ldap/servers
by Noriko Hosoi
ldap/servers/plugins/replication/cl5.h | 1
ldap/servers/plugins/replication/cl5_api.c | 90 +++++++++++++++++++++++--
ldap/servers/plugins/replication/cl5_api.h | 3
ldap/servers/plugins/replication/cl5_config.c | 29 +++++++-
ldap/servers/plugins/replication/cl5_init.c | 2
ldap/servers/plugins/replication/repl_shared.h | 2
ldap/servers/slapd/back-ldbm/dblayer.c | 66 +++++++++++++++---
ldap/servers/slapd/back-ldbm/dblayer.h | 1
ldap/servers/slapd/back-ldbm/ldbm_config.c | 21 +++++
ldap/servers/slapd/back-ldbm/ldbm_config.h | 1
10 files changed, 198 insertions(+), 18 deletions(-)
New commits:
commit d01155c2b511e4cce89ca9e06d29632b774dbd68
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Wed Aug 21 16:09:26 2013 -0700
Ticket #197 - BDB backend - clear free page files to reduce changelog size
Bug description: Even if entries in the database and changes in the
changelog database are deleted/trimmed, the unused pages of the data-
bases were not returned to the filesystem.
Fix description: This patch calls the compact API that Berkeley DB
provides, which compacts the database.
2 config parameters are introduced to specify the interval of the
compact calls.
Primary DBs (id2entry):
dn: cn=config,cn=ldbm database,cn=plugins,cn=config
nsslapd-db-compactdb-interval: <seconds>
Changelog DBs:
dn: cn=changelog5,cn=config
nsslapd-changelogcompactdb-interval: <seconds>
By default, 2592000 seconds (30 days)
Reviewed by Rich (Thank you!!)
https://fedorahosted.org/389/ticket/197
diff --git a/ldap/servers/plugins/replication/cl5.h b/ldap/servers/plugins/replication/cl5.h
index 33f8140..9939d5b 100644
--- a/ldap/servers/plugins/replication/cl5.h
+++ b/ldap/servers/plugins/replication/cl5.h
@@ -56,6 +56,7 @@ typedef struct changelog5Config
/* the changelog DB configuration parameters are defined as CL5DBConfig in cl5_api.h */
CL5DBConfig dbconfig;
char *symmetricKey;
+ int compactInterval;
}changelog5Config;
/* initializes changelog*/
diff --git a/ldap/servers/plugins/replication/cl5_api.c b/ldap/servers/plugins/replication/cl5_api.c
index 0a70d6b..6bf4217 100644
--- a/ldap/servers/plugins/replication/cl5_api.c
+++ b/ldap/servers/plugins/replication/cl5_api.c
@@ -240,6 +240,7 @@ typedef struct cl5trim
{
time_t maxAge; /* maximum entry age in seconds */
int maxEntries; /* maximum number of entries across all changelog files */
+ int compactInterval; /* interval to compact changelog db */
PRLock* lock; /* controls access to trimming configuration */
} CL5Trim;
@@ -350,6 +351,7 @@ static int _cl5TrimInit ();
static void _cl5TrimCleanup ();
static int _cl5TrimMain (void *param);
static void _cl5DoTrimming (ReplicaId rid);
+static void _cl5CompactDBs();
static void _cl5TrimFile (Object *obj, long *numToTrim, ReplicaId cleaned_rid);
static PRBool _cl5CanTrim (time_t time, long *numToTrim);
static int _cl5ReadRUV (const char *replGen, Object *obj, PRBool purge);
@@ -1175,10 +1177,12 @@ int cl5GetState ()
Description: sets changelog trimming parameters; changelog must be open.
Parameters: maxEntries - maximum number of entries in the chnagelog (in all files);
maxAge - maximum entry age;
+ compactInterval - interval to compact changelog db
Return: CL5_SUCCESS if successful;
CL5_BAD_STATE if changelog is not open
*/
-int cl5ConfigTrimming (int maxEntries, const char *maxAge)
+int
+cl5ConfigTrimming (int maxEntries, const char *maxAge, int compactInterval)
{
if (s_cl5Desc.dbState == CL5_STATE_NONE)
{
@@ -1216,6 +1220,11 @@ int cl5ConfigTrimming (int maxEntries, const char *maxAge)
s_cl5Desc.dbTrim.maxEntries = maxEntries;
}
+ if (compactInterval != CL5_NUM_IGNORE)
+ {
+ s_cl5Desc.dbTrim.compactInterval = compactInterval;
+ }
+
PR_Unlock (s_cl5Desc.dbTrim.lock);
_cl5RemoveThread ();
@@ -3420,6 +3429,7 @@ static int _cl5TrimMain (void *param)
{
PRIntervalTime interval;
time_t timePrev = current_time ();
+ time_t timeCompactPrev = current_time ();
time_t timeNow;
PR_AtomicIncrement (&s_cl5Desc.threadCount);
@@ -3434,6 +3444,13 @@ static int _cl5TrimMain (void *param)
timePrev = timeNow;
_cl5DoTrimming (0 /* there's no cleaned rid */);
}
+ if ((s_cl5Desc.dbTrim.compactInterval > 0) &&
+ (timeNow - timeCompactPrev >= s_cl5Desc.dbTrim.compactInterval))
+ {
+ /* time to trim */
+ timeCompactPrev = timeNow;
+ _cl5CompactDBs();
+ }
if (NULL == s_cl5Desc.clLock)
{
/* most likely, emergency */
@@ -3478,14 +3495,77 @@ static void _cl5DoTrimming (ReplicaId rid)
example, randomizing starting point */
obj = objset_first_obj (s_cl5Desc.dbFiles);
while (obj && _cl5CanTrim ((time_t)0, &numToTrim))
- {
+ {
_cl5TrimFile (obj, &numToTrim, rid);
- obj = objset_next_obj (s_cl5Desc.dbFiles, obj);
+ obj = objset_next_obj (s_cl5Desc.dbFiles, obj);
}
- if (obj)
- object_release (obj);
+ if (obj)
+ object_release (obj);
+
+ PR_Unlock (s_cl5Desc.dbTrim.lock);
+
+ return;
+}
+/* clear free page files to reduce changelog */
+static void
+_cl5CompactDBs()
+{
+ int rc;
+ Object *fileObj = NULL;
+ CL5DBFile *dbFile = NULL;
+ DB *db = NULL;
+ DB_TXN *txnid = NULL;
+ DB_COMPACT c_data = {0};
+
+ PR_Lock (s_cl5Desc.dbTrim.lock);
+ rc = TXN_BEGIN(s_cl5Desc.dbEnv, NULL, &txnid, 0);
+ if (rc) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
+ "_cl5CompactDBs: failed to begin transaction; db error - %d %s\n",
+ rc, db_strerror(rc));
+ goto bail;
+ }
+ for (fileObj = objset_first_obj(s_cl5Desc.dbFiles);
+ fileObj;
+ fileObj = objset_next_obj(s_cl5Desc.dbFiles, fileObj)) {
+ dbFile = (CL5DBFile*)object_get_data(fileObj);
+ if (!dbFile) {
+ continue;
+ }
+ db = dbFile->db;
+ rc = db->compact(db, txnid, NULL/*start*/, NULL/*stop*/,
+ &c_data, DB_FREE_SPACE, NULL/*end*/);
+ if (rc) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
+ "_cl5CompactDBs: failed to compact %s; db error - %d %s\n",
+ dbFile->replName, rc, db_strerror(rc));
+ goto bail;
+ }
+ slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl,
+ "_cl5CompactDBs: %s - %d pages freed\n",
+ dbFile->replName, c_data.compact_pages_free);
+ }
+bail:
+ if (fileObj) {
+ object_release(fileObj);
+ }
+ if (rc) {
+ rc = TXN_ABORT (txnid);
+ if (rc) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
+ "_cl5CompactDBs: failed to abort transaction; db error - %d %s\n",
+ rc, db_strerror(rc));
+ }
+ } else {
+ rc = TXN_COMMIT (txnid, 0);
+ if (rc) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
+ "_cl5CompactDBs: failed to commit transaction; db error - %d %s\n",
+ rc, db_strerror(rc));
+ }
+ }
PR_Unlock (s_cl5Desc.dbTrim.lock);
return;
diff --git a/ldap/servers/plugins/replication/cl5_api.h b/ldap/servers/plugins/replication/cl5_api.h
index 9b285ca..59d3bf2 100644
--- a/ldap/servers/plugins/replication/cl5_api.h
+++ b/ldap/servers/plugins/replication/cl5_api.h
@@ -269,10 +269,11 @@ int cl5GetState ();
Description: sets changelog trimming parameters
Parameters: maxEntries - maximum number of entries in the log;
maxAge - maximum entry age;
+ compactInterval - interval to compact changelog db
Return: CL5_SUCCESS if successful;
CL5_BAD_STATE if changelog has not been open
*/
-int cl5ConfigTrimming (int maxEntries, const char *maxAge);
+int cl5ConfigTrimming (int maxEntries, const char *maxAge, int compactInterval);
/* Name: cl5GetOperation
Description: retireves operation specified by its csn and databaseid
diff --git a/ldap/servers/plugins/replication/cl5_config.c b/ldap/servers/plugins/replication/cl5_config.c
index 980cb7f..a523a80 100644
--- a/ldap/servers/plugins/replication/cl5_config.c
+++ b/ldap/servers/plugins/replication/cl5_config.c
@@ -244,7 +244,7 @@ changelog5_config_add (Slapi_PBlock *pb, Slapi_Entry* e, Slapi_Entry* entryAfter
}
/* set trimming parameters */
- rc = cl5ConfigTrimming (config.maxEntries, config.maxAge);
+ rc = cl5ConfigTrimming (config.maxEntries, config.maxAge, config.compactInterval);
if (rc != CL5_SUCCESS)
{
*returncode = 1;
@@ -336,6 +336,7 @@ changelog5_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entr
slapi_ch_free_string(&config.dir);
config.dir = NULL;
config.maxEntries = CL5_NUM_IGNORE;
+ config.compactInterval = CL5_NUM_IGNORE;
slapi_ch_free_string(&config.maxAge);
config.maxAge = slapi_ch_strdup(CL5_STR_IGNORE);
@@ -399,6 +400,17 @@ changelog5_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entr
slapi_ch_free_string(&config.maxAge);
config.maxAge = slapi_ch_strdup(config_attr_value);
}
+ else if ( strcasecmp ( config_attr, CONFIG_CHANGELOG_COMPACTDB_ATTRIBUTE ) == 0 )
+ {
+ if (config_attr_value && config_attr_value[0] != '\0')
+ {
+ config.compactInterval = atoi (config_attr_value);
+ }
+ else
+ {
+ config.compactInterval = 0;
+ }
+ }
else if ( strcasecmp ( config_attr, CONFIG_CHANGELOG_SYMMETRIC_KEY ) == 0 )
{
slapi_ch_free_string(&config.symmetricKey);
@@ -424,6 +436,8 @@ changelog5_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entr
* except config.dir */
if (config.maxEntries == CL5_NUM_IGNORE)
config.maxEntries = originalConfig->maxEntries;
+ if (config.compactInterval == CL5_NUM_IGNORE)
+ config.compactInterval = originalConfig->compactInterval;
if (strcmp (config.maxAge, CL5_STR_IGNORE) == 0) {
slapi_ch_free_string(&config.maxAge);
if (originalConfig->maxAge)
@@ -548,7 +562,7 @@ changelog5_config_modify (Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Entr
if (config.maxEntries != CL5_NUM_IGNORE ||
strcmp (config.maxAge, CL5_STR_IGNORE) != 0)
{
- rc = cl5ConfigTrimming (config.maxEntries, config.maxAge);
+ rc = cl5ConfigTrimming (config.maxEntries, config.maxAge, config.compactInterval);
if (rc != CL5_SUCCESS)
{
*returncode = 1;
@@ -706,6 +720,7 @@ static changelog5Config * changelog5_dup_config(changelog5Config *config)
dup->maxAge = slapi_ch_strdup(config->maxAge);
dup->maxEntries = config->maxEntries;
+ dup->compactInterval = config->compactInterval;
dup->dbconfig.pageSize = config->dbconfig.pageSize;
dup->dbconfig.fileMode = config->dbconfig.fileMode;
@@ -732,6 +747,16 @@ static void changelog5_extract_config(Slapi_Entry* entry, changelog5Config *conf
config->maxEntries = atoi (arg);
slapi_ch_free_string(&arg);
}
+ arg= slapi_entry_attr_get_charptr(entry,CONFIG_CHANGELOG_COMPACTDB_ATTRIBUTE);
+ if (arg)
+ {
+ config->compactInterval = atoi (arg);
+ slapi_ch_free_string(&arg);
+ }
+ else
+ {
+ config->compactInterval = CHANGELOGDB_COMPACT_INTERVAL;
+ }
config->maxAge = slapi_entry_attr_get_charptr(entry,CONFIG_CHANGELOG_MAXAGE_ATTRIBUTE);
diff --git a/ldap/servers/plugins/replication/cl5_init.c b/ldap/servers/plugins/replication/cl5_init.c
index 8ee725d..60e538d 100644
--- a/ldap/servers/plugins/replication/cl5_init.c
+++ b/ldap/servers/plugins/replication/cl5_init.c
@@ -88,7 +88,7 @@ int changelog5_init()
}
/* set trimming parameters */
- rc = cl5ConfigTrimming (config.maxEntries, config.maxAge);
+ rc = cl5ConfigTrimming (config.maxEntries, config.maxAge, config.compactInterval);
if (rc != CL5_SUCCESS)
{
slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl,
diff --git a/ldap/servers/plugins/replication/repl_shared.h b/ldap/servers/plugins/replication/repl_shared.h
index 99f785e..f79a657 100644
--- a/ldap/servers/plugins/replication/repl_shared.h
+++ b/ldap/servers/plugins/replication/repl_shared.h
@@ -58,10 +58,12 @@
#endif
#define CHANGELOGDB_TRIM_INTERVAL 300 /* 5 minutes */
+#define CHANGELOGDB_COMPACT_INTERVAL 2592000 /* 30 days */
#define CONFIG_CHANGELOG_DIR_ATTRIBUTE "nsslapd-changelogdir"
#define CONFIG_CHANGELOG_MAXENTRIES_ATTRIBUTE "nsslapd-changelogmaxentries"
#define CONFIG_CHANGELOG_MAXAGE_ATTRIBUTE "nsslapd-changelogmaxage"
+#define CONFIG_CHANGELOG_COMPACTDB_ATTRIBUTE "nsslapd-changelogcompactdb-interval"
/* Changelog Internal Configuration Parameters -> Changelog Cache related */
#define CONFIG_CHANGELOG_MAX_CONCURRENT_WRITES "nsslapd-changelogmaxconcurrentwrites"
#define CONFIG_CHANGELOG_ENCRYPTION_ALGORITHM "nsslapd-encryptionalgorithm"
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.c b/ldap/servers/slapd/back-ldbm/dblayer.c
index 5b981b0..013d1c0 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.c
+++ b/ldap/servers/slapd/back-ldbm/dblayer.c
@@ -4603,10 +4603,8 @@ static int log_flush_threadmain(void *param)
PR_NotifyAllCondVar(sync_txn_log_flush_done);
}
/* wait until flushing conditions are met */
- while ( trans_batch_count == 0 ||
- ( trans_batch_count < trans_batch_limit &&
- trans_batch_count < txn_in_progress_count))
- {
+ while ((trans_batch_count == 0) ||
+ (trans_batch_count < trans_batch_limit && trans_batch_count < txn_in_progress_count)) {
if (priv->dblayer_stop_threads)
break;
if (PR_IntervalNow() - last_flush > interval_flush) {
@@ -4617,7 +4615,7 @@ static int log_flush_threadmain(void *param)
}
PR_Unlock(sync_txn_log_flush);
LDAPDebug(LDAP_DEBUG_BACKLDBM, "log_flush_threadmain (wakeup): batchcount: %d, "
- "txn_in_progress: %d\n", trans_batch_count, txn_in_progress_count, 0);
+ "txn_in_progress: %d\n", trans_batch_count, txn_in_progress_count, 0);
} else {
DS_Sleep(interval_def);
}
@@ -4654,6 +4652,9 @@ dblayer_start_checkpoint_thread(struct ldbminfo *li)
return return_value;
}
+/*
+ * checkpoint thread -- borrow the timing for compacting id2entry, as well.
+ */
static int checkpoint_threadmain(void *param)
{
time_t time_of_last_checkpoint_completion = 0; /* seconds since epoch */
@@ -4667,6 +4668,9 @@ static int checkpoint_threadmain(void *param)
char **list = NULL;
char **listp = NULL;
struct dblayer_private_env *penv = NULL;
+ time_t time_of_last_comapctdb_completion = current_time(); /* seconds since epoch */
+ int compactdb_interval = 0;
+ back_txn txn;
PR_ASSERT(NULL != param);
li = (struct ldbminfo*)param;
@@ -4676,6 +4680,7 @@ static int checkpoint_threadmain(void *param)
INCR_THREAD_COUNT(priv);
+ compactdb_interval = priv->dblayer_compactdb_interval;
interval = PR_MillisecondsToInterval(DBLAYER_SLEEP_INTERVAL);
home_dir = dblayer_get_home_dir(li, NULL);
if (NULL == home_dir || '\0' == *home_dir)
@@ -4774,6 +4779,49 @@ static int checkpoint_threadmain(void *param)
}
/* find out which log files don't contain active txns */
DB_CHECKPOINT_LOCK(PR_TRUE, penv->dblayer_env_lock);
+ /* Compacting DB borrowing the timing of the log flush */
+ if ((compactdb_interval > 0) &&
+ (current_time() - time_of_last_comapctdb_completion > compactdb_interval)) {
+ int rc = 0;
+ Object *inst_obj;
+ ldbm_instance *inst;
+ DB *db = NULL;
+ DB_COMPACT c_data = {0};
+
+ for (inst_obj = objset_first_obj(li->li_instance_set);
+ inst_obj;
+ inst_obj = objset_next_obj(li->li_instance_set, inst_obj)) {
+ inst = (ldbm_instance *)object_get_data(inst_obj);
+ rc = dblayer_get_id2entry(inst->inst_be, &db);
+ if (!db) {
+ continue;
+ }
+ LDAPDebug1Arg(LDAP_DEBUG_BACKLDBM, "compactdb: Compacting DB start: %s\n",
+ inst->inst_name);
+ rc = dblayer_txn_begin(inst->inst_be, NULL, &txn);
+ if (rc) {
+ LDAPDebug1Arg(LDAP_DEBUG_ANY,
+ "compactdb: transaction begin failed: %d\n",
+ rc);
+ break;
+ }
+ rc = db->compact(db, txn.back_txn_txn, NULL/*start*/, NULL/*stop*/,
+ &c_data, DB_FREE_SPACE, NULL/*end*/);
+ if (rc) {
+ LDAPDebug(LDAP_DEBUG_ANY,
+ "compactdb: failed to compact %s; db error - %d %s\n",
+ inst->inst_name, rc, db_strerror(rc));
+ rc = dblayer_txn_abort(inst->inst_be, &txn);
+ } else {
+ LDAPDebug2Args(LDAP_DEBUG_BACKLDBM,
+ "compactdb: compact %s - %d pages freed\n",
+ inst->inst_name, c_data.compact_pages_free);
+ rc = dblayer_txn_commit(inst->inst_be, &txn);
+ }
+ }
+ time_of_last_comapctdb_completion = current_time(); /* seconds since epoch */
+ compactdb_interval = priv->dblayer_compactdb_interval;
+ }
rval = LOG_ARCHIVE(penv->dblayer_DB_ENV, &list,
DB_ARCH_ABS, (void *)slapi_ch_malloc);
DB_CHECKPOINT_UNLOCK(PR_TRUE, penv->dblayer_env_lock);
@@ -4794,10 +4842,10 @@ static int checkpoint_threadmain(void *param)
checkpoint_debug_message(debug_checkpointing,
"Renaming %s -> %s\n",*listp, new_filename, 0);
if(rename(*listp, new_filename) != 0){
- LDAPDebug(LDAP_DEBUG_ANY, "checkpoint_threadmain: failed to rename log (%s) to (%s)\n",
- *listp, new_filename, 0);
- rval = -1;
- goto error_return;
+ LDAPDebug(LDAP_DEBUG_ANY, "checkpoint_threadmain: failed to rename log (%s) to (%s)\n",
+ *listp, new_filename, 0);
+ rval = -1;
+ goto error_return;
}
}
}
diff --git a/ldap/servers/slapd/back-ldbm/dblayer.h b/ldap/servers/slapd/back-ldbm/dblayer.h
index 7f3200c..c382a98 100644
--- a/ldap/servers/slapd/back-ldbm/dblayer.h
+++ b/ldap/servers/slapd/back-ldbm/dblayer.h
@@ -179,6 +179,7 @@ struct dblayer_private
int dblayer_lockdown; /* use DB_LOCKDOWN */
int dblayer_lock_config;
u_int32_t dblayer_deadlock_policy; /* i.e. the atype to DB_ENV->lock_detect in deadlock_threadmain */
+ int dblayer_compactdb_interval; /* interval to execute compact id2entry dbs */
};
#if 1000*DB_VERSION_MAJOR + 100*DB_VERSION_MINOR >= 4300
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.c b/ldap/servers/slapd/back-ldbm/ldbm_config.c
index 4eb53e5..d53e9b3 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_config.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_config.c
@@ -679,6 +679,26 @@ static int ldbm_config_db_checkpoint_interval_set(void *arg, void *value, char *
return retval;
}
+static void *ldbm_config_db_compactdb_interval_get(void *arg)
+{
+ struct ldbminfo *li = (struct ldbminfo *) arg;
+
+ return (void *) ((uintptr_t)li->li_dblayer_private->dblayer_compactdb_interval);
+}
+
+static int ldbm_config_db_compactdb_interval_set(void *arg, void *value, char *errorbuf, int phase, int apply)
+{
+ struct ldbminfo *li = (struct ldbminfo *) arg;
+ int retval = LDAP_SUCCESS;
+ int val = (int) ((uintptr_t)value);
+
+ if (apply) {
+ li->li_dblayer_private->dblayer_compactdb_interval = val;
+ }
+
+ return retval;
+}
+
static void *ldbm_config_db_page_size_get(void *arg)
{
struct ldbminfo *li = (struct ldbminfo *) arg;
@@ -1447,6 +1467,7 @@ static config_info ldbm_config[] = {
{CONFIG_DB_CIRCULAR_LOGGING, CONFIG_TYPE_ONOFF, "on", &ldbm_config_db_circular_logging_get, &ldbm_config_db_circular_logging_set, 0},
{CONFIG_DB_TRANSACTION_LOGGING, CONFIG_TYPE_ONOFF, "on", &ldbm_config_db_transaction_logging_get, &ldbm_config_db_transaction_logging_set, 0},
{CONFIG_DB_CHECKPOINT_INTERVAL, CONFIG_TYPE_INT, "60", &ldbm_config_db_checkpoint_interval_get, &ldbm_config_db_checkpoint_interval_set, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE},
+ {CONFIG_DB_COMPACTDB_INTERVAL, CONFIG_TYPE_INT, "2592000"/*30days*/, &ldbm_config_db_compactdb_interval_get, &ldbm_config_db_compactdb_interval_set, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE},
{CONFIG_DB_TRANSACTION_BATCH, CONFIG_TYPE_INT, "0", &dblayer_get_batch_transactions, &dblayer_set_batch_transactions, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE},
{CONFIG_DB_TRANSACTION_BATCH_MIN_SLEEP, CONFIG_TYPE_INT, "50", &dblayer_get_batch_txn_min_sleep, &dblayer_set_batch_txn_min_sleep, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE},
{CONFIG_DB_TRANSACTION_BATCH_MAX_SLEEP, CONFIG_TYPE_INT, "50", &dblayer_get_batch_txn_max_sleep, &dblayer_set_batch_txn_max_sleep, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE},
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_config.h b/ldap/servers/slapd/back-ldbm/ldbm_config.h
index f420707..cb9d3c7 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_config.h
+++ b/ldap/servers/slapd/back-ldbm/ldbm_config.h
@@ -110,6 +110,7 @@ struct config_info {
#define CONFIG_DB_CIRCULAR_LOGGING "nsslapd-db-circular-logging"
#define CONFIG_DB_TRANSACTION_LOGGING "nsslapd-db-transaction-logging"
#define CONFIG_DB_CHECKPOINT_INTERVAL "nsslapd-db-checkpoint-interval"
+#define CONFIG_DB_COMPACTDB_INTERVAL "nsslapd-db-compactdb-interval"
#define CONFIG_DB_TRANSACTION_BATCH "nsslapd-db-transaction-batch-val"
#define CONFIG_DB_TRANSACTION_BATCH_MIN_SLEEP "nsslapd-db-transaction-batch-min-wait"
#define CONFIG_DB_TRANSACTION_BATCH_MAX_SLEEP "nsslapd-db-transaction-batch-max-wait"
10 years, 7 months
Branch '389-ds-base-1.3.1' - ldap/servers
by Noriko Hosoi
ldap/servers/plugins/replication/windows_protocol_util.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
New commits:
commit 529a544a2fe9961d9286e191346fb5faca27d38b
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Aug 20 14:09:26 2013 -0700
Ticket #47488 - Users from AD sub OU does not sync to IPA
Bug description: When processing a DN from AD, the DN is passed to
a helper function is_subject_of_agreement_remote (windows_protocol_
util.c) to check if the DN is a subject of the sync service or not.
The helper function was checking if the AD DN is just one-level
child of the agreement subtree top (nsds7WindowsReplicaSubtree) but
not the subtree-level descendents. Note: the DN is an original one
in AD, which has not be flattened yet. Therefore, the AD entry was
determined not to be synchronized.
Fix description: This bug was fixed in the master tree with the
ticket #521 - modrdn + NSMMReplicationPlugin - Consumer failed to
replay change.
3) is_subject_of_agreement_remote (windows_protocol_util.c):
When checking if the entry was in the subtree defined in the
agreement or not, it returned true only if the entry is a
direct child of the agreement subtree top. This patch returns
true if the entry is the further descendent of the subtree.
The fix is back ported to 389-ds-base-1.3.1 branch.
Reviewed by Rich (Thank you!!)
https://fedorahosted.org/389/ticket/47488
diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c
index 964566a..730d9a6 100644
--- a/ldap/servers/plugins/replication/windows_protocol_util.c
+++ b/ldap/servers/plugins/replication/windows_protocol_util.c
@@ -3950,7 +3950,12 @@ error:
return retval;
}
-/* Tests if the entry is subject to our agreement (i.e. is it in the sync'ed subtree in AD and either a user or a group ?) */
+/*
+ * Tests if the entry is subject to our agreement
+ * (i.e. is it in the sync'ed subtree in AD and either a user or a group ?)
+ * return value: 1 -- it is subject to the agreement
+ * 0 -- out of scope
+ */
static int
is_subject_of_agreement_remote(Slapi_Entry *e, const Repl_Agmt *ra)
{
@@ -3981,7 +3986,8 @@ is_subject_of_agreement_remote(Slapi_Entry *e, const Repl_Agmt *ra)
* 'e' as out of scope.
*/
slapi_sdn_get_parent(sdn, &psdn);
- if (0 == slapi_sdn_compare(&psdn, agreement_subtree)) {
+ if (slapi_sdn_issuffix(&psdn, agreement_subtree)) {
+ /* parent is in agreement_subtree. */
retval = 1;
} else {
/* If parent entry is not local, the entry is out of scope */
10 years, 7 months
Changes to 'refs/tags/389-dsgw-1.1.11'
by Richard Allen Megginson
Changes since the dawn of time:
Mark Reynolds (1):
Ticket 606 - DSGW - format string errors
Nathan Kinder (3):
Added orgchart to dsgw.
General templating work for DSGW CGI URI's.
Added dsgw.tmpl template
Noriko Hosoi (2):
openldap porting snapshot
Ticket #47344 - 389-dsgw: Does not support aarch64 in f19 and rawhide
Rich Megginson (71):
Initial import of code from ldapserver, modified to use autoconf for build
cleaned up build and setup scripts
update of autotool files based on recent ldapserver and adminserver
Initial pass at using adminutil for CGI code
Check ldapquery for NULL
Still need to unescape some form vars
added manuals; fixed code that displays manuals; added initial tests
get phonebook and orgchart working; use memmove instead of overlapping strcpy; fix memory error in dsgw_dn_parent
Renamed setup to setup-ds-dsgw to be consistent with other setup scripts
fix build issues and compiler warnings on HP-UX
added CXXLINK stuff for HP-UX
add dummy c++ file to force automake to define CXXLINK
include config.h in dsgw.h so all of the dsgw code will include it
do not check for GNU compatible realloc
better method of choosing suffix
enhance setup - move to sbin, check for already configured, add reconfig option to force reconfig, add support for users and groups
add pthread lib for HP-UX
attributes in LDIF may be in mixed case - sed cannot portably do case insensitive matching - just use a simple sed search and replace for ldif attributes
added perlpath for bundled installs
actually use perlpath in the generated files
setup will print messages showing what it is doing - setup will copy in the admin server home page html fragment files to enable using dsgw, phonebook, and orgchart from the admin server home page
remove the hp host:port cgi parameter
added a lot of tests
do not print empty message
add domodify tests
1) The old code used a CGI variable called completion_javascript - this variable contained arbitrary javascript code that was eval'd on in the client browser. I have removed this code and put it in the resource file. The dsgw code will set completion_javascript to one of the 3 keywords, and the new function emit_completion_javascript will look up the code in the resource file and output it with any required arguments. It just seems like a really bad idea to execute arbitrary blobs of javascript passed in a CGI argument.
1) There were several places where DSGW would output and eval arbitrary javascript code passed in a CGI parameter. These have been replaced with resource strings. In all cases the values were output escaped, but still, we shouldn't be passing around bits of javascript code to execute.
clean up org chart code - added tests for org chart
Resolves: bug 171353
Resolves: Bug 146294
additional cleanup - my last org chart commit broke org chart, this fixes it, and cleans up some other stuff, and adds some more tests
Resolves: bug 435230
Resolves: bug 435230
Resolves: bug 435230
Resolves: bug 450134
Resolves: bug 450588
Resolves: bug 450894
Resolves: bug 450898
Resolves: bug 450971
Resolves: bug 452018
Resolves: bug 453052
Resolves: bug 171353
Resolves: bug 413531
this is the 1.1.1 release
Resolves: bug 471681
Resolves: bug 472092
for the 1.1.2 release
rename to 389
remove directory server exception from license
bump version to 1.1.3 for fedora review
bump version to 1.1.4 - require 389-adminutil - fix adminutil.m4 - fix remaining licensing problems
make sure we can find ICU genrb on all platforms
port dsgw to use openldap
org cannot use LDAP_URL_OPT_SECURE; ldap_sasl_bind result check not correct
openldap does not use global MozNSS context
Bug 553636 - dsgw and ds has problems in schema
look for separate openldap ldif library
bump version to 1.1.7
add tmpfiles.d support for the cookiedir
bump version to 1.1.8
dsgw does not need libldap_r
Ticket #281 - TLS not working with latest openldap
bump version to 1.1.9
add Eclipse generated files
Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw
Ticket #47486 compiler warnings in adminutil, admin, dsgw
add patch files
Ticket #47328 389-dsgw: entrydisplay.c:2523: bad switch statement
Ticket #47403 DSGW authentication issue
added charset tests - modularized test script - improved valgrind checking
bump version to 1.1.11
10 years, 7 months
8 commits - cgiutil.c configure configure.ac doauth.c emitf.c entrydisplay.c .gitignore htmlout.c htmlparse.c m4/adminutil.m4 newentry.c sort.c tests/lang tests/setup.sh tmplout.c unauth.c
by Richard Allen Megginson
.gitignore | 4 ++++
cgiutil.c | 2 +-
configure | 24 ++++++++++--------------
configure.ac | 2 +-
doauth.c | 8 ++------
emitf.c | 4 +++-
entrydisplay.c | 3 +++
htmlout.c | 3 +--
htmlparse.c | 2 --
m4/adminutil.m4 | 4 ----
newentry.c | 2 --
sort.c | 6 +++++-
tests/lang/testget.15 | 1 +
tests/lang/testget.16 | 1 +
tests/lang/testpost.13 | 1 +
tests/lang/testpost.14 | 1 +
tests/setup.sh | 28 ++++++++++++++--------------
tmplout.c | 7 ++-----
unauth.c | 6 ++----
19 files changed, 52 insertions(+), 57 deletions(-)
New commits:
commit 4b5381bb098c667699712a37b259e2e436adf55c
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Aug 20 14:08:15 2013 -0600
bump version to 1.1.11
diff --git a/configure b/configure
index 7f48df6..b05fa1b 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for dirsrv-gw 1.1.9.
+# Generated by GNU Autoconf 2.69 for dirsrv-gw 1.1.11.
#
# Report bugs to <http://bugzilla.redhat.com/>.
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='dirsrv-gw'
PACKAGE_TARNAME='dirsrv-gw'
-PACKAGE_VERSION='1.1.9'
-PACKAGE_STRING='dirsrv-gw 1.1.9'
+PACKAGE_VERSION='1.1.11'
+PACKAGE_STRING='dirsrv-gw 1.1.11'
PACKAGE_BUGREPORT='http://bugzilla.redhat.com/'
PACKAGE_URL=''
@@ -1418,7 +1418,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures dirsrv-gw 1.1.9 to adapt to many kinds of systems.
+\`configure' configures dirsrv-gw 1.1.11 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1488,7 +1488,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of dirsrv-gw 1.1.9:";;
+ short | recursive ) echo "Configuration of dirsrv-gw 1.1.11:";;
esac
cat <<\_ACEOF
@@ -1632,7 +1632,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-dirsrv-gw configure 1.1.9
+dirsrv-gw configure 1.1.11
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2176,7 +2176,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by dirsrv-gw $as_me 1.1.9, which was
+It was created by dirsrv-gw $as_me 1.1.11, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3001,7 +3001,7 @@ fi
# Define the identity of the package.
PACKAGE='dirsrv-gw'
- VERSION='1.1.9'
+ VERSION='1.1.11'
cat >>confdefs.h <<_ACEOF
@@ -18741,7 +18741,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by dirsrv-gw $as_me 1.1.9, which was
+This file was extended by dirsrv-gw $as_me 1.1.11, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -18807,7 +18807,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-dirsrv-gw config.status 1.1.9
+dirsrv-gw config.status 1.1.11
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index c3bfc50..04be099 100644
--- a/configure.ac
+++ b/configure.ac
@@ -21,7 +21,7 @@
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([dirsrv-gw], [1.1.9], [http://bugzilla.redhat.com/])
+AC_INIT([dirsrv-gw], [1.1.11], [http://bugzilla.redhat.com/])
AC_CONFIG_SRCDIR([dsgwutil.c])
AM_INIT_AUTOMAKE([1.9 foreign subdir-objects])
AM_MAINTAINER_MODE
commit 9bebf4c8bf5f069ef58362955d1ac5fc92efde96
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Aug 19 15:35:30 2013 -0600
added charset tests - modularized test script - improved valgrind checking
diff --git a/tests/lang/testget.15 b/tests/lang/testget.15
new file mode 100644
index 0000000..48d88cf
--- /dev/null
+++ b/tests/lang/testget.15
@@ -0,0 +1 @@
+file=.MANUAL/contents.html&charset=ISO_8859-1
\ No newline at end of file
diff --git a/tests/lang/testget.16 b/tests/lang/testget.16
new file mode 100644
index 0000000..eaa0891
--- /dev/null
+++ b/tests/lang/testget.16
@@ -0,0 +1 @@
+file=.MANUAL/contents.html&charset=ISO_8859-999999999999999999999
\ No newline at end of file
diff --git a/tests/lang/testpost.13 b/tests/lang/testpost.13
new file mode 100644
index 0000000..48d88cf
--- /dev/null
+++ b/tests/lang/testpost.13
@@ -0,0 +1 @@
+file=.MANUAL/contents.html&charset=ISO_8859-1
\ No newline at end of file
diff --git a/tests/lang/testpost.14 b/tests/lang/testpost.14
new file mode 100644
index 0000000..8026739
--- /dev/null
+++ b/tests/lang/testpost.14
@@ -0,0 +1 @@
+file=.MANUAL/contents.html&charset=ISO_8859-999999999999
\ No newline at end of file
diff --git a/tests/setup.sh b/tests/setup.sh
index 66b5668..d1d47ac 100755
--- a/tests/setup.sh
+++ b/tests/setup.sh
@@ -1,20 +1,20 @@
#!/bin/sh
testdir="$1"
-hostname=vmhost.testdomain.com
+hostname=${HOSTNAME:-vmhost.testdomain.com}
sroot=${SROOT:-/home/$USER/dsol}
-secdir=/home/$USER/save
-port=1300
+secdir=${SECDIR:-/home/$USER/save}
+port=${PORT:-1300}
secport=`expr $port + 1`
-rootdn="cn=directory manager"
-rootpw=password
+rootdn=${ROOTDN:-"cn=directory manager"}
+rootpw=${ROOTPW:-password}
adminpw=admin
-needdata=1
-usessl=1
+needdata=${NEEDDATA:-1}
+usessl=${USESSL:-1}
suffix="dc=example,dc=com"
-instance=ds
+instance=${INST:-ds}
inst=slapd-$instance
-resetdata=1
+resetdata=${RESETDATA:-1}
if [ ! -d $sroot/etc/dirsrv/$inst ] ; then
$sroot/sbin/setup-ds.pl -s -f - <<EOF
@@ -76,7 +76,7 @@ $sroot/lib/dirsrv/slapd-$instance/start-slapd
fi
-if [ "$needdata" ] ; then
+if [ "$needdata" -eq 1 ] ; then
$sroot/lib/dirsrv/$inst/ldif2db.pl -D "$rootdn" -w "$rootpw" -n userRoot -i $sroot/share/dirsrv/data/Example.ldif
sleep 10
fi
@@ -84,7 +84,7 @@ fi
rm -rf testtmp
mkdir testtmp
-if [ "$usessl" ] ; then
+if [ "$usessl" -eq 1 ] ; then
ldapurl="ldaps://$hostname:$secport"
# grab CA cert
certutil -L -d $sroot/etc/dirsrv/$inst -n "CA certificate" -a > testtmp/cacert.asc
@@ -147,7 +147,7 @@ EOF
#VGPREFIX="valgrind --tool=memcheck --leak-check=yes --suppressions=$HOME/valgrind.supp --num-callers=40 --suppressions=$testdir/valgrind.supp "
# These are CGI programs - they assume they will run for a very short period of time - they use exit() instead of free() :P
-VGPREFIX="valgrind -q --tool=memcheck --leak-check=no --suppressions=$HOME/valgrind.supp --num-callers=40 --suppressions=$testdir/valgrind.supp "
+VGPREFIX="valgrind -q --trace-children=yes --tool=memcheck --track-origins=yes --read-var-info=yes --leak-check=no --suppressions=$HOME/valgrind.supp --num-callers=50 --suppressions=$testdir/valgrind.supp "
GDB="gdb -x .gdbinit "
#DEBUGCMD=VALGRIND
#DEBUGCMD="$GDB"
@@ -274,12 +274,12 @@ runPostTestsForProg() {
# each prog has a subdir containing the GET/POST args and any other test data
for prog in $PROGS ; do
- if [ -n "$resetdata" ] ; then
+ if [ "$resetdata" -eq 1 ] ; then
$sroot/lib/dirsrv/$inst/ldif2db.pl -D "$rootdn" -w "$rootpw" -n userRoot -i $sroot/share/dirsrv/data/Example.ldif
sleep 10
fi
runGetTestsForProg "$prog"
- if [ -n "$resetdata" ] ; then
+ if [ "$resetdata" -eq 1 ] ; then
$sroot/lib/dirsrv/$inst/ldif2db.pl -D "$rootdn" -w "$rootpw" -n userRoot -i $sroot/share/dirsrv/data/Example.ldif
sleep 10
fi
commit a9a3a64b09ded1120bccfaefda6653b4ebe49c3b
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Aug 19 15:32:32 2013 -0600
Ticket #47403 DSGW authentication issue
https://fedorahosted.org/389/ticket/47403
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: The charset conversion was not working, which caused the
message about the charset is not supported. The size of the conversion
buffer was negative, and this caused the conversion to utf8 to fail. This
caused, among other things, the problem with the authentication credentials.
Platforms tested: RHEL6 x86_64, Fedora 20
Flag Day: no
Doc impact: no
diff --git a/cgiutil.c b/cgiutil.c
index e65cc96..7fcf8e7 100644
--- a/cgiutil.c
+++ b/cgiutil.c
@@ -86,7 +86,7 @@ dsgw_vec_convert (char** vec)
/* copy the converted characters into t after the '=', and
leave room for the trailing 0 */
result = dsgw_convert(DSGW_TO_UTF8, converter,
- &tptr, (tlen - nlen - 1), &reallen,
+ &tptr, (tlen - 1), &reallen,
s, slen, &realSlen, &err);
tlen += slen; /* if failed, make more room */
} while (result == 0);
commit 2bf6b8e06b77280eb0e7a83f4701316e75615388
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Aug 19 09:40:55 2013 -0600
Ticket #47328 389-dsgw: entrydisplay.c:2523: bad switch statement
https://fedorahosted.org/389/ticket/47328
Reviewed by: rmeggins
Branch: master
Fix Description: Add break statements
Platforms tested: RHEL6 x86_64
Flag Day: no
Doc impact: no
diff --git a/entrydisplay.c b/entrydisplay.c
index e94427e..62639b3 100644
--- a/entrydisplay.c
+++ b/entrydisplay.c
@@ -2527,6 +2527,7 @@ do_searchdesc( dsgwtmplinfo *tip, int argc, char** argv)
: ((tip->dsti_options & DSGW_DISPLAY_OPT_CUSTOM_SEARCHDESC)
? DBT_Found0Entries_
: DBT_Found0EntriesWhere_);
+ break;
case 1:
fmt = opt & 1
? ((tip->dsti_options & DSGW_DISPLAY_OPT_CUSTOM_SEARCHDESC)
@@ -2535,6 +2536,7 @@ do_searchdesc( dsgwtmplinfo *tip, int argc, char** argv)
: ((tip->dsti_options & DSGW_DISPLAY_OPT_CUSTOM_SEARCHDESC)
? DBT_Found1Entry_
: DBT_Found1EntryWhere_);
+ break;
default:
fmt = opt & 1
? ((tip->dsti_options & DSGW_DISPLAY_OPT_CUSTOM_SEARCHDESC)
@@ -2543,6 +2545,7 @@ do_searchdesc( dsgwtmplinfo *tip, int argc, char** argv)
: ((tip->dsti_options & DSGW_DISPLAY_OPT_CUSTOM_SEARCHDESC)
? DBT_FoundEntries_
: DBT_FoundEntriesWhere_);
+ break;
}
{
auto char* format = XP_GetClientStr (fmt);
commit 31b6a78a1b84ca8b644bb7af36c449cdcaf61fba
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Aug 19 09:40:46 2013 -0600
add patch files
diff --git a/.gitignore b/.gitignore
index e497513..0dee061 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@ autom4te.cache
.autotools
.cproject
.project
+*.patch
commit d7451d4eebff3491cafe2fb9b558c95ffb716b1b
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:41:51 2013 -0600
Ticket #47486 compiler warnings in adminutil, admin, dsgw
fix compiler warnings
Reviewed by: nhosoi (Thanks!)
Platforms tested: RHEL 6, Fedora 20
diff --git a/doauth.c b/doauth.c
index 5fe0472..18fbb4a 100644
--- a/doauth.c
+++ b/doauth.c
@@ -27,13 +27,9 @@ static void do_autherror( int rc, char *msg, char *lderrtxt,
int ommitclosebutton );
-int main( argc, argv, env )
- int argc;
- char *argv[];
+int main( int argc, char *argv[] )
{
- int reqmethod;
-
- reqmethod = dsgw_init( argc, argv, DSGW_METHOD_POST );
+ (void)dsgw_init( argc, argv, DSGW_METHOD_POST );
post_request();
diff --git a/emitf.c b/emitf.c
index b20e5f9..dc9a39d 100644
--- a/emitf.c
+++ b/emitf.c
@@ -309,7 +309,9 @@ dsgw_vxprintf (dsgw_producer produce, void* parm,
}
}
if (aslot == islot) { /* No slot refers to this arg. */
- if (va_arg (argl, const char*)); /* Skip over it. */
+ if (va_arg (argl, const char*)) {
+ ; /* Skip over it. */
+ }
} else {
/*fprintf (stderr, " %i:%i", (int)(aslot-slot), aslot->type);*/
switch (aslot->type) {
diff --git a/htmlout.c b/htmlout.c
index f49b34a..7be0e10 100644
--- a/htmlout.c
+++ b/htmlout.c
@@ -460,7 +460,7 @@ dsgw_emit_confirm_script()
{
char *yes_key_str = dsgw_get_cgi_var("YES", DSGW_CGIVAR_OPTIONAL);
/* char *no_key_str = dsgw_get_cgi_var("NO", DSGW_CGIVAR_OPTIONAL); unused apparently */
- int yes_key, no_key;
+ int yes_key;
char *yes = NULL, *no = NULL;
if (!yes_key_str) {
@@ -476,7 +476,6 @@ dsgw_emit_confirm_script()
} else if (!strcasecmp(yes_key_str, "CONFIRMVALUE5")) {
yes_key = DBT_confirmValue5;
}
- no_key = 0; /* unused apparently */
yes = XP_GetClientStr(yes_key);
diff --git a/htmlparse.c b/htmlparse.c
index 187ed2d..1326238 100644
--- a/htmlparse.c
+++ b/htmlparse.c
@@ -655,14 +655,12 @@ int *argc
)
{
char **vars = (char **) NULL;
- register int x;
int isvar;
char scratch[BIG_LINE];
char lastchar, *p;
int numvars = 0;
isvar = -1;
- x = 0;
scratch[0] = '\0';
lastchar = ' ';
diff --git a/newentry.c b/newentry.c
index 6110184..ce49170 100644
--- a/newentry.c
+++ b/newentry.c
@@ -31,7 +31,6 @@ emit_file (char* filename, dsgwnewtype* entType)
auto char line[ BIG_LINE ];
auto int argc;
auto char **argv;
- char *deleteme = NULL;
while ( dsgw_next_html_line( html, line )) {
if ( dsgw_parse_line( line, &argc, &argv, 0, dsgw_simple_cond_is_true, NULL )) {
@@ -106,7 +105,6 @@ emit_file (char* filename, dsgwnewtype* entType)
"function submitNameForm(nameForm)\n"
"{\n"
" if ( nameForm.entryname.value == '' ) {\n");
- deleteme = XP_GetClientStr (DBT_enterNameForNewEntry_);
dsgw_emit_alert ("newentryNameFrame", "width=400,height=130,resizable",
"%s", XP_GetClientStr (DBT_enterNameForNewEntry_));
diff --git a/sort.c b/sort.c
index 2bc6a50..0b995f2 100644
--- a/sort.c
+++ b/sort.c
@@ -75,7 +75,7 @@ ldap_keysort_entries(
LDAP_KEYCMP_CALLBACK *cmp,
LDAP_KEYFREE_CALLBACK *fre)
{
- size_t count, i;
+ int count, i;
keycmp_t kc = {0};
keything_t **kt;
LDAPMessage *e, *last;
@@ -129,8 +129,12 @@ ldap_keysort_entries(
LDAPMessage *tmp;
/* delete (unlink) the message from its unsorted place in the chain */
tmp = ldap_delete_result_entry(chain, kt[i-1]->kt_msg);
+#if defined(DEBUG) || defined(FORCE_PR_ASSERT)
PR_ASSERT(tmp != NULL); /* should be in the list */
PR_ASSERT(tmp == kt[i]->kt_msg); /* should return a pointer into the chain list */
+#else
+ (void)tmp; /* eliminate compiler warning */
+#endif
/* ldap_add_result_entry adds the msg/entry to the front of the list */
/* so we have to add them backwards to preserve the sorted order */
ldap_add_result_entry(chain, kt[i-1]->kt_msg);
diff --git a/tmplout.c b/tmplout.c
index a51e6a1..2a6762e 100644
--- a/tmplout.c
+++ b/tmplout.c
@@ -455,7 +455,7 @@ do_entry2text_search(
char *urlprefix
)
{
- int err, freedn, html;
+ int err, freedn;
char *buf, **fetchattrs, **vals;
LDAPMessage *ldmp;
struct ldap_disptmpl *tmpl;
@@ -470,8 +470,6 @@ do_entry2text_search(
return( err );
}
- html = ( urlprefix != NULL );
-
timeout.tv_sec = SEARCH_TIMEOUT_SECS;
timeout.tv_usec = 0;
@@ -1029,7 +1027,7 @@ searchaction( LDAP *ld, char *buf, char *base, LDAPMessage *entry, char *dn,
char **members;
struct berval **bmembers;
struct berval **bvals;
- char *value, *filtpattern, *attr, *selectname;
+ char *value, *filtpattern, *attr;
char *retattrs[2], filter[ 256 ];
LDAPMessage *ldmp;
struct timeval timeout;
@@ -1046,7 +1044,6 @@ searchaction( LDAP *ld, char *buf, char *base, LDAPMessage *entry, char *dn,
filtpattern = tip->ti_args[ 1 ];
retattrs[ 0 ] = tip->ti_args[ 2 ];
retattrs[ 1 ] = NULL;
- selectname = tip->ti_args[ 3 ];
bvals = NULL;
if ( attr == NULL ) {
diff --git a/unauth.c b/unauth.c
index dcfea72..525b073 100644
--- a/unauth.c
+++ b/unauth.c
@@ -30,12 +30,10 @@ void generate_message( int type );
int main( int argc, char **argv )
{
- int reqmethod;
char *expck;
char *authck;
- int rc;
- reqmethod = dsgw_init( argc, argv, DSGW_METHOD_GET );
+ (void)dsgw_init( argc, argv, DSGW_METHOD_GET );
authck = dsgw_get_auth_cookie();
if ( authck == NULL ) {
@@ -46,7 +44,7 @@ int main( int argc, char **argv )
}
/* Remove the cookie from the cookie database */
- rc = dsgw_delcookie( authck );
+ (void)dsgw_delcookie( authck );
/* Generate a cookie header with the cookie set to [unauthenticated] */
expck = dsgw_ch_malloc( strlen( DSGW_CKHDR ) + strlen( DSGW_AUTHCKNAME ) +
commit 80745b963d0b8ce06f223204b076ef26f97fcc64
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:41:04 2013 -0600
Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw
https://fedorahosted.org/389/ticket/47465
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: Do not need to check for defined adminutil_lib and
adminutil_inc - pkg-config will fail if they cannot be determined.
Platforms tested: RHEL6 x86_64, Fedora 20
Flag Day: no
Doc impact: no
diff --git a/configure b/configure
index eae3cfb..7f48df6 100755
--- a/configure
+++ b/configure
@@ -18103,10 +18103,6 @@ fi
fi
fi
-if test -z "$adminutil_inc" -o -z "$adminutil_lib"; then
- as_fn_error $? "ADMINUTIL not found, specify with --with-adminutil." "$LINENO" 5
-fi
-
if test "$with_openldap" = "yes"; then
OPENLDAP_TRUE=
diff --git a/m4/adminutil.m4 b/m4/adminutil.m4
index 1d5900b..c5d4893 100644
--- a/m4/adminutil.m4
+++ b/m4/adminutil.m4
@@ -62,7 +62,3 @@ if test -z "$adminutil_inc" -o -z "$adminutil_lib"; then
fi
fi
fi
-
-if test -z "$adminutil_inc" -o -z "$adminutil_lib"; then
- AC_MSG_ERROR([ADMINUTIL not found, specify with --with-adminutil.])
-fi
commit a7dfff007a768af53509f8eab4248f97eb3dfb13
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:27:05 2013 -0600
add Eclipse generated files
diff --git a/.gitignore b/.gitignore
index c0b150c..e497513 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,5 @@
*~
autom4te.cache
+.autotools
+.cproject
+.project
10 years, 7 months
Changes to 'refs/tags/389-admin-1.1.35'
by Richard Allen Megginson
Changes since 389-admin-1.1.11:
Endi S. Dewata (3):
Bug 573889 - Migration does not remove deprecated schema
Bug 644929 - FDS to 389 DS migration results in both Fedora and 389 entries
Bug 470576 - Migration could do addition checks before commiting actions
Mark Reynolds (3):
Ticket #286 - compilation fixes for 'format-security'
Ticket 401 - Console login fails with anonymous access disabled
Ticket 400 - BIND operation result not checked properly in admin server
Nathan Kinder (49):
Bug 648949 - Merge selinux policy into base OS
Regenerated autoconf files
Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled
Bug 668950 - Add posix group support to Console
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 618897 - Wrong permissions when creating instance from Console
Bug 493424 - remove unneeded modules for admin server apache config
Bug 614690 - Don't use exec to call genrb
Bug 699815 - (cov#10859) Add missing braces in mod_admserv code
Bug 699815 - (cov#10858) getenv() called twice in viewlog cgi
Bug 699815 - (cov#10849,10851) Remove unused variables
Bug 699907 - (cov#10844) Uninitialized time struct
Bug 699907 - (cov#10843) Use of uninitialized variable in logging code
Bug 699907 - (cov#10840) Use of uninitialized buffer in security cgi
Bug 699907 - (cov#10836) Use of uninitialized var in http conn code
Bug 699907 - (cov#10833) Use of uninitialized vars in SNMP code
Bug 700532 - (cov#10832) Incorrect if condition in dsalib
Bug 700875 - (cov#10778) Cleanup ds_bring_up_server_install() in dsalib
Bug 700890 - (cov#10812) Check return value of open() properly in libadmin
Bug 700948 - (cov#10846) - Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10845) Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10839) Use of uninitialized variable in security cgi
Bug 700948 - (cov#10837) Use of uninitialized variable in monreplication
Bug 700948 - (cov#10835) Use of unitialized pointer in config cgi
Bug 700948 - (cov#10813) dynamic overrun possibility in ds_listdb cgi
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 702150 - (cov#10823) File descriptors leaked in help cgi
Bug 702150 - (cov#10822,10821) file descriptor leaks in config cgi
Bug 702150 - (cov#10820,10819) file descriptor leaks in readlog cgi
Bug 702150 - leak of config array in dsalib
Bug 702150 - (cov#10816) file descriptor leak in dsalib
Bug 702150 - (cov#10817) Leak of string in libdsa
Bug 702150 - Resouce leaks in htmladmin.c
Bug 702705 - (cov#10830) NULL pointer dereference in htmladmin
Bug 702705 - NULL pointer dereferences in viewlog cgi
Bug 702705 - (cov#10803) NULL pointer dereference in security cgi
Bug 702705 - (cov#10785) NULL pointer dereference in ds_snmpctrl
Bug 702705 - (cov#10784,10783) NULL pointer dereferences in dsalib
Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
Bug 724808 - startup CGIs write temp file to /
Bug 730079 - Update SELinux policy during upgrades
Ticket #329 - Port modules to httpd 2.4
Ticket #47333 - Relabel lockfile when starting Admin Server
Ticket #47334 - Avoid quoting all settings in console.conf
Ticket 47468 - Change security password validation error is out of order
Ticket 47466 - Importing CA cert with existing name crashes security CGI
Ticket 362 - Directory Console generates insufficient key strength
Ticket 47467 - Improve CRL import error messages
Noriko Hosoi (21):
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
start-ds-admin.in -- replaced "return 1" with "exit 1"
Bug 616260 - libds-admin-serv linking fails due to unresolved link-time dependencies
Bug 618858 - move start-ds-admin env file into main admin server
Bug 387981 - plain files can be chosen on the Restore Directory dialog
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 245278 - Changing to a password with a single quote does not work
Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
Bug 158926 - Unable to install CA certificate when using
Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
Bug 476925 - Admin Server: Do not allow 8-bit passwords for
Trac Ticket #307 - htmladmin keeps segfaulting
If htmladmin fails to connect to the server, the cgi could crash.
Ticket #293 - remove-ds-admin.pl does not remove everything
Ticket #476 - 389 ds do not start on F18 due to missing modules
bump version to 1.1.31
Ticket #567 - Restart of Admin server from console fails on segfault
bump version to 1.1.32
bump version to 1.1.33
bump version to 1.1.34
Rich Megginson (60):
bump version to 1.1.12.a1
initial support for openldap
add selinux policy for dsgw
skip LD_PRELOAD if using openldap
add more log information if nss init fails
add even more nss debugging
Bug 618454 - mod_admserv should only clear NSS caches and shutdown if NSS is initialized
bump version to 1.1.12.a2
fix building with mozldap
bump version to 1.1.12.a3
fix autotool build issues with properties files
setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
Bug 656441 - Missing library path entry causes LD_PRELOAD error
bump version to 1.1.13
bump version to 1.1.14.a1
Bug 664671 - Admin server segfault when full SSL access (http+ldap+console) required
bump version to 1.1.14
bump version to 1.1.15
bump version to 1.1.16
Bug 703990 - Support upgrade from Red Hat Directory Server
bump version to 1.1.17
add support for different skins
skip rebranding current brand
bump version to 1.1.18
look for separate openldap ldif library
bump version to 1.1.19
Bug 710372 - Not able to open the Manage Certificate from DS-console
better NSS error handling - reduce memory leaks
fix typo in NSS_Shutdown warning message
added tests for the security cgi
Bug 713000 - Migration stops if old admin server cannot be stopped
Bug 718079 - Perl errors when running migrate-ds-admin.pl
Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
bump version to 1.1.20
bump version to 1.1.21
handle binary upgrade
add man pages for ds_removal and ds_unregister
bump version to 1.1.22
fix binary paths
bump version to 1.1.23
bump version to 1.1.24
Bug 695741 - Providing native systemd file for upcoming F16 Feature Systemd
Bug 740959 - 389-console put CA certificates into wrong database
bump version to 1.1.25
Bug 767823 - selinux: need to allow admin server to connect to ldap port
bump version to 1.1.26
Ticket #161 - Review and address latest Coverity issues
Ticket #281 - TLS not working with latest openldap
bump version to 1.1.27
bump version to 1.1.28
bump version to 1.1.29
bump version to 1.1.30
ignore files generated by Eclipse
Ticket #47486 compiler warnings in adminutil, admin, dsgw
Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw
add more debugging for SSL connection problems
Ticket #47413 389-admin fails to build with latest httpd
compiler warning - ldif_read_record lineno type depends on openldap version
add Eclipse and patch files
bump version to 1.1.35
noriko (1):
Ticket #47298 - remove-ds-admin.pl does not stop the admin server
---
.gitignore | 4
Makefile.am | 109
Makefile.in | 1767 -
VERSION.sh | 4
aclocal.m4 | 7258 ----
admserv/cfgstuff/httpd-2.2.conf.in | 13
admserv/cfgstuff/httpd-2.4.conf.in | 742
admserv/cfgstuff/httpd.conf.in | 2
admserv/cfgstuff/initconfig.in | 5
admserv/cfgstuff/start-ds-admin.in | 83
admserv/cgi-ds/ds_listdb.c | 26
admserv/cgi-ds/ds_snmpctrl.c | 5
admserv/cgi-src40/ReadLog.c | 18
admserv/cgi-src40/admlib.mk | 119
admserv/cgi-src40/admpw.c | 74
admserv/cgi-src40/cgicommon.h | 1
admserv/cgi-src40/cgicommon.properties | 3
admserv/cgi-src40/config.c | 43
admserv/cgi-src40/dllglue.c | 42
admserv/cgi-src40/ds_create.in | 6
admserv/cgi-src40/dsconfig.c | 10
admserv/cgi-src40/head.html | 1
admserv/cgi-src40/help.c | 15
admserv/cgi-src40/htmladmin.c | 810
admserv/cgi-src40/htmladmin.properties | 42
admserv/cgi-src40/monreplication.c | 7
admserv/cgi-src40/repl-monitor-cgi.pl.in | 37
admserv/cgi-src40/restartsrv.c | 9
admserv/cgi-src40/sec-activate.c | 52
admserv/cgi-src40/security.c | 306
admserv/cgi-src40/security.properties | 6
admserv/cgi-src40/statpingserv.c | 82
admserv/cgi-src40/stopsrv.c | 10
admserv/cgi-src40/ugdsconfig.c | 39
admserv/cgi-src40/viewdata.c | 157
admserv/cgi-src40/viewdata.properties | 2
admserv/cgi-src40/viewlog.c | 75
admserv/cgi-src40/viewlog.properties | 6
admserv/genrb_wrapper.sh | 2
admserv/html/admserv.html.in | 11
admserv/html/htmladmin.html.in | 13
admserv/html/monreplication.html | 20
admserv/html/viewdata.html | 6
admserv/html/viewlog.html | 14
admserv/makeUpgradeTar.sh | 30
admserv/newinst/src/25changefedorato389.pl | 250
admserv/newinst/src/25rebrand.pl.in | 413
admserv/newinst/src/30updateglobalpref.pl.in | 9
admserv/newinst/src/AdminMigration.pm.in | 79
admserv/newinst/src/AdminServer.pm.in | 168
admserv/newinst/src/AdminUtil.pm.in | 78
admserv/newinst/src/ConfigDSDialogs.pm | 30
admserv/newinst/src/dirserver.map.in | 1
admserv/newinst/src/remove-ds-admin.pl.in | 8
admserv/newinst/src/setup-ds-admin.res.in | 3
admserv/schema/ldif/02globalpreferences.ldif.tmpl | 49
admserv/schema/ldif/10dsdata.ldif.tmpl | 39
compile | 240
config.guess | 529
config.h.in | 33
config.sub | 379
configure |38698 +++++++++-------------
configure.ac | 111
depcomp | 343
include/base/file.h | 3
include/base/util.h | 3
include/libadmin/dbtlibadmin.h | 2
include/libadmin/libadmin.h | 92
include/libdsa/dsalib.h | 15
install-sh | 538
lib/base/file.cpp | 30
lib/base/nscputil.cpp | 51
lib/libadmin/dllglue.c | 77
lib/libadmin/httpcon.c | 2
lib/libadmin/referer.c | 4
lib/libadmin/template.c | 29
lib/libadmin/util.c | 973
lib/libdsa/dsalib_conf.c | 37
lib/libdsa/dsalib_confs.c | 93
lib/libdsa/dsalib_location.c | 46
lib/libdsa/dsalib_tailf.c | 1
lib/libdsa/dsalib_updown.c | 78
lib/libdsa/dsalib_util.c | 56
ltmain.sh |14878 +++++---
m4/adminutil.m4 | 4
m4/httpd.m4 | 3
m4/mozldap.m4 | 116
m4/openldap.m4 | 138
m4/selinux.m4 | 3
man/man8/ds_removal.8 | 54
man/man8/ds_unregister.8 | 48
man/man8/restart-ds-admin.8 | 10
man/man8/start-ds-admin.8 | 10
man/man8/stop-ds-admin.8 | 10
missing | 234
mod_admserv/mod_admserv.c | 255
mod_admserv/mod_admserv.h | 15
mod_restartd/mod_restartd-2.2.c | 22
selinux/dirsrv-admin.fc.in | 5
selinux/dirsrv-admin.te | 2
tests/ds_create/testget.1 | 2
tests/htmladmin/testget.2 | 2
tests/htmladmin/testget.3 | 2
tests/htmladmin/testget.4 | 2
tests/htmladmin/testget.5 | 2
tests/htmladmin/testget.6 | 2
tests/htmladmin/testget.7 | 2
tests/htmladmin/testget.8 | 2
tests/security/testpost.1 | 1
tests/security/testpost.10 | 1
tests/security/testpost.11 | 1
tests/security/testpost.12 | 1
tests/security/testpost.13 | 1
tests/security/testpost.14 | 1
tests/security/testpost.15 | 1
tests/security/testpost.16 | 1
tests/security/testpost.17 | 1
tests/security/testpost.18 | 1
tests/security/testpost.19 | 1
tests/security/testpost.2 | 1
tests/security/testpost.20 | 1
tests/security/testpost.21 | 1
tests/security/testpost.3 | 1
tests/security/testpost.4 | 1
tests/security/testpost.5 | 1
tests/security/testpost.6 | 1
tests/security/testpost.7 | 1
tests/security/testpost.8 | 1
tests/security/testpost.9 | 1
tests/setup.sh | 250
tests/ugdsconfig/testget.10 | 2
tests/viewdata/testget.2 | 2
tests/viewdata/testget.3 | 2
tests/viewdata/testget.4 | 2
tests/viewlog/testget.3 | 2
tests/viewlog/testget.4 | 2
wrappers/initscript.in | 3
wrappers/systemd.service.in | 24
138 files changed, 33959 insertions(+), 37850 deletions(-)
---
10 years, 7 months
8 commits - admserv/cgi-src40 configure .gitignore include/libadmin lib/base lib/libadmin lib/libdsa m4/adminutil.m4 m4/httpd.m4 mod_admserv/mod_admserv.c VERSION.sh
by Richard Allen Megginson
.gitignore | 4 ++
VERSION.sh | 2 -
admserv/cgi-src40/admpw.c | 4 +-
admserv/cgi-src40/config.c | 9 ++----
admserv/cgi-src40/dsconfig.c | 1
admserv/cgi-src40/htmladmin.c | 1
admserv/cgi-src40/monreplication.c | 1
admserv/cgi-src40/restartsrv.c | 1
admserv/cgi-src40/sec-activate.c | 1
admserv/cgi-src40/statpingserv.c | 1
admserv/cgi-src40/stopsrv.c | 1
admserv/cgi-src40/ugdsconfig.c | 1
admserv/cgi-src40/viewdata.c | 1
admserv/cgi-src40/viewlog.c | 1
configure | 6 ----
include/libadmin/dbtlibadmin.h | 2 -
lib/base/file.cpp | 8 -----
lib/base/nscputil.cpp | 5 ++-
lib/libadmin/util.c | 53 ++++---------------------------------
lib/libdsa/dsalib_confs.c | 16 +++++++++--
lib/libdsa/dsalib_util.c | 8 -----
m4/adminutil.m4 | 4 --
m4/httpd.m4 | 2 -
mod_admserv/mod_admserv.c | 21 +++++++++++---
24 files changed, 62 insertions(+), 92 deletions(-)
New commits:
commit 463ed9a71dfcdb801e58c24b06cd3e99d6f1a6c9
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Aug 20 11:07:54 2013 -0600
bump version to 1.1.35
diff --git a/VERSION.sh b/VERSION.sh
index c4173c4..de6b8d0 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -11,7 +11,7 @@ vendorurl=http://port389.org
# PACKAGE_VERSION is constructed from these
VERSION_MAJOR=1
VERSION_MINOR=1
-VERSION_MAINT=34
+VERSION_MAINT=35
# if this is a PRERELEASE, set VERSION_PREREL
# otherwise, comment it out
# be sure to include the dot prefix in the prerel
commit 0417dc764a38a5e34c402754ed699a60caea86fa
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Aug 16 10:53:13 2013 -0600
add Eclipse and patch files
diff --git a/.gitignore b/.gitignore
index b2642d7..d9fa51e 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,3 +2,5 @@
autom4te.cache
.project
.cproject
+.autotools
+*.patch
commit f2004eab1a9821c716a99a6efa925079d30ee457
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Aug 16 10:51:55 2013 -0600
compiler warning - ldif_read_record lineno type depends on openldap version
Reviewed by: nkinder (Thanks!)
diff --git a/lib/libdsa/dsalib_confs.c b/lib/libdsa/dsalib_confs.c
index 36d9356..b4a1f4c 100644
--- a/lib/libdsa/dsalib_confs.c
+++ b/lib/libdsa/dsalib_confs.c
@@ -38,6 +38,18 @@
#include "nspr.h"
#include "plstr.h"
+/* ldif_read_record lineno argument type depends on openldap version */
+#if defined(USE_OPENLDAP)
+#include <ldap_features.h>
+#if LDAP_VENDOR_VERSION >= 20434 /* changed in 2.4.34 */
+typedef unsigned long int ldif_record_lineno_t;
+#else
+typedef int ldif_record_lineno_t;
+#endif
+#else
+typedef int ldif_record_lineno_t;
+#endif
+
int
dsalib_ldif_parse_line(
char *line,
@@ -75,11 +87,11 @@ ds_get_conf_from_file(FILE *conf)
int listsize = 0;
char **conf_list = NULL;
char *entry = 0;
- int lineno = 0;
- int i = 0;
#if defined(USE_OPENLDAP)
int buflen = 0;
#endif
+ ldif_record_lineno_t lineno;
+ int i = 0;
#if defined(USE_OPENLDAP)
while (ldif_read_record(conf, &lineno, &entry, &buflen)) {
commit c6e18768092c55d916548fc090c91b079c0d3c8a
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Fri Aug 16 10:49:44 2013 -0600
Ticket #47413 389-admin fails to build with latest httpd
https://fedorahosted.org/389/ticket/47413
Reviewed by: nkinder (Thanks!)
Branch: master
Fix Description: Use awk to parse out MIMEMagicFile from httpd.conf
Platforms tested: RHEL6 x86_64, Fedora 20
Flag Day: no
Doc impact: no
diff --git a/configure b/configure
index 881d344..bf81905 100755
--- a/configure
+++ b/configure
@@ -18085,7 +18085,7 @@ esac
httpdconf=${httpd_root}/${httpd_conf_rel}
-mimemagic=`grep MIMEMagicFile $httpdconf|grep -v \^# | awk '{print $2}'`
+mimemagic=`awk '"MIMEMagicFile" == $1" {print $2}' $httpdconf`
if test ! -f "$mimemagic" ; then
# assume relative to root
mimemagic=${httpd_root}/${mimemagic}
diff --git a/m4/httpd.m4 b/m4/httpd.m4
index f106e2a..b72054c 100644
--- a/m4/httpd.m4
+++ b/m4/httpd.m4
@@ -61,7 +61,7 @@ esac
httpdconf=${httpd_root}/${httpd_conf_rel}
-mimemagic=`grep MIMEMagicFile $httpdconf|grep -v \^# | awk '{print $2}'`
+mimemagic=`awk '"MIMEMagicFile" == $1" {print $2}' $httpdconf`
if test ! -f "$mimemagic" ; then
# assume relative to root
mimemagic=${httpd_root}/${mimemagic}
commit 2a67826ff30226436edff1653088924ef983f5a6
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:06:09 2013 -0600
add more debugging for SSL connection problems
diff --git a/mod_admserv/mod_admserv.c b/mod_admserv/mod_admserv.c
index 744364c..eacf1e8 100644
--- a/mod_admserv/mod_admserv.c
+++ b/mod_admserv/mod_admserv.c
@@ -779,6 +779,8 @@ static int
sslinit(AdmldapInfo info, const char *configdir)
{
if (!NSS_IsInitialized()) {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0 /* status */, NULL,
+ "sslinit: doing NSS initialization");
/* mod_nss is used when we are a TLS/SSL server - mod_nss starts up before we do
and will set up all of the TLS/SSL stuff */
/* if we are acting as simply a TLS/SSL client to the directory server,
@@ -2088,6 +2090,11 @@ host_ip_init(apr_pool_t *p, apr_pool_t *plog,
if (admldapGetSecurity(info)) {
sslinit(info, configdir);
if (admldapBuildInfoSSL(info, &error)) {
+ if (error != ADMUTIL_OP_OK) {
+ ap_log_error(APLOG_MARK, APLOG_INFO, 0, base_server,
+ "host_ip_init(): problem creating secure AdmldapInfo (error code = %d)",
+ error);
+ }
} else {
ap_log_error(APLOG_MARK, APLOG_CRIT, 0, base_server,
"host_ip_init(): unable to create secure AdmldapInfo (error code = %d)",
@@ -2095,6 +2102,10 @@ host_ip_init(apr_pool_t *p, apr_pool_t *plog,
destroyAdmldap(info);
return DONE;
}
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, base_server,
+ "host_ip_init(): secure connection not enabled, skipping sslinit");
+
}
destroyAdmldap(info);
@@ -2261,6 +2272,11 @@ apr_status_t mod_admserv_unload(void *data)
{
if (NSS_IsInitialized()) {
SSL_ClearSessionCache();
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL,
+ "mod_admserv_unload: cleared SSL session cache");
+ } else {
+ ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL,
+ "mod_admserv_unload: cannot clear cache - NSS not initialized");
}
return OK;
}
commit 6da58f7ef8aacfc926c2fbb1ec5cda79d2b8d002
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:04:29 2013 -0600
Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw
https://fedorahosted.org/389/ticket/47465
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: Do not need to check for defined adminutil_lib and
adminutil_inc - pkg-config will fail if they cannot be determined.
Platforms tested: RHEL6 x86_64, Fedora 20
Flag Day: no
Doc impact: no
diff --git a/configure b/configure
index 5039a51..881d344 100755
--- a/configure
+++ b/configure
@@ -19725,10 +19725,6 @@ fi
fi
fi
-if test -z "$adminutil_inc" -o -z "$adminutil_lib"; then
- as_fn_error $? "ADMINUTIL not found, specify with --with-adminutil." "$LINENO" 5
-fi
-
# BEGIN COPYRIGHT BLOCK
# Copyright (C) 2007 Red Hat, Inc.
# All rights reserved.
diff --git a/m4/adminutil.m4 b/m4/adminutil.m4
index 1d5900b..c5d4893 100644
--- a/m4/adminutil.m4
+++ b/m4/adminutil.m4
@@ -62,7 +62,3 @@ if test -z "$adminutil_inc" -o -z "$adminutil_lib"; then
fi
fi
fi
-
-if test -z "$adminutil_inc" -o -z "$adminutil_lib"; then
- AC_MSG_ERROR([ADMINUTIL not found, specify with --with-adminutil.])
-fi
commit ebb0765b60b287f6b7f44188f4337076e8c3aa9d
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:03:44 2013 -0600
Ticket #47486 compiler warnings in adminutil, admin, dsgw
fix compiler warnings
Reviewed by: nhosoi (Thanks!)
Platforms tested: RHEL 6, Fedora 20
diff --git a/admserv/cgi-src40/admpw.c b/admserv/cgi-src40/admpw.c
index ff0dc6c..e695881 100644
--- a/admserv/cgi-src40/admpw.c
+++ b/admserv/cgi-src40/admpw.c
@@ -73,11 +73,10 @@ sha1_pw_enc(const char *pwd)
unsigned char hash[SHA1_LENGTH];
char *enc;
char *retval;
- SECStatus rc;
int32 pwdlen = strlen(pwd);
/* SHA1 hash the user's key */
- rc = PK11_HashBuf(SEC_OID_SHA1, hash, (unsigned char *)pwd, pwdlen);
+ PK11_HashBuf(SEC_OID_SHA1, hash, (unsigned char *)pwd, pwdlen);
/* convert to base64 */
if (!(enc = BTOA_DataToAscii(hash, sizeof(hash)))) {
return NULL;
@@ -181,6 +180,7 @@ int main(int argc, char *argv[])
int errorcode = 0;
char *configdir = util_get_conf_dir();
+ (void)_ai; /* get rid of unused variable warning */
logMsg(" In %s\n", argv[0]);
i18nInit();
diff --git a/admserv/cgi-src40/config.c b/admserv/cgi-src40/config.c
index 74e0a0c..ddb4af3 100644
--- a/admserv/cgi-src40/config.c
+++ b/admserv/cgi-src40/config.c
@@ -155,9 +155,8 @@ int main(int argc, char *argv[])
char **inputs = 0;
char *operation = 0;
char *qs = 0;
- char *nameptr, *valptr, *val;
+ char *nameptr, *valptr;
char error_info[128];
- char *valsbuf[2];
int setFlag = 0, getFlag = 0, forceSetFlag = 0;
int ignorePsetErrors = 0;
AttributeList resultList, nvl;
@@ -176,11 +175,9 @@ int main(int argc, char *argv[])
while (waitforever);
#endif
+ (void)_ai; /* get rid of unused variable warning */
i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
- valsbuf[0] = NULL;
- valsbuf[1] = NULL;
-
memset((void *)errp, 0, sizeof(int));
method = getenv("REQUEST_METHOD");
@@ -620,7 +617,7 @@ int main(int argc, char *argv[])
#endif
errorCode = PSET_OP_OK;
- val = psetGetAttrSingleValue(pset, nameptr, &errorCode);
+ (void)psetGetAttrSingleValue(pset, nameptr, &errorCode);
if (errorCode && !ignorePsetErrors) {
if (forceSetFlag)
addSingleValueAttribute(addList, j++, nameptr, valptr);
diff --git a/admserv/cgi-src40/dsconfig.c b/admserv/cgi-src40/dsconfig.c
index 899836b..b35826e 100644
--- a/admserv/cgi-src40/dsconfig.c
+++ b/admserv/cgi-src40/dsconfig.c
@@ -159,6 +159,7 @@ int main(int argc, char *argv[])
logMsg(" In %s\n", argv[0]);
+ (void)_ai; /* get rid of unused variable warning */
i18nInit();
/* GET or POST method */
diff --git a/admserv/cgi-src40/htmladmin.c b/admserv/cgi-src40/htmladmin.c
index 7110526..b168ce7 100644
--- a/admserv/cgi-src40/htmladmin.c
+++ b/admserv/cgi-src40/htmladmin.c
@@ -1582,6 +1582,7 @@ int main(int argc, char *argv[])
const char *configdir = util_get_conf_dir();
const char *secdir = util_get_security_dir();
+ (void)_ai; /* get rid of unused variable warning */
i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
acceptLanguage = "en";
if (lang) acceptLanguage = strdup(lang);
diff --git a/admserv/cgi-src40/monreplication.c b/admserv/cgi-src40/monreplication.c
index 253dcaf..2b07038 100644
--- a/admserv/cgi-src40/monreplication.c
+++ b/admserv/cgi-src40/monreplication.c
@@ -85,6 +85,7 @@ int main(int argc, char *argv[])
char configfile[256] = {'\0'};
char *resstr;
+ (void)_ai; /* get rid of unused variable warning */
i18nInit();
fprintf(stdout, "Content-type: text/html;charset=utf-8\n\n");
diff --git a/admserv/cgi-src40/restartsrv.c b/admserv/cgi-src40/restartsrv.c
index 87e76bf..69d8853 100644
--- a/admserv/cgi-src40/restartsrv.c
+++ b/admserv/cgi-src40/restartsrv.c
@@ -125,6 +125,7 @@ int main(int argc, char *argv[])
char *acceptLanguage = (char*)"en", *lang=getenv((char*)"HTTP_ACCEPT_LANGUAGE");
Resource *i18nResource = NULL;
+ (void)_ai; /* get rid of unused variable warning */
i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
if (lang) acceptLanguage = strdup(lang);
diff --git a/admserv/cgi-src40/sec-activate.c b/admserv/cgi-src40/sec-activate.c
index a36f75f..6ae70ed 100644
--- a/admserv/cgi-src40/sec-activate.c
+++ b/admserv/cgi-src40/sec-activate.c
@@ -499,6 +499,7 @@ int main(int argc, char *argv[])
AdmldapInfo ldapInfo = NULL;
char *lang;
+ (void)_ai; /* get rid of unused variable warning */
memset((void *)errp, 0, sizeof(int));
method = getenv("REQUEST_METHOD");
diff --git a/admserv/cgi-src40/statpingserv.c b/admserv/cgi-src40/statpingserv.c
index d6e55f7..3fc5616 100644
--- a/admserv/cgi-src40/statpingserv.c
+++ b/admserv/cgi-src40/statpingserv.c
@@ -75,6 +75,7 @@ int main(int argc, char *argv[])
char *portstr;
struct PRFileInfo64 prfileinfo;
+ (void)_ai; /* get rid of unused variable warning */
m = getenv("REQUEST_METHOD");
if(!strcmp(m, "GET")) {
diff --git a/admserv/cgi-src40/stopsrv.c b/admserv/cgi-src40/stopsrv.c
index 436989e..b2b83c9 100644
--- a/admserv/cgi-src40/stopsrv.c
+++ b/admserv/cgi-src40/stopsrv.c
@@ -85,6 +85,7 @@ int main(int argc, char *argv[])
char *return_format = NULL;
char *qs = 0;
+ (void)_ai; /* get rid of unused variable warning */
i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
if (lang) acceptLanguage = strdup(lang);
diff --git a/admserv/cgi-src40/ugdsconfig.c b/admserv/cgi-src40/ugdsconfig.c
index 9be5332..0b23d93 100644
--- a/admserv/cgi-src40/ugdsconfig.c
+++ b/admserv/cgi-src40/ugdsconfig.c
@@ -179,6 +179,7 @@ int main(int argc, char *argv[])
const char *configdir = util_get_conf_dir();
const char *secdir = util_get_security_dir();
+ (void)_ai; /* get rid of unused variable warning */
logMsg(" In %s\n", argv[0]);
i18nInit();
diff --git a/admserv/cgi-src40/viewdata.c b/admserv/cgi-src40/viewdata.c
index 7dd5d80..5cba168 100644
--- a/admserv/cgi-src40/viewdata.c
+++ b/admserv/cgi-src40/viewdata.c
@@ -412,6 +412,7 @@ int main(int argc, char *argv[])
AdmldapInfo ldapInfo = get_adm_ldapinfo(configdir, secdir);
+ (void)_ai; /* get rid of unused variable warning */
i18nInit();
if(!get_bindinfo(&binddn, &bindpw))
diff --git a/admserv/cgi-src40/viewlog.c b/admserv/cgi-src40/viewlog.c
index e4ec208..4a36780 100644
--- a/admserv/cgi-src40/viewlog.c
+++ b/admserv/cgi-src40/viewlog.c
@@ -341,6 +341,7 @@ int main(int argc, char *argv[])
int rc = 0;
char *configdir = NULL;
+ (void)_ai; /* get rid of unused variable warning */
i18nInit();
fprintf(stdout, "Content-type: text/html;charset=utf-8\n\n");
diff --git a/include/libadmin/dbtlibadmin.h b/include/libadmin/dbtlibadmin.h
index 24048c7..9c40647 100644
--- a/include/libadmin/dbtlibadmin.h
+++ b/include/libadmin/dbtlibadmin.h
@@ -21,8 +21,6 @@
#define LIBRARY_NAME "libadmin"
-static char dbtlibadminid[] = "$DBT: libadmin referenced v1 $";
-
#include "i18n.h"
BEGIN_STR(libadmin)
diff --git a/lib/base/file.cpp b/lib/base/file.cpp
index ac2ece6..0ca4c9b 100644
--- a/lib/base/file.cpp
+++ b/lib/base/file.cpp
@@ -483,19 +483,11 @@ NSAPI_PUBLIC int system_errmsg_fn(char **buff, size_t maxlen)
char static_error[128];
char *lmsg = 0; /* Local message pointer */
size_t msglen = 0;
- int sys_error = 0;
PRErrorCode nscp_error;
#ifdef XP_WIN32
LPTSTR sysmsg = 0;
#endif
-
- /* Grab the OS error message */
-#ifdef XP_WIN32
- sys_error = GetLastError();
-#else
- sys_error = errno;
-#endif
nscp_error = PR_GetError();
/* If there is a NSPR error, but it is "unknown", try to get the OSError
diff --git a/lib/base/nscputil.cpp b/lib/base/nscputil.cpp
index 77e7a6e..1fb6a27 100644
--- a/lib/base/nscputil.cpp
+++ b/lib/base/nscputil.cpp
@@ -833,11 +833,12 @@ util_waitpid(pid_t pid, int *statptr, int options)
for(rv = 0; !rv; PR_Sleep(500)) {
rv = waitpid(pid, statptr, options | WNOHANG);
if (rv == -1) {
- if (errno == EINTR)
+ if (errno == EINTR) {
rv = 0; /* sleep and try again */
- else
+ } else {
// ereport(LOG_WARN, "waitpid failed for pid %d:%s", pid, system_errmsg());
;
+ }
}
}
return rv;
diff --git a/lib/libadmin/util.c b/lib/libadmin/util.c
index be651b4..29c77b5 100644
--- a/lib/libadmin/util.c
+++ b/lib/libadmin/util.c
@@ -1558,17 +1558,19 @@ util_ldap_init(
if (secure > 0) {
#if defined(USE_OPENLDAP)
int optval = 0;
+#else
+ LDAP *myld = NULL;
#endif /* !USE_OPENLDAP */
int ssl_strength = 0;
- LDAP *myld = NULL;
+#if !defined(USE_OPENLDAP)
/* we can only use the set functions below with a real
LDAP* if it has already gone through ldapssl_init -
so, use NULL if using starttls */
if (secure == 1) {
myld = ld;
}
-
+#endif
/* verify certificate only */
#if defined(USE_OPENLDAP)
ssl_strength = LDAP_OPT_X_TLS_NEVER;
@@ -1683,55 +1685,12 @@ util_ldap_bind(
{
int rc = LDAP_SUCCESS;
int err = LDAP_SUCCESS;
- int secure = 0;
struct berval bvcreds = {0, NULL};
LDAPMessage *result = NULL;
struct berval *servercredp = NULL;
-#if defined(USE_OPENLDAP)
- /* openldap doesn't have a SSL/TLS yes/no flag - so grab the
- ldapurl, parse it, and see if it is a secure one */
- char *ldapurl = NULL;
-
- ldap_get_option(ld, LDAP_OPT_URI, &ldapurl);
- if (ldapurl && !PL_strncasecmp(ldapurl, "ldaps", 5)) {
- secure = 1;
- }
- PL_strfree(ldapurl);
- ldapurl = NULL;
-#else /* !USE_OPENLDAP */
- ldap_get_option(ld, LDAP_OPT_SSL, &secure);
-#endif
-#ifdef EXTERNAL_AUTH_SUPPORTED
- if (secure && mech && !strcmp(mech, LDAP_SASL_EXTERNAL)) {
- /* SSL connections will use the server's security context
- and cert for client auth */
- rc = slapd_SSL_client_auth(ld);
-
- if (rc != 0) {
-#ifdef DEBUG
- fprintf(stderr, "util_ldap_bind: "
- "Error: could not configure the server for cert "
- "auth - error %d - make sure the server is "
- "correctly configured for SSL/TLS\n", rc);
-#endif
- goto done;
- } else {
-#ifdef DEBUG
- fprintf(stderr, "util_ldap_bind: "
- "Set up conn to use client auth\n");
-#endif
- }
- bvcreds.bv_val = NULL; /* ignore username and passed in creds */
- bvcreds.bv_len = 0; /* for external auth */
- bindid = NULL;
- } else { /* other type of auth */
-#endif /* EXTERNAL_AUTH_SUPPORTED */
- bvcreds.bv_val = (char *)creds;
- bvcreds.bv_len = creds ? strlen(creds) : 0;
-#ifdef EXTERNAL_AUTH_SUPPORTED
- }
-#endif /* EXTERNAL_AUTH_SUPPORTED */
+ bvcreds.bv_val = (char *)creds;
+ bvcreds.bv_len = creds ? strlen(creds) : 0;
/* The connection has been set up - now do the actual bind, depending on
the mechanism and arguments */
diff --git a/lib/libdsa/dsalib_util.c b/lib/libdsa/dsalib_util.c
index da875df..803f86d 100644
--- a/lib/libdsa/dsalib_util.c
+++ b/lib/libdsa/dsalib_util.c
@@ -402,18 +402,10 @@ ds_system_errmsg(void)
static char static_error[BUFSIZ];
char *lmsg = 0; /* Local message pointer */
size_t msglen = 0;
- int sys_error = 0;
#ifdef XP_WIN32
LPTSTR sysmsg = 0;
#endif
- /* Grab the OS error message */
-#ifdef XP_WIN32
- sys_error = GetLastError();
-#else
- sys_error = errno;
-#endif
-
#if defined(XP_WIN32)
msglen = FormatMessage(
FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_ALLOCATE_BUFFER,
diff --git a/mod_admserv/mod_admserv.c b/mod_admserv/mod_admserv.c
index 9eca803..744364c 100644
--- a/mod_admserv/mod_admserv.c
+++ b/mod_admserv/mod_admserv.c
@@ -2641,7 +2641,7 @@ static int
authenticate_user(LdapServerData *data, char *baseDN, char *user, const char *pw, request_rec *r)
{
LDAP *server;
- char *uid, *userdn, *ldapURL;
+ char *userdn, *ldapURL;
int ldapError = LDAP_SUCCESS;
int pw_expiring = 0;
int tries = 0;
@@ -2686,13 +2686,10 @@ authenticate_user(LdapServerData *data, char *baseDN, char *user, const char *pw
return DECLINED; /* fall back to final check against admpw */
}
-
- uid = user;
} else {
/* it's a DN */
userdn = user;
- uid = NULL;
/* strip the leading "ldap:", if present */
commit 14b1bf927e6b0ac47273a48ea4cbb58d12237dfc
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:02:16 2013 -0600
ignore files generated by Eclipse
diff --git a/.gitignore b/.gitignore
index c0b150c..b2642d7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,4 @@
*~
autom4te.cache
+.project
+.cproject
10 years, 7 months
ldap/servers
by thierry bordaz
ldap/servers/slapd/entry.c | 325 ++++++++++++++++++++++++++++------------
ldap/servers/slapd/proto-slap.h | 4
ldap/servers/slapd/slap.h | 3
ldap/servers/slapd/vattr.c | 16 -
4 files changed, 235 insertions(+), 113 deletions(-)
New commits:
commit e6fd70bd41bd4d401d1a8b639e94682976484814
Author: Thierry bordaz (tbordaz) <tbordaz(a)redhat.com>
Date: Fri Jun 21 17:58:44 2013 +0200
Ticket 512 - improve performance of vattr code
Bug Description:
The first part of the fix was incompleted, breaking fix #490.
The problem was that when an entry had no cached virtual attribute, we continued
to call the SP. In fact the cache mechanism supported only one virtual attribute (nsroledn)
and used the 'watermark' (in the entry) to know if the virtual attribute was already evaluated.
Now the virtual cache contains several attributes and we can not rely on only watermark to
know if the attribute was already evaluated.
Fix Description:
The fix implements a cache containing all the virtual attributes.
If a virtual attribute is evaluated, its value is store in the cache.
This even if the present value of the attribute is NULL (no Service Provider gave a result).
The meaning of the watermark returns to its origin: it says if the cached virtual values are or not valid
(a change in SP triggers invalidation of the cache).
https://fedorahosted.org/389/ticket/512
Reviewed by: Ludwig Krispenz,Rich Megginson
Platforms tested: F18
cos/roles acceptance
#490 test case (test integrated in 389 CI tests https://github.com/tbordaz/dirsrvtests)
#512 test case
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/slapd/entry.c b/ldap/servers/slapd/entry.c
index 6cab9b8..549f294 100644
--- a/ldap/servers/slapd/entry.c
+++ b/ldap/servers/slapd/entry.c
@@ -64,6 +64,16 @@
/* a helper function to set special rdn to a tombstone entry */
static int _entry_set_tombstone_rdn(Slapi_Entry *e, const char *normdn);
+/* computation of the size of the vattr in the entry */
+#define VATTR_READ_LOCK(e) slapi_rwlock_rdlock(e->e_virtual_lock)
+#define VATTR_READ_UNLOCK(e) slapi_rwlock_unlock(e->e_virtual_lock)
+#define VATTR_WRITE_LOCK(e) slapi_rwlock_wrlock(e->e_virtual_lock)
+#define VATTR_WRITE_UNLOCK(e) slapi_rwlock_unlock(e->e_virtual_lock)
+static size_t entry_vattr_size(Slapi_Entry *e);
+static struct _entry_vattr *entry_vattr_lookup_nolock(const Slapi_Entry *e, const char *attr_name);
+static void entry_vattr_add_nolock(Slapi_Entry *e, const char *type, Slapi_Attr *attr);
+static void entry_vattr_free_nolock(Slapi_Entry *e);
+
/* protected attributes which are not included in the flattened entry,
* which will be stored in the db. */
static char *protected_attrs_all [] = {PSEUDO_ATTR_UNHASHEDUSERPASSWORD,
@@ -83,6 +93,17 @@ struct attrs_in_extension attrs_in_extension[] =
{NULL, NULL, NULL}
};
+/* Structure used to store the virtual attribute cache in each entry
+ * If 'attr' is not NULL, the name of the attribute is taken from attr->a_type and so
+ * attrname is set to NULL.
+ * If 'attr' is NULL, the name of the attribute is stored in attrname
+ */
+struct _entry_vattr {
+ char *attrname; /* if NULL, the attribute name is the one in attr->a_type */
+ Slapi_Attr *attr; /* attribute computed by a SP */
+ struct _entry_vattr *next;
+};
+
/*
* An attribute name is of the form 'basename[;option]'.
* The state informaion is encoded in options. For example:
@@ -1986,7 +2007,9 @@ slapi_entry_free( Slapi_Entry *e ) /* JCM - Should be ** so that we can NULL the
slapi_ch_free((void **)&e->e_uniqueid);
attrlist_free(e->e_attrs);
attrlist_free(e->e_deleted_attrs);
- attrlist_free(e->e_virtual_attrs);
+ VATTR_WRITE_LOCK(e);
+ entry_vattr_free_nolock(e);
+ VATTR_WRITE_UNLOCK(e);
if(e->e_virtual_lock)
slapi_destroy_rwlock(e->e_virtual_lock);
slapi_ch_free((void**)&e);
@@ -2049,7 +2072,7 @@ slapi_entry_size(Slapi_Entry *e)
size += slapi_rdn_get_size(&e->e_srdn);
size += slapi_attrlist_size(e->e_attrs);
if (e->e_deleted_attrs) size += slapi_attrlist_size(e->e_deleted_attrs);
- if (e->e_virtual_attrs) size += slapi_attrlist_size(e->e_virtual_attrs);
+ size += entry_vattr_size(e);
size += sizeof(Slapi_Entry);
return size;
@@ -2361,6 +2384,102 @@ void slapi_entrycache_vattrcache_watermark_invalidate()
}
}
+/* The following functions control the virtual attribute cache
+ * stored in each entry (e_virtual_attrs). Access to that cache
+ * requires holding a lock (e_virtual_lock)
+ *
+ */
+
+
+/* enumerate all the vattr attributes and compute their cumul size */
+static size_t entry_vattr_size(Slapi_Entry *e)
+{
+ size_t size = 0;
+ Slapi_Vattr *vattr = NULL;
+
+ VATTR_READ_LOCK(e);
+
+ for (vattr = e->e_virtual_attrs; vattr != NULL; vattr = vattr->next) {
+ if (vattr->attrname != NULL) {
+ size += strlen(vattr->attrname);
+ }
+ size += slapi_attrlist_size(vattr->attr);
+ size += sizeof(Slapi_Vattr);
+ }
+
+ VATTR_READ_UNLOCK(e);
+ return (size);
+}
+
+/* if attr_name has already been evaluated (and cached) then returns it
+ * Else it returns NULL
+ * The caller must hold e_virtual_lock in read or write
+ */
+static Slapi_Vattr *entry_vattr_lookup_nolock(const Slapi_Entry *e, const char *attr_name)
+{
+ Slapi_Vattr *vattr = NULL;
+ char *name;
+
+ for (vattr = e->e_virtual_attrs; vattr != NULL; vattr = vattr->next) {
+ /* take the attribute name where it was kept */
+ if (vattr->attrname != NULL) {
+ name = vattr->attrname;
+ } else if (vattr->attr != NULL) {
+ name = vattr->attr->a_type;
+ } else {
+ slapi_log_error(SLAPI_LOG_FATAL, "entry_vattr_lookup_nolock", "unable to retrieve attribute name %s\n", attr_name);
+ continue;
+ }
+ if (slapi_attr_type_cmp( (const char *) name , attr_name, SLAPI_TYPE_CMP_EXACT) == 0) {
+ break;
+ }
+ }
+
+ return (vattr);
+}
+
+/* It adds an attribute in the virtual attribute cache
+ * The caller must have checked that the attribute is not already cached.
+ * The caller must hold e_virtual_lock in write
+ */
+static void entry_vattr_add_nolock(Slapi_Entry *e, const char * type, Slapi_Attr *attr)
+{
+ Slapi_Vattr *vattr;
+
+ /* In order to remember that we already evaluated this attribute, add it into the vattr cache */
+ vattr = (Slapi_Vattr *) slapi_ch_calloc(1, sizeof (Slapi_Vattr));
+ vattr->attr = attr;
+ if (vattr->attr == NULL) {
+ /* This virtual attribute was evaluated but has no value
+ * keep the attribute name in attrname
+ */
+ vattr->attrname = attr_syntax_normalize_no_lookup(type);
+ } else {
+ vattr->attrname = NULL;
+ }
+
+ vattr->next = e->e_virtual_attrs;
+ e->e_virtual_attrs = vattr;
+}
+
+
+
+/* The caller must hold e_virtual_lock in write mode */
+static void entry_vattr_free_nolock(Slapi_Entry *e)
+{
+ Slapi_Vattr *vattr, *next;
+
+ for (vattr = e->e_virtual_attrs, next = NULL; vattr != NULL; vattr = next) {
+ next = vattr->next;
+ attrlist_free(vattr->attr);
+ slapi_ch_free((void **) &vattr->attrname);
+ slapi_ch_free((void **) &vattr);
+ }
+
+ e->e_virtual_attrs = NULL;
+
+}
+
/*
* slapi_entry_vattrcache_findAndTest()
*
@@ -2384,12 +2503,12 @@ slapi_entry_vattrcache_findAndTest( const Slapi_Entry *e, const char *type,
filter_type_t filter_type,
int *rc )
{
- Slapi_Attr *tmp_attr = NULL;
+ Slapi_Vattr *vattr;
int r= SLAPI_ENTRY_VATTR_NOT_RESOLVED; /* assume not resolved yet */
*rc = -1;
- if ((e->e_virtual_attrs == NULL) || ! slapi_entry_vattrcache_watermark_isvalid(e)) {
+ if (! slapi_entry_vattrcache_watermark_isvalid(e)) {
/* there is not virtual attribute cached or they are all invalid
* just return
*/
@@ -2397,37 +2516,34 @@ slapi_entry_vattrcache_findAndTest( const Slapi_Entry *e, const char *type,
}
/* Check if the attribute is already cached */
- vattrcache_entry_READ_LOCK(e);
- if (e->e_virtual_attrs) {
- tmp_attr = attrlist_find(e->e_virtual_attrs, type);
- if (tmp_attr != NULL) {
- if (valueset_isempty(&(tmp_attr->a_present_values))) {
- /*
- * this is a vattr that has been
- * cached already but does not exist
- */
- /* hard coded for prototype */
- r = SLAPI_ENTRY_VATTR_RESOLVED_ABSENT;
- } else {
- /*
- * this is a cached vattr--test the filter on it.
- */
- r = SLAPI_ENTRY_VATTR_RESOLVED_EXISTS;
- if (filter_type == FILTER_TYPE_AVA) {
- *rc = plugin_call_syntax_filter_ava(tmp_attr,
- f->f_choice,
- &f->f_ava);
- } else if (filter_type == FILTER_TYPE_SUBSTRING) {
- *rc = plugin_call_syntax_filter_sub(NULL, tmp_attr,
- &f->f_sub);
- } else if (filter_type == FILTER_TYPE_PRES) {
- /* type is there, that's all we need to know. */
- *rc = 0;
- }
+ VATTR_READ_LOCK(e);
+
+ if ((vattr = entry_vattr_lookup_nolock(e, type))) {
+ /* That means this 'type' vattr was already evaluated */
+
+ if ((vattr->attr == NULL) || valueset_isempty(&(vattr->attr->a_present_values))) {
+
+ /* this means this is not a virtual attribute for that entry */
+ r = SLAPI_ENTRY_VATTR_RESOLVED_ABSENT;
+ } else {
+ /*
+ * this is a cached vattr--test the filter on it.
+ */
+ r = SLAPI_ENTRY_VATTR_RESOLVED_EXISTS;
+ if (filter_type == FILTER_TYPE_AVA) {
+ *rc = plugin_call_syntax_filter_ava(vattr->attr,
+ f->f_choice,
+ &f->f_ava);
+ } else if (filter_type == FILTER_TYPE_SUBSTRING) {
+ *rc = plugin_call_syntax_filter_sub(NULL, vattr->attr,
+ &f->f_sub);
+ } else if (filter_type == FILTER_TYPE_PRES) {
+ /* type is there, that's all we need to know. */
+ *rc = 0;
}
- } /* tmp_attr != NULL */
+ }
}
- vattrcache_entry_READ_UNLOCK(e);
+ VATTR_READ_UNLOCK(e);
return r;
}
@@ -2454,11 +2570,11 @@ slapi_entry_vattrcache_find_values_and_type_ex( const Slapi_Entry *e,
Slapi_ValueSet ***results,
char ***actual_type_name)
{
- Slapi_Attr *tmp_attr = NULL;
+ Slapi_Vattr *vattr;
int r = SLAPI_ENTRY_VATTR_NOT_RESOLVED; /* assume not resolved yet */
- if ((e->e_virtual_attrs == NULL) || ! slapi_entry_vattrcache_watermark_isvalid(e)) {
+ if (! slapi_entry_vattrcache_watermark_isvalid(e)) {
/* there is not virtual attribute cached or they are all invalid
* just return
*/
@@ -2466,36 +2582,33 @@ slapi_entry_vattrcache_find_values_and_type_ex( const Slapi_Entry *e,
}
/* check if the attribute is not already cached */
- vattrcache_entry_READ_LOCK(e);
- if (e->e_virtual_attrs) {
- tmp_attr = attrlist_find(e->e_virtual_attrs, type);
- if (tmp_attr != NULL) {
- if (valueset_isempty(&(tmp_attr->a_present_values))) {
- /*
- * this is a vattr that has been
- * cached already but does not exist
- */
- r = SLAPI_ENTRY_VATTR_RESOLVED_ABSENT; /* hard coded for prototype */
- } else {
- /*
- * this is a cached vattr
- * return a duped copy of the values and type
- */
- char *vattr_type = NULL;
+ VATTR_READ_LOCK(e);
+ if ((vattr = entry_vattr_lookup_nolock(e, type))) {
+ /* That means this 'type' vattr was already evaluated */
- r = SLAPI_ENTRY_VATTR_RESOLVED_EXISTS;
- *results = (Slapi_ValueSet**) slapi_ch_calloc(1, sizeof (**results));
- **results = valueset_dup(&(tmp_attr->a_present_values));
+ if ((vattr->attr == NULL) || valueset_isempty(&(vattr->attr->a_present_values))) {
- *actual_type_name =
- (char**) slapi_ch_malloc(sizeof (**actual_type_name));
- slapi_attr_get_type(tmp_attr, &vattr_type);
- **actual_type_name = slapi_ch_strdup(vattr_type);
+ /* this means this is not a virtual attribute for that entry */
+ r = SLAPI_ENTRY_VATTR_RESOLVED_ABSENT;
+ } else {
+ /*
+ * this is a cached vattr
+ * return a duped copy of the values and type
+ */
+ char *vattr_type = NULL;
- }
- } /* tmp_attr != NULL */
+ r = SLAPI_ENTRY_VATTR_RESOLVED_EXISTS;
+ *results = (Slapi_ValueSet**) slapi_ch_calloc(1, sizeof (**results));
+ **results = valueset_dup(&(vattr->attr->a_present_values));
+
+ *actual_type_name =
+ (char**) slapi_ch_malloc(sizeof (**actual_type_name));
+ slapi_attr_get_type(vattr->attr, &vattr_type);
+ **actual_type_name = slapi_ch_strdup(vattr_type);
+
+ }
}
- vattrcache_entry_READ_UNLOCK(e);
+ VATTR_READ_UNLOCK(e);
return r;
}
@@ -2510,11 +2623,11 @@ slapi_entry_vattrcache_find_values_and_type( const Slapi_Entry *e,
Slapi_ValueSet **results,
char **actual_type_name)
{
- Slapi_Attr *tmp_attr = NULL;
+ Slapi_Vattr *vattr;
int r= SLAPI_ENTRY_VATTR_NOT_RESOLVED; /* assume not resolved yet */
- if ((e->e_virtual_attrs == NULL) || ! slapi_entry_vattrcache_watermark_isvalid(e)) {
+ if (! slapi_entry_vattrcache_watermark_isvalid(e)) {
/* there is not virtual attribute cached or they are all invalid
* just return
*/
@@ -2522,33 +2635,30 @@ slapi_entry_vattrcache_find_values_and_type( const Slapi_Entry *e,
}
/* Check if the attribute is already cached */
- vattrcache_entry_READ_LOCK(e);
- if (e->e_virtual_attrs) {
- tmp_attr = attrlist_find(e->e_virtual_attrs, type);
- if (tmp_attr != NULL) {
- if (valueset_isempty(&(tmp_attr->a_present_values))) {
- /*
- * this is a vattr that has been
- * cached already but does not exist
- */
- r = SLAPI_ENTRY_VATTR_RESOLVED_ABSENT; /* hard coded for prototype */
- } else {
- /*
- * this is a cached vattr
- * return a duped copy of the values and type
- */
- char *vattr_type = NULL;
+ VATTR_READ_LOCK(e);
+ if ((vattr = entry_vattr_lookup_nolock(e, type))) {
+ /* That means this 'type' vattr was already evaluated */
- r = SLAPI_ENTRY_VATTR_RESOLVED_EXISTS;
- *results = valueset_dup(&(tmp_attr->a_present_values));
+ if ((vattr->attr == NULL) || valueset_isempty(&(vattr->attr->a_present_values))) {
- slapi_attr_get_type(tmp_attr, &vattr_type);
- *actual_type_name = slapi_ch_strdup(vattr_type);
+ /* this means this is not a virtual attribute for that entry */
+ r = SLAPI_ENTRY_VATTR_RESOLVED_ABSENT;
+ } else {
+ /*
+ * this is a cached vattr
+ * return a duped copy of the values and type
+ */
+ char *vattr_type = NULL;
+
+ r = SLAPI_ENTRY_VATTR_RESOLVED_EXISTS;
+ *results = valueset_dup(&(vattr->attr->a_present_values));
+
+ slapi_attr_get_type(vattr->attr, &vattr_type);
+ *actual_type_name = slapi_ch_strdup(vattr_type);
- }
}
}
- vattrcache_entry_READ_UNLOCK(e);
+ VATTR_READ_UNLOCK(e);
return r;
}
@@ -2583,26 +2693,57 @@ slapi_entry_vattrcache_merge_sv(Slapi_Entry *e, const char *type,
Slapi_ValueSet *valset, int buffer_flags)
{
Slapi_Value **vals = NULL;
+ Slapi_Vattr *vattr;
/* only attempt to merge if it's a cacheable attribute */
if ( slapi_vattrcache_iscacheable(type) || (buffer_flags & SLAPI_VIRTUALATTRS_VALUES_CACHEABLE)) {
- vattrcache_entry_WRITE_LOCK(e);
+ VATTR_WRITE_LOCK(e);
- if(!slapi_entry_vattrcache_watermark_isvalid(e) && e->e_virtual_attrs)
+ if(!slapi_entry_vattrcache_watermark_isvalid(e))
{
- attrlist_free(e->e_virtual_attrs);
- e->e_virtual_attrs = NULL;
+ /* free the previous set of vattrs */
+ entry_vattr_free_nolock(e);
+
}
if(valset)
vals = valueset_get_valuearray(valset);
- /* dups the type (if necessary) and vals */
- attrlist_merge_valuearray( &e->e_virtual_attrs, type, vals);
+ /* Add the vals in the virtual attribute cache */
+ vattr = entry_vattr_lookup_nolock(e, type);
+ if (vattr) {
+ if (vattr->attr) {
+ /* virtual attribute already cached, add the value */
+ valueset_add_valuearray(&vattr->attr->a_present_values, vals);
+ } else if (vals) {
+ /* This is not a normal situation, a first SP cached
+ * an empty value for this attribute, but now a second SP
+ * returns a non NULL value.
+ * Possibly watermark should have been updated to clear the cache
+ */
+ slapi_log_error(SLAPI_LOG_FATAL, "slapi_entry_vattrcache_merge_sv",
+ "Virtual attribute %s already cached with empty value, unwilling to cache a different value (%s) \n",
+ type, slapi_entry_get_dn(e));
+ }
+ } else {
+ Slapi_Attr *attr = NULL;
+
+ if (vals) {
+ /* Create the new virtual attribute */
+ attr = slapi_attr_new();
+ slapi_attr_init(attr, type);
+
+ /* now add the value */
+ valueset_add_valuearray(&attr->a_present_values, vals);
+ }
+
+ /* put attr into the virtual attribute cache */
+ entry_vattr_add_nolock(e, type, attr);
+ }
slapi_entry_vattrcache_watermark_set(e);
- vattrcache_entry_WRITE_UNLOCK(e);
+ VATTR_WRITE_UNLOCK(e);
}
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index e0c1a4e..07eba06 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -1353,10 +1353,6 @@ void subentry_create_filter(Slapi_Filter** filter);
*/
void vattr_init();
void vattr_cleanup();
-void vattrcache_entry_READ_LOCK(const Slapi_Entry *e);
-void vattrcache_entry_READ_UNLOCK(const Slapi_Entry *e);
-void vattrcache_entry_WRITE_LOCK(const Slapi_Entry *e);
-void vattrcache_entry_WRITE_UNLOCK(const Slapi_Entry *e);
/*
* slapd_plhash.c - supplement to NSPR plhash
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 88f1791..a98de47 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -651,6 +651,7 @@ struct slapi_rdn
*/
#define ENTRY_MAX_ATTRIBUTE_VALUE_COUNT 1073741824
+typedef struct _entry_vattr Slapi_Vattr;
/*
* represents an entry in core
* WARNING, if you change this stucture you MUST update slapi_entry_size()
@@ -664,7 +665,7 @@ struct slapi_entry {
CSN *e_maxcsn; /* maximum CSN of the entry */
Slapi_Attr *e_attrs; /* list of attributes and values */
Slapi_Attr *e_deleted_attrs; /* deleted list of attributes and values */
- Slapi_Attr *e_virtual_attrs; /* list of virtual attributes */
+ Slapi_Vattr *e_virtual_attrs; /* cache of virtual attributes */
time_t e_virtual_watermark; /* indicates cache consistency when compared
to global watermark */
Slapi_RWLock *e_virtual_lock; /* for access to cached vattrs */
diff --git a/ldap/servers/slapd/vattr.c b/ldap/servers/slapd/vattr.c
index b04fca7..d7753ee 100644
--- a/ldap/servers/slapd/vattr.c
+++ b/ldap/servers/slapd/vattr.c
@@ -2348,22 +2348,6 @@ void slapi_vattrcache_cache_none()
cache_all = 0;
}
-void vattrcache_entry_READ_LOCK(const Slapi_Entry *e){
- slapi_rwlock_rdlock(e->e_virtual_lock);
-}
-
-void vattrcache_entry_READ_UNLOCK(const Slapi_Entry *e) {
- slapi_rwlock_unlock(e->e_virtual_lock);
-
-}
-void vattrcache_entry_WRITE_LOCK(const Slapi_Entry *e){
- slapi_rwlock_wrlock(e->e_virtual_lock);
-
-}
-void vattrcache_entry_WRITE_UNLOCK(const Slapi_Entry *e){
- slapi_rwlock_unlock(e->e_virtual_lock);
-}
-
Slapi_PBlock *
slapi_vattr_get_pblock_from_context(vattr_context *c)
{
10 years, 7 months
ldap/admin
by thierry bordaz
ldap/admin/src/scripts/DSCreate.pm.in | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
New commits:
commit 2d6d9ac5e7473776b410cd48f555ee51c1cbcab7
Author: Thierry bordaz (tbordaz) <tbordaz(a)redhat.com>
Date: Tue Aug 20 15:45:51 2013 +0200
Ticket 47433 - With SeLinux, setup-ds.pl and setup-ds-admin.pl fail to detect already ranged labelled ports
Bug Description:
With SeLinux ports may be labelled per range. In the output of 'semanage port -l' a range is displayed
with <portMin>-<portMax> rather than with an individual <portNum>.
When parsing the output, DSCreate.pm(updateSelinuxPolicy) expects a list of individual ports so it fails
to detect that a given port is in the range of ports.
Fix Description:
When parsing the output of 'semanage port -l', if a range exists it checks that the provided port is
in the range or not.
https://fedorahosted.org/389/ticket/47433
Reviewed by: Rich Megginson (thanks Rich)
Platforms tested: Fedora 17
Flag Day: no
Doc impact: no
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in b/ldap/admin/src/scripts/DSCreate.pm.in
index be2097a..cc00bb3 100644
--- a/ldap/admin/src/scripts/DSCreate.pm.in
+++ b/ldap/admin/src/scripts/DSCreate.pm.in
@@ -1007,9 +1007,19 @@ sub updateSelinuxPolicy {
$portline =~ s/ldap_port_t\s+tcp\s+//g;
my @labeledports = split(/,\s+/, $portline);
foreach my $labeledport (@labeledports) {
- if ($inf->{slapd}->{ServerPort} == $labeledport) {
- $need_label = 0;
- last;
+ if (index($labeledport, "-") == -1) {
+ # this is not a range of ports
+ if ($inf->{slapd}->{ServerPort} == $labeledport) {
+ $need_label = 0;
+ last;
+ }
+ } else {
+ # this is a range of ports like '<portMin>-<portMax>'
+ my @range = split(/-/, $labeledport);
+ if ((@range[0] <= $inf->{slapd}->{ServerPort}) && ($inf->{slapd}->{ServerPort} <= @range[1])) {
+ $need_label = 0;
+ last;
+ }
}
}
10 years, 7 months
Changes to 'refs/tags/389-adminutil-1.1.18'
by Richard Allen Megginson
Changes since the dawn of time:
Mark Reynolds (2):
Ticket 400 - BIND operation result not checked properly in adminutil
Ticket 497 - Console logins fail intermittenly
Nathan Kinder (15):
Fixed parsing of supported emulations in nsarch
Resolves: 213070
Related: 213070
Resolves: 246124
Resolves: 247192
Bug 697106 - (cov#10770) Need to call va_end() after calling va_start()
Bug 697110 - (cov#10757) Remove unused variable in psetRootModAttrList()
Bug 697116 - Need to check if admldapGetISIEDN() returns NULL
Bug 697106 - (cov#10770) Need to call va_end() after calling va_start()
Bug 697641 - Check return value of DER_UTCTimeToAscii()
Bug 697641 - Check if nodeName is NULL before dereferencing
Bug 697641 - Check if pset is NULL before dereferencing
Bug 697641 - Check if valBuf is NULL before dereferencing
Bug 697641 - Check list->name for NULL before dereferencing
Bug 697641 - Check if strchr() returns NULL before dereferencing
Noriko Hosoi (23):
[161407] Fixed the library path for the 64-bit build on Solaris.
libadminutil##.<ext> should not link SSL related ldapsdk libraries.
*** empty log message ***
[172166] Admin Util RPM
[172166] Admin Util build (64-bit)
[172166] Admin Util build (IPF)
[Bug 172166] Admin Util build (IPF)
[Bug 172166] Admin Util build (IPF)
[179394] HP-UX PA-RISC support
[179394] HP-UX IPF/PA-RISC support
upgraded LDAP C SDK: v5.16 -> v5.17
Replaced PL_Free with PR_Free.
[161099] admin passwd in clear text in adm.conf
[172166] Admin Util build (RPM)
[195258] Changes for the internal build
Removed the link arg to link with libCrun.so.1 since there is no C++ code
Resolves: #186280
Resolves: Bug 237356
Fixed a minor bug introduced in the revision 1.6.
Resolves: #191834
bump version to 1.1.16
bump version to 1.1.17
Ticket #47343 - 389-adminutil: Does not support aarch64 in f19 and rawhide
Rich Megginson (59):
change binary directory naming convention to the same one we use with pre-built binary components; remove old crufty Fortezza stuff; general makefile cleanup
Bug(s) fixed: 171799
make PERL5 use perl from PATH on Linux
The correct naming convention for RHEL is
1) Fix moz objdir name for generic linux x86_64
Bug(s) fixed: 186280
Bug: 186280
use new ldapcsdk 6.0.0; upgrade other components
Reviewed by: nhosoi (Thanks!)
Bug(s) fixed: 213788
Bug: 213788
Resolves: bug 234420
Resolves: bug 239475
bump version to 1.1.1
bump version to 1.1.1
add support for -version-number when building shared libs; fix a couple of minor issues brought up in fedora package review
pkgconfig is a requires, not a build requires
final spec fix for fedora
Resolves: bug 235293
Resolves: bug 245208
Resolves: bug 245208
Resolves: bug 245396
bump version to 1.1.2
bump version to 1.1.3
Resolves: bug 250526
Resolves: bug 323381
bump version to 1.1.5
Resolves: bug 245248
bump version to 1.1.6
Resolves: bug 413531
Resolves: bug 454060
the correct function name is admldapSetDirectoryURL
bump version to 1.1.7
Resolves: bug 462411
compiler warning clean up
Resolves: bug 466137
fix compiler warning
bump version to 1.1.8
the 1.1.8 release
Rename adminutil to 389-adminutil
added .gitignore
use icu genrb from path if no icu_bin given or found
Bug 460168 - FedoraDS' adminutil requires non-existent "icu.pc" on non-RH/Fedora OS
remove adminutil.pc.in
bump version to 1.1.10
Bug 614690 - adminutil ICU RB generation can fail
Port adminutil to use openldap
allow building with mozldap again
bump version to 1.1.12
version 1.1.13 - add nss_inc to includes for libadminutil sources
bump version to 1.1.14
Ticket #161 - Review and address latest Coverity issues
Ticket #161 - Review and address latest Coverity issues
Ticket #281 - TLS not working with latest openldap
bump version to 1.1.15
fix mem leak in admldapBuildInfoSSL when there is no password
Ticket #47486 - compiler warnings in adminutil, admin, dsgw
add Eclipse generated files
bump version to 1.1.18
foxworth (1):
Internal Red Hat CVS project for adminutil: core
10 years, 7 months
4 commits - configure configure.ac .gitignore lib/libadminutil lib/libadmsslutil
by Richard Allen Megginson
.gitignore | 6 +++
configure | 20 ++++++------
configure.ac | 2 -
lib/libadminutil/acclanglist.c | 6 +--
lib/libadminutil/admutil.c | 67 +++--------------------------------------
lib/libadminutil/form_post.c | 4 +-
lib/libadminutil/psetc.c | 3 -
lib/libadmsslutil/admsslutil.c | 14 --------
8 files changed, 30 insertions(+), 92 deletions(-)
New commits:
commit 0b0deef1948879311ed9c743d433924aa2632bc4
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Aug 19 17:11:37 2013 -0600
bump version to 1.1.18
diff --git a/configure b/configure
index f771512..370f109 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for 389-adminutil 1.1.17.
+# Generated by GNU Autoconf 2.69 for 389-adminutil 1.1.18.
#
# Report bugs to <http://bugzilla.redhat.com/>.
#
@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='389-adminutil'
PACKAGE_TARNAME='389-adminutil'
-PACKAGE_VERSION='1.1.17'
-PACKAGE_STRING='389-adminutil 1.1.17'
+PACKAGE_VERSION='1.1.18'
+PACKAGE_STRING='389-adminutil 1.1.18'
PACKAGE_BUGREPORT='http://bugzilla.redhat.com/'
PACKAGE_URL=''
@@ -1378,7 +1378,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures 389-adminutil 1.1.17 to adapt to many kinds of systems.
+\`configure' configures 389-adminutil 1.1.18 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1448,7 +1448,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of 389-adminutil 1.1.17:";;
+ short | recursive ) echo "Configuration of 389-adminutil 1.1.18:";;
esac
cat <<\_ACEOF
@@ -1583,7 +1583,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-389-adminutil configure 1.1.17
+389-adminutil configure 1.1.18
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2173,7 +2173,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by 389-adminutil $as_me 1.1.17, which was
+It was created by 389-adminutil $as_me 1.1.18, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3000,7 +3000,7 @@ fi
# Define the identity of the package.
PACKAGE='389-adminutil'
- VERSION='1.1.17'
+ VERSION='1.1.18'
cat >>confdefs.h <<_ACEOF
@@ -19147,7 +19147,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by 389-adminutil $as_me 1.1.17, which was
+This file was extended by 389-adminutil $as_me 1.1.18, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -19204,7 +19204,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-389-adminutil config.status 1.1.17
+389-adminutil config.status 1.1.18
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff --git a/configure.ac b/configure.ac
index ccf285c..32b6222 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,7 +1,7 @@
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([389-adminutil], [1.1.17], [http://bugzilla.redhat.com/])
+AC_INIT([389-adminutil], [1.1.18], [http://bugzilla.redhat.com/])
AM_INIT_AUTOMAKE([1.9 foreign subdir-objects])
AM_MAINTAINER_MODE
AC_CANONICAL_HOST
commit ee1ef81b442305a24be16c07d2238a4143a6f007
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:49:21 2013 -0600
add Eclipse generated files
diff --git a/.gitignore b/.gitignore
index 4e68831..01246aa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,8 @@
autom4te.cache
*~
+.autotools
+.cproject
+.externalToolBuilders
+.project
+.settings
+*.patch
commit 6a49f64300eb878c7010142d81fa65e4b3964b95
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Aug 15 15:01:22 2013 -0600
Ticket #47486 - compiler warnings in adminutil, admin, dsgw
fix compiler warnings
Reviewed by: nhosoi (Thanks!)
diff --git a/lib/libadminutil/acclanglist.c b/lib/libadminutil/acclanglist.c
index 903be02..671dfcc 100644
--- a/lib/libadminutil/acclanglist.c
+++ b/lib/libadminutil/acclanglist.c
@@ -54,8 +54,8 @@ AcceptLangList(const char* AcceptLanguage,
char* cPtr;
char* cPtr1;
char* cPtr2;
- int i;
- int j;
+ size_t i;
+ size_t j;
size_t countLang = 0;
input = strdup(AcceptLanguage);
@@ -145,7 +145,7 @@ static int
langIsInList(const char *lang, size_t listsize, ACCEPT_LANGUAGE_LIST accll)
{
int retval = 0;
- int ii;
+ size_t ii;
for (ii = 0; !retval && (ii < listsize); ++ii) {
if (!strcmp(lang, accll[ii])) {
diff --git a/lib/libadminutil/admutil.c b/lib/libadminutil/admutil.c
index b4e12dd..bf04c10 100644
--- a/lib/libadminutil/admutil.c
+++ b/lib/libadminutil/admutil.c
@@ -37,20 +37,6 @@
#define strcasecmp stricmp
#define strncasecmp _strnicmp
#endif
-
-#ifdef XP_UNIX
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-static char rcsid[] = "$Header: AdminUtil " ADMSDK_PRODUCT
- " " ADMSDK_BUILDNUM " $";
-static char sccsid[] = "@(#)AdminUtil " ADMSDK_PRODUCT
- " " ADMSDK_BUILDNUM;
-#endif /* XP_UNIX */
-
/* Max size for a pathname */
#ifndef PATH_MAX
@@ -2286,17 +2272,19 @@ admutil_ldap_init(
#if defined(USE_OPENLDAP)
char *certdir = admldapGetSecurityDir(info);
int optval = 0;
+#else
+ LDAP *myld = NULL;
#endif /* !USE_OPENLDAP */
int ssl_strength = 0;
- LDAP *myld = NULL;
+#if !defined(USE_OPENLDAP)
/* we can only use the set functions below with a real
LDAP* if it has already gone through ldapssl_init -
so, use NULL if using starttls */
if (secure == 1) {
myld = ld;
}
-
+#endif
/* verify certificate only */
#if defined(USE_OPENLDAP)
ssl_strength = LDAP_OPT_X_TLS_NEVER;
@@ -2414,55 +2402,12 @@ admutil_ldap_bind(
{
int rc = LDAP_SUCCESS;
int err = LDAP_SUCCESS;
- int secure = 0;
struct berval bvcreds = {0, NULL};
LDAPMessage *result = NULL;
struct berval *servercredp = NULL;
-#if defined(USE_OPENLDAP)
- /* openldap doesn't have a SSL/TLS yes/no flag - so grab the
- ldapurl, parse it, and see if it is a secure one */
- char *ldapurl = NULL;
- ldap_get_option(ld, LDAP_OPT_URI, &ldapurl);
- if (ldapurl && !PL_strncasecmp(ldapurl, "ldaps", 5)) {
- secure = 1;
- }
- PL_strfree(ldapurl);
- ldapurl = NULL;
-#else /* !USE_OPENLDAP */
- ldap_get_option(ld, LDAP_OPT_SSL, &secure);
-#endif
-
-#ifdef EXTERNAL_AUTH_SUPPORTED
- if (secure && mech && !strcmp(mech, LDAP_SASL_EXTERNAL)) {
- /* SSL connections will use the server's security context
- and cert for client auth */
- rc = slapd_SSL_client_auth(ld);
-
- if (rc != 0) {
-#ifdef DEBUG
- fprintf(stderr, "admutil_ldap_bind: "
- "Error: could not configure the server for cert "
- "auth - error %d - make sure the server is "
- "correctly configured for SSL/TLS\n", rc);
-#endif
- goto done;
- } else {
-#ifdef DEBUG
- fprintf(stderr, "admutil_ldap_bind: "
- "Set up conn to use client auth\n");
-#endif
- }
- bvcreds.bv_val = NULL; /* ignore username and passed in creds */
- bvcreds.bv_len = 0; /* for external auth */
- bindid = NULL;
- } else { /* other type of auth */
-#endif /* EXTERNAL_AUTH_SUPPORTED */
- bvcreds.bv_val = (char *)creds;
- bvcreds.bv_len = creds ? strlen(creds) : 0;
-#ifdef EXTERNAL_AUTH_SUPPORTED
- }
-#endif /* EXTERNAL_AUTH_SUPPORTED */
+ bvcreds.bv_val = (char *)creds;
+ bvcreds.bv_len = creds ? strlen(creds) : 0;
/* The connection has been set up - now do the actual bind, depending on
the mechanism and arguments */
diff --git a/lib/libadminutil/form_post.c b/lib/libadminutil/form_post.c
index cbe5299..9bc9e41 100644
--- a/lib/libadminutil/form_post.c
+++ b/lib/libadminutil/form_post.c
@@ -174,13 +174,13 @@ PR_IMPLEMENT(void)
unescape_entities(char *s)
{
int idx;
- char *p, *r, *d;
+ char *p, *r;
if (!s || !*s) {
return;
}
- d = r = s;
+ r = s;
for ( p = s; *p != '\0'; LDAP_UTF8INC( p )) {
if ( ((*p) & 0x80) == 0 && ( (*p) == '&') ) {
for( idx = 0; idx < entitynum; ++idx ) {
diff --git a/lib/libadminutil/psetc.c b/lib/libadminutil/psetc.c
index 42d0871..6a09638 100644
--- a/lib/libadminutil/psetc.c
+++ b/lib/libadminutil/psetc.c
@@ -1109,13 +1109,12 @@ psetRootModAttribute(PsetRootPtr psetRoot, int mode, NameType name,
{
PsetPtr pset = NULL;
LDAPMod **mods;
- int nameLen, nodeFlag, errorcode;
+ int nodeFlag, errorcode;
char namebuf[256];
char *attrName, *nodeName;
ValueType valsptr;
PsetNodePtr nodePtr;
- nameLen = PL_strlen(name);
PR_snprintf(namebuf, sizeof(namebuf), "%s", name);
attrName = strrchr(namebuf, '.');
if (!attrName) {
diff --git a/lib/libadmsslutil/admsslutil.c b/lib/libadmsslutil/admsslutil.c
index a86c37c..1ba0dfa 100644
--- a/lib/libadmsslutil/admsslutil.c
+++ b/lib/libadmsslutil/admsslutil.c
@@ -51,19 +51,6 @@
#define SECURITY_ATTR "configuration.nsServerSecurity"
-#ifdef XP_UNIX
-/*
- * Version information for the 'ident' and 'what commands
- *
- * NOTE: the first component of the concatenated rcsid string
- * must not end in a '$' to prevent rcs keyword substitution.
- */
-static char rcsid[] = "$Header: AdminUtil " ADMSDK_PRODUCT
- " " ADMSDK_BUILDNUM " $";
-static char sccsid[] = "@(#)AdminUtil " ADMSDK_PRODUCT
- " " ADMSDK_BUILDNUM;
-#endif /* XP_UNIX */
-
void servssl_error(char *fmt, ...);
char custom_file[BIG_LINE] = "";
commit 77fd77a04c5bf15fdbd9db2dcebed23fbe02b447
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Aug 13 10:05:11 2013 -0600
fix mem leak in admldapBuildInfoSSL when there is no password
Reviewed by: nhosoi (Thanks!)
Platforms tested: RHEL 6, Fedora 20
diff --git a/lib/libadmsslutil/admsslutil.c b/lib/libadmsslutil/admsslutil.c
index 7ea9eb0..a86c37c 100644
--- a/lib/libadmsslutil/admsslutil.c
+++ b/lib/libadmsslutil/admsslutil.c
@@ -106,6 +106,7 @@ admldapBuildInfoSSL(AdmldapInfo info, int *errorcode)
} else {
/* no password means just punt rather than do anon bind */
/* this mimics the same logic in admldapBuildInfoCbk() */
+ ldap_unbind_ext(ld, NULL, NULL);
*errorcode = ADMUTIL_LDAP_ERR;
return 1; /* have to return true here to mimic admldapBuildInfoCbk() */
}
10 years, 7 months