Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15253/ldapserver/ldap/admin/src
Modified Files:
create_instance.c
Log Message:
Resolves: bug 229691
Bug Description: Add enable switches for optional/experimental features
Reviewed by: nkinder, nhosoi, prowley (Thanks!)
Fix Description: Added --enable-pam-passthru, --enable-dna, and --enable-ldapi. They are
all on by default and must be explicitly disabled (--disable-pam-passthru). These all
cause ENABLE_xxx to be defined for C code so that we can enclose the code in #ifdef
ENABLE_PAM_PASSTHRU blocks, for example. For the first two, these also cause the plugins
to be built - so that if you specify --disable-pam-passthru, the plugin code will not be
built at all. I discovered a nifty autoconf macro called AS_HELP_STRING - this nicely
formats the help messages output by configure --help. I don't know if it's worth
going through all of our m4 code to use this, but I went ahead and fixed configure.ac.
Create instance will now add plugin configuration entries (but disabled) for pam passthru
and dna if the corresponding ENABLE_ macros are defined. I also fixed a bug with passthru
(not pam passthru) - the plugin configuration entry was not being added.
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: no
Index: create_instance.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/create_instance.c,v
retrieving revision 1.44
retrieving revision 1.45
diff -u -r1.44 -r1.45
--- create_instance.c 9 Feb 2007 22:33:58 -0000 1.44
+++ create_instance.c 22 Feb 2007 23:59:13 -0000 1.45
@@ -3149,7 +3149,8 @@
#endif
/* enable pass thru authentication */
- if (cf->use_existing_config_ds || cf->use_existing_user_ds)
+ if ((cf->use_existing_config_ds && cf->config_ldap_url) ||
+ (cf->use_existing_user_ds && cf->user_ldap_url))
{
LDAPURLDesc *desc = 0;
char *url = cf->use_existing_config_ds ? cf->config_ldap_url :
@@ -3195,7 +3196,7 @@
fprintf(f, "\n");
}
-#ifdef BUILD_PAM_PASSTHRU
+#ifdef ENABLE_PAM_PASSTHRU
#if !defined( XP_WIN32 )
/* PAM Pass Through Auth plugin - off by default */
fprintf(f, "dn: cn=PAM Pass Through Auth,cn=plugins,cn=config\n");
@@ -3215,13 +3216,27 @@
fprintf(f, "pamExcludeSuffix: %s\n", cf->netscaperoot);
}
fprintf(f, "pamExcludeSuffix: cn=config\n");
- fprintf(f, "pamMapMethod: RDN\n");
+ fprintf(f, "pamIDMapMethod: RDN\n");
+ fprintf(f, "pamIDAttr: notUsedWithRDNMethod\n");
fprintf(f, "pamFallback: FALSE\n");
fprintf(f, "pamSecure: TRUE\n");
fprintf(f, "pamService: ldapserver\n");
fprintf(f, "\n");
#endif /* NO PAM FOR WINDOWS */
-#endif /* BUILD_PAM_PASSTHRU */
+#endif /* ENABLE_PAM_PASSTHRU */
+
+#ifdef ENABLE_DNA
+ fprintf(f, "dn: cn=Distributed Numeric Assignment
Plugin,cn=plugins,cn=config\n");
+ fprintf(f, "objectclass: top\n");
+ fprintf(f, "objectclass: nsSlapdPlugin\n");
+ fprintf(f, "objectclass: extensibleObject\n");
+ fprintf(f, "objectclass: nsContainer\n");
+ fprintf(f, "cn: Distributed Numeric Assignment Plugin\n");
+ fprintf(f, "nsslapd-plugininitfunc: dna_init\n");
+ fprintf(f, "nsslapd-plugintype: preoperation\n");
+ fprintf(f, "nsslapd-pluginenabled: off\n");
+ fprintf(f, "nsslapd-pluginPath: %s/libdna-plugin%s\n", cf->plugin_dir,
shared_lib);
+#endif /* ENABLE_DNA */
fprintf(f, "dn: cn=ldbm database,cn=plugins,cn=config\n");
fprintf(f, "objectclass: top\n");