console/src/com/netscape/management/client/console Console.java, 1.15, 1.16
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/console/src/com/netscape/management/client/console
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29557/src/com/netscape/management/client/console
Modified Files:
Console.java
Log Message:
Resolves: 560827 - Admin Server: DistinguishName validation fails
Description: userPreferenceDN included a nested DN surrounded by unescaped
double quotes. Instead of escaping the double quotes, introduced a method
escapeDnString in LDPAUtil which escapes special characters in the nested DN.
Index: Console.java
===================================================================
RCS file: /cvs/dirsec/console/src/com/netscape/management/client/console/Console.java,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- Console.java 29 Jan 2009 21:23:59 -0000 1.15
+++ Console.java 12 Feb 2010 16:53:00 -0000 1.16
@@ -937,12 +937,15 @@
// this *should* already be created at install time, but just in case
// note: if this entry is created here, then ACIs (for non-admins) will break
+ String authDN = _info.getAuthenticationDN();
+ String escapedAuthDN = LDAPUtil.escapeDnString(authDN);
+ Debug.println("Console.initialize: authDN: "+authDN+
+ ", escaped: "+escapedAuthDN);
String userPreferenceDN = LDAPUtil.createEntry(ldc,
LDAPUtil.getUserPreferenceOU(),
LDAPUtil.getInstalledSoftwareDN());
userPreferenceDN = LDAPUtil.createEntry(ldc,
- "\""+_info.getAuthenticationDN() + "\"",
- userPreferenceDN, true);
+ escapedAuthDN, userPreferenceDN, true);
_info.setUserPreferenceDN(userPreferenceDN);
}
// Always enable context help.
14 years, 2 months
console/src/com/netscape/management/client/util LDAPUtil.java, 1.2, 1.3
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/console/src/com/netscape/management/client/util
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv29557/src/com/netscape/management/client/util
Modified Files:
LDAPUtil.java
Log Message:
Resolves: 560827 - Admin Server: DistinguishName validation fails
Description: userPreferenceDN included a nested DN surrounded by unescaped
double quotes. Instead of escaping the double quotes, introduced a method
escapeDnString in LDPAUtil which escapes special characters in the nested DN.
Index: LDAPUtil.java
===================================================================
RCS file: /cvs/dirsec/console/src/com/netscape/management/client/util/LDAPUtil.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- LDAPUtil.java 24 Mar 2006 01:04:54 -0000 1.2
+++ LDAPUtil.java 12 Feb 2010 16:53:00 -0000 1.3
@@ -758,6 +758,14 @@
return res.toString();
}
+ /**
+ * A method to escape DN string (RFC 4514)
+ * Note: #<HEX><HEX> format hasn't been supported
+ */
+ public static String escapeDnString(String s) {
+ return s.replaceAll("[\"+,;<>=]", "\\\\$0");
+ }
+
// DS ldbm database configuration root DN
final static String LDBM_PLUGIN_ROOT = "cn=ldbm database, cn=plugins, cn=config";
}
14 years, 2 months
admserv/cgi-src40 include/libadmin lib/libadmin
by Noriko Hosoi
admserv/cgi-src40/htmladmin.c | 15 ++++-
include/libadmin/libadmin.h | 13 ++++
lib/libadmin/util.c | 121 ++++++++++++++++++++++++++++++++++++++++++
3 files changed, 147 insertions(+), 2 deletions(-)
New commits:
commit f637dafd4fb0e135b80513345eec8024dc06b639
Author: Noriko Hosoi <nhosoi(a)jiji.sjc.redhat.com>
Date: Thu Feb 11 17:53:29 2010 -0800
560827 - Admin Server: DistinguishName validation fails
https://bugzilla.redhat.com/show_bug.cgi?id=560827
Description: get_all_users_views was generating an invalid DN
which included nested DN surrounded by unescaped double quotes.
Instead of escaping the double quotes, introduced a escape_for_dn
function which escape special characters in the nested DN.
diff --git a/admserv/cgi-src40/htmladmin.c b/admserv/cgi-src40/htmladmin.c
index 4ce4dbe..e6d9eee 100644
--- a/admserv/cgi-src40/htmladmin.c
+++ b/admserv/cgi-src40/htmladmin.c
@@ -590,6 +590,7 @@ char **get_all_users_views(LDAP *server, char *binddn, AdmldapInfo ldapInfo) {
char **return_array = NULL;
int i;
+ char *escaped_binddn = NULL;
if(!binddn)
return NULL; /* anonymous bind, no user prefs, no views */
@@ -607,8 +608,18 @@ char **get_all_users_views(LDAP *server, char *binddn, AdmldapInfo ldapInfo) {
ptr3++; /* remove spaces */
/* First, search private views */
-
- PR_snprintf(dn, BIG_LINE, "ou=\"%s\", ou=UserPreferences, %s", binddn, ptr3);
+ ldapError = escape_for_dn(binddn, &escaped_binddn);
+ if (ldapError) {
+ return NULL; /* failed to escape binddn; bail */
+ }
+ if (NULL == escaped_binddn) {
+ PR_snprintf(dn, BIG_LINE, "ou=%s, ou=UserPreferences, %s",
+ binddn, ptr3);
+ } else {
+ PR_snprintf(dn, BIG_LINE, "ou=%s, ou=UserPreferences, %s",
+ escaped_binddn, ptr3);
+ PR_Free(escaped_binddn);
+ }
PR_snprintf(filter, BIG_LINE, "(&(objectclass=nscustomview))");
ldapError = ldap_search_s(server, dn, LDAP_SCOPE_SUBTREE,
diff --git a/include/libadmin/libadmin.h b/include/libadmin/libadmin.h
index 051bd47..3914fce 100644
--- a/include/libadmin/libadmin.h
+++ b/include/libadmin/libadmin.h
@@ -383,6 +383,19 @@ NSAPI_PUBLIC int perform_request(char *req, int whichsrv, char *auth, char *succ
/* util.c */
NSAPI_PUBLIC void escape_for_shell(char *cmd);
+/*
+ * Escape src DN string (RFC 4514)
+ * Result
+ * Success:
+ * return value: 0
+ * src includes dn special characters
+ * --> *dist returns escaped string; caller needs to free it.
+ * src does not include dn special characters --> *dist == NULL
+ * Failure
+ * return value: -1
+ */
+int escape_for_dn(char *src, char **dist);
+
/* Lists all files in a directory. If dashA list .files except . and .. */
/* util.c */
NSAPI_PUBLIC char **list_directory(char *path, int dashA);
diff --git a/lib/libadmin/util.c b/lib/libadmin/util.c
index 6016466..52cd726 100644
--- a/lib/libadmin/util.c
+++ b/lib/libadmin/util.c
@@ -79,6 +79,127 @@ void escape_for_shell(char *cmd) {
}
}
+char dnspecial[] = {
+ '"', '+', ',', ';', '<', '>', '=', '#', '\0'
+};
+
+static void
+put_dnescaped_char(char **distp, char **srcp)
+{
+ if (**srcp == '#') {
+ char c1 = *((*srcp)+1);
+ char c2 = *((*srcp)+2);
+ if (isxdigit(c1) && isxdigit(c2)) {
+ char *dn = NULL;
+ char c;
+ int n1 = 0, n2 = 0;
+ if ('0' <= c1 && c1 <= '9') {
+ n1 = c1 - '0';
+ } else if ('a' <= c1 && c1 <= 'f') {
+ n1 = c1 - 'a' + 10;
+ } else if ('A' <= c1 && c1 <= 'F') {
+ n1 = c1 - 'A' + 10;
+ }
+ if ('0' <= c2 && c2 <= '9') {
+ n2 = c2 - '0';
+ } else if ('a' <= c2 && c2 <= 'f') {
+ n2 = c2 - 'a' + 10;
+ } else if ('A' <= c2 && c2 <= 'F') {
+ n2 = c2 - 'A' + 10;
+ }
+ c = n1 * 16 + n2;
+ for (dn = dnspecial; dn && *dn; dn++) {
+ if (c == *dn) {
+ *((*distp)++) = '\\'; /* escape the char with '\\' */
+ *((*distp)++) = c;
+ break;
+ }
+ }
+ if (c != *dn) {
+ *((*distp)++) = c;
+ }
+ *srcp += 3;
+ } else {
+ *((*distp)++) = *((*srcp)++); /* Just copy '#' */
+ }
+ } else {
+ *((*distp)++) = '\\'; /* escape the char with '\\' */
+ *((*distp)++) = *((*srcp)++);
+ }
+}
+
+/*
+ * Escape src DN string (RFC 4514)
+ * Result
+ * Success:
+ * return value: 0
+ * src includes dn special characters
+ * --> *dist returns escaped string; caller needs to free it.
+ * src does not include dn special characters --> *dist == NULL
+ * Failure
+ * return value: -1
+ */
+int
+escape_for_dn(char *src, char **dist)
+{
+ char *srcp = NULL;
+ char *distp = NULL;
+ char *dn = NULL;
+ char *end = NULL;
+ int rc = -1;
+
+ if (NULL == dist) {
+ return rc;
+ }
+ *dist = NULL;
+ if (NULL == src) {
+ return rc;
+ }
+ end = src + strlen(src);
+
+ for (srcp = src; srcp && *srcp; srcp++) {
+ for (dn = dnspecial; dn && *dn; dn++) {
+ if (*srcp == *dn) {
+ goto out;
+ }
+ }
+ }
+out:
+ rc = 0;
+ if (*srcp && (*srcp == *dn)) { /* src includes a dn special character */
+ char *distend = NULL;
+ int maxdistlen = ((srcp - src) + (end - srcp) * 2) + 1;
+ /* max necessary length */
+ *dist = (char *)PR_Calloc(sizeof(char), maxdistlen);
+ if (NULL == *dist) {
+ rc = -1;
+ goto bail;
+ }
+ distend = *dist + maxdistlen;
+ memcpy(*dist, src, srcp - src); /* copy non escaped part */
+ distp = *dist + (srcp - src);
+ put_dnescaped_char(&distp, &srcp);
+ while (srcp && *srcp && distp && distp < distend) {
+ for (dn = dnspecial; dn && *dn; dn++) {
+ if (*srcp == *dn) {
+ put_dnescaped_char(&distp, &srcp);
+ break;
+ }
+ }
+ if ('\0' == *dn) {
+ *distp++ = *srcp++;
+ }
+ }
+ if (distp == distend) {
+ PR_Free(*dist);
+ *dist = NULL;
+ rc = -1;
+ }
+ }
+bail:
+ return rc;
+}
+
int _admin_dumbsort(const void *s1, const void *s2)
{
return strcmp(*((char **)s1), *((char **)s2));
14 years, 2 months
Branch 'Directory_Server_8_2_Branch' - configure m4/httpd.m4
by Nathan Kinder
configure | 14 ++++++++++----
m4/httpd.m4 | 11 ++++++++---
2 files changed, 18 insertions(+), 7 deletions(-)
New commits:
commit 3fe633f5d1e947a7e1f1bc9b063eb6733548aa80
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Thu Feb 11 16:14:54 2010 -0800
Make check for threaded httpd work with Apache 2.0
The check we use for a threaded httpd doesn't properly detect a
threaded Apache 2.0. This adds an additional check to the m4
file which makes this work.
diff --git a/configure b/configure
index 889f295..03aed62 100755
--- a/configure
+++ b/configure
@@ -23601,13 +23601,19 @@ else
if test "$httpd_model" = yes ; then
echo "$as_me:$LINENO: result: good - threading model is supported" >&5
echo "${ECHO_T}good - threading model is supported" >&6
- elif test "$enable_threading" = yes ; then
- { { echo "$as_me:$LINENO: error: threading model not supported - use --disable-threading to force use of unthreaded model" >&5
+ else
+ httpd_model=`$HTTPD -V | grep "APACHE_MPM_DIR" | grep "worker"`
+ if test -n "httpd_model" ; then
+ echo "$as_me:$LINENO: result: good - threading model is supported" >&5
+echo "${ECHO_T}good - threading model is supported" >&6
+ elif test "$enable_threading" = yes ; then
+ { { echo "$as_me:$LINENO: error: threading model not supported - use --disable-threading to force use of unthreaded model" >&5
echo "$as_me: error: threading model not supported - use --disable-threading to force use of unthreaded model" >&2;}
{ (exit 1); exit 1; }; }
- else
- echo "$as_me:$LINENO: result: NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly" >&5
+ else
+ echo "$as_me:$LINENO: result: NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly" >&5
echo "${ECHO_T}NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly" >&6
+ fi
fi
fi
diff --git a/m4/httpd.m4 b/m4/httpd.m4
index 03a52a2..6b5b78d 100644
--- a/m4/httpd.m4
+++ b/m4/httpd.m4
@@ -93,10 +93,15 @@ else
httpd_model=`$HTTPD -V | grep "threaded:" | awk '{print $2}'`
if test "$httpd_model" = yes ; then
AC_MSG_RESULT([good - threading model is supported])
- elif test "$enable_threading" = yes ; then
- AC_MSG_ERROR([threading model not supported - use --disable-threading to force use of unthreaded model])
else
- AC_MSG_RESULT([NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly])
+ httpd_model=`$HTTPD -V | grep "APACHE_MPM_DIR" | grep "worker"`
+ if test -n "httpd_model" ; then
+ AC_MSG_RESULT([good - threading model is supported])
+ elif test "$enable_threading" = yes ; then
+ AC_MSG_ERROR([threading model not supported - use --disable-threading to force use of unthreaded model])
+ else
+ AC_MSG_RESULT([NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly])
+ fi
fi
fi
14 years, 2 months
aclocal.m4 configure ltmain.sh m4/httpd.m4 Makefile.in
by Nathan Kinder
configure | 14 ++++++++++----
m4/httpd.m4 | 11 ++++++++---
2 files changed, 18 insertions(+), 7 deletions(-)
New commits:
commit 07346383364e6a3e37d8b2f44b305a70db26ba3c
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Thu Feb 11 16:14:54 2010 -0800
Make check for threaded httpd work with Apache 2.0
The check we use for a threaded httpd doesn't properly detect a
threaded Apache 2.0. This adds an additional check to the m4
file which makes this work.
diff --git a/Makefile.in b/Makefile.in
old mode 100644
new mode 100755
diff --git a/aclocal.m4 b/aclocal.m4
old mode 100644
new mode 100755
diff --git a/configure b/configure
index d293a35..a6d8935 100755
--- a/configure
+++ b/configure
@@ -23602,13 +23602,19 @@ else
if test "$httpd_model" = yes ; then
echo "$as_me:$LINENO: result: good - threading model is supported" >&5
echo "${ECHO_T}good - threading model is supported" >&6
- elif test "$enable_threading" = yes ; then
- { { echo "$as_me:$LINENO: error: threading model not supported - use --disable-threading to force use of unthreaded model" >&5
+ else
+ httpd_model=`$HTTPD -V | grep "APACHE_MPM_DIR" | grep "worker"`
+ if test -n "httpd_model" ; then
+ echo "$as_me:$LINENO: result: good - threading model is supported" >&5
+echo "${ECHO_T}good - threading model is supported" >&6
+ elif test "$enable_threading" = yes ; then
+ { { echo "$as_me:$LINENO: error: threading model not supported - use --disable-threading to force use of unthreaded model" >&5
echo "$as_me: error: threading model not supported - use --disable-threading to force use of unthreaded model" >&2;}
{ (exit 1); exit 1; }; }
- else
- echo "$as_me:$LINENO: result: NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly" >&5
+ else
+ echo "$as_me:$LINENO: result: NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly" >&5
echo "${ECHO_T}NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly" >&6
+ fi
fi
fi
diff --git a/ltmain.sh b/ltmain.sh
old mode 100644
new mode 100755
diff --git a/m4/httpd.m4 b/m4/httpd.m4
index 03a52a2..6b5b78d 100644
--- a/m4/httpd.m4
+++ b/m4/httpd.m4
@@ -93,10 +93,15 @@ else
httpd_model=`$HTTPD -V | grep "threaded:" | awk '{print $2}'`
if test "$httpd_model" = yes ; then
AC_MSG_RESULT([good - threading model is supported])
- elif test "$enable_threading" = yes ; then
- AC_MSG_ERROR([threading model not supported - use --disable-threading to force use of unthreaded model])
else
- AC_MSG_RESULT([NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly])
+ httpd_model=`$HTTPD -V | grep "APACHE_MPM_DIR" | grep "worker"`
+ if test -n "httpd_model" ; then
+ AC_MSG_RESULT([good - threading model is supported])
+ elif test "$enable_threading" = yes ; then
+ AC_MSG_ERROR([threading model not supported - use --disable-threading to force use of unthreaded model])
+ else
+ AC_MSG_RESULT([NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly])
+ fi
fi
fi
14 years, 2 months
Changes to 'Directory_Server_8_2_Branch'
by Nathan Kinder
New branch 'Directory_Server_8_2_Branch' available with the following commits:
commit 88b7a3c41efa013281b53a84bfbae40ac07b45a6
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Wed Feb 3 13:04:12 2010 -0800
560827 - Admin Server templates: DistinguishName validation fails
https://bugzilla.redhat.com/show_bug.cgi?id=560827
Description:
admserv/newinst/src/dirserver.map.in
/register_param.map.in
--- added escapedrootdn key, which is an escaped rootdn compliant
with RFC4514
admserv/schema/ldif/*.tmpl
--- removed unescaped '"' from dn strings, which violates RFC4514.
escaped special characters ('=' and ',') which used to be a
value surrounded in the double quotes '"'.
removed spaces around ','
commit c32338f6340e9080f87e10d7da65f03aa9f8f578
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Jan 25 18:25:16 2010 -0700
bump version to 1.1.11.a1
commit adec7ab204cf7b86a644555ae1abd6955c09b543
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Wed Jan 20 16:03:26 2010 -0700
this is the 1.1.10 release
commit 16ece800873a4ebf7800d861f4a2d7395e2894ed
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Jan 19 11:01:02 2010 -0700
this is version 1.1.10.a4
commit c40d756b0c2ad973b1fa7b9e0194e9635051e0f2
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Jan 14 14:05:29 2010 -0700
Allow configure to find genrb correctly on all platforms
Found a bug in genrb_wrapper.sh - was not removing the icu paths from
the command line arguments
Bumped version to 1.1.10.a3
commit 0a37464dd4f318fcb87cbb39d596589a5b0354cb
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Dec 18 10:08:57 2009 -0700
bump version to 1.1.10.a2
commit b0af80c971ecd51ced03d44dfe9679b1ac2703c0
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Dec 18 10:08:30 2009 -0700
Fix problem with genrb on F-12 and later
It seems that icu-config --bindir on F-12 and later returns /usr/sbin which
is not correct, or at least does not find genrb in /usr/bin - so changed
the genrb_wrapper script to look first in specified bindir, then in PATH -
this should allow it to work in those cases where we use a private ICU path,
but will also let it fallback to PATH for other cases.
commit 1c37653bc542936c3f4cdf8da5f163746692d09b
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Nov 13 13:26:19 2009 -0700
Add support for versioning via VERSION.sh - cleanup branding
This adds support for setting the package version and other information
by setting VERSION.sh. This allows us to change the version without having
to change configure.ac and running autogen.sh.
I also cleaned up the branding, using macros to replace the brand name and
other items in the files. This will allow us to rebrand the package by
simply editing or replacing VERSION.sh. When you run configure, the first
thing it will print is the branded package name and version.
I also cleaned up some obsolete files.
commit de59bed65e1ff0d071eb7f6c48c7f9e802867c9f
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Oct 8 18:51:47 2009 -0600
Allow use of unthreaded Apache
Allow the use of an Apache without threading support. The mod_admserv
authorization cache will not work correctly without threading support.
This means that most Console and Admin Server tasks will fail if the
configuration directory server is not available. If an Apache without
threading is found, configure will print an error and abort. You can
force the use of an unthreaded Apache by using the --disable-threading
configure option. Example:
configure --with-httpd=/usr/sbin/httpd # non-threaded
...
checking for /usr/sbin/httpd with threading support... configure: error: threading model not supported - use --disable-threading to force use of unthreaded model
configure aborts
Threading explicitly disabled:
configure --disable-threading --with-httpd=/usr/sbin/httpd # non-threaded
...
checking for --enable-threading... no
checking for /usr/sbin/httpd with threading support... NOTICE - threading support explicitly disabled - Admin Server authorization cache will not work correctly
...
configure detects that /usr/sbin/httpd does not use the Worker model (that
is, threading support) and prints a warning.
Also fix some minor compilation warnings.
commit 43ae9261a2d8ed45bbe6c38f1be4b146e816b558
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Oct 8 15:53:36 2009 -0600
Bump version to 1.1.10
commit 706254a3ac9a756c06c5718a70d838109e838fe0
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Oct 8 15:51:23 2009 -0600
Move mod_admserv and mod_restartd into adminserver
mod_admserv and mod_restartd are only ever used and built in conjunction
with the admin server, so they should be part of the admin server source
tree, and built and installed as part of the main admin server build.
The only files we need from the old CVS mod_admserv and mod_restartd
repos are the source files. The rest of the configure and makefile
code has been merged in with the main admin server configure.ac
and Makefile.am and httpd.m4.
commit fcca5586277ec20612cae35450e4825a6c922458
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Wed Oct 7 15:39:38 2009 -0700
Get rundir from sysconfig script.
The dsalib function used by the CGIs to get the DS rundir was
getting the data from the start-slapd script, which no longer
works since that script is just a thin wrapper around the
start-dirsrv script now. This patch changes the logic to get
the rundir from the instance sysconfig script.
commit b2c4a11c3c5df03d458d776d5a06cf30a53af6e3
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Sep 25 11:59:14 2009 -0600
setup-ds-admin.pl should use correct default hostname + port
https://bugzilla.redhat.com/show_bug.cgi?id=525785
Resolves: bug 525785
Bug Description: setup-ds-admin.pl should use correct default hostname + port
Reviewed by: nkinder (Thanks!)
Fix Description: We were not setting a default hostname and port in silent
mode. I also fixed a problem with the SysUser setting.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
commit ef88f3813f46ccc767f6a9f516bc337ddbd1371e
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Sep 21 20:15:46 2009 -0600
setup-ds-admin.pl: Can't call method "getErrorString" on an undefined value at /usr/lib64/dirsrv/perl/AdminUtil.pm line 405.
https://bugzilla.redhat.com/show_bug.cgi?id=520483
Resolves: bug 520483
Bug Description: setup-ds-admin.pl: Can't call method "getErrorString" on an undefined value at /usr/lib64/dirsrv/perl/AdminUtil.pm line 405.
Reviewed by: nkinder (Thanks!)
Fix Description: Just use "unknown" as the error string.
Platforms tested: Fedora 11 x86_64
Flag Day: no
Doc impact: no
commit 599065d3aa108b715c419e3ffb9ac6ef252d54bc
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Sep 21 15:29:14 2009 -0600
389-ds-base/glibmm24: conflicting perl provides
https://bugzilla.redhat.com/show_bug.cgi?id=523476
Resolves: bug 523476
Bug Description: 389-ds-base/glibmm24: conflicting perl provides
Reviewed by: ???
Files: see diff
Fix Description: Rename "Util" to "DSUtil"
Platforms tested: Fedora 11 x86_64
Flag Day: no
Doc impact: no
commit f40dce33d7f8b00f6e12288391815a142f1fcf09
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Sep 21 15:09:54 2009 -0600
Running setup-ds-admin.pl -u on replica with ldaps chokes on CA cert
https://bugzilla.redhat.com/show_bug.cgi?id=501846
Resolves: bug 501846
Bug Description: Running setup-ds-admin.pl -u on replica with ldaps chokes on CA cert
Reviewed by: nkinder (Thanks!)
Fix Description: If the config directory LDAP url begins with ldaps, set the certdb to the existing cert directory. NOTE that this assumes you have a valid CA cert in your cert db already, and does not allow you to change it during setup.
Platforms tested: Fedora 11 x86_64
Flag Day: no
Doc impact: no
commit 3ba4cbaa96d21830cb1963191db5239998030041
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Sep 14 16:09:53 2009 -0600
Add support for new ds base update framework
setup-ds-admin.pl -u will now use the new ds update
framework. The user will notice no change.
There is now a script in the framework which will convert the
configuration entries and files that used Fedora branding, and
convert them to use 389 branding.
Reviewed by: nhosoi, nkinder (Thanks!)
Platforms tested: Fedora 11
commit f35c7710b50208b185643daa2f1dc9470c40a050
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Thu Aug 6 16:09:41 2009 -0700
490997 Obsolete ACI in o=netscaperoot
Removing an obsolete ACI which targetfilter includes an old attribute
nsconfigRoot which does not exist any more.
commit aa60026f0a7672cd093f6a2b351b4c86c442d0ac
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Jul 28 16:38:42 2009 -0700
setup-ds-admin.pl Fix for objectclass violation
cn=Server Group inherits groupOfUniqueName, which MUST have uniqueMamber.
commit 395c0755db9ba9915459a90abbf9f0bcbc2a3b12
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Jul 21 08:01:25 2009 -0600
use 389-adminutil instead of adminutil
commit 2aa133e8f5046b290f0e06858038cef07f12da25
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Jun 18 13:24:23 2009 -0600
bump spec version to 1.1.8 for fedora review
commit fd0e27afd834d028ba772ecfb42790fa24469adc
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Jun 18 13:20:54 2009 -0600
bump version to 1.1.8 for fedora review
commit 3161410e41012ea3f42ae4e80bb8cc7af371fdb9
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Jun 18 13:20:01 2009 -0600
get rid of obsolete functions
commit 59c8a4b0de9ec389c7f6807ba67d88143bdc956d
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Wed Jun 17 13:54:50 2009 -0600
added 389-admin.spec
commit 2ddfcbd69c60c949245c442c0210749b16e205c8
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Wed Jun 17 13:50:25 2009 -0600
change license from gplv2+ to plain gplv2
commit e28b4ba34a43d5bda1633a3c5ec796a71456a7f9
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu May 21 17:16:25 2009 -0600
yet more link issues with libds-admin-serv
commit e495dc11b122c9db035da910e2373747c9f47863
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu May 21 16:55:39 2009 -0600
Add more libs for libds-admin-serv to resolve rpmlint issues
commit 75a511bbb0487150f0ea089f50f127d9b7470795
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu May 21 16:33:59 2009 -0600
Link libds-admin-serv with NSPR to avoid rpmlint missing weak symbol errors
also added .gitignore
commit 70ec15396bc283aff7abfdffd7ad328da54b7781
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Wed May 13 14:58:27 2009 -0600
rename to 389
changed brand and capbrand to 389
changed vendor to 389 Project
14 years, 2 months
Branch 'Directory_Server_8_2_Branch' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/ldbm_add.c | 66 ++++++++++++-----------------
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 47 ++++++++++++++------
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 19 +++++---
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 48 ++++++++++++++++-----
4 files changed, 112 insertions(+), 68 deletions(-)
New commits:
commit 1ae9a087b5f2401433a823903b3d7ee9744f1df9
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Feb 9 17:21:10 2010 -0800
563365 - Error handling problems in the backend functions
https://bugzilla.redhat.com/show_bug.cgi?id=563365
Error handling in ldbm_back_{add,delete,modify,modrdn} functions was
incomplete. When any error occurs after the transaction begins, the
changes made after that should be aborted. There were some cases the
abort was not called.
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index 95a93cc..3bd6eae 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -50,6 +50,12 @@ extern char *hassubordinates;
static void delete_update_entry_dn_operational_attributes(struct backentry *ep);
+#define ADD_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
/* in order to find the parent, we must have either the parent dn or uniqueid
This function will return true if either are set, or false otherwise */
static int
@@ -632,14 +638,11 @@ ldbm_back_add( Slapi_PBlock *pb )
if (retval != 0) {
LDAPDebug( LDAP_DEBUG_TRACE, "id2entry_add failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
if(is_resurect_operation)
@@ -653,14 +656,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 1 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
retval = index_addordel_string(be,SLAPI_ATTR_UNIQUEID,slapi_entry_get_uniqueid(addingentry->ep_entry),addingentry->ep_id,BE_INDEX_DEL,&txn);
@@ -672,14 +673,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 2 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
retval = index_addordel_string(be,SLAPI_ATTR_NSCP_ENTRYDN,slapi_sdn_get_ndn(&sdn),addingentry->ep_id,BE_INDEX_DEL,&txn);
@@ -691,14 +690,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 3 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
}
@@ -719,14 +716,11 @@ ldbm_back_add( Slapi_PBlock *pb )
if (retval != 0) {
LDAPDebug( LDAP_DEBUG_ANY, "add: attempt to index %lu failed\n",
(u_long)addingentry->ep_id, 0, 0 );
+ ADD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
if (parent_found) {
@@ -741,14 +735,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 1 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
}
@@ -768,14 +760,12 @@ ldbm_back_add( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_TRACE,
"vlv_update_index failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
}
@@ -805,8 +795,8 @@ ldbm_back_add( Slapi_PBlock *pb )
if (cache_replace( &inst->inst_cache, tombstoneentry, addingentry ) != 0 )
{
/* This happens if the dn of addingentry already exists */
- ldap_result_code= LDAP_ALREADY_EXISTS;
cache_unlock_entry( &inst->inst_cache, tombstoneentry );
+ ADD_SET_ERROR(ldap_result_code, LDAP_ALREADY_EXISTS, retry_count);
goto error_return;
}
/*
@@ -819,19 +809,18 @@ ldbm_back_add( Slapi_PBlock *pb )
}
if (parent_found)
{
- /* switch the parent entry copy into play */
+ /* switch the parent entry copy into play */
modify_switch_entries( &parent_modify_c,be);
}
retval = dblayer_txn_commit(li,&txn);
if (0 != retval)
{
+ ADD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
@@ -863,16 +852,17 @@ error_return:
disk_full = 1;
}
- /* It is safer not to abort when the transaction is not started. */
- if (retry_count > 0) {
- dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
- }
diskfull_return:
- if (disk_full)
+ if (disk_full) {
rc= return_on_disk_full(li);
- else
+ } else {
+ /* It is safer not to abort when the transaction is not started. */
+ if (retry_count > 0) {
+ dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ }
rc= SLAPI_FAIL_GENERAL;
+ }
common_return:
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index fdccc0f..bc298a9 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -45,6 +45,12 @@
#include "back-ldbm.h"
+#define DEL_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
int
ldbm_back_delete( Slapi_PBlock *pb )
{
@@ -430,7 +436,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY, "id2entry_add failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
tombstone_in_cache = 1;
@@ -450,7 +457,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -469,7 +477,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
}
if (retval != 0) {
LDAPDebug( LDAP_DEBUG_TRACE, "index_del_entry failed\n", 0, 0, 0 );
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
if(create_tombstone_entry)
@@ -495,7 +503,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_VALUE_TOMBSTONE, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
retval = index_addordel_string(be, SLAPI_ATTR_UNIQUEID,
@@ -514,7 +523,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_UNIQUEID, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
retval = index_addordel_string(be, SLAPI_ATTR_NSCP_ENTRYDN,
@@ -533,7 +543,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_NSCP_ENTRYDN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
/* add a new usn to the entryusn index */
@@ -556,7 +567,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_ENTRYUSN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -579,7 +591,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_ENTRYUSN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -608,7 +621,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_VALUE_TOMBSTONE, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
retval = index_addordel_string(be, SLAPI_ATTR_UNIQUEID,
@@ -627,7 +641,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_UNIQUEID, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -650,7 +665,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_NSCP_ENTRYDN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -675,7 +691,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_ENTRYUSN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -694,7 +711,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_TRACE, "delete 3 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -714,7 +732,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
}
if (retval != 0 ) {
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 9324c8d..3e2b9e9 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -50,6 +50,12 @@ extern char *hassubordinates;
static void remove_illegal_mods(LDAPMod **mods);
static int mods_have_effect (Slapi_Entry *entry, Slapi_Mods *smods);
+#define MOD_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
/* Modify context structure constructor, sans allocation */
void modify_init(modify_context *mc,struct backentry *old_entry)
{
@@ -405,7 +411,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY, "id2entry_add failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
ec_in_cache = 1;
@@ -419,7 +425,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY, "index_add_mods failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
/*
@@ -439,7 +445,8 @@ ldbm_back_modify( Slapi_PBlock *pb )
"vlv_update_index failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -455,7 +462,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
}
if (cache_replace( &inst->inst_cache, e, ec ) != 0 ) {
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -515,9 +522,9 @@ error_return:
disk_full = 1;
}
- if (disk_full)
+ if (disk_full) {
rc= return_on_disk_full(li);
- else if (ldap_result_code != LDAP_SUCCESS) {
+ } else if (ldap_result_code != LDAP_SUCCESS) {
if (retry_count > 0) {
/* It is safer not to abort when the transaction is not started. */
dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index 1873478..b88d964 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -52,6 +52,12 @@ static int moddn_rename_children(back_txn *ptxn, Slapi_PBlock *pb, backend *be,
static int modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbminfo *li, struct backentry *e, struct backentry *ec, Slapi_Mods *smods1, Slapi_Mods *smods2, Slapi_Mods *smods3);
static void mods_remove_nsuniqueid(Slapi_Mods *smods);
+#define MOD_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
int
ldbm_back_modrdn( Slapi_PBlock *pb )
{
@@ -634,7 +640,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_TRACE, "modrdn_rename_entry_update_indexes failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
/*
@@ -656,6 +663,9 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
char ebuf[ BUFSIZ ];
LDAPDebug( LDAP_DEBUG_ANY, "modrdn: rdn2typeval (%s) failed\n",
escape_string( rdns[i], ebuf ), 0, 0 );
+ if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
svp[0] = &sv;
@@ -663,21 +673,24 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
retval = index_addordel_values_sv( be, type, svp, NULL, ec->ep_id, BE_INDEX_ADD, &txn );
if (DB_LOCK_DEADLOCK == retval)
{
- /* Retry txn */
- continue;
+ /* To retry txn, once break "for loop" */
+ break;
}
- if (retval != 0 )
+ else if (retval != 0 )
{
LDAPDebug( LDAP_DEBUG_ANY, "modrdn: could not add new value to index, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
}
slapi_ldap_value_free( rdns );
if (DB_LOCK_DEADLOCK == retval)
{
/* Retry txn */
- goto error_return;
+ continue;
}
}
}
@@ -690,13 +703,18 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/* Retry txn */
continue;
}
- if (0 != retval)
+ else if (0 != retval)
{
- LDAPDebug( LDAP_DEBUG_TRACE, "moddn: could not update parent, err=%d %s\n", retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ LDAPDebug( LDAP_DEBUG_ANY, "modrdn: "
+ "could not update parent, err=%d %s\n", retval,
+ (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
/* Push out the db modifications from the new parent entry */
- if(retval==0)
+ else if(retval==0)
{
retval = modify_update_all(be, pb, &newparent_modify_context, &txn);
if (DB_LOCK_DEADLOCK == retval)
@@ -706,8 +724,14 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
if (0 != retval)
{
- LDAPDebug( LDAP_DEBUG_TRACE, "moddn: could not update parent, err=%d %s\n", retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ LDAPDebug( LDAP_DEBUG_TRACE, "modrdn: "
+ "could not update parent, err=%d %s\n", retval,
+ (msg = dblayer_strerror( retval )) ? msg : "",
+ 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
}
}
@@ -721,6 +745,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if (retval == DB_LOCK_DEADLOCK) continue;
if (retval == DB_RUNRECOVERY || LDBM_OS_ERR_IS_DISKFULL(retval))
disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -741,6 +767,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
if (retval == DB_RUNRECOVERY || LDBM_OS_ERR_IS_DISKFULL(retval))
disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -769,7 +797,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if (0 != retval)
{
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
14 years, 2 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/id2entry.c | 2
ldap/servers/slapd/back-ldbm/ldbm_add.c | 67 +++++++++++-----------------
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 53 +++++++++++++++-------
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 19 +++++--
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 69 +++++++++++++++++++++--------
ldap/servers/slapd/libglobs.c | 1
6 files changed, 132 insertions(+), 79 deletions(-)
New commits:
commit 508af98564fd93bf0eed9093c6b551e806ebee81
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Wed Feb 10 17:19:43 2010 -0800
563365 - Error handling problems in the backend functions
https://bugzilla.redhat.com/show_bug.cgi?id=563365
1) Error handling in ldbm_back_{add,delete,modify,modrdn} functions was
incomplete. When any error occurs after the transaction begins, the
changes made after that should be aborted. There were some cases the
abort was not called.
2) If modrdn failed in ldbm_back_modrdn, new DN in the DN cache was not
removed.
3) config_set_instancedir in libglobs.c was missing the function type.
diff --git a/ldap/servers/slapd/back-ldbm/id2entry.c b/ldap/servers/slapd/back-ldbm/id2entry.c
index 31c9141..83bf94d 100644
--- a/ldap/servers/slapd/back-ldbm/id2entry.c
+++ b/ldap/servers/slapd/back-ldbm/id2entry.c
@@ -193,7 +193,7 @@ id2entry_delete( backend *be, struct backentry *e, back_txn *txn )
Slapi_DN *sdn = slapi_sdn_dup(slapi_entry_get_sdn_const(e->ep_entry));
struct backdn *bdn = backdn_init(sdn, e->ep_id, 1);
CACHE_REMOVE(&inst->inst_dncache, bdn);
- backdn_free(&bdn);
+ CACHE_RETURN(&inst->inst_dncache, bdn);
}
rc = db->del( db,db_txn,&key,0 );
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index 75c64c3..0db57f6 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -50,6 +50,12 @@ extern char *hassubordinates;
static void delete_update_entrydn_operational_attributes(struct backentry *ep);
+#define ADD_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
/* in order to find the parent, we must have either the parent dn or uniqueid
This function will return true if either are set, or false otherwise */
static int
@@ -659,14 +665,11 @@ ldbm_back_add( Slapi_PBlock *pb )
if (retval != 0) {
LDAPDebug( LDAP_DEBUG_TRACE, "id2entry_add failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
if(is_resurect_operation)
@@ -680,14 +683,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 1 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
retval = index_addordel_string(be,SLAPI_ATTR_UNIQUEID,slapi_entry_get_uniqueid(addingentry->ep_entry),addingentry->ep_id,BE_INDEX_DEL,&txn);
@@ -699,14 +700,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 2 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
retval = index_addordel_string(be,SLAPI_ATTR_NSCP_ENTRYDN,slapi_sdn_get_ndn(&sdn),addingentry->ep_id,BE_INDEX_DEL,&txn);
@@ -718,14 +717,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 3 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
}
@@ -746,14 +743,11 @@ ldbm_back_add( Slapi_PBlock *pb )
if (retval != 0) {
LDAPDebug( LDAP_DEBUG_ANY, "add: attempt to index %lu failed\n",
(u_long)addingentry->ep_id, 0, 0 );
+ ADD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
if (parent_found) {
@@ -768,14 +762,12 @@ ldbm_back_add( Slapi_PBlock *pb )
if (0 != retval) {
LDAPDebug( LDAP_DEBUG_TRACE, "add 1 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
}
@@ -795,14 +787,12 @@ ldbm_back_add( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_TRACE,
"vlv_update_index failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ ADD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
- retry_count = RETRY_TIMES; /* otherwise, the transaction may not
- be aborted */
goto error_return;
}
}
@@ -832,8 +822,8 @@ ldbm_back_add( Slapi_PBlock *pb )
if (cache_replace( &inst->inst_cache, tombstoneentry, addingentry ) != 0 )
{
/* This happens if the dn of addingentry already exists */
- ldap_result_code= LDAP_ALREADY_EXISTS;
cache_unlock_entry( &inst->inst_cache, tombstoneentry );
+ ADD_SET_ERROR(ldap_result_code, LDAP_ALREADY_EXISTS, retry_count);
goto error_return;
}
/*
@@ -846,19 +836,18 @@ ldbm_back_add( Slapi_PBlock *pb )
}
if (parent_found)
{
- /* switch the parent entry copy into play */
+ /* switch the parent entry copy into play */
modify_switch_entries( &parent_modify_c,be);
}
retval = dblayer_txn_commit(li,&txn);
if (0 != retval)
{
+ ADD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
if (LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto diskfull_return;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
@@ -891,16 +880,16 @@ error_return:
disk_full = 1;
}
- /* It is safer not to abort when the transaction is not started. */
- if (retry_count > 0) {
- dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
- }
diskfull_return:
-
- if (disk_full)
+ if (disk_full) {
rc= return_on_disk_full(li);
- else
+ } else {
+ /* It is safer not to abort when the transaction is not started. */
+ if (retry_count > 0) {
+ dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ }
rc= SLAPI_FAIL_GENERAL;
+ }
common_return:
if (addingentry_in_cache && addingentry)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 9787300..8224114 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -45,6 +45,12 @@
#include "back-ldbm.h"
+#define DEL_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
int
ldbm_back_delete( Slapi_PBlock *pb )
{
@@ -445,7 +451,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY, "id2entry_add failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
if (cache_add_tentative( &inst->inst_cache, tombstone, NULL) == 0) {
@@ -467,7 +474,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
LDBM_OS_ERR_IS_DISKFULL(retval)) {
disk_full = 1;
}
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -486,7 +494,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
}
if (retval != 0) {
LDAPDebug( LDAP_DEBUG_TRACE, "index_del_entry failed\n", 0, 0, 0 );
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
if(create_tombstone_entry)
@@ -512,7 +520,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_VALUE_TOMBSTONE, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
retval = index_addordel_string(be, SLAPI_ATTR_UNIQUEID,
@@ -531,7 +540,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_UNIQUEID, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
retval = index_addordel_string(be, SLAPI_ATTR_NSCP_ENTRYDN,
@@ -550,7 +560,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_NSCP_ENTRYDN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
/* add a new usn to the entryusn index */
@@ -573,7 +584,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_ENTRYUSN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -596,7 +608,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_ENTRYUSN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -616,7 +629,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -645,7 +659,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_VALUE_TOMBSTONE, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
retval = index_addordel_string(be, SLAPI_ATTR_UNIQUEID,
@@ -664,7 +679,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_UNIQUEID, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -687,7 +703,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_NSCP_ENTRYDN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -712,7 +729,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
SLAPI_ATTR_ENTRYUSN, retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -732,7 +750,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
retval,
(msg = dblayer_strerror( retval )) ? msg : "" );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -751,7 +770,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_TRACE, "delete 3 BAD, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -771,7 +791,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
}
if (retval != 0 ) {
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ DEL_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 9a0bea0..3cda1d8 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -50,6 +50,12 @@ extern char *hassubordinates;
static void remove_illegal_mods(LDAPMod **mods);
static int mods_have_effect (Slapi_Entry *entry, Slapi_Mods *smods);
+#define MOD_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
/* Modify context structure constructor, sans allocation */
void modify_init(modify_context *mc,struct backentry *old_entry)
{
@@ -406,7 +412,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY, "id2entry_add failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
ec_in_cache = 1;
@@ -420,7 +426,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_ANY, "index_add_mods failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
/*
@@ -440,7 +446,8 @@ ldbm_back_modify( Slapi_PBlock *pb )
"vlv_update_index failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -456,7 +463,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
}
if (cache_replace( &inst->inst_cache, e, ec ) != 0 ) {
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -516,9 +523,9 @@ error_return:
disk_full = 1;
}
- if (disk_full)
+ if (disk_full) {
rc= return_on_disk_full(li);
- else if (ldap_result_code != LDAP_SUCCESS) {
+ } else if (ldap_result_code != LDAP_SUCCESS) {
if (retry_count > 0) {
/* It is safer not to abort when the transaction is not started. */
dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index 7af8432..117eb3b 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -52,21 +52,27 @@ static int moddn_rename_children(back_txn *ptxn, Slapi_PBlock *pb, backend *be,
static int modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbminfo *li, struct backentry *e, struct backentry *ec, Slapi_Mods *smods1, Slapi_Mods *smods2, Slapi_Mods *smods3);
static void mods_remove_nsuniqueid(Slapi_Mods *smods);
+#define MOD_SET_ERROR(rc, error, count) \
+{ \
+ (rc) = (error); \
+ (count) = RETRY_TIMES; /* otherwise, the transaction may not be aborted */ \
+}
+
int
ldbm_back_modrdn( Slapi_PBlock *pb )
{
backend *be;
ldbm_instance *inst;
- struct ldbminfo *li;
+ struct ldbminfo *li;
struct backentry *e= NULL;
struct backentry *ec= NULL;
int ec_in_cache= 0;
- back_txn txn;
- back_txnid parent_txn;
- int retval = -1;
- char *msg;
- Slapi_Entry *postentry = NULL;
- char *errbuf = NULL;
+ back_txn txn;
+ back_txnid parent_txn;
+ int retval = -1;
+ char *msg;
+ Slapi_Entry *postentry = NULL;
+ char *errbuf = NULL;
int disk_full = 0;
int retry_count = 0;
int ldap_result_code= LDAP_SUCCESS;
@@ -697,7 +703,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
LDAPDebug( LDAP_DEBUG_TRACE, "modrdn_rename_entry_update_indexes failed, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
/*
@@ -719,6 +726,9 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
char ebuf[ BUFSIZ ];
LDAPDebug( LDAP_DEBUG_ANY, "modrdn: rdn2typeval (%s) failed\n",
escape_string( rdns[i], ebuf ), 0, 0 );
+ if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
svp[0] = &sv;
@@ -726,21 +736,24 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
retval = index_addordel_values_sv( be, type, svp, NULL, ec->ep_id, BE_INDEX_ADD, &txn );
if (DB_LOCK_DEADLOCK == retval)
{
- /* Retry txn */
- continue;
+ /* To retry txn, once break "for loop" */
+ break;
}
- if (retval != 0 )
+ else if (retval != 0 )
{
LDAPDebug( LDAP_DEBUG_ANY, "modrdn: could not add new value to index, err=%d %s\n",
retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
}
slapi_ldap_value_free( rdns );
if (DB_LOCK_DEADLOCK == retval)
{
/* Retry txn */
- goto error_return;
+ continue;
}
}
}
@@ -753,13 +766,18 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
/* Retry txn */
continue;
}
- if (0 != retval)
+ else if (0 != retval)
{
- LDAPDebug( LDAP_DEBUG_TRACE, "moddn: could not update parent, err=%d %s\n", retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ LDAPDebug( LDAP_DEBUG_ANY, "modrdn: "
+ "could not update parent, err=%d %s\n", retval,
+ (msg = dblayer_strerror( retval )) ? msg : "", 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
/* Push out the db modifications from the new parent entry */
- if(retval==0)
+ else /* retval == 0 */
{
retval = modify_update_all(be, pb, &newparent_modify_context, &txn);
if (DB_LOCK_DEADLOCK == retval)
@@ -769,8 +787,14 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
}
if (0 != retval)
{
- LDAPDebug( LDAP_DEBUG_TRACE, "moddn: could not update parent, err=%d %s\n", retval, (msg = dblayer_strerror( retval )) ? msg : "", 0 );
+ LDAPDebug( LDAP_DEBUG_ANY, "modrdn: "
+ "could not update parent, err=%d %s\n", retval,
+ (msg = dblayer_strerror( retval )) ? msg : "",
+ 0 );
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
+ goto error_return;
}
}
}
@@ -784,6 +808,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if (retval == DB_LOCK_DEADLOCK) continue;
if (retval == DB_RUNRECOVERY || LDBM_OS_ERR_IS_DISKFULL(retval))
disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -800,6 +826,8 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
e->ep_id, &txn);
slapi_rdn_done(&newsrdn);
if (rc) {
+ MOD_SET_ERROR(ldap_result_code,
+ LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
}
@@ -821,6 +849,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
{
if (retval == DB_RUNRECOVERY || LDBM_OS_ERR_IS_DISKFULL(retval))
disk_full = 1;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -849,7 +878,7 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
if (0 != retval)
{
if (LDBM_OS_ERR_IS_DISKFULL(retval)) disk_full = 1;
- ldap_result_code= LDAP_OPERATIONS_ERROR;
+ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count);
goto error_return;
}
@@ -904,6 +933,12 @@ error_return:
slapi_entry_free( postentry );
postentry= NULL;
}
+ if (entryrdn_get_switch())
+ {
+ struct backdn *bdn = dncache_find_id(&inst->inst_dncache, e->ep_id);
+ CACHE_REMOVE(&inst->inst_dncache, bdn);
+ CACHE_RETURN(&inst->inst_dncache, &bdn);
+ }
if( ec!=NULL ) {
if (ec_in_cache) {
CACHE_REMOVE(&inst->inst_cache, ec);
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index efbda9c..c4026ac 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -4874,6 +4874,7 @@ config_get_instancedir()
return retVal;
}
+int
config_set_instancedir(const char *attrname, char *value, char *errorbuf, int apply)
{
int retVal = LDAP_SUCCESS;
14 years, 2 months
Branch 'Directory_Server_8_2_Branch' - 14 commits - ldap/admin ldap/servers
by Noriko Hosoi
ldap/admin/src/scripts/DSUpdate.pm.in | 2
ldap/servers/plugins/replication/repl5_protocol.c | 1
ldap/servers/slapd/back-ldbm/back-ldbm.h | 4 +
ldap/servers/slapd/back-ldbm/dblayer.c | 73 ++++++++++++----------
ldap/servers/slapd/back-ldbm/idl_new.c | 19 +----
ldap/servers/slapd/back-ldbm/index.c | 4 +
ldap/servers/slapd/back-ldbm/ldbm_add.c | 38 ++++++++++-
ldap/servers/slapd/back-ldbm/ldbm_attr.c | 1
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 21 +++++-
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 19 ++++-
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 29 ++++++--
ldap/servers/slapd/backend.c | 1
ldap/servers/slapd/entrywsi.c | 2
ldap/servers/slapd/libglobs.c | 37 ++++++++++-
ldap/servers/slapd/log.c | 2
ldap/servers/slapd/modrdn.c | 37 +++++++----
ldap/servers/slapd/plugin_syntax.c | 70 +++++++++++++++++++++
ldap/servers/slapd/sasl_map.c | 2
ldap/servers/slapd/slap.h | 1
ldap/servers/slapd/slapi-plugin.h | 19 +++++
20 files changed, 304 insertions(+), 78 deletions(-)
New commits:
commit 0fc8628c2216235e812f16093c396b66b8bd1739
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 17:24:27 2010 -0800
Fixing a memory leak in sasl_map.c
If not matched, Slapi_Regex was not freed.
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/sasl_map.c b/ldap/servers/slapd/sasl_map.c
index 08a6497..d6a84a7 100644
--- a/ldap/servers/slapd/sasl_map.c
+++ b/ldap/servers/slapd/sasl_map.c
@@ -543,8 +543,8 @@ sasl_map_check(sasl_map_data *dp, char *sasl_user_and_realm, char **ldap_search_
"regex: %s, subject: %s (%d)\n",
dp->regular_expression, sasl_user_and_realm, matched);
}
- slapi_re_free(re);
}
+ slapi_re_free(re);
LDAPDebug( LDAP_DEBUG_TRACE, "<- sasl_map_check\n", 0, 0, 0 );
return ret;
}
commit 122d5b7329797dbb53df88dc9a8e9a628f874965
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 17:22:22 2010 -0800
Check DN syntax in backend add, delete, modify and modrdn
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c
index fa53e05..95a93cc 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_add.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c
@@ -73,7 +73,7 @@ ldbm_back_add( Slapi_PBlock *pb )
struct ldbminfo *li;
ldbm_instance *inst;
char *dn = NULL;
- Slapi_Entry *e;
+ Slapi_Entry *e = NULL;
struct backentry *tombstoneentry = NULL;
struct backentry *addingentry = NULL;
struct backentry *parententry = NULL;
@@ -189,6 +189,17 @@ ldbm_back_add( Slapi_PBlock *pb )
if(slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_EXISTING_DN_ENTRY))
{
slapi_pblock_get( pb, SLAPI_ADD_TARGET, &dn );
+ if (NULL == dn)
+ {
+ goto error_return;
+ }
+ ldap_result_code = slapi_dn_syntax_check(pb, dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
slapi_sdn_set_dn_byref(&sdn, dn);
slapi_sdn_get_backend_parent(&sdn,&parentsdn,pb->pb_backend);
/* Check if an entry with the intended DN already exists. */
@@ -196,6 +207,11 @@ ldbm_back_add( Slapi_PBlock *pb )
addr.dn = dn;
addr.uniqueid = NULL;
ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_EXISTING_DN_ENTRY, !is_replicated_operation);
+ if(ldap_result_code==LDAP_OPERATIONS_ERROR ||
+ ldap_result_code==LDAP_INVALID_DN_SYNTAX)
+ {
+ goto error_return;
+ }
}
/* if we can find the parent by dn or uniqueid, and the operation has requested the parent
then get it */
@@ -622,6 +638,8 @@ ldbm_back_add( Slapi_PBlock *pb )
goto diskfull_return;
}
ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retry_count = RETRY_TIMES; /* otherwise, the transaction may not
+ be aborted */
goto error_return;
}
if(is_resurect_operation)
@@ -641,6 +659,8 @@ ldbm_back_add( Slapi_PBlock *pb )
goto diskfull_return;
}
ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retry_count = RETRY_TIMES; /* otherwise, the transaction may not
+ be aborted */
goto error_return;
}
retval = index_addordel_string(be,SLAPI_ATTR_UNIQUEID,slapi_entry_get_uniqueid(addingentry->ep_entry),addingentry->ep_id,BE_INDEX_DEL,&txn);
@@ -658,6 +678,8 @@ ldbm_back_add( Slapi_PBlock *pb )
goto diskfull_return;
}
ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retry_count = RETRY_TIMES; /* otherwise, the transaction may not
+ be aborted */
goto error_return;
}
retval = index_addordel_string(be,SLAPI_ATTR_NSCP_ENTRYDN,slapi_sdn_get_ndn(&sdn),addingentry->ep_id,BE_INDEX_DEL,&txn);
@@ -675,6 +697,8 @@ ldbm_back_add( Slapi_PBlock *pb )
goto diskfull_return;
}
ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retry_count = RETRY_TIMES; /* otherwise, the transaction may not
+ be aborted */
goto error_return;
}
}
@@ -701,6 +725,8 @@ ldbm_back_add( Slapi_PBlock *pb )
goto diskfull_return;
}
ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retry_count = RETRY_TIMES; /* otherwise, the transaction may not
+ be aborted */
goto error_return;
}
if (parent_found) {
@@ -721,6 +747,8 @@ ldbm_back_add( Slapi_PBlock *pb )
goto diskfull_return;
}
ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retry_count = RETRY_TIMES; /* otherwise, the transaction may not
+ be aborted */
goto error_return;
}
}
@@ -746,6 +774,8 @@ ldbm_back_add( Slapi_PBlock *pb )
goto diskfull_return;
}
ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retry_count = RETRY_TIMES; /* otherwise, the transaction may not
+ be aborted */
goto error_return;
}
}
@@ -833,8 +863,10 @@ error_return:
disk_full = 1;
}
- /* It is specifically OK to make this call even when no transaction was in progress */
- dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ /* It is safer not to abort when the transaction is not started. */
+ if (retry_count > 0) {
+ dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ }
diskfull_return:
if (disk_full)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 74d8de8..fdccc0f 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -49,7 +49,7 @@ int
ldbm_back_delete( Slapi_PBlock *pb )
{
backend *be;
- ldbm_instance *inst;
+ ldbm_instance *inst = NULL;
struct ldbminfo *li = NULL;
struct backentry *e = NULL;
struct backentry *tombstone = NULL;
@@ -63,7 +63,7 @@ ldbm_back_delete( Slapi_PBlock *pb )
int disk_full = 0;
int parent_found = 0;
modify_context parent_modify_c = {0};
- int rc;
+ int rc = 0;
int ldap_result_code= LDAP_SUCCESS;
char *ldap_result_message= NULL;
Slapi_DN sdn;
@@ -99,6 +99,18 @@ ldbm_back_delete( Slapi_PBlock *pb )
slapi_log_error (SLAPI_LOG_TRACE, "ldbm_back_delete", "enter conn=%" NSPRIu64 " op=%d\n", pb->pb_conn->c_connid, operation->o_opid);
}
+ if (NULL == addr)
+ {
+ goto error_return;
+ }
+ ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
+
is_fixup_operation = operation_is_flag_set(operation, OP_FLAG_REPL_FIXUP);
is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV);
delete_tombstone_entry = operation_is_flag_set(operation, OP_FLAG_TOMBSTONE_ENTRY);
@@ -163,6 +175,11 @@ ldbm_back_delete( Slapi_PBlock *pb )
*/
ldap_result_code= get_copy_of_entry(pb, addr, &txn,
SLAPI_DELETE_EXISTING_ENTRY, !is_replicated_operation);
+ if(ldap_result_code==LDAP_OPERATIONS_ERROR ||
+ ldap_result_code==LDAP_INVALID_DN_SYNTAX)
+ {
+ goto error_return;
+ }
slapi_pblock_set(pb, SLAPI_RESULT_CODE, &ldap_result_code);
if(plugin_call_plugins(pb, SLAPI_PLUGIN_BE_PRE_DELETE_FN)==-1)
{
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 6883d09..9324c8d 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -185,7 +185,7 @@ ldbm_back_modify( Slapi_PBlock *pb )
backend *be;
ldbm_instance *inst;
struct ldbminfo *li;
- struct backentry *e, *ec = NULL;
+ struct backentry *e = NULL, *ec = NULL;
Slapi_Entry *postentry = NULL;
LDAPMod **mods;
Slapi_Mods smods = {0};
@@ -219,6 +219,17 @@ ldbm_back_modify( Slapi_PBlock *pb )
is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV);
inst = (ldbm_instance *) be->be_instance_info;
+ if (NULL == addr)
+ {
+ goto error_return;
+ }
+ ldap_result_code = slapi_dn_syntax_check(pb, addr->dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
dblayer_txn_init(li,&txn);
/* The dblock serializes writes to the database,
@@ -507,8 +518,10 @@ error_return:
if (disk_full)
rc= return_on_disk_full(li);
else if (ldap_result_code != LDAP_SUCCESS) {
- /* It is specifically OK to make this call even when no transaction was in progress */
- dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ if (retry_count > 0) {
+ /* It is safer not to abort when the transaction is not started. */
+ dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ }
rc= SLAPI_FAIL_GENERAL;
}
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index ce4c879..1873478 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -80,11 +80,11 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
IDList *children= NULL;
struct backentry **child_entries= NULL;
struct backentry **child_entry_copies= NULL;
- Slapi_DN dn_olddn;
- Slapi_DN dn_newdn;
- Slapi_DN dn_newrdn;
- Slapi_DN dn_newsuperiordn;
- Slapi_DN dn_parentdn;
+ Slapi_DN dn_olddn = {0};
+ Slapi_DN dn_newdn = {0};
+ Slapi_DN dn_newrdn = {0};
+ Slapi_DN dn_newsuperiordn = {0};
+ Slapi_DN dn_parentdn = {0};
int rc;
int isroot;
LDAPMod **mods;
@@ -202,8 +202,21 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
newdn= moddn_get_newdn(pb,&dn_olddn,&dn_newrdn,&dn_newsuperiordn);
slapi_sdn_set_dn_passin(&dn_newdn,newdn);
new_addr.dn = (char*)slapi_sdn_get_ndn (&dn_newdn);
+ /* check dn syntax on newdn */
+ ldap_result_code = slapi_dn_syntax_check(pb, new_addr.dn, 1);
+ if (ldap_result_code)
+ {
+ ldap_result_code = LDAP_INVALID_DN_SYNTAX;
+ slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message);
+ goto error_return;
+ }
new_addr.uniqueid = NULL;
ldap_result_code= get_copy_of_entry(pb, &new_addr, &txn, SLAPI_MODRDN_EXISTING_ENTRY, 0);
+ if(ldap_result_code==LDAP_OPERATIONS_ERROR ||
+ ldap_result_code==LDAP_INVALID_DN_SYNTAX)
+ {
+ goto error_return;
+ }
}
if(slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_PARENT_ENTRY))
{
@@ -819,8 +832,10 @@ error_return:
}
else
{
- /* It is specifically OK to make this call even when no transaction was in progress */
- dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ /* It is safer not to abort when the transaction is not started. */
+ if (retry_count > 0) {
+ dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */
+ }
retval= SLAPI_FAIL_GENERAL;
}
commit c078202b6cb0860ecd62d57dc00ce0fc007b24b7
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 17:18:59 2010 -0800
Fixing error logs in modrdn.c
If internal op, connid and opid should be LOG_INTERNAL_OP_CON_ID
and LOG_INTERNAL_OP_OP_ID, respectively.
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/modrdn.c b/ldap/servers/slapd/modrdn.c
index e27b96e..38d1300 100644
--- a/ldap/servers/slapd/modrdn.c
+++ b/ldap/servers/slapd/modrdn.c
@@ -352,7 +352,7 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
{
if ( !internal_op )
{
- slapi_log_access(LDAP_DEBUG_STATS,
+ slapi_log_access(SLAPI_LOG_ARGS,
"conn=%" NSPRIu64 " op=%d MODRDN dn=\"%s\" newrdn=\"%s\" newsuperior=\"%s\"\n",
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
@@ -362,7 +362,7 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
}
else
{
- slapi_log_access(LDAP_DEBUG_ARGS,
+ slapi_log_access(SLAPI_LOG_ARGS,
"conn=%s op=%d MODRDN dn=\"%s\" newrdn=\"%s\" newsuperior=\"%s\"\n",
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
@@ -375,11 +375,19 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
/* check that the rdn is formatted correctly */
if ((rdns = ldap_explode_rdn(newrdn, 0)) == NULL)
{
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ if ( !internal_op ) {
+ slapi_log_error(SLAPI_LOG_ARGS, NULL,
"conn=%" NSPRIu64 " op=%d MODRDN invalid new RDN (\"%s\")\n",
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
(NULL == newrdn) ? "(null)" : newrdn);
+ } else {
+ slapi_log_error(SLAPI_LOG_ARGS, NULL,
+ "conn=%" NSPRIu64 " op=%d MODRDN invalid new RDN (\"%s\")\n",
+ LOG_INTERNAL_OP_CON_ID,
+ LOG_INTERNAL_OP_OP_ID,
+ (NULL == newrdn) ? "(null)" : newrdn);
+ }
send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL, "invalid RDN", 0, NULL);
goto free_and_return_nolock;
}
@@ -395,22 +403,27 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
}
/* check that the dn is formatted correctly */
- if ((rdns = ldap_explode_dn(newsuperior, 0)) == NULL)
+ err = slapi_dn_syntax_check(pb, newsuperior, 1);
+ if (err)
{
- LDAPDebug(LDAP_DEBUG_ARGS, "ldap_explode_dn of newSuperior failed\n", 0, 0, 0);
- slapi_log_error(SLAPI_LOG_FATAL, NULL,
+ LDAPDebug0Args(LDAP_DEBUG_ARGS, "Syntax check of newSuperior failed\n");
+ if (!internal_op) {
+ slapi_log_error(SLAPI_LOG_ARGS, NULL,
"conn=%" NSPRIu64 " op=%d MODRDN invalid new superior (\"%s\")",
pb->pb_conn->c_connid,
pb->pb_op->o_opid,
(NULL == newsuperior) ? "(null)" : newsuperiorbuf);
- send_ldap_result(pb, LDAP_PROTOCOL_ERROR, NULL,
+ } else {
+ slapi_log_error(SLAPI_LOG_ARGS, NULL,
+ "conn=%" NSPRIu64 " op=%d MODRDN invalid new superior (\"%s\")",
+ LOG_INTERNAL_OP_CON_ID,
+ LOG_INTERNAL_OP_OP_ID,
+ (NULL == newsuperior) ? "(null)" : newsuperiorbuf);
+ }
+ send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL,
"newSuperior does not look like a DN", 0, NULL);
goto free_and_return_nolock;
}
- else
- {
- slapi_ldap_value_free(rdns);
- }
if (newsuperior != NULL)
{
@@ -432,7 +445,7 @@ op_shared_rename(Slapi_PBlock *pb, int passin_args)
* if we don't hold it.
*/
if ((err = slapi_mapping_tree_select_and_check(pb, newdn, &be, &referral, errorbuf)) != LDAP_SUCCESS)
- {
+ {
send_ldap_result(pb, err, NULL, errorbuf, 0, NULL);
goto free_and_return_nolock;
}
commit b7ca806275bda9a38ce811575c1faf7a6d3f98ca
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 17:17:07 2010 -0800
Adding DN syntax check API slapi_dn_syntax_check
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/plugin_syntax.c b/ldap/servers/slapd/plugin_syntax.c
index 945271e..e2cc7fb 100644
--- a/ldap/servers/slapd/plugin_syntax.c
+++ b/ldap/servers/slapd/plugin_syntax.c
@@ -261,6 +261,76 @@ plugin_call_syntax_filter_sub_sv(
return( rc );
}
+/* Checks if the DN string is valid according to the Distinguished Name
+ * syntax. Setting override to 1 will force syntax checking to be performed,
+ * even if syntax checking is disabled in the config. Setting override to 0
+ * will obey the config settings.
+ *
+ * Returns 1 if there is a syntax violation and sets the error message
+ * appropriately. Returns 0 if everything checks out fine.
+ */
+int
+slapi_dn_syntax_check(
+ Slapi_PBlock *pb, char *dn, int override
+)
+{
+ int ret = 0;
+ int is_replicated_operation = 0;
+ int syntaxcheck = config_get_syntaxcheck();
+ int syntaxlogging = config_get_syntaxlogging();
+ char errtext[ BUFSIZ ];
+ char *errp = &errtext[0];
+ struct slapdplugin *dn_plugin = NULL;
+ struct berval dn_bval = {0};
+
+ if (pb != NULL) {
+ slapi_pblock_get(pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation);
+ }
+
+ /* If syntax checking and logging are off, or if this is a
+ * replicated operation, just return that the syntax is OK. */
+ if (((syntaxcheck == 0) && (syntaxlogging == 0) && (override == 0)) ||
+ is_replicated_operation) {
+ goto exit;
+ }
+
+ /* Locate the dn syntax plugin. */
+ slapi_attr_type2plugin("distinguishedName", (void **)&dn_plugin);
+
+ /* Assume the value is valid if we don't find a dn validate function */
+ if (dn_plugin && dn_plugin->plg_syntax_validate != NULL) {
+ /* Create a berval to pass to the validate function. */
+ if (dn) {
+ dn_bval.bv_val = dn;
+ dn_bval.bv_len = strlen(dn);
+
+ /* Validate the value. */
+ if (dn_plugin->plg_syntax_validate(&dn_bval) != 0) {
+ if (syntaxlogging) {
+ slapi_log_error( SLAPI_LOG_FATAL, "Syntax Check",
+ "DN value (%s) invalid per syntax\n", dn ? dn : "");
+ }
+
+ if (syntaxcheck || override) {
+ if (pb) {
+ errp += PR_snprintf( errp, sizeof(errtext),
+ "DN value invalid per syntax\n" );
+ }
+ ret = 1;
+ }
+ }
+ }
+ }
+
+ /* See if we need to set the error text in the pblock. */
+ if (errp != &errtext[0]) {
+ slapi_pblock_set( pb, SLAPI_PB_RESULT_TEXT, errtext );
+ }
+
+exit:
+ return( ret );
+}
+
/* Checks if the values of all attributes in an entry are valid for the
* syntax specified for the attribute in question. Setting override to
* 1 will force syntax checking to be performed, even if syntax checking
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index d35c12c..2640ed1 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -1337,6 +1337,25 @@ int slapi_entry_schema_check( Slapi_PBlock *pb, Slapi_Entry *e );
int slapi_entry_syntax_check( Slapi_PBlock *pb, Slapi_Entry *e, int override );
/**
+ * Determines if the DN violates the Distinguished Name syntax rules.
+ *
+ * \param pb Parameter block.
+ * \param dn The dn string you want to check.
+ * \param override Flag to override the server configuration and force syntax checking
+ * to be performed.
+ * \return \c 0 if the DN complies with the Distinguished Name syntax rules or if
+ * syntax checking is disabled.
+ * \return \c 1 if the DN violates the Distinguished Name syntax rules. If the \c pb
+ * parameter was passed in, an error message will be set in the
+ * #SLAPI_PB_RESULT_TEXT parameter.
+ * \warning The \c pb parameter can be \c NULL. It is used to store an error
+ * message with details of any syntax violations. The \c pb paramter
+ * is also used to check if the #SLAPI_IS_REPLICATED_OPERATION flag is
+ * set. If that flag is present, no syntax checking is performed.
+ */
+int slapi_dn_syntax_check( Slapi_PBlock *pb, char *dn, int override );
+
+/**
* Determines if any values being added to an entry violate the syntax rules
* imposed by the associated attribute type.
*
commit 7fe2876c3415d8960876c746f3e6f26f67360355
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 17:05:55 2010 -0800
Fixing a wrong comment in log.c
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/log.c b/ldap/servers/slapd/log.c
index ac6bdc7..328002d 100644
--- a/ldap/servers/slapd/log.c
+++ b/ldap/servers/slapd/log.c
@@ -649,7 +649,7 @@ log_update_auditlogdir(char *pathname, int apply)
loginfo.log_numof_audit_logs = 1;
}
- /* Now open the new errorlog */
+ /* Now open the new auditlog */
if ( audit_log_openf (pathname, 1 /* locked */)) {
rv = LDAP_LOCAL_ERROR; /* error: Unable to use the new dir */
}
commit 483a3950a2f8ccf48c271cc23baa5f32433870ae
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Feb 9 09:30:21 2010 -0800
Adding instancedir getter and setter to libglobs.c
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 3726dfd..8f02d03 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -564,7 +564,8 @@ static struct config_get_and_set {
NULL, 0, NULL, CONFIG_ON_OFF, (ConfigGetFunc)config_get_hash_filters},
/* instance dir; used by admin tasks */
{CONFIG_INSTDIR_ATTRIBUTE, config_set_instancedir,
- NULL, 0, NULL, CONFIG_STRING, NULL},
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.instancedir, CONFIG_STRING, NULL},
/* parameterizing schema dir */
{CONFIG_SCHEMADIR_ATTRIBUTE, config_set_schemadir,
NULL, 0,
@@ -4860,11 +4861,41 @@ config_set_configdir(const char *attrname, char *value, char *errorbuf, int appl
return retVal;
}
-/* W/o the setter, "config_set: the attribute nsslapd-instancedir is read only" is printed out. */
+char *
+config_get_instancedir()
+{
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+ char *retVal;
+
+ CFG_LOCK_READ(slapdFrontendConfig);
+ retVal = config_copy_strval(slapdFrontendConfig->instancedir);
+ CFG_UNLOCK_READ(slapdFrontendConfig);
+
+ return retVal;
+}
+
int
config_set_instancedir(const char *attrname, char *value, char *errorbuf, int apply)
{
- return LDAP_SUCCESS;
+ int retVal = LDAP_SUCCESS;
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ if ( config_value_is_null( attrname, value, errorbuf, 0 )) {
+ return LDAP_OPERATIONS_ERROR;
+ }
+
+ if (!apply) {
+ return retVal;
+ }
+
+ CFG_LOCK_WRITE(slapdFrontendConfig);
+ /* We don't want to allow users to modify instance dir.
+ * Set it once when the server starts. */
+ if (NULL == slapdFrontendConfig->instancedir) {
+ slapdFrontendConfig->instancedir = slapi_ch_strdup(value);
+ }
+ CFG_UNLOCK_WRITE(slapdFrontendConfig);
+ return retVal;
}
char *
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 93f8470..e7c0dc6 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -2014,6 +2014,7 @@ typedef struct _slapdFrontendConfig {
char *workingdir; /* full path of directory before detach */
char *configdir; /* full path name of directory containing configuration files */
char *schemadir; /* full path name of directory containing schema files */
+ char *instancedir;/* full path name of instance directory */
char *lockdir; /* full path name of directory containing lock files */
char *tmpdir; /* full path name of directory containing tmp files */
char *certdir; /* full path name of directory containing cert files */
commit d07e40b8608afc718a85013b0b8a0b77387918ff
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 16:52:36 2010 -0800
Fixing a typo in entrywsi.c
Replacing "recieve" with "receive".
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/entrywsi.c b/ldap/servers/slapd/entrywsi.c
index 579d044..5fcb30d 100644
--- a/ldap/servers/slapd/entrywsi.c
+++ b/ldap/servers/slapd/entrywsi.c
@@ -754,7 +754,7 @@ entry_apply_mods_wsi(Slapi_Entry *e, Slapi_Mods *smods, const CSN *csn, int urp)
/*
* This code implements a computed attribute called 'nscpEntryWSI'.
- * By specifically asking for this attribute the client will recieve
+ * By specifically asking for this attribute the client will receive
* an LDIF dump of the entry with all its state information.
*
* JCM - Security... Only for the Directory Manager.
commit 095458009c5ceae5ce7f93e4fbb2cb9cf83c78fa
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 16:50:05 2010 -0800
Initializing be_usn_counter in Slapi_Backend
A field be_usn_counter was not initialized.
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/backend.c b/ldap/servers/slapd/backend.c
index c8380c6..1fd198e 100644
--- a/ldap/servers/slapd/backend.c
+++ b/ldap/servers/slapd/backend.c
@@ -94,6 +94,7 @@ be_init( Slapi_Backend *be, const char *type, const char *name, int isprivate, i
be->be_state_lock = PR_NewLock();
be->be_name = slapi_ch_strdup(name);
be->be_mapped = 0;
+ be->be_usn_counter = 0;
}
void
commit d762d35af6ba1ef497cdc7686b59979eafff01fd
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 15:51:26 2010 -0800
Fixing a memory leak in ldbm_attr.c
ai_attrcrypt in attrinfo was not freed in attrinfo_delete.
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_attr.c b/ldap/servers/slapd/back-ldbm/ldbm_attr.c
index eccf854..3baadc1 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_attr.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_attr.c
@@ -60,6 +60,7 @@ attrinfo_delete(struct attrinfo **pp)
(*pp)->ai_key_cmp_fn = NULL;
slapi_ch_free((void**)&((*pp)->ai_type));
slapi_ch_free((void**)(*pp)->ai_index_rules);
+ slapi_ch_free((void**)&((*pp)->ai_attrcrypt));
slapi_ch_free((void**)pp);
*pp= NULL;
}
commit a36cd3f304a0273496f7bf6c9b2e07fd580655c8
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 14:57:34 2010 -0800
Fixing a memory leak in dblayer.c
index_range_next_key was leaking key->data.
Back porting a bug fix from the subtree rename
change (b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/back-ldbm/index.c b/ldap/servers/slapd/back-ldbm/index.c
index 3125256..abb4b02 100644
--- a/ldap/servers/slapd/back-ldbm/index.c
+++ b/ldap/servers/slapd/back-ldbm/index.c
@@ -1001,6 +1001,10 @@ retry:
goto error;
}
}
+ if (saved_key != key->data) {
+ /* key could be allocated in the above c_get */
+ DBT_FREE_PAYLOAD(*key);
+ }
/* Seek to the next one
* [612498] NODUP is needed for new idl to get the next non-duplicated key
* No effect on old idl since there's no dup there (i.e., DB_NEXT == DB_NEXT_NODUP)
commit 138b0e0d32c48d27ce1b508f20920ea563314078
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 14:46:06 2010 -0800
Fixing a memory leak in idl_new.c
idl_new_delete_key was leaking key->data.
Back porting a bug fix from the subtree rename
change (b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/back-ldbm/back-ldbm.h b/ldap/servers/slapd/back-ldbm/back-ldbm.h
index 733bfe3..ac886a3 100644
--- a/ldap/servers/slapd/back-ldbm/back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/back-ldbm.h
@@ -119,6 +119,10 @@ typedef unsigned short u_int16_t;
#endif
#include "db.h"
+#ifndef DB_BUFFER_SMALL
+#define DB_BUFFER_SMALL ENOMEM
+#endif
+
#define dptr data
#define dsize size
diff --git a/ldap/servers/slapd/back-ldbm/idl_new.c b/ldap/servers/slapd/back-ldbm/idl_new.c
index 61bd34e..9bd2cc2 100644
--- a/ldap/servers/slapd/back-ldbm/idl_new.c
+++ b/ldap/servers/slapd/back-ldbm/idl_new.c
@@ -254,7 +254,7 @@ IDList * idl_new_fetch(
if (0 != ret) {
if (DB_NOTFOUND != ret) {
#ifdef DB_USE_BULK_FETCH
- if (ret == ENOMEM) {
+ if (ret == DB_BUFFER_SMALL) {
LDAPDebug(LDAP_DEBUG_ANY, "database index is corrupt; "
"data item for key %s is too large for our buffer "
"(need=%d actual=%d)\n",
@@ -489,25 +489,18 @@ int idl_new_delete_key(
data.ulen = sizeof(id);
data.size = sizeof(id);
data.flags = DB_DBT_USERMEM;
- data.data = &tmpid;
- ret = cursor->c_get(cursor,key,&data,DB_SET);
+ data.data = &id;
+ /* Position cursor at the key, value pair */
+ ret = cursor->c_get(cursor,key,&data,DB_GET_BOTH);
if (0 == ret) {
if (tmpid == ALLID) {
goto error; /* allid: never delete it */
}
- } else if (DB_NOTFOUND != ret) {
- ldbm_nasty(filename,22,ret);
- goto error;
- }
-
- /* Position cursor at the key, value pair */
- data.data = &id;
- ret = cursor->c_get(cursor,key,&data,DB_GET_BOTH);
- if (0 != ret) {
+ } else {
if (DB_NOTFOUND == ret) {
ret = 0; /* Not Found is OK, return immediately */
} else {
- ldbm_nasty(filename,23,ret);
+ ldbm_nasty(filename,22,ret);
}
goto error;
}
commit cd60fca5c10def001fc0c0ea0421756cfc976dc5
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 13:39:39 2010 -0800
Fixing a memory leak in dblayer.c
dblayer_private_env and its lock and dblayer_data_directories
were leaking. Back porting a bug fix from the subtree rename
change (b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
index 1a56c96..35626fc 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -650,10 +650,6 @@ int dblayer_terminate(struct ldbminfo *li)
}
slapi_ch_free_string(&priv->dblayer_log_directory);
- /* no need to release dblayer_home_directory,
- * which is one of dblayer_data_directories */
- charray_free(priv->dblayer_data_directories);
- priv->dblayer_data_directories = NULL;
PR_DestroyCondVar(priv->thread_count_cv);
priv->thread_count_cv = NULL;
PR_DestroyLock(priv->thread_count_lock);
@@ -1191,8 +1187,8 @@ dblayer_make_env(struct dblayer_private_env **env, struct ldbminfo *li)
Object *inst_obj;
ldbm_instance *inst = NULL;
- pEnv =
- (struct dblayer_private_env *) PR_Calloc(1, sizeof(dblayer_private_env));
+ pEnv = (struct dblayer_private_env *)slapi_ch_calloc(1,
+ sizeof(dblayer_private_env));
if ((ret = db_env_create(&pEnv->dblayer_DB_ENV, 0)) != 0) {
LDAPDebug(LDAP_DEBUG_ANY,
@@ -1214,7 +1210,6 @@ dblayer_make_env(struct dblayer_private_env **env, struct ldbminfo *li)
dblayer_dump_config_tracing(priv);
/* set data dir to avoid having absolute paths in the transaction log */
- priv->dblayer_data_directories = NULL;
for (inst_obj = objset_first_obj(li->li_instance_set);
inst_obj;
inst_obj = objset_next_obj(li->li_instance_set, inst_obj))
@@ -1226,7 +1221,7 @@ dblayer_make_env(struct dblayer_private_env **env, struct ldbminfo *li)
inst->inst_parent_dir_name))
{
charray_add(&(priv->dblayer_data_directories),
- inst->inst_parent_dir_name);
+ slapi_ch_strdup(inst->inst_parent_dir_name));
}
}
}
@@ -1260,28 +1255,35 @@ dblayer_make_env(struct dblayer_private_env **env, struct ldbminfo *li)
return ret;
}
+static void
+dblayer_free_env(struct dblayer_private_env **env)
+{
+ if (NULL == env || NULL == *env) {
+ return;
+ }
+ if ((*env)->dblayer_env_lock) {
+ PR_DestroyRWLock((*env)->dblayer_env_lock);
+ (*env)->dblayer_env_lock = NULL;
+ }
+ slapi_ch_free((void **)env);
+ return;
+}
+
/* generate an absolute path if the given instance dir is not. */
char *
dblayer_get_full_inst_dir(struct ldbminfo *li, ldbm_instance *inst,
char *buf, int buflen)
{
- char *parent_dir;
- int mylen;
+ char *parent_dir = NULL;
+ int mylen = 0;
if (!inst)
return NULL;
- if (inst->inst_parent_dir_name)
+ if (inst->inst_parent_dir_name) /* e.g., /var/lib/dirsrv/slapd-ID/db */
{
parent_dir = inst->inst_parent_dir_name;
- if (inst->inst_parent_dir_name)
- {
- mylen = strlen(parent_dir) + strlen(inst->inst_dir_name) + 2;
- }
- else
- {
- mylen = strlen(parent_dir) + 1;
- }
+ mylen = strlen(parent_dir) + 1;
}
else
{
@@ -1295,7 +1297,7 @@ dblayer_get_full_inst_dir(struct ldbminfo *li, ldbm_instance *inst,
}
- if (inst->inst_dir_name)
+ if (inst->inst_dir_name) /* e.g., userRoot */
{
mylen += strlen(inst->inst_dir_name) + 2;
if (!buf || mylen > buflen)
@@ -1443,7 +1445,7 @@ int dblayer_start(struct ldbminfo *li, int dbmode)
LDAPDebug(LDAP_DEBUG_ANY,
"Error: DB directory is not specified.\n", 0, 0, 0);
return -1;
- }
+ }
PR_Lock(li->li_config_mutex);
priv->dblayer_home_directory = li->li_directory; /* nsslapd-directory */
priv->dblayer_cachesize = li->li_dbcachesize;
@@ -1513,6 +1515,7 @@ int dblayer_start(struct ldbminfo *li, int dbmode)
}
}
+ dblayer_free_env(&priv->dblayer_env);
priv->dblayer_env = pEnv;
open_flags = DB_CREATE | DB_INIT_MPOOL | DB_THREAD;
@@ -1583,6 +1586,7 @@ int dblayer_start(struct ldbminfo *li, int dbmode)
"ERROR -- Failed to create DBENV (returned: %d).\n",
return_value, 0, 0);
}
+ dblayer_free_env(&priv->dblayer_env);
priv->dblayer_env = pEnv;
}
@@ -1647,6 +1651,7 @@ int dblayer_start(struct ldbminfo *li, int dbmode)
"mmap in opening database environment (recovery mode) "
"failed trying to allocate %lu bytes. (OS err %d - %s)\n",
li->li_dbcachesize, return_value, dblayer_strerror(return_value));
+ dblayer_free_env(&priv->dblayer_env);
priv->dblayer_env = CATASTROPHIC;
} else {
LDAPDebug(LDAP_DEBUG_ANY, "Database Recovery Process FAILED. "
@@ -1667,6 +1672,7 @@ int dblayer_start(struct ldbminfo *li, int dbmode)
return_value, 0, 0);
return return_value;
}
+ dblayer_free_env(&priv->dblayer_env);
priv->dblayer_env = pEnv;
dblayer_set_data_dir(priv, pEnv, priv->dblayer_data_directories);
}
@@ -1738,6 +1744,7 @@ int dblayer_start(struct ldbminfo *li, int dbmode)
"mmap in opening database environment "
"failed trying to allocate %d bytes. (OS err %lu - %s)\n",
li->li_dbcachesize, return_value, dblayer_strerror(return_value));
+ dblayer_free_env(&priv->dblayer_env);
priv->dblayer_env = CATASTROPHIC;
} else {
LDAPDebug(LDAP_DEBUG_ANY,
@@ -2478,8 +2485,7 @@ int dblayer_instance_close(backend *be)
slapi_ch_free_string(&inst_dirp);
}
PR_DestroyRWLock(inst->import_env->dblayer_env_lock);
- PR_Free((void *)inst->import_env);
- inst->import_env = NULL;
+ slapi_ch_free((void **)&inst->import_env);
} else {
be->be_state = BE_STATE_STOPPED;
}
@@ -2570,14 +2576,11 @@ int dblayer_post_close(struct ldbminfo *li, int dbmode)
perfctrs_terminate(&priv->perf_private, priv->dblayer_env->dblayer_DB_ENV);
}
}
-
+
/* Now release the db environment */
pEnv = priv->dblayer_env;
return_value = pEnv->dblayer_DB_ENV->close(pEnv->dblayer_DB_ENV, 0);
- PR_DestroyRWLock(priv->dblayer_env->dblayer_env_lock);
- PR_Free((void *) priv->dblayer_env);
-
- priv->dblayer_env = NULL; /* pEnv is now garbage */
+ dblayer_free_env(&priv->dblayer_env); /* pEnv is now garbage */
#if 0 /* DBDB do NOT remove the environment: bad, bad idea */
if (return_value == 0) {
@@ -2613,6 +2616,14 @@ int dblayer_post_close(struct ldbminfo *li, int dbmode)
&& !priv->dblayer_bad_stuff_happened) {
commit_good_database(priv);
}
+ if (priv->dblayer_data_directories) {
+ /* dblayer_data_directories are set in dblayer_make_env via
+ * dblayer_start, which is paired with dblayer_close. */
+ /* no need to release dblayer_home_directory,
+ * which is one of dblayer_data_directories */
+ charray_free(priv->dblayer_data_directories);
+ priv->dblayer_data_directories = NULL;
+ }
return return_value;
}
@@ -4037,13 +4048,13 @@ static int commit_good_database(dblayer_private *priv)
int return_value = 0;
int num_bytes;
- PR_snprintf(filename,sizeof(filename), "%s/guardian",priv->dblayer_home_directory);
+ PR_snprintf(filename,sizeof(filename), "%s/guardian", priv->dblayer_home_directory);
prfd = PR_Open(filename, PR_RDWR | PR_CREATE_FILE | PR_TRUNCATE,
priv->dblayer_file_mode );
if (NULL == prfd)
{
- LDAPDebug( LDAP_DEBUG_ANY,"Fatal Error---Failed to write guardian file, database corruption possible" SLAPI_COMPONENT_NAME_NSPR " %d (%s)\n",
+ LDAPDebug( LDAP_DEBUG_ANY,"Fatal Error---Failed to write guardian file %s, database corruption possible" SLAPI_COMPONENT_NAME_NSPR " %d (%s)\n",
filename, PR_GetError(), slapd_pr_strerror(PR_GetError()) );
return -1;
}
@@ -5447,7 +5458,7 @@ int dblayer_restore(struct ldbminfo *li, char *src_dir, Slapi_Task *task, char *
PRDir *dirhandle = NULL;
PRDirEntry *direntry = NULL;
PRFileInfo info;
- ldbm_instance *inst;
+ ldbm_instance *inst = NULL;
int seen_logfiles = 0; /* Tells us if we restored any logfiles */
int is_a_logfile = 0;
int dbmode;
commit 544511c6b139641c1e5d222dee1155bbcb3e37b6
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 13:02:02 2010 -0800
Fixing a memory leak in repl5_protocol.c
Memory for the lock in Repl_Protocol was leaking.
Back porting a bug fix from the subtree rename change
(b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/servers/plugins/replication/repl5_protocol.c b/ldap/servers/plugins/replication/repl5_protocol.c
index 8fdf812..9d8cc16 100644
--- a/ldap/servers/plugins/replication/repl5_protocol.c
+++ b/ldap/servers/plugins/replication/repl5_protocol.c
@@ -202,6 +202,7 @@ prot_free(Repl_Protocol **rpp)
}
rp->prp_active_protocol = NULL;
PR_Unlock(rp->lock);
+ PR_DestroyLock(rp->lock);
slapi_ch_free((void **)rpp);
}
commit adee46c4a34b006c4fcf6bf5ed12f32c38275024
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Feb 8 12:52:44 2010 -0800
Fixing config_dir in DSUpdate.pm.in
The path of config_dir for each instance needs to end with the
instance dir. Back porting a bug fix from the subtree rename
change (b5e653a844af60596f9bc6b16349ee902ddb51f5).
diff --git a/ldap/admin/src/scripts/DSUpdate.pm.in b/ldap/admin/src/scripts/DSUpdate.pm.in
index 20bb40d..3792afe 100644
--- a/ldap/admin/src/scripts/DSUpdate.pm.in
+++ b/ldap/admin/src/scripts/DSUpdate.pm.in
@@ -449,7 +449,7 @@ sub initInfFromInst {
$inf->{slapd}->{bak_dir} = $entry->getValue('nsslapd-bakdir');
}
if (!$inf->{slapd}->{config_dir}) {
- $inf->{slapd}->{config_dir} = $configdir;
+ $inf->{slapd}->{config_dir} = $configdir."/".$inst;
}
if (!$inf->{slapd}->{inst_dir}) {
$inf->{slapd}->{inst_dir} = $entry->getValue('nsslapd-instancedir');
14 years, 2 months
Branch 'Directory_Server_8_2_Branch' - configure m4/pcre.m4
by Nathan Kinder
configure | 7 ++++++-
m4/pcre.m4 | 7 ++++++-
2 files changed, 12 insertions(+), 2 deletions(-)
New commits:
commit cddf04473664989af14c9e40404a5f4f5914ef80
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Tue Feb 9 12:21:34 2010 -0800
Improve search for pcre header file
Some platforms (RHEL4 for instance) put the pcre header file in
a pcre subdirectory under /usr/include. This patch makes configure
first search in /usr/include/pcre, then falls back to /usr/include.
diff --git a/configure b/configure
index cf7ff90..821b774 100755
--- a/configure
+++ b/configure
@@ -27060,7 +27060,12 @@ if test "${with_pcre+set}" = set; then
if test "$withval" = "yes"; then
echo "$as_me:$LINENO: result: yes" >&5
echo "${ECHO_T}yes" >&6
- if test -f "/usr/include/pcre.h"; then
+ if test -f "/usr/include/pcre/pcre.h"; then
+ pcre_incdir="/usr/include/pcre"
+ pcre_inc="-I/usr/include/pcre"
+ pcre_lib='-L$(libdir)'
+ pcre_libdir='$(libdir)'
+ elif test -f "/usr/include/pcre.h"; then
pcre_incdir="/usr/include"
pcre_inc="-I/usr/include"
pcre_lib='-L$(libdir)'
diff --git a/m4/pcre.m4 b/m4/pcre.m4
index 6096108..0c7569d 100644
--- a/m4/pcre.m4
+++ b/m4/pcre.m4
@@ -27,7 +27,12 @@ AC_ARG_WITH(pcre, [ --with-pcre=PATH Perl Compatible Regular Expression direc
if test "$withval" = "yes"; then
AC_MSG_RESULT(yes)
dnl - check in system locations
- if test -f "/usr/include/pcre.h"; then
+ if test -f "/usr/include/pcre/pcre.h"; then
+ pcre_incdir="/usr/include/pcre"
+ pcre_inc="-I/usr/include/pcre"
+ pcre_lib='-L$(libdir)'
+ pcre_libdir='$(libdir)'
+ elif test -f "/usr/include/pcre.h"; then
pcre_incdir="/usr/include"
pcre_inc="-I/usr/include"
pcre_lib='-L$(libdir)'
14 years, 2 months