[Fedora-directory-commits] ldapserver/ldap/servers/slapd log.c, 1.25, 1.26
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv20986
Modified Files:
log.c
Log Message:
Resolves: #489625
Summary: If an independent process db2ldif rotates the error log, it crashes the server.
Description: PR_Rename failure due to the FILE_EXIST is benign. Ignore the
error and goes forward. The procedure is extended to all the log type: error,
access, and audit.
Index: log.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/log.c,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- log.c 10 Dec 2008 06:23:24 -0000 1.25
+++ log.c 13 Mar 2009 16:39:25 -0000 1.26
@@ -2144,9 +2144,15 @@
log_convert_time (log->l_ctime, tbuf, 1 /*short */);
PR_snprintf(newfile, sizeof(newfile), "%s.%s", loginfo.log_access_file, tbuf);
if (PR_Rename (loginfo.log_access_file, newfile) != PR_SUCCESS) {
- loginfo.log_access_fdes = NULL;
- if (!locked) LOG_ACCESS_UNLOCK_WRITE();
- return LOG_UNABLE_TO_OPENFILE;
+ PRErrorCode prerr = PR_GetError();
+ /* Make "FILE EXISTS" error an exception.
+ Even if PR_Rename fails with the error, we continue logging.
+ */
+ if (PR_FILE_EXISTS_ERROR != prerr) {
+ loginfo.log_access_fdes = NULL;
+ if (!locked) LOG_ACCESS_UNLOCK_WRITE();
+ return LOG_UNABLE_TO_OPENFILE;
+ }
}
/* add the log to the chain */
log->l_next = loginfo.log_access_logchain;
@@ -3202,7 +3208,7 @@
* which causes the self deadlock if you call LDAPDebug for logging.
* Thus, instead of LDAPDebug, call log__error_emergency with locked == 1. */
PR_snprintf(buffer, sizeof(buffer), "LOGINFO:Unable to remove file:%s.%s\n",
- loginfo.log_audit_file, tbuf);
+ loginfo.log_audit_file, tbuf);
log__error_emergency(buffer, 0, locked);
}
slapi_ch_free((void**)&delete_logp);
@@ -3638,14 +3644,19 @@
PR_snprintf(newfile, sizeof(newfile), "%s.%s", loginfo.log_error_file, tbuf);
if (PR_Rename (loginfo.log_error_file, newfile) != PR_SUCCESS) {
PRErrorCode prerr = PR_GetError();
- PR_snprintf(buffer, sizeof(buffer),
- "Failed to rename errors log file, "
- SLAPI_COMPONENT_NAME_NSPR " error %d (%s). Exiting...",
- prerr, slapd_pr_strerror(prerr));
- log__error_emergency(buffer, 1, 1);
- slapi_ch_free((void **)&log);
- if (!locked) LOG_ERROR_UNLOCK_WRITE();
- return LOG_UNABLE_TO_OPENFILE;
+ /* Make "FILE EXISTS" error an exception.
+ Even if PR_Rename fails with the error, we continue logging.
+ */
+ if (PR_FILE_EXISTS_ERROR != prerr) {
+ PR_snprintf(buffer, sizeof(buffer),
+ "Failed to rename errors log file, "
+ SLAPI_COMPONENT_NAME_NSPR " error %d (%s). Exiting...",
+ prerr, slapd_pr_strerror(prerr));
+ log__error_emergency(buffer, 1, 1);
+ slapi_ch_free((void **)&log);
+ if (!locked) LOG_ERROR_UNLOCK_WRITE();
+ return LOG_UNABLE_TO_OPENFILE;
+ }
}
/* add the log to the chain */
@@ -3776,8 +3787,14 @@
log_convert_time (log->l_ctime, tbuf, 1 /*short */);
PR_snprintf(newfile, sizeof(newfile), "%s.%s", loginfo.log_audit_file, tbuf);
if (PR_Rename (loginfo.log_audit_file, newfile) != PR_SUCCESS) {
- if (!locked) LOG_AUDIT_UNLOCK_WRITE();
- return LOG_UNABLE_TO_OPENFILE;
+ PRErrorCode prerr = PR_GetError();
+ /* Make "FILE EXISTS" error an exception.
+ Even if PR_Rename fails with the error, we continue logging.
+ */
+ if (PR_FILE_EXISTS_ERROR != prerr) {
+ if (!locked) LOG_AUDIT_UNLOCK_WRITE();
+ return LOG_UNABLE_TO_OPENFILE;
+ }
}
/* add the log to the chain */
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.28, 1.29 Util.pm.in, 1.20, 1.21
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29040/ldapserver/ldap/admin/src/scripts
Modified Files:
DSMigration.pm.in Util.pm.in
Log Message:
Resolves: bug 489360
Bug Description: Replication Bind Failure After Migration from DS 7.1
Reviewed by: nkinder (Thanks!)
Fix Description: We have to quote shell metacharacters before passing them to the shell. I added a new function shellEscape to use for this purpose. We really should shell escape anything passed to system() or back ticks ``. Certainly passwords should contain shell meta characters so I changed places where we use passwords to use shellEscape to pass them to pwdhash or migratecred. I also chomp() the output of migratecred to remove the trailing newline. With the fix, I was able to run setup with a root password of `~!@#$%^&*()\\|[]{}:;<>?/"\ and successfully authenticate.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: DSMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- DSMigration.pm.in 27 Feb 2009 14:33:12 -0000 1.28
+++ DSMigration.pm.in 13 Mar 2009 14:27:50 -0000 1.29
@@ -222,19 +222,22 @@
sub migrateCredentials {
my ($ent, $attr, $mig, $inst) = @_;
my $oldval = $ent->getValues($attr);
+ my $qoldval = shellEscape($oldval);
# Older versions of the server on x86 systems and other systems that do not use network byte order
# stored the credentials incorrectly. The first step is to determine if this is the case. We
# migrate using the same server root to see if we get the same output as we input.
debug(3, "In migrateCredentials - see how old credentials were encoded.\n");
- my $testval = `@bindir@/migratecred -o $mig->{actualsroot}/$inst -n $mig->{actualsroot}/$inst -c \'$oldval\'`;
+ my $testval = `@bindir@/migratecred -o $mig->{actualsroot}/$inst -n $mig->{actualsroot}/$inst -c $qoldval`;
+ chomp($testval);
if ($testval ne $oldval) { # need to turn on the special flag
debug(3, "Credentials not encoded correctly. oldval $oldval not equal to testval $testval. The value will be re-encoded correctly.\n");
$ENV{MIGRATE_BROKEN_PWD} = "1"; # decode and re-encode correctly
}
- debug(3, "Executing @bindir@/migratecred -o $mig->{actualsroot}/$inst -n @instconfigdir@/$inst -c \'$oldval\' . . .\n");
- my $newval = `@bindir@/migratecred -o $mig->{actualsroot}/$inst -n @instconfigdir@/$inst -c \'$oldval\'`;
+ debug(3, "Executing @bindir@/migratecred -o $mig->{actualsroot}/$inst -n @instconfigdir@/$inst -c $qoldval . . .\n");
+ my $newval = `@bindir@/migratecred -o $mig->{actualsroot}/$inst -n @instconfigdir@/$inst -c $qoldval`;
+ chomp($newval);
delete $ENV{MIGRATE_BROKEN_PWD}; # clear the flag, if set
debug(3, "Converted old value [$oldval] to new value [$newval] for attr $attr in entry ", $ent->getDN(), "\n");
return $newval;
Index: Util.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/Util.pm.in,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- Util.pm.in 27 Feb 2009 14:33:12 -0000 1.20
+++ Util.pm.in 13 Mar 2009 14:27:50 -0000 1.21
@@ -47,11 +47,11 @@
@ISA = qw(Exporter);
@EXPORT = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries
- getHashedPassword debug createInfFromConfig
+ getHashedPassword debug createInfFromConfig shellEscape
isValidServerID isValidUser makePaths getLogin remove_tree remove_pidfile);
@EXPORT_OK = qw(portAvailable getAvailablePort isValidDN addSuffix getMappedEntries
process_maptbl check_and_add_entry getMappedEntries
- getHashedPassword debug createInfFromConfig
+ getHashedPassword debug createInfFromConfig shellEscape
isValidServerID isValidUser makePaths getLogin remove_tree remove_pidfile);
use strict;
@@ -679,6 +679,20 @@
return $mapper;
}
+# given a string, escape the characters in the string
+# so that it can be safely passed to the shell via
+# the system() call or `` backticks
+sub shellEscape {
+ my $val = shift;
+ # first, escape the double quotes and slashes
+ $val =~ s/([\\"])/\\$1/g; # " font lock fun
+ # next, escape the rest of the special chars
+ my $special = '!$\' @#%^&*()|[\]{};:<>?/`';
+ $val =~ s/([$special])/\\$1/g;
+
+ return $val;
+}
+
sub getHashedPassword {
my $pwd = shift;
my $alg = shift;
@@ -691,7 +705,7 @@
if ($alg) {
$cmd .= " -s $alg";
}
- $cmd .= " \'$pwd\'";
+ $cmd .= " " . shellEscape($pwd);
my $hashedpwd = `$cmd`;
chomp($hashedpwd);
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts FileConn.pm, 1.6, 1.7
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22797
Modified Files:
FileConn.pm
Log Message:
Resolves: bug 480869
Description: Bug 480869 - DS console: Can not delete DS instance
Fix Description: Create instance was broken, so no instances could be created for purposes of deletion. Create instance was printing the following error:
Unable to find Pass Through Authentication Plug-In config entry.
This is because the search for this entry in AdminUtil.pm was getting an incorrect error message - something other than "Success"
This is because the FileConn->getErrorString() method was returning "0" instead of "Success".
Platforms tested: RHEL4
Index: FileConn.pm
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/FileConn.pm,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- FileConn.pm 27 Feb 2009 14:33:12 -0000 1.6
+++ FileConn.pm 12 Mar 2009 22:12:59 -0000 1.7
@@ -213,7 +213,7 @@
sub getErrorString {
my $self = shift;
- return ($self->{lastErrorCode} ? ldap_err2string($self->{lastErrorCode}) : LDAP_SUCCESS);
+ return ldap_err2string($self->{lastErrorCode});
}
#############################################################################
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/servers/slapd dse.c, 1.11, 1.12
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3128
Modified Files:
dse.c
Log Message:
Resolves: #489763
Summary: rhds80 64b el5.3 - db2ldif lock case
Description: Fixed double free, which confused the server operation and eventually crashed the server.
Index: dse.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/dse.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- dse.c 17 Oct 2008 16:54:47 -0000 1.11
+++ dse.c 12 Mar 2009 20:38:59 -0000 1.12
@@ -1139,9 +1139,6 @@
slapi_entry_free(schemacheckentry);
}
- /* callers expect e (SLAPI_ADD_ENTRY) to be freed or otherwise consumed */
- slapi_entry_free(e);
-
return rc;
}
15 years, 1 month
[Fedora-directory-commits] winsync/passwordsync/passsync ntservice.cpp, 1.6, 1.7
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/winsync/passwordsync/passsync
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32164
Modified Files:
ntservice.cpp
Log Message:
Resolves: Bug 482892
Description: Passsync service start and stop messages in Windows event viewer are not logged correctly
Fix Description: Omit "The Password Synchronization Service service was installed." message at service startup.
Index: ntservice.cpp
===================================================================
RCS file: /cvs/dirsec/winsync/passwordsync/passsync/ntservice.cpp,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ntservice.cpp 16 Feb 2009 22:20:21 -0000 1.6
+++ ntservice.cpp 12 Mar 2009 14:39:40 -0000 1.7
@@ -199,6 +199,7 @@
// Get the executable file path
TCHAR szFilePath[_MAX_PATH];
::GetModuleFileName(NULL, szFilePath, sizeof(szFilePath)/sizeof(*szFilePath));
+ int didinstall = FALSE;
// install if not already installed
if (!IsInstalled()) {
@@ -229,6 +230,7 @@
// clean up
::CloseServiceHandle(hService);
::CloseServiceHandle(hSCM);
+ didinstall = TRUE;
}
// make registry entries to support logging messages
@@ -263,10 +265,12 @@
0,
REG_DWORD,
(CONST BYTE*)&dwData,
- sizeof(DWORD));
+ sizeof(DWORD));
::RegCloseKey(hKey);
- LogEvent(EVENTLOG_INFORMATION_TYPE, EVMSG_INSTALLED, m_szServiceName);
+ if (didinstall) {
+ LogEvent(EVENTLOG_INFORMATION_TYPE, EVMSG_INSTALLED, m_szServiceName);
+ }
return TRUE;
}
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/servers/slapd util.c, 1.29, 1.30
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv27916/ldapserver/ldap/servers/slapd
Modified Files:
util.c
Log Message:
Resolves: bug 488866
Bug Description: crash in reliab15 test
Reviewed by: nkinder (Thanks!)
Fix Description: There was still a small window of time during which the connection could be closed out from under the other thread which was sending/reading result. The solution is to use explicit locking using the conn->lock to protect access to the conn->ld. Since this also affected the total update code, I tested it under similar conditions, and found that it exhibited the same behavior. I added checking to the total update code to check for disconnection and coordinate access in the entry sending/result reading threads.
I also fixed a spurious error message about the sasl path.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/util.c,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- util.c 9 Mar 2009 16:35:35 -0000 1.29
+++ util.c 12 Mar 2009 02:16:43 -0000 1.30
@@ -959,7 +959,7 @@
char *pp = NULL;
if (NULL == pluginpath || (*pluginpath == '\0')) {
- slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_init_ext",
+ slapi_log_error(SLAPI_LOG_SHELL, "slapi_ldap_init_ext",
"configpluginpath == NULL\n");
if (!(pluginpath = getenv("SASL_PATH"))) {
#if defined(LINUX) && defined(__LP64__)
@@ -974,7 +974,7 @@
(0 != strcmp(++pp, pluginpath)) /* sasl_path has been updated */ ) {
PR_snprintf(util_sasl_path, sizeof(util_sasl_path),
"SASL_PATH=%s", pluginpath);
- slapi_log_error(SLAPI_LOG_FATAL, "slapi_ldap_init_ext",
+ slapi_log_error(SLAPI_LOG_SHELL, "slapi_ldap_init_ext",
"putenv(%s)\n", util_sasl_path);
putenv(util_sasl_path);
}
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication repl5_connection.c, 1.16, 1.17 repl5_tot_protocol.c, 1.10, 1.11
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv27916/ldapserver/ldap/servers/plugins/replication
Modified Files:
repl5_connection.c repl5_tot_protocol.c
Log Message:
Resolves: bug 488866
Bug Description: crash in reliab15 test
Reviewed by: nkinder (Thanks!)
Fix Description: There was still a small window of time during which the connection could be closed out from under the other thread which was sending/reading result. The solution is to use explicit locking using the conn->lock to protect access to the conn->ld. Since this also affected the total update code, I tested it under similar conditions, and found that it exhibited the same behavior. I added checking to the total update code to check for disconnection and coordinate access in the entry sending/result reading threads.
I also fixed a spurious error message about the sasl path.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: repl5_connection.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_connection.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- repl5_connection.c 11 Mar 2009 13:41:13 -0000 1.16
+++ repl5_connection.c 12 Mar 2009 02:16:42 -0000 1.17
@@ -306,12 +306,20 @@
while (1)
{
- if (!conn_connected(conn)) {
+ /* we have to make sure the update sending thread does not
+ attempt to call conn_disconnect while we are reading
+ results - so lock the conn while we get the results */
+ PR_Lock(conn->lock);
+ if ((STATE_CONNECTED != conn->state) || !conn->ld) {
rc = -1;
return_value = CONN_NOT_CONNECTED;
+ PR_Unlock(conn->lock);
break;
}
+
rc = ldap_result(conn->ld, LDAP_RES_ANY , 1, &local_timeout, &res);
+ PR_Unlock(conn->lock);
+
if (0 != rc)
{
/* Something other than a timeout happened */
@@ -342,6 +350,18 @@
repl5_stop_debug_timeout(eqctx, &setlevel);
+ PR_Lock(conn->lock);
+ /* we have to check again since the connection may have
+ been closed in the meantime
+ acquire the lock for the rest of the function
+ to protect against another attempt to close
+ the conn while we are using it
+ */
+ if ((STATE_CONNECTED != conn->state) || !conn->ld) {
+ rc = -1;
+ return_value = CONN_NOT_CONNECTED;
+ }
+
if (0 == rc)
{
/* Timeout */
@@ -370,7 +390,7 @@
later */
if (IS_DISCONNECT_ERROR(rc))
{
- conn_disconnect(conn);
+ close_connection_internal(conn); /* we already have the lock */
return_value = CONN_NOT_CONNECTED;
}
else
@@ -397,13 +417,13 @@
if (IS_DISCONNECT_ERROR(rc))
{
conn->last_ldap_error = rc;
- conn_disconnect(conn);
+ close_connection_internal(conn); /* we already have the lock */
return_value = CONN_NOT_CONNECTED;
}
else if (IS_DISCONNECT_ERROR(err))
{
conn->last_ldap_error = err;
- conn_disconnect(conn);
+ close_connection_internal(conn); /* we already have the lock */
return_value = CONN_NOT_CONNECTED;
}
/* Got a result */
@@ -450,6 +470,7 @@
conn->status = STATUS_CONNECTED;
}
if (res) ldap_msgfree(res);
+ PR_Unlock(conn->lock); /* release the conn lock */
return return_value;
}
@@ -565,7 +586,10 @@
server_controls[1] = update_control;
server_controls[2] = NULL;
- if (conn_connected(conn))
+ /* lock the conn to prevent the result reader thread
+ from closing the connection out from under us */
+ PR_Lock(conn->lock);
+ if (STATE_CONNECTED == conn->state)
{
int setlevel = 0;
@@ -574,6 +598,7 @@
return_value = see_if_write_available(
conn, PR_SecondsToInterval(conn->timeout.tv_sec));
if (return_value != CONN_OPERATION_SUCCESS) {
+ PR_Unlock(conn->lock);
return return_value;
}
conn->last_operation = optype;
@@ -627,7 +652,7 @@
conn->last_ldap_error = rc;
if (IS_DISCONNECT_ERROR(rc))
{
- conn_disconnect(conn);
+ close_connection_internal(conn); /* already have the lock */
return_value = CONN_NOT_CONNECTED;
}
else
@@ -640,11 +665,12 @@
else
{
/* conn->last_ldap_error has been set to a more specific value
- * in conn_connected()
+ * in the thread that did the disconnection
* conn->last_ldap_error = LDAP_SERVER_DOWN;
*/
return_value = CONN_NOT_CONNECTED;
}
+ PR_Unlock(conn->lock); /* release the lock */
if (message_id)
{
*message_id = msgid;
@@ -1073,6 +1099,13 @@
static void
close_connection_internal(Repl_Connection *conn)
{
+ conn->state = STATE_DISCONNECTED;
+ conn->status = STATUS_DISCONNECTED;
+ conn->supports_ds50_repl = -1;
+ conn->supports_ds71_repl = -1;
+ /* do this last, to minimize the chance that another thread
+ might read conn->state as not disconnected and attempt
+ to use conn->ld */
if (NULL != conn->ld)
{
/* Since we call slapi_ldap_init,
@@ -1080,10 +1113,6 @@
slapi_ldap_unbind(conn->ld);
}
conn->ld = NULL;
- conn->state = STATE_DISCONNECTED;
- conn->status = STATUS_DISCONNECTED;
- conn->supports_ds50_repl = -1;
- conn->supports_ds71_repl = -1;
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: Disconnected from the consumer\n", agmt_get_long_name(conn->agmt));
}
Index: repl5_tot_protocol.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_tot_protocol.c,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- repl5_tot_protocol.c 5 Dec 2008 22:41:52 -0000 1.10
+++ repl5_tot_protocol.c 12 Mar 2009 02:16:42 -0000 1.11
@@ -95,6 +95,7 @@
static int send_entry (Slapi_Entry *e, void *callback_data);
static void repl5_tot_delete(Private_Repl_Protocol **prp);
+#define LOST_CONN_ERR(xx) ((xx == -2) || (xx == LDAP_SERVER_DOWN) || (xx == LDAP_CONNECT_ERROR))
/*
* Notes on the async version of this code:
* First, we need to have the supplier and consumer both be async-capable.
@@ -120,9 +121,9 @@
repl5_tot_log_operation_failure(int ldap_error, char* ldap_error_string, const char *agreement_name)
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
- "%s: Received error %d: %s for total update operation\n",
+ "%s: Received error %d (%s): %s for total update operation\n",
agreement_name,
- ldap_error, ldap_error_string ? ldap_error_string : "NULL");
+ ldap_error, ldap_err2string(ldap_error), ldap_error_string ? ldap_error_string : "");
}
/* Thread that collects results from async operations sent to the consumer */
@@ -206,7 +207,9 @@
}
/* Should we stop ? */
PR_Lock(cb->lock);
- if (cb->stop_result_thread)
+ /* if the connection is not connected, then we cannot read any more
+ results - we are finished */
+ if (cb->stop_result_thread || (conres == CONN_NOT_CONNECTED))
{
finished = 1;
}
@@ -290,13 +293,17 @@
/* If so then we're done */
done = 1;
}
+ if (cb_data->abort && LOST_CONN_ERR(cb_data->rc))
+ {
+ done = 1; /* no connection == no more results */
+ }
PR_Unlock(cb_data->lock);
/* If not then sleep a bit */
DS_Sleep(PR_SecondsToInterval(1));
loops++;
/* If we sleep forever then we can conclude that something bad happened, and bail... */
/* Arbitrary 30 second delay : basically we should only expect to wait as long as it takes to process a few operations, which should be on the order of a second at most */
- if (loops > 300)
+ if (!done && (loops > 300))
{
/* Log a warning */
slapi_log_error(SLAPI_LOG_FATAL, NULL,
@@ -618,6 +625,18 @@
return -1;
}
+ /* see if the result reader thread encountered
+ a fatal error */
+ PR_Lock(((callback_data*)cb_data)->lock);
+ rc = ((callback_data*)cb_data)->abort;
+ PR_Unlock(((callback_data*)cb_data)->lock);
+ if (rc)
+ {
+ conn_disconnect(prp->conn);
+ prp->stopped = 1;
+ ((callback_data*)cb_data)->rc = -1;
+ return -1;
+ }
/* skip ruv tombstone - need to do this because it might be
more up to date then the data we are sending to the client.
RUV is sent separately via the protocol */
@@ -702,9 +721,14 @@
ber_bvfree(bv);
(*num_entriesp)++;
- /* For async operation we need to inspect the abort status from the result thread here */
-
- if (CONN_OPERATION_SUCCESS == rc) {
+ /* if the connection has been closed, we need to stop
+ sending entries and set a special rc value to let
+ the result reading thread know the connection has been
+ closed - do not attempt to read any more results */
+ if (CONN_NOT_CONNECTED == rc) {
+ ((callback_data*)cb_data)->rc = -2;
+ retval = -1;
+ } else if (CONN_OPERATION_SUCCESS == rc) {
retval = 0;
} else {
((callback_data*)cb_data)->rc = rc;
15 years, 1 month
[Fedora-directory-commits] fedora-idm-console/win Makefile,1.4,1.5
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/fedora-idm-console/win
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv32509/win
Modified Files:
Makefile
Log Message:
update idm console version to 20090310
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/fedora-idm-console/win/Makefile,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- Makefile 10 Mar 2009 16:49:31 -0000 1.4
+++ Makefile 11 Mar 2009 23:08:27 -0000 1.5
@@ -58,7 +58,7 @@
JSSVER=4_2_5
JSSVERDIR=JSS_$(JSSVER)_RTM/20090122.1
IDMVER=1.1
-IDMVERDIR=$(IDMVER)/20090122.1
+IDMVERDIR=$(IDMVER)/200900310.1
WIXVER=2.0.5805.0
PLAT=WINNT5.0_OPT.OBJ
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication repl5_connection.c, 1.15, 1.16 repl5_inc_protocol.c, 1.15, 1.16
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv26204/ldapserver/ldap/servers/plugins/replication
Modified Files:
repl5_connection.c repl5_inc_protocol.c
Log Message:
Resolves: bug 488866
Bug Description: crash in reliab15 test
Reviewed by: nkinder (Thanks!)
Fix Description: My earlier fix was for the case where the result reader thread disconnects. But it looks like there is still a problem if the update sender thread disconnects out from under the reader thread. We need to use conn_connected() to test to see if the connection is connected before we attempt to access conn->ld in the result reader thread. I also improved the error messages so that I could tell if the errors were coming from the update sender thread or the result reader thread.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: repl5_connection.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_connection.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- repl5_connection.c 5 Dec 2008 22:41:51 -0000 1.15
+++ repl5_connection.c 11 Mar 2009 13:41:13 -0000 1.16
@@ -306,6 +306,11 @@
while (1)
{
+ if (!conn_connected(conn)) {
+ rc = -1;
+ return_value = CONN_NOT_CONNECTED;
+ break;
+ }
rc = ldap_result(conn->ld, LDAP_RES_ANY , 1, &local_timeout, &res);
if (0 != rc)
{
@@ -344,11 +349,20 @@
conn->last_ldap_error = LDAP_TIMEOUT;
return_value = CONN_TIMEOUT;
}
+ else if ((-1 == rc) && (CONN_NOT_CONNECTED == return_value))
+ {
+ /* must not access conn->ld if disconnected in another thread */
+ /* the other thread that actually did the conn_disconnect() */
+ /* will set the status and error info */
+ slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
+ "%s: Connection disconnected by another thread\n",
+ agmt_get_long_name(conn->agmt));
+ }
else if (-1 == rc)
{
/* Error */
char *s = NULL;
-
+
rc = ldap_get_lderrno(conn->ld, NULL, &s);
conn->last_ldap_errmsg = s;
conn->last_ldap_error = rc;
Index: repl5_inc_protocol.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_inc_protocol.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- repl5_inc_protocol.c 6 Mar 2009 20:02:13 -0000 1.15
+++ repl5_inc_protocol.c 11 Mar 2009 13:41:13 -0000 1.16
@@ -1798,7 +1798,7 @@
agmt_inc_last_update_changecount (prp->agmt, csn_get_replicaid(entry.op->csn), 1 /*skipped*/);
}
slapi_log_error(finished ? SLAPI_LOG_FATAL : slapi_log_urp, repl_plugin_name,
- "%s: Consumer failed to replay change (uniqueid %s, CSN %s): %s. %s.\n",
+ "%s: Failed to send update operation to consumer (uniqueid %s, CSN %s): %s. %s.\n",
agmt_get_long_name(prp->agmt),
entry.op->target_address.uniqueid, csn_str,
ldap_err2string(error),
@@ -1811,7 +1811,7 @@
return_value = UPDATE_CONNECTION_LOST;
finished = 1;
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
- "%s: Consumer failed to replay change (uniqueid %s, CSN %s): "
+ "%s: Failed to send update operation to consumer (uniqueid %s, CSN %s): "
"%s. Will retry later.\n",
agmt_get_long_name(prp->agmt),
entry.op->target_address.uniqueid, csn_str,
@@ -1822,7 +1822,7 @@
return_value = UPDATE_TIMEOUT;
finished = 1;
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
- "%s: Consumer timed out to replay change (uniqueid %s, CSN %s): "
+ "%s: Timed out sending update operation to consumer (uniqueid %s, CSN %s): "
"%s.\n",
agmt_get_long_name(prp->agmt),
entry.op->target_address.uniqueid, csn_str,
@@ -1837,7 +1837,7 @@
return_value = UPDATE_TRANSIENT_ERROR;
finished = 1;
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name,
- "%s: Failed to replay change (uniqueid %s, CSN %s): "
+ "%s: Failed to send update operation to consumer (uniqueid %s, CSN %s): "
"Local error. Will retry later.\n",
agmt_get_long_name(prp->agmt),
entry.op->target_address.uniqueid, csn_str);
15 years, 1 month
[Fedora-directory-commits] winsync/passwordsync build.bat, 1.11, 1.12 unzip.vbs, 1.1, 1.2
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/winsync/passwordsync
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv20568
Modified Files:
build.bat unzip.vbs
Log Message:
remove internal paths ; use new improved unzip.vbs
Index: build.bat
===================================================================
RCS file: /cvs/dirsec/winsync/passwordsync/build.bat,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- build.bat 16 Feb 2009 22:37:32 -0000 1.11
+++ build.bat 10 Mar 2009 20:06:27 -0000 1.12
@@ -82,8 +82,8 @@
rem ======== Fetch Components ========
if [%INTERNAL_BUILD%] == [1] (
- set COMPONENT_URL=http://tsunami.dsdev.sjc.redhat.com/share/builds/components
- set COMPONENT_URL2=http://tsunami.dsdev.sjc.redhat.com/share/builds/verification
+ set COMPONENT_URL=%SBC%
+ set COMPONENT_URL2=%SBV%
) else (
set COMPONENT_URL=http://directory.fedoraproject.org/built/components
)
@@ -97,12 +97,9 @@
echo %NSPR_LOCATION%/%FLAVOR% > version.txt
%DOWNLOAD% %NSPR_LOCATION%/%FLAVOR%/mdbinary.jar "%LIBROOT%\nspr\mdbinary.jar"
%DOWNLOAD% %NSPR_LOCATION%/%FLAVOR%/mdheader.jar "%LIBROOT%\nspr\mdheader.jar"
-
- ren mdbinary.jar mdbinary.zip
- ren mdheader.jar mdheader.zip
- %UNZIP% mdbinary.zip
+ %UNZIP% mdbinary.jar
cd include
- %UNZIP% ..\mdheader.zip
+ %UNZIP% ..\mdheader.jar
popd
)
@@ -115,11 +112,9 @@
echo %NSS_LOCATION%/%FLAVOR% > version.txt
%DOWNLOAD% %NSS_LOCATION%/%FLAVOR%/mdbinary.jar "%LIBROOT%\nss\mdbinary.jar"
%DOWNLOAD% %NSS_LOCATION%/include/xpheader.jar "%LIBROOT%\nss\xpheader.jar"
- ren mdbinary.jar mdbinary.zip
- ren xpheader.jar xpheader.zip
- %UNZIP% mdbinary.zip
+ %UNZIP% mdbinary.jar
cd include
- %UNZIP% ..\xpheader.zip
+ %UNZIP% ..\xpheader.jar
popd
)
Index: unzip.vbs
===================================================================
RCS file: /cvs/dirsec/winsync/passwordsync/unzip.vbs,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- unzip.vbs 16 Feb 2009 22:37:32 -0000 1.1
+++ unzip.vbs 10 Mar 2009 20:06:27 -0000 1.2
@@ -4,8 +4,7 @@
WScript.Echo "Usage: cscript unzip.vbs \path\to\file.zip [destinationfolder]"
WScript.Echo "Example: cscript unzip.vbs ..\src\foo.zip ..\dest"
WScript.Echo "NOTE: The .zip file must have a .zip extension, so if"
- WScript.Echo "you are trying to unzip a .jar file, you must copy or rename it"
- WScript.Echo "to have a .zip extension"
+ WScript.Echo "it does not, a temporary copy will be made with a .zip extension"
WScript.Echo "If the destinationfolder does not exist, it will be created"
WScript.Echo "Use '.' for the current directory"
WScript.Echo "If the destinationfolder is not specified, '.' will be used"
@@ -39,6 +38,17 @@
WScript.Echo "Created new folder", DEST
End If
+' see if file ends in .zip - if not (e.g. .jar) make temp copy
+' that ends in .zip
+Dim newSRC
+newSRC = ""
+If not Right(SRC, 4) = ".zip" Then
+ newSRC = SRC & ".zip"
+ objFSO.CopyFile SRC, newSRC, true
+ SRC = newSRC
+End If
+
+' get the shell application object used to do the unzip
Set objShell = CreateObject("Shell.Application")
Set objSrc = objShell.Namespace(SRC)
Set objDest = objShell.Namespace(DEST)
@@ -47,7 +57,12 @@
' Next
objDest.CopyHere(objSrc.Items)
-WScript.Echo "Done. Copied contents of " & SRC & " to " & DEST
+' remove temp zip, if any
+If Len(newSrc) > 0 Then
+ objFSO.DeleteFile(newSRC)
+End If
+
+WScript.Stdout.Write "Done. Copied contents of " & SRC & " to " & DEST
' Set WshShell = WScript.CreateObject("WScript.Shell")
' WScript.Echo "CD =", WshShell.CurrentDirectory
15 years, 1 month