[Fedora-directory-commits] ldapserver internal_comp_deps.mk, 1.47, 1.48
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4843
Modified Files:
internal_comp_deps.mk
Log Message:
fix build breakage - use PERLDAP_BUILT_DIR as the location to download perl since the full DEP has two directory levels in it
Index: internal_comp_deps.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/internal_comp_deps.mk,v
retrieving revision 1.47
retrieving revision 1.48
diff -u -r1.47 -r1.48
--- internal_comp_deps.mk 15 Sep 2006 19:33:42 -0000 1.47
+++ internal_comp_deps.mk 16 Sep 2006 15:10:53 -0000 1.48
@@ -551,7 +551,7 @@
ifdef INTERNAL_BUILD
$(RM) -rf $@
$(FTP_PULL) -method $(PERLDAP_PULL_METHOD) \
- -objdir $(dir $@) \
+ -objdir $(PERLDAP_BUILT_DIR) \
-componentdir $(PERLDAP_COMPONENT_DIR) \
-files $(PERLDAP_FILES)
@if [ ! -d $@ ] ; \
17 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd slapi-private.h, 1.10, 1.11 connection.c, 1.10, 1.11 daemon.c, 1.8, 1.9
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1087
Modified Files:
slapi-private.h connection.c daemon.c
Log Message:
[206724] Replacing PR_SetNetAddr with PRLDAP_SET_PORT for IPv6 support
slapi-private.h: introduced PRLDAP_SET_PORT to set port to the port field in
PRNetAddr. A copy of the same macro in LDAP C SDK (v6). Note: once NSPR
provides an equivalent API, we may want to replace this macro with the one.
(the NSPR compatibility issue remains, though.)
connection.c, daemon.c: replaced PR_SetNetAddr with PRLDAP_SET_PORT.
Index: slapi-private.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/slapi-private.h,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- slapi-private.h 11 Apr 2006 02:14:44 -0000 1.10
+++ slapi-private.h 15 Sep 2006 22:45:11 -0000 1.11
@@ -1236,6 +1236,22 @@
#define SLAPI_UPGRADEDB_SKIPINIT 0x2 /* call upgradedb as part of other op */
#endif
+/*
+ * Macro to set port to the 'port' field of a NSPR PRNetAddr union.
+ ** INPUTS:
+ ** PRNetAddr *myaddr A network address.
+ ** PRUint16 myport port to set to the 'port' field of 'addr'.
+ ** RETURN: none
+ *
+ * Note: Copy from ldappr-int.h in
+ * ldapcsdk:mozilla/directory/c-sdk/ldap/libraries/libprldap
+ * Introduced to avoid calling PR_SetNetAddr w/ PR_IpAddrNull just to set port.
+ * Once NSPR starts providing better function/macro to do the same job,
+ * this macro should be replaced with it. (newer than NSPR v4.6.2)
+ */
+#define PRLDAP_SET_PORT(myaddr,myport) \
+ ((myaddr)->raw.family == PR_AF_INET6 ? ((myaddr)->ipv6.port = PR_htons(myport)) : ((myaddr)->inet.port = PR_htons(myport)))
+
#ifdef __cplusplus
}
#endif
Index: connection.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/connection.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- connection.c 31 Aug 2006 23:26:25 -0000 1.10
+++ connection.c 15 Sep 2006 22:45:11 -0000 1.11
@@ -43,7 +43,6 @@
#include <sys/socket.h>
#include <stdlib.h>
#endif
-#define TCPLEN_T int
#include <signal.h>
#include "slap.h"
#include "prcvar.h"
@@ -64,7 +63,6 @@
static int is_ber_too_big(const Connection *conn, ber_len_t ber_len);
static void log_ber_too_big_error(const Connection *conn,
ber_len_t ber_len, ber_len_t maxbersize);
-static int add_to_select_set(Connection *conn);
/*
* We maintain a global work queue of Slapi_PBlock's that have not yet
@@ -206,11 +204,10 @@
connection_reset(Connection* conn, int ns, PRNetAddr * from, int fromLen, int is_SSL)
{
char * pTmp = is_SSL ? "SSL " : "";
- TCPLEN_T addrlen, destaddrlen;
- struct sockaddr_in addr, destaddr;
- char *str_ip, *str_destip, buf_ip[ 256 ], buf_destip[ 256 ];
+ char *str_ip = NULL, *str_destip;
+ char buf_ip[ 256 ], buf_destip[ 256 ];
char *str_unknown = "unknown";
- int in_referral_mode = config_check_referral_mode();
+ int in_referral_mode = config_check_referral_mode();
LDAPDebug( LDAP_DEBUG_CONNS, "new %sconnection on %d\n", pTmp, conn->c_sd, 0 );
@@ -220,120 +217,127 @@
PR_Unlock( num_conns_mutex );
if (! in_referral_mode) {
- PR_AtomicIncrement(g_get_global_snmp_vars()->ops_tbl.dsConnectionSeq);
- PR_AtomicIncrement(g_get_global_snmp_vars()->ops_tbl.dsConnections);
+ PR_AtomicIncrement(g_get_global_snmp_vars()->ops_tbl.dsConnectionSeq);
+ PR_AtomicIncrement(g_get_global_snmp_vars()->ops_tbl.dsConnections);
}
- /* get peer address (IP address of this client) */
- addrlen = sizeof( addr );
- memset( &addr, 0, addrlen );
-
- if ( ((from->ipv6.ip.pr_s6_addr32[0] != 0) ||
+ /*
+ * get peer address (IP address of this client)
+ */
+ slapi_ch_free( (void**)&conn->cin_addr ); /* just to be conservative */
+ if ( ((from->ipv6.ip.pr_s6_addr32[0] != 0) || /* from contains non zeros */
(from->ipv6.ip.pr_s6_addr32[1] != 0) ||
(from->ipv6.ip.pr_s6_addr32[2] != 0) ||
(from->ipv6.ip.pr_s6_addr32[3] != 0)) ||
((conn->c_prfd != NULL) && (PR_GetPeerName( conn->c_prfd, from ) == 0)) ) {
- conn->cin_addr = (PRNetAddr *) slapi_ch_malloc( sizeof( PRNetAddr ) );
- memcpy( conn->cin_addr, from, sizeof( PRNetAddr ) );
+ conn->cin_addr = (PRNetAddr *) slapi_ch_malloc( sizeof( PRNetAddr ) );
+ memcpy( conn->cin_addr, from, sizeof( PRNetAddr ) );
- if ( PR_IsNetAddrType( conn->cin_addr, PR_IpAddrV4Mapped ) ) {
- PRNetAddr v4addr;
- memset( &v4addr, 0, sizeof( v4addr ) );
- v4addr.inet.family = PR_AF_INET;
- v4addr.inet.ip = conn->cin_addr->ipv6.ip.pr_s6_addr32[3];
- PR_NetAddrToString( &v4addr, buf_ip, sizeof( buf_ip ) );
- } else {
- PR_NetAddrToString( conn->cin_addr, buf_ip, sizeof( buf_ip ) );
- }
- buf_ip[ sizeof( buf_ip ) - 1 ] = '\0';
- str_ip = buf_ip;
-
- } else if ( (conn->c_prfd == NULL) &&
- (getpeername( conn->c_sd, (struct sockaddr*)&addr, &addrlen ) == 0) ) {
- conn->cin_addr = (PRNetAddr *)slapi_ch_malloc( sizeof( PRNetAddr ) );
+ if ( PR_IsNetAddrType( conn->cin_addr, PR_IpAddrV4Mapped ) ) {
+ PRNetAddr v4addr;
+ memset( &v4addr, 0, sizeof( v4addr ) );
+ v4addr.inet.family = PR_AF_INET;
+ v4addr.inet.ip = conn->cin_addr->ipv6.ip.pr_s6_addr32[3];
+ PR_NetAddrToString( &v4addr, buf_ip, sizeof( buf_ip ) );
+ } else {
+ PR_NetAddrToString( conn->cin_addr, buf_ip, sizeof( buf_ip ) );
+ }
+ buf_ip[ sizeof( buf_ip ) - 1 ] = '\0';
+ str_ip = buf_ip;
- if ( PR_SetNetAddr(PR_IpAddrNull, PR_AF_INET6, addr.sin_port, conn->cin_addr)
- != PR_SUCCESS ) {
- int oserr = PR_GetError();
- LDAPDebug( LDAP_DEBUG_ANY, "PR_SetNetAddr() failed, "
- SLAPI_COMPONENT_NAME_NSPR " error %d (%s)\n",
- oserr, slapd_pr_strerror(oserr), 0 );
- } else {
- PR_ConvertIPv4AddrToIPv6(addr.sin_addr.s_addr, &(conn->cin_addr->ipv6.ip));
- }
-
- /* copy string equivalent of address into a buffer to use for
- * logging since each call to inet_ntoa() returns a pointer to a
- * single thread-specific buffer (which prevents us from calling
- * inet_ntoa() twice in one call to slapi_log_access()).
- */
- str_ip = inet_ntoa( addr.sin_addr );
- strncpy( buf_ip, str_ip, sizeof( buf_ip ) - 1 );
- buf_ip[ sizeof( buf_ip ) - 1 ] = '\0';
- str_ip = buf_ip;
-
} else {
- str_ip = str_unknown;
- }
-
+ /* try syscall since "from" was not given and PR_GetPeerName failed */
+ /* a corner case */
+ struct sockaddr_in addr; /* assuming IPv4 */
+ socklen_t addrlen;
+
+ addrlen = sizeof( addr );
+ memset( &addr, 0, addrlen );
+
+ if ( (conn->c_prfd == NULL) &&
+ (getpeername( conn->c_sd, (struct sockaddr *)&addr, &addrlen )
+ == 0) ) {
+ conn->cin_addr = (PRNetAddr *)slapi_ch_malloc( sizeof( PRNetAddr ));
+ memset( conn->cin_addr, 0, sizeof( PRNetAddr ) );
+ PR_NetAddrFamily( conn->cin_addr ) = AF_INET6;
+ /* note: IPv4-mapped IPv6 addr does not work on Windows */
+ PR_ConvertIPv4AddrToIPv6(addr.sin_addr.s_addr, &(conn->cin_addr->ipv6.ip));
+ PRLDAP_SET_PORT(conn->cin_addr, addr.sin_port);
+
+ /* copy string equivalent of address into a buffer to use for
+ * logging since each call to inet_ntoa() returns a pointer to a
+ * single thread-specific buffer (which prevents us from calling
+ * inet_ntoa() twice in one call to slapi_log_access()).
+ */
+ str_ip = inet_ntoa( addr.sin_addr );
+ strncpy( buf_ip, str_ip, sizeof( buf_ip ) - 1 );
+ buf_ip[ sizeof( buf_ip ) - 1 ] = '\0';
+ str_ip = buf_ip;
+ } else {
+ str_ip = str_unknown;
+ }
+ }
/*
* get destination address (server IP address this client connected to)
*/
- destaddrlen = sizeof( destaddr );
- memset( &destaddr, 0, destaddrlen );
-
-
+ slapi_ch_free( (void**)&conn->cin_addr ); /* just to be conservative */
if ( conn->c_prfd != NULL ) {
- conn->cin_destaddr = (PRNetAddr *) slapi_ch_malloc( sizeof( PRNetAddr ) );
- if (PR_GetSockName( conn->c_prfd, conn->cin_destaddr ) == 0) {
- if ( PR_IsNetAddrType( conn->cin_destaddr, PR_IpAddrV4Mapped ) ) {
- PRNetAddr v4destaddr;
- memset( &v4destaddr, 0, sizeof( v4destaddr ) );
- v4destaddr.inet.family = PR_AF_INET;
- v4destaddr.inet.ip = conn->cin_destaddr->ipv6.ip.pr_s6_addr32[3];
- PR_NetAddrToString( &v4destaddr, buf_destip, sizeof( buf_destip ) );
- } else {
- PR_NetAddrToString( conn->cin_destaddr, buf_destip, sizeof( buf_destip ) );
- }
- buf_destip[ sizeof( buf_destip ) - 1 ] = '\0';
- str_destip = buf_destip;
- } else {
- str_destip = str_unknown;
- }
- } else if ( (conn->c_prfd == NULL) &&
- (getsockname( conn->c_sd, (struct sockaddr*)&destaddr, &destaddrlen ) == 0) ) {
- conn->cin_destaddr = (PRNetAddr *)slapi_ch_malloc( sizeof( PRNetAddr ) );
-
- if ( PR_SetNetAddr(PR_IpAddrNull, PR_AF_INET6, destaddr.sin_port, conn->cin_destaddr)
- != PR_SUCCESS ) {
- int oserr = PR_GetError();
- LDAPDebug( LDAP_DEBUG_ANY, "PR_SetNetAddr() failed, "
- SLAPI_COMPONENT_NAME_NSPR " error %d (%s)\n",
- oserr, slapd_pr_strerror(oserr), 0 );
- } else {
- PR_ConvertIPv4AddrToIPv6(destaddr.sin_addr.s_addr, &(conn->cin_destaddr->ipv6.ip));
- }
-
- /* copy string equivalent of address into a buffer to use for
- * logging since each call to inet_ntoa() returns a pointer to a
- * single thread-specific buffer (which prevents us from calling
- * inet_ntoa() twice in one call to slapi_log_access()).
- */
- str_destip = inet_ntoa( destaddr.sin_addr );
- strncpy( buf_destip, str_destip, sizeof( buf_destip ) - 1 );
- buf_destip[ sizeof( buf_destip ) - 1 ] = '\0';
- str_destip = buf_destip;
-
+ conn->cin_destaddr = (PRNetAddr *) slapi_ch_malloc( sizeof( PRNetAddr ) );
+ memset( conn->cin_destaddr, 0, sizeof( PRNetAddr ));
+ if (PR_GetSockName( conn->c_prfd, conn->cin_destaddr ) == 0) {
+ if ( PR_IsNetAddrType( conn->cin_destaddr, PR_IpAddrV4Mapped ) ) {
+ PRNetAddr v4destaddr;
+ memset( &v4destaddr, 0, sizeof( v4destaddr ) );
+ v4destaddr.inet.family = PR_AF_INET;
+ v4destaddr.inet.ip = conn->cin_destaddr->ipv6.ip.pr_s6_addr32[3];
+ PR_NetAddrToString( &v4destaddr, buf_destip, sizeof( buf_destip ) );
+ } else {
+ PR_NetAddrToString( conn->cin_destaddr, buf_destip, sizeof( buf_destip ) );
+ }
+ buf_destip[ sizeof( buf_destip ) - 1 ] = '\0';
+ str_destip = buf_destip;
+ } else {
+ str_destip = str_unknown;
+ }
} else {
- str_destip = str_unknown;
- }
+ /* try syscall since c_prfd == NULL */
+ /* a corner case */
+ struct sockaddr_in destaddr; /* assuming IPv4 */
+ socklen_t destaddrlen;
+
+ destaddrlen = sizeof( destaddr );
+ memset( &destaddr, 0, destaddrlen );
+ if ( (getsockname( conn->c_sd, (struct sockaddr *)&destaddr,
+ &destaddrlen ) == 0) ) {
+ conn->cin_destaddr =
+ (PRNetAddr *)slapi_ch_malloc( sizeof( PRNetAddr ));
+ memset( conn->cin_destaddr, 0, sizeof( PRNetAddr ));
+ PR_NetAddrFamily( conn->cin_destaddr ) = AF_INET6;
+ PRLDAP_SET_PORT( conn->cin_destaddr, destaddr.sin_port );
+ /* note: IPv4-mapped IPv6 addr does not work on Windows */
+ PR_ConvertIPv4AddrToIPv6(destaddr.sin_addr.s_addr,
+ &(conn->cin_destaddr->ipv6.ip));
+
+ /* copy string equivalent of address into a buffer to use for
+ * logging since each call to inet_ntoa() returns a pointer to a
+ * single thread-specific buffer (which prevents us from calling
+ * inet_ntoa() twice in one call to slapi_log_access()).
+ */
+ str_destip = inet_ntoa( destaddr.sin_addr );
+ strncpy( buf_destip, str_destip, sizeof( buf_destip ) - 1 );
+ buf_destip[ sizeof( buf_destip ) - 1 ] = '\0';
+ str_destip = buf_destip;
+ } else {
+ str_destip = str_unknown;
+ }
+ }
- if ( !in_referral_mode ) {
- /* create a sasl connection */
- ids_sasl_server_new(conn);
- }
+ if ( !in_referral_mode ) {
+ /* create a sasl connection */
+ ids_sasl_server_new(conn);
+ }
/* log useful stuff to our access log */
slapi_log_access( LDAP_DEBUG_STATS,
@@ -343,7 +347,7 @@
/* initialize the remaining connection fields */
conn->c_ldapversion = LDAP_VERSION3;
conn->c_starttime = current_time();
- conn->c_idlesince = conn->c_starttime;
+ conn->c_idlesince = conn->c_starttime;
conn->c_flags = is_SSL ? CONN_FLAG_SSL : 0;
conn->c_authtype = slapi_ch_strdup(SLAPD_AUTH_NONE);
}
@@ -624,6 +628,7 @@
static int handle_read_data(Connection *conn,Operation **op,
int * connection_referenced);
int queue_pushed_back_data(Connection *conn);
+static int add_to_select_set(Connection *conn);
static void inc_op_count(Connection* conn)
{
Index: daemon.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/daemon.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- daemon.c 11 Apr 2006 02:14:44 -0000 1.8
+++ daemon.c 15 Sep 2006 22:45:11 -0000 1.9
@@ -277,7 +277,7 @@
PRIntervalTime pr_timeout = PR_MillisecondsToInterval(slapd_wakeup_timer);
-#if !defined( XP_WIN32 )
+#if !defined( XP_WIN32 ) /* UNIX */
(*pr_clonefd) = PR_Accept(pr_acceptfd, pr_netaddr, pr_timeout);
if( !(*pr_clonefd) ) {
PRErrorCode prerr = PR_GetError();
@@ -289,7 +289,7 @@
ns = configure_pr_socket( pr_clonefd, secure );
-#else
+#else /* Windows */
if( secure ) {
(*pr_clonefd) = PR_Accept(pr_acceptfd, pr_netaddr, pr_timeout);
if( !(*pr_clonefd) ) {
@@ -315,10 +315,10 @@
ns = configure_pr_socket( pr_clonefd, secure );
- } else {
- struct sockaddr *addr;
+ } else { /* !secure */
+ struct sockaddr *addr; /* NOT IPv6 enabled */
- addr = (struct sockaddr *) slapi_ch_malloc( sizeof(struct sockaddr) );
+ addr = (struct sockaddr *) slapi_ch_malloc( sizeof(struct sockaddr) );
ns = accept (s, addr, (TCPLEN_T *)&addrlen);
if (ns == SLAPD_INVALID_SOCKET) {
@@ -329,25 +329,18 @@
s, oserr, slapd_system_strerror(oserr));
}
- else if (syn_scan (ns))
- {
- /* this is a work around for accept problem with SYN scan on NT.
- See bug 391414 for more details */
- LDAPDebug(LDAP_DEBUG_ANY, "syn-scan request is received - ignored\n", 0, 0, 0);
- closesocket (ns);
- ns = SLAPD_INVALID_SOCKET;
- }
-
- if ( PR_SetNetAddr(PR_IpAddrNull, PR_AF_INET6, ((struct sockaddr_in *)addr)->sin_port, pr_netaddr)
- != PR_SUCCESS ) {
- int oserr = PR_GetError();
- LDAPDebug( LDAP_DEBUG_ANY, "PR_SetNetAddr() failed, "
- SLAPI_COMPONENT_NAME_NSPR " error %d (%s)\n",
- oserr, slapd_pr_strerror(oserr), 0 );
- } else {
- PR_ConvertIPv4AddrToIPv6(((struct sockaddr_in *)addr)->sin_addr.s_addr, &(pr_netaddr->ipv6.ip));
+ else if (syn_scan (ns))
+ {
+ /* this is a work around for accept problem with SYN scan on NT.
+ See bug 391414 for more details */
+ LDAPDebug(LDAP_DEBUG_ANY, "syn-scan request is received - ignored\n", 0, 0, 0);
+ closesocket (ns);
+ ns = SLAPD_INVALID_SOCKET;
}
+ PRLDAP_SET_PORT( pr_netaddr, ((struct sockaddr_in *)addr)->sin_port );
+ PR_ConvertIPv4AddrToIPv6(((struct sockaddr_in *)addr)->sin_addr.s_addr, &(pr_netaddr->ipv6.ip));
+
(*pr_clonefd) = NULL;
slapi_ch_free( (void **)&addr );
@@ -2278,7 +2271,7 @@
static PRFileDesc *
-createprlistensocket(unsigned short port, const PRNetAddr *listenaddr,
+createprlistensocket(PRUint16 port, const PRNetAddr *listenaddr,
int secure)
{
PRFileDesc *sock;
@@ -2313,15 +2306,7 @@
/* set up listener address, including port */
memcpy(&sa_server, listenaddr, sizeof(sa_server));
- if ( PR_SetNetAddr(PR_IpAddrNull, PR_AF_INET6, port, &sa_server)
- != PR_SUCCESS ) {
- prerr = PR_GetError();
- slapi_log_error(SLAPI_LOG_FATAL, logname,
- "PR_SetNetAddr() failed: %s error %d (%s)\n",
- SLAPI_COMPONENT_NAME_NSPR,
- prerr, slapd_pr_strerror(prerr));
- goto failed;
- }
+ PRLDAP_SET_PORT( &sa_server, port );
if ( PR_Bind(sock, &sa_server) == PR_FAILURE) {
prerr = PR_GetError();
@@ -2354,8 +2339,7 @@
{
char *logname = "slapd_listenhost2addr";
PRErrorCode prerr = 0;
- PRHostEnt hent;
- char hbuf[ PR_NETDB_BUF_SIZE ];
+ int rval = 0;
PR_ASSERT( addr != NULL );
@@ -2366,37 +2350,33 @@
slapi_log_error( SLAPI_LOG_FATAL, logname,
"PR_SetNetAddr(PR_IpAddrAny) failed - %s error %d (%s)\n",
SLAPI_COMPONENT_NAME_NSPR, prerr, slapd_pr_strerror(prerr));
- goto failed;
+ rval = -1;
}
} else if (PR_SUCCESS == PR_StringToNetAddr(listenhost, addr)) {
- if (PR_AF_INET == PR_NetAddrFamily(addr)) {
- PRUint32 ipv4ip = addr->inet.ip;
- memset(addr, 0, sizeof(PRNetAddr));
- PR_ConvertIPv4AddrToIPv6(ipv4ip, &addr->ipv6.ip);
- addr->ipv6.family = PR_AF_INET6;
- }
- } else if (PR_SUCCESS == PR_GetIPNodeByName(listenhost,
- PR_AF_INET6, PR_AI_DEFAULT | PR_AI_ALL,
- hbuf, sizeof(hbuf), &hent )) {
- /* just use the first IP address returned */
- if (PR_EnumerateHostEnt(0, &hent, 0, addr) < 0) {
+ /* PR_StringNetAddr newer than NSPR v4.6.2 supports both IPv4&v6 */;
+ } else {
+ PRAddrInfo *infop = PR_GetAddrInfoByName( listenhost,
+ PR_AF_UNSPEC, (PR_AI_ADDRCONFIG|PR_AI_NOCANONNAME) );
+ if ( NULL != infop ) {
+ memset( addr, 0, sizeof( PRNetAddr ));
+ if ( NULL == PR_EnumerateAddrInfo( NULL, infop, 0, addr )) {
+ slapi_log_error( SLAPI_LOG_FATAL, logname,
+ "PR_EnumerateAddrInfo for %s failed - %s error %d (%s)\n",
+ listenhost, SLAPI_COMPONENT_NAME_NSPR, prerr,
+ slapd_pr_strerror(prerr));
+ rval = -1;
+ }
+ PR_FreeAddrInfo( infop );
+ } else {
slapi_log_error( SLAPI_LOG_FATAL, logname,
- "PR_EnumerateHostEnt() failed - %s error %d (%s)\n",
- SLAPI_COMPONENT_NAME_NSPR, prerr, slapd_pr_strerror(prerr));
- goto failed;
+ "PR_GetAddrInfoByName(%s) failed - %s error %d (%s)\n",
+ listenhost, SLAPI_COMPONENT_NAME_NSPR, prerr,
+ slapd_pr_strerror(prerr));
+ rval = -1;
}
- } else { /* failure */
- slapi_log_error( SLAPI_LOG_FATAL, logname,
- "PR_GetIPNodeByName(%s) failed - %s error %d (%s)\n",
- listenhost, SLAPI_COMPONENT_NAME_NSPR, prerr,
- slapd_pr_strerror(prerr));
- goto failed;
}
- return( 0 );
-
-failed:
- return( -1 );
+ return rval;
}
17 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/pam_passthru README, 1.4, 1.5 config.ldif, 1.4, 1.5 pam_ptconfig.c, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/pam_passthru
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29435/ldapserver/ldap/servers/plugins/pam_passthru
Modified Files:
README config.ldif pam_ptconfig.c
Log Message:
Bug(s) fixed: 206662
Bug Description: PAM passthru: ENTRY map method not working and schema incorrect
Reviewed by: nhosoi (Thanks!)
Fix Description:
1) Rename all occurrences of pamMapMethod to pamIDMapMethod
2) The parsing code for the map method was just plain wrong - it wasn't
incrementing the pointer correctly.
3) This code: if (one == two == three == PAMPT_MAP_METHOD_NONE) - is not correct.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
Index: README
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/pam_passthru/README,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- README 19 Apr 2005 22:07:30 -0000 1.4
+++ README 15 Sep 2006 21:20:36 -0000 1.5
@@ -86,7 +86,7 @@
* pamIDAttr (string) - The value of this attribute, present in the
user's entry, holds the PAM identity of the user - it maps the LDAP
identity to the PAM identity
-* pamMapMethod (string)
+* pamIDMapMethod (string)
o RDN (default) - uses the value from the leftmost RDN in the BIND DN
o ENTRY - gets the value of the PAM identity attribute from the BIND DN entry
o DN - uses the full DN string
@@ -137,13 +137,13 @@
We may have to worry about different PAM policy in different subtrees
e.g. maybe for dc=coke,dc=com you want to use the ENTRY map method,
but for dc=pepsi,dc=com you want to use the RDN method. We could
-probably do this by having the pamMapMethod attr be multivalued, and
+probably do this by having the pamIDMapMethod attr be multivalued, and
have it's value like this:
-pamMapMethod: RDN dc=coke,dc=com
-pamMapMethod: RDN dc=sprite,dc=com
-pamMapMethod: ENTRY dc=pepsi,dc=com
-pamMapMethod: DN (the default for all other suffixes)
+pamIDMapMethod: RDN dc=coke,dc=com
+pamIDMapMethod: RDN dc=sprite,dc=com
+pamIDMapMethod: ENTRY dc=pepsi,dc=com
+pamIDMapMethod: DN (the default for all other suffixes)
The suffix that uses that map method would follow the map method used.
@@ -201,7 +201,7 @@
pamMissingSuffix: ALLOW
pamExcludeSuffix: o=NetscapeRoot
pamExcludeSuffix: cn=config
-pamMapMethod: RDN
+pamIDMapMethod: RDN
pamFallback: FALSE
pamSecure: TRUE
pamService: ldapserver
Index: config.ldif
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/pam_passthru/config.ldif,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- config.ldif 19 Apr 2005 22:07:30 -0000 1.4
+++ config.ldif 15 Sep 2006 21:20:36 -0000 1.5
@@ -50,7 +50,7 @@
pamMissingSuffix: ALLOW
pamExcludeSuffix: o=NetscapeRoot
pamExcludeSuffix: cn=config
-pamMapMethod: RDN
+pamIDMapMethod: RDN
pamFallback: FALSE
pamSecure: TRUE
pamService: ldapserver
Index: pam_ptconfig.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/pam_passthru/pam_ptconfig.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- pam_ptconfig.c 25 May 2006 14:37:14 -0000 1.6
+++ pam_ptconfig.c 15 Sep 2006 21:20:36 -0000 1.7
@@ -188,11 +188,11 @@
{
char *end;
int len;
- int ret;
+ int ret = PAMPT_MAP_METHOD_NONE;
*err = 0;
if (!map_method || !*map_method) {
- return PAMPT_MAP_METHOD_NONE;
+ return ret;
}
end = strchr(*map_method, ' ');
@@ -211,7 +211,7 @@
*err = 1;
}
- if (!err) {
+ if (!*err) {
if (end && *end) {
*map_method = end + 1;
} else {
@@ -225,36 +225,37 @@
static int
parse_map_method(char *map_method, int *one, int *two, int *three, char *returntext)
{
- int err = 0;
+ int err = LDAP_SUCCESS;
int extra;
+ char **ptr = &map_method;
*one = *two = *three = PAMPT_MAP_METHOD_NONE;
- *one = meth_to_int(&map_method, &err);
+ *one = meth_to_int(ptr, &err);
if (err) {
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
"The map method in the string [%s] is invalid: must be "
"one of %s", map_method, get_map_method_values());
return LDAP_UNWILLING_TO_PERFORM;
}
- *two = meth_to_int(&map_method, &err);
+ *two = meth_to_int(ptr, &err);
if (err) {
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
"The map method in the string [%s] is invalid: must be "
"one of %s", map_method, get_map_method_values());
return LDAP_UNWILLING_TO_PERFORM;
}
- *three = meth_to_int(&map_method, &err);
+ *three = meth_to_int(ptr, &err);
if (err) {
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
"The map method in the string [%s] is invalid: must be "
"one of %s", map_method, get_map_method_values());
return LDAP_UNWILLING_TO_PERFORM;
}
- if (((extra = meth_to_int(&map_method, &err)) != PAMPT_MAP_METHOD_NONE) ||
+ if (((extra = meth_to_int(ptr, &err)) != PAMPT_MAP_METHOD_NONE) ||
err) {
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
"Invalid extra text [%s] after last map method",
- map_method);
+ ((ptr && *ptr) ? *ptr : "(null)"));
return LDAP_UNWILLING_TO_PERFORM;
}
@@ -341,7 +342,10 @@
map_method = slapi_entry_attr_get_charptr(e, PAMPT_MAP_METHOD_ATTR);
if (map_method) {
int one, two, three;
- *returncode = parse_map_method(map_method, &one, &two, &three, returntext);
+ if (LDAP_SUCCESS !=
+ (*returncode = parse_map_method(map_method, &one, &two, &three, returntext))) {
+ goto done; /* returntext set already */
+ }
if (!pam_ident_attr &&
((one == PAMPT_MAP_METHOD_ENTRY) || (two == PAMPT_MAP_METHOD_ENTRY) ||
(three == PAMPT_MAP_METHOD_ENTRY))) {
@@ -351,7 +355,8 @@
*returncode = LDAP_UNWILLING_TO_PERFORM;
goto done;
}
- if (one == two == three == PAMPT_MAP_METHOD_NONE) {
+ if ((one == PAMPT_MAP_METHOD_NONE) && (two == PAMPT_MAP_METHOD_NONE) &&
+ (three == PAMPT_MAP_METHOD_NONE)) {
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Error: no method(s)"
" specified for %s, should be one or more of %s",
PAMPT_MAP_METHOD_ATTR, get_map_method_values());
17 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/schema 60pam-plugin.ldif, 1.4, 1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/schema
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv29435/ldapserver/ldap/schema
Modified Files:
60pam-plugin.ldif
Log Message:
Bug(s) fixed: 206662
Bug Description: PAM passthru: ENTRY map method not working and schema incorrect
Reviewed by: nhosoi (Thanks!)
Fix Description:
1) Rename all occurrences of pamMapMethod to pamIDMapMethod
2) The parsing code for the map method was just plain wrong - it wasn't
incrementing the pointer correctly.
3) This code: if (one == two == three == PAMPT_MAP_METHOD_NONE) - is not correct.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
Index: 60pam-plugin.ldif
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/schema/60pam-plugin.ldif,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- 60pam-plugin.ldif 19 Apr 2005 22:07:28 -0000 1.4
+++ 60pam-plugin.ldif 15 Sep 2006 21:20:35 -0000 1.5
@@ -43,9 +43,9 @@
attributeTypes: ( 2.16.840.1.113730.3.1.2067 NAME 'pamIncludeSuffix' DESC 'Suffixes to include for PAM authentication' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Red Hat Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2068 NAME 'pamExcludeSuffix' DESC 'Suffixes to exclude from PAM authentication' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Red Hat Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2069 NAME 'pamMissingSuffix' DESC 'How to handle missing include or exclude suffixes' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Red Hat Directory Server' )
-attributeTypes: ( 2.16.840.1.113730.3.1.2070 NAME 'pamMapMethod' DESC 'How to map BIND DN to PAM identity' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Red Hat Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2070 NAME 'pamIDMapMethod' DESC 'How to map BIND DN to PAM identity' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Red Hat Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2071 NAME 'pamIDAttr' DESC 'Name of attribute holding PAM ID' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Red Hat Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2072 NAME 'pamFallback' DESC 'Fallback to regular LDAP BIND if PAM auth fails' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'Red Hat Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2073 NAME 'pamSecure' DESC 'Require secure (TLS/SSL) connection for PAM auth' SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 SINGLE-VALUE X-ORIGIN 'Red Hat Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2074 NAME 'pamService' DESC 'Service name to pass to pam_start' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 SINGLE-VALUE X-ORIGIN 'Red Hat Directory Server' )
-objectClasses: ( 2.16.840.1.113730.3.2.318 NAME 'pamConfig' DESC 'PAM plugin configuration' SUP top AUXILIARY MAY ( pamMissingSuffix $ pamExcludeSuffix $ pamIncludeSuffix $ pamIDAttr $ pamMapMethod $ pamFallback $ pamSecure $ pamService ) X-ORIGIN 'Red Hat Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.318 NAME 'pamConfig' DESC 'PAM plugin configuration' SUP top AUXILIARY MAY ( pamMissingSuffix $ pamExcludeSuffix $ pamIncludeSuffix $ pamIDAttr $ pamIDMapMethod $ pamFallback $ pamSecure $ pamService ) X-ORIGIN 'Red Hat Directory Server' )
17 years, 7 months
[Fedora-directory-commits] ldapserver/lib/ldaputil Makefile, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/lib/ldaputil
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21119/ldapserver/lib/ldaputil
Modified Files:
Makefile
Log Message:
Bug: 206527
Description: Enable rpmbuild of directory server
Fix Description: RELDIR is not defined in lib/ldaputil/Makefile, so just
remove the certmap.conf packaging from there and add it to ldap/cm/Makefile
The perldap packaging has changed for internal builds as well.
Tested on: Solaris
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/lib/ldaputil/Makefile,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- Makefile 15 Sep 2006 14:59:48 -0000 1.6
+++ Makefile 15 Sep 2006 19:33:43 -0000 1.7
@@ -60,9 +60,7 @@
$(DBM_INCLUDE) $(LDAPSDK_INCLUDE) \
$(SECURITY_INCLUDE) $(NSPR_INCLUDE)
-CERTMAP_CONF = $(RELDIR)/shared/config/certmap.conf
-
-all: $(OBJDEST) $(LOCAL_DEPS) $(LIBS) $(CERTMAP_CONF)
+all: $(OBJDEST) $(LOCAL_DEPS) $(LIBS)
$(OBJDEST):
mkdir -p $(OBJDEST)
@@ -94,12 +92,5 @@
$(AR) $(OBJS)
$(RANLIB) $@
-$(CERTMAP_CONF): certmap.conf
- rm -f $@
- if [ ! -d $(dir $@) ] ; then \
- mkdir -p $(dir $@) ; \
- fi
- cp $< $(dir $@)
-
include $(INCLUDE_DEPENDS)
17 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/cm Makefile,1.60,1.61
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/cm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21119/ldapserver/ldap/cm
Modified Files:
Makefile
Log Message:
Bug: 206527
Description: Enable rpmbuild of directory server
Fix Description: RELDIR is not defined in lib/ldaputil/Makefile, so just
remove the certmap.conf packaging from there and add it to ldap/cm/Makefile
The perldap packaging has changed for internal builds as well.
Tested on: Solaris
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/cm/Makefile,v
retrieving revision 1.60
retrieving revision 1.61
diff -u -r1.60 -r1.61
--- Makefile 15 Sep 2006 14:59:48 -0000 1.60
+++ Makefile 15 Sep 2006 19:33:42 -0000 1.61
@@ -310,6 +310,8 @@
$(INSTALL) -m 644 $(BUILD_DRIVE)$(BUILD_ROOT)/ldap/schema/*.ldif $(RELDIR)/bin/slapd/install/schema
$(INSTALL) -m 644 $(BUILD_DRIVE)$(BUILD_ROOT)/ldap/schema/slapd-collations.conf $(RELDIR)/bin/slapd/install/config
+ $(INSTALL) -m 644 $(BUILD_DRIVE)$(BUILD_ROOT)/lib/ldaputil/certmap.conf $(RELDIR)/shared/config
+
# the httpd library
ifneq ($(ARCH), WINNT)
$(INSTALL) -m 755 $(OBJDIR)/$(NSHTTPD_DLL)$(DLL_PRESUF).$(DLL_SUFFIX)* $(RELDIR)/bin/slapd/lib
17 years, 7 months
[Fedora-directory-commits] ldapserver components.mk, 1.53, 1.54 internal_comp_deps.mk, 1.46, 1.47
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21119/ldapserver
Modified Files:
components.mk internal_comp_deps.mk
Log Message:
Bug: 206527
Description: Enable rpmbuild of directory server
Fix Description: RELDIR is not defined in lib/ldaputil/Makefile, so just
remove the certmap.conf packaging from there and add it to ldap/cm/Makefile
The perldap packaging has changed for internal builds as well.
Tested on: Solaris
Index: components.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/components.mk,v
retrieving revision 1.53
retrieving revision 1.54
diff -u -r1.53 -r1.54
--- components.mk 15 Sep 2006 14:59:47 -0000 1.53
+++ components.mk 15 Sep 2006 19:33:42 -0000 1.54
@@ -623,15 +623,15 @@
ifdef PERLDAP_SOURCE_ROOT
PERLDAP_BUILT_DIR = $(PERLDAP_SOURCE_ROOT)/directory/perldap/blib
# else set in internal_buildpaths.mk and pulled in internal_comp_deps.mk
+ PERLDAP_ARCHLIB_DIR = $(PERLDAP_BUILT_DIR)/arch
+ PERLDAP_LIB_DIR = $(PERLDAP_BUILT_DIR)/lib/Mozilla
+ PERLDAP_AUTOLIB_DIR = $(PERLDAP_BUILT_DIR)/lib/auto
+ # under the serverroot/lib directory, we should have a perl directory which contains arch/, auto/, and Mozilla/
+ PACKAGE_SRC_DEST += $(PERLDAP_ARCHLIB_DIR) lib/perl
+ PACKAGE_SRC_DEST += $(PERLDAP_LIB_DIR) lib/perl
+ PACKAGE_SRC_DEST += $(PERLDAP_AUTOLIB_DIR) lib/perl
endif
-PERLDAP_ARCHLIB_DIR = $(PERLDAP_BUILT_DIR)/arch
-PERLDAP_LIB_DIR = $(PERLDAP_BUILT_DIR)/lib/Mozilla
-PERLDAP_AUTOLIB_DIR = $(PERLDAP_BUILT_DIR)/lib/auto
-# under the serverroot/lib directory, we should have a perl directory which contains arch/, auto/, and Mozilla/
-PACKAGE_SRC_DEST += $(PERLDAP_ARCHLIB_DIR) lib/perl
-PACKAGE_SRC_DEST += $(PERLDAP_LIB_DIR) lib/perl
-PACKAGE_SRC_DEST += $(PERLDAP_AUTOLIB_DIR) lib/perl
# 32-bit perldap is packaged in 64-bit DS on Solaris and HP-UX PA-RISC.
# It requires 32-bit LDAPSDK, NSPR, NSS.
Index: internal_comp_deps.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/internal_comp_deps.mk,v
retrieving revision 1.46
retrieving revision 1.47
diff -u -r1.46 -r1.47
--- internal_comp_deps.mk 7 Sep 2006 15:29:58 -0000 1.46
+++ internal_comp_deps.mk 15 Sep 2006 19:33:42 -0000 1.47
@@ -538,8 +538,9 @@
### Perldap package #######################################
PERLDAP_COMPONENT_DIR = $(COMPONENTS_DIR_DEV)/perldap/$(PERLDAP_VERSION)/$(NSOBJDIR_NAME)
-PERLDAP_FILES=lib,arch
-PERLDAP_DEP = $(PERLDAP_BUILT_DIR)/lib
+PERLDAP_FILES=lib
+PERLDAP_DEP = $(PERLDAP_BUILT_DIR)/lib/perl
+PACKAGE_SRC_DEST += $(PERLDAP_DEP) lib
# this is the rule to pull PerLDAP
ifndef PERLDAP_PULL_METHOD
17 years, 7 months
[Fedora-directory-commits] ldapserver component_versions.mk, 1.49, 1.50
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14399
Modified Files:
component_versions.mk
Log Message:
use new 20060915 version of perldap
Index: component_versions.mk
===================================================================
RCS file: /cvs/dirsec/ldapserver/component_versions.mk,v
retrieving revision 1.49
retrieving revision 1.50
diff -u -r1.49 -r1.50
--- component_versions.mk 28 Aug 2006 23:23:51 -0000 1.49
+++ component_versions.mk 15 Sep 2006 18:16:15 -0000 1.50
@@ -166,7 +166,7 @@
endif
ifndef PERLDAP_VERSION
- PERLDAP_VERSION=1.5/20060331
+ PERLDAP_VERSION=1.5/20060915
endif
ifndef JSS_COMP
17 years, 7 months
[Fedora-directory-commits] CVSROOT avail,1.2,1.3
by Doctor Conrad
Author: katzj
Update of /cvs/dirsec/CVSROOT
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5912
Modified Files:
avail
Log Message:
add remeggins to avail
Index: avail
===================================================================
RCS file: /cvs/dirsec/CVSROOT/avail,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- avail 15 Sep 2006 15:32:18 -0000 1.2
+++ avail 15 Sep 2006 16:41:34 -0000 1.3
@@ -13,5 +13,5 @@
# Lock down the CVSROOT directory so ACLs make sense
unavail | | CVSROOT
# Access to all files to policy setters
-avail | katzj,wtogami | CVSROOT
+avail | katzj,wtogami,rmeggins | CVSROOT
# trusted developers that can add modules
17 years, 7 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd/ntwdog cron_conf.h, 1.4, 1.5
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/ntwdog
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5349/ldapserver/ldap/servers/slapd/ntwdog
Modified Files:
cron_conf.h
Log Message:
minor change to test commit email notification
Index: cron_conf.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/ntwdog/cron_conf.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- cron_conf.h 19 Apr 2005 22:07:40 -0000 1.4
+++ cron_conf.h 15 Sep 2006 16:26:44 -0000 1.5
@@ -111,7 +111,6 @@
/* free all cron conf data structures */
void cron_conf_free();
-#define MAGNUS_CONF "magnus.conf"
#define ADMCONFDIR "../config/"
17 years, 7 months