ds.git/ldap/servers/plugins/replication, branch bug515329.py Unnamed repository; edit this file to name it for gitweb. Repl Session API needs to check for NULL api before init 2010-05-21T17:34:01+00:00 Rich Megginson rmeggins@redhat.com 2010-05-21T17:27:51+00:00 3880411360a9f2a47629ef30e2878d89ebe0fc02 The new repl sesssion API will crash when adding a replication agreement. It should check to see if there is a repl session api before attempting to get the init function. Reviewed by: nhosoi Branch: HEAD Platforms tested: RHEL5 x86_64 
The new repl sesssion API will crash when adding a replication agreement.
It should check to see if there is a repl session api before attempting
to get the init function.
Reviewed by: nhosoi
Branch: HEAD
Platforms tested: RHEL5 x86_64
Correct function prototype for repl session hook 2010-05-19T22:54:05+00:00 Nathan Kinder nkinder@redhat.com 2010-05-19T22:54:05+00:00 ecb1e8a90a6b4ca0cd268b9fc43a9b7e59d646e7 The previous patch had a mangled function name in the function prototype. This corrects the name. 
The previous patch had a mangled function name in
the function prototype.  This corrects the name.
Add replication session hooks 2010-05-19T22:42:57+00:00 Nathan Kinder nkinder@redhat.com 2010-05-18T21:49:26+00:00 7c2e049c16a741c1a109ac3a4246d29f2d42c7cb This adds the ability to write a plug-in to register callbacks for controlling when replication is allowed to occur. For details, please see the design document at: http://directory.fedoraproject.org/wiki/Replication_Session_Hooks 
This adds the ability to write a plug-in to register callbacks for
controlling when replication is allowed to occur.  For details,
please see the design document at:

  http://directory.fedoraproject.org/wiki/Replication_Session_Hooks
Update to New DN Format 2010-04-26T18:03:52+00:00 Noriko Hosoi nhosoi@redhat.com 2010-04-26T18:03:52+00:00 78c50664d6421cc5d0836bb03820680dc2cb7acf Fix Description: . adding slapi_dn_normalize_ext and its siblings to normalize/validate invalid DNs; deprecating slapi_dn_normalize and its siblings. (dn.c) . replacing slapi_dn_normalize with new corresponding functions. . normalizing hardcoded DNs (e.g., removing spaces around ',') . setting correct DN syntax to nsslapd-suffix, nsslapd-ldapiautodnsuffix, costemplatedn, nsslapd-changelogsuffix, nsBaseDN, nsBindDN . if nsslapd-dn-validate-strict is enabled, incoming DN is examined and rejected if it is invalid. Once approved, the DN is normalized. . fixing compiler warnings and typos. See also: http://directory.fedoraproject.org/wiki/Upgrade_to_New_DN_Format Related bugs: Bug 199923 - subtree search fails to find items under a db containing special characters Bug 567968 - subtree/user level password policy created using 389-ds-console doesn't work. Bug 570107 - The import of LDIFs with base-64 encoded DNs fails, modrdn with non-ASCII new rdn incorrect Bug 570962 - ns-inactivate.pl does not work Bug 572785 - DN syntax: old style of DN <type>="<DN>",<the_rest> is not correctly normalized Bug 573060 - DN normalizer: ESC HEX HEX is not normalized Bug 574167 - An escaped space at the end of the RDN value is not handled correctly 
Fix Description:
. adding slapi_dn_normalize_ext and its siblings to normalize/validate
  invalid DNs; deprecating slapi_dn_normalize and its siblings. (dn.c)
. replacing slapi_dn_normalize with new corresponding functions.
. normalizing hardcoded DNs (e.g., removing spaces around ',')
. setting correct DN syntax to nsslapd-suffix, nsslapd-ldapiautodnsuffix,
  costemplatedn, nsslapd-changelogsuffix, nsBaseDN, nsBindDN
. if nsslapd-dn-validate-strict is enabled, incoming DN is examined and
  rejected if it is invalid.  Once approved, the DN is normalized.
. fixing compiler warnings and typos.

See also:
http://directory.fedoraproject.org/wiki/Upgrade_to_New_DN_Format

Related bugs:
Bug 199923 - subtree search fails to find items under a db containing special
             characters
Bug 567968 - subtree/user level password policy created using 389-ds-console
             doesn't work.
Bug 570107 - The import of LDIFs with base-64 encoded DNs fails, modrdn with
             non-ASCII new rdn incorrect
Bug 570962 - ns-inactivate.pl does not work
Bug 572785 - DN syntax: old style of DN <type>="<DN>",<the_rest> is not
             correctly normalized
Bug 573060 - DN normalizer: ESC HEX HEX is not normalized
Bug 574167 - An escaped space at the end of the RDN value is not handled
             correctly
Bug 561575 - setup-ds-admin fails to supply nsds5ReplicaName when configuring via ConfigFile 2010-04-05T14:08:35+00:00 Rich Megginson rmeggins@redhat.com 2010-04-02T23:38:57+00:00 4b520bfed95c10ecf9239f7a42f3fb38b673d203 https://bugzilla.redhat.com/show_bug.cgi?id=561575 Resolves: bug 561575 Bug Description: setup-ds-admin fails to supply nsds5ReplicaName when configuring via ConfigFile Reviewed by: nhosoi (Thanks!) Branch: HEAD Fix Description: The main problem was that the mod val was a berval, so we needed |LDAP_MOD_BVALUES for the mod_op. The other problem is that the mod and values were being used out of scope. While this seems to work, it's better to make sure all of the values are in scope. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no 
https://bugzilla.redhat.com/show_bug.cgi?id=561575
Resolves: bug 561575
Bug Description: setup-ds-admin fails to supply nsds5ReplicaName when configuring via ConfigFile
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: The main problem was that the mod val was a berval, so we
needed |LDAP_MOD_BVALUES for the mod_op.  The other problem is that the
mod and values were being used out of scope.  While this seems to work, it's
better to make sure all of the values are in scope.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
Bug 455489 - Address compiler warnings about strict-aliasing rules 2010-03-25T22:58:24+00:00 Endi S. Dewata edewata@redhat.com 2010-03-22T04:15:56+00:00 65e04b8d72fa0ebe8a4c8475c6bc26ac831f984f https://bugzilla.redhat.com/show_bug.cgi?id=455489 Resolves: bug 455489 Bug description: Address compiler warnings about strict-aliasing rules Fix description: The codes that generate strict-aliasing warnings have been changed. Reviewed by: rmeggins (and pushed by) 
https://bugzilla.redhat.com/show_bug.cgi?id=455489
Resolves: bug 455489
Bug description: Address compiler warnings about strict-aliasing rules
Fix description: The codes that generate strict-aliasing warnings have
been changed.
Reviewed by: rmeggins (and pushed by)
548533 - memory leak in Repl_5_Inc_Protocol_new 2010-03-22T00:13:18+00:00 Noriko Hosoi nhosoi@jiji.sjc.redhat.com 2010-03-22T00:13:18+00:00 04a0bd9ada0b3dd8efae67b63421dfa31e15b051 https://bugzilla.redhat.com/show_bug.cgi?id=548533 Description: repl5_inc_delete and repl5_tot_delete to release the incremental and total update protocol were not implemented. This fix implemented them. Also, it fixed a leak of connection in private_protocol_factory. 
https://bugzilla.redhat.com/show_bug.cgi?id=548533

Description: repl5_inc_delete and repl5_tot_delete to release the
incremental and total update protocol were not implemented.  This
fix implemented them.  Also, it fixed a leak of connection in
private_protocol_factory.
cleanup build warnings 2010-03-08T19:37:11+00:00 Rich Megginson rmeggins@redhat.com 2010-03-05T22:55:53+00:00 7c3866de8c4983bf31ec9b8afca4f6c36f7053c8 This patch cleans up various build warnings found by compiling the code with -Wall on RHEL5. Reviewed by: nhosoi (Thanks!) 
This patch cleans up various build warnings found by compiling the code
with -Wall on RHEL5.
Reviewed by: nhosoi (Thanks!)
570667 - MMR: simultaneous total updates on the masters cause 2010-03-05T18:07:38+00:00 Noriko Hosoi nhosoi@redhat.com 2010-03-05T18:07:38+00:00 0b95451c7e50cb6b2d0cb310dddca18336e1b2ac deadlock and data loss https://bugzilla.redhat.com/show_bug.cgi?id=570667 Description: In the MMR topology, if a master receives a total update request to initialize the other master and being initialized by the other master at the same time, the 2 replication threads hang and the replicated backend instance could be wiped out. To prevent the server running the total update supplier and the consumer at the same time, REPLICA_TOTAL_EXCL_SEND and _RECV bits have been introduced. If the server is sending the total update to other replicas, the server rejects the total update request on the backend. But the server can send multiple total updates to other replicas at the same time. If the total update from other master is in progress on the server, the server rejects another total update from yet another master as well as a request to initialize other replicas. 
         deadlock and data loss

https://bugzilla.redhat.com/show_bug.cgi?id=570667

Description: In the MMR topology, if a master receives a total
update request to initialize the other master and being initialized
by the other master at the same time, the 2 replication threads hang
and the replicated backend instance could be wiped out.

To prevent the server running the total update supplier and the
consumer at the same time, REPLICA_TOTAL_EXCL_SEND and _RECV bits
have been introduced.  If the server is sending the total update
to other replicas, the server rejects the total update request
on the backend.  But the server can send multiple total updates
to other replicas at the same time.  If the total update from
other master is in progress on the server, the server rejects
another total update from yet another master as well as a request
to initialize other replicas.
fix various memory leaks 2010-03-04T21:16:35+00:00 Rich Megginson rmeggins@redhat.com 2010-03-04T21:02:29+00:00 64db7873c668ec17fc92aedc37cbd9f476ded605 Reviewed by: nhosoi (Thanks!) var/tmp/run_gssapi.vg.25032:Memory leak: 99 bytes duplicates: 5 > malloc() at vg_replace_malloc.c:207 > strdup() at /lib/libc-2.10.2.so > slapi_ch_strdup() at ch_malloc.c:277 > ids_sasl_check_bind() at saslbind.c:924 > do_bind() at bind.c:382 > connection_threadmain() at connection.c:554 > --unknown-- at /lib/libnspr4.so > start_thread() at /lib/libpthread-2.10.2.so > clone() at /lib/libc-2.10.2.so The problem is that ids_sasl_check_bind can reset SLAPI_BIND_TARGET to a malloc'd value. The do_bind() code should check for this condition and free it. var/tmp/entryusn.vg.5997:Memory leak: 8 bytes duplicates: 8 > calloc() at vg_replace_malloc.c:397 > slapi_ch_calloc() at ch_malloc.c:243 > slapi_counter_new() at slapi_counter.c:95 > ldbm_usn_init() at ldbm_usn.c:86 > ldbm_back_start() at start.c:223 > plugin_call_func() at plugin.c:1417 > plugin_dependency_startall.clone.0() at plugin.c:1385 > main() at main.c:1138 The backend cleanup code should free be_usn_counter. var/tmp/ipv6.vg.15561:Memory leak: 13 bytes duplicates: 3 > malloc() at vg_replace_malloc.c:207 > strdup() at /lib/libc-2.10.2.so > slapi_ch_strdup() at ch_malloc.c:277 > config_get_listenhost() at libglobs.c:3674 > main() at main.c:874 var/tmp/ipv6.vg.15561:Memory leak: 13 bytes duplicates: 3 > malloc() at vg_replace_malloc.c:207 > strdup() at /lib/libc-2.10.2.so > slapi_ch_strdup() at ch_malloc.c:277 > config_get_securelistenhost() at libglobs.c:3686 > main() at main.c:881 config_get_listenhost() and config_get_securelistenhost() return malloc'd memory which must be freed. var/tmp/dna_scen1.vg.4901:Memory leak: 248 bytes duplicates: 1 > malloc() at vg_replace_malloc.c:207 > nslberi_malloc() at io.c:1677 > ber_flatten() at io.c:1604 > create_NSDS50ReplicationExtopPayload() at repl_extop.c:218 > NSDS50EndReplicationRequest_new() at repl_extop.c:265 > release_replica() at repl5_protocol_util.c:469 > repl5_inc_run() at repl5_inc_protocol.c:1187 > prot_thread_main() at repl5_protocol.c:341 > --unknown-- at /lib/libnspr4.so > start_thread() at /lib/libpthread-2.10.2.so > clone() at /lib/libc-2.10.2.so The payload was not being freed under all function exit conditions. So, just free it immediately after use. var/tmp/dnarun.vg.2491:Memory leak: 27 bytes duplicates: 0 > malloc() at vg_replace_malloc.c:207 > slapi_ch_malloc() at ch_malloc.c:155 > slapi_entry_attr_get_charptr() at entry.c:2432 > dna_parse_config_entry() at dna.c:816 > dna_pre_op() at dna.c:2587 > plugin_call_func() at plugin.c:1417 > plugin_call_plugins() at plugin.c:1379 > op_shared_add() at add.c:606 > do_add() at add.c:232 > connection_threadmain() at connection.c:564 > --unknown-- at /lib/libnspr4.so > start_thread() at /lib/libpthread-2.10.2.so > clone() at /lib/libc-2.10.2.so The value was not being freed under all conditions. ==9877== 1,890 (252 direct, 1,638 indirect) bytes in 3 blocks are definitely lost in loss record 1,628 of 1,725 ==9877== at 0x47E0E5C: calloc (vg_replace_malloc.c:397) ==9877== by 0x4819D89: slapi_ch_calloc (ch_malloc.c:243) ==9877== by 0x48284A6: slapi_entry_alloc (entry.c:1686) ==9877== by 0x4829BA5: str2entry_dupcheck (entry.c:631) ==9877== by 0x482BB5D: slapi_str2entry_ext (entry.c:1194) ==9877== by 0xB2A8E9D: import_producer (import-threads.c:541) ==9877== by 0x72E1990: (within /lib/libnspr4.so) ==9877== by 0x731E8F4: start_thread (in /lib/libpthread-2.10.2.so) ==9877== by 0x75B2FCD: clone (in /lib/libc-2.10.2.so) Make sure the entry or backentry are freed. 
Reviewed by: nhosoi (Thanks!)
var/tmp/run_gssapi.vg.25032:Memory leak: 99 bytes duplicates:  5
  > malloc() at vg_replace_malloc.c:207
  > strdup() at /lib/libc-2.10.2.so
  > slapi_ch_strdup() at ch_malloc.c:277
  > ids_sasl_check_bind() at saslbind.c:924
  > do_bind() at bind.c:382
  > connection_threadmain() at connection.c:554
  > --unknown-- at /lib/libnspr4.so
  > start_thread() at /lib/libpthread-2.10.2.so
  > clone() at /lib/libc-2.10.2.so
The problem is that ids_sasl_check_bind can reset SLAPI_BIND_TARGET to
a malloc'd value.  The do_bind() code should check for this condition
and free it.

var/tmp/entryusn.vg.5997:Memory leak: 8 bytes duplicates:  8
  > calloc() at vg_replace_malloc.c:397
  > slapi_ch_calloc() at ch_malloc.c:243
  > slapi_counter_new() at slapi_counter.c:95
  > ldbm_usn_init() at ldbm_usn.c:86
  > ldbm_back_start() at start.c:223
  > plugin_call_func() at plugin.c:1417
  > plugin_dependency_startall.clone.0() at plugin.c:1385
  > main() at main.c:1138
The backend cleanup code should free be_usn_counter.

var/tmp/ipv6.vg.15561:Memory leak: 13 bytes duplicates:  3
  > malloc() at vg_replace_malloc.c:207
  > strdup() at /lib/libc-2.10.2.so
  > slapi_ch_strdup() at ch_malloc.c:277
  > config_get_listenhost() at libglobs.c:3674
  > main() at main.c:874
var/tmp/ipv6.vg.15561:Memory leak: 13 bytes duplicates:  3
  > malloc() at vg_replace_malloc.c:207
  > strdup() at /lib/libc-2.10.2.so
  > slapi_ch_strdup() at ch_malloc.c:277
  > config_get_securelistenhost() at libglobs.c:3686
  > main() at main.c:881

config_get_listenhost() and config_get_securelistenhost() return malloc'd
memory which must be freed.

var/tmp/dna_scen1.vg.4901:Memory leak: 248 bytes duplicates:  1
  > malloc() at vg_replace_malloc.c:207
  > nslberi_malloc() at io.c:1677
  > ber_flatten() at io.c:1604
  > create_NSDS50ReplicationExtopPayload() at repl_extop.c:218
  > NSDS50EndReplicationRequest_new() at repl_extop.c:265
  > release_replica() at repl5_protocol_util.c:469
  > repl5_inc_run() at repl5_inc_protocol.c:1187
  > prot_thread_main() at repl5_protocol.c:341
  > --unknown-- at /lib/libnspr4.so
  > start_thread() at /lib/libpthread-2.10.2.so
  > clone() at /lib/libc-2.10.2.so
The payload was not being freed under all function exit conditions.  So, just free it immediately after use.

var/tmp/dnarun.vg.2491:Memory leak: 27 bytes duplicates:  0
  > malloc() at vg_replace_malloc.c:207
  > slapi_ch_malloc() at ch_malloc.c:155
  > slapi_entry_attr_get_charptr() at entry.c:2432
  > dna_parse_config_entry() at dna.c:816
  > dna_pre_op() at dna.c:2587
  > plugin_call_func() at plugin.c:1417
  > plugin_call_plugins() at plugin.c:1379
  > op_shared_add() at add.c:606
  > do_add() at add.c:232
  > connection_threadmain() at connection.c:564
  > --unknown-- at /lib/libnspr4.so
  > start_thread() at /lib/libpthread-2.10.2.so
  > clone() at /lib/libc-2.10.2.so
The value was not being freed under all conditions.

==9877== 1,890 (252 direct, 1,638 indirect) bytes in 3 blocks are definitely lost in loss record 1,628 of 1,725
==9877==    at 0x47E0E5C: calloc (vg_replace_malloc.c:397)
==9877==    by 0x4819D89: slapi_ch_calloc (ch_malloc.c:243)
==9877==    by 0x48284A6: slapi_entry_alloc (entry.c:1686)
==9877==    by 0x4829BA5: str2entry_dupcheck (entry.c:631)
==9877==    by 0x482BB5D: slapi_str2entry_ext (entry.c:1194)
==9877==    by 0xB2A8E9D: import_producer (import-threads.c:541)
==9877==    by 0x72E1990: (within /lib/libnspr4.so)
==9877==    by 0x731E8F4: start_thread (in /lib/libpthread-2.10.2.so)
==9877==    by 0x75B2FCD: clone (in /lib/libc-2.10.2.so)
Make sure the entry or backentry are freed.