dirsrvtests/create_test.py dirsrvtests/tickets ldap/servers
by Mark Reynolds
dirsrvtests/create_test.py | 343 ++++++++++++++++++++------------
dirsrvtests/tickets/ticket48370_test.py | 236 ++++++++++++++++++++++
ldap/servers/slapd/back-ldbm/index.c | 29 +-
3 files changed, 468 insertions(+), 140 deletions(-)
New commits:
commit 63b80b5c31ebda51445c662903a28e2a79ebe60a
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Mon Dec 7 16:45:06 2015 -0500
Ticket 48370 - The 'eq' index does not get updated properly
when deleting and re-adding attributes in
the same modify operation
Bug Description: If you delete several values of the same attribute, and
add at least one of them back in the same operation, the
equality index does not get updated.
Fix Description: Modify the logic of the index code to update the index if
at least one of the values in the entry changes.
Also did pep8 cleanup of create_test.py
https://fedorahosted.org/389/ticket/48370
Reviewed by: wibrown(Thanks!)
diff --git a/dirsrvtests/create_test.py b/dirsrvtests/create_test.py
index 0979f6e..e3b89aa 100755
--- a/dirsrvtests/create_test.py
+++ b/dirsrvtests/create_test.py
@@ -21,14 +21,16 @@ non-interesting parts of a test script:
def displayUsage():
- print ('\nUsage:\ncreate_ticket.py -t|--ticket <ticket number> -s|--suite <suite name> ' +
- '[ i|--instances <number of standalone instances> [ -m|--masters <number of masters> ' +
- '-h|--hubs <number of hubs> -c|--consumers <number of consumers> ] ' +
- '-o|--outputfile ]\n')
- print ('If only "-t" is provided then a single standalone instance is created. ' +
- 'Or you can create a test suite script using "-s|--suite" instead of using "-t|--ticket".' +
- 'The "-i" option can add mulitple standalone instances(maximum 10). ' +
- 'However, you can not mix "-i" with the replication options(-m, -h , -c). ' +
+ print ('\nUsage:\ncreate_ticket.py -t|--ticket <ticket number> ' +
+ '-s|--suite <suite name> ' +
+ '[ i|--instances <number of standalone instances> ' +
+ '[ -m|--masters <number of masters> -h|--hubs <number of hubs> ' +
+ '-c|--consumers <number of consumers> ] -o|--outputfile ]\n')
+ print ('If only "-t" is provided then a single standalone instance is ' +
+ 'created. Or you can create a test suite script using ' +
+ '"-s|--suite" instead of using "-t|--ticket". The "-i" option ' +
+ 'can add mulitple standalone instances(maximum 10). However, you' +
+ ' can not mix "-i" with the replication options(-m, -h , -c). ' +
'There is a maximum of 10 masters, 10 hubs, and 10 consumers.')
exit(1)
@@ -86,33 +88,46 @@ if len(sys.argv) > 0:
displayUsage()
if args.ticket and args.suite:
- print('You must choose either "-t|--ticket" or "-s|--suite", but not both.')
+ print('You must choose either "-t|--ticket" or "-s|--suite", ' +
+ 'but not both.')
displayUsage()
if int(args.masters) == 0:
if int(args.hubs) > 0 or int(args.consumers) > 0:
- print('You must use "-m|--masters" if you want to have hubs and/or consumers')
+ print('You must use "-m|--masters" if you want to have hubs ' +
+ 'and/or consumers')
displayUsage()
- if not args.masters.isdigit() or int(args.masters) > 10 or int(args.masters) < 0:
- print('Invalid value for "--masters", it must be a number and it can not be greater than 10')
+ if not args.masters.isdigit() or \
+ int(args.masters) > 10 or \
+ int(args.masters) < 0:
+ print('Invalid value for "--masters", it must be a number and it can' +
+ ' not be greater than 10')
displayUsage()
if not args.hubs.isdigit() or int(args.hubs) > 10 or int(args.hubs) < 0:
- print('Invalid value for "--hubs", it must be a number and it can not be greater than 10')
+ print('Invalid value for "--hubs", it must be a number and it can ' +
+ 'not be greater than 10')
displayUsage()
- if not args.consumers.isdigit() or int(args.consumers) > 10 or int(args.consumers) < 0:
- print('Invalid value for "--consumers", it must be a number and it can not be greater than 10')
+ if not args.consumers.isdigit() or \
+ int(args.consumers) > 10 or \
+ int(args.consumers) < 0:
+ print('Invalid value for "--consumers", it must be a number and it ' +
+ 'can not be greater than 10')
displayUsage()
if args.inst:
- if not args.inst.isdigit() or int(args.inst) > 10 or int(args.inst) < 1:
- print('Invalid value for "--instances", it must be a number greater than 0 ' +
- 'and not greater than 10')
+ if not args.inst.isdigit() or \
+ int(args.inst) > 10 or \
+ int(args.inst) < 1:
+ print('Invalid value for "--instances", it must be a number ' +
+ 'greater than 0 and not greater than 10')
displayUsage()
if int(args.inst) > 0:
- if int(args.masters) > 0 or int(args.hubs) > 0 or int(args.consumers) > 0:
+ if int(args.masters) > 0 or \
+ int(args.hubs) > 0 or \
+ int(args.consumers) > 0:
print('You can not mix "--instances" with replication.')
displayUsage()
@@ -147,9 +162,11 @@ if len(sys.argv) > 0:
#
# Write the imports
#
- TEST.write('import os\nimport sys\nimport time\nimport ldap\nimport logging\nimport pytest\n')
- TEST.write('from lib389 import DirSrv, Entry, tools, tasks\nfrom lib389.tools import DirSrvTools\n' +
- 'from lib389._constants import *\nfrom lib389.properties import *\n' +
+ TEST.write('import os\nimport sys\nimport time\nimport ldap\n' +
+ 'import logging\nimport pytest\n')
+ TEST.write('from lib389 import DirSrv, Entry, tools, tasks\nfrom ' +
+ 'lib389.tools import DirSrvTools\nfrom lib389._constants ' +
+ 'import *\nfrom lib389.properties import *\n' +
'from lib389.tasks import *\nfrom lib389.utils import *\n\n')
#
@@ -181,13 +198,16 @@ if len(sys.argv) > 0:
for idx in range(masters):
TEST.write(' master' + str(idx + 1) + '.open()\n')
- TEST.write(' self.master' + str(idx + 1) + ' = master' + str(idx + 1) + '\n')
+ TEST.write(' self.master' + str(idx + 1) + ' = master' +
+ str(idx + 1) + '\n')
for idx in range(hubs):
TEST.write(' hub' + str(idx + 1) + '.open()\n')
- TEST.write(' self.hub' + str(idx + 1) + ' = hub' + str(idx + 1) + '\n')
+ TEST.write(' self.hub' + str(idx + 1) + ' = hub' +
+ str(idx + 1) + '\n')
for idx in range(consumers):
TEST.write(' consumer' + str(idx + 1) + '.open()\n')
- TEST.write(' self.consumer' + str(idx + 1) + ' = consumer' + str(idx + 1) + '\n')
+ TEST.write(' self.consumer' + str(idx + 1) + ' = consumer' +
+ str(idx + 1) + '\n')
TEST.write('\n\n')
else:
#
@@ -211,7 +231,8 @@ if len(sys.argv) > 0:
else:
idx = str(idx)
TEST.write(' standalone' + idx + '.open()\n')
- TEST.write(' self.standalone' + idx + ' = standalone' + idx + '\n')
+ TEST.write(' self.standalone' + idx + ' = standalone' +
+ idx + '\n')
TEST.write('\n\n')
#
@@ -221,7 +242,8 @@ if len(sys.argv) > 0:
TEST.write('def topology(request):\n')
TEST.write(' global installation1_prefix\n')
TEST.write(' if installation1_prefix:\n')
- TEST.write(' args_instance[SER_DEPLOYED_DIR] = installation1_prefix\n\n')
+ TEST.write(' args_instance[SER_DEPLOYED_DIR] = ' +
+ 'installation1_prefix\n\n')
if repl_deployment:
#
@@ -231,20 +253,25 @@ if len(sys.argv) > 0:
idx = str(idx + 1)
TEST.write(' # Creating master ' + idx + '...\n')
TEST.write(' master' + idx + ' = DirSrv(verbose=False)\n')
- TEST.write(' args_instance[SER_HOST] = HOST_MASTER_' + idx + '\n')
- TEST.write(' args_instance[SER_PORT] = PORT_MASTER_' + idx + '\n')
- TEST.write(' args_instance[SER_SERVERID_PROP] = SERVERID_MASTER_' + idx + '\n')
- TEST.write(' args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX\n')
+ TEST.write(' args_instance[SER_HOST] = HOST_MASTER_' + idx +
+ '\n')
+ TEST.write(' args_instance[SER_PORT] = PORT_MASTER_' + idx +
+ '\n')
+ TEST.write(' args_instance[SER_SERVERID_PROP] = ' +
+ 'SERVERID_MASTER_' + idx + '\n')
+ TEST.write(' args_instance[SER_CREATION_SUFFIX] = ' +
+ 'DEFAULT_SUFFIX\n')
TEST.write(' args_master = args_instance.copy()\n')
TEST.write(' master' + idx + '.allocate(args_master)\n')
- TEST.write(' instance_master' + idx + ' = master' + idx + '.exists()\n')
+ TEST.write(' instance_master' + idx + ' = master' + idx +
+ '.exists()\n')
TEST.write(' if instance_master' + idx + ':\n')
TEST.write(' master' + idx + '.delete()\n')
TEST.write(' master' + idx + '.create()\n')
TEST.write(' master' + idx + '.open()\n')
- TEST.write(' master' + idx + '.replica.enableReplication(suffix=SUFFIX, ' +
- 'role=REPLICAROLE_MASTER, ' +
- 'replicaId=REPLICAID_MASTER_' + idx + ')\n\n')
+ TEST.write(' master' + idx + '.replica.enableReplication' +
+ '(suffix=SUFFIX, role=REPLICAROLE_MASTER, ' +
+ 'replicaId=REPLICAID_MASTER_' + idx + ')\n\n')
for idx in range(hubs):
idx = str(idx + 1)
@@ -252,37 +279,45 @@ if len(sys.argv) > 0:
TEST.write(' hub' + idx + ' = DirSrv(verbose=False)\n')
TEST.write(' args_instance[SER_HOST] = HOST_HUB_' + idx + '\n')
TEST.write(' args_instance[SER_PORT] = PORT_HUB_' + idx + '\n')
- TEST.write(' args_instance[SER_SERVERID_PROP] = SERVERID_HUB_' + idx + '\n')
- TEST.write(' args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX\n')
+ TEST.write(' args_instance[SER_SERVERID_PROP] = SERVERID_HUB_' +
+ idx + '\n')
+ TEST.write(' args_instance[SER_CREATION_SUFFIX] = ' +
+ 'DEFAULT_SUFFIX\n')
TEST.write(' args_hub = args_instance.copy()\n')
TEST.write(' hub' + idx + '.allocate(args_hub)\n')
- TEST.write(' instance_hub' + idx + ' = hub' + idx + '.exists()\n')
+ TEST.write(' instance_hub' + idx + ' = hub' + idx +
+ '.exists()\n')
TEST.write(' if instance_hub' + idx + ':\n')
TEST.write(' hub' + idx + '.delete()\n')
TEST.write(' hub' + idx + '.create()\n')
TEST.write(' hub' + idx + '.open()\n')
- TEST.write(' hub' + idx + '.replica.enableReplication(suffix=SUFFIX, ' +
- 'role=REPLICAROLE_HUB, ' +
- 'replicaId=REPLICAID_HUB_' + idx + ')\n\n')
+ TEST.write(' hub' + idx + '.replica.enableReplication' +
+ '(suffix=SUFFIX, role=REPLICAROLE_HUB, ' +
+ 'replicaId=REPLICAID_HUB_' + idx + ')\n\n')
for idx in range(consumers):
idx = str(idx + 1)
TEST.write(' # Creating consumer ' + idx + '...\n')
TEST.write(' consumer' + idx + ' = DirSrv(verbose=False)\n')
- TEST.write(' args_instance[SER_HOST] = HOST_CONSUMER_' + idx + '\n')
- TEST.write(' args_instance[SER_PORT] = PORT_CONSUMER_' + idx + '\n')
- TEST.write(' args_instance[SER_SERVERID_PROP] = SERVERID_CONSUMER_' + idx + '\n')
- TEST.write(' args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX\n')
+ TEST.write(' args_instance[SER_HOST] = HOST_CONSUMER_' + idx +
+ '\n')
+ TEST.write(' args_instance[SER_PORT] = PORT_CONSUMER_' + idx +
+ '\n')
+ TEST.write(' args_instance[SER_SERVERID_PROP] = ' +
+ 'SERVERID_CONSUMER_' + idx + '\n')
+ TEST.write(' args_instance[SER_CREATION_SUFFIX] = ' +
+ 'DEFAULT_SUFFIX\n')
TEST.write(' args_consumer = args_instance.copy()\n')
TEST.write(' consumer' + idx + '.allocate(args_consumer)\n')
- TEST.write(' instance_consumer' + idx + ' = consumer' + idx + '.exists()\n')
+ TEST.write(' instance_consumer' + idx + ' = consumer' + idx +
+ '.exists()\n')
TEST.write(' if instance_consumer' + idx + ':\n')
TEST.write(' consumer' + idx + '.delete()\n')
TEST.write(' consumer' + idx + '.create()\n')
TEST.write(' consumer' + idx + '.open()\n')
- TEST.write(' consumer' + idx + '.replica.enableReplication(suffix=SUFFIX, ' +
- 'role=REPLICAROLE_CONSUMER, ' +
- 'replicaId=CONSUMER_REPLICAID)\n\n')
+ TEST.write(' consumer' + idx + '.replica.enableReplication' +
+ '(suffix=SUFFIX, role=REPLICAROLE_CONSUMER, ' +
+ 'replicaId=CONSUMER_REPLICAID)\n\n')
#
# Create the master agreements
@@ -301,39 +336,61 @@ if len(sys.argv) > 0:
if master_idx == idx:
# skip ourselves
continue
- TEST.write(' # Creating agreement from master ' + str(master_idx) + ' to master ' + str(idx) + '\n')
- TEST.write(" properties = {RA_NAME: r'meTo_$host:$port',\n")
- TEST.write(" RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],\n")
- TEST.write(" RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],\n")
- TEST.write(" RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],\n")
- TEST.write(" RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}\n")
- TEST.write(' m' + str(master_idx) + '_m' + str(idx) + '_agmt = master' + str(master_idx) +
+ TEST.write(' # Creating agreement from master ' +
+ str(master_idx) + ' to master ' + str(idx) + '\n')
+ TEST.write(" properties = {RA_NAME: " +
+ "r'meTo_$host:$port',\n")
+ TEST.write(" RA_BINDDN: " +
+ "defaultProperties[REPLICATION_BIND_DN],\n")
+ TEST.write(" RA_BINDPW: " +
+ "defaultProperties[REPLICATION_BIND_PW],\n")
+ TEST.write(" RA_METHOD: " +
+ "defaultProperties[REPLICATION_BIND_METHOD],\n")
+ TEST.write(" RA_TRANSPORT_PROT: " +
+ "defaultProperties[REPLICATION_TRANSPORT]}\n")
+ TEST.write(' m' + str(master_idx) + '_m' + str(idx) +
+ '_agmt = master' + str(master_idx) +
'.agreement.create(suffix=SUFFIX, host=master' +
- str(idx) + '.host, port=master' + str(idx) + '.port, properties=properties)\n')
- TEST.write(' if not m' + str(master_idx) + '_m' + str(idx) + '_agmt:\n')
- TEST.write(' log.fatal("Fail to create a master -> master replica agreement")\n')
+ str(idx) + '.host, port=master' + str(idx) +
+ '.port, properties=properties)\n')
+ TEST.write(' if not m' + str(master_idx) + '_m' + str(idx) +
+ '_agmt:\n')
+ TEST.write(' log.fatal("Fail to create a master -> ' +
+ 'master replica agreement")\n')
TEST.write(' sys.exit(1)\n')
- TEST.write(' log.debug("%s created" % m' + str(master_idx) + '_m' + str(idx) + '_agmt)\n\n')
+ TEST.write(' log.debug("%s created" % m' + str(master_idx) +
+ '_m' + str(idx) + '_agmt)\n\n')
agmt_count += 1
for idx in range(hubs):
idx += 1
#
- # Create agreements from each master to each hub (master -> hub)
+ # Create agmts from each master to each hub (master -> hub)
#
- TEST.write(' # Creating agreement from master ' + str(master_idx) + ' to hub ' + str(idx) + '\n')
- TEST.write(" properties = {RA_NAME: r'meTo_$host:$port',\n")
- TEST.write(" RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],\n")
- TEST.write(" RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],\n")
- TEST.write(" RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],\n")
- TEST.write(" RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}\n")
- TEST.write(' m' + str(master_idx) + '_h' + str(idx) + '_agmt = master' + str(master_idx) +
- '.agreement.create(suffix=SUFFIX, host=hub' +
- str(idx) + '.host, port=hub' + str(idx) + '.port, properties=properties)\n')
- TEST.write(' if not m' + str(master_idx) + '_h' + str(idx) + '_agmt:\n')
- TEST.write(' log.fatal("Fail to create a master -> hub replica agreement")\n')
+ TEST.write(' # Creating agreement from master ' +
+ str(master_idx) + ' to hub ' + str(idx) + '\n')
+ TEST.write(" properties = {RA_NAME: " +
+ "r'meTo_$host:$port',\n")
+ TEST.write(" RA_BINDDN: " +
+ "defaultProperties[REPLICATION_BIND_DN],\n")
+ TEST.write(" RA_BINDPW: " +
+ "defaultProperties[REPLICATION_BIND_PW],\n")
+ TEST.write(" RA_METHOD: " +
+ "defaultProperties[REPLICATION_BIND_METHOD],\n")
+ TEST.write(" RA_TRANSPORT_PROT: " +
+ "defaultProperties[REPLICATION_TRANSPORT]}\n")
+ TEST.write(' m' + str(master_idx) + '_h' + str(idx) +
+ '_agmt = master' + str(master_idx) +
+ '.agreement.create(suffix=SUFFIX, host=hub' +
+ str(idx) + '.host, port=hub' + str(idx) +
+ '.port, properties=properties)\n')
+ TEST.write(' if not m' + str(master_idx) + '_h' + str(idx) +
+ '_agmt:\n')
+ TEST.write(' log.fatal("Fail to create a master -> ' +
+ 'hub replica agreement")\n')
TEST.write(' sys.exit(1)\n')
- TEST.write(' log.debug("%s created" % m' + str(master_idx) + '_h' + str(idx) + '_agmt)\n\n')
+ TEST.write(' log.debug("%s created" % m' + str(master_idx) +
+ '_h' + str(idx) + '_agmt)\n\n')
agmt_count += 1
#
@@ -349,24 +406,35 @@ if len(sys.argv) > 0:
#
# Create agreements from each hub to each consumer
#
- TEST.write(' # Creating agreement from hub ' + str(hub_idx) + ' to consumer ' + str(idx) + '\n')
- TEST.write(" properties = {RA_NAME: r'meTo_$host:$port',\n")
- TEST.write(" RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],\n")
- TEST.write(" RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],\n")
- TEST.write(" RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],\n")
- TEST.write(" RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}\n")
- TEST.write(' h' + str(hub_idx) + '_c' + str(idx) + '_agmt = hub' +
- str(hub_idx) + '.agreement.create(suffix=SUFFIX, host=consumer' +
- str(idx) + '.host, port=consumer' + str(idx) + '.port, properties=properties)\n')
- TEST.write(' if not h' + str(hub_idx) + '_c' + str(idx) + '_agmt:\n')
- TEST.write(' log.fatal("Fail to create a hub -> consumer replica agreement")\n')
+ TEST.write(' # Creating agreement from hub ' + str(hub_idx)
+ + ' to consumer ' + str(idx) + '\n')
+ TEST.write(" properties = {RA_NAME: " +
+ "r'meTo_$host:$port',\n")
+ TEST.write(" RA_BINDDN: " +
+ "defaultProperties[REPLICATION_BIND_DN],\n")
+ TEST.write(" RA_BINDPW: " +
+ "defaultProperties[REPLICATION_BIND_PW],\n")
+ TEST.write(" RA_METHOD: " +
+ "defaultProperties[REPLICATION_BIND_METHOD],\n")
+ TEST.write(" RA_TRANSPORT_PROT: " +
+ "defaultProperties[REPLICATION_TRANSPORT]}\n")
+ TEST.write(' h' + str(hub_idx) + '_c' + str(idx) +
+ '_agmt = hub' + str(hub_idx) +
+ '.agreement.create(suffix=SUFFIX, host=consumer' +
+ str(idx) + '.host, port=consumer' + str(idx) +
+ '.port, properties=properties)\n')
+ TEST.write(' if not h' + str(hub_idx) + '_c' + str(idx) +
+ '_agmt:\n')
+ TEST.write(' log.fatal("Fail to create a hub -> ' +
+ 'consumer replica agreement")\n')
TEST.write(' sys.exit(1)\n')
- TEST.write(' log.debug("%s created" % h' + str(hub_idx) + '_c' + str(idx) + '_agmt)\n\n')
+ TEST.write(' log.debug("%s created" % h' + str(hub_idx) +
+ '_c' + str(idx) + '_agmt)\n\n')
agmt_count += 1
if hubs == 0:
#
- # No Hubs, see if there are any consumers to create agreements to...
+ # No Hubs, see if there are any consumers to create agreements to
#
for idx in range(masters):
master_idx = idx + 1
@@ -378,27 +446,40 @@ if len(sys.argv) > 0:
#
# Create agreements from each master to each consumer
#
- TEST.write(' # Creating agreement from master ' + str(master_idx) +
- ' to consumer ' + str(idx) + '\n')
- TEST.write(" properties = {RA_NAME: r'meTo_$host:$port',\n")
- TEST.write(" RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],\n")
- TEST.write(" RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],\n")
- TEST.write(" RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],\n")
- TEST.write(" RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}\n")
- TEST.write(' m' + str(master_idx) + '_c' + str(idx) + '_agmt = master' + str(master_idx) +
- '.agreement.create(suffix=SUFFIX, host=consumer' +
- str(idx) + '.host, port=consumer' + str(idx) +
- '.port, properties=properties)\n')
- TEST.write(' if not m' + str(master_idx) + '_c' + str(idx) + '_agmt:\n')
- TEST.write(' log.fatal("Fail to create a hub -> consumer replica agreement")\n')
+ TEST.write(' # Creating agreement from master ' +
+ str(master_idx) + ' to consumer ' + str(idx) +
+ '\n')
+ TEST.write(" properties = {RA_NAME: " +
+ "r'meTo_$host:$port',\n")
+ TEST.write(" RA_BINDDN: " +
+ "defaultProperties[REPLICATION_BIND_DN],\n")
+ TEST.write(" RA_BINDPW: " +
+ "defaultProperties[REPLICATION_BIND_PW],\n")
+ TEST.write(" RA_METHOD: " +
+ "defaultProperties[REPLICATION_BIND_METHOD],\n")
+ TEST.write(" RA_TRANSPORT_PROT: " +
+ "defaultProperties[REPLICATION_TRANSPORT]}\n")
+ TEST.write(' m' + str(master_idx) + '_c' + str(idx) +
+ '_agmt = master' + str(master_idx) +
+ '.agreement.create(suffix=SUFFIX, ' +
+ 'host=consumer' + str(idx) +
+ '.host, port=consumer' + str(idx) +
+ '.port, properties=properties)\n')
+ TEST.write(' if not m' + str(master_idx) + '_c' +
+ str(idx) + '_agmt:\n')
+ TEST.write(' log.fatal("Fail to create a hub -> ' +
+ 'consumer replica agreement")\n')
TEST.write(' sys.exit(1)\n')
- TEST.write(' log.debug("%s created" % m' + str(master_idx) + '_c' + str(idx) + '_agmt)\n\n')
+ TEST.write(' log.debug("%s created" % m' +
+ str(master_idx) + '_c' + str(idx) +
+ '_agmt)\n\n')
agmt_count += 1
#
# Add sleep that allows all the agreemnts to get situated
#
- TEST.write(' # Allow the replicas to get situated with the new agreements...\n')
+ TEST.write(' # Allow the replicas to get situated with the new ' +
+ 'agreements...\n')
TEST.write(' time.sleep(5)\n\n')
#
@@ -415,7 +496,8 @@ if len(sys.argv) > 0:
continue
TEST.write(' master1.agreement.init(SUFFIX, HOST_MASTER_' +
str(idx) + ', PORT_MASTER_' + str(idx) + ')\n')
- TEST.write(' master1.waitForReplInit(m1_m' + str(idx) + '_agmt)\n')
+ TEST.write(' master1.waitForReplInit(m1_m' + str(idx) +
+ '_agmt)\n')
# Hubs
consumers_inited = False
@@ -423,23 +505,27 @@ if len(sys.argv) > 0:
idx += 1
TEST.write(' master1.agreement.init(SUFFIX, HOST_HUB_' +
str(idx) + ', PORT_HUB_' + str(idx) + ')\n')
- TEST.write(' master1.waitForReplInit(m1_h' + str(idx) + '_agmt)\n')
+ TEST.write(' master1.waitForReplInit(m1_h' + str(idx) +
+ '_agmt)\n')
for idx in range(consumers):
if consumers_inited:
continue
idx += 1
TEST.write(' hub1.agreement.init(SUFFIX, HOST_CONSUMER_' +
str(idx) + ', PORT_CONSUMER_' + str(idx) + ')\n')
- TEST.write(' hub1.waitForReplInit(h1_c' + str(idx) + '_agmt)\n')
+ TEST.write(' hub1.waitForReplInit(h1_c' + str(idx) +
+ '_agmt)\n')
consumers_inited = True
# Consumers (master -> consumer)
if hubs == 0:
for idx in range(consumers):
idx += 1
- TEST.write(' master1.agreement.init(SUFFIX, HOST_CONSUMER_' +
- str(idx) + ', PORT_CONSUMER_' + str(idx) + ')\n')
- TEST.write(' master1.waitForReplInit(m1_c' + str(idx) + '_agmt)\n')
+ TEST.write(' master1.agreement.init(SUFFIX, ' +
+ 'HOST_CONSUMER_' + str(idx) + ', PORT_CONSUMER_' +
+ str(idx) + ')\n')
+ TEST.write(' master1.waitForReplInit(m1_c' + str(idx) +
+ '_agmt)\n')
TEST.write('\n')
@@ -447,7 +533,7 @@ if len(sys.argv) > 0:
# Write replicaton check
#
if agmt_count > 0:
- # Find the lowest replica type in the deployment(consumer -> master)
+ # Find the lowest replica type (consumer -> master)
if consumers > 0:
replica = 'consumer1'
elif hubs > 0:
@@ -455,7 +541,8 @@ if len(sys.argv) > 0:
else:
replica = 'master2'
TEST.write(' # Check replication is working...\n')
- TEST.write(' if master1.testReplication(DEFAULT_SUFFIX, ' + replica + '):\n')
+ TEST.write(' if master1.testReplication(DEFAULT_SUFFIX, ' +
+ replica + '):\n')
TEST.write(" log.info('Replication is working.')\n")
TEST.write(' else:\n')
TEST.write(" log.fatal('Replication is not working.')\n")
@@ -494,15 +581,22 @@ if len(sys.argv) > 0:
idx = str(idx)
TEST.write(' # Creating standalone instance ' + idx + '...\n')
TEST.write(' standalone' + idx + ' = DirSrv(verbose=False)\n')
- TEST.write(' args_instance[SER_HOST] = HOST_STANDALONE' + idx + '\n')
- TEST.write(' args_instance[SER_PORT] = PORT_STANDALONE' + idx + '\n')
- TEST.write(' args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE' + idx + '\n')
- TEST.write(' args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX\n')
- TEST.write(' args_standalone' + idx + ' = args_instance.copy()\n')
- TEST.write(' standalone' + idx + '.allocate(args_standalone' + idx + ')\n')
+ TEST.write(' args_instance[SER_HOST] = HOST_STANDALONE' +
+ idx + '\n')
+ TEST.write(' args_instance[SER_PORT] = PORT_STANDALONE' +
+ idx + '\n')
+ TEST.write(' args_instance[SER_SERVERID_PROP] = ' +
+ 'SERVERID_STANDALONE' + idx + '\n')
+ TEST.write(' args_instance[SER_CREATION_SUFFIX] = ' +
+ 'DEFAULT_SUFFIX\n')
+ TEST.write(' args_standalone' + idx + ' = args_instance.copy' +
+ '()\n')
+ TEST.write(' standalone' + idx + '.allocate(args_standalone' +
+ idx + ')\n')
# Get the status of the instance and restart it if it exists
- TEST.write(' instance_standalone' + idx + ' = standalone' + idx + '.exists()\n')
+ TEST.write(' instance_standalone' + idx + ' = standalone' +
+ idx + '.exists()\n')
# Remove the instance
TEST.write(' if instance_standalone' + idx + ':\n')
@@ -535,14 +629,18 @@ if len(sys.argv) > 0:
TEST.write('def test_ticket' + ticket + '(topology):\n')
if repl_deployment:
TEST.write(' """Write your replication testcase here.\n\n')
- TEST.write(' To access each DirSrv instance use: topology.master1, topology.master2,\n' +
- ' ..., topology.hub1, ..., topology.consumer1, ...\n\n')
+ TEST.write(' To access each DirSrv instance use: ' +
+ 'topology.master1, topology.master2,\n' +
+ ' ..., topology.hub1, ..., topology.consumer1' +
+ ',...\n\n')
TEST.write(' Also, if you need any testcase initialization,\n')
- TEST.write(' please, write additional fixture for that(include finalizer).\n')
+ TEST.write(' please, write additional fixture for that' +
+ '(include ' + 'finalizer).\n')
else:
TEST.write(' """Write your testcase here...\n\n')
TEST.write(' Also, if you need any testcase initialization,\n')
- TEST.write(' please, write additional fixture for that(include finalizer).\n')
+ TEST.write(' please, write additional fixture for that' +
+ '(include finalizer).\n')
TEST.write(' """\n\n')
TEST.write(" log.info('Test complete')\n")
TEST.write('\n\n')
@@ -551,7 +649,8 @@ if len(sys.argv) > 0:
TEST.write('def test_' + suite + '_#####(topology):\n')
TEST.write(' """Write a single test here...\n\n')
TEST.write(' Also, if you need any test suite initialization,\n')
- TEST.write(' please, write additional fixture for that(include finalizer).\n')
+ TEST.write(' please, write additional fixture for that(include ' +
+ 'finalizer).\n')
TEST.write(' """\n\n return\n\n\n')
#
@@ -561,7 +660,7 @@ if len(sys.argv) > 0:
TEST.write(' # Run isolated\n')
TEST.write(' # -s for DEBUG mode\n')
TEST.write(' CURRENT_FILE = os.path.realpath(__file__)\n')
- TEST.write(' pytest.main("-s %s" % CURRENT_FILE)')
+ TEST.write(' pytest.main("-s %s" % CURRENT_FILE)\n')
#
# Done, close things up
diff --git a/dirsrvtests/tickets/ticket48370_test.py b/dirsrvtests/tickets/ticket48370_test.py
new file mode 100644
index 0000000..f5b1f47
--- /dev/null
+++ b/dirsrvtests/tickets/ticket48370_test.py
@@ -0,0 +1,236 @@
+import os
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+from lib389.utils import *
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+
+class TopologyStandalone(object):
+ def __init__(self, standalone):
+ standalone.open()
+ self.standalone = standalone
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating standalone instance ...
+ standalone = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_STANDALONE
+ args_instance[SER_PORT] = PORT_STANDALONE
+ args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_standalone = args_instance.copy()
+ standalone.allocate(args_standalone)
+ instance_standalone = standalone.exists()
+ if instance_standalone:
+ standalone.delete()
+ standalone.create()
+ standalone.open()
+
+ # Delete each instance in the end
+ def fin():
+ standalone.delete()
+ request.addfinalizer(fin)
+
+ # Clear out the tmp dir
+ standalone.clearTmpDir(__file__)
+
+ return TopologyStandalone(standalone)
+
+
+def test_ticket48370(topology):
+ """
+ Deleting attirbute values and readding a value does not properly update
+ the pres index. The values are not actually deleted from the index
+ """
+
+ DN = 'uid=user0099,' + DEFAULT_SUFFIX
+
+ #
+ # Add an entry
+ #
+ topology.standalone.add_s(Entry((DN, {
+ 'objectclass': ['top', 'person',
+ 'organizationalPerson',
+ 'inetorgperson',
+ 'posixAccount'],
+ 'givenname': 'test',
+ 'sn': 'user',
+ 'loginshell': '/bin/bash',
+ 'uidNumber': '10099',
+ 'gidNumber': '10099',
+ 'gecos': 'Test User',
+ 'mail': ['user0099(a)dev.null',
+ 'alias(a)dev.null',
+ 'user0099(a)redhat.com'],
+ 'cn': 'Test User',
+ 'homeDirectory': '/home/user0099',
+ 'uid': 'admin2',
+ 'userpassword': 'password'})))
+
+ #
+ # Perform modify (delete & add mail attributes)
+ #
+ try:
+ topology.standalone.modify_s(DN, [(ldap.MOD_DELETE,
+ 'mail',
+ 'user0099(a)dev.null'),
+ (ldap.MOD_DELETE,
+ 'mail',
+ 'alias(a)dev.null'),
+ (ldap.MOD_ADD,
+ 'mail', 'user0099(a)dev.null')])
+ except ldap.LDAPError as e:
+ log.fatal('Failedto modify user: ' + str(e))
+ assert False
+
+ #
+ # Search using deleted attribute value- no entries should be returned
+ #
+ try:
+ entry = topology.standalone.search_s(DEFAULT_SUFFIX,
+ ldap.SCOPE_SUBTREE,
+ 'mail=alias(a)dev.null')
+ if entry:
+ log.fatal('Entry incorrectly returned')
+ assert False
+ except ldap.LDAPError as e:
+ log.fatal('Failed to search for user: ' + str(e))
+ assert False
+
+ #
+ # Search using existing attribute value - the entry should be returned
+ #
+ try:
+ entry = topology.standalone.search_s(DEFAULT_SUFFIX,
+ ldap.SCOPE_SUBTREE,
+ 'mail=user0099(a)dev.null')
+ if entry is None:
+ log.fatal('Entry not found, but it should have been')
+ assert False
+ except ldap.LDAPError as e:
+ log.fatal('Failed to search for user: ' + str(e))
+ assert False
+
+ #
+ # Delete the last values
+ #
+ try:
+ topology.standalone.modify_s(DN, [(ldap.MOD_DELETE,
+ 'mail',
+ 'user0099(a)dev.null'),
+ (ldap.MOD_DELETE,
+ 'mail',
+ 'user0099(a)redhat.com')
+ ])
+ except ldap.LDAPError as e:
+ log.fatal('Failed to modify user: ' + str(e))
+ assert False
+
+ #
+ # Search using deleted attribute value - no entries should be returned
+ #
+ try:
+ entry = topology.standalone.search_s(DEFAULT_SUFFIX,
+ ldap.SCOPE_SUBTREE,
+ 'mail=user0099(a)redhat.com')
+ if entry:
+ log.fatal('Entry incorrectly returned')
+ assert False
+ except ldap.LDAPError as e:
+ log.fatal('Failed to search for user: ' + str(e))
+ assert False
+
+ #
+ # Make sure presence index is correctly updated - no entries should be
+ # returned
+ #
+ try:
+ entry = topology.standalone.search_s(DEFAULT_SUFFIX,
+ ldap.SCOPE_SUBTREE,
+ 'mail=*')
+ if entry:
+ log.fatal('Entry incorrectly returned')
+ assert False
+ except ldap.LDAPError as e:
+ log.fatal('Failed to search for user: ' + str(e))
+ assert False
+
+ #
+ # Now add the attributes back, and lets run a different set of tests with
+ # a different number of attributes
+ #
+ try:
+ topology.standalone.modify_s(DN, [(ldap.MOD_ADD,
+ 'mail',
+ ['user0099(a)dev.null',
+ 'alias(a)dev.null'])])
+ except ldap.LDAPError as e:
+ log.fatal('Failedto modify user: ' + str(e))
+ assert False
+
+ #
+ # Remove and readd some attibutes
+ #
+ try:
+ topology.standalone.modify_s(DN, [(ldap.MOD_DELETE,
+ 'mail',
+ 'alias(a)dev.null'),
+ (ldap.MOD_DELETE,
+ 'mail',
+ 'user0099(a)dev.null'),
+ (ldap.MOD_ADD,
+ 'mail', 'user0099(a)dev.null')])
+ except ldap.LDAPError as e:
+ log.fatal('Failedto modify user: ' + str(e))
+ assert False
+
+ #
+ # Search using deleted attribute value - no entries should be returned
+ #
+ try:
+ entry = topology.standalone.search_s(DEFAULT_SUFFIX,
+ ldap.SCOPE_SUBTREE,
+ 'mail=alias(a)dev.null')
+ if entry:
+ log.fatal('Entry incorrectly returned')
+ assert False
+ except ldap.LDAPError as e:
+ log.fatal('Failed to search for user: ' + str(e))
+ assert False
+
+ #
+ # Search using existing attribute value - the entry should be returned
+ #
+ try:
+ entry = topology.standalone.search_s(DEFAULT_SUFFIX,
+ ldap.SCOPE_SUBTREE,
+ 'mail=user0099(a)dev.null')
+ if entry is None:
+ log.fatal('Entry not found, but it should have been')
+ assert False
+ except ldap.LDAPError as e:
+ log.fatal('Failed to search for user: ' + str(e))
+ assert False
+
+ log.info('Test PASSED')
+
+
+if __name__ == '__main__':
+ # Run isolated
+ # -s for DEBUG mode
+ CURRENT_FILE = os.path.realpath(__file__)
+ pytest.main("-s %s" % CURRENT_FILE)
diff --git a/ldap/servers/slapd/back-ldbm/index.c b/ldap/servers/slapd/back-ldbm/index.c
index 2adf2f8..00e78a7 100644
--- a/ldap/servers/slapd/back-ldbm/index.c
+++ b/ldap/servers/slapd/back-ldbm/index.c
@@ -727,31 +727,24 @@ index_add_mods(
flags = BE_INDEX_DEL|BE_INDEX_PRESENCE|BE_INDEX_EQUALITY;
} else {
flags = BE_INDEX_DEL;
-
- /* If the same value doesn't exist in a subtype, set
- * BE_INDEX_EQUALITY flag so the equality index is
- * removed.
- */
curr_attr = NULL;
slapi_entry_attr_find(olde->ep_entry,
- mods[i]->mod_type, &curr_attr);
+ mods[i]->mod_type,
+ &curr_attr);
if (curr_attr) {
- int found = 0;
for (j = 0; mods_valueArray[j] != NULL; j++ ) {
- if ( slapi_valueset_find(curr_attr, all_vals, mods_valueArray[j])) {
- /* The same value found in evals.
- * We don't touch the equality index. */
- found = 1;
+ if ( !slapi_valueset_find(curr_attr, all_vals, mods_valueArray[j]) ) {
+ /*
+ * If the mod del value is not found in all_vals
+ * we need to update the equality index as the
+ * final value(s) have changed
+ */
+ if (!(flags & BE_INDEX_EQUALITY)) {
+ flags |= BE_INDEX_EQUALITY;
+ }
break;
}
}
- /*
- * to-be-deleted curr_attr does not exist in the
- * new value set evals. So, we can remove it.
- */
- if (!found && !(flags & BE_INDEX_EQUALITY)) {
- flags |= BE_INDEX_EQUALITY;
- }
}
}
8 years, 4 months
- 1
- 0
Branch '389-ds-base-1.3.4' - dirsrvtests/tickets ldap/schema ldap/servers
by Mark Reynolds
dirsrvtests/tickets/ticket48369_test.py | 124 ++++++++++++++++++++++++++++++++
ldap/schema/02common.ldif | 1
ldap/servers/slapd/libglobs.c | 28 ++++++-
ldap/servers/slapd/proto-slap.h | 1
ldap/servers/slapd/pw_mgmt.c | 5 +
ldap/servers/slapd/slap.h | 2
6 files changed, 157 insertions(+), 4 deletions(-)
New commits:
commit ed1ad6cd818c4db4472ffe43189651f8d3abce12
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Dec 4 15:55:46 2015 -0500
Ticket 48369 - RFE - Add config setting to always send the
password expiring time
Description: If password expiration time is set, and the password is not within
the warning period, then the expiring time is not returned. A new
config setting was added that will force the expiring time to always
be returned when the password expiring request control is sent.
https://fedorahosted.org/389/ticket/48369
Reviewed by: wibrown & spichugi(Thanks!!)
(cherry picked from commit d9f37f1f7aa718d2d9465d89051d28b4e1db5050)
diff --git a/dirsrvtests/tickets/ticket48369_test.py b/dirsrvtests/tickets/ticket48369_test.py
new file mode 100644
index 0000000..0b65fa2
--- /dev/null
+++ b/dirsrvtests/tickets/ticket48369_test.py
@@ -0,0 +1,124 @@
+import os
+import time
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+from lib389.utils import *
+from ldap.controls.ppolicy import PasswordPolicyControl
+
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+
+class TopologyStandalone(object):
+ def __init__(self, standalone):
+ standalone.open()
+ self.standalone = standalone
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating standalone instance ...
+ standalone = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_STANDALONE
+ args_instance[SER_PORT] = PORT_STANDALONE
+ args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_standalone = args_instance.copy()
+ standalone.allocate(args_standalone)
+ instance_standalone = standalone.exists()
+ if instance_standalone:
+ standalone.delete()
+ standalone.create()
+ standalone.open()
+
+ # Delete each instance in the end
+ def fin():
+ standalone.delete()
+
+ request.addfinalizer(fin)
+
+ # Clear out the tmp dir
+ standalone.clearTmpDir(__file__)
+
+ return TopologyStandalone(standalone)
+
+
+def test_ticket48369(topology):
+ """
+ Test RFE 48369 - return password policy controls by default without needing
+ to be requested.
+ """
+
+ DN = 'uid=test,' + DEFAULT_SUFFIX
+
+ #
+ # Setup password policy
+ #
+ try:
+ topology.standalone.modify_s('cn=config', [(ldap.MOD_REPLACE,
+ 'passwordExp',
+ 'on'),
+ (ldap.MOD_REPLACE,
+ 'passwordMaxAge',
+ '864000'),
+ (ldap.MOD_REPLACE,
+ 'passwordSendExpiringTime',
+ 'on')])
+ except ldap.LDAPError as e:
+ log.fatal('Failed to set config: %s' % str(e))
+ assert False
+
+ #
+ # Add entry
+ #
+ try:
+ topology.standalone.add_s(Entry((DN,
+ {'objectclass': 'top extensibleObject'.split(),
+ 'uid': 'test',
+ 'userpassword': 'password'})))
+ except ldap.LDAPError as e:
+ log.fatal('Failed to add user entry: %s' % str(e))
+ assert False
+ time.sleep(1)
+
+ #
+ # Bind as the new user, and request the control
+ #
+ try:
+ msgid = topology.standalone.simple_bind(DN, "password",
+ serverctrls=[PasswordPolicyControl()])
+ res_type, res_data, res_msgid, res_ctrls = \
+ topology.standalone.result3(msgid)
+ except ldap.LDAPError as e:
+ log.fatal('Failed to bind: %s: Error %s' % (ctl_resp, str(e)))
+ assert False
+
+ if res_ctrls[0].controlType == PasswordPolicyControl.controlType:
+ ppolicy_ctrl = res_ctrls[0]
+ else:
+ log.fatal('Control not found')
+ assert False
+
+ log.info('Time until expiration (%s)' %
+ repr(ppolicy_ctrl.timeBeforeExpiration))
+
+ log.info('Test complete')
+
+
+if __name__ == '__main__':
+ # Run isolated
+ # -s for DEBUG mode
+ CURRENT_FILE = os.path.realpath(__file__)
+ pytest.main("-s %s" % CURRENT_FILE)
\ No newline at end of file
diff --git a/ldap/schema/02common.ldif b/ldap/schema/02common.ldif
index 5d91628..dda75e7 100644
--- a/ldap/schema/02common.ldif
+++ b/ldap/schema/02common.ldif
@@ -67,6 +67,7 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2082 NAME ( 'passwordMinCategories' 'pwd
attributeTypes: ( 2.16.840.1.113730.3.1.2083 NAME ( 'passwordMinTokenLength' 'pwdMinTokenLength' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2153 NAME ( 'passwordAdminDN' 'pwdAdminDN' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2140 NAME ( 'passwordTrackUpdateTime' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2329 NAME ( 'passwordSendExpiringTime' 'pwdSendExpiringTime' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.198 NAME 'memberURL' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.199 NAME 'memberCertificateDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.207 NAME 'vlvBase' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index a3c4243..d58e4c2 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -187,6 +187,7 @@ slapi_onoff_t init_pw_is_legacy;
slapi_onoff_t init_pw_track_update_time;
slapi_onoff_t init_pw_change;
slapi_onoff_t init_pw_exp;
+slapi_onoff_t init_pw_send_expiring;
slapi_onoff_t init_allow_hashed_pw;
slapi_onoff_t init_pw_syntax;
slapi_onoff_t init_schemacheck;
@@ -655,6 +656,10 @@ static struct config_get_and_set {
NULL, 0,
(void**)&global_slapdFrontendConfig.pw_policy.pw_exp,
CONFIG_ON_OFF, NULL, &init_pw_exp},
+ {CONFIG_PW_SEND_EXPIRING, config_set_pw_send_expiring,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_send_expiring,
+ CONFIG_ON_OFF, NULL, &init_pw_send_expiring},
{CONFIG_ACCESSCONTROL_ATTRIBUTE, config_set_accesscontrol,
NULL, 0,
(void**)&global_slapdFrontendConfig.accesscontrol,
@@ -1435,6 +1440,7 @@ FrontendConfig_init () {
init_allow_hashed_pw = cfg->allow_hashed_pw = LDAP_OFF;
init_pw_syntax = cfg->pw_policy.pw_syntax = LDAP_OFF;
init_pw_exp = cfg->pw_policy.pw_exp = LDAP_OFF;
+ init_pw_send_expiring = cfg->pw_policy.pw_send_expiring = LDAP_OFF;
cfg->pw_policy.pw_minlength = 8;
cfg->pw_policy.pw_mindigits = 0;
cfg->pw_policy.pw_minalphas = 0;
@@ -3084,15 +3090,29 @@ config_set_pw_exp( const char *attrname, char *value, char *errorbuf, int apply
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
retVal = config_set_onoff ( attrname,
- value,
- &(slapdFrontendConfig->pw_policy.pw_exp),
- errorbuf,
- apply);
+ value,
+ &(slapdFrontendConfig->pw_policy.pw_exp),
+ errorbuf,
+ apply);
return retVal;
}
int
+config_set_pw_send_expiring( const char *attrname, char *value, char *errorbuf, int apply ) {
+ int retVal = LDAP_SUCCESS;
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ retVal = config_set_onoff ( attrname,
+ value,
+ &(slapdFrontendConfig->pw_policy.pw_send_expiring),
+ errorbuf,
+ apply);
+
+ return retVal;
+}
+
+int
config_set_pw_unlock( const char *attrname, char *value, char *errorbuf, int apply ) {
int retVal = LDAP_SUCCESS;
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index e1cb53e..8fcebb8 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -328,6 +328,7 @@ int config_set_pw_is_legacy_policy(const char *attrname, char *value, char *err
int config_set_pw_track_last_update_time(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_pw_gracelimit(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_pw_admin_dn( const char *attrname, char *value, char *errorbuf, int apply );
+int config_set_pw_send_expiring( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_useroc(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_return_exact_case(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_result_tweak(const char *attrname, char *value, char *errorbuf, int apply );
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index 8f33751..5ebbc2b 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -250,6 +250,11 @@ skip:
slapi_add_pwd_control ( pb, LDAP_CONTROL_PWEXPIRED, 0);
}
return (2);
+ } else {
+ if (pwresponse_req && pwpolicy->pw_send_expiring) {
+ slapi_pwpolicy_make_response_control( pb, diff_t, -1, -1);
+ slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRING, diff_t);
+ }
}
pw_apply_mods(sdn, &smods);
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 823568d..38895c6 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -1551,6 +1551,7 @@ typedef struct passwordpolicyarray {
int pw_mincategories;
int pw_mintokenlength;
slapi_onoff_t pw_exp;
+ slapi_onoff_t pw_send_expiring;
long pw_maxage;
long pw_minage;
long pw_warning;
@@ -2027,6 +2028,7 @@ typedef struct _slapdEntryPoints {
#define CONFIG_PW_IS_LEGACY "passwordLegacyPolicy"
#define CONFIG_PW_TRACK_LAST_UPDATE_TIME "passwordTrackUpdateTime"
#define CONFIG_PW_ADMIN_DN_ATTRIBUTE "passwordAdminDN"
+#define CONFIG_PW_SEND_EXPIRING "passwordSendExpiringTime"
#define CONFIG_ACCESSLOG_BUFFERING_ATTRIBUTE "nsslapd-accesslog-logbuffering"
#define CONFIG_CSNLOGGING_ATTRIBUTE "nsslapd-csnlogging"
#define CONFIG_RETURN_EXACT_CASE_ATTRIBUTE "nsslapd-return-exact-case"
8 years, 4 months
- 1
- 0
dirsrvtests/tickets ldap/schema ldap/servers
by Mark Reynolds
dirsrvtests/tickets/ticket48369_test.py | 124 ++++++++++++++++++++++++++++++++
ldap/schema/02common.ldif | 1
ldap/servers/slapd/libglobs.c | 28 ++++++-
ldap/servers/slapd/proto-slap.h | 1
ldap/servers/slapd/pw_mgmt.c | 5 +
ldap/servers/slapd/slap.h | 2
6 files changed, 157 insertions(+), 4 deletions(-)
New commits:
commit d9f37f1f7aa718d2d9465d89051d28b4e1db5050
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Dec 4 15:55:46 2015 -0500
Ticket 48369 - RFE - Add config setting to always send the
password expiring time
Description: If password expiration time is set, and the password is not within
the warning period, then the expiring time is not returned. A new
config setting was added that will force the expiring time to always
be returned when the password expiring request control is sent.
https://fedorahosted.org/389/ticket/48369
Reviewed by: wibrown & spichugi(Thanks!!)
diff --git a/dirsrvtests/tickets/ticket48369_test.py b/dirsrvtests/tickets/ticket48369_test.py
new file mode 100644
index 0000000..0b65fa2
--- /dev/null
+++ b/dirsrvtests/tickets/ticket48369_test.py
@@ -0,0 +1,124 @@
+import os
+import time
+import ldap
+import logging
+import pytest
+from lib389 import DirSrv, Entry
+from lib389._constants import *
+from lib389.properties import *
+from lib389.tasks import *
+from lib389.utils import *
+from ldap.controls.ppolicy import PasswordPolicyControl
+
+
+logging.getLogger(__name__).setLevel(logging.DEBUG)
+log = logging.getLogger(__name__)
+
+installation1_prefix = None
+
+
+class TopologyStandalone(object):
+ def __init__(self, standalone):
+ standalone.open()
+ self.standalone = standalone
+
+
+(a)pytest.fixture(scope="module")
+def topology(request):
+ global installation1_prefix
+ if installation1_prefix:
+ args_instance[SER_DEPLOYED_DIR] = installation1_prefix
+
+ # Creating standalone instance ...
+ standalone = DirSrv(verbose=False)
+ args_instance[SER_HOST] = HOST_STANDALONE
+ args_instance[SER_PORT] = PORT_STANDALONE
+ args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
+ args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
+ args_standalone = args_instance.copy()
+ standalone.allocate(args_standalone)
+ instance_standalone = standalone.exists()
+ if instance_standalone:
+ standalone.delete()
+ standalone.create()
+ standalone.open()
+
+ # Delete each instance in the end
+ def fin():
+ standalone.delete()
+
+ request.addfinalizer(fin)
+
+ # Clear out the tmp dir
+ standalone.clearTmpDir(__file__)
+
+ return TopologyStandalone(standalone)
+
+
+def test_ticket48369(topology):
+ """
+ Test RFE 48369 - return password policy controls by default without needing
+ to be requested.
+ """
+
+ DN = 'uid=test,' + DEFAULT_SUFFIX
+
+ #
+ # Setup password policy
+ #
+ try:
+ topology.standalone.modify_s('cn=config', [(ldap.MOD_REPLACE,
+ 'passwordExp',
+ 'on'),
+ (ldap.MOD_REPLACE,
+ 'passwordMaxAge',
+ '864000'),
+ (ldap.MOD_REPLACE,
+ 'passwordSendExpiringTime',
+ 'on')])
+ except ldap.LDAPError as e:
+ log.fatal('Failed to set config: %s' % str(e))
+ assert False
+
+ #
+ # Add entry
+ #
+ try:
+ topology.standalone.add_s(Entry((DN,
+ {'objectclass': 'top extensibleObject'.split(),
+ 'uid': 'test',
+ 'userpassword': 'password'})))
+ except ldap.LDAPError as e:
+ log.fatal('Failed to add user entry: %s' % str(e))
+ assert False
+ time.sleep(1)
+
+ #
+ # Bind as the new user, and request the control
+ #
+ try:
+ msgid = topology.standalone.simple_bind(DN, "password",
+ serverctrls=[PasswordPolicyControl()])
+ res_type, res_data, res_msgid, res_ctrls = \
+ topology.standalone.result3(msgid)
+ except ldap.LDAPError as e:
+ log.fatal('Failed to bind: %s: Error %s' % (ctl_resp, str(e)))
+ assert False
+
+ if res_ctrls[0].controlType == PasswordPolicyControl.controlType:
+ ppolicy_ctrl = res_ctrls[0]
+ else:
+ log.fatal('Control not found')
+ assert False
+
+ log.info('Time until expiration (%s)' %
+ repr(ppolicy_ctrl.timeBeforeExpiration))
+
+ log.info('Test complete')
+
+
+if __name__ == '__main__':
+ # Run isolated
+ # -s for DEBUG mode
+ CURRENT_FILE = os.path.realpath(__file__)
+ pytest.main("-s %s" % CURRENT_FILE)
\ No newline at end of file
diff --git a/ldap/schema/02common.ldif b/ldap/schema/02common.ldif
index 5d91628..dda75e7 100644
--- a/ldap/schema/02common.ldif
+++ b/ldap/schema/02common.ldif
@@ -67,6 +67,7 @@ attributeTypes: ( 2.16.840.1.113730.3.1.2082 NAME ( 'passwordMinCategories' 'pwd
attributeTypes: ( 2.16.840.1.113730.3.1.2083 NAME ( 'passwordMinTokenLength' 'pwdMinTokenLength' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2153 NAME ( 'passwordAdminDN' 'pwdAdminDN' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.2140 NAME ( 'passwordTrackUpdateTime' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
+attributeTypes: ( 2.16.840.1.113730.3.1.2329 NAME ( 'passwordSendExpiringTime' 'pwdSendExpiringTime' ) DESC 'Netscape defined password policy attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 SINGLE-VALUE X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.198 NAME 'memberURL' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.199 NAME 'memberCertificateDescription' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 X-ORIGIN 'Netscape Directory Server' )
attributeTypes: ( 2.16.840.1.113730.3.1.207 NAME 'vlvBase' DESC 'Netscape defined attribute type' SYNTAX 1.3.6.1.4.1.1466.115.121.1.12 X-ORIGIN 'Netscape Directory Server' )
diff --git a/ldap/servers/slapd/libglobs.c b/ldap/servers/slapd/libglobs.c
index 2296720..4661964 100644
--- a/ldap/servers/slapd/libglobs.c
+++ b/ldap/servers/slapd/libglobs.c
@@ -193,6 +193,7 @@ slapi_onoff_t init_pw_is_legacy;
slapi_onoff_t init_pw_track_update_time;
slapi_onoff_t init_pw_change;
slapi_onoff_t init_pw_exp;
+slapi_onoff_t init_pw_send_expiring;
slapi_onoff_t init_allow_hashed_pw;
slapi_onoff_t init_pw_syntax;
slapi_onoff_t init_schemacheck;
@@ -661,6 +662,10 @@ static struct config_get_and_set {
NULL, 0,
(void**)&global_slapdFrontendConfig.pw_policy.pw_exp,
CONFIG_ON_OFF, NULL, &init_pw_exp},
+ {CONFIG_PW_SEND_EXPIRING, config_set_pw_send_expiring,
+ NULL, 0,
+ (void**)&global_slapdFrontendConfig.pw_policy.pw_send_expiring,
+ CONFIG_ON_OFF, NULL, &init_pw_send_expiring},
{CONFIG_ACCESSCONTROL_ATTRIBUTE, config_set_accesscontrol,
NULL, 0,
(void**)&global_slapdFrontendConfig.accesscontrol,
@@ -1506,6 +1511,7 @@ FrontendConfig_init () {
init_allow_hashed_pw = cfg->allow_hashed_pw = LDAP_OFF;
init_pw_syntax = cfg->pw_policy.pw_syntax = LDAP_OFF;
init_pw_exp = cfg->pw_policy.pw_exp = LDAP_OFF;
+ init_pw_send_expiring = cfg->pw_policy.pw_send_expiring = LDAP_OFF;
cfg->pw_policy.pw_minlength = 8;
cfg->pw_policy.pw_mindigits = 0;
cfg->pw_policy.pw_minalphas = 0;
@@ -3188,15 +3194,29 @@ config_set_pw_exp( const char *attrname, char *value, char *errorbuf, int apply
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
retVal = config_set_onoff ( attrname,
- value,
- &(slapdFrontendConfig->pw_policy.pw_exp),
- errorbuf,
- apply);
+ value,
+ &(slapdFrontendConfig->pw_policy.pw_exp),
+ errorbuf,
+ apply);
return retVal;
}
int
+config_set_pw_send_expiring( const char *attrname, char *value, char *errorbuf, int apply ) {
+ int retVal = LDAP_SUCCESS;
+ slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
+
+ retVal = config_set_onoff ( attrname,
+ value,
+ &(slapdFrontendConfig->pw_policy.pw_send_expiring),
+ errorbuf,
+ apply);
+
+ return retVal;
+}
+
+int
config_set_pw_unlock( const char *attrname, char *value, char *errorbuf, int apply ) {
int retVal = LDAP_SUCCESS;
slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig();
diff --git a/ldap/servers/slapd/proto-slap.h b/ldap/servers/slapd/proto-slap.h
index 22e8007..0547bc7 100644
--- a/ldap/servers/slapd/proto-slap.h
+++ b/ldap/servers/slapd/proto-slap.h
@@ -329,6 +329,7 @@ int config_set_pw_is_legacy_policy(const char *attrname, char *value, char *err
int config_set_pw_track_last_update_time(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_pw_gracelimit(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_pw_admin_dn( const char *attrname, char *value, char *errorbuf, int apply );
+int config_set_pw_send_expiring( const char *attrname, char *value, char *errorbuf, int apply );
int config_set_useroc(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_return_exact_case(const char *attrname, char *value, char *errorbuf, int apply );
int config_set_result_tweak(const char *attrname, char *value, char *errorbuf, int apply );
diff --git a/ldap/servers/slapd/pw_mgmt.c b/ldap/servers/slapd/pw_mgmt.c
index a650b1c..5470556 100644
--- a/ldap/servers/slapd/pw_mgmt.c
+++ b/ldap/servers/slapd/pw_mgmt.c
@@ -235,6 +235,11 @@ skip:
slapi_add_pwd_control ( pb, LDAP_CONTROL_PWEXPIRED, 0);
}
return (2);
+ } else {
+ if (pwresponse_req && pwpolicy->pw_send_expiring) {
+ slapi_pwpolicy_make_response_control( pb, diff_t, -1, -1);
+ slapi_add_pwd_control(pb, LDAP_CONTROL_PWEXPIRING, diff_t);
+ }
}
pw_apply_mods(sdn, &smods);
diff --git a/ldap/servers/slapd/slap.h b/ldap/servers/slapd/slap.h
index 3cc99cf..0b867ab 100644
--- a/ldap/servers/slapd/slap.h
+++ b/ldap/servers/slapd/slap.h
@@ -1551,6 +1551,7 @@ typedef struct passwordpolicyarray {
int pw_mincategories;
int pw_mintokenlength;
slapi_onoff_t pw_exp;
+ slapi_onoff_t pw_send_expiring;
long pw_maxage;
long pw_minage;
long pw_warning;
@@ -2043,6 +2044,7 @@ typedef struct _slapdEntryPoints {
#define CONFIG_PW_IS_LEGACY "passwordLegacyPolicy"
#define CONFIG_PW_TRACK_LAST_UPDATE_TIME "passwordTrackUpdateTime"
#define CONFIG_PW_ADMIN_DN_ATTRIBUTE "passwordAdminDN"
+#define CONFIG_PW_SEND_EXPIRING "passwordSendExpiringTime"
#define CONFIG_ACCESSLOG_BUFFERING_ATTRIBUTE "nsslapd-accesslog-logbuffering"
#define CONFIG_CSNLOGGING_ATTRIBUTE "nsslapd-csnlogging"
#define CONFIG_RETURN_EXACT_CASE_ATTRIBUTE "nsslapd-return-exact-case"
8 years, 4 months
- 1
- 0
ldap/ldif ldap/servers
by William Brown
ldap/ldif/template-dse.ldif.in | 7 ++-----
ldap/servers/slapd/auditlog.c | 11 ++++++++---
2 files changed, 10 insertions(+), 8 deletions(-)
New commits:
commit b408ffcd5f101c73b6045eb72a5bef076071aea6
Author: William Brown <firstyear(a)redhat.com>
Date: Tue Nov 24 07:58:38 2015 +1000
Ticket 48145 - Allow merged logging of audit events
Bug Description: The auditfail logging should be able to be directed to the
same audit file, or to it's own seperate file.
Fix Description: When nsslapd-auditfaillog is not specified the value of
nsslapd-auditlog will be used for audit and auditfail events. If auditfaillog
is specified, all results with RC != LDAP_SUCCESS (0) will go to the auditfail
handler.
https://fedorahosted.org/389/ticket/48145
Author: wibrown
Review by: mreynolds (Thanks!)
diff --git a/ldap/ldif/template-dse.ldif.in b/ldap/ldif/template-dse.ldif.in
index a25295b..1ec8009 100644
--- a/ldap/ldif/template-dse.ldif.in
+++ b/ldap/ldif/template-dse.ldif.in
@@ -52,11 +52,8 @@ nsslapd-auditlog-mode: 600
nsslapd-auditlog-maxlogsize: 100
nsslapd-auditlog-logrotationtime: 1
nsslapd-auditlog-logrotationtimeunit: day
-nsslapd-auditfaillog: %log_dir%/auditfail
-nsslapd-auditfaillog-mode: 600
-nsslapd-auditfaillog-maxlogsize: 100
-nsslapd-auditfaillog-logrotationtime: 1
-nsslapd-auditfaillog-logrotationtimeunit: day
+nsslapd-auditlog-logging-enabled: off
+nsslapd-auditfaillog-logging-enabled: off
nsslapd-rootdn: %rootdn%
nsslapd-rootpw: %ds_passwd%
nsslapd-maxdescriptors: 1024
diff --git a/ldap/servers/slapd/auditlog.c b/ldap/servers/slapd/auditlog.c
index 2ddfad0..45ef16e 100644
--- a/ldap/servers/slapd/auditlog.c
+++ b/ldap/servers/slapd/auditlog.c
@@ -78,7 +78,7 @@ write_audit_log_entry( Slapi_PBlock *pb )
curtime = current_time();
/* log the raw, unnormalized DN */
dn = slapi_sdn_get_udn(sdn);
- write_audit_file(SLAPD_AUDIT_LOG, operation_get_type(op), dn, change, flag, curtime, 0);
+ write_audit_file(SLAPD_AUDIT_LOG, operation_get_type(op), dn, change, flag, curtime, LDAP_SUCCESS);
}
void
@@ -129,8 +129,13 @@ write_auditfail_log_entry( Slapi_PBlock *pb )
curtime = current_time();
/* log the raw, unnormalized DN */
dn = slapi_sdn_get_udn(sdn);
- /* If we are combined */
- write_audit_file(SLAPD_AUDITFAIL_LOG, operation_get_type(op), dn, change, flag, curtime, pbrc);
+ if (config_get_auditfaillog() == NULL || strlen(config_get_auditfaillog()) == 0) {
+ /* If no auditfail log write to audit log */
+ write_audit_file(SLAPD_AUDIT_LOG, operation_get_type(op), dn, change, flag, curtime, pbrc);
+ } else {
+ /* If we have our own auditfail log path */
+ write_audit_file(SLAPD_AUDITFAIL_LOG, operation_get_type(op), dn, change, flag, curtime, pbrc);
+ }
}
8 years, 4 months
- 1
- 0
ldap/admin
by William Brown
ldap/admin/src/scripts/DSCreate.pm.in | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
New commits:
commit 026956c7e3b4dc00b6738f9a195e6653fed03d79
Author: William Brown <firstyear(a)redhat.com>
Date: Thu Nov 26 13:11:17 2015 +1000
Ticket 48332 - allow users to specify to relax the FQDN constraint
Bug Description: There are situations when the machine name for ds may not
match the dns name. In these cases we should allow installation without the
strict hostname checks we carry out.
Fix Description: Add a new option, General.StrictHostCheck which defaults
to true. If true, host name checking is carried out. If false, it is disabled
and any hostname in General.FullMachineName is considered valid.
https://fedorahosted.org/389/ticket/48332
Author: wibrown
Review by: rmeggins (Thanks!)
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in b/ldap/admin/src/scripts/DSCreate.pm.in
index e04d90d..d449b02 100644
--- a/ldap/admin/src/scripts/DSCreate.pm.in
+++ b/ldap/admin/src/scripts/DSCreate.pm.in
@@ -126,9 +126,18 @@ sub sanityCheckParams {
debug(0, "WARNING: The root password is less than 8 characters long. You should choose a longer one.\n");
}
- if (@errs = checkHostname($inf->{General}->{FullMachineName}, 0)) {
- debug(1, @errs);
- return @errs;
+ $inf->{General}->{StrictHostCheck} = lc $inf->{General}->{StrictHostCheck};
+
+ if ("true" ne $inf->{General}->{StrictHostCheck} && "false" ne $inf->{General}->{StrictHostCheck}) {
+ debug(1, "StrictHostCheck is not a valid boolean");
+ return ('error_invalid_boolean', $inf->{General}->{StrictHostCheck});
+ }
+
+ if ($inf->{General}->{StrictHostCheck} eq "true" ) {
+ if (@errs = checkHostname($inf->{General}->{FullMachineName}, 0)) {
+ debug(1, @errs);
+ return @errs;
+ }
}
# We need to make sure this value is lowercase
@@ -903,6 +912,10 @@ sub setDefaults {
$inf->{slapd}->{InstScriptsEnabled} = "false";
}
+ if (!defined($inf->{General}->{StrictHostCheck})) {
+ $inf->{General}->{StrictHostCheck} = "true";
+ }
+
if (!defined($inf->{slapd}->{inst_dir})) {
$inf->{slapd}->{inst_dir} = "$inf->{General}->{ServerRoot}/slapd-$servid";
}
8 years, 4 months
- 1
- 0