Branch '389-ds-base-1.3.1' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_agmtlist.c | 32 ++++++++--------
ldap/servers/plugins/replication/repl5_replica_config.c | 12 ++++--
2 files changed, 25 insertions(+), 19 deletions(-)
New commits:
commit 1bbb27b522dd8eb36f09f47c144fd65511c132b5
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Dec 13 11:43:47 2013 -0500
Ticket 47620 - Config value validation improvement
Bug Description: When setting the replication protocol timeout, it is possible
to set a negative number(it should be rejected), and when
setting the timeout for an agreement using letters, we get an
invalid syntax error, but it should really be an error 53 to
be consistent with how the invalid timeout error that is given
when updating the replica entry.
Fix Description: In the agmt modify code, we did not have the actual modify value
during the validation. This allowed the value to be added, which
was later caught for the invalid syntax. Then improved the overall
logic to the validation to also catch the negative numbers.
https://fedorahosted.org/389/ticket/47620
Reviewed by: rmeggins(Thanks!)
(cherry picked from commit 8a4bbc7c74a6847d75e4d6e9e0b16859a5da8ec0)
diff --git a/ldap/servers/plugins/replication/repl5_agmtlist.c b/ldap/servers/plugins/replication/repl5_agmtlist.c
index 04891b7..bd14202 100644
--- a/ldap/servers/plugins/replication/repl5_agmtlist.c
+++ b/ldap/servers/plugins/replication/repl5_agmtlist.c
@@ -245,6 +245,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
for (i = 0; NULL != mods && NULL != mods[i]; i++)
{
slapi_ch_free_string(&val);
+ val = slapi_berval_get_string_copy (mods[i]->mod_bvalues[0]);
if (slapi_attr_types_equivalent(mods[i]->mod_type, type_nsds5ReplicaInitialize))
{
/* we don't allow delete attribute operations unless it was issued by
@@ -268,10 +269,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
}
else
{
- if (mods[i]->mod_bvalues && mods[i]->mod_bvalues[0])
- val = slapi_berval_get_string_copy (mods[i]->mod_bvalues[0]);
- else
- {
+ if(val == NULL){
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"no value provided for %s attribute\n", type_nsds5ReplicaInitialize);
*returncode = LDAP_UNWILLING_TO_PERFORM;
@@ -515,19 +513,23 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type, type_replicaProtocolTimeout)){
- if (val){
- long ptimeout = atol(val);
+ long ptimeout = 0;
- if(ptimeout <= 0){
- *returncode = LDAP_UNWILLING_TO_PERFORM;
- slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "attribute %s value (%s) is invalid, "
- "must be a number greater than zero.\n",
- type_replicaProtocolTimeout, val);
- rc = SLAPI_DSE_CALLBACK_ERROR;
- break;
- }
- agmt_set_protocol_timeout(agmt, ptimeout);
+ if (val){
+ ptimeout = atol(val);
+ }
+ if(ptimeout <= 0){
+ *returncode = LDAP_UNWILLING_TO_PERFORM;
+ PR_snprintf (returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "attribute %s value (%s) is invalid, must be a number greater than zero.\n",
+ type_replicaProtocolTimeout, val ? val : "");
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "attribute %s value (%s) is invalid, "
+ "must be a number greater than zero.\n",
+ type_replicaProtocolTimeout, val ? val : "");
+ rc = SLAPI_DSE_CALLBACK_ERROR;
+ break;
}
+ agmt_set_protocol_timeout(agmt, ptimeout);
}
else if (0 == windows_handle_modify_agreement(agmt, mods[i]->mod_type, e))
{
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index 380ea4e..563ced3 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -497,17 +497,21 @@ replica_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry*
else if (strcasecmp (config_attr, type_replicaProtocolTimeout) == 0 ){
if (apply_mods && config_attr_value && config_attr_value[0])
{
- long ptimeout = atol(config_attr_value);
+ long ptimeout = 0;
+
+ if(config_attr_value){
+ ptimeout = atol(config_attr_value);
+ }
if(ptimeout <= 0){
*returncode = LDAP_UNWILLING_TO_PERFORM;
PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE,
"attribute %s value (%s) is invalid, must be a number greater than zero.\n",
- config_attr, config_attr_value);
+ config_attr, config_attr_value ? config_attr_value : "");
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "replica_config_modify: %s\n", errortext);
- } else {
- replica_set_protocol_timeout(r, ptimeout);
+ break;
}
+ replica_set_protocol_timeout(r, ptimeout);
}
}
else
10 years, 4 months
Branch '389-ds-base-1.3.2' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_agmtlist.c | 32 ++++++++--------
ldap/servers/plugins/replication/repl5_replica_config.c | 12 ++++--
2 files changed, 25 insertions(+), 19 deletions(-)
New commits:
commit 3f28f454a1f6e46883138e362e3b4402fc76e6dc
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Dec 13 11:43:47 2013 -0500
Ticket 47620 - Config value validation improvement
Bug Description: When setting the replication protocol timeout, it is possible
to set a negative number(it should be rejected), and when
setting the timeout for an agreement using letters, we get an
invalid syntax error, but it should really be an error 53 to
be consistent with how the invalid timeout error that is given
when updating the replica entry.
Fix Description: In the agmt modify code, we did not have the actual modify value
during the validation. This allowed the value to be added, which
was later caught for the invalid syntax. Then improved the overall
logic to the validation to also catch the negative numbers.
https://fedorahosted.org/389/ticket/47620
Reviewed by: rmeggins(Thanks!)
(cherry picked from commit 8a4bbc7c74a6847d75e4d6e9e0b16859a5da8ec0)
diff --git a/ldap/servers/plugins/replication/repl5_agmtlist.c b/ldap/servers/plugins/replication/repl5_agmtlist.c
index 6c6b977..6b33607 100644
--- a/ldap/servers/plugins/replication/repl5_agmtlist.c
+++ b/ldap/servers/plugins/replication/repl5_agmtlist.c
@@ -245,6 +245,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
for (i = 0; NULL != mods && NULL != mods[i]; i++)
{
slapi_ch_free_string(&val);
+ val = slapi_berval_get_string_copy (mods[i]->mod_bvalues[0]);
if (slapi_attr_types_equivalent(mods[i]->mod_type, type_nsds5ReplicaInitialize))
{
/* we don't allow delete attribute operations unless it was issued by
@@ -268,10 +269,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
}
else
{
- if (mods[i]->mod_bvalues && mods[i]->mod_bvalues[0])
- val = slapi_berval_get_string_copy (mods[i]->mod_bvalues[0]);
- else
- {
+ if(val == NULL){
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"no value provided for %s attribute\n", type_nsds5ReplicaInitialize);
*returncode = LDAP_UNWILLING_TO_PERFORM;
@@ -518,19 +516,23 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type, type_replicaProtocolTimeout)){
- if (val){
- long ptimeout = atol(val);
+ long ptimeout = 0;
- if(ptimeout <= 0){
- *returncode = LDAP_UNWILLING_TO_PERFORM;
- slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "attribute %s value (%s) is invalid, "
- "must be a number greater than zero.\n",
- type_replicaProtocolTimeout, val);
- rc = SLAPI_DSE_CALLBACK_ERROR;
- break;
- }
- agmt_set_protocol_timeout(agmt, ptimeout);
+ if (val){
+ ptimeout = atol(val);
+ }
+ if(ptimeout <= 0){
+ *returncode = LDAP_UNWILLING_TO_PERFORM;
+ PR_snprintf (returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "attribute %s value (%s) is invalid, must be a number greater than zero.\n",
+ type_replicaProtocolTimeout, val ? val : "");
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "attribute %s value (%s) is invalid, "
+ "must be a number greater than zero.\n",
+ type_replicaProtocolTimeout, val ? val : "");
+ rc = SLAPI_DSE_CALLBACK_ERROR;
+ break;
}
+ agmt_set_protocol_timeout(agmt, ptimeout);
}
else if (0 == windows_handle_modify_agreement(agmt, mods[i]->mod_type, e))
{
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index 42cf8f6..7ba6eaa 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -498,17 +498,21 @@ replica_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry*
else if (strcasecmp (config_attr, type_replicaProtocolTimeout) == 0 ){
if (apply_mods && config_attr_value && config_attr_value[0])
{
- long ptimeout = atol(config_attr_value);
+ long ptimeout = 0;
+
+ if(config_attr_value){
+ ptimeout = atol(config_attr_value);
+ }
if(ptimeout <= 0){
*returncode = LDAP_UNWILLING_TO_PERFORM;
PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE,
"attribute %s value (%s) is invalid, must be a number greater than zero.\n",
- config_attr, config_attr_value);
+ config_attr, config_attr_value ? config_attr_value : "");
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "replica_config_modify: %s\n", errortext);
- } else {
- replica_set_protocol_timeout(r, ptimeout);
+ break;
}
+ replica_set_protocol_timeout(r, ptimeout);
}
}
else
10 years, 4 months
ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_agmtlist.c | 32 ++++++++--------
ldap/servers/plugins/replication/repl5_replica_config.c | 12 ++++--
2 files changed, 25 insertions(+), 19 deletions(-)
New commits:
commit 8a4bbc7c74a6847d75e4d6e9e0b16859a5da8ec0
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Dec 13 11:43:47 2013 -0500
Ticket 47620 - Config value validation improvement
Bug Description: When setting the replication protocol timeout, it is possible
to set a negative number(it should be rejected), and when
setting the timeout for an agreement using letters, we get an
invalid syntax error, but it should really be an error 53 to
be consistent with how the invalid timeout error that is given
when updating the replica entry.
Fix Description: In the agmt modify code, we did not have the actual modify value
during the validation. This allowed the value to be added, which
was later caught for the invalid syntax. Then improved the overall
logic to the validation to also catch the negative numbers.
https://fedorahosted.org/389/ticket/47620
Reviewed by: rmeggins(Thanks!)
diff --git a/ldap/servers/plugins/replication/repl5_agmtlist.c b/ldap/servers/plugins/replication/repl5_agmtlist.c
index f9b844b..7d1c651 100644
--- a/ldap/servers/plugins/replication/repl5_agmtlist.c
+++ b/ldap/servers/plugins/replication/repl5_agmtlist.c
@@ -245,6 +245,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
for (i = 0; NULL != mods && NULL != mods[i]; i++)
{
slapi_ch_free_string(&val);
+ val = slapi_berval_get_string_copy (mods[i]->mod_bvalues[0]);
if (slapi_attr_types_equivalent(mods[i]->mod_type, type_nsds5ReplicaInitialize))
{
/* we don't allow delete attribute operations unless it was issued by
@@ -268,10 +269,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
}
else
{
- if (mods[i]->mod_bvalues && mods[i]->mod_bvalues[0])
- val = slapi_berval_get_string_copy (mods[i]->mod_bvalues[0]);
- else
- {
+ if(val == NULL){
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
"no value provided for %s attribute\n", type_nsds5ReplicaInitialize);
*returncode = LDAP_UNWILLING_TO_PERFORM;
@@ -524,19 +522,23 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
}
}
else if (slapi_attr_types_equivalent(mods[i]->mod_type, type_replicaProtocolTimeout)){
- if (val){
- long ptimeout = atol(val);
+ long ptimeout = 0;
- if(ptimeout <= 0){
- *returncode = LDAP_UNWILLING_TO_PERFORM;
- slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "attribute %s value (%s) is invalid, "
- "must be a number greater than zero.\n",
- type_replicaProtocolTimeout, val);
- rc = SLAPI_DSE_CALLBACK_ERROR;
- break;
- }
- agmt_set_protocol_timeout(agmt, ptimeout);
+ if (val){
+ ptimeout = atol(val);
+ }
+ if(ptimeout <= 0){
+ *returncode = LDAP_UNWILLING_TO_PERFORM;
+ PR_snprintf (returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "attribute %s value (%s) is invalid, must be a number greater than zero.\n",
+ type_replicaProtocolTimeout, val ? val : "");
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "attribute %s value (%s) is invalid, "
+ "must be a number greater than zero.\n",
+ type_replicaProtocolTimeout, val ? val : "");
+ rc = SLAPI_DSE_CALLBACK_ERROR;
+ break;
}
+ agmt_set_protocol_timeout(agmt, ptimeout);
}
else if (0 == windows_handle_modify_agreement(agmt, mods[i]->mod_type, e))
{
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index 4a3f29f..9abbbac 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -498,17 +498,21 @@ replica_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entry*
else if (strcasecmp (config_attr, type_replicaProtocolTimeout) == 0 ){
if (apply_mods && config_attr_value && config_attr_value[0])
{
- long ptimeout = atol(config_attr_value);
+ long ptimeout = 0;
+
+ if(config_attr_value){
+ ptimeout = atol(config_attr_value);
+ }
if(ptimeout <= 0){
*returncode = LDAP_UNWILLING_TO_PERFORM;
PR_snprintf (errortext, SLAPI_DSE_RETURNTEXT_SIZE,
"attribute %s value (%s) is invalid, must be a number greater than zero.\n",
- config_attr, config_attr_value);
+ config_attr, config_attr_value ? config_attr_value : "");
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "replica_config_modify: %s\n", errortext);
- } else {
- replica_set_protocol_timeout(r, ptimeout);
+ break;
}
+ replica_set_protocol_timeout(r, ptimeout);
}
}
else
10 years, 4 months
ldap/servers
by Mark Reynolds
ldap/servers/plugins/referint/referint.c | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
New commits:
commit 614b7bb50480e3edee881e544a6c0305d20b78a9
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Dec 13 10:14:41 2013 -0500
Ticket 47603 - should not modify pre op entry during config validation
Description: Modifying the preop entry directly can cause crashing in some cases.
Make a copy of the preop entry when appling the mods for config validation.
https://fedorahosted.org/389/ticket/47603
Reviewed by: rmeggins(Thanks!)
diff --git a/ldap/servers/plugins/referint/referint.c b/ldap/servers/plugins/referint/referint.c
index 013ffa3..6576c88 100644
--- a/ldap/servers/plugins/referint/referint.c
+++ b/ldap/servers/plugins/referint/referint.c
@@ -1669,6 +1669,7 @@ referint_validate_config(Slapi_PBlock *pb)
{
Slapi_Entry *config_e = NULL, *e = NULL;
Slapi_Entry *pre_entry = NULL;
+ Slapi_Entry *resulting_entry = NULL;
Slapi_DN *config_sdn = NULL;
Slapi_DN *sdn = NULL;
Slapi_Mods *smods = NULL;
@@ -1687,14 +1688,17 @@ referint_validate_config(Slapi_PBlock *pb)
slapi_pblock_get(pb, SLAPI_MODIFY_MODS, &mods);
smods = slapi_mods_new();
slapi_mods_init_byref(smods, mods);
-
- /* Apply the mods to create the resulting entry. */
- if (mods && (slapi_entry_apply_mods(pre_entry, mods) != LDAP_SUCCESS)) {
+ /*
+ * Create a copy of the entry and apply the
+ * mods to create the resulting entry.
+ */
+ resulting_entry = slapi_entry_dup(pre_entry);
+ if (mods && (slapi_entry_apply_mods(resulting_entry, mods) != LDAP_SUCCESS)) {
/* we don't care about this, the update is invalid and will be caught later */
goto bail;
}
- if ( SLAPI_PLUGIN_FAILURE == load_config(pb, pre_entry, 0)) {
+ if ( SLAPI_PLUGIN_FAILURE == load_config(pb, resulting_entry, 0)) {
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM, "referint_validate_config: "
"configuration validation failed.\n");
rc = LDAP_UNWILLING_TO_PERFORM;
@@ -1709,12 +1713,13 @@ referint_validate_config(Slapi_PBlock *pb)
slapi_mods_init_byref(smods, mods);
/* Apply the mods to create the resulting entry. */
- if (mods && (slapi_entry_apply_mods(pre_entry, mods) != LDAP_SUCCESS)) {
+ resulting_entry = slapi_entry_dup(pre_entry);
+ if (mods && (slapi_entry_apply_mods(resulting_entry, mods) != LDAP_SUCCESS)) {
/* we don't care about this, the update is invalid and will be caught later */
goto bail;
}
- if((config_area = slapi_entry_attr_get_charptr(pre_entry, SLAPI_PLUGIN_SHARED_CONFIG_AREA))){
+ if((config_area = slapi_entry_attr_get_charptr(resulting_entry, SLAPI_PLUGIN_SHARED_CONFIG_AREA))){
rc = slapi_dn_syntax_check(pb, config_area, 1);
if (rc) { /* syntax check failed */
slapi_log_error( SLAPI_LOG_FATAL, REFERINT_PLUGIN_SUBSYSTEM, "referint_validate_config: "
@@ -1743,7 +1748,7 @@ referint_validate_config(Slapi_PBlock *pb)
}
}
} else {
- config_e = pre_entry;
+ config_e = resulting_entry;
}
if(load_config(pb, config_e, 0) != LDAP_SUCCESS){
rc = LDAP_UNWILLING_TO_PERFORM;
@@ -1754,6 +1759,7 @@ referint_validate_config(Slapi_PBlock *pb)
bail:
slapi_entry_free(e);
+ slapi_entry_free(resulting_entry);
slapi_sdn_free(&config_sdn);
slapi_ch_free_string(&config_area);
slapi_mods_free(&smods);
10 years, 4 months
dirsrvtests/tickets
by thierry bordaz
dirsrvtests/tickets/constants.py | 37 +++++-----
dirsrvtests/tickets/finalizer.py | 37 ++--------
dirsrvtests/tickets/ticket47490_test.py | 117 ++++++++++++++++----------------
dirsrvtests/tickets/ticket47560_test.py | 78 +++++++++------------
4 files changed, 127 insertions(+), 142 deletions(-)
New commits:
commit 226bad930f2f91e2e487001f1f4e3b0e9531de1d
Author: Thierry bordaz (tbordaz) <tbordaz(a)redhat.com>
Date: Thu Dec 12 17:45:24 2013 +0100
Ticket 47628: port testcases to new DirSrv interface
Bug Description:
After ticket https://fedorahosted.org/389/ticket/47625, the DirSrv interface changed.
The test cases needs to be ported to this new interface
Fix Description:
https://fedorahosted.org/389/ticket/47628
Reviewed by: Rich Megginson (thanks Rich)
Platforms tested: F17
Flag Day: no
Doc impact: no
diff --git a/dirsrvtests/tickets/constants.py b/dirsrvtests/tickets/constants.py
index 44b9b3a..f4fe8fc 100644
--- a/dirsrvtests/tickets/constants.py
+++ b/dirsrvtests/tickets/constants.py
@@ -5,11 +5,13 @@ Created on Oct 31, 2013
'''
import os
from lib389 import DN_DM
+from lib389._constants import *
+from lib389.properties import *
-LOCALHOST = "localhost.localdomain"
SUFFIX = 'dc=example,dc=com'
PASSWORD = 'password'
+
# Used for standalone topology
HOST_STANDALONE = LOCALHOST
PORT_STANDALONE = 33389
@@ -45,22 +47,23 @@ PORT_CONSUMER_2 = 55389
SERVERID_CONSUMER_2 = 'consumer_2'
# Each defined instance above must be added in that list
-ALL_INSTANCES = [ {'host': HOST_STANDALONE, 'port': PORT_STANDALONE, 'serverid': SERVERID_STANDALONE},
- {'host': HOST_MASTER, 'port': PORT_MASTER, 'serverid': SERVERID_MASTER},
- {'host': HOST_CONSUMER, 'port': PORT_CONSUMER, 'serverid': SERVERID_CONSUMER},
- {'host': HOST_MASTER_1, 'port': PORT_MASTER_1, 'serverid': SERVERID_MASTER_1},
- {'host': HOST_MASTER_2, 'port': PORT_MASTER_2, 'serverid': SERVERID_MASTER_2},
- {'host': HOST_CONSUMER_1, 'port': PORT_CONSUMER_1, 'serverid': SERVERID_CONSUMER_1},
- {'host': HOST_CONSUMER_2, 'port': PORT_CONSUMER_2, 'serverid': SERVERID_CONSUMER_2},
+ALL_INSTANCES = [ {SER_HOST: HOST_STANDALONE, SER_PORT: PORT_STANDALONE, SER_SERVERID_PROP: SERVERID_STANDALONE},
+ {SER_HOST: HOST_MASTER, SER_PORT: PORT_MASTER, SER_SERVERID_PROP: SERVERID_MASTER},
+ {SER_HOST: HOST_CONSUMER, SER_PORT: PORT_CONSUMER, SER_SERVERID_PROP: SERVERID_CONSUMER},
+ {SER_HOST: HOST_MASTER_1, SER_PORT: PORT_MASTER_1, SER_SERVERID_PROP: SERVERID_MASTER_1},
+ {SER_HOST: HOST_MASTER_2, SER_PORT: PORT_MASTER_2, SER_SERVERID_PROP: SERVERID_MASTER_2},
+ {SER_HOST: HOST_CONSUMER_1, SER_PORT: PORT_CONSUMER_1, SER_SERVERID_PROP: SERVERID_CONSUMER_1},
+ {SER_HOST: HOST_CONSUMER_2, SER_PORT: PORT_CONSUMER_2, SER_SERVERID_PROP: SERVERID_CONSUMER_2},
]
# This is a template
args_instance = {
- 'prefix': os.environ.get('PREFIX', None),
- 'backupdir': os.environ.get('BACKUPDIR', "/tmp"),
- 'newrootdn': DN_DM,
- 'newrootpw': PASSWORD,
- 'newhost': LOCALHOST,
- 'newport': 389,
- 'newinstance': "template",
- 'newsuffix': SUFFIX,
- 'no_admin': True}
+ SER_DEPLOYED_DIR: os.environ.get('PREFIX', None),
+ SER_BACKUP_INST_DIR: os.environ.get('BACKUPDIR', DEFAULT_BACKUPDIR),
+ SER_ROOT_DN: DN_DM,
+ SER_ROOT_PW: PASSWORD,
+ SER_HOST: LOCALHOST,
+ SER_PORT: DEFAULT_PORT,
+ SER_SERVERID_PROP: "template",
+ SER_CREATION_SUFFIX: DEFAULT_SUFFIX}
+
+
diff --git a/dirsrvtests/tickets/finalizer.py b/dirsrvtests/tickets/finalizer.py
index 23356dd..72e0c0f 100644
--- a/dirsrvtests/tickets/finalizer.py
+++ b/dirsrvtests/tickets/finalizer.py
@@ -15,46 +15,27 @@ import pytest
from lib389 import DirSrv, Entry, tools
from lib389.tools import DirSrvTools
from lib389._constants import DN_DM
+from lib389.properties import *
from constants import *
log = logging.getLogger(__name__)
global installation_prefix
-
-
-def _remove_instance(args):
-
- # check the instance parameters
- args_instance['newhost'] = args.get('host', None)
- if not args_instance['newhost']:
- raise ValueError("host not defined")
-
- args_instance['newport'] = args.get('port', None)
- if not args_instance['newport']:
- raise ValueError("port not defined")
-
- args_instance['newinstance'] = args.get('serverid', None)
- if not args_instance['newinstance']:
- raise ValueError("serverid not defined")
-
- args_instance['prefix'] = args.get('prefix', None)
-
- # Get the status of the instance and remove it if it exists
- instance = DirSrvTools.existsInstance(args_instance)
- if instance:
- log.debug("_remove_instance %s %s:%d" % (instance.serverId, instance.host, instance.port))
- DirSrvTools.removeInstance(instance)
-
+installation_prefix=os.getenv('PREFIX')
def test_finalizer():
global installation_prefix
# for each defined instance, remove it
- for instance in ALL_INSTANCES:
+ for args_instance in ALL_INSTANCES:
if installation_prefix:
# overwrite the environment setting
- instance['prefix'] = installation_prefix
- _remove_instance(instance)
+ args_instance[SER_DEPLOYED_DIR] = installation_prefix
+
+ instance = DirSrv(verbose=True)
+ instance.allocate(args_instance)
+ if instance.exists():
+ instance.delete()
def run_isolated():
'''
diff --git a/dirsrvtests/tickets/ticket47490_test.py b/dirsrvtests/tickets/ticket47490_test.py
index 4fa8ffd..48254b4 100644
--- a/dirsrvtests/tickets/ticket47490_test.py
+++ b/dirsrvtests/tickets/ticket47490_test.py
@@ -16,6 +16,7 @@ import re
from lib389 import DirSrv, Entry, tools
from lib389.tools import DirSrvTools
from lib389._constants import *
+from lib389.properties import *
from constants import *
logging.getLogger(__name__).setLevel(logging.DEBUG)
@@ -30,27 +31,14 @@ MUST_NEW = "(postalAddress $ preferredLocale $ telexNumber)"
MAY_OLD = "(postalCode $ street)"
MAY_NEW = "(postalCode $ street $ postOfficeBox)"
-def _ds_create_instance(args):
- # create the standalone instance
- return tools.DirSrvTools.createInstance(args, verbose=False)
-
-def _ds_rebind_instance(dirsrv):
- args_instance['prefix'] = dirsrv.prefix
- args_instance['backupdir'] = dirsrv.backupdir
- args_instance['newrootdn'] = dirsrv.binddn
- args_instance['newrootpw'] = dirsrv.bindpw
- args_instance['newhost'] = dirsrv.host
- args_instance['newport'] = dirsrv.port
- args_instance['newinstance'] = dirsrv.serverId
- args_instance['newsuffix'] = SUFFIX
- args_instance['no_admin'] = True
-
- return tools.DirSrvTools.createInstance(args_instance)
class TopologyMasterConsumer(object):
def __init__(self, master, consumer):
- self.master = _ds_rebind_instance(master)
- self.consumer = _ds_rebind_instance(consumer)
+ master.open()
+ self.master = master
+
+ consumer.open()
+ self.consumer = consumer
def pattern_errorlog(file, log_pattern):
try:
@@ -155,51 +143,63 @@ def topology(request):
global installation_prefix
if installation_prefix:
- args_instance['prefix'] = installation_prefix
+ args_instance[SER_DEPLOYED_DIR] = installation_prefix
+
+ master = DirSrv(verbose=False)
+ consumer = DirSrv(verbose=False)
# Args for the master instance
- args_instance['newhost'] = HOST_MASTER
- args_instance['newport'] = PORT_MASTER
- args_instance['newinstance'] = SERVERID_MASTER
+ args_instance[SER_HOST] = HOST_MASTER
+ args_instance[SER_PORT] = PORT_MASTER
+ args_instance[SER_SERVERID_PROP] = SERVERID_MASTER
args_master = args_instance.copy()
+ master.allocate(args_master)
# Args for the consumer instance
- args_instance['newhost'] = HOST_CONSUMER
- args_instance['newport'] = PORT_CONSUMER
- args_instance['newinstance'] = SERVERID_CONSUMER
+ args_instance[SER_HOST] = HOST_CONSUMER
+ args_instance[SER_PORT] = PORT_CONSUMER
+ args_instance[SER_SERVERID_PROP] = SERVERID_CONSUMER
args_consumer = args_instance.copy()
+ consumer.allocate(args_consumer)
# Get the status of the backups
- backup_master = DirSrvTools.existsBackup(args_master)
- backup_consumer = DirSrvTools.existsBackup(args_consumer)
+ backup_master = master.checkBackupFS()
+ backup_consumer = consumer.checkBackupFS()
# Get the status of the instance and restart it if it exists
- instance_master = DirSrvTools.existsInstance(args_master)
+ instance_master = master.exists()
if instance_master:
- DirSrvTools.stop(instance_master, timeout=10)
- DirSrvTools.start(instance_master, timeout=10)
+ master.stop(timeout=10)
+ master.start(timeout=10)
- instance_consumer = DirSrvTools.existsInstance(args_consumer)
+ instance_consumer = consumer.exists()
if instance_consumer:
- DirSrvTools.stop(instance_consumer, timeout=10)
- DirSrvTools.start(instance_consumer, timeout=10)
+ consumer.stop(timeout=10)
+ consumer.start(timeout=10)
if backup_master and backup_consumer:
# The backups exist, assuming they are correct
# we just re-init the instances with them
- master = _ds_create_instance(args_master)
- consumer = _ds_create_instance(args_consumer)
+ if not instance_master:
+ master.create()
+ # Used to retrieve configuration information (dbdir, confdir...)
+ master.open()
+
+ if not instance_consumer:
+ consumer.create()
+ # Used to retrieve configuration information (dbdir, confdir...)
+ consumer.open()
# restore master from backup
- DirSrvTools.stop(master, timeout=10)
- DirSrvTools.instanceRestoreFS(master, backup_master)
- DirSrvTools.start(master, timeout=10)
+ master.stop(timeout=10)
+ master.restoreFS(backup_master)
+ master.start(timeout=10)
# restore consumer from backup
- DirSrvTools.stop(consumer, timeout=10)
- DirSrvTools.instanceRestoreFS(consumer, backup_consumer)
- DirSrvTools.start(consumer, timeout=10)
+ consumer.stop(timeout=10)
+ consumer.restoreFS(backup_consumer)
+ consumer.start(timeout=10)
else:
# We should be here only in two conditions
# - This is the first time a test involve master-consumer
@@ -210,19 +210,21 @@ def topology(request):
# Remove all the backups. So even if we have a specific backup file
# (e.g backup_master) we clear all backups that an instance my have created
if backup_master:
- DirSrvTools.clearInstanceBackupFS(dirsrv=instance_master)
+ master.clearBackupFS()
if backup_consumer:
- DirSrvTools.clearInstanceBackupFS(dirsrv=instance_consumer)
+ consumer.clearBackupFS()
# Remove all the instances
if instance_master:
- DirSrvTools.removeInstance(instance_master)
+ master.delete()
if instance_consumer:
- DirSrvTools.removeInstance(instance_consumer)
-
- # Create the instance
- master = _ds_create_instance(args_master)
- consumer = _ds_create_instance(args_consumer)
+ consumer.delete()
+
+ # Create the instances
+ master.create()
+ master.open()
+ consumer.create()
+ consumer.open()
#
# Now prepare the Master-Consumer topology
@@ -258,13 +260,13 @@ def topology(request):
loop += 1
# Time to create the backups
- DirSrvTools.stop(master, timeout=10)
- master.backupfile = DirSrvTools.instanceBackupFS(master)
- DirSrvTools.start(master, timeout=10)
+ master.stop(timeout=10)
+ master.backupfile = master.backupFS()
+ master.start(timeout=10)
- DirSrvTools.stop(consumer, timeout=10)
- consumer.backupfile = DirSrvTools.instanceBackupFS(consumer)
- DirSrvTools.start(consumer, timeout=10)
+ consumer.stop(timeout=10)
+ consumer.backupfile = consumer.backupFS()
+ consumer.start(timeout=10)
#
# Here we have two instances master and consumer
@@ -641,6 +643,9 @@ def test_ticket47490_nine(topology):
res = pattern_errorlog(topology.master.errorlog_file, regex)
assert res == None
+def test_ticket47490_final(topology):
+ topology.master.stop(timeout=10)
+ topology.consumer.stop(timeout=10)
def run_isolated():
'''
@@ -664,6 +669,8 @@ def run_isolated():
test_ticket47490_seven(topo)
test_ticket47490_eight(topo)
test_ticket47490_nine(topo)
+
+ test_ticket47490_final(topo)
if __name__ == '__main__':
diff --git a/dirsrvtests/tickets/ticket47560_test.py b/dirsrvtests/tickets/ticket47560_test.py
index 1561f21..c11233c 100644
--- a/dirsrvtests/tickets/ticket47560_test.py
+++ b/dirsrvtests/tickets/ticket47560_test.py
@@ -10,32 +10,17 @@ import pytest
from lib389 import DirSrv, Entry, tools
from lib389.tools import DirSrvTools
from lib389._constants import *
+from lib389.properties import *
from constants import *
log = logging.getLogger(__name__)
installation_prefix = None
-def _ds_create_instance(args):
- # create the standalone instance
- return tools.DirSrvTools.createInstance(args, verbose=False)
-
-def _ds_rebind_instance(dirsrv):
- args_instance['prefix'] = dirsrv.prefix
- args_instance['backupdir'] = dirsrv.backupdir
- args_instance['newrootdn'] = dirsrv.binddn
- args_instance['newrootpw'] = dirsrv.bindpw
- args_instance['newhost'] = dirsrv.host
- args_instance['newport'] = dirsrv.port
- args_instance['newinstance'] = dirsrv.serverId
- args_instance['newsuffix'] = SUFFIX
- args_instance['no_admin'] = True
-
- return tools.DirSrvTools.createInstance(args_instance)
-
class TopologyStandalone(object):
def __init__(self, standalone):
- self.standalone = _ds_rebind_instance(standalone)
+ standalone.open()
+ self.standalone = standalone
@pytest.fixture(scope="module")
@@ -49,7 +34,7 @@ def topology(request):
If standalone instance exists:
restart it
If backup of standalone exists:
- create or rebind to standalone
+ create/rebind to standalone
restore standalone instance from backup
else:
@@ -62,33 +47,39 @@ def topology(request):
global installation_prefix
if installation_prefix:
- args_instance['prefix'] = installation_prefix
+ args_instance[SER_DEPLOYED_DIR] = installation_prefix
+
+ standalone = DirSrv(verbose=False)
# Args for the standalone instance
- args_instance['newhost'] = HOST_STANDALONE
- args_instance['newport'] = PORT_STANDALONE
- args_instance['newinstance'] = SERVERID_STANDALONE
+ args_instance[SER_HOST] = HOST_STANDALONE
+ args_instance[SER_PORT] = PORT_STANDALONE
+ args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_standalone = args_instance.copy()
-
+ standalone.allocate(args_standalone)
+
# Get the status of the backups
- backup_standalone = DirSrvTools.existsBackup(args_standalone)
+ backup_standalone = standalone.checkBackupFS()
# Get the status of the instance and restart it if it exists
- instance_standalone = DirSrvTools.existsInstance(args_standalone)
+ instance_standalone = standalone.exists()
if instance_standalone:
# assuming the instance is already stopped, just wait 5 sec max
- DirSrvTools.stop(instance_standalone, timeout=5)
- DirSrvTools.start(instance_standalone, timeout=10)
+ standalone.stop(timeout=5)
+ standalone.start(timeout=10)
if backup_standalone:
# The backup exist, assuming it is correct
# we just re-init the instance with it
- standalone = _ds_create_instance(args_standalone)
+ if not instance_standalone:
+ standalone.create()
+ # Used to retrieve configuration information (dbdir, confdir...)
+ standalone.open()
# restore standalone instance from backup
- DirSrvTools.stop(standalone, timeout=10)
- DirSrvTools.instanceRestoreFS(standalone, backup_standalone)
- DirSrvTools.start(standalone, timeout=10)
+ standalone.stop(timeout=10)
+ standalone.restoreFS(backup_standalone)
+ standalone.start(timeout=10)
else:
# We should be here only in two conditions
@@ -99,19 +90,22 @@ def topology(request):
# Remove the backup. So even if we have a specific backup file
# (e.g backup_standalone) we clear backup that an instance may have created
if backup_standalone:
- DirSrvTools.clearInstanceBackupFS(dirsrv=instance_standalone)
+ standalone.clearBackupFS()
# Remove the instance
if instance_standalone:
- DirSrvTools.removeInstance(instance_standalone)
+ standalone.delete()
# Create the instance
- standalone = _ds_create_instance(args_standalone)
+ standalone.create()
+
+ # Used to retrieve configuration information (dbdir, confdir...)
+ standalone.open()
# Time to create the backups
- DirSrvTools.stop(standalone, timeout=10)
- standalone.backupfile = DirSrvTools.instanceBackupFS(standalone)
- DirSrvTools.start(standalone, timeout=10)
+ standalone.stop(timeout=10)
+ standalone.backupfile = standalone.backupFS()
+ standalone.start(timeout=10)
#
# Here we have standalone instance up and running
@@ -155,13 +149,13 @@ def test_ticket47560(topology):
MEMBEROF_PLUGIN_DN = 'cn=MemberOf Plugin,cn=plugins,cn=config'
replace = [(ldap.MOD_REPLACE, 'nsslapd-pluginEnabled', value)]
topology.standalone.modify_s(MEMBEROF_PLUGIN_DN, replace)
- DirSrvTools.stop(topology.standalone, verbose=False, timeout=120)
+ topology.standalone.stop(timeout=120)
time.sleep(1)
- DirSrvTools.start(topology.standalone, verbose=False, timeout=120)
+ topology.standalone.start(timeout=120)
time.sleep(3)
# need to reopen a connection toward the instance
- topology.standalone = _ds_rebind_instance(topology.standalone)
+ topology.standalone.open()
def _test_ticket47560_setup():
"""
@@ -285,7 +279,7 @@ def test_ticket47560(topology):
assert result_successful == True
def test_ticket47560_final(topology):
- DirSrvTools.stop(topology.standalone, timeout=10)
+ topology.standalone.stop(timeout=10)
10 years, 4 months
ldap/servers
by Nathan Kinder
ldap/servers/plugins/memberof/memberof_config.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
New commits:
commit 38bda615b3d3ace52f4965efcc21b97b2b6899a1
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Thu Dec 12 15:44:59 2013 -0800
Ticket 47525 - Don't modify preop entry in memberOf config
We shouldn't be modifying the preop entry we fetch from the pblock
when validating the memberOf config. We currently apply the mods
to it when performing validation for a modify operation, but we
should be making a copy of the entry to use for validation instead.
Modifying the preop entry directly can cause crashing in some cases.
diff --git a/ldap/servers/plugins/memberof/memberof_config.c b/ldap/servers/plugins/memberof/memberof_config.c
index 58b35f6..36734ca 100644
--- a/ldap/servers/plugins/memberof/memberof_config.c
+++ b/ldap/servers/plugins/memberof/memberof_config.c
@@ -685,6 +685,7 @@ int
memberof_shared_config_validate(Slapi_PBlock *pb)
{
Slapi_Entry *e = 0;
+ Slapi_Entry *resulting_e = 0;
Slapi_DN *sdn = 0;
Slapi_Mods *smods = 0;
LDAPMod **mods = NULL;
@@ -708,13 +709,15 @@ memberof_shared_config_validate(Slapi_PBlock *pb)
smods = slapi_mods_new();
slapi_mods_init_byref(smods, mods);
- /* Apply the mods to create the resulting entry. */
- if (mods && (slapi_entry_apply_mods(e, mods) != LDAP_SUCCESS)) {
+ /* Create a copy of the entry and apply the
+ * mods to create the resulting entry. */
+ resulting_e = slapi_entry_dup(e);
+ if (mods && (slapi_entry_apply_mods(resulting_e, mods) != LDAP_SUCCESS)) {
/* we don't care about this, the update is invalid and will be caught later */
goto bail;
}
- if ( SLAPI_DSE_CALLBACK_ERROR == memberof_validate_config (pb, NULL, e, &ret, returntext,0)) {
+ if ( SLAPI_DSE_CALLBACK_ERROR == memberof_validate_config (pb, NULL, resulting_e, &ret, returntext,0)) {
slapi_log_error( SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM,
"%s", returntext);
ret = LDAP_UNWILLING_TO_PERFORM;
@@ -729,7 +732,7 @@ memberof_shared_config_validate(Slapi_PBlock *pb)
bail:
slapi_mods_free(&smods);
- slapi_entry_free(e);
+ slapi_entry_free(resulting_e);
return ret;
}
10 years, 4 months
Branch '389-ds-base-1.3.1' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_agmt.c | 2 --
ldap/servers/plugins/replication/repl5_schedule.c | 4 ++++
2 files changed, 4 insertions(+), 2 deletions(-)
New commits:
commit 5d4ac7c8c5d48be0796cdbf2ae7b9c40460de18c
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Dec 12 15:36:11 2013 -0500
Ticket 47620 - Fix cherry-pick error for 1.3.2 and 1.3.1
Description: During the cherry-pick process I had to make some manual changes,
and there were two schedule_destroy() calls made which lead to
a dereferenced point.
https://fedorahosted.org/389/ticket/47620
Reviewed by: rmeggins(Thanks!)
(cherry picked from commit 3ae6900d8269926a1da097e3818aa444137aa9d9)
diff --git a/ldap/servers/plugins/replication/repl5_agmt.c b/ldap/servers/plugins/replication/repl5_agmt.c
index b0da172..14c2fb4 100644
--- a/ldap/servers/plugins/replication/repl5_agmt.c
+++ b/ldap/servers/plugins/replication/repl5_agmt.c
@@ -630,8 +630,6 @@ agmt_delete(void **rap)
PR_DestroyLock(ra->lock);
slapi_destroy_rwlock(ra->attr_lock);
- schedule_destroy(ra->schedule);
- slapi_ch_free((void **)&ra->long_name);
slapi_ch_free((void **)rap);
}
diff --git a/ldap/servers/plugins/replication/repl5_schedule.c b/ldap/servers/plugins/replication/repl5_schedule.c
index 419e3ec..1db06a6 100644
--- a/ldap/servers/plugins/replication/repl5_schedule.c
+++ b/ldap/servers/plugins/replication/repl5_schedule.c
@@ -159,6 +159,10 @@ schedule_destroy(Schedule *s)
{
int i;
+ if(s == NULL){
+ return;
+ }
+
/* unschedule update window event if exists */
unschedule_window_state_change_event (s);
10 years, 4 months
Branch '389-ds-base-1.3.2' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_agmt.c | 2 --
ldap/servers/plugins/replication/repl5_schedule.c | 4 ++++
2 files changed, 4 insertions(+), 2 deletions(-)
New commits:
commit 3ae6900d8269926a1da097e3818aa444137aa9d9
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Dec 12 15:36:11 2013 -0500
Ticket 47620 - Fix cherry-pick error for 1.3.2 and 1.3.1
Description: During the cherry-pick process I had to make some manual changes,
and there were two schedule_destroy() calls made which lead to
a dereferenced point.
https://fedorahosted.org/389/ticket/47620
Reviewed by: rmeggins(Thanks!)
diff --git a/ldap/servers/plugins/replication/repl5_agmt.c b/ldap/servers/plugins/replication/repl5_agmt.c
index 5aca5db..80b87de 100644
--- a/ldap/servers/plugins/replication/repl5_agmt.c
+++ b/ldap/servers/plugins/replication/repl5_agmt.c
@@ -630,8 +630,6 @@ agmt_delete(void **rap)
PR_DestroyLock(ra->lock);
slapi_destroy_rwlock(ra->attr_lock);
- schedule_destroy(ra->schedule);
- slapi_ch_free((void **)&ra->long_name);
slapi_ch_free((void **)rap);
}
diff --git a/ldap/servers/plugins/replication/repl5_schedule.c b/ldap/servers/plugins/replication/repl5_schedule.c
index 419e3ec..1db06a6 100644
--- a/ldap/servers/plugins/replication/repl5_schedule.c
+++ b/ldap/servers/plugins/replication/repl5_schedule.c
@@ -159,6 +159,10 @@ schedule_destroy(Schedule *s)
{
int i;
+ if(s == NULL){
+ return;
+ }
+
/* unschedule update window event if exists */
unschedule_window_state_change_event (s);
10 years, 4 months
Branch '389-ds-base-1.3.1' - ldap/servers
by Mark Reynolds
ldap/servers/slapd/configdse.c | 1 -
ldap/servers/slapd/libglobs.c | 10 +++++++---
2 files changed, 7 insertions(+), 4 deletions(-)
New commits:
commit a1e386188663c9197b80b3b51cca0d58ce0c9181
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Dec 12 12:48:08 2013 -0500
Ticket 47613 - Issues setting allowed mechanisms
Bug Description: Adding an empty value for nsslapd-allowed-sasl-mechanisms blocks all
sasl authentication. Also changing the allowed sasl mechansism does
require a restart after making a change.
Fix Description: Reject an empty values for nsslapd-allowed-sasl-mechanisms, and allow
config changes to occur without restarting the server.
https://fedorahosted.org/389/ticket/47613
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 43959232f792db2b79e614f6db78f7569920fdc1)
diff --git a/ldap/servers/slapd/configdse.c b/ldap/servers/slapd/configdse.c
index bd1566e..b54062d 100644
--- a/ldap/servers/slapd/configdse.c
+++ b/ldap/servers/slapd/configdse.c
@@ -81,7 +81,6 @@ static const char *requires_restart[] = {
#endif
"cn=config:" CONFIG_RETURN_EXACT_CASE_ATTRIBUTE,
"cn=config:" CONFIG_SCHEMA_IGNORE_TRAILING_SPACES,
- "cn=config:nsslapd-allowed-sasl-mechanisms",
"cn=config,cn=ldbm:nsslapd-idlistscanlimit",
"cn=config,cn=ldbm:nsslapd-parentcheck",
"cn=config,cn=ldbm:nsslapd-dbcachesize",
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index a763135..64510d6 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -6761,8 +6761,7 @@ config_set_allowed_sasl_mechs(const char *attrname, char *value, char *errorbuf,
{
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
- if(!apply || slapdFrontendConfig->allowed_sasl_mechs){
- /* we only set this at startup, if we try again just return SUCCESS */
+ if(!apply){
return LDAP_SUCCESS;
}
@@ -6777,6 +6776,7 @@ config_set_allowed_sasl_mechs(const char *attrname, char *value, char *errorbuf,
}
CFG_LOCK_WRITE(slapdFrontendConfig);
+ slapi_ch_free_string(&slapdFrontendConfig->allowed_sasl_mechs);
slapdFrontendConfig->allowed_sasl_mechs = slapi_ch_strdup(value);
CFG_UNLOCK_WRITE(slapdFrontendConfig);
@@ -7476,7 +7476,11 @@ invalid_sasl_mech(char *str)
int i;
if(str == NULL){
- return 0;
+ return 1;
+ }
+ if(strlen(str) < 1){
+ /* ignore empty values */
+ return 1;
}
/*
10 years, 4 months
Branch '389-ds-base-1.3.2' - ldap/servers
by Mark Reynolds
ldap/servers/slapd/configdse.c | 1 -
ldap/servers/slapd/libglobs.c | 10 +++++++---
2 files changed, 7 insertions(+), 4 deletions(-)
New commits:
commit 42ba3dce6a6b80ecc1050f77fd2e187b4dc65a72
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Dec 12 12:48:08 2013 -0500
Ticket 47613 - Issues setting allowed mechanisms
Bug Description: Adding an empty value for nsslapd-allowed-sasl-mechanisms blocks all
sasl authentication. Also changing the allowed sasl mechansism does
require a restart after making a change.
Fix Description: Reject an empty values for nsslapd-allowed-sasl-mechanisms, and allow
config changes to occur without restarting the server.
https://fedorahosted.org/389/ticket/47613
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 43959232f792db2b79e614f6db78f7569920fdc1)
diff --git a/ldap/servers/slapd/configdse.c b/ldap/servers/slapd/configdse.c
index bd1566e..b54062d 100644
--- a/ldap/servers/slapd/configdse.c
+++ b/ldap/servers/slapd/configdse.c
@@ -81,7 +81,6 @@ static const char *requires_restart[] = {
#endif
"cn=config:" CONFIG_RETURN_EXACT_CASE_ATTRIBUTE,
"cn=config:" CONFIG_SCHEMA_IGNORE_TRAILING_SPACES,
- "cn=config:nsslapd-allowed-sasl-mechanisms",
"cn=config,cn=ldbm:nsslapd-idlistscanlimit",
"cn=config,cn=ldbm:nsslapd-parentcheck",
"cn=config,cn=ldbm:nsslapd-dbcachesize",
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 9b63fe0..283e9a3 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -6816,8 +6816,7 @@ config_set_allowed_sasl_mechs(const char *attrname, char *value, char *errorbuf,
{
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
- if(!apply || slapdFrontendConfig->allowed_sasl_mechs){
- /* we only set this at startup, if we try again just return SUCCESS */
+ if(!apply){
return LDAP_SUCCESS;
}
@@ -6832,6 +6831,7 @@ config_set_allowed_sasl_mechs(const char *attrname, char *value, char *errorbuf,
}
CFG_LOCK_WRITE(slapdFrontendConfig);
+ slapi_ch_free_string(&slapdFrontendConfig->allowed_sasl_mechs);
slapdFrontendConfig->allowed_sasl_mechs = slapi_ch_strdup(value);
CFG_UNLOCK_WRITE(slapdFrontendConfig);
@@ -7618,7 +7618,11 @@ invalid_sasl_mech(char *str)
int i;
if(str == NULL){
- return 0;
+ return 1;
+ }
+ if(strlen(str) < 1){
+ /* ignore empty values */
+ return 1;
}
/*
10 years, 4 months