import referral chaing options from back-ldap

2025-12-31 12:09:35 -05:00 · 2005-02-05 11:33:32 +00:00 · 2005-02-05 11:33:32 +00:00 · e3a19bfa32
commit e3a19bfa32
parent 226eb41733
4 changed files with 38 additions and 7 deletions
--- a/servers/slapd/back-meta/back-meta.h
+++ b/servers/slapd/back-meta/back-meta.h
@ -215,7 +215,14 @@ struct metainfo {
 	ldap_pvt_thread_mutex_t	conn_mutex;
 	Avlnode			*conntree;

-	int			savecred;
+	unsigned		flags;
+/* defined in <back-ldap/back-ldap.h>
+#define LDAP_BACK_F_NONE		0x00U
+#define LDAP_BACK_F_SAVECRED		0x01U
+#define LDAP_BACK_F_USE_TLS		0x02U
+#define LDAP_BACK_F_TLS_CRITICAL	( 0x04U | LDAP_BACK_F_USE_TLS )
+#define LDAP_BACK_F_CHASE_REFERRALS	0x8U
+*/
 };

 #define META_OP_ALLOW_MULTIPLE		0x00
--- a/servers/slapd/back-meta/bind.c
+++ b/servers/slapd/back-meta/bind.c
@ -248,7 +248,7 @@ retry:;
 	lsc->msc_bound = META_BOUND;
 	lc->mc_bound_target = candidate;

-	if ( li->savecred ) {
+	if ( li->flags & LDAP_BACK_F_SAVECRED ) {
 		if ( !BER_BVISNULL( &lsc->msc_cred ) ) {
 			/* destroy sensitive data */
 			memset( lsc->msc_cred.bv_val, 0, lsc->msc_cred.bv_len );
@ -328,7 +328,7 @@ meta_back_dobind( struct metaconn *lc, Operation *op )
 			BER_BVZERO( &lsc->msc_cred );
 		}

-		/* FIXME: should be check if at least some of the op->o_ctrls
+		/* FIXME: should we check if at least some of the op->o_ctrls
 		 * can/should be passed? */
 		rc = ldap_sasl_bind( lsc->msc_ld, "", LDAP_SASL_SIMPLE, &cred,
 				NULL, NULL, &msgid );
--- a/servers/slapd/back-meta/config.c
+++ b/servers/slapd/back-meta/config.c
@ -384,8 +384,29 @@ meta_back_db_config(
 			    fname, lineno );
 			return( 1 );
 		}
-		li->savecred = 1;
-	
+
+		li->flags |= LDAP_BACK_F_SAVECRED;
+
+	} else if ( strcasecmp( argv[0], "chase-referrals" ) == 0 ) {
+		if ( argc != 1 ) {
+			fprintf( stderr,
+	"%s: line %d: \"chase-referrals\" takes no arguments\n",
+					fname, lineno );
+			return( 1 );
+		}
+
+		li->flags |= LDAP_BACK_F_CHASE_REFERRALS;
+
+	} else if ( strcasecmp( argv[0], "dont-chase-referrals" ) == 0 ) {
+		if ( argc != 1 ) {
+			fprintf( stderr,
+	"%s: line %d: \"dont-chase-referrals\" takes no arguments\n",
+					fname, lineno );
+			return( 1 );
+		}
+
+		li->flags &= ~LDAP_BACK_F_CHASE_REFERRALS;
+
 	/* name to use as pseudo-root dn */
 	} else if ( strcasecmp( argv[ 0 ], "pseudorootdn" ) == 0 ) {
 		int 		i = li->ntargets-1;
--- a/servers/slapd/back-meta/conn.c
+++ b/servers/slapd/back-meta/conn.c
@ -214,8 +214,11 @@ init_one_conn(
 	 */
 	vers = op->o_conn->c_protocol;
 	ldap_set_option( lsc->msc_ld, LDAP_OPT_PROTOCOL_VERSION, &vers );
-	/* FIXME: configurable? */
-	ldap_set_option( lsc->msc_ld, LDAP_OPT_REFERRALS, LDAP_OPT_ON );
+
+	/* automatically chase referrals ("chase-referrals"/"dont-chase-referrals" statement) */
+	if ( li->flags & LDAP_BACK_F_CHASE_REFERRALS ) {
+		ldap_set_option( lsc->msc_ld, LDAP_OPT_REFERRALS, LDAP_OPT_ON );
+	}

 	/*
 	 * Set the network timeout if set