diff options
| author | Rich Megginson <rmeggins@redhat.com> | 2005-03-28 23:30:46 +0000 |
|---|---|---|
| committer | Rich Megginson <rmeggins@redhat.com> | 2005-03-28 23:30:46 +0000 |
| commit | 54fdf73874abce4f4f5adaaa4d7782113cfd2264 (patch) | |
| tree | 0160d0c845d9063550c308120433bd3505ca2592 /ldap/servers | |
| parent | 5f1bf72ea46556894d5956ea13f099b7de6dfdf3 (diff) | |
| download | ds-54fdf73874abce4f4f5adaaa4d7782113cfd2264.tar.gz ds-54fdf73874abce4f4f5adaaa4d7782113cfd2264.tar.xz ds-54fdf73874abce4f4f5adaaa4d7782113cfd2264.zip | |
Bug(s) fixed: 151567
Bug Description: Many operations use write_audit_log_entry to write to the audit log. These functions build a string buffer to write to the audit log. The only problem is, they never check to see if audit logging is enabled until after all of this work has been done. write_audit_log_entry should check right away to see if logging is enabled. Should save some time for write operations.
Reviewed by: Noriko (Thanks!)
Fix Description: The code in auditlog.c is called for every update operation, and in many cases a lot of work is done before it is even known if audit logging is enabled. Perhaps this was because there was no function that could be called outside of the logging code to see if audit logging is enabled. I added config_get_auditlog_logging_enabled() and used it in auditlog.c to skip the code altogether if audit logging is disabled (the default).
Platforms tested: RHEL3
Flag Day: no
Doc impact: no, the functions are in the private API
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Diffstat (limited to 'ldap/servers')
| -rw-r--r-- | ldap/servers/slapd/auditlog.c | 8 | ||||
| -rw-r--r-- | ldap/servers/slapd/libglobs.c | 12 | ||||
| -rw-r--r-- | ldap/servers/slapd/libslapd.def | 2 | ||||
| -rw-r--r-- | ldap/servers/slapd/proto-slap.h | 1 |
4 files changed, 21 insertions, 2 deletions
diff --git a/ldap/servers/slapd/auditlog.c b/ldap/servers/slapd/auditlog.c index 0f647db2..e4c3c1c3 100644 --- a/ldap/servers/slapd/auditlog.c +++ b/ldap/servers/slapd/auditlog.c @@ -31,7 +31,13 @@ write_audit_log_entry( Slapi_PBlock *pb ) int flag = 0; int internal_op = 0; Operation *op; - + + /* if the audit log is not enabled, just skip all of + this stuff */ + if (!config_get_auditlog_logging_enabled()) { + return; + } + slapi_pblock_get( pb, SLAPI_OPERATION, &op ); internal_op = operation_is_flag_set(op, OP_FLAG_INTERNAL); slapi_pblock_get( pb, SLAPI_TARGET_DN, &dn ); diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c index f5816dcd..a96ec518 100644 --- a/ldap/servers/slapd/libglobs.c +++ b/ldap/servers/slapd/libglobs.c @@ -3356,6 +3356,18 @@ config_get_accesslog_level(){ return retVal; } +/* return integer -- don't worry about locking similar to config_check_referral_mode + below */ + +int +config_get_auditlog_logging_enabled(){ + slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); + int retVal; + + retVal = slapdFrontendConfig->auditlog_logging_enabled; + + return retVal; +} char *config_get_referral_mode(void) { diff --git a/ldap/servers/slapd/libslapd.def b/ldap/servers/slapd/libslapd.def index 9d17e90a..38e15d9d 100644 --- a/ldap/servers/slapd/libslapd.def +++ b/ldap/servers/slapd/libslapd.def @@ -429,7 +429,7 @@ EXPORTS config_set_accesscontrol @426 config_set_result_tweak @427 config_set_pw_gracelimit @428 -; Available for reuse @429 + config_get_auditlog_logging_enabled @429 config_set_security @430 config_set_pwpolicy_local @431 config_set_readonly @432 diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h index 687aa727..455737ec 100644 --- a/ldap/servers/slapd/proto-slap.h +++ b/ldap/servers/slapd/proto-slap.h @@ -338,6 +338,7 @@ long config_get_pw_minage(); long config_get_pw_warning(); int config_get_errorlog_level(); int config_get_accesslog_level(); +int config_get_auditlog_logging_enabled(); char *config_get_referral_mode(void); int config_get_conntablesize(void); int config_check_referral_mode(void); |