Branch '389-ds-base-1.2.11' - ldap/servers
by Richard Allen Megginson
ldap/servers/slapd/back-ldbm/back-ldbm.h | 2 ++
ldap/servers/slapd/back-ldbm/cache.c | 8 ++++++++
ldap/servers/slapd/back-ldbm/id2entry.c | 2 ++
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 2 ++
4 files changed, 14 insertions(+)
New commits:
commit 85a99e924e16ddc69b8b2cca97550d66f4ea11e0
Author: Ludwig Krispenz <lkrispen(a)redhat.com>
Date: Tue Nov 5 16:58:44 2013 +0100
Ticket 47577 - crash when removing entries from cache
Bug Description: when the dn of an entry in the cache was adjusted to the parent dn, for soenm time
teh dn was not defined, anothe thread accessing the dn of teh chached entry could crash
Fix Description: hold the cache mutex when modifyingthe dn of an entry in the cache
https://fedorahosted.org/389/ticket/47577
Reviewed by: rmeggins
(cherry picked from commit 7272dbda7f43974eed003cbcfc0ddd57fe433687)
(cherry picked from commit 1056a6282f246a9c396b8052d726005fe8189512)
(cherry picked from commit 00b19f3b4af662341c72fa6cfd60b5e136f1428f)
(cherry picked from commit ecc210f3ca25528f5f718680409ded0021d5604c)
diff --git a/ldap/servers/slapd/back-ldbm/back-ldbm.h b/ldap/servers/slapd/back-ldbm/back-ldbm.h
index 9635813..7e5a261 100644
--- a/ldap/servers/slapd/back-ldbm/back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/back-ldbm.h
@@ -408,6 +408,8 @@ struct cache {
#define CACHE_ADD(cache, p, a) cache_add((cache), (void *)(p), (void **)(a))
#define CACHE_RETURN(cache, p) cache_return((cache), (void **)(p))
#define CACHE_REMOVE(cache, p) cache_remove((cache), (void *)(p))
+#define CACHE_LOCK(cache) cache_lock((cache))
+#define CACHE_UNLOCK(cache) cache_unlock((cache))
/* various modules keep private data inside the attrinfo structure */
typedef struct dblayer_private dblayer_private;
diff --git a/ldap/servers/slapd/back-ldbm/cache.c b/ldap/servers/slapd/back-ldbm/cache.c
index 1c81a1b..d97644f 100644
--- a/ldap/servers/slapd/back-ldbm/cache.c
+++ b/ldap/servers/slapd/back-ldbm/cache.c
@@ -1460,6 +1460,14 @@ int cache_add_tentative(struct cache *cache, struct backentry *e,
{
return entrycache_add_int(cache, e, ENTRY_STATE_CREATING, alt);
}
+void cache_lock(struct cache *cache)
+{
+ PR_Lock(cache->c_mutex);
+}
+void cache_unlock(struct cache *cache)
+{
+ PR_Unlock(cache->c_mutex);
+}
/* locks an entry so that it can be modified (you should have gotten the
* entry via cache_find_*).
diff --git a/ldap/servers/slapd/back-ldbm/id2entry.c b/ldap/servers/slapd/back-ldbm/id2entry.c
index e278a2a..ea4523d 100644
--- a/ldap/servers/slapd/back-ldbm/id2entry.c
+++ b/ldap/servers/slapd/back-ldbm/id2entry.c
@@ -167,10 +167,12 @@ id2entry_add_ext(backend *be, struct backentry *e, back_txn *txn,
if (myparentdn && PL_strcmp(parentdn, myparentdn)) {
Slapi_DN *sdn = slapi_entry_get_sdn(e->ep_entry);
char *newdn = NULL;
+ CACHE_LOCK(&inst->inst_cache);
slapi_sdn_done(sdn);
newdn = slapi_ch_smprintf("%s,%s", myrdn, parentdn);
slapi_sdn_init_dn_passin(sdn, newdn);
slapi_sdn_get_ndn(sdn); /* to set ndn */
+ CACHE_UNLOCK(&inst->inst_cache);
}
slapi_ch_free_string(&myparentdn);
}
diff --git a/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h b/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
index 060afe2..d7b88ed 100644
--- a/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
@@ -76,6 +76,8 @@ void cache_get_stats(struct cache *cache, PRUint64 *hits, PRUint64 *tries,
void cache_debug_hash(struct cache *cache, char **out);
int cache_remove(struct cache *cache, void *e);
void cache_return(struct cache *cache, void **bep);
+void cache_lock(struct cache *cache);
+void cache_unlock(struct cache *cache);
struct backentry *cache_find_dn(struct cache *cache, const char *dn, unsigned long ndnlen);
struct backentry *cache_find_id(struct cache *cache, ID id);
struct backentry *cache_find_uuid(struct cache *cache, const char *uuid);
10 years, 4 months
ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_agmt.c | 6 +++---
ldap/servers/plugins/replication/repl5_replica.c | 8 ++++++--
2 files changed, 9 insertions(+), 5 deletions(-)
New commits:
commit 8d398a555fc1632d678223e6547a5a4df4082775
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Nov 4 09:52:11 2013 -0500
Ticket 47368 - Fix coverity issues
CID 12376 (#1 of 1): Explicit null dereferenced (FORWARD_NULL)
CID 12377 (#1 of 1): Uninitialized pointer read (UNINIT)
https://fedorahosted.org/389/ticket/47368
Reviewed by: rmeggins(Thanks!)
diff --git a/ldap/servers/plugins/replication/repl5_agmt.c b/ldap/servers/plugins/replication/repl5_agmt.c
index e57c2f4..c78ee94 100644
--- a/ldap/servers/plugins/replication/repl5_agmt.c
+++ b/ldap/servers/plugins/replication/repl5_agmt.c
@@ -2929,14 +2929,14 @@ done:
/*
* Parse out the consumer replicaID from the agmt maxcsn
*
- * "repl area;agmt rdn;hostname;port;consumer rid;maxcsn"
+ * "repl area;agmt_rdn;hostname;port;consumer_rid;maxcsn"
*/
static ReplicaId
agmt_maxcsn_get_rid(char *maxcsn)
{
ReplicaId rid = 0;
char *token = NULL;
- char *iter;
+ char *iter = NULL;
char *value = slapi_ch_strdup(maxcsn);
token = ldap_utf8strtok_r(value, ";", &iter); /* repl area */
@@ -2945,7 +2945,7 @@ agmt_maxcsn_get_rid(char *maxcsn)
token = ldap_utf8strtok_r(iter, ";", &iter); /* port */
token = ldap_utf8strtok_r(iter, ";", &iter); /* rid */
- if(strcmp(token, "Unavailable")){
+ if(token && strcmp(token, "Unavailable")){
rid = atoi(token);
}
slapi_ch_free_string(&value);
diff --git a/ldap/servers/plugins/replication/repl5_replica.c b/ldap/servers/plugins/replication/repl5_replica.c
index d28b48c..ec5bf4d 100644
--- a/ldap/servers/plugins/replication/repl5_replica.c
+++ b/ldap/servers/plugins/replication/repl5_replica.c
@@ -3947,11 +3947,15 @@ replica_get_agmt_count(Replica *r)
void
replica_incr_agmt_count(Replica *r)
{
- r->agmt_count++;
+ if(r){
+ r->agmt_count++;
+ }
}
void
replica_decr_agmt_count(Replica *r)
{
- r->agmt_count--;
+ if(r){
+ r->agmt_count--;
+ }
}
10 years, 4 months
ldap/admin
by Noriko Hosoi
ldap/admin/src/scripts/bak2db.pl.in | 3 ++
ldap/admin/src/scripts/db2bak.pl.in | 43 ++++++++++++++++++++++++++++++++++--
2 files changed, 44 insertions(+), 2 deletions(-)
New commits:
commit 8db3a1ad07198ba548f653aa4acebe4324c16384
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Thu Oct 31 16:27:05 2013 -0700
Ticket #47555 - db2bak.pl issue when specifying non-default directory
Bug description: db2bak.pl takes an option "-a backupdir", which is
supposed to be generated by the server and used as a backup directory.
But since the created directory inherits the parent's selinux context,
it fails to store the backup files in the directory.
Fix description: As the reporter agaviola suggested, it should be a
good idea to add one more level to the archive directory.
$archivedir = "${archivedir}/ID-${yr}_${mn}_${dy}_${h}_${m}_${s}";
But to keep the backward compatibility, introducing a new option "-A
backupdir" and when "-A" is given, storing the backup files in the
nested backup directory. If the option is "-a backupdir", the backup
files are stored in the backupdir.
Respecting the selinux policy, the server and its utilities are not
supposed to create a file/directory where it is not allowed. This
patch creates a symlink from the back up location to the specified
path by a user. bak2db.pl follows the symlink and restore from the
back up directory.
https://fedorahosted.org/389/ticket/47555
Reviewed by rmeggins (Thank you, Rich!!)
diff --git a/ldap/admin/src/scripts/bak2db.pl.in b/ldap/admin/src/scripts/bak2db.pl.in
index 7e76838..f442493 100644
--- a/ldap/admin/src/scripts/bak2db.pl.in
+++ b/ldap/admin/src/scripts/bak2db.pl.in
@@ -112,6 +112,9 @@ if ($archivedir eq ""){
&usage;
exit(1);
}
+if ((-e $archivedir) && (-l $archivedir)) { # symlink
+ $archivedir = readlink($archivedir);
+}
#
# Contruct the task entry
diff --git a/ldap/admin/src/scripts/db2bak.pl.in b/ldap/admin/src/scripts/db2bak.pl.in
index aee8486..2ba056d 100644
--- a/ldap/admin/src/scripts/db2bak.pl.in
+++ b/ldap/admin/src/scripts/db2bak.pl.in
@@ -40,6 +40,7 @@
#
use lib qw(@perlpath@);
+use File::Basename;
use DSUtil;
DSUtil::libpath_add("@nss_libdir@");
@@ -61,6 +62,7 @@ sub usage {
print(STDERR " -w - - Prompt for Directory Manager's password\n");
print(STDERR " -Z serverID - Server instance identifier\n");
print(STDERR " -j filename - Read Directory Manager's password from file\n");
+ print(STDERR " -A backupdir - Backup directory (backupdir/ID-<date_time>)\n");
print(STDERR " -a backupdir - Backup directory\n");
print(STDERR " -t dbtype - Database type (default: ldbm database)\n");
print(STDERR " -P protocol - STARTTLS, LDAPS, LDAPI, LDAP (default: uses most secure protocol available)\n");
@@ -68,9 +70,13 @@ sub usage {
print(STDERR " -h - Display usage\n");
}
+$nestit = 0;
while ($i <= $#ARGV) {
if ("$ARGV[$i]" eq "-a") { # backup directory
$i++; $archivedir = $ARGV[$i];
+ } elsif ("$ARGV[$i]" eq "-A") { # backup directory
+ $nestit = 1;
+ $i++; $archivedir = $ARGV[$i];
} elsif ("$ARGV[$i]" eq "-D") { # Directory Manager
$i++; $rootdn = $ARGV[$i];
} elsif ("$ARGV[$i]" eq "-w") { # Directory Manager's password
@@ -114,9 +120,32 @@ $mybakdir = "@localstatedir@/lib/@PACKAGE_NAME@/slapd-$servid/bak";
($s, $m, $h, $dy, $mn, $yr, $wdy, $ydy, $r) = localtime(time);
$mn++; $yr += 1900;
$taskname = "backup_${yr}_${mn}_${dy}_${h}_${m}_${s}";
+$symname = "";
+$dirname = "";
if ($archivedir eq "") {
$archivedir = "${mybakdir}/$servid-${yr}_${mn}_${dy}_${h}_${m}_${s}";
+ print("Back up directory: $archivedir\n");
+} else {
+ if ($nestit == 1) {
+ $archivebase = "${servid}-${yr}_${mn}_${dy}_${h}_${m}_${s}";
+ $dirname = "${archivedir}";
+ $archivedir = "${dirname}/${archivebase}";
+ } else {
+ my @archivedirs = split(/\//, $archivedir);
+ $archivebase = $archivedirs[-1];
+ $dirname = dirname(${archivedir});
+ }
+ if ($mybakdir =~ /^$dirname/) { # $mybakdir is parent; no symlink needed
+ $symname = "";
+ } else {
+ $symname = $archivedir;
+ }
+ print("Back up directory: $archivedir\n");
+ # If an archive dir is specified, create it as a symlink pointing
+ # to the default backup dir not to violate the selinux policy.
+ $archivedir = "${mybakdir}/${archivebase}";
}
+
$dn = "dn: cn=$taskname, cn=backup, cn=tasks, cn=config\n";
$misc = "objectclass: top\nobjectclass: extensibleObject\n";
$cn = "cn: $taskname\n";
@@ -124,14 +153,24 @@ $nsarchivedir = "nsArchiveDir: $archivedir\n";
$nsdbtype = "nsDatabaseType: $dbtype\n";
$entry = "${dn}${misc}${cn}${nsarchivedir}${nsdbtype}";
-print("Back up directory: $archivedir\n");
-
$rc = DSUtil::ldapmod($entry, %info);
$dn =~ s/^dn: //;
$dn =~ s/\n//;
if($rc == 0){
print "Successfully added task entry \"$dn\"\n";
+ if (($symname ne "") && ($dirname ne "")) {
+ if (!(-d $dirname)) {
+ mkdir ($dirname);
+ }
+ if (-e $symname) {
+ unlink ($symname);
+ }
+ if (!symlink($archivedir, $symname)) {
+ print "Failed to create a symlink from $archivedir to $symname\n";
+ exit(1);
+ }
+ }
} else {
print "Failed to add task entry \"$dn\" error ($rc)\n";
}
10 years, 5 months