ds.git/ldap, branch master Unnamed repository; edit this file to name it for gitweb. Cov #16300 - Unused variable in account policy plugin 2010-10-08T21:44:18+00:00 Nathan Kinder nkinder@redhat.com 2010-10-08T21:44:18+00:00 5ae39a968b9b28d4c44407490228645c5c1e0764 The plugin_id variable is unused in acct_inact_limit(). This patch removes the unused variable. 
The plugin_id variable is unused in acct_inact_limit().  This
patch removes the unused variable.
Bug 631993 - Log authzid when proxy auth control is used 2010-10-08T20:10:43+00:00 Nathan Kinder nkinder@redhat.com 2010-10-08T20:10:43+00:00 e766b5a9e07666b95d8ba505bd512adccd41d8a3 This patch makes the access log entries for search, add, mod, del, and modrdn operations display the authzid that is used when the proxy authorization control is sent by the client. 
This patch makes the access log entries for search, add, mod, del,
and modrdn operations display the authzid that is used when the
proxy authorization control is sent by the client.
Bug 640854 - changelog db: _cl5WriteOperation: failed to 2010-10-07T06:27:47+00:00 Noriko Hosoi nhosoi@jiji.usersys.redhat.com 2010-10-07T06:27:47+00:00 3604c48b86e6b6feea63f99bebfecaa346d2bf59 write entry; db error - 22 Invalid argument https://bugzilla.redhat.com/show_bug.cgi?id=640854 Description: DBENV open flags is used to determine the DB_OPEN mode whether to set DB_AUTO_COMMIT or not. The info was eliminated in the change made for "Bug 633168 - Share backend dbEnv with the replication changelog". This patch picks up the backend dbenv openflags and uses it for the changelog DB_OPEN. 
write entry; db error - 22 Invalid argument

https://bugzilla.redhat.com/show_bug.cgi?id=640854

Description: DBENV open flags is used to determine the DB_OPEN mode
whether to set DB_AUTO_COMMIT or not.  The info was eliminated in
the change made for "Bug 633168 - Share backend dbEnv with the
replication changelog".

This patch picks up the backend dbenv openflags and uses it for
the changelog DB_OPEN.
Bug 640027 - Naming attribute with a special char sequence parsing bug 2010-10-05T22:40:10+00:00 Noriko Hosoi nhosoi@redhat.com 2010-10-05T22:40:10+00:00 9a00a444cea117d0950bef3bb9327bd05e9d11bb https://bugzilla.redhat.com/show_bug.cgi?id=640027 Description: When DN is made from RDNs containing escaped plus "\+", the dn normalizer considers the value could be nested multi- valued RDNs. (e.g., cn=C\=Z\+A\=X\+B\=Y\,o\=O,o=OO) In that case, multi-valued RDNs are sorted by the normalizer. (==> cn=A\=X\+B\=Y\+C\=Z\,o\=O,o=OO) The sample DN provided by Andrey Ivanov contains "\+", but that is not a separator for the multi-valued RDNs: cn=mytest\+\=-123'\;456,dc=example,dc=com The dn normalizer should have checked the possibility, as well. The check is added in this patch. Also, sorting was not triggered if multi-valued RDNs are located at the end of the value. (e.g., cn=C\=X\,B\=Y\+A\=Z,o=OO) The bug was fixed, as well. 
https://bugzilla.redhat.com/show_bug.cgi?id=640027

Description: When DN is made from RDNs containing escaped plus
"\+", the dn normalizer considers the value could be nested multi-
valued RDNs. (e.g., cn=C\=Z\+A\=X\+B\=Y\,o\=O,o=OO)
In that case, multi-valued RDNs are sorted by the normalizer.
(==> cn=A\=X\+B\=Y\+C\=Z\,o\=O,o=OO)
The sample DN provided by Andrey Ivanov contains "\+", but that
is not a separator for the multi-valued RDNs:
  cn=mytest\+\=-123'\;456,dc=example,dc=com
The dn normalizer should have checked the possibility, as well.
The check is added in this patch.

Also, sorting was not triggered if multi-valued RDNs are located
at the end of the value. (e.g., cn=C\=X\,B\=Y\+A\=Z,o=OO)
The bug was fixed, as well.
Bug 625335 - Self-write aci has permission to invalid attribute 2010-10-05T17:27:24+00:00 Nathan Kinder nkinder@redhat.com 2010-10-05T17:23:55+00:00 c783496c2a020860b33a44db7d89f1f33f036a1d The Console throws an error dialog when you attempt to edit the default self-write ACI. The Console thinks that the labeledURL attribute is not valid sicne it does not properly handle attributes that use anything other than the primary short name. This patch changes the default ACI to use the primary short name of labeledURI instead of labeledURL. Fixing the Console to handle non-primary short names will be dealt with in another bug in the future. 
The Console throws an error dialog when you attempt to edit the
default self-write ACI.  The Console thinks that the labeledURL
attribute is not valid sicne it does not properly handle attributes
that use anything other than the primary short name.

This patch changes the default ACI to use the primary short name
of labeledURI instead of labeledURL.  Fixing the Console to handle
non-primary short names will be dealt with in another bug in the
future.
Bug 639289 - Adding a new CN entry with UpperCase UTF-8 Character 2010-10-05T16:31:15+00:00 Noriko Hosoi nhosoi@redhat.com 2010-10-05T16:31:15+00:00 76c33394c21a64a7c20047f72196b31dfdf233f0 https://bugzilla.redhat.com/show_bug.cgi?id=639289 Description: There was a bug in the utf8 uppe2Lower table: Character İ (LATIN CAPITAL LETTER I WITH DOT ABOVE) did not map to the corresponding LATIN SMALL LETTER DOTLESS I (2 bytes) but to ascii 'i' (1 byte). The shortened DN tailed with a garbage character and the entry was treated as an orphan entry which does not belong to any suffix. This patch fixes the mapping table mismatch as well as adds a code to dn_ignore_case_to_end to force to NULL terminate the converted string. 
https://bugzilla.redhat.com/show_bug.cgi?id=639289

Description:
There was a bug in the utf8 uppe2Lower table:
Character İ (LATIN CAPITAL LETTER I WITH DOT ABOVE) did not map
to the corresponding LATIN SMALL LETTER DOTLESS I (2 bytes) but
to ascii 'i' (1 byte).  The shortened DN tailed with a garbage
character and the entry was treated as an orphan entry which does
not belong to any suffix.

This patch fixes the mapping table mismatch as well as adds a code
to dn_ignore_case_to_end to force to NULL terminate the converted
string.
fix typos in Makefile.am, acctpolicy schema 2010-10-01T23:02:53+00:00 Rich Megginson rmeggins@redhat.com 2010-09-29T20:19:04+00:00 d04ffbe70416df4b1b63e7d4e21dbcbb428afe49 Fixed some typos and copy/paste errors in Makefile.am and acctpolicy schema 
Fixed some typos and copy/paste errors in Makefile.am and acctpolicy schema
add support for global inactivity limit 2010-10-01T23:02:53+00:00 Rich Megginson rmeggins@redhat.com 2010-09-29T20:15:08+00:00 037623905acf1379c964821dbb00f82f2ef1ac95 if the attribute accountInactivityLimit is specified in the global config entry cn=config,cn=Account Policy Plugin,cn=plugins,cn=config, it will be the default inactivity limit - if there is an account policy specified by acctPolicySubentry, that one will take precedence over the global policy 
if the attribute accountInactivityLimit is specified in the global
config entry cn=config,cn=Account Policy Plugin,cn=plugins,cn=config,
it will be the default inactivity limit - if there is an account policy
specified by acctPolicySubentry, that one will take precedence over the
global policy
do not register pre/post op plugins if disabled 2010-10-01T23:02:53+00:00 Rich Megginson rmeggins@redhat.com 2010-09-29T14:43:12+00:00 4ddeb0bd1e5b79360b1850ea454c08d9c2706ffa the main init function is responsible for looking to see if it is enabled and should not do any further processing, including registering the pre/post op plugins, if it is disabled 
the main init function is responsible for looking to see if it is enabled
and should not do any further processing, including registering the
pre/post op plugins, if it is disabled
fix pblock memory leak 2010-10-01T23:02:53+00:00 Rich Megginson rmeggins@redhat.com 2010-09-29T14:42:03+00:00 5f01b7913cc0c19bf8757351506f73adb1c9e58b acct_record_login() should use and destroy the pblock locally - it does not need to be passed in from the calling function 
acct_record_login() should use and destroy the pblock locally - it does
not need to be passed in from the calling function