| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
There is a chance that we can deference a NULL pointer in the
mmldif code. If "(numb > tot_b)" is true, it is not guaranteed
that "a" is non-NULL. We need to check if "a" is NULL before
dereferencing it in the "(cmp < 0)" case.
|
| |
|
|
|
|
|
|
|
| |
This commit fixes many compiler warnings, mostly for things like unused
variables, functions, goto labels.
One place was using csngen_free instead of csn_free. A couple of places
were using casts incorrectly, and several places needed some casts added.
Tested on: RHEL5 x86_64, Fedora 14 x86_64
Reviewed by: nkinder (Thanks!)
|
| |
|
|
|
|
|
|
|
| |
There are some differences between the mozldap and the openldap apis:
openldap has deprecated ldap_init in favor of ldap_initialize
openldap has deprecated the regular ldap op functions in favor of their
_ext alternatives
Reviewed by: nkinder (Thanks!)
Platforms tested: Fedora 14 (rawhide)
|
| |
|
|
|
|
|
|
|
|
|
| |
Added proxy auth control creation - mozldap has a function to do that but
not openldap
Do not use mozldap filter create function - just create one using
slapi_smprintf
Fix usage of TLS/SSL with new NSS functionality
Created ldif parse wrapper - changed code to use it
Reviewed by: nkinder (Thanks!)
Platforms tested: Fedora 14 (rawhide)
|
| |
|
|
|
|
|
|
|
| |
12167 - 12199
https://bugzilla.redhat.com/show_bug.cgi?id=610119
Resolves: bug 610119
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Fix description: Catch possible NULL pointer in readAttrValue().
|
| |
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=616500
Resolves: bug 616500
Bug description: fix coverify Defect Type: Resource leaks issues CID 12116
description: Fixed resource leaks in scalab01_addLogin().
|
| |
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=616500
Resolves: bug 616500
Bug description: fix coverify Defect Type: Resource leaks issues CID 12115
description: Fixed resource leaks in readObject().
|
| |
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=616500
Resolves: bug 616500
Bug description: fix coverify Defect Type: Resource leaks issues CID 12114
description: Fixed resource leaks in buildNewModAttribFile().
|
| |
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=616500
Resolves: bug 616500
Bug description: fix coverify Defect Type: Resource leaks issues CID 12112, 12113
description: Fixed resource leaks in loadImages() and loadDataListFile().
|
| |
|
|
|
|
|
|
|
| |
11892 - 11939
https://bugzilla.redhat.com/show_bug.cgi?id=613056
Resolves: bug 613056
Bug description: Fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
description: Catch possible NULL pointer in display_index_item().
|
| |
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=622903
Comment:
Pointer "slapdFrontendConfig" returned by "init_config" is never
used (line 244).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=622628
Comment:
This is a typo where a bitwise AND was used instead of a logical AND
on line 2185. The issue is not serious, as it only affect the "number
of operations" counter for ldclt. The second half of the condition
is not even needed in fact, since we are guaranteed that "(ret ==
LDAP_ALREADY_EXISTS)" is true at line 2185.
Fix Description:
Based upon the comment, removing the unnecessary second half of
the condition.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=616608
Fix description:
Use the marshall/unmarshall technique for the entryrdn index data.
Introduced sizeushort_internal_to_stored/sizeushort_stored_to_internal
for the size data to store in 2 bytes.
Entryrdn related functions in the dbscan utility are also modified
to support marshalled data.
Reviewed by ulf.weltman@hp.com and fixed bugs found by him.
|
| |
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=610281
11843 DEADCODE Triaged Unassigned Bug Minor Fix Required
mm_init() ds/ldap/servers/slapd/tools/mmldif.c
Comment:
A variable tailorfile is not used.
Remove it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=614242
Resolves: bug 614242
Bug Description: C99/ANSI C++ related compile errors on HP-UX
Reviewed by: rmeggins
Branch: HEAD
Fix Description: In lib/ldaputil/vtable.c, a global static struct is declared and initialized to
{}. I see gcc allows this, and aCC does also but only with -AA ("newly
supported ANSI C++ Standard features").
In ldap/servers/slapd/tools/ldclt/ldclt.c, an array size is set using a
variable, which I think is legal in C99. Since the size is not computed, and
this is the only place C99 is taken advantage of, this can be changed to a
then I would instead add the -AC99 compiler flag for HP-UX.
Platforms tested: HP-UX
Flag Day: no
Doc impact: no
Patch submitted by: Ulf Weltman <ulf.weltman@hp.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=610177
Resolves: bug 610177
Bug Description: fix coverity Defect Type: Uninitialized variables issues
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: Initialize variables to 0, NULL, or an appropriate error
code. Got rid of the unused lexer code.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=609590
Resolves: bug 609590
Bug Description: fix coverity Defect Type: Memory - corruptions issues
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: The code wants to allocate space for a struct berval, not
struct berval *.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=609590
Resolves: bug 609590
Bug Description: fix coverity Defect Type: Memory - corruptions issues
Reviewed by: nhosoi (Thanks!)
Branch: HEAD
Fix Description: Just error and return if nread is < 0.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix Description:
. adding slapi_dn_normalize_ext and its siblings to normalize/validate
invalid DNs; deprecating slapi_dn_normalize and its siblings. (dn.c)
. replacing slapi_dn_normalize with new corresponding functions.
. normalizing hardcoded DNs (e.g., removing spaces around ',')
. setting correct DN syntax to nsslapd-suffix, nsslapd-ldapiautodnsuffix,
costemplatedn, nsslapd-changelogsuffix, nsBaseDN, nsBindDN
. if nsslapd-dn-validate-strict is enabled, incoming DN is examined and
rejected if it is invalid. Once approved, the DN is normalized.
. fixing compiler warnings and typos.
See also:
http://directory.fedoraproject.org/wiki/Upgrade_to_New_DN_Format
Related bugs:
Bug 199923 - subtree search fails to find items under a db containing special
characters
Bug 567968 - subtree/user level password policy created using 389-ds-console
doesn't work.
Bug 570107 - The import of LDIFs with base-64 encoded DNs fails, modrdn with
non-ASCII new rdn incorrect
Bug 570962 - ns-inactivate.pl does not work
Bug 572785 - DN syntax: old style of DN <type>="<DN>",<the_rest> is not
correctly normalized
Bug 573060 - DN normalizer: ESC HEX HEX is not normalized
Bug 574167 - An escaped space at the end of the RDN value is not handled
correctly
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The rsearch utility has an option (-i) that allows one to have a
file containing names to be used as a variable in search filters.
The way this is designed is that you would specify a partial filter
(such as "uid=") as the filter option and a random name from the
name file will be appended to the filter for each search operation.
Unfortunately, this option was broken. The format was missing
where we were creating the filter string, which caused the filter
option to be used as specified without appending a name from the
name file.
|
| |
|
|
|
|
| |
This patch cleans up various build warnings found by compiling the code
with -Wall on RHEL5.
Reviewed by: nhosoi (Thanks!)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
st_size and nsldapi_build_control et al. in ldclt.c
https://bugzilla.redhat.com/show_bug.cgi?id=565987
Fix Description:
1. stat: sys/types.h and sys/stat.h need to be included.
2. nsldapi_build_control: duplicated nsldapi_build_control from
the mozldap c library.
3. added the sub value [=deref:attr] of deref to the usage.
4. allow -e deref without the sub value. It used to be allowed,
but it was forbidden by the previous change.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch includes
- replacing the entrydn index with the entryrdn index
- replacing a full DN in each entry in the DB with an RDN
- extending Slapi_Entry, entry2str, and str2entry to absorb the changes
made on the entry
- adding DN/RDN helper functions
- adding DN cache
- adding a utility and a migration script to convert the DN format database
to the RDN format
- extending a database dump utility dbscan to support the entryrdn
- slapi_dn_syntax_check by nkinder@redhat.com is added to check the dn before
modify operations
- big fix for 171338 - Enhancement: winsync modrdn not synced
In addition to the above, compile warnings and memory leaks found in testing
the new feature are fixed.
For more details, see the feature design document at:
http://directory.fedoraproject.org/wiki/Subtree_Rename
and bugzilla at:
https://bugzilla.redhat.com/show_bug.cgi?id=171338
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://bugzilla.redhat.com/show_bug.cgi?id=555189
Resolves: bug 555189
Bug Description:
ldclt code is not passing the password correctly to ldap_sasl_bind_s.
The server receives NULL credential. Due to the default configuration:
nsslapd-allow-unauthenticated-binds: off
the unauthenticated bind fails with LDAP_UNWILLING_TO_PERFORM.
Reviewed by: rmeggins@redhat.com
Files: see diff
Branch: HEAD
Fix Description:
When "-e randombinddnfromfile=file" is given, bind dn and password pair
is retrieved from the file and is supposed to pass to ldap_sasl_bind_s.
Although the password was read from the file, but it was not set to the
berval "cred" which was passed to ldap_sasl_bind_s. Therefore, the
bind operation tried to bind with bind dn and NULL password, which now
fails since it's considered as an unauthenticated bind. This change
fixes the problem. Also, a usage typo is being fixed.
Platforms tested: Fedora 11
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
| |
This option will accept format like "-e deref=derefAttr:attr"
to ldclt when "-e esearch" is requested.
example: -e esearch -e deref=secretary:mail
search will dereference the "secretary" attribute and then return the "mail" attribute value
|
| |
|
|
|
|
| |
This option will accept format like "-e attreplacefile=jpegPhoto:/some/binary.file"
to ldclt. The content of the given file will be used to replace the attribute
"jpegPhoto" (in this case). The given file could be plain text or binary file.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding "-e deref" option to ldclt.
Add mode (-e add): "-e deref" adds "secretary: <DN>" to the entry.
This is true when the entry's objectclass is
inetOrgPerson (-e inetOrgPerson").
Search mode (-e esearch): "-e deref" sets dereference control to the search,
where the dereference attribute and dereferenced
attribute are hardcoded to "secretary" and "cn",
respectively.
Usage:
ldclt [...] -e add -e random -e inetOrgPerson -e deref -f test_XX
ldclt [...] -e esearch -e random -e inetOrgPerson -e deref -f test_XX
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The vendor, brand, and capbrand are set in configure - we should use those
everywhere rather than have to run some sort of script over the code to
change vendor, brand, version, etc. I've added VENDOR, BRAND, CAPBRAND
to the default defines passed to the compiler, and changed the code to use
these defines. And instead of the unintuitively named PRODUCTTEXT macro,
we should use the already defined PRODUCT_VERSION.
This allowed me to get rid of some code. The version was from a generated
file called dirver.h which we don't need anymore, and we don't need the perl
script dirver.pl which generated it.
The vendor string was coming from the dirlite header file. So I also used this
as an excuse to get rid of all references to dirlite once and for all (yay!).
For the places in plain text files which are not substituted, I just used the
generic name Dirsrv or Directory Server instead of having an explicit brand
and/or version in there.
Reviewed by: nkinder (Thanks!)
|
| |
|
|
|
|
|
|
|
|
| |
These changes allow the server to be built with OpenLDAP (2.4.17+). A brief summary of the changes:
* #defines not provided by OpenLDAP were copied into slapi-plugin.h and protected with #ifndef blocks
* where it made sense, I created slapi wrapper functions for things like URL and LDIF processing to abstract way the differences in the APIs
* I created a new file utf8.c which contains the UTF8 functions from MozLDAP - this is only compiled when using OpenLDAP
* I tried to clean up the code - use the _ext versions of LDAP functions everywhere since the older versions should be considered deprecated
* I removed some unused code
NOTE that this should still be considered a work in progress since it depends on functionality not yet present in a released version of OpenLDAP, for NSS crypto and for the LDIF public API.
|
| |
|
|
|
|
|
|
| |
For more details, see the design doc at http://directory.fedoraproject.org/wiki/Thread_Aware_Regex
Additional 2 unrelated changes are being made:
1) dbgen.pl.in: secretary and manager are having a dn format value "cn=...".
2) slapi_counter_sunos_sparcv9.S: adding "#define _ASM 1" to force to set an assembler code macro _ASM.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Make sure we use "const" consistently
2) Make sure we use "unsigned char" consistently
for some reason (unsigned char)*p did not compare to '\xHH' literals unless the literal was also cast to (unsigned char)
3) added some missing function prototypes
4) removed some unused variables/functions, or commented out for use when debugging
5) various other compiler warnings
With all of these, the code compiles cleanly on RHEL5 x86_64 using
gcc (GCC) 4.1.2 20080704 (Red Hat 4.1.2-44)
and
CFLAGS="-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic"
The only warning now is the spurious message about %llu or %lld having the wrong format argument.
Reviewed by: nhosoi (Thanks!)
|
| |
|
|
|
|
| |
Summary: mmldif crashes in PK11_CreateDigestContext
Description: NSS was not initialized. Since cert db, key db, or secmod db are
not needed, changed to call NSS_NoDB_Init to initialize NSS.
|
| |
|
|
| |
Summary: Enhanced rsearch to allow user filter and password to be configurable (contributed by telackey@bozemanpass.com).
|
| |
|
|
| |
Summary: LDCLT: add abandon to ldclt
|
| |
|
|
|
| |
Summary: Memory usage research: checking in the experimental code
See also: http://directory.fedoraproject.org/wiki/Memory_Usage_Research
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reviewed by: nhosoi (Thanks!)
Fix Description: The intptr_t and uintptr_t are types which are defined as integer types that are the same size as the pointer (void *) type. On the platforms we currently support, this is the same as long and unsigned long, respectively (ILP32 and LP64). However, intptr_t and uintptr_t are more portable. These can be used to assign a value passed as a void * to get an integer value, then "cast down" to an int or PRBool, and vice versa. This seems to be a common idiom in other applications where values must be passed as void *.
For the printf/scanf formats, there is a standard header called inttypes.h which defines formats to use for various 64 bit quantities, so that you don't need to figure out if you have to use %lld or %ld for a 64-bit value - you just use PRId64 which is set to the correct value. I also assumed that size_t is defined as the same size as a pointer so I used the PRIuPTR format macro for size_t.
I removed many unused variables and some unused functions.
I put parentheses around assignments in conditional expressions to tell the compiler not to complain about them.
I cleaned up some #defines that were defined more than once.
I commented out some unused goto labels.
Some of our header files shared among several source files define static variables. I made it so that those variables are not defined unless a macro is set in the source file. This avoids a lot of unused variable warnings.
I added some return values to functions that were declared as returning a value but did not return a value. In all of these cases no one was checking the return value anyway.
I put explicit parentheses around cases like this: expr || expr && expr - the && has greater precedence than the ||. The compiler complains because it wants you to make sure you mean expr || (expr && expr), not (expr || expr) && expr.
I cleaned up several places where the compiler was complaining about possible use of uninitialized variables. There are still a lot of these cases remaining.
There are a lot of warnings like this:
lib/ldaputil/certmap.c:1279: warning: dereferencing type-punned pointer will break strict-aliasing rules
These are due to our use of void ** to pass in addresses of addresses of structures. Many of these are calls to slapi_ch_free, but many are not - they are cases where we do not know what the type is going to be and may have to cast and modify the structure or pointer. I started replacing the calls to slapi_ch_free with slapi_ch_free_string, but there are many many more that need to be fixed.
The dblayer code also contains a fix for https://bugzilla.redhat.com/show_bug.cgi?id=463991 - instead of checking for dbenv->foo_handle to see if a db "feature" is enabled, instead check the flags passed to open the dbenv. This works for bdb 4.2 through bdb 4.7 and probably other releases as well.
Platforms tested: RHEL5 x86_64, Fedora 8 i386
Flag Day: no
Doc impact: no
|
| |
|
|
|
| |
Descriptionn: fedora-ds-base build problem
Fix Description: Correct usage of va_list and vfprintf
|
| |
|
|
|
|
| |
Summary: clu test failures (Comment #7)
Description: 1) Removing obsolete PATH info from Usage
2) Replacing "idl" with "ID list" following the suggestion from Doc.
|
| |
|
|
|
|
|
|
|
|
|
| |
Bug Description: dbgen.pl uses incorrect perl interpreter on hpux
Reviewed by: nhosoi (Thanks!)
Fix Description: Set @perlexec@ to the correct platform specific perl location.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
|
| |
|
|
|
|
| |
Summary: infadd tool won't start. Fails to load data file (comment #4)
Description: HP compiler does not like to have a function call in a constant
expression.
|
| |
|
|
| |
Summary: Look for infadd data files in TEMPLATEDIR.
|
| |
|
|
| |
Summary: HP-UX: warnings reported by the HP-UX compiler
|
| |
|
|
| |
Summary: Make dbscan handle special RUV related changelog entries.
|
| |
|
|
| |
Summary: Don't try to dlopen ldap SSL libs in ldclt.
|
| |
|
|
|
|
|
|
|
| |
Bug Description: crash at startup with new ldap sdk on 64-bit platform
Reviewed by: nkinder (Thanks!)
Fix Description: Use LBER_SOCKET as the socket type instead of int. There was also a place in ldclt where we were doing the same thing.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
| |
Bug Description: Change filesystem path naming from "fedora-ds" to "dirsrv"
Reviewed by: nkinder (Thanks!)
Fix Description: Mostly just changing the package name in configure.ac, and making sure we consistently use that in path naming (e.g. /etc/@PACKAGE_NAME@ or /etc/@PACKAGE_NAME_BASE@ for adminserver).
Platforms tested: RHEL4, FC6
Flag Day: no
Doc impact: Oh yes.
QA impact: Any existing tests that depend on /path/brand-ds will need to change to use dirsrv. It is highly encouraged to use a macro or variable for the package name in any scripts to minimize the impact of future package name changes.
|
| |
|
|
|
| |
Summary: rsearch - make search timeout a configurable parameter
Description: Introduced a new option "-o <search time limit>"
|
| |
|
|
|
|
| |
Description: CLU: dbgen.pl fails to load data files
Reviewed by: nhosoi (Thanks!)
Fix Description: dbgen.pl is hardcoded to look for data files in ../data. Instead, we should allow the user to provide the location to the data files e.g. -l /path/to/data, and we should also use share/brand-ds/data as the default directory.
|
| |
|
|
|
| |
Summary: feature request for ldclt: add randomauthid for testing
Description: Adding randomauthid options: -e "randomauthid" -e "randomauthidlow=<low>" -e "randomauthidhigh=<high>"
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Description: Move DS Admin Code into Admin Server - ldif templates, pwdhash
Reviewed by: nhosoi (Thanks!)
Fix Description: These changes are primarily to allow the admin server setup to run completely in perl with no more setuputil code.
1) Added LDIF templates for DS config. template-dse.ldif is the core minimal directory server configuration. Values can be replaced with parameters in the same style as used with register_server.pl - %token%. For the plugin entries, the plugin shared library name is now just a name. There is no more full path. The code in dynalib.c handles this case by using the compiled in PLUGINDIR. The NSPR function PR_GetLibraryName knows the correct shared lib suffix for the platform. All of this allows us to do 2).
2) Added ability to run pwdhash with no server configuration. If no configuration is given, it uses the template-dse.ldif above. And instead of having to worry about where the plugins are installed and the shared lib suffix, it just depends on the above changes. This allows us to generate password hashes during setup before the directory server instance is created, and also to keep clear text password usage to a minimum.
3) Added defaultuser and defaultgroup.
4) Added support for continuation lines in Inf files.
5) All user visible messages during setup should be localizable
Platforms tested: RHEL4
Flag Day: Yes, autotool file changes.
Doc impact: Yes, along with the previous fixes for this bug.
|
