Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10171/ldap/servers/slapd
Modified Files:
config.c libglobs.c main.c proto-slap.h saslbind.c slap.h
Log Message:
Resolves: 214238
Summary: Added new config parameter for setting the SASL plug-in path.
Index: config.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/config.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- config.c 13 Oct 2006 01:06:28 -0000 1.8
+++ config.c 6 Nov 2006 19:33:42 -0000 1.9
@@ -358,6 +358,19 @@
}
}
+ /* set the sasl path; needed in main */
+ workpath[0] = '\0';
+ if (entry_has_attr_and_value(e, CONFIG_SASLPATH_ATTRIBUTE,
+ workpath, sizeof(workpath)))
+ {
+ if (config_set_saslpath(CONFIG_SASLPATH_ATTRIBUTE,
+ workpath, errorbuf, CONFIG_APPLY) != LDAP_SUCCESS)
+ {
+ LDAPDebug(LDAP_DEBUG_ANY, "%s: %s: %s. \n", configfile,
+ CONFIG_SASLPATH_ATTRIBUTE, errorbuf);
+ }
+ }
+
/* see if the entry is a child of the plugin base dn */
if (slapi_sdn_isparent(&plug_dn,
slapi_entry_get_sdn_const(e)))
Index: libglobs.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- libglobs.c 13 Oct 2006 01:06:28 -0000 1.11
+++ libglobs.c 6 Nov 2006 19:33:42 -0000 1.12
@@ -529,6 +529,10 @@
{CONFIG_CERTDIR_ATTRIBUTE, config_set_certdir,
NULL, 0,
(void**)&global_slapdFrontendConfig.certdir, CONFIG_STRING, config_get_certdir},
+ /* parameterizing sasl plugin path */
+ {CONFIG_SASLPATH_ATTRIBUTE, config_set_saslpath,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.saslpath, CONFIG_STRING, config_get_saslpath},
{CONFIG_REWRITE_RFC1274_ATTRIBUTE, config_set_rewrite_rfc1274,
NULL, 0,
(void**)&global_slapdFrontendConfig.rewrite_rfc1274, CONFIG_ON_OFF, NULL},
@@ -4305,6 +4309,42 @@
return retVal;
}
+char *
+config_get_saslpath()
+{
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+ char *retVal;
+
+ CFG_LOCK_READ(slapdFrontendConfig);
+ retVal = config_copy_strval(slapdFrontendConfig->saslpath);
+ CFG_UNLOCK_READ(slapdFrontendConfig);
+
+ return retVal;
+}
+
+int
+config_set_saslpath(const char *attrname, char *value, char *errorbuf, int apply)
+{
+ int retVal = LDAP_SUCCESS;
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ if ( config_value_is_null( attrname, value, errorbuf, 0 )) {
+ return LDAP_OPERATIONS_ERROR;
+ }
+
+ if (!apply) {
+ return retVal;
+ }
+
+ CFG_LOCK_WRITE(slapdFrontendConfig);
+ slapi_ch_free((void **)&slapdFrontendConfig->saslpath);
+
+ slapdFrontendConfig->saslpath = slapi_ch_strdup(value);
+
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ return retVal;
+}
+
char **
config_get_errorlog_list()
{
Index: main.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/main.c,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- main.c 13 Oct 2006 01:06:28 -0000 1.13
+++ main.c 6 Nov 2006 19:33:42 -0000 1.14
@@ -748,7 +748,6 @@
* THE FIX: Move the two calls below before a call to
* setup_internal_backends (down in this same function)
*/
- init_saslmechanisms();
ldapi_init_extended_ops();
@@ -777,6 +776,11 @@
exit(1);
}
+ /* We need to init sasl after we load the bootstrap config since
+ * the config may be setting the sasl plugin path.
+ */
+ init_saslmechanisms();
+
/* -sduloutre: must be done before any internal search */
/* do it before splitting off to other modes too -robey */
/* -richm: must be done before reading config files */
Index: proto-slap.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/proto-slap.h,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- proto-slap.h 13 Oct 2006 01:06:28 -0000 1.22
+++ proto-slap.h 6 Nov 2006 19:33:42 -0000 1.23
@@ -304,6 +304,7 @@
int config_set_lockdir( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_tmpdir( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_certdir( const char *attrname, char *value, char *errorbuf, int apply );
+int config_set_saslpath( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_attrname_exceptions( const char *attrname, char *value, char *errorbuf,
int apply );
int config_set_hash_filters( const char *attrname, char *value, char *errorbuf, int apply
);
int config_set_rewrite_rfc1274( const char *attrname, char *value, char *errorbuf, int
apply );
@@ -404,6 +405,7 @@
char *config_get_lockdir();
char *config_get_tmpdir();
char *config_get_certdir();
+char *config_get_saslpath();
char **config_get_errorlog_list();
char **config_get_accesslog_list();
char **config_get_auditlog_list();
Index: saslbind.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/saslbind.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- saslbind.c 17 Aug 2006 15:33:03 -0000 1.17
+++ saslbind.c 6 Nov 2006 19:33:42 -0000 1.18
@@ -552,15 +552,21 @@
}
#ifdef CYRUS_SASL
-#if !defined(LINUX)
static int ids_sasl_getpluginpath(sasl_conn_t *conn, const char **path)
{
- static char *pluginpath = "../../../lib/sasl2";
+ /* Try to get path from config, otherwise check for SASL_PATH environment
+ * variable. If neither of these are set, just default to /usr/lib/sasl2
+ */
+ char *pluginpath = config_get_saslpath();
+ if ((!pluginpath) || (*pluginpath == '\0')) {
+ if (!(pluginpath = getenv("SASL_PATH"))) {
+ pluginpath = "/usr/lib/sasl2";
+ }
+ }
*path = pluginpath;
return SASL_OK;
}
#endif
-#endif
static sasl_callback_t ids_sasl_callbacks[] =
{
@@ -589,18 +595,12 @@
NULL
},
#ifdef CYRUS_SASL
- /* On Linux: we use system sasl and plugins are found in the default path
- * /usr/lib/sasl2
- * On other platforms: we need to tell cyrus sasl where they are localted.
- */
-#if !defined(LINUX)
{
SASL_CB_GETPATH,
(IFP) ids_sasl_getpluginpath,
NULL
},
#endif
-#endif
{
SASL_CB_LIST_END,
(IFP) NULL,
@@ -751,7 +751,7 @@
}
PR_Unlock(pb->pb_conn->c_mutex);
- LDAPDebug( LDAP_DEBUG_TRACE, ">= ids_sasl_listmech\n", 0, 0, 0 );
+ LDAPDebug( LDAP_DEBUG_TRACE, "<= ids_sasl_listmech\n", 0, 0, 0 );
return ret;
}
Index: slap.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slap.h,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- slap.h 13 Oct 2006 01:06:28 -0000 1.16
+++ slap.h 6 Nov 2006 19:33:42 -0000 1.17
@@ -1711,6 +1711,7 @@
#define CONFIG_LOCKDIR_ATTRIBUTE "nsslapd-lockdir"
#define CONFIG_TMPDIR_ATTRIBUTE "nsslapd-tmpdir"
#define CONFIG_CERTDIR_ATTRIBUTE "nsslapd-certdir"
+#define CONFIG_SASLPATH_ATTRIBUTE "nsslapd-saslpath"
#define CONFIG_SSLCLIENTAUTH_ATTRIBUTE "nsslapd-SSLclientAuth"
#define CONFIG_SSL_CHECK_HOSTNAME_ATTRIBUTE "nsslapd-ssl-check-hostname"
#define CONFIG_HASH_FILTERS_ATTRIBUTE "nsslapd-hash-filters"
@@ -1888,6 +1889,7 @@
char *lockdir; /* full path name of directory containing lock files */
char *tmpdir; /* full path name of directory containing tmp files */
char *certdir; /* full path name of directory containing cert files */
+ char *saslpath; /* full path name of directory containing sasl plugins */
int attrname_exceptions; /* if true, allow questionable attribute names */
int rewrite_rfc1274; /* return attrs for both v2 and v3 names */
char *schemareplace; /* see CONFIG_SCHEMAREPLACE_* #defines below */