Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10171/ldap/servers/slapd Modified Files: config.c libglobs.c main.c proto-slap.h saslbind.c slap.h Log Message: Resolves: 214238 Summary: Added new config parameter for setting the SASL plug-in path. Index: config.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/config.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- config.c 13 Oct 2006 01:06:28 -0000 1.8 +++ config.c 6 Nov 2006 19:33:42 -0000 1.9 @@ -358,6 +358,19 @@ } } + /* set the sasl path; needed in main */ + workpath[0] = '\0'; + if (entry_has_attr_and_value(e, CONFIG_SASLPATH_ATTRIBUTE, + workpath, sizeof(workpath))) + { + if (config_set_saslpath(CONFIG_SASLPATH_ATTRIBUTE, + workpath, errorbuf, CONFIG_APPLY) != LDAP_SUCCESS) + { + LDAPDebug(LDAP_DEBUG_ANY, "%s: %s: %s. \n", configfile, + CONFIG_SASLPATH_ATTRIBUTE, errorbuf); + } + } + /* see if the entry is a child of the plugin base dn */ if (slapi_sdn_isparent(&plug_dn, slapi_entry_get_sdn_const(e))) Index: libglobs.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- libglobs.c 13 Oct 2006 01:06:28 -0000 1.11 +++ libglobs.c 6 Nov 2006 19:33:42 -0000 1.12 @@ -529,6 +529,10 @@ {CONFIG_CERTDIR_ATTRIBUTE, config_set_certdir, NULL, 0, (void**)&global_slapdFrontendConfig.certdir, CONFIG_STRING, config_get_certdir}, + /* parameterizing sasl plugin path */ + {CONFIG_SASLPATH_ATTRIBUTE, config_set_saslpath, + NULL, 0, + (void**)&global_slapdFrontendConfig.saslpath, CONFIG_STRING, config_get_saslpath}, {CONFIG_REWRITE_RFC1274_ATTRIBUTE, config_set_rewrite_rfc1274, NULL, 0, (void**)&global_slapdFrontendConfig.rewrite_rfc1274, CONFIG_ON_OFF, NULL}, @@ -4305,6 +4309,42 @@ return retVal; } +char * +config_get_saslpath() +{ + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + char *retVal; + + CFG_LOCK_READ(slapdFrontendConfig); + retVal = config_copy_strval(slapdFrontendConfig->saslpath); + CFG_UNLOCK_READ(slapdFrontendConfig); + + return retVal; +} + +int +config_set_saslpath(const char *attrname, char *value, char *errorbuf, int apply) +{ + int retVal = LDAP_SUCCESS; + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + + if ( config_value_is_null( attrname, value, errorbuf, 0 )) { + return LDAP_OPERATIONS_ERROR; + } + + if (!apply) { + return retVal; + } + + CFG_LOCK_WRITE(slapdFrontendConfig); + slapi_ch_free((void **)&slapdFrontendConfig->saslpath); + + slapdFrontendConfig->saslpath = slapi_ch_strdup(value); + + CFG_UNLOCK_WRITE(slapdFrontendConfig); + return retVal; +} + char ** config_get_errorlog_list() { Index: main.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/main.c,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- main.c 13 Oct 2006 01:06:28 -0000 1.13 +++ main.c 6 Nov 2006 19:33:42 -0000 1.14 @@ -748,7 +748,6 @@ * THE FIX: Move the two calls below before a call to * setup_internal_backends (down in this same function) */ - init_saslmechanisms(); ldapi_init_extended_ops(); @@ -777,6 +776,11 @@ exit(1); } + /* We need to init sasl after we load the bootstrap config since + * the config may be setting the sasl plugin path. + */ + init_saslmechanisms(); + /* -sduloutre: must be done before any internal search */ /* do it before splitting off to other modes too -robey */ /* -richm: must be done before reading config files */ Index: proto-slap.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v retrieving revision 1.22 retrieving revision 1.23 diff -u -r1.22 -r1.23 --- proto-slap.h 13 Oct 2006 01:06:28 -0000 1.22 +++ proto-slap.h 6 Nov 2006 19:33:42 -0000 1.23 @@ -304,6 +304,7 @@ int config_set_lockdir( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_tmpdir( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_certdir( const char *attrname, char *value, char *errorbuf, int apply ); +int config_set_saslpath( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_attrname_exceptions( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_hash_filters( const char *attrname, char *value, char *errorbuf, int apply ); int config_set_rewrite_rfc1274( const char *attrname, char *value, char *errorbuf, int apply ); @@ -404,6 +405,7 @@ char *config_get_lockdir(); char *config_get_tmpdir(); char *config_get_certdir(); +char *config_get_saslpath(); char **config_get_errorlog_list(); char **config_get_accesslog_list(); char **config_get_auditlog_list(); Index: saslbind.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/saslbind.c,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- saslbind.c 17 Aug 2006 15:33:03 -0000 1.17 +++ saslbind.c 6 Nov 2006 19:33:42 -0000 1.18 @@ -552,15 +552,21 @@ } #ifdef CYRUS_SASL -#if !defined(LINUX) static int ids_sasl_getpluginpath(sasl_conn_t *conn, const char **path) { - static char *pluginpath = "../../../lib/sasl2"; + /* Try to get path from config, otherwise check for SASL_PATH environment + * variable. If neither of these are set, just default to /usr/lib/sasl2 + */ + char *pluginpath = config_get_saslpath(); + if ((!pluginpath) || (*pluginpath == '\0')) { + if (!(pluginpath = getenv("SASL_PATH"))) { + pluginpath = "/usr/lib/sasl2"; + } + } *path = pluginpath; return SASL_OK; } #endif -#endif static sasl_callback_t ids_sasl_callbacks[] = { @@ -589,18 +595,12 @@ NULL }, #ifdef CYRUS_SASL - /* On Linux: we use system sasl and plugins are found in the default path - * /usr/lib/sasl2 - * On other platforms: we need to tell cyrus sasl where they are localted. - */ -#if !defined(LINUX) { SASL_CB_GETPATH, (IFP) ids_sasl_getpluginpath, NULL }, #endif -#endif { SASL_CB_LIST_END, (IFP) NULL, @@ -751,7 +751,7 @@ } PR_Unlock(pb->pb_conn->c_mutex); - LDAPDebug( LDAP_DEBUG_TRACE, ">= ids_sasl_listmech\n", 0, 0, 0 ); + LDAPDebug( LDAP_DEBUG_TRACE, "<= ids_sasl_listmech\n", 0, 0, 0 ); return ret; } Index: slap.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slap.h,v retrieving revision 1.16 retrieving revision 1.17 diff -u -r1.16 -r1.17 --- slap.h 13 Oct 2006 01:06:28 -0000 1.16 +++ slap.h 6 Nov 2006 19:33:42 -0000 1.17 @@ -1711,6 +1711,7 @@ #define CONFIG_LOCKDIR_ATTRIBUTE "nsslapd-lockdir" #define CONFIG_TMPDIR_ATTRIBUTE "nsslapd-tmpdir" #define CONFIG_CERTDIR_ATTRIBUTE "nsslapd-certdir" +#define CONFIG_SASLPATH_ATTRIBUTE "nsslapd-saslpath" #define CONFIG_SSLCLIENTAUTH_ATTRIBUTE "nsslapd-SSLclientAuth" #define CONFIG_SSL_CHECK_HOSTNAME_ATTRIBUTE "nsslapd-ssl-check-hostname" #define CONFIG_HASH_FILTERS_ATTRIBUTE "nsslapd-hash-filters" @@ -1888,6 +1889,7 @@ char *lockdir; /* full path name of directory containing lock files */ char *tmpdir; /* full path name of directory containing tmp files */ char *certdir; /* full path name of directory containing cert files */ + char *saslpath; /* full path name of directory containing sasl plugins */ int attrname_exceptions; /* if true, allow questionable attribute names */ int rewrite_rfc1274; /* return attrs for both v2 and v3 names */ char *schemareplace; /* see CONFIG_SCHEMAREPLACE_* #defines below */