diff options
-rw-r--r-- | include/libaccess/aclproto.h | 1 | ||||
-rw-r--r-- | ldap/servers/plugins/chainingdb/cb_controls.c | 7 | ||||
-rw-r--r-- | ldap/servers/plugins/replication/cl5_api.c | 6 | ||||
-rw-r--r-- | ldap/servers/plugins/replication/windows_connection.c | 20 | ||||
-rw-r--r-- | ldap/servers/slapd/back-ldbm/archive.c | 28 | ||||
-rw-r--r-- | ldap/servers/slapd/back-ldbm/misc.c | 5 | ||||
-rw-r--r-- | ldap/servers/slapd/eventq.c | 4 | ||||
-rw-r--r-- | ldap/servers/slapd/modify.c | 1 | ||||
-rw-r--r-- | ldap/servers/snmp/main.c | 5 | ||||
-rw-r--r-- | lib/libaccess/aclcache.cpp | 104 |
10 files changed, 65 insertions, 116 deletions
diff --git a/include/libaccess/aclproto.h b/include/libaccess/aclproto.h index 68ef3d80..f1371cfc 100644 --- a/include/libaccess/aclproto.h +++ b/include/libaccess/aclproto.h @@ -151,7 +151,6 @@ NSAPI_PUBLIC int ACL_Init(void); NSAPI_PUBLIC int ACL_InitPostMagnus(void); NSAPI_PUBLIC int ACL_LateInitPostMagnus(void); NSAPI_PUBLIC void ACL_ListHashUpdate(ACLListHandle_t **acllistp); -NSAPI_PUBLIC void ACL_GetPathAcls(char *path, ACLListHandle_t **acllist_p, char *prefix, ACLListHandle_t *masterlist); NSAPI_PUBLIC int ACL_ReadDbMapFile(NSErr_t *errp, const char *map_file, int default_only); NSAPI_PUBLIC int ACL_MethodNamesGet(NSErr_t *errp, char ***names, int *count); diff --git a/ldap/servers/plugins/chainingdb/cb_controls.c b/ldap/servers/plugins/chainingdb/cb_controls.c index ca64595c..142284a9 100644 --- a/ldap/servers/plugins/chainingdb/cb_controls.c +++ b/ldap/servers/plugins/chainingdb/cb_controls.c @@ -224,12 +224,15 @@ int cb_update_controls( Slapi_PBlock * pb, if (!strcmp(reqControls[cCount]->ldctl_oid,CB_LDAP_CONTROL_CHAIN_SERVER)) { /* Max hop count reached ? */ - /* Checked realier by a call to cb_forward_operation() */ + /* Checked earlier by a call to cb_forward_operation() */ BerElement *ber = NULL; ber = ber_init(&(reqControls[cCount]->ldctl_value)); - ber_scanf(ber,"i",&hops); + if (LBER_ERROR == ber_scanf(ber,"i",&hops)) { + slapi_log_error( SLAPI_LOG_PLUGIN,CB_PLUGIN_SUBSYSTEM, + "Unable to get number of hops from the chaining control\n"); + } ber_free(ber,1); useloop=1; diff --git a/ldap/servers/plugins/replication/cl5_api.c b/ldap/servers/plugins/replication/cl5_api.c index b4ec5e45..56cc9711 100644 --- a/ldap/servers/plugins/replication/cl5_api.c +++ b/ldap/servers/plugins/replication/cl5_api.c @@ -1475,7 +1475,11 @@ int cl5ConfigTrimming (int maxEntries, const char *maxAge) /* make sure changelog is not closed while trimming configuration is updated.*/ - _cl5AddThread (); + if (CL5_SUCCESS != _cl5AddThread ()) { + slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl, + "cl5ConfigTrimming: could not start changelog trimming thread\n"); + return CL5_BAD_STATE; + } PR_Lock (s_cl5Desc.dbTrim.lock); diff --git a/ldap/servers/plugins/replication/windows_connection.c b/ldap/servers/plugins/replication/windows_connection.c index 8aabfdbb..2e24bfed 100644 --- a/ldap/servers/plugins/replication/windows_connection.c +++ b/ldap/servers/plugins/replication/windows_connection.c @@ -885,7 +885,10 @@ Slapi_Entry * windows_conn_get_search_result(Repl_Connection *conn) LDAPControl **returned_controls = NULL; int code = 0; /* Purify says this is a leak : */ - ldap_parse_result( conn->ld, res, &code, NULL, NULL, NULL, &returned_controls, 0 ); + if (LDAP_SUCCESS != (rc = ldap_parse_result( conn->ld, res, &code, NULL, NULL, NULL, &returned_controls, 0 ))) { + slapi_log_error(SLAPI_LOG_FATAL, windows_repl_plugin_name, + "error reading search result in windows_conn_get_search_result, rc=%d:%s\n", rc, ldap_err2string(rc)); + } if (returned_controls) { windows_private_update_dirsync_control(conn->agmt, returned_controls); @@ -1818,7 +1821,20 @@ windows_check_user_password(Repl_Connection *conn, Slapi_DN *sdn, char *password /* Attempt to do a bind on the existing connection * using the dn and password that were passed in. */ msgid = do_simple_bind(conn, conn->ld, (char *) binddn, password); - ldap_result(conn->ld, msgid, LDAP_MSG_ALL, NULL, &res); + rc = ldap_result(conn->ld, msgid, LDAP_MSG_ALL, NULL, &res); + if (0 > rc) { /* error */ + rc = slapi_ldap_get_lderrno(conn->ld, NULL, NULL); + slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, + "Error reading bind response for id " + "[%s]: error %d (%s)\n", + binddn ? binddn : "(anon)", + rc, ldap_err2string(rc)); + } else if (rc == 0) { /* timeout */ + slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, + "Error: timeout reading " + "bind response for [%s]\n", + binddn ? binddn : "(anon)"); + } ldap_parse_result( conn->ld, res, &rc, NULL, NULL, NULL, NULL, 1 /* Free res */); /* rebind as the DN specified in the sync agreement */ diff --git a/ldap/servers/slapd/back-ldbm/archive.c b/ldap/servers/slapd/back-ldbm/archive.c index 1f3587a7..54274539 100644 --- a/ldap/servers/slapd/back-ldbm/archive.c +++ b/ldap/servers/slapd/back-ldbm/archive.c @@ -235,7 +235,15 @@ int ldbm_back_archive2ldbm( Slapi_PBlock *pb ) if (0 != return_value) { /* error case (607331) * just to go back to the previous state if possible */ - dblayer_start(li, DBLAYER_NORMAL_MODE); + if ((return_value = dblayer_start(li, DBLAYER_NORMAL_MODE))) { + LDAPDebug1Arg(LDAP_DEBUG_ANY, + "archive2db: Unable to to start database in [%s]\n", li->li_directory); + if (task) { + slapi_task_log_notice(task, "Failed to start the database in " + "%s", li->li_directory); + } + goto out; + } } /* bring all backends back online */ for (inst_obj = objset_first_obj(li->li_instance_set); inst_obj; @@ -441,7 +449,23 @@ err: dir_bak, directory); } ldbm_delete_dirs(directory); - PR_Rename(dir_bak, directory); + if (PR_SUCCESS != PR_Rename(dir_bak, directory)) { + PRErrorCode prerr = PR_GetError(); + LDAPDebug(LDAP_DEBUG_ANY, + "db2archive: Failed to rename \"%s\" to \"%s\".\n", + dir_bak, directory, 0); + LDAPDebug(LDAP_DEBUG_ANY, + SLAPI_COMPONENT_NAME_NSPR " error %d (%s)\n", + prerr, slapd_pr_strerror(prerr), 0); + if (task) { + slapi_task_log_notice(task, + "Failed to rename \"%s\" to \"%s\".", + dir_bak, directory); + slapi_task_log_notice(task, + SLAPI_COMPONENT_NAME_NSPR " error %d (%s)", + prerr, slapd_pr_strerror(prerr)); + } + } } out: /* close the database down again */ diff --git a/ldap/servers/slapd/back-ldbm/misc.c b/ldap/servers/slapd/back-ldbm/misc.c index ad7128de..2bcdd9d9 100644 --- a/ldap/servers/slapd/back-ldbm/misc.c +++ b/ldap/servers/slapd/back-ldbm/misc.c @@ -245,7 +245,10 @@ allinstance_set_busy(struct ldbminfo *li) for (inst_obj = objset_first_obj(li->li_instance_set); inst_obj; inst_obj = objset_next_obj(li->li_instance_set, inst_obj)) { inst = (ldbm_instance *)object_get_data(inst_obj); - instance_set_busy(inst); + if (instance_set_busy(inst)) { + LDAPDebug1Arg(LDAP_DEBUG_TRACE, "could not set instance [%s] as busy, probably already busy\n", + inst->inst_name); + } } if (inst_obj) object_release(inst_obj); diff --git a/ldap/servers/slapd/eventq.c b/ldap/servers/slapd/eventq.c index 6870ecc2..c5fa1200 100644 --- a/ldap/servers/slapd/eventq.c +++ b/ldap/servers/slapd/eventq.c @@ -435,7 +435,9 @@ void eq_init() { if (!eq_initialized) { - PR_CallOnce(&init_once, eq_create); + if (PR_SUCCESS != PR_CallOnce(&init_once, eq_create)) { + slapi_log_error(SLAPI_LOG_FATAL, NULL, "eq_init - eq_create failed\n"); + } } } diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c index 3f78b019..55308a30 100644 --- a/ldap/servers/slapd/modify.c +++ b/ldap/servers/slapd/modify.c @@ -573,7 +573,6 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw) Slapi_Backend *be = NULL; Slapi_Entry *pse; Slapi_Entry *referral; - Slapi_Entry *ecopy = NULL; Slapi_Entry *e = NULL; char ebuf[BUFSIZ]; char *dn; diff --git a/ldap/servers/snmp/main.c b/ldap/servers/snmp/main.c index 04c4ee3f..a216d34d 100644 --- a/ldap/servers/snmp/main.c +++ b/ldap/servers/snmp/main.c @@ -411,7 +411,10 @@ load_config(char *conf_path) int vlen; #endif /* Check if this is the cn=config entry */ - ldif_parse_line(ldif_getline(&entryp), &attr, &val, &vlen); + if (ldif_parse_line(ldif_getline(&entryp), &attr, &val, &vlen)) { + printf("ldap-agent: error parsing ldif line from [%s]\n", serv_p->dse_ldif); + } + if ((strcmp(attr, "dn") == 0) && (strcmp(val, "cn=config") == 0)) { char *dse_line = NULL; diff --git a/lib/libaccess/aclcache.cpp b/lib/libaccess/aclcache.cpp index e474601a..10588879 100644 --- a/lib/libaccess/aclcache.cpp +++ b/lib/libaccess/aclcache.cpp @@ -432,110 +432,6 @@ ACL_CacheEnterGet(char *uri, ACLListHandle_t **acllistp) return; } -/* ACL_AddAclName - * Adds the ACLs for just the terminal object specified in a pathname. - * INPUT - * path The filesystem pathname of the terminal object. - * acllistp The address of the list of ACLs found thus far. - * Could be NULL. If so, a new acllist will be allocated (if any - * acls are found). Otherwise the existing list will be added to. - * masterlist Usually acl_root_30. - */ -void -ACL_AddAclName(char *path, ACLListHandle_t **acllistp, ACLListHandle_t -*masterlist) -{ - ACLHandle_t *acl; - NSErr_t *errp = 0; - -#ifdef XP_WIN32 - acl = ACL_ListFind(errp, masterlist, path, ACL_CASE_INSENSITIVE); -#else - acl = ACL_ListFind(errp, masterlist, path, ACL_CASE_SENSITIVE); -#endif - if (!acl) - return; - - PR_ASSERT(ACL_AssertAcl(acl)); - - if (!*acllistp) - *acllistp = ACL_ListNew(errp); - ACL_ListAppend(NULL, *acllistp, acl, 0); - - PR_ASSERT(ACL_AssertAcllist(*acllistp)); - return; -} - - -/* ACL_GetPathAcls - * Adds the ACLs for all directories plus the terminal object along a given - * filesystem pathname. For each pathname component, look for the name, the - * name + "/", and the name + "/*". The last one is because the resource - * picker likes to postpend "/*" for directories. - * INPUT - * path The filesystem pathname of the terminal object. - * acllistp The address of the list of ACLs found thus far. - * Could be NULL. If so, a new acllist will be allocated (if any - * acls are found). Otherwise the existing list will be added to. - * prefix A string to be prepended to the path component when looking - * for a matching ACL tag. - */ -void -ACL_GetPathAcls(char *path, ACLListHandle_t **acllistp, char *prefix, -ACLListHandle_t *masterlist) -{ - char *slashp=path; - int slashidx; - char ppath[ACL_PATH_MAX]; - int prefixlen; - char *dst; - - PR_ASSERT(path); - PR_ASSERT(prefix); - - dst = strncpy(ppath, prefix, ACL_PATH_MAX); - if (dst >= (ppath+ACL_PATH_MAX-1)) { - ereport(LOG_SECURITY, "Abort - the path is too long for ACL_GetPathAcls to handle\n"); - abort(); - } - prefixlen = strlen(ppath); - - /* Handle the first "/". i.e. the root directory */ - if (*path == '/') { - ppath[prefixlen]='/'; - ppath[prefixlen+1]='\0'; - ACL_AddAclName(ppath, acllistp, masterlist); - strcat(ppath, "*"); - ACL_AddAclName(ppath, acllistp, masterlist); - slashp = path; - } - - do { - slashp = strchr(++slashp, '/'); - if (slashp) { - slashidx = slashp - path; - strncpy(&ppath[prefixlen], path, slashidx); - ppath[slashidx+prefixlen] = '\0'; - ACL_AddAclName(ppath, acllistp, masterlist); - /* Must also handle "/a/b/" in addition to "/a/b" */ - strcat(ppath, "/"); - ACL_AddAclName(ppath, acllistp, masterlist); - strcat(ppath, "*"); - ACL_AddAclName(ppath, acllistp, masterlist); - continue; - } - strcpy(&ppath[prefixlen], path); - ACL_AddAclName(ppath, acllistp, masterlist); - strcat(ppath, "/"); - ACL_AddAclName(ppath, acllistp, masterlist); - strcat(ppath, "*"); - ACL_AddAclName(ppath, acllistp, masterlist); - break; - } while (slashp); - -} - - static int get_is_owner_default (NSErr_t *errp, PList_t subject, PList_t resource, PList_t auth_info, PList_t global_auth, void *unused) |