[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication cl5_api.c, 1.17, 1.18 cl5_api.h, 1.7, 1.8 cl5_config.c, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv3313/ldapserver/ldap/servers/plugins/replication
Modified Files:
cl5_api.c cl5_api.h cl5_config.c
Log Message:
Resolves: bug 185602
Bug Description: Netscape Console allows instance directory to be set as change log
Reviewed by: nkinder (Thanks!)
Fix Description: 1) When removing the changelog files and directories, only remove the actual db related files - version, guardian, *db4, log.*, and __db.* - This should take care of the cases where the changelog was already created in an existing directory.
2) Disallow adding/changing a changelog db directory if it already exists and is not empty
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: cl5_api.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/cl5_api.c,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- cl5_api.c 12 Oct 2007 17:22:54 -0000 1.17
+++ cl5_api.c 16 Oct 2007 21:22:47 -0000 1.18
@@ -3835,6 +3835,39 @@
}
}
+/* see if the given file is a changelog db file */
+static int
+_cl5IsDbFile(const char *fname)
+{
+ char *ptr = NULL;
+ if (!fname || !*fname) {
+ return 0;
+ }
+
+ if (!strcmp(fname, GUARDIAN_FILE)) {
+ return 1;
+ }
+
+ if (!strcmp(fname, VERSION_FILE)) {
+ return 1;
+ }
+
+ if (_cl5FileEndsWith(fname, DB_EXTENSION)) {
+ return 1;
+ }
+
+ if (_cl5IsLogFile(fname)) {
+ return 1;
+ }
+
+ ptr = strstr(fname, "__db.");
+ if (ptr == fname) { /* begins with __db. */
+ return 1;
+ }
+
+ return 0; /* not a filename we recognize as being associated with the db */
+}
+
/* state lock must be locked */
static int _cl5Delete (const char *clDir, int rmDir)
{
@@ -3842,6 +3875,7 @@
char filename[MAXPATHLEN + 1];
PRDirEntry *entry = NULL;
int rc;
+ int dirisempty = 1;
/* remove all files in the directory and the directory */
dir = PR_OpenDir(clDir);
@@ -3860,6 +3894,13 @@
{
break;
}
+ if (!_cl5IsDbFile(entry->name)) {
+ slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl,
+ "_cl5Delete: Skipping file [%s/%s] because it is not a changelogdb file.\n",
+ clDir, entry->name);
+ dirisempty = 0; /* skipped at least one file - dir not empty */
+ continue;
+ }
PR_snprintf(filename, MAXPATHLEN, "%s/%s", clDir, entry->name);
rc = PR_Delete(filename);
if (rc != PR_SUCCESS)
@@ -3879,7 +3920,7 @@
return CL5_SYSTEM_ERROR;
}
- if (rmDir)
+ if (rmDir && dirisempty)
{
rc = PR_RmDir (clDir);
if (rc != 0)
@@ -3889,6 +3930,10 @@
clDir, errno);
return CL5_SYSTEM_ERROR;
}
+ } else if (rmDir && !dirisempty) {
+ slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl,
+ "_cl5Delete: changelog dir (%s) is not empty - cannot remove\n",
+ clDir);
}
return CL5_SUCCESS;
@@ -6770,3 +6815,35 @@
#endif
return rval;
}
+
+int
+cl5DbDirIsEmpty(const char *dir)
+{
+ PRDir *prDir;
+ PRDirEntry *prDirEntry;
+ int isempty = 1;
+
+ if (!dir || !*dir) {
+ return isempty;
+ }
+ /* assume failure means it does not exist - other failure
+ cases will be handled by code which attempts to create the
+ db in this directory */
+ if (PR_Access(dir, PR_ACCESS_EXISTS)) {
+ return isempty;
+ }
+ prDir = PR_OpenDir(dir);
+ if (prDir == NULL) {
+ return isempty; /* assume failure means does not exist */
+ }
+ while (NULL != (prDirEntry = PR_ReadDir(prDir, PR_SKIP_DOT | PR_SKIP_DOT_DOT))) {
+ if (NULL == prDirEntry->name) { /* NSPR doesn't behave like the docs say it should */
+ break;
+ }
+ isempty = 0; /* found at least one "real" file */
+ break;
+ }
+ PR_CloseDir(prDir);
+
+ return isempty;
+}
Index: cl5_api.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/cl5_api.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- cl5_api.h 15 Mar 2007 21:40:34 -0000 1.7
+++ cl5_api.h 16 Oct 2007 21:22:47 -0000 1.8
@@ -519,4 +519,13 @@
int cl5_is_diskfull();
int cl5_diskspace_is_available();
+/* Name: cl5DbDirIsEmpty
+ Description: See if the given cldb directory is empty or doesn't yet exist.
+ Parameters: dir - Contains the name of the directory.
+ Return: TRUE - directory does not exist or is empty, is NULL, or is
+ an empty string
+ FALSE - otherwise
+*/
+int cl5DbDirIsEmpty(const char *dir);
+
#endif
Index: cl5_config.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/cl5_config.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- cl5_config.c 10 Nov 2006 23:45:17 -0000 1.6
+++ cl5_config.c 16 Oct 2007 21:22:47 -0000 1.7
@@ -205,6 +205,20 @@
goto done;
}
+ if (!cl5DbDirIsEmpty(config.dir))
+ {
+ *returncode = 1;
+ if (returntext)
+ {
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "The changelog directory [%s] already exists and is not empty. "
+ "Please choose a directory that does not exist or is empty.\n",
+ config.dir);
+ }
+
+ goto done;
+ }
+
/* start the changelog */
rc = cl5Open (config.dir, &config.dbconfig);
if (rc != CL5_SUCCESS)
@@ -450,6 +464,20 @@
if (strcmp (currentDir, config.dir) != 0)
#endif
{
+ if (!cl5DbDirIsEmpty(config.dir))
+ {
+ *returncode = 1;
+ if (returntext)
+ {
+ PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE,
+ "The changelog directory [%s] already exists and is not empty. "
+ "Please choose a directory that does not exist or is empty.\n",
+ config.dir);
+ }
+
+ goto done;
+ }
+
if (!_is_absolutepath(config.dir) || (CL5_SUCCESS != cl5CreateDirIfNeeded(config.dir)))
{
*returncode = 1;
16 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication windows_protocol_util.c, 1.35, 1.36
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19497
Modified Files:
windows_protocol_util.c
Log Message:
Resolves: 335081
Summary: Don't add mailGroup objectclass when sync'ing new group entries from AD.
Index: windows_protocol_util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/windows_protocol_util.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -r1.35 -r1.36
--- windows_protocol_util.c 27 Sep 2007 18:33:30 -0000 1.35
+++ windows_protocol_util.c 16 Oct 2007 20:17:37 -0000 1.36
@@ -2851,7 +2851,6 @@
"objectclass:top\n"
"objectclass:groupofuniquenames\n"
"objectclass:ntGroup\n"
- "objectclass:mailGroup\n"
"ntGroupDeleteGroup:true\n"
"cn:%s\n";
16 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm back-ldbm.h, 1.10, 1.11 dblayer.c, 1.23, 1.24 upgrade.c, 1.7, 1.8
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12547
Modified Files:
back-ldbm.h dblayer.c upgrade.c
Log Message:
Resolves: #327091
Summary: Migration/Upgrade fails when it's from 6.21 to 8.0 on the same OS/architecture
Description:
back-ldbm.h: added LDBM_VERSION_62
dblayer.c: fixed a bug to check the instance dir name
upgrade.c: added LDBM_VERSION_62
Index: back-ldbm.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/back-ldbm.h,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- back-ldbm.h 2 Oct 2007 18:39:51 -0000 1.10
+++ back-ldbm.h 16 Oct 2007 17:30:58 -0000 1.11
@@ -157,8 +157,8 @@
#define LDBM_VERSION "Netscape-ldbm/7.0" /* db42: new idl -> old */
#define LDBM_VERSION_NEW "Netscape-ldbm/7.0_NEW" /* db42: new idl */
#define LDBM_VERSION_OLD "Netscape-ldbm/7.0_CLASSIC" /* db42: old idl */
-#define LDBM_VERSION_62 "Netscape-ldbm/6.2" /* db33: new idl */
-#define LDBM_VERSION_61 "Netscape-ldbm/6.1" /* db33: new idl */
+#define LDBM_VERSION_62 "Netscape-ldbm/6.2" /* db42: old idl */
+#define LDBM_VERSION_61 "Netscape-ldbm/6.1" /* db33: old idl */
#define LDBM_VERSION_60 "Netscape-ldbm/6.0" /* db33: old idl */
#define LDBM_VERSION_50 "Netscape-ldbm/5.0"
Index: dblayer.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/dblayer.c,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- dblayer.c 4 Oct 2007 03:28:19 -0000 1.23
+++ dblayer.c 16 Oct 2007 17:30:58 -0000 1.24
@@ -5848,7 +5848,7 @@
li = inst->inst_li;
priv = (dblayer_private*)li->li_dblayer_private;
inst_dirp = dblayer_get_full_inst_dir(li, inst, inst_dir, MAXPATHLEN);
- if (!inst_dirp || *inst_dirp) {
+ if (NULL == inst_dirp || '\0' == *inst_dirp) {
LDAPDebug(LDAP_DEBUG_ANY,
"update_db_ext: instance dir is NULL\n", 0, 0, 0);
return -1; /* non zero */
Index: upgrade.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/upgrade.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- upgrade.c 15 Mar 2007 21:34:32 -0000 1.7
+++ upgrade.c 16 Oct 2007 17:30:58 -0000 1.8
@@ -58,7 +58,8 @@
{BDB_IMPL, 0, 0, DBVERSION_NEW_IDL, DBVERSION_NO_UPGRADE},
{LDBM_VERSION, 4, 2, DBVERSION_NEW_IDL, DBVERSION_NO_UPGRADE},
{LDBM_VERSION_OLD, 4, 2, DBVERSION_OLD_IDL, DBVERSION_NO_UPGRADE},
- {LDBM_VERSION_61, 3, 3, DBVERSION_NEW_IDL, DBVERSION_UPGRADE_3_4},
+ {LDBM_VERSION_62, 4, 2, DBVERSION_OLD_IDL, DBVERSION_NO_UPGRADE},
+ {LDBM_VERSION_61, 3, 3, DBVERSION_OLD_IDL, DBVERSION_UPGRADE_3_4},
{LDBM_VERSION_60, 3, 3, DBVERSION_OLD_IDL, DBVERSION_UPGRADE_3_4},
{NULL,0,0}
};
@@ -274,8 +275,7 @@
li->li_flags |= LI_FORCE_MOD_CONFIG;
if ((0 == PL_strncasecmp(ldbmversion, BDB_IMPL, strlen(BDB_IMPL))) ||
- (0 == PL_strcmp(ldbmversion, LDBM_VERSION)) ||
- (0 == PL_strcmp(ldbmversion, LDBM_VERSION_61))) /* db: new idl */
+ (0 == PL_strcmp(ldbmversion, LDBM_VERSION))) /* db: new idl */
{
if (!idl_get_idl_new()) /* config: old idl */
{
@@ -288,6 +288,8 @@
}
}
else if ((0 == strcmp(ldbmversion, LDBM_VERSION_OLD)) ||
+ (0 == PL_strcmp(ldbmversion, LDBM_VERSION_61)) ||
+ (0 == PL_strcmp(ldbmversion, LDBM_VERSION_62)) ||
(0 == strcmp(ldbmversion, LDBM_VERSION_60))) /* db: old */
{
if (idl_get_idl_new()) /* config: new */
16 years, 5 months
[Fedora-directory-commits] directoryconsole/src/com/netscape/admin/dirserv/panel/replication WindowsAgreementDestinationPanel.java, 1.1.1.1, 1.2
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel/replication
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32690
Modified Files:
WindowsAgreementDestinationPanel.java
Log Message:
Resolves: 333171
Summary: Deal with illegal input for port field when setting up sync agreement.
Index: WindowsAgreementDestinationPanel.java
===================================================================
RCS file: /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel/replication/WindowsAgreementDestinationPanel.java,v
retrieving revision 1.1.1.1
retrieving revision 1.2
diff -u -r1.1.1.1 -r1.2
--- WindowsAgreementDestinationPanel.java 18 Jul 2005 00:56:11 -0000 1.1.1.1
+++ WindowsAgreementDestinationPanel.java 16 Oct 2007 16:41:44 -0000 1.2
@@ -1174,10 +1174,15 @@
private boolean domainControllerPortIsValid()
{
- if(_domainControllerPort.getText().length() > 0
- && Integer.parseInt(_domainControllerPort.getText()) > 0)
- {
- return true;
+ if(_domainControllerPort.getText().length() > 0) {
+ try {
+ if (Integer.parseInt(_domainControllerPort.getText()) > 0) {
+ return true;
+ }
+ } catch (NumberFormatException e) {
+ /* Someone likely entered some non-numeric text. Just
+ * do nothing here so we fall through and return false. */
+ }
}
return false;
}
16 years, 5 months
[Fedora-directory-commits] directoryconsole/src/com/netscape/admin/dirserv/panel PluginPanel.java, 1.2, 1.3
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22998
Modified Files:
PluginPanel.java
Log Message:
Resolves: 308221
Summary: Don't try to verify plugin path validity.
Index: PluginPanel.java
===================================================================
RCS file: /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel/PluginPanel.java,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- PluginPanel.java 13 Jan 2006 22:53:13 -0000 1.2
+++ PluginPanel.java 16 Oct 2007 15:43:48 -0000 1.3
@@ -485,20 +485,6 @@
}
}
- /* In the case we are in a local machine we check if the path provided is correct */
- if (isLocal()) {
- String path = ((JTextComponent)_fields.get(PATH)).getText().trim();
-
- File file = new File(path);
-
- if (!file.isFile()) {
- setChangeState( (JLabel)_htLabels.get(PATH), CHANGE_STATE_ERROR );
- }
- }
-
-
-
-
int i = 0;
while ((dsEntryText = (DSEntryTextStrict)_dsEntryFields.get(ARG+i))!=null) {
JComponent view = dsEntryText.getView(dsEntryText.getViewCount() - 1 );
@@ -1137,16 +1123,6 @@
return false;
}
- /* In the case we are in a local machine we check if the path provided is correct */
- if (isLocal()) {
- String path = ((JTextComponent)_fields.get(PATH)).getText().trim();
-
- File file = new File(path);
-
- if (!file.isFile())
- return false;
- }
-
DSEntryTextStrict dsEntryText;
16 years, 5 months
[Fedora-directory-commits] coolkey/src/coolkey slot.cpp, 1.8, 1.9 slot.h, 1.1, 1.2
by Doctor Conrad
Author: jmagne
Update of /cvs/dirsec/coolkey/src/coolkey
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15061
Modified Files:
slot.cpp slot.h
Log Message:
Address Gemalto USBKey 64K detection issues. Bug #285441, r. rrelyea.
Index: slot.cpp
===================================================================
RCS file: /cvs/dirsec/coolkey/src/coolkey/slot.cpp,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- slot.cpp 25 Jul 2007 23:49:56 -0000 1.8
+++ slot.cpp 16 Oct 2007 00:05:31 -0000 1.9
@@ -205,6 +205,29 @@
return FALSE;
}
+bool
+SlotList::readerNameExistsInList(const char *readerName,CKYReaderNameList *readerNameList)
+{
+ if( !readerName || !readerNameList) {
+ return FALSE;
+ }
+
+ int i = 0;
+ int readerNameCnt = CKYReaderNameList_GetCount(*readerNameList);
+
+ const char *curReaderName = NULL;
+ for(i=0; i < readerNameCnt; i++) {
+ curReaderName = CKYReaderNameList_GetValue(*readerNameList,i);
+
+ if(!strcmp(curReaderName,readerName)) {
+ return TRUE;
+ }
+
+ }
+
+ return FALSE;
+}
+
/*
* you need to hold the ReaderList Lock before you can update the ReaderList
*/
@@ -258,6 +281,27 @@
* don't recognize.
*/
+ /* first though, let's check to see if any previously removed readers have
+ * come back from the dead. If the ignored bit has been set, we do not need
+ * it any more.
+ */
+
+ const char *curReaderName = NULL;
+ unsigned long knownState = 0;
+ for(int ri = 0 ; ri < numReaders; ri ++) {
+
+ knownState = CKYReader_GetKnownState(&readerStates[ri]);
+ if( !(knownState & SCARD_STATE_IGNORE)) {
+ continue;
+ }
+
+ curReaderName = CKYReader_GetReaderName(&readerStates[ri]);
+ if(readerNameExistsInList(curReaderName,&readerNames)) {
+ CKYReader_SetKnownState(&readerStates[ri], knownState & ~SCARD_STATE_IGNORE);
+
+ }
+ }
+
const char *newReadersData[MAX_READER_DELTA];
const char **newReaders = &newReadersData[0];
unsigned int newReaderCount = 0;
@@ -539,13 +583,31 @@
// try to connect to the card
if( ! CKYCardConnection_IsConnected(conn) ) {
- status = CKYCardConnection_Connect(conn, readerName);
- if( status != CKYSUCCESS ) {
- log->log("Unable to connect to token\n");
+ int i = 0;
+ //for cranky readers try again a few more times
+ while( i++ < 5 && status != CKYSUCCESS )
+ {
+ status = CKYCardConnection_Connect(conn, readerName);
+ if( status != CKYSUCCESS &&
+ CKYCardConnection_GetLastError(conn) == SCARD_E_PROTO_MISMATCH )
+ {
+ log->log("Unable to connect to token status %d ConnGetGetLastError %x .\n",status,CKYCardConnection_GetLastError(conn));
+
+ }
+ else
+ {
+ break;
+ }
+ OSSleep(100000);
+ }
+
+ if( status != CKYSUCCESS)
+ {
state = UNKNOWN;
return;
}
}
+
log->log("time connect: Connect Time %d ms\n", OSTimeNow() - time);
if (!slotInfoFound) {
readSlotInfo();
@@ -1074,6 +1136,7 @@
}
throw;
}
+
if (myNumReaders != numReaders) {
if (myReaderStates) {
delete [] myReaderStates;
@@ -1100,6 +1163,7 @@
}
}
}
+
if (found || (flag == CKF_DONT_BLOCK) || shuttingDown) {
break;
}
Index: slot.h
===================================================================
RCS file: /cvs/dirsec/coolkey/src/coolkey/slot.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- slot.h 9 Jun 2006 18:39:11 -0000 1.1
+++ slot.h 16 Oct 2007 00:05:31 -0000 1.2
@@ -527,6 +527,8 @@
* has called 'C_GetSlotList' with a NULL parameter */
void updateReaderList();
+ /* see if a reader name exists in a caller provided reader name list. */
+ bool readerNameExistsInList(const char *readerName,CKYReaderNameList *readerNameList );
bool readerExists(const char *readerName, unsigned int *hint = 0);
public:
SlotList(Log *log);
16 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/snmp main.c, 1.11, 1.12
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/snmp
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28340
Modified Files:
main.c
Log Message:
Resolves: 328741
Summary: Ensure that we NULL terminate strings properly when processing config file settings.
Index: main.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/snmp/main.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- main.c 8 Aug 2007 16:50:00 -0000 1.11
+++ main.c 15 Oct 2007 19:19:32 -0000 1.12
@@ -264,6 +264,10 @@
if ((pidfile = malloc((p - conf_path) +
strlen(LDAP_AGENT_PIDFILE) + 2)) != NULL) {
strncpy(pidfile, conf_path, (p - conf_path + 1));
+ /* The above will likely not be NULL terminated, but we need to
+ * be sure that we're properly NULL terminated for the below
+ * strcat() to work properly. */
+ pidfile[(p - conf_path + 2)] = (char)0;
strcat(pidfile, LDAP_AGENT_PIDFILE);
pidfile[((p - conf_path) + strlen(LDAP_AGENT_PIDFILE) + 1)] = (char)0;
} else {
16 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm ldif2ldbm.c, 1.14, 1.15
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28205/ldapserver/ldap/servers/slapd/back-ldbm
Modified Files:
ldif2ldbm.c
Log Message:
Resolves: bug 330141
Bug Description: uuid generator not initialized by import from command line
Reviewed by: nkinder (Thanks!)
Fix Description:
The unique ID generator is not initialized if import is run from the command
line. The bad effect of this is that the clock sequence and node fields are all
zeros. This could lead to duplicate unique IDs being assigned by two different
servers.
What happens is that the uuid values all look like this:
XXXXXXXX-XXXXXXXX-80000000-00000000
So the time based part is generally ok, but the clock seq and node ID part are never initialized, hence 0's for those fields.
The fix is to initialize the unique id generator in the same manner as we do for the server when it starts up in regular mode, except that we tell the generator to use the single threaded (st) mode rather than the multi threaded (mt) mode.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
Index: ldif2ldbm.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/ldif2ldbm.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- ldif2ldbm.c 24 Sep 2007 18:27:15 -0000 1.14
+++ ldif2ldbm.c 13 Oct 2007 01:49:32 -0000 1.15
@@ -569,6 +569,18 @@
slapi_pblock_get(pb, SLAPI_TASK_FLAGS, &task_flags);
if (task_flags & TASK_RUNNING_FROM_COMMANDLINE) {
+ /* initialize UniqueID generator - must be done once backends are started
+ and event queue is initialized but before plugins are started */
+ Slapi_DN *sdn = slapi_sdn_new_dn_byval ("cn=uniqueid generator,cn=config");
+ int rc = uniqueIDGenInit (NULL, sdn, 0 /* use single thread mode */);
+ slapi_sdn_free (&sdn);
+ if (rc != UID_SUCCESS) {
+ LDAPDebug( LDAP_DEBUG_ANY,
+ "Fatal Error---Failed to initialize uniqueid generator; error = %d. "
+ "Exiting now.\n", rc, 0, 0 );
+ return -1;
+ }
+
li->li_flags |= TASK_RUNNING_FROM_COMMANDLINE;
ldbm_config_load_dse_info(li);
autosize_import_cache(li);
16 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd uuid.c, 1.9, 1.10
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28130/ldapserver/ldap/servers/slapd
Modified Files:
uuid.c
Log Message:
Resolves: bug 330121
Bug Description: uuid generator truncates clock_seq_hi_and_reserved field
Reviewed by: nkinder (Thanks!)
Fix Description:
The uuid code has this code (where clock_seq is unsigned16 - 2 bytes and
uuid->clock_seq_hi_and_reserved is unsigned8 - 1 byte):
uuid->clock_seq_hi_and_reserved = (unsigned8)(clock_seq & 0x3F00) >> 8;
In this code, the cast to unsigned8 takes precedence over over the shift. So
what happens is that (clock_seq & 0x3F00) is first cast to an 8 bit quantity,
then shifted by 8 bits. The result is that the value is _always 0_. The code
also does this:
uuid->clock_seq_hi_and_reserved |= 0x80;
You can see this because every nsUniqueID looks like this:
XXXXXXXX-XXXXXXXX-80XXXXXXXX-XXXXXXXX
The first byte of the 3rd octet is always 80.
This may also be related to https://bugzilla.redhat.com/show_bug.cgi?id=197886 and may explain why the sequence numbers were exhausted so quickly. Without this fix, we only have 256 sequence numbers available. This fix adds another 6 bits.
The fix is to mask and shift as an unsigned16 quantity, then cast to unsigned8.
Platforms tested: RHEL5 x86_64
Flag Day: no - I think this will only impact new unique IDs that are generated. It will not affect existing unique IDs.
Doc impact: no
Index: uuid.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/uuid.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- uuid.c 24 Sep 2007 22:54:55 -0000 1.9
+++ uuid.c 13 Oct 2007 01:47:15 -0000 1.10
@@ -842,7 +842,7 @@
((timestamp >> 48) & 0x0FFF);
uuid->time_hi_and_version |= (1 << 12);
uuid->clock_seq_low = clock_seq & 0xFF;
- uuid->clock_seq_hi_and_reserved = (unsigned8)(clock_seq & 0x3F00) >> 8;
+ uuid->clock_seq_hi_and_reserved = (unsigned8)((clock_seq & 0x3F00) >> 8);
uuid->clock_seq_hi_and_reserved |= 0x80;
memcpy(&uuid->node, &_state.genstate.node, sizeof (uuid->node));
}
16 years, 5 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/cos cos_cache.c, 1.7, 1.8
by Doctor Conrad
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/cos
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27588/plugins/cos
Modified Files:
cos_cache.c
Log Message:
Resolves: #193724
Summary: "nested" filtered roles result in deadlock (Comment #12)
Description:
1. Changed cache_lock to the read-write lock.
2. Instead of using the local vattr_context in vattr_test_filter, use the one
set in pblock as much as possible. To achieve the goal, introduced
pb_vattr_context to pblock.
3. Increased VATTR_LOOP_COUNT_MAX from 50 to 256.
4. When the loop count hit VATTR_LOOP_COUNT_MAX, it sets
LDAP_UNWILLING_TO_PERFORM and returns it to the client.
Index: cos_cache.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/cos/cos_cache.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- cos_cache.c 10 Nov 2006 23:44:56 -0000 1.7
+++ cos_cache.c 12 Oct 2007 18:03:43 -0000 1.8
@@ -2222,6 +2222,7 @@
returns
0 on success, we added a computed attribute
1 on outright failure
+ > LDAP ERROR CODE
-1 when doesn't know about attribute
{PARPAR} must also check the attribute does not exist if we are not
@@ -2392,10 +2393,14 @@
int free_flags = 0;
if(pSpec && pSpec->val) {
- slapi_vattr_values_get_sp(context, e, pSpec->val, &pAttrSpecs, &type_name_disposition, &actual_type_name, 0, &free_flags);
+ ret = slapi_vattr_values_get_sp(context, e, pSpec->val, &pAttrSpecs, &type_name_disposition, &actual_type_name, 0, &free_flags);
/* MAB: We need to free actual_type_name here !!!
XXX BAD--should use slapi_vattr_values_free() */
slapi_ch_free((void **) &actual_type_name);
+ if (SLAPI_VIRTUALATTRS_LOOP_DETECTED == ret) {
+ ret = LDAP_UNWILLING_TO_PERFORM;
+ goto bail;
+ }
}
if(pAttrSpecs || pDef->cosType == COSTYPE_POINTER)
@@ -2548,6 +2553,8 @@
ret = 1;
else if(hit == 1)
ret = 0;
+ else
+ ret = -1;
if(props)
*props = 0;
16 years, 5 months