[Fedora-directory-commits] adminserver/lib/libadmin install.c, 1.6, 1.7 util.c, 1.10, 1.11
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/lib/libadmin
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6632/adminserver/lib/libadmin
Modified Files:
install.c util.c
Log Message:
removing dead code
Index: install.c
===================================================================
RCS file: /cvs/dirsec/adminserver/lib/libadmin/install.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- install.c 9 May 2007 00:26:37 -0000 1.6
+++ install.c 14 Jul 2008 20:34:43 -0000 1.7
@@ -51,7 +51,7 @@
{
int sd;
struct sockaddr_in sa_server;
- int one = 1, ret;
+ int ret;
#ifdef XP_WIN32
WSADATA wsd;
Index: util.c
===================================================================
RCS file: /cvs/dirsec/adminserver/lib/libadmin/util.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- util.c 31 Oct 2007 05:30:54 -0000 1.10
+++ util.c 14 Jul 2008 20:34:43 -0000 1.11
@@ -186,130 +186,6 @@
return ans;
}
-int ADM_mkdir_p(char *dir, int mode)
-{
- char path[PATH_MAX];
- struct stat fi;
- char *slash = NULL;
-
- if (dir)
- PL_strncpyz (path, dir, sizeof(path));
- else
- return 0;
-
- if (slash = strchr(path, FILE_PATHSEP))
- slash++; /* go past root */
- else
- return 0;
-
- while (slash && *slash) {
- slash = strchr(slash, FILE_PATHSEP);
- if (slash) *slash = '\0'; /* check path till here */
-
- if (stat(path, &fi) == -1) {
-#ifdef XP_UNIX
- if (mkdir(path, mode) == -1)
-#else /* XP_WIN32 */
- if (!CreateDirectory(path, NULL))
-#endif
- return 0;
- }
-
- if (slash) {
- *slash = FILE_PATHSEP; /* restore path */
- slash++; /* check remaining path */
- }
- }
- return 1;
-}
-
-int ADM_copy_directory(char *src_dir, char *dest_dir)
-{
- SYS_DIR ds;
- SYS_DIRENT *d;
- struct stat fi;
- char src_file[PATH_MAX], dest_file[PATH_MAX], fullname[PATH_MAX];
-
- if (!(ds = dir_open(src_dir)))
- report_error(FILE_ERROR, "Can't read directory", src_dir);
-
- while (d = dir_read(ds)) {
- if (d->d_name[0] != '.') {
- PR_snprintf(fullname, sizeof(fullname), "%s/%s", src_dir, d->d_name);
- if (system_stat(fullname, &fi) == -1)
- continue;
-
- PR_snprintf(src_file, sizeof(src_file), "%s%c%s", src_dir, FILE_PATHSEP, d->d_name);
- PR_snprintf(dest_file, sizeof(dest_file), "%s%c%s", dest_dir, FILE_PATHSEP, d->d_name);
- if (S_ISDIR(fi.st_mode)) {
- char *sub_src_dir = STRDUP(src_file);
- char *sub_dest_dir = STRDUP(dest_file);
- if (!ADM_mkdir_p(sub_dest_dir, 0755)) {
- report_error(FILE_ERROR, "Cannot create directory",
- sub_dest_dir);
- return 0;
- }
- if (!ADM_copy_directory(sub_src_dir, sub_dest_dir))
- return 0;
- FREE(sub_src_dir);
- FREE(sub_dest_dir);
- }
- else
- cp_file(src_file, dest_file, 0644);
- }
- }
- dir_close(ds);
- return(1);
-}
-
-void ADM_remove_directory(char *path)
-{
- struct stat finfo;
- char **dirlisting;
- register int x=0;
- int stat_good = 0;
- char *fullpath = NULL;
-
-#ifdef XP_UNIX
- stat_good = (lstat(path, &finfo) == -1 ? 0 : 1);
-#else /* XP_WIN32 */
- stat_good = (stat(path, &finfo) == -1 ? 0 : 1);
-#endif
-
- if(!stat_good) return;
-
- if(S_ISDIR(finfo.st_mode)) {
- dirlisting = list_directory(path,1);
- if(!dirlisting) return;
-
- for(x=0; dirlisting[x]; x++) {
- fullpath = (char *) MALLOC(strlen(path) +
- strlen(dirlisting[x]) + 4);
- sprintf(fullpath, "%s%c%s", path, FILE_PATHSEP, dirlisting[x]);
-#ifdef XP_UNIX
- stat_good = (lstat(fullpath, &finfo) == -1 ? 0 : 1);
-#else /* XP_WIN32 */
- stat_good = (stat(fullpath, &finfo) == -1 ? 0 : 1);
-#endif
- if(!stat_good) continue;
- if(S_ISDIR(finfo.st_mode)) {
- ADM_remove_directory(fullpath);
- } else {
- unlink(fullpath);
- }
- FREE(fullpath);
- }
-#ifdef XP_UNIX
- rmdir(path);
-#else /* XP_WIN32 */
- RemoveDirectory(path);
-#endif
- } else {
- delete_file(path);
- }
- return;
-}
-
/* return: mtime(f1) < mtime(f2) ? */
int mtime_is_earlier(char *file1, char *file2)
{
@@ -1382,7 +1258,7 @@
ptr = PL_strdup(ptr);
}
/* copy now points at the parent, ptr at the child */
- if (pdir = PR_OpenDir(copy)) {
+ if ((pdir = PR_OpenDir(copy))) {
for(pent = PR_ReadDir(pdir, PR_SKIP_BOTH); pent && !ret;
pent = PR_ReadDir(pdir, PR_SKIP_BOTH)) {
ret = !strcmp(pent->name, ptr);
@@ -1393,7 +1269,7 @@
ret = 0;
/* we've verified that name is a valid directory - see if
the given filename exists in that directory */
- if (pdir = PR_OpenDir(name)) {
+ if ((pdir = PR_OpenDir(name))) {
for(pent = PR_ReadDir(pdir, PR_SKIP_BOTH); pent && !ret;
pent = PR_ReadDir(pdir, PR_SKIP_BOTH)) {
if (childlen > 0) {
15 years, 10 months
[Fedora-directory-commits] adminserver/include/libadmin libadmin.h, 1.9, 1.10
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/include/libadmin
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6632/adminserver/include/libadmin
Modified Files:
libadmin.h
Log Message:
removing dead code
Index: libadmin.h
===================================================================
RCS file: /cvs/dirsec/adminserver/include/libadmin/libadmin.h,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- libadmin.h 31 Oct 2007 05:30:54 -0000 1.9
+++ libadmin.h 14 Jul 2008 20:34:42 -0000 1.10
@@ -395,19 +395,6 @@
/* util.c */
NSAPI_PUBLIC int get_file_size(char *path);
-/* Create a directory path if it does not exist (mkdir -p) */
-/* util.c */
-NSAPI_PUBLIC int ADM_mkdir_p(char *dir, int mode);
-
-/* Copy a directory recursively. */
-/* util.c */
-NSAPI_PUBLIC int ADM_copy_directory(char *src_dir, char *dest_dir);
-
-/* Remove a directory recursively. Same as remove_directory except that
- filenames arent printed on stdout */
-/* util.c */
-NSAPI_PUBLIC void ADM_remove_directory(char *path);
-
/* Return: LastModificationTime(f1) < LastModificationTime(f2) ? */
/* util.c */
NSAPI_PUBLIC int mtime_is_earlier(char *file1, char *file2);
15 years, 10 months
[Fedora-directory-commits] adminserver/include/base buffer.h, 1.4, 1.5 util.h, 1.4, 1.5 dbtbase.h, 1.4, NONE
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/include/base
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6632/adminserver/include/base
Modified Files:
buffer.h util.h
Removed Files:
dbtbase.h
Log Message:
removing dead code
Index: buffer.h
===================================================================
RCS file: /cvs/dirsec/adminserver/include/base/buffer.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- buffer.h 18 Aug 2005 19:14:43 -0000 1.4
+++ buffer.h 14 Jul 2008 20:34:42 -0000 1.5
@@ -91,14 +91,6 @@
filebuf_t *INTfilebuf_create(SYS_FILE fd, caddr_t mmap_ptr, int mmap_len,
int bufsz);
-/*
- * filebuf_close_buffer is provided to cleanup a filebuf without closing
- * the underlying file. If clean_mmap is 1, and the file is memory mapped,
- * the file will be unmapped. If clean_mmap is 0, the file will not
- * be unmapped.
- */
-NSAPI_PUBLIC void INTfilebuf_close_buffer(filebuf_t *buf, int clean_mmap);
-
#ifdef FILE_MMAP
#include <sys/stat.h>
NSAPI_PUBLIC
@@ -122,12 +114,6 @@
NSAPI_PUBLIC int INTpipebuf_next(filebuf_t *buf, int advance);
#endif /* XP_WIN32 */
-/*
- * buffer_close deallocates a buffer and closes its associated files
- * (does not close a network socket).
- */
-
-NSAPI_PUBLIC void INTfilebuf_close(filebuf_t *buf);
#ifdef XP_WIN32
NSAPI_PUBLIC void INTpipebuf_close(filebuf_t *buf);
#endif /* XP_WIN32 */
@@ -178,7 +164,6 @@
#define filebuf_next INTfilebuf_next
#define filebuf_grab INTfilebuf_grab
#define filebuf_create INTfilebuf_create
-#define filebuf_close_buffer INTfilebuf_close_buffer
#define filebuf_buf2sd INTfilebuf_buf2sd
#ifdef XP_WIN32
Index: util.h
===================================================================
RCS file: /cvs/dirsec/adminserver/include/base/util.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- util.h 9 May 2007 00:26:35 -0000 1.4
+++ util.h 14 Jul 2008 20:34:42 -0000 1.5
@@ -148,17 +148,6 @@
/* --- End Unix-only function prototypes --- */
-/* --- Begin Windows-only function prototypes --- */
-
-#ifdef XP_WIN32
-
-NSAPI_PUBLIC
-VOID INTutil_delete_directory(char *FileName, BOOL delete_directory);
-
-#endif /* XP_WIN32 */
-
-/* --- End Windows-only function prototypes --- */
-
NSPR_END_EXTERN_C
#define util_getline INTutil_getline
@@ -203,10 +192,6 @@
#define util_waitpid INTutil_waitpid
#endif /* XP_UNIX */
-#ifdef XP_WIN32
-#define util_delete_directory INTutil_delete_directory
-#endif /* XP_WIN32 */
-
#ifdef NEED_STRCASECMP
#define util_strcasecmp INTutil_strcasecmp
#define strcasecmp INTutil_strcasecmp
--- dbtbase.h DELETED ---
15 years, 10 months
[Fedora-directory-commits] adminserver/include i18n.h,1.6,1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/include
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6632/adminserver/include
Modified Files:
i18n.h
Log Message:
removing dead code
Index: i18n.h
===================================================================
RCS file: /cvs/dirsec/adminserver/include/i18n.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- i18n.h 9 May 2007 00:26:35 -0000 1.6
+++ i18n.h 14 Jul 2008 20:34:41 -0000 1.7
@@ -26,34 +26,6 @@
#include "base/systems.h"
#include "libadminutil/resource.h"
-typedef res_RESOURCE_TABLE RESOURCE_TABLE;
-typedef res_RESOURCE_GLOBAL RESOURCE_GLOBAL;
-
-/*******************************************************************************/
-
-/*
- * In accordance with the recommendations in the
- * "Fedora Coding Standard for Server Internationalization",
- * the following aliases are defined for fprintf, et al., and
- * these aliases should be used to clearly indicate the intended
- * destination for output.
- */
-
-#define AdminFprintf fprintf
-#define DebugFprintf fprintf
-
-#define ClientSprintf sprintf
-#define AdminSprintf sprintf
-#define DebugSprintf sprintf
-
-#define ClientFputs fputs
-#define AdminFputs fputs
-#define DebugFputs fputs
-
-/* more #define, as needed */
-
-/*******************************************************************************/
-
/*
* Function prototypes for application and libraries
*/
@@ -64,16 +36,6 @@
{
#endif
-/***************************/
-/* XP_InitStringDatabase() */
-/***************************/
-
-NSAPI_PUBLIC
-void
-XP_InitStringDatabase(char* pathCWD, char* databaseName);
-
-/* Initialize the resource string database */
-
/******************************/
/* XP_GetStringFromDatabase() */
/******************************/
@@ -84,125 +46,10 @@
char* strLanguage,
int iToken);
-/* Given the LibraryName, Language and Token, extracts the string corresponding
- to that library and token from the database in the language requested and
- returns a pointer to the string. Note: Use the macros XP_GetClientStr() and
- XP_GetAdminStr() defined below to simplify source code. */
-
-/*****************/
-/* SetLanguage() */
-/*****************/
-enum
-{
- CLIENT_LANGUAGE,
- ADMIN_LANGUAGE,
- DEFAULT_LANGUAGE
-};
-
-NSAPI_PUBLIC
-extern void
-SetLanguage(int type, char *language);
-
-/* Set language for Client, Admin and Default, XP_GetStringFromDatabase will
- base on the setting to retrieve correct string for specific language */
-
-/***********************/
-/* GetClientLanguage() */
-/***********************/
-
-NSAPI_PUBLIC
-extern char*
-GetClientLanguage(void);
-
-/* Returns a pointer to a string with the name of the language requested by
- the current client; intended to be passed to XP_GetStringFromDatabase()
- and used by the front end macro XP_GetClientStr(). */
-
-/**********************/
-/* GetAdminLanguage() */
-/**********************/
-
-NSAPI_PUBLIC
-extern char*
-GetAdminLanguage(void);
-
-/* Returns a pointer to a string with the name of the language requested by
- the administrator; intended to be passed to XP_GetStringFromDatabase()
- and used by the front end macro XP_GetAdminStr(). */
-
-/************************/
-/* GetDefaultLanguage() */
-/************************/
-
-NSAPI_PUBLIC
-extern char*
-GetDefaultLanguage(void);
-
-/* Returns a pointer to a string with the name of the default language
- for the installation from the configuration file. */
-
-/************************/
-/* GetFileForLanguage() */
-/************************/
-
-NSAPI_PUBLIC
-int
-GetFileForLanguage(char* filepath,char* language,char* existingFilepath, size_t existingSize);
-
-/* Looks for a file in the appropriate language.
-
- Input: filePath,language
- filePath is of the form "/xxx/xxx/$$LANGDIR/xxx/xxx/filename"
- or of the form "/xxx/xxx/xxx/xxx/filename".
- filename may or may not have an extension.
- language is an Accept-Language list; each language-range will be
- tried as a subdirectory name and possibly as a filename modifier.
- "*" is ignored - default always provided if needed.
- "-" is replaced by "_".
- $$LANGDIR is a special string replaced by language. It is optional.
- For the default case, $$LANGDIR/ is replaced by nothing
- (so // is not created).
-
- Returned: existingPath
- existingFilePath is the path of a satisfactory, existing file.
- if no file is found, an empty string "" is returned.
-
- int returned: -1 if no file found (existingFilePath = "")
- 0 if default file is returned
- 1 if language file is returned (any in list) */
-
-/********************/
-/* XP_AccLangList() */
-/********************/
-
-#define MAX_ACCEPT_LANGUAGE 16
-#define MAX_ACCEPT_LENGTH 18
-
-NSAPI_PUBLIC
-int
-XP_AccLangList(char* AcceptLanguage,
- ACCEPT_LANGUAGE_LIST AcceptLanguageList);
-
#ifdef __cplusplus
}
#endif
-
-/*******************************************************************************/
-
-/*
- * Function prototypes for building string database
- */
-
-extern int XP_MakeStringDatabase(void);
-
-/* Used to create the string database at build time; not used by the application
- itself. Returns 0 is successful. */
-
-extern void XP_PrintStringDatabase(void);
-
-/* DEBUG: Prints out entire string database to standard output. */
-
/*******************************************************************************/
/*
@@ -210,11 +57,6 @@
* (need one argument instead of three)
*/
-#define XP_GetClientStr(DBTTokenName) \
- XP_GetStringFromDatabase(LIBRARY_NAME, \
- GetClientLanguage(), \
- DBTTokenName)
-
#define XP_GetAdminStr(DBTTokenName) \
XP_GetStringFromDatabase(LIBRARY_NAME, \
"en", \
@@ -222,37 +64,4 @@
/*******************************************************************************/
-
-/*******************************************************************************/
-
-/*
- * Define the ResDef macro to simplify the maintenance of strings which are to
- * be added to the library or application header file (dbtxxx.h). This enables
- * source code to refer to the strings by theit TokenNames, and allows the
- * strings to be stored in the database.
- *
- * Usage: ResDef(TokenName,TokenValue,String)
- *
- * Example: ResDef(DBT_HelloWorld_, \
- * 1,"Hello, World!")
- * ResDef(DBT_TheCowJumpedOverTheMoon_, \
- * 2,"The cow jumped over the moon.")
- * ResDef(DBT_TheValueOfPiIsAbout31415926536_, \
- * 3,"The value of PI is about 3.1415926536."
- *
- * RESOURCE_STR is used by makstrdb.c only. It is not used by getstrdb.c or
- * in library or application source code.
- */
-
-#if 0
-#define BEGIN_STR(argLibraryName) \
- enum {
-#define ResDef(argToken,argID,argString) \
- argToken = argID,
-#define END_STR(argLibraryName) \
- argLibraryName ## top };
-
-#endif
-/*******************************************************************************/
-
#endif
15 years, 10 months
[Fedora-directory-commits] adminserver/admserv/cgi-src40 ds_remove.in, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5436/adminserver/admserv/cgi-src40
Modified Files:
ds_remove.in
Log Message:
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: Added -f (force) flag to ds_removal. The -f (force) flag tells ds_removal to ignore errors and attempt to remove as much as possible. This is only suggested to be used if ds_removal without the -f flag fails, and you really, really want to remove the ds.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
Index: ds_remove.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/ds_remove.in,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ds_remove.in 7 Aug 2007 23:30:01 -0000 1.6
+++ ds_remove.in 14 Jul 2008 20:27:02 -0000 1.7
@@ -136,6 +136,7 @@
$ENV{REQUEST_METHOD} = "GET";
$ENV{QUERY_STRING} = $query->query_string();
+my $force = $query->param('force');
my $instname = $query->param('InstanceName');
my ($slapd, $inst) = split(/-/, $instname, 2);
my $configdir = "@instconfigdir@/slapd-$inst";
@@ -189,7 +190,7 @@
# must get admin password from input (PASSWORD_PIPE?)
# get admin domain
# config ds info
-if (!unregisterDSWithConfigDS($inst, \@errs, $inf))
+if (!unregisterDSWithConfigDS($inst, \@errs, $inf) && !$force)
{
print "Content-type: text/plain\n\n";
print "NMC_ErrInfo: ", $res->getText(@errs), "\n";
@@ -229,7 +230,7 @@
print STDERR "Warning: Could not stop directory server: $output\n";
}
$instdir = $path; # need to use it later...
- } else {
+ } elsif (!$force) {
print "Content-type: text/plain\n\n";
print "NMC_ErrInfo: The program $prog does not exist\n";
print "NMC_Status: 1\n";
15 years, 10 months
[Fedora-directory-commits] adminserver/admserv/cfgstuff ds_removal.in, 1.1, 1.2
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/cfgstuff
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5436/adminserver/admserv/cfgstuff
Modified Files:
ds_removal.in
Log Message:
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: Added -f (force) flag to ds_removal. The -f (force) flag tells ds_removal to ignore errors and attempt to remove as much as possible. This is only suggested to be used if ds_removal without the -f flag fails, and you really, really want to remove the ds.
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
Index: ds_removal.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cfgstuff/ds_removal.in,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- ds_removal.in 27 Jul 2007 01:35:28 -0000 1.1
+++ ds_removal.in 14 Jul 2008 20:27:02 -0000 1.2
@@ -39,9 +39,10 @@
Usage()
{
- echo "Usage: $0 -s server_id -w admin_password"
+ echo "Usage: $0 [-f] -s server_id -w admin_password"
echo " server_id: Directory server identifier; slapd-<server_id>"
echo " admin_password: Administration user password"
+ echo " -f - force - optional - ignore errors and force removal of as much as possible"
}
err0=""
@@ -49,6 +50,7 @@
err2=""
server_id=""
admin_pw=""
+forceflag=
while [ "$1" != "" ]
do
@@ -58,6 +60,8 @@
elif [ "$1" = "-w" ]; then
shift
admin_pw=$1
+ elif [ "$1" = "-f" ]; then
+ forceflag=1
elif [ "$1" = "-h" -o "$1" = "-H" -o "$1" = "--help" ]; then
Usage
exit 0
@@ -83,7 +87,7 @@
fi
PASSWORD_PIPE=STDIN; export PASSWORD_PIPE
-QUERY_STRING="InstanceName=slapd-${server_id}"; export QUERY_STRING
+QUERY_STRING="InstanceName=slapd-${server_id}&force=$forceflag"; export QUERY_STRING
SERVER_NAMES=slapd-${server_id}; export SERVER_NAMES
REQUEST_METHOD=GET; export REQUEST_METHOD
15 years, 10 months
[Fedora-directory-commits] mod_nss nss_engine_init.c,1.32,1.33
by Doctor Conrad
Author: rcritten
Update of /cvs/dirsec/mod_nss
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5196
Modified Files:
nss_engine_init.c
Log Message:
Don't inherit the MP cache when running in threaded mode
Don't initialize the database if the SSL is disabled in the configuration
454701
Index: nss_engine_init.c
===================================================================
RCS file: /cvs/dirsec/mod_nss/nss_engine_init.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- nss_engine_init.c 16 May 2008 15:16:02 -0000 1.32
+++ nss_engine_init.c 14 Jul 2008 20:25:53 -0000 1.33
@@ -1084,13 +1084,44 @@
SSLModConfigRec *mc = myModConfig(base_server);
SSLSrvConfigRec *sc;
server_rec *s;
+ int threaded = 0;
+ int sslenabled = FALSE;
mc->pid = getpid(); /* only call getpid() once per-process */
- if (SSL_InheritMPServerSIDCache(NULL) != SECSuccess) {
- ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
- "SSL_InheritMPServerSIDCache failed");
- nss_log_nss_error(APLOG_MARK, APLOG_ERR, NULL);
+ /*
+ * First, see if ssl is enabled at all
+ */
+ for (s = base_server; s; s = s->next) {
+ sc = mySrvConfig(s);
+ /* If any servers have SSL, we want sslenabled set so we
+ * can perform further initialization
+ */
+
+ if (sc->enabled == UNSET) {
+ sc->enabled = FALSE;
+ }
+
+ if (sc->proxy_enabled == UNSET) {
+ sc->proxy_enabled = FALSE;
+ }
+
+ if ((sc->enabled == TRUE) || (sc->proxy_enabled == TRUE)) {
+ sslenabled = TRUE;
+ }
+ }
+
+ if (sslenabled == FALSE) { /* we are not an SSL/TLS server */
+ return;
+ }
+
+ ap_mpm_query(AP_MPMQ_MAX_THREADS, &threaded);
+ if (!threaded) {
+ if (SSL_InheritMPServerSIDCache(NULL) != SECSuccess) {
+ ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL,
+ "SSL_InheritMPServerSIDCache failed");
+ nss_log_nss_error(APLOG_MARK, APLOG_ERR, NULL);
+ }
}
nss_init_SSLLibrary(base_server);
15 years, 10 months
[Fedora-directory-commits] adminserver/admserv/newinst/src AdminServer.pm.in, 1.12.2.1, 1.12.2.2
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/newinst/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3405/adminserver/admserv/newinst/src
Modified Files:
Tag: Directory_Server_8_0_Branch
AdminServer.pm.in
Log Message:
Reviewed by: nkinder (Thanks!)
Branch: Directory_Server_8_0_Branch
Fix Description: I changed security to get the security file directory for the directory server from cn=config from that directory server. Unfortunately, I didn't take into consideration that the CGI might have to use LDAPS to connect. If you have checked the Use SSL for Console button in the console when configuring that directory server for SSL, the CGIs will attempt to use LDAPS. In this case, there were several problems:
1) NSS was not initialized - need to use the admin server key/cert db to talk LDAPS to the directory server
2) When I did do the NSS init, it failed because the admin server key/cert db did not exist, and the directory was not writable.
3) I needed to shutdown NSS so that the key/cert db for the directory server itself could be opened in order to get its contents
The consequences of this are that now, when you attempt to use NSS for the first time, if the key/cert databases do not exist, they will be created empty. If the user sets up the directory server for SSL, and tells the console to use SSL with this directory server, the user will have to install the CA certificate in the admin server key/cert db, so that the console and admin CGIs can talk to that directory server using LDAPS.
I changed all of the admin server CGIs to properly initialize NSS in case they too needed to speak LDAPS for some reason. I also cleaned up several compiler warnings in the admin server CGIs.
I believe this is also the same problem as https://bugzilla.redhat.com/show_bug.cgi?id=430499
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
QA impact: Will need to test various console interactions with SSL with admin server and directory server.
New Tests integrated into TET: none
Index: AdminServer.pm.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/AdminServer.pm.in,v
retrieving revision 1.12.2.1
retrieving revision 1.12.2.2
diff -u -r1.12.2.1 -r1.12.2.2
--- AdminServer.pm.in 14 Jul 2008 19:30:16 -0000 1.12.2.1
+++ AdminServer.pm.in 14 Jul 2008 20:14:16 -0000 1.12.2.2
@@ -66,6 +66,15 @@
my $admConf = getAdmConf($configdir);
my $uid = getpwnam $admConf->{sysuser};
+ # chown the config directory
+ $! = 0; # clear errno
+ chown $uid, -1, $configdir;
+ if ($!) {
+ $setup->msg($FATAL, 'error_chowning_file', $configdir,
+ $admConf->{sysuser}, $!);
+ return 0;
+ }
+
# chown and chmod other files appropriately
for (glob("$configdir/*")) {
# these are owned by root
15 years, 10 months
[Fedora-directory-commits] adminserver/admserv/cgi-src40 config.c, 1.14, 1.14.2.1 getport.c, 1.6, 1.6.2.1 htmladmin.c, 1.9, 1.9.2.1 migrateConfig.c, 1.7, 1.7.2.1 restartsrv.c, 1.8, 1.8.2.1 sec-activate.c, 1.10, 1.10.2.1 security.c, 1.14, 1.14.2.1 setport.c, 1.6, 1.6.2.1 statpingserv.c, 1.6, 1.6.2.1 ugdsconfig.c, 1.10, 1.10.2.1 viewdata.c, 1.8, 1.8.2.1 viewlog.c, 1.10, 1.10.2.1
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3405/adminserver/admserv/cgi-src40
Modified Files:
Tag: Directory_Server_8_0_Branch
config.c getport.c htmladmin.c migrateConfig.c restartsrv.c
sec-activate.c security.c setport.c statpingserv.c
ugdsconfig.c viewdata.c viewlog.c
Log Message:
Reviewed by: nkinder (Thanks!)
Branch: Directory_Server_8_0_Branch
Fix Description: I changed security to get the security file directory for the directory server from cn=config from that directory server. Unfortunately, I didn't take into consideration that the CGI might have to use LDAPS to connect. If you have checked the Use SSL for Console button in the console when configuring that directory server for SSL, the CGIs will attempt to use LDAPS. In this case, there were several problems:
1) NSS was not initialized - need to use the admin server key/cert db to talk LDAPS to the directory server
2) When I did do the NSS init, it failed because the admin server key/cert db did not exist, and the directory was not writable.
3) I needed to shutdown NSS so that the key/cert db for the directory server itself could be opened in order to get its contents
The consequences of this are that now, when you attempt to use NSS for the first time, if the key/cert databases do not exist, they will be created empty. If the user sets up the directory server for SSL, and tells the console to use SSL with this directory server, the user will have to install the CA certificate in the admin server key/cert db, so that the console and admin CGIs can talk to that directory server using LDAPS.
I changed all of the admin server CGIs to properly initialize NSS in case they too needed to speak LDAPS for some reason. I also cleaned up several compiler warnings in the admin server CGIs.
I believe this is also the same problem as https://bugzilla.redhat.com/show_bug.cgi?id=430499
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
QA impact: Will need to test various console interactions with SSL with admin server and directory server.
New Tests integrated into TET: none
Index: config.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/config.c,v
retrieving revision 1.14
retrieving revision 1.14.2.1
diff -u -r1.14 -r1.14.2.1
--- config.c 15 Nov 2007 17:32:22 -0000 1.14
+++ config.c 14 Jul 2008 20:14:16 -0000 1.14.2.1
@@ -148,8 +148,6 @@
char *localAdmin = 0;
char *binddn = 0;
char *bindpw = 0;
- char *newValue = 0;
- char *portVal = 0;
char **inputs = 0;
char *operation = 0;
char *qs = 0;
@@ -263,7 +261,7 @@
adminfo = admldapBuildInfo(configdir, &rv);
- errorCode = ADMSSL_InitSimple(configdir, secdir, 0);
+ errorCode = ADMSSL_InitSimple(configdir, secdir, 1);
if (errorCode) {
if (i18nResource)
rpt_err(APP_ERROR,
@@ -402,7 +400,7 @@
if (resultList) {
nvl = resultList;
- while (nv = *nvl++) {
+ while ((nv = *nvl++)) {
fprintf(stdout, "%s: %s\n",
nv->attrName,
nv->attrVal ? (nv->attrVal[0] ? nv->attrVal[0] : "") : "");
@@ -697,6 +695,7 @@
if (addList) deleteAttributeList(addList);
psetDelete(pset);
+ return 1;
}
@@ -870,6 +869,7 @@
else return 0;
+ return -1;
}
#endif
@@ -1055,7 +1055,7 @@
pr_st = PR_GetHostByName(systemInfo, buf, PR_NETDB_BUF_SIZE, &hostentry);
index = 0;
- while (index = PR_EnumerateHostEnt(index, &hostentry, 8000, &netaddr1)) {
+ while ((index = PR_EnumerateHostEnt(index, &hostentry, 8000, &netaddr1))) {
if (netaddr1.inet.ip == netaddr.inet.ip) return 1;
}
Index: getport.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/getport.c,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- getport.c 11 May 2007 19:44:05 -0000 1.6
+++ getport.c 14 Jul 2008 20:14:16 -0000 1.6.2.1
@@ -85,7 +85,7 @@
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
/* Initialize the pset */
- rv = ADMSSL_InitSimple(configdir, secdir);
+ rv = ADMSSL_InitSimple(configdir, secdir, 1);
if (rv) {
rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
Index: htmladmin.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/htmladmin.c,v
retrieving revision 1.9
retrieving revision 1.9.2.1
diff -u -r1.9 -r1.9.2.1
--- htmladmin.c 11 May 2007 19:44:05 -0000 1.9
+++ htmladmin.c 14 Jul 2008 20:14:16 -0000 1.9.2.1
@@ -325,7 +325,7 @@
if(!ldapInfo)
exit(0);
- rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0);
+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1);
if(rv)
exit(0);
@@ -481,8 +481,6 @@
LDAPMessage *entry;
int ldapError;
- char *security = NULL;
-
char **vals;
char sie_conf[BIG_LINE];
@@ -810,7 +808,7 @@
char *endptr = NULL;
int rate = 300;
- if (val = admldapGetExpressRefreshRate(admInfo)) {
+ if ((val = admldapGetExpressRefreshRate(admInfo))) {
rate = strtol(val, &endptr, 10);
PL_strfree(val);
}
@@ -826,7 +824,7 @@
char *val = NULL;
int rate = 60;
- if (val = admldapGetExpressCGITimeout(admInfo)) {
+ if ((val = admldapGetExpressCGITimeout(admInfo))) {
rate = strtol(val, &endptr, 10);
PL_strfree(val);
}
@@ -1044,7 +1042,7 @@
img = strdup("oldservic.gif");
}
- if(vals2 = ldap_get_values(server, isie_entry, ISIE_PRODVER_ATTR)) {
+ if((vals2 = ldap_get_values(server, isie_entry, ISIE_PRODVER_ATTR))) {
version = (char *)malloc(4+strlen(vals2[0]));
sprintf(version, " %s", vals2[0]);
}
Index: migrateConfig.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/migrateConfig.c,v
retrieving revision 1.7
retrieving revision 1.7.2.1
diff -u -r1.7 -r1.7.2.1
--- migrateConfig.c 11 May 2007 19:44:05 -0000 1.7
+++ migrateConfig.c 14 Jul 2008 20:14:16 -0000 1.7.2.1
@@ -228,7 +228,7 @@
}
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
- rv = ADMSSL_InitSimple(configdir, secdir);
+ rv = ADMSSL_InitSimple(configdir, secdir, 1);
if (rv) {
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
Index: restartsrv.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/restartsrv.c,v
retrieving revision 1.8
retrieving revision 1.8.2.1
diff -u -r1.8 -r1.8.2.1
--- restartsrv.c 15 May 2007 16:45:45 -0000 1.8
+++ restartsrv.c 14 Jul 2008 20:14:16 -0000 1.8.2.1
@@ -295,7 +295,6 @@
static char buf[BIG_LINE];
char * p = NULL;
const char *configdir = util_get_conf_dir();
- const char *logdir = util_get_log_dir();
const char *piddir = util_get_pid_dir();
util_find_file_in_paths(filename, sizeof(filename), "console.conf", configdir, "", "admin-serv/config");
Index: sec-activate.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/sec-activate.c,v
retrieving revision 1.10
retrieving revision 1.10.2.1
diff -u -r1.10 -r1.10.2.1
--- sec-activate.c 6 Jul 2007 18:06:19 -0000 1.10
+++ sec-activate.c 14 Jul 2008 20:14:16 -0000 1.10.2.1
@@ -491,7 +491,6 @@
char error_info[BIG_LINE];
AdmldapInfo ldapInfo = NULL;
char *lang;
- char line[BIG_LINE];
memset((void *)errp, 0, sizeof(int));
method = getenv("REQUEST_METHOD");
Index: security.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v
retrieving revision 1.14
retrieving revision 1.14.2.1
diff -u -r1.14 -r1.14.2.1
--- security.c 27 Nov 2007 16:55:49 -0000 1.14
+++ security.c 14 Jul 2008 20:14:16 -0000 1.14.2.1
@@ -54,6 +54,7 @@
#include "libadminutil/admutil.h"
#include "libadminutil/distadm.h"
#include "libadminutil/resource.h"
+#include "libadmsslutil/admsslutil.h"
#include "libadmsslutil/certmgt.h"
#include "libadmsslutil/psetcssl.h"
@@ -225,6 +226,7 @@
static void closeAllSecurityDB() {
/* close all db */
+ SSL_ClearSessionCache();
NSS_Shutdown();
}
@@ -725,7 +727,7 @@
if (entry != NULL) {
fprintf(stdout, "\t<ENTRY%d>\n", x);
- fprintf(stdout, "\t\t<SERIAL_NUMBER>%d</SERIAL_NUMBER>\n", Hexify(&entry->serialNumber));
+ fprintf(stdout, "\t\t<SERIAL_NUMBER>%s</SERIAL_NUMBER>\n", processNullString(Hexify(&entry->serialNumber)));
fprintf(stdout, "\t\t<REVOKE_DATE>%s</REVOKE_DATE>\n",DER_UTCTimeToAscii(&entry->revocationDate));
fprintf(stdout, "\t</ENTRY%d>\n", x);
x++;
@@ -837,22 +839,22 @@
return;
}
- internal_slot = PK11_GetInternalKeySlot();
- if (!internal_slot) {
- errorRpt(GENERAL_FAILURE, getResourceString(DBT_INIT_FAIL));
- return;
+ if (PK11_IsInternal(slot)) {
+ internal_slot = slot;
+ } else {
+ internal_slot = PK11_GetInternalKeySlot();
+ if (!internal_slot) {
+ errorRpt(GENERAL_FAILURE, getResourceString(DBT_INIT_FAIL));
+ return;
+ }
}
internalTokenName = PK11_GetTokenName(internal_slot);
- {
- PK11SlotInfo *slot = PK11_GetInternalKeySlot();
-
- if (PK11_NeedUserInit(slot) == PR_TRUE) {
- fprintf(stdout, "<NEEDINIT_INTERNAL>TRUE</NEEDINIT_INTERNAL>\n");
- } else {
- fprintf(stdout, "<NEEDINIT_INTERNAL>FALSE</NEEDINIT_INTERNAL>\n");
- }
+ if (PK11_NeedUserInit(internal_slot) == PR_TRUE) {
+ fprintf(stdout, "<NEEDINIT_INTERNAL>TRUE</NEEDINIT_INTERNAL>\n");
+ } else {
+ fprintf(stdout, "<NEEDINIT_INTERNAL>FALSE</NEEDINIT_INTERNAL>\n");
}
certList = PK11_ListCerts(PK11CertListUnique, NULL);
@@ -884,11 +886,18 @@
printCert(cln->cert, /*showDetail=*/PR_FALSE, NULL);
}
}
+ CERT_DestroyCertList(certList);
if (PK11_IsInternal(slot)) {
showCRL(certdb, SEC_CRL_TYPE);
showCRL(certdb, SEC_KRL_TYPE);
}
+
+ if (slot != internal_slot) {
+ PK11_FreeSlot(internal_slot);
+ }
+ PK11_FreeSlot(slot);
+
}
/*
@@ -1511,7 +1520,6 @@
FILE *f;
PR_snprintf(full_path, sizeof(full_path), "%s%c%s", secdir, FILE_PATHSEP, filename);
- form_unescape(full_path);
if( !(f = fopen(full_path, "rb")) ) {
PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), full_path);
@@ -1764,9 +1772,6 @@
PK11SlotList* slotList;
PK11SlotListElement *slot;
- /* Mechanism to be used to get all the tokens in PK11_GetAllTokens */
- CK_MECHANISM_TYPE all = CKM_INVALID_MECHANISM;
-
slotList = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_FALSE, NULL);
fprintf(stdout, "<TOKENINFO>\n");
@@ -1956,13 +1961,13 @@
/* cgi env setup */
int _ai = ADMUTIL_Init();
char * m = getenv("REQUEST_METHOD");
- char * qs = 0;
char *securitydir = NULL; /* looked up via sie */
char msg[BIG_LINE];
AdmldapInfo ldapInfo; /* our config */
int rc = 0;
char *sie;
char *configdir = util_get_conf_dir();
+ const char *secdir = util_get_security_dir();
#if 0
CGI_Debug("security");
@@ -1998,6 +2003,10 @@
errorRpt(FILE_ERROR, line);
}
+ if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) {
+ errorRpt(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR));
+ }
+
securitydir = getSecurityDir(ldapInfo, sie);
{
@@ -2021,6 +2030,9 @@
}
/* we got here, we think sie is a valid prefix */
+ /* close all db - we may have had to open the admin server key/cert db
+ in order to use LDAPS before - now have to shut down NSS and reinit */
+ closeAllSecurityDB();
securityInitialization(securitydir);
if (!PORT_Strcmp(operation, "LIST_CERTIFICATE")) {
Index: setport.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/setport.c,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- setport.c 11 May 2007 19:44:05 -0000 1.6
+++ setport.c 14 Jul 2008 20:14:16 -0000 1.6.2.1
@@ -114,7 +114,7 @@
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
- rv = ADMSSL_InitSimple(configdir, secdir);
+ rv = ADMSSL_InitSimple(configdir, secdir, 1);
if (rv) {
rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
Index: statpingserv.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/statpingserv.c,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -u -r1.6 -r1.6.2.1
--- statpingserv.c 9 May 2007 00:26:30 -0000 1.6
+++ statpingserv.c 14 Jul 2008 20:14:16 -0000 1.6.2.1
@@ -74,8 +74,6 @@
int port;
PRFileDesc *gif;
- int character;
- int count=0;
char *file;
char *portstr;
struct PRFileInfo64 prfileinfo;
Index: ugdsconfig.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/ugdsconfig.c,v
retrieving revision 1.10
retrieving revision 1.10.2.1
diff -u -r1.10 -r1.10.2.1
--- ugdsconfig.c 18 Dec 2007 19:55:23 -0000 1.10
+++ ugdsconfig.c 14 Jul 2008 20:14:16 -0000 1.10.2.1
@@ -236,7 +236,7 @@
AdmldapInfo adminfo;
int rc;
- if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0)) {
+ if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1)) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_ADMSSL_INIT_FAILED,"Cannot initialize SSL"), NULL, NULL);
return NULL;
}
Index: viewdata.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewdata.c,v
retrieving revision 1.8
retrieving revision 1.8.2.1
diff -u -r1.8 -r1.8.2.1
--- viewdata.c 11 May 2007 19:44:05 -0000 1.8
+++ viewdata.c 14 Jul 2008 20:14:16 -0000 1.8.2.1
@@ -113,7 +113,7 @@
if(!ldapInfo)
exit(0);
- rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0);
+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1);
if(rv)
exit(0);
@@ -261,11 +261,11 @@
}
PR_smprintf_free(dn);
- if(vals = ldap_get_values(server, entry, "nshtmladminproducturl")) {
+ if((vals = ldap_get_values(server, entry, "nshtmladminproducturl"))) {
*url = strdup(vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nshtmladminproducttext")) {
+ if((vals = ldap_get_values(server, entry, "nshtmladminproducttext"))) {
*text = strdup(vals[0]);
ldap_value_free(vals);
}
@@ -292,13 +292,13 @@
return;
- if(vals = ldap_get_values(server, entry, "serverproductname")) {
+ if((vals = ldap_get_values(server, entry, "serverproductname"))) {
fprintf(stdout,(const char*)getResourceString(DBT_OUTPUT_DATA_SERVER_PRODUCT_NAME), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "installationtimestamp")) {
+ if((vals = ldap_get_values(server, entry, "installationtimestamp"))) {
struct tm tm;
char buf[BIG_LINE];
@@ -323,7 +323,7 @@
}
- if(vals = ldap_get_values(server, entry, "serverroot")) {
+ if((vals = ldap_get_values(server, entry, "serverroot"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_SERVER_ROOT), vals[0]);
ldap_value_free(vals);
}
@@ -358,37 +358,37 @@
"(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS)
return;
- if(vals = ldap_get_values(server, entry, "nsproductname")) {
+ if((vals = ldap_get_values(server, entry, "nsproductname"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_PRODUCT_NAME), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsvendor")) {
+ if((vals = ldap_get_values(server, entry, "nsvendor"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_VENDOR), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsproductversion")) {
+ if((vals = ldap_get_values(server, entry, "nsproductversion"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_PRODUCT_VERSION), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsbuildnumber")) {
+ if((vals = ldap_get_values(server, entry, "nsbuildnumber"))) {
fprintf(stdout,(const char*)getResourceString(DBT_OUTPUT_DATA_BUILD_NUMBER), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsbuildsecurity")) {
+ if((vals = ldap_get_values(server, entry, "nsbuildsecurity"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_BUILD_SECURITY), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsrevisionnumber")) {
+ if((vals = ldap_get_values(server, entry, "nsrevisionnumber"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_REVISION_NUMBER), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "description")) {
+ if((vals = ldap_get_values(server, entry, "description"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_DESCRIPTION), vals[0]);
ldap_value_free(vals);
}
@@ -403,12 +403,6 @@
char line[BIG_LINE];
FILE *html = open_html_file(MY_PAGE);
char *sie = NULL;
-
- char *request;
- int errorcode;
- PRFileDesc *sockd;
- bufstruct *nbuf;
-
char *binddn, *bindpw;
LDAP *server;
LDAPMessage *entry;
@@ -453,7 +447,7 @@
"(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS)
continue;
- if(vals = ldap_get_values(server, entry, "nsserverid")) {
+ if((vals = ldap_get_values(server, entry, "nsserverid"))) {
fprintf(stdout, (const char*)getResourceString(DBT_MAIN_SERVER_ID), vals[0]);
ldap_value_free(vals);
}
Index: viewlog.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewlog.c,v
retrieving revision 1.10
retrieving revision 1.10.2.1
diff -u -r1.10 -r1.10.2.1
--- viewlog.c 31 Oct 2007 05:30:53 -0000 1.10
+++ viewlog.c 14 Jul 2008 20:14:16 -0000 1.10.2.1
@@ -156,7 +156,6 @@
void display_logfiles(char *logdir, char *default_logfile)
{
int x;
- int cnt=0;
char *seps = "/";
char *token;
char *curlog = NULL;
@@ -289,7 +288,6 @@
char *file;
char *logdir = NULL;
char *id;
- char **logfiles = NULL;
char tmp[BIG_LINE];
int x;
int print_html = 1;
@@ -353,6 +351,11 @@
configdir ? configdir : "(null)", rc);
rpt_err(APP_ERROR, line, NULL, NULL);
} else {
+ const char *secdir = util_get_security_dir();
+ if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) {
+ rpt_err(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR), NULL, NULL);
+ }
+
logdir = getLogDir(ldapInfo, id);
if(!logdir) {
PR_snprintf(msg, sizeof(msg),
@@ -407,7 +410,6 @@
}
PR_snprintf(full_path, sizeof(full_path), "%s%c%s", logdir, FILE_PATHSEP, file);
- form_unescape(full_path); /* bug 27409, 31807 */
cmd = fopen(full_path, "r");
fprintf(stdout, getResourceString(DBT_MAIN_WIDTH));
PR_snprintf(tmp, sizeof(tmp), getResourceString(DBT_SUBTITLE), num, file, (str)? getResourceString(DBT_WITH) : "",
@@ -435,7 +437,6 @@
if (file || *file || util_is_valid_path_string(file) ||
util_verify_file_or_dir(logdir, PR_FILE_DIRECTORY, file, -1, PR_FILE_FILE)) {
PR_snprintf(full_path, sizeof(full_path), "%s%c%s", logdir, FILE_PATHSEP, file);
- form_unescape(full_path); /* bug 27409, 31807 */
cmd = fopen(full_path, "r");
/* begin search */
15 years, 10 months
[Fedora-directory-commits] adminserver/admserv/cgi-src40 config.c, 1.14, 1.15 getport.c, 1.6, 1.7 htmladmin.c, 1.9, 1.10 migrateConfig.c, 1.7, 1.8 restartsrv.c, 1.8, 1.9 sec-activate.c, 1.10, 1.11 security.c, 1.14, 1.15 setport.c, 1.6, 1.7 statpingserv.c, 1.6, 1.7 ugdsconfig.c, 1.10, 1.11 viewdata.c, 1.8, 1.9 viewlog.c, 1.10, 1.11
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv26918/adminserver/admserv/cgi-src40
Modified Files:
config.c getport.c htmladmin.c migrateConfig.c restartsrv.c
sec-activate.c security.c setport.c statpingserv.c
ugdsconfig.c viewdata.c viewlog.c
Log Message:
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: I changed security to get the security file directory for the directory server from cn=config from that directory server. Unfortunately, I didn't take into consideration that the CGI might have to use LDAPS to connect. If you have checked the Use SSL for Console button in the console when configuring that directory server for SSL, the CGIs will attempt to use LDAPS. In this case, there were several problems:
1) NSS was not initialized - need to use the admin server key/cert db to talk LDAPS to the directory server
2) When I did do the NSS init, it failed because the admin server key/cert db did not exist, and the directory was not writable.
3) I needed to shutdown NSS so that the key/cert db for the directory server itself could be opened in order to get its contents
The consequences of this are that now, when you attempt to use NSS for the first time, if the key/cert databases do not exist, they will be created empty. If the user sets up the directory server for SSL, and tells the console to use SSL with this directory server, the user will have to install the CA certificate in the admin server key/cert db, so that the console and admin CGIs can talk to that directory server using LDAPS.
I changed all of the admin server CGIs to properly initialize NSS in case they too needed to speak LDAPS for some reason. I also cleaned up several compiler warnings in the admin server CGIs.
I believe this is also the same problem as https://bugzilla.redhat.com/show_bug.cgi?id=430499
Platforms tested: RHEL5, Fedora 8, Fedora 9
Flag Day: no
Doc impact: no
QA impact: Will need to test various console interactions with SSL with admin server and directory server.
New Tests integrated into TET: none
Index: config.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/config.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- config.c 15 Nov 2007 17:32:22 -0000 1.14
+++ config.c 14 Jul 2008 20:00:02 -0000 1.15
@@ -148,8 +148,6 @@
char *localAdmin = 0;
char *binddn = 0;
char *bindpw = 0;
- char *newValue = 0;
- char *portVal = 0;
char **inputs = 0;
char *operation = 0;
char *qs = 0;
@@ -263,7 +261,7 @@
adminfo = admldapBuildInfo(configdir, &rv);
- errorCode = ADMSSL_InitSimple(configdir, secdir, 0);
+ errorCode = ADMSSL_InitSimple(configdir, secdir, 1);
if (errorCode) {
if (i18nResource)
rpt_err(APP_ERROR,
@@ -402,7 +400,7 @@
if (resultList) {
nvl = resultList;
- while (nv = *nvl++) {
+ while ((nv = *nvl++)) {
fprintf(stdout, "%s: %s\n",
nv->attrName,
nv->attrVal ? (nv->attrVal[0] ? nv->attrVal[0] : "") : "");
@@ -697,6 +695,7 @@
if (addList) deleteAttributeList(addList);
psetDelete(pset);
+ return 1;
}
@@ -870,6 +869,7 @@
else return 0;
+ return -1;
}
#endif
@@ -1055,7 +1055,7 @@
pr_st = PR_GetHostByName(systemInfo, buf, PR_NETDB_BUF_SIZE, &hostentry);
index = 0;
- while (index = PR_EnumerateHostEnt(index, &hostentry, 8000, &netaddr1)) {
+ while ((index = PR_EnumerateHostEnt(index, &hostentry, 8000, &netaddr1))) {
if (netaddr1.inet.ip == netaddr.inet.ip) return 1;
}
Index: getport.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/getport.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- getport.c 11 May 2007 19:44:05 -0000 1.6
+++ getport.c 14 Jul 2008 20:00:02 -0000 1.7
@@ -85,7 +85,7 @@
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
/* Initialize the pset */
- rv = ADMSSL_InitSimple(configdir, secdir);
+ rv = ADMSSL_InitSimple(configdir, secdir, 1);
if (rv) {
rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
Index: htmladmin.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/htmladmin.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- htmladmin.c 11 May 2007 19:44:05 -0000 1.9
+++ htmladmin.c 14 Jul 2008 20:00:02 -0000 1.10
@@ -325,7 +325,7 @@
if(!ldapInfo)
exit(0);
- rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0);
+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1);
if(rv)
exit(0);
@@ -481,8 +481,6 @@
LDAPMessage *entry;
int ldapError;
- char *security = NULL;
-
char **vals;
char sie_conf[BIG_LINE];
@@ -810,7 +808,7 @@
char *endptr = NULL;
int rate = 300;
- if (val = admldapGetExpressRefreshRate(admInfo)) {
+ if ((val = admldapGetExpressRefreshRate(admInfo))) {
rate = strtol(val, &endptr, 10);
PL_strfree(val);
}
@@ -826,7 +824,7 @@
char *val = NULL;
int rate = 60;
- if (val = admldapGetExpressCGITimeout(admInfo)) {
+ if ((val = admldapGetExpressCGITimeout(admInfo))) {
rate = strtol(val, &endptr, 10);
PL_strfree(val);
}
@@ -1044,7 +1042,7 @@
img = strdup("oldservic.gif");
}
- if(vals2 = ldap_get_values(server, isie_entry, ISIE_PRODVER_ATTR)) {
+ if((vals2 = ldap_get_values(server, isie_entry, ISIE_PRODVER_ATTR))) {
version = (char *)malloc(4+strlen(vals2[0]));
sprintf(version, " %s", vals2[0]);
}
Index: migrateConfig.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/migrateConfig.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- migrateConfig.c 11 May 2007 19:44:05 -0000 1.7
+++ migrateConfig.c 14 Jul 2008 20:00:02 -0000 1.8
@@ -228,7 +228,7 @@
}
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
- rv = ADMSSL_InitSimple(configdir, secdir);
+ rv = ADMSSL_InitSimple(configdir, secdir, 1);
if (rv) {
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
Index: restartsrv.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/restartsrv.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- restartsrv.c 15 May 2007 16:45:45 -0000 1.8
+++ restartsrv.c 14 Jul 2008 20:00:02 -0000 1.9
@@ -295,7 +295,6 @@
static char buf[BIG_LINE];
char * p = NULL;
const char *configdir = util_get_conf_dir();
- const char *logdir = util_get_log_dir();
const char *piddir = util_get_pid_dir();
util_find_file_in_paths(filename, sizeof(filename), "console.conf", configdir, "", "admin-serv/config");
Index: sec-activate.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/sec-activate.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- sec-activate.c 6 Jul 2007 18:06:19 -0000 1.10
+++ sec-activate.c 14 Jul 2008 20:00:02 -0000 1.11
@@ -491,7 +491,6 @@
char error_info[BIG_LINE];
AdmldapInfo ldapInfo = NULL;
char *lang;
- char line[BIG_LINE];
memset((void *)errp, 0, sizeof(int));
method = getenv("REQUEST_METHOD");
Index: security.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- security.c 27 Nov 2007 16:55:49 -0000 1.14
+++ security.c 14 Jul 2008 20:00:02 -0000 1.15
@@ -54,6 +54,7 @@
#include "libadminutil/admutil.h"
#include "libadminutil/distadm.h"
#include "libadminutil/resource.h"
+#include "libadmsslutil/admsslutil.h"
#include "libadmsslutil/certmgt.h"
#include "libadmsslutil/psetcssl.h"
@@ -225,6 +226,7 @@
static void closeAllSecurityDB() {
/* close all db */
+ SSL_ClearSessionCache();
NSS_Shutdown();
}
@@ -725,7 +727,7 @@
if (entry != NULL) {
fprintf(stdout, "\t<ENTRY%d>\n", x);
- fprintf(stdout, "\t\t<SERIAL_NUMBER>%d</SERIAL_NUMBER>\n", Hexify(&entry->serialNumber));
+ fprintf(stdout, "\t\t<SERIAL_NUMBER>%s</SERIAL_NUMBER>\n", processNullString(Hexify(&entry->serialNumber)));
fprintf(stdout, "\t\t<REVOKE_DATE>%s</REVOKE_DATE>\n",DER_UTCTimeToAscii(&entry->revocationDate));
fprintf(stdout, "\t</ENTRY%d>\n", x);
x++;
@@ -837,22 +839,22 @@
return;
}
- internal_slot = PK11_GetInternalKeySlot();
- if (!internal_slot) {
- errorRpt(GENERAL_FAILURE, getResourceString(DBT_INIT_FAIL));
- return;
+ if (PK11_IsInternal(slot)) {
+ internal_slot = slot;
+ } else {
+ internal_slot = PK11_GetInternalKeySlot();
+ if (!internal_slot) {
+ errorRpt(GENERAL_FAILURE, getResourceString(DBT_INIT_FAIL));
+ return;
+ }
}
internalTokenName = PK11_GetTokenName(internal_slot);
- {
- PK11SlotInfo *slot = PK11_GetInternalKeySlot();
-
- if (PK11_NeedUserInit(slot) == PR_TRUE) {
- fprintf(stdout, "<NEEDINIT_INTERNAL>TRUE</NEEDINIT_INTERNAL>\n");
- } else {
- fprintf(stdout, "<NEEDINIT_INTERNAL>FALSE</NEEDINIT_INTERNAL>\n");
- }
+ if (PK11_NeedUserInit(internal_slot) == PR_TRUE) {
+ fprintf(stdout, "<NEEDINIT_INTERNAL>TRUE</NEEDINIT_INTERNAL>\n");
+ } else {
+ fprintf(stdout, "<NEEDINIT_INTERNAL>FALSE</NEEDINIT_INTERNAL>\n");
}
certList = PK11_ListCerts(PK11CertListUnique, NULL);
@@ -884,11 +886,18 @@
printCert(cln->cert, /*showDetail=*/PR_FALSE, NULL);
}
}
+ CERT_DestroyCertList(certList);
if (PK11_IsInternal(slot)) {
showCRL(certdb, SEC_CRL_TYPE);
showCRL(certdb, SEC_KRL_TYPE);
}
+
+ if (slot != internal_slot) {
+ PK11_FreeSlot(internal_slot);
+ }
+ PK11_FreeSlot(slot);
+
}
/*
@@ -1511,7 +1520,6 @@
FILE *f;
PR_snprintf(full_path, sizeof(full_path), "%s%c%s", secdir, FILE_PATHSEP, filename);
- form_unescape(full_path);
if( !(f = fopen(full_path, "rb")) ) {
PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), full_path);
@@ -1764,9 +1772,6 @@
PK11SlotList* slotList;
PK11SlotListElement *slot;
- /* Mechanism to be used to get all the tokens in PK11_GetAllTokens */
- CK_MECHANISM_TYPE all = CKM_INVALID_MECHANISM;
-
slotList = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_FALSE, NULL);
fprintf(stdout, "<TOKENINFO>\n");
@@ -1956,13 +1961,13 @@
/* cgi env setup */
int _ai = ADMUTIL_Init();
char * m = getenv("REQUEST_METHOD");
- char * qs = 0;
char *securitydir = NULL; /* looked up via sie */
char msg[BIG_LINE];
AdmldapInfo ldapInfo; /* our config */
int rc = 0;
char *sie;
char *configdir = util_get_conf_dir();
+ const char *secdir = util_get_security_dir();
#if 0
CGI_Debug("security");
@@ -1998,6 +2003,10 @@
errorRpt(FILE_ERROR, line);
}
+ if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) {
+ errorRpt(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR));
+ }
+
securitydir = getSecurityDir(ldapInfo, sie);
{
@@ -2021,6 +2030,9 @@
}
/* we got here, we think sie is a valid prefix */
+ /* close all db - we may have had to open the admin server key/cert db
+ in order to use LDAPS before - now have to shut down NSS and reinit */
+ closeAllSecurityDB();
securityInitialization(securitydir);
if (!PORT_Strcmp(operation, "LIST_CERTIFICATE")) {
Index: setport.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/setport.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- setport.c 11 May 2007 19:44:05 -0000 1.6
+++ setport.c 14 Jul 2008 20:00:02 -0000 1.7
@@ -114,7 +114,7 @@
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
- rv = ADMSSL_InitSimple(configdir, secdir);
+ rv = ADMSSL_InitSimple(configdir, secdir, 1);
if (rv) {
rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
Index: statpingserv.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/statpingserv.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- statpingserv.c 9 May 2007 00:26:30 -0000 1.6
+++ statpingserv.c 14 Jul 2008 20:00:02 -0000 1.7
@@ -74,8 +74,6 @@
int port;
PRFileDesc *gif;
- int character;
- int count=0;
char *file;
char *portstr;
struct PRFileInfo64 prfileinfo;
Index: ugdsconfig.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/ugdsconfig.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- ugdsconfig.c 18 Dec 2007 19:55:23 -0000 1.10
+++ ugdsconfig.c 14 Jul 2008 20:00:02 -0000 1.11
@@ -236,7 +236,7 @@
AdmldapInfo adminfo;
int rc;
- if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0)) {
+ if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1)) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_ADMSSL_INIT_FAILED,"Cannot initialize SSL"), NULL, NULL);
return NULL;
}
Index: viewdata.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewdata.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- viewdata.c 11 May 2007 19:44:05 -0000 1.8
+++ viewdata.c 14 Jul 2008 20:00:02 -0000 1.9
@@ -113,7 +113,7 @@
if(!ldapInfo)
exit(0);
- rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0);
+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1);
if(rv)
exit(0);
@@ -261,11 +261,11 @@
}
PR_smprintf_free(dn);
- if(vals = ldap_get_values(server, entry, "nshtmladminproducturl")) {
+ if((vals = ldap_get_values(server, entry, "nshtmladminproducturl"))) {
*url = strdup(vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nshtmladminproducttext")) {
+ if((vals = ldap_get_values(server, entry, "nshtmladminproducttext"))) {
*text = strdup(vals[0]);
ldap_value_free(vals);
}
@@ -292,13 +292,13 @@
return;
- if(vals = ldap_get_values(server, entry, "serverproductname")) {
+ if((vals = ldap_get_values(server, entry, "serverproductname"))) {
fprintf(stdout,(const char*)getResourceString(DBT_OUTPUT_DATA_SERVER_PRODUCT_NAME), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "installationtimestamp")) {
+ if((vals = ldap_get_values(server, entry, "installationtimestamp"))) {
struct tm tm;
char buf[BIG_LINE];
@@ -323,7 +323,7 @@
}
- if(vals = ldap_get_values(server, entry, "serverroot")) {
+ if((vals = ldap_get_values(server, entry, "serverroot"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_SERVER_ROOT), vals[0]);
ldap_value_free(vals);
}
@@ -358,37 +358,37 @@
"(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS)
return;
- if(vals = ldap_get_values(server, entry, "nsproductname")) {
+ if((vals = ldap_get_values(server, entry, "nsproductname"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_PRODUCT_NAME), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsvendor")) {
+ if((vals = ldap_get_values(server, entry, "nsvendor"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_VENDOR), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsproductversion")) {
+ if((vals = ldap_get_values(server, entry, "nsproductversion"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_PRODUCT_VERSION), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsbuildnumber")) {
+ if((vals = ldap_get_values(server, entry, "nsbuildnumber"))) {
fprintf(stdout,(const char*)getResourceString(DBT_OUTPUT_DATA_BUILD_NUMBER), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsbuildsecurity")) {
+ if((vals = ldap_get_values(server, entry, "nsbuildsecurity"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_BUILD_SECURITY), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "nsrevisionnumber")) {
+ if((vals = ldap_get_values(server, entry, "nsrevisionnumber"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_REVISION_NUMBER), vals[0]);
ldap_value_free(vals);
}
- if(vals = ldap_get_values(server, entry, "description")) {
+ if((vals = ldap_get_values(server, entry, "description"))) {
fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_DESCRIPTION), vals[0]);
ldap_value_free(vals);
}
@@ -403,12 +403,6 @@
char line[BIG_LINE];
FILE *html = open_html_file(MY_PAGE);
char *sie = NULL;
-
- char *request;
- int errorcode;
- PRFileDesc *sockd;
- bufstruct *nbuf;
-
char *binddn, *bindpw;
LDAP *server;
LDAPMessage *entry;
@@ -453,7 +447,7 @@
"(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS)
continue;
- if(vals = ldap_get_values(server, entry, "nsserverid")) {
+ if((vals = ldap_get_values(server, entry, "nsserverid"))) {
fprintf(stdout, (const char*)getResourceString(DBT_MAIN_SERVER_ID), vals[0]);
ldap_value_free(vals);
}
Index: viewlog.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewlog.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- viewlog.c 31 Oct 2007 05:30:53 -0000 1.10
+++ viewlog.c 14 Jul 2008 20:00:02 -0000 1.11
@@ -156,7 +156,6 @@
void display_logfiles(char *logdir, char *default_logfile)
{
int x;
- int cnt=0;
char *seps = "/";
char *token;
char *curlog = NULL;
@@ -289,7 +288,6 @@
char *file;
char *logdir = NULL;
char *id;
- char **logfiles = NULL;
char tmp[BIG_LINE];
int x;
int print_html = 1;
@@ -353,6 +351,11 @@
configdir ? configdir : "(null)", rc);
rpt_err(APP_ERROR, line, NULL, NULL);
} else {
+ const char *secdir = util_get_security_dir();
+ if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) {
+ rpt_err(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR), NULL, NULL);
+ }
+
logdir = getLogDir(ldapInfo, id);
if(!logdir) {
PR_snprintf(msg, sizeof(msg),
@@ -407,7 +410,6 @@
}
PR_snprintf(full_path, sizeof(full_path), "%s%c%s", logdir, FILE_PATHSEP, file);
- form_unescape(full_path); /* bug 27409, 31807 */
cmd = fopen(full_path, "r");
fprintf(stdout, getResourceString(DBT_MAIN_WIDTH));
PR_snprintf(tmp, sizeof(tmp), getResourceString(DBT_SUBTITLE), num, file, (str)? getResourceString(DBT_WITH) : "",
@@ -435,7 +437,6 @@
if (file || *file || util_is_valid_path_string(file) ||
util_verify_file_or_dir(logdir, PR_FILE_DIRECTORY, file, -1, PR_FILE_FILE)) {
PR_snprintf(full_path, sizeof(full_path), "%s%c%s", logdir, FILE_PATHSEP, file);
- form_unescape(full_path); /* bug 27409, 31807 */
cmd = fopen(full_path, "r");
/* begin search */
15 years, 10 months