Commit dfb6f870 authored by Howard Chu's avatar Howard Chu
Browse files

Rearrange, merge sasl config back into main config

parent df3d8f3e
This diff is collapsed.
......@@ -17,11 +17,11 @@
typedef struct config_table_s {
char *name;
char *what;
int min_args;
int max_args;
int length;
char *what;
unsigned long arg_type;
unsigned int arg_type;
void *arg_item;
char *attribute;
AttributeDescription *ad;
......@@ -37,7 +37,7 @@ typedef struct config_table_s {
#define ARG_BER_LEN_T 0x00040000
#define ARG_ON_OFF 0x00080000
#define ARG_STRING 0x00100000
#define ARG_BERVAL 0x00200000 /* XXX not yet */
#define ARG_DN 0x00200000
#define ARG_EXISTS 0x00400000 /* XXX not yet */
#define ARG_IGNORED 0x00800000
......@@ -46,7 +46,7 @@ typedef struct config_table_s {
#define ARG_PRE_DB 0x02000000
#define ARG_PAREN 0x04000000
#define ARG_NONZERO 0x08000000
#define ARG_UNIQUE 0x10000000 /* XXX not yet */
#define ARG_UNIQUE 0x10000000
#define ARG_SPECIAL 0x20000000 /* one special case */
#define ARG_OFFSET 0x40000000
#define ARG_MAGIC 0x80000000
......@@ -67,6 +67,8 @@ typedef struct config_args_s {
long value_long; /* for simple cases */
ber_len_t value_ber_t;
char *value_string;
struct berval value_dn;
struct berval value_ndn;
int emit; /* emit instead of setting */
int type; /* ConfigTable.arg_type & ARGS_USERLAND */
BackendDB *be;
......
......@@ -1147,13 +1147,6 @@ LDAP_SLAPD_F (int) slap_sasl_setpass(
Operation *op,
SlapReply *rs );
LDAP_SLAPD_F (int) slap_sasl_config(
int cargc,
char **cargv,
char *line,
const char *fname,
int lineno );
LDAP_SLAPD_F (int) slap_sasl_getdn( Connection *conn, Operation *op,
struct berval *id, char *user_realm, struct berval *dn, int flags );
......
......@@ -64,116 +64,6 @@ typedef struct sasl_ctx {
static struct berval ext_bv = BER_BVC( "EXTERNAL" );
int slap_sasl_config( int cargc, char **cargv, char *line,
const char *fname, int lineno )
{
/* set SASL proxy authorization policy */
if ( !strcasecmp( cargv[0], "authz-policy" ) ||
!strcasecmp( cargv[0], "sasl-authz-policy" ))
{
if ( cargc != 2 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing policy in"
" \"%s <policy>\" line\n",
cargv[0], fname, lineno );
return( 1 );
}
if ( slap_sasl_setpolicy( cargv[1] ) ) {
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"unable to parse value \"%s\" in \"authz-policy "
"<policy>\" line.\n",
fname, lineno, cargv[1] );
return( 1 );
}
} else if ( !strcasecmp( cargv[0], "authz-regexp" ) ||
!strcasecmp( cargv[0], "sasl-regexp" ) ||
!strcasecmp( cargv[0], "saslregexp" ) )
{
int rc;
if ( cargc != 3 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: need 2 args in "
"\"authz-regexp <match> <replace>\"\n",
fname, lineno, 0 );
return( 1 );
}
rc = slap_sasl_regexp_config( cargv[1], cargv[2] );
if ( rc ) {
return rc;
}
#ifdef HAVE_CYRUS_SASL
/* set SASL host */
} else if ( strcasecmp( cargv[0], "sasl-host" ) == 0 ) {
if ( cargc < 2 ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: missing host in \"sasl-host <host>\" line\n",
fname, lineno, 0 );
return( 1 );
}
if ( global_host != NULL ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: already set sasl-host!\n",
fname, lineno, 0 );
return 1;
} else {
global_host = ch_strdup( cargv[1] );
}
/* set SASL realm */
} else if ( strcasecmp( cargv[0], "sasl-realm" ) == 0 ) {
if ( cargc < 2 ) {
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"missing realm in \"sasl-realm <realm>\" line.\n",
fname, lineno, 0 );
return( 1 );
}
if ( global_realm != NULL ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: already set sasl-realm!\n",
fname, lineno, 0 );
return 1;
} else {
global_realm = ch_strdup( cargv[1] );
}
/* SASL security properties */
} else if ( strcasecmp( cargv[0], "sasl-secprops" ) == 0 ) {
char *txt;
if ( cargc < 2 ) {
Debug( LDAP_DEBUG_ANY, "%s: line %d: "
"missing flags in \"sasl-secprops <properties>\" line\n",
fname, lineno, 0 );
return 1;
}
txt = slap_sasl_secprops( cargv[1] );
if ( txt != NULL ) {
Debug( LDAP_DEBUG_ANY,
"%s: line %d: sasl-secprops: %s\n",
fname, lineno, txt );
return 1;
}
#endif /* HAVE_CYRUS_SASL */
}
return LDAP_SUCCESS;
}
#ifdef HAVE_CYRUS_SASL
int
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment