Branch '389-ds-base-1.2.11' - 2 commits - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/add.c | 5 +++--
ldap/servers/slapd/pblock.c | 7 +++----
2 files changed, 6 insertions(+), 6 deletions(-)
New commits:
commit aa76f6b79db14c03c74b7c064f33a37bba991bf5
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Thu Mar 19 15:29:39 2015 -0700
Ticket #48135 - memory leak in new_passwdPolicy (1.2.11 only)
Description: Backporting #47900 patch introduced a leak. The patch
has a dependency on #147, which was not backported to 1.2.11 branch.
This patch releases the pwdpolicy object in op_shared_add every time.
Also, moving new_passwdPolicy only where it is needed.
https://fedorahosted.org/389/ticket/48135
Reviewed by rmeggins(a)redhat.com (Thank you, Rich!!)
diff --git a/ldap/servers/slapd/add.c b/ldap/servers/slapd/add.c
index e03bc6c..f52f766 100644
--- a/ldap/servers/slapd/add.c
+++ b/ldap/servers/slapd/add.c
@@ -457,14 +457,13 @@ static void op_shared_add (Slapi_PBlock *pb)
int proxy_err = LDAP_SUCCESS;
char *errtext = NULL;
Slapi_DN *sdn = NULL;
- passwdPolicy *pwpolicy;
+ passwdPolicy *pwpolicy = NULL;
slapi_pblock_get (pb, SLAPI_OPERATION, &operation);
slapi_pblock_get (pb, SLAPI_ADD_ENTRY, &e);
slapi_pblock_get (pb, SLAPI_IS_REPLICATED_OPERATION, &repl_op);
slapi_pblock_get (pb, SLAPI_IS_LEGACY_REPLICATED_OPERATION, &legacy_op);
internal_op= operation_is_flag_set(operation, OP_FLAG_INTERNAL);
- pwpolicy = new_passwdPolicy(pb, slapi_entry_get_dn(e));
/* target spec is used to decide which plugins are applicable for the operation */
operation_set_target_spec (operation, slapi_entry_get_sdn (e));
@@ -561,6 +560,7 @@ static void op_shared_add (Slapi_PBlock *pb)
}
/* check password syntax */
+ pwpolicy = new_passwdPolicy(pb, slapi_entry_get_dn(e));
if (!pw_is_pwp_admin(pb, pwpolicy) &&
check_pw_syntax(pb, slapi_entry_get_sdn_const(e), present_values, NULL, e, 0) != 0)
{
@@ -745,6 +745,7 @@ static void op_shared_add (Slapi_PBlock *pb)
done:
if (be)
slapi_be_Unlock(be);
+ delete_passwdPolicy(&pwpolicy);
slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &pse);
slapi_entry_free(pse);
slapi_ch_free((void **)&operation->o_params.p.p_add.parentuniqueid);
commit d19a1910446bc90ee474f6419ef8e229c27f8a5f
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Thu Mar 19 14:37:03 2015 -0700
Revert "Ticket #48135 - memory leak in new_passwdPolicy (1.2.11 only)"
This reverts commit fd44ab1697fa58c5f078063770fadc37657386a5.
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index 9131f40..849c20e 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -111,11 +111,10 @@ pblock_done( Slapi_PBlock *pb )
{
if(pb->pb_op!=NULL)
{
- operation_free(&pb->pb_op,pb->pb_conn);
+ operation_free(&pb->pb_op,pb->pb_conn);
}
- delete_passwdPolicy(&pb->pwdpolicy);
- slapi_ch_free((void**)&(pb->pb_vattr_context));
- slapi_ch_free((void**)&(pb->pb_result_text));
+ slapi_ch_free((void**)&(pb->pb_vattr_context));
+ slapi_ch_free((void**)&(pb->pb_result_text));
}
void
8 years, 2 months
Branch '389-ds-base-1.2.11' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/pblock.c | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
New commits:
commit fd44ab1697fa58c5f078063770fadc37657386a5
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Tue Mar 17 14:57:39 2015 -0700
Ticket #48135 - memory leak in new_passwdPolicy (1.2.11 only)
Description: A password policy object stashed in pblock was not released
when the pblock was destroyed. It's already fixed in the 1.3.x branches
by Ticket #147 - Internal Password Policy usage very inefficient.
Backporting the pblock_done code.
https://fedorahosted.org/389/ticket/48135
Reviewed by rmeggins(a)redhat.com (Thank you, Rich!!)
diff --git a/ldap/servers/slapd/pblock.c b/ldap/servers/slapd/pblock.c
index 849c20e..9131f40 100644
--- a/ldap/servers/slapd/pblock.c
+++ b/ldap/servers/slapd/pblock.c
@@ -111,10 +111,11 @@ pblock_done( Slapi_PBlock *pb )
{
if(pb->pb_op!=NULL)
{
- operation_free(&pb->pb_op,pb->pb_conn);
+ operation_free(&pb->pb_op,pb->pb_conn);
}
- slapi_ch_free((void**)&(pb->pb_vattr_context));
- slapi_ch_free((void**)&(pb->pb_result_text));
+ delete_passwdPolicy(&pb->pwdpolicy);
+ slapi_ch_free((void**)&(pb->pb_vattr_context));
+ slapi_ch_free((void**)&(pb->pb_result_text));
}
void
8 years, 2 months
Branch '389-ds-base-1.3.1' - ldap/servers
by Mark Reynolds
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
New commits:
commit 7b37f771e016ec737c7a0a081d5c1120e94a2e9a
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Mar 19 09:58:53 2015 -0400
Ticket 48132 - modrdn crashes server (invalid read/writes)
Bug Description: When performing a modrdn stress test using two masters
a double free can occur that will lead to a crash. When
the server is under load it might have to retry the modrdn
operation. During this retry the SLAPI_MODRDN_EXISTING_ENTRY
entry was previosuly replaced, and it can be freed twice on
the second retry..
Fix Description: Check if entry being retuned form the cache is the same as
the entry stored in SLAPI_MODRDN_EXISTING_ENTRY, if it is,
set it to NULL so it is not freed again.
https://fedorahosted.org/389/ticket/48132
valgrind: PASSED
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 1d9ae0f4a1ea12463ac59a04da5e6572db002d73)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index 1b297a4..5e3c665 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -273,8 +273,18 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
+ slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (cache_is_in_cache(&inst->inst_cache, ec)) {
CACHE_REMOVE(&inst->inst_cache, ec);
+ if (ent && (ent == ec->ep_entry)){
+ /*
+ * On a retry, it's possible that ec is now stored in the
+ * pblock as SLAPI_MODRDN_EXISTING_ENTRY. "ec" will be freed
+ * by CACHE_RETURN below, so set ent to NULL so don't free
+ * it again.
+ */
+ ent = NULL;
+ }
}
CACHE_RETURN(&inst->inst_cache, &ec);
if (!cache_is_in_cache(&inst->inst_cache, e)) {
@@ -284,7 +294,6 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
slapi_entry_get_dn_const(e->ep_entry));
}
}
- slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (ent && (ent != original_entry->ep_entry)) {
slapi_entry_free(ent);
slapi_pblock_set( pb, SLAPI_MODRDN_EXISTING_ENTRY, NULL );
8 years, 2 months
Branch '389-ds-base-1.3.2' - ldap/servers
by Mark Reynolds
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
New commits:
commit 1fbd91463c9b7d708d0e025f6bd53612872c006d
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Mar 19 09:58:53 2015 -0400
Ticket 48132 - modrdn crashes server (invalid read/writes)
Bug Description: When performing a modrdn stress test using two masters
a double free can occur that will lead to a crash. When
the server is under load it might have to retry the modrdn
operation. During this retry the SLAPI_MODRDN_EXISTING_ENTRY
entry was previosuly replaced, and it can be freed twice on
the second retry..
Fix Description: Check if entry being retuned form the cache is the same as
the entry stored in SLAPI_MODRDN_EXISTING_ENTRY, if it is,
set it to NULL so it is not freed again.
https://fedorahosted.org/389/ticket/48132
valgrind: PASSED
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 1d9ae0f4a1ea12463ac59a04da5e6572db002d73)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index 25de34b..a1e2900 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -273,8 +273,18 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
+ slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (cache_is_in_cache(&inst->inst_cache, ec)) {
CACHE_REMOVE(&inst->inst_cache, ec);
+ if (ent && (ent == ec->ep_entry)){
+ /*
+ * On a retry, it's possible that ec is now stored in the
+ * pblock as SLAPI_MODRDN_EXISTING_ENTRY. "ec" will be freed
+ * by CACHE_RETURN below, so set ent to NULL so don't free
+ * it again.
+ */
+ ent = NULL;
+ }
}
CACHE_RETURN(&inst->inst_cache, &ec);
if (!cache_is_in_cache(&inst->inst_cache, e)) {
@@ -284,7 +294,6 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
slapi_entry_get_dn_const(e->ep_entry));
}
}
- slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (ent && (ent != original_entry->ep_entry)) {
slapi_entry_free(ent);
slapi_pblock_set( pb, SLAPI_MODRDN_EXISTING_ENTRY, NULL );
8 years, 2 months
Branch '389-ds-base-1.3.3' - ldap/servers
by Mark Reynolds
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
New commits:
commit a6784c01a1aa1a8a7f5ef57ddb248608bf7421a4
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Mar 19 09:58:53 2015 -0400
Ticket 48132 - modrdn crashes server (invalid read/writes)
Bug Description: When performing a modrdn stress test using two masters
a double free can occur that will lead to a crash. When
the server is under load it might have to retry the modrdn
operation. During this retry the SLAPI_MODRDN_EXISTING_ENTRY
entry was previosuly replaced, and it can be freed twice on
the second retry..
Fix Description: Check if entry being retuned form the cache is the same as
the entry stored in SLAPI_MODRDN_EXISTING_ENTRY, if it is,
set it to NULL so it is not freed again.
https://fedorahosted.org/389/ticket/48132
valgrind: PASSED
Reviewed by: nhosoi(Thanks!)
(cherry picked from commit 1d9ae0f4a1ea12463ac59a04da5e6572db002d73)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index f5a404b..d2e9737 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -279,8 +279,18 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
+ slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (cache_is_in_cache(&inst->inst_cache, ec)) {
CACHE_REMOVE(&inst->inst_cache, ec);
+ if (ent && (ent == ec->ep_entry)){
+ /*
+ * On a retry, it's possible that ec is now stored in the
+ * pblock as SLAPI_MODRDN_EXISTING_ENTRY. "ec" will be freed
+ * by CACHE_RETURN below, so set ent to NULL so don't free
+ * it again.
+ */
+ ent = NULL;
+ }
}
CACHE_RETURN(&inst->inst_cache, &ec);
if (!cache_is_in_cache(&inst->inst_cache, e)) {
@@ -290,7 +300,6 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
slapi_entry_get_dn_const(e->ep_entry));
}
}
- slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (ent && (ent != original_entry->ep_entry)) {
slapi_entry_free(ent);
slapi_pblock_set( pb, SLAPI_MODRDN_EXISTING_ENTRY, NULL );
8 years, 2 months
ldap/servers
by Mark Reynolds
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
New commits:
commit 1d9ae0f4a1ea12463ac59a04da5e6572db002d73
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Thu Mar 19 09:58:53 2015 -0400
Ticket 48132 - modrdn crashes server (invalid read/writes)
Bug Description: When performing a modrdn stress test using two masters
a double free can occur that will lead to a crash. When
the server is under load it might have to retry the modrdn
operation. During this retry the SLAPI_MODRDN_EXISTING_ENTRY
entry was previosuly replaced, and it can be freed twice on
the second retry..
Fix Description: Check if entry being retuned form the cache is the same as
the entry stored in SLAPI_MODRDN_EXISTING_ENTRY, if it is,
set it to NULL so it is not freed again.
https://fedorahosted.org/389/ticket/48132
valgrind: PASSED
Reviewed by: nhosoi(Thanks!)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
index f5a404b..d2e9737 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -279,8 +279,18 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
ldap_result_code= LDAP_OPERATIONS_ERROR;
goto error_return;
}
+ slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (cache_is_in_cache(&inst->inst_cache, ec)) {
CACHE_REMOVE(&inst->inst_cache, ec);
+ if (ent && (ent == ec->ep_entry)){
+ /*
+ * On a retry, it's possible that ec is now stored in the
+ * pblock as SLAPI_MODRDN_EXISTING_ENTRY. "ec" will be freed
+ * by CACHE_RETURN below, so set ent to NULL so don't free
+ * it again.
+ */
+ ent = NULL;
+ }
}
CACHE_RETURN(&inst->inst_cache, &ec);
if (!cache_is_in_cache(&inst->inst_cache, e)) {
@@ -290,7 +300,6 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
slapi_entry_get_dn_const(e->ep_entry));
}
}
- slapi_pblock_get( pb, SLAPI_MODRDN_EXISTING_ENTRY, &ent );
if (ent && (ent != original_entry->ep_entry)) {
slapi_entry_free(ent);
slapi_pblock_set( pb, SLAPI_MODRDN_EXISTING_ENTRY, NULL );
8 years, 2 months
Changes to 'refs/tags/389-ds-console-1.2.11'
by Noriko Hosoi
Changes since the dawn of time:
Endi S. Dewata (3):
Bug 496863 - 'Construct' button creates incorrect referral urls
Resolves: bug 574098
Bug 563513 - New replication -> No changelong configured-msg
Mark Reynolds (10):
Ticket 370 - Opening merge qualifier CoS entry using RHDS console changes the entry
Bumped version to 1.2.7
Ticket 96 - Window too large for Manage password policy
Ticket 47883 - DS Console - java exception when refreshing
Ticket 176 - DS Console should timeout when mismatched port
Ticket 47886 - DS Console - mouse wheel speed very slow
Ticket 47485 - DS instance cannot be restored from remote console
Ticket 47887 - DS Console does not correctly disable SSL
Ticket 135 - DS console - right clicking an object does not select that object
Ticket 47994 - DS Console always sets nsSSL3 to "on" when a securty setting is adjusted
Nathan Kinder (28):
171941 - Adjusted the version number and branding. I had to modify the checkVersion method to deal with running in Console 1.0. I also cleaned up references to consolesdk in the Ant build files. They should be console instead since we dropped the consolesdk naming. The external and internal imports files were adjusted to pick up the new 1.0 Console component.
171941 - checkVersion was comparing versions with greater than when it should have been using greater than or equal to
177696 - Changed usage of enum keyword as a variable name for Java 1.5 compatibility
Bug(s) fixed: 181570
Resolves: 246513
Summary: Initial fedora-ds-console specfile.
Resolves: ?
Resolves: 250137
Resolves: 250145
Resolves: 204510
Resolves: 250636
Resolves: 252036
Add default ldapjdk path as well as a settable parameter
Fixed typo from last checkin
Use less restrictive version of Open Publication License for online help docs.
Resolves: 308221
Resolves: 333171
Resolves: 178247
Resolves: 379191
Bug 599732 - Root node in directory browser shows DN syntax error
Bug 229693 - Update naming attribute when objectclass is removed
Bug 474113 - Allow access log level to be configured from Console
Bug 504803 - Allow nsslapd-*-logmaxdiskspace to be set to -1 in UI
Bug 158262 - Windows Sync UI is inconistent
Bug 533505 - Warn about CA cert trust when enabling SSL in Console
Bug 616707 - Add attribute matching rule UI to Console
Bug 705753 - Refresh problem in Console directory browser
Bug 700908 - Validate matching rules when creating a new attribute
Noriko Hosoi (27):
Changed the ldapconsole package name to <brand>-ds-<version>.jar
Modified ant move syntax to support ant 1.6.2
[186105] Admin Server Makefile updates for Internal build
Resolves: #247215
Resolves: #248073
Resolves: #379191
Resolves: #386041
Resolves: #379191
Resolves: #379191
Resolves: #379191
Resolves: #379191
Resolves: #379191
Resolves: 178947
Bug 553066 - Directory Console: do not display "subtree" index type
Bug 151705 - Need to update Console Cipher Preferences with new ciphers
Bug 661116 - 389-console Configuration tab admin permissions
Bug 387981 - plain files can be chosen on the Restore Directory dialog
Bug 450016 - RFE- Console display values in KB/MB/GB
Bug 211296 - Clean up all HTML pages (Admin Express, Repl Monitor, etc)
Bug 757773 - SSL Port issue in Console
Ticket #47380 - RFE: Winsync loses connection with AD objects when they move from the console.
Bumped version to 1.2.8
Bumped version to 1.2.9
Bug 1022104 - Remove versioned jarfiles from _javadir
Bumped version to 1.2.10
Ticket #48130 - Add "+all" and "-TLS_RSA_WITH_AES_128_GCM_SHA256" to Console Cipher Preference for TLS
Bumped version to 1.2.11
Rich Megginson (39):
Bug(s) fixed: 167761
allow the definition of the console location on the command line with different directory layouts than the default
Bug(s) fixed: 178478
The console now builds jar files in the format
bump version to 1.0.3
updated spec for Fedora DS 1.1 release
Resolves: bug 428357
Bump version to 1.1.2
this is for the 1.1.2 release
Resolves: bug 469261
Resolves: bug 469261
Resolves: bug 234948
Resolves: bug 452596
Resolves: bug 178947
Resolves: bug 177334
Resolves: bug 249120
Resolves: bug 238762
Resolves: bug 179193
Resolves: bug 179184
change version to 1.1.3
Resolves: bug 487831
Resolves: bug 481213
Resolves: bug 483660
Resolves: bug 483660
updated for 1.1.3
version must correspond to ds base version - 1.2.0
rename to 389
change mode of spec file to 644
added separate doc subpackage
update to version 1.2.1
Bug 586571 - DS Console shows escaped DNs
bump version to 1.2.2
Bug 586571 - DS Console shows escaped DNs
Bug 591989 - [console] mis-matched trademark and text
bump version to 1.2.4
bump version to 1.2.5
add skin support
move dsbanner.gif to the localized jar for l10n/skinning
dsbannerlite.gif is obsolete
foxworth (2):
Import initial source drop of Fedora DirectoryConsole
Import initial source drop of Fedora DirectoryConsole
8 years, 2 months
389-ds-console.spec build.properties fedora-ds-console.spec
by Noriko Hosoi
389-ds-console.spec | 2 +-
build.properties | 2 +-
fedora-ds-console.spec | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
New commits:
commit e9d5e61463bee4d3c6c6cee19db26fcdfd1046ba
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Wed Mar 18 12:37:00 2015 -0700
Bumped version to 1.2.11
diff --git a/389-ds-console.spec b/389-ds-console.spec
index 3f9cb2d..c913e7c 100644
--- a/389-ds-console.spec
+++ b/389-ds-console.spec
@@ -1,5 +1,5 @@
%define major_version 1.2
-%define minor_version 0
+%define minor_version 11
%define shortname 389-ds
%define pkgname dirsrv
diff --git a/build.properties b/build.properties
index 6486d1d..2ff5c74 100755
--- a/build.properties
+++ b/build.properties
@@ -21,7 +21,7 @@
lang=en
ldapconsole.root=..
-ldapconsole.version=1.2.10
+ldapconsole.version=1.2.11
ldapconsole.gen.version=1.2
brand=389
ldapconsole.name=${brand}-ds-${ldapconsole.version}
diff --git a/fedora-ds-console.spec b/fedora-ds-console.spec
index d14307f..c312177 100755
--- a/fedora-ds-console.spec
+++ b/fedora-ds-console.spec
@@ -1,5 +1,5 @@
%define major_version 1.2
-%define minor_version 0
+%define minor_version 11
%define shortname fedora-ds
%define pkgname dirsrv
8 years, 2 months
Branch '389-ds-base-1.2.11' - 2 commits - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 19 +++++++++++++++++--
ldap/servers/slapd/dn.c | 3 ++-
2 files changed, 19 insertions(+), 3 deletions(-)
New commits:
commit 3579393628d9f256613e20d4b1ec248ea3feee2e
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Mar 13 17:56:43 2015 -0700
Ticket #48133 - Non tombstone entry which dn starting with "nsuniqueid=...," cannot be deleted
Bug Description: Trying to delete an entry which DN starts with
"nsuniqueid=...," but no objectclass=nsTombstone fails with
"Turning a tombstone into a tombstone!", which is indeed not.
Fix Description: This patch checks the entry and if it does not
have "objectclass=nsTombstone", the entry is not treated as a
tombstone. Also, if the DN already has the entry's nsuniqueid
at the beginning, it does not get appended to avoid the duplicate.
Note: Adding an entry which DN starts with "nsuniqueid" and no
nsTombstone objectclass fails since such an entry is rejected in
check_rdn_for_created_attrs called from do_add.
https://fedorahosted.org/389/ticket/48133
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 171a9a9..d744e94 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -454,13 +454,28 @@ ldbm_back_delete( Slapi_PBlock *pb )
char *tombstone_dn;
Slapi_Value *tomb_value;
- if (slapi_is_special_rdn(edn, RDN_IS_TOMBSTONE)) {
+ if (slapi_entry_attr_hasvalue(e->ep_entry, SLAPI_ATTR_OBJECTCLASS, SLAPI_ATTR_VALUE_TOMBSTONE) &&
+ slapi_is_special_rdn(edn, RDN_IS_TOMBSTONE)) {
LDAPDebug1Arg(LDAP_DEBUG_ANY, "Turning a tombstone into a tombstone! \"%s\"\n", edn);
ldap_result_code= LDAP_OPERATIONS_ERROR;
retval = -1;
goto error_return;
}
- tombstone_dn = compute_entry_tombstone_dn(edn, childuniqueid);
+ if (!childuniqueid) {
+ slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_delete",
+ "No nsUniqueId in the entry \"%s\"; e: 0x%p, cache_state: 0x%x, refcnt: %d\n",
+ edn, e, e->ep_state, e->ep_refcnt);
+ ldap_result_code = LDAP_OPERATIONS_ERROR;
+ retval = -1;
+ goto error_return;
+ }
+ if ((0 == PL_strncmp(edn + sizeof(SLAPI_ATTR_UNIQUEID), childuniqueid, strlen(childuniqueid))) &&
+ (*(edn + SLAPI_ATTR_UNIQUEID_LENGTH + slapi_uniqueIDSize() + 1/*=*/) == ',')) {
+ /* The DN already starts with "nsuniqueid=...," */
+ tombstone_dn = slapi_ch_strdup(edn);
+ } else {
+ tombstone_dn = compute_entry_tombstone_dn(edn, childuniqueid);
+ }
slapi_sdn_set_ndn_byval(&nscpEntrySDN, slapi_sdn_get_ndn(slapi_entry_get_sdn(e->ep_entry)));
commit d132bc4014dc5bd5f69f403ca415de0007713b61
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Thu Feb 19 10:22:02 2015 -0800
Coverity fix - Invalid Dereference in ndn_cache_add (dn.c)
diff --git a/ldap/servers/slapd/dn.c b/ldap/servers/slapd/dn.c
index 9c1084f..db050c8 100644
--- a/ldap/servers/slapd/dn.c
+++ b/ldap/servers/slapd/dn.c
@@ -2936,7 +2936,8 @@ ndn_cache_add(char *dn, size_t dn_len, char *ndn, size_t ndn_len)
new_node->next = NULL;
} else {
new_node->next = ndn_cache->head;
- ndn_cache->head->prev = new_node;
+ if(ndn_cache->head)
+ ndn_cache->head->prev = new_node;
}
ndn_cache->head = new_node;
PR_Unlock(lru_lock);
8 years, 2 months
Branch '389-ds-base-1.3.2' - ldap/servers
by Noriko Hosoi
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 19 +++++++++++++++++--
1 file changed, 17 insertions(+), 2 deletions(-)
New commits:
commit fac457e813721151a6d081aae6614824769cf12d
Author: Noriko Hosoi <nhosoi(a)redhat.com>
Date: Fri Mar 13 16:31:43 2015 -0700
Ticket #48133 - Non tombstone entry which dn starting with "nsuniqueid=...," cannot be deleted
Bug Description: Trying to delete an entry which DN starts with
"nsuniqueid=...," but no objectclass=nsTombstone fails with
"Turning a tombstone into a tombstone!", which is indeed not.
Fix Description: This patch checks the entry and if it does not
have "objectclass=nsTombstone", the entry is not treated as a
tombstone. Also, if the DN already has the entry's nsuniqueid
at the beginning, it does not get appended to avoid the duplicate.
Note: Adding an entry which DN starts with "nsuniqueid" and no
nsTombstone objectclass fails since such an entry is rejected in
check_rdn_for_created_attrs called from do_add.
https://fedorahosted.org/389/ticket/48133
Reviewed by rmeggins(a)redhat.com (Thank you, Rich!!)
(cherry picked from commit f14fb8b6f71d2a87b650064f15099a2cc2dfd38a)
(cherry picked from commit ff224e704752aadee5113f4ee02ca297a225a98f)
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index 928e13e..9b46d3f 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -593,7 +593,8 @@ ldbm_back_delete( Slapi_PBlock *pb )
char *tombstone_dn;
Slapi_Value *tomb_value;
- if (slapi_is_special_rdn(edn, RDN_IS_TOMBSTONE)) {
+ if (slapi_entry_attr_hasvalue(e->ep_entry, SLAPI_ATTR_OBJECTCLASS, SLAPI_ATTR_VALUE_TOMBSTONE) &&
+ slapi_is_special_rdn(edn, RDN_IS_TOMBSTONE)) {
slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_delete",
"conn=%lu op=%d Turning a tombstone into a tombstone! \"%s\"; e: 0x%p, cache_state: 0x%x, refcnt: %d\n",
conn_id, op_id, edn, e, e->ep_state, e->ep_refcnt);
@@ -601,7 +602,21 @@ ldbm_back_delete( Slapi_PBlock *pb )
retval = -1;
goto error_return;
}
- tombstone_dn = compute_entry_tombstone_dn(edn, childuniqueid);
+ if (!childuniqueid) {
+ slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_delete",
+ "conn=%lu op=%d No nsUniqueId in the entry \"%s\"; e: 0x%p, cache_state: 0x%x, refcnt: %d\n",
+ conn_id, op_id, edn, e, e->ep_state, e->ep_refcnt);
+ ldap_result_code= LDAP_OPERATIONS_ERROR;
+ retval = -1;
+ goto error_return;
+ }
+ if ((0 == PL_strncmp(edn + sizeof(SLAPI_ATTR_UNIQUEID), childuniqueid, strlen(childuniqueid))) &&
+ (*(edn + SLAPI_ATTR_UNIQUEID_LENGTH + slapi_uniqueIDSize() + 1/*=*/) == ',')) {
+ /* The DN already starts with "nsuniqueid=...," */
+ tombstone_dn = slapi_ch_strdup(edn);
+ } else {
+ tombstone_dn = compute_entry_tombstone_dn(edn, childuniqueid);
+ }
slapi_sdn_set_ndn_byval(&nscpEntrySDN, slapi_sdn_get_ndn(slapi_entry_get_sdn(e->ep_entry)));
8 years, 2 months