanism to use */
struct re *ri_curr; /* current repl entry being processed */
struct stel *ri_stel; /* pointer to Stel for this replica */
unsigned long
ri_seq; /* seq number of last repl */
- pthread_t ri_tid; /* ID of thread for this replica */
+ ldap_pvt_thread_t ri_tid; /* ID of thread for this replica */
/* Member functions */
- int (*ri_process)(); /* process the next repl entry */
- void (*ri_wake)(); /* wake up a sleeping thread */
-} Ri;
+ int (*ri_process) LDAP_P(( Ri * )); /* process the next repl entry */
+ void (*ri_wake) LDAP_P(( Ri * )); /* wake up a sleeping thread */
+};
@@ -200,19 +250,19 @@ typedef struct mi {
-
/*
* Information about one particular replication entry. Only routines in
* re.c and rq.c should touch the private data. Other routines should
* only use member functions.
*/
-typedef struct re {
+typedef struct re Re;
+struct re {
/* Private data */
- pthread_mutex_t
+ ldap_pvt_thread_mutex_t
re_mutex; /* mutex for this Re */
int re_refcnt; /* ref count, 0 = done */
- char *re_timestamp; /* timestamp of this re */
+ time_t re_timestamp; /* timestamp of this re */
int re_seq; /* sequence number */
Rh *re_replicas; /* array of replica info */
char *re_dn; /* dn of entry being modified */
@@ -221,16 +271,16 @@ typedef struct re {
struct re *re_next; /* pointer to next element */
/* Public functions */
- int (*re_free)(); /* free an re struct */
- struct re *(*re_getnext)(); /* return next Re in linked list */
- int (*re_parse)(); /* parse a replication log entry */
- int (*re_write)(); /* write a replication log entry */
- void (*re_dump)(); /* debugging - print contents */
- int (*re_lock)(); /* lock this re */
- int (*re_unlock)(); /* unlock this re */
- int (*re_decrefcnt)(); /* decrement the refcnt */
- int (*re_getrefcnt)(); /* get the refcnt */
-} Re;
+ int (*re_free) LDAP_P(( Re * )); /* free an re struct */
+ Re *(*re_getnext) LDAP_P(( Re * )); /* return next Re in linked list */
+ int (*re_parse) LDAP_P(( Re *, char * )); /* parse replication log entry */
+ int (*re_write) LDAP_P(( Ri *, Re *, FILE * )); /* write repl. log entry */
+ void (*re_dump) LDAP_P(( Re *, FILE * )); /* debugging - print contents */
+ int (*re_lock) LDAP_P(( Re * )); /* lock this re */
+ int (*re_unlock) LDAP_P(( Re * )); /* unlock this re */
+ int (*re_decrefcnt) LDAP_P(( Re * )); /* decrement the refcnt */
+ int (*re_getrefcnt) LDAP_P(( Re * )); /* get the refcnt */
+};
@@ -243,7 +293,8 @@ typedef struct re {
* variable so routines in ri.c can use it as a mutex for the
* rq_more condition variable.
*/
-typedef struct rq {
+typedef struct rq Rq;
+struct rq {
/* Private data */
Re *rq_head; /* pointer to head */
@@ -253,25 +304,24 @@ typedef struct rq {
time_t rq_lasttrim; /* Last time we trimmed file */
/* Public data */
- pthread_mutex_t
+ ldap_pvt_thread_mutex_t
rq_mutex; /* mutex for whole queue */
- pthread_cond_t
+ ldap_pvt_thread_cond_t
rq_more; /* condition var - more work added */
/* Member functions */
- Re *(*rq_gethead)(); /* get the element at head */
- Re *(*rq_getnext)(); /* get the next element */
- int (*rq_delhead)(); /* delete the element at head */
- int (*rq_add)(); /* add at tail */
- void (*rq_gc)(); /* garbage-collect queue */
- int (*rq_lock)(); /* lock the queue */
- int (*rq_unlock)(); /* unlock the queue */
- int (*rq_needtrim)(); /* see if queue needs trimming */
- int (*rq_write)(); /* write Rq contents to a file */
- int (*rq_getcount)(); /* return queue counts */
- void (*rq_dump)(); /* debugging - print contents */
-} Rq;
-
+ Re * (*rq_gethead) LDAP_P(( Rq * )); /* get the element at head */
+ Re * (*rq_getnext) LDAP_P(( Re * )); /* get the next element */
+ int (*rq_delhead) LDAP_P(( Rq * )); /* delete the element at head */
+ int (*rq_add) LDAP_P(( Rq *, char * )); /* add at tail */
+ void (*rq_gc) LDAP_P(( Rq * )); /* garbage-collect queue */
+ int (*rq_lock) LDAP_P(( Rq * )); /* lock the queue */
+ int (*rq_unlock) LDAP_P(( Rq * )); /* unlock the queue */
+ int (*rq_needtrim) LDAP_P(( Rq * )); /* see if queue needs trimming */
+ int (*rq_write) LDAP_P(( Rq *, FILE * )); /*write Rq contents to file*/
+ int (*rq_getcount) LDAP_P(( Rq *, int )); /* return queue counts */
+ void (*rq_dump) LDAP_P(( Rq * )); /* debugging - print contents */
+};
/*
@@ -282,7 +332,7 @@ typedef struct rq {
typedef struct stel {
char *hostname; /* host name of replica */
int port; /* port number of replica */
- char last[ 64 ]; /* timestamp of last successful repl */
+ time_t last; /* timestamp of last successful repl */
int seq; /* Sequence number of last repl */
} Stel;
@@ -297,10 +347,10 @@ typedef struct stel {
* if present, uses the timestamps to avoid "replaying" replications
* which have already been sent to a given replica.
*/
-typedef struct st {
-
+typedef struct st St;
+struct st {
/* Private data */
- pthread_mutex_t
+ ldap_pvt_thread_mutex_t
st_mutex; /* mutex to serialize access */
Stel **st_data; /* array of pointers to Stel structs */
int st_nreplicas; /* number of repl hosts */
@@ -309,15 +359,15 @@ typedef struct st {
FILE *st_lfp; /* lockfile fp */
/* Public member functions */
- int (*st_update)(); /* update the entry for a host */
- Stel *(*st_add)(); /* add a new repl host */
- int (*st_write)(); /* write status to disk */
- int (*st_read)(); /* read status info from disk */
- int (*st_lock)(); /* read status info from disk */
- int (*st_unlock)(); /* read status info from disk */
-} St;
-
-#if defined( THREAD_SUNOS4_LWP )
+ int (*st_update) LDAP_P(( St *, Stel*, Re* ));/*update entry for a host*/
+ Stel*(*st_add) LDAP_P(( St *, Ri * )); /*add a new repl host*/
+ int (*st_write) LDAP_P(( St * )); /* write status to disk */
+ int (*st_read) LDAP_P(( St * )); /* read status info from disk */
+ int (*st_lock) LDAP_P(( St * )); /* read status info from disk */
+ int (*st_unlock) LDAP_P(( St * )); /* read status info from disk */
+};
+
+#if defined( HAVE_LWP )
typedef struct tl {
thread_t tl_tid; /* thread being managed */
time_t tl_wake; /* time thread should be resumed */
@@ -328,22 +378,17 @@ typedef struct tsl {
tl_t *tsl_list;
mon_t tsl_mon;
} tsl_t;
-#endif /* THREAD_SUNOS4_LWP */
-
-
+#endif /* HAVE_LWP */
/*
* Public functions used to instantiate and initialize queue objects.
*/
-#ifdef NEEDPROTOS
-extern int Ri_init( Ri **ri );
-extern int Rq_init( Rq **rq );
-extern int Re_init( Re **re );
-#else /* NEEDPROTOS */
-extern int Ri_init();
-extern int Rq_init();
-extern int Re_init();
-#endif /* NEEDPROTOS */
+extern int Ri_init LDAP_P(( Ri **ri ));
+extern int Rq_init LDAP_P(( Rq **rq ));
+extern int Re_init LDAP_P(( Re **re ));
-#endif /* _SLURPD_H_ */
+#include "proto-slurp.h"
+LDAP_END_DECL
+
+#endif /* _SLURPD_H_ */
diff --git a/tests/progs/Makefile.in b/tests/progs/Makefile.in
new file mode 100644
index 0000000000..482975b8a1
--- /dev/null
+++ b/tests/progs/Makefile.in
@@ -0,0 +1,36 @@
+# $OpenLDAP$
+## Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+## COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+##
+## tests Makefile.in for OpenLDAP
+
+PROGRAMS = slapd-tester slapd-search slapd-read slapd-addel
+
+SRCS = slapd-tester.c slapd-search.c slapd-read.c slapd-addel.c
+
+LDAP_INCDIR= ../../include
+LDAP_LIBDIR= ../../libraries
+
+NT_XLIBS = $(LDAP_LIBLUTIL_A)
+
+XLIBS = $(LDAP_LIBLDAP_LA) $(LDAP_LIBLBER_LA) $(@PLAT@_XLIBS)
+XXLIBS = $(SECURITY_LIBS) $(LUTIL_LIBS)
+
+# build-tools: FORCE
+# $(MAKE) $(MFLAGS) load-tools
+
+# load-tools: $(PROGRAMS)
+
+slapd-tester: slapd-tester.o $(XLIBS)
+ $(LTLINK) -o $@ slapd-tester.o $(LIBS)
+
+slapd-search: slapd-search.o $(XLIBS)
+ $(LTLINK) -o $@ slapd-search.o $(LIBS)
+
+slapd-read: slapd-read.o $(XLIBS)
+ $(LTLINK) -o $@ slapd-read.o $(LIBS)
+
+slapd-addel: slapd-addel.o $(XLIBS)
+ $(LTLINK) -o $@ slapd-addel.o $(LIBS)
+
+
diff --git a/tests/progs/slapd-tester.c b/tests/progs/slapd-tester.c
new file mode 100644
index 0000000000..52c3f71f04
--- /dev/null
+++ b/tests/progs/slapd-tester.c
@@ -0,0 +1,417 @@
+/* $OpenLDAP$ */
+/*
+ * Copyright 1998-2002 The OpenLDAP Foundation, All Rights Reserved.
+ * COPYING RESTRICTIONS APPLY, see COPYRIGHT file
+ */
+#include "portable.h"
+
+#include <stdio.h>
+
+#include <ac/stdlib.h>
+
+#include <ac/ctype.h>
+#include <ac/dirent.h>
+#include <ac/param.h>
+#include <ac/socket.h>
+#include <ac/string.h>
+#include <ac/unistd.h>
+#include <ac/wait.h>
+
+
+#include "ldap_defaults.h"
+
+
+#define SEARCHCMD "slapd-search"
+#define READCMD "slapd-read"
+#define ADDCMD "slapd-addel"
+#define MAXARGS 100
+#define MAXREQS 20
+#define LOOPS "100"
+
+#define TSEARCHFILE "do_search.0"
+#define TREADFILE "do_read.0"
+#define TADDFILE "do_add."
+
+static char *get_file_name( char *dirname, char *filename );
+static int get_search_filters( char *filename, char *filters[] );
+static int get_read_entries( char *filename, char *entries[] );
+static void fork_child( char *prog, char *args[] );
+static void wait4kids( int nkidval );
+
+static int maxkids = 20;
+static int nkids;
+
+#ifdef HAVE_WINSOCK
+static HANDLE *children;
+static char argbuf[BUFSIZ];
+#define ArgDup(x) strdup(strcat(strcat(strcpy(argbuf,"\""),x),"\""))
+#else
+#define ArgDup(x) strdup(x)
+#endif
+
+static void
+usage( char *name )
+{
+ fprintf( stderr, "usage: %s [-h <host>] -p <port> -D <manager> -w <passwd> -d <datadir> -b <baseDN> [-j <maxchild>] [-l <loops>] -P <progdir>\n", name );
+ exit( EXIT_FAILURE );
+}
+
+int
+main( int argc, char **argv )
+{
+ int i, j;
+ char *host = "localhost";
+ char *port = NULL;
+ char *manager = NULL;
+ char *passwd = NULL;
+ char *dirname = NULL;
+ char *sbase = NULL;
+ char *progdir = NULL;
+ char *loops = LOOPS;
+ DIR *datadir;
+ struct dirent *file;
+ char *sfile = NULL;
+ char *sreqs[MAXREQS];
+ int snum = 0;
+ char *rfile = NULL;
+ char *rreqs[MAXREQS];
+ int rnum = 0;
+ char *afiles[MAXREQS];
+ int anum = 0;
+ char *sargs[MAXARGS];
+ int sanum;
+ char scmd[MAXPATHLEN];
+ char *rargs[MAXARGS];
+ int ranum;
+ char rcmd[MAXPATHLEN];
+ char *aargs[MAXARGS];
+ int aanum;
+ char acmd[MAXPATHLEN];
+
+ while ( (i = getopt( argc, argv, "h:p:D:w:b:d:j:l:P:" )) != EOF ) {
+ switch( i ) {
+ case 'h': /* slapd host */
+ host = strdup( optarg );
+ break;
+
+ case 'p': /* the servers port number */
+ port = strdup( optarg );
+ break;
+
+ case 'D': /* slapd manager */
+ manager = ArgDup( optarg );
+ break;
+
+ case 'w': /* the managers passwd */
+ passwd = ArgDup( optarg );
+ break;
+
+ case 'b': /* the base DN */
+ sbase = ArgDup( optarg );
+ break;
+
+ case 'd': /* data directory */
+ dirname = strdup( optarg );
+ break;
+
+ case 'P': /* prog directory */
+ progdir = strdup( optarg );
+ break;
+
+ case 'j': /* the number of parallel clients */
+ maxkids = atoi( optarg );
+ break;
+
+ case 'l': /* the number of loops per client */
+ loops = strdup( optarg );
+ break;
+
+ default:
+ usage( argv[0] );
+ break;
+ }
+ }
+
+ if (( dirname == NULL ) || ( sbase == NULL ) || ( port == NULL ) ||
+ ( manager == NULL ) || ( passwd == NULL ) || ( progdir == NULL ))
+ usage( argv[0] );
+
+#ifdef HAVE_WINSOCK
+ children = malloc( maxkids * sizeof(HANDLE) );
+#endif
+ /* get the file list */
+ if ( ( datadir = opendir( dirname )) == NULL ) {
+
+ fprintf( stderr, "%s: couldn't open data directory \"%s\".\n",
+ argv[0], dirname );
+ exit( EXIT_FAILURE );
+
+ }
+
+ /* look for search, read, and add/delete files */
+ for ( file = readdir( datadir ); file; file = readdir( datadir )) {
+
+ if ( !strcasecmp( file->d_name, TSEARCHFILE )) {
+ sfile = get_file_name( dirname, file->d_name );
+ continue;
+ } else if ( !strcasecmp( file->d_name, TREADFILE )) {
+ rfile = get_file_name( dirname, file->d_name );
+ continue;
+ } else if ( !strncasecmp( file->d_name, TADDFILE, strlen( TADDFILE ))
+ && ( anum < MAXREQS )) {
+ afiles[anum++] = get_file_name( dirname, file->d_name );
+ continue;
+ }
+ }
+
+ closedir( datadir );
+
+ /* look for search requests */
+ if ( sfile ) {
+ snum = get_search_filters( sfile, sreqs );
+ }
+
+ /* look for read requests */
+ if ( rfile ) {
+ rnum = get_read_entries( rfile, rreqs );
+ }
+
+ /*
+ * generate the search clients
+ */
+
+ sanum = 0;
+ sprintf( scmd, "%s%s%s", progdir, LDAP_DIRSEP, SEARCHCMD );
+ sargs[sanum++] = scmd;
+ sargs[sanum++] = "-h";
+ sargs[sanum++] = host;
+ sargs[sanum++] = "-p";
+ sargs[sanum++] = port;
+ sargs[sanum++] = "-b";
+ sargs[sanum++] = sbase;
+ sargs[sanum++] = "-l";
+ sargs[sanum++] = loops;
+ sargs[sanum++] = "-f";
+ sargs[sanum++] = NULL; /* will hold the search request */
+ sargs[sanum++] = NULL;
+
+ /*
+ * generate the read clients
+ */
+
+ ranum = 0;
+ sprintf( rcmd, "%s%s%s", progdir, LDAP_DIRSEP, READCMD );
+ rargs[ranum++] = rcmd;
+ rargs[ranum++] = "-h";
+ rargs[ranum++] = host;
+ rargs[ranum++] = "-p";
+ rargs[ranum++] = port;
+ rargs[ranum++] = "-l";
+ rargs[ranum++] = loops;
+ rargs[ranum++] = "-e";
+ rargs[ranum++] = NULL; /* will hold the read entry */
+ rargs[ranum++] = NULL;
+
+ /*
+ * generate the add/delete clients
+ */
+
+ aanum = 0;
+ sprintf( acmd, "%s%s%s", progdir, LDAP_DIRSEP, ADDCMD );
+ aargs[aanum++] = acmd;
+ aargs[aanum++] = "-h";
+ aargs[aanum++] = host;
+ aargs[aanum++] = "-p";
+ aargs[aanum++] = port;
+ aargs[aanum++] = "-D";
+ aargs[aanum++] = manager;
+ aargs[aanum++] = "-w";
+ aargs[aanum++] = passwd;
+ aargs[aanum++] = "-l";
+ aargs[aanum++] = loops;
+ aargs[aanum++] = "-f";
+ aargs[aanum++] = NULL; /* will hold the add data file */
+ aargs[aanum++] = NULL;
+
+ for ( j = 0; j < MAXREQS; j++ ) {
+
+ if ( j < snum ) {
+
+ sargs[sanum - 2] = sreqs[j];
+ fork_child( scmd, sargs );
+
+ }
+
+ if ( j < rnum ) {
+
+ rargs[ranum - 2] = rreqs[j];
+ fork_child( rcmd, rargs );
+
+ }
+
+ if ( j < anum ) {
+
+ aargs[aanum - 2] = afiles[j];
+ fork_child( acmd, aargs );
+
+ }
+
+ }
+
+ wait4kids( -1 );
+
+ exit( EXIT_SUCCESS );
+}
+
+static char *
+get_file_name( char *dirname, char *filename )
+{
+ char buf[MAXPATHLEN];
+
+ sprintf( buf, "%s%s%s", dirname, LDAP_DIRSEP, filename );
+ return( strdup( buf ));
+}
+
+
+static int
+get_search_filters( char *filename, char *filters[] )
+{
+ FILE *fp;
+ int filter = 0;
+
+ if ( (fp = fopen( filename, "r" )) != NULL ) {
+ char line[BUFSIZ];
+
+ while (( filter < MAXREQS ) && ( fgets( line, BUFSIZ, fp ))) {
+ char *nl;
+
+ if (( nl = strchr( line, '\r' )) || ( nl = strchr( line, '\n' )))
+ *nl = '\0';
+ filters[filter++] = ArgDup( line );
+
+ }
+ fclose( fp );
+ }
+
+ return( filter );
+}
+
+
+static int
+get_read_entries( char *filename, char *entries[] )
+{
+ FILE *fp;
+ int entry = 0;
+
+ if ( (fp = fopen( filename, "r" )) != NULL ) {
+ char line[BUFSIZ];
+
+ while (( entry < MAXREQS ) && ( fgets( line, BUFSIZ, fp ))) {
+ char *nl;
+
+ if (( nl = strchr( line, '\r' )) || ( nl = strchr( line, '\n' )))
+ *nl = '\0';
+ entries[entry++] = ArgDup( line );
+
+ }
+ fclose( fp );
+ }
+
+ return( entry );
+}
+
+#ifndef HAVE_WINSOCK
+static void
+fork_child( char *prog, char *args[] )
+{
+ pid_t pid;
+
+ wait4kids( maxkids );
+
+ switch ( pid = fork() ) {
+ case 0: /* child */
+ execvp( prog, args );
+ fprintf( stderr, "%s: ", prog );
+ perror( "execv" );
+ exit( EXIT_FAILURE );
+ break;
+
+ case -1: /* trouble */
+ fprintf( stderr, "Could not fork to run %s\n", prog );
+ perror( "fork" );
+ break;
+
+ default: /* parent */
+ nkids++;
+ break;
+ }
+}
+
+static void
+wait4kids( int nkidval )
+{
+ int status;
+
+ while ( nkids >= nkidval ) {
+ wait( &status );
+
+ if ( WIFSTOPPED(status) ) {
+ fprintf( stderr,
+ "stopping: child stopped with signal %d\n",
+ (int) WSTOPSIG(status) );
+
+ } else if ( WIFSIGNALED(status) ) {
+ fprintf( stderr,
+ "stopping: child terminated with signal %d%s\n",
+ (int) WTERMSIG(status),
+#ifdef WCOREDUMP
+ WCOREDUMP(status) ? ", core dumped" : ""
+#else
+ ""
+#endif
+ );
+ exit( WEXITSTATUS(status) );
+
+ } else if ( WEXITSTATUS(status) != 0 ) {
+ fprintf( stderr,
+ "stopping: child exited with status %d\n",
+ (int) WEXITSTATUS(status) );
+ exit( WEXITSTATUS(status) );
+
+ } else {
+ nkids--;
+ }
+ }
+}
+#else
+
+static void
+wait4kids( int nkidval )
+{
+ int rc, i;
+
+ while ( nkids >= nkidval ) {
+ rc = WaitForMultipleObjects( nkids, children, FALSE, INFINITE );
+ for ( i=rc - WAIT_OBJECT_0; i<nkids-1; i++)
+ children[i] = children[i+1];
+ nkids--;
+ }
+}
+
+static void
+fork_child( char *prog, char *args[] )
+{
+ int rc;
+
+ wait4kids( maxkids );
+
+ rc = _spawnvp( _P_NOWAIT, prog, args );
+
+ if ( rc == -1 ) {
+ fprintf( stderr, "%s: ", prog );
+ perror("spawnvp");
+ } else {
+ children[nkids++] = (HANDLE)rc;
+ }
+}
+#endif
diff --git a/tests/scripts/test002-populate b/tests/scripts/test002-populate
index c04d1f5f65..dd785f0944 100755
--- a/tests/scripts/test002-populate
+++ b/tests/scripts/test002-populate
@@ -1,52 +1,76 @@
-#!/bin/sh
+#! /bin/sh
+# $OpenLDAP$
-. scripts/defines.sh
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
echo "Cleaning up in $DBDIR..."
-rm -f $DBDIR/*
+rm -f $DBDIR/[!C]*
echo "Starting slapd on TCP/IP port $PORT..."
-$SLAPD -f $CONF -p $PORT -d 1 > /dev/null 2>&1 &
+. $CONFFILTER $BACKEND < $CONF > $DBCONF
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
echo "Using ldapsearch to check that slapd is running..."
for i in 0 1 2 3 4 5; do
- $LDAPSEARCH -L -b "$BASEDN" -h localhost -p $PORT \
- 'cn=Monitor' > /dev/null 2>&1
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
RC=$?
- if [ $RC = 1 ]; then
+ if test $RC = 1 ; then
echo "Waiting 5 seconds for slapd to start..."
sleep 5
fi
done
-echo "Using ldapmodify to populate the database..."
-$LDAPMODIFY -a -D "$MANAGERDN" -h localhost -p $PORT -w $PASSWD < \
- $LDIFORDERED > /dev/null 2>&1
+echo "Using ldapadd to populate the database..."
+$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDERED > $TESTOUT 2>&1
RC=$?
-if [ $RC != 0 ]; then
- echo "ldapmodify failed!"
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
kill -HUP $PID
exit $RC
fi
echo "Using ldapsearch to read all the entries..."
-$LDAPSEARCH -L -S "" -b "$BASEDN" -h localhost -p $PORT \
- 'objectclass=*' | egrep -iv '^creatorsname:|^createtimestamp:' > \
- $SEARCHOUT 2>&1
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > $SEARCHOUT 2>&1
+RC=$?
kill -HUP $PID
-if [ $RC != 0 ]; then
- echo "ldapsearch failed!"
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
exit $RC
fi
-echo "Comparing retrieved entries to LDIF file used to create database"
-cmp $SEARCHOUT $LDIF
-if [ $? != 0 ]; then
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
echo "comparison failed - database was not created correctly"
exit 1
fi
diff --git a/tests/scripts/test003-search b/tests/scripts/test003-search
index d0173fbac2..94121d32f4 100755
--- a/tests/scripts/test003-search
+++ b/tests/scripts/test003-search
@@ -69,6 +69,7 @@ cat /dev/null > $SEARCHOUT
echo "Testing exact searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'sn=jensen' >> $SEARCHOUT 2>&1
+RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
@@ -78,6 +79,7 @@ fi
echo "Testing OR searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(|(givenName=XX*YY*Z)(cn=)(undef=*)(objectclass=groupofnames)(sn=jones))' >> $SEARCHOUT 2>&1
+RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
@@ -87,6 +89,7 @@ fi
echo "Testing AND matching and ends-with searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(&(objectclass=groupofnames)(cn=A*))' >> $SEARCHOUT 2>&1
+RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
@@ -96,14 +99,15 @@ fi
echo "Testing NOT searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(!(objectclass=pilotPerson))' >> $SEARCHOUT 2>&1
+RC=$?
+
+kill -HUP $PID
+
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
- kill -HUP $PID
exit $RC
fi
-kill -HUP $PID
-
LDIF=$SEARCHOUTMASTER
echo "Filtering ldapsearch results..."
diff --git a/tests/scripts/test005-modrdn b/tests/scripts/test005-modrdn
index 0211ada5ca..11d3c44f03 100755
--- a/tests/scripts/test005-modrdn
+++ b/tests/scripts/test005-modrdn
@@ -1,5 +1,225 @@
-#!/bin/sh
+#! /bin/sh
+# $OpenLDAP$
-echo "modrdn test not yet written"
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+echo "Cleaning up in $DBDIR..."
+
+rm -f $DBDIR/[!C]*
+
+echo "Running slapadd to build slapd database..."
+. $CONFFILTER $BACKEND < $CONF > $DBCONF
+$SLAPADD -f $DBCONF -l $LDIFORDERED
+RC=$?
+if test $RC != 0 ; then
+ echo "slapadd failed ($RC)!"
+ exit $RC
+fi
+
+echo "Starting slapd on TCP/IP port $PORT..."
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+echo "Testing slapd modrdn operations..."
+
+# Make sure we can search the database
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'objectClass=*' > $INITOUT 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+# -r used to do remove of old rdn
+
+echo "Testing modrdn(deleteoldrdn=0)..."
+$LDAPMODRDN -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD > \
+ $TESTOUT 2>&1 'cn=James A Jones 1, ou=Alumni Association, ou=People, o=University of Michigan, c=US' 'cn=James A Jones III'
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapmodrdn failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "Testing modrdn(deleteoldrdn=1)..."
+$LDAPMODRDN -D "$MANAGERDN" -r -h $LOCALHOST -p $PORT -w $PASSWD >> \
+ $TESTOUT 2>&1 'cn=James A Jones 2, ou=Information Technology Division, ou=People, o=University of Michigan, c=US' 'cn=James A Jones II'
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapmodrdn failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+# Ensure the new rdn's can be found
+
+echo "Using ldapsearch to retrieve entries using new rdn (cn=James A Jones III)..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'cn=James A Jones III' > $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+
+LDIF=$MODRDNOUTMASTER1
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - modrdn operations did not complete correctly"
+ kill -HUP $PID
+ exit 1
+fi
+
+
+echo "Using ldapsearch to retrieve entries using new rdn (cn=James A Jones II)..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'cn=James A Jones II' > $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+
+LDIF=$MODRDNOUTMASTER2
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - modrdn operations did not complete correctly"
+ kill -HUP $PID
+ exit 1
+fi
+
+# Ensure that you cannot find the entry for which the rdn was deleted as
+# an attribute.
+
+echo "Using ldapsearch to retrieve entries using removed rdn (cn=James A Jones 2)..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'cn=James A Jones 2' > $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ kill -HUP $PID
+ echo "ldapsearch failed ($RC)!"
+ exit $RC
+fi
+$CMP $SEARCHOUT - < /dev/null > $CMPOUT
+if test $? != 0 ; then
+ echo "failure: ldapsearch found attribute that was to be removed!"
+ kill -HUP $PID
+ exit 1
+fi
+
+echo "Using ldapsearch to retrieve all the entries..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'objectClass=*' > $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ kill -HUP $PID
+ echo "ldapsearch failed ($RC)!"
+ exit $RC
+fi
+
+LDIF=$MODRDNOUTMASTER0
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - modrdn operations did not complete correctly"
+ kill -HUP $PID
+ exit 1
+fi
+
+
+echo "Testing modrdn(deleteoldrdn=1), modrdn with new rdn already an att val..."
+$LDAPMODRDN -D "$MANAGERDN" -r -h $LOCALHOST -p $PORT -w $PASSWD > \
+ /dev/null 2>&1 'cn=James A Jones III, ou=Alumni Association, ou=People, o=University of Michigan, c=US' 'cn=James A Jones 1'
+
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapmodrdn failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+# Test that you can use modrdn with an attribute value which was previously
+# present
+
+echo "Using ldapsearch to retrieve entries using new rdn (cn=James A Jones 1)..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'cn=James A Jones 1' > $SEARCHOUT 2>&1
+RC=$?
+
+kill -HUP $PID
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ exit $RC
+fi
+
+LDIF=$MODRDNOUTMASTER3
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - modrdn operations did not complete correctly"
+ exit 1
+fi
+
+echo ">>>>> Test succeeded"
exit 0
diff --git a/tests/scripts/test006-acls b/tests/scripts/test006-acls
index ec1c964d10..8a389b67f3 100755
--- a/tests/scripts/test006-acls
+++ b/tests/scripts/test006-acls
@@ -1,36 +1,56 @@
-#!/bin/sh
+#! /bin/sh
+# $OpenLDAP$
-. scripts/defines.sh
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
echo "Cleaning up in $DBDIR..."
-rm -f $DBDIR/*
+rm -f $DBDIR/[!C]*
-echo "Running ldif2ldbm to build slapd database..."
-$LDIF2LDBM -f $CONF -i $LDIF -e ../servers/slapd/tools
+echo "Running slapadd to build slapd database..."
+. $CONFFILTER $BACKEND < $ACLCONF > $DBCONF
+$SLAPADD -f $DBCONF -l $LDIFORDERED
RC=$?
-if [ $RC != 0 ]; then
- echo "ldif2ldbm failed!"
+if test $RC != 0 ; then
+ echo "slapadd failed ($RC)!"
exit $RC
fi
echo "Starting slapd on TCP/IP port $PORT..."
-$SLAPD -f $ACLCONF -p $PORT -d 1 > /dev/null 2>&1 &
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
echo "Testing slapd access control..."
for i in 0 1 2 3 4 5; do
- $LDAPSEARCH -L -S "" -b "$BASEDN" -h localhost -p $PORT \
- 'cn=Monitor' > /dev/null 2>&1
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
RC=$?
- if [ $RC = 1 ]; then
+ if test $RC = 1 ; then
echo "Waiting 5 seconds for slapd to start..."
sleep 5
fi
done
-if [ $RC != 0 ]; then
- echo "ldapsearch failed!"
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
kill -HUP $PID
exit $RC
fi
@@ -42,10 +62,10 @@ cat /dev/null > $SEARCHOUT
# give us nothing if we're not bound, and should return all attributes
# if we're bound as anyone under UM.
#
-$LDAPSEARCH -L -b "$JAJDN" -h localhost -p $PORT "objectclass=*" \
+$LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT "objectclass=*" \
>> $SEARCHOUT 2>&1
-$LDAPSEARCH -L -b "$JAJDN" -h localhost -p $PORT \
+$LDAPSEARCH -b "$JAJDN" -h $LOCALHOST -p $PORT \
-D "$BABSDN" -w bjensen "objectclass=*" >> $SEARCHOUT 2>&1
@@ -54,8 +74,9 @@ $LDAPSEARCH -L -b "$JAJDN" -h localhost -p $PORT \
# fail when we add some DN other than our own, and should succeed when
# we add our own DN.
# bjensen
-$LDAPMODIFY -D "$JAJDN" -h localhost -p $PORT -w jaj > \
- /dev/null 2>&1 << EOMODS1
+$LDAPMODIFY -D "$JAJDN" -h $LOCALHOST -p $PORT -w jaj > \
+ $TESTOUT 2>&1 << EOMODS1
+version: 1
dn: cn=ITD Staff, ou=Groups, o=University of Michigan, c=US
changetype: modify
add: member
@@ -63,13 +84,14 @@ member: cn=Barbara Jensen, ou=Information Technology Division, ou=People, o=Univ
EOMODS1
-$LDAPMODIFY -D "$JAJDN" -h localhost -p $PORT -w jaj > \
- /dev/null 2>&1 << EOMODS2
+$LDAPMODIFY -D "$JAJDN" -h $LOCALHOST -p $PORT -w jaj >> \
+ $TESTOUT 2>&1 << EOMODS2
+version: 1
+
dn: cn=ITD Staff, ou=Groups, o=University of Michigan, c=US
changetype: modify
add: member
member: cn=James A Jones 1, ou=Alumni Association, ou=People, o=University of Michigan, c=US
-
EOMODS2
#
@@ -77,37 +99,50 @@ EOMODS2
# 1) bound as "James A Jones 1" - should fail
# 2) bound as "Barbara Jensen" - should succeed
#
-$LDAPMODIFY -D "$JAJDN" -h localhost -p $PORT -w jaj > \
- /dev/null 2>&1 << EOMODS3
+$LDAPMODIFY -D "$JAJDN" -h $LOCALHOST -p $PORT -w jaj >> \
+ $TESTOUT 2>&1 << EOMODS3
+
dn: cn=ITD Staff, ou=Groups, o=University of Michigan, c=US
changetype: modify
delete: member
EOMODS3
-$LDAPMODIFY -D "$BJORNSDN" -h localhost -p $PORT -w bjorn > \
- /dev/null 2>&1 << EOMODS4
+$LDAPMODIFY -D "$BJORNSDN" -h $LOCALHOST -p $PORT -w bjorn >> \
+ $TESTOUT 2>&1 << EOMODS4
+# COMMENT
+version: 1
+# comment
dn: cn=ITD Staff, ou=Groups, o=University of Michigan, c=US
+# comment
changetype: modify
-add: telephonenumber
-telephonenumber: +1 810 555 1212
-
+# comment
+add: ou
+# comment
+ou: Groups
+# comment
EOMODS4
echo "Using ldapsearch to retrieve all the entries..."
-$LDAPSEARCH -L -S "" -b "$BASEDN" -h localhost -p $PORT \
- 'objectClass=*' | egrep -iv '^modifytimestamp|^modifiersname' \
- >> $SEARCHOUT 2>&1
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'objectClass=*' >> $SEARCHOUT 2>&1
RC=$?
kill -HUP $PID
-if [ $RC != 0 ]; then
- echo "ldapsearch failed!"
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
exit $RC
fi
-echo "Comparing database to reference file"
-cmp $SEARCHOUT $ACLOUTMASTER
-if [ $? != 0 ]; then
+LDIF=$ACLOUTMASTER
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
echo "comparison failed - modify operations did not complete correctly"
exit 1
fi
diff --git a/tests/scripts/test007-replication b/tests/scripts/test007-replication
index c0f49136c5..4f93e1a62c 100755
--- a/tests/scripts/test007-replication
+++ b/tests/scripts/test007-replication
@@ -1,4 +1,21 @@
-#!/bin/sh
+#! /bin/sh
+# $OpenLDAP$
+
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
#
# Test replication:
@@ -10,27 +27,41 @@
# - retrieve database over ldap and compare against expected results
#
-. scripts/defines.sh
+if test ! -x $SLURPD ; then
+ echo ">>>>> $SLURPD is not executable or do not exist."
+ echo ">>>>> Test skipped."
+ exit 0
+fi
echo "Cleaning up in $DBDIR..."
-rm -f $DBDIR/*
+rm -f $DBDIR/[!C]*
echo "Cleaning up in $REPLDIR..."
-rm -f $REPLDIR/*
+rm -f $REPLDIR/[!C]*
echo "Starting master slapd on TCP/IP port $PORT..."
-$SLAPD -f $MASTERCONF -p $PORT -d 1 > /dev/null 2>&1 &
+. $CONFFILTER $BACKEND < $MASTERCONF > $DBCONF
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
echo "Starting slave slapd on TCP/IP port $SLAVEPORT..."
-$SLAPD -f $SLAVECONF -p $SLAVEPORT -d 1 > /dev/null 2>&1 &
+. $CONFFILTER $BACKEND < $SLAVECONF > $REPLCONF
+$SLAPD -f $REPLCONF -h $SLAVEURI -d $LVL $TIMING > $SLAVELOG 2>&1 &
SLAVEPID=$!
+if test $WAIT != 0 ; then
+ echo SLAVEPID $SLAVEPID
+ read foo
+fi
echo "Using ldapsearch to check that master slapd is running..."
for i in 0 1 2 3 4 5; do
- $LDAPSEARCH -L -b "$BASEDN" -h localhost -p $PORT \
- 'cn=Monitor' > /dev/null 2>&1
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
RC=$?
- if [ $RC = 1 ]; then
+ if test $RC = 1 ; then
echo "Waiting 5 seconds for slapd to start..."
sleep 5
fi
@@ -38,36 +69,41 @@ done
echo "Using ldapsearch to check that slave slapd is running..."
for i in 0 1 2 3 4 5; do
- $LDAPSEARCH -L -b "$BASEDN" -h localhost -p $SLAVEPORT \
- 'cn=Monitor' > /dev/null 2>&1
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
RC=$?
- if [ $RC = 1 ]; then
+ if test $RC = 1 ; then
echo "Waiting 5 seconds for slapd to start..."
sleep 5
fi
done
echo "Starting slurpd..."
-$SLURPD -f $MASTERCONF -d 4 -t $REPLDIR > /dev/null 2>&1 &
+$SLURPD -f $MASTERCONF -d ${SLURPD_DEBUG-5} -t $REPLDIR > $SLURPLOG 2>&1 &
SLURPPID=$!
-echo "Using ldapmodify to populate the database..."
-$LDAPMODIFY -a -D "$MANAGERDN" -h localhost -p $PORT -w $PASSWD < \
+echo "Using ldapadd to populate the master directory..."
+$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
$LDIFORDERED > /dev/null 2>&1
RC=$?
-if [ $RC != 0 ]; then
- echo "ldapmodify failed!"
- kill -HUP $PID $SLAVEPID $SLURPPID
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+ kill -INT $PID $SLAVEPID
+ kill -KILL $SLURPPID
exit $RC
fi
-echo "Using ldapmodify to modify the database..."
+echo "Waiting 15 seconds for slurpd to send changes..."
+sleep 15
+
+echo "Using ldapmodify to modify master directory..."
+
#
# Do some modifications
#
-$LDAPMODIFY -v -D "$MANAGERDN" -h localhost -p $PORT -w $PASSWD > \
- /dev/null 2>&1 << EOMODS
+$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD > \
+ $TESTOUT 2>&1 << EOMODS
dn: cn=James A Jones 1, ou=Alumni Association, ou=People, o=University of Michigan, c=US
changetype: modify
add: drink
@@ -75,9 +111,6 @@ drink: Orange Juice
dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
changetype: modify
-replace: multilinedescription
-multilinedescription: The replaced multiLineDescription $ Blah Woof.
--
replace: drink
drink: Iced Tea
drink: Mad Dog 20/20
@@ -99,58 +132,87 @@ dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, o=University
changetype: add
objectclass: top
objectclass: person
-objectclass: organizationalPerson
-objectclass: newPilotPerson
-objectclass: umichPerson
+objectclass: OpenLDAPperson
cn: Gern Jensen
+sn: Jensen
+uid: gjensen
title: Chief Investigator, ITD
postaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103
seealso: cn=All Staff, ou=Groups, o=University of Michigan, c=US
-uid: gjensen
-krbname: gjensen@umich.edu
-nobatchupdates: TRUE
-onvacation: FALSE
drink: Coffee
homepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104
-multilinedescription: Very odd
+description: Very odd
facsimiletelephonenumber: +1 313 555 7557
telephonenumber: +1 313 555 8343
mail: gjensen@mailgw.umich.edu
homephone: +1 313 555 8844
+dn: ou=Retired, ou=People, o=University of Michigan, c=US
+changetype: add
+objectclass: top
+objectclass: organizationalUnit
+ou: Retired
+
+dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+changetype: add
+objectclass: top
+objectclass: person
+cn: Rosco P. Coltrane
+sn: Coltrane
+
+dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+changetype: modrdn
+newrdn: cn=Rosco P. Coltrane
+deleteoldrdn: 1
+newsuperior: ou=Retired, ou=People, o=University of Michigan, c=US
+
dn: cn=James A Jones 2, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
changetype: delete
EOMODS
-echo "Waiting 10 seconds for slurpd to send changes..."
-sleep 10
+echo "Waiting 15 seconds for slurpd to send changes..."
+sleep 15
echo "Using ldapsearch to read all the entries from the master..."
-$LDAPSEARCH -L -S "" -b "$BASEDN" -h localhost -p $PORT \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'objectclass=*' > $MASTEROUT 2>&1
+RC=$?
-if [ $RC != 0 ]; then
- echo "ldapsearch failed!"
- kill -HUP $PID $SLAVEPID $SLURPPID
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -INT $PID $SLAVEPID
+ kill -KILL $SLURPPID
exit $RC
fi
echo "Using ldapsearch to read all the entries from the slave..."
-$LDAPSEARCH -L -S "" -b "$BASEDN" -h localhost -p $SLAVEPORT \
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $SLAVEPORT \
'objectclass=*' > $SLAVEOUT 2>&1
+RC=$?
-if [ $RC != 0 ]; then
- echo "ldapsearch failed!"
- kill -HUP $PID $SLAVEPID $SLURPPID
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -INT $PID $SLAVEPID
+ kill -KILL $SLURPPID
exit $RC
fi
-kill -HUP $PID $SLAVEPID $SLURPPID
+kill -INT $PID $SLAVEPID
+kill -KILL $SLURPPID
+
+SEARCHOUT=$MASTEROUT
+LDIF=$SLAVEOUT
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
echo "Comparing retrieved entries from master and slave..."
-cmp $MASTEROUT $SLAVEOUT
-if [ $? != 0 ]; then
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
echo "test failed - master and slave databases differ"
exit 1
fi
diff --git a/tests/scripts/test009-referral b/tests/scripts/test009-referral
new file mode 100755
index 0000000000..63e145eebc
--- /dev/null
+++ b/tests/scripts/test009-referral
@@ -0,0 +1,145 @@
+#! /bin/sh
+# $OpenLDAP$
+
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+#
+# Test default referral
+#
+
+
+echo "Cleaning up in $DBDIR and $REPLDIR ..."
+
+rm -f $DBDIR/[!C]*
+rm -f $REPLDIR/[!C]*
+
+echo "Running slapadd to build slapd database..."
+. $CONFFILTER $BACKEND < $CONF > $DBCONF
+$SLAPADD -f $DBCONF -l $LDIFORDERED
+RC=$?
+if test $RC != 0 ; then
+ echo "slapadd failed ($RC)!"
+ exit $RC
+fi
+
+echo "Starting master slapd on TCP/IP port $PORT..."
+$SLAPD -n master -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+
+echo "Starting slave slapd on TCP/IP port $SLAVEPORT..."
+. $CONFFILTER $BACKEND < $REFSLAVECONF > $REPLCONF
+$SLAPD -n slave -f $REPLCONF -h $SLAVEURI -d $LVL $TIMING > $SLAVELOG 2>&1 &
+SLAVEPID=$!
+if test $WAIT != 0 ; then
+ echo SLAVEPID $SLAVEPID
+ read foo
+fi
+
+echo "Testing for master slapd..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "Testing for slave slapd..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $SLAVEPORT \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+cat /dev/null > $SEARCHOUT
+
+echo "Testing exact searching..."
+$LDAPSEARCH -C -S "" -b "$BASEDN" -h $LOCALHOST -p $SLAVEPORT \
+ 'sn=jensen' >> $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID $SLAVEPID
+ exit $RC
+fi
+
+echo "Testing OR searching..."
+$LDAPSEARCH -C -S "" -b "$BASEDN" -h $LOCALHOST -p $SLAVEPORT \
+ '(|(objectclass=groupofnames)(sn=jones))' >> $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID $SLAVEPID
+ exit $RC
+fi
+
+echo "Testing AND matching and ends-with searching..."
+$LDAPSEARCH -C -S "" -b "$BASEDN" -h $LOCALHOST -p $SLAVEPORT \
+ '(&(objectclass=groupofnames)(cn=A*))' >> $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID $SLAVEPID
+ exit $RC
+fi
+
+echo "Testing NOT searching..."
+$LDAPSEARCH -C -S "" -b "$BASEDN" -h $LOCALHOST -p $SLAVEPORT \
+ '(!(objectclass=pilotPerson))' >> $SEARCHOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID $SLAVEPID
+ exit $RC
+fi
+
+kill -HUP $PID $SLAVEPID
+
+LDIF=$SEARCHOUTMASTER
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "Comparison failed"
+ exit 1
+fi
+
+echo ">>>>> Test succeeded"
+
+
+exit 0
diff --git a/tests/scripts/test010-passwd b/tests/scripts/test010-passwd
new file mode 100755
index 0000000000..acf6175319
--- /dev/null
+++ b/tests/scripts/test010-passwd
@@ -0,0 +1,147 @@
+#! /bin/sh
+# $OpenLDAP$
+
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+echo "Cleaning up in $DBDIR..."
+
+rm -f $DBDIR/[!C]*
+
+echo "Starting slapd on TCP/IP port $PORT..."
+. $CONFFILTER $BACKEND < $PWCONF > $DBCONF
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+
+echo "Using ldapsearch to check that slapd is running..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+echo "Using ldapadd to populate the database..."
+$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFPASSWD > $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo > $SEARCHOUT
+echo > $TESTOUT
+
+echo "Using ldapsearch to verify population ..."
+echo "++ Initial search" >> $SEARCHOUT
+$LDAPSEARCH -h $LOCALHOST -p $PORT \
+ -D "$MANAGERDN" -w $PASSWD \
+ -b "$BASEDN" \
+ 'objectclass=*' >> $SEARCHOUT 2>&1
+
+echo "Using ldappasswd (PASS 1) ..."
+echo "Pass 1" >> $TESTOUT
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w secret -s newsecret \
+ -D "cn=md5, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w $PASSWD -s newsecret \
+ -D "$MANAGERDN" "cn=smd5, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w secret -s newsecret \
+ -D "cn=sha, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w secret -s newsecret \
+ -D "cn=ssha, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "" >> $TESTOUT
+echo "Pass 2" >> $TESTOUT
+echo "Using ldappasswd (PASS 2) ..."
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w newsecret \
+ -D "cn=md5, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w newsecret \
+ -D "cn=smd5, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w newsecret \
+ -D "cn=sha, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+$LDAPPASSWD -h $LOCALHOST -p $PORT \
+ -w newsecret \
+ -D "cn=ssha, $BASEDN" >> $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldappasswd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+kill -HUP $PID
+
+echo ">>>>> Test succeeded"
+
+exit 0
diff --git a/tests/scripts/test011-subtree-repl b/tests/scripts/test011-subtree-repl
new file mode 100755
index 0000000000..a1db8872e0
--- /dev/null
+++ b/tests/scripts/test011-subtree-repl
@@ -0,0 +1,259 @@
+#! /bin/sh
+# $OpenLDAP$
+
+echo "Test disabled."
+exit 0
+
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+#
+# Test replication:
+# - start master
+# - start slave
+# - create root entry in slave
+# - start slurpd
+# - populate over ldap
+# - perform some modifies and deleted
+# - retrieve database over ldap and compare against expected results
+#
+
+if test ! -x $SLURPD ; then
+ echo ">>>>> $SLURPD is not executable or do not exist."
+ echo ">>>>> Test skipped."
+ exit 0
+fi
+
+echo "Cleaning up in $DBDIR..."
+rm -f $DBDIR/[!C]*
+echo "Cleaning up in $REPLDIR..."
+rm -f $REPLDIR/replica/[!C]*
+rm -f $REPLDIR/[!C]*
+
+echo "Starting master slapd on TCP/IP port $PORT..."
+. $CONFFILTER $BACKEND < $SUBMASTERCONF > $DBCONF
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+
+echo "Starting slave slapd on TCP/IP port $SLAVEPORT..."
+. $CONFFILTER $BACKEND < $SUBSLAVECONF > $REPLCONF
+$SLAPD -f $REPLCONF -h $SLAVEURI -d $LVL $TIMING > $SLAVELOG 2>&1 &
+SLAVEPID=$!
+if test $WAIT != 0 ; then
+ echo SLAVEPID $SLAVEPID
+ read foo
+fi
+
+echo "Using ldapsearch to check that master slapd is running..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+echo "Using ldapsearch to check that slave slapd is running..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+echo "Starting slurpd..."
+$SLURPD -f $SUBMASTERCONF -d ${SLURPD_DEBUG-5} -t $REPLDIR > $SLURPLOG 2>&1 &
+SLURPPID=$!
+
+echo "Using ldapadd to populate the master directory..."
+$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDERED > /dev/null 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+ kill -INT $PID $SLAVEPID
+ kill -KILL $SLURPPID
+ exit $RC
+fi
+
+echo "Waiting 15 seconds for slurpd to send changes..."
+sleep 15
+
+echo "Using ldapmodify to modify master directory..."
+
+#
+# Do some modifications
+#
+
+$LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD > \
+ $TESTOUT 2>&1 << EOMODS
+dn: cn=James A Jones 1, ou=Alumni Association, ou=People, o=University of Michigan, c=US
+changetype: modify
+add: drink
+drink: Orange Juice
+
+dn: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+changetype: modify
+replace: drink
+drink: Iced Tea
+drink: Mad Dog 20/20
+
+dn: cn=ITD Staff,ou=Groups,o=University of Michigan,c=US
+delete: member
+member: cn=James A Jones 2, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+member: cn=Bjorn Jensen, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+-
+add: member
+member: cn=Dorothy Stevens, ou=Alumni Association, ou=People, o=University of Michigan, c=US
+member: cn=James A Jones 1, ou=Alumni Association, ou=People, o=University of Michigan, c=US
+
+dn: cn=All Staff,ou=Groups,o=University of Michigan,c=US
+changetype: modify
+delete: member
+
+dn: cn=Gern Jensen, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+changetype: add
+objectclass: top
+objectclass: person
+objectclass: OpenLDAPperson
+cn: Gern Jensen
+sn: Jensen
+uid: gjensen
+title: Chief Investigator, ITD
+postaladdress: ITD $ 535 W. William St $ Ann Arbor, MI 48103
+seealso: cn=All Staff, ou=Groups, o=University of Michigan, c=US
+drink: Coffee
+homepostaladdress: 844 Brown St. Apt. 4 $ Ann Arbor, MI 48104
+description: Very odd
+facsimiletelephonenumber: +1 313 555 7557
+telephonenumber: +1 313 555 8343
+mail: gjensen@mailgw.umich.edu
+homephone: +1 313 555 8844
+
+dn: ou=Retired, ou=People, o=University of Michigan, c=US
+changetype: add
+objectclass: top
+objectclass: organizationalUnit
+ou: Retired
+
+dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+changetype: add
+objectclass: top
+objectclass: person
+cn: Rosco P. Coltrane
+sn: Coltrane
+
+dn: cn=Rosco P. Coltrane, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+changetype: modrdn
+newrdn: cn=Rosco P. Coltrane
+deleteoldrdn: 1
+newsuperior: ou=Retired, ou=People, o=University of Michigan, c=US
+
+dn: cn=James A Jones 2, ou=Information Technology Division, ou=People, o=University of Michigan, c=US
+changetype: delete
+
+EOMODS
+
+echo "Waiting 15 seconds for slurpd to send changes..."
+sleep 15
+
+echo "Using ldapsearch to read all the entries from the master..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > $MASTEROUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -INT $PID $SLAVEPID
+ kill -KILL $SLURPPID
+ exit $RC
+fi
+
+echo "Using ldapsearch to read the subtree entries from the master..."
+$LDAPSEARCH -S "" -b "ou=Groups, $BASEDN" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > $SUBMASTEROUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -INT $PID $SLAVEPID
+ kill -KILL $SLURPPID
+ exit $RC
+fi
+
+echo "Using ldapsearch to read all the entries from the slave..."
+$LDAPSEARCH -S "" -b "ou=Groups, $BASEDN" -h $LOCALHOST -p $SLAVEPORT \
+ 'objectclass=*' > $SLAVEOUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -INT $PID $SLAVEPID
+ kill -KILL $SLURPPID
+ exit $RC
+fi
+
+kill -INT $PID $SLAVEPID
+kill -KILL $SLURPPID
+
+SEARCHOUT=$SUBMASTEROUT
+LDIF=$SLAVEOUT
+
+echo "Filtering master ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering slave ldapsearch results..."
+. $LDIFFILTER < $LDIF > $LDIFFLT
+
+echo "Comparing retrieved entries from master and slave..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "test failed - master and slave databases differ"
+ exit 1
+fi
+
+SEARCHOUT=$MASTEROUT
+
+echo "Filtering remaining data"
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+
+echo "Stripping slave entries from master output..."
+$CMP $SEARCHFLT $LDIFFLT | $UNDIFFFILTER > $SUBFLT
+
+echo "Stripping subtree entries from master output..."
+. $SUBFILTER 'ou=Groups,[ ]?o=University of Michigan,[ ]?c=US' < $SEARCHOUT \
+ | $UNDIFFFILTER > $SUBFLT2
+
+echo "Comparing master minus subtree and master minus slave..."
+$CMP $SUBFLT $SUBFLT2 > $CMPOUT
+
+if test $? != 0 ; then
+ echo "test failed - master and slave databases differ"
+ exit 1
+fi
+
+echo ">>>>> Test succeeded"
+
+exit 0
diff --git a/tests/scripts/test012-glue b/tests/scripts/test012-glue
new file mode 100755
index 0000000000..51c589ca84
--- /dev/null
+++ b/tests/scripts/test012-glue
@@ -0,0 +1,138 @@
+#! /bin/sh
+# $OpenLDAP$
+
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+echo "Cleaning up in $DBDIR..."
+
+mkdir $DBDIR/C_db1 $DBDIR/C_db2 $DBDIR/C_db3
+
+rm -f $DBDIR/[!C]* $DBDIR/C_db?/*
+
+echo "Running slapadd to build glued slapd databases..."
+. $CONFFILTER $BACKEND < $GLUECONF > $DBCONF
+$SLAPADD -d $LVL -f $DBCONF -l $LDIFORDERED > $DBDIR/slapadd.log 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "slapadd failed ($RC)!"
+ exit $RC
+fi
+
+echo "Starting slapd on TCP/IP port $PORT..."
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+
+echo "Using ldapsearch to retrieve all the entries..."
+cd test-db
+for i in 0 1 2 3 4 5; do
+ ../$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT > ../$SEARCHOUT 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+cd ..
+
+kill -HUP $PID
+echo "Sleeping for 5 seconds to let slapd exit..."
+sleep 5
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ exit $RC
+fi
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIFGLUED > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - database was not created correctly"
+ echo $SEARCHFLT $LDIFFLT
+ $DIFF $SEARCHFLT $LDIFFLT
+ exit 1
+fi
+
+echo "OK... Cleaning up in $DBDIR..."
+
+rm -f $DBDIR/C_db?/*
+
+echo "Starting slapd on TCP/IP port $PORT..."
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+
+echo "Using ldapsearch to check that slapd is running..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+echo "Using ldapadd to populate the glued database..."
+$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFORDERED > $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "Using ldapsearch to read all the entries..."
+$LDAPSEARCH -b "$BASEDN" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > $SEARCHOUT 2>&1
+RC=$?
+
+kill -HUP $PID
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ exit $RC
+fi
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering original ldif used to create database..."
+. $LDIFFILTER < $LDIFGLUED > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - database was not created correctly"
+ exit 1
+fi
+
+echo ">>>>> Test succeeded"
+
+
+exit 0
diff --git a/tests/scripts/test013-language b/tests/scripts/test013-language
new file mode 100755
index 0000000000..ba8b0eedbc
--- /dev/null
+++ b/tests/scripts/test013-language
@@ -0,0 +1,115 @@
+#! /bin/sh
+# $OpenLDAP$
+
+SRCDIR="."
+if test $# -ge 1 ; then
+ SRCDIR=$1; shift
+fi
+BACKEND=bdb
+if test $# -ge 1 ; then
+ BACKEND=$1; shift
+fi
+WAIT=0
+if test $# -ge 1 ; then
+ WAIT=1; shift
+fi
+
+echo "running defines.sh"
+. $SRCDIR/scripts/defines.sh
+
+echo "Cleaning up in $DBDIR..."
+
+rm -f $DBDIR/[!C]*
+
+echo "Starting slapd on TCP/IP port $PORT..."
+. $CONFFILTER $BACKEND < $CONF > $DBCONF
+$SLAPD -f $DBCONF -h $MASTERURI -d $LVL $TIMING > $MASTERLOG 2>&1 &
+PID=$!
+if test $WAIT != 0 ; then
+ echo PID $PID
+ read foo
+fi
+
+echo "Using ldapsearch to check that slapd is running..."
+for i in 0 1 2 3 4 5; do
+ $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT \
+ 'objectclass=*' > /dev/null 2>&1
+ RC=$?
+ if test $RC = 1 ; then
+ echo "Waiting 5 seconds for slapd to start..."
+ sleep 5
+ fi
+done
+
+echo "Using ldapadd to populate the database..."
+$LDAPADD -D "$MANAGERDN" -h $LOCALHOST -p $PORT -w $PASSWD < \
+ $LDIFLANG > $TESTOUT 2>&1
+RC=$?
+if test $RC != 0 ; then
+ echo "ldapadd failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "Using ldapsearch to read all the entries..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT -s base \
+ '(&)' > $SEARCHOUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "Using ldapsearch to read name ..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT -s base \
+ '(&)' 'name' >> $SEARCHOUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "Using ldapsearch to read name language tag ..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT -s base \
+ '(&)' 'name;lang-en-US' >> $SEARCHOUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+echo "Using ldapsearch to read name language range ..."
+$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT -s base \
+ '(&)' 'name;lang-en-' >> $SEARCHOUT 2>&1
+RC=$?
+
+if test $RC != 0 ; then
+ echo "ldapsearch failed ($RC)!"
+ kill -HUP $PID
+ exit $RC
+fi
+
+kill -HUP $PID
+
+echo "Filtering ldapsearch results..."
+. $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
+echo "Filtering language ldif ..."
+. $LDIFFILTER < $LDIFLANGOUT > $LDIFFLT
+echo "Comparing filter output..."
+$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
+
+if test $? != 0 ; then
+ echo "comparison failed - language test failed!"
+ exit 1
+fi
+
+echo ">>>>> Test succeeded"
+
+
+exit 0
diff --git a/tests/scripts/test015-xsearch b/tests/scripts/test015-xsearch
index c5c60b2e6a..9f66443aa1 100755
--- a/tests/scripts/test015-xsearch
+++ b/tests/scripts/test015-xsearch
@@ -69,6 +69,7 @@ cat /dev/null > $SEARCHOUT
echo "Testing exact searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(sn:=jensen)' >> $SEARCHOUT 2>&1
+RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
@@ -78,6 +79,7 @@ fi
echo "Testing OR searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(|(givenName=XX*YY*Z)(cn=)(undef=*)(objectclass=groupofnames)(sn:caseExactMatch:=Jones))' >> $SEARCHOUT 2>&1
+RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
@@ -87,6 +89,7 @@ fi
echo "Testing AND matching and ends-with searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(&(objectclass=groupofnames)(cn=A*))' >> $SEARCHOUT 2>&1
+RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
@@ -96,6 +99,7 @@ fi
echo "Testing NOT searching..."
$LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT \
'(!(objectclass=pilotPerson))' >> $SEARCHOUT 2>&1
+RC=$?
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
kill -HUP $PID
--
GitLab