https://bugzilla.redhat.com/show_bug.cgi?id=610276
Resolves: bug 610276
Bug Description: fix coverity Defect Type: API usage errors issues
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: Must call va_end after calling va_start.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no

https://bugzilla.redhat.com/show_bug.cgi?id=603942
Resolves: bug 603942
Bug Description:  null deref in _ger_parse_control() for subjectdn
Reviewed by: nkinder (Thanks!)
Branch: HEAD
Fix Description: Needed to pass &orig to ber_scanf 'a' instead of orig.  Also,check for NULL before doing strlen(orig).
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
(cherry picked from commit 82625ebf670c0f234e8bcbf18420e84b325e359e)

https://bugzilla.redhat.com/show_bug.cgi?id=609256

Description by nkinder@redhat.com:
Our CGIs are very restricted in what they can access/run.  Most of
the CGIs are self contained programs (they may use libraries, which
is fine).  In this case, it looks like pwdhash-bin is called from
the SELinux context used by CGIs (httpd_dirsrvadmin_script_t).  The
pwdhash-bin program then tries to load libslapd.so.0, which is labeled
as dirsrv_lib_t.  This should be allowed by our SELinux policy since
we call this macro with the httpd_dirsrvadmin_script_t contex.  What
seems to be the issue here is that libslapd.so.0 is a symlink, not a
regular file.  SELinux considers this to be a class of "lnk_file",
as can be seen in the raw AVC from /var/log/audit/audit.  We need to
expand the dirsrv_exec_lib macro to cover link_file.

          rename switch is on

https://bugzilla.redhat.com/show_bug.cgi?id=578296

Change Description:
1) ldbm_back_next_search_entry_ext (ldbm_search.c)
   When getting an entry from ID using id2entry_ext, pass a flag
   ID2ENTRY_ADD_ENTRYDN to add entrydn to the entry.
2) id2entry_ext (id2entry.c)
   Added id2entry_ext to handle the flag ID2ENTRY_ADD_ENTRYDN.
   If ID2ENTRY_ADD_ENTRYDN is set in the flags variable and
   entryrdn switch is enabled, entrydn is added to the entry.
3) index_read_ext (index.c)
   If entryrdn switch is on and the attribute type is entrydn and
   the search type is equality, then call entryrdn_index_read
   to get the ID directly.

https://bugzilla.redhat.com/show_bug.cgi?id=605827

Description: 70upgradednformat.pl does nothing if the server is up.
The upgrade script is effective only when it's called in the Off-
line mode.
(cherry picked from commit a109da80a8eae4400b42a27bb5de604f9aee344d)

https://bugzilla.redhat.com/show_bug.cgi?id=604453
Resolves: bug 604453
Bug Description: SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: When the server pushes the SASL IO layer on to the connection
it must do so when there are no other references to the connection.  The only
way to do this without introducing more locking is to have the saslbind code
just register the intent to push SASL IO at the next available time.  This
cannot be done in the sasl bind code (or any operation code for that matter)
because connection_threadmain() will enable the connection for reading
(and polling) after reading the PDU and before calling the operation
function.  Therefore, during the operation function, the connection may be
being actively polled, so we must not access the conn c_prfd.
The best place to push the IO layer is in connection_threadmain, after the
server has notified that there is read ready on the connection, but before
we have actually attempted to read anything.  At this point,
connection_threadmain is the only thread that will be accessing the
connection, and if we push or pop the IO layer before calling the read
function, we are guaranteed to have the correct IO layer to use.
The code has been made generic enough to allow for use by the startTLS code
if the need arises.
I also added some more locking in the saslbind code, and changed the sasl IO
code to more closely resemble the way that the NSS code deals with IO
layer push/pop.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
(cherry picked from commit c28fcadfc7812108573e40f13624e11a5a8609e5)

https://bugzilla.redhat.com/show_bug.cgi?id=604453
Resolves: bug 604453
Description: SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Branch: master
Reviewed by: nhosoi (Thanks!)
Fix Description: We usually do not have to pop the IO layer from the SASL
connection.  This is usually handled by PR_Close() on the PRFD, which should
only happen when the connection is not being referenced by the main PR_Poll()
call.  The only time we need to explicitly pop the SASL IO layer is if the
client re-negotiates the SASL bind with a different ssf e.g. going from
clear to protected or vice versa.
Platforms tested: RHEL5 x86_64
(cherry picked from commit ac6ce0947d9b2d5ec3649948bca861f0e318d708)

         also applied to "cn=directory manager"

https://bugzilla.redhat.com/show_bug.cgi?id=606920

Description: When a timelimit (as well as a sizelimit) is successfully
retrieved from SLAPIResLimitConnData, the value is always set to pblock.
With this change, it sets "no limit (-1)" if the operation is initiated
by Directory Manager.