2 commits - configure configure.ac lib/libadminutil
by Richard Allen Megginson
configure | 20 ++++++++++----------
configure.ac | 2 +-
lib/libadminutil/admutil.c | 4 ++++
3 files changed, 15 insertions(+), 11 deletions(-)
New commits:
commit 76259fd0c0a1e0c556deb70d46bc37e73d4d9cde
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Oct 19 10:48:17 2010 -0600
bump version to 1.1.12
bump version to 1.1.12
diff --git a/configure b/configure
index 62dc4c0..53a7edd 100755
--- a/configure
+++ b/configure
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.59 for 389-adminutil 1.1.11.
+# Generated by GNU Autoconf 2.59 for 389-adminutil 1.1.12.
#
# Report bugs to <http://bugzilla.redhat.com/>.
#
@@ -423,8 +423,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}
# Identity of this package.
PACKAGE_NAME='389-adminutil'
PACKAGE_TARNAME='389-adminutil'
-PACKAGE_VERSION='1.1.11'
-PACKAGE_STRING='389-adminutil 1.1.11'
+PACKAGE_VERSION='1.1.12'
+PACKAGE_STRING='389-adminutil 1.1.12'
PACKAGE_BUGREPORT='http://bugzilla.redhat.com/'
# Factoring default headers for most tests.
@@ -954,7 +954,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures 389-adminutil 1.1.11 to adapt to many kinds of systems.
+\`configure' configures 389-adminutil 1.1.12 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1020,7 +1020,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of 389-adminutil 1.1.11:";;
+ short | recursive ) echo "Configuration of 389-adminutil 1.1.12:";;
esac
cat <<\_ACEOF
@@ -1189,7 +1189,7 @@ fi
test -n "$ac_init_help" && exit 0
if $ac_init_version; then
cat <<\_ACEOF
-389-adminutil configure 1.1.11
+389-adminutil configure 1.1.12
generated by GNU Autoconf 2.59
Copyright (C) 2003 Free Software Foundation, Inc.
@@ -1203,7 +1203,7 @@ cat >&5 <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by 389-adminutil $as_me 1.1.11, which was
+It was created by 389-adminutil $as_me 1.1.12, which was
generated by GNU Autoconf 2.59. Invocation command line was
$ $0 $@
@@ -1846,7 +1846,7 @@ fi
# Define the identity of the package.
PACKAGE='389-adminutil'
- VERSION='1.1.11'
+ VERSION='1.1.12'
cat >>confdefs.h <<_ACEOF
@@ -25069,7 +25069,7 @@ _ASBOX
} >&5
cat >&5 <<_CSEOF
-This file was extended by 389-adminutil $as_me 1.1.11, which was
+This file was extended by 389-adminutil $as_me 1.1.12, which was
generated by GNU Autoconf 2.59. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -25127,7 +25127,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF
ac_cs_version="\\
-389-adminutil config.status 1.1.11
+389-adminutil config.status 1.1.12
configured by $0, generated by GNU Autoconf 2.59,
with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"
diff --git a/configure.ac b/configure.ac
index cc7fcb8..e84aa0f 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,7 +1,7 @@
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
AC_PREREQ(2.59)
-AC_INIT([389-adminutil], [1.1.11], [http://bugzilla.redhat.com/])
+AC_INIT([389-adminutil], [1.1.12], [http://bugzilla.redhat.com/])
AM_INIT_AUTOMAKE([1.9 foreign subdir-objects])
AM_MAINTAINER_MODE
AC_CANONICAL_HOST
commit d33c9e806b4bdf1510845769712ddd363a0ac29a
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Oct 19 10:47:26 2010 -0600
allow building with mozldap again
the fixes to build with openldap broke building with mozldap
diff --git a/lib/libadminutil/admutil.c b/lib/libadminutil/admutil.c
index fc63d31..ea207d8 100644
--- a/lib/libadminutil/admutil.c
+++ b/lib/libadminutil/admutil.c
@@ -26,8 +26,12 @@
#include "admutil_pvt.h"
#include "libadminutil/admutil-int.h"
#include "libadminutil/distadm.h"
+#include <ssl.h>
#if defined(USE_OPENLDAP)
#include <lber.h>
+#else
+#include <ldappr.h>
+#include <ldap_ssl.h>
#endif
#ifdef XP_WIN32
#define strcasecmp stricmp
13 years, 6 months
ldap/servers
by Nathan Kinder
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 4 +---
ldap/servers/slapd/modify.c | 18 ------------------
2 files changed, 1 insertion(+), 21 deletions(-)
New commits:
commit 6160200187b5b5f7ee662762b997c5c55401fe77
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Tue Oct 19 08:10:04 2010 -0700
Bug 305131 - Allow empty modify operation
This patch allows an empty modify operation. We currently reject
an empty modify operation, but this patch makes the empty operation
update the modifyTimestamp and modifiersName attributes similar to
a touch-type operation.
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
index 5e3b9b5..9ee7525 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -623,9 +623,7 @@ mods_have_effect (Slapi_Entry *entry, Slapi_Mods *smods)
if ( entry && entry->e_sdn.dn ) {
for ( j = 0; j < smods->num_mods - 1; j++ ) {
- if ( ((mod = smods->mods[j]) != NULL) &&
- strcasecmp (mod->mod_type, "modifiersname") &&
- strcasecmp (mod->mod_type, "modifytime") ) {
+ if ((mod = smods->mods[j]) != NULL) {
for ( attr = entry->e_attrs; attr; attr = attr->a_next ) {
/* Mods have effect if at least a null-value-mod is
* to actually remove an existing attribute
diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 92b06d7..d15310a 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -341,24 +341,6 @@ do_modify( Slapi_PBlock *pb )
goto free_and_return;
}
- /* see if there were actually any mods to perform */
- if ( slapi_mods_get_num_mods (&smods) == 0 )
- {
- int lderr;
- char *emsg;
-
- if ( ignored_some_mods ) {
- lderr = LDAP_UNWILLING_TO_PERFORM;
- emsg = "no modifiable attributes specified";
- } else {
- lderr = LDAP_PROTOCOL_ERROR;
- emsg = "no modifications specified";
- }
- op_shared_log_error_access (pb, "MOD", dn, emsg);
- send_ldap_result( pb, lderr, NULL, emsg, 0, NULL );
- goto free_and_return;
- }
-
#ifdef LDAP_DEBUG
LDAPDebug( LDAP_DEBUG_ARGS, "modifications:\n", 0, 0, 0 );
for (mod = slapi_mods_get_first_mod(&smods); mod != NULL;
13 years, 6 months
ldap/servers
by Richard Allen Megginson
ldap/servers/plugins/uiduniq/uid.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit f4c6760ea5da7849e5b1f3b2f8d08bd7f6eedd1a
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Mon Oct 18 12:47:14 2010 -0600
Bug 644013 - uniqueness plugin segfault bug
https://bugzilla.redhat.com/show_bug.cgi?id=644013
Resolves: bug 644013
Bug Description: uniqueness plugin segfault bug
Reviewed by: self - one liner
Branch: master
Fix Description: Access the array pointer correctly
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/plugins/uiduniq/uid.c b/ldap/servers/plugins/uiduniq/uid.c
index de7310f..01d635e 100644
--- a/ldap/servers/plugins/uiduniq/uid.c
+++ b/ldap/servers/plugins/uiduniq/uid.c
@@ -637,7 +637,7 @@ addMod(LDAPMod ***modary, int *capacity, int *nmods, LDAPMod *toadd)
*modary = (LDAPMod **)slapi_ch_malloc(*capacity * sizeof(LDAPMod *));
}
}
- *modary[*nmods] = toadd;
+ (*modary)[*nmods] = toadd;
(*nmods)++;
}
13 years, 6 months
ldap/servers
by Nathan Kinder
ldap/servers/plugins/replication/repl5_inc_protocol.c | 2 ++
ldap/servers/plugins/replication/repl5_tot_protocol.c | 2 ++
2 files changed, 4 insertions(+)
New commits:
commit 52632d7cfbb74b98fc807a7c5b831f0f2f428c57
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Mon Oct 18 09:33:11 2010 -0700
Bug 643937 - Initialize replication version flags
The flags used to identity the replication protocol versions for
7.1 and 9.0 are not being initialized. This can cause the wrong
protocol to be used when replicating to another server. This
patch initializes the flags to 0 when the structures are created.
diff --git a/ldap/servers/plugins/replication/repl5_inc_protocol.c b/ldap/servers/plugins/replication/repl5_inc_protocol.c
index dde91f1..dac03ba 100644
--- a/ldap/servers/plugins/replication/repl5_inc_protocol.c
+++ b/ldap/servers/plugins/replication/repl5_inc_protocol.c
@@ -2100,6 +2100,8 @@ Repl_5_Inc_Protocol_new(Repl_Protocol *rp)
prp->private = (void *)rip;
prp->replica_acquired = PR_FALSE;
prp->repl50consumer = 0;
+ prp->repl71consumer = 0;
+ prp->repl90consumer = 0;
return prp;
loser:
repl5_inc_delete(&prp);
diff --git a/ldap/servers/plugins/replication/repl5_tot_protocol.c b/ldap/servers/plugins/replication/repl5_tot_protocol.c
index d679ca2..f383f4c 100644
--- a/ldap/servers/plugins/replication/repl5_tot_protocol.c
+++ b/ldap/servers/plugins/replication/repl5_tot_protocol.c
@@ -583,6 +583,8 @@ Repl_5_Tot_Protocol_new(Repl_Protocol *rp)
prp->private = (void *)rip;
prp->replica_acquired = PR_FALSE;
prp->repl50consumer = 0;
+ prp->repl71consumer = 0;
+ prp->repl90consumer = 0;
return prp;
loser:
repl5_tot_delete(&prp);
13 years, 6 months
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
New commits:
commit f39aab7b4fc39a2c0797424314cfc638c33f482e
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Oct 15 15:17:52 2010 -0700
Bug 643532 - Incorrect DNs sometimes returned on searches
https://bugzilla.redhat.com/show_bug.cgi?id=643532
Description: Some of the functions in ldbm_entryrdn.c uses
static memory for reading data from the entryrdn index, where
the static initializer should not have been used since the
memory cannot be shared among threads. This patch fixes it.
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
index 4fbae15..9431291 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
@@ -1009,7 +1009,6 @@ entryrdn_lookup_dn(backend *be,
DBC *cursor = NULL;
DB_TXN *db_txn = (txn != NULL) ? txn->back_txn_txn : NULL;
DBT key, data;
- static char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
char *keybuf = NULL;
Slapi_RDN *srdn = NULL;
char *orignrdn = NULL;
@@ -1067,10 +1066,7 @@ entryrdn_lookup_dn(backend *be,
/* Setting the bulk fetch buffer */
memset(&data, 0, sizeof(data));
- data.ulen = sizeof(buffer);
- data.size = sizeof(buffer);
- data.data = buffer;
- data.flags = DB_DBT_USERMEM;
+ data.flags = DB_DBT_MALLOC;
do {
/* Setting up a key for the node to get its parent */
@@ -1134,6 +1130,7 @@ retry_get1:
workid = id_stored_to_internal(elem->rdn_elem_id);
/* 1 is byref, and the dup'ed rdn is freed with srdn */
slapi_rdn_add_rdn_to_all_rdns(srdn, slapi_ch_strdup(RDN_ADDR(elem)), 1);
+ slapi_ch_free(&data.data);
} while (workid);
if (0 == workid) {
@@ -1141,6 +1138,7 @@ retry_get1:
}
bail:
+ slapi_ch_free(&data.data);
/* Close the cursor */
if (cursor) {
int myrc = cursor->c_close(cursor);
@@ -1769,7 +1767,7 @@ _entryrdn_replace_suffix_id(DBC *cursor, DBT *key, DBT *adddata,
char *keybuf = NULL;
char *realkeybuf = NULL;
DBT realkey;
- static char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
+ char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
DBT data;
DBT moddata;
rdn_elem **childelems = NULL;
@@ -2689,7 +2687,7 @@ _entryrdn_index_read(backend *be,
/* get the child elems */
if (childelems) {
- static char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
+ char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
slapi_ch_free_string(&keybuf);
keybuf = slapi_ch_smprintf("%c%u:%s", RDN_INDEX_CHILD, id, nrdn);
@@ -2778,7 +2776,7 @@ _entryrdn_append_childidl(DBC *cursor,
/* E.g., C5:ou=accounting */
char *keybuf = slapi_ch_smprintf("%c%u:%s", RDN_INDEX_CHILD, id, nrdn);
DBT key, data;
- static char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
+ char buffer[RDN_BULK_FETCH_BUFFER_SIZE];
int rc = 0;
key.data = keybuf;
13 years, 6 months
ldap/schema ldap/servers
by Noriko Hosoi
ldap/schema/01core389.ldif | 1
ldap/servers/plugins/acl/acl.c | 2
ldap/servers/plugins/acl/acl.h | 4 -
ldap/servers/plugins/acl/acllist.c | 2
ldap/servers/plugins/acl/aclparse.c | 87 ++++++++++++++++++++++--------------
ldap/servers/slapd/attrsyntax.c | 6 ++
ldap/servers/slapd/slapi-plugin.h | 8 +++
7 files changed, 74 insertions(+), 36 deletions(-)
New commits:
commit 0b7a84653e5819f52fc22f3783d9c2a1dc84e941
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Oct 15 10:56:45 2010 -0700
Bug 244229 - targetattr not verified against schema when setting an aci
https://bugzilla.redhat.com/show_bug.cgi?id=244229
Description:
1. When acl contains targetattr keyword:
(targetattr [!]= "attribute_1 || attribute_2 ...|| attribute_n"),
where attribute_n does not contain '*', the current ACL plugin
accepts any attribute_n value even if it is not defined in the
schema. This patch rejects the aci if it contains attribute_n
not defined in schema with this error message:
NSACLPlugin - targetattr "attribute_n" does not exist in schema.
Please add attributeTypes "attribute_n" to schema if necessary.
The message is logged in the error log as well as returned to
the client.
2. To implement 1, slapi APIs slapi_attr_syntax_exists is added.
3. An attributeTypes "connection" is added to 01core389.ldif which
is referred in an aci of cn=monitor.
diff --git a/ldap/schema/01core389.ldif b/ldap/schema/01core389.ldif
index 96e70a8..95607fc 100644
--- a/ldap/schema/01core389.ldif
+++ b/ldap/schema/01core389.ldif
@@ -124,6 +124,7 @@ attributeTypes: ( nsSSLPersonalitySSL-oid NAME 'nsSSLPersonalitySSL' DESC 'Netsc
attributeTypes: ( nsSSLActivation-oid NAME 'nsSSLActivation' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
attributeTypes: ( 2.16.840.1.113730.3.1.2091 NAME 'nsslapd-suffix' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape' )
attributeTypes: ( 2.16.840.1.113730.3.1.2092 NAME 'nsslapd-ldapiautodnsuffix' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2095 NAME 'connection' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 X-ORIGIN 'Netscape' )
#
# objectclasses
#
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c
index 4fcdf74..e42a83a 100644
--- a/ldap/servers/plugins/acl/acl.c
+++ b/ldap/servers/plugins/acl/acl.c
@@ -1482,7 +1482,7 @@ acl_check_mods(
if (strcmp(mod->mod_type,
aci_attr_type) == 0) {
if ( 0 != (rv = acl_verify_syntax( e_sdn,
- mod->mod_bvalues[i]))) {
+ mod->mod_bvalues[i], errbuf))) {
aclutil_print_err(rv, e_sdn,
mod->mod_bvalues[i],
errbuf);
diff --git a/ldap/servers/plugins/acl/acl.h b/ldap/servers/plugins/acl/acl.h
index 9634f05..4865387 100644
--- a/ldap/servers/plugins/acl/acl.h
+++ b/ldap/servers/plugins/acl/acl.h
@@ -794,14 +794,14 @@ int acl_access_allowed_main ( Slapi_PBlock *pb, Slapi_Entry *e, char **attrs,
struct berval *val, int access , int flags, char **errbuf);
int acl_access_allowed( Slapi_PBlock *pb, Slapi_Entry *e, char *attr,
struct berval *val, int access );
-int acl_verify_syntax(const Slapi_DN *e_sdn, const struct berval *bval);
+int acl_verify_syntax(const Slapi_DN *e_sdn, const struct berval *bval, char **errbuf);
aclUserGroup * acl_get_usersGroup ( struct acl_pblock *aclpb , char *n_dn);
void acl_print_acllib_err (NSErr_t *errp , char * str);
int acl_check_mods( Slapi_PBlock *pb, Slapi_Entry *e, LDAPMod **mods, char **errbuf );
int acl_verify_aci_syntax (Slapi_Entry *e, char **errbuf);
char * acl__access2str(int access);
void acl_strcpy_special (char *d, char *s);
-int acl_parse(char * str, aci_t *aci_item);
+int acl_parse(char *str, aci_t *aci_item, char **errbuf);
char * acl_access2str ( int access );
int acl_init_ext ();
void * acl_get_ext (ext_type type, void *object);
diff --git a/ldap/servers/plugins/acl/acllist.c b/ldap/servers/plugins/acl/acllist.c
index 6600b3d..41a1d17 100644
--- a/ldap/servers/plugins/acl/acllist.c
+++ b/ldap/servers/plugins/acl/acllist.c
@@ -210,7 +210,7 @@ acllist_insert_aci_needsLock( const Slapi_DN *e_sdn, const struct berval* aci_at
acl_str = slapi_ch_strdup(aci_attr->bv_val);
/* Parse the ACL TEXT */
- if ( 0 != (rv = acl_parse ( acl_str, aci )) ) {
+ if ( 0 != (rv = acl_parse ( acl_str, aci, NULL )) ) {
slapi_log_error (SLAPI_LOG_FATAL, plugin_name,
"ACL PARSE ERR(rv=%d): %s\n", rv, acl_str );
slapi_ch_free ( (void **) &acl_str );
diff --git a/ldap/servers/plugins/acl/aclparse.c b/ldap/servers/plugins/acl/aclparse.c
index fb7e5c0..05ffe50 100644
--- a/ldap/servers/plugins/acl/aclparse.c
+++ b/ldap/servers/plugins/acl/aclparse.c
@@ -45,14 +45,14 @@
/****************************************************************************/
/* prototypes */
/****************************************************************************/
-static int __aclp__parse_aci(char *str, aci_t *aci_item);
-static int __aclp__sanity_check_acltxt(aci_t *aci_item, char *str);
+static int __aclp__parse_aci(char *str, aci_t *aci_item, char **errbuf);
+static int __aclp__sanity_check_acltxt(aci_t *aci_item, char *str);
static char * __aclp__normalize_acltxt (aci_t *aci_item, char *str);
static char * __aclp__getNextLASRule(aci_t *aci_item, char *str,
char **endOfCurrRule);
static int __aclp__get_aci_right ( char *str);
-static int __aclp__init_targetattr (aci_t *aci, char *attr_val);
-static int __acl__init_targetattrfilters( aci_t *aci_item, char *str);
+static int __aclp__init_targetattr (aci_t *aci, char *attr_val, char **errbuf);
+static int __acl__init_targetattrfilters( aci_t *aci_item, char *str);
static int process_filter_list( Targetattrfilter ***attrfilterarray,
char * str);
static int __acl_init_targetattrfilter( Targetattrfilter *attrfilter, char *str );
@@ -93,7 +93,7 @@ static int get_acl_rights_as_int( char * strValue);
*
**************************************************************************/
int
-acl_parse(char * str, aci_t *aci_item)
+acl_parse(char * str, aci_t *aci_item, char **errbuf)
{
int rv=0;
@@ -118,7 +118,7 @@ acl_parse(char * str, aci_t *aci_item)
*save = '\0';
/* Now we have a "str)" */
- if ( 0 != (rv = __aclp__parse_aci(str, aci_item))) {
+ if ( 0 != (rv = __aclp__parse_aci(str, aci_item, errbuf))) {
return(rv);
}
@@ -200,7 +200,7 @@ acl_parse(char * str, aci_t *aci_item)
*
**************************************************************************/
static int
-__aclp__parse_aci (char *str, aci_t *aci_item)
+__aclp__parse_aci(char *str, aci_t *aci_item, char **errbuf)
{
int len;
@@ -242,8 +242,7 @@ __aclp__parse_aci (char *str, aci_t *aci_item)
* (targetattrfilters="add= attr1:F1 && attr2:F2 ... && attrn:Fn,
* del= attr1:F1 && attr2:F2... && attrn:Fn")
*/
- if ( 0 != (rv= __acl__init_targetattrfilters(
- aci_item, str))) {
+ if (0 != (rv = __acl__init_targetattrfilters(aci_item, str))) {
return rv;
}
} else if (strncmp(str, aci_targetattr,targetattrlen ) == 0) {
@@ -259,7 +258,7 @@ __aclp__parse_aci (char *str, aci_t *aci_item)
* If it contains a value filter, the type will also be
* ACI_TARGET_VALUE_ATTR.
*/
- if (0 != (rv = __aclp__init_targetattr(aci_item, str))) {
+ if (0 != (rv = __aclp__init_targetattr(aci_item, str, errbuf))) {
return rv;
}
} else if (strncmp(str, aci_targetfilter,tfilterlen ) == 0) {
@@ -1309,7 +1308,7 @@ acl_access2str(int access)
*
***************************************************************************/
static int
-__aclp__init_targetattr (aci_t *aci, char *attr_val)
+__aclp__init_targetattr (aci_t *aci, char *attr_val, char **errbuf)
{
int numattr=0;
@@ -1335,9 +1334,15 @@ __aclp__init_targetattr (aci_t *aci, char *attr_val)
s[len-1] = '\0'; /* trim trailing quote */
} else {
/* error - if it begins with a quote, it must end with a quote */
+ char *errstr =
+ slapi_ch_smprintf("The statement does not begin and end "
+ "with a \": [%s]. ", attr_val);
slapi_log_error(SLAPI_LOG_FATAL, plugin_name,
- "__aclp__init_targetattr: Error: The statement does not begin and end with a \": [%s]\n",
- attr_val);
+ "__aclp__init_targetattr: %s\n", errstr);
+ if (errbuf) {
+ aclutil_str_append(errbuf, errstr);
+ }
+ slapi_ch_free_string(&errstr);
return ACL_SYNTAX_ERR;
}
s++; /* skip leading quote */
@@ -1372,16 +1377,14 @@ __aclp__init_targetattr (aci_t *aci, char *attr_val)
* Here:
* end_attr points to the next attribute thing.
*
- * str points to the current one to be processed and it looks like this:
+ * str points to the current one to be processed and it looks like this:
* rbyrneXXX Watchout is it OK to use : as the speperator ?
* cn
* c*n*
- * *
+ * *
+ *
* The attribute goes in the attrTarget list.
- *
- */
-
-
+ */
attr = (Targetattr *) slapi_ch_malloc (sizeof (Targetattr));
memset (attr, 0, sizeof(Targetattr));
@@ -1392,7 +1395,6 @@ __aclp__init_targetattr (aci_t *aci, char *attr_val)
str++;
}
if (strchr(str, '*')) {
-
/* It contains a * so it's something like * or cn* */
if (strcmp(str, "*" ) != 0) {
char line[100];
@@ -1410,29 +1412,50 @@ __aclp__init_targetattr (aci_t *aci, char *attr_val)
f = slapi_str2filter (lineptr);
if (f == NULL) {
- slapi_log_error(SLAPI_LOG_FATAL, plugin_name,
- "__aclp__init_targetattr:Unable to generate filter (%s)\n", lineptr);
+ char *errstr = slapi_ch_smprintf("Unable to generate filter"
+ " (%s). ", lineptr);
+ slapi_log_error(SLAPI_LOG_FATAL, plugin_name,
+ "__aclp__init_targetattr: %s\n", errstr);
+ if (errbuf) {
+ aclutil_str_append(errbuf, errstr);
+ }
+ slapi_ch_free_string(&errstr);
} else {
attr->u.attr_filter = f;
}
- if (newline) slapi_ch_free((void **) &newline);
+ slapi_ch_free_string(&newline);
} else {
attr->attr_type = ACL_ATTR_STAR;
attr->u.attr_str = slapi_ch_strdup (str);
}
} else {
- attr->u.attr_str = slapi_ch_strdup (str);
- attr->attr_type = ACL_ATTR_STRING;
+ /* targetattr = str or targetattr != str */
+ /* Make sure str is a valid attribute */
+ if (slapi_attr_syntax_exists((const char *)str)) {
+ attr->u.attr_str = slapi_ch_strdup (str);
+ attr->attr_type = ACL_ATTR_STRING;
+ } else {
+ char *errstr = slapi_ch_smprintf("targetattr \"%s\" does not "
+ "exist in schema. Please add attributeTypes "
+ "\"%s\" to schema if necessary. ", str, str);
+ slapi_log_error(SLAPI_LOG_FATAL, plugin_name,
+ "__aclp__init_targetattr: %s\n", errstr);
+ if (errbuf) {
+ aclutil_str_append(errbuf, errstr);
+ }
+ slapi_ch_free_string(&errstr);
+ slapi_ch_free((void **)&attr);
+ return ACL_SYNTAX_ERR;
+ }
}
-
/*
* Add the attr to the targetAttr list
- */
+ */
- attrArray[numattr] = attr;
+ attrArray[numattr] = attr;
numattr++;
if (!(numattr % ACL_INIT_ATTR_ARRAY)) {
aci->targetAttr = (Targetattr **) slapi_ch_realloc (
@@ -1441,7 +1464,6 @@ __aclp__init_targetattr (aci_t *aci, char *attr_val)
sizeof(Targetattr *));
attrArray = aci->targetAttr;
}
-
/* Move on to the next attribute in the list */
str = end_attr;
@@ -1512,7 +1534,7 @@ acl_verify_aci_syntax (Slapi_Entry *e, char **errbuf)
i= slapi_attr_first_value ( attr,&sval );
while ( i != -1 ) {
attrVal = slapi_value_get_berval ( sval );
- rv=acl_verify_syntax ( e_sdn, attrVal);
+ rv = acl_verify_syntax( e_sdn, attrVal, errbuf );
if ( 0 != rv ) {
aclutil_print_err(rv, e_sdn, attrVal, errbuf);
return ACL_ERR;
@@ -1540,7 +1562,8 @@ acl_verify_aci_syntax (Slapi_Entry *e, char **errbuf)
*
**************************************************************************/
int
-acl_verify_syntax(const Slapi_DN *e_sdn, const struct berval *bval)
+acl_verify_syntax(const Slapi_DN *e_sdn,
+ const struct berval *bval, char **errbuf)
{
aci_t *aci_item;
int rv = 0;
@@ -1550,7 +1573,7 @@ acl_verify_syntax(const Slapi_DN *e_sdn, const struct berval *bval)
/* make a copy the the string */
str = slapi_ch_strdup(bval->bv_val);
- rv = acl_parse(str, aci_item);
+ rv = acl_parse(str, aci_item, errbuf);
/* cleanup before you leave ... */
acllist_free_aci (aci_item);
diff --git a/ldap/servers/slapd/attrsyntax.c b/ldap/servers/slapd/attrsyntax.c
index 65f3bb0..1940b8d 100644
--- a/ldap/servers/slapd/attrsyntax.c
+++ b/ldap/servers/slapd/attrsyntax.c
@@ -1072,3 +1072,9 @@ attr_syntax_init(void)
}
return 0;
}
+
+int
+slapi_attr_syntax_exists(const char *attr_name)
+{
+ return attr_syntax_exists(attr_name);
+}
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index 4c5bedc..8df6ec0 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -4480,6 +4480,14 @@ int slapi_filter_compare(struct slapi_filter *f1, struct slapi_filter *f2);
Slapi_Filter *slapi_filter_dup(Slapi_Filter *f);
int slapi_filter_changetype(Slapi_Filter *f, const char *newtype);
+/**
+ * Check whether a given attribute type is defined in schema or not
+ *
+ * \param attribute type name to be checked
+ * \return \c 0 if the attribute type is not defined in schema
+ * \return non-0 if the attribute type is defined in schema
+ */
+int slapi_attr_syntax_exists(const char *type);
/*
* slapi_filter_apply() is used to apply a function to each simple filter
13 years, 6 months
ldap/servers
by Nathan Kinder
ldap/servers/plugins/cos/cos_cache.c | 75 +++++++++++++++++++++++++++++++----
1 file changed, 67 insertions(+), 8 deletions(-)
New commits:
commit 032790e3bea8b4b61372a5b84926c83da2e03eef
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Thu Oct 14 08:51:57 2010 -0700
Bug 555955 - Allow CoS values to be merged
This patch adds the ability for CoS values to be merged and create
multi-valued attributes. One can append "merge-schemes" the the
end of the cosAttribute value in a definition entry to allow values
to be merged.
With a single indirect CoS definition, a merge will make CoS use
each specifier attribute value in the target entry to look for
CoS values in each of the found template entries. All of these
values will then be applied to the target entry (with the exception
of duplicate values).
With multiple indirect CoS definitions for the same attribute,
setting merge mode for all definitions will cause all of the
definitions to be used to find the values to apply to the target
entry. If merge-schemes is not defined for all of these definitions,
the result is undefined (values from the first found CoS definition
will be applied).
diff --git a/ldap/servers/plugins/cos/cos_cache.c b/ldap/servers/plugins/cos/cos_cache.c
index db99586..971249c 100644
--- a/ldap/servers/plugins/cos/cos_cache.c
+++ b/ldap/servers/plugins/cos/cos_cache.c
@@ -2367,9 +2367,10 @@ static int cos_cache_query_attr(cos_cache *ptheCache, vattr_context *context, Sl
/** class of service specifier **/
/*
- now we need to iterate through the attributes to discover
+ Now we need to iterate through the attributes to discover
if one fits all the criteria, we'll take the first that does
- and blow off the rest
+ and blow off the rest unless the definition has merge-scheme
+ set.
*/
do
{
@@ -2397,8 +2398,9 @@ static int cos_cache_query_attr(cos_cache *ptheCache, vattr_context *context, Sl
continue;
}
- /* is this entry a child of the target tree(s)? */
- while(hit == 0 && pTargetTree)
+ /* If we haven't found a hit yet, or if we are in merge mode, look for
+ * hits. We only check if this entry is a child of the target tree(s). */
+ while((hit == 0 || merge_mode) && pTargetTree)
{
{
int rc = 0;
@@ -2459,16 +2461,73 @@ static int cos_cache_query_attr(cos_cache *ptheCache, vattr_context *context, Sl
Note: we support one dn only, the result of multiple pointers is undefined
*/
Slapi_Value *indirectdn;
+ Slapi_ValueSet *tmp_vals = NULL;
int pointer_flags = 0;
+ int hint = 0;
- slapi_valueset_first_value( pAttrSpecs, &indirectdn );
+ hint = slapi_valueset_first_value( pAttrSpecs, &indirectdn );
if(props)
pointer_flags = *props;
- if( indirectdn != NULL &&
- !cos_cache_follow_pointer( context, (char*)slapi_value_get_string(indirectdn), type, out_attr, test_this, result, pointer_flags))
- hit = 1;
+ while (indirectdn != NULL)
+ {
+ if (cos_cache_follow_pointer( context, (char*)slapi_value_get_string(indirectdn),
+ type, &tmp_vals, test_this, result, pointer_flags) == 0)
+ {
+ hit = 1;
+ /* If the caller requested values, set them. We need
+ * to append values when we follow multiple pointers DNs. */
+ if (out_attr && tmp_vals)
+ {
+ if (*out_attr)
+ {
+ Slapi_Attr *attr = NULL;
+ Slapi_Value *val = NULL;
+ int idx = 0;
+
+ /* Create an attr to use for duplicate detection. */
+ attr = slapi_attr_new();
+ slapi_attr_init(attr, type);
+
+ /* Copy any values into out_attr if they don't already exist. */
+ for (idx = slapi_valueset_first_value(tmp_vals, &val);
+ val && (idx != -1);
+ idx = slapi_valueset_next_value(tmp_vals, idx, &val))
+ {
+ if (slapi_valueset_find(attr, *out_attr, val) == NULL)
+ {
+ slapi_valueset_add_value(*out_attr, val);
+ }
+ }
+
+ slapi_attr_free(&attr);
+ slapi_valueset_free(tmp_vals);
+ tmp_vals = NULL;
+ } else {
+ *out_attr = tmp_vals;
+ tmp_vals = NULL;
+ }
+ }
+ }
+
+ /* If this definition has merge-scheme set, we
+ * need to follow the rest of the pointers. */
+ if (pAttr->attr_cos_merge)
+ {
+ hint = slapi_valueset_next_value(pAttrSpecs, hint, &indirectdn);
+ } else {
+ indirectdn = NULL;
+ }
+ }
+
+ /* If merge-scheme is specified, set merge mode. This will allow
+ * us to merge in values from other CoS definitions for this attr. */
+ if (pAttr->attr_cos_merge)
+ {
+ merge_mode = 1;
+ attr_matched_index = attr_index;
+ }
}
else
{
13 years, 6 months
ldap/servers
by Richard Allen Megginson
ldap/servers/slapd/add.c | 3 +--
ldap/servers/slapd/back-ldbm/import-threads.c | 4 ++--
2 files changed, 3 insertions(+), 4 deletions(-)
New commits:
commit 6b9f1aac9e0e5059e10e0ed92e6e8d9c4d5f4253
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Thu Oct 14 09:13:03 2010 -0600
remove extra format argument; use %lu for size_t printf format
Removed the extra proxydn format argument that was not being used
Use %lu for size_t format arguments
Reviewed by: nkinder (Thanks!)
diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c
index 93f4511..200d79c 100644
--- a/ldap/servers/slapd/add.c
+++ b/ldap/servers/slapd/add.c
@@ -497,8 +497,7 @@ static void op_shared_add (Slapi_PBlock *pb)
slapi_log_access(LDAP_DEBUG_ARGS, "conn=%s op=%d ADD dn=\"%s\"\n",
LOG_INTERNAL_OP_CON_ID,
LOG_INTERNAL_OP_OP_ID,
- escape_string(slapi_entry_get_dn_const(e), ebuf),
- proxystr ? proxystr : "");
+ escape_string(slapi_entry_get_dn_const(e), ebuf));
}
}
diff --git a/ldap/servers/slapd/back-ldbm/import-threads.c b/ldap/servers/slapd/back-ldbm/import-threads.c
index c00e4b7..d8153d7 100644
--- a/ldap/servers/slapd/back-ldbm/import-threads.c
+++ b/ldap/servers/slapd/back-ldbm/import-threads.c
@@ -726,8 +726,8 @@ import_producer(void *param)
"ending line %d of file \"%s\"",
escape_string(slapi_entry_get_dn(e), ebuf),
curr_lineno, curr_filename);
- import_log_notice(job, "REASON: entry too large (%u bytes) for "
- "the buffer size (%u bytes)", newesize, job->fifo.bsize);
+ import_log_notice(job, "REASON: entry too large (%lu bytes) for "
+ "the buffer size (%lu bytes)", newesize, job->fifo.bsize);
backentry_free(&ep);
job->skipped++;
continue;
13 years, 6 months
admserv/newinst
by Endi Sukma Dewata
admserv/newinst/src/AdminMigration.pm.in | 49 ++++++++++++++++---------------
1 file changed, 26 insertions(+), 23 deletions(-)
New commits:
commit fb92728c2e0ff34b86001863d96e2b8a24b1f3e8
Author: Endi S. Dewata <edewata(a)redhat.com>
Date: Tue Oct 12 01:39:17 2010 -0400
Bug 573889 - Migration does not remove deprecated schema
The AdminMigration.pm has been modified such that it executes
the update scripts for the Admin Server.
The migratePset() and updateConsoleInfo() have been modified
to use the LDAP connection created in migrateAdminServer().
diff --git a/admserv/newinst/src/AdminMigration.pm.in b/admserv/newinst/src/AdminMigration.pm.in
index b8f0fbd..40ba860 100644
--- a/admserv/newinst/src/AdminMigration.pm.in
+++ b/admserv/newinst/src/AdminMigration.pm.in
@@ -31,6 +31,7 @@ use Migration;
use AdminServer;
use AdminUtil;
use DSUtil;
+use DSUpdate;
use SetupLog;
use File::Path;
@@ -169,15 +170,7 @@ sub migratePset {
my $inf = $mig->{inf};
my @errs;
- my $conn = getConfigDSConn($inf->{General}->{ConfigDirectoryLdapURL},
- $inf->{General}->{ConfigDirectoryAdminID},
- $inf->{General}->{ConfigDirectoryAdminPwd},
- $configdir, \@errs);
-
- if (@errs) {
- $mig->msg($FATAL, @errs);
- return 0;
- }
+ my $conn = $mig->{inf}->{configdsconn};
# add the Admin Server configuration entries
my @ldiffiles = ("@ldifdir(a)/asmigrate.ldif.tmpl",
@@ -191,7 +184,6 @@ sub migratePset {
$mapper = process_maptbl($mapper, \@errs, $inf, $admininf, $setupinf);
if (!$mapper) {
- $conn->close();
$mig->msg(@errs);
$mig->msg($FATAL, 'error_creating_asmigration_maptbl');
return 0;
@@ -200,7 +192,6 @@ sub migratePset {
# update isie and sie
getMappedEntries($mapper, \@ldiffiles, \@errs, \&migratecb, $conn);
if (@errs) {
- $conn->close();
$mig->msg(@errs);
return 0;
}
@@ -211,7 +202,6 @@ sub migratePset {
$isnew = 1;
}
if (!open(LOCALCONF, ">$localconf")) {
- $conn->close();
$mig->msg($FATAL, 'error_updating_localconf', $localconf, $!);
return 0;
}
@@ -220,7 +210,6 @@ sub migratePset {
if (!$entry || $conn->getErrorCode()) {
$mig->msg($FATAL, 'error_no_localconf_entries',
$inf->{admin}->{sie}, $localconf, $conn->getErrorString());
- $conn->close();
close(LOCALCONF);
return 0;
}
@@ -229,7 +218,6 @@ sub migratePset {
updateLocalConf($entry, $inf->{admin}->{sie}, \*LOCALCONF);
$entry = $conn->nextEntry();
}
- $conn->close();
close(LOCALCONF);
if ($isnew) {
@@ -265,10 +253,7 @@ sub updateConsoleInfo {
my $inf = $mig->{inf};
my @errs;
- my $conn = getConfigDSConn($inf->{General}->{ConfigDirectoryLdapURL},
- $inf->{General}->{ConfigDirectoryAdminID},
- $inf->{General}->{ConfigDirectoryAdminPwd},
- $configdir, \@errs);
+ my $conn = $mig->{inf}->{configdsconn};
if (@errs) {
$mig->msg($FATAL, @errs);
@@ -286,7 +271,6 @@ sub updateConsoleInfo {
$mapper = process_maptbl($mapper, \@errs, $inf, $admininf, $dsinf, $setupinf);
if (!$mapper) {
- $conn->close();
$mig->msg(@errs);
$mig->msg($FATAL, 'error_creating_updateconsole_maptbl');
return 0;
@@ -295,7 +279,6 @@ sub updateConsoleInfo {
# update isie and sie
getMappedEntries($mapper, \@ldiffiles, \@errs, \&updateconinfocb, $conn);
if (@errs) {
- $conn->close();
$mig->msg(@errs);
return 0;
}
@@ -306,7 +289,6 @@ sub updateConsoleInfo {
my $versents = $conn->search($basedn, "sub", "(objectclass=*)", 0, qw(* aci));
if (!$versents) {
$mig->msg($FATAL, 'error_migrating_console_entries', $basedn, $conn->getErrorString());
- $conn->close();
return 0;
}
@@ -329,7 +311,6 @@ sub updateConsoleInfo {
debug(3, "Console customization entry $newdn already exists, skipping\n");
} else {
$mig->msg($FATAL, 'error_adding_console_entries', $newdn, $conn->getErrorString());
- $conn->close();
return 0;
}
} else {
@@ -337,7 +318,6 @@ sub updateConsoleInfo {
}
}
- $conn->close();
return 1;
}
@@ -453,6 +433,7 @@ sub migrateAdmpw {
sub migrateAdminServer {
my $mig = shift;
+ my @errs;
my $configdir = $mig->{inf}->{admin}->{config_dir} ||
$ENV{ADMSERV_CONF_DIR} ||
@@ -509,14 +490,36 @@ sub migrateAdminServer {
return 0;
}
+ my $conn = getConfigDSConn($mig->{inf}->{General}->{ConfigDirectoryLdapURL},
+ $mig->{inf}->{General}->{ConfigDirectoryAdminID},
+ $mig->{inf}->{General}->{ConfigDirectoryAdminPwd},
+ $configdir, \@errs);
+
+ if (@errs) {
+ $mig->msg($FATAL, @errs);
+ return 0;
+ }
+
+ $mig->{inf}->{configdsconn} = $conn;
+ $mig->{inf}->{slapd}->{updatedir} = "@updatedir@";
+
+ if (updateDS($mig)) {
+ $conn->close();
+ return 0;
+ }
+
if (!migratePset($mig, $configdir)) {
+ $conn->close();
return 0;
}
if (!updateConsoleInfo($mig, $configdir)) {
+ $conn->close();
return 0;
}
+ $conn->close();
+
if (!migrateAdmpw($mig, $configdir)) {
return 0;
}
13 years, 6 months
ldap/admin
by Endi Sukma Dewata
ldap/admin/src/scripts/DSMigration.pm.in | 5 +++++
1 file changed, 5 insertions(+)
New commits:
commit 0762be835d519d82fd8627105874fd3cdd861278
Author: Endi S. Dewata <edewata(a)redhat.com>
Date: Tue Oct 5 16:31:20 2010 -0400
Bug 573889 - Migration does not remove deprecated schema
The DSMigration.pm has been modified such that it executes the
update scripts including removing deprecated schema.
diff --git a/ldap/admin/src/scripts/DSMigration.pm.in b/ldap/admin/src/scripts/DSMigration.pm.in
index 38407ba..1bd594c 100644
--- a/ldap/admin/src/scripts/DSMigration.pm.in
+++ b/ldap/admin/src/scripts/DSMigration.pm.in
@@ -51,6 +51,7 @@ use Migration;
use DSUtil;
use Inf;
use DSCreate;
+use DSUpdate;
# tempfiles
use File::Temp qw(tempfile tempdir);
@@ -1042,6 +1043,10 @@ sub migrateDSInstance {
return @errs;
}
+ if (@errs = updateDS($mig)) {
+ return @errs;
+ }
+
# next, the databases
if (@errs = migrateDatabases($mig, $inst, $src, $dest)) {
return @errs;
13 years, 6 months