1. introducing the congirutation option --enable-autobind,2. cleaning up the Directory Server instance creation code to support AUTOBIND, and
3. bug fixes in the non-Linux part of slapd_get_socket_peer. Also, I added a memo for LDAPI and AutoBind on the fedora project wiki: http://directory.fedoraproject.org/wiki/LDAPI_and_AutoBind Thanks, --noriko +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Summary: LDAPI: introduce --enable-autobind to support AUTOBIND https://bugzilla.redhat.com/show_bug.cgi?id=436388 ------- Additional Comments From nhosoi@xxxxxxxxxx 2008-05-09 18:35 EST ------- Created an attachment (id=304990) --> (https://bugzilla.redhat.com/attachment.cgi?id=304990&action=view) cvs diff configure.ac Makefile.am Files: ldapserver/configure.ac ldapserver/Makefile.am Description: introduced --enable-autobind By default, autobind is off. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Summary: LDAPI: cleaning up template-ldapi*.ldif files https://bugzilla.redhat.com/show_bug.cgi?id=436400 ------- Additional Comments From nhosoi@xxxxxxxxxx 2008-05-09 18:52 EST ------- Created an attachment (id=304993) --> (https://bugzilla.redhat.com/attachment.cgi?id=304993&action=view) cvs diff template-ldapi-default.ldif.in DSCreate.pm.in Files: ldap/ldif/template-ldapi-default.ldif.in ldap/admin/src/scripts/DSCreate.pm.in Description: LDAPI itself requires these 2 configuration parameters. nsslapd-ldapifilepath: /var/run/slapd-<ID>.socket nsslapd-ldapilisten: on The rest is needed only when autobind is enabled. Modified DSCreate to generate the following parameters when the DS is configured with --enable-autobind. nsslapd-ldapiautobind: off nsslapd-ldapimaprootdn: cn=Directory Manager nsslapd-ldapimaptoentries: off nsslapd-ldapiuidnumbertype: uidNumber nsslapd-ldapigidnumbertype: gidNumber nsslapd-ldapientrysearchbase: <your_suffix> nsslapd-ldapiautodnsuffix: cn=peercred,cn=external,cn=auth Fixed nsslapd-ldapientrysearchbase value to set the server's suffix (instead of hardcoded dc=example,dc=com). template-ldapi-default.ldif.in seems not used. But to reduce the confusion, I updated the file, as well, for the future use. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Summary: LDAPI: enable all the platform supports for slapd_get_socket_peer and test them https://bugzilla.redhat.com/show_bug.cgi?id=436390 ------- Additional Comments From nhosoi@xxxxxxxxxx 2008-05-09 19:52 EST ------- Created an attachment (id=304994) --> (https://bugzilla.redhat.com/attachment.cgi?id=304994&action=view) cvs diff slap.h getsocketpeer.c daemon.c Files: ldap/servers/slapd/slap.h /getsocketpeer.c /daemon.c Description: Debugged the basic code of slapd_get_socket_peer, which is used for Solaris9 and HP-UX. The recvmsg call returns an error immediately if no data is waiting to be received since the socket is set PR_SockOpt_Nonblocking (O_NONBLOCK). To make slapd_get_socket_peer more robust, we have to retry recvmsg if it returns EAGAIN. But set a retry count not to hang there. Also introduced c_local_valid in the Connection handle to tell the autobindcode that the uid/gid pair is valid or not.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- Fedora-directory-devel mailing list Fedora-directory-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
