OpenLDAP: [PATCH] slappasswd: Read slapd.conf to load dynamic password hash modules (obsolete)

openldap-2.4.31-slappasswd-read-config.patch

From a211ba9874f5706d2646c84d3af72f324d5d0333 Mon Sep 17 00:00:00 2001
From: SATOH Fumiyasu <fumiyas@osstech.co.jp>
Date: Thu, 31 May 2012 01:56:08 +0900
Subject: [PATCH] slappasswd: Read slapd.conf to load dynamic password hash
 modules

---
 doc/man/man8/slappasswd.8  |   21 +++++++++++++++++++
 servers/slapd/slappasswd.c |   48 +++++++++++++++++++++++++++++++++++++++++++-
 2 files changed, 68 insertions(+), 1 deletion(-)

diff --git a/doc/man/man8/slappasswd.8 b/doc/man/man8/slappasswd.8
index dbd28fd..d92f86e 100644
--- a/doc/man/man8/slappasswd.8
+++ b/doc/man/man8/slappasswd.8
@@ -9,6 +9,10 @@ slappasswd \- OpenLDAP password utility
 [\c
 .BR \-v ]
 [\c
+.BI \-f \ slapd.conf\fR]
+[\c
+.BI \-F \ confdir\fR]
+[\c
 .BR \-u ]
 [\c
 .BR \-g \||\| \-s \ \fIsecret\fR \||\| \fB\-T \ \fIfile\fR]
@@ -38,6 +42,23 @@ configuration directive.
 .B \-v
 enable verbose mode.
 .TP
+.BI \-f \ slapd.conf
+specify a
+.BR slapd.conf (5)
+file to load dynamically loadable password hash modules specified
+in it by \fBmoduleload\fP parameter.
+.TP
+.BI \-F \ confdir
+specify a config directory to load dynamically loadable password
+hash modules specified in it by \fBolcModuleLoad\fP attribute.
+If both
+.B \-f
+and
+.B \-F
+are specified, the config file will be read and converted to
+config directory format and written to the specified directory.
+If neither option is specified, no config is read.
+.TP
 .B \-u
 Generate RFC 2307 userPassword values (the default).  Future
 versions of this program may generate alternative syntaxes
diff --git a/servers/slapd/slappasswd.c b/servers/slapd/slappasswd.c
index cfd6981..11ad10a 100644
--- a/servers/slapd/slappasswd.c
+++ b/servers/slapd/slappasswd.c
@@ -62,6 +62,11 @@ usage(const char *s)
 int
 slappasswd( int argc, char *argv[] )
 {
+	int	rc;
+	int	confread = 0;
+	char	*conffile = NULL;
+	char	*confdir = NULL;
+	int mode = SLAP_TOOL_MODE | SLAP_TOOL_READMAIN | SLAP_TOOL_READONLY;
 #ifdef LUTIL_SHA1_BYTES
 	char	*default_scheme = "{SSHA}";
 #else
@@ -79,8 +84,15 @@ slappasswd( int argc, char *argv[] )
 	struct berval passwd = BER_BVNULL;
 	struct berval hash;
 
+#ifdef LDAP_DEBUG
+	/* tools default to "none", so that at least LDAP_DEBUG_ANY 
+	 * messages show up; use -d 0 to reset */
+	slap_debug = LDAP_DEBUG_NONE;
+#endif
+	ldap_syslog = 0;
+
 	while( (i = getopt( argc, argv,
-		"c:d:gh:ns:T:vu" )) != EOF )
+		"c:d:f:F:gh:ns:T:vu" )) != EOF )
 	{
 		switch (i) {
 		case 'c':	/* crypt salt format */
@@ -88,6 +100,22 @@ slappasswd( int argc, char *argv[] )
 			lutil_salt_format( optarg );
 			break;
 
+		case 'f':	/* specify a conf file */
+			confread = 1;
+			/* Read the default one if "-" is specified */
+			if ( strcmp( optarg, "-" ) ) {
+				conffile = ch_strdup( optarg );
+			}
+			break;
+
+		case 'F':	/* specify a conf dir */
+			confread = 1;
+			/* Read the default one if "-" is specified */
+			if ( strcmp( optarg, "-" ) ) {
+				confdir = ch_strdup( optarg );
+			}
+			break;
+
 		case 'g':	/* new password (generate) */
 			if ( pwfile != NULL ) {
 				fprintf( stderr, "Option -g incompatible with -T\n" );
@@ -165,6 +193,24 @@ slappasswd( int argc, char *argv[] )
 		usage( progname );
 	} 
 
+	/* Read slapd.conf or cn=config if requested to load dynamically
+	 * loadable password hash modules specified in config */
+	if ( confread ) {
+		rc = slap_init( mode, progname );
+		if ( rc != 0 ) {
+			fprintf( stderr, "%s: slap_init failed!\n", progname );
+			exit( EXIT_FAILURE );
+		}
+
+		rc = read_config( conffile, confdir );
+
+		if ( rc != 0 ) {
+			fprintf( stderr, "%s: bad configuration %s!\n",
+				progname, confdir ? "directory" : "file" );
+			exit( EXIT_FAILURE );
+		}
+	}
+
 	if( pwfile != NULL ) {
 		if( lutil_get_filed_password( pwfile, &passwd )) {
 			return EXIT_FAILURE;
-- 
1.7.10