[Fedora-directory-commits] directoryconsole/src/com/netscape/admin/dirserv/panel/replication AgreementDestinationPanel.java, 1.3, 1.4
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel/replication
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv965/directoryconsole/src/com/netscape/admin/dirserv/panel/replication
Modified Files:
AgreementDestinationPanel.java
Log Message:
Resolves: bug 483660
Bug Description: Replication and Sync agreement edit should not allow change to/from LDAPS
Reviewed by: nhosoi (Thanks!)
Fix Description: If simple auth was being used, the simple auth radio button was not selected. This patch makes sure it is selected if it needs to be.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: AgreementDestinationPanel.java
===================================================================
RCS file: /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel/replication/AgreementDestinationPanel.java,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- AgreementDestinationPanel.java 3 Mar 2009 01:24:26 -0000 1.3
+++ AgreementDestinationPanel.java 25 Mar 2009 22:25:27 -0000 1.4
@@ -562,9 +562,11 @@
_digestAuth.setSelected(_agreement.getUseDigestAuth());
_digestAuthDSEntry.fakeInitModel (_agreement.getUseDigestAuth() ? "on" : "off");
}
+ boolean issimple = !_agreement.getUseSSLAuth() && !_agreement.getUseDigestAuth() && !_agreement.getUseGSSAPIAuth();
if (_simpAuth != null) {
- _simpAuth.setEnabled(!_agreement.getUseSSLAuth());
- _simpAuthDSEntry.fakeInitModel (_agreement.getUseSSLAuth() ? "on" : "off");
+ _simpAuth.setEnabled(issimple);
+ _simpAuth.setSelected(issimple);
+ _simpAuthDSEntry.fakeInitModel (issimple ? "on" : "off");
}
if(_agreement.getAgreementType() == ReplicationAgreement.AGREEMENT_TYPE_AD){
15 years, 1 month
[Fedora-directory-commits] winsync/passwordsync/passhook passhook.cpp, 1.9, 1.10
by Nathan Kinder
Author: nkinder
Update of /cvs/dirsec/winsync/passwordsync/passhook
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv26335/passhook
Modified Files:
passhook.cpp
Log Message:
Related: 490048
Summary: Handle NULL Username and Password parameters in PasswordChangeNotify callback.
Index: passhook.cpp
===================================================================
RCS file: /cvs/dirsec/winsync/passwordsync/passhook/passhook.cpp,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- passhook.cpp 30 Mar 2006 22:59:25 -0000 1.9
+++ passhook.cpp 25 Mar 2009 18:00:00 -0000 1.10
@@ -59,11 +59,20 @@
fstream outLog;
DWORD waitRes;
+ // If UserName is NULL, just return STATUS_SUCCESS
+ if (UserName == NULL) {
+ goto exit;
+ }
+
// This memory will be freed in SavePasshookChange
if ( newPassInfo = (PASS_INFO *) malloc(sizeof(PASS_INFO)) ) {
// These get freed in SavePasshookChange by calling clearSet
newPassInfo->username = (char*)malloc((UserName->Length / 2) + 1);
- newPassInfo->password = (char*)malloc((Password->Length / 2) + 1);
+ if (Password != NULL) {
+ newPassInfo->password = (char*)malloc((Password->Length / 2) + 1);
+ } else {
+ newPassInfo->password = (char*)malloc(1);
+ }
} else {
goto exit;
}
@@ -71,9 +80,13 @@
// Fill in the password change struct
if (newPassInfo->username && newPassInfo->password) {
_snprintf(newPassInfo->username, (UserName->Length / 2), "%S", UserName->Buffer);
- _snprintf(newPassInfo->password, (Password->Length / 2), "%S", Password->Buffer);
- newPassInfo->username[UserName->Length / 2] = '\0';
- newPassInfo->password[Password->Length / 2] = '\0';
+ newPassInfo->username[UserName->Length / 2] = '\0';
+ if (Password != NULL) {
+ _snprintf(newPassInfo->password, (Password->Length / 2), "%S", Password->Buffer);
+ newPassInfo->password[Password->Length / 2] = '\0';
+ } else {
+ newPassInfo->password[0] = '\0';
+ }
// Backoff
newPassInfo->backoffCount = 0;
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts Migration.pm.in, 1.9, 1.10
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv24287
Modified Files:
Migration.pm.in
Log Message:
Resolves: #489360
Summary: Replication Bind Failure After Migration from DS 7.1 (comment #10)
Description: changed to trim trailing slashes of oldsroot and actualsroot at the beginning.
Index: Migration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/Migration.pm.in,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- Migration.pm.in 24 Feb 2009 16:57:45 -0000 1.9
+++ Migration.pm.in 24 Mar 2009 22:50:20 -0000 1.10
@@ -205,7 +205,9 @@
my $oldpkgname = "@brand@-ds";
$self->{pkgname} = $pkgname;
+ $oldsroot =~ s/\/+$//; # trim trailing '/'s, if any
$self->{oldsroot} = $oldsroot || "/opt/$oldpkgname";
+ $actualsroot =~ s/\/+$//; # trim trailing '/'s, if any
$self->{actualsroot} = $actualsroot || $self->{oldsroot};
$self->{silent} = $silent;
$self->{inffile} = $inffile;
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.29, 1.30 migrate-ds.res, 1.8, 1.9
by Nathan Kinder
Author: nkinder
Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv6972/ldap/admin/src/scripts
Modified Files:
DSMigration.pm.in migrate-ds.res
Log Message:
Resolves: 445602
Summary: Fixup replicated schema during migration.
Index: DSMigration.pm.in
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- DSMigration.pm.in 13 Mar 2009 14:27:50 -0000 1.29
+++ DSMigration.pm.in 23 Mar 2009 20:13:06 -0000 1.30
@@ -820,12 +820,152 @@
'hassubordinates' => 'hasSubordinates'
);
+sub fixup99user {
+ my $mig = shift; # the Migration object
+ my $inst = shift; # The name of the instance
+ my $newschemadir = shift; # the new instance's schema path
+
+ my %attrstoskip = ();
+ my %objclassestoskip = ();
+ my $uid;
+ my $gid;
+ my $mode;
+
+ # Read every schema file in the legacy server's schema directory
+ for (glob("$mig->{oldsroot}/$inst/config/schema/*.ldif")) {
+ if (!open( OLDSCHEMA, $_ )) {
+ debug(0, "Can't open schema file $_: $!\n");
+ next;
+ }
+
+ # Read attributes from each file, looking for ones that contain
+ # the string "DESC ''".
+ my $in = new Mozilla::LDAP::LDIF(*OLDSCHEMA);
+ while (my $ent = readOneEntry $in) {
+ my @attrs = $ent->getValues('attributeTypes');
+ my @objclasses = $ent->getValues('objectClasses');
+ foreach my $attr (@attrs) {
+ debug(4, "Checking if attribute should be added to skip list ($attr)\n");
+ if ($attr =~ /\(\s*(\S*)\s*NAME .* DESC \'\'/) {
+ # Store the OID of those in an associative array for
+ # quick lookups later.
+ debug(3, "Adding attribute to list to skip (OID $1)\n");
+ $attrstoskip{"$1"} = 1;
+ }
+ }
+
+ foreach my $objclass (@objclasses) {
+ debug(4, "Checking if objectclass should be added to skip list ($objclass)\n");
+ if ($objclass =~ /\(\s*(\S*)\s*NAME .* DESC \'\'/) {
+ # Store the OID of those in an associative array for
+ # quick lookups later.
+ debug(3, "Adding objectclass to list to skip (OID $1)\n");
+ $objclassestoskip{"$1"} = 1;
+ }
+ }
+ }
+
+ close(OLDSCHEMA);
+ }
+
+ # Open the 99user.ldif file in the new server schema directory, which is a
+ # copy of the one in the legacy server. Also open a tempfile.
+ if (!open(USERSCHEMA, "$newschemadir/99user.ldif")) {
+ return ("error_opening_schema", "$newschemadir/99user.ldif", $!);
+ }
+
+ # Open a tempfile to write the cleaned 99user.ldif to
+ if (!open(TMPSCHEMA, ">$newschemadir/99user.ldif.tmp")) {
+ close(USERSCHEMA);
+ return ("error_opening_schema", "$newschemadir/99user.ldif.tmp", $!);
+ }
+
+ # Iterate through every attribute in the 99user.ldif file and write them to the
+ # tempfile if their OID doesn't exist in the "bad schema" array.
+ my $in = new Mozilla::LDAP::LDIF(*USERSCHEMA);
+ while (my $ent = readOneEntry $in) {
+ my @attrs = $ent->getValues('attributeTypes');
+ my @objclasses = $ent->getValues('objectClasses');
+ my @keepattrs;
+ my @keepobjclasses;
+ foreach my $attr (@attrs) {
+ if ($attr =~ /\(\s*(\S*)\s*NAME/) {
+ debug(3, "Checking if attribute should be trimmed (OID $1)\n");
+ # See if this OID is in our list of attrs to skip
+ if ($attrstoskip{"$1"}) {
+ debug(2, "Trimming attribute from 99user.ldif (OID $1)\n");
+ next;
+ }
+ }
+
+ # Keep this value
+ debug(3, "Keeping attribute in 99user.ldif (OID $1)\n");
+ push @keepattrs, $attr;
+ }
+
+ foreach my $objclass (@objclasses) {
+ if ($objclass =~ /\(\s*(\S*)\s*NAME/) {
+ debug(3, "Checking if objectclass should be trimmed (OID $1)\n");
+ # See if this OID is in our list of objectclasses to skip
+ if ($objclassestoskip{"$1"}) {
+ debug(2, "Trimming objectclass from 99user.ldif (OID $1)\n");
+ next;
+ }
+ }
+
+ # Keep this value
+ debug(3, "Keeping objectclass in 99user.ldif (OID $1)\n");
+ push @keepobjclasses, $objclass;
+ }
+
+ # Update the entry with the values we want to keep
+ if ($#keepattrs >= $[) {
+ $ent->setValues("attributetypes", @keepattrs);
+ } else {
+ $ent->remove("attributetypes");
+ }
+
+ if ($#keepobjclasses >= $[) {
+ $ent->setValues("objectclasses", @keepobjclasses);
+ } else {
+ $ent->remove("objectclasses");
+ }
+
+ # Write the entry to temp schema file
+ my $oldfh = select(TMPSCHEMA);
+ $ent->printLDIF();
+ select($oldfh);
+ }
+
+ close(USERSCHEMA);
+ close(TMPSCHEMA);
+
+ # Make the ownership and permissions on the temp schema file
+ # the same as the copied 99user.ldif.
+ ($mode, $uid, $gid) = (stat("$newschemadir/99user.ldif"))[2,4,5];
+ if ((chown $uid, $gid, "$newschemadir/99user.ldif.tmp") != 1) {
+ return ("error_schema_permissions", "$newschemadir/99user.ldif.tmp", $!);
+ }
+
+ if ((chmod $mode, "$newschemadir/99user.ldif.tmp") != 1) {
+ return ("error_schema_permissions", "$newschemadir/99user.ldif.tmp", $!);
+ }
+
+ # Replace the copied 99user.ldif with the trimmed file.
+ if ((rename "$newschemadir/99user.ldif.tmp", "$newschemadir/99user.ldif") != 1) {
+ return ("error_renaming_schema", "$newschemadir/99user.ldif.tmp", "$newschemadir/99user.ldif", $!);
+ }
+
+ return();
+}
+
sub migrateSchema {
my $mig = shift; # the Migration object
my $inst = shift; # the instance name (e.g. slapd-instance)
my $src = shift; # a Conn to the source
my $dest = shift; # a Conn to the dest
+ my @errs;
my $cfgent = $dest->search("cn=config", "base", "(objectclass=*)");
my $newschemadir = $cfgent->getValues('nsslapd-schemadir') ||
"$mig->{configdir}/$inst/schema";
@@ -840,6 +980,11 @@
}
}
+ # fixup any attributes with missing descriptions in 99user.ldif
+ if (@errs = fixup99user($mig, $inst, $newschemadir)) {
+ return @errs;
+ }
+
if (!$mig->{crossplatform}) {
# now, for all of the new schema, we need to get the list of attribute
# types with INTEGER syntax, including derived types (e.g. SUP 'attr')
Index: migrate-ds.res
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/migrate-ds.res,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- migrate-ds.res 26 Oct 2007 22:00:32 -0000 1.8
+++ migrate-ds.res 23 Mar 2009 20:13:06 -0000 1.9
@@ -7,6 +7,9 @@
error_importing_migrated_db = Could not import the LDIF file '%s' for the migrated database. Error: %s. Output: %s\n
error_reading_olddbconfig = Could not read the old database configuration information. Error: %s\n
error_migrating_schema = Could not copy old schema file '%s'. Error: %s\n
+error_opening_schema = Could not open new schema file '%s'. Error: %s\n
+error_schema_permissions = Could not reset permissions on schema file '%s'. Error: %s\n
+error_renaming_schema = Could not rename schema file '%s' tp '%s'. Error: %s\n
error_copying_dbdir = Could not copy database directory '%s' to '%s'. Error: %s\n
error_copying_dbfile = Could not copy database file '%s' to '%s'. Error: %s\n
error_dbsrcdir_not_exist = Could not copy from the database source directory '%s' because it does not exist. Please check your configuration.\n
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/servers/slapd/tools mmldif.c, 1.9, 1.10
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/tools
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14981
Modified Files:
mmldif.c
Log Message:
Resolves: #491215
Summary: mmldif crashes in PK11_CreateDigestContext
Description: NSS was not initialized. Since cert db, key db, or secmod db are
not needed, changed to call NSS_NoDB_Init to initialize NSS.
Index: mmldif.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/mmldif.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- mmldif.c 8 Oct 2008 17:29:04 -0000 1.9
+++ mmldif.c 23 Mar 2009 16:44:25 -0000 1.10
@@ -347,6 +347,8 @@
time(&statsp->diff_start_time);
license_count = 0;
+ NSS_NoDB_Init(".");
+
/*
* read all entries from all directories hashing name and value, and make
* a bitmaps of who has each entry. Flag those entries where at least
15 years, 1 month
[Fedora-directory-commits] winsync/passwordsync/passsync ntservice.cpp, 1.7, 1.8
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/winsync/passwordsync/passsync
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30046/passwordsync/passsync
Modified Files:
ntservice.cpp
Log Message:
Resolves: bug 482892
Bug Description: Passsync service start and stop messages in Windows event
viewer are not logged correctly
Reviewed by: nkinder (Thanks!)
Fix Description: For some reason, the code was not detecting that the service
had already been installed and was installing it again. We do not need to
install the service in this code, that is done in the .msi file now. I just
got rid of that old code.
Platforms tested: Windows 2003 Server
Flag Day: no
Doc impact: no
Index: ntservice.cpp
===================================================================
RCS file: /cvs/dirsec/winsync/passwordsync/passsync/ntservice.cpp,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- ntservice.cpp 12 Mar 2009 14:39:40 -0000 1.7
+++ ntservice.cpp 17 Mar 2009 15:40:51 -0000 1.8
@@ -199,40 +199,6 @@
// Get the executable file path
TCHAR szFilePath[_MAX_PATH];
::GetModuleFileName(NULL, szFilePath, sizeof(szFilePath)/sizeof(*szFilePath));
- int didinstall = FALSE;
-
- // install if not already installed
- if (!IsInstalled()) {
- // Open the Service Control Manager
- SC_HANDLE hSCM = ::OpenSCManager(NULL, // local machine
- NULL, // ServicesActive database
- SC_MANAGER_ALL_ACCESS); // full access
- if (!hSCM) return FALSE;
-
- // Create the service
- SC_HANDLE hService = ::CreateService(hSCM,
- m_szServiceName,
- m_szServiceName,
- SERVICE_ALL_ACCESS,
- SERVICE_WIN32_OWN_PROCESS,
- SERVICE_DEMAND_START, // start condition
- SERVICE_ERROR_NORMAL,
- szFilePath,
- NULL,
- NULL,
- NULL,
- NULL,
- NULL);
- if (!hService) {
- ::CloseServiceHandle(hSCM);
- return FALSE;
- }
- // clean up
- ::CloseServiceHandle(hService);
- ::CloseServiceHandle(hSCM);
- didinstall = TRUE;
- }
-
// make registry entries to support logging messages
// Add the source name as a subkey under the Application
// key in the EventLog service portion of the registry.
@@ -268,10 +234,6 @@
sizeof(DWORD));
::RegCloseKey(hKey);
- if (didinstall) {
- LogEvent(EVENTLOG_INFORMATION_TYPE, EVMSG_INSTALLED, m_szServiceName);
- }
-
return TRUE;
}
15 years, 1 month
[Fedora-directory-commits] adminserver configure.ac, 1.30, 1.31 configure, 1.51, 1.52
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/adminserver
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv15206
Modified Files:
configure.ac configure
Log Message:
Resolves: #476096
Summary: move perl on solaris to a <TBD> path
Description: Changing Solaris perl path (perlexec) to /usr/lib/sparcv9/dirsec/perl5x/bin/perl.
Index: configure.ac
===================================================================
RCS file: /cvs/dirsec/adminserver/configure.ac,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- configure.ac 10 Mar 2009 17:04:00 -0000 1.30
+++ configure.ac 17 Mar 2009 01:09:40 -0000 1.31
@@ -187,7 +187,7 @@
CXXLINK_REQUIRED=1
platform="solaris"
# assume 64 bit
- perlexec='/usr/lib/sparcv9/dirsrv/perl5x/bin/perl'
+ perlexec='/usr/lib/sparcv9/dirsec/perl5x/bin/perl'
# relative to sysconfdir
initdir=/init.d
;;
Index: configure
===================================================================
RCS file: /cvs/dirsec/adminserver/configure,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -r1.51 -r1.52
--- configure 10 Mar 2009 17:03:59 -0000 1.51
+++ configure 17 Mar 2009 01:09:40 -0000 1.52
@@ -23245,7 +23245,7 @@
CXXLINK_REQUIRED=1
platform="solaris"
# assume 64 bit
- perlexec='/usr/lib/sparcv9/dirsrv/perl5x/bin/perl'
+ perlexec='/usr/lib/sparcv9/dirsec/perl5x/bin/perl'
# relative to sysconfdir
initdir=/init.d
;;
15 years, 1 month
[Fedora-directory-commits] ldapserver configure.ac, 1.58, 1.59 configure, 1.101, 1.102
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/ldapserver
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv13549
Modified Files:
configure.ac configure
Log Message:
Resolves: #476096
Summary: move perl on solaris to a <TBD> path
Description: Changing Solaris perl path (perlexec) to /usr/lib/sparcv9/dirsec/perl5x/bin/perl.
Index: configure.ac
===================================================================
RCS file: /cvs/dirsec/ldapserver/configure.ac,v
retrieving revision 1.58
retrieving revision 1.59
diff -u -r1.58 -r1.59
--- configure.ac 10 Mar 2009 16:55:20 -0000 1.58
+++ configure.ac 17 Mar 2009 01:00:25 -0000 1.59
@@ -388,7 +388,7 @@
AC_SUBST([LIBCRUN], [$LIBCRUN])
platform="solaris"
# assume 64 bit
- perlexec='/usr/lib/sparcv9/dirsrv/perl5x/bin/perl'
+ perlexec='/usr/lib/sparcv9/dirsec/perl5x/bin/perl'
# relative to sysconfdir
initdir=/init.d
;;
Index: configure
===================================================================
RCS file: /cvs/dirsec/ldapserver/configure,v
retrieving revision 1.101
retrieving revision 1.102
diff -u -r1.101 -r1.102
--- configure 10 Mar 2009 16:55:17 -0000 1.101
+++ configure 17 Mar 2009 01:00:25 -0000 1.102
@@ -23830,7 +23830,7 @@
platform="solaris"
# assume 64 bit
- perlexec='/usr/lib/sparcv9/dirsrv/perl5x/bin/perl'
+ perlexec='/usr/lib/sparcv9/dirsec/perl5x/bin/perl'
# relative to sysconfdir
initdir=/init.d
;;
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication repl5_agmt.c, 1.16, 1.17
by Richard Allen Megginson
Author: rmeggins
Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv12778/ldapserver/ldap/servers/plugins/replication
Modified Files:
repl5_agmt.c
Log Message:
Resolves: bug 479254
Bug Description: Configuring Replication Server to Server GSSAPI over TLS - attempts replication and can't stop servers
Reviewed by: nhosoi (Thanks!)
Fix Description: The agreement add code did not check the transport and bind method for compatability.
Platforms tested: RHEL5
Flag Day: no
Doc impact: no
Index: repl5_agmt.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/repl5_agmt.c,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- repl5_agmt.c 5 Dec 2008 22:41:51 -0000 1.16
+++ repl5_agmt.c 16 Mar 2009 16:29:45 -0000 1.17
@@ -207,6 +207,20 @@
"is malformed: invalid pausetime %ld.\n", slapi_sdn_get_dn(ra->dn), ra->pausetime);
return_value = 0;
}
+ if ((0 != ra->transport_flags) && (BINDMETHOD_SASL_GSSAPI == ra->bindmethod)) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "Replication agreement \"%s\" "
+ " is malformed: cannot use SASL/GSSAPI if using SSL or TLS - please "
+ "change %s to LDAP before changing %s to use SASL/GSSAPI\n",
+ slapi_sdn_get_dn(ra->dn), type_nsds5TransportInfo, type_nsds5ReplicaBindMethod);
+ return_value = 0;
+ }
+ if ((0 == ra->transport_flags) && (BINDMETHOD_SSL_CLIENTAUTH == ra->bindmethod)) {
+ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "Replication agreement \"%s\" "
+ " is malformed: cannot use SSLCLIENTAUTH if using plain LDAP - please "
+ "change %s to SSL or TLS before changing %s to use SSLCLIENTAUTH\n",
+ slapi_sdn_get_dn(ra->dn), type_nsds5TransportInfo, type_nsds5ReplicaBindMethod);
+ return_value = 0;
+ }
return return_value;
}
15 years, 1 month
[Fedora-directory-commits] ldapserver/ldap/servers/slapd log.c, 1.26, 1.27
by Noriko Hosoi
Author: nhosoi
Update of /cvs/dirsec/ldapserver/ldap/servers/slapd
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv9043
Modified Files:
log.c
Log Message:
Resolves: #490027
Summary: log module issues unnecessary/inaccurate syslog errors
Description:
1) don't log "Exceeded max number of logs allowed" in syslog messages. It's an
info level log, which is not appropriate to log in syslog messages.
2) when deleting an error log file failed, a wrong file name (audit log) was
printed. I also added the error code and the message why the deletion failed.
Index: log.c
===================================================================
RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/log.c,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- log.c 13 Mar 2009 16:39:25 -0000 1.26
+++ log.c 13 Mar 2009 20:35:37 -0000 1.27
@@ -3104,7 +3104,6 @@
*/
if (++numoflogs > loginfo.log_error_maxnumlogs) {
logstr = "Exceeded max number of logs allowed";
- syslog(LOG_ERR, "%s\n", logstr);
goto delete_logfile;
}
@@ -3184,6 +3183,8 @@
return 0;
}
}
+ memset(tbuf, 0, sizeof(tbuf));
+ log_convert_time (delete_logp->l_ctime, tbuf, 1 /*short */);
if (!locked) {
/* if locked, we should not call LDAPDebug,
which tries to get a lock internally. */
@@ -3201,14 +3202,15 @@
}
/* Delete the error file */
- log_convert_time (delete_logp->l_ctime, tbuf, 1 /*short */);
PR_snprintf (buffer, sizeof(buffer), "%s.%s", loginfo.log_error_file, tbuf);
if (PR_Delete(buffer) != PR_SUCCESS) {
+ PRErrorCode prerr = PR_GetError();
/* This function could be called in the ERROR WRITE LOCK,
* which causes the self deadlock if you call LDAPDebug for logging.
* Thus, instead of LDAPDebug, call log__error_emergency with locked == 1. */
- PR_snprintf(buffer, sizeof(buffer), "LOGINFO:Unable to remove file:%s.%s\n",
- loginfo.log_audit_file, tbuf);
+ PR_snprintf(buffer, sizeof(buffer),
+ "LOGINFO:Unable to remove file:%s.%s error %d (%s)\n",
+ loginfo.log_error_file, tbuf, prerr, slapd_pr_strerror(prerr));
log__error_emergency(buffer, 0, locked);
}
slapi_ch_free((void**)&delete_logp);
15 years, 1 month