From faa4d0b6ea6e911c1098b070d1959b3106d5b5b2 Mon Sep 17 00:00:00 2001
From: Ludwig Krispenz <lkrispen@redhat.com>
Date: Fri, 29 May 2015 16:12:44 +0200
Subject: replica install fails with domain level 1

    when updating an replication agreement from a toplogy segment an incorrect default value was used for bindmethod.
    Only attributes explicitely set in the segment should be applied.
    At shutdown the server could crash because the plugin was called after it was stopped.

    https://fedorahosted.org/freeipa/ticket/5035

Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
Reviewed-By: Thierry Bordaz <tbordaz@redhat.com>
---
 daemons/ipa-slapi-plugins/topology/topology_agmt.c | 3 ++-
 daemons/ipa-slapi-plugins/topology/topology_init.c | 2 +-
 daemons/ipa-slapi-plugins/topology/topology_util.c | 3 ---
 3 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/daemons/ipa-slapi-plugins/topology/topology_agmt.c b/daemons/ipa-slapi-plugins/topology/topology_agmt.c
index 57614351e..05edad342 100644
--- a/daemons/ipa-slapi-plugins/topology/topology_agmt.c
+++ b/daemons/ipa-slapi-plugins/topology/topology_agmt.c
@@ -70,7 +70,8 @@ int
 ipa_topo_agmt_new(char *hostname, TopoReplica *conf, TopoReplicaAgmt *agmt)
 {
     int ret = 0;
-    if (strcasecmp(agmt->repl_bind_method,"SASL/GSSAPI") == 0) {
+    if ((agmt->repl_bind_method == NULL) /* use GSSAPI as default */ ||
+         (strcasecmp(agmt->repl_bind_method,"SASL/GSSAPI") == 0)) {
         ret = ipa_topo_agmt_setup(hostname, conf, agmt, 1);
     } else {
         ret = ipa_topo_agmt_setup(hostname, conf, agmt, 0);
diff --git a/daemons/ipa-slapi-plugins/topology/topology_init.c b/daemons/ipa-slapi-plugins/topology/topology_init.c
index f45086760..77e740ea1 100644
--- a/daemons/ipa-slapi-plugins/topology/topology_init.c
+++ b/daemons/ipa-slapi-plugins/topology/topology_init.c
@@ -225,12 +225,12 @@ static int
 ipa_topo_close(Slapi_PBlock * pb)
 {
 
+    ipa_topo_set_plugin_active(0);
     slapi_config_remove_callback(SLAPI_OPERATION_SEARCH, DSE_FLAG_PREOP,
             "", LDAP_SCOPE_BASE, "(objectclass=*)", ipa_topo_rootdse_search);
     slapi_unregister_backend_state_change((void *)ipa_topo_be_state_change);
     ipa_topo_free_plugin_config();
     return 0;
-
 }
 static int
 ipa_topo_rootdse_init(Slapi_PBlock *pb)
diff --git a/daemons/ipa-slapi-plugins/topology/topology_util.c b/daemons/ipa-slapi-plugins/topology/topology_util.c
index 94d8b33fd..f206464a5 100644
--- a/daemons/ipa-slapi-plugins/topology/topology_util.c
+++ b/daemons/ipa-slapi-plugins/topology/topology_util.c
@@ -329,9 +329,6 @@ ipa_topo_util_agmt_from_entry(Slapi_Entry *entry, char *replRoot, char *fromHost
             ipa_topo_util_set_segm_attr(agmt, mattrs[i], mval);
         }
     }
-    if (agmt->repl_bind_method == NULL) {
-        agmt->repl_bind_method = slapi_ch_strdup("SASL/GSSAPI");
-    }
     return agmt;
 }
 TopoReplicaSegment *
-- 
cgit