Branch '389-ds-base-1.3.3' - ldap/servers
by Noriko Hosoi
ldap/servers/plugins/posix-winsync/posix-winsync.c | 3 +++
1 file changed, 3 insertions(+)
New commits:
commit 33a5ade48caba8673748a4f7aee072596a8f6d53
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Jan 26 16:08:40 2015 -0800
Ticket #48001 - ns-activate.pl fails to activate account if it was disabled on AD
Bug Description: When Posix-WinSync plug-in receives a request to
disable an account from AD, it checks the nsAccountLock explicitly
as well as virtually. If it's not found in the both checks, it does
not set a flag to tell it is a virtual attribute, then a real
"nsAccountLock: true" attr-value pair is added to the user entry.
Once the real nsAccountLock attribute is added to an entry, ns-activate.pl
as well as Console does not remove it since it's not implemented for
the purpose.
Fix Description: Since nsAccountLock is known as a virtual attribute,
set a virtual flag by default, which prevents to add a real attribute
value pair.
https://fedorahosted.org/389/ticket/48001
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
(cherry picked from commit 345d2c0870d7e8b1005a13cc9cf93865ff0cb53d)
diff --git a/ldap/servers/plugins/posix-winsync/posix-winsync.c b/ldap/servers/plugins/posix-winsync/posix-winsync.c
index d43e76d..9a70244 100644
--- a/ldap/servers/plugins/posix-winsync/posix-winsync.c
+++ b/ldap/servers/plugins/posix-winsync/posix-winsync.c
@@ -152,6 +152,9 @@ _check_account_lock(Slapi_Entry *ds_entry, int *isvirt)
int attr_free_flags = 0;
char *strval;
+ if (isvirt) {
+ *isvirt = 1; /* nsAccountLock is implemeted as nsRole */
+ }
/* first, see if the attribute is a "real" attribute */
strval = slapi_entry_attr_get_charptr(ds_entry, "nsAccountLock");
if (strval) { /* value is real */
9 years, 1 month
ldap/servers
by Noriko Hosoi
ldap/servers/plugins/posix-winsync/posix-winsync.c | 3 +++
1 file changed, 3 insertions(+)
New commits:
commit 345d2c0870d7e8b1005a13cc9cf93865ff0cb53d
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Mon Jan 26 16:08:40 2015 -0800
Ticket #48001 - ns-activate.pl fails to activate account if it was disabled on AD
Bug Description: When Posix-WinSync plug-in receives a request to
disable an account from AD, it checks the nsAccountLock explicitly
as well as virtually. If it's not found in the both checks, it does
not set a flag to tell it is a virtual attribute, then a real
"nsAccountLock: true" attr-value pair is added to the user entry.
Once the real nsAccountLock attribute is added to an entry, ns-activate.pl
as well as Console does not remove it since it's not implemented for
the purpose.
Fix Description: Since nsAccountLock is known as a virtual attribute,
set a virtual flag by default, which prevents to add a real attribute
value pair.
https://fedorahosted.org/389/ticket/48001
Reviewed by mreynolds(a)redhat.com (Thank you, Mark!!)
diff --git a/ldap/servers/plugins/posix-winsync/posix-winsync.c b/ldap/servers/plugins/posix-winsync/posix-winsync.c
index d43e76d..9a70244 100644
--- a/ldap/servers/plugins/posix-winsync/posix-winsync.c
+++ b/ldap/servers/plugins/posix-winsync/posix-winsync.c
@@ -152,6 +152,9 @@ _check_account_lock(Slapi_Entry *ds_entry, int *isvirt)
int attr_free_flags = 0;
char *strval;
+ if (isvirt) {
+ *isvirt = 1; /* nsAccountLock is implemeted as nsRole */
+ }
/* first, see if the attribute is a "real" attribute */
strval = slapi_entry_attr_get_charptr(ds_entry, "nsAccountLock");
if (strval) { /* value is real */
9 years, 1 month
Branch '389-ds-base-1.2.11' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/memberof/memberof.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
New commits:
commit ffc784c20554edcfa496472a3b438e31d20d6a4a
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Feb 3 19:43:46 2015 -0500
Ticket 47963 - memberof skip nested groups breaks the plugin
Bug Description: The previous patch broke the memberOf plugin - it
basically wouldn't do anything. The skip was being
done too early.
Fix Description: Move the "recursion skip" to the appropriate location.
https://fedorahosted.org/389/ticket/47963
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 70d5fe69846482bb82723e300389469924c2cd85)
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index 0098829..7cb0e27 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -1721,6 +1721,7 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
char *group_dn = slapi_entry_get_ndn(e);
Slapi_Value *group_dn_val = 0;
Slapi_ValueSet *groupvals = *((memberof_get_groups_data*)callback_data)->groupvals;
+ MemberOfConfig *config = ((memberof_get_groups_data*)callback_data)->config;
int rc = 0;
if(slapi_is_shutting_down()){
@@ -1778,10 +1779,11 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
* by the valueset. */
slapi_valueset_add_value_ext(groupvals, group_dn_val, SLAPI_VALUE_FLAG_PASSIN);
- /* now recurse to find parent groups of e */
- memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
- group_sdn, callback_data);
-
+ if(!config->skip_nested || config->fixup_task){
+ /* now recurse to find parent groups of e */
+ memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
+ group_sdn, callback_data);
+ }
bail:
return rc;
}
@@ -2468,10 +2470,8 @@ int memberof_fix_memberof_callback(Slapi_Entry *e, void *callback_data)
memberof_del_dn_data del_data = {0, config->memberof_attr};
Slapi_ValueSet *groups = 0;
- if(!config->skip_nested || config->fixup_task){
- /* get a list of all of the groups this user belongs to */
- groups = memberof_get_groups(config, sdn);
- }
+ /* get a list of all of the groups this user belongs to */
+ groups = memberof_get_groups(config, sdn);
/* If we found some groups, replace the existing memberOf attribute
* with the found values. */
9 years, 1 month
Branch '389-ds-base-1.3.1' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/memberof/memberof.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
New commits:
commit ddcab8af51c8b0a787dc630bce3a0b34c446c973
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Feb 3 19:43:46 2015 -0500
Ticket 47963 - memberof skip nested groups breaks the plugin
Bug Description: The previous patch broke the memberOf plugin - it
basically wouldn't do anything. The skip was being
done too early.
Fix Description: Move the "recursion skip" to the appropriate location.
https://fedorahosted.org/389/ticket/47963
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 70d5fe69846482bb82723e300389469924c2cd85)
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index ec96b00..4553c43 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -1732,6 +1732,7 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
char *group_dn = slapi_entry_get_ndn(e);
Slapi_Value *group_dn_val = 0;
Slapi_ValueSet *groupvals = *((memberof_get_groups_data*)callback_data)->groupvals;
+ MemberOfConfig *config = ((memberof_get_groups_data*)callback_data)->config;
int rc = 0;
if(slapi_is_shutting_down()){
@@ -1789,10 +1790,11 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
* by the valueset. */
slapi_valueset_add_value_ext(groupvals, group_dn_val, SLAPI_VALUE_FLAG_PASSIN);
- /* now recurse to find parent groups of e */
- memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
- group_sdn, callback_data);
-
+ if(!config->skip_nested || config->fixup_task){
+ /* now recurse to find parent groups of e */
+ memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
+ group_sdn, callback_data);
+ }
bail:
return rc;
}
@@ -2516,10 +2518,8 @@ int memberof_fix_memberof_callback(Slapi_Entry *e, void *callback_data)
memberof_del_dn_data del_data = {0, config->memberof_attr};
Slapi_ValueSet *groups = 0;
- if(!config->skip_nested || config->fixup_task){
- /* get a list of all of the groups this user belongs to */
- groups = memberof_get_groups(config, sdn);
- }
+ /* get a list of all of the groups this user belongs to */
+ groups = memberof_get_groups(config, sdn);
/* If we found some groups, replace the existing memberOf attribute
* with the found values. */
9 years, 1 month
Branch '389-ds-base-1.3.2' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/memberof/memberof.c | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
New commits:
commit 70d5fe69846482bb82723e300389469924c2cd85
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Feb 3 19:43:46 2015 -0500
Ticket 47963 - memberof skip nested groups breaks the plugin
Bug Description: The previous patch broke the memberOf plugin - it
basically wouldn't do anything. The skip was being
done too early.
Fix Description: Move the "recursion skip" to the appropriate location.
https://fedorahosted.org/389/ticket/47963
Reviewed by: nhosoi(Thanks!)
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index 5a5a71a..76fdaeb 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -1759,6 +1759,7 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
char *group_dn = slapi_entry_get_ndn(e);
Slapi_Value *group_dn_val = 0;
Slapi_ValueSet *groupvals = *((memberof_get_groups_data*)callback_data)->groupvals;
+ MemberOfConfig *config = ((memberof_get_groups_data*)callback_data)->config;
int rc = 0;
if(slapi_is_shutting_down()){
@@ -1816,10 +1817,11 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
* by the valueset. */
slapi_valueset_add_value_ext(groupvals, group_dn_val, SLAPI_VALUE_FLAG_PASSIN);
- /* now recurse to find parent groups of e */
- memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
- group_sdn, callback_data);
-
+ if(!config->skip_nested || config->fixup_task){
+ /* now recurse to find parent groups of e */
+ memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
+ group_sdn, callback_data);
+ }
bail:
return rc;
}
@@ -2543,10 +2545,8 @@ int memberof_fix_memberof_callback(Slapi_Entry *e, void *callback_data)
memberof_del_dn_data del_data = {0, config->memberof_attr};
Slapi_ValueSet *groups = 0;
- if(!config->skip_nested || config->fixup_task){
- /* get a list of all of the groups this user belongs to */
- groups = memberof_get_groups(config, sdn);
- }
+ /* get a list of all of the groups this user belongs to */
+ groups = memberof_get_groups(config, sdn);
/* If we found some groups, replace the existing memberOf attribute
* with the found values. */
9 years, 1 month
Branch '389-ds-base-1.3.3' - dirsrvtests/tickets ldap/servers
by Mark Reynolds
dirsrvtests/tickets/ticket47963_test.py | 191 +++++++++++++++++++++++++++++++
ldap/servers/plugins/memberof/memberof.c | 47 +++----
2 files changed, 214 insertions(+), 24 deletions(-)
New commits:
commit 2f24d28cf608e5ecd580be82fea8c51e28429329
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Feb 3 12:52:40 2015 -0500
Ticket 47963 - memberof skip nested groups breaks the plugin
Bug Description: The previous patch broke the memberOf plugin - it
basically wouldn't do anything. The skip was being
done too early.
Fix Description: Move the "recursion skip" to the appropriate location.
https://fedorahosted.org/389/ticket/47963
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 248b471c86dbd7ed6a86e9def90a0d7a9858ed91)
diff --git a/dirsrvtests/tickets/ticket47963_test.py b/dirsrvtests/tickets/ticket47963_test.py
new file mode 100644
index 0000000..7d0afeb
--- /dev/null
+++ b/dirsrvtests/tickets/ticket47963_test.py
@@ -0,0 +1,191 @@
+import os
+import sys
+import time
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry, tools, tasks
+from lib389.tools import DirSrvTools
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+
+class TopologyStandalone(object):
+ def __init__(self, standalone):
+ standalone.open()
+ self.standalone = standalone
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating standalone instance ...
+ standalone = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_STANDALONE
+ args_instance[SER_PORT] = PORT_STANDALONE
+ args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_standalone = args_instance.copy()
+ standalone.allocate(args_standalone)
+ instance_standalone = standalone.exists()
+ if instance_standalone:
+ standalone.delete()
+ standalone.create()
+ standalone.open()
+
+ # Clear out the tmp dir
+ standalone.clearTmpDir(__file__)
+
+ return TopologyStandalone(standalone)
+
+
+def test_ticket47963(topology):
+ '''
+ Test that the memberOf plugin works correctly after setting:
+
+ memberofskipnested: on
+
+ '''
+ PLUGIN_DN = 'cn=' + PLUGIN_MEMBER_OF + ',cn=plugins,cn=config'
+ USER_DN = 'uid=test_user,' + DEFAULT_SUFFIX
+ GROUP_DN1 = 'cn=group1,' + DEFAULT_SUFFIX
+ GROUP_DN2 = 'cn=group2,' + DEFAULT_SUFFIX
+ GROUP_DN3 = 'cn=group3,' + DEFAULT_SUFFIX
+
+ #
+ # Enable the plugin and configure the skiop nest attribute, then restart the server
+ #
+ topology.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
+ try:
+ topology.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'memberofskipnested', 'on')])
+ except ldap.LDAPError, e:
+ log.error('test_automember: Failed to modify config entry: error ' + e.message['desc'])
+ assert False
+
+ topology.standalone.restart(timeout=10)
+
+ #
+ # Add our groups, users, memberships, etc
+ #
+ try:
+ topology.standalone.add_s(Entry((USER_DN, {
+ 'objectclass': 'top extensibleObject'.split(),
+ 'uid': 'test_user'
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add teset user: error ' + e.message['desc'])
+ assert False
+
+ try:
+ topology.standalone.add_s(Entry((GROUP_DN1, {
+ 'objectclass': 'top groupOfNames groupOfUniqueNames extensibleObject'.split(),
+ 'cn': 'group1',
+ 'member': USER_DN
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add group1: error ' + e.message['desc'])
+ assert False
+
+ try:
+ topology.standalone.add_s(Entry((GROUP_DN2, {
+ 'objectclass': 'top groupOfNames groupOfUniqueNames extensibleObject'.split(),
+ 'cn': 'group2',
+ 'member': USER_DN
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add group2: error ' + e.message['desc'])
+ assert False
+
+ # Add group with no member(yet)
+ try:
+ topology.standalone.add_s(Entry((GROUP_DN3, {
+ 'objectclass': 'top groupOfNames groupOfUniqueNames extensibleObject'.split(),
+ 'cn': 'group'
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add group3: error ' + e.message['desc'])
+ assert False
+ time.sleep(1)
+
+ #
+ # Test we have the correct memberOf values in the user entry
+ #
+ try:
+ member_filter = ('(&(memberOf=' + GROUP_DN1 + ')(memberOf=' + GROUP_DN2 + '))')
+ entries = topology.standalone.search_s(USER_DN, ldap.SCOPE_BASE, member_filter)
+ if not entries:
+ log.fatal('User is missing expected memberOf attrs')
+ assert False
+ except ldap.LDAPError, e:
+ log.fatal('Search for user1 failed: ' + e.message['desc'])
+ assert False
+
+ # Add the user to the group
+ try:
+ topology.standalone.modify_s(GROUP_DN3, [(ldap.MOD_ADD, 'member', USER_DN)])
+ except ldap.LDAPError, e:
+ log.error('Failed to member to group: error ' + e.message['desc'])
+ assert False
+ time.sleep(1)
+
+ # Check that the test user is a "memberOf" all three groups
+ try:
+ member_filter = ('(&(memberOf=' + GROUP_DN1 + ')(memberOf=' + GROUP_DN2 +
+ ')(memberOf=' + GROUP_DN3 + '))')
+ entries = topology.standalone.search_s(USER_DN, ldap.SCOPE_BASE, member_filter)
+ if not entries:
+ log.fatal('User is missing expected memberOf attrs')
+ assert False
+ except ldap.LDAPError, e:
+ log.fatal('Search for user1 failed: ' + e.message['desc'])
+ assert False
+
+ #
+ # Delete group2, and check memberOf values in the user entry
+ #
+ try:
+ topology.standalone.delete_s(GROUP_DN2)
+ except ldap.LDAPError, e:
+ log.error('Failed to delete test group2: ' + e.message['desc'])
+ assert False
+ time.sleep(1)
+
+ try:
+ member_filter = ('(&(memberOf=' + GROUP_DN1 + ')(memberOf=' + GROUP_DN3 + '))')
+ entries = topology.standalone.search_s(USER_DN, ldap.SCOPE_BASE, member_filter)
+ if not entries:
+ log.fatal('User incorrect memberOf attrs')
+ assert False
+ except ldap.LDAPError, e:
+ log.fatal('Search for user1 failed: ' + e.message['desc'])
+ assert False
+
+ log.info('Test complete')
+
+
+def test_ticket47963_final(topology):
+ topology.standalone.delete()
+ log.info('Testcase PASSED')
+
+
+def run_isolated():
+ global installation1_prefix
+ installation1_prefix = None
+
+ topo = topology(True)
+ test_ticket47963(topo)
+ test_ticket47963_final(topo)
+
+
+if __name__ == '__main__':
+ run_isolated()
+
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index b8e2386..27ccedf 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -691,7 +691,7 @@ memberof_call_foreach_dn(Slapi_PBlock *pb, Slapi_DN *sdn,
char *cookie = NULL;
int all_backends = memberof_config_get_all_backends();
Slapi_DN *entry_scope = memberof_config_get_entry_scope();
- Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
+ Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
int types_name_len = 0;
int num_types = 0;
int dn_len = slapi_sdn_get_ndn_len(sdn);
@@ -703,7 +703,7 @@ memberof_call_foreach_dn(Slapi_PBlock *pb, Slapi_DN *sdn,
return (rc);
}
- if (entry_scope_exclude_subtree && slapi_sdn_issuffix(sdn, entry_scope_exclude_subtree)) {
+ if (entry_scope_exclude_subtree && slapi_sdn_issuffix(sdn, entry_scope_exclude_subtree)) {
return (rc);
}
@@ -2024,7 +2024,7 @@ Slapi_ValueSet *
memberof_get_groups(MemberOfConfig *config, Slapi_DN *member_sdn)
{
Slapi_ValueSet *groupvals = slapi_valueset_new();
- Slapi_ValueSet *group_norm_vals = slapi_valueset_new();
+ Slapi_ValueSet *group_norm_vals = slapi_valueset_new();
Slapi_Value *memberdn_val =
slapi_value_new_string(slapi_sdn_get_ndn(member_sdn));
slapi_value_set_flags(memberdn_val, SLAPI_ATTR_FLAG_NORMALIZED_CIS);
@@ -2034,7 +2034,7 @@ memberof_get_groups(MemberOfConfig *config, Slapi_DN *member_sdn)
memberof_get_groups_r(config, member_sdn, &data);
slapi_value_free(&memberdn_val);
- slapi_valueset_free(group_norm_vals);
+ slapi_valueset_free(group_norm_vals);
return groupvals;
}
@@ -2057,12 +2057,13 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
{
Slapi_DN *group_sdn = slapi_entry_get_sdn(e);
char *group_ndn = slapi_entry_get_ndn(e);
- char *group_dn = slapi_entry_get_dn(e);
+ char *group_dn = slapi_entry_get_dn(e);
Slapi_Value *group_ndn_val = 0;
- Slapi_Value *group_dn_val = 0;
+ Slapi_Value *group_dn_val = 0;
Slapi_ValueSet *groupvals = *((memberof_get_groups_data*)callback_data)->groupvals;
- Slapi_ValueSet *group_norm_vals = *((memberof_get_groups_data*)callback_data)->group_norm_vals;
- Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
+ Slapi_ValueSet *group_norm_vals = *((memberof_get_groups_data*)callback_data)->group_norm_vals;
+ Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
+ MemberOfConfig *config = ((memberof_get_groups_data*)callback_data)->config;
int rc = 0;
if(slapi_is_shutting_down()){
@@ -2116,18 +2117,19 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
goto bail;
}
- /* if the group does not belong to an excluded subtree, adds it to the valueset */
- if (!(entry_scope_exclude_subtree && slapi_sdn_issuffix(group_sdn, entry_scope_exclude_subtree))) {
- /* Push group_dn_val into the valueset. This memory is now owned
- * by the valueset. */
- group_dn_val = slapi_value_new_string(group_dn);
- slapi_valueset_add_value_ext(groupvals, group_dn_val, SLAPI_VALUE_FLAG_PASSIN);
- slapi_valueset_add_value_ext(group_norm_vals, group_ndn_val, SLAPI_VALUE_FLAG_PASSIN);
- }
-
- /* now recurse to find parent groups of e */
- memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
- group_sdn, callback_data);
+ /* if the group does not belong to an excluded subtree, adds it to the valueset */
+ if (!(entry_scope_exclude_subtree && slapi_sdn_issuffix(group_sdn, entry_scope_exclude_subtree))) {
+ /* Push group_dn_val into the valueset. This memory is now owned
+ * by the valueset. */
+ group_dn_val = slapi_value_new_string(group_dn);
+ slapi_valueset_add_value_ext(groupvals, group_dn_val, SLAPI_VALUE_FLAG_PASSIN);
+ slapi_valueset_add_value_ext(group_norm_vals, group_ndn_val, SLAPI_VALUE_FLAG_PASSIN);
+ }
+ if(!config->skip_nested || config->fixup_task){
+ /* now recurse to find parent groups of e */
+ memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
+ group_sdn, callback_data);
+ }
bail:
return rc;
@@ -2844,10 +2846,7 @@ int memberof_fix_memberof_callback(Slapi_Entry *e, void *callback_data)
memberof_del_dn_data del_data = {0, config->memberof_attr};
Slapi_ValueSet *groups = 0;
- if(!config->skip_nested || config->fixup_task){
- /* get a list of all of the groups this user belongs to */
- groups = memberof_get_groups(config, sdn);
- }
+ groups = memberof_get_groups(config, sdn);
/* If we found some groups, replace the existing memberOf attribute
* with the found values. */
9 years, 1 month
dirsrvtests/tickets ldap/servers
by Mark Reynolds
dirsrvtests/tickets/ticket47963_test.py | 191 +++++++++++++++++++++++++++++++
ldap/servers/plugins/memberof/memberof.c | 47 +++----
2 files changed, 214 insertions(+), 24 deletions(-)
New commits:
commit 248b471c86dbd7ed6a86e9def90a0d7a9858ed91
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Feb 3 12:52:40 2015 -0500
Ticket 47963 - memberof skip nested groups breaks the plugin
Bug Description: The previous patch broke the memberOf plugin - it
basically wouldn't do anything. The skip was being
done too early.
Fix Description: Move the "recursion skip" to the appropriate location.
https://fedorahosted.org/389/ticket/47963
Reviewed by: nhosoi(Thanks!)
diff --git a/dirsrvtests/tickets/ticket47963_test.py b/dirsrvtests/tickets/ticket47963_test.py
new file mode 100644
index 0000000..7d0afeb
--- /dev/null
+++ b/dirsrvtests/tickets/ticket47963_test.py
@@ -0,0 +1,191 @@
+import os
+import sys
+import time
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry, tools, tasks
+from lib389.tools import DirSrvTools
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+
+class TopologyStandalone(object):
+ def __init__(self, standalone):
+ standalone.open()
+ self.standalone = standalone
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating standalone instance ...
+ standalone = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_STANDALONE
+ args_instance[SER_PORT] = PORT_STANDALONE
+ args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_standalone = args_instance.copy()
+ standalone.allocate(args_standalone)
+ instance_standalone = standalone.exists()
+ if instance_standalone:
+ standalone.delete()
+ standalone.create()
+ standalone.open()
+
+ # Clear out the tmp dir
+ standalone.clearTmpDir(__file__)
+
+ return TopologyStandalone(standalone)
+
+
+def test_ticket47963(topology):
+ '''
+ Test that the memberOf plugin works correctly after setting:
+
+ memberofskipnested: on
+
+ '''
+ PLUGIN_DN = 'cn=' + PLUGIN_MEMBER_OF + ',cn=plugins,cn=config'
+ USER_DN = 'uid=test_user,' + DEFAULT_SUFFIX
+ GROUP_DN1 = 'cn=group1,' + DEFAULT_SUFFIX
+ GROUP_DN2 = 'cn=group2,' + DEFAULT_SUFFIX
+ GROUP_DN3 = 'cn=group3,' + DEFAULT_SUFFIX
+
+ #
+ # Enable the plugin and configure the skiop nest attribute, then restart the server
+ #
+ topology.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
+ try:
+ topology.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, 'memberofskipnested', 'on')])
+ except ldap.LDAPError, e:
+ log.error('test_automember: Failed to modify config entry: error ' + e.message['desc'])
+ assert False
+
+ topology.standalone.restart(timeout=10)
+
+ #
+ # Add our groups, users, memberships, etc
+ #
+ try:
+ topology.standalone.add_s(Entry((USER_DN, {
+ 'objectclass': 'top extensibleObject'.split(),
+ 'uid': 'test_user'
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add teset user: error ' + e.message['desc'])
+ assert False
+
+ try:
+ topology.standalone.add_s(Entry((GROUP_DN1, {
+ 'objectclass': 'top groupOfNames groupOfUniqueNames extensibleObject'.split(),
+ 'cn': 'group1',
+ 'member': USER_DN
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add group1: error ' + e.message['desc'])
+ assert False
+
+ try:
+ topology.standalone.add_s(Entry((GROUP_DN2, {
+ 'objectclass': 'top groupOfNames groupOfUniqueNames extensibleObject'.split(),
+ 'cn': 'group2',
+ 'member': USER_DN
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add group2: error ' + e.message['desc'])
+ assert False
+
+ # Add group with no member(yet)
+ try:
+ topology.standalone.add_s(Entry((GROUP_DN3, {
+ 'objectclass': 'top groupOfNames groupOfUniqueNames extensibleObject'.split(),
+ 'cn': 'group'
+ })))
+ except ldap.LDAPError, e:
+ log.error('Failed to add group3: error ' + e.message['desc'])
+ assert False
+ time.sleep(1)
+
+ #
+ # Test we have the correct memberOf values in the user entry
+ #
+ try:
+ member_filter = ('(&(memberOf=' + GROUP_DN1 + ')(memberOf=' + GROUP_DN2 + '))')
+ entries = topology.standalone.search_s(USER_DN, ldap.SCOPE_BASE, member_filter)
+ if not entries:
+ log.fatal('User is missing expected memberOf attrs')
+ assert False
+ except ldap.LDAPError, e:
+ log.fatal('Search for user1 failed: ' + e.message['desc'])
+ assert False
+
+ # Add the user to the group
+ try:
+ topology.standalone.modify_s(GROUP_DN3, [(ldap.MOD_ADD, 'member', USER_DN)])
+ except ldap.LDAPError, e:
+ log.error('Failed to member to group: error ' + e.message['desc'])
+ assert False
+ time.sleep(1)
+
+ # Check that the test user is a "memberOf" all three groups
+ try:
+ member_filter = ('(&(memberOf=' + GROUP_DN1 + ')(memberOf=' + GROUP_DN2 +
+ ')(memberOf=' + GROUP_DN3 + '))')
+ entries = topology.standalone.search_s(USER_DN, ldap.SCOPE_BASE, member_filter)
+ if not entries:
+ log.fatal('User is missing expected memberOf attrs')
+ assert False
+ except ldap.LDAPError, e:
+ log.fatal('Search for user1 failed: ' + e.message['desc'])
+ assert False
+
+ #
+ # Delete group2, and check memberOf values in the user entry
+ #
+ try:
+ topology.standalone.delete_s(GROUP_DN2)
+ except ldap.LDAPError, e:
+ log.error('Failed to delete test group2: ' + e.message['desc'])
+ assert False
+ time.sleep(1)
+
+ try:
+ member_filter = ('(&(memberOf=' + GROUP_DN1 + ')(memberOf=' + GROUP_DN3 + '))')
+ entries = topology.standalone.search_s(USER_DN, ldap.SCOPE_BASE, member_filter)
+ if not entries:
+ log.fatal('User incorrect memberOf attrs')
+ assert False
+ except ldap.LDAPError, e:
+ log.fatal('Search for user1 failed: ' + e.message['desc'])
+ assert False
+
+ log.info('Test complete')
+
+
+def test_ticket47963_final(topology):
+ topology.standalone.delete()
+ log.info('Testcase PASSED')
+
+
+def run_isolated():
+ global installation1_prefix
+ installation1_prefix = None
+
+ topo = topology(True)
+ test_ticket47963(topo)
+ test_ticket47963_final(topo)
+
+
+if __name__ == '__main__':
+ run_isolated()
+
diff --git a/ldap/servers/plugins/memberof/memberof.c b/ldap/servers/plugins/memberof/memberof.c
index b8e2386..27ccedf 100644
--- a/ldap/servers/plugins/memberof/memberof.c
+++ b/ldap/servers/plugins/memberof/memberof.c
@@ -691,7 +691,7 @@ memberof_call_foreach_dn(Slapi_PBlock *pb, Slapi_DN *sdn,
char *cookie = NULL;
int all_backends = memberof_config_get_all_backends();
Slapi_DN *entry_scope = memberof_config_get_entry_scope();
- Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
+ Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
int types_name_len = 0;
int num_types = 0;
int dn_len = slapi_sdn_get_ndn_len(sdn);
@@ -703,7 +703,7 @@ memberof_call_foreach_dn(Slapi_PBlock *pb, Slapi_DN *sdn,
return (rc);
}
- if (entry_scope_exclude_subtree && slapi_sdn_issuffix(sdn, entry_scope_exclude_subtree)) {
+ if (entry_scope_exclude_subtree && slapi_sdn_issuffix(sdn, entry_scope_exclude_subtree)) {
return (rc);
}
@@ -2024,7 +2024,7 @@ Slapi_ValueSet *
memberof_get_groups(MemberOfConfig *config, Slapi_DN *member_sdn)
{
Slapi_ValueSet *groupvals = slapi_valueset_new();
- Slapi_ValueSet *group_norm_vals = slapi_valueset_new();
+ Slapi_ValueSet *group_norm_vals = slapi_valueset_new();
Slapi_Value *memberdn_val =
slapi_value_new_string(slapi_sdn_get_ndn(member_sdn));
slapi_value_set_flags(memberdn_val, SLAPI_ATTR_FLAG_NORMALIZED_CIS);
@@ -2034,7 +2034,7 @@ memberof_get_groups(MemberOfConfig *config, Slapi_DN *member_sdn)
memberof_get_groups_r(config, member_sdn, &data);
slapi_value_free(&memberdn_val);
- slapi_valueset_free(group_norm_vals);
+ slapi_valueset_free(group_norm_vals);
return groupvals;
}
@@ -2057,12 +2057,13 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
{
Slapi_DN *group_sdn = slapi_entry_get_sdn(e);
char *group_ndn = slapi_entry_get_ndn(e);
- char *group_dn = slapi_entry_get_dn(e);
+ char *group_dn = slapi_entry_get_dn(e);
Slapi_Value *group_ndn_val = 0;
- Slapi_Value *group_dn_val = 0;
+ Slapi_Value *group_dn_val = 0;
Slapi_ValueSet *groupvals = *((memberof_get_groups_data*)callback_data)->groupvals;
- Slapi_ValueSet *group_norm_vals = *((memberof_get_groups_data*)callback_data)->group_norm_vals;
- Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
+ Slapi_ValueSet *group_norm_vals = *((memberof_get_groups_data*)callback_data)->group_norm_vals;
+ Slapi_DN *entry_scope_exclude_subtree = memberof_config_get_entry_scope_exclude_subtree();
+ MemberOfConfig *config = ((memberof_get_groups_data*)callback_data)->config;
int rc = 0;
if(slapi_is_shutting_down()){
@@ -2116,18 +2117,19 @@ int memberof_get_groups_callback(Slapi_Entry *e, void *callback_data)
goto bail;
}
- /* if the group does not belong to an excluded subtree, adds it to the valueset */
- if (!(entry_scope_exclude_subtree && slapi_sdn_issuffix(group_sdn, entry_scope_exclude_subtree))) {
- /* Push group_dn_val into the valueset. This memory is now owned
- * by the valueset. */
- group_dn_val = slapi_value_new_string(group_dn);
- slapi_valueset_add_value_ext(groupvals, group_dn_val, SLAPI_VALUE_FLAG_PASSIN);
- slapi_valueset_add_value_ext(group_norm_vals, group_ndn_val, SLAPI_VALUE_FLAG_PASSIN);
- }
-
- /* now recurse to find parent groups of e */
- memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
- group_sdn, callback_data);
+ /* if the group does not belong to an excluded subtree, adds it to the valueset */
+ if (!(entry_scope_exclude_subtree && slapi_sdn_issuffix(group_sdn, entry_scope_exclude_subtree))) {
+ /* Push group_dn_val into the valueset. This memory is now owned
+ * by the valueset. */
+ group_dn_val = slapi_value_new_string(group_dn);
+ slapi_valueset_add_value_ext(groupvals, group_dn_val, SLAPI_VALUE_FLAG_PASSIN);
+ slapi_valueset_add_value_ext(group_norm_vals, group_ndn_val, SLAPI_VALUE_FLAG_PASSIN);
+ }
+ if(!config->skip_nested || config->fixup_task){
+ /* now recurse to find parent groups of e */
+ memberof_get_groups_r(((memberof_get_groups_data*)callback_data)->config,
+ group_sdn, callback_data);
+ }
bail:
return rc;
@@ -2844,10 +2846,7 @@ int memberof_fix_memberof_callback(Slapi_Entry *e, void *callback_data)
memberof_del_dn_data del_data = {0, config->memberof_attr};
Slapi_ValueSet *groups = 0;
- if(!config->skip_nested || config->fixup_task){
- /* get a list of all of the groups this user belongs to */
- groups = memberof_get_groups(config, sdn);
- }
+ groups = memberof_get_groups(config, sdn);
/* If we found some groups, replace the existing memberOf attribute
* with the found values. */
9 years, 1 month
Changes to 'refs/tags/389-admin-1.1.38'
by Noriko Hosoi
Changes since 389-admin-1.1.11:
Endi S. Dewata (3):
Bug 573889 - Migration does not remove deprecated schema
Bug 644929 - FDS to 389 DS migration results in both Fedora and 389 entries
Bug 470576 - Migration could do addition checks before commiting actions
Ludwig (1):
Ticket 47563 - cannot restart directory server from console
Mark Reynolds (15):
Ticket #286 - compilation fixes for 'format-security'
Ticket 401 - Console login fails with anonymous access disabled
Ticket 400 - BIND operation result not checked properly in admin server
Ticket 47665 - Create new instance results in setting wrong ACI for the "cn=config" entry
Ticket 47495 - admin express: wrong instance creation time
Ticket 47497 - Admin Express - remove "Security Level"
Ticket 47850 - "nsslapd-allow-anonymous-access: rootdse" makes login as "admin" fail at the first time
Ticket 47300 - Update man page for remove-ds-admin.pl
Ticket 47891 - Admin Server reconfig breaks SSL config
Ticket 47893 - Admin Server should use Sys::Hostname instead Net::Domain
Ticket 47548 - register-ds-admin does not register into remote config ds
Ticket 47860 - register-ds-admin.pl problem when following steps to replicate o=netscaperoot
Ticket 47697 - Resource leak in lib/libdsa/dsalib_updown.c
Ticket 201 - nCipher HSM cannot be configured via the console
Ticket 47929 - Admin Server - disable SSLv3 by default
Nathan Kinder (49):
Bug 648949 - Merge selinux policy into base OS
Regenerated autoconf files
Bug 638511 - dirsrv-admin crashes at startup with SELinux enabled
Bug 668950 - Add posix group support to Console
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 618897 - Wrong permissions when creating instance from Console
Bug 493424 - remove unneeded modules for admin server apache config
Bug 614690 - Don't use exec to call genrb
Bug 699815 - (cov#10859) Add missing braces in mod_admserv code
Bug 699815 - (cov#10858) getenv() called twice in viewlog cgi
Bug 699815 - (cov#10849,10851) Remove unused variables
Bug 699907 - (cov#10844) Uninitialized time struct
Bug 699907 - (cov#10843) Use of uninitialized variable in logging code
Bug 699907 - (cov#10840) Use of uninitialized buffer in security cgi
Bug 699907 - (cov#10836) Use of uninitialized var in http conn code
Bug 699907 - (cov#10833) Use of uninitialized vars in SNMP code
Bug 700532 - (cov#10832) Incorrect if condition in dsalib
Bug 700875 - (cov#10778) Cleanup ds_bring_up_server_install() in dsalib
Bug 700890 - (cov#10812) Check return value of open() properly in libadmin
Bug 700948 - (cov#10846) - Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10845) Use of uninitialized variable in mod_admserv
Bug 700948 - (cov#10839) Use of uninitialized variable in security cgi
Bug 700948 - (cov#10837) Use of uninitialized variable in monreplication
Bug 700948 - (cov#10835) Use of unitialized pointer in config cgi
Bug 700948 - (cov#10813) dynamic overrun possibility in ds_listdb cgi
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 700948 - (cov#10842) Use of unintialized variable in statusping
Bug 702150 - (cov#10823) File descriptors leaked in help cgi
Bug 702150 - (cov#10822,10821) file descriptor leaks in config cgi
Bug 702150 - (cov#10820,10819) file descriptor leaks in readlog cgi
Bug 702150 - leak of config array in dsalib
Bug 702150 - (cov#10816) file descriptor leak in dsalib
Bug 702150 - (cov#10817) Leak of string in libdsa
Bug 702150 - Resouce leaks in htmladmin.c
Bug 702705 - (cov#10830) NULL pointer dereference in htmladmin
Bug 702705 - NULL pointer dereferences in viewlog cgi
Bug 702705 - (cov#10803) NULL pointer dereference in security cgi
Bug 702705 - (cov#10785) NULL pointer dereference in ds_snmpctrl
Bug 702705 - (cov#10784,10783) NULL pointer dereferences in dsalib
Bug 719056 - migrate-ds-admin.pl needs to update SELinux policy
Bug 724808 - startup CGIs write temp file to /
Bug 730079 - Update SELinux policy during upgrades
Ticket #329 - Port modules to httpd 2.4
Ticket #47333 - Relabel lockfile when starting Admin Server
Ticket #47334 - Avoid quoting all settings in console.conf
Ticket 47468 - Change security password validation error is out of order
Ticket 47466 - Importing CA cert with existing name crashes security CGI
Ticket 362 - Directory Console generates insufficient key strength
Ticket 47467 - Improve CRL import error messages
Noriko Hosoi (28):
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
start-ds-admin.in -- replaced "return 1" with "exit 1"
Bug 616260 - libds-admin-serv linking fails due to unresolved link-time dependencies
Bug 618858 - move start-ds-admin env file into main admin server
Bug 387981 - plain files can be chosen on the Restore Directory dialog
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 245278 - Changing to a password with a single quote does not work
Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
Bug 158926 - Unable to install CA certificate when using
Bug 476925 - Admin Server: Do not allow 8-bit passwords for the admin user
Bug 476925 - Admin Server: Do not allow 8-bit passwords for
Trac Ticket #307 - htmladmin keeps segfaulting
If htmladmin fails to connect to the server, the cgi could crash.
Ticket #293 - remove-ds-admin.pl does not remove everything
Ticket #476 - 389 ds do not start on F18 due to missing modules
bump version to 1.1.31
Ticket #567 - Restart of Admin server from console fails on segfault
bump version to 1.1.32
bump version to 1.1.33
bump version to 1.1.34
Ticket #47493 - Configuration Tab does not work with FIPS mode enabled
bump version to 1.1.36
Ticket 47891 - Admin Server reconfig breaks SSL config
Ticket #47995 - Admin Server: source code cleaning
bump version to 1.1.37
Ticket #48024 - repl-monitor invoked from adminserver cgi fails
bump version to 1.1.38
Rich Megginson (66):
bump version to 1.1.12.a1
initial support for openldap
add selinux policy for dsgw
skip LD_PRELOAD if using openldap
add more log information if nss init fails
add even more nss debugging
Bug 618454 - mod_admserv should only clear NSS caches and shutdown if NSS is initialized
bump version to 1.1.12.a2
fix building with mozldap
bump version to 1.1.12.a3
fix autotool build issues with properties files
setup-ds-admin.pl -u exits with ServerAdminID and as_uid related error
Bug 656441 - Missing library path entry causes LD_PRELOAD error
bump version to 1.1.13
bump version to 1.1.14.a1
Bug 664671 - Admin server segfault when full SSL access (http+ldap+console) required
bump version to 1.1.14
bump version to 1.1.15
bump version to 1.1.16
Bug 703990 - Support upgrade from Red Hat Directory Server
bump version to 1.1.17
add support for different skins
skip rebranding current brand
bump version to 1.1.18
look for separate openldap ldif library
bump version to 1.1.19
Bug 710372 - Not able to open the Manage Certificate from DS-console
better NSS error handling - reduce memory leaks
fix typo in NSS_Shutdown warning message
added tests for the security cgi
Bug 713000 - Migration stops if old admin server cannot be stopped
Bug 718079 - Perl errors when running migrate-ds-admin.pl
Bug 718285 - AdminServer should use "service" command instead of start/stop/restart scripts
bump version to 1.1.20
bump version to 1.1.21
handle binary upgrade
add man pages for ds_removal and ds_unregister
bump version to 1.1.22
fix binary paths
bump version to 1.1.23
bump version to 1.1.24
Bug 695741 - Providing native systemd file for upcoming F16 Feature Systemd
Bug 740959 - 389-console put CA certificates into wrong database
bump version to 1.1.25
Bug 767823 - selinux: need to allow admin server to connect to ldap port
bump version to 1.1.26
Ticket #161 - Review and address latest Coverity issues
Ticket #281 - TLS not working with latest openldap
bump version to 1.1.27
bump version to 1.1.28
bump version to 1.1.29
bump version to 1.1.30
ignore files generated by Eclipse
Ticket #47486 compiler warnings in adminutil, admin, dsgw
Ticket #47465 problem with 389-adminutil detection in m4/adminutil.m4 in 389-admin and 389-dsgw
add more debugging for SSL connection problems
Ticket #47413 389-admin fails to build with latest httpd
compiler warning - ldif_read_record lineno type depends on openldap version
add Eclipse and patch files
bump version to 1.1.35
Ticket #47498 Error Message for Failed to create the configuration directory server
Ticket #418 Error with register-ds-admin.pl
Ticket #222 Admin Express issues "Internal Server Error" when the Config DS is down.
Ticket #434 admin-serv logs filling with "admserv_host_ip_check: ap_get_remote_host could not resolve <ip address>"
Ticket #47300 [RFE] remove-ds-admin.pl: redesign the behaviour
Ticket #47478 No groups file? error restarting Admin server
Wes Hardin (1):
fix for bug 377 - Unchecked use of SELinux command
noriko (1):
Ticket #47298 - remove-ds-admin.pl does not stop the admin server
---
.gitignore | 4
Makefile.am | 109
Makefile.in | 1767 -
VERSION.sh | 4
aclocal.m4 | 7258 ----
admserv/cfgstuff/console.conf.in | 2
admserv/cfgstuff/httpd-2.2.conf.in | 13
admserv/cfgstuff/httpd-2.4.conf.in | 742
admserv/cfgstuff/httpd.conf.in | 2
admserv/cfgstuff/initconfig.in | 5
admserv/cfgstuff/start-ds-admin.in | 83
admserv/cgi-ds/ds_listdb.c | 26
admserv/cgi-ds/ds_snmpctrl.c | 5
admserv/cgi-src40/ReadLog.c | 18
admserv/cgi-src40/admlib.mk | 119
admserv/cgi-src40/admpw.c | 79
admserv/cgi-src40/cgicommon.h | 1
admserv/cgi-src40/cgicommon.properties | 3
admserv/cgi-src40/config.c | 43
admserv/cgi-src40/dllglue.c | 42
admserv/cgi-src40/ds_create.in | 18
admserv/cgi-src40/dsconfig.c | 10
admserv/cgi-src40/head.html | 1
admserv/cgi-src40/help.c | 15
admserv/cgi-src40/htmladmin.c | 810
admserv/cgi-src40/htmladmin.properties | 42
admserv/cgi-src40/monreplication.c | 7
admserv/cgi-src40/repl-monitor-cgi.pl.in | 30
admserv/cgi-src40/restartsrv.c | 9
admserv/cgi-src40/sec-activate.c | 163
admserv/cgi-src40/security.c | 314
admserv/cgi-src40/security.properties | 6
admserv/cgi-src40/start_config_ds.c | 11
admserv/cgi-src40/statpingserv.c | 82
admserv/cgi-src40/stopsrv.c | 10
admserv/cgi-src40/ugdsconfig.c | 39
admserv/cgi-src40/viewdata.c | 264
admserv/cgi-src40/viewdata.properties | 2
admserv/cgi-src40/viewlog.c | 75
admserv/cgi-src40/viewlog.properties | 6
admserv/genrb_wrapper.sh | 2
admserv/html/admserv.html.in | 11
admserv/html/htmladmin.html.in | 13
admserv/html/monreplication.html | 20
admserv/html/viewdata.html | 6
admserv/html/viewlog.html | 14
admserv/makeUpgradeTar.sh | 30
admserv/newinst/src/25changefedorato389.pl | 250
admserv/newinst/src/25rebrand.pl.in | 413
admserv/newinst/src/30updateglobalpref.pl.in | 9
admserv/newinst/src/AdminMigration.pm.in | 79
admserv/newinst/src/AdminServer.pm.in | 266
admserv/newinst/src/AdminUtil.pm.in | 91
admserv/newinst/src/ConfigDSDialogs.pm | 42
admserv/newinst/src/dirserver.map.in | 1
admserv/newinst/src/register-ds-admin.pl.in | 714
admserv/newinst/src/register-ds-admin.res.in | 36
admserv/newinst/src/register_param.map.in | 4
admserv/newinst/src/register_server.pl.in | 6
admserv/newinst/src/remove-ds-admin.pl.in | 8
admserv/newinst/src/setup-ds-admin.pl.in | 6
admserv/newinst/src/setup-ds-admin.res.in | 20
admserv/schema/ldif/02globalpreferences.ldif.tmpl | 49
admserv/schema/ldif/10dsdata.ldif.tmpl | 39
compile | 240
config.guess | 529
config.h.in | 33
config.sub | 379
configure |38698 +++++++++-------------
configure.ac | 111
depcomp | 343
include/base/file.h | 3
include/base/util.h | 3
include/libadmin/dbtlibadmin.h | 2
include/libadmin/libadmin.h | 92
include/libdsa/dsalib.h | 15
install-sh | 538
lib/base/file.cpp | 30
lib/base/nscputil.cpp | 51
lib/libadmin/dllglue.c | 77
lib/libadmin/httpcon.c | 5
lib/libadmin/referer.c | 4
lib/libadmin/template.c | 29
lib/libadmin/util.c | 973
lib/libdsa/dsalib_conf.c | 37
lib/libdsa/dsalib_confs.c | 93
lib/libdsa/dsalib_location.c | 56
lib/libdsa/dsalib_tailf.c | 1
lib/libdsa/dsalib_updown.c | 118
lib/libdsa/dsalib_util.c | 56
ltmain.sh |14878 +++++---
m4/adminutil.m4 | 4
m4/httpd.m4 | 3
m4/mozldap.m4 | 116
m4/openldap.m4 | 138
m4/selinux.m4 | 3
man/man8/ds_removal.8 | 54
man/man8/ds_unregister.8 | 48
man/man8/register-ds-admin.pl.8 | 139
man/man8/remove-ds-admin.pl.8 | 10
man/man8/restart-ds-admin.8 | 10
man/man8/start-ds-admin.8 | 10
man/man8/stop-ds-admin.8 | 10
missing | 234
mod_admserv/mod_admserv.c | 564
mod_admserv/mod_admserv.h | 15
mod_restartd/mod_restartd-2.2.c | 22
selinux/dirsrv-admin.fc.in | 5
selinux/dirsrv-admin.te | 2
tests/ds_create/testget.1 | 2
tests/htmladmin/testget.2 | 2
tests/htmladmin/testget.3 | 2
tests/htmladmin/testget.4 | 2
tests/htmladmin/testget.5 | 2
tests/htmladmin/testget.6 | 2
tests/htmladmin/testget.7 | 2
tests/htmladmin/testget.8 | 2
tests/security/testpost.1 | 1
tests/security/testpost.10 | 1
tests/security/testpost.11 | 1
tests/security/testpost.12 | 1
tests/security/testpost.13 | 1
tests/security/testpost.14 | 1
tests/security/testpost.15 | 1
tests/security/testpost.16 | 1
tests/security/testpost.17 | 1
tests/security/testpost.18 | 1
tests/security/testpost.19 | 1
tests/security/testpost.2 | 1
tests/security/testpost.20 | 1
tests/security/testpost.21 | 1
tests/security/testpost.3 | 1
tests/security/testpost.4 | 1
tests/security/testpost.5 | 1
tests/security/testpost.6 | 1
tests/security/testpost.7 | 1
tests/security/testpost.8 | 1
tests/security/testpost.9 | 1
tests/setup.sh | 250
tests/ugdsconfig/testget.10 | 2
tests/viewdata/testget.2 | 2
tests/viewdata/testget.3 | 2
tests/viewdata/testget.4 | 2
tests/viewlog/testget.3 | 2
tests/viewlog/testget.4 | 2
wrappers/initscript.in | 3
wrappers/systemd.service.in | 24
147 files changed, 35272 insertions(+), 38203 deletions(-)
---
9 years, 1 month
VERSION.sh
by Noriko Hosoi
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit a9ef0d23aeed21729f2acab9408274f295f729ce
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Feb 3 13:54:45 2015 -0800
bump version to 1.1.38
diff --git a/VERSION.sh b/VERSION.sh
index 366bcab..6440fa1 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -11,7 +11,7 @@ vendorurl=http://port389.org
# PACKAGE_VERSION is constructed from these
VERSION_MAJOR=1
VERSION_MINOR=1
-VERSION_MAINT=37
+VERSION_MAINT=38
# if this is a PRERELEASE, set VERSION_PREREL
# otherwise, comment it out
# be sure to include the dot prefix in the prerel
9 years, 1 month
dirsrvtests/tickets
by Mark Reynolds
dirsrvtests/tickets/create_testcase.py | 29 +++++----------------
dirsrvtests/tickets/ticket47462_test.py | 17 ++----------
dirsrvtests/tickets/ticket47490_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47553_ger.py | 18 ++-----------
dirsrvtests/tickets/ticket47553_single_aci_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47573_test.py | 21 ++++-----------
dirsrvtests/tickets/ticket47619_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47653MMR_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47676_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47721_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47787_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47869MMR_test.py | 17 ++----------
dirsrvtests/tickets/ticket47871_test.py | 18 ++-----------
dirsrvtests/tickets/ticket47988_test.py | 18 ++-----------
14 files changed, 62 insertions(+), 202 deletions(-)
New commits:
commit 4681fab27a1983c1fc1ae91eb45e25d3fcd28bf8
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Feb 3 09:54:01 2015 -0500
Ticket 48023 - replace old replication check with lib389 function
Description: Replaced the old "replication is working" check with
lib389's more robust replication check function.
https://fedorahosted.org/389/ticket/48023
Reviewed by: nhosoi(Thanks!)
diff --git a/dirsrvtests/tickets/create_testcase.py b/dirsrvtests/tickets/create_testcase.py
index 092c56d..1fa2963 100644
--- a/dirsrvtests/tickets/create_testcase.py
+++ b/dirsrvtests/tickets/create_testcase.py
@@ -168,7 +168,7 @@ if len(sys.argv) > 0:
# Write the 'topology function'
#
TEST.write('@pytest.fixture(scope="module")\n')
- TEST.write('def topology(request): \n')
+ TEST.write('def topology(request):\n')
TEST.write(' global installation1_prefix\n')
TEST.write(' if installation1_prefix:\n')
TEST.write(' args_instance[SER_DEPLOYED_DIR] = installation1_prefix\n\n')
@@ -391,16 +391,6 @@ if len(sys.argv) > 0:
# Write replicaton check
#
if agmt_count > 0:
- TEST.write(' #\n')
- TEST.write(' # Check replication is working...\n')
- TEST.write(' #\n')
- TEST.write(" REPL_TEST_DN = 'cn=test repl,' + SUFFIX\n")
- TEST.write(' master1.add_s(Entry((REPL_TEST_DN, {\n')
- TEST.write(" 'objectclass': 'top person'.split(),\n")
- TEST.write(" 'sn': 'test_repl',\n")
- TEST.write(" 'cn': 'test_repl'})))\n")
- TEST.write(' loop = 0\n')
- TEST.write(' ent = None\n')
# Find the lowest replica type in the deployment(consumer -> master)
if consumers > 0:
replica = 'consumer1'
@@ -408,14 +398,11 @@ if len(sys.argv) > 0:
replica = 'hub1'
else:
replica = 'master2'
- TEST.write(' while loop <= 10:\n')
- TEST.write(' try:\n')
- TEST.write(' ent = ' + replica + '.getEntry(REPL_TEST_DN, ldap.SCOPE_BASE, "(objectclass=*)")\n')
- TEST.write(' break\n')
- TEST.write(' except ldap.NO_SUCH_OBJECT:\n')
- TEST.write(' time.sleep(1)\n')
- TEST.write(' loop += 1\n')
- TEST.write(' if ent is None:\n')
+ TEST.write(' # Check replication is working...\n')
+ TEST.write(' if master1.testReplication(DEFAULT_SUFFIX, ' + replica + '):\n')
+ TEST.write(" log.info('Replication is working.')\n")
+ TEST.write(' else:\n')
+ TEST.write(" log.fatal('Replication is not working.')\n")
TEST.write(' assert False\n')
TEST.write('\n')
@@ -510,7 +497,6 @@ if len(sys.argv) > 0:
for idx in range(consumers):
idx += 1
TEST.write(' topology.consumer' + str(idx) + '.delete()\n')
- TEST.write('\n\n')
else:
for idx in range(instances):
idx += 1
@@ -519,8 +505,9 @@ if len(sys.argv) > 0:
else:
idx = str(idx)
TEST.write(' topology.standalone' + idx + '.delete()\n')
- TEST.write('\n\n')
+
TEST.write(" log.info('Testcase PASSED')\n")
+ TEST.write('\n\n')
#
# Write the main function
diff --git a/dirsrvtests/tickets/ticket47462_test.py b/dirsrvtests/tickets/ticket47462_test.py
index e385f1e..e757f6b 100644
--- a/dirsrvtests/tickets/ticket47462_test.py
+++ b/dirsrvtests/tickets/ticket47462_test.py
@@ -117,19 +117,10 @@ def topology(request):
master1.waitForReplInit(AGMT_DN)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if not ent:
- log.fatal('Replication is not working!')
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47490_test.py b/dirsrvtests/tickets/ticket47490_test.py
index fc8e15a..e5cd888 100644
--- a/dirsrvtests/tickets/ticket47490_test.py
+++ b/dirsrvtests/tickets/ticket47490_test.py
@@ -240,20 +240,10 @@ def topology(request):
master.waitForReplInit(repl_agreement)
# Check replication is working fine
- master.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- ent = None
- loop = 0
- while loop <= 10:
- try:
- ent = consumer.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master.testReplication(DEFAULT_SUFFIX, consumer):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47553_ger.py b/dirsrvtests/tickets/ticket47553_ger.py
index 5f0fbf2..715feb4 100644
--- a/dirsrvtests/tickets/ticket47553_ger.py
+++ b/dirsrvtests/tickets/ticket47553_ger.py
@@ -140,20 +140,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47553_single_aci_test.py b/dirsrvtests/tickets/ticket47553_single_aci_test.py
index 30b7238..5537101 100644
--- a/dirsrvtests/tickets/ticket47553_single_aci_test.py
+++ b/dirsrvtests/tickets/ticket47553_single_aci_test.py
@@ -140,20 +140,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47573_test.py b/dirsrvtests/tickets/ticket47573_test.py
index 1771049..6fcbec7 100644
--- a/dirsrvtests/tickets/ticket47573_test.py
+++ b/dirsrvtests/tickets/ticket47573_test.py
@@ -186,20 +186,10 @@ def topology(request):
master.waitForReplInit(repl_agreement)
# Check replication is working fine
- master.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = consumer.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master.testReplication(DEFAULT_SUFFIX, consumer):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
@@ -214,7 +204,8 @@ def test_ticket47573_init(topology):
"""
Initialize the test environment
"""
- log.debug("test_ticket47573_init topology %r (master %r, consumer %r" % (topology, topology.master, topology.consumer))
+ log.debug("test_ticket47573_init topology %r (master %r, consumer %r" %
+ (topology, topology.master, topology.consumer))
# the test case will check if a warning message is logged in the
# error log of the supplier
topology.master.errorlog_file = open(topology.master.errlog, "r")
diff --git a/dirsrvtests/tickets/ticket47619_test.py b/dirsrvtests/tickets/ticket47619_test.py
index 8475be1..9160afd 100644
--- a/dirsrvtests/tickets/ticket47619_test.py
+++ b/dirsrvtests/tickets/ticket47619_test.py
@@ -108,20 +108,10 @@ def topology(request):
master.waitForReplInit(repl_agreement)
# Check replication is working fine
- master.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = consumer.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master.testReplication(DEFAULT_SUFFIX, consumer):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47653MMR_test.py b/dirsrvtests/tickets/ticket47653MMR_test.py
index 7370332..9db2633 100644
--- a/dirsrvtests/tickets/ticket47653MMR_test.py
+++ b/dirsrvtests/tickets/ticket47653MMR_test.py
@@ -145,20 +145,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47676_test.py b/dirsrvtests/tickets/ticket47676_test.py
index b4175ec..37d09cd 100644
--- a/dirsrvtests/tickets/ticket47676_test.py
+++ b/dirsrvtests/tickets/ticket47676_test.py
@@ -156,20 +156,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47721_test.py b/dirsrvtests/tickets/ticket47721_test.py
index 3f1b9f2..b64d1e4 100644
--- a/dirsrvtests/tickets/ticket47721_test.py
+++ b/dirsrvtests/tickets/ticket47721_test.py
@@ -165,20 +165,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47787_test.py b/dirsrvtests/tickets/ticket47787_test.py
index 567f85b..490e670 100644
--- a/dirsrvtests/tickets/ticket47787_test.py
+++ b/dirsrvtests/tickets/ticket47787_test.py
@@ -144,20 +144,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47869MMR_test.py b/dirsrvtests/tickets/ticket47869MMR_test.py
index a65d5c4..1b1c5f3 100644
--- a/dirsrvtests/tickets/ticket47869MMR_test.py
+++ b/dirsrvtests/tickets/ticket47869MMR_test.py
@@ -118,19 +118,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47871_test.py b/dirsrvtests/tickets/ticket47871_test.py
index 8147764..c6055c3 100644
--- a/dirsrvtests/tickets/ticket47871_test.py
+++ b/dirsrvtests/tickets/ticket47871_test.py
@@ -109,20 +109,10 @@ def topology(request):
master.waitForReplInit(repl_agreement)
# Check replication is working fine
- master.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = consumer.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master.testReplication(DEFAULT_SUFFIX, consumer):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# clear the tmp directory
diff --git a/dirsrvtests/tickets/ticket47988_test.py b/dirsrvtests/tickets/ticket47988_test.py
index 2541260..c51ba35 100644
--- a/dirsrvtests/tickets/ticket47988_test.py
+++ b/dirsrvtests/tickets/ticket47988_test.py
@@ -148,20 +148,10 @@ def topology(request):
master1.waitForReplInit(repl_agreement)
# Check replication is working fine
- master1.add_s(Entry((TEST_REPL_DN, {
- 'objectclass': "top person".split(),
- 'sn': 'test_repl',
- 'cn': 'test_repl'})))
- loop = 0
- ent = None
- while loop <= 10:
- try:
- ent = master2.getEntry(TEST_REPL_DN, ldap.SCOPE_BASE, "(objectclass=*)")
- break
- except ldap.NO_SUCH_OBJECT:
- time.sleep(1)
- loop += 1
- if ent is None:
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
assert False
# Here we have two instances master and consumer
9 years, 1 month