[Fedora-directory-commits] ldapserver/include version.h,1.10,1.11
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/include
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15776/ldapserver/include
Modified Files:
version.h
Log Message:
upgrade version to 1.0.4
Index: version.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/include/version.h,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- version.h 9 Oct 2006 22:26:13 -0000 1.10
+++ version.h 3 Nov 2006 21:15:31 -0000 1.11
@@ -44,9 +44,9 @@
exist, the PRODUCT_VERSION define has _DEF appended.
*/
-#define DIRECTORY_VERSION_DEF "1.0.3"
+#define DIRECTORY_VERSION_DEF "1.0.4"
#define DIRECTORY_COMPATIBLE "3.0"
-#define DIRECTORY_VERSION_STRING "Fedora-DirServer/1.0.3"
+#define DIRECTORY_VERSION_STRING "Fedora-DirServer/1.0.4"
#define DS_VERSION_DEF DIRECTORY_VERSION_DEF
#define DS_VERSION_STRING DIRECTORY_VERSION_STRING
17 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/docs README.txt,1.5,1.6
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/docs
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15776/ldapserver/ldap/docs
Modified Files:
README.txt
Log Message:
upgrade version to 1.0.4
Index: README.txt
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/docs/README.txt,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- README.txt 9 Oct 2006 22:26:20 -0000 1.5
+++ README.txt 3 Nov 2006 21:15:32 -0000 1.6
@@ -1,5 +1,5 @@
=======================================================================
- Fedora Directory Server 1.0.3
+ Fedora Directory Server 1.0.4
=======================================================================
The Fedora Directory Server is subject to the terms detailed in the
17 years, 5 months
[Fedora-directory-commits] ldapserver Makefile, 1.36, 1.37 nsdefs.mk, 1.20, 1.21
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15776/ldapserver
Modified Files:
Makefile nsdefs.mk
Log Message:
upgrade version to 1.0.4
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/Makefile,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- Makefile 9 Oct 2006 22:26:13 -0000 1.36
+++ Makefile 3 Nov 2006 21:15:30 -0000 1.37
@@ -360,7 +360,7 @@
-e 's/@COMPANY-PRODUCT-NAME@/Fedora Directory Server/g' \
-e 's/@LCASE-COMPANY-NAME-NOSP@/fedora/g' \
-e 's/@GEN-VERSION(a)/1.0/g' \
- -e 's/@NOSP-VERSION(a)/1.0.3/g' \
+ -e 's/@NOSP-VERSION(a)/1.0.4/g' \
-e 's+@COMPANY-URL@+http://directory.fedora.redhat.com/+g' \
ldapserver.spec.tmpl > $@
mv $@ $(OBJDIR)
Index: nsdefs.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/nsdefs.mk,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- nsdefs.mk 9 Oct 2006 22:26:13 -0000 1.20
+++ nsdefs.mk 3 Nov 2006 21:15:30 -0000 1.21
@@ -227,8 +227,8 @@
OBJDIR=$(COMMON_OBJDIR)
OBJDIR_32=$(COMMON_OBJDIR_32)
DO_SEARCH=no
-DIR_VERSION:=1.0.3
-NOSP_DIR_VERSION:=1.0.3
+DIR_VERSION:=1.0.4
+NOSP_DIR_VERSION:=1.0.4
DIR_NORM_VERSION:=1.0
PRODUCT_NAME="$(PRODUCTCORE) $(DIR_VERSION)"
# When you change DIRSDK_VERSION or DIRSDK_VERSION_DLL_SUFFIX, you must
17 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/cm Makefile,1.67,1.68
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/cm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4577
Modified Files:
Makefile
Log Message:
Backed off the previous change for the non-Solaris platforms.
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/Makefile,v
retrieving revision 1.67
retrieving revision 1.68
diff -u -r1.67 -r1.68
--- Makefile 3 Nov 2006 00:53:55 -0000 1.67
+++ Makefile 3 Nov 2006 19:49:52 -0000 1.68
@@ -312,7 +312,11 @@
# the httpd library
ifneq ($(ARCH), WINNT)
+ ifeq ($(ARCH), SOLARIS)
$(INSTALL) -m 755 $(OBJDIR)/$(NSHTTPD_DLL)$(DLL_PRESUF).$(DLL_SUFFIX)* $(LDAP_PLUGIN_RELDIR)
+ else
+ $(INSTALL) -m 755 $(OBJDIR)/$(NSHTTPD_DLL)$(DLL_PRESUF).$(DLL_SUFFIX)* $(RELDIR)/$(DS_LIBDIR)
+ endif
endif
# Images for IM Presence plugin
17 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/cm/newinst setup, 1.15, 1.16
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/cm/newinst
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3965
Modified Files:
setup
Log Message:
Bug(s) fixed: 213786
Bug Description: upgrade install of ssl enabled servers changes file/dir permisssions from nobody to root
Reviewed by: nhosoi (Thanks!)
Fix Description: The ssloff and sslon operations change several files, by grep/sed to temp
files, then moving the temp files over the original ones. When done as root,
this changes the file ownership to root from the original nobody. In order to
preserve the file/directory ownership, we first figure out the instance, then
use the ownership of that dse.ldif file to determine the server user:group. We
have to do this before the call to SSLOff because SSLOff needs the user:group
to chown the files. Then, every time we create a new file and replace an
existing one, we do a chown $user:$group to preserve the existing file
ownership.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
Index: setup
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/newinst/setup,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- setup 23 Feb 2006 19:30:41 -0000 1.15
+++ setup 3 Nov 2006 19:09:57 -0000 1.16
@@ -157,6 +157,10 @@
tmpinffile=
nextisinffile=
keepinffile=
+# set by user or from existing files during upgrade
+user=
+# set by user or from existing files during upgrade
+group=
for arg in "$@" ; do
if [ "$arg" = "-s" ]; then
silent=1
@@ -227,6 +231,7 @@
echo $conffile=$security >> $tmpfile
cat $conffile | sed -e "s/^\($security\) .*/\1 off/g" > $conffile.01
mv $conffile.01 $conffile
+ chown $user:$group $conffile
echo "$conffile: SSL off ..."
fi
fi
@@ -248,6 +253,7 @@
echo $conffile=$confparam >> $tmpfile
cat $conffile | sed -e "s/\([Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy]=\)\"[A-Za-z]*\"/\1\"off\"/g" > $conffile.0
mv $conffile.0 $conffile
+ chown $user:$group $conffile
echo "$conffile: SSL off ..."
fi
sslparams0=`grep -i "<.*SSLPARAMS " $conffile`
@@ -263,6 +269,7 @@
sslparams=`echo $sslparams1 | sed -e 's/\"/\\\\\"/g'`
cat $conffile | sed -e "s/\($sslparams\)/\<\!-- \1 --\>/g" > $conffile.1
mv $conffile.1 $conffile
+ chown $user:$group $conffile
fi
fi
}
@@ -282,6 +289,7 @@
$dir/stop-slapd
cat $dir/config/dse.ldif | sed -e "s/\($security\) .*/\1 off/g" > $dir/config/dse.ldif.0
mv $dir/config/dse.ldif.0 $dir/config/dse.ldif
+ chown $user:$group $dir/config/dse.ldif
echo "$dir/config/dse.ldif: SSL off ..."
fi
fi
@@ -308,6 +316,7 @@
if [ -f $conffile ]; then
cat $conffile | sed -e "s/^\($confparam\) .*/\1 on/g" > $conffile.00
mv $conffile.00 $conffile
+ chown $user:$group $conffile
echo "$conffile $confparam: SSL on ..."
fi
}
@@ -317,6 +326,7 @@
if [ -f $conffile ]; then
cat $conffile | sed -e "s/\([Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy]=\)\"[A-Za-z]*\"/\1\"on\"/g" > $conffile.2
mv $conffile.2 $conffile
+ chown $user:$group $conffile
fi
grep -i "<.*SSLPARAMS " $conffile > /dev/null 2>&1
rval=$?
@@ -324,6 +334,7 @@
then
cat $conffile | sed -e "s/<\!-- *$sslparams *-->/$sslparams/g" > $conffile.3
mv $conffile.3 $conffile
+ chown $user:$group $conffile
fi
echo "$conffile: SSL on ..."
}
@@ -336,6 +347,7 @@
$dir/stop-slapd
cat $dir/config/dse.ldif | sed -e "s/\($security\) .*/\1 on/g" > $dir/config/dse.ldif.0
mv $dir/config/dse.ldif.0 $dir/config/dse.ldif
+ chown $user:$group $dir/config/dse.ldif
echo "$dir/config/dse.ldif: SSL on ..."
echo "Restarting Directory Server: $dir/start-slapd"
$dir/start-slapd
@@ -370,9 +382,14 @@
# check whether it is an in-place installation
if [ -f $sroot/admin-serv/config/adm.conf ]; then
+ dsinst=`getValFromAdminConf "ldapStart:" "adm.conf" | awk -F/ '{print $1}'`
+ if [ -f $sroot/$dsinst/config/dse.ldif ]; then
+ user=`ls -l $sroot/$dsinst/config/dse.ldif | awk '{print $3}'`
+ group=`ls -l $sroot/$dsinst/config/dse.ldif | awk '{print $4}'`
+ fi
+
SSLOff
- dsinst=`getValFromAdminConf "ldapStart:" "adm.conf" | awk -F/ '{print $1}'`
if [ -f $sroot/$dsinst/config/dse.ldif ]; then
# it is an in=place installation
ldaphost=`getValFromAdminConf "ldapHost:" "adm.conf"`
@@ -380,8 +397,6 @@
adminport=`getValFromAdminConf "\<port:" "adm.conf"`
adminid=`getValFromAdmpw "admpw"`
sysuser=`getValFromAdminConf "nsSuiteSpotUser:" "local.conf"`
- suitespotuser=`ls -l $sroot/$dsinst/config/dse.ldif | awk '{print $3}'`
- suitespotgroup=`ls -l $sroot/$dsinst/config/dse.ldif | awk '{print $4}'`
admindomain=`echo $ldaphost | awk -F. '{print $5 ? $2 "." $3 "." $4 "." $5: $4 ? $2 "." $3 "." $4 : $3 ? $2 "." $3 : $2 ? $2 : ""}'`
if [ "$admindomain" = "" ]; then
admindomain=`domainname`
@@ -405,8 +420,8 @@
inffile=$sroot/setup/myinstall.inf
echo "[General]" > $inffile
echo "FullMachineName= $ldaphost" >> $inffile
- echo "SuiteSpotUserID= $suitespotuser" >> $inffile
- echo "SuitespotGroup= $suitespotgroup" >> $inffile
+ echo "SuiteSpotUserID= $user" >> $inffile
+ echo "SuitespotGroup= $group" >> $inffile
echo "ServerRoot= $sroot" >> $inffile
echo "ConfigDirectoryLdapURL= ldap://$ldaphost:$ldapport/o=NetscapeRoot" >> $inffile
echo "ConfigDirectoryAdminID= $adminid" >> $inffile
17 years, 5 months
[Fedora-directory-commits] adminutil/lib/libadmsslutil admsslutil.c, 1.5, 1.6
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminutil/lib/libadmsslutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29671/adminutil/lib/libadmsslutil
Modified Files:
admsslutil.c
Log Message:
Bug(s) fixed: 213788
Bug Description: Admin Server cannot talk to SSL Config DS
Reviewed by: nhosoi (Thanks!)
Fix Description: The logic in mod_admserv.c expects admldapBuildInfoSSL to return success but
with a NULL ldap handle if no password was given or found. This is essentially
what admldapBuildInfo does in the same situation. I also found and fixed a few
memory leaks with both strings and LDAP handles.
Platforms tested: FC5
Flag Day: no
Doc impact: no
17 years, 5 months
[Fedora-directory-commits] adminutil/lib/libadminutil admutil.c, 1.5, 1.6
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminutil/lib/libadminutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29671/adminutil/lib/libadminutil
Modified Files:
admutil.c
Log Message:
Bug(s) fixed: 213788
Bug Description: Admin Server cannot talk to SSL Config DS
Reviewed by: nhosoi (Thanks!)
Fix Description: The logic in mod_admserv.c expects admldapBuildInfoSSL to return success but
with a NULL ldap handle if no password was given or found. This is essentially
what admldapBuildInfo does in the same situation. I also found and fixed a few
memory leaks with both strings and LDAP handles.
Platforms tested: FC5
Flag Day: no
Doc impact: no
17 years, 5 months
[Fedora-directory-commits] adminutil/lib/libadminutil admutil.c, 1.4, 1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminutil/lib/libadminutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29624/adminutil/lib/libadminutil
Modified Files:
admutil.c
Log Message:
Reviewed by: nhosoi (Thanks!)
Fix Description: The logic in mod_admserv.c expects admldapBuildInfoSSL to return success but
with a NULL ldap handle if no password was given or found. This is essentially
what admldapBuildInfo does in the same situation. I also found and fixed a few
memory leaks with both strings and LDAP handles.
Platforms tested: FC5
Flag Day: no
Doc impact: no
Index: admutil.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadminutil/admutil.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- admutil.c 11 May 2006 23:30:31 -0000 1.4
+++ admutil.c 3 Nov 2006 17:40:29 -0000 1.5
@@ -1240,6 +1240,7 @@
case LDAP_INVALID_CREDENTIALS:
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
+ ldap_unbind(admInfo->ldapHndl);
admInfo->ldapHndl = NULL;
*errorcode = ADMUTIL_LDAP_ERR;
break;;
@@ -1247,6 +1248,7 @@
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good user DN */
+ ldap_unbind(admInfo->ldapHndl);
admInfo->ldapHndl = NULL;
*errorcode = ADMUTIL_LDAP_ERR;
break;
17 years, 5 months
[Fedora-directory-commits] adminutil/lib/libadmsslutil admsslutil.c, 1.4, 1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminutil/lib/libadmsslutil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29624/adminutil/lib/libadmsslutil
Modified Files:
admsslutil.c
Log Message:
Reviewed by: nhosoi (Thanks!)
Fix Description: The logic in mod_admserv.c expects admldapBuildInfoSSL to return success but
with a NULL ldap handle if no password was given or found. This is essentially
what admldapBuildInfo does in the same situation. I also found and fixed a few
memory leaks with both strings and LDAP handles.
Platforms tested: FC5
Flag Day: no
Doc impact: no
Index: admsslutil.c
===================================================================
RCS file: /cvs/dirsec/adminutil/lib/libadmsslutil/admsslutil.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- admsslutil.c 24 Mar 2006 04:48:38 -0000 1.4
+++ admsslutil.c 3 Nov 2006 17:40:30 -0000 1.5
@@ -74,24 +74,37 @@
{
LDAP *ld;
int ldapError;
+ char *passwd = NULL;
+ char *host = NULL;
*errorcode = ADMUTIL_OP_OK;
+ host = admldapGetHost(info);
if (admldapGetSecurity(info))
- ld = ldapssl_init(admldapGetHost(info), admldapGetPort(info), 1);
+ ld = ldapssl_init(host, admldapGetPort(info), 1);
else
- ld = ldap_init(admldapGetHost(info), admldapGetPort(info));
+ ld = ldap_init(host, admldapGetPort(info));
+ PL_strfree(host);
if (!ld) {
*errorcode = ADMUTIL_LDAP_ERR;
return 0;
}
+ passwd = admldapGetSIEPWD(info);
+ if (passwd) {
+ char *dn = admldapGetSIEDN(info);
+ ldapError = ldap_simple_bind_s(ld, dn, passwd);
+ PL_strfree(dn);
+ PL_strfree(passwd);
+ } else {
+ /* no password means just punt rather than do anon bind */
+ /* this mimics the same logic in admldapBuildInfoCbk() */
+ *errorcode = ADMUTIL_LDAP_ERR;
+ return 1; /* have to return true here to mimic admldapBuildInfoCbk() */
+ }
/* authenticate to LDAP server*/
- if ((ldapError = ldap_simple_bind_s(ld,
- admldapGetSIEDN(info),
- admldapGetSIEPWD(info)))
- != LDAP_SUCCESS ) {
+ if (ldapError != LDAP_SUCCESS) {
#ifdef LDAP_DEBUG
ldap_perror(ld, "ldap_simple_bind_s");
#endif
@@ -100,12 +113,14 @@
case LDAP_INVALID_CREDENTIALS:
case LDAP_INSUFFICIENT_ACCESS:
/* authenticate failed: Should not continue */
+ ldap_unbind(ld);
*errorcode = ADMUTIL_LDAP_ERR;
return 0;
case LDAP_NO_SUCH_OBJECT:
case LDAP_ALIAS_PROBLEM:
case LDAP_INVALID_DN_SYNTAX:
/* Not a good user DN */
+ ldap_unbind(ld);
*errorcode = ADMUTIL_LDAP_ERR;
return 0;
break;
17 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/cm Makefile,1.66,1.67
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/cm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17811
Modified Files:
Makefile
Log Message:
Fixed this problem on Solaris: Netscape Portable Runtime error -5977: ld.so.1: ns-slapd: fatal: libns-dshttpd72.so: open failed: No such file or directory
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/Makefile,v
retrieving revision 1.66
retrieving revision 1.67
diff -u -r1.66 -r1.67
--- Makefile 25 Oct 2006 17:06:07 -0000 1.66
+++ Makefile 3 Nov 2006 00:53:55 -0000 1.67
@@ -312,7 +312,7 @@
# the httpd library
ifneq ($(ARCH), WINNT)
- $(INSTALL) -m 755 $(OBJDIR)/$(NSHTTPD_DLL)$(DLL_PRESUF).$(DLL_SUFFIX)* $(RELDIR)/$(DS_LIBDIR)
+ $(INSTALL) -m 755 $(OBJDIR)/$(NSHTTPD_DLL)$(DLL_PRESUF).$(DLL_SUFFIX)* $(LDAP_PLUGIN_RELDIR)
endif
# Images for IM Presence plugin
@@ -1042,7 +1042,7 @@
then $(INSTALL) -m 755 $$file $(RELDIR)/$(DS_DSGWDIR) ; \
fi ; \
done
- $(INSTALL) -m 755 $(OBJDIR)/$(BUILD_HTTPDLL_NAME).dll $(RELDIR)/$(DS_LIBDIR)
+ $(INSTALL) -m 755 $(OBJDIR)/$(BUILD_HTTPDLL_NAME).dll $(RELDIR)/$(DS_PLUGINDIR)
$(INSTALL) -m 755 $(OBJDIR)/$(BUILD_HTTPDLL_NAME).dll $(RELDIR)/$(DS_DSGWDIR)
rm -f $(SLAPD_ZIPFILE); cd $(RELDIR); zip -r $(SLAPD_ZIPFILE) *
17 years, 6 months