Branch '389-ds-base-1.3.1' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/index.c | 2 +-
ldap/servers/slapd/entry.c | 1 +
2 files changed, 2 insertions(+), 1 deletion(-)
New commits:
commit ed09682086a2188a569e787fb696d3f6e77573cd
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Sat Jun 15 15:57:27 2013 -0700
Ticket #47391 - deleting and adding userpassword fails to update the password
Bug description: Deleting and adding password operation causes
the crash since once an entry is written to and retrieved from
DB, it does not have unhashed#user#password in the entry any
more. The delete userpassword internally invokes delete unhashed
existed in the entry.
Fix description: Once the internal attribute value pair is
stored in an entry extension, the mod for the attribute is
changed to the "disabled" mode. Also, this patch adds the
stricter check for the NULL reference.
https://fedorahosted.org/389/ticket/47391
Reviewed by Nathan (Thank you!!)
(cherry picked from commit 4305deeaa41ea8703ebb9ea6529790dd609b3060)
diff --git a/ldap/servers/slapd/back-ldbm/index.c b/ldap/servers/slapd/back-ldbm/index.c
index e45aba8..c502017 100644
--- a/ldap/servers/slapd/back-ldbm/index.c
+++ b/ldap/servers/slapd/back-ldbm/index.c
@@ -693,7 +693,7 @@ index_add_mods(
/* Check if the any values being deleted
* also exist in a subtype.
*/
- for ( j=0; deleted_valueArray[j] != NULL; j++) {
+ for (j = 0; deleted_valueArray && deleted_valueArray[j]; j++) {
if ( valuearray_find(curr_attr, evals, deleted_valueArray[j]) == -1 ) {
/* If the equality flag isn't already set, set it */
if (!(flags & BE_INDEX_EQUALITY)) {
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index ba7f338..4830a3f 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -3495,6 +3495,7 @@ slapi_entry_apply_mod_extension(Slapi_Entry *e, const LDAPMod *mod, int modcnt)
rc = 0;
break;
}
+ ((LDAPMod *)mod)->mod_op = LDAP_MOD_IGNORE; /* we don't need it any more */
}
}
bail:
10 years, 10 months
2 commits - ldap/schema ldap/servers
by Noriko Hosoi
ldap/schema/10dna-plugin.ldif | 2 +-
ldap/servers/slapd/back-ldbm/index.c | 2 +-
ldap/servers/slapd/entry.c | 1 +
3 files changed, 3 insertions(+), 2 deletions(-)
New commits:
commit 4305deeaa41ea8703ebb9ea6529790dd609b3060
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Sat Jun 15 15:57:27 2013 -0700
Ticket #47391 - deleting and adding userpassword fails to update the password
Bug description: Deleting and adding password operation causes
the crash since once an entry is written to and retrieved from
DB, it does not have unhashed#user#password in the entry any
more. The delete userpassword internally invokes delete unhashed
existed in the entry.
Fix description: Once the internal attribute value pair is
stored in an entry extension, the mod for the attribute is
changed to the "disabled" mode. Also, this patch adds the
stricter check for the NULL reference.
https://fedorahosted.org/389/ticket/47391
Reviewed by Nathan (Thank you!!)
diff --git a/ldap/servers/slapd/back-ldbm/index.c b/ldap/servers/slapd/back-ldbm/index.c
index e45aba8..c502017 100644
--- a/ldap/servers/slapd/back-ldbm/index.c
+++ b/ldap/servers/slapd/back-ldbm/index.c
@@ -693,7 +693,7 @@ index_add_mods(
/* Check if the any values being deleted
* also exist in a subtype.
*/
- for ( j=0; deleted_valueArray[j] != NULL; j++) {
+ for (j = 0; deleted_valueArray && deleted_valueArray[j]; j++) {
if ( valuearray_find(curr_attr, evals, deleted_valueArray[j]) == -1 ) {
/* If the equality flag isn't already set, set it */
if (!(flags & BE_INDEX_EQUALITY)) {
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index f730ae0..db8d906 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -3503,6 +3503,7 @@ slapi_entry_apply_mod_extension(Slapi_Entry *e, const LDAPMod *mod, int modcnt)
rc = 0;
break;
}
+ ((LDAPMod *)mod)->mod_op = LDAP_MOD_IGNORE; /* we don't need it any more */
}
}
bail:
commit 5f0580abd55b4fb34a954f0314c1188c43921363
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Sat Jun 15 16:45:23 2013 -0700
Ticket 47379 - DNA plugin failed to fetch replication agreement
Description : Schema file 10dna-plugin.ldif modified in the commit
3e2262e1c0410bdf4f9b9211aef13deb28f174d1 had a tab which should
be white spaces. It made the schema parsing fail and the server
uninstallable. This patch replaces the tab with white spaces.
diff --git a/ldap/schema/10dna-plugin.ldif b/ldap/schema/10dna-plugin.ldif
index ac9b5f4..74f5f8b 100644
--- a/ldap/schema/10dna-plugin.ldif
+++ b/ldap/schema/10dna-plugin.ldif
@@ -218,7 +218,7 @@ objectClasses: ( 2.16.840.1.113730.3.2.324 NAME 'dnaPluginConfig'
dnaThreshold $
dnaNextRange $
dnaRangeRequestTimeout $
- dnaRemoteBindDN $
+ dnaRemoteBindDN $
dnaRemoteBindCred $
cn
)
10 years, 10 months
Branch '389-ds-base-1.2.11' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_replica_config.c | 9 +++++++++
1 file changed, 9 insertions(+)
New commits:
commit e3b8e2f82b3d5b6223c65db8649e7ddcb46ee916
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 14 15:28:57 2013 -0400
Coverity Fixes (Part 7)
11704 - Dereference after null check: repl5_replica_config.c
https://bugzilla.redhat.com/show_bug.cgi?id=970221
Reviewed by: richm(Thanks!)
(cherry picked from commit a2cfcf7ff93bf2ef7a3cf4ad2ba2c4e0bd098a3a)
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index 1eb3d96..7422976 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -2380,6 +2380,13 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
* Search the config for the exact attribute value to delete
*/
pb = slapi_pblock_new();
+ if(clean_data->replica){
+ dn = replica_get_dn(clean_data->replica);
+ } else {
+ rc = -1;
+ goto bail;
+ }
+
dn = replica_get_dn(clean_data->replica);
slapi_search_internal_set_pb(pb, dn, LDAP_SCOPE_SUBTREE, "nsds5ReplicaCleanRUV=*", NULL, 0, NULL, NULL,
(void *)plugin_get_default_component_id(), 0);
@@ -2443,6 +2450,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
slapi_modify_internal_set_pb(pb, dn, mods, NULL, NULL, repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+
+bail:
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "CleanAllRUV Task: failed to remove replica config "
"(%d), rid (%d)\n", rc, clean_data->rid);
10 years, 10 months
Branch '389-ds-base-1.3.0' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_replica_config.c | 9 +++++++++
1 file changed, 9 insertions(+)
New commits:
commit 05e74ea0982f6218f036cc589f0b4124d6207bfb
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 14 15:28:57 2013 -0400
Coverity Fixes (Part 7)
11704 - Dereference after null check: repl5_replica_config.c
https://bugzilla.redhat.com/show_bug.cgi?id=970221
Reviewed by: richm(Thanks!)
(cherry picked from commit a2cfcf7ff93bf2ef7a3cf4ad2ba2c4e0bd098a3a)
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index b0b3ba5..c770bcb 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -2380,6 +2380,13 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
* Search the config for the exact attribute value to delete
*/
pb = slapi_pblock_new();
+ if(clean_data->replica){
+ dn = replica_get_dn(clean_data->replica);
+ } else {
+ rc = -1;
+ goto bail;
+ }
+
dn = replica_get_dn(clean_data->replica);
slapi_search_internal_set_pb(pb, dn, LDAP_SCOPE_SUBTREE, "nsds5ReplicaCleanRUV=*", NULL, 0, NULL, NULL,
(void *)plugin_get_default_component_id(), 0);
@@ -2443,6 +2450,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
slapi_modify_internal_set_pb(pb, dn, mods, NULL, NULL, repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+
+bail:
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "CleanAllRUV Task: failed to remove replica config "
"(%d), rid (%d)\n", rc, clean_data->rid);
10 years, 10 months
Branch '389-ds-base-1.3.1' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5_replica_config.c | 9 +++++++++
1 file changed, 9 insertions(+)
New commits:
commit a2cfcf7ff93bf2ef7a3cf4ad2ba2c4e0bd098a3a
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 14 15:28:57 2013 -0400
Coverity Fixes (Part 7)
11704 - Dereference after null check: repl5_replica_config.c
https://bugzilla.redhat.com/show_bug.cgi?id=970221
Reviewed by: richm(Thanks!)
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index c11a47d..e28e345 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -2409,6 +2409,13 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
* Search the config for the exact attribute value to delete
*/
pb = slapi_pblock_new();
+ if(clean_data->replica){
+ dn = replica_get_dn(clean_data->replica);
+ } else {
+ rc = -1;
+ goto bail;
+ }
+
dn = replica_get_dn(clean_data->replica);
slapi_search_internal_set_pb(pb, dn, LDAP_SCOPE_SUBTREE, "nsds5ReplicaCleanRUV=*", NULL, 0, NULL, NULL,
(void *)plugin_get_default_component_id(), 0);
@@ -2472,6 +2479,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
slapi_modify_internal_set_pb(pb, dn, mods, NULL, NULL, repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+
+bail:
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "CleanAllRUV Task: failed to remove replica config "
"(%d), rid (%d)\n", rc, clean_data->rid);
10 years, 10 months
ldap/servers
by Mark Reynolds
ldap/servers/plugins/dna/dna.c | 2 +-
ldap/servers/plugins/replication/repl5_replica_config.c | 10 +++++++++-
2 files changed, 10 insertions(+), 2 deletions(-)
New commits:
commit 23063fc5844873d44ad2021aaabfbc1472ef981a
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 14 14:43:26 2013 -0400
Coverity (Part 7) + Jenkins fix
11704 - Dereference after null check: repl5_replica_config.c
Jenkins error: dna.c
https://bugzilla.redhat.com/show_bug.cgi?id=970221
Reviewed by: richm(Thanks!)
diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c
index a552fb6..ff12dde 100644
--- a/ldap/servers/plugins/dna/dna.c
+++ b/ldap/servers/plugins/dna/dna.c
@@ -1592,7 +1592,7 @@ dna_get_shared_servers(struct configEntry *config_entry, PRCList **servers)
}
/* see if we defined a server manually */
if(server->remote_bind_method){
- char *reason;
+ char *reason = NULL;
int err = 0;
if(strcasecmp(server->remote_bind_method, DNA_METHOD_DIGESTMD5) == 0 ||
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index 592faeb..1aa69f0 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -2484,7 +2484,13 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
* Search the config for the exact attribute value to delete
*/
pb = slapi_pblock_new();
- dn = replica_get_dn(clean_data->replica);
+ if(clean_data->replica){
+ dn = replica_get_dn(clean_data->replica);
+ } else {
+ rc = -1;
+ goto bail;
+ }
+
slapi_search_internal_set_pb(pb, dn, LDAP_SCOPE_SUBTREE, "nsds5ReplicaCleanRUV=*", NULL, 0, NULL, NULL,
(void *)plugin_get_default_component_id(), 0);
slapi_search_internal_pb(pb);
@@ -2547,6 +2553,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
slapi_modify_internal_set_pb(pb, dn, mods, NULL, NULL, repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION), 0);
slapi_modify_internal_pb (pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+
+bail:
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "CleanAllRUV Task: failed to remove replica config "
"(%d), rid (%d)\n", rc, clean_data->rid);
10 years, 10 months
Changes to 'refs/tags/389-ds-base-1.3.1.1'
by Noriko Hosoi
Changes since 389-ds-base-1.2.6.a1:
Charles Lopes (1):
Bug #361: Bad DNs in ACIs can segfault ns-slapd
Endi S. Dewata (168):
Bug 545620 - Password cannot start with minus sign
Bug 538525 - Ability to create instance as non-root user
Bug 570542 - Root password cannot contain matching curly braces
Bug 470684 - Pam_passthru plugin doesn't verify account activation
Bug 573375 - MODRDN operation not logged
Bug 520151 - Error when modifying userPassword with proxy user
Bug 455489 - Address compiler warnings about strict-aliasing rules
Bug 566320 - RFE: add exception to removal of attributes in cn=config for aci
Bug 566043 - startpid file is only cleaned by initscript runs
Bug 584109 - Slapd crashes while parsing DNA configuration
Bug 542570 - Directory Server port number is not validated in the beginning.
Bug 145181 - Plugin target/bind subtrees only take 1 value.
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 628096 - spurious error message from /sbin/service when doing a stop on no instances
Bug 573889 - Migration does not remove deprecated schema
Bug 606545 - core schema should include numSubordinates
Bug 643979 - Strange byte sequence for attribute with no values (nsslapd-referral)
Endi Sukma Dewata (16):
Bug 630092 - Coverity #12117: Resource leaks issues
Bug 630092 - Coverity #15478: Resource leaks issues
Bug 630092 - Coverity #15479: Resource leaks issues
Bug 630092 - Coverity #15481: Resource leaks issues
Bug 630092 - Coverity #15482: Resource leaks issues
Bug 630092 - Coverity #15483: Resource leaks issues
Bug 630092 - Coverity #15484: Resource leaks issues
Bug 630092 - Coverity #15485: Resource leaks issues
Bug 630092 - Coverity #15487: Resource leaks issues
Bug 630092 - Coverity #15490: Resource leaks issues
Bug 630092 - Coverity #15497: Resource leaks issues
Bug 630092 - Coverity #11991: Resource leaks issues
Bug 630092 - Coverity #12000: Resource leaks issues
Bug 630092 - Coverity #12003: Resource leaks issues
Bug 630092 - Coverity #11985: Resource leaks issues
Bug 630092 - Coverity #11992,11993: Resource leaks issues
Jeroen van Meeuwen (Kolab Systems) (1):
Suppress alert on unavailable port with forced setup
Jonathan \"Duke\" Leto (1):
fix for trac #173; update ds-logpipe.py docs about -t option
Ken Rossato (8):
Factorize into new isPosixGroup function
Change "return"s in modGroupMembership to "break"s to avoid leaking
Memory leaks: unmatched slapi_attr_get_valueset and slapi_value_new
Simplify program flow: eliminate unnecessary continue
Simplify program flow: make adduids/moduids/deluids action blocks all similar
Fix logic errors: del_mod should be latched (might not be last mod), and avoid skipping add-mods (int value 0)
Simplify program flow: change while loops to for
Ticket #481 - expand nested posix groups
Ludwig Krispenz (8):
Fix for ticket 510
Fix for ticket 465: cn=monitor showing stats for other db instances
Fix for ticket 504
Ticket 349 - nsViewFilter syntax issue in 389DS 1.2.5
Ticket 518 - dse.ldif is 0 length after server kill or machine kill
Ticket 505 - use lock-free access name2asi and oid2asi table
Fix optimization issue introduced with fix for ticket #561,
modify operations without values need to be written to the changelog
Mark Reynolds (173):
Ticket #71 - unable to delete managed entry config
Ticket #159 - Managed Entry Plugin runs against managed entries upon any update without validating
Ticket #177 - logconv.pl doesn't detect restarts
Merge branch 'ticket159'
Ticket #49 - better handling for server shutdown while long running tasks are active
Ticket #50 - server should not call a plugin after the plugin close function is calle
Updated for ticket#50
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #140 - incorrect memset parameters
Revert "Ticket #140 - incorrect memset parameters"
Revert "Ticket #55 - Limit of 1024 characters for nsMatchingRule"
Ticket #38 - nisDomain schema is incorrect
Ticket #6 - protocol error from proxied auth operation
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #39 - Account Policy Plugin does not work for simple binds when PAM Pass Through Auth plugin is enabled
Ticket 175 - logconv.pl improvements
Ticket 175 - minor fixes
Ticket #17 - Replication optimizations
Ticket #17 - new replication optimizations
Ticket #129 - Should only update modifyTimestamp/modifiersName on MODIFY ops
Ticket #111 - ability to control behavior of modifyTimestamp/modifiersName
Ticket #211 - dnaNextValue gets incremented even if the user addition fails
Ticket #74 - Add schema for DNA plugin (RFE)
Ticket #306 - void function cannot return value
Ticket #302 - use thread local storage for internalModifiersName & internalCreatorsName
Schema Reload crash fix
Ticket #291 - cannot use & in a sasl map search filter
Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash
Ticket #191 - Implement SO_KEEPALIVE in network calls
Config changes fail because of unknown attribute "internalModifiersname"
Ticket #292 - logconv.pl reporting unindexed search with different search base than shown in access logs
Ticket #308 - Automembership plugin fails if data and config area mixed in the plugin configuration
Ticket #271 - replication code cleanup
TIcket #285 - compilation fixes for '--format-security'
Ticket #271 - Slow shutdown when you have 100+ replication agreements
Ticket #24 - Add nsTLS1 to the DS schema
Ticket #319 - ldap-agent crashes on start with signal SIGSEGV
Ticket #20 - Allow automember to work on entries that have already been added
Ticket #315 - ns-slapd exits/crashes if /var fills up
Ticket #315 - small fix to libglobs
Ticket #183 - passwordMaxFailure should lockout password one sooner - and should be configurable to avoid regressions
Coverity Fixes
Ticket #325 - logconv.pl : use of getopts to parse command line options
Ticket #183 - passwordMaxFailure should lockout password one sooner
Ticket #207 - [RFE] enable attribute that tracks when a password was last set
Ticket #214 - Adding Replication agreement should complain if required nsds5ReplicaCredentials not supplied
Ticket #337 - Improve CLEANRUV task
Ticket #356 - RFE - Track bind info
Ticket #196 - RFE: Interpret IPV6 addresses for ACIs, replication, and chaining
Ticket #218 - Make RI Plugin worked with replicated updates
Ticket 367 - Invalid chaining config triggers a disk full error and shutdown
Ticket 365 - passwords in clear text in the audit log
Ticket #321 - krbExtraData is being null modified and replicated on each ssh login
Ticket #110 - RFE limiting root DN by host, IP, time of day, day of week
Ticket 368 - Make the cleanAllRUV task one step
Ticket #28 - MOD operations with chained delete/add get back error 53 on backend config
Ticket #369 - restore of replica ldif file on second master after deleting two records shows only 1 deletion
Update the slapi-plugin documentation on new slapi functions, and added a slapi function for checking on shutdowns
Ticket #388 - Improve replication agreement status messages
COVERITY FIXES
Coverity Fix
Ticket 366 - Change DS to purge ticket from krb cache in case of authentication error
Ticket 399 - slapi_ldap_bind() doesn't check bind results
Ticket 328 - make sure all internal search filters are properly escaped
Ticket 413 - "Server is unwilling to perform" when running ldapmodify on nsds5ReplicaStripAttrs
Ticket 403 - CLEANALLRUV feature
Ticket 407 - memory leak in dna plugin
Ticket 403 - cleanallruv coverity fixes
Misc Coverity Fixes
Ticket 407 - dna memory leak
Ticket 403 - CLEANALLRUV amendment
Ticket 403 - CLEANALLRUV - revision to last amendment
Ticket 403 - fix CLEANALLRUV regression from last commit
Ticket 429 - Add nsslapd-readonly to schema
CLEANALLRUV coverity fixes
Ticket 436 - nsds5ReplicaEnabled can be set with any invalid values.
Ticket 386 - Overconsumption of memory with large cachememsize and heavy use of ldapmodify
Ticket 450 - CLEANALLRUV task gets stuck on winsync replication agreement
Ticket 452 - automember rebuild task adds users to groups that do not match the configuration scope
Ticket 408 - create a normalized dn cache
Ticket 467 - CLEANALLRUV abort task should be able to ignore down replicas
Ticket 747 - Root DN Access Control - days allowed not working correctly
Ticket 475 - Root DN Access Control - improve value checking for config
Ticket 473 - change VERSION.sh to have console version be major.minor
Coverity issue 13091
Ticket 457 - dirsrv init script returns 0 even when few or all instances fail to start
Ticket 477 - CLEANALLRUV if there are only winsync agmts task will hang
Ticket 478 - passwordTrackUpdateTime stops working with subtree password policies
Ticket #446 - anonymous limits are being applied to directory manager
Ticket 488 - Doc: DS error log messages with typo
Ticket 486 - nsslapd-enablePlugin should not be multivalued
Ticket 468 - if pam_passthru is enabled, need to AC_CHECK_HEADERS([security/pam_appl.h])
Ticket 495 - internalModifiersname not updated by DNA plugin
Revert "Ticket 495 - internalModifiersname not updated by DNA plugin"
Ticket 495 - internalModifiersname not updated by DNA plugin
Ticket 147 - Internal Password Policy usage very inefficient
Ticket 517 - crash in DNA if no dnaMagicRegen is specified
Ticket 507 - use mutex for FrontendConfig lock instead of rwlock
Ticket 394 - modify-delete userpassword
Ticket 337 - improve CLEANRUV functionality
Coverity Fixes
Ticket 20 - Allow automember to work on entries that have already been added
Ticket 393 - Change in winSyncInterval does not take immediate effect
Ticket 216 - disable replication agreements
Ticket 395 - RFE: 389-ds shouldn't advertise in the rootDSE that we can handle a sasl mech if we really can't
Ticket 527 - ns-slapd segfaults if it cannot rename the logs
Ticket 509 - lock-free access to be->be_suffixlock
Merge branch 'ticket509'
Ticket 456 - improve entry cache sizing
Ticket 509 - lock-free access to be->be_suffixlock
Ticket 511 - allow turning off vattr lookup in search entry return
Ticket 541 - RootDN Access Control plugin is missing after upgrade
Ticket 541 - need to set plugin as off in ldif template
Ticket 534 - RFE: Add SASL mappings fallback
Ticket 534 - sasl mapping fallback
Ticket 532 - RUV is not getting updated for both Master and consumer
Ticket 534 - Add SASL mappings fallback
Ticket 534 - SASL Mapping Fallback
Ticket 539 - logconv.pl should handle microsecond timing
Ticket 471 - logconv.pl tool removes the access logs contents if "-M" is not correctly used
Ticket 552 - Adding rootdn-open-time without rootdn-close-time to RootDN Acess Control results in inconsistent configuration
Ticket 551 - Multivalued rootdn-days-allowed in RootDN Access Control plugin always results in access control violation
TIcket 419 - logconv.pl - improve memory management
Ticket 419 - logconv.pl - improve memory management
Ticket 558 - Replication - make timeout for protocol shutdown configurable
Ticket 417 - RFE - forcing passwordmustchange attribute by non-cn=directory manager
Ticket 562 - Crash when deleting suffix
Merge branch 'master' of ssh://git.fedorahosted.org/git/389/ds
Ticket 532 - RUV is not getting updated for both Master and consumer
Ticket 433 - multiple bugs in start-dirsrv, stop-dirsrv, restart-dirsrv scripts
Ticket 433 - multiple bugs in start-dirsrv, stop-dirsrv, restart-dirsrv scripts
Ticket 570 - DS returns error 20 when replacing values of a multi-valued attribute (only when replication is enabled)
Ticket 528 - RFE - get rid of instance specific scripts
Coverity Fixes
Ticket 528 - RFE - get rid of instance specific scripts (part 2)
Ticket 332 - Command line perl scripts should attempt most secure connection type first
Ticket 332 - Fix usage in scripts
Ticket 332 - minor quoting issue in a few scripts.
Ticket 588 - Create MAN pages for command line scripts
Ticket 332 - wrong argument count in ldif2db
Ticket 571 - server does not accept 0 length LDAP Control sequence
Ticket 583 - dirsrv fails to start on reboot due to /var/run/dirsrv permissions
Ticket 574 - problems with dbcachesize disk space calculation
Ticket 623 - cleanAllRUV task fails to cleanup config upon completion
Ticket 574 - problems with dbcachesize disk space calculation
Ticket 458 - RFE - Make it possible for privileges to be provided to an admin user
Ticket 611 - logconv.pl missing stats for StartTLS, LDAPI, and AUTOBIND
Ticket 622 - DS logging errors "libdb: BDB0171 seek: 2147483648: (262144 * 8192) + 0: No such file or directory
Ticket 525 - Introducing a user visible configuration variable for controlling replication retry time
Ticket 632 - 389-ds-base cannot handle Kerberos tickets with PAC
Ticket 587 - Replication error messages in the DS error logs
Ticket 458 - Need to properly check if the password admin dn is set
Ticket 628 - crash in aci evaluation
Ticket 620 - Better logging of error messages for 389-ds-base
Ticket 534 - RFE: Add SASL mappings fallback
Ticket 550 - posix winsync will not create memberuid values if group entry become posix group in the same sync interval
Ticket 631 - Replication: "Incremental update started" status message without consumer initialized
Ticket 47311 - segfault in db2ldif(trigger by a cleanallruv task)
Ticket 47304 - reinitialization of a master with a disabled agreement hangs
Ticket 47315 - filter option in fixup-memberof requires more clarification
Ticket 47299 - fix config file and server id processing
Ticket 47355 - dse.ldif doesn't replicate update to nsslapd-sasl-mapping-fallback
Ticket 511 - Revision - allow turning off vattr lookup in search entry return
Ticket 580 - Wrong error code return when using EXTERNAL SASL and no client certificate
Coverity Fixes (part 1)
Coverity Fixes (Part 2)
Coverity Fixes (Part 3)
Coverity Fixes (Part 4)
Coverity Fixes (Part 5)
Ticket 47385 - DS not shutting down when disk monitoring threshold is reached
Fri Jun 7 10:41:00 2013 -0400
Ticket 47383 - connections attribute in cn=snmp,cn=monitor is counted twice
Ticket 47376 - DESC should not be empty as per RFC 2252 (ldapv3)
Nathan Kinder (196):
Bug 549554 - Trim single-valued attributes before sending to AD
Improve search for pcre header file
Bug 434735 - Allow SASL ANONYMOUS mech to work
Bug 570912 - Avoid selinux context conflict with httpd
Allow instance name to be parsed from start-slapd
Add managed entries plug-in
Bug 572355 - Label instance files and ports during upgrade.
Bug 578863 - Password modify extop needs to send referrals on replicas
Bug 584156 - Remove ldapi socket file during upgrade
Fix rsearch usage of name files for random filters
Bug 584497 - Allow DNA plugin to set same value on multiple attributes
Add replication session hooks
Correct function prototype for repl session hook
Bug 592389 - Set anonymous resource limits properly
Bug 601433 - Add man pages for start-dirsrv and related commands
Bug 604263 - Fix memory leak when password change is rejected
Bug 612242 - membership change on DS does not show on AD
Bug 613833 - Allow dirsrv_t to bind to rpc ports
Bug 594745 - Get rid of dirsrv_lib_t label
Bug 620927 - Allow multiple membership attributes in memberof plugin
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630093 - (cov#15511) Don't use unintialized search_results in refint plugin
Bug 630093 - (cov#15518) Need to intialize fd in ldbm2ldif code
Bug 630096 - (cov#11778) check return value of ldap_parse_result
Bug 630096 - (cov#15446) check return value of ber_scanf()
Bug 630096 - (cov#15449,15450) Check return value of stat()
Bug 630096 - (cov#15448) Check return value of cache_replace()
Bug 630096 - (cov#15447) - Check return value of idl_append_extend()
Bug 630090 - (cov#11974) Remove unused ACL functions
Bug 630090 - (cov#15445) Fix illegal free in archive code
Bug 630094 - (cov#11818) Fix unreachable return in snmp subagent
Bug 630094 - (cov#15451) Get rid of unreachable free statements
Bug 630094 - (cov#15452) Remove NULL checking for op_string
Bug 630094 - (cov#15453) Eliminate NULL check for local_newentry
Bug 630094 - (cov#15454) Fix deadcode issue in mapping tree code
Bug 630094 - (cov#15455) Remove deadcode in attr_index_config()
Bug 630094 - (cov#15456) Remove NULL check for srdn in import code
Bug 630094 - (cov#15457) Remove deadcode in import code
Bug 630094 - (cov#15458) Fix deadcode issue in moddn code
Bug 630094 - (cov#15459) Remove NULL check for srdn in ldif2ldbm code
Bug 630094 - (cov#15520) Fix unreachable code issue if perfctrs code
Bug 630094 - (cov#15581) Add missing breaks in agt_mopen_stats()
Bug 690090 - (cov#11974) Remove additional unused ACL functions
Bug 630091 - (cov#15512) Fix usage of uninitialized bervals
Bug 630091 - (cov#15513) Fix usage of uninitialized bervals
Bug 630091 - (cov#15514) Initialize DBT in entryrdn_get_parent()
Bug 630091 - (cov#15515) Use of uninitialized array in index config code
Bug 630091 - (cov#15516,15517) Initialize pointers before attempting to free
Bug 630091 - (cov#15519) Initialize bervals in search_easter_egg()
Bug 630091 - (cov#15582) Free of uninitialized pointer in attr_index_config()
Bug 630097 - (cov#11933) Fix NULL dereference in schema code
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#11946) NULL dereference in ResHashCreate()
Bug 630097 - (cov#11964) Remove dead code from libaccess
Bug 630097 - (cov#12143) NULL dereference in cos cache code
Bug 630097 - (cov#12148) NULL dereference in ruvInit()
Bug 630097 - (cov#12182,12183) NULL dereference in import code
Bug 630097 - (cov#15460) NULL deference in ACL URL code
Bug 630097 - (cov#15461) Remove unnecessary NULL check in DNA
Bug 630097 - (cov#15462) NULL dereference in mep_modrdn_post_op()
Bug 630097 - (cov#15463) Remove NULL check in referint plugin
Bug 630097 - (cov#15464) NULL dereference in repl code
Bug 630097 - (cov#15465) Null dereference in USN code
Bug 630097 - (cov#15473) NULL dereference in ResHashCreate()
Bug 630097 - (cov#15505) NULL dereference in memberOf code
Bug 630097 - (cov#15506) NULL dereference in dblayer code
Bug 630097 - (cov#15507,15508) NULL dereference in entryrdn code
Bug 630097 - (cov#15509) NULL dereference in idsktune
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#15477) NULL dereference in ACL plug-in code
Bug 630091 - (cov#12209) Use of uninitialized pointer in libaccess
Bug 630092 - (cov#12116) Resource leak in ldclt code
Bug 630092 - (cov#12105) Resource leak in pwdscheme config code
Bug 630092 - (cov#12068) Resource leak in certmap code
Bug 630091 - (cov#11973) Array overrun in libaccess
Bug 522055 - Scope check for managed attribute fails
Bug 625335 - Self-write aci has permission to invalid attribute
Bug 631993 - Log authzid when proxy auth control is used
Cov #16300 - Unused variable in account policy plugin
Bug 544321 - remove-ds.pl should not throw error unlabelling port
Bug 555955 - Allow CoS values to be merged
Bug 643937 - Initialize replication version flags
Bug 305131 - Allow empty modify operation
Bug 619633 - Make attribute uniqueness obey requiredObjectClass
Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operations
Bug 189985 - Improve attribute uniqueness error message
Bug 647932 - multiple memberOf configuration adding memberOf where there is no member
Bug 521088 - DNA should check ACLs before getting a value from the range
Bug 635009 - Add one-way AD sync capability
Bump VERSION.sh to 1.2.8.a1
Bug 648949 - Move selinux policy into base OS
Bug 648949 - Update configure
Roll back VERSION.sh for 1.2.7 release
Bug 625950 - hash nsslapd-rootpw changes in audit log
Bug 656392 - Remove calls to ber_err_print()
Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
Bug 197886 - Avoid overflow of UUID generator
Bug 658312 - Allow mapped attribute types to be quoted
Bug 197886 - Initialize return value for UUID generation code
Bug 658309 - Process escaped characters in managed entry mappings
Bug 659456 - Incorrect usage of ber_printf() in winsync code
Bug 641944 - Don't normalize non-DN RDN values
Bug 658312 - Invalid free in Managed Entry plug-in
Bug 661792 - Valid managed entry config rejected
Bug 588791 - Allow anonymous rootDSE access only
Bug 606439 - Creating server instance with LDAPI takes too long
Bug 632670 - Chain-on-update logs managed-entries-plugin errors
Bug 621008 - parsing purge RUV from changelog at startup fails
Bug 663191 - Don't use $USER in DSCreate.pm
Bug 663597 - Memory leaks in normalization code
Bug 659131 - Incorrect RDN values added with multi-valued RDN
Bug 661102 - Rename of managed entries not handled correctly
Bug 193297 - Call pre-bind plug-ins for all SASL bind steps
Bug 201652 - LDAPv2 bind with expired password doesn't unbind correctly
Bug 470576 - Migration could do addition checks before commiting actions
Bug 481195 - Missing op type in log when password change required
Bug 509897 - Validate dnaScope to ensure it is a legal DN
Bug 505722 - Allow ntGroup to have mail attribute present
Bug 543633 - replication problems if supplier is killed under update load
Bug 671033 - range sharing between server breaks with SASL/GSSAPI auth
Bug 527912 - setup-ds.pl appears to hang when DNS is unreachable
Bug 252249 - Add pkg-config file for plug-in developers
Bug 670616 - Allow SSF to be set for local (ldapi) connections
Bug 668862 - init scripts return wrong error code
Bug 674430 - Improve error messages for attribute uniqueness
Bug 675853 - dirsrv crash segfault in need_new_pw()
Bug 678646 - Ignore tombstone operations in managed entry plug-in
Bug 671199 - Don't allow other to write to rundir
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 674852 - crash in ldap-agent when using OpenLDAP
Bug 681345 - setup-ds.pl should set SuiteSpotGroup automatically
Bug 680558 - Winsync plugin fails to restrain itself to the configured subtree
Bug 504803 - Allow maxlogsize to be set if logmaxdiskspace is -1
Bug 687974 - (cov#10715) Fix Coverity uninitialized variables issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 688341 - (cov#10708) Fix Coverity code maintainability issues
Bug 688341 - (cov#10706,10707) Fix Coverity code maintainability issues
Bug 688341 - (cov#10704,10705) Fix Coverity code maintainability issues
Bug 688341 - (cov#10703) Fix Coverity code maintainability issues
Bug 688341 - (cov#10702) Fix Coverity code maintainability issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 689537 - (cov#10699) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10610) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10608) Fix Coverity NULL pointer dereferences
Bug 689952 - (cov#10581) Incorrect bit check in replication connection code
Bug 690526 - (cov#10734) Double free in dse_add()
Bug 690649 - (cov#10731) Use of free'd pointer in indexing code
Bug 690882 - (cov#10571) Incorrect sizeof use in uuid code
Bug 690882 - (cov#10636,10637) Useless comparison in attrcrypt
Bug 690882 - (cov#10703) Incorrect sizeof use in vattr code
Bug 690882 - (cov#10572,10710) Incorrect sizeof use in uuid code
Bug 691574 - (cov#10579) Check return value of ber_scanf() in sort code
Bug 691574 - (cov#10577) Check return types when adding RDN CSNs
Bug 691574 - (cov#10573) check return value in GER code
Bug 691574 - (cov#10575) Check return value of ldap_get_option
Bug 691574 - (cov#10573) Fix syntax error
Bug 693868 - Add managed entry config during in-place upgrade
Add Auto Membership Plug-in
Bug 698428 - Make auto membership use Slapi_DN for DN comparisons
Bug 695779 - windows sync can lose old values when a new value is added
Bug 700557 - Linked attrs callbacks access free'd pointers after close
Bug 700557 - Leak at shutdown in DNA plug-in
Bug 703304 - Auto membership alternate config area should override default area
Bug 703304 - Auto membership alternate config area should override default area
Bug 703530 - Allow Managed Entry config to be relocated
Bug 697961 - memberOf needs to be triggered by internal operations
Bug 710377 - Import with chain-on-update crashes ns-slapd
Split automember regex rules into separate entries
Bug 713209 - Update sudo schema
Bug 691313 - Need TLS/SSL error messages in repl status and errors log
Bug 723937 - Slapi_Counter API broken on 32-bit F15
Bug 725743 - Make memberOf use PRMonitor for it's operation lock
Bug 729717 - Fatal error messages when syncing deletes from AD
Bug 728510 - Run dirsync after sending updates to AD
Bug 730387 - Add slapi_rwlock API and use POSIX rwlocks
Bug 611438 - Add Account Usability Control support
Bug 728592 - Allow ns-slapd to start with an invalid server cert
Bug 732541 - Ignore error 32 when adding automember config
Bug 722292 - Entries in DS are not updated properly when using WinSync API
Bug 722292 - (cov#11030) Leak of mapped_sdn in winsync rename code
Bug 735114 - renaming a managed entry does not update mepmanagedby
Bug 739172 - Allow separate fractional attrs for incremental and total protocols
Bug 743966 - Compiler warnings in account usability plugin
Bug 744946 - (cov#11046) NULL dereference in IDL code
Bug 752155 - Use restorecon after creating init script lock file
Ticket 284 - Remove unnecessary SNMP MIB files
ticket 304 - Fix kernel version checking in dsktune
ticket 211 - Use of uninitialized variables in ldbm_back_modify()
ticket 181 - Allow PAM passthru plug-in to have multiple config entries
coverity 12563 Read from pointer after free (fix 2)
Ticket 211 - Avoid preop range requests non-DNA operations
Ticket #503 - Improve AD version in winsync log message
Ticket 549 - DNA plugin no longer reports additional info when range is depleted
Ticket 556 - Don't overwrite certmap.conf during upgrade
Noriko Hosoi (427):
544089 - Referential Integrity Plugin does not take into account the attribute
557224 - subtree rename breaks the referential integrity plug-in
247413 - Incorrect error on multiple identical value add
559016 - Attempting to rename suffix returns inappropriate errors
555577 - Syntax validation fails for "ou=NetscapeRoot" tree
Undo - 555577 - Syntax validation fails for "ou=NetscapeRoot" tree
560827 - Admin Server templates: DistinguishName validation fails
548535 - memory leak in attrcrypt
563365 - Error handling problems in the backend functions
565664 - Incorrect parameter for CACHE_RETURN()
565987 - redhat-ds-base fails to build due to undefined struct
527848 - make sure db upgrade to 4.7 and later works correctly
539618 - Replication bulk import reports Invalid read/write
567370 - dncache: assertion failure in id2entry_delete
548115 - memory leak in schema reload
555970 - missing read lock in the combination of cos and nsview
539618 - Replication bulk import reports Invalid read/write
570667 - MMR: simultaneous total updates on the masters cause
Merge branch '547503'
Revert "Merge branch '547503'"
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
199923 - subtree search fails to find items under a db
570107 - The import of LDIFs with base-64 encoded DNs fails,
572649 - DS8.2 crashes on RHEL 4 (corresponding to bob, ber_2 test case)
573060 - DN normalizer: ESC HEX HEX is not normalized (
573896 - initializing subtree with invalid syntax crashes ns-slapd
515805 - Stop "initialize Database" crashes the server
548533 - memory leak in Repl_5_Inc_Protocol_new
Fixing a syntax error
Update to New DN Format
585905 - ACL with targattrfilters error crashes the server
574167 - An escaped space at the end of the RDN value is not
590931 - rhds81 import - hardcoded pages_limit for nsslapd-import-cache-autosize
591336 - Implementing upgrade DN format tool
593453 - Creating password policy with ns-newpolicy.pl on Replicated
593110 - backup-restore does not ALWAYS work
593899 - adding specific ACI causes very large mem allocate request
588867 - entryusn plugin fails on solaris
593899 - adding specific ACI causes very large mem allocate request
595893 - Base DN in SASL mapping is not normalized
511112 - Password history limited to 25 values
597375 - Deleting LDBM database causes backup/restore problem
574101 - MODRDN request never returns - possible deadlock
606920 - anonymous resource limit - nstimelimit -
605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl
578296 - Attribute type entrydn needs to be added when subtree
609256 - Selinux: pwdhash fails if called via Admin Server CGI
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
616618 - 389 v1.2.5 accepts 2 identical entries with different DN formats
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
616608 - SIGBUS in RDN index reads on platforms with strict alignments
619595 - Upgrading sub suffix under non-normalized suffix disappears
513166 - Simple Paged result doesn't provide the server's estimate
621928 - Unable to enable replica (rdn problem?) on 1.2.6 rc6
Bug 194531 - db2bak is too noisy
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 623118 - Simplepaged results going in infinite loop
Bug 614511 - fix coverity Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverity Defect Type: Resource leaks issues CID 11975 - 12051
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverity Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892
Bug 616500 - fix coverity Defect Type: Resource leaks issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 613056 - fix coverify Defect Type: Null pointer dereferences
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Removed redundant code in agmt_new_from_entry
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 628300 - DN is not normalized in dn/entry cache when an entry is added, entrydn is not present in search results
Bug 531642 - EntryUSN: RFE: a configuration option to make entryusn "global"
Bug 627738 - The cn=monitor statistics entries for the dnentry cache do not change or change very rarely
DN normalizer should check the invalid type
Bug 627738 - The cn=monitor statistics entries for the dnentry cache
Bug 629710 - escape_string does not check '\<HEX><HEX>'
agmtlist_shutdown (repl5_agmtlist.c) had an illegal access defect.
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 631862 - crash - delete entries not in cache + referint
Bug 625014 - SubTree Renames: ModRDN operation fails and the server hangs if the entry is moved to "under" the same DN.
Bug 558099 - Enhancement request: Log more information about the search result being a paged one
Bug 635987 - Incorrect sub scope search result with
Bug 606920 - anonymous resource limit- nstimelimit -
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 639289 - Adding a new CN entry with UpperCase UTF-8 Character
Bug 640027 - Naming attribute with a special char sequence parsing bug
Bug 640854 - changelog db: _cl5WriteOperation: failed to
Bug 637852 - sasl_io_start_packet: failed - read only 3 bytes
Bug 586966 - Sample update script has syntax errors
Bug 586973 - Sample update ldif points to non-existent directory
Bug 602456 - Allow to add any cn=config attributes;
Bug 244229 - targetattr not verified against schema when setting an aci
Bug 643532 - Incorrect DNs sometimes returned on searches
Bug 592397 - Upgrade tool dn2rdn: it does not clean up
Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
Bug 629681 - Retro Changelog trimming does not behave as expected
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 638773 - permissions too loose on pid and lock files
Bug 491733 - dbtest crashes
Bug 329751 - "nested" filtered roles searches candidates more
Bug 567282 - server can not abandon searchRequest of "simple paged results"
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Bug 651571 - When attrcrypt is on, entrydn is stored in the backend db
Bug 661918 - 389-ds MMR plugin's changelogdb path logic is incorrect
Bug 182507 - clear-password mod from replica is discarded before changelogged
Bug 602456 - Allow to add any cn=config attributes;
Bug 489379 - passwordExpirationTime in entry being added
Bug 663484 - Entry usn plugin fails to properly tag entries on initialization
Bug 664563 - GER: ger for non-present entry is not correct
Bug 653007 - db2ldif export of clear text passwords lacks storage scheme
Bug 667488 - Cannot recreate numsubordinates index with db2index
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 615100 - log rotationinfo always recreated at startup,
Bug 624442 - MMR: duplicate replica ID
Bug 669205 - db2bak: backed up changelog should include RUVs
Bug 616850 - ldapmodify failed to reject the replace operation
Bug 627993 - Inconsistent storage of password expiry times
Bug 627993 - Inconsistent storage of password expiry times
dn2rdn should respect the DB version info
Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any error message in logs
Bug 624547 - attrcrypt should query the given slot/token for
Bug 668619 - slapd stops responding
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
Bug 615052 - intrinsics and 64-bit atomics code fails to compile
Bug 616213 - insufficient stack size for HP-UX on PA-RISC
Bug 675265 - preventryusn gets added to entries on a failed delete
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 450016 - RFE- Console display values in KB/MB/GB
Cancelling commit aef19508c4f618285116d2068655183658f564d9
Bug 625424 - repl-monitor.pl doesn't work in hub node
Bug 679978 - modifying attr value crashes the server, which is supposed to
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 668909 - Can't modify replication agreement in some cases
Bug 684996 - Exported tombstone cannot be imported correctly
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 689866 - ns-newpwpolicy.pl needs to use the new DN format
Bug 690955 - Mrclone fails due to the replica generation id mismatch
Bug 696407 - If an entry with a mixed case RDN is turned to be
Bug 697027 - 1 - minor memory leaks found by Valgrind + TET
Bug 697027 - 2 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 4 - minor memory leaks found by Valgrind + TET
Bug 697027 - 5 - minor memory leaks found by Valgrind + TET
Bug 697027 - 6 - minor memory leaks found by Valgrind + TET
Bug 697027 - 7 - minor memory leaks found by Valgrind + TET
Bug 697027 - 8 - minor memory leaks found by Valgrind + TET
Bug 697027 - 9 - minor memory leaks found by Valgrind + TET
Bug 697027 - 10 - minor memory leaks found by Valgrind + TET
Bug 697027 - 11 - minor memory leaks found by Valgrind + TET
Bug 697027 - 12 - minor memory leaks found by Valgrind + TET
Bug 697027 - 13 - minor memory leaks found by Valgrind + TET
Bug 697027 - 14 - minor memory leaks found by Valgrind + TET
Bug 697027 - 15 - minor memory leaks found by Valgrind + TET
Bug 697027 - 16 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 700215 - ldclt core dumps
Bug 668619 - slapd stops responding
Bug 709826 - Memory leak: when extra referrals configured
Bug 706179 - DS can not restart after create a new objectClass has entryusn attribute
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 718303 - Intensive updates on masters could break the consumer's cache
Merge branch '718303'
Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9
Bug 712855 - Directory Server 8.2 logs "Netscape Portable
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 732153 - subtree and user account lockout policies implemented?
Introducing an environment variable USE_VALGRIND to clean up the entry cache and dn cache on exit.
Bug 744945 - nsslapd-counters attribute value cannot be set to "off"
Keep unhashed password psuedo-attribute in the adding entry
Reduce the number of DN normalization
Bug 745259 - Incorrect entryUSN index under high load
Bug 750622 - Fix Coverity (11104) Resource leak:
Bug 750624 - Fix Coverity (11053) Explicit null dereferenced:
Bug 750625 - Fix Coverity (11066) Unused pointer value
Bug 750625 - Fix Coverity (11065) Uninitialized pointer read
Bug 750625 - Fix Coverity (11064) Dereference before null check
Bug 750625 - Fix Coverity (11061) Resource leak
Bug 750625 - Fix Coverity (11060) Dereference null return value
Bug 750625 - Fix Coverity (11058, 11059) Dereference null return value
Bug 750625 - Fix Coverity (11057) Dereference null return value
Bug 750625 - Fix Coverity (11055) Explicit null dereferenced
Bug 750625 - Fix Coverity (11054) Dereference after null check
Bug 750625 - Fix Coverity (11117) Uninitialized pointer read
Bug 750625 - Fix Coverity (11116) Uninitialized pointer read
Bug 750625 - Fix Coverity (11114, 11115) Uninitialized value use
Bug 750625 - Fix Coverity (11113) Uninitialized pointer read
Bug 750625 - Fix Coverity (11112) Uninitialized pointer read
Bug 750625 - Fix Coverity (11109, 11110, 11111) Uninitialized pointer read
Bug 750625 - Fix Coverity (11108) Sizeof not portable
Bug 750625 - Fix Coverity (11107) Dereference before null check
Bug 750625 - Fix Coverity (11096) Explicit null dereferenced
Bug 750625 - Fix Coverity (11095) Explicit null dereferenced
Bug 750625 - Fix Coverity (11094) Dereference after null check
Bug 750625 - Fix Coverity (11091) Unchecked return value
Bug 750625 - Fix Coverity (11055-2) Explicit null dereferenced
Bug 750625 - Fix Coverity (11062) Resource leak
Bug 750625 - Fix Coverity (11066-2) Unused pointer value
Bug 750625 - Fix Coverity (12195) Dereference after null check
Bug 750625 - Fix Coverity (12196) Dereference before null check
Bug 750625 - Fix Coverity (11066-3) Unused pointer value
Bug 745259 - Incorrect entryUSN index under high load in
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 26 - Please support setting
Trac Ticket 75 - Unconfigure plugin opperations are being called.
Trac Ticket 168 - minssf should not apply to rootdse
Trac Ticket #18 - Data inconsitency during replication
Trac Ticket #52 - FQDN set to nsslapd-listenhost
Trac Ticket 139 - eliminate the use of char *dn in favor of Slapi_DN *dn
Trac Ticket 35 - Log not clear enough on schema errors
Trac Ticket #274 - Reindexing entryrdn fails if
Trac Ticket #275 - Invalid read reported by valgrind
Trac Ticket 51 - memory leaks in 389-ds-base-1.2.8.2-1.el5?
Trac Ticket #27 - SASL/PLAIN binds do not work
Trac Ticket #84 - 389 Directory Server Unnecessary Checkpoints
Trac Ticket #169 - allow 389 to use db5
Trac Ticket #34 - remove-ds.pl does not remove everything
Trac Ticket #26 - Please support setting defaultNamingContext in the rootdse.
Trac Ticket #298 - crash when replicating orphaned tombstone entry
Trac Ticket #290 - server hangs during shutdown if betxn pre/post op fails
Trac Ticket #290 - server hangs during shutdown if betxn pre/post op fails
Minor bug fix introcuded by commit 69c9f3bf7dd9fe2cadd5eae0ab72ce218b78820e
Trac Ticket #260 - 389 DS does not support multiple
Fixing compiler warnings
Trac Ticket #303 - make DNA range requests work with transactions
coverity 12606 Logically dead code
Trac Ticket #46 - setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #46 (revised) - setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #46 - (take 3) setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #46 - (additional) setup-ds-admin.pl does not
Trac Ticket #45 - Fine Grained Password policy:
Trac Ticket #46 - (additional 2) setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #335 - transaction retries need to be cache aware
Trac Ticket #338 - letters in object's cn get converted to
Trac Ticket #310 - Avoid calling escape_string() for logged DNs
Trac Ticket #19 - Convert entryUSN plugin to transaction aware type
Trac Ticket #345 - db deadlock return should not log error
Trac Ticket #359 - Database RUV could mismatch the one in changelog under the stress
Trac Ticket #359 - Database RUV could mismatch the one
Trac Ticket #338 - letters in object's cn get converted to
Trac Ticket #335 - transaction retries need to be cache aware
Bug 829213 - unhashed#user#password visible after changing password https://bugzilla.redhat.com/show_bug.cgi?id=829213
Bug 829213 - unhashed#user#password visible after changing password https://bugzilla.redhat.com/show_bug.cgi?id=829213
Bug 829213 - unhashed#user#password visible after changing password https://bugzilla.redhat.com/show_bug.cgi?id=829213
audit log does not log unhashed password: enabled, by default.
Trac Ticket 396 - Account Usability Control Not Working [Bug 835238]
Trac Ticket #402 - nhashed#user#password in entry extension
Trac Ticket #346 - Slow ldapmodify operation time for large
Trac Ticket #346 - Slow ldapmodify operation time for large
Coverity defects
Conflict definition in SLAPI_ATTR_FLAG macros
Trac Ticket #412 - memberof performance enhancement
Trac Ticket #409 - Report during startup if nsslapd-cachememsize is too small
Ticket 328 - make sure all internal search filters are properly escaped
Ticket 328 - make sure all internal search filters are properly escaped
Trac Ticket #346 - Slow ldapmodify operation time for large
Trac Ticket #437 - variable dn should not be used in ldbm_back_delete
Coverity defects
Trac Ticket #340 - Change on SLAPI_MODRDN_NEWSUPERIOR is not
Trac Ticket #466 - entry_apply_mod - ADD: Failed to set
Coverity defects
Trac Ticket #470 - 389 prevents from adding a posixaccount
Coverity defects
Trac Ticket #453 - db2index with -tattrname:type,type fails
Trac Ticket #351 - use betxn plugins by default
Bug 863576 - Dirsrv deadlock locking up IPA
Trac Ticket #455 - Insufficient rights to unhashed#user#password
Trac Ticket #451 - Allow db2ldif to be quiet
Coverity defects
Fixing compiler warnings in the posix-winsync plugin
Trac Ticket #494 - slapd entered to infinite loop during new index addition
Coverity defects
Trac Ticket #498 - Cannot abaondon simple paged result search
Trac Ticket #448 - Possible to set invalid macros in Macro ACIs
Trac Ticket #391 - Slapd crashes when deleting backends
Coverity fixes
Trac Ticket #190 - Un-resolvable server in replication
Trac Ticket #443 - Deleting attribute present in
Trac Ticket #447 - Possible to add invalid attribute
Trac Ticket #311 - IP lookup failing with multiple DNS
Trac Ticket #500 - Newly created users with
Trac Ticket #519 - Search with a complex filter including range search is slow
Trac Ticket #520 - RedHat Directory Server crashes (segfaults) when moving ldap entry
Coverity defect: Resource leak 13110
Trac Ticket #276 - Multiple threads simultaneously working on
Trac Ticket #531 - loading an entry from the database should use str2entry_fast
Trac Ticket #536 - Clean up compiler warnings for 1.3
Trac Ticket #531 - loading an entry from the database should use str2entry_f
Trac Ticket #499 - Handling URP results is not corrrect
bump version to 1.3.0.rc1
Trac Ticket #522 - betxn: upgrade is not implemented yet
Ticket 509 - lock-free access to be->be_suffixlock
Trac Ticket #497 - Escaped character cannot be used in the substring search filter
Ticket #422 - 389-ds-base - Can't call method "getText"
Ticket #547 - Incorrect assumption in ndn cache
Ticket #545 - Segfault during initial LDIF import: str2entry_dupcheck()
Ticket #542 - Cannot dynamically set nsslapd-maxbersize
Ticket #537 - Improvement of range search
Ticket #342 - better error message when cache overflows
Ticket #505 - use lock-free access name2asi and oid2asi tables (additional)
Ticket #529 - dn normalization must handle multiple space characters in attributes
Ticket #502 - setup-ds.pl script should wait if "semanage.trans.LOCK" presen
Ticket #563 - DSCreate.pm: Error messages cannot be used in the if expression since they could be localized.
Ticket #533 - only scan for attributes to decrypt if there are encrypted attrs configured
Ticket #543 - Sorting with attributes in ldapsearch gives incorrect result
Ticket #572 - PamConfig schema not updated during upgrade
Ticket #576 - DNA: use event queue for config update only at the start up
Ticket #579 - Error messages encountered when using POSIX winsync
Ticket #584 - Existence of an entry is not checked when its password is to be deleted
bump version to 1.3.1.pre.a1
Ticket #561 - disable writing unhashed#user#password to changelog
Coverity Fix
Ticket #490 - Slow role performance when using a lot of roles
Ticket #603 - A logic error in str2simple
Ticket #604 - Required attribute not checked during search operation
Ticket #585 - Behaviours of "db2ldif -a <filename>" and "db2ldif.pl -a <filename>" are inconsistent
Fixing a compiler warning introduced by Ticket #561 - disable writing unhashed#user#password to changelog
Ticket #634 - Deadlock in DNA plug-in
Ticket #627 - ns-slapd crashes sporadically with segmentation fault in libslapd.so
Ticket #47308 - unintended information exposure when anonymous access is set to rootdse
Ticket 623 - cleanAllRUV task fails to cleanup config upon completion
Ticket #618 - Crash at shutdown while stopping replica agreements
Ticket 458 - Need to properly check if the password admin dn is set
Ticket #529 - dn normalization must handle multiple space characters in attributes
Ticket #608 - Posix Winsync plugin throws "posix_winsync_end_update_cb: failed to add task entry" error message
Ticket #529 - dn normalization must handle multiple space characters in attributes
Ticket 623 - cleanAllRUV task fails to cleanup config upon completion
Ticket #529 - dn normalization must handle multiple space characters in attributes
Ticket 528 - RFE - get rid of instance specific scripts
Ticket #47330 - changelog db extension / upgrade is obsolete
Ticket #529 - dn normalization must handle multiple space characters in attributes
Ticket #47330 - changelog db extension / upgrade is obsolete
Ticket #529 - dn normalization must handle multiple space
Ticket #47347 - Simple paged results should support async search
Ticket #529 - dn normalization must handle multiple space characters in attributes
Coverity fix -- 13164: Logically dead code
Ticket #47343 - 389-ds-base: Does not support aarch64 in f19 and rawhide
bump version to 1.3.1.0
Ticket #47327 - error syncing group if group member user is not synced
Trac Ticket #402 - nhashed#user#password in entry extension
bump version to 1.3.1.1
Rich Megginson (400):
Net::LDAP password modify extop breaks; msgid in response is 0xFF
Clean up assert for entrydn
Bug 543080 - Bitwise plugin fails to return the exact matched entries for Bitwise search filter
Bug 537466 - nsslapd-distribution-plugin should not require plugin name to begin with "lib"
bump version to 1.2.6.a2
Do not use syntax plugins directly for filters, indexing
wrap new style matching rule plugins for use in old style indexing code
change extensible filter code to use new syntax function style mr funcs
change syntax plugins to register required matching rule plugins
crash looking up compat syntax; numeric string syntax using integer; make octet string ordering work correctly
fix memory leak in attr replace when replacement fails
fix dso linking issues found by fedora 13 linking
problems linking with -z defs
389 DS segfaults on libsyntax-plugin.so - part 1
389 DS segfaults on libsyntax-plugin.so - part 2
389 DS segfaults on libsyntax-plugin.so - part 3
Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location on non-RHEL/Fedora OS
Bug 568196 - Install DS8.2 on Solaris fails
Bug 568196 - Install DS8.2 on Solaris fails - part 2
Bug 551198 - LDAPI: incorrect logging to access log
bump version to 1.2.6.a3
fix various memory leaks
Bug 551198 - LDAPI: incorrect logging to access log - part 2
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
cleanup build warnings
Bug 571514 - upgrade to 1.2.6 should upgrade 05rfc4523.ldif (cert schema)
Bug 570905 - postalAddress syntax should allow empty lines (should allow $$)
Add support for additional schema/matching rules included with 389
Bug 572677 - Memory leak in searches including GER control
Bug 571677 - Busy replica on consumers when directly deleting a replication conflict
Bug 576074 - search filters with parentheses fail
Bug 567429 - slapd didn't close connection and get into CLOSE_WAIT state
Bug 578167 - repl. of mod/replace deletes multi-valued attrs
Bug 561575 - setup-ds-admin fails to supply nsds5ReplicaName when configuring via ConfigFile
Bug 572162 - the string "|*" within a search filter on a non-indexed attribute returns all elements.
Bug 576644 - segfault while multimaster replication (paired node won't find deleted entries)
start of 1.2.6.a4
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Fix too few args for format warning in acllas
Bug 586571 - DS Console shows escaped DNs
Bug 591685 - Server instances Fail to Start on Solaris due to Library Path and pcre
bump console version to 1.2.3
Repl Session API needs to check for NULL api before init
Bug 593392 - setup-ds-admin.pl -k creates world readable file
Bug 595874 - 99user.ldif getting overpopulated
bump version to 1.2.6.a5
bump version to 1.2.6.rc1
bump version to 1.2.6.rc2
bump version to 1.2.6.rc3
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 603942 - null deref in _ger_parse_control() for subjectdn
bump version to 1.2.6.rc4
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 602530 - coverity: op_shared_modify: compare pre, post and original entries before freeing them
Bug 602531 - coverity: op_shared_delete: compare preop entry and GLUE_PARENT_ENTRY before freeing them
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 610177 - fix coverity Defect Type: Uninitialized variables issues
Bug 610276 - fix coverity Defect Type: API usage errors issues
Bug 611850 - fix coverity Defect Type: Error handling issues
Bug 614242 - C99/ANSI C++ related compile errors on HP-UX
Bug 547503 - replication broken again, with 389 MMR replication and TCP errors
Bug 617013 - repl-monitor.pl use cpu upto 90%
fix build failures due to libtool problems
Bug 617629 - Missing aliases in new schema files
Bug 617862 - Replication: Unable to delete tombstone errors
bump version to 1.2.7.a1
Bug 610281 - fix coverity Defect Type: Control flow issues - daemon.c:write_function()
Bug 610281 - fix coverity Defect Type: Control flow issues - last repl init status
postalAddress syntax does not accept empty values
ger should support both "dn" and "distinguishedName"
openldap - ldap_url_parse_ext is not part of the public api
fix memleak in ldbm_config_read_instance_entries
Add -x option to ldap tools when using openldap
openldap - add support for missing controls, add ldif api, fix NSS usage
port client tools to use openldap API
use the mozldap versions of the proxy auth control create function
document slapi wrappers for openldap/mozldap functions that differ
fix some compiler warnings
use strcasecmp with ptype and type->bv_val
ber_printf 'o' cannot handle NULL bv_val
fix the url_parse logic when looking for a missing suffix DN
openldap ldapsearch uses -LLL to suppress # version: N
add ldaptool_opts for the non BUNDLE case in Makefile.am
openldap ldapsearch returns empty line at end of LDIF output
have to use LDAP_OPT_X_TLS_NEVER to defeat cert hostname checking
openldap_read_function needs to set EWOULDBLOCK if the buffer is empty
do not terminate unwrapped LDIF line with another newline
slapi_ldap_url_parse must handle multiple host:port in url
convert mozldap host list to openldap uri list
move the out pointer back if continuation lines were removed
check src < *out only; only check for \nspace if src < *out - 2
use slapi_ldap_url_parse in the acl code
do not un-null-terminate normalized DN until new url is constructed
implement slapi_ldap_explode_dn and slapi_ldap_explode_rdn
use slapi_pblock_set to set the ldap result code for the be postop plugins
pass the string copy to slapi_dn_normalize_original
bug 614511 - fix coverity null reference - revert macro aci $dn logic
fix compiler warnings - unused vars/funcs, invalid casts
use slapi_mods_init_passin/get_ldapmods_passout if modifying the smods
Have to explicitly set protocol version to 3
Only check modrdn ops for backend/suffix correctness if not the default backend
Bug 634561 - Server crushes when using Windows Sync Agreement
openldap ber_init will assert if the bv->bv_val is NULL
add the account policy plugin and related server code, schema, and config
fix pblock memory leak
do not register pre/post op plugins if disabled
add support for global inactivity limit
fix typos in Makefile.am, acctpolicy schema
bump version to 1.2.7.a2
remove extra format argument; use %lu for size_t printf format
Bug 644013 - uniqueness plugin segfault bug
bump version to 1.2.7.a3
bump to 1.2.7.a4
bump version to 1.2.7.a5
put replication config entries in separate file
bump version to 1.2.7.a6
bump version to 1.2.7.1
bump version to 1.2.7.2
bump version to 1.2.7.3
bump version to 1.2.7.4
Bug 515329 - Multiple mods in one operation can result in an inconsistent replica
bump version to 1.2.8.a1
Bug 642046 - Segfault when using SASL/GSSAPI multimaster replication, possible krb5_creds doublefree
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 622907 - support piped passwords to perl-based maintenance commands
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 576534 - Password displayed on console when entered in command-line utilities
Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the log output to the text file
bump version to 1.2.8.a2
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 676689 - crash while adding a new user to be synced to windows
Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used
Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8
Bug 677774 - DS fails to start after reboot
Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result searches
Bug 675320 - empty modify operation with repl on or lastmod off will crash server
bump version to 1.2.9.a1 - console version to 1.2.4
Bug 677705 - ds-logpipe.py script is failing to validate "-s" and "--serverpid" options with "-t".
Bug 676655 - winsync stops working after server restart
Bug 680555 - ns-slapd segfaults if I have more than 100 DBs
Bug 514190 - setup-ds-admin.pl --debug does not log to file
Bug 518890 - setup-ds-admin.pl - improve hostname validation
Bug 644784 - Memory leak in "testbind.c" plugin
Bug 683250 - slapd crashing when traffic replayed
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10690 #10689 attrcrypt_get_ssl_cert_name() - fix coverity resource leak issues
Bug 690584 - #10688 - dblayer_make_env - fix coverity resource leak issues
Bug 690584 - #10669 #10668 cl5ImportLDIF - fix coverity resource leak issues
Bug 690584 - #10658 linked_attrs_pre_op - fix coverity resource leak issues
Bug 690584 - #10655 acllas__handle_group_entry - fix coverity resource leak issues
Bug 690584 - #10654 #10653 str2entry_dupcheck - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 690584 - #10643 hash_rootpw - fix coverity resource leak issues
Bug 690584 - #10641 reslimit_bv2int - fix coverity resource leak issues
Bug 691422 - sdt_destroy - fix coverity control flow issues
Bug 691422 - ldbm_back_upgradedb - fix coverity control flow issues
Bug 691422 - csnplFree - fix coverity control flow issues
Bug 691422 - SetUnicodeStringFromUTF_8 - fix coverity control flow issues
Bug 691422 - cl5DeleteRUV - fix coverity control flow issues
Bug 691422 - acl_read_access_allowed_on_entry - fix coverity control flow issues
Bug 691422 - search_internal_callback_pb - fix coverity control flow issues
Bug 691422 - cl5WriteRUV - fix coverity control flow issues
Bug 691422 - windows_replay_update - fix coverity control flow issues
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 692937 - Replica install fails after step for "enable GSSAPI for replication"
Bug 692331 - Segfault on index update during full replication push on 1.2.7.5
Bug 693451 - cannot use localized matching rules
Bug 693455 - nsMatchingRule does not work with multiple values
Bug 693503 - matching rules do not inherit from superior attribute type
Bug 693466 - Unable to change schema online
Bug 692991 - rhds82 - windows_tot_run: failed to obtain data to send to the consumer; LDAP error - -1
Bug 693473 - rhds82 rfe - windows_tot_run to log Sizelimit exceeded instead of LDAP error - -1
Bug 693962 - Full replica push loses some entries with multi-valued RDNs
Bug 694336 - Group sync hangs Windows initial Sync
Bug 700145 - userpasswd not replicating
Bug 703990 - Support upgrade from Red Hat Directory Server
bump console version to 1.2.5
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 707015 - Cannot disable SSLv3 and use TLS only
bump version to 1.2.9.a2
Bug 707384 - only allow FIPS approved cipher suites in FIPS mode
Bug 711906 - ns-slapd segfaults using suffix referrals
Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package
Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
bump console version to 1.2.6
Bug 697694 - rhds82 - incr update state stop_fatal_error "requires administrator action", with extop_result: 9
Bug 716980 - winsync uses old AD entry if new one not found
add support for ldif files with changetype: add
writing Inf file shows SchemaFile = ARRAY(0xhexnum)
look for separate openldap ldif library
bump version to 1.2.9.a3
Bug 709468 - RSA Authentication Server timeouts when using simple paged results on RHDS 8.2.
Bug 720059 - RDN with % can cause crashes or missing entries
bump version to 1.2.9.0
Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package
Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry contains a comma
Bug 723937 - replication failing on RUV errors
bump version to 1.2.9.1
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.2
Bug 727511 - ldclt SSL search requests are failing with "illegal error numbe
bump version to 1.2.9.3
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.4
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.5
Bug 729378 - delete user subtree container in AD + modify password in DS == DS crash
Bug 723937 - replication failing on RUV errors
Bug 729369 - upgrade DB to upgrade from entrydn to entryrdn format is not working.
make sure the DBVERSION file ends in a newline
bump version to 1.2.10.a1
Bug 633803 - passwordisglobalpolicy attribute brakes TLS chaining
Bug 733103 - large targetattr list with syntax errors cause server to crash or hang
Bug 703990 - cross-platform - Support upgrade from Red Hat Directory Server
Bug 735121 - simple paged search + ip/dns based ACI hangs server
Bug 695736 - Providing native systemd file for upcoming F15 Feature Systemd
Bug 590826 - Reloading database from ldif causes changelog to emit "data no longer matches" errors
Bug 736712 - Modifying ruv entry deadlocks server
Add support for pre/post db transaction plugins
Make all backend operations transaction aware
Bug 741744 - MOD operations with chained delete/add get back error 53 on backend config
Bug 742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
Bug 741744 - part2 - MOD operations with chained delete/add get back error 53 on backend config
Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
bump version to 1.2.10.a2
bump version to 1.2.10.a3
fix transaction support in ldbm_delete
bump version to 1.2.10.a4
set the ENTRY_POST_OP for modrdn betxnpostoperation plugins
pass the plugin config entry to the plugin init function
make memberof transaction aware and able to be a betxnpostoperation plugin
Bug 741744 - part3 - MOD operations with chained delete/add get back error 53
bump version to 1.2.10.a5
Change referential integrity to be a betxnpostoperation plugin
Use new PLUGIN_CONFIG_ENTRY feature to allow switching between txn and regular
Bug 748575 - rhds81 modrn operation and 100% cpu use in replication
Bug 748575 - part 2 - rhds81 modrdn operation and 100% cpu use in replication
Bug 751495 - 'setup-ds.pl -u' fails with undefined routine 'updateSystemD'
bump version to 1.2.10.a6
Bug 751645 - crash when simple paged fails to send entry to client
csn_as_string - use slapi_uN_to_hex instead of sprintf
uniqueid formatting - use slapi_u8_to_hex instead of sprintf
fix member variable name error in slapi_uniqueIDFormat
reduce calls to csn_as_string and slapi_log_error
csn_init_as_string should not use sscanf
use slapi_hexchar2int and slapi_str_to_u8 everywhere
Bug 755754 - Unable to start dirsrv service using systemd
Bug 755725 - 389 programs linked against openldap crash during shutdown
Ticket 1 - pre-normalize filter and pre-compile substring regex - and other optimizations
Ticket #162 - Infinite loop / spin inside strcmpi_fast, acl_read_access_allowed_on_attr, server DoS
bak2db gets stuck in infinite loop
Ticket #256 - debug build assertion in ACL_EvalDestroy()
bump version to 1.2.10.a7
Ticket #167 - Mixing transaction and non-transaction plugins can cause deadlock
fix mep sdn compiler warnings
add a hack to disable sasl hostname canonicalization - helps with testing when you don't want to set up correct host name resolution and/or cannot set the default system hostname
Ticket #12 - 389 DS DNA Plugin / Replication failing on GSSAPI
Ticket #257 - repl-monitor doesn't work if leftmost hostnames are the same
fix recent compiler warnings
Ticket #15 - Get rid of rwlock.h/rwlock.c and just use slapi_rwlock instead
fix compiler warnings
Remove redundant code - make a global into a static
Ticket #262 - pid file not removed with systemd
fix mozldap build issues
Ticket #264 - upgrade needs better check for "server is running"
Ticket #263 - add systemd include directive
bump version to 1.2.10.rc1
change version to 1.2.10.a8
Ticket #272 - add tombstonenumsubordinates to schema
bump version to 1.2.10.rc1
Ticket #161 - Review and address latest Coverity issues
Ticket #22 - RFE: Support sendmail LDAP routing schema
Ticket #29 - Samba3-schema is missing sambaTrustedDomainPassword
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
fix a couple of minor coverity issues
Ticket #87 - Manpages fixes
Ticket #13 - slapd process exits when put the database on read only mode while updates are coming to the server
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #277 - cannot set repl referrals or state
Ticket #278 - Schema replication update failed: Invalid syntax
Ticket #277 - cannot set repl referrals or state
Ticket #279 - filter normalization does not use matching rules
Ticket #280 - extensible binary filters do not work
Ticket #281 - TLS not working with latest openldap
coverity 12488 Resource leak In attr_index_config(): Leak of memory or pointers to system resources
bump version to 1.2.10.rc2
fix compiler warning in acct policy plugin
bump version to 1.2.11.a1
Ticket #294 - 389 DS Segfaults during replica install in FreeIPA
coverity uninit var and resource leak
Revert "Ticket #111 - ability to control behavior of modifyTimestamp/modifiersName"
Revert "Ticket #167 - Mixing transaction and non-transaction plugins can cause deadlock"
Revert "Change referential integrity to be a betxnpostoperation plugin"
Revert "make memberof transaction aware and able to be a betxnpostoperation plugin"
Revert "pass the plugin config entry to the plugin init function"
coverity 12559 Uninitialized pointer read In ldbm_back_modify(): Reads an uninitialized pointer or its target
Ticket #281 - TLS not working with latest openldap
Trac Ticket #298 - crash when replicating orphaned tombstone entry
Ticket #301 - implement transaction support using thread local storage
init txn thread private data for all database modes
handle null smods
memleak in mep_parse_config_entry
memleak in normalize_mods2bvals
destroy the entry cache and dn cache in the dse post op delete callback
Ticket #289 - allow betxn plugin config changes
coverity 12563 Read from pointer after free
Ticket 317 - RHDS fractional replication with excluded password policy attributes leads to wrong error messages.
Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash
Ticket #320 - allow most plugins to be betxn plugins
Ticket #324 - Sync with group attribute containing () fails
Ticket #324 - redux: Sync with group attribute containing () fails
Ticket #316 and Ticket #70 - add post add/mod and AD add callback hooks
Ticket #261 - Add Solaris i386
Ticket #331 - transaction errors with db 4.3 and db 4.2
schema def must have DESC '' - close paren must be preceded by space
Ticket #336 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
Ticket #336 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
Ticket #347 - IPA dirsvr seg-fault during system longevity test
Ticket #348 - crash in ldap_initialize with multiple threads
Ticket #351 - use betxn plugins by default
Ticket #353 - coverity 12625-12629 - leaks, dead code, unchecked return
Ticket #348 - crash in ldap_initialize with multiple threads
Ticket #351 - use betxn plugins by default
bump version to 1.3.0.a1
Ticket #358 - managed entry doesn't delete linked entry
Trac Ticket #359 - Database RUV could mismatch the one in changelog under the stress
console .2 is still compatible with 389 .3 for now
Ticket #321 - krbExtraData is being null modified and replicated on each ssh login
Ticket #360 - ldapmodify returns Operations error
Ticket #382 - DS Shuts down intermittently
Ticket #383 - usn + mmr = deletions are not replicated
Ticket #389 - ADD operations not in audit log
Ticket #360 - ldapmodify returns Operations error - fix delete caching
fix coverity issues with uninit vals, no return checking
Ticket #360 - ldapmodify returns Operations error - fix delete caching
improve txn test index handling
Ticket #387 - managed entry sometimes doesn't delete the managed entry
Ticket #387 - managed entry sometimes doesn't delete the managed entry
Ticket 378 - unhashed#user#password visible after changing password
Ticket #405 - referint modrdn not working if case is different
Ticket #406 - Impossible to rename entry (modrdn) with Attribute Uniqueness plugin enabled
Ticket #410 - Referential integrity plug-in does not work when update interval is not zero
Ticket #425 - support multiple winsync plugins
Ticket #430 - server to server ssl client auth broken with latest openldap
Ticket #426 - support posix schema for user and group sync
coverity - mbo dead code - winsync leaks, deadcode, null check, test code
Ticket #355 - winsync should not delete entry that appears to be out of scope
Ticket #440 - periodic dirsync timed event causes server to loop repeatedly
fix mem leaks with parent dn log message, setting winsync windows domain
coverity - posix winsync mem leaks, null check, deadcode, null ref, use after free
fix coverity resource leak in windows_plugin_add
Ticket #426 - support posix schema for user and group sync
Ticket #374 - consumer can go into total update mode for no reason
Ticket #461 - fix build problem with mozldap c sdk
Ticket #462 - add test for include file mntent.h
Ticket #463 - different parameters of getmntent in Solaris
add eclipse generated files to the ignore list
fix compiler warnings in ticket 374 code
Ticket #491 - multimaster_extop_cleanruv returns wrong error codes
minor fixes for bdb 4.2/4.3 and mozldap
Ticket #322 - Create DOAP description for the 389 Directory Server project
Ticket #508 - part 1 - lock-free access to FrontendConfig structure
Ticket #508 - part 2 - lock-free access to FrontendConfig structure
Ticket #612 - improve dbgen rdn generation, output
Ticket #613 - ldclt: add timestamp, interval, nozeropad, other improvements
Ticket #47299 - allow cmdline scripts to work with non-root user
Ticket #47302 - get rid of sbindir start/stop/restart slapd scripts
Ticket #47303 - start/stop/restart dirsrv scripts should report and error if no instances
Ticket #47302 - get rid of sbindir start/stop/restart slapd scripts
Ticket #565 - turbo mode and replication - allow disable of turbo mode
Ticket #633 - allow nsslapd-nagle to be disabled, and also tcp cork
Ticket #613 - ldclt: add timestamp, interval, nozeropad, other improvements
Ticket #47312 - replace PR_GetFileInfo with PR_GetFileInfo64
Ticket #574 - problems with dbcachesize disk space calculation
Ticket #47312 - replace PR_GetFileInfo with PR_GetFileInfo64
Ticket #47299 - allow cmdline scripts to work with non-root user
Ticket #47336 - logconv.pl -m not working for all stats
Ticket #47341 - logconv.pl -m time calculation is wrong
Ticket #47348 - add etimes to per second/minute stats
Ticket #47349 - DS instance crashes under a high load
Ticket #47348 - add etimes to per second/minute stats
Ticket #47362 - ipa upgrade selinuxusermap data not replicating
Ticket #47359 - new ldap connections can block ldaps and ldapi connections
Ticket #47378 - fix recent compiler warnings
Ticket #47377 - make listen backlog size configurable
Ticket #47375 - flush_ber error sending back start_tls response will deadlock
Thierry bordaz (tbordaz) (6):
Ticket #487 - Possible to add invalid attribute values to PAM PTA plugin configuration
Ticket 600 - Server should return unavailableCriticalExtension when processing a badly formed critical control
Ticket 616 - High contention on computed attribute lock
Ticket 618 - Crash at shutdown while stopping replica agreements
Merge branch '389-ds-base-1.3.1' of ssh://git.fedorahosted.org/git/389/ds into 389-ds-base-1.3.1
Ticket 47325 - Crash at shutdown on a replica aggrement
nturpin (1):
Ticket #3: acl cache overflown problem
root (4):
Bug 480787 - Autoconf parameter --with and --without
Ticket #326 - MemberOf plugin should work on all backends
Ticket #337 - RFE - Improve CLEANRUV functionality
Ticket #216 - RFE - Disable replication agreements
---
.gitignore | 5
389-doap.rdf | 47
Makefile.am | 373
Makefile.in | 6592 +
README | 11
VERSION.sh | 10
aclocal.m4 | 7265 --
compile | 240
config.guess | 529
config.h.in | 37
config.sub | 379
configure |39980 +++++-------
configure.ac | 216
depcomp | 343
dirsrv.pc.in | 7
include/base/dbtbase.h | 2
include/base/file.h | 3
include/base/lexer.h | 126
include/base/rwlock.h | 91
include/i18n.h | 115
include/ldaputil/ldaputil.h | 10
include/libaccess/aclerror.h | 1
include/libaccess/aclproto.h | 15
include/libaccess/aclstruct.h | 2
include/libaccess/dbtlibaccess.h | 3
include/public/nsacl/aclapi.h | 7
install-sh | 538
ldap/admin/src/base-initconfig.in | 44
ldap/admin/src/initconfig.in | 37
ldap/admin/src/logconv.pl | 3338 -
ldap/admin/src/scripts/10cleanupldapi.pl | 23
ldap/admin/src/scripts/10fixrundir.pl | 11
ldap/admin/src/scripts/20betxn.pl | 72
ldap/admin/src/scripts/50acctusabilityplugin.ldif | 21
ldap/admin/src/scripts/50automemberplugin.ldif | 15
ldap/admin/src/scripts/50fixNsState.pl | 240
ldap/admin/src/scripts/50managedentriesplugin.ldif | 16
ldap/admin/src/scripts/50refintprecedence.ldif | 4
ldap/admin/src/scripts/50rootdnaccesscontrolplugin.ldif | 15
ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif | 5
ldap/admin/src/scripts/60upgradeschemafiles.pl | 2
ldap/admin/src/scripts/70upgradefromldif.pl | 108
ldap/admin/src/scripts/80upgradednformat.pl.in | 307
ldap/admin/src/scripts/81changelog.pl | 34
ldap/admin/src/scripts/90subtreerename.pl | 21
ldap/admin/src/scripts/91subtreereindex.pl | 148
ldap/admin/src/scripts/DSCreate.pm.in | 420
ldap/admin/src/scripts/DSDialogs.pm | 12
ldap/admin/src/scripts/DSMigration.pm.in | 49
ldap/admin/src/scripts/DSSharedLib.in | 227
ldap/admin/src/scripts/DSUpdate.pm.in | 50
ldap/admin/src/scripts/DSUtil.pm.in | 857
ldap/admin/src/scripts/DialogManager.pm | 241
ldap/admin/src/scripts/DialogManager.pm.in | 241
ldap/admin/src/scripts/Inf.pm | 67
ldap/admin/src/scripts/Migration.pm.in | 20
ldap/admin/src/scripts/Setup.pm.in | 20
ldap/admin/src/scripts/SetupDialogs.pm.in | 31
ldap/admin/src/scripts/SetupLog.pm | 8
ldap/admin/src/scripts/bak2db.in | 76
ldap/admin/src/scripts/bak2db.pl.in | 146
ldap/admin/src/scripts/cleanallruv.pl.in | 154
ldap/admin/src/scripts/db2bak.in | 76
ldap/admin/src/scripts/db2bak.pl.in | 139
ldap/admin/src/scripts/db2index.in | 83
ldap/admin/src/scripts/db2index.pl.in | 213
ldap/admin/src/scripts/db2ldif.in | 160
ldap/admin/src/scripts/db2ldif.pl.in | 293
ldap/admin/src/scripts/dbverify.in | 68
ldap/admin/src/scripts/dn2rdn.in | 58
ldap/admin/src/scripts/dnaplugindepends.ldif | 3
ldap/admin/src/scripts/ds-logpipe.py | 223
ldap/admin/src/scripts/exampleupdate.ldif | 2
ldap/admin/src/scripts/exampleupdate.sh | 10
ldap/admin/src/scripts/fixup-linkedattrs.pl.in | 140
ldap/admin/src/scripts/fixup-memberof.pl.in | 148
ldap/admin/src/scripts/ldif2db.in | 109
ldap/admin/src/scripts/ldif2db.pl.in | 243
ldap/admin/src/scripts/ldif2ldap.in | 173
ldap/admin/src/scripts/logregex.py | 16
ldap/admin/src/scripts/migrate-ds.pl.in | 13
ldap/admin/src/scripts/monitor.in | 170
ldap/admin/src/scripts/ns-accountstatus.pl.in | 708
ldap/admin/src/scripts/ns-activate.pl.in | 710
ldap/admin/src/scripts/ns-inactivate.pl.in | 712
ldap/admin/src/scripts/ns-newpwpolicy.pl.in | 217
ldap/admin/src/scripts/remove-ds.pl.in | 38
ldap/admin/src/scripts/repl-monitor.pl.in | 86
ldap/admin/src/scripts/restart-dirsrv.in | 28
ldap/admin/src/scripts/restoreconfig.in | 52
ldap/admin/src/scripts/saveconfig.in | 53
ldap/admin/src/scripts/schema-reload.pl.in | 139
ldap/admin/src/scripts/setup-ds.pl.in | 17
ldap/admin/src/scripts/setup-ds.res.in | 37
ldap/admin/src/scripts/start-dirsrv.in | 45
ldap/admin/src/scripts/stop-dirsrv.in | 36
ldap/admin/src/scripts/suffix2instance.in | 58
ldap/admin/src/scripts/syntax-validate.pl.in | 151
ldap/admin/src/scripts/template-bak2db.in | 44
ldap/admin/src/scripts/template-bak2db.pl.in | 102
ldap/admin/src/scripts/template-cleanallruv.pl.in | 54
ldap/admin/src/scripts/template-db2bak.in | 23
ldap/admin/src/scripts/template-db2bak.pl.in | 93
ldap/admin/src/scripts/template-db2index.in | 26
ldap/admin/src/scripts/template-db2index.pl.in | 192
ldap/admin/src/scripts/template-db2ldif.in | 79
ldap/admin/src/scripts/template-db2ldif.pl.in | 238
ldap/admin/src/scripts/template-dbverify.in | 41
ldap/admin/src/scripts/template-dn2rdn.in | 23
ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in | 120
ldap/admin/src/scripts/template-fixup-memberof.pl.in | 131
ldap/admin/src/scripts/template-ldif2db.in | 23
ldap/admin/src/scripts/template-ldif2db.pl.in | 194
ldap/admin/src/scripts/template-ldif2ldap.in | 15
ldap/admin/src/scripts/template-monitor.in | 14
ldap/admin/src/scripts/template-ns-accountstatus.pl.in | 810
ldap/admin/src/scripts/template-ns-activate.pl.in | 810
ldap/admin/src/scripts/template-ns-inactivate.pl.in | 810
ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in | 253
ldap/admin/src/scripts/template-restart-slapd.in | 12
ldap/admin/src/scripts/template-restoreconfig.in | 16
ldap/admin/src/scripts/template-saveconfig.in | 17
ldap/admin/src/scripts/template-schema-reload.pl.in | 120
ldap/admin/src/scripts/template-start-slapd.in | 12
ldap/admin/src/scripts/template-stop-slapd.in | 11
ldap/admin/src/scripts/template-suffix2instance.in | 15
ldap/admin/src/scripts/template-syntax-validate.pl.in | 131
ldap/admin/src/scripts/template-upgradedb.in | 17
ldap/admin/src/scripts/template-upgradednformat.in | 5
ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in | 149
ldap/admin/src/scripts/template-verify-db.pl.in | 223
ldap/admin/src/scripts/template-vlvindex.in | 16
ldap/admin/src/scripts/upgradedb.in | 59
ldap/admin/src/scripts/upgradednformat.in | 71
ldap/admin/src/scripts/usn-tombstone-cleanup.pl.in | 155
ldap/admin/src/scripts/verify-db.pl.in | 267
ldap/admin/src/scripts/vlvindex.in | 64
ldap/admin/src/slapd.inf.in | 2
ldap/admin/src/template-initconfig.in | 18
ldap/docs/LICENSE.txt | 132
ldap/docs/README.txt | 11
ldap/include/ldaplog.h | 32
ldap/ldif/50posix-winsync-plugin.ldif | 21
ldap/ldif/50replication-plugins.ldif | 27
ldap/ldif/template-baseacis.ldif.in | 2
ldap/ldif/template-bitwise.ldif.in | 6
ldap/ldif/template-dnaplugin.ldif.in | 2
ldap/ldif/template-dse.ldif.in | 125
ldap/ldif/template-pampta.ldif.in | 2
ldap/ldif/template-suffix-db.ldif.in | 1
ldap/libraries/libavl/avl.c | 7
ldap/schema/00core.ldif | 72
ldap/schema/01core389.ldif | 75
ldap/schema/02common.ldif | 19
ldap/schema/05rfc4523.ldif | 14
ldap/schema/05rfc4524.ldif | 30
ldap/schema/06inetorgperson.ldif | 5
ldap/schema/10automember-plugin.ldif | 123
ldap/schema/10dna-plugin.ldif | 204
ldap/schema/10mep-plugin.ldif | 104
ldap/schema/30ns-common.ldif | 4
ldap/schema/50ns-directory.ldif | 4
ldap/schema/50ns-mail.ldif | 10
ldap/schema/60acctpolicy.ldif | 47
ldap/schema/60nis.ldif | 2
ldap/schema/60pam-plugin.ldif | 3
ldap/schema/60posix-winsync-plugin.ldif | 44
ldap/schema/60qmail.ldif | 24
ldap/schema/60radius.ldif | 132
ldap/schema/60sabayon.ldif | 10
ldap/schema/60samba3.ldif | 36
ldap/schema/60sendmail.ldif | 54
ldap/schema/60sudo.ldif | 58
ldap/servers/plugins/acct_usability/acct_usability.c | 464
ldap/servers/plugins/acct_usability/acct_usability.h | 63
ldap/servers/plugins/acctpolicy/acct_config.c | 143
ldap/servers/plugins/acctpolicy/acct_init.c | 191
ldap/servers/plugins/acctpolicy/acct_plugin.c | 313
ldap/servers/plugins/acctpolicy/acct_util.c | 257
ldap/servers/plugins/acctpolicy/acctpolicy.h | 81
ldap/servers/plugins/acctpolicy/sampleconfig.ldif | 40
ldap/servers/plugins/acctpolicy/samplepolicy.ldif | 27
ldap/servers/plugins/acl/acl.c | 349
ldap/servers/plugins/acl/acl.h | 50
ldap/servers/plugins/acl/acl_ext.c | 154
ldap/servers/plugins/acl/aclanom.c | 24
ldap/servers/plugins/acl/acleffectiverights.c | 153
ldap/servers/plugins/acl/aclgroup.c | 21
ldap/servers/plugins/acl/aclinit.c | 2
ldap/servers/plugins/acl/acllas.c | 472
ldap/servers/plugins/acl/acllist.c | 130
ldap/servers/plugins/acl/aclparse.c | 718
ldap/servers/plugins/acl/aclplugin.c | 37
ldap/servers/plugins/acl/aclproxy.c | 232
ldap/servers/plugins/acl/aclutil.c | 118
ldap/servers/plugins/automember/automember.c | 2673
ldap/servers/plugins/automember/automember.h | 134
ldap/servers/plugins/bitwise/bitwise.c | 23
ldap/servers/plugins/chainingdb/cb.h | 8
ldap/servers/plugins/chainingdb/cb_add.c | 105
ldap/servers/plugins/chainingdb/cb_bind.c | 196
ldap/servers/plugins/chainingdb/cb_compare.c | 101
ldap/servers/plugins/chainingdb/cb_config.c | 34
ldap/servers/plugins/chainingdb/cb_conn_stateless.c | 104
ldap/servers/plugins/chainingdb/cb_controls.c | 38
ldap/servers/plugins/chainingdb/cb_delete.c | 125
ldap/servers/plugins/chainingdb/cb_init.c | 6
ldap/servers/plugins/chainingdb/cb_instance.c | 507
ldap/servers/plugins/chainingdb/cb_modify.c | 133
ldap/servers/plugins/chainingdb/cb_modrdn.c | 176
ldap/servers/plugins/chainingdb/cb_monitor.c | 6
ldap/servers/plugins/chainingdb/cb_schema.c | 4
ldap/servers/plugins/chainingdb/cb_search.c | 223
ldap/servers/plugins/chainingdb/cb_utils.c | 30
ldap/servers/plugins/collation/collate.c | 40
ldap/servers/plugins/collation/orfilter.c | 19
ldap/servers/plugins/cos/cos.c | 80
ldap/servers/plugins/cos/cos_cache.c | 841
ldap/servers/plugins/cos/cos_cache.h | 1
ldap/servers/plugins/deref/deref.c | 28
ldap/servers/plugins/dna/dna.c | 1843
ldap/servers/plugins/http/http_impl.c | 85
ldap/servers/plugins/linkedattrs/fixup_task.c | 119
ldap/servers/plugins/linkedattrs/linked_attrs.c | 261
ldap/servers/plugins/linkedattrs/linked_attrs.h | 7
ldap/servers/plugins/memberof/memberof.c | 1164
ldap/servers/plugins/memberof/memberof.h | 11
ldap/servers/plugins/memberof/memberof_config.c | 275
ldap/servers/plugins/mep/mep.c | 2837
ldap/servers/plugins/mep/mep.h | 130
ldap/servers/plugins/pam_passthru/pam_passthru.h | 49
ldap/servers/plugins/pam_passthru/pam_ptconfig.c | 726
ldap/servers/plugins/pam_passthru/pam_ptimpl.c | 81
ldap/servers/plugins/pam_passthru/pam_ptpreop.c | 683
ldap/servers/plugins/passthru/passthru.h | 4
ldap/servers/plugins/passthru/ptbind.c | 6
ldap/servers/plugins/passthru/ptconfig.c | 43
ldap/servers/plugins/passthru/ptconn.c | 8
ldap/servers/plugins/passthru/ptpreop.c | 17
ldap/servers/plugins/posix-winsync/README | 50
ldap/servers/plugins/posix-winsync/posix-group-func.c | 1018
ldap/servers/plugins/posix-winsync/posix-group-func.h | 23
ldap/servers/plugins/posix-winsync/posix-group-task.c | 441
ldap/servers/plugins/posix-winsync/posix-winsync-config.c | 302
ldap/servers/plugins/posix-winsync/posix-winsync.c | 1801
ldap/servers/plugins/posix-winsync/posix-wsp-ident.h | 53
ldap/servers/plugins/pwdstorage/smd5_pwd.c | 9
ldap/servers/plugins/referint/referint.c | 1503
ldap/servers/plugins/replication/cl4_api.c | 2
ldap/servers/plugins/replication/cl5.h | 1
ldap/servers/plugins/replication/cl5_api.c | 2859
ldap/servers/plugins/replication/cl5_api.h | 122
ldap/servers/plugins/replication/cl5_clcache.c | 78
ldap/servers/plugins/replication/cl5_clcache.h | 2
ldap/servers/plugins/replication/cl5_config.c | 247
ldap/servers/plugins/replication/cl5_init.c | 2
ldap/servers/plugins/replication/cl5_test.c | 2
ldap/servers/plugins/replication/cl_crypt.c | 203
ldap/servers/plugins/replication/cl_crypt.h | 53
ldap/servers/plugins/replication/csnpl.c | 74
ldap/servers/plugins/replication/legacy_consumer.c | 31
ldap/servers/plugins/replication/llist.c | 8
ldap/servers/plugins/replication/repl-session-plugin.h | 119
ldap/servers/plugins/replication/repl.h | 16
ldap/servers/plugins/replication/repl5.h | 170
ldap/servers/plugins/replication/repl5_agmt.c | 598
ldap/servers/plugins/replication/repl5_agmtlist.c | 158
ldap/servers/plugins/replication/repl5_connection.c | 206
ldap/servers/plugins/replication/repl5_inc_protocol.c | 1468
ldap/servers/plugins/replication/repl5_init.c | 369
ldap/servers/plugins/replication/repl5_mtnode_ext.c | 19
ldap/servers/plugins/replication/repl5_plugins.c | 362
ldap/servers/plugins/replication/repl5_prot_private.h | 9
ldap/servers/plugins/replication/repl5_protocol.c | 192
ldap/servers/plugins/replication/repl5_protocol_util.c | 569
ldap/servers/plugins/replication/repl5_replica.c | 1146
ldap/servers/plugins/replication/repl5_replica_config.c | 2661
ldap/servers/plugins/replication/repl5_replica_dnhash.c | 26
ldap/servers/plugins/replication/repl5_replica_hash.c | 30
ldap/servers/plugins/replication/repl5_ruv.c | 581
ldap/servers/plugins/replication/repl5_ruv.h | 25
ldap/servers/plugins/replication/repl5_tot_protocol.c | 39
ldap/servers/plugins/replication/repl5_total.c | 26
ldap/servers/plugins/replication/repl5_updatedn_list.c | 2
ldap/servers/plugins/replication/repl_bind.c | 7
ldap/servers/plugins/replication/repl_compare.c | 18
ldap/servers/plugins/replication/repl_connext.c | 158
ldap/servers/plugins/replication/repl_controls.c | 2
ldap/servers/plugins/replication/repl_extop.c | 976
ldap/servers/plugins/replication/repl_globals.c | 13
ldap/servers/plugins/replication/repl_init.c | 1
ldap/servers/plugins/replication/repl_objset.c | 9
ldap/servers/plugins/replication/repl_session_plugin.c | 188
ldap/servers/plugins/replication/repl_shared.h | 17
ldap/servers/plugins/replication/replutil.c | 155
ldap/servers/plugins/replication/test_repl_session_plugin.c | 335
ldap/servers/plugins/replication/urp.c | 301
ldap/servers/plugins/replication/urp.h | 5
ldap/servers/plugins/replication/urp_glue.c | 9
ldap/servers/plugins/replication/urp_tombstone.c | 9
ldap/servers/plugins/replication/windows_connection.c | 167
ldap/servers/plugins/replication/windows_inc_protocol.c | 113
ldap/servers/plugins/replication/windows_private.c | 1647
ldap/servers/plugins/replication/windows_protocol_util.c | 1254
ldap/servers/plugins/replication/windows_tot_protocol.c | 132
ldap/servers/plugins/replication/windowsrepl.h | 60
ldap/servers/plugins/replication/winsync-plugin.h | 495
ldap/servers/plugins/retrocl/retrocl.c | 51
ldap/servers/plugins/retrocl/retrocl.h | 2
ldap/servers/plugins/retrocl/retrocl_create.c | 13
ldap/servers/plugins/retrocl/retrocl_po.c | 20
ldap/servers/plugins/retrocl/retrocl_trim.c | 20
ldap/servers/plugins/rever/des.c | 72
ldap/servers/plugins/rever/rever.c | 8
ldap/servers/plugins/roles/roles_cache.c | 132
ldap/servers/plugins/roles/roles_plugin.c | 52
ldap/servers/plugins/rootdn_access/rootdn_access.c | 703
ldap/servers/plugins/rootdn_access/rootdn_access.h | 55
ldap/servers/plugins/schema_reload/schema_reload.c | 63
ldap/servers/plugins/shared/plugin-utils.h | 112
ldap/servers/plugins/shared/utils.c | 508
ldap/servers/plugins/statechange/statechange.c | 55
ldap/servers/plugins/syntaxes/bin.c | 142
ldap/servers/plugins/syntaxes/bitstring.c | 68
ldap/servers/plugins/syntaxes/ces.c | 172
ldap/servers/plugins/syntaxes/cis.c | 321
ldap/servers/plugins/syntaxes/deliverymethod.c | 32
ldap/servers/plugins/syntaxes/dn.c | 72
ldap/servers/plugins/syntaxes/facsimile.c | 32
ldap/servers/plugins/syntaxes/guide.c | 32
ldap/servers/plugins/syntaxes/int.c | 96
ldap/servers/plugins/syntaxes/nameoptuid.c | 73
ldap/servers/plugins/syntaxes/numericstring.c | 148
ldap/servers/plugins/syntaxes/sicis.c | 32
ldap/servers/plugins/syntaxes/string.c | 455
ldap/servers/plugins/syntaxes/syntax.h | 61
ldap/servers/plugins/syntaxes/syntax_common.c | 118
ldap/servers/plugins/syntaxes/tel.c | 94
ldap/servers/plugins/syntaxes/teletex.c | 32
ldap/servers/plugins/syntaxes/telex.c | 31
ldap/servers/plugins/syntaxes/validate.c | 17
ldap/servers/plugins/syntaxes/value.c | 134
ldap/servers/plugins/uiduniq/7bit.c | 76
ldap/servers/plugins/uiduniq/plugin-utils.h | 96
ldap/servers/plugins/uiduniq/uid.c | 368
ldap/servers/plugins/uiduniq/utils.c | 249
ldap/servers/plugins/usn/usn.c | 344
ldap/servers/plugins/usn/usn.h | 3
ldap/servers/plugins/usn/usn_cleanup.c | 44
ldap/servers/plugins/views/views.c | 36
ldap/servers/slapd/abandon.c | 6
ldap/servers/slapd/add.c | 407
ldap/servers/slapd/agtmmap.c | 114
ldap/servers/slapd/apibroker.c | 58
ldap/servers/slapd/attr.c | 229
ldap/servers/slapd/attrlist.c | 26
ldap/servers/slapd/attrsyntax.c | 448
ldap/servers/slapd/auditlog.c | 85
ldap/servers/slapd/auth.c | 95
ldap/servers/slapd/ava.c | 2
ldap/servers/slapd/back-ldbm/ancestorid.c | 104
ldap/servers/slapd/back-ldbm/archive.c | 91
ldap/servers/slapd/back-ldbm/back-ldbm.h | 126
ldap/servers/slapd/back-ldbm/backentry.c | 6
ldap/servers/slapd/back-ldbm/cache.c | 176
ldap/servers/slapd/back-ldbm/dbhelp.c | 18
ldap/servers/slapd/back-ldbm/dblayer.c | 2757
ldap/servers/slapd/back-ldbm/dblayer.h | 14
ldap/servers/slapd/back-ldbm/dbsize.c | 7
ldap/servers/slapd/back-ldbm/dbtest.c | 349
ldap/servers/slapd/back-ldbm/dbverify.c | 6
ldap/servers/slapd/back-ldbm/dbversion.c | 53
ldap/servers/slapd/back-ldbm/dn2entry.c | 63
ldap/servers/slapd/back-ldbm/filterindex.c | 260
ldap/servers/slapd/back-ldbm/findentry.c | 147
ldap/servers/slapd/back-ldbm/id2entry.c | 197
ldap/servers/slapd/back-ldbm/idl.c | 58
ldap/servers/slapd/back-ldbm/idl_common.c | 7
ldap/servers/slapd/back-ldbm/idl_new.c | 535
ldap/servers/slapd/back-ldbm/idl_shim.c | 17
ldap/servers/slapd/back-ldbm/import-merge.c | 32
ldap/servers/slapd/back-ldbm/import-threads.c | 1814
ldap/servers/slapd/back-ldbm/import.c | 460
ldap/servers/slapd/back-ldbm/import.h | 49
ldap/servers/slapd/back-ldbm/index.c | 626
ldap/servers/slapd/back-ldbm/init.c | 89
ldap/servers/slapd/back-ldbm/instance.c | 178
ldap/servers/slapd/back-ldbm/ldbm_add.c | 1183
ldap/servers/slapd/back-ldbm/ldbm_attr.c | 392
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c | 1025
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c | 2
ldap/servers/slapd/back-ldbm/ldbm_bind.c | 42
ldap/servers/slapd/back-ldbm/ldbm_compare.c | 27
ldap/servers/slapd/back-ldbm/ldbm_config.c | 344
ldap/servers/slapd/back-ldbm/ldbm_config.h | 10
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 1019
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 1605
ldap/servers/slapd/back-ldbm/ldbm_index_config.c | 676
ldap/servers/slapd/back-ldbm/ldbm_instance_config.c | 273
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 693
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 1556
ldap/servers/slapd/back-ldbm/ldbm_search.c | 609
ldap/servers/slapd/back-ldbm/ldbm_usn.c | 74
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 893
ldap/servers/slapd/back-ldbm/matchrule.c | 50
ldap/servers/slapd/back-ldbm/misc.c | 318
ldap/servers/slapd/back-ldbm/monitor.c | 60
ldap/servers/slapd/back-ldbm/nextid.c | 17
ldap/servers/slapd/back-ldbm/parents.c | 141
ldap/servers/slapd/back-ldbm/perfctrs.c | 26
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 86
ldap/servers/slapd/back-ldbm/seq.c | 5
ldap/servers/slapd/back-ldbm/sort.c | 57
ldap/servers/slapd/back-ldbm/start.c | 109
ldap/servers/slapd/back-ldbm/upgrade.c | 56
ldap/servers/slapd/back-ldbm/vlv.c | 398
ldap/servers/slapd/back-ldbm/vlv_srch.c | 17
ldap/servers/slapd/back-ldbm/vlv_srch.h | 3
ldap/servers/slapd/back-ldif/back-ldif.h | 2
ldap/servers/slapd/back-ldif/modrdn.c | 12
ldap/servers/slapd/backend.c | 197
ldap/servers/slapd/backend_manager.c | 59
ldap/servers/slapd/bind.c | 391
ldap/servers/slapd/bulk_import.c | 39
ldap/servers/slapd/charray.c | 32
ldap/servers/slapd/compare.c | 43
ldap/servers/slapd/computed.c | 169
ldap/servers/slapd/config.c | 61
ldap/servers/slapd/configdse.c | 102
ldap/servers/slapd/connection.c | 474
ldap/servers/slapd/conntable.c | 10
ldap/servers/slapd/control.c | 26
ldap/servers/slapd/csn.c | 77
ldap/servers/slapd/csngen.c | 67
ldap/servers/slapd/csnset.c | 4
ldap/servers/slapd/daemon.c | 913
ldap/servers/slapd/delete.c | 128
ldap/servers/slapd/dn.c | 1954
ldap/servers/slapd/dse.c | 901
ldap/servers/slapd/dynalib.c | 29
ldap/servers/slapd/entry.c | 1425
ldap/servers/slapd/entrywsi.c | 180
ldap/servers/slapd/errormap.c | 18
ldap/servers/slapd/eventq.c | 4
ldap/servers/slapd/extendop.c | 35
ldap/servers/slapd/factory.c | 1
ldap/servers/slapd/fe.h | 26
ldap/servers/slapd/fedse.c | 113
ldap/servers/slapd/filter.c | 231
ldap/servers/slapd/filter.h | 1
ldap/servers/slapd/filtercmp.c | 26
ldap/servers/slapd/filterentry.c | 36
ldap/servers/slapd/generation.c | 1
ldap/servers/slapd/getfilelist.c | 4
ldap/servers/slapd/index_subsystem.c | 28
ldap/servers/slapd/intrinsics.h | 7
ldap/servers/slapd/ldaputil.c | 966
ldap/servers/slapd/lenstr.c | 6
ldap/servers/slapd/libglobs.c | 2603
ldap/servers/slapd/libslapd.def | 5
ldap/servers/slapd/log.c | 374
ldap/servers/slapd/log.h | 20
ldap/servers/slapd/main.c | 402
ldap/servers/slapd/mapping_tree.c | 508
ldap/servers/slapd/match.c | 96
ldap/servers/slapd/modify.c | 745
ldap/servers/slapd/modrdn.c | 369
ldap/servers/slapd/modutil.c | 77
ldap/servers/slapd/operation.c | 49
ldap/servers/slapd/opshared.c | 504
ldap/servers/slapd/pagedresults.c | 775
ldap/servers/slapd/passwd_extop.c | 204
ldap/servers/slapd/pblock.c | 676
ldap/servers/slapd/plugin.c | 373
ldap/servers/slapd/plugin_acl.c | 50
ldap/servers/slapd/plugin_internal_op.c | 204
ldap/servers/slapd/plugin_mr.c | 474
ldap/servers/slapd/plugin_syntax.c | 482
ldap/servers/slapd/protect_db.c | 24
ldap/servers/slapd/protect_db.h | 7
ldap/servers/slapd/proto-slap.h | 176
ldap/servers/slapd/proxyauth.c | 253
ldap/servers/slapd/psearch.c | 76
ldap/servers/slapd/pw.c | 1036
ldap/servers/slapd/pw.h | 8
ldap/servers/slapd/pw_mgmt.c | 174
ldap/servers/slapd/pw_retry.c | 124
ldap/servers/slapd/rdn.c | 141
ldap/servers/slapd/referral.c | 29
ldap/servers/slapd/regex.c | 35
ldap/servers/slapd/resourcelimit.c | 84
ldap/servers/slapd/result.c | 104
ldap/servers/slapd/rootdse.c | 12
ldap/servers/slapd/rwlock.c | 257
ldap/servers/slapd/rwlock.h | 65
ldap/servers/slapd/sasl_io.c | 167
ldap/servers/slapd/sasl_map.c | 277
ldap/servers/slapd/saslbind.c | 239
ldap/servers/slapd/schema.c | 301
ldap/servers/slapd/schemaparse.c | 13
ldap/servers/slapd/search.c | 121
ldap/servers/slapd/security_wrappers.c | 36
ldap/servers/slapd/slap.h | 499
ldap/servers/slapd/slapi-plugin-compat4.h | 6
ldap/servers/slapd/slapi-plugin.h | 1632
ldap/servers/slapd/slapi-private.h | 85
ldap/servers/slapd/slapi2nspr.c | 79
ldap/servers/slapd/slapi_counter.c | 24
ldap/servers/slapd/snmp_collator.c | 23
ldap/servers/slapd/sort.c | 11
ldap/servers/slapd/ssl.c | 343
ldap/servers/slapd/start_tls_extop.c | 230
ldap/servers/slapd/str2filter.c | 7
ldap/servers/slapd/task.c | 184
ldap/servers/slapd/test-plugins/testbind.c | 1
ldap/servers/slapd/test-plugins/testdbinterop.c | 6
ldap/servers/slapd/test-plugins/testpostop.c | 1
ldap/servers/slapd/thread_data.c | 174
ldap/servers/slapd/time.c | 91
ldap/servers/slapd/tools/dbscan.c | 91
ldap/servers/slapd/tools/ldclt/data.c | 83
ldap/servers/slapd/tools/ldclt/ldapfct.c | 1209
ldap/servers/slapd/tools/ldclt/ldclt.c | 98
ldap/servers/slapd/tools/ldclt/ldclt.h | 18
ldap/servers/slapd/tools/ldclt/ldcltU.c | 24
ldap/servers/slapd/tools/ldclt/parser.c | 19
ldap/servers/slapd/tools/ldclt/scalab01.c | 190
ldap/servers/slapd/tools/ldclt/threadMain.c | 24
ldap/servers/slapd/tools/ldclt/utils.c | 16
ldap/servers/slapd/tools/ldclt/utils.h | 1
ldap/servers/slapd/tools/ldif.c | 4
ldap/servers/slapd/tools/mmldif.c | 17
ldap/servers/slapd/tools/pwenc.c | 12
ldap/servers/slapd/tools/rsearch/addthread.c | 51
ldap/servers/slapd/tools/rsearch/infadd.c | 7
ldap/servers/slapd/tools/rsearch/nametable.c | 4
ldap/servers/slapd/tools/rsearch/scripts/dbgen.pl.in | 92
ldap/servers/slapd/tools/rsearch/sdattable.c | 6
ldap/servers/slapd/tools/rsearch/searchthread.c | 96
ldap/servers/slapd/uniqueid.c | 99
ldap/servers/slapd/utf8compare.c | 25
ldap/servers/slapd/util.c | 677
ldap/servers/slapd/uuid.c | 22
ldap/servers/slapd/value.c | 62
ldap/servers/slapd/valueset.c | 124
ldap/servers/slapd/vattr.c | 147
ldap/servers/snmp/NETWORK-SERVICES-MIB.txt | 650
ldap/servers/snmp/RFC-1215.txt | 38
ldap/servers/snmp/RFC1155-SMI.txt | 119
ldap/servers/snmp/SNMPv2-CONF.txt | 322
ldap/servers/snmp/SNMPv2-SMI.txt | 344
ldap/servers/snmp/SNMPv2-TC.txt | 772
ldap/servers/snmp/ldap-agent.c | 26
ldap/servers/snmp/main.c | 28
ldap/servers/snmp/netscape-ldap.mib | 759
ldap/systools/idsktune.c | 100
lib/base/crit.cpp | 6
lib/base/ereport.cpp | 2
lib/base/file.cpp | 24
lib/base/lexer.cpp | 1015
lib/base/plist.cpp | 3
lib/base/pool.cpp | 10
lib/base/rwlock.cpp | 168
lib/base/util.cpp | 15
lib/ldaputil/cert.c | 4
lib/ldaputil/certmap.c | 409
lib/ldaputil/dbconf.c | 8
lib/ldaputil/utest/Makefile | 149
lib/ldaputil/utest/auth.cpp | 611
lib/ldaputil/utest/authtest | 138
lib/ldaputil/utest/certmap.conf | 68
lib/ldaputil/utest/dblist.conf | 47
lib/ldaputil/utest/example.c | 153
lib/ldaputil/utest/plugin.c | 152
lib/ldaputil/utest/plugin.h | 57
lib/ldaputil/utest/stubs.c | 144
lib/ldaputil/utest/stubs.cpp | 139
lib/ldaputil/utest/test.ref | 480
lib/ldaputil/vtable.c | 2
lib/libaccess/acl.tab.cpp | 25
lib/libaccess/aclcache.cpp | 105
lib/libaccess/aclflush.cpp | 1
lib/libaccess/aclpriv.h | 1
lib/libaccess/acltext.y | 4
lib/libaccess/acltools.cpp | 1898
lib/libaccess/aclutil.cpp | 13
lib/libaccess/authdb.cpp | 112
lib/libaccess/lasdns.cpp | 299
lib/libaccess/lasgroup.cpp | 10
lib/libaccess/lasip.cpp | 409
lib/libaccess/lasip.h | 3
lib/libaccess/nseframe.cpp | 1
lib/libaccess/oneeval.cpp | 31
lib/libaccess/permhash.h | 11
lib/libaccess/register.cpp | 57
lib/libaccess/usrcache.cpp | 14
lib/libaccess/utest/.purify | 19
lib/libaccess/utest/Makefile | 147
lib/libaccess/utest/acl.dat | 44
lib/libaccess/utest/aclfile0 | 87
lib/libaccess/utest/aclfile1 | 43
lib/libaccess/utest/aclfile10 | 45
lib/libaccess/utest/aclfile11 | 43
lib/libaccess/utest/aclfile12 | 43
lib/libaccess/utest/aclfile13 | 43
lib/libaccess/utest/aclfile14 | 43
lib/libaccess/utest/aclfile15 | 43
lib/libaccess/utest/aclfile16 | 43
lib/libaccess/utest/aclfile17 | 43
lib/libaccess/utest/aclfile18 | 51
lib/libaccess/utest/aclfile19 | 46
lib/libaccess/utest/aclfile2 | 43
lib/libaccess/utest/aclfile3 | 43
lib/libaccess/utest/aclfile4 | 43
lib/libaccess/utest/aclfile5 | 43
lib/libaccess/utest/aclfile6 | 55
lib/libaccess/utest/aclfile7 | 43
lib/libaccess/utest/aclfile8 | 43
lib/libaccess/utest/aclfile9 | 43
lib/libaccess/utest/aclgrp0 | 42
lib/libaccess/utest/aclgrp1 | 42
lib/libaccess/utest/aclgrp2 | 42
lib/libaccess/utest/aclgrp3 | 42
lib/libaccess/utest/aclgrp4 | 42
lib/libaccess/utest/acltest.cpp | 794
lib/libaccess/utest/onetest.cpp | 77
lib/libaccess/utest/shexp.cpp | 331
lib/libaccess/utest/shexp.h | 168
lib/libaccess/utest/test.ref | 217
lib/libaccess/utest/testmain.cpp | 89
lib/libaccess/utest/twotest.cpp | 87
lib/libaccess/utest/ustubs.cpp | 331
lib/libadmin/error.c | 9
lib/libadmin/template.c | 2
lib/libadmin/util.c | 48
lib/libsi18n/coreres.c | 141
lib/libsi18n/coreres.h | 52
lib/libsi18n/getlang.c | 330
lib/libsi18n/getstrmem.c | 160
lib/libsi18n/getstrmem.h | 1
lib/libsi18n/getstrprop.c | 85
lib/libsi18n/makstrdb.c | 21
lib/libsi18n/propset.c | 442
lib/libsi18n/propset.h | 80
lib/libsi18n/reshash.c | 21
ltmain.sh |14878 ++--
m4/db.m4 | 27
m4/fhs.m4 | 4
m4/icu.m4 | 25
m4/kerberos.m4 | 4
m4/mozldap.m4 | 38
m4/netsnmp.m4 | 15
m4/nspr.m4 | 17
m4/nss.m4 | 17
m4/openldap.m4 | 30
m4/pcre.m4 | 28
m4/sasl.m4 | 25
m4/selinux.m4 | 13
m4/svrcore.m4 | 41
man/man1/cl-dump.1 | 18
man/man1/dbgen.pl.1 | 4
man/man1/ds-logpipe.py.1 | 2
man/man1/infadd.1 | 8
man/man1/migratecred.1 | 6
man/man1/mmldif.1 | 4
man/man1/pwdhash.1 | 4
man/man1/repl-monitor.1 | 16
man/man8/bak2db.8 | 58
man/man8/bak2db.pl.8 | 82
man/man8/cleanallruv.pl.8 | 85
man/man8/db2bak.8 | 59
man/man8/db2bak.pl.8 | 78
man/man8/db2index.8 | 63
man/man8/db2index.pl.8 | 85
man/man8/db2ldif.8 | 102
man/man8/db2ldif.pl.8 | 124
man/man8/dbverify.8 | 60
man/man8/dn2rdn.8 | 58
man/man8/fixup-linkedattrs.pl.8 | 76
man/man8/fixup-memberof.pl.8 | 80
man/man8/ldif2db.8 | 85
man/man8/ldif2db.pl.8 | 102
man/man8/ldif2ldap.8 | 62
man/man8/monitor.8 | 67
man/man8/ns-accountstatus.pl.8 | 74
man/man8/ns-activate.pl.8 | 73
man/man8/ns-inactivate.pl.8 | 72
man/man8/ns-newpwpolicy.pl.8 | 79
man/man8/ns-slapd.8 | 10
man/man8/remove-ds.pl.8 | 6
man/man8/restart-dirsrv.8 | 50
man/man8/restoreconfig.8 | 48
man/man8/saveconfig.8 | 48
man/man8/schema-reload.pl.8 | 74
man/man8/setup-ds.pl.8 | 4
man/man8/start-dirsrv.8 | 50
man/man8/stop-dirsrv.8 | 50
man/man8/suffix2instance.8 | 51
man/man8/syntax-validate.pl.8 | 77
man/man8/upgradedb.8 | 56
man/man8/upgradednformat.8 | 55
man/man8/usn-tombstone-cleanup.pl.8 | 80
man/man8/verify-db.pl.8 | 49
man/man8/vlvindex.8 | 58
missing | 234
selinux/dirsrv.fc.in | 2
selinux/dirsrv.if | 41
selinux/dirsrv.te | 11
wrappers/cl-dump.in | 11
wrappers/dbscan.in | 10
wrappers/infadd.in | 12
wrappers/initscript.in | 245
wrappers/ldap-agent-initscript.in | 20
wrappers/ldap-agent.in | 12
wrappers/ldclt.in | 12
wrappers/ldif.in | 12
wrappers/migratecred.in | 14
wrappers/mmldif.in | 14
wrappers/pwdhash.in | 14
wrappers/repl-monitor.in | 11
wrappers/rsearch.in | 12
wrappers/systemd-snmp.service.in | 16
wrappers/systemd.group.in | 6
wrappers/systemd.template.service.in | 28
wrappers/systemd.template.sysconfig | 3
725 files changed, 121588 insertions(+), 84577 deletions(-)
---
10 years, 10 months
Branch '389-ds-base-1.3.1' - VERSION.sh
by Noriko Hosoi
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 703c604db49d5d4162e26c347fc2f63a1dc509e8
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Jun 14 10:39:00 2013 -0700
bump version to 1.3.1.1
diff --git a/VERSION.sh b/VERSION.sh
index 7ef99bc..0955ee2 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -10,7 +10,7 @@ vendor="389 Project"
# PACKAGE_VERSION is constructed from these
VERSION_MAJOR=1
VERSION_MINOR=3
-VERSION_MAINT=1.0
+VERSION_MAINT=1.1
# if this is a PRERELEASE, set VERSION_PREREL
# otherwise, comment it out
# be sure to include the dot prefix in the prerel
10 years, 10 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/entry.c | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
New commits:
commit ca02529c797903139c56bd9b8b90e8cd5bd0c3f4
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Thu Jun 13 18:22:21 2013 -0700
Ticket #569 - examine replication code to reduce amount of stored state information
Description: commit c7f6f161f4967635d6f02b029be571d88ec61961
made this change:
In case the deleted value list in an attribute is empty:
* this means the entry is deleted and has no more attributes,
* when writing the attr to disk we would loose the AD-csn.
* Add an empty value to the set of deleted values. This will
* never be seen by any client. It will never be moved to the
* present values and is only used to preserve the AD-csn.
The AD-csn size was not counted for the buffer size to allocate.
This patch adds the size.
https://fedorahosted.org/389/ticket/569
Reviewed by Nathan (Thanks!!)
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index ea86fcc..f730ae0 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -1559,7 +1559,17 @@ entry2str_internal_size_attrlist( const Slapi_Attr *attrlist, int entry2str_ctrl
/* ";adcsn-" + a->a_deletioncsn */
if ( a->a_deletioncsn )
{
- elen+= 1 + LDIF_CSNPREFIX_MAXLENGTH + CSN_STRSIZE;
+ elen += 1 + LDIF_CSNPREFIX_MAXLENGTH + CSN_STRSIZE;
+ }
+ if ( valueset_isempty(&a->a_deleted_values)) {
+ /* this means the entry is deleted and has no more attributes,
+ * when writing the attr to disk we would loose the AD-csn.
+ * Add an empty value to the set of deleted values. This will
+ * never be seen by any client. It will never be moved to the
+ * present values and is only used to preserve the AD-csn
+ * We need to add the size for that.
+ */
+ elen += 1 + LDIF_CSNPREFIX_MAXLENGTH + CSN_STRSIZE;
}
}
}
@@ -1731,7 +1741,7 @@ entry2str_internal_put_attrlist( const Slapi_Attr *attrlist, int attr_state, int
* present values and is only used to preserve the AD-csn
*/
valueset_add_string ((Slapi_ValueSet *)&a->a_deleted_values, "", CSN_TYPE_VALUE_DELETED, a->a_deletioncsn);
- }
+ }
entry2str_internal_put_valueset(a->a_type, a->a_deletioncsn, CSN_TYPE_ATTRIBUTE_DELETED, attr_state, &a->a_deleted_values, VALUE_DELETED, ecur, typebuf, typebuf_len, entry2str_ctrl);
}
10 years, 10 months
ldap/schema ldap/servers
by Mark Reynolds
ldap/schema/10dna-plugin.ldif | 38 +++++
ldap/servers/plugins/dna/dna.c | 263 +++++++++++++++++++++++++++++++++++++----
2 files changed, 278 insertions(+), 23 deletions(-)
New commits:
commit 3e2262e1c0410bdf4f9b9211aef13deb28f174d1
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 14 11:05:46 2013 -0400
Ticket 47379 - DNA plugin failed to fetch replication agreement
Bug Description: When trying to get the next range of available values, if a shared config
server does not have a replication agreement that points to itself then
it can not obtain the bind credentials/info to successfully contact that
server when trying to get the next range.
Fix Description: Extend the shared config server to allow for bind information, such as bind
method, and connection protocol. For the bind DN and pw(for SIMPLE and DIGEST-MD5
bind methods), we store this in the plugin config entry. As each bind pw needs to
use DES pw storage scheme, and this must be local to each server (not replicated
with the shared config server entry).
Fixed infinite loop in dna_fix_maxval() - we did not advance the server list if
there was a error. Also improved config validation to make sure the shared config
entry is not within the scope & filter of the DNA config.
https://fedorahosted.org/389/ticket/47379
Reviewed by: richm & nkinder(Thanks!!)
diff --git a/ldap/schema/10dna-plugin.ldif b/ldap/schema/10dna-plugin.ldif
index c89c6b5..ac9b5f4 100644
--- a/ldap/schema/10dna-plugin.ldif
+++ b/ldap/schema/10dna-plugin.ldif
@@ -170,6 +170,38 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2130 NAME 'dnaRangeRequestTimeout'
#
################################################################################
#
+attributeTypes: ( 2.16.840.1.113730.3.1.2157 NAME 'dnaRemoteBindCred'
+ DESC 'Remote bind credentials'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE
+ X-ORIGIN '389 Directory Server' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.2158 NAME 'dnaRemoteBindDN'
+ DESC 'Remote bind DN'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
+ SINGLE-VALUE
+ X-ORIGIN '389 Directory Server' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.2159 NAME 'dnaRemoteConnProtocol'
+ DESC 'Connection protocol: LDAP, TLS, or SSL'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE
+ X-ORIGIN '389 Directory Server' )
+#
+################################################################################
+#
+attributeTypes: ( 2.16.840.1.113730.3.1.2160 NAME 'dnaRemoteBindMethod'
+ DESC 'Remote bind method: SIMPLE, SSL, SASL/DIGEST-MD5, or SASL/GSSAPI'
+ SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
+ SINGLE-VALUE
+ X-ORIGIN '389 Directory Server' )
+#
+################################################################################
+#
objectClasses: ( 2.16.840.1.113730.3.2.324 NAME 'dnaPluginConfig'
DESC 'DNA plugin configuration'
SUP top
@@ -185,7 +217,9 @@ objectClasses: ( 2.16.840.1.113730.3.2.324 NAME 'dnaPluginConfig'
dnaSharedCfgDN $
dnaThreshold $
dnaNextRange $
- dnaRangeRequestTimeout $
+ dnaRangeRequestTimeout $
+ dnaRemoteBindDN $
+ dnaRemoteBindCred $
cn
)
X-ORIGIN '389 Directory Server' )
@@ -199,6 +233,8 @@ objectClasses: ( 2.16.840.1.113730.3.2.325 NAME 'dnaSharedConfig'
MAY ( dnaHostname $
dnaPortNum $
dnaSecurePortNum $
+ dnaRemoteBindMethod $
+ dnaRemoteConnProtocol $
dnaRemainingValues
)
X-ORIGIN '389 Directory Server' )
diff --git a/ldap/servers/plugins/dna/dna.c b/ldap/servers/plugins/dna/dna.c
index ff49f32..a552fb6 100644
--- a/ldap/servers/plugins/dna/dna.c
+++ b/ldap/servers/plugins/dna/dna.c
@@ -87,18 +87,31 @@
#define DNA_GENERATE "dnaMagicRegen"
#define DNA_FILTER "dnaFilter"
#define DNA_SCOPE "dnaScope"
+#define DNA_REMOTE_BIND_DN "dnaRemoteBindDN"
+#define DNA_REMOTE_BIND_PW "dnaRemoteBindCred"
/* since v2 */
#define DNA_MAXVAL "dnaMaxValue"
#define DNA_SHARED_CFG_DN "dnaSharedCfgDN"
/* Shared Config */
-#define DNA_SHAREDCONFIG "dnaSharedConfig"
-#define DNA_REMAINING "dnaRemainingValues"
-#define DNA_THRESHOLD "dnaThreshold"
-#define DNA_HOSTNAME "dnaHostname"
-#define DNA_PORTNUM "dnaPortNum"
-#define DNA_SECURE_PORTNUM "dnaSecurePortNum"
+#define DNA_SHAREDCONFIG "dnaSharedConfig"
+#define DNA_REMAINING "dnaRemainingValues"
+#define DNA_THRESHOLD "dnaThreshold"
+#define DNA_HOSTNAME "dnaHostname"
+#define DNA_PORTNUM "dnaPortNum"
+#define DNA_SECURE_PORTNUM "dnaSecurePortNum"
+#define DNA_REMOTE_BIND_METHOD "dnaRemoteBindMethod"
+#define DNA_REMOTE_CONN_PROT "dnaRemoteConnProtocol"
+
+/* Bind Methods & Protocols */
+#define DNA_METHOD_SIMPLE "SIMPLE"
+#define DNA_METHOD_SSL "SSL"
+#define DNA_METHOD_GSSAPI "SASL/GSSAPI"
+#define DNA_METHOD_DIGESTMD5 "SASL/DIGEST-MD5"
+#define DNA_PROT_LDAP "LDAP"
+#define DNA_PROT_TLS "TLS"
+#define DNA_PROT_SSL "SSL"
/* For transferred ranges */
#define DNA_NEXT_RANGE "dnaNextRange"
@@ -154,6 +167,8 @@ struct configEntry {
PRUint64 threshold;
char *shared_cfg_base;
char *shared_cfg_dn;
+ char *remote_binddn;
+ char *remote_bindpw;
PRUint64 timeout;
/* This lock protects the 5 members below. All
* of the above members are safe to read as long
@@ -195,6 +210,12 @@ struct dnaServer {
unsigned int port;
unsigned int secureport;
PRUint64 remaining;
+ /* Remote replica settings from config */
+ PRUint64 remote_defined;
+ char *remote_bind_method;
+ char *remote_conn_prot;
+ char *remote_binddn; /* contains pointer to main config binddn */
+ char *remote_bindpw; /* contains pointer to main config bindpw */
};
static char *dna_extend_exop_oid_list[] = {
@@ -220,8 +241,8 @@ static int dna_be_txn_preop_init(Slapi_PBlock *pb);
* Local operation functions
*
*/
-static int dna_load_plugin_config(int use_eventq);
-static int dna_parse_config_entry(Slapi_Entry * e, int apply);
+static int dna_load_plugin_config(Slapi_PBlock *pb, int use_eventq);
+static int dna_parse_config_entry(Slapi_PBlock *pb, Slapi_Entry * e, int apply);
static void dna_delete_config();
static void dna_free_config_entry(struct configEntry ** entry);
static int dna_load_host_port();
@@ -264,6 +285,8 @@ static void dna_list_remove_type(char **list, char *type);
static int dna_is_multitype_range(struct configEntry *config_entry);
static void dna_create_valcheck_filter(struct configEntry *config_entry, PRUint64 value, char **filter);
static int dna_isrepl(Slapi_PBlock *pb);
+static int dna_get_remote_config_info( struct dnaServer *server, char **bind_dn, char **bind_passwd,
+ char **bind_method, int *is_ssl, int *port);
/**
*
@@ -572,7 +595,7 @@ dna_start(Slapi_PBlock * pb)
slapi_ch_calloc(1, sizeof(struct configEntry));
PR_INIT_CLIST(dna_global_config);
- if (dna_load_plugin_config(1/* use eventq */) != DNA_SUCCESS) {
+ if (dna_load_plugin_config(pb, 1/* use eventq */) != DNA_SUCCESS) {
slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
"dna_start: unable to load plug-in configuration\n");
return DNA_FAILURE;
@@ -640,7 +663,7 @@ done:
* ------ cn=etc etc
*/
static int
-dna_load_plugin_config(int use_eventq)
+dna_load_plugin_config(Slapi_PBlock *pb, int use_eventq)
{
int status = DNA_SUCCESS;
int result;
@@ -682,7 +705,7 @@ dna_load_plugin_config(int use_eventq)
/* We don't care about the status here because we may have
* some invalid config entries, but we just want to continue
* looking for valid ones. */
- dna_parse_config_entry(entries[i], 1);
+ dna_parse_config_entry(pb, entries[i], 1);
}
dna_unlock();
@@ -719,7 +742,7 @@ cleanup:
* if it is invalid.
*/
static int
-dna_parse_config_entry(Slapi_Entry * e, int apply)
+dna_parse_config_entry(Slapi_PBlock *pb, Slapi_Entry * e, int apply)
{
char *value;
struct configEntry *entry = NULL;
@@ -883,6 +906,45 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
slapi_log_error(SLAPI_LOG_CONFIG, DNA_PLUGIN_SUBSYSTEM,
"----------> %s [%" NSPRIu64 "]\n", DNA_MAXVAL, entry->maxval);
+ /* get the global bind dn and password(if any) */
+ value = slapi_entry_attr_get_charptr(e, DNA_REMOTE_BIND_DN);
+ if (value) {
+ Slapi_DN *sdn = NULL;
+ char *normdn = NULL;
+
+ sdn = slapi_sdn_new_dn_passin(value);
+ if (!sdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_parse_config_entry: Unable to create "
+ "slapi_dn from dnaRemoteBindDN (%s)\n", value);
+ ret = DNA_FAILURE;
+ slapi_ch_free_string(&value);
+ goto bail;
+ }
+ normdn = (char *)slapi_sdn_get_dn(sdn);
+ if (NULL == normdn) {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_parse_config_entry: failed to normalize dn: "
+ "%s\n", value);
+ ret = DNA_FAILURE;
+ slapi_sdn_free(&sdn);
+ goto bail;
+ }
+ entry->remote_binddn = slapi_ch_strdup(normdn);
+ slapi_sdn_free(&sdn);
+ }
+ /* now grab the password */
+ entry->remote_bindpw = slapi_entry_attr_get_charptr(e, DNA_REMOTE_BIND_PW);
+
+ /* validate that we have both a bind dn or password, or we have none */
+ if((entry->remote_bindpw != NULL && entry->remote_binddn == NULL) ||
+ (entry->remote_binddn != NULL && entry->remote_bindpw == NULL)){
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_parse_config_entry: Invalid remote bind DN and password settings.\n");
+ ret = DNA_FAILURE;
+ goto bail;
+ }
+
value = slapi_entry_attr_get_charptr(e, DNA_SHARED_CFG_DN);
if (value) {
Slapi_Entry *shared_e = NULL;
@@ -1057,6 +1119,21 @@ dna_parse_config_entry(Slapi_Entry * e, int apply)
goto bail;
}
+ /* Check if the shared config base matches the config scope and filter */
+ if (entry->scope && slapi_dn_issuffix(entry->shared_cfg_base, entry->scope)){
+ if (entry->slapi_filter) {
+ ret = slapi_vattr_filter_test(pb, e, entry->slapi_filter, 0);
+ if (LDAP_SUCCESS == ret) {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM, "dna_parse_config_entry: "
+ "Error: shared config entry (%s) matches scope \"%s\", and filter \"%s\" "
+ "of the DNA config entry (%s).\n", entry->shared_cfg_base,
+ entry->scope, entry->filter, entry->dn);
+ ret = DNA_FAILURE;
+ goto bail;
+ }
+ }
+ }
+
/**
* Finally add the entry to the list.
* We sort by scope dn length with longer
@@ -1140,6 +1217,8 @@ dna_free_config_entry(struct configEntry ** entry)
slapi_ch_free_string(&e->scope);
slapi_ch_free_string(&e->shared_cfg_base);
slapi_ch_free_string(&e->shared_cfg_dn);
+ slapi_ch_free_string(&e->remote_binddn);
+ slapi_ch_free_string(&e->remote_bindpw);
slapi_destroy_mutex(e->lock);
@@ -1170,13 +1249,14 @@ static void
dna_free_shared_server(struct dnaServer **server)
{
struct dnaServer *s;
+
if ((NULL == server) || (NULL == *server)) {
return;
}
-
s = *server;
slapi_ch_free_string(&s->host);
-
+ slapi_ch_free_string(&s->remote_bind_method);
+ slapi_ch_free_string(&s->remote_conn_prot);
slapi_ch_free((void **)server);
}
@@ -1358,6 +1438,7 @@ static int dna_fix_maxval(struct configEntry *config_entry,
if ((ret = dna_update_next_range(config_entry, lower, upper)) == 0) {
break;
}
+ server = PR_NEXT_LINK(server);
}
}
@@ -1434,7 +1515,7 @@ dna_get_shared_servers(struct configEntry *config_entry, PRCList **servers)
int ret = LDAP_SUCCESS;
Slapi_PBlock *pb = NULL;
Slapi_Entry **entries = NULL;
- char *attrs[5];
+ char *attrs[7];
/* First do a search in the shared config area for this
* range to find other servers who are managing this range. */
@@ -1442,7 +1523,9 @@ dna_get_shared_servers(struct configEntry *config_entry, PRCList **servers)
attrs[1] = DNA_PORTNUM;
attrs[2] = DNA_SECURE_PORTNUM;
attrs[3] = DNA_REMAINING;
- attrs[4] = NULL;
+ attrs[4] = DNA_REMOTE_BIND_METHOD;
+ attrs[5] = DNA_REMOTE_CONN_PROT;
+ attrs[6] = NULL;
pb = slapi_pblock_new();
if (NULL == pb) {
@@ -1490,9 +1573,16 @@ dna_get_shared_servers(struct configEntry *config_entry, PRCList **servers)
server->secureport = slapi_entry_attr_get_uint(entries[i], DNA_SECURE_PORTNUM);
server->remaining = slapi_entry_attr_get_ulonglong(entries[i],
DNA_REMAINING);
+ server->remote_binddn = config_entry->remote_binddn;
+ server->remote_bindpw = config_entry->remote_bindpw;
+ server->remote_bind_method = slapi_entry_attr_get_charptr(entries[i],
+ DNA_REMOTE_BIND_METHOD);
+ server->remote_conn_prot = slapi_entry_attr_get_charptr(entries[i],
+ DNA_REMOTE_CONN_PROT);
/* validate the entry */
- if (!server->host || server->port == 0 || server->remaining == 0) {
+ if (!server->host || (server->port == 0 && server->secureport == 0) || server->remaining == 0)
+ {
/* free and skip this one */
slapi_log_error(SLAPI_LOG_PLUGIN, DNA_PLUGIN_SUBSYSTEM,
"dna_get_shared_servers: skipping invalid "
@@ -1500,6 +1590,40 @@ dna_get_shared_servers(struct configEntry *config_entry, PRCList **servers)
dna_free_shared_server(&server);
continue;
}
+ /* see if we defined a server manually */
+ if(server->remote_bind_method){
+ char *reason;
+ int err = 0;
+
+ if(strcasecmp(server->remote_bind_method, DNA_METHOD_DIGESTMD5) == 0 ||
+ strcasecmp(server->remote_bind_method, DNA_METHOD_SIMPLE) == 0){
+ /* requires a DN and password */
+ if(!server->remote_binddn || !server->remote_bindpw){
+ reason = "missing bind DN and/or password.";
+ err = 1;
+ }
+ }
+ if(strcasecmp(server->remote_bind_method, DNA_METHOD_SSL) == 0){
+ /* requires a bind DN */
+ if(strcasecmp(server->remote_conn_prot, DNA_PROT_SSL) != 0 &&
+ strcasecmp(server->remote_conn_prot, DNA_PROT_TLS) != 0 )
+ {
+ reason = "bind method (SSL) requires either SSL or TLS connection "
+ "protocol.";
+ err = 1;
+ }
+ }
+ if(err){
+ slapi_log_error(SLAPI_LOG_PLUGIN, DNA_PLUGIN_SUBSYSTEM,
+ "dna_get_shared_servers: skipping invalid "
+ "shared config entry (%s). Reason: %s\n",
+ slapi_entry_get_dn(entries[i]), reason);
+ dna_free_shared_server(&server);
+ continue;
+ }
+ /* everything is ok */
+ server->remote_defined = 1;
+ }
/* add a server entry to the list */
if (*servers == NULL) {
@@ -2487,7 +2611,8 @@ static int dna_get_replica_bind_creds(char *range_dn, struct dnaServer *server,
slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
"dna_get_replica_bind_creds: Failed to fetch replica "
"bind credentials for range %s, server %s, port %u [error %d]\n",
- range_dn, server->host, server->port, ret);
+ range_dn, server->host,
+ server->port ? server->port : server->secureport, ret);
goto bail;
}
@@ -2495,10 +2620,18 @@ static int dna_get_replica_bind_creds(char *range_dn, struct dnaServer *server,
&entries);
if (NULL == entries || NULL == entries[0]) {
- slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ if(server->remote_defined){
+ /*
+ * Ok there are no replication agreements for this shared server, but we
+ * do have custom defined authentication settings we can use.
+ */
+ ret = dna_get_remote_config_info(server, bind_dn, bind_passwd, bind_method, is_ssl, port);
+ goto bail;
+ }
+ slapi_log_error(SLAPI_LOG_PLUGIN, DNA_PLUGIN_SUBSYSTEM,
"dna_get_replica_bind_creds: Failed to fetch replication "
"agreement for range %s, server %s, port %u\n", range_dn,
- server->host, server->port);
+ server->host, server->port ? server->port : server->secureport);
ret = LDAP_OPERATIONS_ERROR;
goto bail;
}
@@ -2577,6 +2710,92 @@ bail:
return ret;
}
+static int
+dna_get_remote_config_info( struct dnaServer *server, char **bind_dn, char **bind_passwd,
+ char **bind_method, int *is_ssl, int *port)
+{
+ int rc = 0;
+
+ /* populate the bind info */
+ slapi_ch_free_string(bind_dn);
+ slapi_ch_free_string(bind_method);
+ *bind_dn = slapi_ch_strdup(server->remote_binddn);
+ *bind_method = slapi_ch_strdup(server->remote_bind_method);
+ /* fix up the bind method */
+ if ((NULL == *bind_method) || (strcasecmp(*bind_method, DNA_METHOD_SIMPLE) == 0)) {
+ slapi_ch_free_string(bind_method);
+ *bind_method = slapi_ch_strdup(LDAP_SASL_SIMPLE);
+ } else if (strcasecmp(*bind_method, "SSLCLIENTAUTH") == 0) {
+ slapi_ch_free_string(bind_method);
+ *bind_method = slapi_ch_strdup(LDAP_SASL_EXTERNAL);
+ } else if (strcasecmp(*bind_method, DNA_METHOD_GSSAPI) == 0) {
+ slapi_ch_free_string(bind_method);
+ *bind_method = slapi_ch_strdup("GSSAPI");
+ } else if (strcasecmp(*bind_method, DNA_METHOD_DIGESTMD5) == 0) {
+ slapi_ch_free_string(bind_method);
+ *bind_method = slapi_ch_strdup("DIGEST-MD5");
+ } else { /* some other weird value */
+ ; /* just use it directly */
+ }
+
+ if(server->remote_conn_prot && strcasecmp(server->remote_conn_prot, DNA_PROT_SSL) == 0){
+ *is_ssl = 1;
+ } else if(server->remote_conn_prot && strcasecmp(server->remote_conn_prot, DNA_PROT_TLS) == 0){
+ *is_ssl = 2;
+ } else {
+ *is_ssl = 0;
+ }
+ if(*is_ssl == 1){ /* SSL(covers TLS over ssl) */
+ if (server->secureport){
+ *port = server->secureport;
+ } else {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_get_remote_config_info: Using SSL protocol, but the secure "
+ "port is not defined.\n");
+ return -1;
+ }
+ } else { /* LDAP/TLS(non secure port) */
+ if(server->port){
+ *port = server->port;
+ } else {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_get_remote_config_info: Using %s protocol, but the non-secure "
+ "port is not defined.\n", server->remote_conn_prot);
+ return -1;
+ }
+ }
+
+ /* Decode the password */
+ if (server->remote_bindpw) {
+ char *bind_cred = slapi_ch_strdup(server->remote_bindpw);
+ int pw_ret = 0;
+
+ slapi_ch_free_string(bind_passwd);
+ pw_ret = pw_rever_decode(bind_cred, bind_passwd, DNA_REPL_CREDS);
+
+ if (pw_ret == -1) {
+ slapi_log_error(SLAPI_LOG_FATAL, DNA_PLUGIN_SUBSYSTEM,
+ "dna_get_remote_config_info: Failed to decode "
+ "replica bind credentials for server %s, "
+ "port %u\n", server->host,
+ server->port ? server->port : server->secureport);
+ rc = -1;
+ } else if (pw_ret != 0) {
+ /*
+ * The password was already in clear text, so pw_rever_decode
+ * simply set bind_passwd to bind_cred. Set bind_cred to NULL
+ * to prevent a double free. The memory is now owned by
+ * bind_passwd, which is the callers responsibility to free.
+ */
+ bind_cred = NULL;
+ }
+ slapi_ch_free_string(&bind_cred);
+ }
+
+ return rc;
+}
+
+
/*
* dna_list_contains_type()
*
@@ -3313,7 +3532,7 @@ dna_pre_op(Slapi_PBlock * pb, int modtype)
* here at the pre-op stage. Applying the config
* needs to be done at the post-op stage. */
- if (dna_parse_config_entry(test_e, 0) != DNA_SUCCESS) {
+ if (dna_parse_config_entry(pb, test_e, 0) != DNA_SUCCESS) {
/* Refuse the operation if config parsing failed. */
ret = LDAP_UNWILLING_TO_PERFORM;
if (LDAP_CHANGETYPE_ADD == modtype) {
@@ -3683,7 +3902,7 @@ static int dna_config_check_post_op(Slapi_PBlock * pb)
if (!slapi_op_internal(pb)) { /* If internal, no need to check. */
if ((dn = dna_get_dn(pb))) {
if (dna_dn_is_config(dn)) {
- dna_load_plugin_config(0);
+ dna_load_plugin_config(pb, 0);
}
}
}
10 years, 10 months