[Fedora-directory-commits] ldapserver/ldap/servers/slapd/tools/ldclt ldapfct.c, 1.5, 1.6 ldclt.c, 1.5, 1.6 ldclt.h, 1.4, 1.5 scalab01.c, 1.3, 1.4 utils.c, 1.2, 1.3
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25697
Modified Files:
ldapfct.c ldclt.c ldclt.h scalab01.c utils.c
Log Message:
Resolves: 294301
Summary: Don't try to dlopen ldap SSL libs in ldclt.
Index: ldapfct.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt/ldapfct.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ldapfct.c 7 Sep 2007 19:49:51 -0000 1.5
+++ ldapfct.c 19 Sep 2007 18:08:12 -0000 1.6
@@ -256,6 +256,7 @@
#include <sasl.h>
#include "ldaptool-sasl.h"
+#include <ldap_ssl.h> /* ldapssl_init(), etc... */
@@ -668,8 +669,7 @@
* LDAP session initialization in SSL mode
* added by: B Kolics (11/10/00)
*/
- tttctx->ldapCtx = (LDAP *)(*(mctx.sslctx.ldapssl_init)) /*JLS 07-11-00*/
- (mctx.hostname, mctx.port, 1);
+ tttctx->ldapCtx = ldapssl_init(mctx.hostname, mctx.port, 1);
if (mctx.mode & VERY_VERBOSE)
printf ("ldclt[%d]: T%03d: After ldapssl_init (%s, %d), ldapCtx=0x%08x\n",
mctx.pid, tttctx->thrdNum, mctx.hostname, mctx.port,
@@ -686,8 +686,7 @@
*/
if (mctx.mode & CLTAUTH)
{
- ret = (int)(*(mctx.sslctx.ldapssl_enable_clientauth))
- (tttctx->ldapCtx, "", mctx.keydbpin, mctx.cltcertname);
+ ret = ldapssl_enable_clientauth(tttctx->ldapCtx, "", mctx.keydbpin, mctx.cltcertname);
if (mctx.mode & VERY_VERBOSE)
printf
("ldclt[%d]: T%03d: After ldapssl_enable_clientauth (ldapCtx=0x%08x, %s, %s)",
@@ -1835,8 +1834,7 @@
* LDAP session initialization in SSL mode
* added by: B Kolics (11/10/00)
*/
- tttctx->ldapCtx = (LDAP *)(*(mctx.sslctx.ldapssl_init)) /*JLS 07-11-00*/
- (mctx.hostname, mctx.port, 1);
+ tttctx->ldapCtx = ldapssl_init(mctx.hostname, mctx.port, 1);
if (mctx.mode & VERY_VERBOSE)
printf ("ldclt[%d]: T%03d: After ldapssl_init (%s, %d), ldapCtx=0x%08x\n",
mctx.pid, tttctx->thrdNum, mctx.hostname, mctx.port,
@@ -1853,8 +1851,7 @@
*/
if (mctx.mode & CLTAUTH)
{
- ret = (int)(*(mctx.sslctx.ldapssl_enable_clientauth))
- (tttctx->ldapCtx, "", mctx.keydbpin, mctx.cltcertname);
+ ret = ldapssl_enable_clientauth(tttctx->ldapCtx, "", mctx.keydbpin, mctx.cltcertname);
if (mctx.mode & VERY_VERBOSE)
printf
("ldclt[%d]: T%03d: After ldapssl_enable_clientauth (ldapCtx=0x%08x, %s, %s)",
Index: ldclt.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt/ldclt.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ldclt.c 5 Jul 2007 23:53:41 -0000 1.5
+++ ldclt.c 19 Sep 2007 18:08:12 -0000 1.6
@@ -281,21 +281,17 @@
#include <time.h> /* ctime(), etc... */ /*JLS 18-08-00*/
#include <lber.h> /* ldap C-API BER decl. */
#include <ldap.h> /* ldap C-API decl. */
+#include <ldap_ssl.h> /* ldapssl_init(), etc... */
#ifdef LDAP_H_FROM_QA_WKA
#include <proto-ldap.h> /* ldap C-API prototypes */
#endif
-#ifdef _WIN32 /*JLS 29-11-00*/
-#include <ldap_ssl.h> /* ldapssl_init(), etc... */ /*JLS 29-11-00*/
-#else
+#ifndef _WIN32 /*JLS 29-11-00*/
#include <pthread.h> /* pthreads(), etc... */
#include <unistd.h> /* close(), etc... */
#include <dlfcn.h> /* dlopen(), etc... */ /*JLS 07-11-00*/
#include <sys/resource.h> /* setrlimit(), etc... */
#include <sys/time.h> /* struct rlimit, etc... */
#endif
-#ifdef HPUX /*JLS 19-06-01*/
-#include <ldap_ssl.h> /* ldapssl_init(), etc... */ /*JLS 19-06-01*/
-#endif /*JLS 19-06-01*/
#include "port.h" /* Portability definitions */ /*JLS 29-11-00*/
#include "ldclt.h" /* This tool's include file */
@@ -372,112 +368,6 @@
}
-
-
-
-
-#ifdef LDCLT_NO_DLOPEN /*JLS 01-12-00*/
-int /*JLS 29-11-00*/
-sslDynLoadInit (void) /*JLS 29-11-00*/
-{ /*JLS 29-11-00*/
- mctx.sslctx.ldapssl_init = ldapssl_init;
- mctx.sslctx.ldapssl_client_init = ldapssl_client_init;
- mctx.sslctx.ldapssl_clientauth_init = ldapssl_clientauth_init;
- mctx.sslctx.ldapssl_enable_clientauth = ldapssl_enable_clientauth;
- return (0); /*JLS 29-11-00*/
-} /*JLS 29-11-00*/
-#else /*JLS 29-11-00*/
- /* New function */ /*JLS 07-11-00*/
-/* ****************************************************************************
- FUNCTION : sslDynLoadInit
- PURPOSE : Initiates the dynamic load of ssl library.
- INPUT : None.
- OUTPUT : None.
- RETURN : -1 if error, 0 else.
- DESCRIPTION :
- *****************************************************************************/
-int
-sslDynLoadInit (void)
-{
- char *buf; /*JLS 22-11-00*/
-
- /*
- * Open the shared library...
- * Will try to load the hard-coded PATH if not in the PATH.
- */
- mctx.sslctx.libssl = dlopen (SSL_LIB, RTLD_LAZY);
- if (mctx.sslctx.libssl == NULL)
- {
- buf = (char *) malloc (strlen (SSL_LIB) + strlen (SSL_LIB_PATH) + 2);
- strcat (buf, SSL_LIB_PATH);
- strcat (buf, "/");
- strcat (buf, SSL_LIB);
-
- mctx.sslctx.libssl = dlopen (buf, RTLD_LAZY);
- if (mctx.sslctx.libssl == NULL)
- {
- printf ("Cannot dlopen (%s) : %s\n", SSL_LIB, dlerror());
- return (-1);
- }
- }
-
- /*
- * Find the address of function and data objects
- */
- mctx.sslctx.ldapssl_init = (LDAP *(*)(const char *, int, int))
- dlsym (mctx.sslctx.libssl, "ldapssl_init");
- if (mctx.sslctx.ldapssl_init == NULL)
- {
- printf ("Cannot dlsym (ldapssl_init) : %s\n", dlerror());
- return (-1);
- }
-
- /*
- * Next function...
- */
- mctx.sslctx.ldapssl_client_init = (int (*)(const char*, void*))
- dlsym (mctx.sslctx.libssl, "ldapssl_client_init");
- if (mctx.sslctx.ldapssl_client_init == NULL)
- {
- printf ("Cannot dlsym (ldapssl_client_init) : %s\n", dlerror());
- return (-1);
- }
-
- /*
- * Next function...
- */
- mctx.sslctx.ldapssl_clientauth_init =
- (int (*)(char *, void *, int, char *, void *))
- dlsym (mctx.sslctx.libssl, "ldapssl_clientauth_init");
- if (mctx.sslctx.ldapssl_clientauth_init == NULL)
- {
- printf ("Cannot dlsym (ldapssl_enable_clientauth): %s\n", dlerror());
- return (-1);
- }
-
- /*
- * Next function...
- */
- mctx.sslctx.ldapssl_enable_clientauth =
- (int (*)(LDAP *, char *, char *, char *))
- dlsym (mctx.sslctx.libssl, "ldapssl_enable_clientauth");
- if (mctx.sslctx.ldapssl_enable_clientauth == NULL)
- {
- printf ("Cannot dlsym (ldapssl_enable_clientauth): %s\n", dlerror());
- return (-1);
- }
-
- return (0);
-}
-#endif /* LDCLT_NO_DLOPEN */ /*JLS 29-11-00*/
-
-
-
-
-
-
-
-
/* New */ /*JLS 23-03-01*/
/* ****************************************************************************
FUNCTION : copyVersAttribute
@@ -1668,8 +1558,7 @@
*/
if (mctx.mode & CLTAUTH)
{
- if ((*(mctx.sslctx.ldapssl_clientauth_init))
- (mctx.certfile, NULL, 1, mctx.keydbfile, NULL) < 0)
+ if (ldapssl_clientauth_init(mctx.certfile, NULL, 1, mctx.keydbfile, NULL) < 0)
{
fprintf (stderr, "ldclt: %s\n", strerror (errno));
fprintf (stderr, "Cannot ldapssl_clientauth_init (%s,%s)\n",
@@ -1678,8 +1567,7 @@
return (-1);
}
} else {
- if ((*(mctx.sslctx.ldapssl_client_init)) /*JLS 07-11-00*/
- (mctx.certfile, NULL) < 0)
+ if (ldapssl_client_init(mctx.certfile, NULL) < 0)
{
fprintf (stderr, "ldclt: %s\n", strerror (errno));
fprintf (stderr, "Cannot ldapssl_client_init (%s)\n", /*JLS 08-11-00*/
@@ -3073,13 +2961,6 @@
} /*JLS 23-03-01*/
/*
- * Maybe we should load ssl library ?
- */
- if (mctx.mode & SSL) /*JLS 07-11-00*/
- if (sslDynLoadInit() < 0) /*JLS 07-11-00*/
- ldcltExit (EXIT_LOADSSL); /*JLS 07-11-00*/
-
- /*
* Basic initialization from the user's parameters/options
*/
if (basicInit() < 0)
Index: ldclt.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt/ldclt.h,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- ldclt.h 5 Jul 2007 23:53:41 -0000 1.4
+++ ldclt.h 19 Sep 2007 18:08:12 -0000 1.5
@@ -222,13 +222,6 @@
#define DEF_REFERRAL REFERRAL_ON /*JLS 08-03-01*/
#define DEF_SCOPE LDAP_SCOPE_SUBTREE /* Default for -s */
-#ifndef SSL_LIB
-#define SSL_LIB "libldapssl41.so"
-#endif
-#ifndef SSL_LIB_PATH
-#define SSL_LIB_PATH "/qa/ldap/tools/ldclt/src/lib-sparc/ldapcsdk"
-#endif
-
/*
* Referral choices...
*/
@@ -409,27 +402,6 @@
} thoper;
/*
- * This structure will allow to manage the handlers for ssl-related
- * dynamic loaded functions.
- */
-typedef struct ssl_context { /*JLS 07-11-00*/
-#ifndef _WIN32
- void *libssl; /* lib ssl handler */ /*JLS 07-11-00*/
- LDAP *(*ldapssl_init)(const char *, int, int); /*JLS 07-11-00*/
- int (*ldapssl_client_init)(const char*, void*); /*JLS 07-11-00*/
- int (*ldapssl_clientauth_init)(char *, void *, int, char *, void*);
- /* BK 23-11-00*/
- int (*ldapssl_enable_clientauth)(LDAP *, char *, char *, char *);
- /* BK 22-11-00*/
-#else /* _WIN32 */
- LDAP * (LDAP_CALL *ldapssl_init)(const char *, int, int);
- int (LDAP_CALL *ldapssl_client_init)(const char*, void*);
- int (LDAP_CALL *ldapssl_clientauth_init)(char *, void *, int, char *, void*);
- int (LDAP_CALL *ldapssl_enable_clientauth)(LDAP *, char *, char *, char *);
-#endif /* _WIN32 */
-} ssl_context; /*JLS 07-11-00*/
-
-/*
* Versatile object attribute's field
* - If ldclt should use a common counter, then this counter will
* be in the mctx structure and will be found by the commonField
@@ -578,7 +550,6 @@
int slaveConn; /* Slave has connected */
char *slaves[MAX_SLAVES]; /* Slaves list */
int slavesNb; /* Number of slaves */
- ssl_context sslctx; /* SSL dyn. load ctx */ /*JSL 07-11-00*/
int timeout; /* LDAP op. t.o. */
struct timeval timeval; /* Timeval structure */
struct timeval timevalZero; /* Timeout of zero */
Index: scalab01.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt/scalab01.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- scalab01.c 8 Jun 2007 23:19:20 -0000 1.3
+++ scalab01.c 19 Sep 2007 18:08:12 -0000 1.4
@@ -91,6 +91,7 @@
#include <lber.h> /* ldap C-API BER declarations */
#include <ldap.h> /* ldap C-API declarations */
+#include <ldap_ssl.h> /* ldapssl_init(), etc... */
#include "port.h" /* Portability definitions */
#include "ldclt.h" /* This tool's include file */
@@ -521,8 +522,7 @@
/*
* LDAP session initialization in SSL mode
*/
- s1ctx.ldapCtx = (LDAP *)(*(mctx.sslctx.ldapssl_init))
- (mctx.hostname, mctx.port, 1);
+ s1ctx.ldapCtx = ldapssl_init(mctx.hostname, mctx.port, 1);
if (mctx.mode & VERY_VERBOSE)
printf ("ldclt[%d]: ctrl: ldapssl_init (%s, %d), ldapCtx=0x%08x\n",
mctx.pid, mctx.hostname, mctx.port, (unsigned int)s1ctx.ldapCtx);
@@ -538,8 +538,7 @@
*/
if (mctx.mode & CLTAUTH)
{
- ret = (int)(*(mctx.sslctx.ldapssl_enable_clientauth))
- (s1ctx.ldapCtx, "", mctx.keydbpin, mctx.cltcertname);
+ ret = ldapssl_enable_clientauth(s1ctx.ldapCtx, "", mctx.keydbpin, mctx.cltcertname);
if (mctx.mode & VERY_VERBOSE)
printf
("ldclt[%d]: ctrl: After ldapssl_enable_clientauth (ldapCtx=0x%08x, %s, %s)",
Index: utils.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/ldclt/utils.c,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- utils.c 10 Nov 2006 23:45:50 -0000 1.2
+++ utils.c 19 Sep 2007 18:08:12 -0000 1.3
@@ -305,19 +305,10 @@
else
{
/*
- * Maybe strict ascii required ?
+ * strict ascii required
*/
- if (1)
- {
- if (isascii (newChar) && !iscntrl(newChar))
- buf[charNum++] = newChar;
- }
- else
- {
- if (((newChar >= 0x30) && (newChar <= 0x7a)) ||
- ((newChar >= 0xc0) && (newChar <= 0xf6)))
- buf[charNum++] = newChar;
- }
+ if (isascii (newChar) && !iscntrl(newChar))
+ buf[charNum++] = newChar;
}
}
16 years, 6 months
[Fedora-directory-commits] adminserver/admserv/newinst/src AdminServer.pm.in, 1.9, 1.10
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/newinst/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7525/adminserver/admserv/newinst/src
Modified Files:
AdminServer.pm.in
Log Message:
Resolves: bug 295001
Bug Description: Migration - Can't Start Admin Server
Reviewed by: nhosoi (Thanks!)
Fix Description: The migration script was clobbering console.conf instead of replacing the Group information.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
Index: AdminServer.pm.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/AdminServer.pm.in,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- AdminServer.pm.in 14 Sep 2007 21:26:08 -0000 1.9
+++ AdminServer.pm.in 18 Sep 2007 17:11:47 -0000 1.10
@@ -330,14 +330,14 @@
debug(0, "Error opening $admConf->{configdir}/console.conf: $!");
return 0;
}
- my $contents = <CONSOLECONF>;
+ my @contents = <CONSOLECONF>;
close (CONSOLECONF);
- $contents =~ s/^Group.*$/Group $admConf->{sysgroup}/;
+ grep { s/^Group.*$/Group $admConf->{sysgroup}/ } @contents
if (!open(CONSOLECONF, ">$admConf->{configdir}/console.conf")) {
debug(0, "Error writing new group $admConf->{sysgroup} to $admConf->{configdir}/console.conf: $!");
return 0;
}
- print CONSOLECONF $contents;
+ print CONSOLECONF @contents;
close (CONSOLECONF);
}
return 1;
16 years, 6 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd configdse.c, 1.7, 1.8 libglobs.c, 1.19, 1.20
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17638
Modified Files:
configdse.c libglobs.c
Log Message:
Resolves: 293541
Summary: Allow server to start if descriptor related attributes are set too high.
Index: configdse.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/configdse.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- configdse.c 27 Feb 2007 02:57:29 -0000 1.7
+++ configdse.c 17 Sep 2007 22:48:10 -0000 1.8
@@ -294,9 +294,25 @@
if (attr_name)
{
retval = config_set(attr_name, values, returntext, 1 /* force apply */);
- if ((retval != LDAP_SUCCESS) &&
- slapi_attr_flag_is_set(attr, SLAPI_ATTR_FLAG_OPATTR))
- retval = LDAP_SUCCESS; /* ignore attempts to modify operational attrs */
+ if ((strcasecmp(attr_name, CONFIG_MAXDESCRIPTORS_ATTRIBUTE) == 0) ||
+ (strcasecmp(attr_name, CONFIG_RESERVEDESCRIPTORS_ATTRIBUTE) == 0) ||
+ (strcasecmp(attr_name, CONFIG_CONNTABLESIZE_ATTRIBUTE) == 0)) {
+ /* We should not treat an LDAP_UNWILLING_TO_PERFORM as fatal for
+ * the these config attributes. This error is returned when
+ * the value we are trying to set is higher than the current
+ * process limit. The set function will auto-adjust the runtime
+ * value to the current process limit when this happens. We want
+ * to allow the server to still start in this case. */
+ if (retval == LDAP_UNWILLING_TO_PERFORM) {
+ slapi_log_error (SLAPI_LOG_FATAL, NULL, "Config Warning: - %s\n", returntext);
+ retval = LDAP_SUCCESS;
+ }
+ } else {
+ if ((retval != LDAP_SUCCESS) &&
+ slapi_attr_flag_is_set(attr, SLAPI_ATTR_FLAG_OPATTR)) {
+ retval = LDAP_SUCCESS; /* ignore attempts to modify operational attrs */
+ }
+ }
}
if (values)
Index: libglobs.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/libglobs.c,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- libglobs.c 17 Aug 2007 02:12:37 -0000 1.19
+++ libglobs.c 17 Sep 2007 22:48:10 -0000 1.20
@@ -552,27 +552,27 @@
/* parameterizing lock dir */
{CONFIG_LOCKDIR_ATTRIBUTE, config_set_lockdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.lockdir, CONFIG_STRING, config_get_lockdir},
+ (void**)&global_slapdFrontendConfig.lockdir, CONFIG_STRING, (ConfigGetFunc)config_get_lockdir},
/* parameterizing tmp dir */
{CONFIG_TMPDIR_ATTRIBUTE, config_set_tmpdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.tmpdir, CONFIG_STRING, config_get_tmpdir},
+ (void**)&global_slapdFrontendConfig.tmpdir, CONFIG_STRING, (ConfigGetFunc)config_get_tmpdir},
/* parameterizing cert dir */
{CONFIG_CERTDIR_ATTRIBUTE, config_set_certdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.certdir, CONFIG_STRING, config_get_certdir},
+ (void**)&global_slapdFrontendConfig.certdir, CONFIG_STRING, (ConfigGetFunc)config_get_certdir},
/* parameterizing ldif dir */
{CONFIG_LDIFDIR_ATTRIBUTE, config_set_ldifdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.ldifdir, CONFIG_STRING, config_get_ldifdir},
+ (void**)&global_slapdFrontendConfig.ldifdir, CONFIG_STRING, (ConfigGetFunc)config_get_ldifdir},
/* parameterizing bak dir */
{CONFIG_BAKDIR_ATTRIBUTE, config_set_bakdir,
NULL, 0,
- (void**)&global_slapdFrontendConfig.bakdir, CONFIG_STRING, config_get_bakdir},
+ (void**)&global_slapdFrontendConfig.bakdir, CONFIG_STRING, (ConfigGetFunc)config_get_bakdir},
/* parameterizing sasl plugin path */
{CONFIG_SASLPATH_ATTRIBUTE, config_set_saslpath,
NULL, 0,
- (void**)&global_slapdFrontendConfig.saslpath, CONFIG_STRING, config_get_saslpath},
+ (void**)&global_slapdFrontendConfig.saslpath, CONFIG_STRING, (ConfigGetFunc)config_get_saslpath},
{CONFIG_REWRITE_RFC1274_ATTRIBUTE, config_set_rewrite_rfc1274,
NULL, 0,
(void**)&global_slapdFrontendConfig.rewrite_rfc1274, CONFIG_ON_OFF, NULL},
@@ -2655,8 +2655,9 @@
nValue = strtol(value, &endp, 10);
if ( *endp != '\0' || errno == ERANGE || nValue < 1 || nValue > maxVal ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value \"%s\", maximum file descriptors must range from 1 to %d (the current process limit)",
- attrname, value, maxVal );
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value \"%s\", maximum "
+ "file descriptors must range from 1 to %d (the current process limit). "
+ "Server will use a setting of %d.", attrname, value, maxVal, maxVal);
if ( nValue > maxVal ) {
nValue = maxVal;
retVal = LDAP_UNWILLING_TO_PERFORM;
@@ -2707,8 +2708,9 @@
#elif !defined(AIX)
if ( *endp != '\0' || errno == ERANGE || nValue < 1 || nValue > maxVal ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value \"%s\", connection table size must range from 1 to %d"
- " (the current process maxdescriptors limit)", attrname, value, maxVal );
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value \"%s\", connection table "
+ "size must range from 1 to %d (the current process maxdescriptors limit). "
+ "Server will use a setting of %d.", attrname, value, maxVal );
if ( nValue > maxVal) {
nValue = maxVal;
retVal = LDAP_UNWILLING_TO_PERFORM;
@@ -2753,8 +2755,9 @@
nValue = strtol(value, &endp, 10);
if ( *endp != '\0' || errno == ERANGE || nValue < 1 || nValue > maxVal ) {
- PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value \"%s\", reserved file descriptors must range from 1 to %d"
- " (the current process maxdescriptors limit)", attrname, value, maxVal );
+ PR_snprintf ( errorbuf, SLAPI_DSE_RETURNTEXT_SIZE, "%s: invalid value \"%s\", reserved file "
+ "descriptors must range from 1 to %d (the current process maxdescriptors limit). "
+ "Server will use a setting of %d.", attrname, value, maxVal, maxVal );
if ( nValue > maxVal) {
nValue = maxVal;
retVal = LDAP_UNWILLING_TO_PERFORM;
16 years, 6 months
[Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm ldbm_search.c, 1.9, 1.10
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19325/slapd/back-ldbm
Modified Files:
ldbm_search.c
Log Message:
Resolves: 242551
Summary: Performance cleanup of sync code. Improve tombstone search performance.
Index: ldbm_search.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/ldbm_search.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- ldbm_search.c 10 Nov 2006 23:45:39 -0000 1.9
+++ ldbm_search.c 17 Sep 2007 19:18:31 -0000 1.10
@@ -818,21 +818,6 @@
}
-static int
-nscpentrydn_check_filter(Slapi_Filter *f)
-{
- if (!f || (f->f_choice != LDAP_FILTER_AND))
- return 0; /* Not nscpEntryDN filter */
-
- if ( 0 == strcasecmp ( f->f_and->f_avtype, SLAPI_ATTR_NSCP_ENTRYDN)) {
- return 1; /* Contains a nscpEntryDN filter */
- } else if ( 0 == strcasecmp ( f->f_and->f_next->f_avtype, SLAPI_ATTR_NSCP_ENTRYDN)) {
- return 1;
- }
- return 0; /* Not nscpEntryDN filter */
-}
-
-
/*
* Build a candidate list for a SUBTREE scope search.
*/
@@ -886,41 +871,6 @@
idl_free(tmp);
idl_free(descendants);
}
- /*
- * If the search is initiated by the Directory Manager,
- * and the filter includes objectclass=nsTombstone,
- * then we union the candidate list with all the tombstone
- * entries in this backend instance.
- */
- if (has_tombstone_filter && isroot && !nscpentrydn_check_filter(filter))
- {
- IDList *idl;
- IDList *tmp= candidates;
- struct slapi_filter f = {0};
- f.f_choice = LDAP_FILTER_EQUALITY;
- f.f_avtype = "objectclass";
- f.f_avvalue.bv_val = SLAPI_ATTR_VALUE_TOMBSTONE;
- f.f_avvalue.bv_len = strlen(SLAPI_ATTR_VALUE_TOMBSTONE);
- f.f_next= NULL;
- idl = filter_candidates( pb, be, NULL, &f, NULL, 0, err );
-
- /*
- * If that gave allids then try (nscpentrydn=*) instead.
- * The nscpentrydn equality index contains all the tombstones
- * and can be used to resolve a presence filter without
- * hitting allids.
- */
- if (idl && ALLIDS(idl)) {
- idl_free(idl);
- f.f_choice = LDAP_FILTER_PRESENT;
- f.f_avtype = SLAPI_ATTR_NSCP_ENTRYDN;
- idl = filter_candidates( pb, be, NULL, &f, NULL, 0, err );
- }
-
- candidates = idl_union( be, idl, tmp );
- idl_free( idl );
- idl_free( tmp );
- }
return( candidates );
}
16 years, 6 months
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication windows_private.c, 1.15, 1.16 windows_prot_private.h, 1.7, 1.8 windows_protocol_util.c, 1.32, 1.33 windowsrepl.h, 1.12, 1.13
by Doctor Conrad
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19325/plugins/replication
Modified Files:
windows_private.c windows_prot_private.h
windows_protocol_util.c windowsrepl.h
Log Message:
Resolves: 242551
Summary: Performance cleanup of sync code. Improve tombstone search performance.
Index: windows_private.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/windows_private.c,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- windows_private.c 12 Sep 2007 23:05:24 -0000 1.15
+++ windows_private.c 17 Sep 2007 19:18:30 -0000 1.16
@@ -66,6 +66,10 @@
char *windows_domain;
int isnt4;
int iswin2k3;
+ /* This filter is used to determine if an entry belongs to this agreement. We put it here
+ * so we only have to allocate each filter once instead of doing it every time we receive a change. */
+ Slapi_Filter *directory_filter; /* Used for checking if local entries need to be sync'd to AD */
+ Slapi_Filter *deleted_filter; /* Used for checking if an entry is an AD tombstone */
};
static int
@@ -192,6 +196,8 @@
dp = (Dirsync_Private *)slapi_ch_calloc(sizeof(Dirsync_Private),1);
dp->dirsync_maxattributecount = -1;
+ dp->directory_filter = NULL;
+ dp->deleted_filter = NULL;
LDAPDebug( LDAP_DEBUG_TRACE, "<= windows_private_new\n", 0, 0, 0 );
return dp;
@@ -206,8 +212,8 @@
PR_ASSERT(dp != NULL);
- /* DBDB: need to free payoad here */
-
+ slapi_filter_free(dp->directory_filter, 1);
+ slapi_filter_free(dp->deleted_filter, 1);
slapi_ch_free((void **)dp);
LDAPDebug( LDAP_DEBUG_TRACE, "<= windows_private_delete\n", 0, 0, 0 );
@@ -278,6 +284,53 @@
LDAPDebug( LDAP_DEBUG_TRACE, "<= windows_private_set_iswin2k3\n", 0, 0, 0 );
}
+/* Returns a copy of the Slapi_Filter pointer. The caller should not free it */
+Slapi_Filter* windows_private_get_directory_filter(const Repl_Agmt *ra)
+{
+ Dirsync_Private *dp;
+
+ LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_private_get_directory_filter\n", 0, 0, 0 );
+
+ PR_ASSERT(ra);
+
+ dp = (Dirsync_Private *) agmt_get_priv(ra);
+ PR_ASSERT (dp);
+
+ if (dp->directory_filter == NULL) {
+ char *string_filter = slapi_ch_strdup("(&(|(objectclass=ntuser)(objectclass=ntgroup))(ntUserDomainId=*))");
+ /* The filter gets freed in windows_agreement_delete() */
+ dp->directory_filter = slapi_str2filter( string_filter );
+ slapi_ch_free_string(&string_filter);
+ }
+
+ LDAPDebug( LDAP_DEBUG_TRACE, "<= windows_private_get_directory_filter\n", 0, 0, 0 );
+
+ return dp->directory_filter;
+}
+
+/* Returns a copy of the Slapi_Filter pointer. The caller should not free it */
+Slapi_Filter* windows_private_get_deleted_filter(const Repl_Agmt *ra)
+{
+ Dirsync_Private *dp;
+
+ LDAPDebug( LDAP_DEBUG_TRACE, "=> windows_private_get_deleted_filter\n", 0, 0, 0 );
+
+ PR_ASSERT(ra);
+
+ dp = (Dirsync_Private *) agmt_get_priv(ra);
+ PR_ASSERT (dp);
+
+ if (dp->deleted_filter == NULL) {
+ char *string_filter = slapi_ch_strdup("(isdeleted=*)");
+ /* The filter gets freed in windows_agreement_delete() */
+ dp->deleted_filter = slapi_str2filter( string_filter );
+ slapi_ch_free_string(&string_filter);
+ }
+
+ LDAPDebug( LDAP_DEBUG_TRACE, "<= windows_private_get_deleted_filter\n", 0, 0, 0 );
+
+ return dp->deleted_filter;
+}
/* Returns a copy of the Slapi_DN pointer, no need to free it */
const Slapi_DN* windows_private_get_windows_subtree (const Repl_Agmt *ra)
Index: windows_prot_private.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/windows_prot_private.h,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- windows_prot_private.h 10 Nov 2006 23:45:17 -0000 1.7
+++ windows_prot_private.h 17 Sep 2007 19:18:30 -0000 1.8
@@ -52,35 +52,6 @@
#define ACQUIRE_CONSUMER_WAS_UPTODATE 104
#define ACQUIRE_TRANSIENT_ERROR 105
-typedef struct windows_private_repl_protocol
-{
- void (*delete)(struct windows_private_repl_protocol **);
- void (*run)(struct windows_private_repl_protocol *);
- int (*stop)(struct windows_private_repl_protocol *);
- int (*status)(struct windows_private_repl_protocol *);
- void (*notify_update)(struct windows_private_repl_protocol *);
- void (*notify_agmt_changed)(struct windows_private_repl_protocol *);
- void (*notify_window_opened)(struct windows_private_repl_protocol *);
- void (*notify_window_closed)(struct windows_private_repl_protocol *);
- void (*update_now)(struct windows_private_repl_protocol *);
- PRLock *lock;
- PRCondVar *cvar;
- int stopped;
- int terminate;
- PRUint32 eventbits;
- Repl_Connection *conn;
- int last_acquire_response_code;
- Repl_Agmt *agmt;
- Object *replica_object;
- void *private;
- PRBool replica_acquired;
-} Windows_Private_Repl_Protocol;
-
-/*
-extern Windows_Private_Repl_Protocol *Windows_Inc_Protocol_new();
-extern Windows_Private_Repl_Protocol *Windows_Tot_Protocol_new();
-*/
-
#define PROTOCOL_TERMINATION_NORMAL 301
#define PROTOCOL_TERMINATION_ABNORMAL 302
#define PROTOCOL_TERMINATION_NEEDS_TOTAL_UPDATE 303
Index: windows_protocol_util.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/windows_protocol_util.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- windows_protocol_util.c 12 Sep 2007 23:05:25 -0000 1.32
+++ windows_protocol_util.c 17 Sep 2007 19:18:30 -0000 1.33
@@ -65,10 +65,12 @@
static Slapi_DN* map_dn_group(Slapi_DN *sdn, int map_to, const Slapi_DN *root);
static void make_mods_from_entries(Slapi_Entry *new_entry, Slapi_Entry *existing_entry, LDAPMod ***attrs);
static void windows_map_mods_for_replay(Private_Repl_Protocol *prp,LDAPMod **original_mods, LDAPMod ***returned_mods, int is_user, char** password);
-static int is_subject_of_agreemeent_local(const Slapi_Entry *local_entry,const Repl_Agmt *ra);
+static int is_subject_of_agreement_local(const Slapi_Entry *local_entry,const Repl_Agmt *ra);
static int windows_create_remote_entry(Private_Repl_Protocol *prp,Slapi_Entry *original_entry, Slapi_DN *remote_sdn, Slapi_Entry **remote_entry, char** password);
static int windows_get_local_entry(const Slapi_DN* local_dn,Slapi_Entry **local_entry);
static int windows_get_local_entry_by_uniqueid(Private_Repl_Protocol *prp,const char* uniqueid,Slapi_Entry **local_entry);
+static int windows_get_local_tombstone_by_uniqueid(Private_Repl_Protocol *prp,const char* uniqueid,Slapi_Entry **local_entry);
+static int windows_search_local_entry_by_uniqueid(Private_Repl_Protocol *prp, const char *uniqueid, char ** attrs, Slapi_Entry **ret_entry, int tombstone, void * component_identity);
static int map_entry_dn_outbound(Slapi_Entry *e, Slapi_DN **dn, Private_Repl_Protocol *prp, int *missing_entry, int want_guid);
static char* extract_ntuserdomainid_from_entry(Slapi_Entry *e);
static char* extract_container(const Slapi_DN *entry_dn, const Slapi_DN *suffix_dn);
@@ -76,7 +78,7 @@
static int windows_get_remote_tombstone(Private_Repl_Protocol *prp, const Slapi_DN* remote_dn,Slapi_Entry **remote_entry);
static int windows_reanimate_tombstone(Private_Repl_Protocol *prp, const Slapi_DN* tombstone_dn, const char* new_dn);
static const char* op2string (int op);
-static int is_subject_of_agreemeent_remote(Slapi_Entry *e, const Repl_Agmt *ra);
+static int is_subject_of_agreement_remote(Slapi_Entry *e, const Repl_Agmt *ra);
static int map_entry_dn_inbound(Slapi_Entry *e, Slapi_DN **dn, const Repl_Agmt *ra);
static int windows_update_remote_entry(Private_Repl_Protocol *prp,Slapi_Entry *remote_entry,Slapi_Entry *local_entry);
static int is_guid_dn(Slapi_DN *remote_dn);
@@ -405,7 +407,7 @@
int missing_entry = 0;
Slapi_DN *remote_dn = NULL;
/* Now map the DN */
- is_ours = is_subject_of_agreemeent_local(local_entry,prp->agmt);
+ is_ours = is_subject_of_agreement_local(local_entry,prp->agmt);
if (is_ours)
{
map_entry_dn_outbound(local_entry,&remote_dn,prp,&missing_entry, 0 /* don't want GUID form here */);
@@ -447,7 +449,7 @@
retval = windows_get_remote_entry(prp,original_dn,&remote_entry);
if (remote_entry && 0 == retval)
{
- is_ours = is_subject_of_agreemeent_remote(remote_entry,prp->agmt);
+ is_ours = is_subject_of_agreement_remote(remote_entry,prp->agmt);
if (is_ours)
{
retval = map_entry_dn_inbound(remote_entry,&local_dn,prp->agmt);
@@ -1121,10 +1123,16 @@
local_dn = slapi_sdn_new_dn_byref( op->target_address.dn );
/* Since we have the target uniqueid in the op structure, let's
- * fetch the local entry here using it.
+ * fetch the local entry here using it. We do not want to search
+ * across tombstone entries unless we are dealing with a delete
+ * operation here since searching across tombstones can be very
+ * inefficient as the tombstones build up.
*/
-
- rc = windows_get_local_entry_by_uniqueid(prp, op->target_address.uniqueid, &local_entry);
+ if (op->operation_type != SLAPI_OPERATION_DELETE) {
+ rc = windows_get_local_entry_by_uniqueid(prp, op->target_address.uniqueid, &local_entry);
+ } else {
+ rc = windows_get_local_tombstone_by_uniqueid(prp, op->target_address.uniqueid, &local_entry);
+ }
if (rc)
{
@@ -1135,7 +1143,7 @@
goto error;
}
- is_ours = is_subject_of_agreemeent_local(local_entry, prp->agmt);
+ is_ours = is_subject_of_agreement_local(local_entry, prp->agmt);
windows_is_local_entry_user_or_group(local_entry,&is_user,&is_group);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
@@ -1839,25 +1847,15 @@
/* Is this entry a tombstone ? */
static int
-is_tombstone(Slapi_Entry *e)
+is_tombstone(Private_Repl_Protocol *prp, Slapi_Entry *e)
{
int retval = 0;
- char *string_deleted = slapi_ch_strdup("(isdeleted=*)");
-
- /* DBDB: we should allocate these filters once and keep them around for better performance */
- Slapi_Filter *filter_deleted = slapi_str2filter( string_deleted );
-
- slapi_ch_free_string(&string_deleted);
- /* DBDB: this should be one filter, the code originally tested separately and hasn't been fixed yet */
- if ( (slapi_filter_test_simple( e, filter_deleted ) == 0) )
+ if ( (slapi_filter_test_simple( e, (Slapi_Filter*)windows_private_get_deleted_filter(prp->agmt) ) == 0) )
{
retval = 1;
}
- slapi_filter_free(filter_deleted,1);
- filter_deleted = NULL;
-
return retval;
}
@@ -2724,7 +2722,7 @@
* and does it have the right attribute values for sync ?)
*/
static int
-is_subject_of_agreemeent_local(const Slapi_Entry *local_entry, const Repl_Agmt *ra)
+is_subject_of_agreement_local(const Slapi_Entry *local_entry, const Repl_Agmt *ra)
{
int retval = 0;
int is_in_subtree = 0;
@@ -2741,23 +2739,16 @@
{
/* Next test for the correct kind of entry */
if (local_entry) {
- /* DBDB: we should allocate these filters once and keep them around for better performance */
- char *string_filter = slapi_ch_strdup("(&(|(objectclass=ntuser)(objectclass=ntgroup))(ntUserDomainId=*))");
- Slapi_Filter *filter = slapi_str2filter( string_filter );
-
- slapi_ch_free_string(&string_filter);
- if (slapi_filter_test_simple( (Slapi_Entry*)local_entry, filter ) == 0)
+ if (slapi_filter_test_simple( (Slapi_Entry*)local_entry,
+ (Slapi_Filter*)windows_private_get_directory_filter(ra)) == 0)
{
retval = 1;
}
-
- slapi_filter_free(filter,1);
- filter = NULL;
} else
{
/* Error: couldn't find the entry */
slapi_log_error(SLAPI_LOG_FATAL, windows_repl_plugin_name,
- "failed to find entry in is_subject_of_agreemeent_local: %d\n", retval);
+ "failed to find entry in is_subject_of_agreement_local: %d\n", retval);
retval = 0;
}
}
@@ -2767,7 +2758,7 @@
/* Tests if the entry is subject to our agreement (i.e. is it in the sync'ed subtree in AD and either a user or a group ?) */
static int
-is_subject_of_agreemeent_remote(Slapi_Entry *e, const Repl_Agmt *ra)
+is_subject_of_agreement_remote(Slapi_Entry *e, const Repl_Agmt *ra)
{
int retval = 0;
int is_in_subtree = 0;
@@ -3342,7 +3333,7 @@
int missing_entry = 0;
const Slapi_DN *local_dn = slapi_entry_get_sdn_const(e);
/* First check if the entry is for us */
- is_ours = is_subject_of_agreemeent_local(e, prp->agmt);
+ is_ours = is_subject_of_agreement_local(e, prp->agmt);
slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name,
"%s: windows_process_total_entry: Looking dn=\"%s\" (%s)\n",
agmt_get_long_name(prp->agmt), slapi_sdn_get_dn(slapi_entry_get_sdn_const(e)), is_ours ? "ours" : "not ours");
@@ -3366,8 +3357,8 @@
return retval;
}
-int
-windows_search_local_entry_by_uniqueid(Private_Repl_Protocol *prp, const char *uniqueid, char ** attrs, Slapi_Entry **ret_entry , void * component_identity)
+static int
+windows_search_local_entry_by_uniqueid(Private_Repl_Protocol *prp, const char *uniqueid, char ** attrs, Slapi_Entry **ret_entry, int tombstone, void * component_identity)
{
Slapi_Entry **entries = NULL;
Slapi_PBlock *int_search_pb = NULL;
@@ -3377,7 +3368,15 @@
*ret_entry = NULL;
local_subtree = windows_private_get_directory_subtree(prp->agmt);
- filter_string = PR_smprintf("(&(|(objectclass=*)(objectclass=ldapsubentry)(objectclass=nsTombstone))(nsUniqueid=%s))",uniqueid);
+
+ /* Searching for tombstones can be expensive, so the caller needs to specify if
+ * we should search for a tombstone entry, or a normal entry. */
+ if (tombstone) {
+ filter_string = PR_smprintf("(&(objectclass=nsTombstone)(nsUniqueid=%s))", uniqueid);
+ } else {
+ filter_string = PR_smprintf("(&(|(objectclass=*)(objectclass=ldapsubentry))(nsUniqueid=%s))",uniqueid);
+ }
+
int_search_pb = slapi_pblock_new ();
slapi_search_internal_set_pb ( int_search_pb, slapi_sdn_get_dn(local_subtree), LDAP_SCOPE_SUBTREE, filter_string,
attrs ,
@@ -3412,7 +3411,7 @@
{
int retval = ENTRY_NOTFOUND;
Slapi_Entry *new_entry = NULL;
- windows_search_local_entry_by_uniqueid( prp, uniqueid, NULL, &new_entry,
+ windows_search_local_entry_by_uniqueid( prp, uniqueid, NULL, &new_entry, 0, /* Don't search tombstones */
repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION));
if (new_entry)
{
@@ -3423,6 +3422,21 @@
}
static int
+windows_get_local_tombstone_by_uniqueid(Private_Repl_Protocol *prp,const char* uniqueid,Slapi_Entry **local_entry)
+{
+ int retval = ENTRY_NOTFOUND;
+ Slapi_Entry *new_entry = NULL;
+ windows_search_local_entry_by_uniqueid( prp, uniqueid, NULL, &new_entry, 1, /* Search for tombstones */
+ repl_get_plugin_identity (PLUGIN_MULTIMASTER_REPLICATION));
+ if (new_entry)
+ {
+ *local_entry = new_entry;
+ retval = 0;
+ }
+ return retval;
+}
+
+static int
windows_get_local_entry(const Slapi_DN* local_dn,Slapi_Entry **local_entry)
{
int retval = ENTRY_NOTFOUND;
@@ -3446,7 +3460,7 @@
/* deleted users are outside the 'correct container'.
They live in cn=deleted objects, windows_private_get_directory_subtree( prp->agmt) */
- if (is_tombstone(e))
+ if (is_tombstone(prp, e))
{
rc = map_tombstone_dn_inbound(e, &local_sdn, prp->agmt);
if ((0 == rc) && local_sdn)
@@ -3461,7 +3475,7 @@
} else
{
/* Is this entry one we should be interested in ? */
- if (is_subject_of_agreemeent_remote(e,prp->agmt))
+ if (is_subject_of_agreement_remote(e,prp->agmt))
{
/* First make its local DN */
rc = map_entry_dn_inbound(e, &local_sdn, prp->agmt);
Index: windowsrepl.h
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/windowsrepl.h,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- windowsrepl.h 12 Sep 2007 23:05:25 -0000 1.12
+++ windowsrepl.h 17 Sep 2007 19:18:30 -0000 1.13
@@ -68,6 +68,8 @@
void windows_private_set_isnt4(const Repl_Agmt *ra, int isit);
int windows_private_get_iswin2k3(const Repl_Agmt *ra);
void windows_private_set_iswin2k3(const Repl_Agmt *ra, int isit);
+Slapi_Filter* windows_private_get_directory_filter(const Repl_Agmt *ra);
+Slapi_Filter* windows_private_get_deleted_filter(const Repl_Agmt *ra);
const char* windows_private_get_purl(const Repl_Agmt *ra);
/* in windows_connection.c */
16 years, 6 months
[Fedora-directory-commits] adminserver/admserv/newinst/src AdminMigration.pm.in, 1.5, 1.6 AdminServer.pm.in, 1.8, 1.9 setup-ds-admin.res.in, 1.6, 1.7
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/newinst/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13733/adminserver/admserv/newinst/src
Modified Files:
AdminMigration.pm.in AdminServer.pm.in setup-ds-admin.res.in
Log Message:
Resolves: bug 288451
Bug Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Reviewed by: nhosoi (Thanks!)
Fix Description: These are additional fixes for various and sundry problems:
1) If doing cross platform migration, just use the default db and changelog db dirs
2) If doing same platform migration, try to keep the db dir if the user has changed it. It will usually be changed for a good reason, like moving to a separate device for performance reasons. In order to see if the directory has changed, we need to "normalize" the path in the attribute so that we can compare it correctly.
3) Do not migrate the attributes nsslapd-db-private-import-mem and nsslapd-import-cache-autosize - just use the new default values for these
4) Do not migrate nsslapd-allidsthreshold - this has been removed
5) Add additional error checking and handling when migrating the local.conf information.
6) Change the brand in the sie and isie when migrating.
7) Update the Group in console.conf during migration.
Platforms tested: HP-UX 11.23 IPF64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: AdminMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/AdminMigration.pm.in,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- AdminMigration.pm.in 16 Aug 2007 00:34:04 -0000 1.5
+++ AdminMigration.pm.in 14 Sep 2007 21:26:08 -0000 1.6
@@ -216,6 +216,14 @@
}
# now get the entries and write them to local.conf
my $entry = $conn->search($inf->{admin}->{sie}, "sub", "(objectclass=*)");
+ if (!$entry || $conn->getErrorCode()) {
+ $mig->msg($FATAL, 'error_no_localconf_entries',
+ $inf->{admin}->{sie}, $localconf, $conn->getErrorString());
+ $conn->close();
+ close(LOCALCONF);
+ return 0;
+ }
+
while ($entry) {
updateLocalConf($entry, $inf->{admin}->{sie}, \*LOCALCONF);
$entry = $conn->nextEntry();
@@ -468,6 +476,10 @@
return 0;
}
+ # change branding information
+ $mig->{inf}->{admin}->{sie} =~ s/\bNetscape\b/@capbrand@/g;
+ $mig->{inf}->{admin}->{isie} =~ s/\bNetscape\b/@capbrand@/g;
+
if (!updateAdmConf({ldapurl => $mig->{inf}->{General}->{ConfigDirectoryLdapURL},
userdn => $mig->{inf}->{General}->{ConfigDirectoryAdminID},
SuiteSpotUserID => $mig->{inf}->{General}->{SuiteSpotUserID},
@@ -524,3 +536,10 @@
# obligatory module true return
1;
+
+# emacs settings
+# Local Variables:
+# mode:perl
+# indent-tabs-mode: nil
+# tab-width: 4
+# End:
Index: AdminServer.pm.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/AdminServer.pm.in,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- AdminServer.pm.in 27 Jul 2007 01:42:46 -0000 1.8
+++ AdminServer.pm.in 14 Sep 2007 21:26:08 -0000 1.9
@@ -323,6 +323,23 @@
debug(1, $output);
$ENV{LD_LIBRARY_PATH} = $savepath;
$ENV{SHLIB_PATH} = $savepath;
+
+ # update Group in console.conf
+ if ($admConf->{sysgroup}) {
+ if (!open(CONSOLECONF, "$admConf->{configdir}/console.conf")) {
+ debug(0, "Error opening $admConf->{configdir}/console.conf: $!");
+ return 0;
+ }
+ my $contents = <CONSOLECONF>;
+ close (CONSOLECONF);
+ $contents =~ s/^Group.*$/Group $admConf->{sysgroup}/;
+ if (!open(CONSOLECONF, ">$admConf->{configdir}/console.conf")) {
+ debug(0, "Error writing new group $admConf->{sysgroup} to $admConf->{configdir}/console.conf: $!");
+ return 0;
+ }
+ print CONSOLECONF $contents;
+ close (CONSOLECONF);
+ }
return 1;
}
Index: setup-ds-admin.res.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/setup-ds-admin.res.in,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- setup-ds-admin.res.in 27 Jul 2007 01:42:46 -0000 1.6
+++ setup-ds-admin.res.in 14 Sep 2007 21:26:08 -0000 1.7
@@ -103,6 +103,7 @@
registering_adminserver = Registering admin server with the configuration directory server . . .\n
error_adding_adminserver_config_entry = Could not add the admin server configuration entry '%s'.\nCheck the configuration directory server access and error log for more details.\n
error_updating_localconf_entry = Could not update the local admin server configuration file for the configuration entry '%s'.\n
+error_no_localconf_entries = Error finding LDAP entries under '%s' to update in the local admin server configuration file '%s'. LDAP Error: %s\n
updating_admconf_configds = Updating adm.conf with information from configuration directory server . . .\n
updating_httpconf = Updating the configuration for the httpd engine . . .\n
error_updating_httpconf = Could not update the httpd engine configuration.\n
16 years, 6 months
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.13, 1.14
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13579/ldapserver/ldap/admin/src/scripts
Modified Files:
DSMigration.pm.in
Log Message:
Resolves: bug 288451
Bug Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Reviewed by: nhosoi (Thanks!)
Fix Description: These are additional fixes for various and sundry problems:
1) If doing cross platform migration, just use the default db and changelog db dirs
2) If doing same platform migration, try to keep the db dir if the user has changed it. It will usually be changed for a good reason, like moving to a separate device for performance reasons. In order to see if the directory has changed, we need to "normalize" the path in the attribute so that we can compare it correctly.
3) Do not migrate the attributes nsslapd-db-private-import-mem and nsslapd-import-cache-autosize - just use the new default values for these
4) Do not migrate nsslapd-allidsthreshold - this has been removed
5) Add additional error checking and handling when migrating the local.conf information.
6) Change the brand in the sie and isie when migrating.
7) Update the Group in console.conf during migration.
Platforms tested: HP-UX 11.23 IPF64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: DSMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- DSMigration.pm.in 14 Sep 2007 16:26:17 -0000 1.13
+++ DSMigration.pm.in 14 Sep 2007 21:24:12 -0000 1.14
@@ -56,6 +56,9 @@
use File::Temp qw(tempfile tempdir);
use File::Basename qw(basename);
+# absolute path handling
+use Cwd qw(realpath);
+
# load perldap
use Mozilla::LDAP::Conn;
use Mozilla::LDAP::Utils qw(normalizeDN);
@@ -104,7 +107,14 @@
'nsslapd-ldapigidnumbertype' => 'nsslapd-ldapigidnumbertype',
'nsslapd-ldapientrysearchbase' => 'nsslapd-ldapientrysearchbase',
'nsslapd-ldapiautodnsuffix' => 'nsslapd-ldapiautodnsuffix',
- 'numsubordinates' => 'numSubordinates'
+ 'numsubordinates' => 'numSubordinates',
+ # for these, we just want to use the default values, even if they were
+ # set in 7.1 or later
+ 'nsslapd-db-private-import-mem' => 'nsslapd-db-private-import-mem',
+ 'nsslapd-import-cache-autosize' => 'nsslapd-import-cache-autosize',
+ # nsslapd-allidsthreshold does not exist anymore
+ # the analogous concept is nsslapd-idlistscanlimit for searches
+ 'nsslapd-allidsthreshold' => 'nsslapd-allidsthreshold'
);
# these are the obsolete entries we do not migrate
@@ -126,19 +136,23 @@
sub getNewDbDir {
my ($ent, $attr, $mig, $inst) = @_;
+ my $newval;
my %objclasses = map { lc($_) => $_ } $ent->getValues('objectclass');
my $cn = $ent->getValues('cn');
- my $oldval = $ent->getValues($attr);
- my $newval;
# there is one case where we want to just use the existing db directory
# that's the case where the user has moved the indexes and/or the
# transaction logs to different partitions for performance
# in that case, the old directory will not be the same as the default,
# and the directory will exist
- my $olddefault = "$mig->{actualsroot}/$inst";
- if (-d $oldval and ($oldval !~ /^$olddefault/)) {
- debug(2, "Keeping old value [$oldval] for attr $attr in entry ", $ent->getDN(), "\n");
- return $oldval;
+ # for cross platform, we should just use the new default location
+ if (!$mig->{crossplatform}) {
+ my $oldval = $ent->getValues($attr);
+ my $absoldval = realpath($oldval) || $oldval;
+ my $olddefault = "$mig->{actualsroot}/$inst";
+ if (-d $absoldval and ($absoldval !~ /^$olddefault/)) {
+ debug(2, "Keeping old value [$absoldval] for attr $attr in entry ", $ent->getDN(), "\n");
+ return $oldval;
+ }
}
# otherwise, just use the new default locations
if ("@with_fhs_opt@") {
16 years, 6 months
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.12, 1.13
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6434
Modified Files:
DSMigration.pm.in
Log Message:
Resolves: bug 288451
Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Fix Description: Cannot start servers until after the data and config has been migrated.
Index: DSMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- DSMigration.pm.in 14 Sep 2007 02:41:13 -0000 1.12
+++ DSMigration.pm.in 14 Sep 2007 16:26:17 -0000 1.13
@@ -743,9 +743,9 @@
return 0;
}
- if (!$mig->{start_servers}) {
- $inf->{slapd}->{start_server} = 0;
- }
+ # create servers but do not start them until after databases
+ # have been migrated
+ $inf->{slapd}->{start_server} = 0;
# create the new instance
@errs = createDSInstance($inf);
@@ -768,6 +768,15 @@
$mig->msg(@errs);
return 0;
}
+
+ # finally, start the server
+ if ($mig->{start_servers}) {
+ $inf->{slapd}->{start_server} = 1;
+ if (@errs = DSCreate::startServer($inf)) {
+ $mig->msg(@errs);
+ return 0;
+ }
+ }
}
return 1;
16 years, 6 months
[Fedora-directory-commits] adminserver/admserv/newinst/src migrate-ds-admin.pl.in, 1.7, 1.8
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/newinst/src
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14651/adminserver/admserv/newinst/src
Modified Files:
migrate-ds-admin.pl.in
Log Message:
Resolves: bug 288451
Bug Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Reviewed by: nhosoi (Thanks!)
Fix Description: 1) The temp file created to fix nsroot was not owned by the server user, and ldif2db could not open it.
2) The perldap LDIF parser/writer did not correctly handle the version: 1 line in the LDIF file. It outputs dn\nversion: 1 which causes ldif2db to crash.
3) The migrate script could not start the server because it wasn't looking in the fhs-opt location. The real solution is to just have migration start the servers after it migrates them. This assumes the old servers are all shutdown first, which they must be, in order to have a consistent database for migration.
These last two were found and fixed by nhosoi
4) If we transform an attribute to an empty value, this means we want to remove it from the migrated entry. We use the remove method to remove the attribute.
5) The remove method in FileConn was not working. We have to make a clone of the entry that we have removed the attribute from. The process of iterating over the attributes skips deleted ones because of the way the Tie::Hash functions in the Entry class work.
Platforms tested: HP-UX 11.23 IPF64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: migrate-ds-admin.pl.in
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/migrate-ds-admin.pl.in,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- migrate-ds-admin.pl.in 2 Aug 2007 14:44:10 -0000 1.7
+++ migrate-ds-admin.pl.in 14 Sep 2007 02:42:05 -0000 1.8
@@ -51,15 +51,6 @@
$mig->doExit(1);
}
-# if the config ds is on the local machine, shut down the old one
-# and bring up the new one - the rest of migration needs to update it
-
-my $configdsinst = getLocalConfigDS("$mig->{oldsroot}/admin-serv/config");
-if ($configdsinst) {
- system("$mig->{oldsroot}/slapd-$configdsinst/stop-slapd");
- system("@dslibdir@/slapd-$configdsinst/start-slapd");
-}
-
# next, migrate the admin server - this also registers the directory servers
$mig->msg('begin_as_migration', $mig->{oldsroot});
if (!migrateAdminServer($mig)) {
16 years, 6 months
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.11, 1.12 FileConn.pm, 1.3, 1.4 Migration.pm.in, 1.5, 1.6 Util.pm.in, 1.11, 1.12
by Doctor Conrad
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14616/ldapserver/ldap/admin/src/scripts
Modified Files:
DSMigration.pm.in FileConn.pm Migration.pm.in Util.pm.in
Log Message:
Resolves: bug 288451
Bug Description: Show-Stopper - Migration from HP-PARISC DS 6.21 to DS80 on HP-Itaninum
Reviewed by: nhosoi (Thanks!)
Fix Description: 1) The temp file created to fix nsroot was not owned by the server user, and ldif2db could not open it.
2) The perldap LDIF parser/writer did not correctly handle the version: 1 line in the LDIF file. It outputs dn\nversion: 1 which causes ldif2db to crash.
3) The migrate script could not start the server because it wasn't looking in the fhs-opt location. The real solution is to just have migration start the servers after it migrates them. This assumes the old servers are all shutdown first, which they must be, in order to have a consistent database for migration.
These last two were found and fixed by nhosoi
4) If we transform an attribute to an empty value, this means we want to remove it from the migrated entry. We use the remove method to remove the attribute.
5) The remove method in FileConn was not working. We have to make a clone of the entry that we have removed the attribute from. The process of iterating over the attributes skips deleted ones because of the way the Tie::Hash functions in the Entry class work.
Platforms tested: HP-UX 11.23 IPF64
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: DSMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- DSMigration.pm.in 8 Sep 2007 02:16:27 -0000 1.11
+++ DSMigration.pm.in 14 Sep 2007 02:41:13 -0000 1.12
@@ -269,6 +269,7 @@
my $in = new Mozilla::LDAP::LDIF(*MYLDIF);
while (my $ent = readOneEntry $in) {
my $dn = $ent->getDN();
+ next if (!$dn); # netscaperoot should not have the empty dn
$dn =~ s/\bNetscape\b/@capbrand@/g;
$ent->setDN($dn);
foreach my $attr (keys %{$ent}) {
@@ -305,6 +306,11 @@
my $deleteflag = 0;
if ($fname =~ /NetscapeRoot.ldif$/) {
$fname = migrateNetscapeRoot($fname);
+ # make sure $fname is owned by the server user
+ my $cfgent = $dest->search("cn=config", "base", "(objectclass=*)");
+ my $user = $cfgent->getValues('nsslapd-localuser');
+ my $uid = getpwnam $user;
+ chown $uid, -1, $fname;
$deleteflag = 1;
}
my $cmd = "$inst_dir/ldif2db -n \"$dbname\" -i \"$fname\"";
@@ -443,7 +449,14 @@
for my $attr (keys %{$ent}) {
my $lcattr = lc $attr;
if ($transformAttr{$lcattr}) {
- $ent->setValues($attr, &{$transformAttr{$lcattr}}($ent, $attr, $mig, $inst));
+ my $newval = &{$transformAttr{$lcattr}}($ent, $attr, $mig, $inst);
+ if (!$newval) {
+ debug(2, "Removing attribute $attr from entry ", $ent->getDN(), "\n");
+ $ent->remove($attr);
+ } else {
+ debug(2, "Setting new value $newval for attribute $attr in entry ", $ent->getDN(), "\n");
+ $ent->setValues($attr, $newval);
+ }
}
}
}
@@ -484,8 +497,13 @@
if (!$innewonly{$attr}) {
my $oldval = $old->getValues($attr);
my $newval = &{$transformAttr{$lcattr}}($old, $attr, $mig, $inst);
- $new->setValues($attr, $newval);
- debug(3, "mergeEntries: transformed old value $oldval to $newval\n");
+ if (!$newval) {
+ debug(3, "Removing attribute $attr from entry ", $new->getDN(), "\n");
+ $new->remove($attr);
+ } else {
+ debug(3, "Setting new value $newval for attribute $attr in entry ", $new->getDN(), "\n");
+ $new->setValues($attr, $newval);
+ }
}
} elsif ($cn eq "internationalization plugin" and $lcattr eq "nsslapd-pluginarg0") {
debug(3, "mergeEntries: using new value of internationalization plugin nsslapd-pluginarg0\n");
@@ -725,6 +743,10 @@
return 0;
}
+ if (!$mig->{start_servers}) {
+ $inf->{slapd}->{start_server} = 0;
+ }
+
# create the new instance
@errs = createDSInstance($inf);
unlink($inf->{filename});
Index: FileConn.pm
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/FileConn.pm,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- FileConn.pm 13 Jul 2007 18:35:32 -0000 1.3
+++ FileConn.pm 14 Sep 2007 02:41:13 -0000 1.4
@@ -411,7 +411,10 @@
return 0;
}
- $self->{$ndn}->{data} = $entry;
+ # The cloned entry will not contain the deleted attrs - the cloning
+ # process omits the deleted attrs via the Entry FETCH, FIRSTKEY, and NEXTKEY
+ # methods
+ $self->{$ndn}->{data} = cloneEntry($entry);
$self->write();
return 1;
Index: Migration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/Migration.pm.in,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- Migration.pm.in 15 Aug 2007 22:04:31 -0000 1.5
+++ Migration.pm.in 14 Sep 2007 02:41:13 -0000 1.6
@@ -225,6 +225,7 @@
$self->{logfile} = $logfile;
$self->{crossplatform} = $crossplatform;
$self->{log} = new SetupLog($self->{logfile}, "migrate");
+ $self->{start_servers} = 1; # start servers as soon as they are migrated
# if user supplied inf file, use that to initialize
if (defined($self->{inffile})) {
$self->{inf} = new Inf($self->{inffile});
Index: Util.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/Util.pm.in,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- Util.pm.in 15 Aug 2007 22:04:31 -0000 1.11
+++ Util.pm.in 14 Sep 2007 02:41:13 -0000 1.12
@@ -813,7 +813,6 @@
print $outfh "RootDNPwd = ", $ent->getValues('nsslapd-rootpw'), "\n";
print $outfh "ServerPort = ", $ent->getValues('nsslapd-port'), "\n";
print $outfh "ServerIdentifier = $id\n";
- print $outfh "start_server= 0\n";
my $suffix;
$ent = $conn->search("cn=ldbm database,cn=plugins,cn=config",
16 years, 6 months