bconfig.c 163 KB
Newer Older
Howard Chu's avatar
Howard Chu committed
1
2
3
4
/* bconfig.c - the config backend */
/* $OpenLDAP$ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
 *
Kurt Zeilenga's avatar
Kurt Zeilenga committed
5
 * Copyright 2005-2007 The OpenLDAP Foundation.
Howard Chu's avatar
Howard Chu committed
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted only as authorized by the OpenLDAP
 * Public License.
 *
 * A copy of this license is available in the file LICENSE in the
 * top-level directory of the distribution or, alternatively, at
 * <http://www.OpenLDAP.org/license.html>.
 */
/* ACKNOWLEDGEMENTS:
 * This work was originally developed by Howard Chu for inclusion
 * in OpenLDAP Software.
 */

#include "portable.h"

#include <stdio.h>
#include <ac/string.h>
25
26
#include <ac/ctype.h>
#include <ac/errno.h>
27
#include <sys/stat.h>
Howard Chu's avatar
Howard Chu committed
28
29

#include "slap.h"
30
31
32
33
34

#ifdef LDAP_SLAPI
#include "slapi/slapi.h"
#endif

35
#include <ldif.h>
36
37
#include <lutil.h>

Howard Chu's avatar
Howard Chu committed
38
39
#include "config.h"

40
41
42
43
44
#define	CONFIG_RDN	"cn=config"
#define	SCHEMA_RDN	"cn=schema"

static struct berval config_rdn = BER_BVC(CONFIG_RDN);
static struct berval schema_rdn = BER_BVC(SCHEMA_RDN);
Howard Chu's avatar
Howard Chu committed
45

46
47
extern int slap_DN_strict;	/* dn.c */

48
49
50
51
52
53
#ifdef SLAPD_MODULES
typedef struct modpath_s {
	struct modpath_s *mp_next;
	struct berval mp_path;
	BerVarray mp_loads;
} ModPaths;
Howard Chu's avatar
Howard Chu committed
54
55

static ModPaths modpaths, *modlast = &modpaths, *modcur = &modpaths;
56
57
58
59
60
61
#endif

typedef struct ConfigFile {
	struct ConfigFile *c_sibs;
	struct ConfigFile *c_kids;
	struct berval c_file;
Howard Chu's avatar
Howard Chu committed
62
63
64
65
	AttributeType *c_at_head, *c_at_tail;
	ContentRule *c_cr_head, *c_cr_tail;
	ObjectClass *c_oc_head, *c_oc_tail;
	OidMacro *c_om_head, *c_om_tail;
66
67
68
	BerVarray c_dseFiles;
} ConfigFile;

Howard Chu's avatar
Howard Chu committed
69
70
71
typedef struct {
	ConfigFile *cb_config;
	CfEntryInfo *cb_root;
72
73
	BackendDB	cb_db;	/* underlying database */
	int		cb_got_ldif;
74
	int		cb_use_ldif;
Howard Chu's avatar
Howard Chu committed
75
76
} CfBackInfo;

77
78
static CfBackInfo cfBackInfo;

79
static char	*passwd_salt;
Quanah Gibson-Mount's avatar
Quanah Gibson-Mount committed
80
static FILE *logfile;
81
static char	*logfileName;
82
#ifdef SLAP_AUTH_REWRITE
83
static BerVarray authz_rewrites;
84
#endif
85

86
87
static struct berval cfdir;

88
/* Private state */
Howard Chu's avatar
Howard Chu committed
89
static AttributeDescription *cfAd_backend, *cfAd_database, *cfAd_overlay,
90
	*cfAd_include, *cfAd_attr, *cfAd_oc, *cfAd_om;
Howard Chu's avatar
Howard Chu committed
91

92
static ConfigFile *cfn;
93

94
95
static Avlnode *CfOcTree;

96
97
98
99
100
101
102
103
/* System schema state */
extern AttributeType *at_sys_tail;	/* at.c */
extern ObjectClass *oc_sys_tail;	/* oc.c */
extern OidMacro *om_sys_tail;	/* oidm.c */
static AttributeType *cf_at_tail;
static ObjectClass *cf_oc_tail;
static OidMacro *cf_om_tail;

104
static int config_add_internal( CfBackInfo *cfb, Entry *e, ConfigArgs *ca,
105
	SlapReply *rs, int *renumber, Operation *op );
106

107
static int config_check_schema( Operation *op, CfBackInfo *cfb );
108

Howard Chu's avatar
Howard Chu committed
109
static ConfigDriver config_fname;
110
static ConfigDriver config_cfdir;
Howard Chu's avatar
Howard Chu committed
111
112
113
114
115
116
117
static ConfigDriver config_generic;
static ConfigDriver config_search_base;
static ConfigDriver config_passwd_hash;
static ConfigDriver config_schema_dn;
static ConfigDriver config_sizelimit;
static ConfigDriver config_timelimit;
static ConfigDriver config_overlay;
118
static ConfigDriver config_subordinate; 
Howard Chu's avatar
Howard Chu committed
119
120
121
122
123
124
125
126
127
128
129
130
131
static ConfigDriver config_suffix; 
static ConfigDriver config_rootdn;
static ConfigDriver config_rootpw;
static ConfigDriver config_restrict;
static ConfigDriver config_allows;
static ConfigDriver config_disallows;
static ConfigDriver config_requires;
static ConfigDriver config_security;
static ConfigDriver config_referral;
static ConfigDriver config_loglevel;
static ConfigDriver config_updatedn;
static ConfigDriver config_updateref;
static ConfigDriver config_include;
132
static ConfigDriver config_obsolete;
133
#ifdef HAVE_TLS
Howard Chu's avatar
Howard Chu committed
134
135
static ConfigDriver config_tls_option;
static ConfigDriver config_tls_config;
136
#endif
137
extern ConfigDriver syncrepl_config;
138
139
140
141
142
143
144
145
146
147
148

enum {
	CFG_ACL = 1,
	CFG_BACKEND,
	CFG_DATABASE,
	CFG_TLS_RAND,
	CFG_TLS_CIPHER,
	CFG_TLS_CERT_FILE,
	CFG_TLS_CERT_KEY,
	CFG_TLS_CA_PATH,
	CFG_TLS_CA_FILE,
149
	CFG_TLS_DH_FILE,
150
151
	CFG_TLS_VERIFY,
	CFG_TLS_CRLCHECK,
152
	CFG_TLS_CRL_FILE,
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
	CFG_CONCUR,
	CFG_THREADS,
	CFG_SALT,
	CFG_LIMITS,
	CFG_RO,
	CFG_REWRITE,
	CFG_DEPTH,
	CFG_OID,
	CFG_OC,
	CFG_DIT,
	CFG_ATTR,
	CFG_ATOPT,
	CFG_ROOTDSE,
	CFG_LOGFILE,
	CFG_PLUGIN,
	CFG_MODLOAD,
	CFG_MODPATH,
	CFG_LASTMOD,
	CFG_AZPOLICY,
	CFG_AZREGEXP,
	CFG_SASLSECP,
	CFG_SSTR_IF_MAX,
	CFG_SSTR_IF_MIN,
176
	CFG_TTHREADS,
177
	CFG_MIRRORMODE,
178
	CFG_HIDDEN,
179
	CFG_MONITORING,
180
	CFG_SERVERID,
181
	CFG_SORTVALS,
182
	CFG_IX_INTLEN,
Pierangelo Masarati's avatar
Pierangelo Masarati committed
183
184

	CFG_LAST
185
186
187
188
189
190
191
192
193
194
};

typedef struct {
	char *name, *oid;
} OidRec;

static OidRec OidMacros[] = {
	/* OpenLDAProot:666.11.1 */
	{ "OLcfg", "1.3.6.1.4.1.4203.666.11.1" },
	{ "OLcfgAt", "OLcfg:3" },
195
196
197
198
	{ "OLcfgGlAt", "OLcfgAt:0" },
	{ "OLcfgBkAt", "OLcfgAt:1" },
	{ "OLcfgDbAt", "OLcfgAt:2" },
	{ "OLcfgOvAt", "OLcfgAt:3" },
199
	{ "OLcfgCtAt", "OLcfgAt:4" },	/* contrib modules */
200
	{ "OLcfgOc", "OLcfg:4" },
201
202
203
204
	{ "OLcfgGlOc", "OLcfgOc:0" },
	{ "OLcfgBkOc", "OLcfgOc:1" },
	{ "OLcfgDbOc", "OLcfgOc:2" },
	{ "OLcfgOvOc", "OLcfgOc:3" },
205
	{ "OLcfgCtOc", "OLcfgOc:4" },	/* contrib modules */
206
207
208
209
210
211

	/* Syntaxes. We should just start using the standard names and
	 * document that they are predefined and available for users
	 * to reference in their own schema. Defining schema without
	 * OID macros is for masochists...
	 */
212
213
214
215
	{ "OMsyn", "1.3.6.1.4.1.1466.115.121.1" },
	{ "OMsBoolean", "OMsyn:7" },
	{ "OMsDN", "OMsyn:12" },
	{ "OMsDirectoryString", "OMsyn:15" },
Howard Chu's avatar
Howard Chu committed
216
	{ "OMsIA5String", "OMsyn:26" },
217
218
	{ "OMsInteger", "OMsyn:27" },
	{ "OMsOID", "OMsyn:38" },
219
220
221
222
	{ "OMsOctetString", "OMsyn:40" },
	{ NULL, NULL }
};

223
/*
224
225
 * Backend/Database registry
 *
226
 * OLcfg{Bk|Db}{Oc|At}:0		-> common
Pierangelo Masarati's avatar
Pierangelo Masarati committed
227
228
229
 * OLcfg{Bk|Db}{Oc|At}:1		-> back-bdb(/back-hdb)
 * OLcfg{Bk|Db}{Oc|At}:2		-> back-ldif
 * OLcfg{Bk|Db}{Oc|At}:3		-> back-ldap
230
231
232
 * OLcfg{Bk|Db}{Oc|At}:4		-> back-monitor
 * OLcfg{Bk|Db}{Oc|At}:5		-> back-relay
 * OLcfg{Bk|Db}{Oc|At}:6		-> back-sql
233
234
 */

235
236
237
238
239
240
241
242
/*
 * Overlay registry
 *
 * OLcfgOv{Oc|At}:1			-> syncprov
 * OLcfgOv{Oc|At}:2			-> pcache
 * OLcfgOv{Oc|At}:3			-> chain
 * OLcfgOv{Oc|At}:4			-> accesslog
 * OLcfgOv{Oc|At}:5			-> valsort
243
244
 * OLcfgOv{Oc|At}:7			-> distproc
 * OLcfgOv{Oc|At}:8			-> dynlist
245
 * OLcfgOv{Oc|At}:9			-> dds
246
247
248
249
250
251
252
253
254
255
 * OLcfgOv{Oc|At}:10			-> unique
 * OLcfgOv{Oc|At}:11			-> refint
 * OLcfgOv{Oc|At}:12 			-> ppolicy
 * OLcfgOv{Oc|At}:13			-> constraint
 * OLcfgOv{Oc|At}:14			-> translucent
 * OLcfgOv{Oc|At}:15			-> auditlog
 * OLcfgOv{Oc|At}:16			-> rwm
 * OLcfgOv{Oc|At}:17			-> dyngroup
 * OLcfgOv{Oc|At}:18			-> memberof
 * OLcfgOv{Oc|At}:19			-> collect
256
257
 */

258
259
/* alphabetical ordering */

260
static ConfigTable config_back_cf_table[] = {
261
262
	/* This attr is read-only */
	{ "", "", 0, 0, 0, ARG_MAGIC,
263
		&config_fname, "( OLcfgGlAt:78 NAME 'olcConfigFile' "
264
265
			"DESC 'File for slapd configuration directives' "
			"EQUALITY caseIgnoreMatch "
266
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
267
	{ "", "", 0, 0, 0, ARG_MAGIC,
268
		&config_cfdir, "( OLcfgGlAt:79 NAME 'olcConfigDir' "
269
270
271
			"DESC 'Directory for slapd configuration backend' "
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
272
	{ "access",	NULL, 0, 0, 0, ARG_MAY_DB|ARG_MAGIC|CFG_ACL,
273
		&config_generic, "( OLcfgGlAt:1 NAME 'olcAccess' "
274
275
276
277
			"DESC 'Access Control List' "
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
	{ "allows",	"features", 2, 0, 5, ARG_PRE_DB|ARG_MAGIC,
278
		&config_allows, "( OLcfgGlAt:2 NAME 'olcAllows' "
279
280
281
282
			"DESC 'Allowed set of deprecated features' "
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString )", NULL, NULL },
	{ "argsfile", "file", 2, 2, 0, ARG_STRING,
283
		&slapd_args_file, "( OLcfgGlAt:3 NAME 'olcArgsFile' "
284
285
			"DESC 'File for slapd command line options' "
			"EQUALITY caseIgnoreMatch "
286
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
287
288
289
290
	{ "attributeoptions", NULL, 0, 0, 0, ARG_MAGIC|CFG_ATOPT,
		&config_generic, "( OLcfgGlAt:5 NAME 'olcAttributeOptions' "
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString )", NULL, NULL },
Pierangelo Masarati's avatar
cleanup    
Pierangelo Masarati committed
291
	{ "attribute",	"attribute", 2, 0, STRLENOF( "attribute" ),
292
		ARG_PAREN|ARG_MAGIC|CFG_ATTR,
293
		&config_generic, "( OLcfgGlAt:4 NAME 'olcAttributeTypes' "
Howard Chu's avatar
Howard Chu committed
294
			"DESC 'OpenLDAP attributeTypes' "
295
296
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
Howard Chu's avatar
Howard Chu committed
297
				NULL, NULL },
298
	{ "authid-rewrite", NULL, 2, 0, STRLENOF( "authid-rewrite" ),
299
#ifdef SLAP_AUTH_REWRITE
300
		ARG_MAGIC|CFG_REWRITE|ARG_NO_INSERT, &config_generic,
301
302
303
#else
		ARG_IGNORED, NULL,
#endif
304
		 "( OLcfgGlAt:6 NAME 'olcAuthIDRewrite' "
305
			"EQUALITY caseIgnoreMatch "
306
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
307
	{ "authz-policy", "policy", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_AZPOLICY,
308
		&config_generic, "( OLcfgGlAt:7 NAME 'olcAuthzPolicy' "
309
			"EQUALITY caseIgnoreMatch "
310
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
311
	{ "authz-regexp", NULL, 3, 3, 0, ARG_MAGIC|CFG_AZREGEXP|ARG_NO_INSERT,
312
		&config_generic, "( OLcfgGlAt:8 NAME 'olcAuthzRegexp' "
313
314
315
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
	{ "backend", "type", 2, 2, 0, ARG_PRE_DB|ARG_MAGIC|CFG_BACKEND,
316
		&config_generic, "( OLcfgGlAt:9 NAME 'olcBackend' "
317
318
			"DESC 'A type of backend' "
			"EQUALITY caseIgnoreMatch "
319
320
			"SYNTAX OMsDirectoryString SINGLE-VALUE X-ORDERED 'SIBLINGS' )",
				NULL, NULL },
Howard Chu's avatar
Howard Chu committed
321
	{ "concurrency", "level", 2, 2, 0, ARG_INT|ARG_MAGIC|CFG_CONCUR,
322
		&config_generic, "( OLcfgGlAt:10 NAME 'olcConcurrency' "
323
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
324
	{ "conn_max_pending", "max", 2, 2, 0, ARG_INT,
325
		&slap_conn_max_pending, "( OLcfgGlAt:11 NAME 'olcConnMaxPending' "
326
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
327
	{ "conn_max_pending_auth", "max", 2, 2, 0, ARG_INT,
328
		&slap_conn_max_pending_auth, "( OLcfgGlAt:12 NAME 'olcConnMaxPendingAuth' "
329
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
330
	{ "database", "type", 2, 2, 0, ARG_MAGIC|CFG_DATABASE,
331
		&config_generic, "( OLcfgGlAt:13 NAME 'olcDatabase' "
332
			"DESC 'The backend type for a database instance' "
333
			"SUP olcBackend SINGLE-VALUE X-ORDERED 'SIBLINGS' )", NULL, NULL },
Pierangelo Masarati's avatar
Pierangelo Masarati committed
334
	{ "defaultSearchBase", "dn", 2, 2, 0, ARG_PRE_BI|ARG_PRE_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
335
		&config_search_base, "( OLcfgGlAt:14 NAME 'olcDefaultSearchBase' "
336
			"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
337
	{ "disallows", "features", 2, 0, 8, ARG_PRE_DB|ARG_MAGIC,
338
		&config_disallows, "( OLcfgGlAt:15 NAME 'olcDisallows' "
339
340
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString )", NULL, NULL },
341
	{ "ditcontentrule",	NULL, 0, 0, 0, ARG_MAGIC|CFG_DIT|ARG_NO_DELETE|ARG_NO_INSERT,
342
		&config_generic, "( OLcfgGlAt:16 NAME 'olcDitContentRules' "
Howard Chu's avatar
Howard Chu committed
343
			"DESC 'OpenLDAP DIT content rules' "
344
345
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
Howard Chu's avatar
Howard Chu committed
346
			NULL, NULL },
347
348
349
350
351
352
	{ "gentlehup", "on|off", 2, 2, 0,
#ifdef SIGHUP
		ARG_ON_OFF, &global_gentlehup,
#else
		ARG_IGNORED, NULL,
#endif
353
		"( OLcfgGlAt:17 NAME 'olcGentleHUP' "
354
			"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
355
356
357
	{ "hidden", "on|off", 2, 2, 0, ARG_DB|ARG_ON_OFF|ARG_MAGIC|CFG_HIDDEN,
		&config_generic, "( OLcfgDbAt:0.17 NAME 'olcHidden' "
			"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
358
	{ "idletimeout", "timeout", 2, 2, 0, ARG_INT,
359
		&global_idletimeout, "( OLcfgGlAt:18 NAME 'olcIdleTimeout' "
360
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
361
	{ "include", "file", 2, 2, 0, ARG_MAGIC,
362
363
		&config_include, "( OLcfgGlAt:19 NAME 'olcInclude' "
			"SUP labeledURI )", NULL, NULL },
364
	{ "index_substr_if_minlen", "min", 2, 2, 0, ARG_INT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MIN,
365
		&config_generic, "( OLcfgGlAt:20 NAME 'olcIndexSubstrIfMinLen' "
366
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
367
	{ "index_substr_if_maxlen", "max", 2, 2, 0, ARG_INT|ARG_NONZERO|ARG_MAGIC|CFG_SSTR_IF_MAX,
368
		&config_generic, "( OLcfgGlAt:21 NAME 'olcIndexSubstrIfMaxLen' "
369
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
370
	{ "index_substr_any_len", "len", 2, 2, 0, ARG_INT|ARG_NONZERO,
371
		&index_substr_any_len, "( OLcfgGlAt:22 NAME 'olcIndexSubstrAnyLen' "
372
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
373
	{ "index_substr_any_step", "step", 2, 2, 0, ARG_INT|ARG_NONZERO,
374
		&index_substr_any_step, "( OLcfgGlAt:23 NAME 'olcIndexSubstrAnyStep' "
375
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
376
377
378
	{ "index_intlen", "len", 2, 2, 0, ARG_INT|ARG_MAGIC|CFG_IX_INTLEN,
		&config_generic, "( OLcfgGlAt:84 NAME 'olcIndexIntLen' "
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
379
	{ "lastmod", "on|off", 2, 2, 0, ARG_DB|ARG_ON_OFF|ARG_MAGIC|CFG_LASTMOD,
380
		&config_generic, "( OLcfgDbAt:0.4 NAME 'olcLastMod' "
381
			"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
382
	{ "limits", "limits", 2, 0, 0, ARG_DB|ARG_MAGIC|CFG_LIMITS,
383
		&config_generic, "( OLcfgDbAt:0.5 NAME 'olcLimits' "
384
			"EQUALITY caseIgnoreMatch "
385
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
386
	{ "localSSF", "ssf", 2, 2, 0, ARG_INT,
387
		&local_ssf, "( OLcfgGlAt:26 NAME 'olcLocalSSF' "
388
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
389
	{ "logfile", "file", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_LOGFILE,
390
		&config_generic, "( OLcfgGlAt:27 NAME 'olcLogFile' "
391
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
392
	{ "loglevel", "level", 2, 0, 0, ARG_MAGIC,
393
		&config_loglevel, "( OLcfgGlAt:28 NAME 'olcLogLevel' "
394
			"EQUALITY caseIgnoreMatch "
395
396
			"SYNTAX OMsDirectoryString )", NULL, NULL },
	{ "maxDerefDepth", "depth", 2, 2, 0, ARG_DB|ARG_INT|ARG_MAGIC|CFG_DEPTH,
397
		&config_generic, "( OLcfgDbAt:0.6 NAME 'olcMaxDerefDepth' "
398
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
399
400
401
	{ "mirrormode", "on|off", 2, 2, 0, ARG_DB|ARG_ON_OFF|ARG_MAGIC|CFG_MIRRORMODE,
		&config_generic, "( OLcfgDbAt:0.16 NAME 'olcMirrorMode' "
			"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
402
403
	{ "moduleload",	"file", 2, 0, 0,
#ifdef SLAPD_MODULES
404
		ARG_MAGIC|CFG_MODLOAD|ARG_NO_DELETE, &config_generic,
405
406
407
#else
		ARG_IGNORED, NULL,
#endif
408
		"( OLcfgGlAt:30 NAME 'olcModuleLoad' "
409
			"EQUALITY caseIgnoreMatch "
410
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
411
412
	{ "modulepath", "path", 2, 2, 0,
#ifdef SLAPD_MODULES
413
		ARG_MAGIC|CFG_MODPATH|ARG_NO_DELETE|ARG_NO_INSERT, &config_generic,
414
415
416
#else
		ARG_IGNORED, NULL,
#endif
417
		"( OLcfgGlAt:31 NAME 'olcModulePath' "
Howard Chu's avatar
Howard Chu committed
418
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
419
420
421
422
	{ "monitoring", "TRUE|FALSE", 2, 2, 0,
		ARG_MAGIC|CFG_MONITORING|ARG_DB|ARG_ON_OFF, &config_generic,
		"( OLcfgDbAt:0.18 NAME 'olcMonitoring' "
			"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
423
	{ "objectclass", "objectclass", 2, 0, 0, ARG_PAREN|ARG_MAGIC|CFG_OC,
424
		&config_generic, "( OLcfgGlAt:32 NAME 'olcObjectClasses' "
Howard Chu's avatar
Howard Chu committed
425
		"DESC 'OpenLDAP object classes' "
426
427
		"EQUALITY caseIgnoreMatch "
		"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )",
Howard Chu's avatar
Howard Chu committed
428
			NULL, NULL },
429
	{ "objectidentifier", "name> <oid",	3, 3, 0, ARG_MAGIC|CFG_OID,
430
		&config_generic, "( OLcfgGlAt:33 NAME 'olcObjectIdentifier' "
431
			"EQUALITY caseIgnoreMatch "
432
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
433
	{ "overlay", "overlay", 2, 2, 0, ARG_MAGIC,
434
		&config_overlay, "( OLcfgGlAt:34 NAME 'olcOverlay' "
435
			"SUP olcDatabase SINGLE-VALUE X-ORDERED 'SIBLINGS' )", NULL, NULL },
436
	{ "password-crypt-salt-format", "salt", 2, 2, 0, ARG_STRING|ARG_MAGIC|CFG_SALT,
437
		&config_generic, "( OLcfgGlAt:35 NAME 'olcPasswordCryptSaltFormat' "
438
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
439
	{ "password-hash", "hash", 2, 2, 0, ARG_MAGIC,
440
		&config_passwd_hash, "( OLcfgGlAt:36 NAME 'olcPasswordHash' "
441
			"EQUALITY caseIgnoreMatch "
442
443
			"SYNTAX OMsDirectoryString )", NULL, NULL },
	{ "pidfile", "file", 2, 2, 0, ARG_STRING,
444
		&slapd_pid_file, "( OLcfgGlAt:37 NAME 'olcPidFile' "
445
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
446
447
448
449
450
451
	{ "plugin", NULL, 0, 0, 0,
#ifdef LDAP_SLAPI
		ARG_MAGIC|CFG_PLUGIN, &config_generic,
#else
		ARG_IGNORED, NULL,
#endif
452
		"( OLcfgGlAt:38 NAME 'olcPlugin' "
453
			"EQUALITY caseIgnoreMatch "
454
455
456
457
458
459
460
			"SYNTAX OMsDirectoryString )", NULL, NULL },
	{ "pluginlog", "filename", 2, 2, 0,
#ifdef LDAP_SLAPI
		ARG_STRING, &slapi_log_file,
#else
		ARG_IGNORED, NULL,
#endif
461
		"( OLcfgGlAt:39 NAME 'olcPluginLogFile' "
462
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
463
	{ "readonly", "on|off", 2, 2, 0, ARG_MAY_DB|ARG_ON_OFF|ARG_MAGIC|CFG_RO,
464
		&config_generic, "( OLcfgGlAt:40 NAME 'olcReadOnly' "
465
			"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
466
	{ "referral", "url", 2, 2, 0, ARG_MAGIC,
467
		&config_referral, "( OLcfgGlAt:41 NAME 'olcReferral' "
468
			"SUP labeledURI SINGLE-VALUE )", NULL, NULL },
469
	{ "replica", "host or uri", 2, 0, 0, ARG_DB|ARG_MAGIC,
470
		&config_obsolete, "( OLcfgDbAt:0.7 NAME 'olcReplica' "
471
			"EQUALITY caseIgnoreMatch "
472
			"SUP labeledURI X-ORDERED 'VALUES' )", NULL, NULL },
473
474
	{ "replica-argsfile", NULL, 0, 0, 0, ARG_MAY_DB|ARG_MAGIC,
		&config_obsolete, "( OLcfgGlAt:43 NAME 'olcReplicaArgsFile' "
475
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
476
477
	{ "replica-pidfile", NULL, 0, 0, 0, ARG_MAY_DB|ARG_MAGIC,
		&config_obsolete, "( OLcfgGlAt:44 NAME 'olcReplicaPidFile' "
478
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
479
480
	{ "replicationInterval", NULL, 0, 0, 0, ARG_MAY_DB|ARG_MAGIC,
		&config_obsolete, "( OLcfgGlAt:45 NAME 'olcReplicationInterval' "
481
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
482
483
	{ "replogfile", "filename", 2, 2, 0, ARG_MAY_DB|ARG_MAGIC,
		&config_obsolete, "( OLcfgGlAt:46 NAME 'olcReplogFile' "
484
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
485
	{ "require", "features", 2, 0, 7, ARG_MAY_DB|ARG_MAGIC,
486
		&config_requires, "( OLcfgGlAt:47 NAME 'olcRequires' "
487
			"EQUALITY caseIgnoreMatch "
488
489
			"SYNTAX OMsDirectoryString )", NULL, NULL },
	{ "restrict", "op_list", 2, 0, 0, ARG_MAY_DB|ARG_MAGIC,
490
		&config_restrict, "( OLcfgGlAt:48 NAME 'olcRestrict' "
491
			"EQUALITY caseIgnoreMatch "
492
493
494
495
496
497
498
			"SYNTAX OMsDirectoryString )", NULL, NULL },
	{ "reverse-lookup", "on|off", 2, 2, 0,
#ifdef SLAPD_RLOOKUPS
		ARG_ON_OFF, &use_reverse_lookup,
#else
		ARG_IGNORED, NULL,
#endif
499
		"( OLcfgGlAt:49 NAME 'olcReverseLookup' "
500
			"SYNTAX OMsBoolean SINGLE-VALUE )", NULL, NULL },
Pierangelo Masarati's avatar
Pierangelo Masarati committed
501
	{ "rootdn", "dn", 2, 2, 0, ARG_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
502
		&config_rootdn, "( OLcfgDbAt:0.8 NAME 'olcRootDN' "
503
			"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
504
	{ "rootDSE", "file", 2, 2, 0, ARG_MAGIC|CFG_ROOTDSE,
505
		&config_generic, "( OLcfgGlAt:51 NAME 'olcRootDSE' "
506
			"EQUALITY caseIgnoreMatch "
507
			"SYNTAX OMsDirectoryString )", NULL, NULL },
Howard Chu's avatar
Howard Chu committed
508
	{ "rootpw", "password", 2, 2, 0, ARG_BERVAL|ARG_DB|ARG_MAGIC,
509
		&config_rootpw, "( OLcfgDbAt:0.9 NAME 'olcRootPW' "
510
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
511
512
513
514
	{ "sasl-authz-policy", NULL, 2, 2, 0, ARG_MAGIC|CFG_AZPOLICY,
		&config_generic, NULL, NULL, NULL },
	{ "sasl-host", "host", 2, 2, 0,
#ifdef HAVE_CYRUS_SASL
515
		ARG_STRING|ARG_UNIQUE, &sasl_host,
516
517
518
#else
		ARG_IGNORED, NULL,
#endif
519
		"( OLcfgGlAt:53 NAME 'olcSaslHost' "
520
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
521
522
523
524
525
526
	{ "sasl-realm", "realm", 2, 2, 0,
#ifdef HAVE_CYRUS_SASL
		ARG_STRING|ARG_UNIQUE, &global_realm,
#else
		ARG_IGNORED, NULL,
#endif
527
		"( OLcfgGlAt:54 NAME 'olcSaslRealm' "
528
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
529
530
531
532
533
534
535
536
	{ "sasl-regexp", NULL, 3, 3, 0, ARG_MAGIC|CFG_AZREGEXP,
		&config_generic, NULL, NULL, NULL },
	{ "sasl-secprops", "properties", 2, 2, 0,
#ifdef HAVE_CYRUS_SASL
		ARG_MAGIC|CFG_SASLSECP, &config_generic,
#else
		ARG_IGNORED, NULL,
#endif
537
		"( OLcfgGlAt:56 NAME 'olcSaslSecProps' "
538
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
539
540
	{ "saslRegexp",	NULL, 3, 3, 0, ARG_MAGIC|CFG_AZREGEXP,
		&config_generic, NULL, NULL, NULL },
Pierangelo Masarati's avatar
Pierangelo Masarati committed
541
	{ "schemadn", "dn", 2, 2, 0, ARG_MAY_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
542
		&config_schema_dn, "( OLcfgGlAt:58 NAME 'olcSchemaDN' "
543
			"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
544
	{ "security", "factors", 2, 0, 0, ARG_MAY_DB|ARG_MAGIC,
545
		&config_security, "( OLcfgGlAt:59 NAME 'olcSecurity' "
546
			"EQUALITY caseIgnoreMatch "
547
			"SYNTAX OMsDirectoryString )", NULL, NULL },
548
549
550
551
	{ "serverID", "number> <[URI]", 2, 3, 0, ARG_MAGIC|CFG_SERVERID,
		&config_generic, "( OLcfgGlAt:81 NAME 'olcServerID' "
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString )", NULL, NULL },
552
	{ "sizelimit", "limit",	2, 0, 0, ARG_MAY_DB|ARG_MAGIC,
553
		&config_sizelimit, "( OLcfgGlAt:60 NAME 'olcSizeLimit' "
554
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
555
	{ "sockbuf_max_incoming", "max", 2, 2, 0, ARG_BER_LEN_T,
556
		&sockbuf_max_incoming, "( OLcfgGlAt:61 NAME 'olcSockbufMaxIncoming' "
557
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
558
	{ "sockbuf_max_incoming_auth", "max", 2, 2, 0, ARG_BER_LEN_T,
559
		&sockbuf_max_incoming_auth, "( OLcfgGlAt:62 NAME 'olcSockbufMaxIncomingAuth' "
560
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
561
562
563
564
565
	{ "sortvals", "attr", 2, 0, 0, ARG_MAGIC|CFG_SORTVALS,
		&config_generic, "( OLcfgGlAt:83 NAME 'olcSortVals' "
			"DESC 'Attributes whose values will always be sorted' "
			"EQUALITY caseIgnoreMatch "
			"SYNTAX OMsDirectoryString )", NULL, NULL },
566
	{ "subordinate", "[advertise]", 1, 2, 0, ARG_DB|ARG_MAGIC,
Howard Chu's avatar
Howard Chu committed
567
		&config_subordinate, "( OLcfgDbAt:0.15 NAME 'olcSubordinate' "
568
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
Pierangelo Masarati's avatar
Pierangelo Masarati committed
569
	{ "suffix",	"suffix", 2, 2, 0, ARG_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
570
		&config_suffix, "( OLcfgDbAt:0.10 NAME 'olcSuffix' "
571
			"EQUALITY distinguishedNameMatch "
572
573
			"SYNTAX OMsDN )", NULL, NULL },
	{ "syncrepl", NULL, 0, 0, 0, ARG_DB|ARG_MAGIC,
574
		&syncrepl_config, "( OLcfgDbAt:0.11 NAME 'olcSyncrepl' "
575
			"EQUALITY caseIgnoreMatch "
576
			"SYNTAX OMsDirectoryString X-ORDERED 'VALUES' )", NULL, NULL },
577
578
579
580
581
582
583
	{ "threads", "count", 2, 2, 0,
#ifdef NO_THREADS
		ARG_IGNORED, NULL,
#else
		ARG_INT|ARG_MAGIC|CFG_THREADS, &config_generic,
#endif
		"( OLcfgGlAt:66 NAME 'olcThreads' "
584
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
585
	{ "timelimit", "limit", 2, 0, 0, ARG_MAY_DB|ARG_MAGIC,
586
		&config_timelimit, "( OLcfgGlAt:67 NAME 'olcTimeLimit' "
587
			"SYNTAX OMsDirectoryString )", NULL, NULL },
588
589
590
591
592
593
	{ "TLSCACertificateFile", NULL, 0, 0, 0,
#ifdef HAVE_TLS
		CFG_TLS_CA_FILE|ARG_STRING|ARG_MAGIC, &config_tls_option,
#else
		ARG_IGNORED, NULL,
#endif
594
		"( OLcfgGlAt:68 NAME 'olcTLSCACertificateFile' "
595
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
596
597
598
599
600
601
	{ "TLSCACertificatePath", NULL,	0, 0, 0,
#ifdef HAVE_TLS
		CFG_TLS_CA_PATH|ARG_STRING|ARG_MAGIC, &config_tls_option,
#else
		ARG_IGNORED, NULL,
#endif
602
		"( OLcfgGlAt:69 NAME 'olcTLSCACertificatePath' "
603
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
604
605
606
607
608
609
	{ "TLSCertificateFile", NULL, 0, 0, 0,
#ifdef HAVE_TLS
		CFG_TLS_CERT_FILE|ARG_STRING|ARG_MAGIC, &config_tls_option,
#else
		ARG_IGNORED, NULL,
#endif
610
		"( OLcfgGlAt:70 NAME 'olcTLSCertificateFile' "
611
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
612
613
614
615
616
617
	{ "TLSCertificateKeyFile", NULL, 0, 0, 0,
#ifdef HAVE_TLS
		CFG_TLS_CERT_KEY|ARG_STRING|ARG_MAGIC, &config_tls_option,
#else
		ARG_IGNORED, NULL,
#endif
618
		"( OLcfgGlAt:71 NAME 'olcTLSCertificateKeyFile' "
619
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
620
621
622
623
624
625
	{ "TLSCipherSuite",	NULL, 0, 0, 0,
#ifdef HAVE_TLS
		CFG_TLS_CIPHER|ARG_STRING|ARG_MAGIC, &config_tls_option,
#else
		ARG_IGNORED, NULL,
#endif
626
		"( OLcfgGlAt:72 NAME 'olcTLSCipherSuite' "
627
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
628
	{ "TLSCRLCheck", NULL, 0, 0, 0,
629
#if defined(HAVE_TLS) && defined(HAVE_OPENSSL_CRL)
630
631
632
633
		CFG_TLS_CRLCHECK|ARG_STRING|ARG_MAGIC, &config_tls_config,
#else
		ARG_IGNORED, NULL,
#endif
634
		"( OLcfgGlAt:73 NAME 'olcTLSCRLCheck' "
635
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
636
637
638
639
640
641
642
643
	{ "TLSCRLFile", NULL, 0, 0, 0,
#if defined(HAVE_GNUTLS)
		CFG_TLS_CRL_FILE|ARG_STRING|ARG_MAGIC, &config_tls_option,
#else
		ARG_IGNORED, NULL,
#endif
		"( OLcfgGlAt:82 NAME 'olcTLSCRLFile' "
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
644
645
646
647
648
649
	{ "TLSRandFile", NULL, 0, 0, 0,
#ifdef HAVE_TLS
		CFG_TLS_RAND|ARG_STRING|ARG_MAGIC, &config_tls_option,
#else
		ARG_IGNORED, NULL,
#endif
650
		"( OLcfgGlAt:74 NAME 'olcTLSRandFile' "
651
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
652
653
654
655
656
657
	{ "TLSVerifyClient", NULL, 0, 0, 0,
#ifdef HAVE_TLS
		CFG_TLS_VERIFY|ARG_STRING|ARG_MAGIC, &config_tls_config,
#else
		ARG_IGNORED, NULL,
#endif
658
		"( OLcfgGlAt:75 NAME 'olcTLSVerifyClient' "
659
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
660
	{ "TLSDHParamFile", NULL, 0, 0, 0,
661
#ifdef HAVE_TLS
662
		CFG_TLS_DH_FILE|ARG_STRING|ARG_MAGIC, &config_tls_option,
663
664
665
#else
		ARG_IGNORED, NULL,
#endif
666
		"( OLcfgGlAt:77 NAME 'olcTLSDHParamFile' "
667
			"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
668
669
670
	{ "tool-threads", "count", 2, 2, 0, ARG_INT|ARG_MAGIC|CFG_TTHREADS,
		&config_generic, "( OLcfgGlAt:80 NAME 'olcToolThreads' "
			"SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL },
671
672
	{ "ucdata-path", "path", 2, 2, 0, ARG_IGNORED,
		NULL, NULL, NULL, NULL },
Pierangelo Masarati's avatar
Pierangelo Masarati committed
673
	{ "updatedn", "dn", 2, 2, 0, ARG_DB|ARG_DN|ARG_QUOTE|ARG_MAGIC,
674
		&config_updatedn, "( OLcfgDbAt:0.12 NAME 'olcUpdateDN' "
675
			"SYNTAX OMsDN SINGLE-VALUE )", NULL, NULL },
676
	{ "updateref", "url", 2, 2, 0, ARG_DB|ARG_MAGIC,
677
		&config_updateref, "( OLcfgDbAt:0.13 NAME 'olcUpdateRef' "
678
			"EQUALITY caseIgnoreMatch "
679
680
681
682
			"SUP labeledURI )", NULL, NULL },
	{ NULL,	NULL, 0, 0, 0, ARG_IGNORED,
		NULL, NULL, NULL, NULL }
};
Howard Chu's avatar
Howard Chu committed
683

684
/* Routines to check if a child can be added to this type */
685
static ConfigLDAPadd cfAddSchema, cfAddInclude, cfAddDatabase,
686
687
	cfAddBackend, cfAddModule, cfAddOverlay;

688
689
/* NOTE: be careful when defining array members
 * that can be conditionally compiled */
690
691
692
693
694
#define CFOC_GLOBAL	cf_ocs[1]
#define CFOC_SCHEMA	cf_ocs[2]
#define CFOC_BACKEND	cf_ocs[3]
#define CFOC_DATABASE	cf_ocs[4]
#define CFOC_OVERLAY	cf_ocs[5]
695
696
#define CFOC_INCLUDE	cf_ocs[6]
#define CFOC_FRONTEND	cf_ocs[7]
697
#ifdef SLAPD_MODULES
698
#define CFOC_MODULE	cf_ocs[8]
699
#endif /* SLAPD_MODULES */
700

701
static ConfigOCs cf_ocs[] = {
702
	{ "( OLcfgGlOc:0 "
Howard Chu's avatar
Howard Chu committed
703
704
		"NAME 'olcConfig' "
		"DESC 'OpenLDAP configuration object' "
Howard Chu's avatar
Howard Chu committed
705
		"ABSTRACT SUP top )", Cft_Abstract, NULL },
706
	{ "( OLcfgGlOc:1 "
Howard Chu's avatar
Howard Chu committed
707
708
709
		"NAME 'olcGlobal' "
		"DESC 'OpenLDAP Global configuration options' "
		"SUP olcConfig STRUCTURAL "
Howard Chu's avatar
Howard Chu committed
710
		"MAY ( cn $ olcConfigFile $ olcConfigDir $ olcAllows $ olcArgsFile $ "
711
		 "olcAttributeOptions $ olcAuthIDRewrite $ "
712
		 "olcAuthzPolicy $ olcAuthzRegexp $ olcConcurrency $ "
713
		 "olcConnMaxPending $ olcConnMaxPendingAuth $ "
714
		 "olcDisallows $ olcGentleHUP $ olcIdleTimeout $ "
715
		 "olcIndexSubstrIfMaxLen $ olcIndexSubstrIfMinLen $ "
716
717
		 "olcIndexSubstrAnyLen $ olcIndexSubstrAnyStep $ olcIndexIntLen $ "
		 "olcLocalSSF $ olcLogLevel $ "
Howard Chu's avatar
Howard Chu committed
718
		 "olcPasswordCryptSaltFormat $ olcPasswordHash $ olcPidFile $ "
719
		 "olcPluginLogFile $ olcReadOnly $ olcReferral $ "
Howard Chu's avatar
Howard Chu committed
720
		 "olcReplogFile $ olcRequires $ olcRestrict $ olcReverseLookup $ "
721
		 "olcRootDSE $ "
722
		 "olcSaslHost $ olcSaslRealm $ olcSaslSecProps $ "
723
		 "olcSecurity $ olcServerID $ olcSizeLimit $ "
Howard Chu's avatar
Howard Chu committed
724
		 "olcSockbufMaxIncoming $ olcSockbufMaxIncomingAuth $ "
Howard Chu's avatar
Howard Chu committed
725
726
727
		 "olcThreads $ olcTimeLimit $ olcTLSCACertificateFile $ "
		 "olcTLSCACertificatePath $ olcTLSCertificateFile $ "
		 "olcTLSCertificateKeyFile $ olcTLSCipherSuite $ olcTLSCRLCheck $ "
728
		 "olcTLSRandFile $ olcTLSVerifyClient $ olcTLSDHParamFile $ "
729
		 "olcTLSCRLFile $ olcToolThreads $ "
730
		 "olcObjectIdentifier $ olcAttributeTypes $ olcObjectClasses $ "
731
		 "olcDitContentRules ) )", Cft_Global },
732
	{ "( OLcfgGlOc:2 "
Howard Chu's avatar
Howard Chu committed
733
734
735
		"NAME 'olcSchemaConfig' "
		"DESC 'OpenLDAP schema object' "
		"SUP olcConfig STRUCTURAL "
Howard Chu's avatar
Howard Chu committed
736
737
		"MAY ( cn $ olcObjectIdentifier $ olcAttributeTypes $ "
		 "olcObjectClasses $ olcDitContentRules ) )",
738
		 	Cft_Schema, NULL, cfAddSchema },
739
	{ "( OLcfgGlOc:3 "
Howard Chu's avatar
Howard Chu committed
740
741
742
		"NAME 'olcBackendConfig' "
		"DESC 'OpenLDAP Backend-specific options' "
		"SUP olcConfig STRUCTURAL "
743
		"MUST olcBackend )", Cft_Backend, NULL, cfAddBackend },
744
	{ "( OLcfgGlOc:4 "
Howard Chu's avatar
Howard Chu committed
745
746
747
		"NAME 'olcDatabaseConfig' "
		"DESC 'OpenLDAP Database-specific options' "
		"SUP olcConfig STRUCTURAL "
Howard Chu's avatar
Howard Chu committed
748
		"MUST olcDatabase "
749
750
		"MAY ( olcHidden $ olcSuffix $ olcSubordinate $ olcAccess $ "
		 "olcLastMod $ olcLimits $ "
751
		 "olcMaxDerefDepth $ olcPlugin $ olcReadOnly $ olcReplica $ "
752
		 "olcReplicaArgsFile $ olcReplicaPidFile $ olcReplicationInterval $ "
753
		 "olcReplogFile $ olcRequires $ olcRestrict $ olcRootDN $ olcRootPW $ "
Howard Chu's avatar
Howard Chu committed
754
		 "olcSchemaDN $ olcSecurity $ olcSizeLimit $ olcSyncrepl $ "
755
756
		 "olcTimeLimit $ olcUpdateDN $ olcUpdateRef $ olcMirrorMode $ "
		 "olcMonitoring ) )",
757
		 	Cft_Database, NULL, cfAddDatabase },
758
	{ "( OLcfgGlOc:5 "
Howard Chu's avatar
Howard Chu committed
759
760
761
		"NAME 'olcOverlayConfig' "
		"DESC 'OpenLDAP Overlay-specific options' "
		"SUP olcConfig STRUCTURAL "
762
		"MUST olcOverlay )", Cft_Overlay, NULL, cfAddOverlay },
763
764
765
766
767
768
769
770
	{ "( OLcfgGlOc:6 "
		"NAME 'olcIncludeFile' "
		"DESC 'OpenLDAP configuration include file' "
		"SUP olcConfig STRUCTURAL "
		"MUST olcInclude "
		"MAY ( cn $ olcRootDSE ) )",
		/* Used to be Cft_Include, that def has been removed */
		Cft_Abstract, NULL, cfAddInclude },
771
772
773
774
	/* This should be STRUCTURAL like all the other database classes, but
	 * that would mean inheriting all of the olcDatabaseConfig attributes,
	 * which causes them to be merged twice in config_build_entry.
	 */
775
	{ "( OLcfgGlOc:7 "
776
777
778
		"NAME 'olcFrontendConfig' "
		"DESC 'OpenLDAP frontend configuration' "
		"AUXILIARY "
779
		"MAY ( olcDefaultSearchBase $ olcPasswordHash $ olcSortVals ) )",
780
		Cft_Database, NULL, NULL },
781
782
783
784
785
786
787
788
#ifdef SLAPD_MODULES
	{ "( OLcfgGlOc:8 "
		"NAME 'olcModuleList' "
		"DESC 'OpenLDAP dynamic module info' "
		"SUP olcConfig STRUCTURAL "
		"MAY ( cn $ olcModulePath $ olcModuleLoad ) )",
		Cft_Module, NULL, cfAddModule },
#endif
Howard Chu's avatar
Howard Chu committed
789
	{ NULL, 0, NULL }
Howard Chu's avatar
Howard Chu committed
790
791
};

792
793
794
795
796
797
798
799
typedef struct ServerID {
	struct ServerID *si_next;
	struct berval si_url;
	int si_num;
} ServerID;

static ServerID *sid_list;

800
801
802
803
804
805
806
typedef struct ADlist {
	struct ADlist *al_next;
	AttributeDescription *al_desc;
} ADlist;

static ADlist *sortVals;

807
808
809
810
static int
config_generic(ConfigArgs *c) {
	int i;

811
	if ( c->op == SLAP_CONFIG_EMIT ) {
812
813
814
815
816
817
818
819
		int rc = 0;
		switch(c->type) {
		case CFG_CONCUR:
			c->value_int = ldap_pvt_thread_get_concurrency();
			break;
		case CFG_THREADS:
			c->value_int = connection_pool_max;
			break;
820
821
822
		case CFG_TTHREADS:
			c->value_int = slap_tool_thread_max;
			break;
823
824
825
826
827
828
829
830
831
832
833
834
		case CFG_SALT:
			if ( passwd_salt )
				c->value_string = ch_strdup( passwd_salt );
			else
				rc = 1;
			break;
		case CFG_LIMITS:
			if ( c->be->be_limits ) {
				char buf[4096*3];
				struct berval bv;

				for ( i=0; c->be->be_limits[i]; i++ ) {
Pierangelo Masarati's avatar
Pierangelo Masarati committed
835
836
837
838
839
840
841
842
					bv.bv_len = snprintf( buf, sizeof( buf ), SLAP_X_ORDERED_FMT, i );
					if ( bv.bv_len >= sizeof( buf ) ) {
						ber_bvarray_free_x( c->rvalue_vals, NULL );
						c->rvalue_vals = NULL;
						rc = 1;
						break;
					}
					bv.bv_val = buf + bv.bv_len;
843
844
					limits_unparse( c->be->be_limits[i], &bv,
							sizeof( buf ) - ( bv.bv_val - buf ) );
845
846
847
848
849
850
851
852
					bv.bv_len += bv.bv_val - buf;
					bv.bv_val = buf;
					value_add_one( &c->rvalue_vals, &bv );
				}
			}
			if ( !c->rvalue_vals ) rc = 1;
			break;
		case CFG_RO:
Howard Chu's avatar
Howard Chu committed
853
854
			c->value_int = (c->be->be_restrictops & SLAP_RESTRICT_OP_WRITES) ==
				SLAP_RESTRICT_OP_WRITES;
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
			break;
		case CFG_AZPOLICY:
			c->value_string = ch_strdup( slap_sasl_getpolicy());
			break;
		case CFG_AZREGEXP:
			slap_sasl_regexp_unparse( &c->rvalue_vals );
			if ( !c->rvalue_vals ) rc = 1;
			break;
#ifdef HAVE_CYRUS_SASL
		case CFG_SASLSECP: {
			struct berval bv = BER_BVNULL;
			slap_sasl_secprops_unparse( &bv );
			if ( !BER_BVISNULL( &bv )) {
				ber_bvarray_add( &c->rvalue_vals, &bv );
			} else {
				rc = 1;
			}
			}
			break;
#endif
		case CFG_DEPTH:
			c->value_int = c->be->be_max_deref_depth;
			break;
878
879
880
881
882
883
884
		case CFG_HIDDEN:
			if ( SLAP_DBHIDDEN( c->be )) {
				c->value_int = 1;
			} else {
				rc = 1;
			}
			break;
Howard Chu's avatar
Howard Chu committed
885
886
887
888
889
890
891
892
893
894
895
		case CFG_OID: {
			ConfigFile *cf = c->private;
			if ( !cf )
				oidm_unparse( &c->rvalue_vals, NULL, NULL, 1 );
			else if ( cf->c_om_head )
				oidm_unparse( &c->rvalue_vals, cf->c_om_head,
					cf->c_om_tail, 0 );
			if ( !c->rvalue_vals )
				rc = 1;
			}
			break;
896
897
898
		case CFG_ATOPT:
			ad_unparse_options( &c->rvalue_vals );
			break;
Howard Chu's avatar
Howard Chu committed
899
900
901
902
903
904
905
		case CFG_OC: {
			ConfigFile *cf = c->private;
			if ( !cf )
				oc_unparse( &c->rvalue_vals, NULL, NULL, 1 );
			else if ( cf->c_oc_head )
				oc_unparse( &c->rvalue_vals, cf->c_oc_head,
					cf->c_oc_tail, 0 );
906
907
			if ( !c->rvalue_vals )
				rc = 1;
Howard Chu's avatar
Howard Chu committed
908
			}
909
			break;
Howard Chu's avatar
Howard Chu committed
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931