Changes to 'refs/tags/389-ds-base-1.2.10.2-1'
by Noriko Hosoi
Changes since 389-ds-base-1.2.6.a1:
Endi S. Dewata (168):
Bug 545620 - Password cannot start with minus sign
Bug 538525 - Ability to create instance as non-root user
Bug 570542 - Root password cannot contain matching curly braces
Bug 470684 - Pam_passthru plugin doesn't verify account activation
Bug 573375 - MODRDN operation not logged
Bug 520151 - Error when modifying userPassword with proxy user
Bug 455489 - Address compiler warnings about strict-aliasing rules
Bug 566320 - RFE: add exception to removal of attributes in cn=config for aci
Bug 566043 - startpid file is only cleaned by initscript runs
Bug 584109 - Slapd crashes while parsing DNA configuration
Bug 542570 - Directory Server port number is not validated in the beginning.
Bug 145181 - Plugin target/bind subtrees only take 1 value.
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 628096 - spurious error message from /sbin/service when doing a stop on no instances
Bug 573889 - Migration does not remove deprecated schema
Bug 606545 - core schema should include numSubordinates
Bug 643979 - Strange byte sequence for attribute with no values (nsslapd-referral)
Endi Sukma Dewata (16):
Bug 630092 - Coverity #12117: Resource leaks issues
Bug 630092 - Coverity #15478: Resource leaks issues
Bug 630092 - Coverity #15479: Resource leaks issues
Bug 630092 - Coverity #15481: Resource leaks issues
Bug 630092 - Coverity #15482: Resource leaks issues
Bug 630092 - Coverity #15483: Resource leaks issues
Bug 630092 - Coverity #15484: Resource leaks issues
Bug 630092 - Coverity #15485: Resource leaks issues
Bug 630092 - Coverity #15487: Resource leaks issues
Bug 630092 - Coverity #15490: Resource leaks issues
Bug 630092 - Coverity #15497: Resource leaks issues
Bug 630092 - Coverity #11991: Resource leaks issues
Bug 630092 - Coverity #12000: Resource leaks issues
Bug 630092 - Coverity #12003: Resource leaks issues
Bug 630092 - Coverity #11985: Resource leaks issues
Bug 630092 - Coverity #11992,11993: Resource leaks issues
Mark Reynolds (17):
Ticket #71 - unable to delete managed entry config
Ticket #159 - Managed Entry Plugin runs against managed entries upon any update without validating
Ticket #177 - logconv.pl doesn't detect restarts
Merge branch 'ticket159'
Ticket #49 - better handling for server shutdown while long running tasks are active
Ticket #50 - server should not call a plugin after the plugin close function is calle
Updated for ticket#50
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #140 - incorrect memset parameters
Revert "Ticket #140 - incorrect memset parameters"
Revert "Ticket #55 - Limit of 1024 characters for nsMatchingRule"
Ticket #38 - nisDomain schema is incorrect
Ticket #6 - protocol error from proxied auth operation
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #39 - Account Policy Plugin does not work for simple binds when PAM Pass Through Auth plugin is enabled
Ticket 175 - logconv.pl improvements
Ticket 175 - minor fixes
Nathan Kinder (188):
Bug 549554 - Trim single-valued attributes before sending to AD
Improve search for pcre header file
Bug 434735 - Allow SASL ANONYMOUS mech to work
Bug 570912 - Avoid selinux context conflict with httpd
Allow instance name to be parsed from start-slapd
Add managed entries plug-in
Bug 572355 - Label instance files and ports during upgrade.
Bug 578863 - Password modify extop needs to send referrals on replicas
Bug 584156 - Remove ldapi socket file during upgrade
Fix rsearch usage of name files for random filters
Bug 584497 - Allow DNA plugin to set same value on multiple attributes
Add replication session hooks
Correct function prototype for repl session hook
Bug 592389 - Set anonymous resource limits properly
Bug 601433 - Add man pages for start-dirsrv and related commands
Bug 604263 - Fix memory leak when password change is rejected
Bug 612242 - membership change on DS does not show on AD
Bug 613833 - Allow dirsrv_t to bind to rpc ports
Bug 594745 - Get rid of dirsrv_lib_t label
Bug 620927 - Allow multiple membership attributes in memberof plugin
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630093 - (cov#15511) Don't use unintialized search_results in refint plugin
Bug 630093 - (cov#15518) Need to intialize fd in ldbm2ldif code
Bug 630096 - (cov#11778) check return value of ldap_parse_result
Bug 630096 - (cov#15446) check return value of ber_scanf()
Bug 630096 - (cov#15449,15450) Check return value of stat()
Bug 630096 - (cov#15448) Check return value of cache_replace()
Bug 630096 - (cov#15447) - Check return value of idl_append_extend()
Bug 630090 - (cov#11974) Remove unused ACL functions
Bug 630090 - (cov#15445) Fix illegal free in archive code
Bug 630094 - (cov#11818) Fix unreachable return in snmp subagent
Bug 630094 - (cov#15451) Get rid of unreachable free statements
Bug 630094 - (cov#15452) Remove NULL checking for op_string
Bug 630094 - (cov#15453) Eliminate NULL check for local_newentry
Bug 630094 - (cov#15454) Fix deadcode issue in mapping tree code
Bug 630094 - (cov#15455) Remove deadcode in attr_index_config()
Bug 630094 - (cov#15456) Remove NULL check for srdn in import code
Bug 630094 - (cov#15457) Remove deadcode in import code
Bug 630094 - (cov#15458) Fix deadcode issue in moddn code
Bug 630094 - (cov#15459) Remove NULL check for srdn in ldif2ldbm code
Bug 630094 - (cov#15520) Fix unreachable code issue if perfctrs code
Bug 630094 - (cov#15581) Add missing breaks in agt_mopen_stats()
Bug 690090 - (cov#11974) Remove additional unused ACL functions
Bug 630091 - (cov#15512) Fix usage of uninitialized bervals
Bug 630091 - (cov#15513) Fix usage of uninitialized bervals
Bug 630091 - (cov#15514) Initialize DBT in entryrdn_get_parent()
Bug 630091 - (cov#15515) Use of uninitialized array in index config code
Bug 630091 - (cov#15516,15517) Initialize pointers before attempting to free
Bug 630091 - (cov#15519) Initialize bervals in search_easter_egg()
Bug 630091 - (cov#15582) Free of uninitialized pointer in attr_index_config()
Bug 630097 - (cov#11933) Fix NULL dereference in schema code
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#11946) NULL dereference in ResHashCreate()
Bug 630097 - (cov#11964) Remove dead code from libaccess
Bug 630097 - (cov#12143) NULL dereference in cos cache code
Bug 630097 - (cov#12148) NULL dereference in ruvInit()
Bug 630097 - (cov#12182,12183) NULL dereference in import code
Bug 630097 - (cov#15460) NULL deference in ACL URL code
Bug 630097 - (cov#15461) Remove unnecessary NULL check in DNA
Bug 630097 - (cov#15462) NULL dereference in mep_modrdn_post_op()
Bug 630097 - (cov#15463) Remove NULL check in referint plugin
Bug 630097 - (cov#15464) NULL dereference in repl code
Bug 630097 - (cov#15465) Null dereference in USN code
Bug 630097 - (cov#15473) NULL dereference in ResHashCreate()
Bug 630097 - (cov#15505) NULL dereference in memberOf code
Bug 630097 - (cov#15506) NULL dereference in dblayer code
Bug 630097 - (cov#15507,15508) NULL dereference in entryrdn code
Bug 630097 - (cov#15509) NULL dereference in idsktune
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#15477) NULL dereference in ACL plug-in code
Bug 630091 - (cov#12209) Use of uninitialized pointer in libaccess
Bug 630092 - (cov#12116) Resource leak in ldclt code
Bug 630092 - (cov#12105) Resource leak in pwdscheme config code
Bug 630092 - (cov#12068) Resource leak in certmap code
Bug 630091 - (cov#11973) Array overrun in libaccess
Bug 522055 - Scope check for managed attribute fails
Bug 625335 - Self-write aci has permission to invalid attribute
Bug 631993 - Log authzid when proxy auth control is used
Cov #16300 - Unused variable in account policy plugin
Bug 544321 - remove-ds.pl should not throw error unlabelling port
Bug 555955 - Allow CoS values to be merged
Bug 643937 - Initialize replication version flags
Bug 305131 - Allow empty modify operation
Bug 619633 - Make attribute uniqueness obey requiredObjectClass
Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operations
Bug 189985 - Improve attribute uniqueness error message
Bug 647932 - multiple memberOf configuration adding memberOf where there is no member
Bug 521088 - DNA should check ACLs before getting a value from the range
Bug 635009 - Add one-way AD sync capability
Bump VERSION.sh to 1.2.8.a1
Bug 648949 - Move selinux policy into base OS
Bug 648949 - Update configure
Roll back VERSION.sh for 1.2.7 release
Bug 625950 - hash nsslapd-rootpw changes in audit log
Bug 656392 - Remove calls to ber_err_print()
Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
Bug 197886 - Avoid overflow of UUID generator
Bug 658312 - Allow mapped attribute types to be quoted
Bug 197886 - Initialize return value for UUID generation code
Bug 658309 - Process escaped characters in managed entry mappings
Bug 659456 - Incorrect usage of ber_printf() in winsync code
Bug 641944 - Don't normalize non-DN RDN values
Bug 658312 - Invalid free in Managed Entry plug-in
Bug 661792 - Valid managed entry config rejected
Bug 588791 - Allow anonymous rootDSE access only
Bug 606439 - Creating server instance with LDAPI takes too long
Bug 632670 - Chain-on-update logs managed-entries-plugin errors
Bug 621008 - parsing purge RUV from changelog at startup fails
Bug 663191 - Don't use $USER in DSCreate.pm
Bug 663597 - Memory leaks in normalization code
Bug 659131 - Incorrect RDN values added with multi-valued RDN
Bug 661102 - Rename of managed entries not handled correctly
Bug 193297 - Call pre-bind plug-ins for all SASL bind steps
Bug 201652 - LDAPv2 bind with expired password doesn't unbind correctly
Bug 470576 - Migration could do addition checks before commiting actions
Bug 481195 - Missing op type in log when password change required
Bug 509897 - Validate dnaScope to ensure it is a legal DN
Bug 505722 - Allow ntGroup to have mail attribute present
Bug 543633 - replication problems if supplier is killed under update load
Bug 671033 - range sharing between server breaks with SASL/GSSAPI auth
Bug 527912 - setup-ds.pl appears to hang when DNS is unreachable
Bug 252249 - Add pkg-config file for plug-in developers
Bug 670616 - Allow SSF to be set for local (ldapi) connections
Bug 668862 - init scripts return wrong error code
Bug 674430 - Improve error messages for attribute uniqueness
Bug 675853 - dirsrv crash segfault in need_new_pw()
Bug 678646 - Ignore tombstone operations in managed entry plug-in
Bug 671199 - Don't allow other to write to rundir
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 674852 - crash in ldap-agent when using OpenLDAP
Bug 681345 - setup-ds.pl should set SuiteSpotGroup automatically
Bug 680558 - Winsync plugin fails to restrain itself to the configured subtree
Bug 504803 - Allow maxlogsize to be set if logmaxdiskspace is -1
Bug 687974 - (cov#10715) Fix Coverity uninitialized variables issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 688341 - (cov#10708) Fix Coverity code maintainability issues
Bug 688341 - (cov#10706,10707) Fix Coverity code maintainability issues
Bug 688341 - (cov#10704,10705) Fix Coverity code maintainability issues
Bug 688341 - (cov#10703) Fix Coverity code maintainability issues
Bug 688341 - (cov#10702) Fix Coverity code maintainability issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 689537 - (cov#10699) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10610) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10608) Fix Coverity NULL pointer dereferences
Bug 689952 - (cov#10581) Incorrect bit check in replication connection code
Bug 690526 - (cov#10734) Double free in dse_add()
Bug 690649 - (cov#10731) Use of free'd pointer in indexing code
Bug 690882 - (cov#10571) Incorrect sizeof use in uuid code
Bug 690882 - (cov#10636,10637) Useless comparison in attrcrypt
Bug 690882 - (cov#10703) Incorrect sizeof use in vattr code
Bug 690882 - (cov#10572,10710) Incorrect sizeof use in uuid code
Bug 691574 - (cov#10579) Check return value of ber_scanf() in sort code
Bug 691574 - (cov#10577) Check return types when adding RDN CSNs
Bug 691574 - (cov#10573) check return value in GER code
Bug 691574 - (cov#10575) Check return value of ldap_get_option
Bug 691574 - (cov#10573) Fix syntax error
Bug 693868 - Add managed entry config during in-place upgrade
Add Auto Membership Plug-in
Bug 698428 - Make auto membership use Slapi_DN for DN comparisons
Bug 695779 - windows sync can lose old values when a new value is added
Bug 700557 - Linked attrs callbacks access free'd pointers after close
Bug 700557 - Leak at shutdown in DNA plug-in
Bug 703304 - Auto membership alternate config area should override default area
Bug 703304 - Auto membership alternate config area should override default area
Bug 703530 - Allow Managed Entry config to be relocated
Bug 697961 - memberOf needs to be triggered by internal operations
Bug 710377 - Import with chain-on-update crashes ns-slapd
Split automember regex rules into separate entries
Bug 713209 - Update sudo schema
Bug 691313 - Need TLS/SSL error messages in repl status and errors log
Bug 723937 - Slapi_Counter API broken on 32-bit F15
Bug 725743 - Make memberOf use PRMonitor for it's operation lock
Bug 729717 - Fatal error messages when syncing deletes from AD
Bug 728510 - Run dirsync after sending updates to AD
Bug 730387 - Add slapi_rwlock API and use POSIX rwlocks
Bug 611438 - Add Account Usability Control support
Bug 728592 - Allow ns-slapd to start with an invalid server cert
Bug 732541 - Ignore error 32 when adding automember config
Bug 722292 - Entries in DS are not updated properly when using WinSync API
Bug 722292 - (cov#11030) Leak of mapped_sdn in winsync rename code
Bug 735114 - renaming a managed entry does not update mepmanagedby
Bug 739172 - Allow separate fractional attrs for incremental and total protocols
Bug 743966 - Compiler warnings in account usability plugin
Bug 744946 - (cov#11046) NULL dereference in IDL code
Bug 752155 - Use restorecon after creating init script lock file
Ticket 284 - Remove unnecessary SNMP MIB files
Noriko Hosoi (302):
544089 - Referential Integrity Plugin does not take into account the attribute
557224 - subtree rename breaks the referential integrity plug-in
247413 - Incorrect error on multiple identical value add
559016 - Attempting to rename suffix returns inappropriate errors
555577 - Syntax validation fails for "ou=NetscapeRoot" tree
Undo - 555577 - Syntax validation fails for "ou=NetscapeRoot" tree
560827 - Admin Server templates: DistinguishName validation fails
548535 - memory leak in attrcrypt
563365 - Error handling problems in the backend functions
565664 - Incorrect parameter for CACHE_RETURN()
565987 - redhat-ds-base fails to build due to undefined struct
527848 - make sure db upgrade to 4.7 and later works correctly
539618 - Replication bulk import reports Invalid read/write
567370 - dncache: assertion failure in id2entry_delete
548115 - memory leak in schema reload
555970 - missing read lock in the combination of cos and nsview
539618 - Replication bulk import reports Invalid read/write
570667 - MMR: simultaneous total updates on the masters cause
Merge branch '547503'
Revert "Merge branch '547503'"
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
199923 - subtree search fails to find items under a db
570107 - The import of LDIFs with base-64 encoded DNs fails,
572649 - DS8.2 crashes on RHEL 4 (corresponding to bob, ber_2 test case)
573060 - DN normalizer: ESC HEX HEX is not normalized (
573896 - initializing subtree with invalid syntax crashes ns-slapd
515805 - Stop "initialize Database" crashes the server
548533 - memory leak in Repl_5_Inc_Protocol_new
Fixing a syntax error
Update to New DN Format
585905 - ACL with targattrfilters error crashes the server
574167 - An escaped space at the end of the RDN value is not
590931 - rhds81 import - hardcoded pages_limit for nsslapd-import-cache-autosize
591336 - Implementing upgrade DN format tool
593453 - Creating password policy with ns-newpolicy.pl on Replicated
593110 - backup-restore does not ALWAYS work
593899 - adding specific ACI causes very large mem allocate request
588867 - entryusn plugin fails on solaris
593899 - adding specific ACI causes very large mem allocate request
595893 - Base DN in SASL mapping is not normalized
511112 - Password history limited to 25 values
597375 - Deleting LDBM database causes backup/restore problem
574101 - MODRDN request never returns - possible deadlock
606920 - anonymous resource limit - nstimelimit -
605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl
578296 - Attribute type entrydn needs to be added when subtree
609256 - Selinux: pwdhash fails if called via Admin Server CGI
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
616618 - 389 v1.2.5 accepts 2 identical entries with different DN formats
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
616608 - SIGBUS in RDN index reads on platforms with strict alignments
619595 - Upgrading sub suffix under non-normalized suffix disappears
513166 - Simple Paged result doesn't provide the server's estimate
621928 - Unable to enable replica (rdn problem?) on 1.2.6 rc6
Bug 194531 - db2bak is too noisy
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 623118 - Simplepaged results going in infinite loop
Bug 614511 - fix coverity Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverity Defect Type: Resource leaks issues CID 11975 - 12051
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverity Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892
Bug 616500 - fix coverity Defect Type: Resource leaks issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 613056 - fix coverify Defect Type: Null pointer dereferences
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Removed redundant code in agmt_new_from_entry
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 628300 - DN is not normalized in dn/entry cache when an entry is added, entrydn is not present in search results
Bug 531642 - EntryUSN: RFE: a configuration option to make entryusn "global"
Bug 627738 - The cn=monitor statistics entries for the dnentry cache do not change or change very rarely
DN normalizer should check the invalid type
Bug 627738 - The cn=monitor statistics entries for the dnentry cache
Bug 629710 - escape_string does not check '\<HEX><HEX>'
agmtlist_shutdown (repl5_agmtlist.c) had an illegal access defect.
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 631862 - crash - delete entries not in cache + referint
Bug 625014 - SubTree Renames: ModRDN operation fails and the server hangs if the entry is moved to "under" the same DN.
Bug 558099 - Enhancement request: Log more information about the search result being a paged one
Bug 635987 - Incorrect sub scope search result with
Bug 606920 - anonymous resource limit- nstimelimit -
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 639289 - Adding a new CN entry with UpperCase UTF-8 Character
Bug 640027 - Naming attribute with a special char sequence parsing bug
Bug 640854 - changelog db: _cl5WriteOperation: failed to
Bug 637852 - sasl_io_start_packet: failed - read only 3 bytes
Bug 586966 - Sample update script has syntax errors
Bug 586973 - Sample update ldif points to non-existent directory
Bug 602456 - Allow to add any cn=config attributes;
Bug 244229 - targetattr not verified against schema when setting an aci
Bug 643532 - Incorrect DNs sometimes returned on searches
Bug 592397 - Upgrade tool dn2rdn: it does not clean up
Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
Bug 629681 - Retro Changelog trimming does not behave as expected
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 638773 - permissions too loose on pid and lock files
Bug 491733 - dbtest crashes
Bug 329751 - "nested" filtered roles searches candidates more
Bug 567282 - server can not abandon searchRequest of "simple paged results"
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Bug 651571 - When attrcrypt is on, entrydn is stored in the backend db
Bug 661918 - 389-ds MMR plugin's changelogdb path logic is incorrect
Bug 182507 - clear-password mod from replica is discarded before changelogged
Bug 602456 - Allow to add any cn=config attributes;
Bug 489379 - passwordExpirationTime in entry being added
Bug 663484 - Entry usn plugin fails to properly tag entries on initialization
Bug 664563 - GER: ger for non-present entry is not correct
Bug 653007 - db2ldif export of clear text passwords lacks storage scheme
Bug 667488 - Cannot recreate numsubordinates index with db2index
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 615100 - log rotationinfo always recreated at startup,
Bug 624442 - MMR: duplicate replica ID
Bug 669205 - db2bak: backed up changelog should include RUVs
Bug 616850 - ldapmodify failed to reject the replace operation
Bug 627993 - Inconsistent storage of password expiry times
Bug 627993 - Inconsistent storage of password expiry times
dn2rdn should respect the DB version info
Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any error message in logs
Bug 624547 - attrcrypt should query the given slot/token for
Bug 668619 - slapd stops responding
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
Bug 615052 - intrinsics and 64-bit atomics code fails to compile
Bug 616213 - insufficient stack size for HP-UX on PA-RISC
Bug 675265 - preventryusn gets added to entries on a failed delete
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 450016 - RFE- Console display values in KB/MB/GB
Cancelling commit aef19508c4f618285116d2068655183658f564d9
Bug 625424 - repl-monitor.pl doesn't work in hub node
Bug 679978 - modifying attr value crashes the server, which is supposed to
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 668909 - Can't modify replication agreement in some cases
Bug 684996 - Exported tombstone cannot be imported correctly
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 689866 - ns-newpwpolicy.pl needs to use the new DN format
Bug 690955 - Mrclone fails due to the replica generation id mismatch
Bug 696407 - If an entry with a mixed case RDN is turned to be
Bug 697027 - 1 - minor memory leaks found by Valgrind + TET
Bug 697027 - 2 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 4 - minor memory leaks found by Valgrind + TET
Bug 697027 - 5 - minor memory leaks found by Valgrind + TET
Bug 697027 - 6 - minor memory leaks found by Valgrind + TET
Bug 697027 - 7 - minor memory leaks found by Valgrind + TET
Bug 697027 - 8 - minor memory leaks found by Valgrind + TET
Bug 697027 - 9 - minor memory leaks found by Valgrind + TET
Bug 697027 - 10 - minor memory leaks found by Valgrind + TET
Bug 697027 - 11 - minor memory leaks found by Valgrind + TET
Bug 697027 - 12 - minor memory leaks found by Valgrind + TET
Bug 697027 - 13 - minor memory leaks found by Valgrind + TET
Bug 697027 - 14 - minor memory leaks found by Valgrind + TET
Bug 697027 - 15 - minor memory leaks found by Valgrind + TET
Bug 697027 - 16 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 700215 - ldclt core dumps
Bug 668619 - slapd stops responding
Bug 709826 - Memory leak: when extra referrals configured
Bug 706179 - DS can not restart after create a new objectClass has entryusn attribute
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 718303 - Intensive updates on masters could break the consumer's cache
Merge branch '718303'
Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9
Bug 712855 - Directory Server 8.2 logs "Netscape Portable
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 732153 - subtree and user account lockout policies implemented?
Introducing an environment variable USE_VALGRIND to clean up the entry cache and dn cache on exit.
Bug 744945 - nsslapd-counters attribute value cannot be set to "off"
Keep unhashed password psuedo-attribute in the adding entry
Reduce the number of DN normalization
Bug 745259 - Incorrect entryUSN index under high load
Bug 750622 - Fix Coverity (11104) Resource leak:
Bug 750624 - Fix Coverity (11053) Explicit null dereferenced:
Bug 750625 - Fix Coverity (11066) Unused pointer value
Bug 750625 - Fix Coverity (11065) Uninitialized pointer read
Bug 750625 - Fix Coverity (11064) Dereference before null check
Bug 750625 - Fix Coverity (11061) Resource leak
Bug 750625 - Fix Coverity (11060) Dereference null return value
Bug 750625 - Fix Coverity (11058, 11059) Dereference null return value
Bug 750625 - Fix Coverity (11057) Dereference null return value
Bug 750625 - Fix Coverity (11055) Explicit null dereferenced
Bug 750625 - Fix Coverity (11054) Dereference after null check
Bug 750625 - Fix Coverity (11117) Uninitialized pointer read
Bug 750625 - Fix Coverity (11116) Uninitialized pointer read
Bug 750625 - Fix Coverity (11114, 11115) Uninitialized value use
Bug 750625 - Fix Coverity (11113) Uninitialized pointer read
Bug 750625 - Fix Coverity (11112) Uninitialized pointer read
Bug 750625 - Fix Coverity (11109, 11110, 11111) Uninitialized pointer read
Bug 750625 - Fix Coverity (11108) Sizeof not portable
Bug 750625 - Fix Coverity (11107) Dereference before null check
Bug 750625 - Fix Coverity (11096) Explicit null dereferenced
Bug 750625 - Fix Coverity (11095) Explicit null dereferenced
Bug 750625 - Fix Coverity (11094) Dereference after null check
Bug 750625 - Fix Coverity (11091) Unchecked return value
Bug 750625 - Fix Coverity (11055-2) Explicit null dereferenced
Bug 750625 - Fix Coverity (11062) Resource leak
Bug 750625 - Fix Coverity (11066-2) Unused pointer value
Bug 750625 - Fix Coverity (12195) Dereference after null check
Bug 750625 - Fix Coverity (12196) Dereference before null check
Bug 750625 - Fix Coverity (11066-3) Unused pointer value
Bug 745259 - Incorrect entryUSN index under high load in
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 26 - Please support setting
Trac Ticket 75 - Unconfigure plugin opperations are being called.
Trac Ticket 168 - minssf should not apply to rootdse
Trac Ticket #18 - Data inconsitency during replication
Trac Ticket #52 - FQDN set to nsslapd-listenhost
Trac Ticket 139 - eliminate the use of char *dn in favor of Slapi_DN *dn
Trac Ticket 35 - Log not clear enough on schema errors
Trac Ticket #274 - Reindexing entryrdn fails if
Trac Ticket #275 - Invalid read reported by valgrind
Trac Ticket 51 - memory leaks in 389-ds-base-1.2.8.2-1.el5?
Trac Ticket #26 - Please support setting defaultNamingContext in the rootdse.
Trac Ticket #298 - crash when replicating orphaned tombstone entry
Trac Ticket #290 - server hangs during shutdown if betxn pre/post op fails
Rich Megginson (305):
Net::LDAP password modify extop breaks; msgid in response is 0xFF
Clean up assert for entrydn
Bug 543080 - Bitwise plugin fails to return the exact matched entries for Bitwise search filter
Bug 537466 - nsslapd-distribution-plugin should not require plugin name to begin with "lib"
bump version to 1.2.6.a2
Do not use syntax plugins directly for filters, indexing
wrap new style matching rule plugins for use in old style indexing code
change extensible filter code to use new syntax function style mr funcs
change syntax plugins to register required matching rule plugins
crash looking up compat syntax; numeric string syntax using integer; make octet string ordering work correctly
fix memory leak in attr replace when replacement fails
fix dso linking issues found by fedora 13 linking
problems linking with -z defs
389 DS segfaults on libsyntax-plugin.so - part 1
389 DS segfaults on libsyntax-plugin.so - part 2
389 DS segfaults on libsyntax-plugin.so - part 3
Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location on non-RHEL/Fedora OS
Bug 568196 - Install DS8.2 on Solaris fails
Bug 568196 - Install DS8.2 on Solaris fails - part 2
Bug 551198 - LDAPI: incorrect logging to access log
bump version to 1.2.6.a3
fix various memory leaks
Bug 551198 - LDAPI: incorrect logging to access log - part 2
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
cleanup build warnings
Bug 571514 - upgrade to 1.2.6 should upgrade 05rfc4523.ldif (cert schema)
Bug 570905 - postalAddress syntax should allow empty lines (should allow $$)
Add support for additional schema/matching rules included with 389
Bug 572677 - Memory leak in searches including GER control
Bug 571677 - Busy replica on consumers when directly deleting a replication conflict
Bug 576074 - search filters with parentheses fail
Bug 567429 - slapd didn't close connection and get into CLOSE_WAIT state
Bug 578167 - repl. of mod/replace deletes multi-valued attrs
Bug 561575 - setup-ds-admin fails to supply nsds5ReplicaName when configuring via ConfigFile
Bug 572162 - the string "|*" within a search filter on a non-indexed attribute returns all elements.
Bug 576644 - segfault while multimaster replication (paired node won't find deleted entries)
start of 1.2.6.a4
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Fix too few args for format warning in acllas
Bug 586571 - DS Console shows escaped DNs
Bug 591685 - Server instances Fail to Start on Solaris due to Library Path and pcre
bump console version to 1.2.3
Repl Session API needs to check for NULL api before init
Bug 593392 - setup-ds-admin.pl -k creates world readable file
Bug 595874 - 99user.ldif getting overpopulated
bump version to 1.2.6.a5
bump version to 1.2.6.rc1
bump version to 1.2.6.rc2
bump version to 1.2.6.rc3
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 603942 - null deref in _ger_parse_control() for subjectdn
bump version to 1.2.6.rc4
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 602530 - coverity: op_shared_modify: compare pre, post and original entries before freeing them
Bug 602531 - coverity: op_shared_delete: compare preop entry and GLUE_PARENT_ENTRY before freeing them
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 610177 - fix coverity Defect Type: Uninitialized variables issues
Bug 610276 - fix coverity Defect Type: API usage errors issues
Bug 611850 - fix coverity Defect Type: Error handling issues
Bug 614242 - C99/ANSI C++ related compile errors on HP-UX
Bug 547503 - replication broken again, with 389 MMR replication and TCP errors
Bug 617013 - repl-monitor.pl use cpu upto 90%
fix build failures due to libtool problems
Bug 617629 - Missing aliases in new schema files
Bug 617862 - Replication: Unable to delete tombstone errors
bump version to 1.2.7.a1
Bug 610281 - fix coverity Defect Type: Control flow issues - daemon.c:write_function()
Bug 610281 - fix coverity Defect Type: Control flow issues - last repl init status
postalAddress syntax does not accept empty values
ger should support both "dn" and "distinguishedName"
openldap - ldap_url_parse_ext is not part of the public api
fix memleak in ldbm_config_read_instance_entries
Add -x option to ldap tools when using openldap
openldap - add support for missing controls, add ldif api, fix NSS usage
port client tools to use openldap API
use the mozldap versions of the proxy auth control create function
document slapi wrappers for openldap/mozldap functions that differ
fix some compiler warnings
use strcasecmp with ptype and type->bv_val
ber_printf 'o' cannot handle NULL bv_val
fix the url_parse logic when looking for a missing suffix DN
openldap ldapsearch uses -LLL to suppress # version: N
add ldaptool_opts for the non BUNDLE case in Makefile.am
openldap ldapsearch returns empty line at end of LDIF output
have to use LDAP_OPT_X_TLS_NEVER to defeat cert hostname checking
openldap_read_function needs to set EWOULDBLOCK if the buffer is empty
do not terminate unwrapped LDIF line with another newline
slapi_ldap_url_parse must handle multiple host:port in url
convert mozldap host list to openldap uri list
move the out pointer back if continuation lines were removed
check src < *out only; only check for \nspace if src < *out - 2
use slapi_ldap_url_parse in the acl code
do not un-null-terminate normalized DN until new url is constructed
implement slapi_ldap_explode_dn and slapi_ldap_explode_rdn
use slapi_pblock_set to set the ldap result code for the be postop plugins
pass the string copy to slapi_dn_normalize_original
bug 614511 - fix coverity null reference - revert macro aci $dn logic
fix compiler warnings - unused vars/funcs, invalid casts
use slapi_mods_init_passin/get_ldapmods_passout if modifying the smods
Have to explicitly set protocol version to 3
Only check modrdn ops for backend/suffix correctness if not the default backend
Bug 634561 - Server crushes when using Windows Sync Agreement
openldap ber_init will assert if the bv->bv_val is NULL
add the account policy plugin and related server code, schema, and config
fix pblock memory leak
do not register pre/post op plugins if disabled
add support for global inactivity limit
fix typos in Makefile.am, acctpolicy schema
bump version to 1.2.7.a2
remove extra format argument; use %lu for size_t printf format
Bug 644013 - uniqueness plugin segfault bug
bump version to 1.2.7.a3
bump to 1.2.7.a4
bump version to 1.2.7.a5
put replication config entries in separate file
bump version to 1.2.7.a6
bump version to 1.2.7.1
bump version to 1.2.7.2
bump version to 1.2.7.3
bump version to 1.2.7.4
Bug 515329 - Multiple mods in one operation can result in an inconsistent replica
bump version to 1.2.8.a1
Bug 642046 - Segfault when using SASL/GSSAPI multimaster replication, possible krb5_creds doublefree
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 622907 - support piped passwords to perl-based maintenance commands
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 576534 - Password displayed on console when entered in command-line utilities
Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the log output to the text file
bump version to 1.2.8.a2
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 676689 - crash while adding a new user to be synced to windows
Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used
Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8
Bug 677774 - DS fails to start after reboot
Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result searches
Bug 675320 - empty modify operation with repl on or lastmod off will crash server
bump version to 1.2.9.a1 - console version to 1.2.4
Bug 677705 - ds-logpipe.py script is failing to validate "-s" and "--serverpid" options with "-t".
Bug 676655 - winsync stops working after server restart
Bug 680555 - ns-slapd segfaults if I have more than 100 DBs
Bug 514190 - setup-ds-admin.pl --debug does not log to file
Bug 518890 - setup-ds-admin.pl - improve hostname validation
Bug 644784 - Memory leak in "testbind.c" plugin
Bug 683250 - slapd crashing when traffic replayed
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10690 #10689 attrcrypt_get_ssl_cert_name() - fix coverity resource leak issues
Bug 690584 - #10688 - dblayer_make_env - fix coverity resource leak issues
Bug 690584 - #10669 #10668 cl5ImportLDIF - fix coverity resource leak issues
Bug 690584 - #10658 linked_attrs_pre_op - fix coverity resource leak issues
Bug 690584 - #10655 acllas__handle_group_entry - fix coverity resource leak issues
Bug 690584 - #10654 #10653 str2entry_dupcheck - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 690584 - #10643 hash_rootpw - fix coverity resource leak issues
Bug 690584 - #10641 reslimit_bv2int - fix coverity resource leak issues
Bug 691422 - sdt_destroy - fix coverity control flow issues
Bug 691422 - ldbm_back_upgradedb - fix coverity control flow issues
Bug 691422 - csnplFree - fix coverity control flow issues
Bug 691422 - SetUnicodeStringFromUTF_8 - fix coverity control flow issues
Bug 691422 - cl5DeleteRUV - fix coverity control flow issues
Bug 691422 - acl_read_access_allowed_on_entry - fix coverity control flow issues
Bug 691422 - search_internal_callback_pb - fix coverity control flow issues
Bug 691422 - cl5WriteRUV - fix coverity control flow issues
Bug 691422 - windows_replay_update - fix coverity control flow issues
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 692937 - Replica install fails after step for "enable GSSAPI for replication"
Bug 692331 - Segfault on index update during full replication push on 1.2.7.5
Bug 693451 - cannot use localized matching rules
Bug 693455 - nsMatchingRule does not work with multiple values
Bug 693503 - matching rules do not inherit from superior attribute type
Bug 693466 - Unable to change schema online
Bug 692991 - rhds82 - windows_tot_run: failed to obtain data to send to the consumer; LDAP error - -1
Bug 693473 - rhds82 rfe - windows_tot_run to log Sizelimit exceeded instead of LDAP error - -1
Bug 693962 - Full replica push loses some entries with multi-valued RDNs
Bug 694336 - Group sync hangs Windows initial Sync
Bug 700145 - userpasswd not replicating
Bug 703990 - Support upgrade from Red Hat Directory Server
bump console version to 1.2.5
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 707015 - Cannot disable SSLv3 and use TLS only
bump version to 1.2.9.a2
Bug 707384 - only allow FIPS approved cipher suites in FIPS mode
Bug 711906 - ns-slapd segfaults using suffix referrals
Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package
Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
bump console version to 1.2.6
Bug 697694 - rhds82 - incr update state stop_fatal_error "requires administrator action", with extop_result: 9
Bug 716980 - winsync uses old AD entry if new one not found
add support for ldif files with changetype: add
writing Inf file shows SchemaFile = ARRAY(0xhexnum)
look for separate openldap ldif library
bump version to 1.2.9.a3
Bug 709468 - RSA Authentication Server timeouts when using simple paged results on RHDS 8.2.
Bug 720059 - RDN with % can cause crashes or missing entries
bump version to 1.2.9.0
Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package
Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry contains a comma
Bug 723937 - replication failing on RUV errors
bump version to 1.2.9.1
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.2
Bug 727511 - ldclt SSL search requests are failing with "illegal error numbe
bump version to 1.2.9.3
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.4
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.5
Bug 729378 - delete user subtree container in AD + modify password in DS == DS crash
Bug 723937 - replication failing on RUV errors
Bug 729369 - upgrade DB to upgrade from entrydn to entryrdn format is not working.
make sure the DBVERSION file ends in a newline
bump version to 1.2.10.a1
Bug 633803 - passwordisglobalpolicy attribute brakes TLS chaining
Bug 733103 - large targetattr list with syntax errors cause server to crash or hang
Bug 703990 - cross-platform - Support upgrade from Red Hat Directory Server
Bug 735121 - simple paged search + ip/dns based ACI hangs server
Bug 695736 - Providing native systemd file for upcoming F15 Feature Systemd
Bug 590826 - Reloading database from ldif causes changelog to emit "data no longer matches" errors
Bug 736712 - Modifying ruv entry deadlocks server
Add support for pre/post db transaction plugins
Make all backend operations transaction aware
Bug 741744 - MOD operations with chained delete/add get back error 53 on backend config
Bug 742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
Bug 741744 - part2 - MOD operations with chained delete/add get back error 53 on backend config
Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
bump version to 1.2.10.a2
bump version to 1.2.10.a3
fix transaction support in ldbm_delete
bump version to 1.2.10.a4
set the ENTRY_POST_OP for modrdn betxnpostoperation plugins
pass the plugin config entry to the plugin init function
make memberof transaction aware and able to be a betxnpostoperation plugin
Bug 741744 - part3 - MOD operations with chained delete/add get back error 53
bump version to 1.2.10.a5
Change referential integrity to be a betxnpostoperation plugin
Use new PLUGIN_CONFIG_ENTRY feature to allow switching between txn and regular
Bug 748575 - rhds81 modrn operation and 100% cpu use in replication
Bug 748575 - part 2 - rhds81 modrdn operation and 100% cpu use in replication
Bug 751495 - 'setup-ds.pl -u' fails with undefined routine 'updateSystemD'
bump version to 1.2.10.a6
Bug 751645 - crash when simple paged fails to send entry to client
csn_as_string - use slapi_uN_to_hex instead of sprintf
uniqueid formatting - use slapi_u8_to_hex instead of sprintf
fix member variable name error in slapi_uniqueIDFormat
reduce calls to csn_as_string and slapi_log_error
csn_init_as_string should not use sscanf
use slapi_hexchar2int and slapi_str_to_u8 everywhere
Bug 755754 - Unable to start dirsrv service using systemd
Bug 755725 - 389 programs linked against openldap crash during shutdown
Ticket 1 - pre-normalize filter and pre-compile substring regex - and other optimizations
Ticket #162 - Infinite loop / spin inside strcmpi_fast, acl_read_access_allowed_on_attr, server DoS
bak2db gets stuck in infinite loop
Ticket #256 - debug build assertion in ACL_EvalDestroy()
bump version to 1.2.10.a7
Ticket #167 - Mixing transaction and non-transaction plugins can cause deadlock
fix mep sdn compiler warnings
add a hack to disable sasl hostname canonicalization - helps with testing when you don't want to set up correct host name resolution and/or cannot set the default system hostname
Ticket #12 - 389 DS DNA Plugin / Replication failing on GSSAPI
Ticket #257 - repl-monitor doesn't work if leftmost hostnames are the same
fix recent compiler warnings
Ticket #15 - Get rid of rwlock.h/rwlock.c and just use slapi_rwlock instead
fix compiler warnings
Remove redundant code - make a global into a static
Ticket #262 - pid file not removed with systemd
fix mozldap build issues
Ticket #264 - upgrade needs better check for "server is running"
Ticket #263 - add systemd include directive
bump version to 1.2.10.rc1
change version to 1.2.10.a8
Ticket #272 - add tombstonenumsubordinates to schema
bump version to 1.2.10.rc1
Ticket #161 - Review and address latest Coverity issues
Ticket #22 - RFE: Support sendmail LDAP routing schema
Ticket #29 - Samba3-schema is missing sambaTrustedDomainPassword
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
fix a couple of minor coverity issues
Ticket #87 - Manpages fixes
Ticket #13 - slapd process exits when put the database on read only mode while updates are coming to the server
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #277 - cannot set repl referrals or state
Ticket #278 - Schema replication update failed: Invalid syntax
Ticket #277 - cannot set repl referrals or state
Ticket #279 - filter normalization does not use matching rules
Ticket #280 - extensible binary filters do not work
Ticket #281 - TLS not working with latest openldap
coverity 12488 Resource leak In attr_index_config(): Leak of memory or pointers to system resources
bump version to 1.2.10.rc2
bump version to 1.2.10.0
Ticket #294 - 389 DS Segfaults during replica install in FreeIPA
Ticket #281 - TLS not working with latest openldap
Trac Ticket #298 - crash when replicating orphaned tombstone entry
bump version to 1.2.10.2
nturpin (1):
Ticket #3: acl cache overflown problem
root (1):
Bug 480787 - Autoconf parameter --with and --without
---
.gitignore | 1
Makefile.am | 261
Makefile.in | 5215 -
README | 11
VERSION.sh | 7
aclocal.m4 | 6996 --
compile | 21
config.guess | 302
config.h.in | 22
config.sub | 232
configure |41932 +++++-------
configure.ac | 176
depcomp | 172
dirsrv.pc.in | 7
include/base/dbtbase.h | 2
include/base/file.h | 3
include/base/lexer.h | 126
include/base/rwlock.h | 91
include/i18n.h | 115
include/ldaputil/ldaputil.h | 10
include/libaccess/aclerror.h | 1
include/libaccess/aclproto.h | 15
include/libaccess/aclstruct.h | 2
include/libaccess/dbtlibaccess.h | 3
include/public/nsacl/aclapi.h | 7
install-sh | 517
ldap/admin/src/base-initconfig.in | 44
ldap/admin/src/initconfig.in | 37
ldap/admin/src/logconv.pl | 639
ldap/admin/src/scripts/10cleanupldapi.pl | 23
ldap/admin/src/scripts/10fixrundir.pl | 11
ldap/admin/src/scripts/50acctusabilityplugin.ldif | 21
ldap/admin/src/scripts/50automemberplugin.ldif | 15
ldap/admin/src/scripts/50fixNsState.pl | 240
ldap/admin/src/scripts/50managedentriesplugin.ldif | 16
ldap/admin/src/scripts/50refintprecedence.ldif | 4
ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif | 5
ldap/admin/src/scripts/60upgradeschemafiles.pl | 2
ldap/admin/src/scripts/70upgradefromldif.pl | 108
ldap/admin/src/scripts/80upgradednformat.pl | 206
ldap/admin/src/scripts/81changelog.pl | 34
ldap/admin/src/scripts/90subtreerename.pl | 21
ldap/admin/src/scripts/91subtreereindex.pl | 148
ldap/admin/src/scripts/DSCreate.pm.in | 323
ldap/admin/src/scripts/DSDialogs.pm | 4
ldap/admin/src/scripts/DSMigration.pm.in | 47
ldap/admin/src/scripts/DSUpdate.pm.in | 50
ldap/admin/src/scripts/DSUtil.pm.in | 247
ldap/admin/src/scripts/DialogManager.pm | 241
ldap/admin/src/scripts/DialogManager.pm.in | 241
ldap/admin/src/scripts/Inf.pm | 67
ldap/admin/src/scripts/Migration.pm.in | 20
ldap/admin/src/scripts/Setup.pm.in | 20
ldap/admin/src/scripts/SetupDialogs.pm.in | 31
ldap/admin/src/scripts/SetupLog.pm | 8
ldap/admin/src/scripts/ds-logpipe.py | 221
ldap/admin/src/scripts/exampleupdate.ldif | 2
ldap/admin/src/scripts/exampleupdate.sh | 10
ldap/admin/src/scripts/logregex.py | 16
ldap/admin/src/scripts/migrate-ds.pl.in | 13
ldap/admin/src/scripts/remove-ds.pl.in | 28
ldap/admin/src/scripts/repl-monitor.pl.in | 86
ldap/admin/src/scripts/restart-dirsrv.in | 25
ldap/admin/src/scripts/setup-ds.pl.in | 7
ldap/admin/src/scripts/setup-ds.res.in | 35
ldap/admin/src/scripts/start-dirsrv.in | 43
ldap/admin/src/scripts/stop-dirsrv.in | 27
ldap/admin/src/scripts/template-bak2db.in | 49
ldap/admin/src/scripts/template-bak2db.pl.in | 29
ldap/admin/src/scripts/template-db2bak.in | 53
ldap/admin/src/scripts/template-db2bak.pl.in | 29
ldap/admin/src/scripts/template-db2index.in | 14
ldap/admin/src/scripts/template-db2index.pl.in | 33
ldap/admin/src/scripts/template-db2ldif.in | 15
ldap/admin/src/scripts/template-db2ldif.pl.in | 29
ldap/admin/src/scripts/template-dbverify.in | 15
ldap/admin/src/scripts/template-dn2rdn.in | 25
ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in | 29
ldap/admin/src/scripts/template-fixup-memberof.pl.in | 29
ldap/admin/src/scripts/template-ldif2db.in | 15
ldap/admin/src/scripts/template-ldif2db.pl.in | 29
ldap/admin/src/scripts/template-ldif2ldap.in | 19
ldap/admin/src/scripts/template-monitor.in | 19
ldap/admin/src/scripts/template-ns-accountstatus.pl.in | 33
ldap/admin/src/scripts/template-ns-activate.pl.in | 33
ldap/admin/src/scripts/template-ns-inactivate.pl.in | 33
ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in | 47
ldap/admin/src/scripts/template-restart-slapd.in | 2
ldap/admin/src/scripts/template-restoreconfig.in | 15
ldap/admin/src/scripts/template-saveconfig.in | 15
ldap/admin/src/scripts/template-schema-reload.pl.in | 29
ldap/admin/src/scripts/template-start-slapd.in | 3
ldap/admin/src/scripts/template-stop-slapd.in | 2
ldap/admin/src/scripts/template-suffix2instance.in | 15
ldap/admin/src/scripts/template-syntax-validate.pl.in | 29
ldap/admin/src/scripts/template-upgradedb.in | 15
ldap/admin/src/scripts/template-upgradednformat.in | 63
ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in | 29
ldap/admin/src/scripts/template-verify-db.pl.in | 19
ldap/admin/src/scripts/template-vlvindex.in | 15
ldap/admin/src/slapd.inf.in | 2
ldap/admin/src/template-initconfig.in | 18
ldap/docs/LICENSE.txt | 132
ldap/docs/README.txt | 11
ldap/include/ldaplog.h | 32
ldap/ldif/50replication-plugins.ldif | 26
ldap/ldif/template-baseacis.ldif.in | 2
ldap/ldif/template-bitwise.ldif.in | 6
ldap/ldif/template-dse.ldif.in | 96
ldap/ldif/template-suffix-db.ldif.in | 1
ldap/schema/00core.ldif | 72
ldap/schema/01core389.ldif | 19
ldap/schema/02common.ldif | 12
ldap/schema/05rfc4523.ldif | 14
ldap/schema/05rfc4524.ldif | 30
ldap/schema/06inetorgperson.ldif | 5
ldap/schema/10automember-plugin.ldif | 123
ldap/schema/10mep-plugin.ldif | 104
ldap/schema/30ns-common.ldif | 4
ldap/schema/50ns-directory.ldif | 4
ldap/schema/60acctpolicy.ldif | 47
ldap/schema/60nis.ldif | 2
ldap/schema/60qmail.ldif | 4
ldap/schema/60samba3.ldif | 34
ldap/schema/60sendmail.ldif | 54
ldap/schema/60sudo.ldif | 58
ldap/servers/plugins/acct_usability/acct_usability.c | 464
ldap/servers/plugins/acct_usability/acct_usability.h | 63
ldap/servers/plugins/acctpolicy/acct_config.c | 143
ldap/servers/plugins/acctpolicy/acct_init.c | 191
ldap/servers/plugins/acctpolicy/acct_plugin.c | 316
ldap/servers/plugins/acctpolicy/acct_util.c | 257
ldap/servers/plugins/acctpolicy/acctpolicy.h | 81
ldap/servers/plugins/acctpolicy/sampleconfig.ldif | 40
ldap/servers/plugins/acctpolicy/samplepolicy.ldif | 27
ldap/servers/plugins/acl/acl.c | 195
ldap/servers/plugins/acl/acl.h | 43
ldap/servers/plugins/acl/acl_ext.c | 152
ldap/servers/plugins/acl/aclanom.c | 13
ldap/servers/plugins/acl/acleffectiverights.c | 116
ldap/servers/plugins/acl/aclgroup.c | 19
ldap/servers/plugins/acl/aclinit.c | 2
ldap/servers/plugins/acl/acllas.c | 400
ldap/servers/plugins/acl/acllist.c | 77
ldap/servers/plugins/acl/aclparse.c | 610
ldap/servers/plugins/acl/aclplugin.c | 37
ldap/servers/plugins/acl/aclproxy.c | 232
ldap/servers/plugins/acl/aclutil.c | 110
ldap/servers/plugins/automember/automember.c | 1930
ldap/servers/plugins/automember/automember.h | 134
ldap/servers/plugins/bitwise/bitwise.c | 23
ldap/servers/plugins/chainingdb/cb.h | 8
ldap/servers/plugins/chainingdb/cb_add.c | 105
ldap/servers/plugins/chainingdb/cb_bind.c | 196
ldap/servers/plugins/chainingdb/cb_compare.c | 101
ldap/servers/plugins/chainingdb/cb_config.c | 37
ldap/servers/plugins/chainingdb/cb_conn_stateless.c | 102
ldap/servers/plugins/chainingdb/cb_controls.c | 36
ldap/servers/plugins/chainingdb/cb_delete.c | 125
ldap/servers/plugins/chainingdb/cb_init.c | 6
ldap/servers/plugins/chainingdb/cb_instance.c | 325
ldap/servers/plugins/chainingdb/cb_modify.c | 133
ldap/servers/plugins/chainingdb/cb_modrdn.c | 174
ldap/servers/plugins/chainingdb/cb_monitor.c | 6
ldap/servers/plugins/chainingdb/cb_schema.c | 4
ldap/servers/plugins/chainingdb/cb_search.c | 219
ldap/servers/plugins/chainingdb/cb_utils.c | 15
ldap/servers/plugins/collation/collate.c | 24
ldap/servers/plugins/collation/orfilter.c | 19
ldap/servers/plugins/cos/cos_cache.c | 773
ldap/servers/plugins/deref/deref.c | 12
ldap/servers/plugins/dna/dna.c | 900
ldap/servers/plugins/http/http_impl.c | 81
ldap/servers/plugins/linkedattrs/fixup_task.c | 154
ldap/servers/plugins/linkedattrs/linked_attrs.c | 284
ldap/servers/plugins/linkedattrs/linked_attrs.h | 8
ldap/servers/plugins/memberof/memberof.c | 841
ldap/servers/plugins/memberof/memberof.h | 8
ldap/servers/plugins/memberof/memberof_config.c | 242
ldap/servers/plugins/mep/mep.c | 2861
ldap/servers/plugins/mep/mep.h | 130
ldap/servers/plugins/pam_passthru/pam_passthru.h | 2
ldap/servers/plugins/pam_passthru/pam_ptconfig.c | 2
ldap/servers/plugins/pam_passthru/pam_ptimpl.c | 32
ldap/servers/plugins/pam_passthru/pam_ptpreop.c | 9
ldap/servers/plugins/passthru/passthru.h | 4
ldap/servers/plugins/passthru/ptbind.c | 6
ldap/servers/plugins/passthru/ptconfig.c | 43
ldap/servers/plugins/passthru/ptconn.c | 8
ldap/servers/plugins/passthru/ptpreop.c | 17
ldap/servers/plugins/pwdstorage/smd5_pwd.c | 9
ldap/servers/plugins/referint/referint.c | 761
ldap/servers/plugins/replication/cl4_api.c | 2
ldap/servers/plugins/replication/cl5.h | 1
ldap/servers/plugins/replication/cl5_api.c | 2655
ldap/servers/plugins/replication/cl5_api.h | 111
ldap/servers/plugins/replication/cl5_clcache.c | 55
ldap/servers/plugins/replication/cl5_clcache.h | 2
ldap/servers/plugins/replication/cl5_config.c | 247
ldap/servers/plugins/replication/cl5_init.c | 2
ldap/servers/plugins/replication/cl5_test.c | 2
ldap/servers/plugins/replication/cl_crypt.c | 203
ldap/servers/plugins/replication/cl_crypt.h | 53
ldap/servers/plugins/replication/csnpl.c | 44
ldap/servers/plugins/replication/legacy_consumer.c | 31
ldap/servers/plugins/replication/repl-session-plugin.h | 119
ldap/servers/plugins/replication/repl.h | 2
ldap/servers/plugins/replication/repl5.h | 65
ldap/servers/plugins/replication/repl5_agmt.c | 304
ldap/servers/plugins/replication/repl5_agmtlist.c | 106
ldap/servers/plugins/replication/repl5_connection.c | 155
ldap/servers/plugins/replication/repl5_inc_protocol.c | 92
ldap/servers/plugins/replication/repl5_init.c | 49
ldap/servers/plugins/replication/repl5_mtnode_ext.c | 13
ldap/servers/plugins/replication/repl5_plugins.c | 193
ldap/servers/plugins/replication/repl5_prot_private.h | 4
ldap/servers/plugins/replication/repl5_protocol.c | 107
ldap/servers/plugins/replication/repl5_protocol_util.c | 509
ldap/servers/plugins/replication/repl5_replica.c | 308
ldap/servers/plugins/replication/repl5_replica_config.c | 365
ldap/servers/plugins/replication/repl5_replica_dnhash.c | 26
ldap/servers/plugins/replication/repl5_replica_hash.c | 30
ldap/servers/plugins/replication/repl5_ruv.c | 419
ldap/servers/plugins/replication/repl5_ruv.h | 18
ldap/servers/plugins/replication/repl5_tot_protocol.c | 32
ldap/servers/plugins/replication/repl5_total.c | 22
ldap/servers/plugins/replication/repl5_updatedn_list.c | 2
ldap/servers/plugins/replication/repl_bind.c | 6
ldap/servers/plugins/replication/repl_compare.c | 18
ldap/servers/plugins/replication/repl_connext.c | 2
ldap/servers/plugins/replication/repl_controls.c | 2
ldap/servers/plugins/replication/repl_extop.c | 291
ldap/servers/plugins/replication/repl_globals.c | 2
ldap/servers/plugins/replication/repl_init.c | 1
ldap/servers/plugins/replication/repl_objset.c | 9
ldap/servers/plugins/replication/repl_session_plugin.c | 188
ldap/servers/plugins/replication/repl_shared.h | 17
ldap/servers/plugins/replication/replutil.c | 107
ldap/servers/plugins/replication/test_repl_session_plugin.c | 335
ldap/servers/plugins/replication/urp.c | 165
ldap/servers/plugins/replication/urp.h | 11
ldap/servers/plugins/replication/urp_glue.c | 14
ldap/servers/plugins/replication/urp_tombstone.c | 21
ldap/servers/plugins/replication/windows_connection.c | 166
ldap/servers/plugins/replication/windows_inc_protocol.c | 55
ldap/servers/plugins/replication/windows_private.c | 128
ldap/servers/plugins/replication/windows_protocol_util.c | 677
ldap/servers/plugins/replication/windows_tot_protocol.c | 125
ldap/servers/plugins/replication/windowsrepl.h | 14
ldap/servers/plugins/replication/winsync-plugin.h | 2
ldap/servers/plugins/retrocl/retrocl.c | 3
ldap/servers/plugins/retrocl/retrocl.h | 2
ldap/servers/plugins/retrocl/retrocl_create.c | 13
ldap/servers/plugins/retrocl/retrocl_po.c | 23
ldap/servers/plugins/retrocl/retrocl_trim.c | 20
ldap/servers/plugins/rever/des.c | 72
ldap/servers/plugins/rever/rever.c | 8
ldap/servers/plugins/roles/roles_cache.c | 128
ldap/servers/plugins/schema_reload/schema_reload.c | 5
ldap/servers/plugins/shared/plugin-utils.h | 112
ldap/servers/plugins/shared/utils.c | 508
ldap/servers/plugins/statechange/statechange.c | 26
ldap/servers/plugins/syntaxes/bin.c | 142
ldap/servers/plugins/syntaxes/bitstring.c | 68
ldap/servers/plugins/syntaxes/ces.c | 172
ldap/servers/plugins/syntaxes/cis.c | 321
ldap/servers/plugins/syntaxes/deliverymethod.c | 32
ldap/servers/plugins/syntaxes/dn.c | 72
ldap/servers/plugins/syntaxes/facsimile.c | 32
ldap/servers/plugins/syntaxes/guide.c | 32
ldap/servers/plugins/syntaxes/int.c | 96
ldap/servers/plugins/syntaxes/nameoptuid.c | 72
ldap/servers/plugins/syntaxes/numericstring.c | 148
ldap/servers/plugins/syntaxes/sicis.c | 32
ldap/servers/plugins/syntaxes/string.c | 402
ldap/servers/plugins/syntaxes/syntax.h | 61
ldap/servers/plugins/syntaxes/syntax_common.c | 118
ldap/servers/plugins/syntaxes/tel.c | 94
ldap/servers/plugins/syntaxes/teletex.c | 32
ldap/servers/plugins/syntaxes/telex.c | 31
ldap/servers/plugins/syntaxes/validate.c | 17
ldap/servers/plugins/syntaxes/value.c | 120
ldap/servers/plugins/uiduniq/7bit.c | 48
ldap/servers/plugins/uiduniq/plugin-utils.h | 96
ldap/servers/plugins/uiduniq/uid.c | 326
ldap/servers/plugins/uiduniq/utils.c | 256
ldap/servers/plugins/usn/usn.c | 179
ldap/servers/plugins/usn/usn.h | 3
ldap/servers/plugins/usn/usn_cleanup.c | 31
ldap/servers/plugins/views/views.c | 27
ldap/servers/slapd/abandon.c | 7
ldap/servers/slapd/add.c | 186
ldap/servers/slapd/agtmmap.c | 56
ldap/servers/slapd/attr.c | 84
ldap/servers/slapd/attrlist.c | 7
ldap/servers/slapd/attrsyntax.c | 143
ldap/servers/slapd/auditlog.c | 69
ldap/servers/slapd/auth.c | 59
ldap/servers/slapd/ava.c | 2
ldap/servers/slapd/back-ldbm/ancestorid.c | 104
ldap/servers/slapd/back-ldbm/archive.c | 91
ldap/servers/slapd/back-ldbm/back-ldbm.h | 96
ldap/servers/slapd/back-ldbm/backentry.c | 2
ldap/servers/slapd/back-ldbm/cache.c | 83
ldap/servers/slapd/back-ldbm/dbhelp.c | 12
ldap/servers/slapd/back-ldbm/dblayer.c | 1614
ldap/servers/slapd/back-ldbm/dblayer.h | 14
ldap/servers/slapd/back-ldbm/dbtest.c | 349
ldap/servers/slapd/back-ldbm/dbversion.c | 52
ldap/servers/slapd/back-ldbm/dn2entry.c | 63
ldap/servers/slapd/back-ldbm/filterindex.c | 244
ldap/servers/slapd/back-ldbm/findentry.c | 147
ldap/servers/slapd/back-ldbm/id2entry.c | 175
ldap/servers/slapd/back-ldbm/idl.c | 35
ldap/servers/slapd/back-ldbm/idl_common.c | 7
ldap/servers/slapd/back-ldbm/idl_new.c | 50
ldap/servers/slapd/back-ldbm/idl_shim.c | 17
ldap/servers/slapd/back-ldbm/import-merge.c | 28
ldap/servers/slapd/back-ldbm/import-threads.c | 1366
ldap/servers/slapd/back-ldbm/import.c | 403
ldap/servers/slapd/back-ldbm/import.h | 32
ldap/servers/slapd/back-ldbm/index.c | 246
ldap/servers/slapd/back-ldbm/init.c | 89
ldap/servers/slapd/back-ldbm/instance.c | 174
ldap/servers/slapd/back-ldbm/ldbm_add.c | 245
ldap/servers/slapd/back-ldbm/ldbm_attr.c | 392
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c | 986
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c | 2
ldap/servers/slapd/back-ldbm/ldbm_bind.c | 4
ldap/servers/slapd/back-ldbm/ldbm_compare.c | 4
ldap/servers/slapd/back-ldbm/ldbm_config.c | 309
ldap/servers/slapd/back-ldbm/ldbm_config.h | 9
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 323
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 833
ldap/servers/slapd/back-ldbm/ldbm_index_config.c | 668
ldap/servers/slapd/back-ldbm/ldbm_instance_config.c | 262
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 140
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 361
ldap/servers/slapd/back-ldbm/ldbm_search.c | 411
ldap/servers/slapd/back-ldbm/ldbm_usn.c | 74
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 792
ldap/servers/slapd/back-ldbm/matchrule.c | 50
ldap/servers/slapd/back-ldbm/misc.c | 298
ldap/servers/slapd/back-ldbm/monitor.c | 14
ldap/servers/slapd/back-ldbm/nextid.c | 17
ldap/servers/slapd/back-ldbm/parents.c | 141
ldap/servers/slapd/back-ldbm/perfctrs.c | 24
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 52
ldap/servers/slapd/back-ldbm/sort.c | 38
ldap/servers/slapd/back-ldbm/start.c | 61
ldap/servers/slapd/back-ldbm/vlv.c | 383
ldap/servers/slapd/back-ldbm/vlv_srch.c | 17
ldap/servers/slapd/back-ldbm/vlv_srch.h | 3
ldap/servers/slapd/back-ldif/back-ldif.h | 2
ldap/servers/slapd/back-ldif/modrdn.c | 12
ldap/servers/slapd/backend.c | 72
ldap/servers/slapd/backend_manager.c | 18
ldap/servers/slapd/bind.c | 320
ldap/servers/slapd/bulk_import.c | 39
ldap/servers/slapd/charray.c | 27
ldap/servers/slapd/compare.c | 41
ldap/servers/slapd/computed.c | 36
ldap/servers/slapd/config.c | 2
ldap/servers/slapd/configdse.c | 63
ldap/servers/slapd/connection.c | 196
ldap/servers/slapd/conntable.c | 3
ldap/servers/slapd/control.c | 26
ldap/servers/slapd/csn.c | 77
ldap/servers/slapd/csngen.c | 54
ldap/servers/slapd/csnset.c | 4
ldap/servers/slapd/daemon.c | 173
ldap/servers/slapd/delete.c | 127
ldap/servers/slapd/dn.c | 1561
ldap/servers/slapd/dse.c | 222
ldap/servers/slapd/dynalib.c | 29
ldap/servers/slapd/entry.c | 919
ldap/servers/slapd/entrywsi.c | 108
ldap/servers/slapd/eventq.c | 4
ldap/servers/slapd/extendop.c | 35
ldap/servers/slapd/factory.c | 1
ldap/servers/slapd/fe.h | 5
ldap/servers/slapd/fedse.c | 40
ldap/servers/slapd/filter.c | 141
ldap/servers/slapd/filter.h | 1
ldap/servers/slapd/filtercmp.c | 26
ldap/servers/slapd/filterentry.c | 36
ldap/servers/slapd/generation.c | 1
ldap/servers/slapd/index_subsystem.c | 28
ldap/servers/slapd/intrinsics.h | 7
ldap/servers/slapd/ldaputil.c | 776
ldap/servers/slapd/lenstr.c | 6
ldap/servers/slapd/libglobs.c | 642
ldap/servers/slapd/libslapd.def | 1
ldap/servers/slapd/log.c | 77
ldap/servers/slapd/log.h | 20
ldap/servers/slapd/main.c | 288
ldap/servers/slapd/mapping_tree.c | 478
ldap/servers/slapd/match.c | 96
ldap/servers/slapd/modify.c | 491
ldap/servers/slapd/modrdn.c | 357
ldap/servers/slapd/modutil.c | 14
ldap/servers/slapd/operation.c | 27
ldap/servers/slapd/opshared.c | 281
ldap/servers/slapd/pagedresults.c | 130
ldap/servers/slapd/passwd_extop.c | 203
ldap/servers/slapd/pblock.c | 559
ldap/servers/slapd/plugin.c | 328
ldap/servers/slapd/plugin_acl.c | 19
ldap/servers/slapd/plugin_internal_op.c | 176
ldap/servers/slapd/plugin_mr.c | 474
ldap/servers/slapd/plugin_syntax.c | 442
ldap/servers/slapd/protect_db.c | 24
ldap/servers/slapd/protect_db.h | 7
ldap/servers/slapd/proto-slap.h | 69
ldap/servers/slapd/proxyauth.c | 246
ldap/servers/slapd/psearch.c | 77
ldap/servers/slapd/pw.c | 519
ldap/servers/slapd/pw.h | 5
ldap/servers/slapd/pw_mgmt.c | 161
ldap/servers/slapd/pw_retry.c | 87
ldap/servers/slapd/rdn.c | 141
ldap/servers/slapd/referral.c | 29
ldap/servers/slapd/regex.c | 3
ldap/servers/slapd/resourcelimit.c | 80
ldap/servers/slapd/result.c | 81
ldap/servers/slapd/rootdse.c | 12
ldap/servers/slapd/rwlock.c | 257
ldap/servers/slapd/rwlock.h | 65
ldap/servers/slapd/sasl_io.c | 167
ldap/servers/slapd/sasl_map.c | 57
ldap/servers/slapd/saslbind.c | 160
ldap/servers/slapd/schema.c | 179
ldap/servers/slapd/schemaparse.c | 13
ldap/servers/slapd/search.c | 89
ldap/servers/slapd/security_wrappers.c | 36
ldap/servers/slapd/slap.h | 194
ldap/servers/slapd/slapi-plugin-compat4.h | 6
ldap/servers/slapd/slapi-plugin.h | 1258
ldap/servers/slapd/slapi-private.h | 57
ldap/servers/slapd/slapi2nspr.c | 79
ldap/servers/slapd/slapi_counter.c | 24
ldap/servers/slapd/snmp_collator.c | 19
ldap/servers/slapd/ssl.c | 323
ldap/servers/slapd/str2filter.c | 5
ldap/servers/slapd/task.c | 128
ldap/servers/slapd/test-plugins/testbind.c | 1
ldap/servers/slapd/test-plugins/testpostop.c | 1
ldap/servers/slapd/time.c | 91
ldap/servers/slapd/tools/dbscan.c | 76
ldap/servers/slapd/tools/ldclt/data.c | 70
ldap/servers/slapd/tools/ldclt/ldapfct.c | 1124
ldap/servers/slapd/tools/ldclt/ldclt.c | 48
ldap/servers/slapd/tools/ldclt/ldclt.h | 3
ldap/servers/slapd/tools/ldclt/ldcltU.c | 24
ldap/servers/slapd/tools/ldclt/parser.c | 19
ldap/servers/slapd/tools/ldclt/scalab01.c | 190
ldap/servers/slapd/tools/ldclt/threadMain.c | 6
ldap/servers/slapd/tools/ldif.c | 4
ldap/servers/slapd/tools/mmldif.c | 9
ldap/servers/slapd/tools/pwenc.c | 2
ldap/servers/slapd/tools/rsearch/addthread.c | 25
ldap/servers/slapd/tools/rsearch/sdattable.c | 4
ldap/servers/slapd/tools/rsearch/searchthread.c | 62
ldap/servers/slapd/uniqueid.c | 99
ldap/servers/slapd/utf8compare.c | 6
ldap/servers/slapd/util.c | 360
ldap/servers/slapd/uuid.c | 22
ldap/servers/slapd/value.c | 53
ldap/servers/slapd/valueset.c | 75
ldap/servers/slapd/vattr.c | 109
ldap/servers/snmp/NETWORK-SERVICES-MIB.txt | 650
ldap/servers/snmp/RFC-1215.txt | 38
ldap/servers/snmp/RFC1155-SMI.txt | 119
ldap/servers/snmp/SNMPv2-CONF.txt | 322
ldap/servers/snmp/SNMPv2-SMI.txt | 344
ldap/servers/snmp/SNMPv2-TC.txt | 772
ldap/servers/snmp/ldap-agent.c | 26
ldap/servers/snmp/main.c | 11
ldap/servers/snmp/netscape-ldap.mib | 759
ldap/systools/idsktune.c | 71
lib/base/crit.cpp | 6
lib/base/ereport.cpp | 2
lib/base/file.cpp | 24
lib/base/lexer.cpp | 1015
lib/base/plist.cpp | 3
lib/base/rwlock.cpp | 168
lib/base/util.cpp | 13
lib/ldaputil/cert.c | 4
lib/ldaputil/certmap.c | 409
lib/ldaputil/dbconf.c | 1
lib/ldaputil/utest/Makefile | 149
lib/ldaputil/utest/auth.cpp | 611
lib/ldaputil/utest/authtest | 138
lib/ldaputil/utest/certmap.conf | 68
lib/ldaputil/utest/dblist.conf | 47
lib/ldaputil/utest/example.c | 153
lib/ldaputil/utest/plugin.c | 152
lib/ldaputil/utest/plugin.h | 57
lib/ldaputil/utest/stubs.c | 144
lib/ldaputil/utest/stubs.cpp | 139
lib/ldaputil/utest/test.ref | 480
lib/ldaputil/vtable.c | 2
lib/libaccess/acl.tab.cpp | 25
lib/libaccess/aclcache.cpp | 105
lib/libaccess/aclflush.cpp | 1
lib/libaccess/aclpriv.h | 1
lib/libaccess/acltext.y | 4
lib/libaccess/acltools.cpp | 1896
lib/libaccess/aclutil.cpp | 13
lib/libaccess/authdb.cpp | 112
lib/libaccess/lasdns.cpp | 23
lib/libaccess/lasgroup.cpp | 10
lib/libaccess/lasip.cpp | 20
lib/libaccess/nseframe.cpp | 1
lib/libaccess/oneeval.cpp | 19
lib/libaccess/permhash.h | 11
lib/libaccess/register.cpp | 50
lib/libaccess/usrcache.cpp | 14
lib/libaccess/utest/.purify | 19
lib/libaccess/utest/Makefile | 147
lib/libaccess/utest/acl.dat | 44
lib/libaccess/utest/aclfile0 | 87
lib/libaccess/utest/aclfile1 | 43
lib/libaccess/utest/aclfile10 | 45
lib/libaccess/utest/aclfile11 | 43
lib/libaccess/utest/aclfile12 | 43
lib/libaccess/utest/aclfile13 | 43
lib/libaccess/utest/aclfile14 | 43
lib/libaccess/utest/aclfile15 | 43
lib/libaccess/utest/aclfile16 | 43
lib/libaccess/utest/aclfile17 | 43
lib/libaccess/utest/aclfile18 | 51
lib/libaccess/utest/aclfile19 | 46
lib/libaccess/utest/aclfile2 | 43
lib/libaccess/utest/aclfile3 | 43
lib/libaccess/utest/aclfile4 | 43
lib/libaccess/utest/aclfile5 | 43
lib/libaccess/utest/aclfile6 | 55
lib/libaccess/utest/aclfile7 | 43
lib/libaccess/utest/aclfile8 | 43
lib/libaccess/utest/aclfile9 | 43
lib/libaccess/utest/aclgrp0 | 42
lib/libaccess/utest/aclgrp1 | 42
lib/libaccess/utest/aclgrp2 | 42
lib/libaccess/utest/aclgrp3 | 42
lib/libaccess/utest/aclgrp4 | 42
lib/libaccess/utest/acltest.cpp | 794
lib/libaccess/utest/onetest.cpp | 77
lib/libaccess/utest/shexp.cpp | 331
lib/libaccess/utest/shexp.h | 168
lib/libaccess/utest/test.ref | 217
lib/libaccess/utest/testmain.cpp | 89
lib/libaccess/utest/twotest.cpp | 87
lib/libaccess/utest/ustubs.cpp | 331
lib/libadmin/error.c | 2
lib/libadmin/template.c | 2
lib/libadmin/util.c | 48
lib/libsi18n/coreres.c | 141
lib/libsi18n/coreres.h | 52
lib/libsi18n/getlang.c | 330
lib/libsi18n/getstrmem.c | 160
lib/libsi18n/getstrmem.h | 1
lib/libsi18n/getstrprop.c | 85
lib/libsi18n/makstrdb.c | 21
lib/libsi18n/propset.c | 442
lib/libsi18n/propset.h | 80
lib/libsi18n/reshash.c | 21
ltmain.sh |13199 ++-
m4/db.m4 | 21
m4/fhs.m4 | 4
m4/icu.m4 | 25
m4/kerberos.m4 | 4
m4/mozldap.m4 | 38
m4/netsnmp.m4 | 15
m4/nspr.m4 | 17
m4/nss.m4 | 17
m4/openldap.m4 | 30
m4/pcre.m4 | 28
m4/sasl.m4 | 25
m4/selinux.m4 | 13
m4/svrcore.m4 | 41
man/man1/cl-dump.1 | 18
man/man1/dbgen.pl.1 | 4
man/man1/infadd.1 | 8
man/man1/migratecred.1 | 6
man/man1/mmldif.1 | 4
man/man1/pwdhash.1 | 4
man/man1/repl-monitor.1 | 16
man/man8/ns-slapd.8 | 10
man/man8/remove-ds.pl.8 | 6
man/man8/restart-dirsrv.8 | 50
man/man8/setup-ds.pl.8 | 4
man/man8/start-dirsrv.8 | 50
man/man8/stop-dirsrv.8 | 50
missing | 104
selinux/dirsrv.fc.in | 2
selinux/dirsrv.if | 41
selinux/dirsrv.te | 11
wrappers/cl-dump.in | 11
wrappers/dbscan.in | 10
wrappers/infadd.in | 12
wrappers/initscript.in | 244
wrappers/ldap-agent-initscript.in | 20
wrappers/ldap-agent.in | 12
wrappers/ldclt.in | 12
wrappers/ldif.in | 12
wrappers/migratecred.in | 14
wrappers/mmldif.in | 14
wrappers/pwdhash.in | 14
wrappers/repl-monitor.in | 11
wrappers/rsearch.in | 12
wrappers/systemd-snmp.service.in | 16
wrappers/systemd.group.in | 6
wrappers/systemd.template.service.in | 28
wrappers/systemd.template.sysconfig | 3
615 files changed, 79499 insertions(+), 67901 deletions(-)
---
11 years, 6 months
Changes to 'refs/tags/389-ds-base-1.2.10.0-1'
by Noriko Hosoi
Changes since 389-ds-base-1.2.6.a1:
Endi S. Dewata (168):
Bug 545620 - Password cannot start with minus sign
Bug 538525 - Ability to create instance as non-root user
Bug 570542 - Root password cannot contain matching curly braces
Bug 470684 - Pam_passthru plugin doesn't verify account activation
Bug 573375 - MODRDN operation not logged
Bug 520151 - Error when modifying userPassword with proxy user
Bug 455489 - Address compiler warnings about strict-aliasing rules
Bug 566320 - RFE: add exception to removal of attributes in cn=config for aci
Bug 566043 - startpid file is only cleaned by initscript runs
Bug 584109 - Slapd crashes while parsing DNA configuration
Bug 542570 - Directory Server port number is not validated in the beginning.
Bug 145181 - Plugin target/bind subtrees only take 1 value.
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 628096 - spurious error message from /sbin/service when doing a stop on no instances
Bug 573889 - Migration does not remove deprecated schema
Bug 606545 - core schema should include numSubordinates
Bug 643979 - Strange byte sequence for attribute with no values (nsslapd-referral)
Endi Sukma Dewata (16):
Bug 630092 - Coverity #12117: Resource leaks issues
Bug 630092 - Coverity #15478: Resource leaks issues
Bug 630092 - Coverity #15479: Resource leaks issues
Bug 630092 - Coverity #15481: Resource leaks issues
Bug 630092 - Coverity #15482: Resource leaks issues
Bug 630092 - Coverity #15483: Resource leaks issues
Bug 630092 - Coverity #15484: Resource leaks issues
Bug 630092 - Coverity #15485: Resource leaks issues
Bug 630092 - Coverity #15487: Resource leaks issues
Bug 630092 - Coverity #15490: Resource leaks issues
Bug 630092 - Coverity #15497: Resource leaks issues
Bug 630092 - Coverity #11991: Resource leaks issues
Bug 630092 - Coverity #12000: Resource leaks issues
Bug 630092 - Coverity #12003: Resource leaks issues
Bug 630092 - Coverity #11985: Resource leaks issues
Bug 630092 - Coverity #11992,11993: Resource leaks issues
Mark Reynolds (17):
Ticket #71 - unable to delete managed entry config
Ticket #159 - Managed Entry Plugin runs against managed entries upon any update without validating
Ticket #177 - logconv.pl doesn't detect restarts
Merge branch 'ticket159'
Ticket #49 - better handling for server shutdown while long running tasks are active
Ticket #50 - server should not call a plugin after the plugin close function is calle
Updated for ticket#50
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #140 - incorrect memset parameters
Revert "Ticket #140 - incorrect memset parameters"
Revert "Ticket #55 - Limit of 1024 characters for nsMatchingRule"
Ticket #38 - nisDomain schema is incorrect
Ticket #6 - protocol error from proxied auth operation
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #39 - Account Policy Plugin does not work for simple binds when PAM Pass Through Auth plugin is enabled
Ticket 175 - logconv.pl improvements
Ticket 175 - minor fixes
Nathan Kinder (188):
Bug 549554 - Trim single-valued attributes before sending to AD
Improve search for pcre header file
Bug 434735 - Allow SASL ANONYMOUS mech to work
Bug 570912 - Avoid selinux context conflict with httpd
Allow instance name to be parsed from start-slapd
Add managed entries plug-in
Bug 572355 - Label instance files and ports during upgrade.
Bug 578863 - Password modify extop needs to send referrals on replicas
Bug 584156 - Remove ldapi socket file during upgrade
Fix rsearch usage of name files for random filters
Bug 584497 - Allow DNA plugin to set same value on multiple attributes
Add replication session hooks
Correct function prototype for repl session hook
Bug 592389 - Set anonymous resource limits properly
Bug 601433 - Add man pages for start-dirsrv and related commands
Bug 604263 - Fix memory leak when password change is rejected
Bug 612242 - membership change on DS does not show on AD
Bug 613833 - Allow dirsrv_t to bind to rpc ports
Bug 594745 - Get rid of dirsrv_lib_t label
Bug 620927 - Allow multiple membership attributes in memberof plugin
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630093 - (cov#15511) Don't use unintialized search_results in refint plugin
Bug 630093 - (cov#15518) Need to intialize fd in ldbm2ldif code
Bug 630096 - (cov#11778) check return value of ldap_parse_result
Bug 630096 - (cov#15446) check return value of ber_scanf()
Bug 630096 - (cov#15449,15450) Check return value of stat()
Bug 630096 - (cov#15448) Check return value of cache_replace()
Bug 630096 - (cov#15447) - Check return value of idl_append_extend()
Bug 630090 - (cov#11974) Remove unused ACL functions
Bug 630090 - (cov#15445) Fix illegal free in archive code
Bug 630094 - (cov#11818) Fix unreachable return in snmp subagent
Bug 630094 - (cov#15451) Get rid of unreachable free statements
Bug 630094 - (cov#15452) Remove NULL checking for op_string
Bug 630094 - (cov#15453) Eliminate NULL check for local_newentry
Bug 630094 - (cov#15454) Fix deadcode issue in mapping tree code
Bug 630094 - (cov#15455) Remove deadcode in attr_index_config()
Bug 630094 - (cov#15456) Remove NULL check for srdn in import code
Bug 630094 - (cov#15457) Remove deadcode in import code
Bug 630094 - (cov#15458) Fix deadcode issue in moddn code
Bug 630094 - (cov#15459) Remove NULL check for srdn in ldif2ldbm code
Bug 630094 - (cov#15520) Fix unreachable code issue if perfctrs code
Bug 630094 - (cov#15581) Add missing breaks in agt_mopen_stats()
Bug 690090 - (cov#11974) Remove additional unused ACL functions
Bug 630091 - (cov#15512) Fix usage of uninitialized bervals
Bug 630091 - (cov#15513) Fix usage of uninitialized bervals
Bug 630091 - (cov#15514) Initialize DBT in entryrdn_get_parent()
Bug 630091 - (cov#15515) Use of uninitialized array in index config code
Bug 630091 - (cov#15516,15517) Initialize pointers before attempting to free
Bug 630091 - (cov#15519) Initialize bervals in search_easter_egg()
Bug 630091 - (cov#15582) Free of uninitialized pointer in attr_index_config()
Bug 630097 - (cov#11933) Fix NULL dereference in schema code
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#11946) NULL dereference in ResHashCreate()
Bug 630097 - (cov#11964) Remove dead code from libaccess
Bug 630097 - (cov#12143) NULL dereference in cos cache code
Bug 630097 - (cov#12148) NULL dereference in ruvInit()
Bug 630097 - (cov#12182,12183) NULL dereference in import code
Bug 630097 - (cov#15460) NULL deference in ACL URL code
Bug 630097 - (cov#15461) Remove unnecessary NULL check in DNA
Bug 630097 - (cov#15462) NULL dereference in mep_modrdn_post_op()
Bug 630097 - (cov#15463) Remove NULL check in referint plugin
Bug 630097 - (cov#15464) NULL dereference in repl code
Bug 630097 - (cov#15465) Null dereference in USN code
Bug 630097 - (cov#15473) NULL dereference in ResHashCreate()
Bug 630097 - (cov#15505) NULL dereference in memberOf code
Bug 630097 - (cov#15506) NULL dereference in dblayer code
Bug 630097 - (cov#15507,15508) NULL dereference in entryrdn code
Bug 630097 - (cov#15509) NULL dereference in idsktune
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#15477) NULL dereference in ACL plug-in code
Bug 630091 - (cov#12209) Use of uninitialized pointer in libaccess
Bug 630092 - (cov#12116) Resource leak in ldclt code
Bug 630092 - (cov#12105) Resource leak in pwdscheme config code
Bug 630092 - (cov#12068) Resource leak in certmap code
Bug 630091 - (cov#11973) Array overrun in libaccess
Bug 522055 - Scope check for managed attribute fails
Bug 625335 - Self-write aci has permission to invalid attribute
Bug 631993 - Log authzid when proxy auth control is used
Cov #16300 - Unused variable in account policy plugin
Bug 544321 - remove-ds.pl should not throw error unlabelling port
Bug 555955 - Allow CoS values to be merged
Bug 643937 - Initialize replication version flags
Bug 305131 - Allow empty modify operation
Bug 619633 - Make attribute uniqueness obey requiredObjectClass
Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operations
Bug 189985 - Improve attribute uniqueness error message
Bug 647932 - multiple memberOf configuration adding memberOf where there is no member
Bug 521088 - DNA should check ACLs before getting a value from the range
Bug 635009 - Add one-way AD sync capability
Bump VERSION.sh to 1.2.8.a1
Bug 648949 - Move selinux policy into base OS
Bug 648949 - Update configure
Roll back VERSION.sh for 1.2.7 release
Bug 625950 - hash nsslapd-rootpw changes in audit log
Bug 656392 - Remove calls to ber_err_print()
Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
Bug 197886 - Avoid overflow of UUID generator
Bug 658312 - Allow mapped attribute types to be quoted
Bug 197886 - Initialize return value for UUID generation code
Bug 658309 - Process escaped characters in managed entry mappings
Bug 659456 - Incorrect usage of ber_printf() in winsync code
Bug 641944 - Don't normalize non-DN RDN values
Bug 658312 - Invalid free in Managed Entry plug-in
Bug 661792 - Valid managed entry config rejected
Bug 588791 - Allow anonymous rootDSE access only
Bug 606439 - Creating server instance with LDAPI takes too long
Bug 632670 - Chain-on-update logs managed-entries-plugin errors
Bug 621008 - parsing purge RUV from changelog at startup fails
Bug 663191 - Don't use $USER in DSCreate.pm
Bug 663597 - Memory leaks in normalization code
Bug 659131 - Incorrect RDN values added with multi-valued RDN
Bug 661102 - Rename of managed entries not handled correctly
Bug 193297 - Call pre-bind plug-ins for all SASL bind steps
Bug 201652 - LDAPv2 bind with expired password doesn't unbind correctly
Bug 470576 - Migration could do addition checks before commiting actions
Bug 481195 - Missing op type in log when password change required
Bug 509897 - Validate dnaScope to ensure it is a legal DN
Bug 505722 - Allow ntGroup to have mail attribute present
Bug 543633 - replication problems if supplier is killed under update load
Bug 671033 - range sharing between server breaks with SASL/GSSAPI auth
Bug 527912 - setup-ds.pl appears to hang when DNS is unreachable
Bug 252249 - Add pkg-config file for plug-in developers
Bug 670616 - Allow SSF to be set for local (ldapi) connections
Bug 668862 - init scripts return wrong error code
Bug 674430 - Improve error messages for attribute uniqueness
Bug 675853 - dirsrv crash segfault in need_new_pw()
Bug 678646 - Ignore tombstone operations in managed entry plug-in
Bug 671199 - Don't allow other to write to rundir
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 674852 - crash in ldap-agent when using OpenLDAP
Bug 681345 - setup-ds.pl should set SuiteSpotGroup automatically
Bug 680558 - Winsync plugin fails to restrain itself to the configured subtree
Bug 504803 - Allow maxlogsize to be set if logmaxdiskspace is -1
Bug 687974 - (cov#10715) Fix Coverity uninitialized variables issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 688341 - (cov#10708) Fix Coverity code maintainability issues
Bug 688341 - (cov#10706,10707) Fix Coverity code maintainability issues
Bug 688341 - (cov#10704,10705) Fix Coverity code maintainability issues
Bug 688341 - (cov#10703) Fix Coverity code maintainability issues
Bug 688341 - (cov#10702) Fix Coverity code maintainability issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 689537 - (cov#10699) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10610) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10608) Fix Coverity NULL pointer dereferences
Bug 689952 - (cov#10581) Incorrect bit check in replication connection code
Bug 690526 - (cov#10734) Double free in dse_add()
Bug 690649 - (cov#10731) Use of free'd pointer in indexing code
Bug 690882 - (cov#10571) Incorrect sizeof use in uuid code
Bug 690882 - (cov#10636,10637) Useless comparison in attrcrypt
Bug 690882 - (cov#10703) Incorrect sizeof use in vattr code
Bug 690882 - (cov#10572,10710) Incorrect sizeof use in uuid code
Bug 691574 - (cov#10579) Check return value of ber_scanf() in sort code
Bug 691574 - (cov#10577) Check return types when adding RDN CSNs
Bug 691574 - (cov#10573) check return value in GER code
Bug 691574 - (cov#10575) Check return value of ldap_get_option
Bug 691574 - (cov#10573) Fix syntax error
Bug 693868 - Add managed entry config during in-place upgrade
Add Auto Membership Plug-in
Bug 698428 - Make auto membership use Slapi_DN for DN comparisons
Bug 695779 - windows sync can lose old values when a new value is added
Bug 700557 - Linked attrs callbacks access free'd pointers after close
Bug 700557 - Leak at shutdown in DNA plug-in
Bug 703304 - Auto membership alternate config area should override default area
Bug 703304 - Auto membership alternate config area should override default area
Bug 703530 - Allow Managed Entry config to be relocated
Bug 697961 - memberOf needs to be triggered by internal operations
Bug 710377 - Import with chain-on-update crashes ns-slapd
Split automember regex rules into separate entries
Bug 713209 - Update sudo schema
Bug 691313 - Need TLS/SSL error messages in repl status and errors log
Bug 723937 - Slapi_Counter API broken on 32-bit F15
Bug 725743 - Make memberOf use PRMonitor for it's operation lock
Bug 729717 - Fatal error messages when syncing deletes from AD
Bug 728510 - Run dirsync after sending updates to AD
Bug 730387 - Add slapi_rwlock API and use POSIX rwlocks
Bug 611438 - Add Account Usability Control support
Bug 728592 - Allow ns-slapd to start with an invalid server cert
Bug 732541 - Ignore error 32 when adding automember config
Bug 722292 - Entries in DS are not updated properly when using WinSync API
Bug 722292 - (cov#11030) Leak of mapped_sdn in winsync rename code
Bug 735114 - renaming a managed entry does not update mepmanagedby
Bug 739172 - Allow separate fractional attrs for incremental and total protocols
Bug 743966 - Compiler warnings in account usability plugin
Bug 744946 - (cov#11046) NULL dereference in IDL code
Bug 752155 - Use restorecon after creating init script lock file
Ticket 284 - Remove unnecessary SNMP MIB files
Noriko Hosoi (299):
544089 - Referential Integrity Plugin does not take into account the attribute
557224 - subtree rename breaks the referential integrity plug-in
247413 - Incorrect error on multiple identical value add
559016 - Attempting to rename suffix returns inappropriate errors
555577 - Syntax validation fails for "ou=NetscapeRoot" tree
Undo - 555577 - Syntax validation fails for "ou=NetscapeRoot" tree
560827 - Admin Server templates: DistinguishName validation fails
548535 - memory leak in attrcrypt
563365 - Error handling problems in the backend functions
565664 - Incorrect parameter for CACHE_RETURN()
565987 - redhat-ds-base fails to build due to undefined struct
527848 - make sure db upgrade to 4.7 and later works correctly
539618 - Replication bulk import reports Invalid read/write
567370 - dncache: assertion failure in id2entry_delete
548115 - memory leak in schema reload
555970 - missing read lock in the combination of cos and nsview
539618 - Replication bulk import reports Invalid read/write
570667 - MMR: simultaneous total updates on the masters cause
Merge branch '547503'
Revert "Merge branch '547503'"
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
199923 - subtree search fails to find items under a db
570107 - The import of LDIFs with base-64 encoded DNs fails,
572649 - DS8.2 crashes on RHEL 4 (corresponding to bob, ber_2 test case)
573060 - DN normalizer: ESC HEX HEX is not normalized (
573896 - initializing subtree with invalid syntax crashes ns-slapd
515805 - Stop "initialize Database" crashes the server
548533 - memory leak in Repl_5_Inc_Protocol_new
Fixing a syntax error
Update to New DN Format
585905 - ACL with targattrfilters error crashes the server
574167 - An escaped space at the end of the RDN value is not
590931 - rhds81 import - hardcoded pages_limit for nsslapd-import-cache-autosize
591336 - Implementing upgrade DN format tool
593453 - Creating password policy with ns-newpolicy.pl on Replicated
593110 - backup-restore does not ALWAYS work
593899 - adding specific ACI causes very large mem allocate request
588867 - entryusn plugin fails on solaris
593899 - adding specific ACI causes very large mem allocate request
595893 - Base DN in SASL mapping is not normalized
511112 - Password history limited to 25 values
597375 - Deleting LDBM database causes backup/restore problem
574101 - MODRDN request never returns - possible deadlock
606920 - anonymous resource limit - nstimelimit -
605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl
578296 - Attribute type entrydn needs to be added when subtree
609256 - Selinux: pwdhash fails if called via Admin Server CGI
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
616618 - 389 v1.2.5 accepts 2 identical entries with different DN formats
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
616608 - SIGBUS in RDN index reads on platforms with strict alignments
619595 - Upgrading sub suffix under non-normalized suffix disappears
513166 - Simple Paged result doesn't provide the server's estimate
621928 - Unable to enable replica (rdn problem?) on 1.2.6 rc6
Bug 194531 - db2bak is too noisy
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 623118 - Simplepaged results going in infinite loop
Bug 614511 - fix coverity Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverity Defect Type: Resource leaks issues CID 11975 - 12051
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverity Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892
Bug 616500 - fix coverity Defect Type: Resource leaks issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 613056 - fix coverify Defect Type: Null pointer dereferences
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Removed redundant code in agmt_new_from_entry
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 628300 - DN is not normalized in dn/entry cache when an entry is added, entrydn is not present in search results
Bug 531642 - EntryUSN: RFE: a configuration option to make entryusn "global"
Bug 627738 - The cn=monitor statistics entries for the dnentry cache do not change or change very rarely
DN normalizer should check the invalid type
Bug 627738 - The cn=monitor statistics entries for the dnentry cache
Bug 629710 - escape_string does not check '\<HEX><HEX>'
agmtlist_shutdown (repl5_agmtlist.c) had an illegal access defect.
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 631862 - crash - delete entries not in cache + referint
Bug 625014 - SubTree Renames: ModRDN operation fails and the server hangs if the entry is moved to "under" the same DN.
Bug 558099 - Enhancement request: Log more information about the search result being a paged one
Bug 635987 - Incorrect sub scope search result with
Bug 606920 - anonymous resource limit- nstimelimit -
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 639289 - Adding a new CN entry with UpperCase UTF-8 Character
Bug 640027 - Naming attribute with a special char sequence parsing bug
Bug 640854 - changelog db: _cl5WriteOperation: failed to
Bug 637852 - sasl_io_start_packet: failed - read only 3 bytes
Bug 586966 - Sample update script has syntax errors
Bug 586973 - Sample update ldif points to non-existent directory
Bug 602456 - Allow to add any cn=config attributes;
Bug 244229 - targetattr not verified against schema when setting an aci
Bug 643532 - Incorrect DNs sometimes returned on searches
Bug 592397 - Upgrade tool dn2rdn: it does not clean up
Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
Bug 629681 - Retro Changelog trimming does not behave as expected
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 638773 - permissions too loose on pid and lock files
Bug 491733 - dbtest crashes
Bug 329751 - "nested" filtered roles searches candidates more
Bug 567282 - server can not abandon searchRequest of "simple paged results"
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Bug 651571 - When attrcrypt is on, entrydn is stored in the backend db
Bug 661918 - 389-ds MMR plugin's changelogdb path logic is incorrect
Bug 182507 - clear-password mod from replica is discarded before changelogged
Bug 602456 - Allow to add any cn=config attributes;
Bug 489379 - passwordExpirationTime in entry being added
Bug 663484 - Entry usn plugin fails to properly tag entries on initialization
Bug 664563 - GER: ger for non-present entry is not correct
Bug 653007 - db2ldif export of clear text passwords lacks storage scheme
Bug 667488 - Cannot recreate numsubordinates index with db2index
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 615100 - log rotationinfo always recreated at startup,
Bug 624442 - MMR: duplicate replica ID
Bug 669205 - db2bak: backed up changelog should include RUVs
Bug 616850 - ldapmodify failed to reject the replace operation
Bug 627993 - Inconsistent storage of password expiry times
Bug 627993 - Inconsistent storage of password expiry times
dn2rdn should respect the DB version info
Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any error message in logs
Bug 624547 - attrcrypt should query the given slot/token for
Bug 668619 - slapd stops responding
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
Bug 615052 - intrinsics and 64-bit atomics code fails to compile
Bug 616213 - insufficient stack size for HP-UX on PA-RISC
Bug 675265 - preventryusn gets added to entries on a failed delete
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 450016 - RFE- Console display values in KB/MB/GB
Cancelling commit aef19508c4f618285116d2068655183658f564d9
Bug 625424 - repl-monitor.pl doesn't work in hub node
Bug 679978 - modifying attr value crashes the server, which is supposed to
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 668909 - Can't modify replication agreement in some cases
Bug 684996 - Exported tombstone cannot be imported correctly
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 689866 - ns-newpwpolicy.pl needs to use the new DN format
Bug 690955 - Mrclone fails due to the replica generation id mismatch
Bug 696407 - If an entry with a mixed case RDN is turned to be
Bug 697027 - 1 - minor memory leaks found by Valgrind + TET
Bug 697027 - 2 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 4 - minor memory leaks found by Valgrind + TET
Bug 697027 - 5 - minor memory leaks found by Valgrind + TET
Bug 697027 - 6 - minor memory leaks found by Valgrind + TET
Bug 697027 - 7 - minor memory leaks found by Valgrind + TET
Bug 697027 - 8 - minor memory leaks found by Valgrind + TET
Bug 697027 - 9 - minor memory leaks found by Valgrind + TET
Bug 697027 - 10 - minor memory leaks found by Valgrind + TET
Bug 697027 - 11 - minor memory leaks found by Valgrind + TET
Bug 697027 - 12 - minor memory leaks found by Valgrind + TET
Bug 697027 - 13 - minor memory leaks found by Valgrind + TET
Bug 697027 - 14 - minor memory leaks found by Valgrind + TET
Bug 697027 - 15 - minor memory leaks found by Valgrind + TET
Bug 697027 - 16 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 700215 - ldclt core dumps
Bug 668619 - slapd stops responding
Bug 709826 - Memory leak: when extra referrals configured
Bug 706179 - DS can not restart after create a new objectClass has entryusn attribute
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 718303 - Intensive updates on masters could break the consumer's cache
Merge branch '718303'
Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9
Bug 712855 - Directory Server 8.2 logs "Netscape Portable
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 732153 - subtree and user account lockout policies implemented?
Introducing an environment variable USE_VALGRIND to clean up the entry cache and dn cache on exit.
Bug 744945 - nsslapd-counters attribute value cannot be set to "off"
Keep unhashed password psuedo-attribute in the adding entry
Reduce the number of DN normalization
Bug 745259 - Incorrect entryUSN index under high load
Bug 750622 - Fix Coverity (11104) Resource leak:
Bug 750624 - Fix Coverity (11053) Explicit null dereferenced:
Bug 750625 - Fix Coverity (11066) Unused pointer value
Bug 750625 - Fix Coverity (11065) Uninitialized pointer read
Bug 750625 - Fix Coverity (11064) Dereference before null check
Bug 750625 - Fix Coverity (11061) Resource leak
Bug 750625 - Fix Coverity (11060) Dereference null return value
Bug 750625 - Fix Coverity (11058, 11059) Dereference null return value
Bug 750625 - Fix Coverity (11057) Dereference null return value
Bug 750625 - Fix Coverity (11055) Explicit null dereferenced
Bug 750625 - Fix Coverity (11054) Dereference after null check
Bug 750625 - Fix Coverity (11117) Uninitialized pointer read
Bug 750625 - Fix Coverity (11116) Uninitialized pointer read
Bug 750625 - Fix Coverity (11114, 11115) Uninitialized value use
Bug 750625 - Fix Coverity (11113) Uninitialized pointer read
Bug 750625 - Fix Coverity (11112) Uninitialized pointer read
Bug 750625 - Fix Coverity (11109, 11110, 11111) Uninitialized pointer read
Bug 750625 - Fix Coverity (11108) Sizeof not portable
Bug 750625 - Fix Coverity (11107) Dereference before null check
Bug 750625 - Fix Coverity (11096) Explicit null dereferenced
Bug 750625 - Fix Coverity (11095) Explicit null dereferenced
Bug 750625 - Fix Coverity (11094) Dereference after null check
Bug 750625 - Fix Coverity (11091) Unchecked return value
Bug 750625 - Fix Coverity (11055-2) Explicit null dereferenced
Bug 750625 - Fix Coverity (11062) Resource leak
Bug 750625 - Fix Coverity (11066-2) Unused pointer value
Bug 750625 - Fix Coverity (12195) Dereference after null check
Bug 750625 - Fix Coverity (12196) Dereference before null check
Bug 750625 - Fix Coverity (11066-3) Unused pointer value
Bug 745259 - Incorrect entryUSN index under high load in
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 26 - Please support setting
Trac Ticket 75 - Unconfigure plugin opperations are being called.
Trac Ticket 168 - minssf should not apply to rootdse
Trac Ticket #18 - Data inconsitency during replication
Trac Ticket #52 - FQDN set to nsslapd-listenhost
Trac Ticket 139 - eliminate the use of char *dn in favor of Slapi_DN *dn
Trac Ticket 35 - Log not clear enough on schema errors
Trac Ticket #274 - Reindexing entryrdn fails if
Trac Ticket #275 - Invalid read reported by valgrind
Trac Ticket 51 - memory leaks in 389-ds-base-1.2.8.2-1.el5?
Rich Megginson (301):
Net::LDAP password modify extop breaks; msgid in response is 0xFF
Clean up assert for entrydn
Bug 543080 - Bitwise plugin fails to return the exact matched entries for Bitwise search filter
Bug 537466 - nsslapd-distribution-plugin should not require plugin name to begin with "lib"
bump version to 1.2.6.a2
Do not use syntax plugins directly for filters, indexing
wrap new style matching rule plugins for use in old style indexing code
change extensible filter code to use new syntax function style mr funcs
change syntax plugins to register required matching rule plugins
crash looking up compat syntax; numeric string syntax using integer; make octet string ordering work correctly
fix memory leak in attr replace when replacement fails
fix dso linking issues found by fedora 13 linking
problems linking with -z defs
389 DS segfaults on libsyntax-plugin.so - part 1
389 DS segfaults on libsyntax-plugin.so - part 2
389 DS segfaults on libsyntax-plugin.so - part 3
Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location on non-RHEL/Fedora OS
Bug 568196 - Install DS8.2 on Solaris fails
Bug 568196 - Install DS8.2 on Solaris fails - part 2
Bug 551198 - LDAPI: incorrect logging to access log
bump version to 1.2.6.a3
fix various memory leaks
Bug 551198 - LDAPI: incorrect logging to access log - part 2
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
cleanup build warnings
Bug 571514 - upgrade to 1.2.6 should upgrade 05rfc4523.ldif (cert schema)
Bug 570905 - postalAddress syntax should allow empty lines (should allow $$)
Add support for additional schema/matching rules included with 389
Bug 572677 - Memory leak in searches including GER control
Bug 571677 - Busy replica on consumers when directly deleting a replication conflict
Bug 576074 - search filters with parentheses fail
Bug 567429 - slapd didn't close connection and get into CLOSE_WAIT state
Bug 578167 - repl. of mod/replace deletes multi-valued attrs
Bug 561575 - setup-ds-admin fails to supply nsds5ReplicaName when configuring via ConfigFile
Bug 572162 - the string "|*" within a search filter on a non-indexed attribute returns all elements.
Bug 576644 - segfault while multimaster replication (paired node won't find deleted entries)
start of 1.2.6.a4
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Fix too few args for format warning in acllas
Bug 586571 - DS Console shows escaped DNs
Bug 591685 - Server instances Fail to Start on Solaris due to Library Path and pcre
bump console version to 1.2.3
Repl Session API needs to check for NULL api before init
Bug 593392 - setup-ds-admin.pl -k creates world readable file
Bug 595874 - 99user.ldif getting overpopulated
bump version to 1.2.6.a5
bump version to 1.2.6.rc1
bump version to 1.2.6.rc2
bump version to 1.2.6.rc3
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 603942 - null deref in _ger_parse_control() for subjectdn
bump version to 1.2.6.rc4
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 602530 - coverity: op_shared_modify: compare pre, post and original entries before freeing them
Bug 602531 - coverity: op_shared_delete: compare preop entry and GLUE_PARENT_ENTRY before freeing them
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 610177 - fix coverity Defect Type: Uninitialized variables issues
Bug 610276 - fix coverity Defect Type: API usage errors issues
Bug 611850 - fix coverity Defect Type: Error handling issues
Bug 614242 - C99/ANSI C++ related compile errors on HP-UX
Bug 547503 - replication broken again, with 389 MMR replication and TCP errors
Bug 617013 - repl-monitor.pl use cpu upto 90%
fix build failures due to libtool problems
Bug 617629 - Missing aliases in new schema files
Bug 617862 - Replication: Unable to delete tombstone errors
bump version to 1.2.7.a1
Bug 610281 - fix coverity Defect Type: Control flow issues - daemon.c:write_function()
Bug 610281 - fix coverity Defect Type: Control flow issues - last repl init status
postalAddress syntax does not accept empty values
ger should support both "dn" and "distinguishedName"
openldap - ldap_url_parse_ext is not part of the public api
fix memleak in ldbm_config_read_instance_entries
Add -x option to ldap tools when using openldap
openldap - add support for missing controls, add ldif api, fix NSS usage
port client tools to use openldap API
use the mozldap versions of the proxy auth control create function
document slapi wrappers for openldap/mozldap functions that differ
fix some compiler warnings
use strcasecmp with ptype and type->bv_val
ber_printf 'o' cannot handle NULL bv_val
fix the url_parse logic when looking for a missing suffix DN
openldap ldapsearch uses -LLL to suppress # version: N
add ldaptool_opts for the non BUNDLE case in Makefile.am
openldap ldapsearch returns empty line at end of LDIF output
have to use LDAP_OPT_X_TLS_NEVER to defeat cert hostname checking
openldap_read_function needs to set EWOULDBLOCK if the buffer is empty
do not terminate unwrapped LDIF line with another newline
slapi_ldap_url_parse must handle multiple host:port in url
convert mozldap host list to openldap uri list
move the out pointer back if continuation lines were removed
check src < *out only; only check for \nspace if src < *out - 2
use slapi_ldap_url_parse in the acl code
do not un-null-terminate normalized DN until new url is constructed
implement slapi_ldap_explode_dn and slapi_ldap_explode_rdn
use slapi_pblock_set to set the ldap result code for the be postop plugins
pass the string copy to slapi_dn_normalize_original
bug 614511 - fix coverity null reference - revert macro aci $dn logic
fix compiler warnings - unused vars/funcs, invalid casts
use slapi_mods_init_passin/get_ldapmods_passout if modifying the smods
Have to explicitly set protocol version to 3
Only check modrdn ops for backend/suffix correctness if not the default backend
Bug 634561 - Server crushes when using Windows Sync Agreement
openldap ber_init will assert if the bv->bv_val is NULL
add the account policy plugin and related server code, schema, and config
fix pblock memory leak
do not register pre/post op plugins if disabled
add support for global inactivity limit
fix typos in Makefile.am, acctpolicy schema
bump version to 1.2.7.a2
remove extra format argument; use %lu for size_t printf format
Bug 644013 - uniqueness plugin segfault bug
bump version to 1.2.7.a3
bump to 1.2.7.a4
bump version to 1.2.7.a5
put replication config entries in separate file
bump version to 1.2.7.a6
bump version to 1.2.7.1
bump version to 1.2.7.2
bump version to 1.2.7.3
bump version to 1.2.7.4
Bug 515329 - Multiple mods in one operation can result in an inconsistent replica
bump version to 1.2.8.a1
Bug 642046 - Segfault when using SASL/GSSAPI multimaster replication, possible krb5_creds doublefree
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 622907 - support piped passwords to perl-based maintenance commands
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 576534 - Password displayed on console when entered in command-line utilities
Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the log output to the text file
bump version to 1.2.8.a2
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 676689 - crash while adding a new user to be synced to windows
Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used
Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8
Bug 677774 - DS fails to start after reboot
Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result searches
Bug 675320 - empty modify operation with repl on or lastmod off will crash server
bump version to 1.2.9.a1 - console version to 1.2.4
Bug 677705 - ds-logpipe.py script is failing to validate "-s" and "--serverpid" options with "-t".
Bug 676655 - winsync stops working after server restart
Bug 680555 - ns-slapd segfaults if I have more than 100 DBs
Bug 514190 - setup-ds-admin.pl --debug does not log to file
Bug 518890 - setup-ds-admin.pl - improve hostname validation
Bug 644784 - Memory leak in "testbind.c" plugin
Bug 683250 - slapd crashing when traffic replayed
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10690 #10689 attrcrypt_get_ssl_cert_name() - fix coverity resource leak issues
Bug 690584 - #10688 - dblayer_make_env - fix coverity resource leak issues
Bug 690584 - #10669 #10668 cl5ImportLDIF - fix coverity resource leak issues
Bug 690584 - #10658 linked_attrs_pre_op - fix coverity resource leak issues
Bug 690584 - #10655 acllas__handle_group_entry - fix coverity resource leak issues
Bug 690584 - #10654 #10653 str2entry_dupcheck - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 690584 - #10643 hash_rootpw - fix coverity resource leak issues
Bug 690584 - #10641 reslimit_bv2int - fix coverity resource leak issues
Bug 691422 - sdt_destroy - fix coverity control flow issues
Bug 691422 - ldbm_back_upgradedb - fix coverity control flow issues
Bug 691422 - csnplFree - fix coverity control flow issues
Bug 691422 - SetUnicodeStringFromUTF_8 - fix coverity control flow issues
Bug 691422 - cl5DeleteRUV - fix coverity control flow issues
Bug 691422 - acl_read_access_allowed_on_entry - fix coverity control flow issues
Bug 691422 - search_internal_callback_pb - fix coverity control flow issues
Bug 691422 - cl5WriteRUV - fix coverity control flow issues
Bug 691422 - windows_replay_update - fix coverity control flow issues
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 692937 - Replica install fails after step for "enable GSSAPI for replication"
Bug 692331 - Segfault on index update during full replication push on 1.2.7.5
Bug 693451 - cannot use localized matching rules
Bug 693455 - nsMatchingRule does not work with multiple values
Bug 693503 - matching rules do not inherit from superior attribute type
Bug 693466 - Unable to change schema online
Bug 692991 - rhds82 - windows_tot_run: failed to obtain data to send to the consumer; LDAP error - -1
Bug 693473 - rhds82 rfe - windows_tot_run to log Sizelimit exceeded instead of LDAP error - -1
Bug 693962 - Full replica push loses some entries with multi-valued RDNs
Bug 694336 - Group sync hangs Windows initial Sync
Bug 700145 - userpasswd not replicating
Bug 703990 - Support upgrade from Red Hat Directory Server
bump console version to 1.2.5
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 707015 - Cannot disable SSLv3 and use TLS only
bump version to 1.2.9.a2
Bug 707384 - only allow FIPS approved cipher suites in FIPS mode
Bug 711906 - ns-slapd segfaults using suffix referrals
Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package
Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
bump console version to 1.2.6
Bug 697694 - rhds82 - incr update state stop_fatal_error "requires administrator action", with extop_result: 9
Bug 716980 - winsync uses old AD entry if new one not found
add support for ldif files with changetype: add
writing Inf file shows SchemaFile = ARRAY(0xhexnum)
look for separate openldap ldif library
bump version to 1.2.9.a3
Bug 709468 - RSA Authentication Server timeouts when using simple paged results on RHDS 8.2.
Bug 720059 - RDN with % can cause crashes or missing entries
bump version to 1.2.9.0
Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package
Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry contains a comma
Bug 723937 - replication failing on RUV errors
bump version to 1.2.9.1
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.2
Bug 727511 - ldclt SSL search requests are failing with "illegal error numbe
bump version to 1.2.9.3
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.4
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.5
Bug 729378 - delete user subtree container in AD + modify password in DS == DS crash
Bug 723937 - replication failing on RUV errors
Bug 729369 - upgrade DB to upgrade from entrydn to entryrdn format is not working.
make sure the DBVERSION file ends in a newline
bump version to 1.2.10.a1
Bug 633803 - passwordisglobalpolicy attribute brakes TLS chaining
Bug 733103 - large targetattr list with syntax errors cause server to crash or hang
Bug 703990 - cross-platform - Support upgrade from Red Hat Directory Server
Bug 735121 - simple paged search + ip/dns based ACI hangs server
Bug 695736 - Providing native systemd file for upcoming F15 Feature Systemd
Bug 590826 - Reloading database from ldif causes changelog to emit "data no longer matches" errors
Bug 736712 - Modifying ruv entry deadlocks server
Add support for pre/post db transaction plugins
Make all backend operations transaction aware
Bug 741744 - MOD operations with chained delete/add get back error 53 on backend config
Bug 742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
Bug 741744 - part2 - MOD operations with chained delete/add get back error 53 on backend config
Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
bump version to 1.2.10.a2
bump version to 1.2.10.a3
fix transaction support in ldbm_delete
bump version to 1.2.10.a4
set the ENTRY_POST_OP for modrdn betxnpostoperation plugins
pass the plugin config entry to the plugin init function
make memberof transaction aware and able to be a betxnpostoperation plugin
Bug 741744 - part3 - MOD operations with chained delete/add get back error 53
bump version to 1.2.10.a5
Change referential integrity to be a betxnpostoperation plugin
Use new PLUGIN_CONFIG_ENTRY feature to allow switching between txn and regular
Bug 748575 - rhds81 modrn operation and 100% cpu use in replication
Bug 748575 - part 2 - rhds81 modrdn operation and 100% cpu use in replication
Bug 751495 - 'setup-ds.pl -u' fails with undefined routine 'updateSystemD'
bump version to 1.2.10.a6
Bug 751645 - crash when simple paged fails to send entry to client
csn_as_string - use slapi_uN_to_hex instead of sprintf
uniqueid formatting - use slapi_u8_to_hex instead of sprintf
fix member variable name error in slapi_uniqueIDFormat
reduce calls to csn_as_string and slapi_log_error
csn_init_as_string should not use sscanf
use slapi_hexchar2int and slapi_str_to_u8 everywhere
Bug 755754 - Unable to start dirsrv service using systemd
Bug 755725 - 389 programs linked against openldap crash during shutdown
Ticket 1 - pre-normalize filter and pre-compile substring regex - and other optimizations
Ticket #162 - Infinite loop / spin inside strcmpi_fast, acl_read_access_allowed_on_attr, server DoS
bak2db gets stuck in infinite loop
Ticket #256 - debug build assertion in ACL_EvalDestroy()
bump version to 1.2.10.a7
Ticket #167 - Mixing transaction and non-transaction plugins can cause deadlock
fix mep sdn compiler warnings
add a hack to disable sasl hostname canonicalization - helps with testing when you don't want to set up correct host name resolution and/or cannot set the default system hostname
Ticket #12 - 389 DS DNA Plugin / Replication failing on GSSAPI
Ticket #257 - repl-monitor doesn't work if leftmost hostnames are the same
fix recent compiler warnings
Ticket #15 - Get rid of rwlock.h/rwlock.c and just use slapi_rwlock instead
fix compiler warnings
Remove redundant code - make a global into a static
Ticket #262 - pid file not removed with systemd
fix mozldap build issues
Ticket #264 - upgrade needs better check for "server is running"
Ticket #263 - add systemd include directive
bump version to 1.2.10.rc1
change version to 1.2.10.a8
Ticket #272 - add tombstonenumsubordinates to schema
bump version to 1.2.10.rc1
Ticket #161 - Review and address latest Coverity issues
Ticket #22 - RFE: Support sendmail LDAP routing schema
Ticket #29 - Samba3-schema is missing sambaTrustedDomainPassword
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
fix a couple of minor coverity issues
Ticket #87 - Manpages fixes
Ticket #13 - slapd process exits when put the database on read only mode while updates are coming to the server
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #277 - cannot set repl referrals or state
Ticket #278 - Schema replication update failed: Invalid syntax
Ticket #277 - cannot set repl referrals or state
Ticket #279 - filter normalization does not use matching rules
Ticket #280 - extensible binary filters do not work
Ticket #281 - TLS not working with latest openldap
coverity 12488 Resource leak In attr_index_config(): Leak of memory or pointers to system resources
bump version to 1.2.10.rc2
bump version to 1.2.10.0
nturpin (1):
Ticket #3: acl cache overflown problem
root (1):
Bug 480787 - Autoconf parameter --with and --without
---
.gitignore | 1
Makefile.am | 261
Makefile.in | 5215 -
README | 11
VERSION.sh | 7
aclocal.m4 | 6996 --
compile | 21
config.guess | 302
config.h.in | 22
config.sub | 232
configure |41932 +++++-------
configure.ac | 176
depcomp | 172
dirsrv.pc.in | 7
include/base/dbtbase.h | 2
include/base/file.h | 3
include/base/lexer.h | 126
include/base/rwlock.h | 91
include/i18n.h | 115
include/ldaputil/ldaputil.h | 10
include/libaccess/aclerror.h | 1
include/libaccess/aclproto.h | 15
include/libaccess/aclstruct.h | 2
include/libaccess/dbtlibaccess.h | 3
include/public/nsacl/aclapi.h | 7
install-sh | 517
ldap/admin/src/base-initconfig.in | 44
ldap/admin/src/initconfig.in | 37
ldap/admin/src/logconv.pl | 639
ldap/admin/src/scripts/10cleanupldapi.pl | 23
ldap/admin/src/scripts/10fixrundir.pl | 11
ldap/admin/src/scripts/50acctusabilityplugin.ldif | 21
ldap/admin/src/scripts/50automemberplugin.ldif | 15
ldap/admin/src/scripts/50fixNsState.pl | 240
ldap/admin/src/scripts/50managedentriesplugin.ldif | 16
ldap/admin/src/scripts/50refintprecedence.ldif | 4
ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif | 5
ldap/admin/src/scripts/60upgradeschemafiles.pl | 2
ldap/admin/src/scripts/70upgradefromldif.pl | 108
ldap/admin/src/scripts/80upgradednformat.pl | 206
ldap/admin/src/scripts/81changelog.pl | 34
ldap/admin/src/scripts/90subtreerename.pl | 21
ldap/admin/src/scripts/91subtreereindex.pl | 148
ldap/admin/src/scripts/DSCreate.pm.in | 323
ldap/admin/src/scripts/DSDialogs.pm | 4
ldap/admin/src/scripts/DSMigration.pm.in | 47
ldap/admin/src/scripts/DSUpdate.pm.in | 50
ldap/admin/src/scripts/DSUtil.pm.in | 247
ldap/admin/src/scripts/DialogManager.pm | 241
ldap/admin/src/scripts/DialogManager.pm.in | 241
ldap/admin/src/scripts/Inf.pm | 67
ldap/admin/src/scripts/Migration.pm.in | 20
ldap/admin/src/scripts/Setup.pm.in | 20
ldap/admin/src/scripts/SetupDialogs.pm.in | 31
ldap/admin/src/scripts/SetupLog.pm | 8
ldap/admin/src/scripts/ds-logpipe.py | 221
ldap/admin/src/scripts/exampleupdate.ldif | 2
ldap/admin/src/scripts/exampleupdate.sh | 10
ldap/admin/src/scripts/logregex.py | 16
ldap/admin/src/scripts/migrate-ds.pl.in | 13
ldap/admin/src/scripts/remove-ds.pl.in | 28
ldap/admin/src/scripts/repl-monitor.pl.in | 86
ldap/admin/src/scripts/restart-dirsrv.in | 25
ldap/admin/src/scripts/setup-ds.pl.in | 7
ldap/admin/src/scripts/setup-ds.res.in | 35
ldap/admin/src/scripts/start-dirsrv.in | 43
ldap/admin/src/scripts/stop-dirsrv.in | 27
ldap/admin/src/scripts/template-bak2db.in | 49
ldap/admin/src/scripts/template-bak2db.pl.in | 29
ldap/admin/src/scripts/template-db2bak.in | 53
ldap/admin/src/scripts/template-db2bak.pl.in | 29
ldap/admin/src/scripts/template-db2index.in | 14
ldap/admin/src/scripts/template-db2index.pl.in | 33
ldap/admin/src/scripts/template-db2ldif.in | 15
ldap/admin/src/scripts/template-db2ldif.pl.in | 29
ldap/admin/src/scripts/template-dbverify.in | 15
ldap/admin/src/scripts/template-dn2rdn.in | 25
ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in | 29
ldap/admin/src/scripts/template-fixup-memberof.pl.in | 29
ldap/admin/src/scripts/template-ldif2db.in | 15
ldap/admin/src/scripts/template-ldif2db.pl.in | 29
ldap/admin/src/scripts/template-ldif2ldap.in | 19
ldap/admin/src/scripts/template-monitor.in | 19
ldap/admin/src/scripts/template-ns-accountstatus.pl.in | 33
ldap/admin/src/scripts/template-ns-activate.pl.in | 33
ldap/admin/src/scripts/template-ns-inactivate.pl.in | 33
ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in | 47
ldap/admin/src/scripts/template-restart-slapd.in | 2
ldap/admin/src/scripts/template-restoreconfig.in | 15
ldap/admin/src/scripts/template-saveconfig.in | 15
ldap/admin/src/scripts/template-schema-reload.pl.in | 29
ldap/admin/src/scripts/template-start-slapd.in | 3
ldap/admin/src/scripts/template-stop-slapd.in | 2
ldap/admin/src/scripts/template-suffix2instance.in | 15
ldap/admin/src/scripts/template-syntax-validate.pl.in | 29
ldap/admin/src/scripts/template-upgradedb.in | 15
ldap/admin/src/scripts/template-upgradednformat.in | 63
ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in | 29
ldap/admin/src/scripts/template-verify-db.pl.in | 19
ldap/admin/src/scripts/template-vlvindex.in | 15
ldap/admin/src/slapd.inf.in | 2
ldap/admin/src/template-initconfig.in | 18
ldap/docs/LICENSE.txt | 132
ldap/docs/README.txt | 11
ldap/include/ldaplog.h | 32
ldap/ldif/50replication-plugins.ldif | 26
ldap/ldif/template-baseacis.ldif.in | 2
ldap/ldif/template-bitwise.ldif.in | 6
ldap/ldif/template-dse.ldif.in | 96
ldap/ldif/template-suffix-db.ldif.in | 1
ldap/schema/00core.ldif | 72
ldap/schema/01core389.ldif | 19
ldap/schema/02common.ldif | 12
ldap/schema/05rfc4523.ldif | 14
ldap/schema/05rfc4524.ldif | 30
ldap/schema/06inetorgperson.ldif | 5
ldap/schema/10automember-plugin.ldif | 123
ldap/schema/10mep-plugin.ldif | 104
ldap/schema/30ns-common.ldif | 4
ldap/schema/50ns-directory.ldif | 4
ldap/schema/60acctpolicy.ldif | 47
ldap/schema/60nis.ldif | 2
ldap/schema/60qmail.ldif | 4
ldap/schema/60samba3.ldif | 34
ldap/schema/60sendmail.ldif | 54
ldap/schema/60sudo.ldif | 58
ldap/servers/plugins/acct_usability/acct_usability.c | 464
ldap/servers/plugins/acct_usability/acct_usability.h | 63
ldap/servers/plugins/acctpolicy/acct_config.c | 143
ldap/servers/plugins/acctpolicy/acct_init.c | 191
ldap/servers/plugins/acctpolicy/acct_plugin.c | 316
ldap/servers/plugins/acctpolicy/acct_util.c | 257
ldap/servers/plugins/acctpolicy/acctpolicy.h | 81
ldap/servers/plugins/acctpolicy/sampleconfig.ldif | 40
ldap/servers/plugins/acctpolicy/samplepolicy.ldif | 27
ldap/servers/plugins/acl/acl.c | 195
ldap/servers/plugins/acl/acl.h | 43
ldap/servers/plugins/acl/acl_ext.c | 152
ldap/servers/plugins/acl/aclanom.c | 13
ldap/servers/plugins/acl/acleffectiverights.c | 116
ldap/servers/plugins/acl/aclgroup.c | 19
ldap/servers/plugins/acl/aclinit.c | 2
ldap/servers/plugins/acl/acllas.c | 400
ldap/servers/plugins/acl/acllist.c | 77
ldap/servers/plugins/acl/aclparse.c | 610
ldap/servers/plugins/acl/aclplugin.c | 37
ldap/servers/plugins/acl/aclproxy.c | 232
ldap/servers/plugins/acl/aclutil.c | 110
ldap/servers/plugins/automember/automember.c | 1930
ldap/servers/plugins/automember/automember.h | 134
ldap/servers/plugins/bitwise/bitwise.c | 23
ldap/servers/plugins/chainingdb/cb.h | 8
ldap/servers/plugins/chainingdb/cb_add.c | 105
ldap/servers/plugins/chainingdb/cb_bind.c | 196
ldap/servers/plugins/chainingdb/cb_compare.c | 101
ldap/servers/plugins/chainingdb/cb_config.c | 37
ldap/servers/plugins/chainingdb/cb_conn_stateless.c | 102
ldap/servers/plugins/chainingdb/cb_controls.c | 36
ldap/servers/plugins/chainingdb/cb_delete.c | 125
ldap/servers/plugins/chainingdb/cb_init.c | 6
ldap/servers/plugins/chainingdb/cb_instance.c | 325
ldap/servers/plugins/chainingdb/cb_modify.c | 133
ldap/servers/plugins/chainingdb/cb_modrdn.c | 174
ldap/servers/plugins/chainingdb/cb_monitor.c | 6
ldap/servers/plugins/chainingdb/cb_schema.c | 4
ldap/servers/plugins/chainingdb/cb_search.c | 219
ldap/servers/plugins/chainingdb/cb_utils.c | 15
ldap/servers/plugins/collation/collate.c | 24
ldap/servers/plugins/collation/orfilter.c | 19
ldap/servers/plugins/cos/cos_cache.c | 773
ldap/servers/plugins/deref/deref.c | 12
ldap/servers/plugins/dna/dna.c | 900
ldap/servers/plugins/http/http_impl.c | 81
ldap/servers/plugins/linkedattrs/fixup_task.c | 154
ldap/servers/plugins/linkedattrs/linked_attrs.c | 284
ldap/servers/plugins/linkedattrs/linked_attrs.h | 8
ldap/servers/plugins/memberof/memberof.c | 841
ldap/servers/plugins/memberof/memberof.h | 8
ldap/servers/plugins/memberof/memberof_config.c | 242
ldap/servers/plugins/mep/mep.c | 2861
ldap/servers/plugins/mep/mep.h | 130
ldap/servers/plugins/pam_passthru/pam_passthru.h | 2
ldap/servers/plugins/pam_passthru/pam_ptconfig.c | 2
ldap/servers/plugins/pam_passthru/pam_ptimpl.c | 32
ldap/servers/plugins/pam_passthru/pam_ptpreop.c | 9
ldap/servers/plugins/passthru/passthru.h | 4
ldap/servers/plugins/passthru/ptbind.c | 6
ldap/servers/plugins/passthru/ptconfig.c | 43
ldap/servers/plugins/passthru/ptconn.c | 8
ldap/servers/plugins/passthru/ptpreop.c | 17
ldap/servers/plugins/pwdstorage/smd5_pwd.c | 9
ldap/servers/plugins/referint/referint.c | 761
ldap/servers/plugins/replication/cl4_api.c | 2
ldap/servers/plugins/replication/cl5.h | 1
ldap/servers/plugins/replication/cl5_api.c | 2655
ldap/servers/plugins/replication/cl5_api.h | 111
ldap/servers/plugins/replication/cl5_clcache.c | 55
ldap/servers/plugins/replication/cl5_clcache.h | 2
ldap/servers/plugins/replication/cl5_config.c | 247
ldap/servers/plugins/replication/cl5_init.c | 2
ldap/servers/plugins/replication/cl5_test.c | 2
ldap/servers/plugins/replication/cl_crypt.c | 203
ldap/servers/plugins/replication/cl_crypt.h | 53
ldap/servers/plugins/replication/csnpl.c | 44
ldap/servers/plugins/replication/legacy_consumer.c | 31
ldap/servers/plugins/replication/repl-session-plugin.h | 119
ldap/servers/plugins/replication/repl.h | 2
ldap/servers/plugins/replication/repl5.h | 65
ldap/servers/plugins/replication/repl5_agmt.c | 304
ldap/servers/plugins/replication/repl5_agmtlist.c | 106
ldap/servers/plugins/replication/repl5_connection.c | 155
ldap/servers/plugins/replication/repl5_inc_protocol.c | 92
ldap/servers/plugins/replication/repl5_init.c | 49
ldap/servers/plugins/replication/repl5_mtnode_ext.c | 13
ldap/servers/plugins/replication/repl5_plugins.c | 193
ldap/servers/plugins/replication/repl5_prot_private.h | 4
ldap/servers/plugins/replication/repl5_protocol.c | 107
ldap/servers/plugins/replication/repl5_protocol_util.c | 509
ldap/servers/plugins/replication/repl5_replica.c | 308
ldap/servers/plugins/replication/repl5_replica_config.c | 365
ldap/servers/plugins/replication/repl5_replica_dnhash.c | 26
ldap/servers/plugins/replication/repl5_replica_hash.c | 30
ldap/servers/plugins/replication/repl5_ruv.c | 419
ldap/servers/plugins/replication/repl5_ruv.h | 18
ldap/servers/plugins/replication/repl5_tot_protocol.c | 32
ldap/servers/plugins/replication/repl5_total.c | 22
ldap/servers/plugins/replication/repl5_updatedn_list.c | 2
ldap/servers/plugins/replication/repl_bind.c | 6
ldap/servers/plugins/replication/repl_compare.c | 18
ldap/servers/plugins/replication/repl_connext.c | 2
ldap/servers/plugins/replication/repl_controls.c | 2
ldap/servers/plugins/replication/repl_extop.c | 291
ldap/servers/plugins/replication/repl_globals.c | 2
ldap/servers/plugins/replication/repl_init.c | 1
ldap/servers/plugins/replication/repl_objset.c | 9
ldap/servers/plugins/replication/repl_session_plugin.c | 188
ldap/servers/plugins/replication/repl_shared.h | 17
ldap/servers/plugins/replication/replutil.c | 107
ldap/servers/plugins/replication/test_repl_session_plugin.c | 335
ldap/servers/plugins/replication/urp.c | 152
ldap/servers/plugins/replication/urp.h | 10
ldap/servers/plugins/replication/urp_glue.c | 14
ldap/servers/plugins/replication/urp_tombstone.c | 18
ldap/servers/plugins/replication/windows_connection.c | 166
ldap/servers/plugins/replication/windows_inc_protocol.c | 55
ldap/servers/plugins/replication/windows_private.c | 128
ldap/servers/plugins/replication/windows_protocol_util.c | 677
ldap/servers/plugins/replication/windows_tot_protocol.c | 125
ldap/servers/plugins/replication/windowsrepl.h | 14
ldap/servers/plugins/replication/winsync-plugin.h | 2
ldap/servers/plugins/retrocl/retrocl.c | 3
ldap/servers/plugins/retrocl/retrocl.h | 2
ldap/servers/plugins/retrocl/retrocl_create.c | 13
ldap/servers/plugins/retrocl/retrocl_po.c | 23
ldap/servers/plugins/retrocl/retrocl_trim.c | 20
ldap/servers/plugins/rever/des.c | 72
ldap/servers/plugins/rever/rever.c | 8
ldap/servers/plugins/roles/roles_cache.c | 128
ldap/servers/plugins/schema_reload/schema_reload.c | 5
ldap/servers/plugins/shared/plugin-utils.h | 112
ldap/servers/plugins/shared/utils.c | 508
ldap/servers/plugins/statechange/statechange.c | 26
ldap/servers/plugins/syntaxes/bin.c | 142
ldap/servers/plugins/syntaxes/bitstring.c | 68
ldap/servers/plugins/syntaxes/ces.c | 172
ldap/servers/plugins/syntaxes/cis.c | 321
ldap/servers/plugins/syntaxes/deliverymethod.c | 32
ldap/servers/plugins/syntaxes/dn.c | 72
ldap/servers/plugins/syntaxes/facsimile.c | 32
ldap/servers/plugins/syntaxes/guide.c | 32
ldap/servers/plugins/syntaxes/int.c | 96
ldap/servers/plugins/syntaxes/nameoptuid.c | 72
ldap/servers/plugins/syntaxes/numericstring.c | 148
ldap/servers/plugins/syntaxes/sicis.c | 32
ldap/servers/plugins/syntaxes/string.c | 402
ldap/servers/plugins/syntaxes/syntax.h | 61
ldap/servers/plugins/syntaxes/syntax_common.c | 118
ldap/servers/plugins/syntaxes/tel.c | 94
ldap/servers/plugins/syntaxes/teletex.c | 32
ldap/servers/plugins/syntaxes/telex.c | 31
ldap/servers/plugins/syntaxes/validate.c | 17
ldap/servers/plugins/syntaxes/value.c | 120
ldap/servers/plugins/uiduniq/7bit.c | 48
ldap/servers/plugins/uiduniq/plugin-utils.h | 96
ldap/servers/plugins/uiduniq/uid.c | 326
ldap/servers/plugins/uiduniq/utils.c | 256
ldap/servers/plugins/usn/usn.c | 179
ldap/servers/plugins/usn/usn.h | 3
ldap/servers/plugins/usn/usn_cleanup.c | 31
ldap/servers/plugins/views/views.c | 27
ldap/servers/slapd/abandon.c | 7
ldap/servers/slapd/add.c | 173
ldap/servers/slapd/agtmmap.c | 56
ldap/servers/slapd/attr.c | 84
ldap/servers/slapd/attrlist.c | 7
ldap/servers/slapd/attrsyntax.c | 143
ldap/servers/slapd/auditlog.c | 69
ldap/servers/slapd/auth.c | 59
ldap/servers/slapd/ava.c | 2
ldap/servers/slapd/back-ldbm/ancestorid.c | 104
ldap/servers/slapd/back-ldbm/archive.c | 91
ldap/servers/slapd/back-ldbm/back-ldbm.h | 96
ldap/servers/slapd/back-ldbm/backentry.c | 2
ldap/servers/slapd/back-ldbm/cache.c | 83
ldap/servers/slapd/back-ldbm/dbhelp.c | 12
ldap/servers/slapd/back-ldbm/dblayer.c | 1614
ldap/servers/slapd/back-ldbm/dblayer.h | 14
ldap/servers/slapd/back-ldbm/dbtest.c | 349
ldap/servers/slapd/back-ldbm/dbversion.c | 52
ldap/servers/slapd/back-ldbm/dn2entry.c | 63
ldap/servers/slapd/back-ldbm/filterindex.c | 244
ldap/servers/slapd/back-ldbm/findentry.c | 147
ldap/servers/slapd/back-ldbm/id2entry.c | 175
ldap/servers/slapd/back-ldbm/idl.c | 35
ldap/servers/slapd/back-ldbm/idl_common.c | 7
ldap/servers/slapd/back-ldbm/idl_new.c | 50
ldap/servers/slapd/back-ldbm/idl_shim.c | 17
ldap/servers/slapd/back-ldbm/import-merge.c | 28
ldap/servers/slapd/back-ldbm/import-threads.c | 1364
ldap/servers/slapd/back-ldbm/import.c | 398
ldap/servers/slapd/back-ldbm/import.h | 21
ldap/servers/slapd/back-ldbm/index.c | 246
ldap/servers/slapd/back-ldbm/init.c | 89
ldap/servers/slapd/back-ldbm/instance.c | 174
ldap/servers/slapd/back-ldbm/ldbm_add.c | 242
ldap/servers/slapd/back-ldbm/ldbm_attr.c | 392
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c | 986
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c | 2
ldap/servers/slapd/back-ldbm/ldbm_bind.c | 4
ldap/servers/slapd/back-ldbm/ldbm_compare.c | 4
ldap/servers/slapd/back-ldbm/ldbm_config.c | 309
ldap/servers/slapd/back-ldbm/ldbm_config.h | 9
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 323
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 840
ldap/servers/slapd/back-ldbm/ldbm_index_config.c | 668
ldap/servers/slapd/back-ldbm/ldbm_instance_config.c | 262
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 140
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 361
ldap/servers/slapd/back-ldbm/ldbm_search.c | 411
ldap/servers/slapd/back-ldbm/ldbm_usn.c | 74
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 790
ldap/servers/slapd/back-ldbm/matchrule.c | 50
ldap/servers/slapd/back-ldbm/misc.c | 298
ldap/servers/slapd/back-ldbm/monitor.c | 14
ldap/servers/slapd/back-ldbm/nextid.c | 17
ldap/servers/slapd/back-ldbm/parents.c | 141
ldap/servers/slapd/back-ldbm/perfctrs.c | 24
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 52
ldap/servers/slapd/back-ldbm/sort.c | 38
ldap/servers/slapd/back-ldbm/start.c | 61
ldap/servers/slapd/back-ldbm/vlv.c | 383
ldap/servers/slapd/back-ldbm/vlv_srch.c | 17
ldap/servers/slapd/back-ldbm/vlv_srch.h | 3
ldap/servers/slapd/back-ldif/back-ldif.h | 2
ldap/servers/slapd/back-ldif/modrdn.c | 12
ldap/servers/slapd/backend.c | 72
ldap/servers/slapd/backend_manager.c | 18
ldap/servers/slapd/bind.c | 320
ldap/servers/slapd/bulk_import.c | 39
ldap/servers/slapd/charray.c | 27
ldap/servers/slapd/compare.c | 41
ldap/servers/slapd/computed.c | 36
ldap/servers/slapd/config.c | 2
ldap/servers/slapd/configdse.c | 84
ldap/servers/slapd/connection.c | 196
ldap/servers/slapd/conntable.c | 3
ldap/servers/slapd/control.c | 26
ldap/servers/slapd/csn.c | 77
ldap/servers/slapd/csngen.c | 54
ldap/servers/slapd/csnset.c | 4
ldap/servers/slapd/daemon.c | 173
ldap/servers/slapd/delete.c | 127
ldap/servers/slapd/dn.c | 1561
ldap/servers/slapd/dse.c | 222
ldap/servers/slapd/dynalib.c | 29
ldap/servers/slapd/entry.c | 919
ldap/servers/slapd/entrywsi.c | 108
ldap/servers/slapd/eventq.c | 4
ldap/servers/slapd/extendop.c | 35
ldap/servers/slapd/factory.c | 1
ldap/servers/slapd/fe.h | 5
ldap/servers/slapd/fedse.c | 40
ldap/servers/slapd/filter.c | 141
ldap/servers/slapd/filter.h | 1
ldap/servers/slapd/filtercmp.c | 26
ldap/servers/slapd/filterentry.c | 36
ldap/servers/slapd/generation.c | 1
ldap/servers/slapd/index_subsystem.c | 28
ldap/servers/slapd/intrinsics.h | 7
ldap/servers/slapd/ldaputil.c | 719
ldap/servers/slapd/lenstr.c | 6
ldap/servers/slapd/libglobs.c | 586
ldap/servers/slapd/libslapd.def | 1
ldap/servers/slapd/log.c | 77
ldap/servers/slapd/log.h | 20
ldap/servers/slapd/main.c | 288
ldap/servers/slapd/mapping_tree.c | 478
ldap/servers/slapd/match.c | 96
ldap/servers/slapd/modify.c | 491
ldap/servers/slapd/modrdn.c | 357
ldap/servers/slapd/modutil.c | 14
ldap/servers/slapd/operation.c | 27
ldap/servers/slapd/opshared.c | 281
ldap/servers/slapd/pagedresults.c | 130
ldap/servers/slapd/passwd_extop.c | 203
ldap/servers/slapd/pblock.c | 559
ldap/servers/slapd/plugin.c | 328
ldap/servers/slapd/plugin_acl.c | 19
ldap/servers/slapd/plugin_internal_op.c | 176
ldap/servers/slapd/plugin_mr.c | 474
ldap/servers/slapd/plugin_syntax.c | 442
ldap/servers/slapd/protect_db.c | 24
ldap/servers/slapd/protect_db.h | 7
ldap/servers/slapd/proto-slap.h | 67
ldap/servers/slapd/proxyauth.c | 246
ldap/servers/slapd/psearch.c | 77
ldap/servers/slapd/pw.c | 519
ldap/servers/slapd/pw.h | 5
ldap/servers/slapd/pw_mgmt.c | 161
ldap/servers/slapd/pw_retry.c | 87
ldap/servers/slapd/rdn.c | 141
ldap/servers/slapd/referral.c | 29
ldap/servers/slapd/regex.c | 3
ldap/servers/slapd/resourcelimit.c | 80
ldap/servers/slapd/result.c | 81
ldap/servers/slapd/rootdse.c | 12
ldap/servers/slapd/rwlock.c | 257
ldap/servers/slapd/rwlock.h | 65
ldap/servers/slapd/sasl_io.c | 167
ldap/servers/slapd/sasl_map.c | 57
ldap/servers/slapd/saslbind.c | 160
ldap/servers/slapd/schema.c | 179
ldap/servers/slapd/schemaparse.c | 13
ldap/servers/slapd/search.c | 89
ldap/servers/slapd/security_wrappers.c | 36
ldap/servers/slapd/slap.h | 194
ldap/servers/slapd/slapi-plugin-compat4.h | 6
ldap/servers/slapd/slapi-plugin.h | 1258
ldap/servers/slapd/slapi-private.h | 57
ldap/servers/slapd/slapi2nspr.c | 79
ldap/servers/slapd/slapi_counter.c | 24
ldap/servers/slapd/snmp_collator.c | 19
ldap/servers/slapd/ssl.c | 323
ldap/servers/slapd/str2filter.c | 5
ldap/servers/slapd/task.c | 128
ldap/servers/slapd/test-plugins/testbind.c | 1
ldap/servers/slapd/test-plugins/testpostop.c | 1
ldap/servers/slapd/time.c | 91
ldap/servers/slapd/tools/dbscan.c | 76
ldap/servers/slapd/tools/ldclt/data.c | 70
ldap/servers/slapd/tools/ldclt/ldapfct.c | 1124
ldap/servers/slapd/tools/ldclt/ldclt.c | 48
ldap/servers/slapd/tools/ldclt/ldclt.h | 3
ldap/servers/slapd/tools/ldclt/ldcltU.c | 24
ldap/servers/slapd/tools/ldclt/parser.c | 19
ldap/servers/slapd/tools/ldclt/scalab01.c | 190
ldap/servers/slapd/tools/ldclt/threadMain.c | 6
ldap/servers/slapd/tools/ldif.c | 4
ldap/servers/slapd/tools/mmldif.c | 9
ldap/servers/slapd/tools/pwenc.c | 2
ldap/servers/slapd/tools/rsearch/addthread.c | 25
ldap/servers/slapd/tools/rsearch/sdattable.c | 4
ldap/servers/slapd/tools/rsearch/searchthread.c | 62
ldap/servers/slapd/uniqueid.c | 99
ldap/servers/slapd/utf8compare.c | 6
ldap/servers/slapd/util.c | 360
ldap/servers/slapd/uuid.c | 22
ldap/servers/slapd/value.c | 52
ldap/servers/slapd/valueset.c | 75
ldap/servers/slapd/vattr.c | 109
ldap/servers/snmp/NETWORK-SERVICES-MIB.txt | 650
ldap/servers/snmp/RFC-1215.txt | 38
ldap/servers/snmp/RFC1155-SMI.txt | 119
ldap/servers/snmp/SNMPv2-CONF.txt | 322
ldap/servers/snmp/SNMPv2-SMI.txt | 344
ldap/servers/snmp/SNMPv2-TC.txt | 772
ldap/servers/snmp/ldap-agent.c | 26
ldap/servers/snmp/main.c | 11
ldap/servers/snmp/netscape-ldap.mib | 759
ldap/systools/idsktune.c | 71
lib/base/crit.cpp | 6
lib/base/ereport.cpp | 2
lib/base/file.cpp | 24
lib/base/lexer.cpp | 1015
lib/base/plist.cpp | 3
lib/base/rwlock.cpp | 168
lib/base/util.cpp | 13
lib/ldaputil/cert.c | 4
lib/ldaputil/certmap.c | 409
lib/ldaputil/dbconf.c | 1
lib/ldaputil/utest/Makefile | 149
lib/ldaputil/utest/auth.cpp | 611
lib/ldaputil/utest/authtest | 138
lib/ldaputil/utest/certmap.conf | 68
lib/ldaputil/utest/dblist.conf | 47
lib/ldaputil/utest/example.c | 153
lib/ldaputil/utest/plugin.c | 152
lib/ldaputil/utest/plugin.h | 57
lib/ldaputil/utest/stubs.c | 144
lib/ldaputil/utest/stubs.cpp | 139
lib/ldaputil/utest/test.ref | 480
lib/ldaputil/vtable.c | 2
lib/libaccess/acl.tab.cpp | 25
lib/libaccess/aclcache.cpp | 105
lib/libaccess/aclflush.cpp | 1
lib/libaccess/aclpriv.h | 1
lib/libaccess/acltext.y | 4
lib/libaccess/acltools.cpp | 1896
lib/libaccess/aclutil.cpp | 13
lib/libaccess/authdb.cpp | 112
lib/libaccess/lasdns.cpp | 23
lib/libaccess/lasgroup.cpp | 10
lib/libaccess/lasip.cpp | 20
lib/libaccess/nseframe.cpp | 1
lib/libaccess/oneeval.cpp | 19
lib/libaccess/permhash.h | 11
lib/libaccess/register.cpp | 50
lib/libaccess/usrcache.cpp | 14
lib/libaccess/utest/.purify | 19
lib/libaccess/utest/Makefile | 147
lib/libaccess/utest/acl.dat | 44
lib/libaccess/utest/aclfile0 | 87
lib/libaccess/utest/aclfile1 | 43
lib/libaccess/utest/aclfile10 | 45
lib/libaccess/utest/aclfile11 | 43
lib/libaccess/utest/aclfile12 | 43
lib/libaccess/utest/aclfile13 | 43
lib/libaccess/utest/aclfile14 | 43
lib/libaccess/utest/aclfile15 | 43
lib/libaccess/utest/aclfile16 | 43
lib/libaccess/utest/aclfile17 | 43
lib/libaccess/utest/aclfile18 | 51
lib/libaccess/utest/aclfile19 | 46
lib/libaccess/utest/aclfile2 | 43
lib/libaccess/utest/aclfile3 | 43
lib/libaccess/utest/aclfile4 | 43
lib/libaccess/utest/aclfile5 | 43
lib/libaccess/utest/aclfile6 | 55
lib/libaccess/utest/aclfile7 | 43
lib/libaccess/utest/aclfile8 | 43
lib/libaccess/utest/aclfile9 | 43
lib/libaccess/utest/aclgrp0 | 42
lib/libaccess/utest/aclgrp1 | 42
lib/libaccess/utest/aclgrp2 | 42
lib/libaccess/utest/aclgrp3 | 42
lib/libaccess/utest/aclgrp4 | 42
lib/libaccess/utest/acltest.cpp | 794
lib/libaccess/utest/onetest.cpp | 77
lib/libaccess/utest/shexp.cpp | 331
lib/libaccess/utest/shexp.h | 168
lib/libaccess/utest/test.ref | 217
lib/libaccess/utest/testmain.cpp | 89
lib/libaccess/utest/twotest.cpp | 87
lib/libaccess/utest/ustubs.cpp | 331
lib/libadmin/error.c | 2
lib/libadmin/template.c | 2
lib/libadmin/util.c | 48
lib/libsi18n/coreres.c | 141
lib/libsi18n/coreres.h | 52
lib/libsi18n/getlang.c | 330
lib/libsi18n/getstrmem.c | 160
lib/libsi18n/getstrmem.h | 1
lib/libsi18n/getstrprop.c | 85
lib/libsi18n/makstrdb.c | 21
lib/libsi18n/propset.c | 442
lib/libsi18n/propset.h | 80
lib/libsi18n/reshash.c | 21
ltmain.sh |13199 ++-
m4/db.m4 | 21
m4/fhs.m4 | 4
m4/icu.m4 | 25
m4/kerberos.m4 | 4
m4/mozldap.m4 | 38
m4/netsnmp.m4 | 15
m4/nspr.m4 | 17
m4/nss.m4 | 17
m4/openldap.m4 | 30
m4/pcre.m4 | 28
m4/sasl.m4 | 25
m4/selinux.m4 | 13
m4/svrcore.m4 | 41
man/man1/cl-dump.1 | 18
man/man1/dbgen.pl.1 | 4
man/man1/infadd.1 | 8
man/man1/migratecred.1 | 6
man/man1/mmldif.1 | 4
man/man1/pwdhash.1 | 4
man/man1/repl-monitor.1 | 16
man/man8/ns-slapd.8 | 10
man/man8/remove-ds.pl.8 | 6
man/man8/restart-dirsrv.8 | 50
man/man8/setup-ds.pl.8 | 4
man/man8/start-dirsrv.8 | 50
man/man8/stop-dirsrv.8 | 50
missing | 104
selinux/dirsrv.fc.in | 2
selinux/dirsrv.if | 41
selinux/dirsrv.te | 11
wrappers/cl-dump.in | 11
wrappers/dbscan.in | 10
wrappers/infadd.in | 12
wrappers/initscript.in | 244
wrappers/ldap-agent-initscript.in | 20
wrappers/ldap-agent.in | 12
wrappers/ldclt.in | 12
wrappers/ldif.in | 12
wrappers/migratecred.in | 14
wrappers/mmldif.in | 14
wrappers/pwdhash.in | 14
wrappers/repl-monitor.in | 11
wrappers/rsearch.in | 12
wrappers/systemd-snmp.service.in | 16
wrappers/systemd.group.in | 6
wrappers/systemd.template.service.in | 28
wrappers/systemd.template.sysconfig | 3
615 files changed, 79403 insertions(+), 67856 deletions(-)
---
11 years, 6 months
Branch '389-ds-base-1.2.11' - VERSION.sh
by Noriko Hosoi
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit a211117e1770f69fc05b2976a6d933ab3fe60067
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Tue Oct 9 14:38:09 2012 -0700
bump version to 1.2.11.16
diff --git a/VERSION.sh b/VERSION.sh
index 8584891..0eb07b5 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -10,7 +10,7 @@ vendor="389 Project"
# PACKAGE_VERSION is constructed from these
VERSION_MAJOR=1
VERSION_MINOR=2
-VERSION_MAINT=11.15
+VERSION_MAINT=11.16
# if this is a PRERELEASE, set VERSION_PREREL
# otherwise, comment it out
# be sure to include the dot prefix in the prerel
11 years, 6 months
Branch '389-ds-base-1.2.11' - Makefile.am Makefile.in ldap/ldif ldap/schema ldap/servers
by Noriko Hosoi
Makefile.am | 1
Makefile.in | 1
ldap/ldif/50posix-winsync-plugin.ldif | 1
ldap/schema/60posix-winsync-plugin.ldif | 44
ldap/servers/plugins/posix-winsync/posix-group-func.c | 846 +++++++++++---
ldap/servers/plugins/posix-winsync/posix-group-task.c | 249 +++-
ldap/servers/plugins/posix-winsync/posix-winsync-config.c | 16
ldap/servers/plugins/posix-winsync/posix-winsync.c | 72 +
ldap/servers/plugins/posix-winsync/posix-wsp-ident.h | 4
9 files changed, 1008 insertions(+), 226 deletions(-)
New commits:
commit 54431eb9e2438a838904a6d4846c45131b937cd0
Author: Ken Rossato <ken.rossato(a)redhat.com>
Date: Mon Sep 24 19:52:09 2012 -0400
Ticket #481 - expand nested posix groups
Description: Add ability to populate memberuid dynamically to
reflect nested grouping.
(cherry picked from commit b9eeb2e1a8e688dfec753e8965d0e5aeb119e638)
diff --git a/Makefile.am b/Makefile.am
index c5c4080..507a2d6 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -299,6 +299,7 @@ schema_DATA = $(srcdir)/ldap/schema/00core.ldif \
$(srcdir)/ldap/schema/50ns-value.ldif \
$(srcdir)/ldap/schema/50ns-web.ldif \
$(srcdir)/ldap/schema/60pam-plugin.ldif \
+ $(srcdir)/ldap/schema/60posix-winsync-plugin.ldif \
$(srcdir)/ldap/schema/60autofs.ldif \
$(srcdir)/ldap/schema/60eduperson.ldif \
$(srcdir)/ldap/schema/60mozilla.ldif \
diff --git a/Makefile.in b/Makefile.in
index 3777829..f105932 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1527,6 +1527,7 @@ schema_DATA = $(srcdir)/ldap/schema/00core.ldif \
$(srcdir)/ldap/schema/50ns-value.ldif \
$(srcdir)/ldap/schema/50ns-web.ldif \
$(srcdir)/ldap/schema/60pam-plugin.ldif \
+ $(srcdir)/ldap/schema/60posix-winsync-plugin.ldif \
$(srcdir)/ldap/schema/60autofs.ldif \
$(srcdir)/ldap/schema/60eduperson.ldif \
$(srcdir)/ldap/schema/60mozilla.ldif \
diff --git a/ldap/ldif/50posix-winsync-plugin.ldif b/ldap/ldif/50posix-winsync-plugin.ldif
index de8c432..17dc243 100644
--- a/ldap/ldif/50posix-winsync-plugin.ldif
+++ b/ldap/ldif/50posix-winsync-plugin.ldif
@@ -10,6 +10,7 @@ nsslapd-pluginenabled: off
nsslapd-plugin-depends-on-type: database
posixWinsyncMsSFUSchema: false
posixWinsyncMapMemberUID: true
+posixWinsyncMapNestedGrouping: false
posixWinsyncCreateMemberOfTask: false
posixWinsyncLowerCaseUID: false
nsslapd-pluginprecedence: 25
diff --git a/ldap/schema/60posix-winsync-plugin.ldif b/ldap/schema/60posix-winsync-plugin.ldif
new file mode 100644
index 0000000..8d9a72e
--- /dev/null
+++ b/ldap/schema/60posix-winsync-plugin.ldif
@@ -0,0 +1,44 @@
+#
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2005 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+#
+# Schema for representing internal dynamically-generated group members
+#
+dn: cn=schema
+attributeTypes: ( 2.16.840.1.113730.3.1.2141 NAME 'dsOnlyMemberUid' DESC 'Elements from a memberuid attribute created to reflect dynamic group membership' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Red Hat Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.326 NAME 'dynamicGroup' DESC 'Group containing internal dynamically-generated members' SUP posixGroup AUXILIARY MAY ( dsOnlyMemberUid ) X-ORIGIN 'Red Hat Directory Server' )
diff --git a/ldap/servers/plugins/posix-winsync/posix-group-func.c b/ldap/servers/plugins/posix-winsync/posix-group-func.c
index 1403a89..66b9272 100644
--- a/ldap/servers/plugins/posix-winsync/posix-group-func.c
+++ b/ldap/servers/plugins/posix-winsync/posix-group-func.c
@@ -18,11 +18,14 @@
$Id: posix-group-func.c 28 2011-05-13 14:35:29Z grzemba $
*/
#include "slapi-plugin.h"
+#include "slapi-private.h"
#include <string.h>
#include <nspr.h>
#include "posix-wsp-ident.h"
+#define MAX_RECURSION_DEPTH (5)
+
Slapi_Value **
valueset_get_valuearray(const Slapi_ValueSet *vs); /* stolen from proto-slap.h */
static PRMonitor *memberuid_operation_lock = 0;
@@ -45,58 +48,100 @@ memberUidLockInit()
return (memberuid_operation_lock = PR_NewMonitor()) != NULL;
}
+void
+addDynamicGroupIfNecessary(Slapi_Entry *entry, Slapi_Mods *smods) {
+ Slapi_Attr *oc_attr = NULL;
+ Slapi_Value *voc = slapi_value_new();
+
+ slapi_value_init_string(voc, "dynamicGroup");
+ slapi_entry_attr_find(entry, "objectClass", &oc_attr);
+
+ if (slapi_attr_value_find(oc_attr, slapi_value_get_berval(voc)) != 0) {
+ if (smods) {
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "objectClass", "dynamicGroup");
+ }
+ else {
+ smods = slapi_mods_new();
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "objectClass", "dynamicGroup");
+
+ Slapi_PBlock *mod_pb = slapi_pblock_new();
+ slapi_modify_internal_set_pb_ext(mod_pb, slapi_entry_get_sdn(entry), slapi_mods_get_ldapmods_passout(smods), 0, 0,
+ posix_winsync_get_plugin_identity(), 0);
+ slapi_modify_internal_pb(mod_pb);
+ slapi_pblock_destroy(mod_pb);
+
+ slapi_mods_free(&smods);
+ }
+ }
+
+ slapi_value_free(&voc);
+}
+
+Slapi_Entry *
+getEntry(const char *udn, char **attrs)
+{
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "getEntry: search %s\n", udn);
+
+ Slapi_DN *udn_sdn = slapi_sdn_new_dn_byval(udn);
+ Slapi_Entry *result = NULL;
+ int rc = slapi_search_internal_get_entry(udn_sdn, attrs, &result, posix_winsync_get_plugin_identity());
+ slapi_sdn_free(&udn_sdn);
+
+ if (rc == 0) {
+ if (result != NULL) {
+ return result; /* Must be freed */
+ }
+ else {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getEntry: %s not found\n", udn);
+ }
+ }
+ else {
+ slapi_log_error(SLAPI_LOG_FATAL, POSIX_WINSYNC_PLUGIN_NAME,
+ "getEntry: error searching for uid: %d", rc);
+ }
+
+ return NULL;
+}
+
/* search the user with DN udn and returns uid*/
char *
searchUid(const char *udn)
{
- Slapi_PBlock *int_search_pb = slapi_pblock_new();
- Slapi_Entry **entries = NULL;
- char *attrs[] = { "uid", NULL };
+ char *attrs[] = { "uid", "objectclass", NULL };
+ Slapi_Entry *entry = getEntry(udn,
+ /* "(|(objectclass=posixAccount)(objectclass=ldapsubentry))", */
+ attrs);
char *uid = NULL;
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "search Uid: search %s\n", udn);
+ if (entry) {
+ Slapi_Attr *attr = NULL;
+ Slapi_Value *v = NULL;
- slapi_search_internal_set_pb(int_search_pb, udn, LDAP_SCOPE_BASE,
- "(|(objectclass=posixAccount)(objectclass=ldapsubentry))", attrs,
- 0 /* attrsonly */, NULL /* controls */, NULL /* uniqueid */,
- posix_winsync_get_plugin_identity(), 0 /* actions */);
- if (slapi_search_internal_pb(int_search_pb)) {
- /* get result and log an error */
- int res = 0;
- slapi_pblock_get(int_search_pb, SLAPI_PLUGIN_INTOP_RESULT, &res);
- slapi_log_error(SLAPI_LOG_FATAL, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: error searching for uid: %d", res);
- } else {
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "searchUid: searched %s\n",
- udn);
- slapi_pblock_get(int_search_pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
- if (NULL != entries && NULL != entries[0]) {
- Slapi_Attr *attr = NULL;
- Slapi_Value *v = NULL;
+ if (slapi_entry_attr_find(entry, "uid", &attr) == 0 && hasObjectClass(entry, "posixAccount")) {
+ slapi_attr_first_value(attr, &v);
+ uid = slapi_ch_strdup(slapi_value_get_string(v));
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "searchUid: return uid %s\n", uid);
+ } else {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "searchUid: uid in %s not found\n", udn);
+ }
- if (slapi_entry_attr_find(entries[0], "uid", &attr) == 0) {
- slapi_attr_first_value(attr, &v);
- uid = slapi_ch_strdup(slapi_value_get_string(v));
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: return uid %s\n", uid);
- /* slapi_value_free(&v); */
- } else {
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: uid in %s not found\n", udn);
- }
- slapi_free_search_results_internal(int_search_pb);
- slapi_pblock_destroy(int_search_pb);
- if (uid && posix_winsync_config_get_lowercase()) {
- return slapi_dn_ignore_case(uid);
- }
- return uid;
+ if (uid && posix_winsync_config_get_lowercase()) {
+ uid = slapi_dn_ignore_case(uid);
}
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "searchUid: About to free entry\n", udn);
+
+ slapi_entry_free(entry);
}
- slapi_free_search_results_internal(int_search_pb);
- slapi_pblock_destroy(int_search_pb);
+
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: posix user %s not found\n", udn);
- return NULL;
+ "searchUid: <==\n", udn);
+
+ return uid;
}
int
@@ -152,6 +197,36 @@ uid_in_set(const char* uid, char **uids)
return false;
}
+int
+uid_in_valueset(const char* uid, Slapi_ValueSet *uids)
+{
+ int i;
+ Slapi_Value *v = NULL;
+
+ if (uid == NULL)
+ return false;
+ for (i = slapi_valueset_first_value(uids, &v); i != -1;
+ i = slapi_valueset_next_value(uids, i, &v)) {
+ Slapi_RDN *i_rdn = NULL;
+ char *i_uid = NULL;
+ char *t = NULL;
+
+ const char *uid_i = slapi_value_get_string(v);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "uid_in_valueset: comp %s %s \n",
+ uid, uid_i);
+ i_rdn = slapi_rdn_new_dn(uid_i);
+ if (slapi_rdn_get_first(i_rdn, &t, &i_uid) == 1) {
+ if (strncasecmp(uid, i_uid, 256) == 0) {
+ slapi_rdn_free(&i_rdn);
+ return true;
+ }
+ }
+ slapi_rdn_free(&i_rdn);
+ }
+ return false;
+}
+
/* return 1 if smods already has the given mod - 0 otherwise */
static int
smods_has_mod(Slapi_Mods *smods, int modtype, const char *type, const char *val)
@@ -186,7 +261,7 @@ smods_has_mod(Slapi_Mods *smods, int modtype, const char *type, const char *val)
}
int
-isPosixGroup(Slapi_Entry *entry)
+hasObjectClass(Slapi_Entry *entry, const char *objectClass)
{
int rc = 0;
int i;
@@ -200,7 +275,7 @@ isPosixGroup(Slapi_Entry *entry)
}
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "add/mod-GroupMembership scan objectclasses\n");
+ "Scanning objectclasses\n");
for (
i = slapi_attr_first_value(obj_attr, &value);
@@ -209,22 +284,357 @@ isPosixGroup(Slapi_Entry *entry)
) {
const char *oc = NULL;
oc = slapi_value_get_string(value);
- if (strncasecmp(oc, "posixGroup", 11) == 0) {
- return 1; /* Entry has objectclass posixGroup */
+ if (strcasecmp(oc, objectClass) == 0) {
+ return 1; /* Entry has the desired objectclass */
+ }
+ }
+
+ return 0; /* Doesn't have desired objectclass */
+}
+
+void
+posix_winsync_foreach_parent(Slapi_Entry *entry, char **attrs, plugin_search_entry_callback callback, void *callback_data)
+{
+ char *cookie = NULL;
+ Slapi_Backend *be = NULL;
+
+ const char *value = slapi_entry_get_ndn(entry);
+ size_t vallen = value ? strlen(value) : 0;
+ char *filter_escaped_value = slapi_ch_calloc(sizeof(char), vallen*3+1);
+ char *filter = slapi_ch_smprintf("(uniqueMember=%s)", escape_filter_value(value, vallen, filter_escaped_value));
+ slapi_ch_free_string(&filter_escaped_value);
+
+ Slapi_PBlock *search_pb = slapi_pblock_new();
+
+ for (be = slapi_get_first_backend(&cookie); be;
+ be = slapi_get_next_backend(cookie)) {
+ const Slapi_DN *base_sdn = slapi_be_getsuffix(be, 0);
+ if (base_sdn == NULL) {
+ continue;
}
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_winsync_foreach_parent: Searching subtree %s for %s\n",
+ slapi_sdn_get_dn(base_sdn),
+ filter);
+
+ slapi_search_internal_set_pb(search_pb,
+ slapi_sdn_get_dn(base_sdn),
+ LDAP_SCOPE_SUBTREE,
+ filter,
+ attrs, 0, NULL, NULL,
+ posix_winsync_get_plugin_identity(), 0);
+ slapi_search_internal_callback_pb(search_pb, callback_data, 0, callback, 0);
+
+ slapi_pblock_init(search_pb);
}
- return 0; /* Doesn't have objectclass "posixGroup" */
+ slapi_pblock_destroy(search_pb);
+ slapi_ch_free((void**)&cookie);
+ slapi_ch_free_string(&filter);
}
-int
-modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
+/* Retrieve nested membership from chains of groups.
+ * Muid_vs in => any preexisting membership list
+ * out => the union of the input list and the total membership
+ * Muid_nested_vs out => the members of muid_vs "out" that weren't in muid_vs "in"
+ * deletions in => Any elements to NOT consider if members of base_sdn
+ */
+void
+getMembershipFromDownward(Slapi_Entry *entry, Slapi_ValueSet *muid_vs, Slapi_ValueSet *muid_nested_vs, Slapi_ValueSet *deletions, const Slapi_DN *base_sdn, int depth)
{
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: entry name: %s\n",
+ slapi_entry_get_dn_const(entry));
+
int rc = 0;
+ Slapi_Attr *um_attr = NULL; /* Entry attributes uniqueMember */
+ Slapi_Value *uid_value = NULL; /* uniqueMember attribute values */
+
+ if (depth >= MAX_RECURSION_DEPTH) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: recursion limit reached: %d\n", depth);
+ return;
+ }
+
+ rc = slapi_entry_attr_find(entry, "uniquemember", &um_attr);
+ if (rc != 0 || um_attr == NULL) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward end: attribute uniquemember not found\n");
+ return;
+ }
+
+ int i;
+ for (i = slapi_attr_first_value(um_attr, &uid_value); i != -1;
+ i = slapi_attr_next_value(um_attr, i, &uid_value)) {
+
+ char *attrs[] = { "uniqueMember", "memberUid", "uid", "objectClass", NULL };
+ const char *uid_dn = slapi_value_get_string(uid_value);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: iterating uniqueMember: %s\n",
+ uid_dn);
+
+ if (deletions && !slapi_sdn_compare(slapi_entry_get_sdn_const(entry), base_sdn)) {
+ if (slapi_valueset_find(um_attr, deletions, uid_value)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: Skipping iteration because of deletion\n");
+
+ continue;
+ }
+ }
+
+ Slapi_Entry *child = getEntry(uid_dn, attrs);
+
+ if (!child) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward end: child not found: %s\n", uid_dn);
+ }
+ else {
+ /* PosixGroups except for the top one are already fully mapped out */
+ if ((!hasObjectClass(entry, "posixGroup") || depth == 0) &&
+ (hasObjectClass(child, "ntGroup") || hasObjectClass(child, "posixGroup"))) {
+
+ /* Recurse downward */
+ getMembershipFromDownward(child, muid_vs, muid_nested_vs, deletions, base_sdn, depth + 1);
+ }
+
+ if (hasObjectClass(child, "posixAccount")) {
+ Slapi_Attr *uid_attr = NULL;
+ Slapi_Value *v = NULL;
+ if (slapi_entry_attr_find(child, "uid", &uid_attr) == 0) {
+ slapi_attr_first_value(uid_attr, &v);
+
+ if (v && !slapi_valueset_find(uid_attr, muid_vs, v)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: adding member: %s\n",
+ slapi_value_get_string(v));
+ slapi_valueset_add_value(muid_vs, v);
+ slapi_valueset_add_value(muid_nested_vs, v);
+ }
+ }
+ }
+ slapi_entry_free(child);
+ }
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: <==\n");
+}
+
+struct propogateMembershipUpwardArgs {
+ Slapi_ValueSet *muid_vs;
+ int depth;
+};
+
+/* Forward declaration for next function */
+void propogateMembershipUpward(Slapi_Entry *, Slapi_ValueSet *, int);
+
+int
+propogateMembershipUpwardCallback(Slapi_Entry *child, void *callback_data)
+{
+ struct propogateMembershipUpwardArgs *args = (struct propogateMembershipUpwardArgs *)(callback_data);
+ propogateMembershipUpward(child, args->muid_vs, args->depth);
+ return 0;
+}
+
+void
+propogateMembershipUpward(Slapi_Entry *entry, Slapi_ValueSet *muid_vs, int depth)
+{
+ if (depth >= MAX_RECURSION_DEPTH) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: recursion limit reached: %d\n", depth);
+ return;
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: entry name: %s\n",
+ slapi_entry_get_dn_const(entry));
+
+ Slapi_ValueSet *muid_here_vs = NULL;
+ Slapi_ValueSet *muid_upward_vs = NULL;
+
+ /* Get the memberUids at this location, and figure out local changes to memberUid (if any)
+ * and changes to send upward.
+ */
+ if (depth > 0 && hasObjectClass(entry, "posixGroup")) {
+ int addDynamicGroup = 0;
+ Slapi_Attr *muid_old_attr = NULL;
+ Slapi_ValueSet *muid_old_vs = NULL;
+ int rc = slapi_entry_attr_find(entry, "memberUid", &muid_old_attr);
+ if (rc != 0 || muid_old_attr == NULL) { /* Found no memberUid list, so create */
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: no attribute memberUid\n");
+
+ /* There's no values from this entry to add */
+ muid_upward_vs = muid_vs;
+ muid_here_vs = muid_vs;
+ }
+ else {
+ /* Eliminate duplicates */
+ muid_upward_vs = slapi_valueset_new();
+ muid_here_vs = slapi_valueset_new();
+
+ slapi_valueset_set_valueset(muid_upward_vs, muid_old_vs);
+
+ slapi_attr_get_valueset(muid_old_attr, &muid_old_vs);
+ int i = 0;
+ Slapi_Value *v = NULL;
+ for (i = slapi_valueset_first_value(muid_vs, &v); i != -1;
+ i = slapi_valueset_next_value(muid_vs, i, &v)) {
+
+ if (!slapi_valueset_find(muid_old_attr, muid_old_vs, v)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: adding %s to set\n",
+ slapi_value_get_string(v));
+
+ addDynamicGroup = 1;
+ slapi_valueset_add_value(muid_here_vs, v);
+ slapi_valueset_add_value(muid_upward_vs, v);
+ }
+ }
+ }
+
+ /* Update this group's membership */
+ slapi_entry_add_valueset(entry, "memberUid", muid_here_vs);
+ if (addDynamicGroup) {
+ addDynamicGroupIfNecessary(entry, NULL);
+ slapi_entry_add_valueset(entry, "dsOnlyMemberUid", muid_here_vs);
+ }
+ }
+ else {
+ muid_upward_vs = muid_vs;
+ }
+
+ /* Find groups containing this one, recurse
+ */
+ char *attrs[] = {"memberUid", "objectClass", NULL};
+ struct propogateMembershipUpwardArgs data = {muid_upward_vs, depth + 1};
+
+ posix_winsync_foreach_parent(entry, attrs, propogateMembershipUpwardCallback, &data);
+
+/* Cleanup */
+ if (muid_here_vs && muid_here_vs != muid_vs) {
+ slapi_valueset_free(muid_here_vs); muid_here_vs = NULL;
+ }
+ if (muid_upward_vs && muid_upward_vs != muid_vs) {
+ slapi_valueset_free(muid_upward_vs); muid_upward_vs = NULL;
+ }
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: <==\n");
+}
+
+struct propogateDeletionsUpwardArgs {
+ const Slapi_DN *base_sdn;
+ Slapi_ValueSet *smod_deluids;
+ Slapi_ValueSet *del_nested_vs;
+ int depth;
+};
+
+/* Forward declaration for next function */
+void propogateDeletionsUpward(Slapi_Entry *, const Slapi_DN *, Slapi_ValueSet*, Slapi_ValueSet *, int);
+
+int
+propogateDeletionsUpwardCallback(Slapi_Entry *entry, void *callback_data)
+{
+ struct propogateDeletionsUpwardArgs *args = (struct propogateDeletionsUpwardArgs *)(callback_data);
+ propogateDeletionsUpward(entry, args->base_sdn, args->smod_deluids, args->del_nested_vs, args->depth);
+}
+
+void
+propogateDeletionsUpward(Slapi_Entry *entry, const Slapi_DN *base_sdn, Slapi_ValueSet *smod_deluids, Slapi_ValueSet *del_nested_vs, int depth)
+{
+ if (smod_deluids == NULL) return;
+
+ if (depth >= MAX_RECURSION_DEPTH) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: recursion limit reached: %d\n", depth);
+ return;
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: entry name: %s\n",
+ slapi_entry_get_dn_const(entry));
+
+ char *attrs[] = { "uniqueMember", "memberUid", "objectClass", NULL };
+ struct propogateDeletionsUpwardArgs data = {base_sdn, smod_deluids, del_nested_vs, depth + 1};
+ posix_winsync_foreach_parent(entry, attrs, propogateDeletionsUpwardCallback, &data);
+
+ Slapi_Attr *muid_attr = NULL;
+ int rc = slapi_entry_attr_find(entry, "dsOnlyMemberUid", &muid_attr);
+
+ if (rc == 0 && muid_attr != NULL) {
+
+ Slapi_ValueSet *muid_vs = slapi_valueset_new();
+ Slapi_ValueSet *muid_nested_vs = slapi_valueset_new();
+ Slapi_ValueSet *muid_deletions_vs = slapi_valueset_new();
+
+ getMembershipFromDownward(entry, muid_vs, muid_nested_vs, smod_deluids, base_sdn, 0);
+
+ int i;
+ Slapi_Value *v;
+ for (i = slapi_attr_first_value(muid_attr, &v); i != -1;
+ i = slapi_attr_next_value(muid_attr, i, &v)) {
+ if (!slapi_valueset_find(muid_attr, muid_vs, v)) {
+ const char *uid = slapi_value_get_string(v);
+ if (depth == 0 && !uid_in_valueset(uid, smod_deluids)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: Adding deletion to modlist: %s\n",
+ slapi_value_get_string(v));
+ slapi_valueset_add_value(del_nested_vs, v);
+ }
+ else if (depth > 0) {
+ slapi_valueset_add_value(muid_deletions_vs, v);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: Adding deletion to deletion list: %s\n",
+ slapi_value_get_string(v));
+ }
+ }
+ }
+
+ if (depth > 0) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: executing deletion list\n");
+
+ Slapi_Mods *smods = slapi_mods_new();
+ slapi_mods_add_mod_values(smods, LDAP_MOD_DELETE, "memberuid", valueset_get_valuearray(muid_deletions_vs));
+ slapi_mods_add_mod_values(smods, LDAP_MOD_DELETE, "dsonlymemberuid", valueset_get_valuearray(muid_deletions_vs));
+
+ Slapi_PBlock *mod_pb = slapi_pblock_new();
+ slapi_modify_internal_set_pb_ext(mod_pb, slapi_entry_get_sdn(entry), slapi_mods_get_ldapmods_passout(smods), 0, 0,
+ posix_winsync_get_plugin_identity(), 0);
+ slapi_modify_internal_pb(mod_pb);
+ slapi_pblock_destroy(mod_pb);
+
+ slapi_mods_free(&smods);
+ }
+
+ slapi_valueset_free(muid_vs); muid_vs = NULL;
+ slapi_valueset_free(muid_nested_vs); muid_nested_vs = NULL;
+ slapi_valueset_free(muid_deletions_vs); muid_deletions_vs = NULL;
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: <==\n");
+}
+
+int
+modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
+{
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "modGroupMembership: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "modGroupMembership: Modding %s\n",
+ slapi_entry_get_dn_const(entry));
- if (!isPosixGroup(entry)) {
+ int posixGroup = hasObjectClass(entry, "posixGroup");
+
+ if (!(posixGroup || hasObjectClass(entry, "ntGroup"))) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership end: Not a posixGroup or ntGroup\n");
return 0;
}
@@ -232,7 +642,7 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
Slapi_Mod *nextMod = slapi_mod_new();
int del_mod = 0; /* Bool: was there a delete mod? */
char **smod_adduids = NULL;
- char **smod_deluids = NULL;
+ Slapi_ValueSet *smod_deluids = NULL;
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: posixGroup -> look for uniquemember\n");
@@ -243,15 +653,20 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
if (slapi_attr_types_equivalent(slapi_mod_get_type(smod), "uniqueMember")) {
struct berval *bv;
+ int current_del_mod = SLAPI_IS_MOD_DELETE(slapi_mod_get_operation(smod));
+ if (current_del_mod) {
+ del_mod = 1;
+ }
+
for (bv = slapi_mod_get_first_value(smod); bv;
bv = slapi_mod_get_next_value(smod)) {
Slapi_Value *sv = slapi_value_new();
slapi_value_init_berval(sv, bv); /* copies bv_val */
- if (SLAPI_IS_MOD_DELETE(slapi_mod_get_operation(smod))) {
- del_mod = 1;
- slapi_ch_array_add(&smod_deluids,
- slapi_ch_strdup(slapi_value_get_string(sv)));
+ if (current_del_mod) {
+ if (!smod_deluids) smod_deluids = slapi_valueset_new();
+
+ slapi_valueset_add_value(smod_deluids, sv);
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: add to deluids %s\n",
bv->bv_val);
@@ -268,60 +683,67 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
}
slapi_mod_free(&nextMod);
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: entry is posixGroup\n");
-
- Slapi_Attr * muid_attr = NULL; /* Entry attributes */
+ int muid_rc = 0;
+ Slapi_Attr * muid_attr = NULL; /* Entry attributes */
+ Slapi_ValueSet *muid_vs = NULL;
Slapi_Value * uid_value = NULL; /* Attribute values */
- char **adduids = NULL;
- char **moduids = NULL;
- char **deluids = NULL;
- int doModify = false;
+ Slapi_ValueSet *adduids = slapi_valueset_new();
+ Slapi_ValueSet *add_nested_vs = slapi_valueset_new();
+ Slapi_ValueSet *deluids = slapi_valueset_new();
+ Slapi_ValueSet *del_nested_vs = slapi_valueset_new();
+
+ const Slapi_DN *base_sdn = slapi_entry_get_sdn_const(entry);
+
int j = 0;
if (del_mod || smod_deluids != NULL) {
do { /* Create a context to "break" from */
- Slapi_Attr * mu_attr = NULL; /* Entry attributes */
- rc = slapi_entry_attr_find(entry, "memberUid", &mu_attr);
- if (rc != 0 || mu_attr == NULL) {
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership end: attribute memberUid not found\n");
- break;
- }
- /* found attribute uniquemember */
+ muid_rc = slapi_entry_attr_find(entry, "memberUid", &muid_attr);
+
if (smod_deluids == NULL) { /* deletion of the last value, deletes the Attribut from entry complete, this operation has no value, so we must look by self */
Slapi_Attr * um_attr = NULL; /* Entry attributes */
Slapi_Value * uid_dn_value = NULL; /* Attribute values */
int rc = slapi_entry_attr_find(entry, "uniquemember", &um_attr);
+
if (rc != 0 || um_attr == NULL) {
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership end: attribute uniquemember not found\n");
break;
}
- /* found attribute uniquemember */
- /* ...loop for value... */
- for (j = slapi_attr_first_value(um_attr, &uid_dn_value); j != -1;
- j = slapi_attr_next_value(um_attr, j, &uid_dn_value)) {
- slapi_ch_array_add(&smod_deluids,
- slapi_ch_strdup(slapi_value_get_string(uid_dn_value)));
- }
+
+ slapi_attr_get_valueset(um_attr, &smod_deluids);
}
- /* ...loop for value... */
- for (j = slapi_attr_first_value(mu_attr, &uid_value); j != -1;
- j = slapi_attr_next_value(mu_attr, j, &uid_value)) {
- /* remove from uniquemember: remove from memberUid also */
- const char *uid = NULL;
+ if (muid_rc != 0 || muid_attr == NULL) {
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: test dellist \n");
- uid = slapi_value_get_string(uid_value);
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: test dellist %s\n", uid);
- if (uid_in_set(uid, smod_deluids)) {
- slapi_ch_array_add(&deluids, slapi_ch_strdup(uid));
+ "modGroupMembership end: attribute memberUid not found\n");
+ }
+ else if (posix_winsync_config_get_mapMemberUid()) {
+ /* ...loop for value... */
+ for (j = slapi_attr_first_value(muid_attr, &uid_value); j != -1;
+ j = slapi_attr_next_value(muid_attr, j, &uid_value)) {
+ /* remove from uniquemember: remove from memberUid also */
+ const char *uid = NULL;
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: add to dellist %s\n", uid);
- doModify = true;
+ "modGroupMembership: test dellist \n");
+ uid = slapi_value_get_string(uid_value);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: test dellist %s\n", uid);
+ if (uid_in_valueset(uid, smod_deluids)) {
+ slapi_valueset_add_value(deluids, uid_value);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: add to dellist %s\n", uid);
+ }
+ }
+ }
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ propogateDeletionsUpward(entry, base_sdn, smod_deluids, del_nested_vs, 0);
+ int i;
+ Slapi_Value *v;
+ for (i = slapi_valueset_first_value(del_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(del_nested_vs, i, &v)) {
+ slapi_valueset_add_value(deluids, v);
}
}
} while (false);
@@ -331,93 +753,176 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: posixGroup -> look for uniquemember\n");
- /* found attribute uniquemember */
- for (j = 0; smod_adduids[j]; j++) {
- static char *uid = NULL;
- uid_dn = smod_adduids[j];
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: perform user %s\n", uid_dn);
+ if (muid_rc == 0 && muid_attr == NULL) {
+ muid_rc = slapi_entry_attr_find(entry, "memberUid", &muid_attr);
+ }
+ if (muid_rc == 0 && muid_attr != NULL) {
+ slapi_attr_get_valueset(muid_attr, &muid_vs);
+ }
+ else {
+ muid_vs = slapi_valueset_new();
+ }
- uid = searchUid(uid_dn);
+ if (posix_winsync_config_get_mapMemberUid()) {
+ for (j = 0; smod_adduids[j]; j++) {
+ static char *uid = NULL;
- if (uid == NULL) {
+ uid_dn = smod_adduids[j];
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: uid not found for %s, cannot do anything\n",
- uid_dn); /* member on longer on server, do nothing */
- } else {
- rc |= slapi_entry_attr_find(entry, "memberUid", &muid_attr);
- if (rc != 0 || muid_attr == NULL) { /* Found no memberUid list, so create */
+ "modGroupMembership: perform user %s\n", uid_dn);
+
+ uid = searchUid(uid_dn);
+
+ if (uid == NULL) {
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: no attribute memberUid, add with %s \n",
- uid_dn);
- slapi_ch_array_add(&adduids, uid);
- uid = NULL; /* adduids now owns uid */
- doModify = true;
- } else { /* Found a memberUid list, so modify */
- Slapi_ValueSet *vs = NULL;
+ "modGroupMembership: uid not found for %s, cannot do anything\n",
+ uid_dn); /* member on longer on server, do nothing */
+ } else {
Slapi_Value *v = slapi_value_new();
-
slapi_value_init_string_passin(v, uid);
- slapi_attr_get_valueset(muid_attr, &vs);
- if (slapi_valueset_find(muid_attr, vs, v) != NULL) { /* already exist, all ok */
+
+ if (muid_rc == 0 && muid_attr != NULL &&
+ slapi_valueset_find(muid_attr, muid_vs, v) != NULL) {
+
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: uid found in memberuid list %s nothing to do\n",
uid);
- } else {
- slapi_ch_array_add(&moduids, uid);
+ }
+ else {
+ slapi_valueset_add_value(adduids, v);
+ slapi_valueset_add_value(muid_vs, v);
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: add to modlist %s\n", uid);
- uid = NULL; /* adduids now owns uid */
- /* have to clear out v otherwise slapi_value_free will also free uid */
- slapi_value_init_berval(v, NULL);
- doModify = true;
}
+
slapi_value_free(&v); /* also frees uid since it was a passin */
- slapi_valueset_free(vs); vs = NULL;
}
}
}
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+
+ for (j = 0; smod_adduids[j]; ++j) {
+ char *attrs[] = { "uniqueMember", "memberUid", "uid", "objectClass", NULL };
+ Slapi_Entry *child = getEntry(smod_adduids[j], attrs);
+
+ if (child) {
+ if (hasObjectClass(child, "ntGroup") || hasObjectClass(child, "posixGroup")) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: Found mod to add group, adding membership: %s\n",
+ smod_adduids[j]);
+ Slapi_ValueSet *muid_tempnested = slapi_valueset_new();
+ getMembershipFromDownward(child, muid_vs, add_nested_vs, smod_deluids, base_sdn, 0);
+
+ slapi_valueset_free(muid_tempnested); muid_tempnested = NULL;
+ }
+ }
+ else {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: entry not found for dn: %s\n",
+ smod_adduids[j]);
+ }
+ }
+
+ getMembershipFromDownward(entry, muid_vs, add_nested_vs, smod_deluids, base_sdn, 0);
+ int i = 0;
+ Slapi_Value *v = NULL;
+ for (i = slapi_valueset_first_value(add_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(add_nested_vs, i, &v)) {
+ slapi_valueset_add_value(adduids, v);
+ }
+
+ propogateMembershipUpward(entry, adduids, 0);
+ }
}
- if (doModify) {
+ if (posixGroup) {
+ int addDynamicGroup = 0;
int i;
- for (i = 0; adduids && adduids[i]; i++) {
- if (!smods_has_mod(smods, LDAP_MOD_ADD, "memberUid", adduids[i])) {
- slapi_mods_add_string(smods, LDAP_MOD_ADD, "memberUid", adduids[i]);
+ Slapi_Value *v;
+ for (i = slapi_valueset_first_value(adduids, &v); i != -1;
+ i = slapi_valueset_next_value(adduids, i, &v)){
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_ADD, "memberUid", muid)) {
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "memberUid", muid);
+ }
+ }
+ for (i = slapi_valueset_first_value(add_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(add_nested_vs, i, &v)) {
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_ADD, "dsOnlyMemberUid", muid)) {
+ addDynamicGroup = 1;
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "dsOnlyMemberUid", muid);
}
}
- for (i = 0; moduids && moduids[i]; i++) {
- if (!smods_has_mod(smods, LDAP_MOD_ADD, "memberUid", moduids[i])) {
- slapi_mods_add_string(smods, LDAP_MOD_ADD, "memberUid", moduids[i]);
+ for (i = slapi_valueset_first_value(deluids, &v); i != -1;
+ i = slapi_valueset_next_value(deluids, i, &v)){
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_DELETE, "memberUid", muid)) {
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "memberUid", muid);
}
}
- for (i = 0; deluids && deluids[i]; i++) {
- if (!smods_has_mod(smods, LDAP_MOD_DELETE, "memberUid", deluids[i])) {
- slapi_mods_add_string(smods, LDAP_MOD_DELETE, "memberUid", deluids[i]);
+ for (i = slapi_valueset_first_value(del_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(del_nested_vs, i, &v)){
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_DELETE, "dsOnlyMemberUid", muid)) {
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "dsOnlyMemberUid", muid);
}
}
+ if (addDynamicGroup) {
+ addDynamicGroupIfNecessary(entry, smods);
+ }
if (slapi_is_loglevel_set(SLAPI_LOG_PLUGIN))
slapi_mods_dump(smods, "memberUid - mods dump");
- *do_modify = 1;
posix_winsync_config_set_MOFTaskCreated();
}
slapi_ch_array_free(smod_adduids);
smod_adduids = NULL;
- slapi_ch_array_free(adduids);
- adduids = NULL;
- slapi_ch_array_free(smod_deluids);
+ if (smod_deluids) slapi_valueset_free(smod_deluids);
smod_deluids = NULL;
- slapi_ch_array_free(deluids);
+
+ slapi_valueset_free(adduids);
+ adduids = NULL;
+ slapi_valueset_free(deluids);
deluids = NULL;
- slapi_ch_array_free(moduids);
- moduids = NULL;
+
+ slapi_valueset_free(add_nested_vs); add_nested_vs = NULL;
+ slapi_valueset_free(del_nested_vs); del_nested_vs = NULL;
+
+ if (muid_vs) {
+ slapi_valueset_free(muid_vs); muid_vs = NULL;
+ }
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "modGroupMembership: <==\n");
return 0;
}
int
+addUserToGroupMembership(Slapi_Entry *entry)
+{
+ Slapi_Attr *uid_attr = NULL;
+ Slapi_Value *v = NULL;
+ Slapi_ValueSet *muid_vs = slapi_valueset_new();
+
+ if (slapi_entry_attr_find(entry, "uid", &uid_attr) == 0) {
+ slapi_attr_first_value(uid_attr, &v);
+
+ if (v) {
+ slapi_valueset_add_value(muid_vs, v);
+ }
+ }
+
+ propogateMembershipUpward(entry, muid_vs, 0);
+
+ slapi_valueset_free(muid_vs); muid_vs = NULL;
+}
+
+int
addGroupMembership(Slapi_Entry *entry, Slapi_Entry *ad_entry)
{
int rc = 0;
@@ -425,7 +930,11 @@ addGroupMembership(Slapi_Entry *entry, Slapi_Entry *ad_entry)
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "addGroupMembership: ==>\n");
- if(!isPosixGroup(entry)) {
+ int posixGroup = hasObjectClass(entry, "posixGroup");
+
+ if(!(posixGroup || hasObjectClass(entry, "ntGroup"))) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "addGroupMembership: didn't find posixGroup or ntGroup objectclass\n");
return 0;
}
@@ -448,34 +957,55 @@ addGroupMembership(Slapi_Entry *entry, Slapi_Entry *ad_entry)
if (rc != 0 || muid_attr == NULL) { /* Found no memberUid list, so create */
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"addGroupMembership: no attribute memberUid\n");
+ muid_attr = NULL;
}
newvs = slapi_valueset_new();
/* ...loop for value... */
- for (i = slapi_attr_first_value(um_attr, &uid_value); i != -1;
- i = slapi_attr_next_value(um_attr, i, &uid_value)) {
- const char *uid_dn = NULL;
- static char *uid = NULL;
- Slapi_Value *v = NULL;
+ if (posix_winsync_config_get_mapMemberUid()) {
+ for (i = slapi_attr_first_value(um_attr, &uid_value); i != -1;
+ i = slapi_attr_next_value(um_attr, i, &uid_value)) {
+ const char *uid_dn = NULL;
+ static char *uid = NULL;
+ Slapi_Value *v = NULL;
- uid_dn = slapi_value_get_string(uid_value);
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "addGroupMembership: perform member %s\n", uid_dn);
- uid = searchUid(uid_dn);
- if (uid == NULL) {
+ uid_dn = slapi_value_get_string(uid_value);
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "addGroupMembership: uid not found for %s, cannot do anything\n",
- uid_dn); /* member on longer on server, do nothing */
- } else {
- v = slapi_value_new_string(uid);
- slapi_ch_free_string(&uid);
- if (slapi_attr_value_find(muid_attr, slapi_value_get_berval(v)) != 0) {
- slapi_valueset_add_value(newvs, v);
+ "addGroupMembership: perform member %s\n", uid_dn);
+ uid = searchUid(uid_dn);
+ if (uid == NULL) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "addGroupMembership: uid not found for %s, cannot do anything\n",
+ uid_dn); /* member on longer on server, do nothing */
+ } else {
+ v = slapi_value_new_string(uid);
+ slapi_ch_free_string(&uid);
+ if (slapi_attr_value_find(muid_attr, slapi_value_get_berval(v)) != 0) {
+ slapi_valueset_add_value(newvs, v);
+ }
+ slapi_value_free(&v);
}
- slapi_value_free(&v);
}
}
- slapi_entry_add_valueset(entry, "memberUid", newvs);
- slapi_valueset_free(newvs);
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ Slapi_ValueSet *muid_nested_vs = slapi_valueset_new();
+
+ getMembershipFromDownward(entry, newvs, muid_nested_vs, NULL, NULL, 0);
+ propogateMembershipUpward(entry, newvs, 0);
+
+ if (posixGroup) {
+ addDynamicGroupIfNecessary(entry, NULL);
+ slapi_entry_add_valueset(entry, "dsOnlyMemberUid", muid_nested_vs);
+ }
+
+ slapi_valueset_free(muid_nested_vs); muid_nested_vs = NULL;
+ }
+
+ if (posixGroup) {
+ slapi_entry_add_valueset(entry, "memberUid", newvs);
+ }
+
+ slapi_valueset_free(newvs); newvs = NULL;
posix_winsync_config_get_MOFTaskCreated();
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "addGroupMembership: <==\n");
diff --git a/ldap/servers/plugins/posix-winsync/posix-group-task.c b/ldap/servers/plugins/posix-winsync/posix-group-task.c
index e31064c..4555f1b 100644
--- a/ldap/servers/plugins/posix-winsync/posix-group-task.c
+++ b/ldap/servers/plugins/posix-winsync/posix-group-task.c
@@ -25,11 +25,17 @@ typedef struct _cb_data
} posix_group_data_data;
*/
+Slapi_Value **
+valueset_get_valuearray(const Slapi_ValueSet *vs); /* stolen from proto-slap.h */
+
/* interface function */
int
posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int *returncode,
char *returntext, void *arg);
+Slapi_Entry *
+getEntry(const char *udn, char **attrs);
+
static void
posix_group_task_destructor(Slapi_Task *task);
static void
@@ -67,6 +73,10 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
*returncode = LDAP_SUCCESS;
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: ==>\n");
+
/* get arg(s) */
/* default: set replication basedn */
if ((dn = fetch_attr(e, "basedn", slapi_sdn_get_dn(posix_winsync_config_get_suffix()))) == NULL) {
@@ -75,12 +85,18 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
goto out;
}
- if ((filter = fetch_attr(e, "filter", "(&(objectclass=posixGroup)(uniquemember=*))")) == NULL) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: retrieved basedn: %s\n", dn);
+
+ if ((filter = fetch_attr(e, "filter", "(objectclass=ntGroup)")) == NULL) {
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rv = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: retrieved filter: %s\n", filter);
+
/* setup our task data */
mytaskdata = (task_data*) slapi_ch_malloc(sizeof(task_data));
if (mytaskdata == NULL) {
@@ -91,19 +107,41 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
mytaskdata->dn = slapi_ch_strdup(dn);
mytaskdata->filter_str = slapi_ch_strdup(filter);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task data allocated\n");
+
/* allocate new task now */
- task = slapi_new_task(slapi_entry_get_ndn(e));
+ char * ndn = slapi_entry_get_ndn(e);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: creating task object: %s\n",
+ ndn);
+
+ task = slapi_new_task(ndn);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task object created\n");
/* register our destructor for cleaning up our private data */
slapi_task_set_destructor_fn(task, posix_group_task_destructor);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task destructor set\n");
+
/* Stash a pointer to our data in the task */
slapi_task_set_data(task, mytaskdata);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task object initialized\n");
+
/* start the sample task as a separate thread */
thread = PR_CreateThread(PR_USER_THREAD, posix_group_fixup_task_thread, (void *) task,
PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD, PR_UNJOINABLE_THREAD,
SLAPD_DEFAULT_THREAD_STACKSIZE);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: thread created\n");
+
if (thread == NULL) {
slapi_log_error(SLAPI_LOG_FATAL, POSIX_WINSYNC_PLUGIN_NAME,
"unable to create task thread!\n");
@@ -114,7 +152,11 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
rv = SLAPI_DSE_CALLBACK_OK;
}
- out: return rv;
+ out:
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: <==\n", filter);
+
+ return rv;
}
static void
@@ -195,86 +237,172 @@ posix_group_fix_memberuid(char *dn, char *filter_str, void *txn)
static int
posix_group_fix_memberuid_callback(Slapi_Entry *e, void *callback_data)
{
- int rc = 0;
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid ==>\n");
+ cb_data *the_cb_data = (cb_data *) callback_data;
+
+ int rc;
+ Slapi_Attr *muid_attr = NULL;
+ Slapi_Value *v = NULL;
+
+ Slapi_Mods *smods = slapi_mods_new();
+
char *dn = slapi_entry_get_dn(e);
Slapi_DN *sdn = slapi_entry_get_sdn(e);
- Slapi_Attr *obj_attr = NULL;
+/* Clean out memberuids and dsonlymemberuids without a valid referant */
+ rc = slapi_entry_attr_find(e, "memberuid", &muid_attr);
+ if (rc == 0 && muid_attr) {
+ Slapi_PBlock *search_pb = slapi_pblock_new();
+
+ Slapi_Attr *dsmuid_attr = NULL;
+ Slapi_ValueSet *dsmuid_vs = NULL;
+
+ char *attrs[] = { "uid", NULL };
+
+ rc = slapi_entry_attr_find(e, "dsonlymemberuid", &dsmuid_attr);
+ if (rc == 0 && dsmuid_attr) {
+ slapi_attr_get_valueset(dsmuid_attr, &dsmuid_vs);
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid scan for orphaned memberuids\n");
+
+ int i;
+ for (i = slapi_attr_first_value(muid_attr, &v); i != -1;
+ i = slapi_attr_next_value(muid_attr, i, &v)) {
+ const char *muid = slapi_value_get_string(v);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid iterating memberuid: %s\n",
+ muid);
+
+ size_t vallen = muid ? strlen(muid) : 0;
+ char *filter_escaped_value = slapi_ch_calloc(sizeof(char), vallen*3+1);
+ char *filter = slapi_ch_smprintf("(uid=%s)", escape_filter_value(muid, vallen, filter_escaped_value));
+ slapi_ch_free_string(&filter_escaped_value);
+
+ Slapi_Entry **search_entries = NULL;
+
+ slapi_search_internal_set_pb(search_pb,
+ the_cb_data->dn,
+ LDAP_SCOPE_SUBTREE,
+ filter,
+ attrs, 0, NULL, NULL,
+ posix_winsync_get_plugin_identity(), 0);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid searching %s with filter: %s\n",
+ the_cb_data->dn, filter);
+ rc = slapi_search_internal_pb(search_pb);
+
+ slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &search_entries);
+
+ if (!search_entries || !search_entries[0]) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid Adding bad memberuid %s\n",
+ slapi_value_get_string(v));
+
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "memberuid", slapi_value_get_string(v));
+
+ if (dsmuid_vs && slapi_valueset_find(dsmuid_attr, dsmuid_vs, v)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid Adding bad dsonlymemberuid %s\n",
+ slapi_value_get_string(v));
+
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "dsonlymemberuid", slapi_value_get_string(v));
+ }
+ }
+
+ slapi_free_search_results_internal(search_pb);
+ slapi_pblock_init(search_pb);
+ slapi_ch_free_string(&filter);
+ }
+
+ if (dsmuid_vs) {
+ slapi_valueset_free(dsmuid_vs); dsmuid_vs = NULL;
+ }
+
+ slapi_pblock_destroy(search_pb); search_pb = NULL;
+ }
+
+ /* Cleanup uniquemembers without a referent, and verify memberuid otherwise */
+ Slapi_Attr *obj_attr = NULL;
rc = slapi_entry_attr_find(e, "uniquemember", &obj_attr);
- if (rc == 0) { /* Found uniquemember, so... */
+ if (rc == 0 && obj_attr) {
+ int fixMembership = 0;
+ Slapi_ValueSet *bad_ums = NULL;
+
int i;
- Slapi_Value * value = slapi_value_new(); /* new memberuid Attribute values */
- Slapi_Value * uniqval = NULL; /* uniquemeber Attribute values */
- Slapi_ValueSet *uids = slapi_valueset_new();
+ Slapi_Value * uniqval = NULL; /* uniquemeber Attribute values */
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"_fix_memberuid scan uniquemember, group %s\n", dn);
for (i = slapi_attr_first_value(obj_attr, &uniqval); i != -1;
i = slapi_attr_next_value(obj_attr, i, &uniqval)) {
- const char *member = NULL;
- char * uid = NULL;
- member = slapi_value_get_string(uniqval);
- /* search uid for member (DN) */
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "search %s\n", member);
- if ((uid = searchUid(member)) != NULL) {
- slapi_value_set_string(value, uid);
- /* add uids ValueSet */
- slapi_valueset_add_value(uids, value);
+
+ const char *member = slapi_value_get_string(uniqval);
+ char *attrs[] = { "uid", "objectclass", NULL };
+ Slapi_Entry *child = getEntry(member, attrs);
+
+ if (!child) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid orphaned uniquemember found: %s\n", member);
+
+ if (strncasecmp(member, "cn=", 3) == 0) {
+ fixMembership = 1;
+ }
+ if (!bad_ums) {
+ bad_ums = slapi_valueset_new();
+ }
+ slapi_valueset_add_value(bad_ums, uniqval);
}
}
- slapi_value_free(&value);
-
- /* If we found some posix members, replace the existing memberuid attribute
- * with the found values. */
- if (uids && slapi_valueset_count(uids)) {
- Slapi_PBlock *mod_pb = slapi_pblock_new();
- Slapi_Value *val = 0;
- Slapi_Mod *smod;
- LDAPMod **mods = (LDAPMod **) slapi_ch_malloc(2 * sizeof(LDAPMod *));
- int hint = 0;
- cb_data *the_cb_data = (cb_data *) callback_data;
-
- smod = slapi_mod_new();
- slapi_mod_init(smod, 0);
- slapi_mod_set_operation(smod, LDAP_MOD_REPLACE | LDAP_MOD_BVALUES);
- slapi_mod_set_type(smod, "memberuid");
-
- /* Loop through all of our values and add them to smod */
- hint = slapi_valueset_first_value(uids, &val);
- while (val) {
- /* this makes a copy of the berval */
- slapi_mod_add_value(smod, slapi_value_get_berval(val));
- hint = slapi_valueset_next_value(uids, hint, &val);
- }
- mods[0] = slapi_mod_get_ldapmod_passout(smod);
- mods[1] = 0;
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid Finishing...\n");
- slapi_modify_internal_set_pb_ext(mod_pb, sdn, mods, 0, 0,
- posix_winsync_get_plugin_identity(), 0);
+ if (fixMembership && posix_winsync_config_get_mapNestedGrouping()) {
+ Slapi_ValueSet *del_nested_vs = slapi_valueset_new();
- slapi_pblock_set(mod_pb, SLAPI_TXN, the_cb_data->txn);
- slapi_modify_internal_pb(mod_pb);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid group deleted, recalculating nesting\n");
+ propogateDeletionsUpward(e, sdn, bad_ums, del_nested_vs, 0);
- slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+ slapi_valueset_free(del_nested_vs); del_nested_vs = NULL;
+ }
- ldap_mods_free(mods, 1);
- slapi_mod_free(&smod);
- slapi_pblock_destroy(mod_pb);
- } else {
- /* No member were found, so remove the memberuid attribute
- * from this entry. */
- posix_group_del_memberuid_callback(e, callback_data);
+ if (bad_ums) {
+ slapi_mods_add_mod_values(smods, LDAP_MOD_DELETE, "uniquemember", valueset_get_valuearray(bad_ums));
+ slapi_valueset_free(bad_ums); bad_ums = NULL;
}
- slapi_valueset_free(uids);
}
+
+ Slapi_PBlock *mod_pb = slapi_pblock_new();
+
+ slapi_modify_internal_set_pb_ext(mod_pb, sdn, slapi_mods_get_ldapmods_passout(smods), 0, 0,
+ posix_winsync_get_plugin_identity(), 0);
+
+ slapi_pblock_set(mod_pb, SLAPI_TXN, the_cb_data->txn);
+ slapi_modify_internal_pb(mod_pb);
+
+ slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+ slapi_pblock_destroy(mod_pb);
+
+ slapi_mods_free(&smods);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid <==\n");
return rc;
}
static void
posix_group_fixup_task_thread(void *arg)
{
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_task_thread ==>\n");
+
Slapi_Task *task = (Slapi_Task *) arg;
task_data *td = NULL;
int rc = 0;
@@ -293,11 +421,18 @@ posix_group_fixup_task_thread(void *arg)
/* release the memberOf operation lock */
memberUidUnlock();
+
slapi_task_log_notice(task, "posix_group task finished.");
slapi_task_log_status(task, "posix_group task finished.");
slapi_task_inc_progress(task);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_task_thread finishing\n");
+
/* this will queue the destruction of the task */
slapi_task_finish(task, rc);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_task_thread <==\n");
}
diff --git a/ldap/servers/plugins/posix-winsync/posix-winsync-config.c b/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
index a2d21be..a7fd6e9 100644
--- a/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
+++ b/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
@@ -142,6 +142,12 @@ posix_winsync_config_get_msSFUSchema()
return theConfig.mssfuSchema;
}
+PRBool
+posix_winsync_config_get_mapNestedGrouping()
+{
+ return theConfig.mapNestedGrouping;
+}
+
Slapi_DN *
posix_winsync_config_get_suffix()
{
@@ -182,6 +188,7 @@ posix_winsync_config(Slapi_Entry *config_e)
theConfig.lowercase = PR_FALSE;
theConfig.createMemberOfTask = PR_FALSE;
theConfig.MOFTaskCreated = PR_FALSE;
+ theConfig.mapNestedGrouping = PR_FALSE;
posix_winsync_apply_config(NULL, NULL, config_e, &returncode, returntext, NULL);
/* config DSE must be initialized before we get here */
@@ -224,6 +231,7 @@ posix_winsync_apply_config(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
PRBool createMemberOfTask = PR_FALSE;
PRBool lowercase = PR_FALSE;
Slapi_Attr *testattr = NULL;
+ PRBool mapNestedGrouping = PR_FALSE;
*returncode = LDAP_UNWILLING_TO_PERFORM; /* be pessimistic */
@@ -257,6 +265,13 @@ posix_winsync_apply_config(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
"_apply_config: Config paramter %s: %d\n", POSIX_WINSYNC_LOWER_CASE,
lowercase);
}
+ /* propogate memberuids in nested grouping */
+ if (!slapi_entry_attr_find(e, POSIX_WINSYNC_MAP_NESTED_GROUPING, &testattr) && (NULL != testattr)) {
+ mapNestedGrouping = slapi_entry_attr_get_bool(e, POSIX_WINSYNC_MAP_NESTED_GROUPING);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_apply_config: Config paramter %s: %d\n", POSIX_WINSYNC_MAP_NESTED_GROUPING,
+ mapNestedGrouping);
+ }
/* if we got here, we have valid values for everything
set the config entry */
slapi_lock_mutex(theConfig.lock);
@@ -269,6 +284,7 @@ posix_winsync_apply_config(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
theConfig.mapMemberUID = mapMemberUID;
theConfig.createMemberOfTask = createMemberOfTask;
theConfig.lowercase = lowercase;
+ theConfig.mapNestedGrouping = mapNestedGrouping;
/* success */
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
diff --git a/ldap/servers/plugins/posix-winsync/posix-winsync.c b/ldap/servers/plugins/posix-winsync/posix-winsync.c
index 398541d..aa292c3 100644
--- a/ldap/servers/plugins/posix-winsync/posix-winsync.c
+++ b/ldap/servers/plugins/posix-winsync/posix-winsync.c
@@ -68,7 +68,7 @@
#include "posix-wsp-ident.h"
#include "posix-group-func.h"
-#define MEMBEROFTASK "memberof task"
+#define MEMBEROFTASK "memberuid task"
Slapi_Value **
valueset_get_valuearray(const Slapi_ValueSet *vs); /* stolen from proto-slap.h */
void *
@@ -103,6 +103,7 @@ static windows_attribute_map user_mssfu_attribute_map[] =
{ "msSFU30gecos", "gecos" },
{ NULL, NULL } };
+/* memberUid must be first element or fixup in pre_ad_mod/add_group is required */
static windows_attribute_map group_attribute_map[] = { { "memberUid", "memberUid" },
{ "gidNumber", "gidNumber" },
{ NULL, NULL } };
@@ -661,7 +662,34 @@ posix_winsync_pre_ad_mod_group_cb(void *cbdata, const Slapi_Entry *rawentry, Sla
char *ad_type = NULL;
int is_present_local;
- slapi_attr_get_valueset(attr, &vs);
+ if (i == 0) { /* memberUid */
+ Slapi_Attr *dsmuid_attr = NULL;
+ Slapi_Value *v = NULL;
+ slapi_entry_attr_find(ds_entry, "dsonlymemberuid", &dsmuid_attr);
+
+ if (dsmuid_attr) {
+ Slapi_ValueSet *dsmuid_vs = NULL;
+ slapi_attr_get_valueset(dsmuid_attr, &dsmuid_vs);
+ if (dsmuid_vs) {
+ vs = slapi_valueset_new();
+
+ int j;
+ for (j = slapi_attr_first_value(attr, &v); j != -1;
+ j = slapi_attr_next_value(attr, i, &v)) {
+ if (!slapi_valueset_find(dsmuid_attr, dsmuid_vs, v)) {
+ slapi_valueset_add_value(vs, v);
+ }
+ }
+
+ slapi_valueset_free(dsmuid_vs); dsmuid_vs = NULL;
+ }
+ }
+ }
+
+ if (!vs) {
+ slapi_attr_get_valueset(attr, &vs);
+ }
+
ad_type = slapi_ch_strdup(attr_map[i].windows_attribute_name);
slapi_entry_attr_find(ad_entry, ad_type, &ad_attr);
is_present_local = (NULL == ad_attr) ? 0 : 1;
@@ -810,6 +838,12 @@ posix_winsync_pre_ds_mod_user_cb(void *cbdata, const Slapi_Entry *rawentry, Slap
valueset_get_valuearray(oc_vs));
slapi_value_free(&oc_nv);
slapi_valueset_free(oc_vs);
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ memberUidLock();
+ addUserToGroupMembership(ds_entry);
+ memberUidUnlock();
+ }
}
}
slapi_value_free(&voc);
@@ -897,7 +931,7 @@ posix_winsync_pre_ds_mod_group_cb(void *cbdata, const Slapi_Entry *rawentry, Sla
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"_pre_ds_mod_group_cb present %d modify %d before\n", is_present_local,
do_modify_local);
- if (posix_winsync_config_get_mapMemberUid()) {
+ if (posix_winsync_config_get_mapMemberUid() || posix_winsync_config_get_mapNestedGrouping()) {
memberUidLock();
modGroupMembership(ds_entry, smods, do_modify);
memberUidUnlock();
@@ -999,6 +1033,13 @@ posix_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry, Slap
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"<-- _pre_ds_add_user_cb -- adding objectclass for new entry failed %d\n",
rc);
+ else {
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ memberUidLock();
+ addUserToGroupMembership(ds_entry);
+ memberUidUnlock();
+ }
+ }
}
sync_acct_disable(cbdata, rawentry, ds_entry, ACCT_DISABLE_TO_DS, ds_entry, NULL, NULL);
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name, "<-- _pre_ds_add_user_cb -- end\n");
@@ -1054,14 +1095,14 @@ posix_winsync_pre_ds_add_group_cb(void *cbdata, const Slapi_Entry *rawentry, Sla
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"<-- _pre_ds_add_group_cb -- adding objectclass for new entry failed %d\n",
rc);
- } else {
- if (posix_winsync_config_get_mapMemberUid()) {
- memberUidLock();
- addGroupMembership(ds_entry, ad_entry);
- memberUidUnlock();
- }
}
}
+ if (posix_winsync_config_get_mapMemberUid() || posix_winsync_config_get_mapNestedGrouping()) {
+ memberUidLock();
+ addGroupMembership(ds_entry, ad_entry);
+ memberUidUnlock();
+ }
+
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"<-- posix_winsync_pre_ds_add_group_cb -- end\n");
@@ -1274,7 +1315,7 @@ posix_winsync_end_update_cb(void *cbdata, const Slapi_DN *ds_subtree, const Slap
"--> posix_winsync_end_update_cb -- begin %d %d\n",
posix_winsync_config_get_MOFTaskCreated(),
posix_winsync_config_get_createMOFTask());
- if (posix_winsync_config_get_MOFTaskCreated() && posix_winsync_config_get_createMOFTask()) {
+ if (1 && posix_winsync_config_get_createMOFTask()) {
/* add a task to schedule memberof Plugin for fix memebrof attributs */
Slapi_PBlock *pb = slapi_pblock_new();
Slapi_Entry *e_task = slapi_entry_alloc();
@@ -1291,13 +1332,24 @@ posix_winsync_end_update_cb(void *cbdata, const Slapi_DN *ds_subtree, const Slap
posix_winsync_plugin_name, MEMBEROFTASK);
return;
}
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
+ "--> posix_winsync_end_update_cb, init'ing task\n");
+
slapi_entry_init(e_task, slapi_ch_strdup(dn), NULL);
slapi_entry_add_string(e_task, "cn", slapi_ch_strdup(posix_winsync_plugin_name));
slapi_entry_add_string(e_task, "objectClass", "extensibleObject");
slapi_entry_add_string(e_task, "basedn", slapi_sdn_get_dn(ds_subtree));
slapi_add_entry_internal_set_pb(pb, e_task, NULL, posix_winsync_get_plugin_identity(), 0);
+
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
+ "--> posix_winsync_end_update_cb, adding task\n");
slapi_add_internal_pb(pb);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
+ "--> posix_winsync_end_update_cb, retrieving return code\n");
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
if (rc != 0) {
slapi_log_error(SLAPI_LOG_FATAL, posix_winsync_plugin_name,
diff --git a/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h b/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h
index 43a23df..f36fe40 100644
--- a/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h
+++ b/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h
@@ -17,7 +17,7 @@
#define POSIX_WINSYNC_MAP_MEMBERUID "posixWinsyncMapMemberUID"
#define POSIX_WINSYNC_CREATE_MEMBEROFTASK "posixWinsyncCreateMemberOfTask"
#define POSIX_WINSYNC_LOWER_CASE "posixWinsyncLowerCaseUID"
-
+#define POSIX_WINSYNC_MAP_NESTED_GROUPING "posixWinsyncMapNestedGrouping"
void * posix_winsync_get_plugin_identity();
@@ -29,6 +29,7 @@ typedef struct posix_winsync_config_struct {
PRBool lowercase; /* store the uid in group memberuid in lower case */
PRBool createMemberOfTask; /* should memberOf Plugin Task run after AD sync */
PRBool MOFTaskCreated;
+ PRBool mapNestedGrouping;
Slapi_DN *rep_suffix; /* namingContext in DS of the replicated suffix */
} POSIX_WinSync_Config;
@@ -42,6 +43,7 @@ Slapi_DN *posix_winsync_config_get_suffix();
void posix_winsync_config_reset_MOFTaskCreated();
void posix_winsync_config_set_MOFTaskCreated();
PRBool posix_winsync_config_get_MOFTaskCreated();
+PRBool posix_winsync_config_get_mapNestedGrouping();
int posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e,
Slapi_Entry *eAfter, int *returncode, char *returntext,
11 years, 6 months
Makefile.am Makefile.in ldap/ldif ldap/schema ldap/servers
by Noriko Hosoi
Makefile.am | 1
Makefile.in | 1
ldap/ldif/50posix-winsync-plugin.ldif | 1
ldap/schema/60posix-winsync-plugin.ldif | 44
ldap/servers/plugins/posix-winsync/posix-group-func.c | 846 +++++++++++---
ldap/servers/plugins/posix-winsync/posix-group-task.c | 249 +++-
ldap/servers/plugins/posix-winsync/posix-winsync-config.c | 16
ldap/servers/plugins/posix-winsync/posix-winsync.c | 72 +
ldap/servers/plugins/posix-winsync/posix-wsp-ident.h | 4
9 files changed, 1008 insertions(+), 226 deletions(-)
New commits:
commit b9eeb2e1a8e688dfec753e8965d0e5aeb119e638
Author: Ken Rossato <ken.rossato(a)redhat.com>
Date: Mon Sep 24 19:52:09 2012 -0400
Ticket #481 - expand nested posix groups
Description: Add ability to populate memberuid dynamically to
reflect nested grouping.
diff --git a/Makefile.am b/Makefile.am
index c5c4080..507a2d6 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -299,6 +299,7 @@ schema_DATA = $(srcdir)/ldap/schema/00core.ldif \
$(srcdir)/ldap/schema/50ns-value.ldif \
$(srcdir)/ldap/schema/50ns-web.ldif \
$(srcdir)/ldap/schema/60pam-plugin.ldif \
+ $(srcdir)/ldap/schema/60posix-winsync-plugin.ldif \
$(srcdir)/ldap/schema/60autofs.ldif \
$(srcdir)/ldap/schema/60eduperson.ldif \
$(srcdir)/ldap/schema/60mozilla.ldif \
diff --git a/Makefile.in b/Makefile.in
index 3777829..f105932 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -1527,6 +1527,7 @@ schema_DATA = $(srcdir)/ldap/schema/00core.ldif \
$(srcdir)/ldap/schema/50ns-value.ldif \
$(srcdir)/ldap/schema/50ns-web.ldif \
$(srcdir)/ldap/schema/60pam-plugin.ldif \
+ $(srcdir)/ldap/schema/60posix-winsync-plugin.ldif \
$(srcdir)/ldap/schema/60autofs.ldif \
$(srcdir)/ldap/schema/60eduperson.ldif \
$(srcdir)/ldap/schema/60mozilla.ldif \
diff --git a/ldap/ldif/50posix-winsync-plugin.ldif b/ldap/ldif/50posix-winsync-plugin.ldif
index de8c432..17dc243 100644
--- a/ldap/ldif/50posix-winsync-plugin.ldif
+++ b/ldap/ldif/50posix-winsync-plugin.ldif
@@ -10,6 +10,7 @@ nsslapd-pluginenabled: off
nsslapd-plugin-depends-on-type: database
posixWinsyncMsSFUSchema: false
posixWinsyncMapMemberUID: true
+posixWinsyncMapNestedGrouping: false
posixWinsyncCreateMemberOfTask: false
posixWinsyncLowerCaseUID: false
nsslapd-pluginprecedence: 25
diff --git a/ldap/schema/60posix-winsync-plugin.ldif b/ldap/schema/60posix-winsync-plugin.ldif
new file mode 100644
index 0000000..8d9a72e
--- /dev/null
+++ b/ldap/schema/60posix-winsync-plugin.ldif
@@ -0,0 +1,44 @@
+#
+# BEGIN COPYRIGHT BLOCK
+# This Program is free software; you can redistribute it and/or modify it under
+# the terms of the GNU General Public License as published by the Free Software
+# Foundation; version 2 of the License.
+#
+# This Program is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along with
+# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
+# Place, Suite 330, Boston, MA 02111-1307 USA.
+#
+# In addition, as a special exception, Red Hat, Inc. gives You the additional
+# right to link the code of this Program with code not covered under the GNU
+# General Public License ("Non-GPL Code") and to distribute linked combinations
+# including the two, subject to the limitations in this paragraph. Non-GPL Code
+# permitted under this exception must only link to the code of this Program
+# through those well defined interfaces identified in the file named EXCEPTION
+# found in the source code files (the "Approved Interfaces"). The files of
+# Non-GPL Code may instantiate templates or use macros or inline functions from
+# the Approved Interfaces without causing the resulting work to be covered by
+# the GNU General Public License. Only Red Hat, Inc. may make changes or
+# additions to the list of Approved Interfaces. You must obey the GNU General
+# Public License in all respects for all of the Program code and other code used
+# in conjunction with the Program except the Non-GPL Code covered by this
+# exception. If you modify this file, you may extend this exception to your
+# version of the file, but you are not obligated to do so. If you do not wish to
+# provide this exception without modification, you must delete this exception
+# statement from your version and license this file solely under the GPL without
+# exception.
+#
+#
+# Copyright (C) 2005 Red Hat, Inc.
+# All rights reserved.
+# END COPYRIGHT BLOCK
+#
+#
+# Schema for representing internal dynamically-generated group members
+#
+dn: cn=schema
+attributeTypes: ( 2.16.840.1.113730.3.1.2141 NAME 'dsOnlyMemberUid' DESC 'Elements from a memberuid attribute created to reflect dynamic group membership' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Red Hat Directory Server' )
+objectClasses: ( 2.16.840.1.113730.3.2.326 NAME 'dynamicGroup' DESC 'Group containing internal dynamically-generated members' SUP posixGroup AUXILIARY MAY ( dsOnlyMemberUid ) X-ORIGIN 'Red Hat Directory Server' )
diff --git a/ldap/servers/plugins/posix-winsync/posix-group-func.c b/ldap/servers/plugins/posix-winsync/posix-group-func.c
index 1403a89..66b9272 100644
--- a/ldap/servers/plugins/posix-winsync/posix-group-func.c
+++ b/ldap/servers/plugins/posix-winsync/posix-group-func.c
@@ -18,11 +18,14 @@
$Id: posix-group-func.c 28 2011-05-13 14:35:29Z grzemba $
*/
#include "slapi-plugin.h"
+#include "slapi-private.h"
#include <string.h>
#include <nspr.h>
#include "posix-wsp-ident.h"
+#define MAX_RECURSION_DEPTH (5)
+
Slapi_Value **
valueset_get_valuearray(const Slapi_ValueSet *vs); /* stolen from proto-slap.h */
static PRMonitor *memberuid_operation_lock = 0;
@@ -45,58 +48,100 @@ memberUidLockInit()
return (memberuid_operation_lock = PR_NewMonitor()) != NULL;
}
+void
+addDynamicGroupIfNecessary(Slapi_Entry *entry, Slapi_Mods *smods) {
+ Slapi_Attr *oc_attr = NULL;
+ Slapi_Value *voc = slapi_value_new();
+
+ slapi_value_init_string(voc, "dynamicGroup");
+ slapi_entry_attr_find(entry, "objectClass", &oc_attr);
+
+ if (slapi_attr_value_find(oc_attr, slapi_value_get_berval(voc)) != 0) {
+ if (smods) {
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "objectClass", "dynamicGroup");
+ }
+ else {
+ smods = slapi_mods_new();
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "objectClass", "dynamicGroup");
+
+ Slapi_PBlock *mod_pb = slapi_pblock_new();
+ slapi_modify_internal_set_pb_ext(mod_pb, slapi_entry_get_sdn(entry), slapi_mods_get_ldapmods_passout(smods), 0, 0,
+ posix_winsync_get_plugin_identity(), 0);
+ slapi_modify_internal_pb(mod_pb);
+ slapi_pblock_destroy(mod_pb);
+
+ slapi_mods_free(&smods);
+ }
+ }
+
+ slapi_value_free(&voc);
+}
+
+Slapi_Entry *
+getEntry(const char *udn, char **attrs)
+{
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "getEntry: search %s\n", udn);
+
+ Slapi_DN *udn_sdn = slapi_sdn_new_dn_byval(udn);
+ Slapi_Entry *result = NULL;
+ int rc = slapi_search_internal_get_entry(udn_sdn, attrs, &result, posix_winsync_get_plugin_identity());
+ slapi_sdn_free(&udn_sdn);
+
+ if (rc == 0) {
+ if (result != NULL) {
+ return result; /* Must be freed */
+ }
+ else {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getEntry: %s not found\n", udn);
+ }
+ }
+ else {
+ slapi_log_error(SLAPI_LOG_FATAL, POSIX_WINSYNC_PLUGIN_NAME,
+ "getEntry: error searching for uid: %d", rc);
+ }
+
+ return NULL;
+}
+
/* search the user with DN udn and returns uid*/
char *
searchUid(const char *udn)
{
- Slapi_PBlock *int_search_pb = slapi_pblock_new();
- Slapi_Entry **entries = NULL;
- char *attrs[] = { "uid", NULL };
+ char *attrs[] = { "uid", "objectclass", NULL };
+ Slapi_Entry *entry = getEntry(udn,
+ /* "(|(objectclass=posixAccount)(objectclass=ldapsubentry))", */
+ attrs);
char *uid = NULL;
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "search Uid: search %s\n", udn);
+ if (entry) {
+ Slapi_Attr *attr = NULL;
+ Slapi_Value *v = NULL;
- slapi_search_internal_set_pb(int_search_pb, udn, LDAP_SCOPE_BASE,
- "(|(objectclass=posixAccount)(objectclass=ldapsubentry))", attrs,
- 0 /* attrsonly */, NULL /* controls */, NULL /* uniqueid */,
- posix_winsync_get_plugin_identity(), 0 /* actions */);
- if (slapi_search_internal_pb(int_search_pb)) {
- /* get result and log an error */
- int res = 0;
- slapi_pblock_get(int_search_pb, SLAPI_PLUGIN_INTOP_RESULT, &res);
- slapi_log_error(SLAPI_LOG_FATAL, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: error searching for uid: %d", res);
- } else {
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "searchUid: searched %s\n",
- udn);
- slapi_pblock_get(int_search_pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &entries);
- if (NULL != entries && NULL != entries[0]) {
- Slapi_Attr *attr = NULL;
- Slapi_Value *v = NULL;
+ if (slapi_entry_attr_find(entry, "uid", &attr) == 0 && hasObjectClass(entry, "posixAccount")) {
+ slapi_attr_first_value(attr, &v);
+ uid = slapi_ch_strdup(slapi_value_get_string(v));
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "searchUid: return uid %s\n", uid);
+ } else {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "searchUid: uid in %s not found\n", udn);
+ }
- if (slapi_entry_attr_find(entries[0], "uid", &attr) == 0) {
- slapi_attr_first_value(attr, &v);
- uid = slapi_ch_strdup(slapi_value_get_string(v));
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: return uid %s\n", uid);
- /* slapi_value_free(&v); */
- } else {
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: uid in %s not found\n", udn);
- }
- slapi_free_search_results_internal(int_search_pb);
- slapi_pblock_destroy(int_search_pb);
- if (uid && posix_winsync_config_get_lowercase()) {
- return slapi_dn_ignore_case(uid);
- }
- return uid;
+ if (uid && posix_winsync_config_get_lowercase()) {
+ uid = slapi_dn_ignore_case(uid);
}
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "searchUid: About to free entry\n", udn);
+
+ slapi_entry_free(entry);
}
- slapi_free_search_results_internal(int_search_pb);
- slapi_pblock_destroy(int_search_pb);
+
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "searchUid: posix user %s not found\n", udn);
- return NULL;
+ "searchUid: <==\n", udn);
+
+ return uid;
}
int
@@ -152,6 +197,36 @@ uid_in_set(const char* uid, char **uids)
return false;
}
+int
+uid_in_valueset(const char* uid, Slapi_ValueSet *uids)
+{
+ int i;
+ Slapi_Value *v = NULL;
+
+ if (uid == NULL)
+ return false;
+ for (i = slapi_valueset_first_value(uids, &v); i != -1;
+ i = slapi_valueset_next_value(uids, i, &v)) {
+ Slapi_RDN *i_rdn = NULL;
+ char *i_uid = NULL;
+ char *t = NULL;
+
+ const char *uid_i = slapi_value_get_string(v);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "uid_in_valueset: comp %s %s \n",
+ uid, uid_i);
+ i_rdn = slapi_rdn_new_dn(uid_i);
+ if (slapi_rdn_get_first(i_rdn, &t, &i_uid) == 1) {
+ if (strncasecmp(uid, i_uid, 256) == 0) {
+ slapi_rdn_free(&i_rdn);
+ return true;
+ }
+ }
+ slapi_rdn_free(&i_rdn);
+ }
+ return false;
+}
+
/* return 1 if smods already has the given mod - 0 otherwise */
static int
smods_has_mod(Slapi_Mods *smods, int modtype, const char *type, const char *val)
@@ -186,7 +261,7 @@ smods_has_mod(Slapi_Mods *smods, int modtype, const char *type, const char *val)
}
int
-isPosixGroup(Slapi_Entry *entry)
+hasObjectClass(Slapi_Entry *entry, const char *objectClass)
{
int rc = 0;
int i;
@@ -200,7 +275,7 @@ isPosixGroup(Slapi_Entry *entry)
}
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "add/mod-GroupMembership scan objectclasses\n");
+ "Scanning objectclasses\n");
for (
i = slapi_attr_first_value(obj_attr, &value);
@@ -209,22 +284,357 @@ isPosixGroup(Slapi_Entry *entry)
) {
const char *oc = NULL;
oc = slapi_value_get_string(value);
- if (strncasecmp(oc, "posixGroup", 11) == 0) {
- return 1; /* Entry has objectclass posixGroup */
+ if (strcasecmp(oc, objectClass) == 0) {
+ return 1; /* Entry has the desired objectclass */
+ }
+ }
+
+ return 0; /* Doesn't have desired objectclass */
+}
+
+void
+posix_winsync_foreach_parent(Slapi_Entry *entry, char **attrs, plugin_search_entry_callback callback, void *callback_data)
+{
+ char *cookie = NULL;
+ Slapi_Backend *be = NULL;
+
+ const char *value = slapi_entry_get_ndn(entry);
+ size_t vallen = value ? strlen(value) : 0;
+ char *filter_escaped_value = slapi_ch_calloc(sizeof(char), vallen*3+1);
+ char *filter = slapi_ch_smprintf("(uniqueMember=%s)", escape_filter_value(value, vallen, filter_escaped_value));
+ slapi_ch_free_string(&filter_escaped_value);
+
+ Slapi_PBlock *search_pb = slapi_pblock_new();
+
+ for (be = slapi_get_first_backend(&cookie); be;
+ be = slapi_get_next_backend(cookie)) {
+ const Slapi_DN *base_sdn = slapi_be_getsuffix(be, 0);
+ if (base_sdn == NULL) {
+ continue;
}
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_winsync_foreach_parent: Searching subtree %s for %s\n",
+ slapi_sdn_get_dn(base_sdn),
+ filter);
+
+ slapi_search_internal_set_pb(search_pb,
+ slapi_sdn_get_dn(base_sdn),
+ LDAP_SCOPE_SUBTREE,
+ filter,
+ attrs, 0, NULL, NULL,
+ posix_winsync_get_plugin_identity(), 0);
+ slapi_search_internal_callback_pb(search_pb, callback_data, 0, callback, 0);
+
+ slapi_pblock_init(search_pb);
}
- return 0; /* Doesn't have objectclass "posixGroup" */
+ slapi_pblock_destroy(search_pb);
+ slapi_ch_free((void**)&cookie);
+ slapi_ch_free_string(&filter);
}
-int
-modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
+/* Retrieve nested membership from chains of groups.
+ * Muid_vs in => any preexisting membership list
+ * out => the union of the input list and the total membership
+ * Muid_nested_vs out => the members of muid_vs "out" that weren't in muid_vs "in"
+ * deletions in => Any elements to NOT consider if members of base_sdn
+ */
+void
+getMembershipFromDownward(Slapi_Entry *entry, Slapi_ValueSet *muid_vs, Slapi_ValueSet *muid_nested_vs, Slapi_ValueSet *deletions, const Slapi_DN *base_sdn, int depth)
{
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: entry name: %s\n",
+ slapi_entry_get_dn_const(entry));
+
int rc = 0;
+ Slapi_Attr *um_attr = NULL; /* Entry attributes uniqueMember */
+ Slapi_Value *uid_value = NULL; /* uniqueMember attribute values */
+
+ if (depth >= MAX_RECURSION_DEPTH) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: recursion limit reached: %d\n", depth);
+ return;
+ }
+
+ rc = slapi_entry_attr_find(entry, "uniquemember", &um_attr);
+ if (rc != 0 || um_attr == NULL) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward end: attribute uniquemember not found\n");
+ return;
+ }
+
+ int i;
+ for (i = slapi_attr_first_value(um_attr, &uid_value); i != -1;
+ i = slapi_attr_next_value(um_attr, i, &uid_value)) {
+
+ char *attrs[] = { "uniqueMember", "memberUid", "uid", "objectClass", NULL };
+ const char *uid_dn = slapi_value_get_string(uid_value);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: iterating uniqueMember: %s\n",
+ uid_dn);
+
+ if (deletions && !slapi_sdn_compare(slapi_entry_get_sdn_const(entry), base_sdn)) {
+ if (slapi_valueset_find(um_attr, deletions, uid_value)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: Skipping iteration because of deletion\n");
+
+ continue;
+ }
+ }
+
+ Slapi_Entry *child = getEntry(uid_dn, attrs);
+
+ if (!child) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward end: child not found: %s\n", uid_dn);
+ }
+ else {
+ /* PosixGroups except for the top one are already fully mapped out */
+ if ((!hasObjectClass(entry, "posixGroup") || depth == 0) &&
+ (hasObjectClass(child, "ntGroup") || hasObjectClass(child, "posixGroup"))) {
+
+ /* Recurse downward */
+ getMembershipFromDownward(child, muid_vs, muid_nested_vs, deletions, base_sdn, depth + 1);
+ }
+
+ if (hasObjectClass(child, "posixAccount")) {
+ Slapi_Attr *uid_attr = NULL;
+ Slapi_Value *v = NULL;
+ if (slapi_entry_attr_find(child, "uid", &uid_attr) == 0) {
+ slapi_attr_first_value(uid_attr, &v);
+
+ if (v && !slapi_valueset_find(uid_attr, muid_vs, v)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: adding member: %s\n",
+ slapi_value_get_string(v));
+ slapi_valueset_add_value(muid_vs, v);
+ slapi_valueset_add_value(muid_nested_vs, v);
+ }
+ }
+ }
+ slapi_entry_free(child);
+ }
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "getMembershipFromDownward: <==\n");
+}
+
+struct propogateMembershipUpwardArgs {
+ Slapi_ValueSet *muid_vs;
+ int depth;
+};
+
+/* Forward declaration for next function */
+void propogateMembershipUpward(Slapi_Entry *, Slapi_ValueSet *, int);
+
+int
+propogateMembershipUpwardCallback(Slapi_Entry *child, void *callback_data)
+{
+ struct propogateMembershipUpwardArgs *args = (struct propogateMembershipUpwardArgs *)(callback_data);
+ propogateMembershipUpward(child, args->muid_vs, args->depth);
+ return 0;
+}
+
+void
+propogateMembershipUpward(Slapi_Entry *entry, Slapi_ValueSet *muid_vs, int depth)
+{
+ if (depth >= MAX_RECURSION_DEPTH) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: recursion limit reached: %d\n", depth);
+ return;
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: entry name: %s\n",
+ slapi_entry_get_dn_const(entry));
+
+ Slapi_ValueSet *muid_here_vs = NULL;
+ Slapi_ValueSet *muid_upward_vs = NULL;
+
+ /* Get the memberUids at this location, and figure out local changes to memberUid (if any)
+ * and changes to send upward.
+ */
+ if (depth > 0 && hasObjectClass(entry, "posixGroup")) {
+ int addDynamicGroup = 0;
+ Slapi_Attr *muid_old_attr = NULL;
+ Slapi_ValueSet *muid_old_vs = NULL;
+ int rc = slapi_entry_attr_find(entry, "memberUid", &muid_old_attr);
+ if (rc != 0 || muid_old_attr == NULL) { /* Found no memberUid list, so create */
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: no attribute memberUid\n");
+
+ /* There's no values from this entry to add */
+ muid_upward_vs = muid_vs;
+ muid_here_vs = muid_vs;
+ }
+ else {
+ /* Eliminate duplicates */
+ muid_upward_vs = slapi_valueset_new();
+ muid_here_vs = slapi_valueset_new();
+
+ slapi_valueset_set_valueset(muid_upward_vs, muid_old_vs);
+
+ slapi_attr_get_valueset(muid_old_attr, &muid_old_vs);
+ int i = 0;
+ Slapi_Value *v = NULL;
+ for (i = slapi_valueset_first_value(muid_vs, &v); i != -1;
+ i = slapi_valueset_next_value(muid_vs, i, &v)) {
+
+ if (!slapi_valueset_find(muid_old_attr, muid_old_vs, v)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: adding %s to set\n",
+ slapi_value_get_string(v));
+
+ addDynamicGroup = 1;
+ slapi_valueset_add_value(muid_here_vs, v);
+ slapi_valueset_add_value(muid_upward_vs, v);
+ }
+ }
+ }
+
+ /* Update this group's membership */
+ slapi_entry_add_valueset(entry, "memberUid", muid_here_vs);
+ if (addDynamicGroup) {
+ addDynamicGroupIfNecessary(entry, NULL);
+ slapi_entry_add_valueset(entry, "dsOnlyMemberUid", muid_here_vs);
+ }
+ }
+ else {
+ muid_upward_vs = muid_vs;
+ }
+
+ /* Find groups containing this one, recurse
+ */
+ char *attrs[] = {"memberUid", "objectClass", NULL};
+ struct propogateMembershipUpwardArgs data = {muid_upward_vs, depth + 1};
+
+ posix_winsync_foreach_parent(entry, attrs, propogateMembershipUpwardCallback, &data);
+
+/* Cleanup */
+ if (muid_here_vs && muid_here_vs != muid_vs) {
+ slapi_valueset_free(muid_here_vs); muid_here_vs = NULL;
+ }
+ if (muid_upward_vs && muid_upward_vs != muid_vs) {
+ slapi_valueset_free(muid_upward_vs); muid_upward_vs = NULL;
+ }
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateMembershipUpward: <==\n");
+}
+
+struct propogateDeletionsUpwardArgs {
+ const Slapi_DN *base_sdn;
+ Slapi_ValueSet *smod_deluids;
+ Slapi_ValueSet *del_nested_vs;
+ int depth;
+};
+
+/* Forward declaration for next function */
+void propogateDeletionsUpward(Slapi_Entry *, const Slapi_DN *, Slapi_ValueSet*, Slapi_ValueSet *, int);
+
+int
+propogateDeletionsUpwardCallback(Slapi_Entry *entry, void *callback_data)
+{
+ struct propogateDeletionsUpwardArgs *args = (struct propogateDeletionsUpwardArgs *)(callback_data);
+ propogateDeletionsUpward(entry, args->base_sdn, args->smod_deluids, args->del_nested_vs, args->depth);
+}
+
+void
+propogateDeletionsUpward(Slapi_Entry *entry, const Slapi_DN *base_sdn, Slapi_ValueSet *smod_deluids, Slapi_ValueSet *del_nested_vs, int depth)
+{
+ if (smod_deluids == NULL) return;
+
+ if (depth >= MAX_RECURSION_DEPTH) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: recursion limit reached: %d\n", depth);
+ return;
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: entry name: %s\n",
+ slapi_entry_get_dn_const(entry));
+
+ char *attrs[] = { "uniqueMember", "memberUid", "objectClass", NULL };
+ struct propogateDeletionsUpwardArgs data = {base_sdn, smod_deluids, del_nested_vs, depth + 1};
+ posix_winsync_foreach_parent(entry, attrs, propogateDeletionsUpwardCallback, &data);
+
+ Slapi_Attr *muid_attr = NULL;
+ int rc = slapi_entry_attr_find(entry, "dsOnlyMemberUid", &muid_attr);
+
+ if (rc == 0 && muid_attr != NULL) {
+
+ Slapi_ValueSet *muid_vs = slapi_valueset_new();
+ Slapi_ValueSet *muid_nested_vs = slapi_valueset_new();
+ Slapi_ValueSet *muid_deletions_vs = slapi_valueset_new();
+
+ getMembershipFromDownward(entry, muid_vs, muid_nested_vs, smod_deluids, base_sdn, 0);
+
+ int i;
+ Slapi_Value *v;
+ for (i = slapi_attr_first_value(muid_attr, &v); i != -1;
+ i = slapi_attr_next_value(muid_attr, i, &v)) {
+ if (!slapi_valueset_find(muid_attr, muid_vs, v)) {
+ const char *uid = slapi_value_get_string(v);
+ if (depth == 0 && !uid_in_valueset(uid, smod_deluids)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: Adding deletion to modlist: %s\n",
+ slapi_value_get_string(v));
+ slapi_valueset_add_value(del_nested_vs, v);
+ }
+ else if (depth > 0) {
+ slapi_valueset_add_value(muid_deletions_vs, v);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: Adding deletion to deletion list: %s\n",
+ slapi_value_get_string(v));
+ }
+ }
+ }
+
+ if (depth > 0) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: executing deletion list\n");
+
+ Slapi_Mods *smods = slapi_mods_new();
+ slapi_mods_add_mod_values(smods, LDAP_MOD_DELETE, "memberuid", valueset_get_valuearray(muid_deletions_vs));
+ slapi_mods_add_mod_values(smods, LDAP_MOD_DELETE, "dsonlymemberuid", valueset_get_valuearray(muid_deletions_vs));
+
+ Slapi_PBlock *mod_pb = slapi_pblock_new();
+ slapi_modify_internal_set_pb_ext(mod_pb, slapi_entry_get_sdn(entry), slapi_mods_get_ldapmods_passout(smods), 0, 0,
+ posix_winsync_get_plugin_identity(), 0);
+ slapi_modify_internal_pb(mod_pb);
+ slapi_pblock_destroy(mod_pb);
+
+ slapi_mods_free(&smods);
+ }
+
+ slapi_valueset_free(muid_vs); muid_vs = NULL;
+ slapi_valueset_free(muid_nested_vs); muid_nested_vs = NULL;
+ slapi_valueset_free(muid_deletions_vs); muid_deletions_vs = NULL;
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "propogateDeletionsUpward: <==\n");
+}
+
+int
+modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
+{
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "modGroupMembership: ==>\n");
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "modGroupMembership: Modding %s\n",
+ slapi_entry_get_dn_const(entry));
- if (!isPosixGroup(entry)) {
+ int posixGroup = hasObjectClass(entry, "posixGroup");
+
+ if (!(posixGroup || hasObjectClass(entry, "ntGroup"))) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership end: Not a posixGroup or ntGroup\n");
return 0;
}
@@ -232,7 +642,7 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
Slapi_Mod *nextMod = slapi_mod_new();
int del_mod = 0; /* Bool: was there a delete mod? */
char **smod_adduids = NULL;
- char **smod_deluids = NULL;
+ Slapi_ValueSet *smod_deluids = NULL;
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: posixGroup -> look for uniquemember\n");
@@ -243,15 +653,20 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
if (slapi_attr_types_equivalent(slapi_mod_get_type(smod), "uniqueMember")) {
struct berval *bv;
+ int current_del_mod = SLAPI_IS_MOD_DELETE(slapi_mod_get_operation(smod));
+ if (current_del_mod) {
+ del_mod = 1;
+ }
+
for (bv = slapi_mod_get_first_value(smod); bv;
bv = slapi_mod_get_next_value(smod)) {
Slapi_Value *sv = slapi_value_new();
slapi_value_init_berval(sv, bv); /* copies bv_val */
- if (SLAPI_IS_MOD_DELETE(slapi_mod_get_operation(smod))) {
- del_mod = 1;
- slapi_ch_array_add(&smod_deluids,
- slapi_ch_strdup(slapi_value_get_string(sv)));
+ if (current_del_mod) {
+ if (!smod_deluids) smod_deluids = slapi_valueset_new();
+
+ slapi_valueset_add_value(smod_deluids, sv);
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: add to deluids %s\n",
bv->bv_val);
@@ -268,60 +683,67 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
}
slapi_mod_free(&nextMod);
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: entry is posixGroup\n");
-
- Slapi_Attr * muid_attr = NULL; /* Entry attributes */
+ int muid_rc = 0;
+ Slapi_Attr * muid_attr = NULL; /* Entry attributes */
+ Slapi_ValueSet *muid_vs = NULL;
Slapi_Value * uid_value = NULL; /* Attribute values */
- char **adduids = NULL;
- char **moduids = NULL;
- char **deluids = NULL;
- int doModify = false;
+ Slapi_ValueSet *adduids = slapi_valueset_new();
+ Slapi_ValueSet *add_nested_vs = slapi_valueset_new();
+ Slapi_ValueSet *deluids = slapi_valueset_new();
+ Slapi_ValueSet *del_nested_vs = slapi_valueset_new();
+
+ const Slapi_DN *base_sdn = slapi_entry_get_sdn_const(entry);
+
int j = 0;
if (del_mod || smod_deluids != NULL) {
do { /* Create a context to "break" from */
- Slapi_Attr * mu_attr = NULL; /* Entry attributes */
- rc = slapi_entry_attr_find(entry, "memberUid", &mu_attr);
- if (rc != 0 || mu_attr == NULL) {
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership end: attribute memberUid not found\n");
- break;
- }
- /* found attribute uniquemember */
+ muid_rc = slapi_entry_attr_find(entry, "memberUid", &muid_attr);
+
if (smod_deluids == NULL) { /* deletion of the last value, deletes the Attribut from entry complete, this operation has no value, so we must look by self */
Slapi_Attr * um_attr = NULL; /* Entry attributes */
Slapi_Value * uid_dn_value = NULL; /* Attribute values */
int rc = slapi_entry_attr_find(entry, "uniquemember", &um_attr);
+
if (rc != 0 || um_attr == NULL) {
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership end: attribute uniquemember not found\n");
break;
}
- /* found attribute uniquemember */
- /* ...loop for value... */
- for (j = slapi_attr_first_value(um_attr, &uid_dn_value); j != -1;
- j = slapi_attr_next_value(um_attr, j, &uid_dn_value)) {
- slapi_ch_array_add(&smod_deluids,
- slapi_ch_strdup(slapi_value_get_string(uid_dn_value)));
- }
+
+ slapi_attr_get_valueset(um_attr, &smod_deluids);
}
- /* ...loop for value... */
- for (j = slapi_attr_first_value(mu_attr, &uid_value); j != -1;
- j = slapi_attr_next_value(mu_attr, j, &uid_value)) {
- /* remove from uniquemember: remove from memberUid also */
- const char *uid = NULL;
+ if (muid_rc != 0 || muid_attr == NULL) {
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: test dellist \n");
- uid = slapi_value_get_string(uid_value);
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: test dellist %s\n", uid);
- if (uid_in_set(uid, smod_deluids)) {
- slapi_ch_array_add(&deluids, slapi_ch_strdup(uid));
+ "modGroupMembership end: attribute memberUid not found\n");
+ }
+ else if (posix_winsync_config_get_mapMemberUid()) {
+ /* ...loop for value... */
+ for (j = slapi_attr_first_value(muid_attr, &uid_value); j != -1;
+ j = slapi_attr_next_value(muid_attr, j, &uid_value)) {
+ /* remove from uniquemember: remove from memberUid also */
+ const char *uid = NULL;
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: add to dellist %s\n", uid);
- doModify = true;
+ "modGroupMembership: test dellist \n");
+ uid = slapi_value_get_string(uid_value);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: test dellist %s\n", uid);
+ if (uid_in_valueset(uid, smod_deluids)) {
+ slapi_valueset_add_value(deluids, uid_value);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: add to dellist %s\n", uid);
+ }
+ }
+ }
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ propogateDeletionsUpward(entry, base_sdn, smod_deluids, del_nested_vs, 0);
+ int i;
+ Slapi_Value *v;
+ for (i = slapi_valueset_first_value(del_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(del_nested_vs, i, &v)) {
+ slapi_valueset_add_value(deluids, v);
}
}
} while (false);
@@ -331,93 +753,176 @@ modGroupMembership(Slapi_Entry *entry, Slapi_Mods *smods, int *do_modify)
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: posixGroup -> look for uniquemember\n");
- /* found attribute uniquemember */
- for (j = 0; smod_adduids[j]; j++) {
- static char *uid = NULL;
- uid_dn = smod_adduids[j];
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: perform user %s\n", uid_dn);
+ if (muid_rc == 0 && muid_attr == NULL) {
+ muid_rc = slapi_entry_attr_find(entry, "memberUid", &muid_attr);
+ }
+ if (muid_rc == 0 && muid_attr != NULL) {
+ slapi_attr_get_valueset(muid_attr, &muid_vs);
+ }
+ else {
+ muid_vs = slapi_valueset_new();
+ }
- uid = searchUid(uid_dn);
+ if (posix_winsync_config_get_mapMemberUid()) {
+ for (j = 0; smod_adduids[j]; j++) {
+ static char *uid = NULL;
- if (uid == NULL) {
+ uid_dn = smod_adduids[j];
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: uid not found for %s, cannot do anything\n",
- uid_dn); /* member on longer on server, do nothing */
- } else {
- rc |= slapi_entry_attr_find(entry, "memberUid", &muid_attr);
- if (rc != 0 || muid_attr == NULL) { /* Found no memberUid list, so create */
+ "modGroupMembership: perform user %s\n", uid_dn);
+
+ uid = searchUid(uid_dn);
+
+ if (uid == NULL) {
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "modGroupMembership: no attribute memberUid, add with %s \n",
- uid_dn);
- slapi_ch_array_add(&adduids, uid);
- uid = NULL; /* adduids now owns uid */
- doModify = true;
- } else { /* Found a memberUid list, so modify */
- Slapi_ValueSet *vs = NULL;
+ "modGroupMembership: uid not found for %s, cannot do anything\n",
+ uid_dn); /* member on longer on server, do nothing */
+ } else {
Slapi_Value *v = slapi_value_new();
-
slapi_value_init_string_passin(v, uid);
- slapi_attr_get_valueset(muid_attr, &vs);
- if (slapi_valueset_find(muid_attr, vs, v) != NULL) { /* already exist, all ok */
+
+ if (muid_rc == 0 && muid_attr != NULL &&
+ slapi_valueset_find(muid_attr, muid_vs, v) != NULL) {
+
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: uid found in memberuid list %s nothing to do\n",
uid);
- } else {
- slapi_ch_array_add(&moduids, uid);
+ }
+ else {
+ slapi_valueset_add_value(adduids, v);
+ slapi_valueset_add_value(muid_vs, v);
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"modGroupMembership: add to modlist %s\n", uid);
- uid = NULL; /* adduids now owns uid */
- /* have to clear out v otherwise slapi_value_free will also free uid */
- slapi_value_init_berval(v, NULL);
- doModify = true;
}
+
slapi_value_free(&v); /* also frees uid since it was a passin */
- slapi_valueset_free(vs); vs = NULL;
}
}
}
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+
+ for (j = 0; smod_adduids[j]; ++j) {
+ char *attrs[] = { "uniqueMember", "memberUid", "uid", "objectClass", NULL };
+ Slapi_Entry *child = getEntry(smod_adduids[j], attrs);
+
+ if (child) {
+ if (hasObjectClass(child, "ntGroup") || hasObjectClass(child, "posixGroup")) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: Found mod to add group, adding membership: %s\n",
+ smod_adduids[j]);
+ Slapi_ValueSet *muid_tempnested = slapi_valueset_new();
+ getMembershipFromDownward(child, muid_vs, add_nested_vs, smod_deluids, base_sdn, 0);
+
+ slapi_valueset_free(muid_tempnested); muid_tempnested = NULL;
+ }
+ }
+ else {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "modGroupMembership: entry not found for dn: %s\n",
+ smod_adduids[j]);
+ }
+ }
+
+ getMembershipFromDownward(entry, muid_vs, add_nested_vs, smod_deluids, base_sdn, 0);
+ int i = 0;
+ Slapi_Value *v = NULL;
+ for (i = slapi_valueset_first_value(add_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(add_nested_vs, i, &v)) {
+ slapi_valueset_add_value(adduids, v);
+ }
+
+ propogateMembershipUpward(entry, adduids, 0);
+ }
}
- if (doModify) {
+ if (posixGroup) {
+ int addDynamicGroup = 0;
int i;
- for (i = 0; adduids && adduids[i]; i++) {
- if (!smods_has_mod(smods, LDAP_MOD_ADD, "memberUid", adduids[i])) {
- slapi_mods_add_string(smods, LDAP_MOD_ADD, "memberUid", adduids[i]);
+ Slapi_Value *v;
+ for (i = slapi_valueset_first_value(adduids, &v); i != -1;
+ i = slapi_valueset_next_value(adduids, i, &v)){
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_ADD, "memberUid", muid)) {
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "memberUid", muid);
+ }
+ }
+ for (i = slapi_valueset_first_value(add_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(add_nested_vs, i, &v)) {
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_ADD, "dsOnlyMemberUid", muid)) {
+ addDynamicGroup = 1;
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_ADD, "dsOnlyMemberUid", muid);
}
}
- for (i = 0; moduids && moduids[i]; i++) {
- if (!smods_has_mod(smods, LDAP_MOD_ADD, "memberUid", moduids[i])) {
- slapi_mods_add_string(smods, LDAP_MOD_ADD, "memberUid", moduids[i]);
+ for (i = slapi_valueset_first_value(deluids, &v); i != -1;
+ i = slapi_valueset_next_value(deluids, i, &v)){
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_DELETE, "memberUid", muid)) {
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "memberUid", muid);
}
}
- for (i = 0; deluids && deluids[i]; i++) {
- if (!smods_has_mod(smods, LDAP_MOD_DELETE, "memberUid", deluids[i])) {
- slapi_mods_add_string(smods, LDAP_MOD_DELETE, "memberUid", deluids[i]);
+ for (i = slapi_valueset_first_value(del_nested_vs, &v); i != -1;
+ i = slapi_valueset_next_value(del_nested_vs, i, &v)){
+ const char *muid = slapi_value_get_string(v);
+ if (!smods_has_mod(smods, LDAP_MOD_DELETE, "dsOnlyMemberUid", muid)) {
+ *do_modify = 1;
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "dsOnlyMemberUid", muid);
}
}
+ if (addDynamicGroup) {
+ addDynamicGroupIfNecessary(entry, smods);
+ }
if (slapi_is_loglevel_set(SLAPI_LOG_PLUGIN))
slapi_mods_dump(smods, "memberUid - mods dump");
- *do_modify = 1;
posix_winsync_config_set_MOFTaskCreated();
}
slapi_ch_array_free(smod_adduids);
smod_adduids = NULL;
- slapi_ch_array_free(adduids);
- adduids = NULL;
- slapi_ch_array_free(smod_deluids);
+ if (smod_deluids) slapi_valueset_free(smod_deluids);
smod_deluids = NULL;
- slapi_ch_array_free(deluids);
+
+ slapi_valueset_free(adduids);
+ adduids = NULL;
+ slapi_valueset_free(deluids);
deluids = NULL;
- slapi_ch_array_free(moduids);
- moduids = NULL;
+
+ slapi_valueset_free(add_nested_vs); add_nested_vs = NULL;
+ slapi_valueset_free(del_nested_vs); del_nested_vs = NULL;
+
+ if (muid_vs) {
+ slapi_valueset_free(muid_vs); muid_vs = NULL;
+ }
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "modGroupMembership: <==\n");
return 0;
}
int
+addUserToGroupMembership(Slapi_Entry *entry)
+{
+ Slapi_Attr *uid_attr = NULL;
+ Slapi_Value *v = NULL;
+ Slapi_ValueSet *muid_vs = slapi_valueset_new();
+
+ if (slapi_entry_attr_find(entry, "uid", &uid_attr) == 0) {
+ slapi_attr_first_value(uid_attr, &v);
+
+ if (v) {
+ slapi_valueset_add_value(muid_vs, v);
+ }
+ }
+
+ propogateMembershipUpward(entry, muid_vs, 0);
+
+ slapi_valueset_free(muid_vs); muid_vs = NULL;
+}
+
+int
addGroupMembership(Slapi_Entry *entry, Slapi_Entry *ad_entry)
{
int rc = 0;
@@ -425,7 +930,11 @@ addGroupMembership(Slapi_Entry *entry, Slapi_Entry *ad_entry)
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "addGroupMembership: ==>\n");
- if(!isPosixGroup(entry)) {
+ int posixGroup = hasObjectClass(entry, "posixGroup");
+
+ if(!(posixGroup || hasObjectClass(entry, "ntGroup"))) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "addGroupMembership: didn't find posixGroup or ntGroup objectclass\n");
return 0;
}
@@ -448,34 +957,55 @@ addGroupMembership(Slapi_Entry *entry, Slapi_Entry *ad_entry)
if (rc != 0 || muid_attr == NULL) { /* Found no memberUid list, so create */
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"addGroupMembership: no attribute memberUid\n");
+ muid_attr = NULL;
}
newvs = slapi_valueset_new();
/* ...loop for value... */
- for (i = slapi_attr_first_value(um_attr, &uid_value); i != -1;
- i = slapi_attr_next_value(um_attr, i, &uid_value)) {
- const char *uid_dn = NULL;
- static char *uid = NULL;
- Slapi_Value *v = NULL;
+ if (posix_winsync_config_get_mapMemberUid()) {
+ for (i = slapi_attr_first_value(um_attr, &uid_value); i != -1;
+ i = slapi_attr_next_value(um_attr, i, &uid_value)) {
+ const char *uid_dn = NULL;
+ static char *uid = NULL;
+ Slapi_Value *v = NULL;
- uid_dn = slapi_value_get_string(uid_value);
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "addGroupMembership: perform member %s\n", uid_dn);
- uid = searchUid(uid_dn);
- if (uid == NULL) {
+ uid_dn = slapi_value_get_string(uid_value);
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
- "addGroupMembership: uid not found for %s, cannot do anything\n",
- uid_dn); /* member on longer on server, do nothing */
- } else {
- v = slapi_value_new_string(uid);
- slapi_ch_free_string(&uid);
- if (slapi_attr_value_find(muid_attr, slapi_value_get_berval(v)) != 0) {
- slapi_valueset_add_value(newvs, v);
+ "addGroupMembership: perform member %s\n", uid_dn);
+ uid = searchUid(uid_dn);
+ if (uid == NULL) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "addGroupMembership: uid not found for %s, cannot do anything\n",
+ uid_dn); /* member on longer on server, do nothing */
+ } else {
+ v = slapi_value_new_string(uid);
+ slapi_ch_free_string(&uid);
+ if (slapi_attr_value_find(muid_attr, slapi_value_get_berval(v)) != 0) {
+ slapi_valueset_add_value(newvs, v);
+ }
+ slapi_value_free(&v);
}
- slapi_value_free(&v);
}
}
- slapi_entry_add_valueset(entry, "memberUid", newvs);
- slapi_valueset_free(newvs);
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ Slapi_ValueSet *muid_nested_vs = slapi_valueset_new();
+
+ getMembershipFromDownward(entry, newvs, muid_nested_vs, NULL, NULL, 0);
+ propogateMembershipUpward(entry, newvs, 0);
+
+ if (posixGroup) {
+ addDynamicGroupIfNecessary(entry, NULL);
+ slapi_entry_add_valueset(entry, "dsOnlyMemberUid", muid_nested_vs);
+ }
+
+ slapi_valueset_free(muid_nested_vs); muid_nested_vs = NULL;
+ }
+
+ if (posixGroup) {
+ slapi_entry_add_valueset(entry, "memberUid", newvs);
+ }
+
+ slapi_valueset_free(newvs); newvs = NULL;
posix_winsync_config_get_MOFTaskCreated();
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "addGroupMembership: <==\n");
diff --git a/ldap/servers/plugins/posix-winsync/posix-group-task.c b/ldap/servers/plugins/posix-winsync/posix-group-task.c
index e31064c..4555f1b 100644
--- a/ldap/servers/plugins/posix-winsync/posix-group-task.c
+++ b/ldap/servers/plugins/posix-winsync/posix-group-task.c
@@ -25,11 +25,17 @@ typedef struct _cb_data
} posix_group_data_data;
*/
+Slapi_Value **
+valueset_get_valuearray(const Slapi_ValueSet *vs); /* stolen from proto-slap.h */
+
/* interface function */
int
posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int *returncode,
char *returntext, void *arg);
+Slapi_Entry *
+getEntry(const char *udn, char **attrs);
+
static void
posix_group_task_destructor(Slapi_Task *task);
static void
@@ -67,6 +73,10 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
*returncode = LDAP_SUCCESS;
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: ==>\n");
+
/* get arg(s) */
/* default: set replication basedn */
if ((dn = fetch_attr(e, "basedn", slapi_sdn_get_dn(posix_winsync_config_get_suffix()))) == NULL) {
@@ -75,12 +85,18 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
goto out;
}
- if ((filter = fetch_attr(e, "filter", "(&(objectclass=posixGroup)(uniquemember=*))")) == NULL) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: retrieved basedn: %s\n", dn);
+
+ if ((filter = fetch_attr(e, "filter", "(objectclass=ntGroup)")) == NULL) {
*returncode = LDAP_OBJECT_CLASS_VIOLATION;
rv = SLAPI_DSE_CALLBACK_ERROR;
goto out;
}
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: retrieved filter: %s\n", filter);
+
/* setup our task data */
mytaskdata = (task_data*) slapi_ch_malloc(sizeof(task_data));
if (mytaskdata == NULL) {
@@ -91,19 +107,41 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
mytaskdata->dn = slapi_ch_strdup(dn);
mytaskdata->filter_str = slapi_ch_strdup(filter);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task data allocated\n");
+
/* allocate new task now */
- task = slapi_new_task(slapi_entry_get_ndn(e));
+ char * ndn = slapi_entry_get_ndn(e);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: creating task object: %s\n",
+ ndn);
+
+ task = slapi_new_task(ndn);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task object created\n");
/* register our destructor for cleaning up our private data */
slapi_task_set_destructor_fn(task, posix_group_task_destructor);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task destructor set\n");
+
/* Stash a pointer to our data in the task */
slapi_task_set_data(task, mytaskdata);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: task object initialized\n");
+
/* start the sample task as a separate thread */
thread = PR_CreateThread(PR_USER_THREAD, posix_group_fixup_task_thread, (void *) task,
PR_PRIORITY_NORMAL, PR_GLOBAL_THREAD, PR_UNJOINABLE_THREAD,
SLAPD_DEFAULT_THREAD_STACKSIZE);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: thread created\n");
+
if (thread == NULL) {
slapi_log_error(SLAPI_LOG_FATAL, POSIX_WINSYNC_PLUGIN_NAME,
"unable to create task thread!\n");
@@ -114,7 +152,11 @@ posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e, Slapi_Entry *eAfter, int
rv = SLAPI_DSE_CALLBACK_OK;
}
- out: return rv;
+ out:
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "posix_group_task_add: <==\n", filter);
+
+ return rv;
}
static void
@@ -195,86 +237,172 @@ posix_group_fix_memberuid(char *dn, char *filter_str, void *txn)
static int
posix_group_fix_memberuid_callback(Slapi_Entry *e, void *callback_data)
{
- int rc = 0;
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid ==>\n");
+ cb_data *the_cb_data = (cb_data *) callback_data;
+
+ int rc;
+ Slapi_Attr *muid_attr = NULL;
+ Slapi_Value *v = NULL;
+
+ Slapi_Mods *smods = slapi_mods_new();
+
char *dn = slapi_entry_get_dn(e);
Slapi_DN *sdn = slapi_entry_get_sdn(e);
- Slapi_Attr *obj_attr = NULL;
+/* Clean out memberuids and dsonlymemberuids without a valid referant */
+ rc = slapi_entry_attr_find(e, "memberuid", &muid_attr);
+ if (rc == 0 && muid_attr) {
+ Slapi_PBlock *search_pb = slapi_pblock_new();
+
+ Slapi_Attr *dsmuid_attr = NULL;
+ Slapi_ValueSet *dsmuid_vs = NULL;
+
+ char *attrs[] = { "uid", NULL };
+
+ rc = slapi_entry_attr_find(e, "dsonlymemberuid", &dsmuid_attr);
+ if (rc == 0 && dsmuid_attr) {
+ slapi_attr_get_valueset(dsmuid_attr, &dsmuid_vs);
+ }
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid scan for orphaned memberuids\n");
+
+ int i;
+ for (i = slapi_attr_first_value(muid_attr, &v); i != -1;
+ i = slapi_attr_next_value(muid_attr, i, &v)) {
+ const char *muid = slapi_value_get_string(v);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid iterating memberuid: %s\n",
+ muid);
+
+ size_t vallen = muid ? strlen(muid) : 0;
+ char *filter_escaped_value = slapi_ch_calloc(sizeof(char), vallen*3+1);
+ char *filter = slapi_ch_smprintf("(uid=%s)", escape_filter_value(muid, vallen, filter_escaped_value));
+ slapi_ch_free_string(&filter_escaped_value);
+
+ Slapi_Entry **search_entries = NULL;
+
+ slapi_search_internal_set_pb(search_pb,
+ the_cb_data->dn,
+ LDAP_SCOPE_SUBTREE,
+ filter,
+ attrs, 0, NULL, NULL,
+ posix_winsync_get_plugin_identity(), 0);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid searching %s with filter: %s\n",
+ the_cb_data->dn, filter);
+ rc = slapi_search_internal_pb(search_pb);
+
+ slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_SEARCH_ENTRIES, &search_entries);
+
+ if (!search_entries || !search_entries[0]) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid Adding bad memberuid %s\n",
+ slapi_value_get_string(v));
+
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "memberuid", slapi_value_get_string(v));
+
+ if (dsmuid_vs && slapi_valueset_find(dsmuid_attr, dsmuid_vs, v)) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid Adding bad dsonlymemberuid %s\n",
+ slapi_value_get_string(v));
+
+ slapi_mods_add_string(smods, LDAP_MOD_DELETE, "dsonlymemberuid", slapi_value_get_string(v));
+ }
+ }
+
+ slapi_free_search_results_internal(search_pb);
+ slapi_pblock_init(search_pb);
+ slapi_ch_free_string(&filter);
+ }
+
+ if (dsmuid_vs) {
+ slapi_valueset_free(dsmuid_vs); dsmuid_vs = NULL;
+ }
+
+ slapi_pblock_destroy(search_pb); search_pb = NULL;
+ }
+
+ /* Cleanup uniquemembers without a referent, and verify memberuid otherwise */
+ Slapi_Attr *obj_attr = NULL;
rc = slapi_entry_attr_find(e, "uniquemember", &obj_attr);
- if (rc == 0) { /* Found uniquemember, so... */
+ if (rc == 0 && obj_attr) {
+ int fixMembership = 0;
+ Slapi_ValueSet *bad_ums = NULL;
+
int i;
- Slapi_Value * value = slapi_value_new(); /* new memberuid Attribute values */
- Slapi_Value * uniqval = NULL; /* uniquemeber Attribute values */
- Slapi_ValueSet *uids = slapi_valueset_new();
+ Slapi_Value * uniqval = NULL; /* uniquemeber Attribute values */
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
"_fix_memberuid scan uniquemember, group %s\n", dn);
for (i = slapi_attr_first_value(obj_attr, &uniqval); i != -1;
i = slapi_attr_next_value(obj_attr, i, &uniqval)) {
- const char *member = NULL;
- char * uid = NULL;
- member = slapi_value_get_string(uniqval);
- /* search uid for member (DN) */
- slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "search %s\n", member);
- if ((uid = searchUid(member)) != NULL) {
- slapi_value_set_string(value, uid);
- /* add uids ValueSet */
- slapi_valueset_add_value(uids, value);
+
+ const char *member = slapi_value_get_string(uniqval);
+ char *attrs[] = { "uid", "objectclass", NULL };
+ Slapi_Entry *child = getEntry(member, attrs);
+
+ if (!child) {
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid orphaned uniquemember found: %s\n", member);
+
+ if (strncasecmp(member, "cn=", 3) == 0) {
+ fixMembership = 1;
+ }
+ if (!bad_ums) {
+ bad_ums = slapi_valueset_new();
+ }
+ slapi_valueset_add_value(bad_ums, uniqval);
}
}
- slapi_value_free(&value);
-
- /* If we found some posix members, replace the existing memberuid attribute
- * with the found values. */
- if (uids && slapi_valueset_count(uids)) {
- Slapi_PBlock *mod_pb = slapi_pblock_new();
- Slapi_Value *val = 0;
- Slapi_Mod *smod;
- LDAPMod **mods = (LDAPMod **) slapi_ch_malloc(2 * sizeof(LDAPMod *));
- int hint = 0;
- cb_data *the_cb_data = (cb_data *) callback_data;
-
- smod = slapi_mod_new();
- slapi_mod_init(smod, 0);
- slapi_mod_set_operation(smod, LDAP_MOD_REPLACE | LDAP_MOD_BVALUES);
- slapi_mod_set_type(smod, "memberuid");
-
- /* Loop through all of our values and add them to smod */
- hint = slapi_valueset_first_value(uids, &val);
- while (val) {
- /* this makes a copy of the berval */
- slapi_mod_add_value(smod, slapi_value_get_berval(val));
- hint = slapi_valueset_next_value(uids, hint, &val);
- }
- mods[0] = slapi_mod_get_ldapmod_passout(smod);
- mods[1] = 0;
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid Finishing...\n");
- slapi_modify_internal_set_pb_ext(mod_pb, sdn, mods, 0, 0,
- posix_winsync_get_plugin_identity(), 0);
+ if (fixMembership && posix_winsync_config_get_mapNestedGrouping()) {
+ Slapi_ValueSet *del_nested_vs = slapi_valueset_new();
- slapi_pblock_set(mod_pb, SLAPI_TXN, the_cb_data->txn);
- slapi_modify_internal_pb(mod_pb);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid group deleted, recalculating nesting\n");
+ propogateDeletionsUpward(e, sdn, bad_ums, del_nested_vs, 0);
- slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+ slapi_valueset_free(del_nested_vs); del_nested_vs = NULL;
+ }
- ldap_mods_free(mods, 1);
- slapi_mod_free(&smod);
- slapi_pblock_destroy(mod_pb);
- } else {
- /* No member were found, so remove the memberuid attribute
- * from this entry. */
- posix_group_del_memberuid_callback(e, callback_data);
+ if (bad_ums) {
+ slapi_mods_add_mod_values(smods, LDAP_MOD_DELETE, "uniquemember", valueset_get_valuearray(bad_ums));
+ slapi_valueset_free(bad_ums); bad_ums = NULL;
}
- slapi_valueset_free(uids);
}
+
+ Slapi_PBlock *mod_pb = slapi_pblock_new();
+
+ slapi_modify_internal_set_pb_ext(mod_pb, sdn, slapi_mods_get_ldapmods_passout(smods), 0, 0,
+ posix_winsync_get_plugin_identity(), 0);
+
+ slapi_pblock_set(mod_pb, SLAPI_TXN, the_cb_data->txn);
+ slapi_modify_internal_pb(mod_pb);
+
+ slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
+ slapi_pblock_destroy(mod_pb);
+
+ slapi_mods_free(&smods);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_fix_memberuid <==\n");
return rc;
}
static void
posix_group_fixup_task_thread(void *arg)
{
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_task_thread ==>\n");
+
Slapi_Task *task = (Slapi_Task *) arg;
task_data *td = NULL;
int rc = 0;
@@ -293,11 +421,18 @@ posix_group_fixup_task_thread(void *arg)
/* release the memberOf operation lock */
memberUidUnlock();
+
slapi_task_log_notice(task, "posix_group task finished.");
slapi_task_log_status(task, "posix_group task finished.");
slapi_task_inc_progress(task);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_task_thread finishing\n");
+
/* this will queue the destruction of the task */
slapi_task_finish(task, rc);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_task_thread <==\n");
}
diff --git a/ldap/servers/plugins/posix-winsync/posix-winsync-config.c b/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
index a2d21be..a7fd6e9 100644
--- a/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
+++ b/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
@@ -142,6 +142,12 @@ posix_winsync_config_get_msSFUSchema()
return theConfig.mssfuSchema;
}
+PRBool
+posix_winsync_config_get_mapNestedGrouping()
+{
+ return theConfig.mapNestedGrouping;
+}
+
Slapi_DN *
posix_winsync_config_get_suffix()
{
@@ -182,6 +188,7 @@ posix_winsync_config(Slapi_Entry *config_e)
theConfig.lowercase = PR_FALSE;
theConfig.createMemberOfTask = PR_FALSE;
theConfig.MOFTaskCreated = PR_FALSE;
+ theConfig.mapNestedGrouping = PR_FALSE;
posix_winsync_apply_config(NULL, NULL, config_e, &returncode, returntext, NULL);
/* config DSE must be initialized before we get here */
@@ -224,6 +231,7 @@ posix_winsync_apply_config(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
PRBool createMemberOfTask = PR_FALSE;
PRBool lowercase = PR_FALSE;
Slapi_Attr *testattr = NULL;
+ PRBool mapNestedGrouping = PR_FALSE;
*returncode = LDAP_UNWILLING_TO_PERFORM; /* be pessimistic */
@@ -257,6 +265,13 @@ posix_winsync_apply_config(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
"_apply_config: Config paramter %s: %d\n", POSIX_WINSYNC_LOWER_CASE,
lowercase);
}
+ /* propogate memberuids in nested grouping */
+ if (!slapi_entry_attr_find(e, POSIX_WINSYNC_MAP_NESTED_GROUPING, &testattr) && (NULL != testattr)) {
+ mapNestedGrouping = slapi_entry_attr_get_bool(e, POSIX_WINSYNC_MAP_NESTED_GROUPING);
+ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
+ "_apply_config: Config paramter %s: %d\n", POSIX_WINSYNC_MAP_NESTED_GROUPING,
+ mapNestedGrouping);
+ }
/* if we got here, we have valid values for everything
set the config entry */
slapi_lock_mutex(theConfig.lock);
@@ -269,6 +284,7 @@ posix_winsync_apply_config(Slapi_PBlock *pb, Slapi_Entry* entryBefore, Slapi_Ent
theConfig.mapMemberUID = mapMemberUID;
theConfig.createMemberOfTask = createMemberOfTask;
theConfig.lowercase = lowercase;
+ theConfig.mapNestedGrouping = mapNestedGrouping;
/* success */
slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME,
diff --git a/ldap/servers/plugins/posix-winsync/posix-winsync.c b/ldap/servers/plugins/posix-winsync/posix-winsync.c
index 398541d..aa292c3 100644
--- a/ldap/servers/plugins/posix-winsync/posix-winsync.c
+++ b/ldap/servers/plugins/posix-winsync/posix-winsync.c
@@ -68,7 +68,7 @@
#include "posix-wsp-ident.h"
#include "posix-group-func.h"
-#define MEMBEROFTASK "memberof task"
+#define MEMBEROFTASK "memberuid task"
Slapi_Value **
valueset_get_valuearray(const Slapi_ValueSet *vs); /* stolen from proto-slap.h */
void *
@@ -103,6 +103,7 @@ static windows_attribute_map user_mssfu_attribute_map[] =
{ "msSFU30gecos", "gecos" },
{ NULL, NULL } };
+/* memberUid must be first element or fixup in pre_ad_mod/add_group is required */
static windows_attribute_map group_attribute_map[] = { { "memberUid", "memberUid" },
{ "gidNumber", "gidNumber" },
{ NULL, NULL } };
@@ -661,7 +662,34 @@ posix_winsync_pre_ad_mod_group_cb(void *cbdata, const Slapi_Entry *rawentry, Sla
char *ad_type = NULL;
int is_present_local;
- slapi_attr_get_valueset(attr, &vs);
+ if (i == 0) { /* memberUid */
+ Slapi_Attr *dsmuid_attr = NULL;
+ Slapi_Value *v = NULL;
+ slapi_entry_attr_find(ds_entry, "dsonlymemberuid", &dsmuid_attr);
+
+ if (dsmuid_attr) {
+ Slapi_ValueSet *dsmuid_vs = NULL;
+ slapi_attr_get_valueset(dsmuid_attr, &dsmuid_vs);
+ if (dsmuid_vs) {
+ vs = slapi_valueset_new();
+
+ int j;
+ for (j = slapi_attr_first_value(attr, &v); j != -1;
+ j = slapi_attr_next_value(attr, i, &v)) {
+ if (!slapi_valueset_find(dsmuid_attr, dsmuid_vs, v)) {
+ slapi_valueset_add_value(vs, v);
+ }
+ }
+
+ slapi_valueset_free(dsmuid_vs); dsmuid_vs = NULL;
+ }
+ }
+ }
+
+ if (!vs) {
+ slapi_attr_get_valueset(attr, &vs);
+ }
+
ad_type = slapi_ch_strdup(attr_map[i].windows_attribute_name);
slapi_entry_attr_find(ad_entry, ad_type, &ad_attr);
is_present_local = (NULL == ad_attr) ? 0 : 1;
@@ -810,6 +838,12 @@ posix_winsync_pre_ds_mod_user_cb(void *cbdata, const Slapi_Entry *rawentry, Slap
valueset_get_valuearray(oc_vs));
slapi_value_free(&oc_nv);
slapi_valueset_free(oc_vs);
+
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ memberUidLock();
+ addUserToGroupMembership(ds_entry);
+ memberUidUnlock();
+ }
}
}
slapi_value_free(&voc);
@@ -897,7 +931,7 @@ posix_winsync_pre_ds_mod_group_cb(void *cbdata, const Slapi_Entry *rawentry, Sla
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"_pre_ds_mod_group_cb present %d modify %d before\n", is_present_local,
do_modify_local);
- if (posix_winsync_config_get_mapMemberUid()) {
+ if (posix_winsync_config_get_mapMemberUid() || posix_winsync_config_get_mapNestedGrouping()) {
memberUidLock();
modGroupMembership(ds_entry, smods, do_modify);
memberUidUnlock();
@@ -999,6 +1033,13 @@ posix_winsync_pre_ds_add_user_cb(void *cbdata, const Slapi_Entry *rawentry, Slap
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"<-- _pre_ds_add_user_cb -- adding objectclass for new entry failed %d\n",
rc);
+ else {
+ if (posix_winsync_config_get_mapNestedGrouping()) {
+ memberUidLock();
+ addUserToGroupMembership(ds_entry);
+ memberUidUnlock();
+ }
+ }
}
sync_acct_disable(cbdata, rawentry, ds_entry, ACCT_DISABLE_TO_DS, ds_entry, NULL, NULL);
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name, "<-- _pre_ds_add_user_cb -- end\n");
@@ -1054,14 +1095,14 @@ posix_winsync_pre_ds_add_group_cb(void *cbdata, const Slapi_Entry *rawentry, Sla
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"<-- _pre_ds_add_group_cb -- adding objectclass for new entry failed %d\n",
rc);
- } else {
- if (posix_winsync_config_get_mapMemberUid()) {
- memberUidLock();
- addGroupMembership(ds_entry, ad_entry);
- memberUidUnlock();
- }
}
}
+ if (posix_winsync_config_get_mapMemberUid() || posix_winsync_config_get_mapNestedGrouping()) {
+ memberUidLock();
+ addGroupMembership(ds_entry, ad_entry);
+ memberUidUnlock();
+ }
+
slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
"<-- posix_winsync_pre_ds_add_group_cb -- end\n");
@@ -1274,7 +1315,7 @@ posix_winsync_end_update_cb(void *cbdata, const Slapi_DN *ds_subtree, const Slap
"--> posix_winsync_end_update_cb -- begin %d %d\n",
posix_winsync_config_get_MOFTaskCreated(),
posix_winsync_config_get_createMOFTask());
- if (posix_winsync_config_get_MOFTaskCreated() && posix_winsync_config_get_createMOFTask()) {
+ if (1 && posix_winsync_config_get_createMOFTask()) {
/* add a task to schedule memberof Plugin for fix memebrof attributs */
Slapi_PBlock *pb = slapi_pblock_new();
Slapi_Entry *e_task = slapi_entry_alloc();
@@ -1291,13 +1332,24 @@ posix_winsync_end_update_cb(void *cbdata, const Slapi_DN *ds_subtree, const Slap
posix_winsync_plugin_name, MEMBEROFTASK);
return;
}
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
+ "--> posix_winsync_end_update_cb, init'ing task\n");
+
slapi_entry_init(e_task, slapi_ch_strdup(dn), NULL);
slapi_entry_add_string(e_task, "cn", slapi_ch_strdup(posix_winsync_plugin_name));
slapi_entry_add_string(e_task, "objectClass", "extensibleObject");
slapi_entry_add_string(e_task, "basedn", slapi_sdn_get_dn(ds_subtree));
slapi_add_entry_internal_set_pb(pb, e_task, NULL, posix_winsync_get_plugin_identity(), 0);
+
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
+ "--> posix_winsync_end_update_cb, adding task\n");
slapi_add_internal_pb(pb);
+
+ slapi_log_error(SLAPI_LOG_PLUGIN, posix_winsync_plugin_name,
+ "--> posix_winsync_end_update_cb, retrieving return code\n");
slapi_pblock_get(pb, SLAPI_PLUGIN_INTOP_RESULT, &rc);
if (rc != 0) {
slapi_log_error(SLAPI_LOG_FATAL, posix_winsync_plugin_name,
diff --git a/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h b/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h
index 43a23df..f36fe40 100644
--- a/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h
+++ b/ldap/servers/plugins/posix-winsync/posix-wsp-ident.h
@@ -17,7 +17,7 @@
#define POSIX_WINSYNC_MAP_MEMBERUID "posixWinsyncMapMemberUID"
#define POSIX_WINSYNC_CREATE_MEMBEROFTASK "posixWinsyncCreateMemberOfTask"
#define POSIX_WINSYNC_LOWER_CASE "posixWinsyncLowerCaseUID"
-
+#define POSIX_WINSYNC_MAP_NESTED_GROUPING "posixWinsyncMapNestedGrouping"
void * posix_winsync_get_plugin_identity();
@@ -29,6 +29,7 @@ typedef struct posix_winsync_config_struct {
PRBool lowercase; /* store the uid in group memberuid in lower case */
PRBool createMemberOfTask; /* should memberOf Plugin Task run after AD sync */
PRBool MOFTaskCreated;
+ PRBool mapNestedGrouping;
Slapi_DN *rep_suffix; /* namingContext in DS of the replicated suffix */
} POSIX_WinSync_Config;
@@ -42,6 +43,7 @@ Slapi_DN *posix_winsync_config_get_suffix();
void posix_winsync_config_reset_MOFTaskCreated();
void posix_winsync_config_set_MOFTaskCreated();
PRBool posix_winsync_config_get_MOFTaskCreated();
+PRBool posix_winsync_config_get_mapNestedGrouping();
int posix_group_task_add(Slapi_PBlock *pb, Slapi_Entry *e,
Slapi_Entry *eAfter, int *returncode, char *returntext,
11 years, 6 months
ldap/servers
by Noriko Hosoi
ldap/servers/plugins/acl/acl.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
New commits:
commit d6d9d07bdc383b746ab4e084f4ad04aa20afbc13
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Mon Oct 8 15:35:58 2012 -0700
Trac Ticket #455 - Insufficient rights to unhashed#user#password
when user deletes his password
https://fedorahosted.org/389/ticket/455
Bug Description: Setting CLEAR to the passwordStrageScheme, then
deleting a userpassword with the value fails due to the lack of
right to delete the corresponding pseudo attribute.
Fix Description: Skip evaluating the aci of the pseudo attribute
in the deletion as being done in the replacement.
diff --git a/ldap/servers/plugins/acl/acl.c b/ldap/servers/plugins/acl/acl.c
index 3389404..a5884fb 100644
--- a/ldap/servers/plugins/acl/acl.c
+++ b/ldap/servers/plugins/acl/acl.c
@@ -1361,6 +1361,10 @@ acl_check_mods(
switch (mod->mod_op & ~LDAP_MOD_BVALUES ) {
case LDAP_MOD_DELETE:
+ if (strcmp (mod->mod_type, PSEUDO_ATTR_UNHASHEDUSERPASSWORD) == 0) {
+ /* skip pseudo attr(s) */
+ continue;
+ }
if (mod->mod_bvalues != NULL ) {
break;
}
@@ -1368,7 +1372,7 @@ acl_check_mods(
/*
* Here, check that we have the right to delete all
* the values of the attribute in the entry.
- */
+ */
case LDAP_MOD_REPLACE:
if ( !lastmod ) {
@@ -1385,6 +1389,7 @@ acl_check_mods(
strcmp (mod->mod_type, "modifytimestamp")== 0 ||
strcmp (mod->mod_type, PSEUDO_ATTR_UNHASHEDUSERPASSWORD)== 0)
) {
+ /* skip pseudo attr(s) */
continue;
}
11 years, 6 months
Changes to 'refs/tags/389-ds-base-1.3.0.a1'
by Mark Reynolds
Changes since 389-ds-base-1.2.6.a1:
Charles Lopes (1):
Bug #361: Bad DNs in ACIs can segfault ns-slapd
Endi S. Dewata (168):
Bug 545620 - Password cannot start with minus sign
Bug 538525 - Ability to create instance as non-root user
Bug 570542 - Root password cannot contain matching curly braces
Bug 470684 - Pam_passthru plugin doesn't verify account activation
Bug 573375 - MODRDN operation not logged
Bug 520151 - Error when modifying userPassword with proxy user
Bug 455489 - Address compiler warnings about strict-aliasing rules
Bug 566320 - RFE: add exception to removal of attributes in cn=config for aci
Bug 566043 - startpid file is only cleaned by initscript runs
Bug 584109 - Slapd crashes while parsing DNA configuration
Bug 542570 - Directory Server port number is not validated in the beginning.
Bug 145181 - Plugin target/bind subtrees only take 1 value.
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 619122 - fix coverify Defect Type: Resource leaks issues CID 11975 - 12053
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverify Defect Type: Resource leaks issues CID 12094 - 12136
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 628096 - spurious error message from /sbin/service when doing a stop on no instances
Bug 573889 - Migration does not remove deprecated schema
Bug 606545 - core schema should include numSubordinates
Bug 643979 - Strange byte sequence for attribute with no values (nsslapd-referral)
Endi Sukma Dewata (16):
Bug 630092 - Coverity #12117: Resource leaks issues
Bug 630092 - Coverity #15478: Resource leaks issues
Bug 630092 - Coverity #15479: Resource leaks issues
Bug 630092 - Coverity #15481: Resource leaks issues
Bug 630092 - Coverity #15482: Resource leaks issues
Bug 630092 - Coverity #15483: Resource leaks issues
Bug 630092 - Coverity #15484: Resource leaks issues
Bug 630092 - Coverity #15485: Resource leaks issues
Bug 630092 - Coverity #15487: Resource leaks issues
Bug 630092 - Coverity #15490: Resource leaks issues
Bug 630092 - Coverity #15497: Resource leaks issues
Bug 630092 - Coverity #11991: Resource leaks issues
Bug 630092 - Coverity #12000: Resource leaks issues
Bug 630092 - Coverity #12003: Resource leaks issues
Bug 630092 - Coverity #11985: Resource leaks issues
Bug 630092 - Coverity #11992,11993: Resource leaks issues
Jeroen van Meeuwen (Kolab Systems) (1):
Suppress alert on unavailable port with forced setup
Jonathan \"Duke\" Leto (1):
fix for trac #173; update ds-logpipe.py docs about -t option
Ken Rossato (7):
Factorize into new isPosixGroup function
Change "return"s in modGroupMembership to "break"s to avoid leaking
Memory leaks: unmatched slapi_attr_get_valueset and slapi_value_new
Simplify program flow: eliminate unnecessary continue
Simplify program flow: make adduids/moduids/deluids action blocks all similar
Fix logic errors: del_mod should be latched (might not be last mod), and avoid skipping add-mods (int value 0)
Simplify program flow: change while loops to for
Mark Reynolds (88):
Ticket #71 - unable to delete managed entry config
Ticket #159 - Managed Entry Plugin runs against managed entries upon any update without validating
Ticket #177 - logconv.pl doesn't detect restarts
Merge branch 'ticket159'
Ticket #49 - better handling for server shutdown while long running tasks are active
Ticket #50 - server should not call a plugin after the plugin close function is calle
Updated for ticket#50
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #140 - incorrect memset parameters
Revert "Ticket #140 - incorrect memset parameters"
Revert "Ticket #55 - Limit of 1024 characters for nsMatchingRule"
Ticket #38 - nisDomain schema is incorrect
Ticket #6 - protocol error from proxied auth operation
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #39 - Account Policy Plugin does not work for simple binds when PAM Pass Through Auth plugin is enabled
Ticket 175 - logconv.pl improvements
Ticket 175 - minor fixes
Ticket #17 - Replication optimizations
Ticket #17 - new replication optimizations
Ticket #129 - Should only update modifyTimestamp/modifiersName on MODIFY ops
Ticket #111 - ability to control behavior of modifyTimestamp/modifiersName
Ticket #211 - dnaNextValue gets incremented even if the user addition fails
Ticket #74 - Add schema for DNA plugin (RFE)
Ticket #306 - void function cannot return value
Ticket #302 - use thread local storage for internalModifiersName & internalCreatorsName
Schema Reload crash fix
Ticket #291 - cannot use & in a sasl map search filter
Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash
Ticket #191 - Implement SO_KEEPALIVE in network calls
Config changes fail because of unknown attribute "internalModifiersname"
Ticket #292 - logconv.pl reporting unindexed search with different search base than shown in access logs
Ticket #308 - Automembership plugin fails if data and config area mixed in the plugin configuration
Ticket #271 - replication code cleanup
TIcket #285 - compilation fixes for '--format-security'
Ticket #271 - Slow shutdown when you have 100+ replication agreements
Ticket #24 - Add nsTLS1 to the DS schema
Ticket #319 - ldap-agent crashes on start with signal SIGSEGV
Ticket #20 - Allow automember to work on entries that have already been added
Ticket #315 - ns-slapd exits/crashes if /var fills up
Ticket #315 - small fix to libglobs
Ticket #183 - passwordMaxFailure should lockout password one sooner - and should be configurable to avoid regressions
Coverity Fixes
Ticket #325 - logconv.pl : use of getopts to parse command line options
Ticket #183 - passwordMaxFailure should lockout password one sooner
Ticket #207 - [RFE] enable attribute that tracks when a password was last set
Ticket #214 - Adding Replication agreement should complain if required nsds5ReplicaCredentials not supplied
Ticket #337 - Improve CLEANRUV task
Ticket #356 - RFE - Track bind info
Ticket #196 - RFE: Interpret IPV6 addresses for ACIs, replication, and chaining
Ticket #218 - Make RI Plugin worked with replicated updates
Ticket 367 - Invalid chaining config triggers a disk full error and shutdown
Ticket 365 - passwords in clear text in the audit log
Ticket #321 - krbExtraData is being null modified and replicated on each ssh login
Ticket #110 - RFE limiting root DN by host, IP, time of day, day of week
Ticket 368 - Make the cleanAllRUV task one step
Ticket #28 - MOD operations with chained delete/add get back error 53 on backend config
Ticket #369 - restore of replica ldif file on second master after deleting two records shows only 1 deletion
Update the slapi-plugin documentation on new slapi functions, and added a slapi function for checking on shutdowns
Ticket #388 - Improve replication agreement status messages
COVERITY FIXES
Coverity Fix
Ticket 366 - Change DS to purge ticket from krb cache in case of authentication error
Ticket 399 - slapi_ldap_bind() doesn't check bind results
Ticket 328 - make sure all internal search filters are properly escaped
Ticket 413 - "Server is unwilling to perform" when running ldapmodify on nsds5ReplicaStripAttrs
Ticket 403 - CLEANALLRUV feature
Ticket 407 - memory leak in dna plugin
Ticket 403 - cleanallruv coverity fixes
Misc Coverity Fixes
Ticket 407 - dna memory leak
Ticket 403 - CLEANALLRUV amendment
Ticket 403 - CLEANALLRUV - revision to last amendment
Ticket 403 - fix CLEANALLRUV regression from last commit
Ticket 429 - Add nsslapd-readonly to schema
CLEANALLRUV coverity fixes
Ticket 436 - nsds5ReplicaEnabled can be set with any invalid values.
Ticket 386 - Overconsumption of memory with large cachememsize and heavy use of ldapmodify
Ticket 450 - CLEANALLRUV task gets stuck on winsync replication agreement
Ticket 452 - automember rebuild task adds users to groups that do not match the configuration scope
Ticket 408 - create a normalized dn cache
Ticket 467 - CLEANALLRUV abort task should be able to ignore down replicas
Ticket 747 - Root DN Access Control - days allowed not working correctly
Ticket 475 - Root DN Access Control - improve value checking for config
Ticket 473 - change VERSION.sh to have console version be major.minor
Coverity issue 13091
Ticket 457 - dirsrv init script returns 0 even when few or all instances fail to start
Ticket 477 - CLEANALLRUV if there are only winsync agmts task will hang
Ticket 478 - passwordTrackUpdateTime stops working with subtree password policies
Nathan Kinder (193):
Bug 549554 - Trim single-valued attributes before sending to AD
Improve search for pcre header file
Bug 434735 - Allow SASL ANONYMOUS mech to work
Bug 570912 - Avoid selinux context conflict with httpd
Allow instance name to be parsed from start-slapd
Add managed entries plug-in
Bug 572355 - Label instance files and ports during upgrade.
Bug 578863 - Password modify extop needs to send referrals on replicas
Bug 584156 - Remove ldapi socket file during upgrade
Fix rsearch usage of name files for random filters
Bug 584497 - Allow DNA plugin to set same value on multiple attributes
Add replication session hooks
Correct function prototype for repl session hook
Bug 592389 - Set anonymous resource limits properly
Bug 601433 - Add man pages for start-dirsrv and related commands
Bug 604263 - Fix memory leak when password change is rejected
Bug 612242 - membership change on DS does not show on AD
Bug 613833 - Allow dirsrv_t to bind to rpc ports
Bug 594745 - Get rid of dirsrv_lib_t label
Bug 620927 - Allow multiple membership attributes in memberof plugin
Bug 612264 - ACI issue with (targetattr='userPassword')
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630098 - fix coverity Defect Type: Code maintainability issues
Bug 630093 - (cov#15511) Don't use unintialized search_results in refint plugin
Bug 630093 - (cov#15518) Need to intialize fd in ldbm2ldif code
Bug 630096 - (cov#11778) check return value of ldap_parse_result
Bug 630096 - (cov#15446) check return value of ber_scanf()
Bug 630096 - (cov#15449,15450) Check return value of stat()
Bug 630096 - (cov#15448) Check return value of cache_replace()
Bug 630096 - (cov#15447) - Check return value of idl_append_extend()
Bug 630090 - (cov#11974) Remove unused ACL functions
Bug 630090 - (cov#15445) Fix illegal free in archive code
Bug 630094 - (cov#11818) Fix unreachable return in snmp subagent
Bug 630094 - (cov#15451) Get rid of unreachable free statements
Bug 630094 - (cov#15452) Remove NULL checking for op_string
Bug 630094 - (cov#15453) Eliminate NULL check for local_newentry
Bug 630094 - (cov#15454) Fix deadcode issue in mapping tree code
Bug 630094 - (cov#15455) Remove deadcode in attr_index_config()
Bug 630094 - (cov#15456) Remove NULL check for srdn in import code
Bug 630094 - (cov#15457) Remove deadcode in import code
Bug 630094 - (cov#15458) Fix deadcode issue in moddn code
Bug 630094 - (cov#15459) Remove NULL check for srdn in ldif2ldbm code
Bug 630094 - (cov#15520) Fix unreachable code issue if perfctrs code
Bug 630094 - (cov#15581) Add missing breaks in agt_mopen_stats()
Bug 690090 - (cov#11974) Remove additional unused ACL functions
Bug 630091 - (cov#15512) Fix usage of uninitialized bervals
Bug 630091 - (cov#15513) Fix usage of uninitialized bervals
Bug 630091 - (cov#15514) Initialize DBT in entryrdn_get_parent()
Bug 630091 - (cov#15515) Use of uninitialized array in index config code
Bug 630091 - (cov#15516,15517) Initialize pointers before attempting to free
Bug 630091 - (cov#15519) Initialize bervals in search_easter_egg()
Bug 630091 - (cov#15582) Free of uninitialized pointer in attr_index_config()
Bug 630097 - (cov#11933) Fix NULL dereference in schema code
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#11946) NULL dereference in ResHashCreate()
Bug 630097 - (cov#11964) Remove dead code from libaccess
Bug 630097 - (cov#12143) NULL dereference in cos cache code
Bug 630097 - (cov#12148) NULL dereference in ruvInit()
Bug 630097 - (cov#12182,12183) NULL dereference in import code
Bug 630097 - (cov#15460) NULL deference in ACL URL code
Bug 630097 - (cov#15461) Remove unnecessary NULL check in DNA
Bug 630097 - (cov#15462) NULL dereference in mep_modrdn_post_op()
Bug 630097 - (cov#15463) Remove NULL check in referint plugin
Bug 630097 - (cov#15464) NULL dereference in repl code
Bug 630097 - (cov#15465) Null dereference in USN code
Bug 630097 - (cov#15473) NULL dereference in ResHashCreate()
Bug 630097 - (cov#15505) NULL dereference in memberOf code
Bug 630097 - (cov#15506) NULL dereference in dblayer code
Bug 630097 - (cov#15507,15508) NULL dereference in entryrdn code
Bug 630097 - (cov#15509) NULL dereference in idsktune
Bug 630097 - (cov#11938) NULL dereference in mmldif
Bug 630097 - (cov#15477) NULL dereference in ACL plug-in code
Bug 630091 - (cov#12209) Use of uninitialized pointer in libaccess
Bug 630092 - (cov#12116) Resource leak in ldclt code
Bug 630092 - (cov#12105) Resource leak in pwdscheme config code
Bug 630092 - (cov#12068) Resource leak in certmap code
Bug 630091 - (cov#11973) Array overrun in libaccess
Bug 522055 - Scope check for managed attribute fails
Bug 625335 - Self-write aci has permission to invalid attribute
Bug 631993 - Log authzid when proxy auth control is used
Cov #16300 - Unused variable in account policy plugin
Bug 544321 - remove-ds.pl should not throw error unlabelling port
Bug 555955 - Allow CoS values to be merged
Bug 643937 - Initialize replication version flags
Bug 305131 - Allow empty modify operation
Bug 619633 - Make attribute uniqueness obey requiredObjectClass
Bug 619623 - attr-unique-plugin ignores requiredObjectClass on modrdn operations
Bug 189985 - Improve attribute uniqueness error message
Bug 647932 - multiple memberOf configuration adding memberOf where there is no member
Bug 521088 - DNA should check ACLs before getting a value from the range
Bug 635009 - Add one-way AD sync capability
Bump VERSION.sh to 1.2.8.a1
Bug 648949 - Move selinux policy into base OS
Bug 648949 - Update configure
Roll back VERSION.sh for 1.2.7 release
Bug 625950 - hash nsslapd-rootpw changes in audit log
Bug 656392 - Remove calls to ber_err_print()
Bug 656515 - Allow Name and Optional UID syntax for grouping attributes
Bug 197886 - Avoid overflow of UUID generator
Bug 658312 - Allow mapped attribute types to be quoted
Bug 197886 - Initialize return value for UUID generation code
Bug 658309 - Process escaped characters in managed entry mappings
Bug 659456 - Incorrect usage of ber_printf() in winsync code
Bug 641944 - Don't normalize non-DN RDN values
Bug 658312 - Invalid free in Managed Entry plug-in
Bug 661792 - Valid managed entry config rejected
Bug 588791 - Allow anonymous rootDSE access only
Bug 606439 - Creating server instance with LDAPI takes too long
Bug 632670 - Chain-on-update logs managed-entries-plugin errors
Bug 621008 - parsing purge RUV from changelog at startup fails
Bug 663191 - Don't use $USER in DSCreate.pm
Bug 663597 - Memory leaks in normalization code
Bug 659131 - Incorrect RDN values added with multi-valued RDN
Bug 661102 - Rename of managed entries not handled correctly
Bug 193297 - Call pre-bind plug-ins for all SASL bind steps
Bug 201652 - LDAPv2 bind with expired password doesn't unbind correctly
Bug 470576 - Migration could do addition checks before commiting actions
Bug 481195 - Missing op type in log when password change required
Bug 509897 - Validate dnaScope to ensure it is a legal DN
Bug 505722 - Allow ntGroup to have mail attribute present
Bug 543633 - replication problems if supplier is killed under update load
Bug 671033 - range sharing between server breaks with SASL/GSSAPI auth
Bug 527912 - setup-ds.pl appears to hang when DNS is unreachable
Bug 252249 - Add pkg-config file for plug-in developers
Bug 670616 - Allow SSF to be set for local (ldapi) connections
Bug 668862 - init scripts return wrong error code
Bug 674430 - Improve error messages for attribute uniqueness
Bug 675853 - dirsrv crash segfault in need_new_pw()
Bug 678646 - Ignore tombstone operations in managed entry plug-in
Bug 671199 - Don't allow other to write to rundir
Bug 672468 - Don't use empty path elements in LD_LIBRARY_PATH
Bug 674852 - crash in ldap-agent when using OpenLDAP
Bug 681345 - setup-ds.pl should set SuiteSpotGroup automatically
Bug 680558 - Winsync plugin fails to restrain itself to the configured subtree
Bug 504803 - Allow maxlogsize to be set if logmaxdiskspace is -1
Bug 687974 - (cov#10715) Fix Coverity uninitialized variables issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 688341 - (cov#10708) Fix Coverity code maintainability issues
Bug 688341 - (cov#10706,10707) Fix Coverity code maintainability issues
Bug 688341 - (cov#10704,10705) Fix Coverity code maintainability issues
Bug 688341 - (cov#10703) Fix Coverity code maintainability issues
Bug 688341 - (cov#10702) Fix Coverity code maintainability issues
Bug 688341 - (cov#10709) Fix Coverity code maintainability issues
Bug 689537 - (cov#10699) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10610) Fix Coverity NULL pointer dereferences
Bug 689537 - (cov#10608) Fix Coverity NULL pointer dereferences
Bug 689952 - (cov#10581) Incorrect bit check in replication connection code
Bug 690526 - (cov#10734) Double free in dse_add()
Bug 690649 - (cov#10731) Use of free'd pointer in indexing code
Bug 690882 - (cov#10571) Incorrect sizeof use in uuid code
Bug 690882 - (cov#10636,10637) Useless comparison in attrcrypt
Bug 690882 - (cov#10703) Incorrect sizeof use in vattr code
Bug 690882 - (cov#10572,10710) Incorrect sizeof use in uuid code
Bug 691574 - (cov#10579) Check return value of ber_scanf() in sort code
Bug 691574 - (cov#10577) Check return types when adding RDN CSNs
Bug 691574 - (cov#10573) check return value in GER code
Bug 691574 - (cov#10575) Check return value of ldap_get_option
Bug 691574 - (cov#10573) Fix syntax error
Bug 693868 - Add managed entry config during in-place upgrade
Add Auto Membership Plug-in
Bug 698428 - Make auto membership use Slapi_DN for DN comparisons
Bug 695779 - windows sync can lose old values when a new value is added
Bug 700557 - Linked attrs callbacks access free'd pointers after close
Bug 700557 - Leak at shutdown in DNA plug-in
Bug 703304 - Auto membership alternate config area should override default area
Bug 703304 - Auto membership alternate config area should override default area
Bug 703530 - Allow Managed Entry config to be relocated
Bug 697961 - memberOf needs to be triggered by internal operations
Bug 710377 - Import with chain-on-update crashes ns-slapd
Split automember regex rules into separate entries
Bug 713209 - Update sudo schema
Bug 691313 - Need TLS/SSL error messages in repl status and errors log
Bug 723937 - Slapi_Counter API broken on 32-bit F15
Bug 725743 - Make memberOf use PRMonitor for it's operation lock
Bug 729717 - Fatal error messages when syncing deletes from AD
Bug 728510 - Run dirsync after sending updates to AD
Bug 730387 - Add slapi_rwlock API and use POSIX rwlocks
Bug 611438 - Add Account Usability Control support
Bug 728592 - Allow ns-slapd to start with an invalid server cert
Bug 732541 - Ignore error 32 when adding automember config
Bug 722292 - Entries in DS are not updated properly when using WinSync API
Bug 722292 - (cov#11030) Leak of mapped_sdn in winsync rename code
Bug 735114 - renaming a managed entry does not update mepmanagedby
Bug 739172 - Allow separate fractional attrs for incremental and total protocols
Bug 743966 - Compiler warnings in account usability plugin
Bug 744946 - (cov#11046) NULL dereference in IDL code
Bug 752155 - Use restorecon after creating init script lock file
Ticket 284 - Remove unnecessary SNMP MIB files
ticket 304 - Fix kernel version checking in dsktune
ticket 211 - Use of uninitialized variables in ldbm_back_modify()
ticket 181 - Allow PAM passthru plug-in to have multiple config entries
coverity 12563 Read from pointer after free (fix 2)
Ticket 211 - Avoid preop range requests non-DNA operations
Noriko Hosoi (352):
544089 - Referential Integrity Plugin does not take into account the attribute
557224 - subtree rename breaks the referential integrity plug-in
247413 - Incorrect error on multiple identical value add
559016 - Attempting to rename suffix returns inappropriate errors
555577 - Syntax validation fails for "ou=NetscapeRoot" tree
Undo - 555577 - Syntax validation fails for "ou=NetscapeRoot" tree
560827 - Admin Server templates: DistinguishName validation fails
548535 - memory leak in attrcrypt
563365 - Error handling problems in the backend functions
565664 - Incorrect parameter for CACHE_RETURN()
565987 - redhat-ds-base fails to build due to undefined struct
527848 - make sure db upgrade to 4.7 and later works correctly
539618 - Replication bulk import reports Invalid read/write
567370 - dncache: assertion failure in id2entry_delete
548115 - memory leak in schema reload
555970 - missing read lock in the combination of cos and nsview
539618 - Replication bulk import reports Invalid read/write
570667 - MMR: simultaneous total updates on the masters cause
Merge branch '547503'
Revert "Merge branch '547503'"
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
199923 - subtree search fails to find items under a db
570107 - The import of LDIFs with base-64 encoded DNs fails,
572649 - DS8.2 crashes on RHEL 4 (corresponding to bob, ber_2 test case)
573060 - DN normalizer: ESC HEX HEX is not normalized (
573896 - initializing subtree with invalid syntax crashes ns-slapd
515805 - Stop "initialize Database" crashes the server
548533 - memory leak in Repl_5_Inc_Protocol_new
Fixing a syntax error
Update to New DN Format
585905 - ACL with targattrfilters error crashes the server
574167 - An escaped space at the end of the RDN value is not
590931 - rhds81 import - hardcoded pages_limit for nsslapd-import-cache-autosize
591336 - Implementing upgrade DN format tool
593453 - Creating password policy with ns-newpolicy.pl on Replicated
593110 - backup-restore does not ALWAYS work
593899 - adding specific ACI causes very large mem allocate request
588867 - entryusn plugin fails on solaris
593899 - adding specific ACI causes very large mem allocate request
595893 - Base DN in SASL mapping is not normalized
511112 - Password history limited to 25 values
597375 - Deleting LDBM database causes backup/restore problem
574101 - MODRDN request never returns - possible deadlock
606920 - anonymous resource limit - nstimelimit -
605827 - In-place upgrade: upgrade dn format should not run in setup-ds-admin.pl
578296 - Attribute type entrydn needs to be added when subtree
609256 - Selinux: pwdhash fails if called via Admin Server CGI
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
609255 - fix coverity Defect Type: Memory - illegal accesses issues
616618 - 389 v1.2.5 accepts 2 identical entries with different DN formats
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
610281 - fix coverity Defect Type: Control flow issues
616608 - SIGBUS in RDN index reads on platforms with strict alignments
619595 - Upgrading sub suffix under non-normalized suffix disappears
513166 - Simple Paged result doesn't provide the server's estimate
621928 - Unable to enable replica (rdn problem?) on 1.2.6 rc6
Bug 194531 - db2bak is too noisy
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622628 - fix coverity Defect Type: Integer handling issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 622903 - fix coverity Defect Type: Code maintainability issues
Bug 623118 - Simplepaged results going in infinite loop
Bug 614511 - fix coverity Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 619122 - fix coverity Defect Type: Resource leaks issues CID 11975 - 12051
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 617630 - fix coverity Defect Type: Resource leaks issues CID 12052 - 12093
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 616500 - fix coverity Defect Type: Resource leaks issues CID 12094 - 12136
Bug 614511 - fix coverify Defect Type: Null pointer dereferences issues 11846 - 11891
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892 - 11939
Bug 613056 - fix coverify Defect Type: Null pointer dereferences issues 11892
Bug 616500 - fix coverity Defect Type: Resource leaks issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 623507 - fix coverity Defect Type: Incorrect expression issues
Bug 613056 - fix coverify Defect Type: Null pointer dereferences
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 610119 - fix coverify Defect Type: Null pointer dereferences issues 12167 - 12199
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Bug 611790 - fix coverify Defect Type: Null pointer dereferences issues 11940 - 12166
Removed redundant code in agmt_new_from_entry
Bug 617630 - fix coverify Defect Type: Resource leaks issues CID 12052 - 12093
Bug 628300 - DN is not normalized in dn/entry cache when an entry is added, entrydn is not present in search results
Bug 531642 - EntryUSN: RFE: a configuration option to make entryusn "global"
Bug 627738 - The cn=monitor statistics entries for the dnentry cache do not change or change very rarely
DN normalizer should check the invalid type
Bug 627738 - The cn=monitor statistics entries for the dnentry cache
Bug 629710 - escape_string does not check '\<HEX><HEX>'
agmtlist_shutdown (repl5_agmtlist.c) had an illegal access defect.
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 633168 - Share backend dbEnv with the replication changelog
Bug 631862 - crash - delete entries not in cache + referint
Bug 625014 - SubTree Renames: ModRDN operation fails and the server hangs if the entry is moved to "under" the same DN.
Bug 558099 - Enhancement request: Log more information about the search result being a paged one
Bug 635987 - Incorrect sub scope search result with
Bug 606920 - anonymous resource limit- nstimelimit -
Bug 635987 - Incorrect sub scope search result with ACL containing ldap:///self
Bug 639289 - Adding a new CN entry with UpperCase UTF-8 Character
Bug 640027 - Naming attribute with a special char sequence parsing bug
Bug 640854 - changelog db: _cl5WriteOperation: failed to
Bug 637852 - sasl_io_start_packet: failed - read only 3 bytes
Bug 586966 - Sample update script has syntax errors
Bug 586973 - Sample update ldif points to non-existent directory
Bug 602456 - Allow to add any cn=config attributes;
Bug 244229 - targetattr not verified against schema when setting an aci
Bug 643532 - Incorrect DNs sometimes returned on searches
Bug 592397 - Upgrade tool dn2rdn: it does not clean up
Bug 645061 - Upgrade: 06inetorgperson.ldif and 05rfc4524.ldif
Bug 629681 - Retro Changelog trimming does not behave as expected
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 644608 - RHDS 8.1->8.2 upgrade fails to properly migrate ACIs
Bug 638773 - permissions too loose on pid and lock files
Bug 491733 - dbtest crashes
Bug 329751 - "nested" filtered roles searches candidates more
Bug 567282 - server can not abandon searchRequest of "simple paged results"
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Bug 651571 - When attrcrypt is on, entrydn is stored in the backend db
Bug 661918 - 389-ds MMR plugin's changelogdb path logic is incorrect
Bug 182507 - clear-password mod from replica is discarded before changelogged
Bug 602456 - Allow to add any cn=config attributes;
Bug 489379 - passwordExpirationTime in entry being added
Bug 663484 - Entry usn plugin fails to properly tag entries on initialization
Bug 664563 - GER: ger for non-present entry is not correct
Bug 653007 - db2ldif export of clear text passwords lacks storage scheme
Bug 667488 - Cannot recreate numsubordinates index with db2index
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 615100 - log rotationinfo always recreated at startup,
Bug 624442 - MMR: duplicate replica ID
Bug 669205 - db2bak: backed up changelog should include RUVs
Bug 616850 - ldapmodify failed to reject the replace operation
Bug 627993 - Inconsistent storage of password expiry times
Bug 627993 - Inconsistent storage of password expiry times
dn2rdn should respect the DB version info
Bug 646381 - Faulty password for nsmultiplexorcredentials does not give any error message in logs
Bug 624547 - attrcrypt should query the given slot/token for
Bug 668619 - slapd stops responding
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
Bug 615052 - intrinsics and 64-bit atomics code fails to compile
Bug 616213 - insufficient stack size for HP-UX on PA-RISC
Bug 675265 - preventryusn gets added to entries on a failed delete
Bug 604881 - admin server log files have incorrect permissions/ownerships
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 676053 - export task followed by import task causes cache assertion
Bug 450016 - RFE- Console display values in KB/MB/GB
Cancelling commit aef19508c4f618285116d2068655183658f564d9
Bug 625424 - repl-monitor.pl doesn't work in hub node
Bug 679978 - modifying attr value crashes the server, which is supposed to
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 668909 - Can't modify replication agreement in some cases
Bug 684996 - Exported tombstone cannot be imported correctly
Bug 681015 - RFE: allow fine grained password policy duration attributes in days, hours, minutes, as well
Bug 689866 - ns-newpwpolicy.pl needs to use the new DN format
Bug 690955 - Mrclone fails due to the replica generation id mismatch
Bug 696407 - If an entry with a mixed case RDN is turned to be
Bug 697027 - 1 - minor memory leaks found by Valgrind + TET
Bug 697027 - 2 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 4 - minor memory leaks found by Valgrind + TET
Bug 697027 - 5 - minor memory leaks found by Valgrind + TET
Bug 697027 - 6 - minor memory leaks found by Valgrind + TET
Bug 697027 - 7 - minor memory leaks found by Valgrind + TET
Bug 697027 - 8 - minor memory leaks found by Valgrind + TET
Bug 697027 - 9 - minor memory leaks found by Valgrind + TET
Bug 697027 - 10 - minor memory leaks found by Valgrind + TET
Bug 697027 - 11 - minor memory leaks found by Valgrind + TET
Bug 697027 - 12 - minor memory leaks found by Valgrind + TET
Bug 697027 - 13 - minor memory leaks found by Valgrind + TET
Bug 697027 - 14 - minor memory leaks found by Valgrind + TET
Bug 697027 - 15 - minor memory leaks found by Valgrind + TET
Bug 697027 - 16 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 697027 - 3 - minor memory leaks found by Valgrind + TET
Bug 700215 - ldclt core dumps
Bug 668619 - slapd stops responding
Bug 709826 - Memory leak: when extra referrals configured
Bug 706179 - DS can not restart after create a new objectClass has entryusn attribute
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
Bug 718303 - Intensive updates on masters could break the consumer's cache
Merge branch '718303'
Bug 719069 - clean up compiler warnings in 389-ds-base 1.2.9
Bug 712855 - Directory Server 8.2 logs "Netscape Portable
Bug 663752 - Cert renewal for attrcrypt and encchangelog
Bug 732153 - subtree and user account lockout policies implemented?
Introducing an environment variable USE_VALGRIND to clean up the entry cache and dn cache on exit.
Bug 744945 - nsslapd-counters attribute value cannot be set to "off"
Keep unhashed password psuedo-attribute in the adding entry
Reduce the number of DN normalization
Bug 745259 - Incorrect entryUSN index under high load
Bug 750622 - Fix Coverity (11104) Resource leak:
Bug 750624 - Fix Coverity (11053) Explicit null dereferenced:
Bug 750625 - Fix Coverity (11066) Unused pointer value
Bug 750625 - Fix Coverity (11065) Uninitialized pointer read
Bug 750625 - Fix Coverity (11064) Dereference before null check
Bug 750625 - Fix Coverity (11061) Resource leak
Bug 750625 - Fix Coverity (11060) Dereference null return value
Bug 750625 - Fix Coverity (11058, 11059) Dereference null return value
Bug 750625 - Fix Coverity (11057) Dereference null return value
Bug 750625 - Fix Coverity (11055) Explicit null dereferenced
Bug 750625 - Fix Coverity (11054) Dereference after null check
Bug 750625 - Fix Coverity (11117) Uninitialized pointer read
Bug 750625 - Fix Coverity (11116) Uninitialized pointer read
Bug 750625 - Fix Coverity (11114, 11115) Uninitialized value use
Bug 750625 - Fix Coverity (11113) Uninitialized pointer read
Bug 750625 - Fix Coverity (11112) Uninitialized pointer read
Bug 750625 - Fix Coverity (11109, 11110, 11111) Uninitialized pointer read
Bug 750625 - Fix Coverity (11108) Sizeof not portable
Bug 750625 - Fix Coverity (11107) Dereference before null check
Bug 750625 - Fix Coverity (11096) Explicit null dereferenced
Bug 750625 - Fix Coverity (11095) Explicit null dereferenced
Bug 750625 - Fix Coverity (11094) Dereference after null check
Bug 750625 - Fix Coverity (11091) Unchecked return value
Bug 750625 - Fix Coverity (11055-2) Explicit null dereferenced
Bug 750625 - Fix Coverity (11062) Resource leak
Bug 750625 - Fix Coverity (11066-2) Unused pointer value
Bug 750625 - Fix Coverity (12195) Dereference after null check
Bug 750625 - Fix Coverity (12196) Dereference before null check
Bug 750625 - Fix Coverity (11066-3) Unused pointer value
Bug 745259 - Incorrect entryUSN index under high load in
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 2 - If node entries are tombstone'd,
Trac Ticket 26 - Please support setting
Trac Ticket 75 - Unconfigure plugin opperations are being called.
Trac Ticket 168 - minssf should not apply to rootdse
Trac Ticket #18 - Data inconsitency during replication
Trac Ticket #52 - FQDN set to nsslapd-listenhost
Trac Ticket 139 - eliminate the use of char *dn in favor of Slapi_DN *dn
Trac Ticket 35 - Log not clear enough on schema errors
Trac Ticket #274 - Reindexing entryrdn fails if
Trac Ticket #275 - Invalid read reported by valgrind
Trac Ticket 51 - memory leaks in 389-ds-base-1.2.8.2-1.el5?
Trac Ticket #27 - SASL/PLAIN binds do not work
Trac Ticket #84 - 389 Directory Server Unnecessary Checkpoints
Trac Ticket #169 - allow 389 to use db5
Trac Ticket #34 - remove-ds.pl does not remove everything
Trac Ticket #26 - Please support setting defaultNamingContext in the rootdse.
Trac Ticket #298 - crash when replicating orphaned tombstone entry
Trac Ticket #290 - server hangs during shutdown if betxn pre/post op fails
Trac Ticket #290 - server hangs during shutdown if betxn pre/post op fails
Minor bug fix introcuded by commit 69c9f3bf7dd9fe2cadd5eae0ab72ce218b78820e
Trac Ticket #260 - 389 DS does not support multiple
Fixing compiler warnings
Trac Ticket #303 - make DNA range requests work with transactions
coverity 12606 Logically dead code
Trac Ticket #46 - setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #46 (revised) - setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #46 - (take 3) setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #46 - (additional) setup-ds-admin.pl does not
Trac Ticket #45 - Fine Grained Password policy:
Trac Ticket #46 - (additional 2) setup-ds-admin.pl does not like ipv6 only hostnames
Trac Ticket #335 - transaction retries need to be cache aware
Trac Ticket #338 - letters in object's cn get converted to
Trac Ticket #310 - Avoid calling escape_string() for logged DNs
Trac Ticket #19 - Convert entryUSN plugin to transaction aware type
Trac Ticket #345 - db deadlock return should not log error
Trac Ticket #359 - Database RUV could mismatch the one in changelog under the stress
Trac Ticket #359 - Database RUV could mismatch the one
Trac Ticket #338 - letters in object's cn get converted to
Trac Ticket #335 - transaction retries need to be cache aware
Bug 829213 - unhashed#user#password visible after changing password https://bugzilla.redhat.com/show_bug.cgi?id=829213
Bug 829213 - unhashed#user#password visible after changing password https://bugzilla.redhat.com/show_bug.cgi?id=829213
Bug 829213 - unhashed#user#password visible after changing password https://bugzilla.redhat.com/show_bug.cgi?id=829213
audit log does not log unhashed password: enabled, by default.
Trac Ticket 396 - Account Usability Control Not Working [Bug 835238]
Trac Ticket #402 - nhashed#user#password in entry extension
Trac Ticket #346 - Slow ldapmodify operation time for large
Trac Ticket #346 - Slow ldapmodify operation time for large
Coverity defects
Conflict definition in SLAPI_ATTR_FLAG macros
Trac Ticket #412 - memberof performance enhancement
Trac Ticket #409 - Report during startup if nsslapd-cachememsize is too small
Ticket 328 - make sure all internal search filters are properly escaped
Ticket 328 - make sure all internal search filters are properly escaped
Trac Ticket #346 - Slow ldapmodify operation time for large
Trac Ticket #437 - variable dn should not be used in ldbm_back_delete
Coverity defects
Trac Ticket #340 - Change on SLAPI_MODRDN_NEWSUPERIOR is not
Trac Ticket #466 - entry_apply_mod - ADD: Failed to set
Coverity defects
Trac Ticket #470 - 389 prevents from adding a posixaccount
Coverity defects
Trac Ticket #453 - db2index with -tattrname:type,type fails
Trac Ticket #351 - use betxn plugins by default
Bug 863576 - Dirsrv deadlock locking up IPA
Rich Megginson (372):
Net::LDAP password modify extop breaks; msgid in response is 0xFF
Clean up assert for entrydn
Bug 543080 - Bitwise plugin fails to return the exact matched entries for Bitwise search filter
Bug 537466 - nsslapd-distribution-plugin should not require plugin name to begin with "lib"
bump version to 1.2.6.a2
Do not use syntax plugins directly for filters, indexing
wrap new style matching rule plugins for use in old style indexing code
change extensible filter code to use new syntax function style mr funcs
change syntax plugins to register required matching rule plugins
crash looking up compat syntax; numeric string syntax using integer; make octet string ordering work correctly
fix memory leak in attr replace when replacement fails
fix dso linking issues found by fedora 13 linking
problems linking with -z defs
389 DS segfaults on libsyntax-plugin.so - part 1
389 DS segfaults on libsyntax-plugin.so - part 2
389 DS segfaults on libsyntax-plugin.so - part 3
Bug 460162 - FedoraDS "with-FHS" installs init.d StartupScript in wrong location on non-RHEL/Fedora OS
Bug 568196 - Install DS8.2 on Solaris fails
Bug 568196 - Install DS8.2 on Solaris fails - part 2
Bug 551198 - LDAPI: incorrect logging to access log
bump version to 1.2.6.a3
fix various memory leaks
Bug 551198 - LDAPI: incorrect logging to access log - part 2
Bug 554573 - ACIs use bind DN from bind req rather than cert mapped DN from sasl/external
cleanup build warnings
Bug 571514 - upgrade to 1.2.6 should upgrade 05rfc4523.ldif (cert schema)
Bug 570905 - postalAddress syntax should allow empty lines (should allow $$)
Add support for additional schema/matching rules included with 389
Bug 572677 - Memory leak in searches including GER control
Bug 571677 - Busy replica on consumers when directly deleting a replication conflict
Bug 576074 - search filters with parentheses fail
Bug 567429 - slapd didn't close connection and get into CLOSE_WAIT state
Bug 578167 - repl. of mod/replace deletes multi-valued attrs
Bug 561575 - setup-ds-admin fails to supply nsds5ReplicaName when configuring via ConfigFile
Bug 572162 - the string "|*" within a search filter on a non-indexed attribute returns all elements.
Bug 576644 - segfault while multimaster replication (paired node won't find deleted entries)
start of 1.2.6.a4
Bug 572018 - Upgrading from 1.2.5 to 1.2.6.a2 deletes userRoot
Fix too few args for format warning in acllas
Bug 586571 - DS Console shows escaped DNs
Bug 591685 - Server instances Fail to Start on Solaris due to Library Path and pcre
bump console version to 1.2.3
Repl Session API needs to check for NULL api before init
Bug 593392 - setup-ds-admin.pl -k creates world readable file
Bug 595874 - 99user.ldif getting overpopulated
bump version to 1.2.6.a5
bump version to 1.2.6.rc1
bump version to 1.2.6.rc2
bump version to 1.2.6.rc3
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 604453 - SASL Stress and Server crash: Program quits with the assertion failure in PR_Poll
Bug 603942 - null deref in _ger_parse_control() for subjectdn
bump version to 1.2.6.rc4
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 602530 - coverity: op_shared_modify: compare pre, post and original entries before freeing them
Bug 602531 - coverity: op_shared_delete: compare preop entry and GLUE_PARENT_ENTRY before freeing them
Bug 609590 - fix coverity Defect Type: Memory - corruptions issues
Bug 610177 - fix coverity Defect Type: Uninitialized variables issues
Bug 610276 - fix coverity Defect Type: API usage errors issues
Bug 611850 - fix coverity Defect Type: Error handling issues
Bug 614242 - C99/ANSI C++ related compile errors on HP-UX
Bug 547503 - replication broken again, with 389 MMR replication and TCP errors
Bug 617013 - repl-monitor.pl use cpu upto 90%
fix build failures due to libtool problems
Bug 617629 - Missing aliases in new schema files
Bug 617862 - Replication: Unable to delete tombstone errors
bump version to 1.2.7.a1
Bug 610281 - fix coverity Defect Type: Control flow issues - daemon.c:write_function()
Bug 610281 - fix coverity Defect Type: Control flow issues - last repl init status
postalAddress syntax does not accept empty values
ger should support both "dn" and "distinguishedName"
openldap - ldap_url_parse_ext is not part of the public api
fix memleak in ldbm_config_read_instance_entries
Add -x option to ldap tools when using openldap
openldap - add support for missing controls, add ldif api, fix NSS usage
port client tools to use openldap API
use the mozldap versions of the proxy auth control create function
document slapi wrappers for openldap/mozldap functions that differ
fix some compiler warnings
use strcasecmp with ptype and type->bv_val
ber_printf 'o' cannot handle NULL bv_val
fix the url_parse logic when looking for a missing suffix DN
openldap ldapsearch uses -LLL to suppress # version: N
add ldaptool_opts for the non BUNDLE case in Makefile.am
openldap ldapsearch returns empty line at end of LDIF output
have to use LDAP_OPT_X_TLS_NEVER to defeat cert hostname checking
openldap_read_function needs to set EWOULDBLOCK if the buffer is empty
do not terminate unwrapped LDIF line with another newline
slapi_ldap_url_parse must handle multiple host:port in url
convert mozldap host list to openldap uri list
move the out pointer back if continuation lines were removed
check src < *out only; only check for \nspace if src < *out - 2
use slapi_ldap_url_parse in the acl code
do not un-null-terminate normalized DN until new url is constructed
implement slapi_ldap_explode_dn and slapi_ldap_explode_rdn
use slapi_pblock_set to set the ldap result code for the be postop plugins
pass the string copy to slapi_dn_normalize_original
bug 614511 - fix coverity null reference - revert macro aci $dn logic
fix compiler warnings - unused vars/funcs, invalid casts
use slapi_mods_init_passin/get_ldapmods_passout if modifying the smods
Have to explicitly set protocol version to 3
Only check modrdn ops for backend/suffix correctness if not the default backend
Bug 634561 - Server crushes when using Windows Sync Agreement
openldap ber_init will assert if the bv->bv_val is NULL
add the account policy plugin and related server code, schema, and config
fix pblock memory leak
do not register pre/post op plugins if disabled
add support for global inactivity limit
fix typos in Makefile.am, acctpolicy schema
bump version to 1.2.7.a2
remove extra format argument; use %lu for size_t printf format
Bug 644013 - uniqueness plugin segfault bug
bump version to 1.2.7.a3
bump to 1.2.7.a4
bump version to 1.2.7.a5
put replication config entries in separate file
bump version to 1.2.7.a6
bump version to 1.2.7.1
bump version to 1.2.7.2
bump version to 1.2.7.3
bump version to 1.2.7.4
Bug 515329 - Multiple mods in one operation can result in an inconsistent replica
bump version to 1.2.8.a1
Bug 642046 - Segfault when using SASL/GSSAPI multimaster replication, possible krb5_creds doublefree
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 622907 - support piped passwords to perl-based maintenance commands
Bug 624485 - setup dsktune check step should default to "yes" if no problems found
Bug 576534 - Password displayed on console when entered in command-line utilities
Bug 667935 - DS pipe log script's logregex.py plugin is not redirecting the log output to the text file
bump version to 1.2.8.a2
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 676689 - crash while adding a new user to be synced to windows
Bug 675113 - ns-slapd core dump in windows_tot_run if oneway sync is used
Bug 677440 - clean up compiler warnings in 389-ds-base 1.2.8
Bug 677774 - DS fails to start after reboot
Bug 666076 - dirsrv crash (1.2.7.5) with multiple simple paged result searches
Bug 675320 - empty modify operation with repl on or lastmod off will crash server
bump version to 1.2.9.a1 - console version to 1.2.4
Bug 677705 - ds-logpipe.py script is failing to validate "-s" and "--serverpid" options with "-t".
Bug 676655 - winsync stops working after server restart
Bug 680555 - ns-slapd segfaults if I have more than 100 DBs
Bug 514190 - setup-ds-admin.pl --debug does not log to file
Bug 518890 - setup-ds-admin.pl - improve hostname validation
Bug 644784 - Memory leak in "testbind.c" plugin
Bug 683250 - slapd crashing when traffic replayed
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10690 #10689 attrcrypt_get_ssl_cert_name() - fix coverity resource leak issues
Bug 690584 - #10688 - dblayer_make_env - fix coverity resource leak issues
Bug 690584 - #10669 #10668 cl5ImportLDIF - fix coverity resource leak issues
Bug 690584 - #10658 linked_attrs_pre_op - fix coverity resource leak issues
Bug 690584 - #10655 acllas__handle_group_entry - fix coverity resource leak issues
Bug 690584 - #10654 #10653 str2entry_dupcheck - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 690584 - #10643 hash_rootpw - fix coverity resource leak issues
Bug 690584 - #10641 reslimit_bv2int - fix coverity resource leak issues
Bug 691422 - sdt_destroy - fix coverity control flow issues
Bug 691422 - ldbm_back_upgradedb - fix coverity control flow issues
Bug 691422 - csnplFree - fix coverity control flow issues
Bug 691422 - SetUnicodeStringFromUTF_8 - fix coverity control flow issues
Bug 691422 - cl5DeleteRUV - fix coverity control flow issues
Bug 691422 - acl_read_access_allowed_on_entry - fix coverity control flow issues
Bug 691422 - search_internal_callback_pb - fix coverity control flow issues
Bug 691422 - cl5WriteRUV - fix coverity control flow issues
Bug 691422 - windows_replay_update - fix coverity control flow issues
Bug 690584 - #10691 ldbm_back_init() - fix coverity resource leak issues
Bug 690584 - #10652 #10651 #10650 #10649 #10648 #10647 send_specific_attrs send_all_attrs - fix coverity resource leak issues
Bug 668385 - DS pipe log script is executed as many times as the dirsrv service is restarted
Bug 692937 - Replica install fails after step for "enable GSSAPI for replication"
Bug 692331 - Segfault on index update during full replication push on 1.2.7.5
Bug 693451 - cannot use localized matching rules
Bug 693455 - nsMatchingRule does not work with multiple values
Bug 693503 - matching rules do not inherit from superior attribute type
Bug 693466 - Unable to change schema online
Bug 692991 - rhds82 - windows_tot_run: failed to obtain data to send to the consumer; LDAP error - -1
Bug 693473 - rhds82 rfe - windows_tot_run to log Sizelimit exceeded instead of LDAP error - -1
Bug 693962 - Full replica push loses some entries with multi-valued RDNs
Bug 694336 - Group sync hangs Windows initial Sync
Bug 700145 - userpasswd not replicating
Bug 703990 - Support upgrade from Red Hat Directory Server
bump console version to 1.2.5
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 703990 - Support upgrade from Red Hat Directory Server
Bug 707015 - Cannot disable SSLv3 and use TLS only
bump version to 1.2.9.a2
Bug 707384 - only allow FIPS approved cipher suites in FIPS mode
Bug 711906 - ns-slapd segfaults using suffix referrals
Bug 706209 - LEGAL: RHEL6.1 License issue for 389-ds-base package
Bug 703703 - setup-ds-admin.pl asks for legal agreement to a non-existant file
Bug 711679 - unresponsive LDAP service when deleting vlv on replica
bump console version to 1.2.6
Bug 697694 - rhds82 - incr update state stop_fatal_error "requires administrator action", with extop_result: 9
Bug 716980 - winsync uses old AD entry if new one not found
add support for ldif files with changetype: add
writing Inf file shows SchemaFile = ARRAY(0xhexnum)
look for separate openldap ldif library
bump version to 1.2.9.a3
Bug 709468 - RSA Authentication Server timeouts when using simple paged results on RHDS 8.2.
Bug 720059 - RDN with % can cause crashes or missing entries
bump version to 1.2.9.0
Bug 725542 - Instance upgrade fails when upgrading 389-ds-base package
Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry contains a comma
Bug 723937 - replication failing on RUV errors
bump version to 1.2.9.1
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.2
Bug 727511 - ldclt SSL search requests are failing with "illegal error numbe
bump version to 1.2.9.3
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.4
Bug 727511 - ldclt SSL search requests are failing with "illegal error number -1" error
bump version to 1.2.9.5
Bug 729378 - delete user subtree container in AD + modify password in DS == DS crash
Bug 723937 - replication failing on RUV errors
Bug 729369 - upgrade DB to upgrade from entrydn to entryrdn format is not working.
make sure the DBVERSION file ends in a newline
bump version to 1.2.10.a1
Bug 633803 - passwordisglobalpolicy attribute brakes TLS chaining
Bug 733103 - large targetattr list with syntax errors cause server to crash or hang
Bug 703990 - cross-platform - Support upgrade from Red Hat Directory Server
Bug 735121 - simple paged search + ip/dns based ACI hangs server
Bug 695736 - Providing native systemd file for upcoming F15 Feature Systemd
Bug 590826 - Reloading database from ldif causes changelog to emit "data no longer matches" errors
Bug 736712 - Modifying ruv entry deadlocks server
Add support for pre/post db transaction plugins
Make all backend operations transaction aware
Bug 741744 - MOD operations with chained delete/add get back error 53 on backend config
Bug 742324 - allow nsslapd-idlistscanlimit to be set dynamically and per-user
Bug 741744 - part2 - MOD operations with chained delete/add get back error 53 on backend config
Bug 740942 - allow resource limits to be set for paged searches independently of limits for other searches/operations
bump version to 1.2.10.a2
bump version to 1.2.10.a3
fix transaction support in ldbm_delete
bump version to 1.2.10.a4
set the ENTRY_POST_OP for modrdn betxnpostoperation plugins
pass the plugin config entry to the plugin init function
make memberof transaction aware and able to be a betxnpostoperation plugin
Bug 741744 - part3 - MOD operations with chained delete/add get back error 53
bump version to 1.2.10.a5
Change referential integrity to be a betxnpostoperation plugin
Use new PLUGIN_CONFIG_ENTRY feature to allow switching between txn and regular
Bug 748575 - rhds81 modrn operation and 100% cpu use in replication
Bug 748575 - part 2 - rhds81 modrdn operation and 100% cpu use in replication
Bug 751495 - 'setup-ds.pl -u' fails with undefined routine 'updateSystemD'
bump version to 1.2.10.a6
Bug 751645 - crash when simple paged fails to send entry to client
csn_as_string - use slapi_uN_to_hex instead of sprintf
uniqueid formatting - use slapi_u8_to_hex instead of sprintf
fix member variable name error in slapi_uniqueIDFormat
reduce calls to csn_as_string and slapi_log_error
csn_init_as_string should not use sscanf
use slapi_hexchar2int and slapi_str_to_u8 everywhere
Bug 755754 - Unable to start dirsrv service using systemd
Bug 755725 - 389 programs linked against openldap crash during shutdown
Ticket 1 - pre-normalize filter and pre-compile substring regex - and other optimizations
Ticket #162 - Infinite loop / spin inside strcmpi_fast, acl_read_access_allowed_on_attr, server DoS
bak2db gets stuck in infinite loop
Ticket #256 - debug build assertion in ACL_EvalDestroy()
bump version to 1.2.10.a7
Ticket #167 - Mixing transaction and non-transaction plugins can cause deadlock
fix mep sdn compiler warnings
add a hack to disable sasl hostname canonicalization - helps with testing when you don't want to set up correct host name resolution and/or cannot set the default system hostname
Ticket #12 - 389 DS DNA Plugin / Replication failing on GSSAPI
Ticket #257 - repl-monitor doesn't work if leftmost hostnames are the same
fix recent compiler warnings
Ticket #15 - Get rid of rwlock.h/rwlock.c and just use slapi_rwlock instead
fix compiler warnings
Remove redundant code - make a global into a static
Ticket #262 - pid file not removed with systemd
fix mozldap build issues
Ticket #264 - upgrade needs better check for "server is running"
Ticket #263 - add systemd include directive
bump version to 1.2.10.rc1
change version to 1.2.10.a8
Ticket #272 - add tombstonenumsubordinates to schema
bump version to 1.2.10.rc1
Ticket #161 - Review and address latest Coverity issues
Ticket #22 - RFE: Support sendmail LDAP routing schema
Ticket #29 - Samba3-schema is missing sambaTrustedDomainPassword
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
Ticket #273 - ruv tombstone searches don't work after reindex entryrdn
fix a couple of minor coverity issues
Ticket #87 - Manpages fixes
Ticket #13 - slapd process exits when put the database on read only mode while updates are coming to the server
Ticket #55 - Limit of 1024 characters for nsMatchingRule
Ticket #277 - cannot set repl referrals or state
Ticket #278 - Schema replication update failed: Invalid syntax
Ticket #277 - cannot set repl referrals or state
Ticket #279 - filter normalization does not use matching rules
Ticket #280 - extensible binary filters do not work
Ticket #281 - TLS not working with latest openldap
coverity 12488 Resource leak In attr_index_config(): Leak of memory or pointers to system resources
bump version to 1.2.10.rc2
fix compiler warning in acct policy plugin
bump version to 1.2.11.a1
Ticket #294 - 389 DS Segfaults during replica install in FreeIPA
coverity uninit var and resource leak
Revert "Ticket #111 - ability to control behavior of modifyTimestamp/modifiersName"
Revert "Ticket #167 - Mixing transaction and non-transaction plugins can cause deadlock"
Revert "Change referential integrity to be a betxnpostoperation plugin"
Revert "make memberof transaction aware and able to be a betxnpostoperation plugin"
Revert "pass the plugin config entry to the plugin init function"
coverity 12559 Uninitialized pointer read In ldbm_back_modify(): Reads an uninitialized pointer or its target
Ticket #281 - TLS not working with latest openldap
Trac Ticket #298 - crash when replicating orphaned tombstone entry
Ticket #301 - implement transaction support using thread local storage
init txn thread private data for all database modes
handle null smods
memleak in mep_parse_config_entry
memleak in normalize_mods2bvals
destroy the entry cache and dn cache in the dse post op delete callback
Ticket #289 - allow betxn plugin config changes
coverity 12563 Read from pointer after free
Ticket 317 - RHDS fractional replication with excluded password policy attributes leads to wrong error messages.
Ticket #305 - Certain CMP operations hang or cause ns-slapd to crash
Ticket #320 - allow most plugins to be betxn plugins
Ticket #324 - Sync with group attribute containing () fails
Ticket #324 - redux: Sync with group attribute containing () fails
Ticket #316 and Ticket #70 - add post add/mod and AD add callback hooks
Ticket #261 - Add Solaris i386
Ticket #331 - transaction errors with db 4.3 and db 4.2
schema def must have DESC '' - close paren must be preceded by space
Ticket #336 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
Ticket #336 - [abrt] 389-ds-base-1.2.10.4-2.fc16: index_range_read_ext: Process /usr/sbin/ns-slapd was killed by signal 11 (SIGSEGV)
Ticket #347 - IPA dirsvr seg-fault during system longevity test
Ticket #348 - crash in ldap_initialize with multiple threads
Ticket #351 - use betxn plugins by default
Ticket #353 - coverity 12625-12629 - leaks, dead code, unchecked return
Ticket #348 - crash in ldap_initialize with multiple threads
Ticket #351 - use betxn plugins by default
bump version to 1.3.0.a1
Ticket #358 - managed entry doesn't delete linked entry
Trac Ticket #359 - Database RUV could mismatch the one in changelog under the stress
console .2 is still compatible with 389 .3 for now
Ticket #321 - krbExtraData is being null modified and replicated on each ssh login
Ticket #360 - ldapmodify returns Operations error
Ticket #382 - DS Shuts down intermittently
Ticket #383 - usn + mmr = deletions are not replicated
Ticket #389 - ADD operations not in audit log
Ticket #360 - ldapmodify returns Operations error - fix delete caching
fix coverity issues with uninit vals, no return checking
Ticket #360 - ldapmodify returns Operations error - fix delete caching
improve txn test index handling
Ticket #387 - managed entry sometimes doesn't delete the managed entry
Ticket #387 - managed entry sometimes doesn't delete the managed entry
Ticket 378 - unhashed#user#password visible after changing password
Ticket #405 - referint modrdn not working if case is different
Ticket #406 - Impossible to rename entry (modrdn) with Attribute Uniqueness plugin enabled
Ticket #410 - Referential integrity plug-in does not work when update interval is not zero
Ticket #425 - support multiple winsync plugins
Ticket #430 - server to server ssl client auth broken with latest openldap
Ticket #426 - support posix schema for user and group sync
coverity - mbo dead code - winsync leaks, deadcode, null check, test code
Ticket #355 - winsync should not delete entry that appears to be out of scope
Ticket #440 - periodic dirsync timed event causes server to loop repeatedly
fix mem leaks with parent dn log message, setting winsync windows domain
coverity - posix winsync mem leaks, null check, deadcode, null ref, use after free
fix coverity resource leak in windows_plugin_add
Ticket #426 - support posix schema for user and group sync
Ticket #374 - consumer can go into total update mode for no reason
Ticket #461 - fix build problem with mozldap c sdk
Ticket #462 - add test for include file mntent.h
Ticket #463 - different parameters of getmntent in Solaris
add eclipse generated files to the ignore list
fix compiler warnings in ticket 374 code
nturpin (1):
Ticket #3: acl cache overflown problem
root (4):
Bug 480787 - Autoconf parameter --with and --without
Ticket #326 - MemberOf plugin should work on all backends
Ticket #337 - RFE - Improve CLEANRUV functionality
Ticket #216 - RFE - Disable replication agreements
---
.gitignore | 5
Makefile.am | 303
Makefile.in | 5404 -
README | 11
VERSION.sh | 8
aclocal.m4 | 6996 -
compile | 21
config.guess | 302
config.h.in | 34
config.sub | 232
configure |42846 +++++-------
configure.ac | 214
depcomp | 172
dirsrv.pc.in | 7
include/base/dbtbase.h | 2
include/base/file.h | 3
include/base/lexer.h | 126
include/base/rwlock.h | 91
include/i18n.h | 115
include/ldaputil/ldaputil.h | 10
include/libaccess/aclerror.h | 1
include/libaccess/aclproto.h | 15
include/libaccess/aclstruct.h | 2
include/libaccess/dbtlibaccess.h | 3
include/public/nsacl/aclapi.h | 7
install-sh | 517
ldap/admin/src/base-initconfig.in | 44
ldap/admin/src/initconfig.in | 37
ldap/admin/src/logconv.pl | 1064
ldap/admin/src/scripts/10cleanupldapi.pl | 23
ldap/admin/src/scripts/10fixrundir.pl | 11
ldap/admin/src/scripts/50acctusabilityplugin.ldif | 21
ldap/admin/src/scripts/50automemberplugin.ldif | 15
ldap/admin/src/scripts/50fixNsState.pl | 240
ldap/admin/src/scripts/50managedentriesplugin.ldif | 16
ldap/admin/src/scripts/50refintprecedence.ldif | 4
ldap/admin/src/scripts/50smd5pwdstorageplugin.ldif | 5
ldap/admin/src/scripts/60upgradeschemafiles.pl | 2
ldap/admin/src/scripts/70upgradefromldif.pl | 108
ldap/admin/src/scripts/80upgradednformat.pl | 206
ldap/admin/src/scripts/81changelog.pl | 34
ldap/admin/src/scripts/90subtreerename.pl | 21
ldap/admin/src/scripts/91subtreereindex.pl | 148
ldap/admin/src/scripts/DSCreate.pm.in | 341
ldap/admin/src/scripts/DSDialogs.pm | 6
ldap/admin/src/scripts/DSMigration.pm.in | 47
ldap/admin/src/scripts/DSUpdate.pm.in | 50
ldap/admin/src/scripts/DSUtil.pm.in | 329
ldap/admin/src/scripts/DialogManager.pm | 241
ldap/admin/src/scripts/DialogManager.pm.in | 241
ldap/admin/src/scripts/Inf.pm | 67
ldap/admin/src/scripts/Migration.pm.in | 20
ldap/admin/src/scripts/Setup.pm.in | 20
ldap/admin/src/scripts/SetupDialogs.pm.in | 31
ldap/admin/src/scripts/SetupLog.pm | 8
ldap/admin/src/scripts/dnaplugindepends.ldif | 3
ldap/admin/src/scripts/ds-logpipe.py | 223
ldap/admin/src/scripts/exampleupdate.ldif | 2
ldap/admin/src/scripts/exampleupdate.sh | 10
ldap/admin/src/scripts/logregex.py | 16
ldap/admin/src/scripts/migrate-ds.pl.in | 13
ldap/admin/src/scripts/remove-ds.pl.in | 30
ldap/admin/src/scripts/repl-monitor.pl.in | 86
ldap/admin/src/scripts/restart-dirsrv.in | 25
ldap/admin/src/scripts/setup-ds.pl.in | 7
ldap/admin/src/scripts/setup-ds.res.in | 35
ldap/admin/src/scripts/start-dirsrv.in | 43
ldap/admin/src/scripts/stop-dirsrv.in | 27
ldap/admin/src/scripts/template-bak2db.in | 49
ldap/admin/src/scripts/template-bak2db.pl.in | 29
ldap/admin/src/scripts/template-cleanallruv.pl.in | 186
ldap/admin/src/scripts/template-db2bak.in | 53
ldap/admin/src/scripts/template-db2bak.pl.in | 29
ldap/admin/src/scripts/template-db2index.in | 16
ldap/admin/src/scripts/template-db2index.pl.in | 118
ldap/admin/src/scripts/template-db2ldif.in | 15
ldap/admin/src/scripts/template-db2ldif.pl.in | 29
ldap/admin/src/scripts/template-dbverify.in | 15
ldap/admin/src/scripts/template-dn2rdn.in | 25
ldap/admin/src/scripts/template-fixup-linkedattrs.pl.in | 29
ldap/admin/src/scripts/template-fixup-memberof.pl.in | 29
ldap/admin/src/scripts/template-ldif2db.in | 15
ldap/admin/src/scripts/template-ldif2db.pl.in | 29
ldap/admin/src/scripts/template-ldif2ldap.in | 19
ldap/admin/src/scripts/template-monitor.in | 19
ldap/admin/src/scripts/template-ns-accountstatus.pl.in | 33
ldap/admin/src/scripts/template-ns-activate.pl.in | 33
ldap/admin/src/scripts/template-ns-inactivate.pl.in | 33
ldap/admin/src/scripts/template-ns-newpwpolicy.pl.in | 47
ldap/admin/src/scripts/template-restart-slapd.in | 2
ldap/admin/src/scripts/template-restoreconfig.in | 15
ldap/admin/src/scripts/template-saveconfig.in | 15
ldap/admin/src/scripts/template-schema-reload.pl.in | 29
ldap/admin/src/scripts/template-start-slapd.in | 3
ldap/admin/src/scripts/template-stop-slapd.in | 2
ldap/admin/src/scripts/template-suffix2instance.in | 15
ldap/admin/src/scripts/template-syntax-validate.pl.in | 29
ldap/admin/src/scripts/template-upgradedb.in | 15
ldap/admin/src/scripts/template-upgradednformat.in | 63
ldap/admin/src/scripts/template-usn-tombstone-cleanup.pl.in | 29
ldap/admin/src/scripts/template-verify-db.pl.in | 19
ldap/admin/src/scripts/template-vlvindex.in | 15
ldap/admin/src/slapd.inf.in | 2
ldap/admin/src/template-initconfig.in | 18
ldap/docs/LICENSE.txt | 132
ldap/docs/README.txt | 11
ldap/include/ldaplog.h | 32
ldap/ldif/50posix-winsync-plugin.ldif | 20
ldap/ldif/50replication-plugins.ldif | 27
ldap/ldif/template-baseacis.ldif.in | 2
ldap/ldif/template-bitwise.ldif.in | 6
ldap/ldif/template-dnaplugin.ldif.in | 2
ldap/ldif/template-dse.ldif.in | 124
ldap/ldif/template-pampta.ldif.in | 2
ldap/ldif/template-suffix-db.ldif.in | 1
ldap/schema/00core.ldif | 72
ldap/schema/01core389.ldif | 25
ldap/schema/02common.ldif | 16
ldap/schema/05rfc4523.ldif | 14
ldap/schema/05rfc4524.ldif | 30
ldap/schema/06inetorgperson.ldif | 5
ldap/schema/10automember-plugin.ldif | 123
ldap/schema/10dna-plugin.ldif | 204
ldap/schema/10mep-plugin.ldif | 104
ldap/schema/30ns-common.ldif | 4
ldap/schema/50ns-directory.ldif | 4
ldap/schema/60acctpolicy.ldif | 47
ldap/schema/60nis.ldif | 2
ldap/schema/60pam-plugin.ldif | 3
ldap/schema/60qmail.ldif | 24
ldap/schema/60sabayon.ldif | 10
ldap/schema/60samba3.ldif | 34
ldap/schema/60sendmail.ldif | 54
ldap/schema/60sudo.ldif | 58
ldap/servers/plugins/acct_usability/acct_usability.c | 464
ldap/servers/plugins/acct_usability/acct_usability.h | 63
ldap/servers/plugins/acctpolicy/acct_config.c | 143
ldap/servers/plugins/acctpolicy/acct_init.c | 191
ldap/servers/plugins/acctpolicy/acct_plugin.c | 313
ldap/servers/plugins/acctpolicy/acct_util.c | 257
ldap/servers/plugins/acctpolicy/acctpolicy.h | 81
ldap/servers/plugins/acctpolicy/sampleconfig.ldif | 40
ldap/servers/plugins/acctpolicy/samplepolicy.ldif | 27
ldap/servers/plugins/acl/acl.c | 316
ldap/servers/plugins/acl/acl.h | 48
ldap/servers/plugins/acl/acl_ext.c | 152
ldap/servers/plugins/acl/aclanom.c | 24
ldap/servers/plugins/acl/acleffectiverights.c | 126
ldap/servers/plugins/acl/aclgroup.c | 21
ldap/servers/plugins/acl/aclinit.c | 2
ldap/servers/plugins/acl/acllas.c | 472
ldap/servers/plugins/acl/acllist.c | 123
ldap/servers/plugins/acl/aclparse.c | 615
ldap/servers/plugins/acl/aclplugin.c | 37
ldap/servers/plugins/acl/aclproxy.c | 232
ldap/servers/plugins/acl/aclutil.c | 117
ldap/servers/plugins/automember/automember.c | 2664
ldap/servers/plugins/automember/automember.h | 134
ldap/servers/plugins/bitwise/bitwise.c | 23
ldap/servers/plugins/chainingdb/cb.h | 8
ldap/servers/plugins/chainingdb/cb_add.c | 105
ldap/servers/plugins/chainingdb/cb_bind.c | 196
ldap/servers/plugins/chainingdb/cb_compare.c | 101
ldap/servers/plugins/chainingdb/cb_config.c | 34
ldap/servers/plugins/chainingdb/cb_conn_stateless.c | 102
ldap/servers/plugins/chainingdb/cb_controls.c | 36
ldap/servers/plugins/chainingdb/cb_delete.c | 125
ldap/servers/plugins/chainingdb/cb_init.c | 6
ldap/servers/plugins/chainingdb/cb_instance.c | 507
ldap/servers/plugins/chainingdb/cb_modify.c | 133
ldap/servers/plugins/chainingdb/cb_modrdn.c | 176
ldap/servers/plugins/chainingdb/cb_monitor.c | 6
ldap/servers/plugins/chainingdb/cb_schema.c | 4
ldap/servers/plugins/chainingdb/cb_search.c | 223
ldap/servers/plugins/chainingdb/cb_utils.c | 15
ldap/servers/plugins/collation/collate.c | 24
ldap/servers/plugins/collation/orfilter.c | 19
ldap/servers/plugins/cos/cos.c | 80
ldap/servers/plugins/cos/cos_cache.c | 841
ldap/servers/plugins/cos/cos_cache.h | 1
ldap/servers/plugins/deref/deref.c | 15
ldap/servers/plugins/dna/dna.c | 1785
ldap/servers/plugins/http/http_impl.c | 81
ldap/servers/plugins/linkedattrs/fixup_task.c | 119
ldap/servers/plugins/linkedattrs/linked_attrs.c | 237
ldap/servers/plugins/linkedattrs/linked_attrs.h | 7
ldap/servers/plugins/memberof/memberof.c | 1148
ldap/servers/plugins/memberof/memberof.h | 11
ldap/servers/plugins/memberof/memberof_config.c | 275
ldap/servers/plugins/mep/mep.c | 2837
ldap/servers/plugins/mep/mep.h | 130
ldap/servers/plugins/pam_passthru/pam_passthru.h | 49
ldap/servers/plugins/pam_passthru/pam_ptconfig.c | 715
ldap/servers/plugins/pam_passthru/pam_ptimpl.c | 79
ldap/servers/plugins/pam_passthru/pam_ptpreop.c | 683
ldap/servers/plugins/passthru/passthru.h | 4
ldap/servers/plugins/passthru/ptbind.c | 6
ldap/servers/plugins/passthru/ptconfig.c | 43
ldap/servers/plugins/passthru/ptconn.c | 8
ldap/servers/plugins/passthru/ptpreop.c | 17
ldap/servers/plugins/posix-winsync/README | 50
ldap/servers/plugins/posix-winsync/posix-group-func.c | 484
ldap/servers/plugins/posix-winsync/posix-group-func.h | 21
ldap/servers/plugins/posix-winsync/posix-group-task.c | 303
ldap/servers/plugins/posix-winsync/posix-winsync-config.c | 286
ldap/servers/plugins/posix-winsync/posix-winsync.c | 1700
ldap/servers/plugins/posix-winsync/posix-wsp-ident.h | 51
ldap/servers/plugins/pwdstorage/smd5_pwd.c | 9
ldap/servers/plugins/referint/referint.c | 1503
ldap/servers/plugins/replication/cl4_api.c | 2
ldap/servers/plugins/replication/cl5.h | 1
ldap/servers/plugins/replication/cl5_api.c | 2712
ldap/servers/plugins/replication/cl5_api.h | 122
ldap/servers/plugins/replication/cl5_clcache.c | 71
ldap/servers/plugins/replication/cl5_clcache.h | 2
ldap/servers/plugins/replication/cl5_config.c | 247
ldap/servers/plugins/replication/cl5_init.c | 2
ldap/servers/plugins/replication/cl5_test.c | 2
ldap/servers/plugins/replication/cl_crypt.c | 203
ldap/servers/plugins/replication/cl_crypt.h | 53
ldap/servers/plugins/replication/csnpl.c | 74
ldap/servers/plugins/replication/legacy_consumer.c | 31
ldap/servers/plugins/replication/llist.c | 8
ldap/servers/plugins/replication/repl-session-plugin.h | 119
ldap/servers/plugins/replication/repl.h | 16
ldap/servers/plugins/replication/repl5.h | 146
ldap/servers/plugins/replication/repl5_agmt.c | 643
ldap/servers/plugins/replication/repl5_agmtlist.c | 132
ldap/servers/plugins/replication/repl5_connection.c | 194
ldap/servers/plugins/replication/repl5_inc_protocol.c | 1317
ldap/servers/plugins/replication/repl5_init.c | 298
ldap/servers/plugins/replication/repl5_mtnode_ext.c | 13
ldap/servers/plugins/replication/repl5_plugins.c | 362
ldap/servers/plugins/replication/repl5_prot_private.h | 4
ldap/servers/plugins/replication/repl5_protocol.c | 107
ldap/servers/plugins/replication/repl5_protocol_util.c | 563
ldap/servers/plugins/replication/repl5_replica.c | 876
ldap/servers/plugins/replication/repl5_replica_config.c | 2261
ldap/servers/plugins/replication/repl5_replica_dnhash.c | 26
ldap/servers/plugins/replication/repl5_replica_hash.c | 30
ldap/servers/plugins/replication/repl5_ruv.c | 525
ldap/servers/plugins/replication/repl5_ruv.h | 20
ldap/servers/plugins/replication/repl5_tot_protocol.c | 34
ldap/servers/plugins/replication/repl5_total.c | 22
ldap/servers/plugins/replication/repl5_updatedn_list.c | 2
ldap/servers/plugins/replication/repl_bind.c | 7
ldap/servers/plugins/replication/repl_compare.c | 18
ldap/servers/plugins/replication/repl_connext.c | 158
ldap/servers/plugins/replication/repl_controls.c | 2
ldap/servers/plugins/replication/repl_extop.c | 760
ldap/servers/plugins/replication/repl_globals.c | 10
ldap/servers/plugins/replication/repl_init.c | 1
ldap/servers/plugins/replication/repl_objset.c | 9
ldap/servers/plugins/replication/repl_session_plugin.c | 188
ldap/servers/plugins/replication/repl_shared.h | 17
ldap/servers/plugins/replication/replutil.c | 112
ldap/servers/plugins/replication/test_repl_session_plugin.c | 335
ldap/servers/plugins/replication/urp.c | 185
ldap/servers/plugins/replication/urp.h | 3
ldap/servers/plugins/replication/urp_glue.c | 9
ldap/servers/plugins/replication/urp_tombstone.c | 9
ldap/servers/plugins/replication/windows_connection.c | 165
ldap/servers/plugins/replication/windows_inc_protocol.c | 62
ldap/servers/plugins/replication/windows_private.c | 1625
ldap/servers/plugins/replication/windows_protocol_util.c | 1220
ldap/servers/plugins/replication/windows_tot_protocol.c | 132
ldap/servers/plugins/replication/windowsrepl.h | 60
ldap/servers/plugins/replication/winsync-plugin.h | 495
ldap/servers/plugins/retrocl/retrocl.c | 51
ldap/servers/plugins/retrocl/retrocl.h | 2
ldap/servers/plugins/retrocl/retrocl_create.c | 13
ldap/servers/plugins/retrocl/retrocl_po.c | 20
ldap/servers/plugins/retrocl/retrocl_trim.c | 20
ldap/servers/plugins/rever/des.c | 72
ldap/servers/plugins/rever/rever.c | 8
ldap/servers/plugins/roles/roles_cache.c | 128
ldap/servers/plugins/roles/roles_plugin.c | 52
ldap/servers/plugins/rootdn_access/rootdn_access.c | 701
ldap/servers/plugins/rootdn_access/rootdn_access.h | 57
ldap/servers/plugins/schema_reload/schema_reload.c | 63
ldap/servers/plugins/shared/plugin-utils.h | 112
ldap/servers/plugins/shared/utils.c | 508
ldap/servers/plugins/statechange/statechange.c | 55
ldap/servers/plugins/syntaxes/bin.c | 142
ldap/servers/plugins/syntaxes/bitstring.c | 68
ldap/servers/plugins/syntaxes/ces.c | 172
ldap/servers/plugins/syntaxes/cis.c | 321
ldap/servers/plugins/syntaxes/deliverymethod.c | 32
ldap/servers/plugins/syntaxes/dn.c | 72
ldap/servers/plugins/syntaxes/facsimile.c | 32
ldap/servers/plugins/syntaxes/guide.c | 32
ldap/servers/plugins/syntaxes/int.c | 96
ldap/servers/plugins/syntaxes/nameoptuid.c | 73
ldap/servers/plugins/syntaxes/numericstring.c | 148
ldap/servers/plugins/syntaxes/sicis.c | 32
ldap/servers/plugins/syntaxes/string.c | 443
ldap/servers/plugins/syntaxes/syntax.h | 61
ldap/servers/plugins/syntaxes/syntax_common.c | 118
ldap/servers/plugins/syntaxes/tel.c | 94
ldap/servers/plugins/syntaxes/teletex.c | 32
ldap/servers/plugins/syntaxes/telex.c | 31
ldap/servers/plugins/syntaxes/validate.c | 17
ldap/servers/plugins/syntaxes/value.c | 120
ldap/servers/plugins/uiduniq/7bit.c | 76
ldap/servers/plugins/uiduniq/plugin-utils.h | 96
ldap/servers/plugins/uiduniq/uid.c | 368
ldap/servers/plugins/uiduniq/utils.c | 249
ldap/servers/plugins/usn/usn.c | 344
ldap/servers/plugins/usn/usn.h | 3
ldap/servers/plugins/usn/usn_cleanup.c | 44
ldap/servers/plugins/views/views.c | 36
ldap/servers/slapd/abandon.c | 8
ldap/servers/slapd/add.c | 357
ldap/servers/slapd/agtmmap.c | 56
ldap/servers/slapd/apibroker.c | 58
ldap/servers/slapd/attr.c | 165
ldap/servers/slapd/attrlist.c | 9
ldap/servers/slapd/attrsyntax.c | 249
ldap/servers/slapd/auditlog.c | 85
ldap/servers/slapd/auth.c | 95
ldap/servers/slapd/ava.c | 2
ldap/servers/slapd/back-ldbm/ancestorid.c | 104
ldap/servers/slapd/back-ldbm/archive.c | 91
ldap/servers/slapd/back-ldbm/back-ldbm.h | 108
ldap/servers/slapd/back-ldbm/backentry.c | 6
ldap/servers/slapd/back-ldbm/cache.c | 158
ldap/servers/slapd/back-ldbm/dbhelp.c | 18
ldap/servers/slapd/back-ldbm/dblayer.c | 2492
ldap/servers/slapd/back-ldbm/dblayer.h | 14
ldap/servers/slapd/back-ldbm/dbtest.c | 349
ldap/servers/slapd/back-ldbm/dbversion.c | 52
ldap/servers/slapd/back-ldbm/dn2entry.c | 63
ldap/servers/slapd/back-ldbm/filterindex.c | 259
ldap/servers/slapd/back-ldbm/findentry.c | 147
ldap/servers/slapd/back-ldbm/id2entry.c | 189
ldap/servers/slapd/back-ldbm/idl.c | 47
ldap/servers/slapd/back-ldbm/idl_common.c | 7
ldap/servers/slapd/back-ldbm/idl_new.c | 150
ldap/servers/slapd/back-ldbm/idl_shim.c | 17
ldap/servers/slapd/back-ldbm/import-merge.c | 28
ldap/servers/slapd/back-ldbm/import-threads.c | 1385
ldap/servers/slapd/back-ldbm/import.c | 403
ldap/servers/slapd/back-ldbm/import.h | 32
ldap/servers/slapd/back-ldbm/index.c | 346
ldap/servers/slapd/back-ldbm/init.c | 89
ldap/servers/slapd/back-ldbm/instance.c | 174
ldap/servers/slapd/back-ldbm/ldbm_add.c | 1081
ldap/servers/slapd/back-ldbm/ldbm_attr.c | 392
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c | 986
ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c | 2
ldap/servers/slapd/back-ldbm/ldbm_bind.c | 9
ldap/servers/slapd/back-ldbm/ldbm_compare.c | 9
ldap/servers/slapd/back-ldbm/ldbm_config.c | 321
ldap/servers/slapd/back-ldbm/ldbm_config.h | 9
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 980
ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c | 1582
ldap/servers/slapd/back-ldbm/ldbm_index_config.c | 668
ldap/servers/slapd/back-ldbm/ldbm_instance_config.c | 270
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 653
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 1521
ldap/servers/slapd/back-ldbm/ldbm_search.c | 427
ldap/servers/slapd/back-ldbm/ldbm_usn.c | 74
ldap/servers/slapd/back-ldbm/ldif2ldbm.c | 826
ldap/servers/slapd/back-ldbm/matchrule.c | 50
ldap/servers/slapd/back-ldbm/misc.c | 300
ldap/servers/slapd/back-ldbm/monitor.c | 40
ldap/servers/slapd/back-ldbm/nextid.c | 17
ldap/servers/slapd/back-ldbm/parents.c | 141
ldap/servers/slapd/back-ldbm/perfctrs.c | 26
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 74
ldap/servers/slapd/back-ldbm/seq.c | 3
ldap/servers/slapd/back-ldbm/sort.c | 38
ldap/servers/slapd/back-ldbm/start.c | 100
ldap/servers/slapd/back-ldbm/upgrade.c | 56
ldap/servers/slapd/back-ldbm/vlv.c | 388
ldap/servers/slapd/back-ldbm/vlv_srch.c | 17
ldap/servers/slapd/back-ldbm/vlv_srch.h | 3
ldap/servers/slapd/back-ldif/back-ldif.h | 2
ldap/servers/slapd/back-ldif/modrdn.c | 12
ldap/servers/slapd/backend.c | 100
ldap/servers/slapd/backend_manager.c | 18
ldap/servers/slapd/bind.c | 365
ldap/servers/slapd/bulk_import.c | 39
ldap/servers/slapd/charray.c | 32
ldap/servers/slapd/compare.c | 43
ldap/servers/slapd/computed.c | 36
ldap/servers/slapd/config.c | 19
ldap/servers/slapd/configdse.c | 100
ldap/servers/slapd/connection.c | 204
ldap/servers/slapd/conntable.c | 3
ldap/servers/slapd/control.c | 26
ldap/servers/slapd/csn.c | 77
ldap/servers/slapd/csngen.c | 54
ldap/servers/slapd/csnset.c | 4
ldap/servers/slapd/daemon.c | 696
ldap/servers/slapd/delete.c | 128
ldap/servers/slapd/dn.c | 1915
ldap/servers/slapd/dse.c | 785
ldap/servers/slapd/dynalib.c | 29
ldap/servers/slapd/entry.c | 1186
ldap/servers/slapd/entrywsi.c | 181
ldap/servers/slapd/eventq.c | 4
ldap/servers/slapd/extendop.c | 35
ldap/servers/slapd/factory.c | 1
ldap/servers/slapd/fe.h | 5
ldap/servers/slapd/fedse.c | 40
ldap/servers/slapd/filter.c | 194
ldap/servers/slapd/filter.h | 1
ldap/servers/slapd/filtercmp.c | 26
ldap/servers/slapd/filterentry.c | 36
ldap/servers/slapd/generation.c | 1
ldap/servers/slapd/index_subsystem.c | 28
ldap/servers/slapd/intrinsics.h | 7
ldap/servers/slapd/ldaputil.c | 911
ldap/servers/slapd/lenstr.c | 6
ldap/servers/slapd/libglobs.c | 1125
ldap/servers/slapd/libslapd.def | 5
ldap/servers/slapd/log.c | 171
ldap/servers/slapd/log.h | 20
ldap/servers/slapd/main.c | 324
ldap/servers/slapd/mapping_tree.c | 502
ldap/servers/slapd/match.c | 96
ldap/servers/slapd/modify.c | 540
ldap/servers/slapd/modrdn.c | 379
ldap/servers/slapd/modutil.c | 77
ldap/servers/slapd/operation.c | 38
ldap/servers/slapd/opshared.c | 413
ldap/servers/slapd/pagedresults.c | 625
ldap/servers/slapd/passwd_extop.c | 203
ldap/servers/slapd/pblock.c | 656
ldap/servers/slapd/plugin.c | 352
ldap/servers/slapd/plugin_acl.c | 50
ldap/servers/slapd/plugin_internal_op.c | 204
ldap/servers/slapd/plugin_mr.c | 474
ldap/servers/slapd/plugin_syntax.c | 442
ldap/servers/slapd/protect_db.c | 24
ldap/servers/slapd/protect_db.h | 7
ldap/servers/slapd/proto-slap.h | 135
ldap/servers/slapd/proxyauth.c | 246
ldap/servers/slapd/psearch.c | 76
ldap/servers/slapd/pw.c | 798
ldap/servers/slapd/pw.h | 7
ldap/servers/slapd/pw_mgmt.c | 167
ldap/servers/slapd/pw_retry.c | 121
ldap/servers/slapd/rdn.c | 141
ldap/servers/slapd/referral.c | 29
ldap/servers/slapd/regex.c | 31
ldap/servers/slapd/resourcelimit.c | 84
ldap/servers/slapd/result.c | 103
ldap/servers/slapd/rootdse.c | 12
ldap/servers/slapd/rwlock.c | 257
ldap/servers/slapd/rwlock.h | 65
ldap/servers/slapd/sasl_io.c | 167
ldap/servers/slapd/sasl_map.c | 63
ldap/servers/slapd/saslbind.c | 172
ldap/servers/slapd/schema.c | 240
ldap/servers/slapd/schemaparse.c | 13
ldap/servers/slapd/search.c | 92
ldap/servers/slapd/security_wrappers.c | 36
ldap/servers/slapd/slap.h | 266
ldap/servers/slapd/slapi-plugin-compat4.h | 6
ldap/servers/slapd/slapi-plugin.h | 1530
ldap/servers/slapd/slapi-private.h | 70
ldap/servers/slapd/slapi2nspr.c | 79
ldap/servers/slapd/slapi_counter.c | 24
ldap/servers/slapd/snmp_collator.c | 19
ldap/servers/slapd/sort.c | 9
ldap/servers/slapd/ssl.c | 328
ldap/servers/slapd/str2filter.c | 5
ldap/servers/slapd/task.c | 184
ldap/servers/slapd/test-plugins/testbind.c | 1
ldap/servers/slapd/test-plugins/testpostop.c | 1
ldap/servers/slapd/thread_data.c | 174
ldap/servers/slapd/time.c | 91
ldap/servers/slapd/tools/dbscan.c | 76
ldap/servers/slapd/tools/ldclt/data.c | 70
ldap/servers/slapd/tools/ldclt/ldapfct.c | 1149
ldap/servers/slapd/tools/ldclt/ldclt.c | 50
ldap/servers/slapd/tools/ldclt/ldclt.h | 3
ldap/servers/slapd/tools/ldclt/ldcltU.c | 24
ldap/servers/slapd/tools/ldclt/parser.c | 19
ldap/servers/slapd/tools/ldclt/scalab01.c | 190
ldap/servers/slapd/tools/ldclt/threadMain.c | 6
ldap/servers/slapd/tools/ldif.c | 4
ldap/servers/slapd/tools/mmldif.c | 9
ldap/servers/slapd/tools/pwenc.c | 2
ldap/servers/slapd/tools/rsearch/addthread.c | 51
ldap/servers/slapd/tools/rsearch/sdattable.c | 4
ldap/servers/slapd/tools/rsearch/searchthread.c | 94
ldap/servers/slapd/uniqueid.c | 99
ldap/servers/slapd/utf8compare.c | 25
ldap/servers/slapd/util.c | 663
ldap/servers/slapd/uuid.c | 22
ldap/servers/slapd/value.c | 62
ldap/servers/slapd/valueset.c | 107
ldap/servers/slapd/vattr.c | 115
ldap/servers/snmp/NETWORK-SERVICES-MIB.txt | 650
ldap/servers/snmp/RFC-1215.txt | 38
ldap/servers/snmp/RFC1155-SMI.txt | 119
ldap/servers/snmp/SNMPv2-CONF.txt | 322
ldap/servers/snmp/SNMPv2-SMI.txt | 344
ldap/servers/snmp/SNMPv2-TC.txt | 772
ldap/servers/snmp/ldap-agent.c | 26
ldap/servers/snmp/main.c | 12
ldap/servers/snmp/netscape-ldap.mib | 759
ldap/systools/idsktune.c | 100
lib/base/crit.cpp | 6
lib/base/ereport.cpp | 2
lib/base/file.cpp | 24
lib/base/lexer.cpp | 1015
lib/base/plist.cpp | 3
lib/base/pool.cpp | 10
lib/base/rwlock.cpp | 168
lib/base/util.cpp | 13
lib/ldaputil/cert.c | 4
lib/ldaputil/certmap.c | 409
lib/ldaputil/dbconf.c | 1
lib/ldaputil/utest/Makefile | 149
lib/ldaputil/utest/auth.cpp | 611
lib/ldaputil/utest/authtest | 138
lib/ldaputil/utest/certmap.conf | 68
lib/ldaputil/utest/dblist.conf | 47
lib/ldaputil/utest/example.c | 153
lib/ldaputil/utest/plugin.c | 152
lib/ldaputil/utest/plugin.h | 57
lib/ldaputil/utest/stubs.c | 144
lib/ldaputil/utest/stubs.cpp | 139
lib/ldaputil/utest/test.ref | 480
lib/ldaputil/vtable.c | 2
lib/libaccess/acl.tab.cpp | 25
lib/libaccess/aclcache.cpp | 105
lib/libaccess/aclflush.cpp | 1
lib/libaccess/aclpriv.h | 1
lib/libaccess/acltext.y | 4
lib/libaccess/acltools.cpp | 1896
lib/libaccess/aclutil.cpp | 13
lib/libaccess/authdb.cpp | 112
lib/libaccess/lasdns.cpp | 23
lib/libaccess/lasgroup.cpp | 10
lib/libaccess/lasip.cpp | 409
lib/libaccess/lasip.h | 3
lib/libaccess/nseframe.cpp | 1
lib/libaccess/oneeval.cpp | 19
lib/libaccess/permhash.h | 11
lib/libaccess/register.cpp | 50
lib/libaccess/usrcache.cpp | 14
lib/libaccess/utest/.purify | 19
lib/libaccess/utest/Makefile | 147
lib/libaccess/utest/acl.dat | 44
lib/libaccess/utest/aclfile0 | 87
lib/libaccess/utest/aclfile1 | 43
lib/libaccess/utest/aclfile10 | 45
lib/libaccess/utest/aclfile11 | 43
lib/libaccess/utest/aclfile12 | 43
lib/libaccess/utest/aclfile13 | 43
lib/libaccess/utest/aclfile14 | 43
lib/libaccess/utest/aclfile15 | 43
lib/libaccess/utest/aclfile16 | 43
lib/libaccess/utest/aclfile17 | 43
lib/libaccess/utest/aclfile18 | 51
lib/libaccess/utest/aclfile19 | 46
lib/libaccess/utest/aclfile2 | 43
lib/libaccess/utest/aclfile3 | 43
lib/libaccess/utest/aclfile4 | 43
lib/libaccess/utest/aclfile5 | 43
lib/libaccess/utest/aclfile6 | 55
lib/libaccess/utest/aclfile7 | 43
lib/libaccess/utest/aclfile8 | 43
lib/libaccess/utest/aclfile9 | 43
lib/libaccess/utest/aclgrp0 | 42
lib/libaccess/utest/aclgrp1 | 42
lib/libaccess/utest/aclgrp2 | 42
lib/libaccess/utest/aclgrp3 | 42
lib/libaccess/utest/aclgrp4 | 42
lib/libaccess/utest/acltest.cpp | 794
lib/libaccess/utest/onetest.cpp | 77
lib/libaccess/utest/shexp.cpp | 331
lib/libaccess/utest/shexp.h | 168
lib/libaccess/utest/test.ref | 217
lib/libaccess/utest/testmain.cpp | 89
lib/libaccess/utest/twotest.cpp | 87
lib/libaccess/utest/ustubs.cpp | 331
lib/libadmin/error.c | 2
lib/libadmin/template.c | 2
lib/libadmin/util.c | 48
lib/libsi18n/coreres.c | 141
lib/libsi18n/coreres.h | 52
lib/libsi18n/getlang.c | 330
lib/libsi18n/getstrmem.c | 160
lib/libsi18n/getstrmem.h | 1
lib/libsi18n/getstrprop.c | 85
lib/libsi18n/makstrdb.c | 21
lib/libsi18n/propset.c | 442
lib/libsi18n/propset.h | 80
lib/libsi18n/reshash.c | 21
ltmain.sh |13199 ++-
m4/db.m4 | 27
m4/fhs.m4 | 4
m4/icu.m4 | 25
m4/kerberos.m4 | 4
m4/mozldap.m4 | 38
m4/netsnmp.m4 | 15
m4/nspr.m4 | 17
m4/nss.m4 | 17
m4/openldap.m4 | 30
m4/pcre.m4 | 28
m4/sasl.m4 | 25
m4/selinux.m4 | 13
m4/svrcore.m4 | 41
man/man1/cl-dump.1 | 18
man/man1/dbgen.pl.1 | 4
man/man1/ds-logpipe.py.1 | 2
man/man1/infadd.1 | 8
man/man1/migratecred.1 | 6
man/man1/mmldif.1 | 4
man/man1/pwdhash.1 | 4
man/man1/repl-monitor.1 | 16
man/man8/ns-slapd.8 | 10
man/man8/remove-ds.pl.8 | 6
man/man8/restart-dirsrv.8 | 50
man/man8/setup-ds.pl.8 | 4
man/man8/start-dirsrv.8 | 50
man/man8/stop-dirsrv.8 | 50
missing | 104
selinux/dirsrv.fc.in | 2
selinux/dirsrv.if | 41
selinux/dirsrv.te | 11
wrappers/cl-dump.in | 11
wrappers/dbscan.in | 10
wrappers/infadd.in | 12
wrappers/initscript.in | 245
wrappers/ldap-agent-initscript.in | 20
wrappers/ldap-agent.in | 12
wrappers/ldclt.in | 12
wrappers/ldif.in | 12
wrappers/migratecred.in | 14
wrappers/mmldif.in | 14
wrappers/pwdhash.in | 14
wrappers/repl-monitor.in | 11
wrappers/rsearch.in | 12
wrappers/systemd-snmp.service.in | 16
wrappers/systemd.group.in | 6
wrappers/systemd.template.service.in | 28
wrappers/systemd.template.sysconfig | 3
644 files changed, 103969 insertions(+), 74254 deletions(-)
---
11 years, 6 months
Branch '389-ds-base-1.2.11' - ldap/servers
by Mark Reynolds
ldap/servers/slapd/pblock.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
New commits:
commit 3e9a21ae4e41f1680fc899795f272f80c2d9aef9
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Oct 9 12:59:48 2012 -0400
Ticket #446 - anonymous limits are being applied to directory manager
Bug Description: If you set "anonymous limits" they are incorrectly applied
to the root DN
Fix Description: When a connection is first accepted we set the anonymous limits
before we process the bind, because there might not be a bind operation.
However, we fail to clear out the resouce limits if the bind DN is
the root dn.
https://fedorahosted.org/389/ticket/446
Reviewed by: richm(Thanks!)
(cherry picked from commit 53e16eda8e2a82a45deb39129bbe839beb036c70)
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index baee7a7..33559a7 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -3639,7 +3639,7 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
{
/* clear credentials */
bind_credentials_clear( conn, PR_FALSE /* conn is already locked */,
- ( extauthtype != NULL ) /* clear external creds. if requested */ );
+ ( extauthtype != NULL ) /* clear external creds. if requested */ );
/* set primary credentials */
slapi_ch_free((void**)&conn->c_authtype);
@@ -3657,7 +3657,6 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
conn->c_client_cert = clientcert;
}
-
/* notify binder-based resource limit subsystem about the change in DN */
if ( !conn->c_isroot )
{
@@ -3681,5 +3680,8 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
slapi_ch_free_string( &anon_dn );
}
+ } else {
+ /* For root dn clear about the resource limits */
+ reslimit_update_from_entry( conn, NULL );
}
}
11 years, 6 months
ldap/servers
by Mark Reynolds
ldap/servers/slapd/pblock.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
New commits:
commit 53e16eda8e2a82a45deb39129bbe839beb036c70
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Oct 9 12:59:48 2012 -0400
Ticket #446 - anonymous limits are being applied to directory manager
Bug Description: If you set "anonymous limits" they are incorrectly applied
to the root DN
Fix Description: When a connection is first accepted we set the anonymous limits
before we process the bind, because there might not be a bind operation.
However, we fail to clear out the resouce limits if the bind DN is
the root dn.
https://fedorahosted.org/389/ticket/446
Reviewed by: ?
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index 2d4e0b0..9895d49 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -3646,7 +3646,7 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
{
/* clear credentials */
bind_credentials_clear( conn, PR_FALSE /* conn is already locked */,
- ( extauthtype != NULL ) /* clear external creds. if requested */ );
+ ( extauthtype != NULL ) /* clear external creds. if requested */ );
/* set primary credentials */
slapi_ch_free((void**)&conn->c_authtype);
@@ -3664,7 +3664,6 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
conn->c_client_cert = clientcert;
}
-
/* notify binder-based resource limit subsystem about the change in DN */
if ( !conn->c_isroot )
{
@@ -3688,5 +3687,8 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn,
slapi_ch_free_string( &anon_dn );
}
+ } else {
+ /* For root dn clear about the resource limits */
+ reslimit_update_from_entry( conn, NULL );
}
}
11 years, 6 months
Branch '389-ds-base-1.2.11' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/abandon.c | 2
ldap/servers/slapd/connection.c | 4 -
ldap/servers/slapd/daemon.c | 2
ldap/servers/slapd/pagedresults.c | 130 +++++++++++++++++++-------------------
ldap/servers/slapd/proto-slap.h | 8 +-
5 files changed, 74 insertions(+), 72 deletions(-)
New commits:
commit 4d825079a9bb622211d3709ea2496f533b8e51d1
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Fri Oct 5 17:56:22 2012 -0700
Bug 863576 - Dirsrv deadlock locking up IPA
https://bugzilla.redhat.com/show_bug.cgi?id=863576
Bug Description: Abandon of a Simple Paged Results request causes
the self deadlock. When abandoning a simple paged result request,
the mutex for the connection object c_mutex is locked in do_abandon.
But to free a pagedresult massage id, pagedresults_free_one_msgid
called from do_abandon tries to acquire lock on c_mutex again.
The NSPR lock function PR_Lock is not self re-entrant. Thus the
server hangs there due to the self-deadlock.
Fix Description: This patch is removing to call PR_Lock(c_mutex)
in pagedresults_free_one_msgid and renamed it to pagedresults_free_
one_msgid_nolock. To maintain the consistency, "_nolock" is added
to other pagedresults apis which do not call PR_Lock in it.
Also, stricter locking on c_mutex is being added to pagedresults_
parse_control_value to protect the pagedresults related field in
the connection object.
(cherry picked from commit c19bb9dd1e95ee98a53a06f3d7eefb4dce5bc0ef)
diff --git a/ldap/servers/slapd/abandon.c b/ldap/servers/slapd/abandon.c
index 4f00da9..094ae95 100644
--- a/ldap/servers/slapd/abandon.c
+++ b/ldap/servers/slapd/abandon.c
@@ -153,7 +153,7 @@ do_abandon( Slapi_PBlock *pb )
}
if ( op_is_pagedresults(o) ) {
- if ( 0 == pagedresults_free_one_msgid(pb->pb_conn, id) ) {
+ if ( 0 == pagedresults_free_one_msgid_nolock(pb->pb_conn, id) ) {
slapi_log_access( LDAP_DEBUG_STATS, "conn=%" NSPRIu64
" op=%d ABANDON targetop=Simple Paged Results\n",
pb->pb_conn->c_connid, pb->pb_op->o_opid );
diff --git a/ldap/servers/slapd/connection.c b/ldap/servers/slapd/connection.c
index 9e43104..a3b1df5 100644
--- a/ldap/servers/slapd/connection.c
+++ b/ldap/servers/slapd/connection.c
@@ -2094,7 +2094,7 @@ void connection_enter_leave_turbo(Connection *conn, int current_turbo_flag, int
PR_Lock(conn->c_mutex);
/* We can already be in turbo mode, or not */
current_mode = current_turbo_flag;
- if (pagedresults_in_use(conn)) {
+ if (pagedresults_in_use_nolock(conn)) {
/* PAGED_RESULTS does not need turbo mode */
new_mode = 0;
} else if (conn->c_private->operation_rate == 0) {
@@ -2780,7 +2780,7 @@ disconnect_server_nomutex( Connection *conn, PRUint64 opconnid, int opid, PRErro
connection_abandon_operations( conn );
/* needed here to ensure simple paged results timeout properly and
* don't impact subsequent ops */
- pagedresults_reset_timedout(conn);
+ pagedresults_reset_timedout_nolock(conn);
if (! config_check_referral_mode()) {
/*
diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c
index 597e131..b611f5c 100644
--- a/ldap/servers/slapd/daemon.c
+++ b/ldap/servers/slapd/daemon.c
@@ -1693,7 +1693,7 @@ setup_pr_read_pds(Connection_Table *ct, PRFileDesc **n_tcps, PRFileDesc **s_tcps
{
int add_fd = 1;
/* check timeout for PAGED RESULTS */
- if (pagedresults_is_timedout(c))
+ if (pagedresults_is_timedout_nolock(c))
{
/* Exceeded the timelimit; disconnect the client */
disconnect_server_nomutex(c, c->c_connid, -1,
diff --git a/ldap/servers/slapd/pagedresults.c b/ldap/servers/slapd/pagedresults.c
index ea7de14..d445c06 100644
--- a/ldap/servers/slapd/pagedresults.c
+++ b/ldap/servers/slapd/pagedresults.c
@@ -64,6 +64,7 @@ pagedresults_parse_control_value( Slapi_PBlock *pb,
struct berval cookie = {0};
Connection *conn = pb->pb_conn;
Operation *op = pb->pb_op;
+ BerElement *ber = NULL;
LDAPDebug0Args(LDAP_DEBUG_TRACE, "--> pagedresults_parse_control_value\n");
if ( NULL == conn || NULL == op || NULL == pagesize || NULL == index ) {
@@ -76,70 +77,71 @@ pagedresults_parse_control_value( Slapi_PBlock *pb,
if ( psbvp->bv_len == 0 || psbvp->bv_val == NULL )
{
- rc = LDAP_PROTOCOL_ERROR;
+ LDAPDebug0Args(LDAP_DEBUG_ANY,
+ "<-- pagedresults_parse_control_value: no control value\n");
+ return LDAP_PROTOCOL_ERROR;
}
- else
+ ber = ber_init( psbvp );
+ if ( ber == NULL )
{
- BerElement *ber = ber_init( psbvp );
- if ( ber == NULL )
- {
- rc = LDAP_OPERATIONS_ERROR;
- }
- else
- {
- if ( ber_scanf( ber, "{io}", pagesize, &cookie ) == LBER_ERROR )
- {
- rc = LDAP_PROTOCOL_ERROR;
+ LDAPDebug0Args(LDAP_DEBUG_ANY,
+ "<-- pagedresults_parse_control_value: no control value\n");
+ return LDAP_PROTOCOL_ERROR;
+ }
+ if ( ber_scanf( ber, "{io}", pagesize, &cookie ) == LBER_ERROR )
+ {
+ LDAPDebug0Args(LDAP_DEBUG_ANY,
+ "<-- pagedresults_parse_control_value: corrupted control value\n");
+ return LDAP_PROTOCOL_ERROR;
+ }
+
+ PR_Lock(conn->c_mutex);
+ /* the ber encoding is no longer needed */
+ ber_free(ber, 1);
+ if ( cookie.bv_len <= 0 ) {
+ int i;
+ int maxlen;
+ /* first time? */
+ maxlen = conn->c_pagedresults.prl_maxlen;
+ if (conn->c_pagedresults.prl_count == maxlen) {
+ if (0 == maxlen) { /* first time */
+ conn->c_pagedresults.prl_maxlen = 1;
+ conn->c_pagedresults.prl_list =
+ (PagedResults *)slapi_ch_calloc(1,
+ sizeof(PagedResults));
+ } else {
+ /* new max length */
+ conn->c_pagedresults.prl_maxlen *= 2;
+ conn->c_pagedresults.prl_list =
+ (PagedResults *)slapi_ch_realloc(
+ (char *)conn->c_pagedresults.prl_list,
+ sizeof(PagedResults) *
+ conn->c_pagedresults.prl_maxlen);
+ /* initialze newly allocated area */
+ memset(conn->c_pagedresults.prl_list + maxlen, '\0',
+ sizeof(PagedResults) * maxlen);
}
- /* the ber encoding is no longer needed */
- ber_free(ber, 1);
- if ( cookie.bv_len <= 0 ) {
- int i;
- int maxlen;
- /* first time? */
- PR_Lock(conn->c_mutex);
- maxlen = conn->c_pagedresults.prl_maxlen;
- if (conn->c_pagedresults.prl_count == maxlen) {
- if (0 == maxlen) { /* first time */
- conn->c_pagedresults.prl_maxlen = 1;
- conn->c_pagedresults.prl_list =
- (PagedResults *)slapi_ch_calloc(1,
- sizeof(PagedResults));
- } else {
- /* new max length */
- conn->c_pagedresults.prl_maxlen *= 2;
- conn->c_pagedresults.prl_list =
- (PagedResults *)slapi_ch_realloc(
- (char *)conn->c_pagedresults.prl_list,
- sizeof(PagedResults) *
- conn->c_pagedresults.prl_maxlen);
- /* initialze newly allocated area */
- memset(conn->c_pagedresults.prl_list + maxlen, '\0',
- sizeof(PagedResults) * maxlen);
- }
- *index = maxlen; /* the first position in the new area */
- } else {
- for (i = 0; i < conn->c_pagedresults.prl_maxlen; i++) {
- if (!conn->c_pagedresults.prl_list[i].pr_current_be) {
- *index = i;
- break;
- }
- }
+ *index = maxlen; /* the first position in the new area */
+ } else {
+ for (i = 0; i < conn->c_pagedresults.prl_maxlen; i++) {
+ if (!conn->c_pagedresults.prl_list[i].pr_current_be) {
+ *index = i;
+ break;
}
- conn->c_pagedresults.prl_count++;
- PR_Unlock(conn->c_mutex);
- } else {
- /* Repeated paged results request.
- * PagedResults is already allocated. */
- char *ptr = slapi_ch_malloc(cookie.bv_len + 1);
- memcpy(ptr, cookie.bv_val, cookie.bv_len);
- *(ptr+cookie.bv_len) = '\0';
- *index = strtol(ptr, NULL, 10);
- slapi_ch_free_string(&ptr);
}
- slapi_ch_free((void **)&cookie.bv_val);
}
+ conn->c_pagedresults.prl_count++;
+ } else {
+ /* Repeated paged results request.
+ * PagedResults is already allocated. */
+ char *ptr = slapi_ch_malloc(cookie.bv_len + 1);
+ memcpy(ptr, cookie.bv_val, cookie.bv_len);
+ *(ptr+cookie.bv_len) = '\0';
+ *index = strtol(ptr, NULL, 10);
+ slapi_ch_free_string(&ptr);
}
+ slapi_ch_free((void **)&cookie.bv_val);
+
if ((*index > -1) && (*index < conn->c_pagedresults.prl_maxlen)) {
/* Need to keep the latest msgid to prepare for the abandon. */
conn->c_pagedresults.prl_list[*index].pr_msgid = op->o_msgid;
@@ -149,6 +151,7 @@ pagedresults_parse_control_value( Slapi_PBlock *pb,
"pagedresults_parse_control_value: invalid cookie: %d\n",
*index);
}
+ PR_Unlock(conn->c_mutex);
LDAPDebug1Arg(LDAP_DEBUG_TRACE,
"<-- pagedresults_parse_control_value: idx %d\n", *index);
@@ -261,7 +264,7 @@ pagedresults_free_one( Connection *conn, int index )
}
int
-pagedresults_free_one_msgid( Connection *conn, ber_int_t msgid )
+pagedresults_free_one_msgid_nolock( Connection *conn, ber_int_t msgid )
{
int rc = -1;
int i;
@@ -269,9 +272,9 @@ pagedresults_free_one_msgid( Connection *conn, ber_int_t msgid )
LDAPDebug1Arg(LDAP_DEBUG_TRACE,
"--> pagedresults_free_one: msgid=%d\n", msgid);
if (conn && (msgid > -1)) {
- PR_Lock(conn->c_mutex);
if (conn->c_pagedresults.prl_count <= 0) {
- LDAPDebug2Args(LDAP_DEBUG_TRACE, "pagedresults_free_one_msgid: "
+ LDAPDebug2Args(LDAP_DEBUG_TRACE,
+ "pagedresults_free_one_msgid_nolock: "
"conn=%d paged requests list count is %d\n",
conn->c_connid, conn->c_pagedresults.prl_count);
} else {
@@ -285,7 +288,6 @@ pagedresults_free_one_msgid( Connection *conn, ber_int_t msgid )
}
}
}
- PR_Unlock(conn->c_mutex);
}
LDAPDebug1Arg(LDAP_DEBUG_TRACE, "<-- pagedresults_free_one: %d\n", rc);
@@ -720,7 +722,7 @@ pagedresults_reset_processing(Connection *conn, int index)
/* Are all the paged results requests timed out? */
int
-pagedresults_is_timedout(Connection *conn)
+pagedresults_is_timedout_nolock(Connection *conn)
{
int i;
PagedResults *prp = NULL;
@@ -753,7 +755,7 @@ pagedresults_is_timedout(Connection *conn)
/* reset all timeout */
int
-pagedresults_reset_timedout(Connection *conn)
+pagedresults_reset_timedout_nolock(Connection *conn)
{
int i;
PagedResults *prp = NULL;
@@ -773,7 +775,7 @@ pagedresults_reset_timedout(Connection *conn)
/* paged results requests are in progress. */
int
-pagedresults_in_use(Connection *conn)
+pagedresults_in_use_nolock(Connection *conn)
{
LDAPDebug0Args(LDAP_DEBUG_TRACE, "--> pagedresults_in_use\n");
if (NULL == conn) {
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 1b62c13..7e438b7 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -1421,11 +1421,11 @@ int pagedresults_set_timelimit(Connection *conn, time_t timelimit, int index);
int pagedresults_cleanup(Connection *conn, int needlock);
int pagedresults_check_or_set_processing(Connection *conn, int index);
int pagedresults_reset_processing(Connection *conn, int index);
-int pagedresults_is_timedout(Connection *conn);
-int pagedresults_reset_timedout(Connection *conn);
-int pagedresults_in_use(Connection *conn);
+int pagedresults_is_timedout_nolock(Connection *conn);
+int pagedresults_reset_timedout_nolock(Connection *conn);
+int pagedresults_in_use_nolock(Connection *conn);
int pagedresults_free_one(Connection *conn, int index);
-int pagedresults_free_one_msgid( Connection *conn, ber_int_t msgid );
+int pagedresults_free_one_msgid_nolock( Connection *conn, ber_int_t msgid );
int op_is_pagedresults(Operation *op);
int pagedresults_cleanup_all(Connection *conn, int needlock);
void op_set_pagedresults(Operation *op);
11 years, 6 months