wrappers/initscript.in
by Mark Reynolds
wrappers/initscript.in | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit ef48c93ded0f766d8dab679b976ca032d6297c32
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Sep 24 12:34:59 2012 -0400
Ticket 457 - dirsrv init script returns 0 even when few or all instances fail to start
Bug Description: We don't return an error code when one or more instances fails to start.
Fix Description: Return error 1 when an instance fails to start.
https://fedorahosted.org/389/ticket/457
Reviewed by: richm(Thanks!)
diff --git a/wrappers/initscript.in b/wrappers/initscript.in
index da5f6bb..7601784 100644
--- a/wrappers/initscript.in
+++ b/wrappers/initscript.in
@@ -264,7 +264,8 @@ start() {
[ -x /sbin/restorecon ] && /sbin/restorecon $lockfile
fi
if [ $errors -ge 1 ]; then
- echo " *** Warning: $errors instance(s) failed to start"
+ echo " *** Error: $errors instance(s) failed to start"
+ exit 1
fi
}
11 years
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/dn.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit daa43b7d356aa3ed6ea1e50da7a05c3a864ee3b6
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Sun Sep 23 22:14:21 2012 -0700
Coverity defects
12195, 13090: Dereference after null check
diff --git a/ldap/servers/slapd/dn.c b/ldap/servers/slapd/dn.c
index b79d0f2..b620eee 100644
--- a/ldap/servers/slapd/dn.c
+++ b/ldap/servers/slapd/dn.c
@@ -1129,8 +1129,9 @@ bail:
*d = '\0';
}
/* add this dn to the normalized dn cache */
- if(*dest)
+ if(dest && *dest && dest_len && *dest_len) {
ndn_cache_add(udn, src_len, *dest, *dest_len);
+ }
return rc;
}
11 years
Branch '389-ds-base-1.2.11' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/main.c | 7 -------
ldap/servers/slapd/pw_mgmt.c | 3 +--
2 files changed, 1 insertion(+), 9 deletions(-)
New commits:
commit 162f4b104d431523b5458f866776431fab486c7a
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Mon Sep 24 09:56:50 2012 -0700
Undo commit db792dbc7141b03bd33b710b79ed0942c34d6530
This ticket should not be applied to 389-ds-base-1.2.11 branch:
Trac Ticket #466 - entry_apply_mod - ADD: Failed to set
unhashed#user#password to extension
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
index f696563..84ce01d 100644
--- a/ldap/servers/slapd/main.c
+++ b/ldap/servers/slapd/main.c
@@ -1164,13 +1164,6 @@ main( int argc, char **argv)
/* init the thread data index for bind dn's */
slapi_td_dn_init();
- /*
- * Initialize password storage in entry extension.
- * Need to be initialized before plugin_startall in case stucked
- * changes are replicated as soon as the replication plugin is started.
- */
- pw_exp_init ();
-
plugin_print_lists();
plugin_startall(argc, argv, 1 /* Start Backends */, 1 /* Start Globals */);
if (housekeeping_start((time_t)0, NULL) == NULL) {
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index 22d49b7..f173128 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -309,8 +309,7 @@ pw_init ( void ) {
OCTETSTRING_SYNTAX_OID, 0,
/* Clients don't need to directly modify
* PSEUDO_ATTR_UNHASHEDUSERPASSWORD */
- SLAPI_ATTR_FLAG_NOUSERMOD|
- SLAPI_ATTR_FLAG_NOEXPOSE);
+ SLAPI_ATTR_FLAG_NOUSERMOD);
}
11 years
ldap/servers
by Mark Reynolds
ldap/servers/slapd/plugin_acl.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit d58ae20b75ccae99b2122a4a0d4fcf773a51115a
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Sep 24 11:26:49 2012 -0400
Coverity issue 13091
Bug Description: Local var array "mychange" can go out of scope
Fix Description: Declare "mychange" at the top of the function so it does not go out of scope.
Reviewed by: nkinder(Thanks!)
diff --git a/ldap/servers/slapd/plugin_acl.c b/ldap/servers/slapd/plugin_acl.c
index 3bc3f21..eebc292 100644
--- a/ldap/servers/slapd/plugin_acl.c
+++ b/ldap/servers/slapd/plugin_acl.c
@@ -136,6 +136,7 @@ plugin_call_acl_mods_update ( Slapi_PBlock *pb, int optype )
struct slapdplugin *p;
int rc = 0;
void *change = NULL;
+ void *mychange[2];
Slapi_Entry *te = NULL;
Slapi_DN *sdn = NULL;
Operation *operation;
@@ -158,7 +159,6 @@ plugin_call_acl_mods_update ( Slapi_PBlock *pb, int optype )
break;
case SLAPI_OPERATION_MODRDN:
{
- void *mychange[2];
char *newrdn = NULL;
Slapi_DN *psdn = NULL;
char *pdn = NULL;
11 years
Branch '389-ds-base-1.2.11' - VERSION.sh
by Mark Reynolds
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 3383f6718cbfcf597d812557b1167a2a178162cd
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Sep 21 18:17:26 2012 -0400
Ticket 473 - change VERSION.sh to have console version be major.minor
Removed ".6" from the console version
https://fedorahosted.org/389/ticket/473
Reviewed by: richm(Thanks!)
diff --git a/VERSION.sh b/VERSION.sh
index 757c49f..5062025 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -50,4 +50,4 @@ PACKAGE_BUGREPORT="${PACKAGE_BUGREPORT}enter_bug.cgi?product=$brand"
PACKAGE_STRING="$PACKAGE_TARNAME $PACKAGE_VERSION"
# the version of the ds console package that this directory server
# is compatible with
-CONSOLE_VERSION=$VERSION_MAJOR.$VERSION_MINOR.6
+CONSOLE_VERSION=$VERSION_MAJOR.$VERSION_MINOR
11 years
VERSION.sh
by Mark Reynolds
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit dc5e631299c488e65e7cf45eee56b7628f13c30d
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Sep 21 17:35:43 2012 -0400
Ticket 473 - change VERSION.sh to have console version be major.minor
Removed ".6" from the console version
https://fedorahosted.org/389/ticket/473
Reviewed by: richm(Thanks!)
diff --git a/VERSION.sh b/VERSION.sh
index e7c8e85..487c21d 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -51,4 +51,4 @@ PACKAGE_STRING="$PACKAGE_TARNAME $PACKAGE_VERSION"
# the version of the ds console package that this directory server
# is compatible with
# console .2 is still compatible with 389 .3 for now
-CONSOLE_VERSION=$VERSION_MAJOR.2.6
+CONSOLE_VERSION=$VERSION_MAJOR.2
11 years
Branch '389-ds-base-1.2.11' - ldap/servers
by Mark Reynolds
ldap/servers/plugins/rootdn_access/rootdn_access.c | 45 +++++++++++++++++----
1 file changed, 38 insertions(+), 7 deletions(-)
New commits:
commit 7733afd87119b46cd56e70c4b6fff7b0c67161bb
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Sep 21 18:12:40 2012 -0400
Ticket 475 - Root DN Access Control - improve value checking for config
Bug Description: Plugin was not checking the time values, and the "allowed-days"
Fix Description: Make sure the open and close times are with 0000-2359, and make
sure that each day in "rootdn-days-allowed" is a valid day.
https://fedorahosted.org/389/ticket/475
Reviewed by: noriko(Thanks!)
diff --git a/ldap/servers/plugins/rootdn_access/rootdn_access.c b/ldap/servers/plugins/rootdn_access/rootdn_access.c
index bae2703..ad1e125 100644
--- a/ldap/servers/plugins/rootdn_access/rootdn_access.c
+++ b/ldap/servers/plugins/rootdn_access/rootdn_access.c
@@ -219,8 +219,10 @@ rootdn_load_config(Slapi_PBlock *pb)
Slapi_Entry *e = NULL;
char *openTime = NULL;
char *closeTime = NULL;
+ char *token, *iter, *copy;
char hour[3], min[3];
int result = 0;
+ int time;
int i;
slapi_log_error(SLAPI_LOG_PLUGIN, ROOTDN_PLUGIN_SUBSYSTEM, "--> rootdn_load_config\n");
@@ -240,19 +242,41 @@ rootdn_load_config(Slapi_PBlock *pb)
* Validate out settings
*/
if(daysAllowed){
- if(strcspn(daysAllowed, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz ,")){
+ daysAllowed = strToLower(daysAllowed);
+ if(strcspn(daysAllowed, "abcdefghijklmnopqrstuvwxyz ,")){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid rootdn-days-allowed value (%s), must be all letters, and comma separators\n",closeTime);
+ "invalid rootdn-days-allowed value (%s), must be all letters, and comma separators\n", daysAllowed);
slapi_ch_free_string(&daysAllowed);
result = -1;
goto free_and_return;
}
- daysAllowed = strToLower(daysAllowed);
+ /* make sure the "days" are valid "days" */
+ copy = slapi_ch_strdup(daysAllowed);
+ token = ldap_utf8strtok_r(copy, ", ", &iter);
+ while(token){
+ if(strstr("mon tue wed thu fri sat sun",token) == 0){
+ slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
+ "invalid rootdn-days-allowed day value(%s), must be \"Mon, Tue, Wed, Thu, Fri, Sat, or Sun\".\n", token);
+ slapi_ch_free_string(&daysAllowed);
+ slapi_ch_free_string(©);
+ result = -1;
+ goto free_and_return;
+ }
+ token = ldap_utf8strtok_r(iter, ", ", &iter);
+ }
+ slapi_ch_free_string(©);
}
if(openTime){
if (strcspn(openTime, "0123456789")){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid rootdn-open-time value (%s), must be all digits\n",openTime);
+ "invalid rootdn-open-time value (%s), must be all digits\n", openTime);
+ result = -1;
+ goto free_and_return;
+ }
+ time = atoi(openTime);
+ if(time > 2359 || time < 0){
+ slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
+ "invalid value for rootdn-open-time value (%s), value must be between 0000-2359\n", openTime);
result = -1;
goto free_and_return;
}
@@ -272,13 +296,20 @@ rootdn_load_config(Slapi_PBlock *pb)
if(closeTime){
if (strcspn(closeTime, "0123456789")){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid rootdn-open-time value (%s), must be all digits, and should be HHMM\n",closeTime);
+ "invalid rootdn-close-time value (%s), must be all digits, and should be HHMM\n",closeTime);
+ result = -1;
+ goto free_and_return;
+ }
+ time = atoi(closeTime);
+ if(time > 2359 || time < 0){
+ slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
+ "invalid value for rootdn-close-time value (%s), value must be between 0000-2359\n", closeTime);
result = -1;
goto free_and_return;
}
if(strlen(closeTime) != 4){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid format for rootdn-open-time value (%s), should be HHMM\n", closeTime);
+ "invalid format for rootdn-close-time value (%s), should be HHMM\n", closeTime);
result = -1;
goto free_and_return;
}
@@ -661,7 +692,7 @@ char *
strToLower(char *str){
int i;
- for(i = 0; i < strlen(str); i++){
+ for(i = 0; str && i < strlen(str); i++){
str[i] = tolower(str[i]);
}
return str;
11 years
ldap/servers
by Mark Reynolds
ldap/servers/plugins/rootdn_access/rootdn_access.c | 45 +++++++++++++++++----
1 file changed, 38 insertions(+), 7 deletions(-)
New commits:
commit d4c11dc7d8afcc26e03b4174262e0671551aca37
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Sep 21 17:11:20 2012 -0400
Ticket 475 - Root DN Access Control - improve value checking for config
Bug Description: Plugin was not checking the time values, and the "allowed-days"
Fix Description: Make sure the open and close times are with 0000-2359, and make
sure that each day in "rootdn-days-allowed" is a valid day.
https://fedorahosted.org/389/ticket/475
Reviewed by: noriko(Thanks!)
diff --git a/ldap/servers/plugins/rootdn_access/rootdn_access.c b/ldap/servers/plugins/rootdn_access/rootdn_access.c
index bae2703..ad1e125 100644
--- a/ldap/servers/plugins/rootdn_access/rootdn_access.c
+++ b/ldap/servers/plugins/rootdn_access/rootdn_access.c
@@ -219,8 +219,10 @@ rootdn_load_config(Slapi_PBlock *pb)
Slapi_Entry *e = NULL;
char *openTime = NULL;
char *closeTime = NULL;
+ char *token, *iter, *copy;
char hour[3], min[3];
int result = 0;
+ int time;
int i;
slapi_log_error(SLAPI_LOG_PLUGIN, ROOTDN_PLUGIN_SUBSYSTEM, "--> rootdn_load_config\n");
@@ -240,19 +242,41 @@ rootdn_load_config(Slapi_PBlock *pb)
* Validate out settings
*/
if(daysAllowed){
- if(strcspn(daysAllowed, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz ,")){
+ daysAllowed = strToLower(daysAllowed);
+ if(strcspn(daysAllowed, "abcdefghijklmnopqrstuvwxyz ,")){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid rootdn-days-allowed value (%s), must be all letters, and comma separators\n",closeTime);
+ "invalid rootdn-days-allowed value (%s), must be all letters, and comma separators\n", daysAllowed);
slapi_ch_free_string(&daysAllowed);
result = -1;
goto free_and_return;
}
- daysAllowed = strToLower(daysAllowed);
+ /* make sure the "days" are valid "days" */
+ copy = slapi_ch_strdup(daysAllowed);
+ token = ldap_utf8strtok_r(copy, ", ", &iter);
+ while(token){
+ if(strstr("mon tue wed thu fri sat sun",token) == 0){
+ slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
+ "invalid rootdn-days-allowed day value(%s), must be \"Mon, Tue, Wed, Thu, Fri, Sat, or Sun\".\n", token);
+ slapi_ch_free_string(&daysAllowed);
+ slapi_ch_free_string(©);
+ result = -1;
+ goto free_and_return;
+ }
+ token = ldap_utf8strtok_r(iter, ", ", &iter);
+ }
+ slapi_ch_free_string(©);
}
if(openTime){
if (strcspn(openTime, "0123456789")){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid rootdn-open-time value (%s), must be all digits\n",openTime);
+ "invalid rootdn-open-time value (%s), must be all digits\n", openTime);
+ result = -1;
+ goto free_and_return;
+ }
+ time = atoi(openTime);
+ if(time > 2359 || time < 0){
+ slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
+ "invalid value for rootdn-open-time value (%s), value must be between 0000-2359\n", openTime);
result = -1;
goto free_and_return;
}
@@ -272,13 +296,20 @@ rootdn_load_config(Slapi_PBlock *pb)
if(closeTime){
if (strcspn(closeTime, "0123456789")){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid rootdn-open-time value (%s), must be all digits, and should be HHMM\n",closeTime);
+ "invalid rootdn-close-time value (%s), must be all digits, and should be HHMM\n",closeTime);
+ result = -1;
+ goto free_and_return;
+ }
+ time = atoi(closeTime);
+ if(time > 2359 || time < 0){
+ slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
+ "invalid value for rootdn-close-time value (%s), value must be between 0000-2359\n", closeTime);
result = -1;
goto free_and_return;
}
if(strlen(closeTime) != 4){
slapi_log_error(SLAPI_LOG_FATAL, ROOTDN_PLUGIN_SUBSYSTEM, "rootdn_load_config: "
- "invalid format for rootdn-open-time value (%s), should be HHMM\n", closeTime);
+ "invalid format for rootdn-close-time value (%s), should be HHMM\n", closeTime);
result = -1;
goto free_and_return;
}
@@ -661,7 +692,7 @@ char *
strToLower(char *str){
int i;
- for(i = 0; i < strlen(str); i++){
+ for(i = 0; str && i < strlen(str); i++){
str[i] = tolower(str[i]);
}
return str;
11 years
Branch '389-ds-base-1.2.11' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/main.c | 7 +++++++
ldap/servers/slapd/pw_mgmt.c | 3 ++-
2 files changed, 9 insertions(+), 1 deletion(-)
New commits:
commit db792dbc7141b03bd33b710b79ed0942c34d6530
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Fri Sep 21 14:12:15 2012 -0700
Trac Ticket #466 - entry_apply_mod - ADD: Failed to set
unhashed#user#password to extension
https://fedorahosted.org/389/ticket/466
Bug Description: If changes are stuck in the chagnelog and the
server is restarted, the changes are being replicated as soon
as plugin_startall is called. At the point, the entry extension
has to be already initialized.
Fix Description: The entry extension initialization which used
to be called in pw_init. Now it is moved to just before
plugin_startall in main.
(cherry picked from commit 91d98369a214a45cd5c8ed716a55ccaf063c6f1d)
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
index 84ce01d..f696563 100644
--- a/ldap/servers/slapd/main.c
+++ b/ldap/servers/slapd/main.c
@@ -1164,6 +1164,13 @@ main( int argc, char **argv)
/* init the thread data index for bind dn's */
slapi_td_dn_init();
+ /*
+ * Initialize password storage in entry extension.
+ * Need to be initialized before plugin_startall in case stucked
+ * changes are replicated as soon as the replication plugin is started.
+ */
+ pw_exp_init ();
+
plugin_print_lists();
plugin_startall(argc, argv, 1 /* Start Backends */, 1 /* Start Globals */);
if (housekeeping_start((time_t)0, NULL) == NULL) {
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index f6f3cf3..22d49b7 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -309,7 +309,8 @@ pw_init ( void ) {
OCTETSTRING_SYNTAX_OID, 0,
/* Clients don't need to directly modify
* PSEUDO_ATTR_UNHASHEDUSERPASSWORD */
- SLAPI_ATTR_FLAG_NOUSERMOD );
+ SLAPI_ATTR_FLAG_NOUSERMOD|
+ SLAPI_ATTR_FLAG_NOEXPOSE);
}
11 years
ldap/servers
by Noriko Hosoi
ldap/servers/slapd/main.c | 7 +++++++
ldap/servers/slapd/pw_mgmt.c | 3 ---
2 files changed, 7 insertions(+), 3 deletions(-)
New commits:
commit 91d98369a214a45cd5c8ed716a55ccaf063c6f1d
Author: Noriko Hosoi <nhosoi(a)totoro.usersys.redhat.com>
Date: Fri Sep 21 14:12:15 2012 -0700
Trac Ticket #466 - entry_apply_mod - ADD: Failed to set
unhashed#user#password to extension
https://fedorahosted.org/389/ticket/466
Bug Description: If changes are stuck in the chagnelog and the
server is restarted, the changes are being replicated as soon
as plugin_startall is called. At the point, the entry extension
has to be already initialized.
Fix Description: The entry extension initialization which used
to be called in pw_init. Now it is moved to just before
plugin_startall in main.
diff --git a/ldap/servers/slapd/main.c b/ldap/servers/slapd/main.c
index 03d7086..cf4e2e3 100644
--- a/ldap/servers/slapd/main.c
+++ b/ldap/servers/slapd/main.c
@@ -1169,6 +1169,13 @@ main( int argc, char **argv)
/* init the thread data index for bind dn's */
slapi_td_dn_init();
+ /*
+ * Initialize password storage in entry extension.
+ * Need to be initialized before plugin_startall in case stucked
+ * changes are replicated as soon as the replication plugin is started.
+ */
+ pw_exp_init ();
+
plugin_print_lists();
plugin_startall(argc, argv, 1 /* Start Backends */, 1 /* Start Globals */);
if (housekeeping_start((time_t)0, NULL) == NULL) {
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index 5498bd1..c0055fc 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -313,9 +313,6 @@ pw_init ( void )
* PSEUDO_ATTR_UNHASHEDUSERPASSWORD */
SLAPI_ATTR_FLAG_NOUSERMOD|
SLAPI_ATTR_FLAG_NOEXPOSE);
-
- /* Initialize password storage in entry extension */
- pw_exp_init ();
}
11 years