| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
These changes allow the server to be built with OpenLDAP (2.4.17+). A brief summary of the changes:
* #defines not provided by OpenLDAP were copied into slapi-plugin.h and protected with #ifndef blocks
* where it made sense, I created slapi wrapper functions for things like URL and LDIF processing to abstract way the differences in the APIs
* I created a new file utf8.c which contains the UTF8 functions from MozLDAP - this is only compiled when using OpenLDAP
* I tried to clean up the code - use the _ext versions of LDAP functions everywhere since the older versions should be considered deprecated
* I removed some unused code
NOTE that this should still be considered a work in progress since it depends on functionality not yet present in a released version of OpenLDAP, for NSS crypto and for the LDIF public API.
|
| |
|
|
|
|
|
|
| |
1) Commit 281f14adb012a54d8b10c9d51dbce6f5c6f3e549 was based on the wrong
observation and testing. Backing off the change.
2) Search result set is retrieved from pblock and used for simple paged results.
When the search result set is released, the address stashed in pblock should
have been set NULL not to access the address again.
|
| |
|
|
|
|
|
|
|
|
|
| |
When "dnaMaxValue" is set to "-1" or omitted from a range configuration entry
(which defautls to "-1" internally), the "dnaNextValue" attribute is not
updated in the range configuration entry when a value is allocated from that
range.
We were only updating the configuration entry if the new nextvalue was >=
the maxval plus the interval (1). We need to check if the maxval is -1
specifically, and update the config entry if so.
|
| |
|
|
|
|
| |
There was a contention between the connection table cleanup thread (main)
and the search thread. The cleanup code should have been protected by
the same mutex we do in the paged result code (c_mutex).
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Bug description: If a group has more than 32767 members (max short),
a variable 'n' declared as short overflows. The value is used to calculate an
array size to store group member info, which memory is not properly allocated
and it ends up crashing up the server.
Fix description: Replaced the problematic short variable type with integer.
Plus, the each member info was storing a pointer pointing to an element inside
of the array. When the array is "realloc"ed, it's possible for the addresses
to be relocated. To solve the problem, the new code stores the index of array
instead of the address.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch implements a linked attribute plug-in. Details of the
plug-in features and design are available on the 389 wiki at:
http://directory.fedoraproject.org/wiki/Linked_Attributes_Design
In addition, I encountered a memory leak when testing the new plug-in
with valgrind. There was a fix to the dse add code for a double free
a few months back, which causes a leak in certain situations. This
previous fix was for bz#489763. The proper thing to do is to make
the dse backend add function consume the passed in entry upon success
and leave it for the caller to deal with upon failure. This is the
way the back-ldbm add function works.
|
| |
|
|
|
| |
Summary: Access log reports 'notes=U' for VLV indexed searches if there are no records to be found
Fix Description: VLV creates an empty IDL if no matched entries are found. To do so, VLV code was calling idl_alloc with argument 0, which generated ALLID. It's changed to call idl_alloc with 1. It creates a normal empty IDL.
|
| |
|
|
|
|
|
| |
Fix Description: unescape parenthesis in the regular expression.
E.g., ^u:\(.*\) ==> ^u:(.*)
This unescape is necessary for the new regex code using PCRE
to keep the backward compatibility.
|
| |
|
|
|
|
| |
This patch consolidates the functionality of read_function and secure_read_function into a single read_function that deals with NSPR PRFileDesc objects. It does the same for write_function and secure_write_function. Since there is only one write function, there is no need to push a separate secure read/write function to the lber layer - importing the prfd into ssl (SSL_ImportFd) does that.
I've also added some more debugging.
Reviewed by: nkinder (Thanks!)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is part of the port to OpenLDAP, to simplify the code that
interacts with the BER I/O layer. Ideally, since we only deal
with NSPR I/O, not raw I/O, in the directory server, we can push
any additional layers, such as SASL, as NSPR I/O layers. This
is how NSS works, to push the SSL codec layer on top of the regular
NSPR network I/O layer.
Only 3 functions are implemented - PR_Send (sasl_io_send), PR_Recv
(sasl_io_recv), and PR_Write (sasl_io_write).
This simplified the code in saslbind.c and connection.c, and removed
special handling for SASL connections - now they are just treated as
regular NSPR connections - the app has not nor does not need to know
the connection is a SASL connection.
In addition, this gives us the ability to use SASL and SSL at the same
time. The SASL I/O layer can be pushed on top of the SSL layer, so
that we can use SSL for connection encryption, and SASL for authentication,
without having to worry about mixing the two.
Reviewed by: nkinder (Thanks!)
Platforms tested: RHEL5 x86_64, Fedora 9 x86_64
|
| |
|
|
|
| |
1) Fixing compiler warnings on regex.c.
2) Adding dse_search_set_release to dse.c to support simple paged results on DSE.
|
| |
|
|
|
| |
To avoid unnecessary ldap_mods_free for the early error_returns
which could be called before mods are set to smods.
|
| |
|
|
|
|
|
|
|
| |
Our schema parser requires a space after the opening paran
when multiple SUP objectclasses are listed in the definition
of an objectclass. The RFCs show that a space is not required.
This patch simply removes the requirement that a space be
present after the opening paran.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This adds a new configuration attribute named
nsslapd-require-secure-binds. When enabled, a simple bind
will only be allowed over a secure transport (SSL/TLS or a
SASL privacy layer). An attempt to do a simple bind over
an insecure transport will return a LDAP result of
LDAP_CONFIDENTIALITY_REQUIRED. This new setting will not
affect anonymous or unauthenticated binds.
The default setting is to have this option disabled.
|
| |
|
|
|
|
|
|
| |
For more details, see the design doc at http://directory.fedoraproject.org/wiki/Thread_Aware_Regex
Additional 2 unrelated changes are being made:
1) dbgen.pl.in: secretary and manager are having a dn format value "cn=...".
2) slapi_counter_sunos_sparcv9.S: adding "#define _ASM 1" to force to set an assembler code macro _ASM.
|
| |
|
|
|
|
|
|
|
| |
Reviewed by: nhosoi (Thanks!)
The problem is when the views code calls views_cache_discover_children()
and there are no children. The code should check to see if the child_count
is 0, and only attempt to alloc space for the pChildren array if the
child_count is greater than 0.
Platforms tested: RHEL5 x86_64
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1) Make sure we use "const" consistently
2) Make sure we use "unsigned char" consistently
for some reason (unsigned char)*p did not compare to '\xHH' literals unless the literal was also cast to (unsigned char)
3) added some missing function prototypes
4) removed some unused variables/functions, or commented out for use when debugging
5) various other compiler warnings
With all of these, the code compiles cleanly on RHEL5 x86_64 using
gcc (GCC) 4.1.2 20080704 (Red Hat 4.1.2-44)
and
CFLAGS="-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic"
The only warning now is the spurious message about %llu or %lld having the wrong format argument.
Reviewed by: nhosoi (Thanks!)
|
| |
|
|
| |
For more details, see the design doc at http://directory.fedoraproject.org/wiki/Simple_Paged_Results_Design
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The DN syntax has become more restrictive over time, and the
current rules are quite strict. Strict adherence to the rules
defined in RFC 4514, section 3, would likely cause some pain to
client applications. Things such as spaces between the RDN
components are not allowed, yet many people use them still since
they were allowed in the previous specification outlined in RFC
1779.
To deal with the special circumstances around validation of the DN
syntax, a configuration attribute is provided named
nsslapd-dn-validate-strict. This configuration attribute will
ensure that the value strictly adheres to the rules defined in RFC
4514, section 3 if it is set to on. If it is set to off, the server
will normalize the value before checking it for syntax violations.
Our current normalization function was designed to handle DN values
adhering to RFC 1779 or RFC 2253
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This starts the effort to be able to use Doxygen to
auto-generate the SLAPI documentation.
I started documenting everything in slapi-plugin.h
from the top down. There is a TODO comment indicating
where the effort needs to be picked up from in the
header file.
To build the SLAPI docs, run "doxygen slapi.doxy" in
the top of the source tree. The resulting doc files
will be in a subdirectory named "docs". The build of
the docs still needs to be integrated with the rest of
the build.
|
| |
|
|
|
|
| |
Also added numericstring syntax support.
For more details, see the design doc at http://directory.fedoraproject.org/wiki/Syntax_Validation_Design
|
| |
|
|
| |
Summary: Corrected semaphore name used in SNMP subagent.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary: LOG: the intenal type of maxlogsize, maxdiskspace and minfreespace should be 64-bit integer (comment #20)
Description: In log_reverse_convert_time, by initializing "struct tm" with
NULLs:
struct tm tm = {0};
tm_isdst is also set to 0, which means no daylight saving. mktime thinks when
converting struct tm to time_t, use the knowledge "the time that the time_t
represents is not in the daylight saving period". Instead, we should have set
"tm.tm_isdst = -1;". That means, we don't have the knowledge, calculate it in
mktime.
I also fixed a silly bug in generating a rotated log file name which I
introduced in my previous checkin.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Summary: LOG: the intenal type of maxlogsize, maxdiskspace and minfreespace should be 64-bit integer (comment #20)
Description:
1) replaced PR_GetOpenFileInfo with PR_GetOpenFileInfo64 in log_getfilesize.
PR_GetOpenFileInfo does not return the correct file size if the size is
larger than 2GB.
2) when a rotation info file is missing and recreated, the file size stored
in the file was not correct.
3) rotated file name is created with the time stamp when rotated. The reverse
conversion function had a problem and the file name in the rotation info and
the real one could mismatch.
|
| |
|
|
| |
NOTE: We do not have support for atomic 64-bit counters on ppc - ppc platorms use the mutex approach instead
|
| |
|
|
|
| |
Summary: homePhone is not RFC 1274 compliant
Description: added "homeTelephoneNumber" to the NAME list of "homePhone".
|
| |
|
|
|
| |
Summary: Replication Bind Failure After Migration from DS 7.1 (comment #10)
Description: changed to trim trailing slashes of oldsroot and actualsroot at the beginning.
|
| |
|
|
| |
Summary: Fixup replicated schema during migration.
|
| |
|
|
|
|
| |
Summary: mmldif crashes in PK11_CreateDigestContext
Description: NSS was not initialized. Since cert db, key db, or secmod db are
not needed, changed to call NSS_NoDB_Init to initialize NSS.
|
| |
|
|
|
|
|
|
|
| |
Bug Description: Configuring Replication Server to Server GSSAPI over TLS - attempts replication and can't stop servers
Reviewed by: nhosoi (Thanks!)
Fix Description: The agreement add code did not check the transport and bind method for compatability.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
| |
Summary: log module issues unnecessary/inaccurate syslog errors
Description:
1) don't log "Exceeded max number of logs allowed" in syslog messages. It's an
info level log, which is not appropriate to log in syslog messages.
2) when deleting an error log file failed, a wrong file name (audit log) was
printed. I also added the error code and the message why the deletion failed.
|
| |
|
|
|
|
|
| |
Summary: If an independent process db2ldif rotates the error log, it crashes the server.
Description: PR_Rename failure due to the FILE_EXIST is benign. Ignore the
error and goes forward. The procedure is extended to all the log type: error,
access, and audit.
|
| |
|
|
|
|
|
|
|
| |
Bug Description: Replication Bind Failure After Migration from DS 7.1
Reviewed by: nkinder (Thanks!)
Fix Description: We have to quote shell metacharacters before passing them to the shell. I added a new function shellEscape to use for this purpose. We really should shell escape anything passed to system() or back ticks ``. Certainly passwords should contain shell meta characters so I changed places where we use passwords to use shellEscape to pass them to pwdhash or migratecred. I also chomp() the output of migratecred to remove the trailing newline. With the fix, I was able to run setup with a root password of `~!@#$%^&*()\\|[]{}:;<>?/"\ and successfully authenticate.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
| |
Description: Bug 480869 - DS console: Can not delete DS instance
Fix Description: Create instance was broken, so no instances could be created for purposes of deletion. Create instance was printing the following error:
Unable to find Pass Through Authentication Plug-In config entry.
This is because the search for this entry in AdminUtil.pm was getting an incorrect error message - something other than "Success"
This is because the FileConn->getErrorString() method was returning "0" instead of "Success".
Platforms tested: RHEL4
|
| |
|
|
|
| |
Summary: rhds80 64b el5.3 - db2ldif lock case
Description: Fixed double free, which confused the server operation and eventually crashed the server.
|
| |
|
|
|
|
|
|
|
|
| |
Bug Description: crash in reliab15 test
Reviewed by: nkinder (Thanks!)
Fix Description: There was still a small window of time during which the connection could be closed out from under the other thread which was sending/reading result. The solution is to use explicit locking using the conn->lock to protect access to the conn->ld. Since this also affected the total update code, I tested it under similar conditions, and found that it exhibited the same behavior. I added checking to the total update code to check for disconnection and coordinate access in the entry sending/result reading threads.
I also fixed a spurious error message about the sasl path.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
| |
Bug Description: crash in reliab15 test
Reviewed by: nkinder (Thanks!)
Fix Description: My earlier fix was for the case where the result reader thread disconnects. But it looks like there is still a problem if the update sender thread disconnects out from under the reader thread. We need to use conn_connected() to test to see if the connection is connected before we attempt to access conn->ld in the result reader thread. I also improved the error messages so that I could tell if the errors were coming from the update sender thread or the result reader thread.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
| |
Summary: slapi_ldap_init_ext needs to be modified due to the build failure on Solaris
Description: instead of replacing client_callbacks, set sasl path to SASL_PATH
using putenv.
|
| |
|
|
|
|
| |
Description: mapping tree code inconsistent about treatment of quoted node names
Reviewed by: nhosoi (Thanks!)
Fix Description: Look for (|(%s=\"%s\")(%s=%s))) when looking for mapping tree suffixes - there may be a quoted suffix, or one without quotes, so look for either
|
| |
|
|
|
|
|
|
|
|
| |
Bug Description: crash in reliab15 test
Reviewed by: nhosoi (Thanks!)
Fix Description: I could not reproduce the crash, but I think the problem is that the server is not handling the disconnection case correctly. It seems that in the event of disconnection (LDAP_SERVER_DOWN 81 - Can't contact server) the code would continue to read results.
repl5_inc_result_threadmain() will call conn_read_result_ex() in a loop. If conn_read_result_ex() detects a disconnection or an unrecoverable error, it will call conn_disconnect to close the connection, and return CONN_NOT_CONNECTED. Once this happens, the code must not use conn->ld any more. However, the code did not differentiate between the not connected case and other errors, so it would keep trying to read results (in case some errors are recoverable, the thread still has to read all of the pending results). The code has been fixed to handle disconnect cases specially. I also added some additional locking to make sure the result and the abort flags were set/read correctly. Finally, I changed the code that waits for results to come in, so that if the connection has been closed, it will just return immediately.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: slapd crashes after changelog is moved
Reviewed by: nkinder, nhosoi (Thanks!)
Fix Description: There are a number of real fixes, mixed in with many changes for debugging and instrumentation.
1) When the update thread gets the changelog iterator, it will use _cl5AddThread to increment the count of threads holding an open handle to the changelog. When it releases the iterator, or if there were some error acquiring the database handle, it will decrement the thread count. The way it used to work was that it would increment the thread count when retrieving the DB object, but then would immediately decrement it, meaning it had an open handle to the database, but there was no way for the changelog code to know that (except via the reference count on the DB object itself).
2) Changed the AddThread code to increment the thread count outside of the state lock - this better fits the semantics of the other uses of threadcount which are outside of the lock.
3) The changelog code that closes the databases was not closing things down in the correct order. The first thing it must do is wait for all threads with open database handles or otherwise accessing the database to terminate. Once that is done, it can call _cl5DBClose() to actually close all of the databases. Otherwise, a race condition could cause a database to be accessed after it has been closed.
4) Added clcache cleanup code, and made it possible to re-init the clcache. The clcache was not designed to be dynamically closed and opened.
clcache is init-ed in _cl5Open
clcache_init is re-entrant
Added more code to clean up the clcache
Delete the clcache in _cl5Delete
5) The clcache stores the current buffer in a thread private storage area. If the clcache has been re-initialized, this buffer is also invalid and the clcache code must get a new buffer.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: During migration, if import fails for some reason,
the exact cause of why it was unable to open the LDIF is not logged.
Reviewed by: nhosoi (thanks!)
Files: see diff
Branch: HEAD
Fix Description: As discussed in the bug council, the fix is to just
report the actual error returned when the open() of the LDIF fails.
This reports the errno and a string description of the error in the
errors log (which is also output to stderr when running ldif2db).
Platforms tested: F9
Flag Day: no
Doc impact: no
|
| |
|
|
| |
Summary: Use backend name from inf when importing during setup.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: Performing a MOD operation to bring an entry into
the scope of a DNA managed range doesn't trigger DNA to generate
a new value. This happens since we check the DNA filter against
the existing entry instead of the resulting entry after the mods
are applied.
Reviewed by: rmeggins (thanks!)
Files: see diff
Branch: HEAD
Fix Description: This patch handles modify operations that bring entries
into or out of scope of a managed range. If you bring an entry into scope
(say by adding the appropriate objectclass), this will assign a value from
the range if the magic value or no value is supplied for the managed type.
Platforms tested: F9
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
| |
Bug Description: unbind or abandon with unsupported critical controls does not close connection
Reviewed by: nkinder (Thanks!)
Fix Description: When an unbind request is received that has controls marked as critical, and we do not support those controls, we must treat them as non-critical controls and continue processing.
Platforms tested: RHEL4, RHEL5
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: DS console: Can not delete DS instance
Reviewed by: nkinder (Thanks!)
Fix Description: As it turns out, my assumption that ds_remove in CGI mode also did the unregistration was false. It is the console that does the unregistration, only after the ds_remove CGI returns success. So, ds_remove needs to run with AdminSDK off, just like the other "special" CGI programs. In addition, ds_remove needs to be more robust - if there is an error during ds_remove, you should be allowed to try again after fixing something. However, the way the error handling worked did not differentiate between fatal errors and errors that could be ignored. In order to do this properly, we need to propagate the errors back up to the top level (oh how I wish perl had real exception handling . . .). The main type of error we need to ignore is file not found or process not found. If we attempted to remove before and that attempt failed for some reason, and left a partial instance, we need to be able to run the remove command again, skipping over the things we shutdown or removed already, and clean up the stuff we need to remove. This can also happen if you use the console to create a ds instance, and remove-ds.pl to remove the instance. The instance will still show up in the console. We need to be able to use the Remove Server in the console to remove the instance from the console, even through there is no physical instance on disk any more. Since the console will only do the unregistration if the CGI returns success, we need to make sure the CGI returns success even though there is no instance on disk. When ds_remove is run via ds_removal, it will do the unregistration.
I also took this opportunity to refactor the remove code, creating a removeDSInstance method in DSCreate.pm, and moving some of the other removal helper functions to Util.pm. That simplified the code in both ds_remove and remove-ds.pl.
I added a remove-ds-admin.pl script - one of the problems that users have is that they run setup-ds-admin.pl, then hit some error (e.g. bad DNS setup), then find that they cannot restore the system to the state before they ran setup-ds-admin.pl. remove-ds-admin.pl does this.
Finally, I added some man pages to the admin package for those commonly used commands.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
| |
Description: CoS operational qualifier doesn't work
Reviewed by: rmeggins
Fix Description: If not using the default, the processing for that case was skipped due to the incorrect if test for pDefAttr. The fix is to move the test for pDefAttr into the lower condition, to make sure it is value before dereferencing it to check for attr_operational or attr_operational_default. The attr_operational || attr_operational_default test has been moved into the using_default && pDefAttr condition, and into the !using_default && pCache condition for the non default case. Parentheses have been added for readability.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: A crash occurs in the DNA plug-in when you delete an existing
value of a managed attribute.
Reviewed by: rmeggins (thanks!)
Files: see diff
Branch: HEAD
Fix Description: The DNA code was always expecting a value to be present when
processing a modify operation. The delete and replace modify operations can
be issues with no values. These operations were an oversight in the DNA code.
The fix adds cases to handle delete and replace modify operations. For a replace,
we check if we are replacing all values with nothing, and generate a new value from
the range. If we're processing a delete with no values specified, we also generate
a new value. If the delete has values specified, we check to see if the operation
leaves any values in the existing entry. If no existing values would remain after
the operation, we generate a new value.
Platforms tested: F9
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
| |
Bug Description: overriding arguments to setup causes setup to fail
Reviewed by: ulf.weltman, nkinder (Thanks!)
Fix Description: Parameters specified on the command line should override and replace (not add to) any parameters specified in a given .inf file. I refactored the code a little too - I moved the argv processing into the Inf module out of the Setup and Migration modules. The code will first process the args and store the values in a temporary hash ref. Then it will process the temp hash ref, replacing the values in the main inf with the values from the hash.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Bug Description: migration results in incomplete admin server sie
Reviewed by: nkinder (Thanks!)
Fix Description: This is a redesign of one of the core pieces of the setup/migration code - the code that adds the LDAP entries in various places. For starters, I removed the code that would implicitly delete existing trees. This is the root cause of this bug, and other similar problems with setup/instance creation that have been reported. We should never implicitly delete entries. Instead, we should explicitly delete entries by using the changetype: delete in an LDIF template file.
Another source of problems was that to update an entry, we would delete it and add it back. This caused some configuration settings to be wiped out (e.g. encryption settings). We cannot do this any more. The LDIF template entries have been modified to have two sets of information for each entry that requires update - the entry to add if no entry exists (the full entry) or the changes to make to the entry if it does exist. The code in Util.pm has been changed to ignore duplicate entries and to ignore changes made to entries that do not exist.
Another source of problems with migration is that the error checking was not adequate, especially with FileConn and dse.ldif reading. The fix is to add better error checking and reporting in these areas of code, including error messages.
Yet another problem is the run_dir handling. On many platforms the run_dir is shared among all DS instances and the admin server. Older versions of the software allowed you to run the servers as root. We have to make sure run_dir is usable by the least privileged user of all of the servers.
Platforms tested: RHEL4
Flag Day: no
Doc impact: no
|
