389-commits June 2014

389-commits@lists.fedoraproject.org

5 participants
66 discussions

dirsrvtests/tickets
by Mark Reynolds 26 Jun '14

26 Jun '14

dirsrvtests/tickets/ticket47815_test.py | 227 ++++++++++++++++++++++++++++++++ 1 file changed, 227 insertions(+) New commits: commit b3aae6b16bb99eec56d2bda84ac8fc9a979b354e Author: Mark Reynolds <mreynolds(a)redhat.com> Date: Wed Jun 25 16:00:26 2014 -0400 Ticket 47815 - add lib389 test Description: Add a lib389 test for ticket 47815 https://fedorahosted.org/389/ticket/47815 Reviewed by: nhosoi(Thanks!) diff --git a/dirsrvtests/tickets/ticket47815_test.py b/dirsrvtests/tickets/ticket47815_test.py new file mode 100644 index 0000000..1f2ce33 --- /dev/null +++ b/dirsrvtests/tickets/ticket47815_test.py @@ -0,0 +1,227 @@ +import os +import sys +import time +import ldap +import logging +import socket +import pytest +from lib389 import DirSrv, Entry, tools +from lib389.tools import DirSrvTools +from lib389._constants import * +from lib389.properties import * +from constants import * + +log = logging.getLogger(__name__) + +installation_prefix = None + + +class TopologyStandalone(object): + def __init__(self, standalone): + standalone.open() + self.standalone = standalone + + +pytest.fixture(scope="module") +def topology(request): + ''' + This fixture is used to standalone topology for the 'module'. + At the beginning, It may exists a standalone instance. + It may also exists a backup for the standalone instance. + + Principle: + If standalone instance exists: + restart it + If backup of standalone exists: + create/rebind to standalone + + restore standalone instance from backup + else: + Cleanup everything + remove instance + remove backup + Create instance + Create backup + ''' + global installation_prefix + + if installation_prefix: + args_instance[SER_DEPLOYED_DIR] = installation_prefix + + standalone = DirSrv(verbose=False) + + # Args for the standalone instance + args_instance[SER_HOST] = HOST_STANDALONE + args_instance[SER_PORT] = PORT_STANDALONE + args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE + args_standalone = args_instance.copy() + standalone.allocate(args_standalone) + + # Get the status of the backups + backup_standalone = standalone.checkBackupFS() + + # Get the status of the instance and restart it if it exists + instance_standalone = standalone.exists() + if instance_standalone: + # assuming the instance is already stopped, just wait 5 sec max + standalone.stop(timeout=5) + standalone.start(timeout=10) + + if backup_standalone: + # The backup exist, assuming it is correct + # we just re-init the instance with it + if not instance_standalone: + standalone.create() + # Used to retrieve configuration information (dbdir, confdir...) + standalone.open() + + # restore standalone instance from backup + standalone.stop(timeout=10) + standalone.restoreFS(backup_standalone) + standalone.start(timeout=10) + + else: + # We should be here only in two conditions + # - This is the first time a test involve standalone instance + # - Something weird happened (instance/backup destroyed) + # so we discard everything and recreate all + + # Remove the backup. So even if we have a specific backup file + # (e.g backup_standalone) we clear backup that an instance may have created + if backup_standalone: + standalone.clearBackupFS() + + # Remove the instance + if instance_standalone: + standalone.delete() + + # Create the instance + standalone.create() + + # Used to retrieve configuration information (dbdir, confdir...) + standalone.open() + + # Time to create the backups + standalone.stop(timeout=10) + standalone.backupfile = standalone.backupFS() + standalone.start(timeout=10) + + # + # Here we have standalone instance up and running + # Either coming from a backup recovery + # or from a fresh (re)init + # Time to return the topology + return TopologyStandalone(standalone) + + +def test_ticket47815(topology): + """ + Test betxn plugins reject an invalid option, and make sure that the rejected entry + is not in the entry cache. + + Enable memberOf, automember, and retrocl plugins + Add the automember config entry + Add the automember group + Add a user that will be rejected by a betxn plugin - result error 53 + Attempt the same add again, and it should result in another error 53 (not error 68) + """ + result = 0 + result2 = 0 + + log.info('Testing Ticket 47815 - Add entries that should be rejected by the betxn plugins, and are not left in the entry cache') + + # Enabled the plugins + topology.standalone.plugins.enable(name=PLUGIN_MEMBER_OF) + topology.standalone.plugins.enable(name=PLUGIN_AUTOMEMBER) + topology.standalone.plugins.enable(name=PLUGIN_RETRO_CHANGELOG) + + # configure automember config entry + log.info('Adding automember config') + try: + topology.standalone.add_s(Entry(('cn=group cfg,cn=Auto Membership Plugin,cn=plugins,cn=config', { + 'objectclass': 'top autoMemberDefinition'.split(), + 'autoMemberScope': 'dc=example,dc=com', + 'autoMemberFilter': 'cn=user', + 'autoMemberDefaultGroup': 'cn=group,dc=example,dc=com', + 'autoMemberGroupingAttr': 'member:dn', + 'cn': 'group cfg'}))) + except: + log.error('Failed to add automember config') + exit(1) + + topology.standalone.stop(timeout=120) + time.sleep(1) + topology.standalone.start(timeout=120) + time.sleep(3) + + # need to reopen a connection toward the instance + topology.standalone.open() + + # add automember group + log.info('Adding automember group') + try: + topology.standalone.add_s(Entry(('cn=group,dc=example,dc=com', { + 'objectclass': 'top groupOfNames'.split(), + 'cn': 'group'}))) + except: + log.error('Failed to add automember group') + exit(1) + + # add user that should result in an error 53 + log.info('Adding invalid entry') + + try: + topology.standalone.add_s(Entry(('cn=user,dc=example,dc=com', { + 'objectclass': 'top person'.split(), + 'sn': 'user', + 'cn': 'user'}))) + except ldap.UNWILLING_TO_PERFORM: + log.debug('Adding invalid entry failed as expected') + result = 53 + except ldap.LDAPError, e: + log.error('Unexpected result ' + e.message['desc']) + assert False + if result == 0: + log.error('Add operation unexpectedly succeeded') + assert False + + # Attempt to add user again, should result in error 53 again + try: + topology.standalone.add_s(Entry(('cn=user,dc=example,dc=com', { + 'objectclass': 'top person'.split(), + 'sn': 'user', + 'cn': 'user'}))) + except ldap.UNWILLING_TO_PERFORM: + log.debug('2nd add of invalid entry failed as expected') + result2 = 53 + except ldap.LDAPError, e: + log.error('Unexpected result ' + e.message['desc']) + assert False + if result2 == 0: + log.error('2nd Add operation unexpectedly succeeded') + assert False + + # If we got here we passed! + log.info('Ticket47815 Test - Passed') + + +def test_ticket47815_final(topology): + topology.standalone.stop(timeout=10) + + +def run_isolated(): + ''' + run_isolated is used to run these test cases independently of a test scheduler (xunit, py.test..) + To run isolated without py.test, you need to + - edit this file and comment '@pytest.fixture' line before 'topology' function. + - set the installation prefix + - run this program + ''' + global installation_prefix + installation_prefix = None + + topo = topology(True) + test_ticket47815(topo) + +if __name__ == '__main__': + run_isolated()

1 0

ldap/servers
by Mark Reynolds 24 Jun '14

24 Jun '14

ldap/servers/slapd/back-ldbm/import.c | 4 ++++ 1 file changed, 4 insertions(+) New commits: commit 02600dad033e7910b566c9698491ef2a2cef4538 Author: Mark Reynolds <mreynolds(a)redhat.com> Date: Tue Jun 24 17:48:14 2014 -0400 Ticket 47827 - online import crashes server if using verbose error logging Bug Description: When using verbose logging and running an import task, the server will crash at the end of the import. The verbose logging changes the internal timing and exposes a race condition where the task queue frees the import job before the import finishes. Fix Description: Wait for the backend instance to be set as "not busy" before freeing the import task. https://fedorahosted.org/389/ticket/47827 Reviewed by: nhosoi(Thanks!) diff --git a/ldap/servers/slapd/back-ldbm/import.c b/ldap/servers/slapd/back-ldbm/import.c index 7149ef0..3c195e2 100644 --- a/ldap/servers/slapd/back-ldbm/import.c +++ b/ldap/servers/slapd/back-ldbm/import.c @@ -217,6 +217,10 @@ static void import_task_destroy(Slapi_Task *task) { ImportJob *job = (ImportJob *)slapi_task_get_data(task); + while(is_instance_busy(job->inst)){ + /* wait for the job to finish before freeing it */ + DS_Sleep(PR_SecondsToInterval(1)); + } if (job && job->task_status) { slapi_ch_free((void **)&job->task_status); job->task_status = NULL;

1 0

Branch '389-ds-base-1.2.11' - ldap/servers
by Noriko Hosoi 23 Jun '14

23 Jun '14

ldap/servers/plugins/uiduniq/7bit.c | 37 +++++++++--------------------------- 1 file changed, 10 insertions(+), 27 deletions(-) New commits: commit fc67fb8a40a340b8f02e746f1446496d23a3b572 Author: Noriko Hosoi <nhosoi(a)redhat.com> Date: Mon Jun 23 14:59:04 2014 -0700 Revert "Ticket #47423 - 7-bit check plugin does not work for userpassword attribute" This reverts commit 7e7a85f6fb74547f7d2af191db3b4608b39995ab. This patch should not be in 389-ds-base-1.2.11 branch. diff --git a/ldap/servers/plugins/uiduniq/7bit.c b/ldap/servers/plugins/uiduniq/7bit.c index c98d660..f690b4e 100644 --- a/ldap/servers/plugins/uiduniq/7bit.c +++ b/ldap/servers/plugins/uiduniq/7bit.c @@ -218,8 +218,7 @@ preop_add(Slapi_PBlock *pb) { int result; char *violated = NULL; - char *pwd = NULL; - char *origpwd = NULL; + #ifdef DEBUG slapi_log_error(SLAPI_LOG_PLUGIN, plugin_name, "ADD begin\n"); #endif @@ -237,14 +236,12 @@ preop_add(Slapi_PBlock *pb) const char *dn; Slapi_DN *sdn = NULL; Slapi_Entry *e; + Slapi_Attr *attr; char **firstSubtree; char **subtreeDN; int subtreeCnt; int is_replicated_operation; - struct berval *vals[2]; - struct berval val; - vals[0] = &val; - vals[1] = NULL; + /* * Get the arguments */ @@ -291,26 +288,19 @@ preop_add(Slapi_PBlock *pb) for (attrName = argv; strcmp(*attrName, ",") != 0; attrName++ ) { /* - * if the attribute is userpassword, check unhashed user password + * if the attribute is userpassword, check unhashed#user#password * instead. "userpassword" is encoded; it will always pass the 7bit * check. */ - char *attr_name = NULL; - Slapi_Attr *attr = NULL; + char *attr_name; if ( strcasecmp(*attrName, "userpassword") == 0 ) { - origpwd = pwd = slapi_get_first_clear_text_pw(e); - if (pwd == NULL) - { - continue; - } - val.bv_val = pwd; - val.bv_len = strlen(val.bv_val); + attr_name = "unhashed#user#password"; } else { attr_name = *attrName; - err = slapi_entry_attr_find(e, attr_name, &attr); - if (err) continue; /* break;*/ /* no 7-bit attribute */ } + err = slapi_entry_attr_find(e, attr_name, &attr); + if (err) continue; /* break;*/ /* no 7-bit attribute */ /* * For each DN in the managed list, do 7-bit checking if @@ -333,14 +323,7 @@ preop_add(Slapi_PBlock *pb) /* * Check if the value is 7-bit clean */ - if(pwd) - { - result = bit_check(attr, vals, &violated); - if(!result) - pwd = NULL; - } - else - result = bit_check(attr, NULL, &violated); + result = bit_check(attr, NULL, &violated); if (result) break; } } @@ -352,7 +335,7 @@ preop_add(Slapi_PBlock *pb) if (result) { issue_error(pb, result, "ADD", violated); } - slapi_ch_free_string(&origpwd); + return (result==LDAP_SUCCESS)?0:-1; }

1 0

ldap/servers
by Ludwig Krispenz 23 Jun '14

23 Jun '14

ldap/servers/slapd/operation.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) New commits: commit bfab0aa6ae8d5793705a3485878fe26d93db873e Author: Ludwig Krispenz <lkrispen(a)redhat.com> Date: Mon Jun 23 16:54:21 2014 +0200 fix compiler error with alst coverity commit diff --git a/ldap/servers/slapd/operation.c b/ldap/servers/slapd/operation.c index c31e8bc..69f0069 100644 --- a/ldap/servers/slapd/operation.c +++ b/ldap/servers/slapd/operation.c @@ -636,7 +636,7 @@ slapi_connection_remove_operation( Slapi_PBlock *pb, Slapi_Connection *conn, Sla LDAPDebug( LDAP_DEBUG_ANY, "connection_remove_operation: can't find op %d for conn %" NSPRIu64 "\n", (int)op->o_msgid, conn->c_connid, 0 ); } else { - LDAPDebug( LDAP_DEBUG_ANY, "connection_remove_operation: no operation provided\n"); + LDAPDebug( LDAP_DEBUG_ANY, "connection_remove_operation: no operation provided\n",0, 0, 0); } } else { *tmp = (*tmp)->o_next;

1 0

ldap/servers
by Ludwig Krispenz 23 Jun '14

23 Jun '14

ldap/servers/slapd/operation.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) New commits: commit a1ab514c1db436015e7d601dcde0832f31b63452 Author: Ludwig Krispenz <lkrispen(a)redhat.com> Date: Mon Jun 23 14:40:33 2014 +0200 fix coverity issue 12621 reviewd by Nathan, thanks diff --git a/ldap/servers/slapd/operation.c b/ldap/servers/slapd/operation.c index 1b45c3f..c31e8bc 100644 --- a/ldap/servers/slapd/operation.c +++ b/ldap/servers/slapd/operation.c @@ -632,8 +632,12 @@ slapi_connection_remove_operation( Slapi_PBlock *pb, Slapi_Connection *conn, Sla for ( tmp = olist; *tmp != NULL && *tmp != op; tmp = &(*tmp)->o_next ) ; /* NULL */ if ( *tmp == NULL ) { - LDAPDebug( LDAP_DEBUG_ANY, "connection_remove_operation: can't find op %d for conn %" NSPRIu64 "\n", - (int)op->o_msgid, conn->c_connid, 0 ); + if (op) { + LDAPDebug( LDAP_DEBUG_ANY, "connection_remove_operation: can't find op %d for conn %" NSPRIu64 "\n", + (int)op->o_msgid, conn->c_connid, 0 ); + } else { + LDAPDebug( LDAP_DEBUG_ANY, "connection_remove_operation: no operation provided\n"); + } } else { *tmp = (*tmp)->o_next; }

1 0

Branch '389-ds-base-1.2.11' - ldap/servers
by Noriko Hosoi 19 Jun '14

19 Jun '14

ldap/servers/plugins/cos/cos_cache.c | 13 ++++--- ldap/servers/slapd/back-ldbm/ldbm_add.c | 1 ldap/servers/slapd/back-ldbm/ldbm_search.c | 50 +++++++++++++---------------- ldap/servers/slapd/daemon.c | 8 +--- ldap/servers/slapd/valueset.c | 7 +++- 5 files changed, 41 insertions(+), 38 deletions(-) New commits: commit ef7473dde11aa5c2b0041912b3f11099bb39ead8 Author: Noriko Hosoi <nhosoi(a)redhat.com> Date: Thu Jun 19 17:28:39 2014 -0700 Ticket #47820 - 1.2.11 branch: coverity errors Description: * Deadcode 1. Defect type: UNUSED_VALUE 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1894:returned_pointer – Pointer "slapdFrontendConfig" returned by "getFrontendConfig()" is never used. Solution: removed the line 1894. * Clang 1. Defect type: CLANG_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/valueset.c:1116:20:warning – Array access (via field 'va') results in a null pointer dereference 2. Defect type: CLANG_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/valueset.c:1090:26:warning – Array access (via field 'va') results in a null pointer dereference Solution: Added the code to check null dereference on vs->va on vs->va 3. Defect type: CLANG_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1896:6:warning – Value stored to 'maxthreads' during its initialization is never read Solution: removed the line 1896. 4. Defect type: CLANG_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1894:25:warning – Value stored to 'slapdFrontendConfig' during its initialization is never read Solution: Already addressed in Deadcode : 1. Defect type: UNUSED_VALUE 5. Defect type: CLANG_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1091:21:warning – Dereference of null pointer (loaded from variable 'nap') Solution: Added the code to check null dereference on nap and *nap. 6. Defect type: CLANG_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/back-ldbm/ldbm_search.c:455:25:warning – Value stored to 'virtual_list_view' is never read Solution: Porting bug (bz1109952; DS 47780). Moved the line to the right position. 7. Defect type: CLANG_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/back-ldbm/ldbm_add.c:1110:2:warning – Value stored to 'noabort' is never read Solution: Removed unnecessary assignment. Compiler Warnings 12. Defect type: COMPILER_WARNING 2. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1896:warning – unused variable 'maxthreads' Solution: already addressed 3. Defect type: CLANG_WARNING 13. Defect type: COMPILER_WARNING 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1895:warning – unused variable 'idletimeout' Solution: Removed the unused variable. 14. Defect type: COMPILER_WARNING ¶ 1. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1894:warning – unused variable 'slapdFrontendConfig' Solution: already addressed 1. Defect type: UNUSED_VALUE 15. Defect type: COMPILER_WARNING 2. 389-ds-base-1.2.11.15/ldap/servers/slapd/daemon.c:1788:warning – 'compute_idletimeout' defined but not used Solution: removed the unused function. https://fedorahosted.org/389/ticket/47820 Reviewed by rmeggins(a)redhat.com (Thanks, Rich!!) diff --git a/ldap/servers/plugins/cos/cos_cache.c b/ldap/servers/plugins/cos/cos_cache.c index 1ff02f9..a89f5c5 100644 --- a/ldap/servers/plugins/cos/cos_cache.c +++ b/ldap/servers/plugins/cos/cos_cache.c @@ -942,7 +942,7 @@ cos_dn_defs_cb (Slapi_Entry* e, void *callback_data) parent = slapi_create_dn_string("%s", orig); if (!parent) { parent = orig; - LDAPDebug1Arg(LDAP_DEBUG_ANY, + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, "cos_dn_defs_cb: " "failed to normalize parent dn %s. " "Adding the pre normalized dn.\n", @@ -959,18 +959,21 @@ cos_dn_defs_cb (Slapi_Entry* e, void *callback_data) } slapi_ch_free_string(&orig); } else { - LDAPDebug1Arg(LDAP_DEBUG_ANY, + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, "cos_dn_defs_cb: " "failed to get parent dn of cos definition %s.\n", pDn->val); if (!pCosTemplateDn) { if (!pCosTargetTree) { - LDAPDebug0Args(LDAP_DEBUG_ANY, "cosTargetTree and cosTemplateDn are not set.\n"); + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cosTargetTree and cosTemplateDn are not set.\n"); } else { - LDAPDebug0Args(LDAP_DEBUG_ANY, "cosTemplateDn is not set.\n"); + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cosTemplateDn is not set.\n"); } } else if (!pCosTargetTree) { - LDAPDebug0Args(LDAP_DEBUG_ANY, "cosTargetTree is not set.\n"); + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cosTargetTree is not set.\n"); } } } diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c index 9e176fa..e1ae66e 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_add.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c @@ -1107,7 +1107,6 @@ ldbm_back_add( Slapi_PBlock *pb ) } goto error_return; } - noabort = 1; rc= 0; goto common_return; diff --git a/ldap/servers/slapd/back-ldbm/ldbm_search.c b/ldap/servers/slapd/back-ldbm/ldbm_search.c index 626ba2e..46f7413 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_search.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_search.c @@ -462,34 +462,32 @@ ldbm_back_search( Slapi_PBlock *pb ) } } else { - { - /* Access Control Check to see if the client is allowed to use the VLV Control. */ - Slapi_Entry *feature; - int rc; - char dn[128]; - char *dummyAttr = "dummy#attr"; - char *dummyAttrs[2] = {NULL, NULL}; - - dummyAttrs[0] = dummyAttr; - - /* This dn is normalized. */ - PR_snprintf(dn, sizeof (dn), "dn: oid=%s,cn=features,cn=config", LDAP_CONTROL_VLVREQUEST); - feature = slapi_str2entry(dn, 0); - rc = plugin_call_acl_plugin(pb, feature, dummyAttrs, NULL, SLAPI_ACL_READ, ACLPLUGIN_ACCESS_DEFAULT, NULL); - slapi_entry_free(feature); - if (rc != LDAP_SUCCESS) { - /* Client isn't allowed to do this. */ - return ldbm_back_search_cleanup(pb, li, sort_control, + /* Access Control Check to see if the client is allowed to use the VLV Control. */ + Slapi_Entry *feature; + int rc; + char dn[128]; + char *dummyAttr = "dummy#attr"; + char *dummyAttrs[2] = {NULL, NULL}; + + dummyAttrs[0] = dummyAttr; + + /* This dn is normalized. */ + PR_snprintf(dn, sizeof (dn), "dn: oid=%s,cn=features,cn=config", LDAP_CONTROL_VLVREQUEST); + feature = slapi_str2entry(dn, 0); + rc = plugin_call_acl_plugin(pb, feature, dummyAttrs, NULL, SLAPI_ACL_READ, ACLPLUGIN_ACCESS_DEFAULT, NULL); + slapi_entry_free(feature); + if (rc != LDAP_SUCCESS) { + /* Client isn't allowed to do this. */ + return ldbm_back_search_cleanup(pb, li, sort_control, rc, "VLV Control", SLAPI_FAIL_GENERAL, &vlv_request_control, NULL, candidates); - } } + /* + * Sorting must always be critical for VLV; Force it be so. + */ + is_sorting_critical= 1; + virtual_list_view= 1; } - /* - * Sorting must always be critical for VLV; Force it be so. - */ - is_sorting_critical= 1; - virtual_list_view= 1; } else { @@ -1407,7 +1405,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension ) back_txn txn = {NULL}; int pr_idx = -1; Slapi_Connection *conn; - Slapi_Operation *op; + Slapi_Operation *op = NULL; int reverse_list = 0; slapi_pblock_get( pb, SLAPI_SEARCH_TARGET_SDN, &basesdn ); @@ -1791,7 +1789,7 @@ ldbm_back_next_search_entry_ext( Slapi_PBlock *pb, int use_extension ) } bail: - if(rc){ + if(rc && op) { op->o_reverse_search_state = 0; } diff --git a/ldap/servers/slapd/daemon.c b/ldap/servers/slapd/daemon.c index 9d24829..4cea840 100644 --- a/ldap/servers/slapd/daemon.c +++ b/ldap/servers/slapd/daemon.c @@ -1081,7 +1081,7 @@ void slapd_daemon( daemon_ports_t *ports ) if ( n_tcps != NULL ) { PRFileDesc **fdesp; PRNetAddr **nap = ports->n_listenaddr; - for (fdesp = n_tcps; fdesp && *fdesp; fdesp++, nap++) { + for (fdesp = n_tcps; fdesp && *fdesp && nap && *nap; fdesp++, nap++) { if ( PR_Listen( *fdesp, config_get_listen_backlog_size() ) == PR_FAILURE ) { PRErrorCode prerr = PR_GetError(); char addrbuf[ 256 ]; @@ -1779,6 +1779,7 @@ daemon_register_reslimits( void ) &idletimeout_reslimit_handle )); } +#if 0 /* NOT USED */ /* * Compute the idle timeout for the connection. * @@ -1826,7 +1827,7 @@ compute_idletimeout( slapdFrontendConfig_t *fecfg, Connection *conn ) return( idletimeout ); } - +#endif #ifdef _WIN32 static void @@ -1891,9 +1892,6 @@ handle_pr_read_ready(Connection_Table *ct, PRIntn num_poll) { Connection *c; time_t curtime = current_time(); - slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); - int idletimeout; - int maxthreads = config_get_maxthreadsperconn(); #if defined( XP_WIN32 ) int i; #endif diff --git a/ldap/servers/slapd/valueset.c b/ldap/servers/slapd/valueset.c index 960ad79..5c1ae36 100644 --- a/ldap/servers/slapd/valueset.c +++ b/ldap/servers/slapd/valueset.c @@ -1038,7 +1038,7 @@ slapi_valueset_add_attr_valuearray_ext(const Slapi_Attr *a, Slapi_ValueSet *vs, int passin = flags & SLAPI_VALUE_FLAG_PASSIN; int dupcheck = flags & SLAPI_VALUE_FLAG_DUPCHECK; - if (naddvals == 0) + if (naddvals <= 0) return (rc); need = vs->num + naddvals + 1; @@ -1072,6 +1072,11 @@ slapi_valueset_add_attr_valuearray_ext(const Slapi_Attr *a, Slapi_ValueSet *vs, } vs->max= allocate; } + if (NULL == vs->va) { + LDAPDebug1Arg(LDAP_DEBUG_ANY, "slapi_valueset_add_attr_valuearray_ext: " + "%s: valuearray is NULL\n", a->a_type); + return LDAP_OPERATIONS_ERROR; + } if ( (vs->num + naddvals > VALUESET_ARRAY_SORT_THRESHOLD || dupcheck ) && !vs->sorted ) {

1 0

Branch '389-ds-base-1.2.11' - ldap/servers
by Mark Reynolds 18 Jun '14

18 Jun '14

ldap/servers/slapd/back-ldbm/ldbm_add.c | 5 +++-- ldap/servers/slapd/back-ldbm/ldbm_delete.c | 3 ++- ldap/servers/slapd/back-ldbm/ldbm_modify.c | 1 + ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 1 + 4 files changed, 7 insertions(+), 3 deletions(-) New commits: commit 6f6142ed787507190a0181658c6063bf84a0d924 Author: Mark Reynolds <mreynolds(a)redhat.com> Date: Tue Jun 17 17:58:54 2014 -0400 Ticket 47817 - The error result text message should be obtained just prior to sending result Bug Description: We do not get pblock result message after the betxn postop plugins are called. If a betxn plugin modified the ldap result message, then when the backend returns the results it does an invalid read on the old pointer of the old result message. Fix Description: Get the result message after we call the betxn postop plugins. https://fedorahosted.org/389/ticket/47817 jenkins: passed Reviewed by: nhosoi(Thanks!) (cherry picked from commit 68e766891d1067b2b86bd48bfa16d0837fa5a737) Conflicts: ldap/servers/slapd/back-ldbm/ldbm_add.c diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c index b129307..9e176fa 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_add.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c @@ -93,8 +93,8 @@ ldbm_back_add( Slapi_PBlock *pb ) char *msg; int managedsait; int ldap_result_code = LDAP_SUCCESS; - char *ldap_result_message= NULL; - char *ldap_result_matcheddn= NULL; + char *ldap_result_message = NULL; + char *ldap_result_matcheddn = NULL; int retry_count = 0; int disk_full = 0; modify_context parent_modify_c = {0}; @@ -1181,6 +1181,7 @@ diskfull_return: opreturn = -1; slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, &opreturn); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } if (!noabort) { diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c index 32feeb1..6e69d24 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c @@ -75,7 +75,7 @@ ldbm_back_delete( Slapi_PBlock *pb ) modify_context ruv_c = {0}; int rc = 0; int ldap_result_code= LDAP_SUCCESS; - char *ldap_result_message= NULL; + char *ldap_result_message = NULL; Slapi_DN *sdnp = NULL; char *e_uniqueid = NULL; Slapi_DN nscpEntrySDN; @@ -1274,6 +1274,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c index b6a889f..a40b5c4 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c @@ -826,6 +826,7 @@ error_return: LDAPDebug1Arg( LDAP_DEBUG_TRACE, "SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN plugin " "returned error code %d\n", retval ); slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code); + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &opreturn); if (!opreturn) { slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval); diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c index 09d8f05..3e5f686 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c @@ -1367,6 +1367,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } dblayer_txn_abort(li,&txn); /* abort crashes in case disk full */

1 0

Branch '389-ds-base-1.3.1' - ldap/servers
by Mark Reynolds 18 Jun '14

18 Jun '14

ldap/servers/slapd/back-ldbm/ldbm_add.c | 6 ++++-- ldap/servers/slapd/back-ldbm/ldbm_delete.c | 3 ++- ldap/servers/slapd/back-ldbm/ldbm_modify.c | 1 + ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 1 + 4 files changed, 8 insertions(+), 3 deletions(-) New commits: commit e6762cb8cd43d8753f64f00cb3da36dc817d3c5d Author: Mark Reynolds <mreynolds(a)redhat.com> Date: Tue Jun 17 17:58:54 2014 -0400 Ticket 47817 - The error result text message should be obtained just prior to sending result Bug Description: We do not get pblock result message after the betxn postop plugins are called. If a betxn plugin modified the ldap result message, then when the backend returns the results it does an invalid read on the old pointer of the old result message. Fix Description: Get the result message after we call the betxn postop plugins. https://fedorahosted.org/389/ticket/47817 jenkins: passed Reviewed by: nhosoi(Thanks!) (cherry picked from commit 68e766891d1067b2b86bd48bfa16d0837fa5a737) diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c index fb487cc..e68c138 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_add.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c @@ -94,8 +94,8 @@ ldbm_back_add( Slapi_PBlock *pb ) char *msg; int managedsait; int ldap_result_code = LDAP_SUCCESS; - char *ldap_result_message= NULL; - char *ldap_result_matcheddn= NULL; + char *ldap_result_message = NULL; + char *ldap_result_matcheddn = NULL; int retry_count = 0; int disk_full = 0; modify_context parent_modify_c = {0}; @@ -1225,6 +1225,8 @@ diskfull_return: /* tell frontend not to free this entry */ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL); } + + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c index 0ea1bee..3adaffb 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c @@ -75,7 +75,7 @@ ldbm_back_delete( Slapi_PBlock *pb ) modify_context ruv_c = {0}; int rc = 0; int ldap_result_code= LDAP_SUCCESS; - char *ldap_result_message= NULL; + char *ldap_result_message = NULL; Slapi_DN *sdnp = NULL; char *e_uniqueid = NULL; Slapi_DN nscpEntrySDN; @@ -1331,6 +1331,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c index 31e2f66..7d424fb 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c @@ -860,6 +860,7 @@ error_return: LDAPDebug1Arg( LDAP_DEBUG_TRACE, "SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN plugin " "returned error code %d\n", retval ); slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code); + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &opreturn); if (!opreturn) { slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval); diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c index 3cb9437..4bb4227 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c @@ -1397,6 +1397,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */

1 0

Branch '389-ds-base-1.3.2' - ldap/servers
by Mark Reynolds 18 Jun '14

18 Jun '14

ldap/servers/slapd/back-ldbm/ldbm_add.c | 6 ++++-- ldap/servers/slapd/back-ldbm/ldbm_delete.c | 3 ++- ldap/servers/slapd/back-ldbm/ldbm_modify.c | 1 + ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 1 + 4 files changed, 8 insertions(+), 3 deletions(-) New commits: commit dd51540a4915857a6d9beb55b44ad2b7d4bb8cac Author: Mark Reynolds <mreynolds(a)redhat.com> Date: Tue Jun 17 17:58:54 2014 -0400 Ticket 47817 - The error result text message should be obtained just prior to sending result Bug Description: We do not get pblock result message after the betxn postop plugins are called. If a betxn plugin modified the ldap result message, then when the backend returns the results it does an invalid read on the old pointer of the old result message. Fix Description: Get the result message after we call the betxn postop plugins. https://fedorahosted.org/389/ticket/47817 jenkins: passed Reviewed by: nhosoi(Thanks!) (cherry picked from commit 68e766891d1067b2b86bd48bfa16d0837fa5a737) diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c index 0dcb158..0a7d006 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_add.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c @@ -94,8 +94,8 @@ ldbm_back_add( Slapi_PBlock *pb ) char *msg; int managedsait; int ldap_result_code = LDAP_SUCCESS; - char *ldap_result_message= NULL; - char *ldap_result_matcheddn= NULL; + char *ldap_result_message = NULL; + char *ldap_result_matcheddn = NULL; int retry_count = 0; int disk_full = 0; modify_context parent_modify_c = {0}; @@ -1225,6 +1225,8 @@ diskfull_return: /* tell frontend not to free this entry */ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL); } + + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c index 915ea08..39fe706 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c @@ -75,7 +75,7 @@ ldbm_back_delete( Slapi_PBlock *pb ) modify_context ruv_c = {0}; int rc = 0; int ldap_result_code= LDAP_SUCCESS; - char *ldap_result_message= NULL; + char *ldap_result_message = NULL; Slapi_DN *sdnp = NULL; char *e_uniqueid = NULL; Slapi_DN nscpEntrySDN; @@ -1331,6 +1331,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c index d2dc983..8791b45 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c @@ -901,6 +901,7 @@ error_return: LDAPDebug1Arg( LDAP_DEBUG_TRACE, "SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN plugin " "returned error code %d\n", retval ); slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code); + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &opreturn); if (!opreturn) { slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval); diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c index 71056bb..57590cb 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c @@ -1397,6 +1397,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */

1 0

ldap/servers
by Mark Reynolds 18 Jun '14

18 Jun '14

ldap/servers/slapd/back-ldbm/ldbm_add.c | 6 ++++-- ldap/servers/slapd/back-ldbm/ldbm_delete.c | 3 ++- ldap/servers/slapd/back-ldbm/ldbm_modify.c | 1 + ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 1 + 4 files changed, 8 insertions(+), 3 deletions(-) New commits: commit 68e766891d1067b2b86bd48bfa16d0837fa5a737 Author: Mark Reynolds <mreynolds(a)redhat.com> Date: Tue Jun 17 17:58:54 2014 -0400 Ticket 47817 - The error result text message should be obtained just prior to sending result Bug Description: We do not get pblock result message after the betxn postop plugins are called. If a betxn plugin modified the ldap result message, then when the backend returns the results it does an invalid read on the old pointer of the old result message. Fix Description: Get the result message after we call the betxn postop plugins. https://fedorahosted.org/389/ticket/47817 jenkins: passed Reviewed by: nhosoi(Thanks!) diff --git a/ldap/servers/slapd/back-ldbm/ldbm_add.c b/ldap/servers/slapd/back-ldbm/ldbm_add.c index 181c173..63fccb1 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_add.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_add.c @@ -94,8 +94,8 @@ ldbm_back_add( Slapi_PBlock *pb ) char *msg; int managedsait; int ldap_result_code = LDAP_SUCCESS; - char *ldap_result_message= NULL; - char *ldap_result_matcheddn= NULL; + char *ldap_result_message = NULL; + char *ldap_result_matcheddn = NULL; int retry_count = 0; int disk_full = 0; modify_context parent_modify_c = {0}; @@ -1227,6 +1227,8 @@ diskfull_return: /* tell frontend not to free this entry */ slapi_pblock_set(pb, SLAPI_ADD_ENTRY, NULL); } + + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c index 915ea08..39fe706 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c @@ -75,7 +75,7 @@ ldbm_back_delete( Slapi_PBlock *pb ) modify_context ruv_c = {0}; int rc = 0; int ldap_result_code= LDAP_SUCCESS; - char *ldap_result_message= NULL; + char *ldap_result_message = NULL; Slapi_DN *sdnp = NULL; char *e_uniqueid = NULL; Slapi_DN nscpEntrySDN; @@ -1331,6 +1331,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */ diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c b/ldap/servers/slapd/back-ldbm/ldbm_modify.c index d2dc983..8791b45 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c @@ -901,6 +901,7 @@ error_return: LDAPDebug1Arg( LDAP_DEBUG_TRACE, "SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN plugin " "returned error code %d\n", retval ); slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code); + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &opreturn); if (!opreturn) { slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval); diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c index 472c2f7..09a1fea 100644 --- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c +++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c @@ -1430,6 +1430,7 @@ error_return: if (!opreturn) { slapi_pblock_set( pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval ); } + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); } /* Release SERIAL LOCK */

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

389-commits June 2014