mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-01-12 10:54:48 +08:00
Consolidate a few more init calls into slap_init(). Fixes ITS#3962,
unintentional changed default of TLSVerifyClient.
This commit is contained in:
parent
cc51385939
commit
975de9aa5b
servers/slapd
@ -92,6 +92,8 @@ slap_init( int mode, const char *name )
|
|||||||
assert( mode );
|
assert( mode );
|
||||||
|
|
||||||
if ( slapMode != SLAP_UNDEFINED_MODE ) {
|
if ( slapMode != SLAP_UNDEFINED_MODE ) {
|
||||||
|
/* Make sure we write something to stderr */
|
||||||
|
ldap_debug |= 1;
|
||||||
Debug( LDAP_DEBUG_ANY,
|
Debug( LDAP_DEBUG_ANY,
|
||||||
"%s init: init called twice (old=%d, new=%d)\n",
|
"%s init: init called twice (old=%d, new=%d)\n",
|
||||||
name, slapMode, mode );
|
name, slapMode, mode );
|
||||||
@ -101,6 +103,25 @@ slap_init( int mode, const char *name )
|
|||||||
|
|
||||||
slapMode = mode;
|
slapMode = mode;
|
||||||
|
|
||||||
|
#ifdef SLAPD_MODULES
|
||||||
|
if ( module_init() != 0 ) {
|
||||||
|
ldap_debug |= 1;
|
||||||
|
Debug( LDAP_DEBUG_ANY,
|
||||||
|
"%s: module_init failed\n",
|
||||||
|
name, 0, 0 );
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if ( slap_schema_init( ) != 0 ) {
|
||||||
|
ldap_debug |= 1;
|
||||||
|
Debug( LDAP_DEBUG_ANY,
|
||||||
|
"%s: slap_schema_init failed\n",
|
||||||
|
name, 0, 0 );
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
switch ( slapMode & SLAP_MODE ) {
|
switch ( slapMode & SLAP_MODE ) {
|
||||||
case SLAP_SERVER_MODE:
|
case SLAP_SERVER_MODE:
|
||||||
ldap_pvt_thread_pool_init( &connection_pool,
|
ldap_pvt_thread_pool_init( &connection_pool,
|
||||||
@ -153,6 +174,7 @@ slap_init( int mode, const char *name )
|
|||||||
break;
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
|
ldap_debug |= 1;
|
||||||
Debug( LDAP_DEBUG_ANY,
|
Debug( LDAP_DEBUG_ANY,
|
||||||
"%s init: undefined mode (%d).\n", name, mode, 0 );
|
"%s init: undefined mode (%d).\n", name, mode, 0 );
|
||||||
|
|
||||||
@ -160,6 +182,49 @@ slap_init( int mode, const char *name )
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ( slap_controls_init( ) != 0 ) {
|
||||||
|
ldap_debug |= 1;
|
||||||
|
Debug( LDAP_DEBUG_ANY,
|
||||||
|
"%s: slap_controls_init failed\n",
|
||||||
|
name, 0, 0 );
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef HAVE_TLS
|
||||||
|
/* Library defaults to full certificate checking. This is correct when
|
||||||
|
* a client is verifying a server because all servers should have a
|
||||||
|
* valid cert. But few clients have valid certs, so we want our default
|
||||||
|
* to be no checking. The config file can override this as usual.
|
||||||
|
*/
|
||||||
|
rc = 0;
|
||||||
|
(void) ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
|
||||||
|
#endif
|
||||||
|
|
||||||
|
if ( frontend_init() ) {
|
||||||
|
ldap_debug |= 1;
|
||||||
|
Debug( LDAP_DEBUG_ANY,
|
||||||
|
"%s: frontend_init failed\n",
|
||||||
|
name, 0, 0 );
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ( overlay_init() ) {
|
||||||
|
ldap_debug |= 1;
|
||||||
|
Debug( LDAP_DEBUG_ANY,
|
||||||
|
"%s: overlay_init failed\n",
|
||||||
|
name, 0, 0 );
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
#ifdef SLAP_DYNACL
|
||||||
|
if ( acl_init() ) {
|
||||||
|
ldap_debug |= 1;
|
||||||
|
Debug( LDAP_DEBUG_ANY,
|
||||||
|
"%s: acl_init failed\n",
|
||||||
|
name, 0, 0 );
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#endif /* SLAP_DYNACL */
|
||||||
return rc;
|
return rc;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -604,60 +604,12 @@ unhandled_option:;
|
|||||||
lutil_passwd_init();
|
lutil_passwd_init();
|
||||||
slap_op_init();
|
slap_op_init();
|
||||||
|
|
||||||
#ifdef SLAPD_MODULES
|
rc = slap_init( serverMode, serverName );
|
||||||
if ( module_init() != 0 ) {
|
if ( rc ) {
|
||||||
rc = 1;
|
|
||||||
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 17 );
|
|
||||||
goto destroy;
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if ( slap_schema_init( ) != 0 ) {
|
|
||||||
Debug( LDAP_DEBUG_ANY,
|
|
||||||
"schema initialization error\n",
|
|
||||||
0, 0, 0 );
|
|
||||||
|
|
||||||
goto destroy;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( slap_init( serverMode, serverName ) != 0 ) {
|
|
||||||
rc = 1;
|
|
||||||
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 18 );
|
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 18 );
|
||||||
goto destroy;
|
goto destroy;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( slap_controls_init( ) != 0 ) {
|
|
||||||
Debug( LDAP_DEBUG_ANY,
|
|
||||||
"controls initialization error\n",
|
|
||||||
0, 0, 0 );
|
|
||||||
|
|
||||||
goto destroy;
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef HAVE_TLS
|
|
||||||
/* Library defaults to full certificate checking. This is correct when
|
|
||||||
* a client is verifying a server because all servers should have a
|
|
||||||
* valid cert. But few clients have valid certs, so we want our default
|
|
||||||
* to be no checking. The config file can override this as usual.
|
|
||||||
*/
|
|
||||||
rc = 0;
|
|
||||||
(void) ldap_pvt_tls_set_option( NULL, LDAP_OPT_X_TLS_REQUIRE_CERT, &rc );
|
|
||||||
#endif
|
|
||||||
|
|
||||||
if ( frontend_init() ) {
|
|
||||||
goto destroy;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( overlay_init() ) {
|
|
||||||
goto destroy;
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef SLAP_DYNACL
|
|
||||||
if ( acl_init() ) {
|
|
||||||
goto destroy;
|
|
||||||
}
|
|
||||||
#endif /* SLAP_DYNACL */
|
|
||||||
|
|
||||||
if ( read_config( configfile, configdir ) != 0 ) {
|
if ( read_config( configfile, configdir ) != 0 ) {
|
||||||
rc = 1;
|
rc = 1;
|
||||||
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );
|
SERVICE_EXIT( ERROR_SERVICE_SPECIFIC_ERROR, 19 );
|
||||||
|
@ -393,44 +393,12 @@ slap_tool_init(
|
|||||||
* initialize stuff and figure out which backend we're dealing with
|
* initialize stuff and figure out which backend we're dealing with
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#ifdef SLAPD_MODULES
|
|
||||||
if ( module_init() != 0 ) {
|
|
||||||
fprintf( stderr, "%s: module_init failed!\n", progname );
|
|
||||||
exit( EXIT_FAILURE );
|
|
||||||
}
|
|
||||||
#endif
|
|
||||||
|
|
||||||
rc = slap_schema_init();
|
|
||||||
|
|
||||||
if ( rc != 0 ) {
|
|
||||||
fprintf( stderr, "%s: slap_schema_init failed!\n", progname );
|
|
||||||
exit( EXIT_FAILURE );
|
|
||||||
}
|
|
||||||
|
|
||||||
rc = slap_init( mode, progname );
|
rc = slap_init( mode, progname );
|
||||||
|
|
||||||
if ( rc != 0 ) {
|
if ( rc != 0 ) {
|
||||||
fprintf( stderr, "%s: slap_init failed!\n", progname );
|
fprintf( stderr, "%s: slap_init failed!\n", progname );
|
||||||
exit( EXIT_FAILURE );
|
exit( EXIT_FAILURE );
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( frontend_init() ) {
|
|
||||||
fprintf( stderr, "%s: frontend_init failed!\n", progname );
|
|
||||||
exit( EXIT_FAILURE );
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( overlay_init() ) {
|
|
||||||
fprintf( stderr, "%s: overlay_init failed!\n", progname );
|
|
||||||
exit( EXIT_FAILURE );
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef SLAP_DYNACL
|
|
||||||
if ( acl_init() ) {
|
|
||||||
fprintf( stderr, "%s: acl_init failed!\n", progname );
|
|
||||||
exit( EXIT_FAILURE );
|
|
||||||
}
|
|
||||||
#endif /* SLAP_DYNACL */
|
|
||||||
|
|
||||||
rc = read_config( conffile, confdir );
|
rc = read_config( conffile, confdir );
|
||||||
|
|
||||||
if ( rc != 0 ) {
|
if ( rc != 0 ) {
|
||||||
|
Loading…
Reference in New Issue
Block a user