| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=644608
Description:
Previous cherry-pick commit 5cd9fc9826fd88b8672129e41523065c0b692c3b
failed the merge for setting a special dup compare callback
ai_dup_cmp_fn when it is set.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=644608
Description: Upgrade script ##upgradednformat.pl generates an
ancestorid index file in which the entry IDs are not sorted
in the index values.
This was caused because
1. upgradednformat.pl copies db files to a work dir
/path/to/db/<inst>/dnupgrade/<inst>
and run upgradednformat against the work dir.
2. Since ancestorid index needs to be created from the scratch,
import/upgradednformat code deletes the index and recreates
it.
3. When creating the index file, dblayer_open_file checks if
the to-be-opened index file is (in the standard location AND
the file exists) or not. In this case, the condition is
satisfied. Thus, the db is created using an absolute path
and closed once. Then, it is reopened using a relative path.
4. Before opening an index file, callback functions for libdb
are set. idl_new_compare_dups is one of them which is used
to sort entry IDs in the secondary index attribute values.
The setting is discarded by the close described in 3.
This patch resets the db callbacks and flags after the close.
Note: cherry-picked 058299aeaf48e34f4359f00cc05eb7186a80fc48
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the entrydn in id2entry
https://bugzilla.redhat.com/show_bug.cgi?id=592397
Description: If entries created by the 389 v1.2.5 or older,
the primary db (id2entry.db4) contains "entrydn: <normalized dn>".
Upgrading from the old version to v1.2.6 keeps the entrydn
attribute type and its value even though v1.2.6 is not supposed
to store the entrydn in the database.
1) This patch drops the entrydn attribute and value in upgrading
the db.
2) If an ldif file contains entrydn attribute type and value,
import (ldif2db[.pl]) ignores it.
3) A leak was found in the export (db2ldif[.pl]) which is fixed.
4) When nsslapd-subtree-rename-switch configuration attribute has
the value "on", entrydn is not used nor created. But the
server accepted reindexing entrydn request and generated an
entrydn index file. This patch rejects it.
5) Entry and dn cache clear calls (cache_clear) are added to
dblayer_instance_close in "#if defined(_USE_VALGRIND)", which
is not defined. To enable the code, the server needs to be
rebuilt with defining the macro. This is purely for debugging.
|
| |
|
|
|
|
|
| |
This patch allows an empty modify operation. We currently reject
an empty modify operation, but this patch makes the empty operation
update the modifyTimestamp and modifiersName attributes similar to
a touch-type operation.
|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=643532
Description: Some of the functions in ldbm_entryrdn.c uses
static memory for reading data from the entryrdn index, where
the static initializer should not have been used since the
memory cannot be shared among threads. This patch fixes it.
|
| |
|
|
|
|
| |
Removed the extra proxydn format argument that was not being used
Use %lu for size_t format arguments
Reviewed by: nkinder (Thanks!)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
write entry; db error - 22 Invalid argument
https://bugzilla.redhat.com/show_bug.cgi?id=640854
Description: DBENV open flags is used to determine the DB_OPEN mode
whether to set DB_AUTO_COMMIT or not. The info was eliminated in
the change made for "Bug 633168 - Share backend dbEnv with the
replication changelog".
This patch picks up the backend dbenv openflags and uses it for
the changelog DB_OPEN.
|
| |
|
|
|
|
|
|
|
|
| |
Have to ensure that all usage of ber_init in the server checks to see if
the bv->bv_val is non-NULL before using ber_init, and return the appropriate
error if it is NULL
Also fixed a problem in dna_extend_exop - would not send the ldap result to
the client in certain error conditions
Reviewed by: nhosoi (Thanks!)
Tested on: RHEL5 x86_64
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=635987
Description:
This commit made for the bug 635987 introduced a bug to replication.
commit 8ac525e5ac997378f4f2a386e9b96568c8d66db5
Author: Noriko Hosoi <nhosoi@redhat.com>
Date: Tue Sep 21 15:12:07 2010 -0700
subtree_candidates (ldbm_search.c)
If you do have a tombstone filter, descendants will be NULL,
and idl_intersection of candidates and descendents will wipe
out all of the candidates, leaving just the one entry, e->ep_id.
Changed to call idl_intersection only when the filter is not
for tombstone or entryrdn_get_noancestorid (false, by default).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ACL containing ldap:///self
https://bugzilla.redhat.com/show_bug.cgi?id=635987
Description: When a basedn has no descendants, the code to take an
intersection of idl (which was returned from the filter search --
filter_candidates) and the basedn was skipped in subtree_candidates
(ldbm_search.c). Regardless of descendants, the intersection should
be taken for the idl and a tree starting with the basedn.
Note: This bug was introduced with entryrdn.
|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=630092
Description:
The moddn_rename_children() has been modified to release
child_entry_copies before it returns.
|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=630092
Description:
The import_producer() has been modified to release ep when an error
occured.
|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=630092
Description:
The index_set_entry_to_fifo() has been modified to release ep when
the job is aborted.
|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=630092
Description:
The _entryrdn_delete_key() has been modified to release tmpsrdn
when an error occurs.
|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=630092
Description:
The bulk_import_queue() has been modified to release ep when an
error occurs.
|
| |
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=630092
Description:
The _entryrdn_index_read() has been modified to release tmpsrdn
when an error occurs.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
result being a paged one
https://bugzilla.redhat.com/show_bug.cgi?id=558099
Description: searched entry count is logged in the access log as
(nentries=<num>). When RFC 2696 page results control is passed,
the nentries logs the page size instead of the total searched
count. andrey.ivanov@polytechnique.fr proposed to log the control
info as follows:
[..] conn=# op=#RESULT err=0 tag=101 nentries=# etime=0 notes=P
This patch implemented the spec.
Also, there was a bug regarding unindexed note "notes=U" when
the paged results control is received. Only the first page logs
it, but not the rest. The bug was fixed.
|
| |
|
|
|
|
|
|
| |
In entryrdn_compare_dups(), we dereference the a and b parameters
when initializing the elem_a and elem_b variables. We later
perform NULL checks on both a and b, but a NULL would have
triggered a crash. We should not dereference a or b until after
the NULL checks are performed.
|
| |
|
|
|
|
|
|
| |
The first parameter of dblayer_set_env_debugging() is dereferenced
inside of that function without NULL checking. We pass the env
variable to this function without first checking if it is NULL.
We should move the existing NULL check of env up to the top of the
dblayer_copy_file_keybybey() function.
|
| |
|
|
|
|
| |
The entry pointer that is passed to slapi_entry_attr_find() is
dereferenced by that function without a check for NULL. We should
check if ep->ep_entry is NULL before calling slapi_entry_attr_find().
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=631862
Resolves: bug 631862
Bug Description: crash - delete entries not in cache + referint
Reviewed by: rmeggins and nhosoi
Branch: master
Fix Description: When deleting an entry, the referential integrity (referint)
plugin does an internal search to find references to this entry (e.g. in
group entries) and removes them. The search code wants to ensure that the
entrydn attribute is present in the entry when using entryrdn (subtree
rename). The search code sets a flag to tell the id2entry code to add the
entrydn attribute if it is not present. However, it was doing this to an
entry in the cache, which may be in use by another thread. The solution is
to add the entrydn attribute before adding the entry to the cache. In the
id2entry code, this is after the entry has been read from the id2entry db
successfully, but before the entry is added to the cache. In the LDAP ADD
code, this is done when the other computed operational attributes are added
to the new entry.
In addition to the above fix by rmeggins@redhat.com, following changes are
made:
1) entrydn attribute is always added to the entry in memory before putting
it in the entry cache, and the attribute is removed before writing the
entry to the database.
2) eliminating id2entry_ext, which was introduced to pass flags, but it is
no longer needed since only a flag ID2ENTRY_ADD_ENTRYDN was removed.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=633168
Description:
* cl5_api.c, cl5_api.h
- fetches dbEnv from backend using slapi_back_get_info.
- unused macros and DB helper functions and APIs are removed.
* cl5_config.c
- local changelog DB related config parameters are removed.
* Added SLAPI_PLUGIN_BE_PRE_CLOSE_FN and SLAPI_PLUGIN_BE_POST_OPEN_FN to
close changelog DB before dbEnv is closed and to open changelog DB after
dbEnv is opened, respectively.
* Added slapi APIs slapi_back_get_info and slapi_back_set_info to get/set
the backend info.
* back-ldbm
- db2bak[.pl] and bak2db[.pl] backs up and restores the database files
including changelog db.
- changelog dir is backed up in <backupdir>/.repl_changelog_backup.
- underlying implementation ldbm_back_get_info for slapi_back_get_info
is added.
* Added an upgrade script 81changelog.pl
See also:
http://directory.fedoraproject.org/wiki/Move_changelog
|
| |
|
|
|
|
| |
In attr_index_config(), if argc or argv are NULL, we jump to the
done label. We then try to free attrs, but it was never initialized.
We need to initialize attrs to NULL.
|
| |
|
|
|
|
|
|
| |
If we encounter an error early in
ldbm_instance_index_config_modify_callback(), we jump to the out
label where we try to free origMatchingRules, but it may not be
initialized. The same is true for origIndexTypes. We need to
initialize these pointers to NULL.
|
| |
|
|
|
|
|
|
| |
If we encounter an error early in
ldbm_instance_index_config_modify_callback(), we jump to the out
label where we free each element of the arglist array. This can
happen without initializing the array. We need to initialize arglist
before there is any chance to jump to the out label.
|
| |
|
|
|
|
|
|
| |
In entryrdn_get_parent(), there is a DBT structure that we can use
without initializing. If we goto the bail label, we try to free
data.data, but data was never initialized. We should clear the
memory used by data in the beginning of the function before we have
an opportunity to goto bail.
|
| |
|
|
|
|
| |
We use some uninitialized bervals when the backend code calls
slapi_ldif_parse_line(). We should be initializing the bervals to
be empty.
|
| |
|
|
|
|
| |
When the server is built against MozLDAP, we use some uninitialized
bervals when the backend code calls slapi_ldif_parse_line(). We
should be initializing the bervals to be empty.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The final frees of priv->memory and priv will never be reached since
the function returns prior to these calls. It looks as if an
"error:" label was removed at some point, as the WIN32 code in this
function has goto statements using that label, but the label is not
defined.
The fix is to add the "error:" label in ifdef blocks for WIN32 that
calls the free of priv. The free of priv->memory is not necessary
since WIN32 doesn't use it and non-WIN32 builds don't use the error
label at all.
|
| |
|
|
|
|
|
|
|
|
|
| |
In the call to slapi_log_error(), we are guaranteed that srdn is
NULL if we are checking it for NULL due to the way the conditions
are nested. The only time we check if srdn is NULL is if be is
non-NULL, and the if condition guarantees that either be or srdn
are NULL.
We can just use the string "srdn" in our log message if be is
non-NULL.
|
| |
|
|
|
|
|
|
|
|
|
| |
In the moddn code that renames child entries, the for loop used to
rename the children can never be executed. Part of the condition
is that retval is 0, but retval will always be -1 the first time we
hit this loop. This only happens with subtree rename off, but it
should still be fixed.
The fix is to set retval to 0 at the prior to checking the condition
the first time.
|
| |
|
|
|
|
|
|
| |
The skipit variable is set to zero shortly before we check if it
is 0 in an if condition. This if block can be removed since it
will never be hit. The entry that was being freed in the if block
is already removed earlier in the function if skipit was non-0
prior to resetting skipit to 0.
|
| |
|
|
|
|
|
|
|
|
|
| |
In the call to slapi_log_error(), we are guaranteed that srdn is
NULL if we are checking it for NULL due to the way the conditions
are nested. The only time we check if srdn is NULL is if inst is
non-NULL, and the if condition guarantees that either inst or
srdn are NULL.
We can just use the string "srdn" in our log message if inst is
non-NULL.
|
| |
|
|
|
|
|
|
|
| |
If the index types (argv[1]) are not specified, attr_index_config()
bails. We can remove some dead code where we check if "argc == 1"
later in the function since that case can never happen.
Additionally, we need to check if argc is 0, or if argv is NULL
before attempting to parse the list of attributes to be indexed.
|
| |
|
|
|
|
|
|
|
|
|
| |
The directory variable points to a dynamically allocated string
returned by rel2abspath(). We are changing directory to point to
a string constant if we are unable to parse the directory. This
not only leaks memory, but it can cause us to attempt to free the
string constant.
We should free the string before we overwrite it, and we should
dynamically allocate a new string instead of using a string constant.
|
| |
|
|
|
|
|
|
|
|
|
| |
We should check the return type of idl_append_extend(), though it does
not seem possible that the return type will be anything other than 0.
The only time idl_append_extend() returns anything other than 0 is
when it is unable to allocate memory. Since the underlying allocation
function is slapi_ch_calloc(), the server will just exit if it runs
out of memory, which means we will never return up through
idl_append_extend(). The right thing to do from a code standpoint is
to still check for the return value though.
|
| |
|
|
|
|
|
|
|
|
|
| |
We need to check the return value of cache_replace() in
id2entry_add_ext(). The only possible error that can be returned
is when the entry we are trying to replace is not found in the
cache. This should not occur since we are told that the entry
already exists by CACHE_ADD() just prior to this call. If we run
into this situation, we will just log an error without adding the
entry to the cache. This shouldn't be a big deal since the entry
will get added to the cache next time it is accessed.
|
| |
|
|
|
|
|
|
|
|
|
| |
Currently, the ldbm_back_ldbm2ldif() function could bail due to an
error before fd is set. We then attempt to close the file that fd
refers to. We should initialize fd to STDOUT_FILENUM, as we skip
calling close() if fd is set to STDOUT_FILENUM.
Additionally, I noticed that we could call close() when fd is
negative or if it is STDERR or STDIN. I fixed this so close() is
not called in those cases.
|
| |
|
|
|
| |
(cov#15521) The oldndn variable was unused in the dncache_replace() function.
This patch removes the unused variable.
|
| |
|
|
|
| |
(cov#15521) The newndn variable was unused in the dncache_replace() function.
This patch removes the unused variable.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
do not change or change very rarely
https://bugzilla.redhat.com/show_bug.cgi?id=627738
Description:
Change made in this commit: cc36301a7cae6737d9f8a0e53bed653a52130a1d
for the following bug introduced a missing-cache-return bug:
id2entry_add_ext replaces an dn instance in the dn cache even if
the DN value is identical. Replace it only when they don't match.
Thanks to andrey.ivanov@polytechnique.fr for finding it out:
https://bugzilla.redhat.com/show_bug.cgi?id=627738#c5
|
| |
|
|
|
|
|
|
|
| |
This commit fixes many compiler warnings, mostly for things like unused
variables, functions, goto labels.
One place was using csngen_free instead of csn_free. A couple of places
were using casts incorrectly, and several places needed some casts added.
Tested on: RHEL5 x86_64, Fedora 14 x86_64
Reviewed by: nkinder (Thanks!)
|
| |
|
|
|
| |
use slapi_pblock_set to set the ldap result code for the be postop plugins
instead of slapi_pblock_get
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The DS has some problems with the openldap versions of these functions:
1) They are deprecated - should use the str2[r]dn and [r]dn2str and the
bv versions of those functions instead
2) They escape utf-8 and other values in the strings - the mozldap functions
do not do this
3) They handle double quoted strings, but they remove the quotes - our
code expects the quotes to be left in place
Until we fix our DN handling, and get rid of the double quoted DNs, we just
use the mozldap versions of these functions.
|
| |
|
|
|
|
|
| |
There are slapi wrappers that hide differences between the openldap and
mozldap ldap and ldif API code. These are now doxygen documented.
Reviewed by: nkinder (Thanks!)
Platforms tested: Fedora 14 (rawhide)
|
| |
|
|
|
|
|
|
|
|
|
| |
Added proxy auth control creation - mozldap has a function to do that but
not openldap
Do not use mozldap filter create function - just create one using
slapi_smprintf
Fix usage of TLS/SSL with new NSS functionality
Created ldif parse wrapper - changed code to use it
Reviewed by: nkinder (Thanks!)
Platforms tested: Fedora 14 (rawhide)
|
| |
|
|
|
|
| |
need to free basedn after use by the internal search
Reviewed by: nkinder (Thanks!)
Platforms tested: Fedora 14 (rawhide)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
change or change very rarely
https://bugzilla.redhat.com/show_bug.cgi?id=627738
Description:
1) id2entry_add_ext replaces an dn instance in the dn cache even if
the DN value is identical. Replace it only when they don't match.
2) Modifying the dn cache related labels:
dnEntrycachehits
dnEntrycachetries
dnEntrycachehitratio
dnCurrententrycachesize
dnMaxentrycachesize
dnCurrententrycachecount
dnMaxentrycachecount
===>
dncachehits
dncachetries
dncachehitratio
currentdncachesize
maxdncachesize
currentdncachecount
maxdncachecount
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=531642
Resolves: 531642
Fix description:
1. Introduced a config parameter nsslapd-entryusn-global: on|off to
enable | disable the global mode. By default, off.
In the global mode, search on root dse returns "lastusn: <num>"
without the backend subtype (e.g., "lastusn;userroot: <num>")
2. Added slapi_get_next_suffix_ext to mapping_tree.c, which visits
children as well as siblings in the mapping tree.
(Note: slapi_get_next_suffix does just siblings.)
3. import (ldif2db) adds "entryusn: 0" to every entry unless the
entry already contains the entryusn attribute.
4. ldbm_back_delete, ldbm_back_modify, ldbm_back_modrdn: set
ldap_result_code to pblock so that bepost plugin could see if
the operation was successful or not.
See also http://directory.fedoraproject.org/wiki/Entry_USN#Global_mode
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
entrydn is not present in search results
https://bugzilla.redhat.com/show_bug.cgi?id=628300
Resolves: 628300
Description: Code for supporting entrydn (added for Bug 578296)
contained a bug. If an entry was found in the entry cache,
id2entry_ext returned it without adding the entrydn attribute
value. This patch fixes the problem.
In addition, if the parent DN in the to-be-added entry is not
identical to the real parent DN (e.g., dc=eXAmple vs. dc=example),
replace the string with the real parent DN. This check & replace
is done only when the parent entry is in the entry cache not to
sacrifice the performance.
|
