Branch '389-ds-base-1.3.2' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5.h | 2
ldap/servers/plugins/replication/repl5_replica_config.c | 183 ++++++++--------
2 files changed, 99 insertions(+), 86 deletions(-)
New commits:
commit 394429ba5c53266a0135cbe1b60255a9226e13d5
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Apr 21 10:33:49 2015 -0400
Ticket 48151 - Improve CleanAllRUV logging
Bug Description: It is very difficult to troubleshoot cleanAllRUV issues
when there are multiple clean tasks running.
Fix Description: Add the replica ID to each logging statement.
https://fedorahosted.org/389/ticket/48151
Reviewed by: rmeggins(Thanks!)
(cherry picked from commit 33330c355ace8f3d351ea1db94cf2e8faf12f19f)
Conflicts:
ldap/servers/plugins/replication/repl5_replica_config.c
diff --git a/ldap/servers/plugins/replication/repl5.h b/ldap/servers/plugins/replication/repl5.h
index 2fc4e47..19183c1 100644
--- a/ldap/servers/plugins/replication/repl5.h
+++ b/ldap/servers/plugins/replication/repl5.h
@@ -676,7 +676,7 @@ int is_task_aborted(ReplicaId rid);
void delete_aborted_rid(Replica *replica, ReplicaId rid, char *repl_root, int skip);
int is_pre_cleaned_rid(ReplicaId rid);
void set_cleaned_rid(ReplicaId rid);
-void cleanruv_log(Slapi_Task *task, char *task_type, char *fmt, ...);
+void cleanruv_log(Slapi_Task *task, int rid, char *task_type, char *fmt, ...);
char * replica_cleanallruv_get_local_maxcsn(ReplicaId rid, char *base_dn);
#define CLEANRIDSIZ 4 /* maximum number for concurrent CLEANALLRUV tasks */
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index 4635c21..23b8073 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -1445,27 +1445,27 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
/*
* Get our task settings
*/
- if ((base_dn = fetch_attr(e, "replica-base-dn", 0)) == NULL){
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-base-dn attribute");
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ if ((rid_str = fetch_attr(e, "replica-id", 0)) == NULL){
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-id attribute");
+ cleanruv_log(task, -1, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
- if ((rid_str = fetch_attr(e, "replica-id", 0)) == NULL){
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-id attribute");
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ rid = atoi(rid_str);
+ if ((base_dn = fetch_attr(e, "replica-base-dn", 0)) == NULL){
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-base-dn attribute");
+ cleanruv_log(task, (int)rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
-
if ((force_cleaning = fetch_attr(e, "replica-force-cleaning", 0)) != NULL){
if(strcasecmp(force_cleaning,"yes") != 0 && strcasecmp(force_cleaning,"no") != 0){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid value for replica-force-cleaning "
"(%s). Value must be \"yes\" or \"no\" for task - (%s)",
force_cleaning, slapi_sdn_get_dn(task_dn));
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, (int)rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1476,11 +1476,10 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
/*
* Check the rid
*/
- rid = atoi(rid_str);
if (rid <= 0 || rid >= READ_ONLY_REPLICA_ID){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid replica id (%d) for task - (%s)",
rid, slapi_sdn_get_dn(task_dn));
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1488,7 +1487,7 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
if(is_cleaned_rid(rid)){
/* we are already cleaning this rid */
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Replica id (%d) is already being cleaned", rid);
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1499,7 +1498,7 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
dn = slapi_sdn_new_dn_byval(base_dn);
if((r = replica_get_replica_from_dn(dn)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Could not find replica from dn(%s)",slapi_sdn_get_dn(dn));
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1510,7 +1509,7 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
out:
if(rc){
- cleanruv_log(task, CLEANALLRUV_ID, "Task failed...(%d)", rc);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "Task failed...(%d)", rc);
slapi_task_finish(task, *returncode);
} else {
rc = SLAPI_DSE_CALLBACK_OK;
@@ -1542,11 +1541,11 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
char *basedn = NULL;
int rc = 0;
- cleanruv_log(pre_task, CLEANALLRUV_ID,"Initiating CleanAllRUV Task...");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID,"Initiating CleanAllRUV Task...");
if(get_cleanruv_task_count() >= CLEANRIDSIZ){
/* we are already running the maximum number of tasks */
- cleanruv_log(pre_task, CLEANALLRUV_ID,
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID,
"Exceeded maximum number of active CLEANALLRUV tasks(%d)",CLEANRIDSIZ);
return LDAP_UNWILLING_TO_PERFORM;
}
@@ -1556,7 +1555,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
if(r){
replica = (Replica*)object_get_data (r);
} else {
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Replica object is NULL, aborting task");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Replica object is NULL, aborting task");
return -1;
}
/*
@@ -1564,7 +1563,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
*/
if(replica_get_type(replica) == REPLICA_TYPE_READONLY){
/* this is a consumer, send error */
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to clean rid (%d), task can not be run on a consumer",rid);
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to clean rid (%d), task can not be run on a consumer",rid);
if(task){
rc = -1;
slapi_task_finish(task, rc);
@@ -1574,7 +1573,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
/*
* Grab the max csn of the deleted replica
*/
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Retrieving maxcsn...");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Retrieving maxcsn...");
basedn = (char *)slapi_sdn_get_dn(replica_get_root(replica));
maxcsn = replica_cleanallruv_find_maxcsn(replica, rid, basedn);
if(maxcsn == NULL || csn_get_replicaid(maxcsn) == 0){
@@ -1587,7 +1586,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
csn_init_by_string(maxcsn, "");
}
csn_as_string(maxcsn, PR_FALSE, csnstr);
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Found maxcsn (%s)",csnstr);
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Found maxcsn (%s)",csnstr);
/*
* Create payload
*/
@@ -1596,7 +1595,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
slapi_ch_free_string(&ridstr);
if(payload == NULL){
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
rc = -1;
goto fail;
}
@@ -1606,7 +1605,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
*/
data = (cleanruv_data*)slapi_ch_calloc(1, sizeof(cleanruv_data));
if (data == NULL) {
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to allocate cleanruv_data. Aborting task.");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to allocate cleanruv_data. Aborting task.");
rc = -1;
goto fail;
}
@@ -1633,7 +1632,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
}
fail:
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to clean rid (%d)",rid);
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to clean rid (%d)", rid);
if(task){
slapi_task_finish(task, rc);
}
@@ -1699,9 +1698,9 @@ replica_cleanallruv_thread(void *arg)
PR_Unlock( notify_lock );
data->repl_obj = replica_get_replica_from_dn(data->sdn);
if(data->repl_obj == NULL){
- cleanruv_log(data->task, CLEANALLRUV_ID, "Unable to retrieve repl object from dn(%s).", data->sdn);
- aborted = 1;
- goto done;
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Unable to retrieve repl object from dn(%s).", data->sdn);
+ aborted = 1;
+ goto done;
}
data->replica = (Replica*)object_get_data(data->repl_obj);
free_obj = 1;
@@ -1713,9 +1712,9 @@ replica_cleanallruv_thread(void *arg)
}
/* verify we have set our repl objects */
if(data->repl_obj == NULL || data->replica == NULL){
- cleanruv_log(data->task, CLEANALLRUV_ID, "Unable to set the replica objects.");
- aborted = 1;
- goto done;
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Unable to set the replica objects.");
+ aborted = 1;
+ goto done;
}
if(data->repl_root == NULL){
/* we must have resumed from start up, fill in the repl root */
@@ -1735,11 +1734,11 @@ replica_cleanallruv_thread(void *arg)
* Add the cleanallruv task to the repl config - so we can handle restarts
*/
add_cleaned_rid(data->rid, data->replica, csnstr, data->force); /* marks config that we started cleaning a rid */
- cleanruv_log(data->task, CLEANALLRUV_ID, "Cleaning rid (%d)...", data->rid);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Cleaning rid (%d)...", data->rid);
/*
* First, wait for the maxcsn to be covered
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Waiting to process all the updates from the deleted replica...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Waiting to process all the updates from the deleted replica...");
ruv_obj = replica_get_ruv(data->replica);
ruv = object_get_data (ruv_obj);
while(data->maxcsn && !is_task_aborted(data->rid) && !is_cleaned_rid(data->rid) && !slapi_is_shutting_down()){
@@ -1757,7 +1756,7 @@ replica_cleanallruv_thread(void *arg)
*
* Even if we are forcing the cleaning, the replicas still need to be up
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Waiting for all the replicas to be online...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Waiting for all the replicas to be online...");
if(check_agmts_are_alive(data->replica, data->rid, data->task)){
/* error, aborted or shutdown */
aborted = 1;
@@ -1766,7 +1765,7 @@ replica_cleanallruv_thread(void *arg)
/*
* Make sure all the replicas have seen the max csn
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Waiting for all the replicas to receive all the deleted replica updates...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Waiting for all the replicas to receive all the deleted replica updates...");
if(strcasecmp(data->force,"no") == 0 && check_agmts_are_caught_up(data, csnstr)){
/* error, aborted or shutdown */
aborted = 1;
@@ -1780,7 +1779,7 @@ replica_cleanallruv_thread(void *arg)
/*
* Now send the cleanruv extended op to all the agreements
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Sending cleanAllRUV task to all the replicas...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Sending cleanAllRUV task to all the replicas...");
while(agmt_not_notified && !is_task_aborted(data->rid) && !slapi_is_shutting_down()){
agmt_obj = agmtlist_get_first_agreement_for_replica (data->replica);
if(agmt_obj == NULL){
@@ -1798,7 +1797,7 @@ replica_cleanallruv_thread(void *arg)
agmt_not_notified = 0;
} else {
agmt_not_notified = 1;
- cleanruv_log(data->task, CLEANALLRUV_ID, "Failed to send task to replica (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Failed to send task to replica (%s)",agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (data->replica, agmt_obj);
@@ -1814,7 +1813,7 @@ replica_cleanallruv_thread(void *arg)
/*
* need to sleep between passes
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Not all replicas have received the "
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Not all replicas have received the "
"cleanallruv extended op, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
@@ -1829,12 +1828,13 @@ replica_cleanallruv_thread(void *arg)
/*
* Run the CLEANRUV task
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Cleaning local ruv's...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Cleaning local ruv's...");
replica_execute_cleanruv_task (data->repl_obj, data->rid, returntext);
/*
* Wait for all the replicas to be cleaned
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Waiting for all the replicas to be cleaned...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,
+ "Waiting for all the replicas to be cleaned...");
interval = 10;
while(found_dirty_rid && !is_task_aborted(data->rid) && !slapi_is_shutting_down()){
@@ -1853,7 +1853,8 @@ replica_cleanallruv_thread(void *arg)
found_dirty_rid = 0;
} else {
found_dirty_rid = 1;
- cleanruv_log(data->task, CLEANALLRUV_ID,"Replica is not cleaned yet (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Replica is not cleaned yet (%s)",
+ agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (data->replica, agmt_obj);
@@ -1869,7 +1870,7 @@ replica_cleanallruv_thread(void *arg)
/*
* need to sleep between passes
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Replicas have not been cleaned yet, "
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Replicas have not been cleaned yet, "
"retrying in %d seconds", interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
@@ -1891,16 +1892,16 @@ done:
delete_cleaned_rid_config(data);
/* make sure all the replicas have been "pre_cleaned" before finishing */
check_replicas_are_done_cleaning(data);
- cleanruv_log(data->task, CLEANALLRUV_ID, "Successfully cleaned rid(%d).", data->rid);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Successfully cleaned rid(%d).", data->rid);
remove_cleaned_rid(data->rid);
} else {
/*
* Shutdown or abort
*/
if(!is_task_aborted(data->rid)){
- cleanruv_log(data->task, CLEANALLRUV_ID,"Server shutting down. Process will resume at server startup");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Server shutting down. Process will resume at server startup");
} else {
- cleanruv_log(data->task, CLEANALLRUV_ID,"Task aborted for rid(%d).",data->rid);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Task aborted for rid(%d).",data->rid);
delete_cleaned_rid_config(data);
remove_cleaned_rid(data->rid);
}
@@ -1936,7 +1937,7 @@ check_replicas_are_done_cleaning(cleanruv_data *data )
int not_all_cleaned = 1;
int interval = 10;
- cleanruv_log(data->task, CLEANALLRUV_ID, "Waiting for all the replicas to finish cleaning...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Waiting for all the replicas to finish cleaning...");
csn_as_string(data->maxcsn, PR_FALSE, csnstr);
filter = PR_smprintf("(%s=%d:%s:%s)", type_replicaCleanRUV,(int)data->rid, csnstr, data->force);
@@ -1964,7 +1965,7 @@ check_replicas_are_done_cleaning(cleanruv_data *data )
if(not_all_cleaned == 0 || is_task_aborted(data->rid) ){
break;
}
- cleanruv_log(data->task, CLEANALLRUV_ID, "Not all replicas finished cleaning, retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Not all replicas finished cleaning, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2039,7 +2040,7 @@ check_replicas_are_done_aborting(cleanruv_data *data )
int not_all_aborted = 1;
int interval = 10;
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID,"Waiting for all the replicas to finish aborting...");
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID,"Waiting for all the replicas to finish aborting...");
filter = PR_smprintf("(%s=%d:%s)", type_replicaAbortCleanRUV, data->rid, data->repl_root);
@@ -2067,7 +2068,7 @@ check_replicas_are_done_aborting(cleanruv_data *data )
if(not_all_aborted == 0){
break;
}
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Not all replicas finished aborting, retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Not all replicas finished aborting, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2111,7 +2112,7 @@ check_agmts_are_caught_up(cleanruv_data *data, char *maxcsn)
not_all_caughtup = 0;
} else {
not_all_caughtup = 1;
- cleanruv_log(data->task, CLEANALLRUV_ID, "Replica not caught up (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Replica not caught up (%s)",agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (data->replica, agmt_obj);
@@ -2120,7 +2121,8 @@ check_agmts_are_caught_up(cleanruv_data *data, char *maxcsn)
if(not_all_caughtup == 0 || is_task_aborted(data->rid) ){
break;
}
- cleanruv_log(data->task, CLEANALLRUV_ID, "Not all replicas caught up, retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,
+ "Not all replicas caught up, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2168,7 +2170,8 @@ check_agmts_are_alive(Replica *replica, ReplicaId rid, Slapi_Task *task)
not_all_alive = 0;
} else {
not_all_alive = 1;
- cleanruv_log(task, CLEANALLRUV_ID, "Replica not online (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "Replica not online (%s)",
+ agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (replica, agmt_obj);
@@ -2177,7 +2180,8 @@ check_agmts_are_alive(Replica *replica, ReplicaId rid, Slapi_Task *task)
if(not_all_alive == 0 || is_task_aborted(rid)){
break;
}
- cleanruv_log(task, CLEANALLRUV_ID, "Not all replicas online, retrying in %d seconds...",interval);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "Not all replicas online, retrying in %d seconds...",
+ interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2281,8 +2285,9 @@ replica_send_cleanruv_task(Repl_Agmt *agmt, cleanruv_data *clean_data)
if(rc != LDAP_SUCCESS){
char *hostname = agmt_get_hostname(agmt);
- cleanruv_log(clean_data->task, CLEANALLRUV_ID, "Failed to add CLEANRUV task (%s) to replica "
- "(%s). You will need to manually run the CLEANRUV task on this replica (%s) error (%d)",
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "Failed to add CLEANRUV task (%s) to replica (%s). You will need "
+ "to manually run the CLEANRUV task on this replica (%s) error (%d)",
repl_dn, agmt_get_long_name(agmt), hostname, rc);
slapi_ch_free_string(&hostname);
}
@@ -2554,7 +2559,7 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
int rc = -1, ret, rid;
if(clean_data == NULL){
- cleanruv_log(NULL, CLEANALLRUV_ID, "delete_cleaned_rid_config: cleanruv data is NULL, "
+ cleanruv_log(NULL, clean_data->rid, CLEANALLRUV_ID, "delete_cleaned_rid_config: cleanruv data is NULL, "
"failed to clean the config.");
return;
}
@@ -2573,7 +2578,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
slapi_search_internal_pb(pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &ret);
if (ret != LDAP_SUCCESS){
- cleanruv_log(clean_data->task, CLEANALLRUV_ID,"delete_cleaned_rid_config: internal search failed(%d).",ret);
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: internal search failed(%d).",ret);
goto bail;
} else {
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
@@ -2581,7 +2587,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
/*
* No matching entries!
*/
- cleanruv_log(clean_data->task, CLEANALLRUV_ID,"delete_cleaned_rid_config: failed to find any "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: failed to find any "
"entries with nsds5ReplicaCleanRUV under (%s)", dn);
goto bail;
} else {
@@ -2632,7 +2639,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
}
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
- cleanruv_log(clean_data->task, CLEANALLRUV_ID, "delete_cleaned_rid_config: failed to remove task data "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: failed to remove task data "
"from (%s) error (%d), rid (%d)", edn, rc, clean_data->rid);
goto bail;
}
@@ -2642,7 +2650,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
bail:
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
- cleanruv_log(clean_data->task, CLEANALLRUV_ID, "delete_cleaned_rid_config: failed to remove replica config "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: failed to remove replica config "
"(%d), rid (%d)", rc, clean_data->rid);
}
slapi_free_search_results_internal(pb);
@@ -2700,8 +2709,10 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(get_abort_cleanruv_task_count() >= CLEANRIDSIZ){
/* we are already running the maximum number of tasks */
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Exceeded maximum number of active ABORT CLEANALLRUV tasks(%d)",CLEANRIDSIZ);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "Exceeded maximum number of active ABORT CLEANALLRUV tasks(%d)",
+ CLEANRIDSIZ);
+ cleanruv_log(task, -1, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
return SLAPI_DSE_CALLBACK_ERROR;
}
@@ -2713,7 +2724,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
*/
if ((rid_str = fetch_attr(e, "replica-id", 0)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing required attr \"replica-id\"");
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, -1, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2726,14 +2737,14 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if (rid <= 0 || rid >= READ_ONLY_REPLICA_ID){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid replica id (%d) for task - (%s)",
rid, slapi_sdn_get_dn(slapi_entry_get_sdn(e)));
- cleanruv_log(task, ABORT_CLEANALLRUV_ID,"%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID,"%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
if ((base_dn = fetch_attr(e, "replica-base-dn", 0)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing required attr \"replica-base-dn\"");
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2741,7 +2752,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(!is_cleaned_rid(rid) && !is_pre_cleaned_rid(rid)){
/* we are not cleaning this rid */
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Replica id (%d) is not being cleaned, nothing to abort.", rid);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2749,7 +2760,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(is_task_aborted(rid)){
/* we are already aborting this rid */
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Replica id (%d) is already being aborted", rid);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2760,7 +2771,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
sdn = slapi_sdn_new_dn_byval(base_dn);
if((r = replica_get_replica_from_dn(sdn)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Failed to find replica from dn(%s)", base_dn);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2772,7 +2783,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(strcasecmp(certify_all,"yes") && strcasecmp(certify_all,"no")){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid value for \"replica-certify-all\", the value "
"must be \"yes\" or \"no\".");
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2787,7 +2798,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
payload = create_cleanruv_payload(ridstr);
if(payload == NULL){
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2803,7 +2814,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
*/
data = (cleanruv_data*)slapi_ch_calloc(1, sizeof(cleanruv_data));
if (data == NULL) {
- cleanruv_log(task, ABORT_CLEANALLRUV_ID,"Failed to allocate abort_cleanruv_data. Aborting task.");
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID,"Failed to allocate abort_cleanruv_data. Aborting task.");
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2822,7 +2833,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
PR_UNJOINABLE_THREAD, SLAPD_DEFAULT_THREAD_STACKSIZE);
if (thread == NULL) {
object_release(r);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID,"Unable to create abort thread. Aborting task.");
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID,"Unable to create abort thread. Aborting task.");
*returncode = LDAP_OPERATIONS_ERROR;
slapi_ch_free_string(&data->certify);
rc = SLAPI_DSE_CALLBACK_ERROR;
@@ -2833,7 +2844,7 @@ out:
slapi_sdn_free(&sdn);
if(rc != SLAPI_DSE_CALLBACK_OK){
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Abort Task failed (%d)", rc);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "Abort Task failed (%d)", rc);
slapi_task_finish(task, rc);
}
@@ -2854,7 +2865,7 @@ replica_abort_task_thread(void *arg)
int release_it = 0;
int count = 0, rc = 0;
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Aborting task for rid(%d)...",data->rid);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Aborting task for rid(%d)...",data->rid);
/*
* Need to build the replica from the dn
@@ -2865,7 +2876,7 @@ replica_abort_task_thread(void *arg)
* to timing issues, we need to wait to grab the replica obj until we get here.
*/
if((data->repl_obj = replica_get_replica_from_dn(data->sdn)) == NULL){
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Failed to get replica object from dn (%s).", slapi_sdn_get_dn(data->sdn));
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Failed to get replica object from dn (%s).", slapi_sdn_get_dn(data->sdn));
goto done;
}
if(data->replica == NULL && data->repl_obj){
@@ -2913,7 +2924,7 @@ replica_abort_task_thread(void *arg)
/*
* need to sleep between passes
*/
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID,"Retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID,"Retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2928,17 +2939,17 @@ replica_abort_task_thread(void *arg)
done:
if(agmt_not_notified){
/* failure */
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID,"Abort task failed, will resume the task at the next server startup.");
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID,"Abort task failed, will resume the task at the next server startup.");
} else {
/*
* Wait for this server to stop its cleanallruv task(which removes the rid from the cleaned list)
*/
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Waiting for CleanAllRUV task to abort...");
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Waiting for CleanAllRUV task to abort...");
while(is_cleaned_rid(data->rid)){
DS_Sleep(PR_SecondsToInterval(1));
count++;
if(count == 60){ /* it should not take this long */
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "CleanAllRUV task failed to abort. You might need to "
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "CleanAllRUV task failed to abort. You might need to "
"rerun the task.");
rc = -1;
break;
@@ -2953,9 +2964,9 @@ done:
}
delete_aborted_rid(data->replica, data->rid, data->repl_root, 0); /* remove the in-memory aborted rid */
if(rc == 0){
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Successfully aborted task for rid(%d)", data->rid);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Successfully aborted task for rid(%d)", data->rid);
} else {
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Failed to abort task for rid(%d)",data->rid);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Failed to abort task for rid(%d)",data->rid);
}
}
@@ -2991,10 +3002,12 @@ replica_cleanallruv_send_abort_extop(Repl_Agmt *ra, Slapi_Task *task, struct ber
*/
rc = crc;
if(rc){
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Failed to send extop to replica(%s).", agmt_get_long_name(ra));
+ cleanruv_log(task, agmt_get_consumer_rid(ra, conn), ABORT_CLEANALLRUV_ID,
+ "Failed to send extop to replica(%s).", agmt_get_long_name(ra));
}
} else {
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Failed to connect to replica(%s).", agmt_get_long_name(ra));
+ cleanruv_log(task, agmt_get_consumer_rid(ra, conn), ABORT_CLEANALLRUV_ID,
+ "Failed to connect to replica(%s).", agmt_get_long_name(ra));
rc = -1;
}
conn_delete_internal_ext(conn);
@@ -3029,7 +3042,7 @@ replica_cleanallruv_send_extop(Repl_Agmt *ra, cleanruv_data *clean_data, int che
/* extop was accepted */
rc = 0;
} else {
- cleanruv_log(clean_data->task, CLEANALLRUV_ID,"Replica %s does not support the CLEANALLRUV task. "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,"Replica %s does not support the CLEANALLRUV task. "
"Sending replica CLEANRUV task...", slapi_sdn_get_dn(agmt_get_dn_byref(ra)));
/*
* Ok, this replica doesn't know about CLEANALLRUV, so just manually
@@ -3195,7 +3208,7 @@ replica_cleanallruv_check_maxcsn(Repl_Agmt *agmt, char *basedn, char *rid_text,
csn_init_by_string(repl_max, remote_maxcsn);
if(csn_compare (repl_max, max) < 0){
/* we are not caught up yet, free, and return */
- cleanruv_log(task, CLEANALLRUV_ID,"Replica maxcsn (%s) is not caught up with deleted replica's maxcsn(%s)",
+ cleanruv_log(task, atoi(rid_text), CLEANALLRUV_ID,"Replica maxcsn (%s) is not caught up with deleted replica's maxcsn(%s)",
remote_maxcsn, maxcsn);
rc = -1;
} else {
@@ -3357,7 +3370,7 @@ stop_ruv_cleaning()
* Write our logging to the task and error log
*/
void
-cleanruv_log(Slapi_Task *task, char *task_type, char *fmt, ...)
+cleanruv_log(Slapi_Task *task, int rid, char *task_type, char *fmt, ...)
{
va_list ap1;
va_list ap2;
@@ -3375,7 +3388,7 @@ cleanruv_log(Slapi_Task *task, char *task_type, char *fmt, ...)
slapi_task_log_status_ext(task, fmt, ap2);
slapi_task_inc_progress(task);
}
- errlog_fmt = PR_smprintf("%s: %s\n",task_type, fmt);
+ errlog_fmt = PR_smprintf("%s (rid %d): %s \n",task_type, rid, fmt);
slapi_log_error_ext(SLAPI_LOG_FATAL, repl_plugin_name, errlog_fmt, ap3, ap4);
slapi_ch_free_string(&errlog_fmt);
@@ -3437,7 +3450,7 @@ replica_cleanallruv_get_local_maxcsn(ReplicaId rid, char *base_dn)
}
} else {
/* internal search failed */
- cleanruv_log(NULL, CLEANALLRUV_ID, "replica_cleanallruv_get_local_maxcsn: internal search failed (%d)\n", res);
+ cleanruv_log(NULL, (int)rid, CLEANALLRUV_ID, "replica_cleanallruv_get_local_maxcsn: internal search failed (%d)\n", res);
}
slapi_free_search_results_internal(search_pb);
9 years
ldap/servers
by Mark Reynolds
ldap/servers/plugins/replication/repl5.h | 2
ldap/servers/plugins/replication/repl5_replica_config.c | 183 ++++++++--------
2 files changed, 99 insertions(+), 86 deletions(-)
New commits:
commit 33330c355ace8f3d351ea1db94cf2e8faf12f19f
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Apr 21 10:33:49 2015 -0400
Ticket 48151 - Improve CleanAllRUV logging
Bug Description: It is very difficult to troubleshoot cleanAllRUV issues
when there are multiple clean tasks running.
Fix Description: Add the replica ID to each logging statement.
https://fedorahosted.org/389/ticket/48151
Reviewed by: rmeggins(Thanks!)
diff --git a/ldap/servers/plugins/replication/repl5.h b/ldap/servers/plugins/replication/repl5.h
index a7da266..7f5d693 100644
--- a/ldap/servers/plugins/replication/repl5.h
+++ b/ldap/servers/plugins/replication/repl5.h
@@ -697,7 +697,7 @@ int is_task_aborted(ReplicaId rid);
void delete_aborted_rid(Replica *replica, ReplicaId rid, char *repl_root, int skip);
int is_pre_cleaned_rid(ReplicaId rid);
void set_cleaned_rid(ReplicaId rid);
-void cleanruv_log(Slapi_Task *task, char *task_type, char *fmt, ...);
+void cleanruv_log(Slapi_Task *task, int rid, char *task_type, char *fmt, ...);
char * replica_cleanallruv_get_local_maxcsn(ReplicaId rid, char *base_dn);
#define CLEANRIDSIZ 4 /* maximum number for concurrent CLEANALLRUV tasks */
diff --git a/ldap/servers/plugins/replication/repl5_replica_config.c b/ldap/servers/plugins/replication/repl5_replica_config.c
index 1570ba7..39783b2 100644
--- a/ldap/servers/plugins/replication/repl5_replica_config.c
+++ b/ldap/servers/plugins/replication/repl5_replica_config.c
@@ -1518,27 +1518,27 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
/*
* Get our task settings
*/
- if ((base_dn = fetch_attr(e, "replica-base-dn", 0)) == NULL){
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-base-dn attribute");
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ if ((rid_str = fetch_attr(e, "replica-id", 0)) == NULL){
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-id attribute");
+ cleanruv_log(task, -1, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
- if ((rid_str = fetch_attr(e, "replica-id", 0)) == NULL){
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-id attribute");
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ rid = atoi(rid_str);
+ if ((base_dn = fetch_attr(e, "replica-base-dn", 0)) == NULL){
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing replica-base-dn attribute");
+ cleanruv_log(task, (int)rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
-
if ((force_cleaning = fetch_attr(e, "replica-force-cleaning", 0)) != NULL){
if(strcasecmp(force_cleaning,"yes") != 0 && strcasecmp(force_cleaning,"no") != 0){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid value for replica-force-cleaning "
"(%s). Value must be \"yes\" or \"no\" for task - (%s)",
force_cleaning, slapi_sdn_get_dn(task_dn));
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, (int)rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1549,11 +1549,10 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
/*
* Check the rid
*/
- rid = atoi(rid_str);
if (rid <= 0 || rid >= READ_ONLY_REPLICA_ID){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid replica id (%d) for task - (%s)",
rid, slapi_sdn_get_dn(task_dn));
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1561,7 +1560,7 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
if(is_cleaned_rid(rid)){
/* we are already cleaning this rid */
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Replica id (%d) is already being cleaned", rid);
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1572,7 +1571,7 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
dn = slapi_sdn_new_dn_byval(base_dn);
if((r = replica_get_replica_from_dn(dn)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Could not find replica from dn(%s)",slapi_sdn_get_dn(dn));
- cleanruv_log(task, CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -1583,7 +1582,7 @@ replica_cleanall_ruv_task(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter,
out:
if(rc){
- cleanruv_log(task, CLEANALLRUV_ID, "Task failed...(%d)", rc);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "Task failed...(%d)", rc);
slapi_task_finish(task, *returncode);
} else {
rc = SLAPI_DSE_CALLBACK_OK;
@@ -1615,11 +1614,11 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
char *basedn = NULL;
int rc = 0;
- cleanruv_log(pre_task, CLEANALLRUV_ID,"Initiating CleanAllRUV Task...");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID,"Initiating CleanAllRUV Task...");
if(get_cleanruv_task_count() >= CLEANRIDSIZ){
/* we are already running the maximum number of tasks */
- cleanruv_log(pre_task, CLEANALLRUV_ID,
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID,
"Exceeded maximum number of active CLEANALLRUV tasks(%d)",CLEANRIDSIZ);
return LDAP_UNWILLING_TO_PERFORM;
}
@@ -1629,7 +1628,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
if(r){
replica = (Replica*)object_get_data (r);
} else {
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Replica object is NULL, aborting task");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Replica object is NULL, aborting task");
return -1;
}
/*
@@ -1637,7 +1636,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
*/
if(replica_get_type(replica) == REPLICA_TYPE_READONLY){
/* this is a consumer, send error */
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to clean rid (%d), task can not be run on a consumer",rid);
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to clean rid (%d), task can not be run on a consumer",rid);
if(task){
rc = -1;
slapi_task_finish(task, rc);
@@ -1647,7 +1646,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
/*
* Grab the max csn of the deleted replica
*/
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Retrieving maxcsn...");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Retrieving maxcsn...");
basedn = (char *)slapi_sdn_get_dn(replica_get_root(replica));
maxcsn = replica_cleanallruv_find_maxcsn(replica, rid, basedn);
if(maxcsn == NULL || csn_get_replicaid(maxcsn) == 0){
@@ -1660,7 +1659,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
csn_init_by_string(maxcsn, "");
}
csn_as_string(maxcsn, PR_FALSE, csnstr);
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Found maxcsn (%s)",csnstr);
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Found maxcsn (%s)",csnstr);
/*
* Create payload
*/
@@ -1669,7 +1668,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
slapi_ch_free_string(&ridstr);
if(payload == NULL){
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
rc = -1;
goto fail;
}
@@ -1679,7 +1678,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
*/
data = (cleanruv_data*)slapi_ch_calloc(1, sizeof(cleanruv_data));
if (data == NULL) {
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to allocate cleanruv_data. Aborting task.");
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to allocate cleanruv_data. Aborting task.");
rc = -1;
goto fail;
}
@@ -1706,7 +1705,7 @@ replica_execute_cleanall_ruv_task (Object *r, ReplicaId rid, Slapi_Task *task, c
}
fail:
- cleanruv_log(pre_task, CLEANALLRUV_ID, "Failed to clean rid (%d)",rid);
+ cleanruv_log(pre_task, rid, CLEANALLRUV_ID, "Failed to clean rid (%d)", rid);
if(task){
slapi_task_finish(task, rc);
}
@@ -1779,9 +1778,9 @@ replica_cleanallruv_thread(void *arg)
PR_Unlock( notify_lock );
data->repl_obj = replica_get_replica_from_dn(data->sdn);
if(data->repl_obj == NULL){
- cleanruv_log(data->task, CLEANALLRUV_ID, "Unable to retrieve repl object from dn(%s).", data->sdn);
- aborted = 1;
- goto done;
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Unable to retrieve repl object from dn(%s).", data->sdn);
+ aborted = 1;
+ goto done;
}
data->replica = (Replica*)object_get_data(data->repl_obj);
free_obj = 1;
@@ -1793,9 +1792,9 @@ replica_cleanallruv_thread(void *arg)
}
/* verify we have set our repl objects */
if(data->repl_obj == NULL || data->replica == NULL){
- cleanruv_log(data->task, CLEANALLRUV_ID, "Unable to set the replica objects.");
- aborted = 1;
- goto done;
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Unable to set the replica objects.");
+ aborted = 1;
+ goto done;
}
if(data->repl_root == NULL){
/* we must have resumed from start up, fill in the repl root */
@@ -1815,11 +1814,11 @@ replica_cleanallruv_thread(void *arg)
* Add the cleanallruv task to the repl config - so we can handle restarts
*/
add_cleaned_rid(data->rid, data->replica, csnstr, data->force); /* marks config that we started cleaning a rid */
- cleanruv_log(data->task, CLEANALLRUV_ID, "Cleaning rid (%d)...", data->rid);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Cleaning rid (%d)...", data->rid);
/*
* First, wait for the maxcsn to be covered
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Waiting to process all the updates from the deleted replica...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Waiting to process all the updates from the deleted replica...");
ruv_obj = replica_get_ruv(data->replica);
ruv = object_get_data (ruv_obj);
while(data->maxcsn && !is_task_aborted(data->rid) && !is_cleaned_rid(data->rid) && !slapi_is_shutting_down()){
@@ -1837,7 +1836,7 @@ replica_cleanallruv_thread(void *arg)
*
* Even if we are forcing the cleaning, the replicas still need to be up
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Waiting for all the replicas to be online...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Waiting for all the replicas to be online...");
if(check_agmts_are_alive(data->replica, data->rid, data->task)){
/* error, aborted or shutdown */
aborted = 1;
@@ -1846,7 +1845,7 @@ replica_cleanallruv_thread(void *arg)
/*
* Make sure all the replicas have seen the max csn
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Waiting for all the replicas to receive all the deleted replica updates...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Waiting for all the replicas to receive all the deleted replica updates...");
if(strcasecmp(data->force,"no") == 0 && check_agmts_are_caught_up(data, csnstr)){
/* error, aborted or shutdown */
aborted = 1;
@@ -1860,7 +1859,7 @@ replica_cleanallruv_thread(void *arg)
/*
* Now send the cleanruv extended op to all the agreements
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Sending cleanAllRUV task to all the replicas...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Sending cleanAllRUV task to all the replicas...");
while(agmt_not_notified && !is_task_aborted(data->rid) && !slapi_is_shutting_down()){
agmt_obj = agmtlist_get_first_agreement_for_replica (data->replica);
if(agmt_obj == NULL){
@@ -1878,7 +1877,7 @@ replica_cleanallruv_thread(void *arg)
agmt_not_notified = 0;
} else {
agmt_not_notified = 1;
- cleanruv_log(data->task, CLEANALLRUV_ID, "Failed to send task to replica (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Failed to send task to replica (%s)",agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (data->replica, agmt_obj);
@@ -1894,7 +1893,7 @@ replica_cleanallruv_thread(void *arg)
/*
* need to sleep between passes
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Not all replicas have received the "
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Not all replicas have received the "
"cleanallruv extended op, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
@@ -1909,12 +1908,13 @@ replica_cleanallruv_thread(void *arg)
/*
* Run the CLEANRUV task
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Cleaning local ruv's...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Cleaning local ruv's...");
replica_execute_cleanruv_task (data->repl_obj, data->rid, returntext);
/*
* Wait for all the replicas to be cleaned
*/
- cleanruv_log(data->task, CLEANALLRUV_ID,"Waiting for all the replicas to be cleaned...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,
+ "Waiting for all the replicas to be cleaned...");
interval = 10;
while(found_dirty_rid && !is_task_aborted(data->rid) && !slapi_is_shutting_down()){
@@ -1933,7 +1933,8 @@ replica_cleanallruv_thread(void *arg)
found_dirty_rid = 0;
} else {
found_dirty_rid = 1;
- cleanruv_log(data->task, CLEANALLRUV_ID,"Replica is not cleaned yet (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Replica is not cleaned yet (%s)",
+ agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (data->replica, agmt_obj);
@@ -1949,7 +1950,7 @@ replica_cleanallruv_thread(void *arg)
/*
* need to sleep between passes
*/
- cleanruv_log(data->task, CLEANALLRUV_ID, "Replicas have not been cleaned yet, "
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Replicas have not been cleaned yet, "
"retrying in %d seconds", interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
@@ -1971,16 +1972,16 @@ done:
delete_cleaned_rid_config(data);
/* make sure all the replicas have been "pre_cleaned" before finishing */
check_replicas_are_done_cleaning(data);
- cleanruv_log(data->task, CLEANALLRUV_ID, "Successfully cleaned rid(%d).", data->rid);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Successfully cleaned rid(%d).", data->rid);
remove_cleaned_rid(data->rid);
} else {
/*
* Shutdown or abort
*/
if(!is_task_aborted(data->rid)){
- cleanruv_log(data->task, CLEANALLRUV_ID,"Server shutting down. Process will resume at server startup");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Server shutting down. Process will resume at server startup");
} else {
- cleanruv_log(data->task, CLEANALLRUV_ID,"Task aborted for rid(%d).",data->rid);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,"Task aborted for rid(%d).",data->rid);
delete_cleaned_rid_config(data);
remove_cleaned_rid(data->rid);
}
@@ -2048,7 +2049,7 @@ check_replicas_are_done_cleaning(cleanruv_data *data )
int not_all_cleaned = 1;
int interval = 10;
- cleanruv_log(data->task, CLEANALLRUV_ID, "Waiting for all the replicas to finish cleaning...");
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Waiting for all the replicas to finish cleaning...");
csn_as_string(data->maxcsn, PR_FALSE, csnstr);
filter = PR_smprintf("(%s=%d:%s:%s)", type_replicaCleanRUV,(int)data->rid, csnstr, data->force);
@@ -2076,7 +2077,7 @@ check_replicas_are_done_cleaning(cleanruv_data *data )
if(not_all_cleaned == 0 || is_task_aborted(data->rid) ){
break;
}
- cleanruv_log(data->task, CLEANALLRUV_ID, "Not all replicas finished cleaning, retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Not all replicas finished cleaning, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2151,7 +2152,7 @@ check_replicas_are_done_aborting(cleanruv_data *data )
int not_all_aborted = 1;
int interval = 10;
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID,"Waiting for all the replicas to finish aborting...");
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID,"Waiting for all the replicas to finish aborting...");
filter = PR_smprintf("(%s=%d:%s)", type_replicaAbortCleanRUV, data->rid, data->repl_root);
@@ -2179,7 +2180,7 @@ check_replicas_are_done_aborting(cleanruv_data *data )
if(not_all_aborted == 0){
break;
}
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Not all replicas finished aborting, retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Not all replicas finished aborting, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2223,7 +2224,7 @@ check_agmts_are_caught_up(cleanruv_data *data, char *maxcsn)
not_all_caughtup = 0;
} else {
not_all_caughtup = 1;
- cleanruv_log(data->task, CLEANALLRUV_ID, "Replica not caught up (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID, "Replica not caught up (%s)",agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (data->replica, agmt_obj);
@@ -2232,7 +2233,8 @@ check_agmts_are_caught_up(cleanruv_data *data, char *maxcsn)
if(not_all_caughtup == 0 || is_task_aborted(data->rid) ){
break;
}
- cleanruv_log(data->task, CLEANALLRUV_ID, "Not all replicas caught up, retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, CLEANALLRUV_ID,
+ "Not all replicas caught up, retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2280,7 +2282,8 @@ check_agmts_are_alive(Replica *replica, ReplicaId rid, Slapi_Task *task)
not_all_alive = 0;
} else {
not_all_alive = 1;
- cleanruv_log(task, CLEANALLRUV_ID, "Replica not online (%s)",agmt_get_long_name(agmt));
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "Replica not online (%s)",
+ agmt_get_long_name(agmt));
break;
}
agmt_obj = agmtlist_get_next_agreement_for_replica (replica, agmt_obj);
@@ -2289,7 +2292,8 @@ check_agmts_are_alive(Replica *replica, ReplicaId rid, Slapi_Task *task)
if(not_all_alive == 0 || is_task_aborted(rid)){
break;
}
- cleanruv_log(task, CLEANALLRUV_ID, "Not all replicas online, retrying in %d seconds...",interval);
+ cleanruv_log(task, rid, CLEANALLRUV_ID, "Not all replicas online, retrying in %d seconds...",
+ interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -2393,8 +2397,9 @@ replica_send_cleanruv_task(Repl_Agmt *agmt, cleanruv_data *clean_data)
if(rc != LDAP_SUCCESS){
char *hostname = agmt_get_hostname(agmt);
- cleanruv_log(clean_data->task, CLEANALLRUV_ID, "Failed to add CLEANRUV task (%s) to replica "
- "(%s). You will need to manually run the CLEANRUV task on this replica (%s) error (%d)",
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "Failed to add CLEANRUV task (%s) to replica (%s). You will need "
+ "to manually run the CLEANRUV task on this replica (%s) error (%d)",
repl_dn, agmt_get_long_name(agmt), hostname, rc);
slapi_ch_free_string(&hostname);
}
@@ -2666,7 +2671,7 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
int rc = -1, ret, rid;
if(clean_data == NULL){
- cleanruv_log(NULL, CLEANALLRUV_ID, "delete_cleaned_rid_config: cleanruv data is NULL, "
+ cleanruv_log(NULL, clean_data->rid, CLEANALLRUV_ID, "delete_cleaned_rid_config: cleanruv data is NULL, "
"failed to clean the config.");
return;
}
@@ -2685,7 +2690,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
slapi_search_internal_pb(pb);
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &ret);
if (ret != LDAP_SUCCESS){
- cleanruv_log(clean_data->task, CLEANALLRUV_ID,"delete_cleaned_rid_config: internal search failed(%d).",ret);
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: internal search failed(%d).",ret);
goto bail;
} else {
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
@@ -2693,7 +2699,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
/*
* No matching entries!
*/
- cleanruv_log(clean_data->task, CLEANALLRUV_ID,"delete_cleaned_rid_config: failed to find any "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: failed to find any "
"entries with nsds5ReplicaCleanRUV under (%s)", dn);
goto bail;
} else {
@@ -2744,7 +2751,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
}
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
- cleanruv_log(clean_data->task, CLEANALLRUV_ID, "delete_cleaned_rid_config: failed to remove task data "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: failed to remove task data "
"from (%s) error (%d), rid (%d)", edn, rc, clean_data->rid);
goto bail;
}
@@ -2754,7 +2762,8 @@ delete_cleaned_rid_config(cleanruv_data *clean_data)
bail:
if (rc != LDAP_SUCCESS && rc != LDAP_NO_SUCH_OBJECT){
- cleanruv_log(clean_data->task, CLEANALLRUV_ID, "delete_cleaned_rid_config: failed to remove replica config "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,
+ "delete_cleaned_rid_config: failed to remove replica config "
"(%d), rid (%d)", rc, clean_data->rid);
}
slapi_free_search_results_internal(pb);
@@ -2812,8 +2821,10 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(get_abort_cleanruv_task_count() >= CLEANRIDSIZ){
/* we are already running the maximum number of tasks */
- PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Exceeded maximum number of active ABORT CLEANALLRUV tasks(%d)",CLEANRIDSIZ);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "Exceeded maximum number of active ABORT CLEANALLRUV tasks(%d)",
+ CLEANRIDSIZ);
+ cleanruv_log(task, -1, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
return SLAPI_DSE_CALLBACK_ERROR;
}
@@ -2829,7 +2840,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
*/
if ((rid_str = fetch_attr(e, "replica-id", 0)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing required attr \"replica-id\"");
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, -1, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2842,14 +2853,14 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if (rid <= 0 || rid >= READ_ONLY_REPLICA_ID){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid replica id (%d) for task - (%s)",
rid, slapi_sdn_get_dn(slapi_entry_get_sdn(e)));
- cleanruv_log(task, ABORT_CLEANALLRUV_ID,"%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID,"%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
if ((base_dn = fetch_attr(e, "replica-base-dn", 0)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Missing required attr \"replica-base-dn\"");
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2857,7 +2868,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(!is_cleaned_rid(rid) && !is_pre_cleaned_rid(rid)){
/* we are not cleaning this rid */
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Replica id (%d) is not being cleaned, nothing to abort.", rid);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2865,7 +2876,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(is_task_aborted(rid)){
/* we are already aborting this rid */
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Replica id (%d) is already being aborted", rid);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_UNWILLING_TO_PERFORM;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2876,7 +2887,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
sdn = slapi_sdn_new_dn_byval(base_dn);
if((r = replica_get_replica_from_dn(sdn)) == NULL){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Failed to find replica from dn(%s)", base_dn);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2888,7 +2899,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
if(strcasecmp(certify_all,"yes") && strcasecmp(certify_all,"no")){
PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid value for \"replica-certify-all\", the value "
"must be \"yes\" or \"no\".");
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "%s", returntext);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "%s", returntext);
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2903,7 +2914,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
payload = create_cleanruv_payload(ridstr);
if(payload == NULL){
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "Failed to create extended op payload, aborting task");
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2919,7 +2930,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
*/
data = (cleanruv_data*)slapi_ch_calloc(1, sizeof(cleanruv_data));
if (data == NULL) {
- cleanruv_log(task, ABORT_CLEANALLRUV_ID,"Failed to allocate abort_cleanruv_data. Aborting task.");
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID,"Failed to allocate abort_cleanruv_data. Aborting task.");
*returncode = LDAP_OPERATIONS_ERROR;
rc = SLAPI_DSE_CALLBACK_ERROR;
goto out;
@@ -2938,7 +2949,7 @@ replica_cleanall_ruv_abort(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter
PR_UNJOINABLE_THREAD, SLAPD_DEFAULT_THREAD_STACKSIZE);
if (thread == NULL) {
object_release(r);
- cleanruv_log(task, ABORT_CLEANALLRUV_ID,"Unable to create abort thread. Aborting task.");
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID,"Unable to create abort thread. Aborting task.");
*returncode = LDAP_OPERATIONS_ERROR;
slapi_ch_free_string(&data->certify);
rc = SLAPI_DSE_CALLBACK_ERROR;
@@ -2949,7 +2960,7 @@ out:
slapi_sdn_free(&sdn);
if(rc != SLAPI_DSE_CALLBACK_OK){
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Abort Task failed (%d)", rc);
+ cleanruv_log(task, rid, ABORT_CLEANALLRUV_ID, "Abort Task failed (%d)", rc);
slapi_task_finish(task, rc);
}
@@ -2977,7 +2988,7 @@ replica_abort_task_thread(void *arg)
slapi_task_inc_refcount(data->task);
slapi_log_error(SLAPI_LOG_PLUGIN, repl_plugin_name, "replica_abort_task_thread --> refcount incremented.\n");
}
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Aborting task for rid(%d)...",data->rid);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Aborting task for rid(%d)...",data->rid);
/*
* Need to build the replica from the dn
@@ -2988,7 +2999,7 @@ replica_abort_task_thread(void *arg)
* to timing issues, we need to wait to grab the replica obj until we get here.
*/
if((data->repl_obj = replica_get_replica_from_dn(data->sdn)) == NULL){
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Failed to get replica object from dn (%s).", slapi_sdn_get_dn(data->sdn));
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Failed to get replica object from dn (%s).", slapi_sdn_get_dn(data->sdn));
goto done;
}
if(data->replica == NULL && data->repl_obj){
@@ -3036,7 +3047,7 @@ replica_abort_task_thread(void *arg)
/*
* need to sleep between passes
*/
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID,"Retrying in %d seconds",interval);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID,"Retrying in %d seconds",interval);
PR_Lock( notify_lock );
PR_WaitCondVar( notify_cvar, PR_SecondsToInterval(interval) );
PR_Unlock( notify_lock );
@@ -3051,17 +3062,17 @@ replica_abort_task_thread(void *arg)
done:
if(agmt_not_notified){
/* failure */
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID,"Abort task failed, will resume the task at the next server startup.");
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID,"Abort task failed, will resume the task at the next server startup.");
} else {
/*
* Wait for this server to stop its cleanallruv task(which removes the rid from the cleaned list)
*/
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Waiting for CleanAllRUV task to abort...");
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Waiting for CleanAllRUV task to abort...");
while(is_cleaned_rid(data->rid)){
DS_Sleep(PR_SecondsToInterval(1));
count++;
if(count == 60){ /* it should not take this long */
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "CleanAllRUV task failed to abort. You might need to "
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "CleanAllRUV task failed to abort. You might need to "
"rerun the task.");
rc = -1;
break;
@@ -3076,9 +3087,9 @@ done:
}
delete_aborted_rid(data->replica, data->rid, data->repl_root, 0); /* remove the in-memory aborted rid */
if(rc == 0){
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Successfully aborted task for rid(%d)", data->rid);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Successfully aborted task for rid(%d)", data->rid);
} else {
- cleanruv_log(data->task, ABORT_CLEANALLRUV_ID, "Failed to abort task for rid(%d)",data->rid);
+ cleanruv_log(data->task, data->rid, ABORT_CLEANALLRUV_ID, "Failed to abort task for rid(%d)",data->rid);
}
}
@@ -3116,10 +3127,12 @@ replica_cleanallruv_send_abort_extop(Repl_Agmt *ra, Slapi_Task *task, struct ber
*/
rc = crc;
if(rc){
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Failed to send extop to replica(%s).", agmt_get_long_name(ra));
+ cleanruv_log(task, agmt_get_consumer_rid(ra, conn), ABORT_CLEANALLRUV_ID,
+ "Failed to send extop to replica(%s).", agmt_get_long_name(ra));
}
} else {
- cleanruv_log(task, ABORT_CLEANALLRUV_ID, "Failed to connect to replica(%s).", agmt_get_long_name(ra));
+ cleanruv_log(task, agmt_get_consumer_rid(ra, conn), ABORT_CLEANALLRUV_ID,
+ "Failed to connect to replica(%s).", agmt_get_long_name(ra));
rc = -1;
}
conn_delete_internal_ext(conn);
@@ -3154,7 +3167,7 @@ replica_cleanallruv_send_extop(Repl_Agmt *ra, cleanruv_data *clean_data, int che
/* extop was accepted */
rc = 0;
} else {
- cleanruv_log(clean_data->task, CLEANALLRUV_ID,"Replica %s does not support the CLEANALLRUV task. "
+ cleanruv_log(clean_data->task, clean_data->rid, CLEANALLRUV_ID,"Replica %s does not support the CLEANALLRUV task. "
"Sending replica CLEANRUV task...", slapi_sdn_get_dn(agmt_get_dn_byref(ra)));
/*
* Ok, this replica doesn't know about CLEANALLRUV, so just manually
@@ -3320,7 +3333,7 @@ replica_cleanallruv_check_maxcsn(Repl_Agmt *agmt, char *basedn, char *rid_text,
csn_init_by_string(repl_max, remote_maxcsn);
if(csn_compare (repl_max, max) < 0){
/* we are not caught up yet, free, and return */
- cleanruv_log(task, CLEANALLRUV_ID,"Replica maxcsn (%s) is not caught up with deleted replica's maxcsn(%s)",
+ cleanruv_log(task, atoi(rid_text), CLEANALLRUV_ID,"Replica maxcsn (%s) is not caught up with deleted replica's maxcsn(%s)",
remote_maxcsn, maxcsn);
rc = -1;
} else {
@@ -3482,7 +3495,7 @@ stop_ruv_cleaning()
* Write our logging to the task and error log
*/
void
-cleanruv_log(Slapi_Task *task, char *task_type, char *fmt, ...)
+cleanruv_log(Slapi_Task *task, int rid, char *task_type, char *fmt, ...)
{
va_list ap1;
va_list ap2;
@@ -3500,7 +3513,7 @@ cleanruv_log(Slapi_Task *task, char *task_type, char *fmt, ...)
slapi_task_log_status_ext(task, fmt, ap2);
slapi_task_inc_progress(task);
}
- errlog_fmt = PR_smprintf("%s: %s\n",task_type, fmt);
+ errlog_fmt = PR_smprintf("%s (rid %d): %s \n",task_type, rid, fmt);
slapi_log_error_ext(SLAPI_LOG_FATAL, repl_plugin_name, errlog_fmt, ap3, ap4);
slapi_ch_free_string(&errlog_fmt);
@@ -3562,7 +3575,7 @@ replica_cleanallruv_get_local_maxcsn(ReplicaId rid, char *base_dn)
}
} else {
/* internal search failed */
- cleanruv_log(NULL, CLEANALLRUV_ID, "replica_cleanallruv_get_local_maxcsn: internal search failed (%d)\n", res);
+ cleanruv_log(NULL, (int)rid, CLEANALLRUV_ID, "replica_cleanallruv_get_local_maxcsn: internal search failed (%d)\n", res);
}
slapi_free_search_results_internal(search_pb);
9 years
Branch '389-ds-base-1.2.11' - 3 commits - ldap/admin ldap/servers
by Noriko Hosoi
ldap/admin/src/scripts/start-dirsrv.in | 9 ++++++---
ldap/admin/src/scripts/stop-dirsrv.in | 9 ++++++---
ldap/servers/slapd/libglobs.c | 2 +-
ldap/servers/slapd/ssl.c | 12 ++++++++++--
4 files changed, 23 insertions(+), 9 deletions(-)
New commits:
commit 37d569605e23b94192b7aaf06fb44dca4a73fe0e
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Sun Apr 12 17:46:52 2015 -0700
Ticket 408 - Backport of Normalized DN Cache
Description: commit 2a8da7ea76d15906fdb98b47534fc3447f12c752 set the
type of nsslapd-ndn-cache-enabled to CONFIG_INT. This patch corrects
it to CONFIG_ON_OFF.
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index dbb0fa8..3672d99 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -1037,7 +1037,7 @@ static struct config_get_and_set {
CONFIG_ON_OFF, (ConfigGetFunc)config_get_ignore_time_skew, &init_ignore_time_skew},
{CONFIG_NDN_CACHE, config_set_ndn_cache_enabled,
NULL, 0,
- (void**)&global_slapdFrontendConfig.ndn_cache_enabled, CONFIG_INT,
+ (void**)&global_slapdFrontendConfig.ndn_cache_enabled, CONFIG_ON_OFF,
(ConfigGetFunc)config_get_ndn_cache_enabled},
{CONFIG_NDN_CACHE_SIZE, config_set_ndn_cache_max_size,
NULL, 0,
commit 349db8decaff0d3a3b63aafc22c4b1714c4e9573
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Sun Apr 12 16:44:40 2015 -0700
Ticket #48148 - start/stop/restart-dirsrv utilities should ignore admin-serv directory
Description: {start,stop}-dirsrv script scans /etc/sysconfig/dirsrv-* to find
out the server instances to start/stop, which could include dirsrv-admin for
the Admin server if 389-admin is installed.
This patch silently skips "dirsrv-admin" from the server start/stop.
diff --git a/ldap/admin/src/scripts/start-dirsrv.in b/ldap/admin/src/scripts/start-dirsrv.in
index 291c821..0a38c4c 100755
--- a/ldap/admin/src/scripts/start-dirsrv.in
+++ b/ldap/admin/src/scripts/start-dirsrv.in
@@ -19,8 +19,12 @@ start_instance() {
shift
# source env. for this instance
- if [ -f $initconfig_dir/@package_name@-$SERV_ID ] ; then
- . $initconfig_dir/@package_name@-$SERV_ID
+ if [ $SERV_ID == "admin" ] ; then
+ # ignore admin
+ return 0
+ elif [ -f $initconfig_dir/dirsrv-$SERV_ID ] ; then
+ echo Starting instance \"$SERV_ID\"
+ . $initconfig_dir/dirsrv-$SERV_ID
else
echo Instance $SERV_ID not found.
return 1
@@ -127,7 +131,6 @@ if [ "$#" -eq 0 ]; then
for i in $initconfig_dir/@package_name@-*; do
regex=s,$initconfig_dir/@package_name@-,,g
inst=`echo $i | sed -e $regex`
- echo Starting instance \"$inst\"
start_instance $inst
if [ "$?" -ne 0 ]; then
ret=$?
diff --git a/ldap/admin/src/scripts/stop-dirsrv.in b/ldap/admin/src/scripts/stop-dirsrv.in
index 4d88585..076af87 100755
--- a/ldap/admin/src/scripts/stop-dirsrv.in
+++ b/ldap/admin/src/scripts/stop-dirsrv.in
@@ -10,8 +10,12 @@ stop_instance() {
SERV_ID=$1
# source env. for this instance
- if [ -f $initconfig_dir/@package_name@-$SERV_ID ] ; then
- . $initconfig_dir/@package_name@-$SERV_ID
+ if [ $SERV_ID == "admin" ] ; then
+ # ignore admin
+ return 0
+ elif [ -f $initconfig_dir/dirsrv-$SERV_ID ] ; then
+ echo Stopping instance \"$SERV_ID\"
+ . $initconfig_dir/dirsrv-$SERV_ID
else
echo Instance $SERV_ID not found.
return 1
@@ -75,7 +79,6 @@ if [ "$#" -eq 0 ]; then
for i in $initconfig_dir/@package_name@-*; do
regex=s,$initconfig_dir/@package_name@-,,g
inst=`echo $i | sed -e $regex`
- echo Stopping instance \"$inst\"
stop_instance $inst
if [ "$?" -ne 0 ]; then
ret=$?
commit f0d0930540bf41e5551fb629f18c35edcd67acfd
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Sat Apr 11 23:34:30 2015 -0700
Ticket #47928 - Disable SSL v3, by default [389-ds-base-1.2.11 only]
Description: commit 17fc03cf1101135b99234f17efd3eb746626be1a introduced a
defect "bz 1210996 - TLS1 can't be turned off". This patch correctly sets
SSLv3 to minimum and maximum version if nsTLS1 is off. If both nsSSL3 and
nsTLS1 is off, it forces to enable nsTLS1 and log it in the error log.
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
index c30ebd6..5451d6e 100644
--- a/ldap/servers/slapd/ssl.c
+++ b/ldap/servers/slapd/ssl.c
@@ -1352,6 +1352,7 @@ int slapd_ssl_init2(PRFileDesc **fd, int startTLS)
}
}
slapi_ch_free_string( &val );
+ freeConfigEntry( &e );
}
#if !defined(NSS_TLS10) /* NSS_TLS11 or newer */
if (NSSVersionMin > 0) {
@@ -1359,9 +1360,16 @@ int slapd_ssl_init2(PRFileDesc **fd, int startTLS)
/* Use new NSS API SSL_VersionRangeSet (NSS3.14 or newer) */
if (enableTLS1) {
NSSVersionMin = SSL_LIBRARY_VERSION_TLS_1_0;
+ } else {
+ NSSVersionMin = SSL_LIBRARY_VERSION_3_0;
+ NSSVersionMax = SSL_LIBRARY_VERSION_3_0;
}
if (enableSSL3) {
NSSVersionMin = SSL_LIBRARY_VERSION_3_0;
+ } else if (!enableTLS1) {
+ slapd_SSL_error("SSL Initialization 2: Both nsSSL3 and nsTLS1 are off. Enabling nsTLS1.");
+ NSSVersionMin = SSL_LIBRARY_VERSION_TLS_1_0;
+ NSSVersionMax = enabledNSSVersions.max;
}
slapdNSSVersions.min = NSSVersionMin;
slapdNSSVersions.max = NSSVersionMax;
@@ -1375,8 +1383,9 @@ int slapd_ssl_init2(PRFileDesc **fd, int startTLS)
/* Set the restricted value to the cn=encryption entry */
} else {
slapd_SSL_error("SSL Initialization 2: "
- "Failed to set SSL range: min: %s, max: %s\n",
+ "Failed to set SSL range: min: %s, max: %s.",
mymin, mymax);
+ return 0;
}
} else {
#endif
@@ -1401,7 +1410,6 @@ int slapd_ssl_init2(PRFileDesc **fd, int startTLS)
#if !defined(NSS_TLS10) /* NSS_TLS11 or newer */
}
#endif
- freeConfigEntry( &e );
if(( slapd_SSLclientAuth = config_get_SSLclientAuth()) != SLAPD_SSLCLIENTAUTH_OFF ) {
int err;
9 years
Changes to 'refs/tags/389-ds-console-1.2.12'
by Noriko Hosoi
Changes since the dawn of time:
Endi S. Dewata (3):
Bug 496863 - 'Construct' button creates incorrect referral urls
Resolves: bug 574098
Bug 563513 - New replication -> No changelong configured-msg
Mark Reynolds (10):
Ticket 370 - Opening merge qualifier CoS entry using RHDS console changes the entry
Bumped version to 1.2.7
Ticket 96 - Window too large for Manage password policy
Ticket 47883 - DS Console - java exception when refreshing
Ticket 176 - DS Console should timeout when mismatched port
Ticket 47886 - DS Console - mouse wheel speed very slow
Ticket 47485 - DS instance cannot be restored from remote console
Ticket 47887 - DS Console does not correctly disable SSL
Ticket 135 - DS console - right clicking an object does not select that object
Ticket 47994 - DS Console always sets nsSSL3 to "on" when a securty setting is adjusted
Nathan Kinder (28):
171941 - Adjusted the version number and branding. I had to modify the checkVersion method to deal with running in Console 1.0. I also cleaned up references to consolesdk in the Ant build files. They should be console instead since we dropped the consolesdk naming. The external and internal imports files were adjusted to pick up the new 1.0 Console component.
171941 - checkVersion was comparing versions with greater than when it should have been using greater than or equal to
177696 - Changed usage of enum keyword as a variable name for Java 1.5 compatibility
Bug(s) fixed: 181570
Resolves: 246513
Summary: Initial fedora-ds-console specfile.
Resolves: ?
Resolves: 250137
Resolves: 250145
Resolves: 204510
Resolves: 250636
Resolves: 252036
Add default ldapjdk path as well as a settable parameter
Fixed typo from last checkin
Use less restrictive version of Open Publication License for online help docs.
Resolves: 308221
Resolves: 333171
Resolves: 178247
Resolves: 379191
Bug 599732 - Root node in directory browser shows DN syntax error
Bug 229693 - Update naming attribute when objectclass is removed
Bug 474113 - Allow access log level to be configured from Console
Bug 504803 - Allow nsslapd-*-logmaxdiskspace to be set to -1 in UI
Bug 158262 - Windows Sync UI is inconistent
Bug 533505 - Warn about CA cert trust when enabling SSL in Console
Bug 616707 - Add attribute matching rule UI to Console
Bug 705753 - Refresh problem in Console directory browser
Bug 700908 - Validate matching rules when creating a new attribute
Noriko Hosoi (29):
Changed the ldapconsole package name to <brand>-ds-<version>.jar
Modified ant move syntax to support ant 1.6.2
[186105] Admin Server Makefile updates for Internal build
Resolves: #247215
Resolves: #248073
Resolves: #379191
Resolves: #386041
Resolves: #379191
Resolves: #379191
Resolves: #379191
Resolves: #379191
Resolves: #379191
Resolves: 178947
Bug 553066 - Directory Console: do not display "subtree" index type
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
Bug 661116 - 389-console Configuration tab admin permissions
Bug 387981 - plain files can be chosen on the Restore Directory dialog
Bug 450016 - RFE- Console display values in KB/MB/GB
Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
Bug 757773 - SSL Port issue in Console
Ticket #47380 - RFE: Winsync loses connection with AD objects when they move from the console.
Bumped version to 1.2.8
Bumped version to 1.2.9
Bug 1022104 - Remove versioned jarfiles from _javadir
Bumped version to 1.2.10
Ticket #48130 - Add "+all" and "-TLS_RSA_WITH_AES_128_GCM_SHA256" to Console Cipher Preference for TLS
Bumped version to 1.2.11
Ticket #48139 - drop support for legacy replication
Bumped version to 1.2.12
Rich Megginson (39):
Bug(s) fixed: 167761
allow the definition of the console location on the command line with different directory layouts than the default
Bug(s) fixed: 178478
The console now builds jar files in the format
bump version to 1.0.3
updated spec for Fedora DS 1.1 release
Resolves: bug 428357
Bump version to 1.1.2
this is for the 1.1.2 release
Resolves: bug 469261
Resolves: bug 469261
Resolves: bug 234948
Resolves: bug 452596
Resolves: bug 178947
Resolves: bug 177334
Resolves: bug 249120
Resolves: bug 238762
Resolves: bug 179193
Resolves: bug 179184
change version to 1.1.3
Resolves: bug 487831
Resolves: bug 481213
Resolves: bug 483660
Resolves: bug 483660
updated for 1.1.3
version must correspond to ds base version - 1.2.0
rename to 389
change mode of spec file to 644
added separate doc subpackage
update to version 1.2.1
Bug 586571 - DS Console shows escaped DNs
bump version to 1.2.2
Bug 586571 - DS Console shows escaped DNs
Bug 591989 - [console] mis-matched trademark and text
bump version to 1.2.4
bump version to 1.2.5
add skin support
move dsbanner.gif to the localized jar for l10n/skinning
dsbannerlite.gif is obsolete
foxworth (2):
Import initial source drop of Fedora DirectoryConsole
Import initial source drop of Fedora DirectoryConsole
9 years
389-ds-console.spec build.properties fedora-ds-console.spec
by Noriko Hosoi
389-ds-console.spec | 2 +-
build.properties | 2 +-
fedora-ds-console.spec | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
New commits:
commit 497b0e8e6add0fdb085049b33b6eca16720792c1
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Wed Apr 15 11:37:11 2015 -0700
Bumped version to 1.2.12
diff --git a/389-ds-console.spec b/389-ds-console.spec
index c913e7c..38e36ac 100644
--- a/389-ds-console.spec
+++ b/389-ds-console.spec
@@ -1,5 +1,5 @@
%define major_version 1.2
-%define minor_version 11
+%define minor_version 12
%define shortname 389-ds
%define pkgname dirsrv
diff --git a/build.properties b/build.properties
index 2ff5c74..0eebe75 100755
--- a/build.properties
+++ b/build.properties
@@ -21,7 +21,7 @@
lang=en
ldapconsole.root=..
-ldapconsole.version=1.2.11
+ldapconsole.version=1.2.12
ldapconsole.gen.version=1.2
brand=389
ldapconsole.name=${brand}-ds-${ldapconsole.version}
diff --git a/fedora-ds-console.spec b/fedora-ds-console.spec
index c312177..9e6e4c7 100755
--- a/fedora-ds-console.spec
+++ b/fedora-ds-console.spec
@@ -1,5 +1,5 @@
%define major_version 1.2
-%define minor_version 11
+%define minor_version 12
%define shortname fedora-ds
%define pkgname dirsrv
9 years
help/en src/com
by Noriko Hosoi
help/en/help/configtab_replication.html | 29
help/en/help/configtab_replication3.html | 4
help/en/tokens.map | 1
src/com/netscape/admin/dirserv/panel/replication/LegacyConsumerSettingPanel.java | 582 ----------
src/com/netscape/admin/dirserv/panel/replication/ReplicaSettingPanel.java | 135 --
src/com/netscape/admin/dirserv/panel/replication/ReplicationSettingPanel.java | 11
src/com/netscape/admin/dirserv/panel/replication/ReplicationTool.java | 1
src/com/netscape/admin/dirserv/panel/replication/WindowsSyncSettingPanel.java | 114 -
src/com/netscape/admin/dirserv/panel/replication/replication.properties | 14
9 files changed, 5 insertions(+), 886 deletions(-)
New commits:
commit 8b276a5533ff4945e23f2091c9de29c605491b25
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Apr 7 09:54:18 2015 -0700
Ticket #48139 - drop support for legacy replication
Description: Deleted the code for the DS to act as a legacy consumer
of a 4.x supplier server (4xcompatible) as well as its online doc.
https://fedorahosted.org/389/ticket/48139
Reviewed by nkinder(a)redhat.com (Thank you, Nathan!!)
diff --git a/help/en/help/configtab_replication.html b/help/en/help/configtab_replication.html
deleted file mode 100644
index ef38c4c..0000000
--- a/help/en/help/configtab_replication.html
+++ /dev/null
@@ -1,29 +0,0 @@
-<p class="topic">
-Legacy Consumer Settings
-</p>
-
-<p class="text">
-The replication model used in Directory Server 4.1x and the current replication model are different. The former replication model is termed Legacy Replication. Only use this tab if you wish to accept replication updates from a 4.1x Directory Server using legacy replication.
-</p>
-
-<p class="text">
-<b>Enable Legacy Consumer. </b> Select this checkbox if you want this Directory Server to act as a legacy consumer. This means that this server can accept updates from a 4.1x supplier server. You must check this checkbox to activate the other fields in this window.
-</p>
-
-<p class="text">
-<b>Authentication</b>
-</p>
-
-<blockquote>
-<p class="text">
-<b>Supplier DN.</b> Use this field to specify the distinguished name that any supplier server must use to bind to this consumer server to send replication updates. The supplier DN must correspond to an entry that is stored on the consumer server. This entry must not be part of the replicated database.
-</p>
-
-<p class="text">
-<b>New supplier password (min 8 char). </b> If a password is specified, the supplier server uses this password to bind to the consumer server. Minimum 8 characters.
-</p>
-
-<p class="text">
-<b>Confirm new supplier password. </b> Confirms that the password entered in the "New supplier password" field is correct.
-</p>
-</blockquote>
diff --git a/help/en/help/configtab_replication3.html b/help/en/help/configtab_replication3.html
index e71f4e2..0d132a9 100644
--- a/help/en/help/configtab_replication3.html
+++ b/help/en/help/configtab_replication3.html
@@ -48,10 +48,6 @@ If the ID is incorrect, the field labels turn red and the Save button is disable
<p class="text">
<b>Purge delay. </b>The delay you specify in these fields determines how long the server keeps replication state information in the database before it is purged. A longer time means that the risk of needing to perform a replication re-initialization is lower, but you will need more disk space to store the extra data and more memory to cache the extra data. A shorter time means the risk of needing to perform a replication re-initializtion is higher, but you will need less disk space and memory. Check the Never checkbox if you want to save this information indefinitely.
</p>
-
-<p class="text">
-<b>Updatable by a 4.x Replica. </b>Check this checkbox if you want this Directory Server to act as a legacy consumer of a 4.x supplier server.
-</p>
</blockquote>
<p class="text">
diff --git a/help/en/tokens.map b/help/en/tokens.map
index aa75632..bf4edca 100644
--- a/help/en/tokens.map
+++ b/help/en/tokens.map
@@ -110,7 +110,6 @@ configuration-schema-attr-create-dbox-help = help/configtab_schema4.html
configuration-schema-mrule-help = help/configtab_schema5.html
;Replication Agreements Icon
-configuration-replication-legacyconsumersettings-help = help/configtab_replication.html
configuration-replication-suppliersettings-help = help/configtab_replication2.html
configuration-replication-replicasettings-help = help/configtab_replication3.html
configuration-replication-summary-help = help/configtab_replication4.html
diff --git a/src/com/netscape/admin/dirserv/panel/replication/LegacyConsumerSettingPanel.java b/src/com/netscape/admin/dirserv/panel/replication/LegacyConsumerSettingPanel.java
deleted file mode 100644
index 7846044..0000000
--- a/src/com/netscape/admin/dirserv/panel/replication/LegacyConsumerSettingPanel.java
+++ /dev/null
@@ -1,582 +0,0 @@
-/** BEGIN COPYRIGHT BLOCK
- * Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
- * Copyright (C) 2005 Red Hat, Inc.
- * All rights reserved.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation version 2 of the License.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
- * END COPYRIGHT BLOCK **/
-
-package com.netscape.admin.dirserv.panel.replication;
-
-import java.util.StringTokenizer;
-import java.awt.*;
-import java.awt.event.*;
-import java.util.*;
-import javax.swing.*;
-import javax.swing.event.*;
-import netscape.ldap.*;
-import com.netscape.admin.dirserv.*;
-import com.netscape.admin.dirserv.panel.*;
-import com.netscape.management.client.*;
-import com.netscape.management.client.util.*;
-
-/**
- * Panel for Directory Server Consumer Replication Setting
- *
- * @author jpanchen
- * @version %I%, %G%
- * @date 9/15/97
- * @see com.netscape.admin.dirserv.panel.replication
- */
-public class LegacyConsumerSettingPanel extends BlankPanel {
-
- /*==========================================================
- * constructors
- *==========================================================*/
-
- /**
- * public constructor
- * construction is delayed until selected.
- * @param parent parent panel
- */
- public LegacyConsumerSettingPanel(IDSModel model) {
- super(model, "replication");
- setTitle(_resource.getString(_section+"-setting","title"));
- _model = model;
- _helpToken = "configuration-replication-legacyconsumersettings-help";
- _refreshWhenSelect = false;
- }
-
- /*==========================================================
- * public methods
- *==========================================================*/
-
- /**
- * Actual panel construction
- */
- public void init() {
- if (_isInitialized) {
- return;
- }
- _entryExists = false;
- try {
- LDAPConnection ldc = _model.getServerInfo().getLDAPConnection();
- _legacyEntry = ldc.read(REPSETTINGS_DN);
- if (_legacyEntry != null) {
- _entryExists = true;
- }
- } catch (LDAPException lde) {
- }
-
- _isLegacyConsumerEnabled = _entryExists;
-
- GridBagConstraints gbc = getGBC();
-
- _myPanel.setLayout(new GridBagLayout());
- _myPanel.setBackground(getBackground());
- _myPanel.setPreferredSize(ReplicationTool.DEFAULT_PANEL_SIZE);
- _myPanel.setMaximumSize(ReplicationTool.DEFAULT_PANEL_SIZE);
-
- //add Description label
- JTextArea desc = makeMultiLineLabel( 2, 60,
- _resource.getString(
- _section,"setting-desc") );
- gbc.anchor = gbc.NORTHWEST;
- gbc.gridwidth = 2;
- gbc.weightx = 1.0;
- gbc.fill = gbc.HORIZONTAL;
- _myPanel.add(desc, gbc);
- gbc.weightx = 0.0;
- gbc.fill = gbc.HORIZONTAL;
- gbc.gridwidth = gbc.REMAINDER;
- _myPanel.add(Box.createGlue(),gbc);
-
- // Switch on/off
- _cbEnable = makeJCheckBox( _section,
- "enable",
- _entryExists,
- _resource);
- _cbEnable.setSelected( _entryExists );
- _cbEnable.addItemListener(this);
- gbc.gridwidth = 2;
- gbc.weightx = 0;
- gbc.fill = gbc.NONE;
- _myPanel.add(_cbEnable,gbc);
- gbc.weightx = 1.0;
- gbc.fill = gbc.HORIZONTAL;
- gbc.gridwidth = gbc.REMAINDER;
- _myPanel.add(Box.createGlue(),gbc);
-
- // Auth param
- ReplicationTool.resetGBC(gbc);
- gbc.insets = (Insets) ReplicationTool.BOTTOM_INSETS.clone();
- gbc.anchor = gbc.NORTH;
- gbc.gridwidth = gbc.REMAINDER;
- gbc.weightx=1.0;
- _myPanel.add(createAuth(), gbc);
-
- checkEnabledField();
- addBottomGlue ();
- _isInitialized = true;
- }
-
- private JPanel createAuth(){
- //setup Normal Auth panel
- String title = _resource.getString(_section+"-normalAuth","label");
- JPanel panel = new GroupPanel(title);
-
- //add supplier DN
- _dnLabel = makeJLabel(_resource.getString(_section+"-supplierDN","label"));
- _dnLabel.setToolTipText(_resource.getString(_section+"-supplierDN","ttip"));
- _dnLabel.resetKeyboardActions();
-
- GridBagConstraints gbc = new GridBagConstraints();
- ReplicationTool.resetGBC(gbc);
- gbc.insets = (Insets) ReplicationTool.BOTTOM_INSETS.clone();
- gbc.anchor = gbc.NORTHEAST;
- gbc.gridwidth = gbc.RELATIVE;
- gbc.fill = gbc.NONE;
- gbc.weightx = 0.0;
- panel.add(_dnLabel, gbc);
-
- _dnText= makeJTextField(_section, "supplierDN", _resource);
- _dnLabel.setLabelFor(_dnText);
- _saveDN = DSUtil.getAttrValue( _legacyEntry, UPDATEDN_ATTR_NAME );
- if( _saveDN != null ) {
- _dnText.setText( _saveDN );
- } else {
- _dnText.setText("");
- }
-
- gbc.gridwidth = gbc.REMAINDER;
- gbc.anchor = gbc.NORTHWEST;
- gbc.fill = gbc.HORIZONTAL;
- gbc.weightx = 1.0;
- panel.add(_dnText, gbc);
-
-
- // passwd
- _pwdLabel = makeJLabel(_resource.getString(_section+"-SupplierNewPwd","label"));
- _pwdLabel.setToolTipText(_resource.getString(_section+"-SupplierNewPwd","ttip"));
- _pwdLabel.resetKeyboardActions();
-
- gbc.anchor = gbc.NORTHEAST;
- gbc.gridwidth = gbc.RELATIVE;
- gbc.fill = gbc.NONE;
- gbc.weightx = 0.0;
- panel.add(_pwdLabel, gbc);
-
- _pwdText= makeJPasswordField(_section, "SupplierNewPwd",
- "", 10, _resource);
- _pwdLabel.setLabelFor(_pwdText);
- _savePwd = DSUtil.getAttrValue( _legacyEntry, UPDATEDN_PASSWORD_ATTR_NAME);
- if( _savePwd != null){
- _pwdText.setText( _savePwd );
- } else {
- _savePwd = "";
- _pwdText.setText("");
- }
-
- gbc.anchor = gbc.NORTHWEST;
- gbc.gridwidth = gbc.REMAINDER;
- gbc.fill = gbc.HORIZONTAL;
- gbc.weightx = 1.0;
- panel.add(_pwdText, gbc);
-
- // pwd again
- _againLabel= makeJLabel(_resource.getString(_section+"-SupplierNewPwd","again"));
- _againLabel.resetKeyboardActions();
-
- gbc.anchor = gbc.NORTHEAST;
- gbc.gridwidth = gbc.RELATIVE;
- gbc.fill = gbc.NONE;
- gbc.weightx = 0.0;
- panel.add(_againLabel, gbc);
-
- _againText= makeJPasswordField(_section, "SupplierNewPwd",
- "", 10, _resource);
- _againLabel.setLabelFor(_againText);
- gbc.anchor = gbc.NORTHWEST;
- gbc.fill = gbc.HORIZONTAL;
- gbc.gridwidth = gbc.REMAINDER;
- // empty passwd is not valid
- _againText.setText( _savePwd );
- panel.add(_againText, gbc);
-
- return(panel);
- }
-
- /**
- * Update on-screen data from Directory.
- *
- **/
- public boolean refresh () {
- Debug.println("LegacyConsumerPanel.refresh()");
- /* We re-read the entry from the server */
- _entryExists = false;
- try {
- LDAPConnection ldc = _model.getServerInfo().getLDAPConnection();
- _legacyEntry = ldc.read(REPSETTINGS_DN);
- if (_legacyEntry != null) {
- _entryExists = true;
- }
- } catch (LDAPException lde) {
- _legacyEntry = null;
- }
- _isLegacyConsumerEnabled = _entryExists;
- _saveDN = DSUtil.getAttrValue( _legacyEntry, UPDATEDN_ATTR_NAME );
- _savePwd = DSUtil.getAttrValue( _legacyEntry, UPDATEDN_PASSWORD_ATTR_NAME);
-
- checkOkay();
- return true;
- }
-
- /**
- * Update on-screen data from Directory.
- *
- * Note: we overwrite the data that the user may have modified. This is done in order to keep
- * the coherency between the refresh behaviour of the different panels of the configuration tab.
- *
- **/
- public void refreshFromServer () {
- Debug.println("LegacyConsumerPanel.refreshFromServer()");
- resetCallback();
- }
-
-
- public void resetCallback() {
- /* We re-read the entry from the server */
- _entryExists = false;
- try {
- LDAPConnection ldc = _model.getServerInfo().getLDAPConnection();
- _legacyEntry = ldc.read(REPSETTINGS_DN);
- if (_legacyEntry != null) {
- _entryExists = true;
- }
- } catch (LDAPException lde) {
- _legacyEntry = null;
- }
- _isLegacyConsumerEnabled = _entryExists;
- _saveDN = DSUtil.getAttrValue( _legacyEntry, UPDATEDN_ATTR_NAME );
- _savePwd = DSUtil.getAttrValue( _legacyEntry, UPDATEDN_PASSWORD_ATTR_NAME);
-
- if( _saveDN != null){
- _dnText.setText( _saveDN );
- } else {
- _dnText.setText("");
- }
- _cbEnable.setSelected( _entryExists );
- _isDNDirty = false;
- _pwdText.setText( _savePwd );
- _againText.setText( _savePwd );
- _isPwdDirty = false;
- checkOkay();
- }
-
- public void okCallback() {
- if (!_isValid ||
- !_isDirty) {
- return;
- }
- LDAPConnection ldc = _model.getServerInfo().getLDAPConnection();
- /* We read again the entry to check if it exists ...*/
- _entryExists = false;
- try {
- _legacyEntry = ldc.read(REPSETTINGS_DN);
- if (_legacyEntry != null) {
- _entryExists = true;
- }
- } catch (LDAPException lde) {
- _legacyEntry = null;
- }
- checkStatus();
-
- String pwd = new String( _pwdText.getPassword() );
-
- if( _mustDelete ) {
- try {
- ldc.delete( REPSETTINGS_DN );
- _entryExists = false;
- _mustDelete = false;
- _dnText.setText("");
- _pwdText.setText("");
- _againText.setText("");
- } catch (LDAPException e) {
- /* If the entry does not exists, it's already removed, and we don't display any error message */
- if (e.getLDAPResultCode() == LDAPException.NO_SUCH_OBJECT) {
- _entryExists = false;
- _mustDelete = false;
- _dnText.setText("");
- _pwdText.setText("");
- _againText.setText("");
- } else {
- String ldapError = e.errorCodeToString();
- String ldapMessage = e.getLDAPErrorMessage();
- if ((ldapMessage != null) &&
- (ldapMessage.length() > 0)) {
- ldapError = ldapError + ". "+ldapMessage;
- }
- String[] args_m = { ldapError };
- DSUtil.showErrorDialog( _model.getFrame(),
- "error-del-legacy",
- args_m,
- _section,
- _resource);
- checkOkay();
- return;
- }
- }
- } else if (!_entryExists) {
-
- LDAPAttributeSet las = new LDAPAttributeSet();
-
- // add the more well known attributes and values
- las.add(new LDAPAttribute("objectclass",
- REPSETTINGS_OBJECTCLASSES));
- las.add(new LDAPAttribute("cn",
- REPSETTINGS_CN));
- las.add(new LDAPAttribute(UPDATEDN_ATTR_NAME,
- _dnText.getText()));
- las.add(new LDAPAttribute(UPDATEDN_PASSWORD_ATTR_NAME,
- pwd));
- LDAPEntry newEntry = new LDAPEntry(REPSETTINGS_DN, las);
-
- try {
- ldc.add( newEntry );
- } catch(LDAPException e) {
- String ldapError = e.errorCodeToString();
- String ldapMessage = e.getLDAPErrorMessage();
- if ((ldapMessage != null) &&
- (ldapMessage.length() > 0)) {
- ldapError = ldapError + ". "+ldapMessage;
- }
- String[] args_m = { ldapError };
- DSUtil.showErrorDialog( _model.getFrame(),
- "error-add-legacy",
- args_m,
- _section,
- _resource);
- checkOkay();
- return;
- }
- _legacyEntry = newEntry;
- _entryExists = true;
- } else {
- LDAPModificationSet attrs = new LDAPModificationSet();
- attrs.add(LDAPModification.REPLACE,
- new LDAPAttribute("nsslapd-legacy-updatedn",
- _dnText.getText()));
- attrs.add(LDAPModification.REPLACE,
- new LDAPAttribute("nsslapd-legacy-updatepw",
- pwd));
- try {
- ldc.modify( _legacyEntry.getDN(), attrs );
- } catch(LDAPException e) {
- String ldapError = e.errorCodeToString();
- String ldapMessage = e.getLDAPErrorMessage();
- if ((ldapMessage != null) &&
- (ldapMessage.length() > 0)) {
- ldapError = ldapError + ". "+ldapMessage;
- }
- String[] args_m = { ldapError };
- DSUtil.showErrorDialog( _model.getFrame(),
- "error-mod-legacy",
- args_m,
- _section,
- _resource);
- checkOkay();
- return;
- }
- }
- _saveDN = _dnText.getText();
- _savePwd = new String(_pwdText.getPassword());
- checkOkay();
- }
-
-
- public void changedUpdate(DocumentEvent e) {
- insertUpdate(e);
- }
-
- public void insertUpdate(DocumentEvent e) {
- if (!_isInitialized) return;
- checkOkay();
- }
-
- public void removeUpdate(DocumentEvent e) {
- changedUpdate(e);
- }
-
- public void itemStateChanged(ItemEvent e) {
- if(e.getSource().equals(_cbEnable)) {
- checkOkay();
- }
- }
-
- public void actionPerformed(ActionEvent e) {
- checkOkay();
- }
-
- private void checkPwd(){
- String p1 = new String( _pwdText.getPassword() );
- String p2 = new String( _againText.getPassword() );
-
- // (p1.length() == 0) && ( p2.length() == 0) in case of SSL strong auth
- // for the rest i think there is a min and of course they must be the same
- _isPasswdOK = (((p1.length() == 0) && ( p2.length() == 0)) ||
- (( p1.length() >= _pwdMinLength ) &&
- ( p2.length() >= _pwdMinLength ) &&
- ( p1.compareTo( p2 ) == 0)));
-
- _isPwdDirty = !p1.equals(_savePwd);
-
- if( _isPasswdOK ) {
- if( _isPwdDirty){
- setChangeState( _pwdLabel, CHANGE_STATE_MODIFIED);
- setChangeState( _againLabel, CHANGE_STATE_MODIFIED);
- } else {
- setChangeState( _pwdLabel, CHANGE_STATE_UNMODIFIED);
- setChangeState( _againLabel, CHANGE_STATE_UNMODIFIED);
- }
- } else {
- setChangeState( _pwdLabel, CHANGE_STATE_ERROR);
- setChangeState( _againLabel, CHANGE_STATE_ERROR);
- }
- }
-
- private void checkDN(){
- _isDNDirty = !DSUtil.equalDNs(_dnText.getText(), _saveDN);
- _isDNOK = DSUtil.isValidDN( _dnText.getText());
- if( _isDNOK ) {
- if( _isDNDirty ) {
- setChangeState( _dnLabel, CHANGE_STATE_MODIFIED);
- } else {
- setChangeState( _dnLabel, CHANGE_STATE_UNMODIFIED );
- }
- } else {
- setChangeState( _dnLabel, CHANGE_STATE_ERROR);
- }
- }
-
- private void checkEnable() {
- _isEnableDirty = (_cbEnable.isSelected() != _entryExists);
- if (_isEnableDirty) {
- setChangeState( _cbEnable, CHANGE_STATE_MODIFIED);
- } else {
- setChangeState( _cbEnable, CHANGE_STATE_UNMODIFIED );
- }
- }
-
- private void checkOkay() {
- checkEnabledField();
- checkPwd();
- checkDN();
- checkEnable();
-
- /* if the check box enable is not selected, what we have is always valid */
- _isValid = _isPasswdOK && _isDNOK || !_cbEnable.isSelected();
- _isDirty = (_isPwdDirty || _isDNDirty || _isEnableDirty) &&
- (_isEnableDirty || _cbEnable.isSelected()); /* We don't consider dirty if the user has kept the
- legacy disabled ... even if the other fields have been
- modified */
- if( _mustDelete ) {
- setDirtyFlag();
- setValidFlag();
- } else {
- if( _isDirty ){
- setDirtyFlag();
- } else {
- clearDirtyFlag();
- }
- if (_isValid) {
- setValidFlag();
- } else {
- clearValidFlag();
- }
- }
- }
-
-
- private void checkStatus() {
- _mustDelete = _entryExists && !_cbEnable.isSelected();
- _isLegacyConsumerEnabled = _cbEnable.isSelected();
- }
-
- /*==========================================================
- * private methods
- *==========================================================*/
- private void clearPWDFields() {
- _pwdText.setText("");
- _againText.setText("");
- }
-
- private void checkEnabledField(){
- checkStatus();
- _dnLabel.setEnabled( _isLegacyConsumerEnabled );
- _dnText.setEnabled( _isLegacyConsumerEnabled );
- _pwdText.setBackground( _dnText.getBackground());
- _againText.setBackground( _dnText.getBackground());
- _pwdLabel.setEnabled( _isLegacyConsumerEnabled );
- _pwdText.setEnabled( _isLegacyConsumerEnabled );
- _againLabel.setEnabled( _isLegacyConsumerEnabled );
- _againText.setEnabled( _isLegacyConsumerEnabled );
- }
-
- /*==========================================================
- * variables
- *==========================================================*/
- private IDSModel _model;
- private boolean _entryExists;
- private boolean _isValid = true;
- private boolean _isDirty = false;
- private boolean _isDNDirty = false;
- private boolean _isDNOK = true;
- private boolean _isPwdDirty = false;
- private boolean _isPasswdOK = true;
- private boolean _isEnableDirty = false;
- private boolean _mustDelete;
- private boolean _isLegacyConsumerEnabled;
-
- private JTextField _dnText;
- private JPasswordField _pwdText;
- private JPasswordField _againText;
- private JCheckBox _cbEnable = null;
- private JLabel _dnLabel;
- private JLabel _againLabel;
- private JLabel _pwdLabel;
- private String _savePwd;
- private String _saveDN;
-
-// DSEntryConfirmPassword _againDSEntry;
-// DSEntryPassword _pwdDSEntry;
- private LDAPEntry _legacyEntry;
-
- //get resource bundle
- private static ResourceSet _resource =
- new ResourceSet("com.netscape.admin.dirserv.panel.replication.replication");
- private static final String _section = "replication-legacyconsumer";
-
- private static final int _pwdMinLength = 8;
-
- private static final String REPSETTINGS_CN = "legacy consumer";
- public static final String REPSETTINGS_DN = "cn=" + REPSETTINGS_CN +
- ",cn=replication,cn=config";
- private static final String[] REPSETTINGS_OBJECTCLASSES =
- {"top", "extensibleObject"};
- private static final String UPDATEDN_ATTR_NAME =
- "nsslapd-legacy-updatedn";
- private static final String UPDATEDN_PASSWORD_ATTR_NAME =
- "nsslapd-legacy-updatepw";
-}
-
diff --git a/src/com/netscape/admin/dirserv/panel/replication/ReplicaSettingPanel.java b/src/com/netscape/admin/dirserv/panel/replication/ReplicaSettingPanel.java
index 0fc2a42..3ed4715 100644
--- a/src/com/netscape/admin/dirserv/panel/replication/ReplicaSettingPanel.java
+++ b/src/com/netscape/admin/dirserv/panel/replication/ReplicaSettingPanel.java
@@ -250,15 +250,6 @@ public class ReplicaSettingPanel extends BlankPanel {
gbc.gridwidth = gbc.REMAINDER;
gbc.weightx = 1.0;
purgeDelayPanel.add(Box.createHorizontalGlue(), gbc);
-
- _cb4xConsumer = makeJCheckBox(_section, "4xcompatible", false, _resource);
- _cb4xConsumer.setToolTipText(_resource.getString( "replication-replica-4xcompatible",
- "ttip"));
- gbc.gridwidth = gbc.RELATIVE;
- gbc.anchor = gbc.NORTHWEST;
- consumerTypePanel.add(_cb4xConsumer, gbc);
- gbc.gridwidth = gbc.REMAINDER;
- consumerTypePanel.add(Box.createHorizontalGlue(), gbc);
}
@@ -438,7 +429,6 @@ public class ReplicaSettingPanel extends BlankPanel {
_saveWindowsSyncEnabled = false;
_saveDS5ReplicaTypeExist = false;
- _saveDS5ReplicaLegacyConsumerExist = false;
_saveReplicaIDExist = false;
_saveReplicaIDExist = false;
_saveBindDNExist = false;
@@ -452,7 +442,6 @@ public class ReplicaSettingPanel extends BlankPanel {
_saveBindDNList = new Vector();
_saveDS5Flags = true;
_saveReferralList = new Vector();
- _save4xConsumer = false;
_saveIsSimpleMaster = false;
_saveIsSlave = false;
@@ -480,14 +469,6 @@ public class ReplicaSettingPanel extends BlankPanel {
_saveDS5ReplicaTypeExist = true;
}
- // nsds5ReplicaLegacyConsumer
- valattr = DSUtil.getAttrValue( replicaEntry, ReplicationTool.REPLICA_LEGACY_CONSUMER_ATTR );
- _save4xConsumer = (valattr.length() != 0) &&
- valattr.equalsIgnoreCase("on");
- if (valattr.length() != 0) {
- _saveDS5ReplicaLegacyConsumerExist = true;
- }
-
// nsds5ReplicaPurgeDelay
valattr = DSUtil.getAttrValue( replicaEntry, ReplicationTool.REPLICA_PURGE_DELAY_ATTR );
if( valattr.length() != 0 ) {
@@ -581,7 +562,6 @@ public class ReplicaSettingPanel extends BlankPanel {
"_saveBindDNExist = "+_saveBindDNExist+"\n"+
"_saveReferralListExist = "+_saveReferralListExist+"\n"+
"_savePurgeDelayExist = "+_savePurgeDelayExist+"\n"+
- "_save4xConsumer = "+_save4xConsumer+"\n"+
"_saveDS5FlagsExist = "+_saveDS5FlagsExist+"\n"+
"_saveReadOnly = "+_saveReadOnly+"\n"+
"_savePurgeDelay = "+_savePurgeDelay+"\n"+
@@ -636,11 +616,6 @@ public class ReplicaSettingPanel extends BlankPanel {
for (int i=0; i<_saveReferralList.size(); i++) {
_referralListData.addElement(_saveReferralList.elementAt(i));
}
- if (_save4xConsumer) {
- _cb4xConsumer.setSelected(true);
- } else {
- _cb4xConsumer.setSelected(false);
- }
}
private void populatePurgeDelay(String time) {
@@ -679,36 +654,12 @@ public class ReplicaSettingPanel extends BlankPanel {
}
Object source = e.getSource();
- /* If the user tries to define a 4.x Consumer, the legacy settings are needed.
- That's why we see if the legacy settings entry exists or not.
- If the legacy settings entry does not exist we display an error message telling
- the user that he/she has to define the legacy settings first. In this dialog we
- describe the steps to follow */
- if (source.equals(_cb4xConsumer) && _cb4xConsumer.isSelected()) {
- boolean legacyEntryExists = false;
- try {
- LDAPConnection ldc = _model.getServerInfo().getLDAPConnection();
- String[] attrs = {"dn"};
- LDAPEntry entry = ldc.read(LegacyConsumerSettingPanel.REPSETTINGS_DN, attrs);
- if (entry != null) {
- legacyEntryExists = true;
- }
- } catch (LDAPException lde) {
- }
- if (!legacyEntryExists) {
- _cb4xConsumer.setSelected(false);
- DSUtil.showErrorDialog( _model.getFrame(),
- "enable-legacy-error",
- (String[])null,
- _section,
- _resource);
- }
/* If the user tries to define a master or a hub, we need to log the changes.
That's why we see if the change log entry exists or not.
If the change log entry does not exist we display an error message telling
the user that he/she has to define the Change Log first. In this dialog we
describe the steps to follow */
- } else if ((source.equals(_rbIsSimpleMaster) &&
+ if ((source.equals(_rbIsSimpleMaster) &&
_rbIsSimpleMaster.isSelected()) ||
(source.equals(_rbIsMultiMaster) &&
_rbIsMultiMaster.isSelected()) ||
@@ -971,43 +922,7 @@ public class ReplicaSettingPanel extends BlankPanel {
*/
private boolean saveConfirmationDialog() {
boolean confirmation = true;
- if (_cbReplicaEnabled.isSelected() &&
- _cb4xConsumer.isSelected()) {
-
- /* The user is defining a multi master that can be updated by a 4.X server.
- With this configuration the replica won't accept client modifications. */
- if (_rbIsMultiMaster.isSelected()) {
- int option = DSUtil.showConfirmationDialog(
- _model.getFrame(),
- "confirm-multimaster-4xcompatible",
- "",
- _section,
- _resource);
- if (option != JOptionPane.YES_OPTION) {
- confirmation = false;
- }
- } else if (_rbIsSimpleMaster.isSelected()) {
- int option = DSUtil.showConfirmationDialog(
- _model.getFrame(),
- "confirm-simplemaster-4xcompatible",
- "",
- _section,
- _resource);
- if (option != JOptionPane.YES_OPTION) {
- confirmation = false;
- }
- } else {
- int option = DSUtil.showConfirmationDialog(
- _model.getFrame(),
- "confirm-readonly-4xcompatible",
- "",
- _section,
- _resource);
- if (option != JOptionPane.YES_OPTION) {
- confirmation = false;
- }
- }
- } else if (_rbIsSlave.isSelected() &&
+ if (_rbIsSlave.isSelected() &&
!_saveIsSlave &&
_saveReplicaEnabled &&
hasReplicationAgreements()) {
@@ -1207,14 +1122,6 @@ public class ReplicaSettingPanel extends BlankPanel {
value);
attrSet.add(attr);
- // nsds5ReplicaLegacyConsumer
- if (_cb4xConsumer.isSelected()) {
- value = "on";
- attr = new LDAPAttribute(ReplicationTool.REPLICA_LEGACY_CONSUMER_ATTR,
- value);
- attrSet.add(attr);
- }
-
// ndsDS5flags
/* If we are a slave we DON'T log changes */
if (!_rbIsSlave.isSelected()) {
@@ -1332,22 +1239,6 @@ public class ReplicaSettingPanel extends BlankPanel {
value));
}
- // nsds5ReplicaLegacyConsumer
- modType = _saveDS5ReplicaLegacyConsumerExist?LDAPModification.REPLACE:LDAPModification.ADD;
- if (_cb4xConsumer.isSelected() &&
- !_save4xConsumer ) {
- value = "on";
- modSet.add(modType,
- new LDAPAttribute(ReplicationTool.REPLICA_LEGACY_CONSUMER_ATTR,
- value));
- } else if (!_cb4xConsumer.isSelected() &&
- _save4xConsumer) {
- value = "off";
- modSet.add(modType,
- new LDAPAttribute(ReplicationTool.REPLICA_LEGACY_CONSUMER_ATTR,
- value));
- }
-
// ndsDS5flags
/* If we are a slave we DON'T log changes */
modType = _saveDS5FlagsExist?LDAPModification.REPLACE:LDAPModification.ADD;
@@ -1700,13 +1591,6 @@ public class ReplicaSettingPanel extends BlankPanel {
isPurgeDelayDirty = true;
}
}
-
- /* Check the 4x compatibility */
- boolean is4xCompatibleDirty = false;
- if (_cb4xConsumer.isSelected() != _save4xConsumer) {
- is4xCompatibleDirty = true;
- }
-
/* Check the supplier DN field */
boolean isBindDNListDirty = false;
boolean isBindDNListValid = true;
@@ -1748,13 +1632,6 @@ public class ReplicaSettingPanel extends BlankPanel {
} else {
setChangeState(_lBindDNList, CHANGE_STATE_UNMODIFIED);
}
-
- if (is4xCompatibleDirty) {
- setChangeState( _cb4xConsumer, CHANGE_STATE_MODIFIED );
- } else {
- setChangeState( _cb4xConsumer, CHANGE_STATE_UNMODIFIED);
- }
-
if (!isPurgeDelayValid) {
setChangeState(_lPurgeDelay, CHANGE_STATE_ERROR );
setChangeState(_cbPurgeDelayNever, CHANGE_STATE_ERROR );
@@ -1780,7 +1657,6 @@ public class ReplicaSettingPanel extends BlankPanel {
}
if (isReplicaIDDirty ||
- is4xCompatibleDirty ||
isBindDNListDirty ||
isPurgeDelayDirty ||
isReferralListDirty ||
@@ -1887,7 +1763,6 @@ public class ReplicaSettingPanel extends BlankPanel {
private JCheckBox _cbReplicaEnabled = null;
private JCheckBox _cbPurgeDelayNever = null;
- private JCheckBox _cb4xConsumer = null;
private JRadioButton _rbIsSimpleMaster = null;
private JRadioButton _rbIsSlave = null;
@@ -1918,7 +1793,6 @@ public class ReplicaSettingPanel extends BlankPanel {
private boolean _saveReferralListExist = false;
private boolean _savePurgeDelayExist = false;
private boolean _saveDS5FlagsExist = false;
- private boolean _saveDS5ReplicaLegacyConsumerExist = false;
private JLabel _lBindDNList = null;
private JLabel _lReferralList = null;
@@ -1934,11 +1808,8 @@ public class ReplicaSettingPanel extends BlankPanel {
private boolean _saveIsHub = false;
private boolean _saveReadOnly = false;
private boolean _saveReplicaEnabled = false;
- private boolean _saveWindowsSyncEnabled = false;
+ private boolean _saveWindowsSyncEnabled = false;
private boolean _saveDS5Flags = false;
- private boolean _save4xConsumer = false;
-
-
/* These members, tell which are the values in the server (or the default values
if there are no values on the server) */
diff --git a/src/com/netscape/admin/dirserv/panel/replication/ReplicationSettingPanel.java b/src/com/netscape/admin/dirserv/panel/replication/ReplicationSettingPanel.java
index 07c7a50..687f5b0 100644
--- a/src/com/netscape/admin/dirserv/panel/replication/ReplicationSettingPanel.java
+++ b/src/com/netscape/admin/dirserv/panel/replication/ReplicationSettingPanel.java
@@ -48,15 +48,11 @@ public class ReplicationSettingPanel extends DSTabbedPanel
_tabbedPanel = _tabbedPane;
_model = model;
_supplierTab = new SupplierSettingPanel(_model);
- _consumerTab = new LegacyConsumerSettingPanel(_model);
addTab(_supplierTab);
- addTab(_consumerTab);
_tabbedPane.setSelectedIndex(0);
_supplierTab.invalidate();
_supplierTab.validate();
- _consumerTab.invalidate();
- _consumerTab.validate();
_tabbedPane.invalidate();
_tabbedPane.validate();
}
@@ -73,12 +69,10 @@ public class ReplicationSettingPanel extends DSTabbedPanel
if ( e.getActionCommand().equals( DSResourceModel.REFRESH ) ) {
int nTabs = _tabbedPane.getTabCount();
for (int ii = 0; ii < nTabs; ++ii) {
- BlankPanel p = (BlankPanel)_tabbedPane.getComponentAt(ii);
+ BlankPanel p = (BlankPanel)_tabbedPane.getComponentAt(ii);
if (( p != null ) &&
p.isInitialized()) {
- if (p instanceof LegacyConsumerSettingPanel) {
- ((LegacyConsumerSettingPanel)p).refreshFromServer();
- } else if (p instanceof SupplierSettingPanel) {
+ if (p instanceof SupplierSettingPanel) {
((SupplierSettingPanel)p).refreshFromServer();
} else {
p.refresh();
@@ -90,7 +84,6 @@ public class ReplicationSettingPanel extends DSTabbedPanel
}
}
- BlankPanel _consumerTab;
BlankPanel _supplierTab;
JTabbedPane _tabbedPanel;
IDSModel _model;
diff --git a/src/com/netscape/admin/dirserv/panel/replication/ReplicationTool.java b/src/com/netscape/admin/dirserv/panel/replication/ReplicationTool.java
index d457406..8b8b546 100644
--- a/src/com/netscape/admin/dirserv/panel/replication/ReplicationTool.java
+++ b/src/com/netscape/admin/dirserv/panel/replication/ReplicationTool.java
@@ -128,7 +128,6 @@ public class ReplicationTool {
final static String REPLICA_N_CHANGES_SENT_ATTR = "nsds5replicaChangesSentSinceStartup";
final static String REPLICA_LAST_UPDATE_STATUS_ATTR = "nsds5replicaLastUpdateStatus";
final static String REPLICA_UPDATE_IN_PROGRESS_ATTR = "nsds5replicaUpdateInProgress";
- final static String REPLICA_LEGACY_CONSUMER_ATTR = "nsds5ReplicaLegacyConsumer";
final static String REPLICA_PURGE_DELAY_ATTR = "nsds5ReplicaPurgeDelay";
final static String DEFAULT_PURGE_DELAY = "604800";
final static String REPLICA_ID_ATTR = "nsDS5ReplicaID";
diff --git a/src/com/netscape/admin/dirserv/panel/replication/WindowsSyncSettingPanel.java b/src/com/netscape/admin/dirserv/panel/replication/WindowsSyncSettingPanel.java
index 10c873a..8b0d6cc 100755
--- a/src/com/netscape/admin/dirserv/panel/replication/WindowsSyncSettingPanel.java
+++ b/src/com/netscape/admin/dirserv/panel/replication/WindowsSyncSettingPanel.java
@@ -238,15 +238,6 @@ public class WindowsSyncSettingPanel extends BlankPanel {
gbc.gridwidth = gbc.REMAINDER;
gbc.weightx = 1.0;
purgeDelayPanel.add(Box.createHorizontalGlue(), gbc);
-
- _cb4xConsumer = makeJCheckBox(_section, "4xcompatible", false, _resource);
- _cb4xConsumer.setToolTipText(_resource.getString( "replication-replica-4xcompatible",
- "ttip"));
- gbc.gridwidth = gbc.RELATIVE;
- gbc.anchor = gbc.NORTHWEST;
- consumerTypePanel.add(_cb4xConsumer, gbc);
- gbc.gridwidth = gbc.REMAINDER;
- consumerTypePanel.add(Box.createHorizontalGlue(), gbc);
}
@@ -587,11 +578,6 @@ public class WindowsSyncSettingPanel extends BlankPanel {
for (int i=0; i<_saveReferralList.size(); i++) {
_referralListData.addElement(_saveReferralList.elementAt(i));
}
- // if (_save4xConsumer) {
- // _cb4xConsumer.setSelected(true);
- // } else {
- // _cb4xConsumer.setSelected(false);
- // }
}
private void populatePurgeDelay(String time) {
@@ -632,72 +618,6 @@ public class WindowsSyncSettingPanel extends BlankPanel {
checkFields();
checkEnablingState();
-
- // /* If the user tries to define a 4.x Consumer, the legacy settings are needed.
- // That's why we see if the legacy settings entry exists or not.
- // If the legacy settings entry does not exist we display an error message telling
- // the user that he/she has to define the legacy settings first. In this dialog we
- // describe the steps to follow */
- // if (source.equals(_cb4xConsumer) && _cb4xConsumer.isSelected()) {
- // boolean legacyEntryExists = false;
- // try {
- // LDAPConnection ldc = _model.getServerInfo().getLDAPConnection();
- // String[] attrs = {"dn"};
- // LDAPEntry entry = ldc.read(LegacyConsumerSettingPanel.REPSETTINGS_DN, attrs);
- // if (entry != null) {
- // legacyEntryExists = true;
- // }
- // } catch (LDAPException lde) {
- // }
- // if (!legacyEntryExists) {
- // _cb4xConsumer.setSelected(false);
- // DSUtil.showErrorDialog( _model.getFrame(),
- // "enable-legacy-error",
- // (String[])null,
- // _section,
- // _resource);
- // }
- // /* If the user tries to define a master or a hub, we need to log the changes.
- // That's why we see if the change log entry exists or not.
- // If the change log entry does not exist we display an error message telling
- // the user that he/she has to define the Change Log first. In this dialog we
- // describe the steps to follow */
- // } else if ((source.equals(_rbIsActiveDirectory) && _rbIsActiveDirectory.isSelected()) ||
- // (source.equals(_rbIsLegacyNT) && _rbIsLegacyNT.isSelected())) {
- // boolean logChangesExists = false;
- // try {
- // LDAPConnection ldc = _model.getServerInfo().getLDAPConnection();
- // String[] attrs = {"dn"};
- // LDAPEntry entry = ldc.read(SupplierSettingPanel.CHANGELOG_DN, attrs);
- // if (entry != null) {
- // logChangesExists = true;
- // }
- // } catch (LDAPException lde) {
- // }
- // if (!logChangesExists) {
- // // _rbIsSlave.setSelected(true);
- // DSUtil.showErrorDialog( _model.getFrame(),
- // "enable-changelog-error",
- // (String[])null,
- // _section,
- // _resource);
- // // } else if (!_rbIsHub.isSelected()) {
- // /* In the case the user wants to configure a master replica (no hub selected)
- // we check if the database is on read-only mode or not. If it is read only we display
- // an error message */
- // // if (isDatabaseReadOnly()) {
- // // // _rbIsSlave.setSelected(true);
- // // DSUtil.showErrorDialog( _model.getFrame(),
- // // "enable-master-error",
- // // (String[])null,
- // // _section,
- // // _resource);
- // }
- //
- //
- //
- // }
-
}
/**
@@ -1031,9 +951,6 @@ public class WindowsSyncSettingPanel extends BlankPanel {
attr = new LDAPAttribute(ReplicationTool.REPLICA_TYPE_ATTR, value);
attrSet.add(attr);
-// attr = new LDAPAttribute(ReplicationTool. REPLICA_LEGACY_CONSUMER_ATTR, value);
-// attrSet.add(attr);
-
// ndsDS5flags
/* If we are a slave we DON'T log changes */
// if (!_rbIsSlave.isSelected()) {
@@ -1147,22 +1064,6 @@ public class WindowsSyncSettingPanel extends BlankPanel {
value));
}
- // nsds5ReplicaLegacyConsumer
- // modType = _saveDS5ReplicaLegacyConsumerExist?LDAPModification.REPLACE:LDAPModification.ADD;
- // if (_cb4xConsumer.isSelected() &&
- // !_save4xConsumer ) {
- // value = "on";
- // modSet.add(modType,
- // new LDAPAttribute(ReplicationTool.REPLICA_LEGACY_CONSUMER_ATTR,
- // value));
- // } else if (!_cb4xConsumer.isSelected() &&
- // _save4xConsumer) {
- // value = "off";
- // modSet.add(modType,
- // new LDAPAttribute(ReplicationTool.REPLICA_LEGACY_CONSUMER_ATTR,
- // value));
- // }
-
// ndsDS5flags
/* If we are a slave we DON'T log changes */
modType = _saveDS5FlagsExist?LDAPModification.REPLACE:LDAPModification.ADD;
@@ -1531,12 +1432,6 @@ setValidFlag();
// }
// }
//
-// /* Check the 4x compatibility */
-// // boolean is4xCompatibleDirty = false;
-// // if (_cb4xConsumer.isSelected() != _save4xConsumer) {
-// // is4xCompatibleDirty = true;
-// // }
-//
// /* Check the supplier DN field */
// boolean isBindDNListDirty = false;
// boolean isBindDNListValid = true;
@@ -1575,12 +1470,6 @@ setValidFlag();
// setChangeState(_lBindDNList, CHANGE_STATE_UNMODIFIED);
// }
//
-// // if (is4xCompatibleDirty) {
-// // setChangeState( _cb4xConsumer, CHANGE_STATE_MODIFIED );
-// // } else {
-// // setChangeState( _cb4xConsumer, CHANGE_STATE_UNMODIFIED);
-// // }
-//
// if (!isPurgeDelayValid) {
// setChangeState(_lPurgeDelay, CHANGE_STATE_ERROR );
// setChangeState(_cbPurgeDelayNever, CHANGE_STATE_ERROR );
@@ -1606,7 +1495,6 @@ setValidFlag();
// }
//
// if (isReplicaIDDirty ||
-// // is4xCompatibleDirty ||
// isBindDNListDirty ||
// isPurgeDelayDirty ||
// isReferralListDirty ||
@@ -1713,7 +1601,6 @@ setValidFlag();
private JCheckBox _cbWindowsReplicaEnabled = null;
private JCheckBox _cbPurgeDelayNever = null;
- private JCheckBox _cb4xConsumer = null;
private JRadioButton _rbIsLegacyNT = null;
private JRadioButton _rbIsActiveDirectory = null;
@@ -1762,7 +1649,6 @@ setValidFlag();
private boolean _saveReadOnly = false;
//private boolean _saveReplicaEnabled = false;
//private boolean _saveDS5Flags = false;
- //private boolean _save4xConsumer = false;
private boolean _saveWindowsReplicaEnabled = false;
/* These members, tell which are the values in the server (or the default values
if there are no values on the server) */
diff --git a/src/com/netscape/admin/dirserv/panel/replication/replication.properties b/src/com/netscape/admin/dirserv/panel/replication/replication.properties
index 39521f5..3b797fc 100644
--- a/src/com/netscape/admin/dirserv/panel/replication/replication.properties
+++ b/src/com/netscape/admin/dirserv/panel/replication/replication.properties
@@ -29,8 +29,6 @@ replication-node-agreementPopupMenu-New=New Replication Agreement...
replication-node-agreementPopupMenu-New-description=Create replication agreement
replication-node-agreementPopupMenu-NewWin=New Windows Sync Agreement
replication-node-agreementPopupMenu-NewWin-description=Create Windows sync agreement
-replication-node-agreementPopupMenu-4xCompatible=Make Replica 4X Compatible
-replication-node-agreementPopupMenu-4xCompatible-description=This replica can be updated by a 4.X server
replication-node-agreementPopupMenu-Delete=&Delete Replication Agreement
replication-node-agreementPopupMenu-Delete-description=Delete replication agreement
replication-node-agreementPopupMenu-Copy=D&uplicate Replication Agreement...
@@ -283,14 +281,10 @@ replication-replica-enable-label=Enable Replica
replication-replica-enable-ttip=Select this checkbox to allow this replica to participate in replication.
replication-replica-enable-sync-label=Enable Windows Sync
replication-replica-enable-sync-ttip=Select this checkbox to enable windows sync
-replication-replica-enable-legacy-label=Enable Legacy Consumer
-replication-replica-enable-legacy-error-title=Configuration Error
-replication-replica-enable-legacy-error-msg=Before you can configure this replica to accept updates from a 4.X server, you have to define\n the Legacy Consumer Settings.\n\nGo to the Replication node and click the Legacy Consumer Settings tab to modify the settings.\nSelect the 'Enable Legacy Consumer' checkbox.\nComplete the 'Supplier DN' and password fields.\nClick 'Save'.
replication-replica-enable-changelog-error-title=Configuration Error
replication-replica-enable-changelog-error-msg=If you want to configure a Master or a Hub, you have to define change log settings.\n\nGo to the Replication node and click the Supplier Settings tab to modify the settings.\nSelect the 'Enable Changelog' checkbox.\nComplete the 'Changelog database directory' text field or click 'Use default'.\nClick 'Save'.
replication-replica-enable-master-error-title=Configuration Error
replication-replica-enable-master-error-msg=If you want to configure a Master, the database corresponding to this\nreplica cannot be in read-only mode.\n\nGo to the database node under the 'Data' node tree and unselect the \n'Database is read-only' checkbox in the 'Database Settings' tab.
-replication-replica-enable-legacy-ttip=Enable Replication Legacy Consumer
replication-replica-multimaster-label=Multiple Master
replication-replica-multimaster-ttip=This read-write replica will send updates to another replica and can receive updates from another master
replication-replica-simplemaster-label=Single Master
@@ -305,8 +299,6 @@ replication-replica-replicaid-label=Replica ID:
replication-replica-replicaid-ttip=A number between 1 and 65534 inclusive that uniquely identifies this replica.
replication-replica-replicaid-columns=6
replication-replica-replicaid-warning-label=(Must be unique among the IDs of the master replicas)
-replication-replica-4xcompatible-label=Updatable by a 4.X Replica
-replication-replica-4xcompatible-ttip=This replica can receive updates from a 4.X Directory Server
replication-replica-50compatible-label=Updatable by a 5.0 Replica
replication-replica-50compatible-ttip=This replica can receive updates from a 5.0 Server
replication-replica-type-label=Replica Role
@@ -328,12 +320,6 @@ replication-replica-purgedelay-never-label=Never
replication-replica-purgedelay-never-ttip=The purge of the entries is done instantaneously
replication-replica-confirmrepdelete-msg=Disabling this replica will delete all replication\nagreements for this replica and\nerase all replica information.\nDo you want to continue?
replication-replica-confirmrepdelete-title=Confirm Replica Deletion
-replication-replica-confirm-multimaster-4xcompatible-msg=You are defining a multiple master that accepts updates from a 4.x Directory Server.\nThis replica will no longer receive updates from the DN you specified in "Replica Update Settings."\nInstead, it receives updates from the 4.x supplier you specify in the Legacy Consumer Settings tab.\nThis replica will not function as a real master because it is read-only.\nClear the "Update by a 4.x Replica" checkbox to make this replica a true multiple master.\n\nDo you want to continue?
-replication-replica-confirm-multimaster-4xcompatible-title=Confirmation Required
-replication-replica-confirm-simplemaster-4xcompatible-msg=You are defining a single master that accepts updates from a 4.x Directory Server.\nThis replica will not function as a real master because it is read-only.\nClear the Update by a 4.x Replica checkbox to make this replica a true master.\n\nDo you want to continue?
-replication-replica-confirm-simplemaster-4xcompatible-title=Confirmation Required
-replication-replica-confirm-readonly-4xcompatible-msg=You are defining a replica that accepts updates from a 4.x Directory Server.\nThis replica receives updates from the 4.x supplier DN specified in Legacy Consumer Settings Panel.\nThis replica will not be updatable by a 5.0 Directory Server.\n\nDo you want to continue?
-replication-replica-confirm-readonly-4xcompatible-title=Confirmation Required
replication-replica-slave-defined-agreements-no-valid-msg=You are defining a dedicated consumer replica.\nAll replication agreements for this replica will be be erased.\n\nDo you want to continue?
replication-replica-slave-defined-agreements-no-valid-title=Confirmation Required
replication-replica-delete-referrals-information-title=Replica Disabled
9 years
dirsrvtests/tickets
by Noriko Hosoi
dirsrvtests/tickets/ticket48026_test.py | 160 ++++++++++++++++++++++++++++++++
1 file changed, 160 insertions(+)
New commits:
commit d61a0732965491c0d48c51fb61611cbc0058baa6
Author: William E Brown <william.e.brown(a)adelaide.edu.au>
Date: Sat Apr 11 11:29:52 2015 +0930
Tests to support ticket 48026
https://fedorahosted.org/389/ticket/48026
diff --git a/dirsrvtests/tickets/ticket48026_test.py b/dirsrvtests/tickets/ticket48026_test.py
new file mode 100644
index 0000000..b87cdfa
--- /dev/null
+++ b/dirsrvtests/tickets/ticket48026_test.py
@@ -0,0 +1,160 @@
+import os
+import sys
+import time
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry, tools, tasks
+from lib389.tools import DirSrvTools
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+from lib389.utils import *
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+USER1_DN = 'uid=user1,' + DEFAULT_SUFFIX
+USER2_DN = 'uid=user2,' + DEFAULT_SUFFIX
+
+
+class TopologyStandalone(object):
+ def __init__(self, standalone):
+ standalone.open()
+ self.standalone = standalone
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating standalone instance ...
+ standalone = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_STANDALONE
+ args_instance[SER_PORT] = PORT_STANDALONE
+ args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_standalone = args_instance.copy()
+ standalone.allocate(args_standalone)
+ instance_standalone = standalone.exists()
+ if instance_standalone:
+ standalone.delete()
+ standalone.create()
+ standalone.open()
+
+ # Clear out the tmp dir
+ standalone.clearTmpDir(__file__)
+
+ return TopologyStandalone(standalone)
+
+
+def test_ticket48026(topology):
+ '''
+ Test that multiple attribute uniqueness works correctly.
+ '''
+ # Configure the plugin
+ inst = topology.standalone
+ inst.plugins.enable(name=PLUGIN_ATTR_UNIQUENESS)
+
+ try:
+ # This plugin enable / disable doesn't seem to create the nsslapd-pluginId correctly?
+ inst.modify_s('cn=' + PLUGIN_ATTR_UNIQUENESS + ',cn=plugins,cn=config',
+ [(ldap.MOD_REPLACE, 'uniqueness-attribute-name', 'mail'),
+ (ldap.MOD_ADD, 'uniqueness-attribute-name',
+ 'mailAlternateAddress'),
+ ])
+ except ldap.LDAPError, e:
+ log.fatal('test_ticket48026: Failed to configure plugin for "mail": error ' + e.message['desc'])
+ assert False
+
+ inst.restart(timeout=30)
+
+ # Add an entry
+ try:
+ inst.add_s(Entry((USER1_DN, {'objectclass': "top extensibleObject".split(),
+ 'sn': '1',
+ 'cn': 'user 1',
+ 'uid': 'user1',
+ 'mail': 'user1(a)example.com',
+ 'mailAlternateAddress' : 'user1(a)alt.example.com',
+ 'userpassword': 'password'})))
+ except ldap.LDAPError, e:
+ log.fatal('test_ticket48026: Failed to add test user' + USER1_DN + ': error ' + e.message['desc'])
+ assert False
+
+ try:
+ inst.add_s(Entry((USER2_DN, {'objectclass': "top extensibleObject".split(),
+ 'sn': '2',
+ 'cn': 'user 2',
+ 'uid': 'user2',
+ 'mail': 'user1(a)example.com',
+ 'userpassword': 'password'})))
+ except ldap.CONSTRAINT_VIOLATION:
+ pass
+ else:
+ log.error('test_ticket48026: Adding of 1st entry(mail v mail) incorrectly succeeded')
+ assert False
+
+ try:
+ inst.add_s(Entry((USER2_DN, {'objectclass': "top extensibleObject".split(),
+ 'sn': '2',
+ 'cn': 'user 2',
+ 'uid': 'user2',
+ 'mailAlternateAddress': 'user1(a)alt.example.com',
+ 'userpassword': 'password'})))
+ except ldap.CONSTRAINT_VIOLATION:
+ pass
+ else:
+ log.error('test_ticket48026: Adding of 2nd entry(mailAlternateAddress v mailAlternateAddress) incorrectly succeeded')
+ assert False
+
+ try:
+ inst.add_s(Entry((USER2_DN, {'objectclass': "top extensibleObject".split(),
+ 'sn': '2',
+ 'cn': 'user 2',
+ 'uid': 'user2',
+ 'mail': 'user1(a)alt.example.com',
+ 'userpassword': 'password'})))
+ except ldap.CONSTRAINT_VIOLATION:
+ pass
+ else:
+ log.error('test_ticket48026: Adding of 3rd entry(mail v mailAlternateAddress) incorrectly succeeded')
+ assert False
+
+ try:
+ inst.add_s(Entry((USER2_DN, {'objectclass': "top extensibleObject".split(),
+ 'sn': '2',
+ 'cn': 'user 2',
+ 'uid': 'user2',
+ 'mailAlternateAddress': 'user1(a)example.com',
+ 'userpassword': 'password'})))
+ except ldap.CONSTRAINT_VIOLATION:
+ pass
+ else:
+ log.error('test_ticket48026: Adding of 4th entry(mailAlternateAddress v mail) incorrectly succeeded')
+ assert False
+
+ log.info('Test complete')
+
+
+def test_ticket48026_final(topology):
+ topology.standalone.delete()
+ log.info('Testcase PASSED')
+
+
+def run_isolated():
+ global installation1_prefix
+ installation1_prefix = None
+
+ topo = topology(True)
+ test_ticket48026(topo)
+ test_ticket48026_final(topo)
+
+
+if __name__ == '__main__':
+ run_isolated()
+
9 years
dirsrvtests/tickets
by Noriko Hosoi
dirsrvtests/tickets/ticket47966_test.py | 219 ++++++++++++++++++++++++++++++++
1 file changed, 219 insertions(+)
New commits:
commit 8309fd046c0e3ca9385fdb93f54515eb6004e69f
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Apr 10 14:10:40 2015 -0700
Ticket 47966 - CI test: added test cases for ticket 47966
Summary: slapd crashes during Dogtag clone reinstallation
Testing bulk import when the backend with VLV was recreated.
diff --git a/dirsrvtests/tickets/ticket47966_test.py b/dirsrvtests/tickets/ticket47966_test.py
new file mode 100644
index 0000000..0e784af
--- /dev/null
+++ b/dirsrvtests/tickets/ticket47966_test.py
@@ -0,0 +1,219 @@
+import os
+import sys
+import time
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry, tools, tasks
+from lib389.tools import DirSrvTools
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+from lib389.utils import *
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+m1_m2_agmt = ""
+
+class TopologyReplication(object):
+ def __init__(self, master1, master2):
+ master1.open()
+ self.master1 = master1
+ master2.open()
+ self.master2 = master2
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating master 1...
+ master1 = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_MASTER_1
+ args_instance[SER_PORT] = PORT_MASTER_1
+ args_instance[SER_SERVERID_PROP] = SERVERID_MASTER_1
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_master = args_instance.copy()
+ master1.allocate(args_master)
+ instance_master1 = master1.exists()
+ if instance_master1:
+ master1.delete()
+ master1.create()
+ master1.open()
+ master1.replica.enableReplication(suffix=DEFAULT_SUFFIX, role=REPLICAROLE_MASTER, replicaId=REPLICAID_MASTER_1)
+
+ # Creating master 2...
+ master2 = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_MASTER_2
+ args_instance[SER_PORT] = PORT_MASTER_2
+ args_instance[SER_SERVERID_PROP] = SERVERID_MASTER_2
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_master = args_instance.copy()
+ master2.allocate(args_master)
+ instance_master2 = master2.exists()
+ if instance_master2:
+ master2.delete()
+ master2.create()
+ master2.open()
+ master2.replica.enableReplication(suffix=DEFAULT_SUFFIX, role=REPLICAROLE_MASTER, replicaId=REPLICAID_MASTER_2)
+
+ #
+ # Create all the agreements
+ #
+ # Creating agreement from master 1 to master 2
+ properties = {RA_NAME: r'meTo_$host:$port',
+ RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],
+ RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],
+ RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],
+ RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}
+ global m1_m2_agmt
+ m1_m2_agmt = master1.agreement.create(suffix=DEFAULT_SUFFIX, host=master2.host, port=master2.port, properties=properties)
+ if not m1_m2_agmt:
+ log.fatal("Fail to create a master -> master replica agreement")
+ sys.exit(1)
+ log.debug("%s created" % m1_m2_agmt)
+
+ # Creating agreement from master 2 to master 1
+ properties = {RA_NAME: r'meTo_$host:$port',
+ RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],
+ RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],
+ RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],
+ RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}
+ m2_m1_agmt = master2.agreement.create(suffix=DEFAULT_SUFFIX, host=master1.host, port=master1.port, properties=properties)
+ if not m2_m1_agmt:
+ log.fatal("Fail to create a master -> master replica agreement")
+ sys.exit(1)
+ log.debug("%s created" % m2_m1_agmt)
+
+ # Allow the replicas to get situated with the new agreements...
+ time.sleep(5)
+
+ #
+ # Initialize all the agreements
+ #
+ master1.agreement.init(DEFAULT_SUFFIX, HOST_MASTER_2, PORT_MASTER_2)
+ master1.waitForReplInit(m1_m2_agmt)
+
+ # Check replication is working...
+ if master1.testReplication(DEFAULT_SUFFIX, master2):
+ log.info('Replication is working.')
+ else:
+ log.fatal('Replication is not working.')
+ assert False
+
+ # Clear out the tmp dir
+ master1.clearTmpDir(__file__)
+
+ return TopologyReplication(master1, master2)
+
+
+def test_ticket47966(topology):
+ '''
+ Testing bulk import when the backend with VLV was recreated.
+ If the test passes without the server crash, 47966 is verified.
+ '''
+ log.info('Testing Ticket 47966 - [VLV] slapd crashes during Dogtag clone reinstallation')
+ M1 = topology.master1
+ M2 = topology.master2
+
+ log.info('0. Create a VLV index on Master 2.')
+ # get the backend entry
+ be = M2.replica.conn.backend.list(suffix=DEFAULT_SUFFIX)
+ if not be:
+ log.fatal("ticket47966: enable to retrieve the backend for %s" % DEFAULT_SUFFIX)
+ raise ValueError("no backend for suffix %s" % DEFAULT_SUFFIX)
+ bent = be[0]
+ beName = bent.getValue('cn')
+ beDn = "cn=%s,cn=ldbm database,cn=plugins,cn=config" % beName
+
+ # generate vlvSearch entry
+ vlvSrchDn = "cn=vlvSrch,%s" % beDn
+ log.info('0-1. vlvSearch dn: %s' % vlvSrchDn)
+ vlvSrchEntry = Entry(vlvSrchDn)
+ vlvSrchEntry.setValues('objectclass', 'top', 'vlvSearch')
+ vlvSrchEntry.setValues('cn', 'vlvSrch')
+ vlvSrchEntry.setValues('vlvBase', DEFAULT_SUFFIX)
+ vlvSrchEntry.setValues('vlvFilter', '(|(objectclass=*)(objectclass=ldapsubentry))')
+ vlvSrchEntry.setValues('vlvScope', '2')
+ M2.add_s(vlvSrchEntry)
+
+ # generate vlvIndex entry
+ vlvIndexDn = "cn=vlvIdx,%s" % vlvSrchDn
+ log.info('0-2. vlvIndex dn: %s' % vlvIndexDn)
+ vlvIndexEntry = Entry(vlvIndexDn)
+ vlvIndexEntry.setValues('objectclass', 'top', 'vlvIndex')
+ vlvIndexEntry.setValues('cn', 'vlvIdx')
+ vlvIndexEntry.setValues('vlvSort', 'cn ou sn')
+ M2.add_s(vlvIndexEntry)
+
+ log.info('1. Initialize Master 2 from Master 1.')
+ M1.agreement.init(DEFAULT_SUFFIX, HOST_MASTER_2, PORT_MASTER_2)
+ M1.waitForReplInit(m1_m2_agmt)
+
+ # Check replication is working...
+ if M1.testReplication(DEFAULT_SUFFIX, M2):
+ log.info('1-1. Replication is working.')
+ else:
+ log.fatal('1-1. Replication is not working.')
+ assert False
+
+ log.info('2. Delete the backend instance on Master 2.')
+ M2.delete_s(vlvIndexDn)
+ M2.delete_s(vlvSrchDn)
+ # delete the agreement, replica, and mapping tree, too.
+ M2.replica.disableReplication(DEFAULT_SUFFIX)
+ mappingTree = 'cn="%s",cn=mapping tree,cn=config' % DEFAULT_SUFFIX
+ M2.mappingtree.delete(DEFAULT_SUFFIX, beName, mappingTree)
+ M2.backend.delete(DEFAULT_SUFFIX, beDn, beName)
+
+ log.info('3. Recreate the backend and the VLV index on Master 2.')
+ M2.mappingtree.create(DEFAULT_SUFFIX, beName)
+ M2.backend.create(DEFAULT_SUFFIX, {BACKEND_NAME: beName})
+ log.info('3-1. Recreating %s and %s on Master 2.' % (vlvSrchDn, vlvIndexDn))
+ M2.add_s(vlvSrchEntry)
+ M2.add_s(vlvIndexEntry)
+ M2.replica.enableReplication(suffix=DEFAULT_SUFFIX, role=REPLICAROLE_MASTER, replicaId=REPLICAID_MASTER_2)
+ # agreement m2_m1_agmt is not needed... :p
+
+ log.info('4. Initialize Master 2 from Master 1 again.')
+ M1.agreement.init(DEFAULT_SUFFIX, HOST_MASTER_2, PORT_MASTER_2)
+ M1.waitForReplInit(m1_m2_agmt)
+
+ # Check replication is working...
+ if M1.testReplication(DEFAULT_SUFFIX, M2):
+ log.info('4-1. Replication is working.')
+ else:
+ log.fatal('4-1. Replication is not working.')
+ assert False
+
+ log.info('5. Check Master 2 is up.')
+ entries = M2.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, '(cn=*)')
+ assert len(entries) > 0
+ log.info('5-1. %s entries are returned from M2.' % len(entries))
+
+ log.info('Test complete')
+
+
+def test_ticket47966_final(topology):
+ topology.master1.delete()
+ topology.master2.delete()
+ log.info('Testcase PASSED')
+
+
+def run_isolated():
+ global installation1_prefix
+ installation1_prefix = None
+
+ topo = topology(True)
+ test_ticket47966(topo)
+ test_ticket47966_final(topo)
+
+
+if __name__ == '__main__':
+ run_isolated()
+
9 years
ldap/admin
by Noriko Hosoi
ldap/admin/src/scripts/DSUtil.pm.in | 51 ++++++------
ldap/admin/src/scripts/template-bak2db.pl.in | 5 -
ldap/admin/src/scripts/template-cleanallruv.pl.in | 7 +
ldap/admin/src/scripts/template-db2bak.pl.in | 5 -
ldap/admin/src/scripts/template-db2index.pl.in | 5 -
ldap/admin/src/scripts/template-db2ldif.pl.in | 4
ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in | 5 -
ldap/admin/src/scripts/template-fixup-memberof.pl.in | 5 -
ldap/admin/src/scripts/template-fixup-memberuid.pl.in | 5 -
ldap/admin/src/scripts/template-ldif2db.pl.in | 5 -
ldap/admin/src/scripts/template-ns-accountstatus.pl.in | 5 -
ldap/admin/src/scripts/template-ns-activate.pl.in | 7 +
ldap/admin/src/scripts/template-ns-inactivate.pl.in | 7 +
ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in | 7 +
ldap/admin/src/scripts/template-schema-reload.pl.in | 7 +
ldap/admin/src/scripts/template-syntax-validate.pl.in | 7 +
ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in | 7 +
ldap/admin/src/scripts/template-verify-db.pl.in | 7 +
18 files changed, 102 insertions(+), 49 deletions(-)
New commits:
commit e7c8da691309f2bcaa0c78cd5fb3c7793f2e2c75
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Apr 7 15:12:31 2015 -0700
Ticket #48143 - Password is not correctly passed to perl command line tools if it contains shell special characters.
Description: If a password contains shell special characters such as '$', '!',
'"', or ''', they were evaluated before passing to the core programs, e.g.,
ns-slapd for import and export or ldapmodify for tasks.
This patch escapes the special characters using shellEscape subroutine
in DSUtil.pm.
Example:
Directory Manager Password: pas$w!or'd"
$ ./db2ldif.pl -n userRoot -D 'cn=directory manager' -w -w pas\$w\!or\'d\"
Successfully added task entry "cn=export_2015_4_7_15_17_16,cn=export,cn=tasks,cn=config"
https://fedorahosted.org/389/ticket/48143
Reviewed by rmeggins(a)redhat.com (Thank you, Rich!!)
diff --git a/ldap/admin/src/scripts/DSUtil.pm.in b/ldap/admin/src/scripts/DSUtil.pm.in
index 818fafa..879c6d8 100644
--- a/ldap/admin/src/scripts/DSUtil.pm.in
+++ b/ldap/admin/src/scripts/DSUtil.pm.in
@@ -1433,6 +1433,7 @@ sub ldapmod {
my $protocol_error;
my $result;
my $rc;
+ my $myrootdnpw = shellEscape($info{rootdnpw});
#
# write the entry to file so we can grab the result code after running ldapmodify(-f)
@@ -1456,7 +1457,7 @@ sub ldapmod {
unlink ($file);
return 1;
}
-
+
#
# Execute ldapmodify using the specified/most secure protocol
#
@@ -1468,9 +1469,9 @@ sub ldapmod {
print "STARTTLS)\n";
}
if($info{openldap} eq "yes"){
- system "ldapmodify -x -ZZ -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{args} -f \"$file\" > /dev/null";
+ system "ldapmodify -x -ZZ -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w $myrootdnpw $info{args} -f \"$file\" > /dev/null";
} else {
- system "ldapmodify -ZZZ -P \"$info{certdir}\" -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{args} -f \"$file\" > /dev/null";
+ system "ldapmodify -ZZZ -P \"$info{certdir}\" -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w $myrootdnpw $info{args} -f \"$file\" > /dev/null";
}
} elsif (($info{security} eq "on" && $info{protocol} eq "") || ($info{security} eq "on" && $info{protocol} =~ m/LDAPS/i) ){
#
@@ -1480,9 +1481,9 @@ sub ldapmod {
print "LDAPS)\n";
}
if($info{openldap} eq "yes"){
- system "ldapmodify -x -H \"ldaps://$info{host}:$info{secure_port}\" -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{args} -f \"$file\" > /dev/null";
+ system "ldapmodify -x -H \"ldaps://$info{host}:$info{secure_port}\" -D \"$info{rootdn}\" -w $myrootdnpw $info{args} -f \"$file\" > /dev/null";
} else {
- system "ldapmodify -Z -P \"$info{certdir}\" -p $info{secure_port} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{args} -f \"$file\" > /dev/null";
+ system "ldapmodify -Z -P \"$info{certdir}\" -p $info{secure_port} -D \"$info{rootdn}\" -w $myrootdnpw $info{args} -f \"$file\" > /dev/null";
}
} elsif (($info{openldap} eq "yes") && (($info{ldapi} eq "on" && $info{protocol} eq "") || ($info{ldapi} eq "on" && $info{protocol} =~ m/LDAPI/i)) ){
#
@@ -1497,7 +1498,7 @@ sub ldapmod {
if($protocol_error eq "yes"){
print "LDAPI)\n";
}
- system "ldapmodify -x -H \"$info{ldapiURL}\" -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{args} -f \"$file\" > /dev/null";
+ system "ldapmodify -x -H \"$info{ldapiURL}\" -D \"$info{rootdn}\" -w $myrootdnpw $info{args} -f \"$file\" > /dev/null";
}
} else {
#
@@ -1507,9 +1508,9 @@ sub ldapmod {
print "LDAP)\n";
}
if($info{openldap} eq "yes"){
- system "ldapmodify -x -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{args} -f \"$file\" > /dev/null";
+ system "ldapmodify -x -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w $myrootdnpw $info{args} -f \"$file\" > /dev/null";
} else {
- system "ldapmodify -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{args} -f \"$file\" > /dev/null";
+ system "ldapmodify -h $info{host} -p $info{port} -D \"$info{rootdn}\" -w $myrootdnpw $info{args} -f \"$file\" > /dev/null";
}
}
unlink ($file);
@@ -1528,6 +1529,7 @@ sub ldapsrch {
my $protocol_error;
my $search;
my $result;
+ my $myrootdnpw = shellEscape($info{rootdnpw});
$result = check_protocol(%info);
if($result == 1){
@@ -1544,11 +1546,11 @@ sub ldapsrch {
print "STARTTLS)\n";
}
if($info{openldap} eq "yes"){
- $search = "ldapsearch -x -LLL -ZZ -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" " .
- "$info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
+ $search = "ldapsearch -x -LLL -ZZ -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w $myrootdnpw " .
+ "$info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
} else {
$search = "ldapsearch -ZZZ -P \"$info{certdir}\" -p $info{port} -h $info{host} -D \"$info{rootdn}\" " .
- "-w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
+ "-w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
}
} elsif (($info{security} eq "on" && $info{protocol} eq "") || ($info{security} eq "on" && $info{protocol} =~ m/LDAPS/i) ){
#
@@ -1558,11 +1560,11 @@ sub ldapsrch {
print "LDAPS)\n";
}
if($info{openldap} eq "yes"){
- $search = "ldapsearch -x -LLL -H \"ldaps://$info{host}:$info{secure_port}\" -D \"$info{rootdn}\" " .
- "-w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
+ $search = "ldapsearch -x -LLL -H \"ldaps://$info{host}:$info{secure_port}\" -D \"$info{rootdn}\" " .
+ "-w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
} else {
$search = "ldapsearch -Z -P \"$info{certdir}\" -p $info{secure_port} -h $info{host} -D \"$info{rootdn}\" " .
- "-w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
+ "-w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
}
} elsif (($info{openldap} eq "yes") && (($info{ldapi} eq "on" && $info{protocol} eq "") || ($info{ldapi} eq "on" && $info{protocol} =~ m/LDAPI/i)) ){
#
@@ -1572,7 +1574,7 @@ sub ldapsrch {
$search = "ldapsearch -LLL -H \"$info{ldapiURL}\" -Y EXTERNAL " .
"$info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} 2>/dev/null";
} else {
- $search = "ldapsearch -x -LLL -H \"$info{ldapiURL}\" -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" " .
+ $search = "ldapsearch -x -LLL -H \"$info{ldapiURL}\" -D \"$info{rootdn}\" -w $myrootdnpw " .
"$info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
}
} else {
@@ -1583,10 +1585,10 @@ sub ldapsrch {
print "LDAP)\n";
}
if($info{openldap} eq "yes"){
- $search = "ldapsearch -x -LLL -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" " .
+ $search = "ldapsearch -x -LLL -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w $myrootdnpw " .
"$info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
} else {
- $search = "ldapsearch -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" " .
+ $search = "ldapsearch -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w $myrootdnpw " .
"$info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs}";
}
}
@@ -1601,6 +1603,7 @@ sub ldapsrch_ext {
my $protocol_error;
my $result;
my $txt;
+ my $myrootdnpw = shellEscape($info{rootdnpw});
$result = check_protocol(%info);
if($result == 1){
@@ -1617,9 +1620,9 @@ sub ldapsrch_ext {
print "STARTTLS)\n";
}
if($info{openldap} eq "yes"){
- return `ldapsearch -x -LLL -ZZ -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
+ return `ldapsearch -x -LLL -ZZ -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
} else {
- return `ldapsearch -ZZZ -P $info{certdir} -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
+ return `ldapsearch -ZZZ -P $info{certdir} -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
}
} elsif (($info{security} eq "on" && $info{protocol} eq "") || ($info{security} eq "on" && $info{protocol} =~ m/LDAPS/i) ){
#
@@ -1629,9 +1632,9 @@ sub ldapsrch_ext {
print "LDAPS)\n";
}
if($info{openldap} eq "yes"){
- return `ldapsearch -x -LLL -H ldaps://$info{host}:$info{secure_port} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
+ return `ldapsearch -x -LLL -H ldaps://$info{host}:$info{secure_port} -D \"$info{rootdn}\" -w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
} else {
- return `ldapsearch -Z -P $info{certdir} -p $info{secure_port} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
+ return `ldapsearch -Z -P $info{certdir} -p $info{secure_port} -D \"$info{rootdn}\" -w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
}
} elsif (($info{openldap} eq "yes") && (($info{ldapi} eq "on" && $info{protocol} eq "") || ($info{ldapi} eq "on" && $info{protocol} =~ m/LDAPI/i)) ){
#
@@ -1640,7 +1643,7 @@ sub ldapsrch_ext {
if ($< == 0 && $info{autobind} eq "on"){
return `ldapsearch -LLL -H \"$info{ldapiURL}\" -Y EXTERNAL $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect} 2>/dev/null`;
} else {
- return `ldapsearch -x -LLL -H \"$info{ldapiURL}\" -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
+ return `ldapsearch -x -LLL -H \"$info{ldapiURL}\" -D \"$info{rootdn}\" -w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
}
} else {
#
@@ -1650,9 +1653,9 @@ sub ldapsrch_ext {
print "LDAP)\n";
}
if($info{openldap} eq "yes"){
- return `ldapsearch -x -LLL -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
+ return `ldapsearch -x -LLL -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
} else {
- return `ldapsearch -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w \"$info{rootdnpw}\" $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
+ return `ldapsearch -p $info{port} -h $info{host} -D \"$info{rootdn}\" -w $myrootdnpw $info{srch_args} -b \"$info{base}\" -s $info{scope} \"$info{filter}\" $info{attrs} $info{redirect}`;
}
}
}
diff --git a/ldap/admin/src/scripts/template-bak2db.pl.in b/ldap/admin/src/scripts/template-bak2db.pl.in
index 4c7bab8..6e2e863 100644
--- a/ldap/admin/src/scripts/template-bak2db.pl.in
+++ b/ldap/admin/src/scripts/template-bak2db.pl.in
@@ -39,12 +39,15 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-cleanallruv.pl.in b/ldap/admin/src/scripts/template-cleanallruv.pl.in
index 8f96b82..132bf1e 100644
--- a/ldap/admin/src/scripts/template-cleanallruv.pl.in
+++ b/ldap/admin/src/scripts/template-cleanallruv.pl.in
@@ -39,16 +39,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/cleanallruv.pl @wrapperArgs -Z {{SERV-ID}}"
-exit ($?);
\ No newline at end of file
+exit ($?);
diff --git a/ldap/admin/src/scripts/template-db2bak.pl.in b/ldap/admin/src/scripts/template-db2bak.pl.in
index 712f387..66d136f 100644
--- a/ldap/admin/src/scripts/template-db2bak.pl.in
+++ b/ldap/admin/src/scripts/template-db2bak.pl.in
@@ -39,12 +39,15 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-db2index.pl.in b/ldap/admin/src/scripts/template-db2index.pl.in
index d2d6d87..b724225 100644
--- a/ldap/admin/src/scripts/template-db2index.pl.in
+++ b/ldap/admin/src/scripts/template-db2index.pl.in
@@ -39,12 +39,15 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-db2ldif.pl.in b/ldap/admin/src/scripts/template-db2ldif.pl.in
index feb8af9..3294e95 100644
--- a/ldap/admin/src/scripts/template-db2ldif.pl.in
+++ b/ldap/admin/src/scripts/template-db2ldif.pl.in
@@ -39,6 +39,8 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
use Cwd;
# We lose args that are quoted when passing ARGV to a wrapper
@@ -46,7 +48,7 @@ while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in b/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in
index 78ac81d..a2663fa 100644
--- a/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in
+++ b/ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in
@@ -39,12 +39,15 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-fixup-memberof.pl.in b/ldap/admin/src/scripts/template-fixup-memberof.pl.in
index 7f1ce6c..9bea8a7 100644
--- a/ldap/admin/src/scripts/template-fixup-memberof.pl.in
+++ b/ldap/admin/src/scripts/template-fixup-memberof.pl.in
@@ -39,12 +39,15 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-fixup-memberuid.pl.in b/ldap/admin/src/scripts/template-fixup-memberuid.pl.in
index 8ac4f86..0eca3e1 100644
--- a/ldap/admin/src/scripts/template-fixup-memberuid.pl.in
+++ b/ldap/admin/src/scripts/template-fixup-memberuid.pl.in
@@ -39,6 +39,9 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
sub usage {
print(STDERR "Usage: $0 [-v] -D rootdn { -w password | -w - | -j filename } \n");
print(STDERR " -b baseDN [-f filter]\n");
@@ -163,7 +166,7 @@ if ( $filter_arg ne "" )
}
$entry = "${dn}${misc}${cn}${basedn}${filter}";
-open(FOO, "| ldapmodify @ldaptool_opts@ $vstr -h {{SERVER-NAME}} -p {{SERVER-PORT}} -D \"$rootdn\" -w \"$passwd\" -a" );
+open(FOO, "| ldapmodify @ldaptool_opts@ $vstr -h {{SERVER-NAME}} -p {{SERVER-PORT}} -D \"$rootdn\" -w shellEscape($passwd) -a" );
print(FOO "$entry");
close(FOO);
diff --git a/ldap/admin/src/scripts/template-ldif2db.pl.in b/ldap/admin/src/scripts/template-ldif2db.pl.in
index 5211fd5..d7e4bc2 100644
--- a/ldap/admin/src/scripts/template-ldif2db.pl.in
+++ b/ldap/admin/src/scripts/template-ldif2db.pl.in
@@ -39,12 +39,15 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-ns-accountstatus.pl.in b/ldap/admin/src/scripts/template-ns-accountstatus.pl.in
index 1a672ae..148b550 100644
--- a/ldap/admin/src/scripts/template-ns-accountstatus.pl.in
+++ b/ldap/admin/src/scripts/template-ns-accountstatus.pl.in
@@ -39,12 +39,15 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
diff --git a/ldap/admin/src/scripts/template-ns-activate.pl.in b/ldap/admin/src/scripts/template-ns-activate.pl.in
index d957212..49f214b 100644
--- a/ldap/admin/src/scripts/template-ns-activate.pl.in
+++ b/ldap/admin/src/scripts/template-ns-activate.pl.in
@@ -39,16 +39,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/ns-activate.pl @wrapperArgs -Z {{SERV-ID}}";
-exit ($?);
\ No newline at end of file
+exit ($?);
diff --git a/ldap/admin/src/scripts/template-ns-inactivate.pl.in b/ldap/admin/src/scripts/template-ns-inactivate.pl.in
index 44c87fb..0e89902 100644
--- a/ldap/admin/src/scripts/template-ns-inactivate.pl.in
+++ b/ldap/admin/src/scripts/template-ns-inactivate.pl.in
@@ -39,16 +39,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/ns-inactivate.pl @wrapperArgs -Z {{SERV-ID}}";
-exit ($?);
\ No newline at end of file
+exit ($?);
diff --git a/ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in b/ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in
index d85394d..096a843 100755
--- a/ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in
+++ b/ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in
@@ -39,16 +39,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/ns-newpwpolicy.pl @wrapperArgs -Z {{SERV-ID}}";
-exit ($?);
\ No newline at end of file
+exit ($?);
diff --git a/ldap/admin/src/scripts/template-schema-reload.pl.in b/ldap/admin/src/scripts/template-schema-reload.pl.in
index 2dcb9d5..ea5bb1e 100644
--- a/ldap/admin/src/scripts/template-schema-reload.pl.in
+++ b/ldap/admin/src/scripts/template-schema-reload.pl.in
@@ -39,16 +39,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/schema-reload.pl @wrapperArgs -Z {{SERV-ID}}";
-exit ($?);
\ No newline at end of file
+exit ($?);
diff --git a/ldap/admin/src/scripts/template-syntax-validate.pl.in b/ldap/admin/src/scripts/template-syntax-validate.pl.in
index a7c5111..a901dcf 100644
--- a/ldap/admin/src/scripts/template-syntax-validate.pl.in
+++ b/ldap/admin/src/scripts/template-syntax-validate.pl.in
@@ -39,16 +39,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/syntax-validate.pl @wrapperArgs -Z {{SERV-ID}}";
-exit ($?);
\ No newline at end of file
+exit ($?);
diff --git a/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in b/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in
index 66202f5..86c6f99 100644
--- a/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in
+++ b/ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in
@@ -38,16 +38,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/usn-tombstone-cleanup.pl @wrapperArgs -Z {{SERV-ID}}";
-exit ($?);
\ No newline at end of file
+exit ($?);
diff --git a/ldap/admin/src/scripts/template-verify-db.pl.in b/ldap/admin/src/scripts/template-verify-db.pl.in
index 6d2bfbe..1276a49 100644
--- a/ldap/admin/src/scripts/template-verify-db.pl.in
+++ b/ldap/admin/src/scripts/template-verify-db.pl.in
@@ -38,16 +38,19 @@
# END COPYRIGHT BLOCK
#
+use lib qw(/usr/lib64/dirsrv/perl);
+use DSUtil qw(shellEscape);
+
# We lose args that are quoted when passing ARGV to a wrapper
while ($i <= $#ARGV) {
if($ARGV[$i] =~ /^-/){
$wrapperArgs[$i] = $ARGV[$i];
} else {
- $wrapperArgs[$i] = "\"$ARGV[$i]\"";
+ $wrapperArgs[$i] = shellEscape($ARGV[$i]);
}
$i++;
}
exec "{{SERVERBIN-DIR}}/verify-db.pl @wrapperArgs -Z {{SERV-ID}}";
-exit ($?);
\ No newline at end of file
+exit ($?);
9 years
ldap/servers
by Noriko Hosoi
ldap/servers/plugins/replication/windows_protocol_util.c | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
New commits:
commit d85ef49c1f642623f067370987b94a9ab36fa4bb
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Apr 7 15:27:21 2015 -0700
Ticket #47723 - winsync sets AccountUserControl in AD to 544
Description: Active Directory sets 0x20 (PASSWD_NOTREQD) to userAccountControl
if a password (attribute UnicodePWD) is not found in the entry to be added.
WindowsSync first sends an entry without a password to AD to add since it is
not allowed on AD:
http://support.microsoft.com/en-us/kb/269190
The unicodePWD attribute cannot be added on object creation or queried
by a search.
Then, it updates the password followed by resetting userAccountControl.
This patch checks the userAccountControl set by AD. If a password is already
set (pwdLastSet > 0), then update userAccountControl with the PASSWD_NOTREQD
bit unset.
Sample userAccountControl of an entry created on DS:
dn: CN=DS User,CN=users,DC=test,DC=example,DC=com
userAccountControl: 512
pwdLastSet: 130729092637082979
https://fedorahosted.org/389/ticket/47723
Reviewed by rmeggins(a)redhat.com (Thank you, Rich!!)
diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c
index dabc936..89f5062 100644
--- a/ldap/servers/plugins/replication/windows_protocol_util.c
+++ b/ldap/servers/plugins/replication/windows_protocol_util.c
@@ -772,7 +772,13 @@ to_little_endian_double_bytes(UChar *unicode_password, int32_t unicode_password_
}
/* this entry had a password, handle it seperately */
-/* http://support.microsoft.com/?kbid=269190 */
+/*
+ * http://support.microsoft.com/en-us/kb/269190
+ * The password is stored in the AD and LDS database on a user object in the
+ * unicodePwd attribute. This attribute can be written under restricted
+ * conditions, but it cannot be read. The attribute can only be modified; it
+ * cannot be added on object creation or queried by a search.
+ */
static int
send_password_modify(Slapi_DN *sdn,
char *password,
@@ -914,6 +920,7 @@ send_accountcontrol_modify(Slapi_DN *sdn, Private_Repl_Protocol *prp, int missin
Slapi_Entry *remote_entry = NULL;
int retval;
unsigned long acctval = 0;
+ unsigned long pwdlastset = 0;
char acctvalstr[32];
/* have to first retrieve the existing entry - userAccountControl is
@@ -922,6 +929,7 @@ send_accountcontrol_modify(Slapi_DN *sdn, Private_Repl_Protocol *prp, int missin
retval = windows_get_remote_entry(prp, sdn, &remote_entry);
if (0 == retval && remote_entry) {
acctval = slapi_entry_attr_get_ulong(remote_entry, "userAccountControl");
+ pwdlastset = slapi_entry_attr_get_ulong(remote_entry, "pwdLastSet");
}
slapi_entry_free(remote_entry);
/* if we are adding a new entry, we need to set the entry to be
@@ -932,6 +940,9 @@ send_accountcontrol_modify(Slapi_DN *sdn, Private_Repl_Protocol *prp, int missin
agmt_get_long_name(prp->agmt), slapi_sdn_get_dn(sdn));
acctval &= ~0x2; /* unset the disabled bit, if set */
}
+ if (pwdlastset) {
+ acctval &= ~0x20; /* unset the PASSWD_NOTREQD bit, if set */
+ }
/* set the account to be a normal account */
acctval |= 0x0200; /* normal account == 512 */
9 years