[389-ds-base] branch 389-ds-base-1.4.3 updated: Bump version to 1.4.3.12
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new 9bc0429 Bump version to 1.4.3.12
9bc0429 is described below
commit 9bc042902f445244733deb1d749ef324257dcec3
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Fri Jul 31 15:19:26 2020 -0400
Bump version to 1.4.3.12
---
VERSION.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/VERSION.sh b/VERSION.sh
index 2b66655..09ef847 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -10,7 +10,7 @@ vendor="389 Project"
# PACKAGE_VERSION is constructed from these
VERSION_MAJOR=1
VERSION_MINOR=4
-VERSION_MAINT=3.11
+VERSION_MAINT=3.12
# NOTE: VERSION_PREREL is automatically set for builds made out of a git tree
VERSION_PREREL=
VERSION_DATE=$(date -u +%Y%m%d)
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 51222 - It should not be allowed to delete Managed Entry manually
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new f7e1b17 Issue 51222 - It should not be allowed to delete Managed Entry manually
f7e1b17 is described below
commit f7e1b175bdf02b77fdf30dd984d0b97e539fe33e
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Wed Jul 29 17:13:51 2020 +0200
Issue 51222 - It should not be allowed to delete Managed Entry manually
Bug Description: It is possible to delete a managed entry and no error is raised.
Also, while doing delete or modrdn peration on a managing entry and the managed entry
doesn't exist, we should continue the operation.
Fix Description: We should put an entry struct duplicate to SLAPI_ENTRY_PRE_OP pblock
before we execute plugins PRE_OP. Also, we should allow to continue modrdn and delete
managing entry operations execution even when managed entry doesn't exists.
Allow 'cn=directory manager' to delete managed entry on direct update.
Add a test.
https://pagure.io/389-ds-base/issue/51222
Reviewed by: firstyear, tbordaz (Thanks!)
---
ldap/servers/plugins/mep/mep.c | 53 ++++++++++++++++++++++--------
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 5 +--
2 files changed, 42 insertions(+), 16 deletions(-)
diff --git a/ldap/servers/plugins/mep/mep.c b/ldap/servers/plugins/mep/mep.c
index 401d95e..4f433ce 100644
--- a/ldap/servers/plugins/mep/mep.c
+++ b/ldap/servers/plugins/mep/mep.c
@@ -2158,6 +2158,7 @@ mep_pre_op(Slapi_PBlock *pb, int modop)
Slapi_Mod *next_mod = NULL;
char *origin_dn = NULL;
Slapi_DN *origin_sdn = NULL;
+ char *requestor_dn = NULL;
/* Fetch the target entry. */
if (sdn) {
@@ -2249,11 +2250,19 @@ mep_pre_op(Slapi_PBlock *pb, int modop)
slapi_ch_free_string(&origin_dn);
} else {
- errstr = slapi_ch_smprintf("%s a managed entry is not allowed. "
- "It needs to be manually unlinked first.",
- modop == LDAP_CHANGETYPE_DELETE ? "Deleting"
- : "Renaming");
- ret = LDAP_UNWILLING_TO_PERFORM;
+ slapi_pblock_get(pb, SLAPI_REQUESTOR_DN, &requestor_dn);
+ if (slapi_dn_isroot(requestor_dn)) {
+ slapi_log_err(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
+ "mep_pre_op - %s is %s a managed entry.",
+ requestor_dn, modop == LDAP_CHANGETYPE_DELETE ? "deleting"
+ : "renaming");
+ } else {
+ errstr = slapi_ch_smprintf("%s a managed entry is not allowed. "
+ "It needs to be manually unlinked first.",
+ modop == LDAP_CHANGETYPE_DELETE ? "Deleting"
+ : "Renaming");
+ ret = LDAP_UNWILLING_TO_PERFORM;
+ }
}
}
}
@@ -2587,10 +2596,18 @@ mep_del_post_op(Slapi_PBlock *pb)
slapi_delete_internal_pb(mep_pb);
slapi_pblock_get(mep_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
if (result) {
- slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
- "mep_del_post_op - Failed to delete managed entry "
- "(%s) - error (%d)\n",
- managed_dn, result);
+ if (result == LDAP_NO_SUCH_OBJECT) {
+ slapi_log_err(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
+ "mep_del_post_op - Failed to delete managed entry "
+ "(%s) - it doesn't exist already)\n",
+ managed_dn);
+ result = SLAPI_PLUGIN_SUCCESS;
+ } else {
+ slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
+ "mep_del_post_op - Failed to delete managed entry "
+ "(%s) - error (%d)\n",
+ managed_dn, result);
+ }
}
slapi_ch_free_string(&managed_dn);
slapi_pblock_destroy(mep_pb);
@@ -2702,11 +2719,19 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
slapi_delete_internal_pb(mep_pb);
slapi_pblock_get(mep_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
if (result) {
- slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
- "mep_modrdn_post_op - Failed to delete managed entry "
- "(%s) - error (%d)\n",
- managed_dn, result);
- goto bailmod;
+ if (result == LDAP_NO_SUCH_OBJECT) {
+ slapi_log_err(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
+ "mep_modrdn_post_op - Failed to delete managed entry "
+ "(%s) - it doesn't exist already)\n",
+ managed_dn);
+ result = SLAPI_PLUGIN_SUCCESS;
+ } else {
+ slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
+ "mep_modrdn_post_op - Failed to delete managed entry "
+ "(%s) - error (%d)\n",
+ managed_dn, result);
+ goto bailmod;
+ }
}
/* Clear out the pblock for reuse. */
slapi_pblock_init(mep_pb);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index fbcb573..c4ed797 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -404,6 +404,9 @@ replace_entry:
delete_tombstone_entry = operation_is_flag_set(operation, OP_FLAG_TOMBSTONE_ENTRY);
}
+ /* Save away a copy of the entry, before modifications */
+ slapi_pblock_set(pb, SLAPI_ENTRY_PRE_OP, slapi_entry_dup(e->ep_entry));
+
/* call the transaction pre delete plugins just after the
* to-be-deleted entry is prepared. */
/* these should not need to modify the entry to be deleted -
@@ -500,8 +503,6 @@ replace_entry:
"entry: %s - flags: delete %d is_tombstone_entry %d create %d \n",
dn, delete_tombstone_entry, is_tombstone_entry, create_tombstone_entry);
#endif
- /* Save away a copy of the entry, before modifications */
- slapi_pblock_set(pb, SLAPI_ENTRY_PRE_OP, slapi_entry_dup(e->ep_entry));
/*
* Get the entry's parent. We do this here because index_read
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.2 updated: Issue 51222 - It should not be allowed to delete Managed Entry manually
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch 389-ds-base-1.4.2
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.2 by this push:
new bf2da9c Issue 51222 - It should not be allowed to delete Managed Entry manually
bf2da9c is described below
commit bf2da9c4d147dd65b022c6053f5c7cce128ff5d0
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Wed Jul 29 17:13:51 2020 +0200
Issue 51222 - It should not be allowed to delete Managed Entry manually
Bug Description: It is possible to delete a managed entry and no error is raised.
Also, while doing delete or modrdn peration on a managing entry and the managed entry
doesn't exist, we should continue the operation.
Fix Description: We should put an entry struct duplicate to SLAPI_ENTRY_PRE_OP pblock
before we execute plugins PRE_OP. Also, we should allow to continue modrdn and delete
managing entry operations execution even when managed entry doesn't exists.
Allow 'cn=directory manager' to delete managed entry on direct update.
Add a test.
https://pagure.io/389-ds-base/issue/51222
Reviewed by: firstyear, tbordaz (Thanks!)
---
ldap/servers/plugins/mep/mep.c | 53 ++++++++++++++++++++++--------
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 5 +--
2 files changed, 42 insertions(+), 16 deletions(-)
diff --git a/ldap/servers/plugins/mep/mep.c b/ldap/servers/plugins/mep/mep.c
index 401d95e..4f433ce 100644
--- a/ldap/servers/plugins/mep/mep.c
+++ b/ldap/servers/plugins/mep/mep.c
@@ -2158,6 +2158,7 @@ mep_pre_op(Slapi_PBlock *pb, int modop)
Slapi_Mod *next_mod = NULL;
char *origin_dn = NULL;
Slapi_DN *origin_sdn = NULL;
+ char *requestor_dn = NULL;
/* Fetch the target entry. */
if (sdn) {
@@ -2249,11 +2250,19 @@ mep_pre_op(Slapi_PBlock *pb, int modop)
slapi_ch_free_string(&origin_dn);
} else {
- errstr = slapi_ch_smprintf("%s a managed entry is not allowed. "
- "It needs to be manually unlinked first.",
- modop == LDAP_CHANGETYPE_DELETE ? "Deleting"
- : "Renaming");
- ret = LDAP_UNWILLING_TO_PERFORM;
+ slapi_pblock_get(pb, SLAPI_REQUESTOR_DN, &requestor_dn);
+ if (slapi_dn_isroot(requestor_dn)) {
+ slapi_log_err(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
+ "mep_pre_op - %s is %s a managed entry.",
+ requestor_dn, modop == LDAP_CHANGETYPE_DELETE ? "deleting"
+ : "renaming");
+ } else {
+ errstr = slapi_ch_smprintf("%s a managed entry is not allowed. "
+ "It needs to be manually unlinked first.",
+ modop == LDAP_CHANGETYPE_DELETE ? "Deleting"
+ : "Renaming");
+ ret = LDAP_UNWILLING_TO_PERFORM;
+ }
}
}
}
@@ -2587,10 +2596,18 @@ mep_del_post_op(Slapi_PBlock *pb)
slapi_delete_internal_pb(mep_pb);
slapi_pblock_get(mep_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
if (result) {
- slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
- "mep_del_post_op - Failed to delete managed entry "
- "(%s) - error (%d)\n",
- managed_dn, result);
+ if (result == LDAP_NO_SUCH_OBJECT) {
+ slapi_log_err(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
+ "mep_del_post_op - Failed to delete managed entry "
+ "(%s) - it doesn't exist already)\n",
+ managed_dn);
+ result = SLAPI_PLUGIN_SUCCESS;
+ } else {
+ slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
+ "mep_del_post_op - Failed to delete managed entry "
+ "(%s) - error (%d)\n",
+ managed_dn, result);
+ }
}
slapi_ch_free_string(&managed_dn);
slapi_pblock_destroy(mep_pb);
@@ -2702,11 +2719,19 @@ mep_modrdn_post_op(Slapi_PBlock *pb)
slapi_delete_internal_pb(mep_pb);
slapi_pblock_get(mep_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
if (result) {
- slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
- "mep_modrdn_post_op - Failed to delete managed entry "
- "(%s) - error (%d)\n",
- managed_dn, result);
- goto bailmod;
+ if (result == LDAP_NO_SUCH_OBJECT) {
+ slapi_log_err(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM,
+ "mep_modrdn_post_op - Failed to delete managed entry "
+ "(%s) - it doesn't exist already)\n",
+ managed_dn);
+ result = SLAPI_PLUGIN_SUCCESS;
+ } else {
+ slapi_log_err(SLAPI_LOG_ERR, MEP_PLUGIN_SUBSYSTEM,
+ "mep_modrdn_post_op - Failed to delete managed entry "
+ "(%s) - error (%d)\n",
+ managed_dn, result);
+ goto bailmod;
+ }
}
/* Clear out the pblock for reuse. */
slapi_pblock_init(mep_pb);
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_delete.c b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
index fbcb573..c4ed797 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_delete.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_delete.c
@@ -404,6 +404,9 @@ replace_entry:
delete_tombstone_entry = operation_is_flag_set(operation, OP_FLAG_TOMBSTONE_ENTRY);
}
+ /* Save away a copy of the entry, before modifications */
+ slapi_pblock_set(pb, SLAPI_ENTRY_PRE_OP, slapi_entry_dup(e->ep_entry));
+
/* call the transaction pre delete plugins just after the
* to-be-deleted entry is prepared. */
/* these should not need to modify the entry to be deleted -
@@ -500,8 +503,6 @@ replace_entry:
"entry: %s - flags: delete %d is_tombstone_entry %d create %d \n",
dn, delete_tombstone_entry, is_tombstone_entry, create_tombstone_entry);
#endif
- /* Save away a copy of the entry, before modifications */
- slapi_pblock_set(pb, SLAPI_ENTRY_PRE_OP, slapi_entry_dup(e->ep_entry));
/*
* Get the entry's parent. We do this here because index_read
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.2 updated: Issue 51129 - SSL alert: The value of sslVersionMax "TLS1.3" is higher than the supported version
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.2
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.2 by this push:
new e4d41b9 Issue 51129 - SSL alert: The value of sslVersionMax "TLS1.3" is higher than the supported version
e4d41b9 is described below
commit e4d41b92cde465691587b86d7d93f8788b69768f
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Fri Jul 24 12:14:44 2020 -0400
Issue 51129 - SSL alert: The value of sslVersionMax "TLS1.3" is higher than the supported version
Bug Description: If you try and set the sslVersionMax higher than the
default range, but within the supported range, you
would still get an error and the server would reset
the max to "default" max value.
Fix Description: Keep track of both the supported and default SSL ranges,
and correctly use each range for value validation. If
the value is outside the supported range, then use default
value, etc, but do not check the requested range against
the default range. We only use the default range if
there is no specified min or max in the config, or if
a invalid min or max value is set in the config.
Also, refactored the range variable names to be more
accurate:
enabledNSSVersions --> defaultNSSVersions
emin, emax --> dmin, dmax
relates: https://pagure.io/389-ds-base/issue/51129
Reviewed by: firstyear(Thanks!)
---
ldap/servers/slapd/ssl.c | 155 ++++++++++++++++++++++++-----------------------
1 file changed, 80 insertions(+), 75 deletions(-)
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
index 0248585..1a860b7 100644
--- a/ldap/servers/slapd/ssl.c
+++ b/ldap/servers/slapd/ssl.c
@@ -49,11 +49,11 @@
******************************************************************************/
#define DEFVERSION "TLS1.2"
-#define CURRENT_DEFAULT_SSL_VERSION SSL_LIBRARY_VERSION_TLS_1_2
extern char *slapd_SSL3ciphers;
extern symbol_t supported_ciphers[];
-static SSLVersionRange enabledNSSVersions;
+static SSLVersionRange defaultNSSVersions;
+static SSLVersionRange supportedNSSVersions;
static SSLVersionRange slapdNSSVersions;
@@ -934,15 +934,24 @@ slapd_nss_init(int init_ssl __attribute__((unused)), int config_available __attr
int create_certdb = 0;
PRUint32 nssFlags = 0;
char *certdir;
- char emin[VERSION_STR_LENGTH], emax[VERSION_STR_LENGTH];
- /* Get the range of the supported SSL version */
- SSL_VersionRangeGetDefault(ssl_variant_stream, &enabledNSSVersions);
+ char dmin[VERSION_STR_LENGTH], dmax[VERSION_STR_LENGTH];
+ char smin[VERSION_STR_LENGTH], smax[VERSION_STR_LENGTH];
- (void)slapi_getSSLVersion_str(enabledNSSVersions.min, emin, sizeof(emin));
- (void)slapi_getSSLVersion_str(enabledNSSVersions.max, emax, sizeof(emax));
+ /* Get the range of the supported SSL version */
+ SSL_VersionRangeGetSupported(ssl_variant_stream, &supportedNSSVersions);
+ (void)slapi_getSSLVersion_str(supportedNSSVersions.min, smin, sizeof(smin));
+ (void)slapi_getSSLVersion_str(supportedNSSVersions.max, smax, sizeof(smax));
+
+ /* Get the enabled default range */
+ SSL_VersionRangeGetDefault(ssl_variant_stream, &defaultNSSVersions);
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.min, dmin, sizeof(dmin));
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.max, dmax, sizeof(dmax));
slapi_log_err(SLAPI_LOG_CONFIG, "Security Initialization",
"slapd_nss_init - Supported range by NSS: min: %s, max: %s\n",
- emin, emax);
+ smin, smax);
+ slapi_log_err(SLAPI_LOG_CONFIG, "Security Initialization",
+ "slapd_nss_init - Enabled default range by NSS: min: %s, max: %s\n",
+ dmin, dmax);
/* set in slapd_bootstrap_config,
thus certdir is available even if config_available is false */
@@ -1262,21 +1271,21 @@ static int
set_NSS_version(char *val, PRUint16 *rval, int ismin)
{
char *vp;
- char emin[VERSION_STR_LENGTH], emax[VERSION_STR_LENGTH];
+ char dmin[VERSION_STR_LENGTH], dmax[VERSION_STR_LENGTH];
if (NULL == rval) {
return 1;
}
- (void)slapi_getSSLVersion_str(enabledNSSVersions.min, emin, sizeof(emin));
- (void)slapi_getSSLVersion_str(enabledNSSVersions.max, emax, sizeof(emax));
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.min, dmin, sizeof(dmin));
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.max, dmax, sizeof(dmax));
if (!strncasecmp(val, SSLSTR, SSLLEN)) { /* ssl# NOT SUPPORTED */
if (ismin) {
- slapd_SSL_warn("SSL3 is no longer supported. Using NSS default min value: %s\n", emin);
- (*rval) = enabledNSSVersions.min;
+ slapd_SSL_warn("SSL3 is no longer supported. Using NSS default min value: %s", dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
- slapd_SSL_warn("SSL3 is no longer supported. Using NSS default max value: %s\n", emax);
- (*rval) = enabledNSSVersions.max;
+ slapd_SSL_warn("SSL3 is no longer supported. Using NSS default max value: %s", dmax);
+ (*rval) = defaultNSSVersions.max;
}
} else if (!strncasecmp(val, TLSSTR, TLSLEN)) { /* tls# */
float tlsv;
@@ -1284,122 +1293,122 @@ set_NSS_version(char *val, PRUint16 *rval, int ismin)
sscanf(vp, "%4f", &tlsv);
if (tlsv < 1.1f) { /* TLS1.0 */
if (ismin) {
- if (enabledNSSVersions.min > CURRENT_DEFAULT_SSL_VERSION) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_0) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is lower than the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_0;
}
} else {
- if (enabledNSSVersions.max < CURRENT_DEFAULT_SSL_VERSION) {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_0) {
/* never happens */
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is higher than the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_0;
}
}
} else if (tlsv < 1.2f) { /* TLS1.1 */
if (ismin) {
- if (enabledNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_1) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_1) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is lower than the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_1;
}
} else {
- if (enabledNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_1) {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_1) {
/* never happens */
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is higher than the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_1;
}
}
} else if (tlsv < 1.3f) { /* TLS1.2 */
if (ismin) {
- if (enabledNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_2) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_2) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is lower than the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_2;
}
} else {
- if (enabledNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_2) {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_2) {
/* never happens */
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is higher than the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_2;
}
}
} else if (tlsv < 1.4f) { /* TLS1.3 */
- if (ismin) {
- if (enabledNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_3) {
- slapd_SSL_warn("The value of sslVersionMin "
- "\"%s\" is lower than the supported version; "
- "the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
- } else {
- (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
- }
- } else {
- if (enabledNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) {
- /* never happens */
- slapd_SSL_warn("The value of sslVersionMax "
- "\"%s\" is higher than the supported version; "
- "the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
- } else {
- (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
- }
- }
+ if (ismin) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_3) {
+ slapd_SSL_warn("The value of sslVersionMin "
+ "\"%s\" is lower than the supported version; "
+ "the default value \"%s\" is used.",
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
+ } else {
+ (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
+ }
+ } else {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) {
+ /* never happens */
+ slapd_SSL_warn("The value of sslVersionMax "
+ "\"%s\" is higher than the supported version; "
+ "the default value \"%s\" is used.",
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
+ } else {
+ (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
+ }
+ }
} else { /* Specified TLS is newer than supported */
if (ismin) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is out of the range of the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is out of the range of the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
}
}
} else {
if (ismin) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is invalid; the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is invalid; the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
}
}
return 0;
@@ -1429,10 +1438,9 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
char *tmpDir;
Slapi_Entry *e = NULL;
PRBool fipsMode = PR_FALSE;
- PRUint16 NSSVersionMin = enabledNSSVersions.min;
- PRUint16 NSSVersionMax = enabledNSSVersions.max;
+ PRUint16 NSSVersionMin = defaultNSSVersions.min;
+ PRUint16 NSSVersionMax = defaultNSSVersions.max;
char mymin[VERSION_STR_LENGTH], mymax[VERSION_STR_LENGTH];
- char newmax[VERSION_STR_LENGTH];
int allowweakcipher = CIPHER_SET_DEFAULTWEAKCIPHER;
int_fast16_t renegotiation = (int_fast16_t)SSL_RENEGOTIATE_REQUIRES_XTN;
@@ -1793,12 +1801,9 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
if (NSSVersionMin > NSSVersionMax) {
(void)slapi_getSSLVersion_str(NSSVersionMin, mymin, sizeof(mymin));
(void)slapi_getSSLVersion_str(NSSVersionMax, mymax, sizeof(mymax));
- slapd_SSL_warn("The min value of NSS version range \"%s\" is greater than the max value \"%s\".",
+ slapd_SSL_warn("The min value of NSS version range \"%s\" is greater than the max value \"%s\". Adjusting the max to match the miniumum.",
mymin, mymax);
- (void)slapi_getSSLVersion_str(enabledNSSVersions.max, newmax, sizeof(newmax));
- slapd_SSL_warn("Reset the max \"%s\" to supported max \"%s\".",
- mymax, newmax);
- NSSVersionMax = enabledNSSVersions.max;
+ NSSVersionMax = NSSVersionMin;
}
}
@@ -1814,7 +1819,7 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
if (sslStatus != SECSuccess) {
errorCode = PR_GetError();
slapd_SSL_error("Security Initialization - "
- "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)\n",
+ "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)",
mymin, mymax, errorCode, slapd_pr_strerror(errorCode));
}
/*
@@ -1844,13 +1849,13 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
(void)slapi_getSSLVersion_str(slapdNSSVersions.min, mymin, sizeof(mymin));
(void)slapi_getSSLVersion_str(slapdNSSVersions.max, mymax, sizeof(mymax));
slapd_SSL_error("Security Initialization - "
- "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)\n",
+ "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)",
mymin, mymax, errorCode, slapd_pr_strerror(errorCode));
}
} else {
errorCode = PR_GetError();
slapd_SSL_error("Security Initialization - ",
- "slapd_ssl_init2 - Failed to get SSL range from socket - error %d (%s)\n",
+ "slapd_ssl_init2 - Failed to get SSL range from socket - error %d (%s)",
errorCode, slapd_pr_strerror(errorCode));
}
@@ -2177,7 +2182,7 @@ slapd_SSL_client_auth(LDAP *ld)
}
} else {
if (token == NULL) {
- slapd_SSL_warn("slapd_SSL_client_auth - certificate token was not found\n");
+ slapd_SSL_warn("slapd_SSL_client_auth - certificate token was not found");
}
rc = -1;
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 51129 - SSL alert: The value of sslVersionMax "TLS1.3" is higher than the supported version
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new 54cdd73 Issue 51129 - SSL alert: The value of sslVersionMax "TLS1.3" is higher than the supported version
54cdd73 is described below
commit 54cdd731d0c2cfdea7804b948f53e9a30a985c95
Author: Mark Reynolds <mreynolds(a)redhat.com>
AuthorDate: Fri Jul 24 12:14:44 2020 -0400
Issue 51129 - SSL alert: The value of sslVersionMax "TLS1.3" is higher than the supported version
Bug Description: If you try and set the sslVersionMax higher than the
default range, but within the supported range, you
would still get an error and the server would reset
the max to "default" max value.
Fix Description: Keep track of both the supported and default SSL ranges,
and correctly use each range for value validation. If
the value is outside the supported range, then use default
value, etc, but do not check the requested range against
the default range. We only use the default range if
there is no specified min or max in the config, or if
a invalid min or max value is set in the config.
Also, refactored the range variable names to be more
accurate:
enabledNSSVersions --> defaultNSSVersions
emin, emax --> dmin, dmax
relates: https://pagure.io/389-ds-base/issue/51129
Reviewed by: firstyear(Thanks!)
---
ldap/servers/slapd/ssl.c | 155 +++++++++++++++++++++-------------------
src/lib389/lib389/dirsrv_log.py | 2 +-
2 files changed, 81 insertions(+), 76 deletions(-)
diff --git a/ldap/servers/slapd/ssl.c b/ldap/servers/slapd/ssl.c
index 846106b..7206caf 100644
--- a/ldap/servers/slapd/ssl.c
+++ b/ldap/servers/slapd/ssl.c
@@ -50,11 +50,11 @@
******************************************************************************/
#define DEFVERSION "TLS1.2"
-#define CURRENT_DEFAULT_SSL_VERSION SSL_LIBRARY_VERSION_TLS_1_2
extern char *slapd_SSL3ciphers;
extern symbol_t supported_ciphers[];
-static SSLVersionRange enabledNSSVersions;
+static SSLVersionRange defaultNSSVersions;
+static SSLVersionRange supportedNSSVersions;
static SSLVersionRange slapdNSSVersions;
@@ -1014,15 +1014,24 @@ slapd_nss_init(int init_ssl __attribute__((unused)), int config_available __attr
int create_certdb = 0;
PRUint32 nssFlags = 0;
char *certdir;
- char emin[VERSION_STR_LENGTH], emax[VERSION_STR_LENGTH];
- /* Get the range of the supported SSL version */
- SSL_VersionRangeGetDefault(ssl_variant_stream, &enabledNSSVersions);
+ char dmin[VERSION_STR_LENGTH], dmax[VERSION_STR_LENGTH];
+ char smin[VERSION_STR_LENGTH], smax[VERSION_STR_LENGTH];
- (void)slapi_getSSLVersion_str(enabledNSSVersions.min, emin, sizeof(emin));
- (void)slapi_getSSLVersion_str(enabledNSSVersions.max, emax, sizeof(emax));
+ /* Get the range of the supported SSL version */
+ SSL_VersionRangeGetSupported(ssl_variant_stream, &supportedNSSVersions);
+ (void)slapi_getSSLVersion_str(supportedNSSVersions.min, smin, sizeof(smin));
+ (void)slapi_getSSLVersion_str(supportedNSSVersions.max, smax, sizeof(smax));
+
+ /* Get the enabled default range */
+ SSL_VersionRangeGetDefault(ssl_variant_stream, &defaultNSSVersions);
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.min, dmin, sizeof(dmin));
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.max, dmax, sizeof(dmax));
slapi_log_err(SLAPI_LOG_CONFIG, "Security Initialization",
"slapd_nss_init - Supported range by NSS: min: %s, max: %s\n",
- emin, emax);
+ smin, smax);
+ slapi_log_err(SLAPI_LOG_CONFIG, "Security Initialization",
+ "slapd_nss_init - Enabled default range by NSS: min: %s, max: %s\n",
+ dmin, dmax);
/* set in slapd_bootstrap_config,
thus certdir is available even if config_available is false
@@ -1344,21 +1353,21 @@ static int
set_NSS_version(char *val, PRUint16 *rval, int ismin)
{
char *vp;
- char emin[VERSION_STR_LENGTH], emax[VERSION_STR_LENGTH];
+ char dmin[VERSION_STR_LENGTH], dmax[VERSION_STR_LENGTH];
if (NULL == rval) {
return 1;
}
- (void)slapi_getSSLVersion_str(enabledNSSVersions.min, emin, sizeof(emin));
- (void)slapi_getSSLVersion_str(enabledNSSVersions.max, emax, sizeof(emax));
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.min, dmin, sizeof(dmin));
+ (void)slapi_getSSLVersion_str(defaultNSSVersions.max, dmax, sizeof(dmax));
if (!strncasecmp(val, SSLSTR, SSLLEN)) { /* ssl# NOT SUPPORTED */
if (ismin) {
- slapd_SSL_warn("SSL3 is no longer supported. Using NSS default min value: %s\n", emin);
- (*rval) = enabledNSSVersions.min;
+ slapd_SSL_warn("SSL3 is no longer supported. Using NSS default min value: %s", dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
- slapd_SSL_warn("SSL3 is no longer supported. Using NSS default max value: %s\n", emax);
- (*rval) = enabledNSSVersions.max;
+ slapd_SSL_warn("SSL3 is no longer supported. Using NSS default max value: %s", dmax);
+ (*rval) = defaultNSSVersions.max;
}
} else if (!strncasecmp(val, TLSSTR, TLSLEN)) { /* tls# */
float tlsv;
@@ -1366,122 +1375,122 @@ set_NSS_version(char *val, PRUint16 *rval, int ismin)
sscanf(vp, "%4f", &tlsv);
if (tlsv < 1.1f) { /* TLS1.0 */
if (ismin) {
- if (enabledNSSVersions.min > CURRENT_DEFAULT_SSL_VERSION) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_0) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is lower than the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_0;
}
} else {
- if (enabledNSSVersions.max < CURRENT_DEFAULT_SSL_VERSION) {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_0) {
/* never happens */
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is higher than the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_0;
}
}
} else if (tlsv < 1.2f) { /* TLS1.1 */
if (ismin) {
- if (enabledNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_1) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_1) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is lower than the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_1;
}
} else {
- if (enabledNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_1) {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_1) {
/* never happens */
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is higher than the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_1;
}
}
} else if (tlsv < 1.3f) { /* TLS1.2 */
if (ismin) {
- if (enabledNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_2) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_2) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is lower than the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_2;
}
} else {
- if (enabledNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_2) {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_2) {
/* never happens */
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is higher than the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
} else {
(*rval) = SSL_LIBRARY_VERSION_TLS_1_2;
}
}
} else if (tlsv < 1.4f) { /* TLS1.3 */
- if (ismin) {
- if (enabledNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_3) {
- slapd_SSL_warn("The value of sslVersionMin "
- "\"%s\" is lower than the supported version; "
- "the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
- } else {
- (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
- }
- } else {
- if (enabledNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) {
- /* never happens */
- slapd_SSL_warn("The value of sslVersionMax "
- "\"%s\" is higher than the supported version; "
- "the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
- } else {
- (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
- }
- }
+ if (ismin) {
+ if (supportedNSSVersions.min > SSL_LIBRARY_VERSION_TLS_1_3) {
+ slapd_SSL_warn("The value of sslVersionMin "
+ "\"%s\" is lower than the supported version; "
+ "the default value \"%s\" is used.",
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
+ } else {
+ (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
+ }
+ } else {
+ if (supportedNSSVersions.max < SSL_LIBRARY_VERSION_TLS_1_3) {
+ /* never happens */
+ slapd_SSL_warn("The value of sslVersionMax "
+ "\"%s\" is higher than the supported version; "
+ "the default value \"%s\" is used.",
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
+ } else {
+ (*rval) = SSL_LIBRARY_VERSION_TLS_1_3;
+ }
+ }
} else { /* Specified TLS is newer than supported */
if (ismin) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is out of the range of the supported version; "
"the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is out of the range of the supported version; "
"the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
}
}
} else {
if (ismin) {
slapd_SSL_warn("The value of sslVersionMin "
"\"%s\" is invalid; the default value \"%s\" is used.",
- val, emin);
- (*rval) = enabledNSSVersions.min;
+ val, dmin);
+ (*rval) = defaultNSSVersions.min;
} else {
slapd_SSL_warn("The value of sslVersionMax "
"\"%s\" is invalid; the default value \"%s\" is used.",
- val, emax);
- (*rval) = enabledNSSVersions.max;
+ val, dmax);
+ (*rval) = defaultNSSVersions.max;
}
}
return 0;
@@ -1511,10 +1520,9 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
char *tmpDir;
Slapi_Entry *e = NULL;
PRBool fipsMode = PR_FALSE;
- PRUint16 NSSVersionMin = enabledNSSVersions.min;
- PRUint16 NSSVersionMax = enabledNSSVersions.max;
+ PRUint16 NSSVersionMin = defaultNSSVersions.min;
+ PRUint16 NSSVersionMax = defaultNSSVersions.max;
char mymin[VERSION_STR_LENGTH], mymax[VERSION_STR_LENGTH];
- char newmax[VERSION_STR_LENGTH];
int allowweakcipher = CIPHER_SET_DEFAULTWEAKCIPHER;
int_fast16_t renegotiation = (int_fast16_t)SSL_RENEGOTIATE_REQUIRES_XTN;
@@ -1875,12 +1883,9 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
if (NSSVersionMin > NSSVersionMax) {
(void)slapi_getSSLVersion_str(NSSVersionMin, mymin, sizeof(mymin));
(void)slapi_getSSLVersion_str(NSSVersionMax, mymax, sizeof(mymax));
- slapd_SSL_warn("The min value of NSS version range \"%s\" is greater than the max value \"%s\".",
+ slapd_SSL_warn("The min value of NSS version range \"%s\" is greater than the max value \"%s\". Adjusting the max to match the miniumum.",
mymin, mymax);
- (void)slapi_getSSLVersion_str(enabledNSSVersions.max, newmax, sizeof(newmax));
- slapd_SSL_warn("Reset the max \"%s\" to supported max \"%s\".",
- mymax, newmax);
- NSSVersionMax = enabledNSSVersions.max;
+ NSSVersionMax = NSSVersionMin;
}
}
@@ -1896,7 +1901,7 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
if (sslStatus != SECSuccess) {
errorCode = PR_GetError();
slapd_SSL_error("Security Initialization - "
- "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)\n",
+ "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)",
mymin, mymax, errorCode, slapd_pr_strerror(errorCode));
}
/*
@@ -1926,13 +1931,13 @@ slapd_ssl_init2(PRFileDesc **fd, int startTLS)
(void)slapi_getSSLVersion_str(slapdNSSVersions.min, mymin, sizeof(mymin));
(void)slapi_getSSLVersion_str(slapdNSSVersions.max, mymax, sizeof(mymax));
slapd_SSL_error("Security Initialization - "
- "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)\n",
+ "slapd_ssl_init2 - Failed to set SSL range: min: %s, max: %s - error %d (%s)",
mymin, mymax, errorCode, slapd_pr_strerror(errorCode));
}
} else {
errorCode = PR_GetError();
slapd_SSL_error("Security Initialization - ",
- "slapd_ssl_init2 - Failed to get SSL range from socket - error %d (%s)\n",
+ "slapd_ssl_init2 - Failed to get SSL range from socket - error %d (%s)",
errorCode, slapd_pr_strerror(errorCode));
}
@@ -2265,7 +2270,7 @@ slapd_SSL_client_auth(LDAP *ld)
}
} else {
if (token == NULL) {
- slapd_SSL_warn("slapd_SSL_client_auth - certificate token was not found\n");
+ slapd_SSL_warn("slapd_SSL_client_auth - certificate token was not found");
}
rc = -1;
}
diff --git a/src/lib389/lib389/dirsrv_log.py b/src/lib389/lib389/dirsrv_log.py
index 7bed4bb..ab88720 100644
--- a/src/lib389/lib389/dirsrv_log.py
+++ b/src/lib389/lib389/dirsrv_log.py
@@ -207,7 +207,7 @@ class DirsrvAccessLog(DirsrvLog):
return {
'base': quoted_vals[0],
'filter': quoted_vals[1],
- 'timestamp': re.findall('\[(.*)\]', lines[0])[0],
+ 'timestamp': re.findall('[(.*)]', lines[0])[0],
'scope': lines[0].split(' scope=', 1)[1].split(' ',1)[0]
}
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 51086 - Fix instance name length for interactive install
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new e036c60 Issue 51086 - Fix instance name length for interactive install
e036c60 is described below
commit e036c609753d8d35e1a62480de59ca947981ea41
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Thu Jul 23 23:45:18 2020 +0200
Issue 51086 - Fix instance name length for interactive install
Description: Instance name lenght is not properly validated
during interactive install. Add a check during a user input.
https://pagure.io/389-ds-base/issue/51086
Reviewed by: mreynolds (Thanks!)
---
src/lib389/lib389/instance/setup.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lib389/lib389/instance/setup.py b/src/lib389/lib389/instance/setup.py
index fb2b2d9..e1862f0 100644
--- a/src/lib389/lib389/instance/setup.py
+++ b/src/lib389/lib389/instance/setup.py
@@ -308,6 +308,9 @@ class SetupDs(object):
val = input('\nEnter the instance name [{}]: '.format(slapd['instance_name'])).rstrip()
if val != "":
+ if len(val) > 80:
+ print("Server identifier should not be longer than 80 symbols")
+ continue
if not all(ord(c) < 128 for c in val):
print("Server identifier can not contain non ascii characters")
continue
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.2 updated: Issue 51086 - Fix instance name length for interactive install
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch 389-ds-base-1.4.2
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.2 by this push:
new f2dc78a Issue 51086 - Fix instance name length for interactive install
f2dc78a is described below
commit f2dc78ad620487fb5dcf2004cc5dbc75e2736a59
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Thu Jul 23 23:45:18 2020 +0200
Issue 51086 - Fix instance name length for interactive install
Description: Instance name lenght is not properly validated
during interactive install. Add a check during a user input.
https://pagure.io/389-ds-base/issue/51086
Reviewed by: mreynolds (Thanks!)
---
src/lib389/lib389/instance/setup.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lib389/lib389/instance/setup.py b/src/lib389/lib389/instance/setup.py
index d132247..f0a8857 100644
--- a/src/lib389/lib389/instance/setup.py
+++ b/src/lib389/lib389/instance/setup.py
@@ -307,6 +307,9 @@ class SetupDs(object):
val = input('\nEnter the instance name [{}]: '.format(slapd['instance_name'])).rstrip()
if val != "":
+ if len(val) > 80:
+ print("Server identifier should not be longer than 80 symbols")
+ continue
if not all(ord(c) < 128 for c in val):
print("Server identifier can not contain non ascii characters")
continue
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.1 updated: Issue 51086 - Fix instance name length for interactive install
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch 389-ds-base-1.4.1
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.1 by this push:
new a91592d Issue 51086 - Fix instance name length for interactive install
a91592d is described below
commit a91592d55a059ba127e14e2362f88b00f911fe97
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Thu Jul 23 23:45:18 2020 +0200
Issue 51086 - Fix instance name length for interactive install
Description: Instance name lenght is not properly validated
during interactive install. Add a check during a user input.
https://pagure.io/389-ds-base/issue/51086
Reviewed by: mreynolds (Thanks!)
---
src/lib389/lib389/instance/setup.py | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/lib389/lib389/instance/setup.py b/src/lib389/lib389/instance/setup.py
index 2aca136..5ef72d2 100644
--- a/src/lib389/lib389/instance/setup.py
+++ b/src/lib389/lib389/instance/setup.py
@@ -307,6 +307,9 @@ class SetupDs(object):
val = input('\nEnter the instance name [{}]: '.format(slapd['instance_name'])).rstrip()
if val != "":
+ if len(val) > 80:
+ print("Server identifier should not be longer than 80 symbols")
+ continue
if not all(ord(c) < 128 for c in val):
print("Server identifier can not contain non ascii characters")
continue
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.3 updated: Issue 51136 - JSON Error output has redundant messages
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch 389-ds-base-1.4.3
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.3 by this push:
new 7c08919 Issue 51136 - JSON Error output has redundant messages
7c08919 is described below
commit 7c089195fe28c83877a04aab8451634003811569
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Tue Jul 21 23:42:06 2020 +0200
Issue 51136 - JSON Error output has redundant messages
Bug Description: When we try to start an instance for which
'systemctl start' command has failed, it produces excessive
output which is not a clear JSON.
Fix Description: Redirect stderr to stdout as we don't need
the info in CLI. User needs to check logs if something went wrong.
Add a new-line character in the end of DS CLI tool's stderr.
Clean up React state processing for setServerID callback.
https://pagure.io/389-ds-base/issue/51136
Reviewed by: mreynolds (Thanks!)
---
src/cockpit/389-console/src/ds.jsx | 103 +++++++++++++++++++++----------------
src/lib389/cli/dsconf | 2 +-
src/lib389/cli/dscreate | 2 +-
src/lib389/cli/dsctl | 2 +-
src/lib389/cli/dsidm | 2 +-
src/lib389/lib389/__init__.py | 8 +--
6 files changed, 64 insertions(+), 55 deletions(-)
diff --git a/src/cockpit/389-console/src/ds.jsx b/src/cockpit/389-console/src/ds.jsx
index 691a6f2..1963c39 100644
--- a/src/cockpit/389-console/src/ds.jsx
+++ b/src/cockpit/389-console/src/ds.jsx
@@ -62,7 +62,7 @@ export class DSInstance extends React.Component {
backupRows: [],
notifications: [],
activeKey: 1,
- wasActiveList: [1],
+ wasActiveList: [],
progressValue: 0,
loadingOperate: false,
@@ -140,7 +140,8 @@ export class DSInstance extends React.Component {
this.updateProgress(25);
this.setState(
{
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: [this.state.activeKey]
},
() => {
this.loadBackups();
@@ -149,11 +150,13 @@ export class DSInstance extends React.Component {
if (action === "restart") {
this.setState(
{
- serverId: ""
+ serverId: "",
+ wasActiveList: []
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: [this.state.activeKey]
});
}
);
@@ -171,7 +174,8 @@ export class DSInstance extends React.Component {
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: []
});
}
);
@@ -186,7 +190,8 @@ export class DSInstance extends React.Component {
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: []
});
}
);
@@ -204,7 +209,8 @@ export class DSInstance extends React.Component {
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: []
});
}
);
@@ -220,51 +226,59 @@ export class DSInstance extends React.Component {
}
}));
}
- let cmd = ["dsctl", "-l", "-j"];
- log_cmd("loadInstanceList", "Load the instance list select", cmd);
- cockpit
- .spawn(cmd, { superuser: true })
- .done(data => {
- this.updateProgress(25);
- let myObject = JSON.parse(data);
- this.setState({
- instList: myObject.insts,
- loadingOperate: false
- });
- // Set default value for the inst select
- if (serverId !== undefined && serverId !== "") {
- this.setState({
- wasActiveList: [this.state.activeKey]
- });
- this.setServerId(serverId, action);
- } else {
- if (myObject.insts.length > 0) {
+ this.setState(
+ {
+ wasActiveList: []
+ },
+ () => {
+ let cmd = ["dsctl", "-l", "-j"];
+ log_cmd(
+ "loadInstanceList",
+ "Load the instance list select",
+ cmd
+ );
+ cockpit
+ .spawn(cmd, { superuser: true })
+ .done(data => {
+ this.updateProgress(25);
+ let myObject = JSON.parse(data);
this.setState({
- wasActiveList: [this.state.activeKey]
+ instList: myObject.insts,
+ loadingOperate: false
});
- this.setServerId(myObject.insts[0].replace("slapd-", ""), action);
- } else {
+ // Set default value for the inst select
+ if (serverId !== undefined && serverId !== "") {
+ this.setServerId(serverId, action);
+ } else {
+ if (myObject.insts.length > 0) {
+ this.setServerId(
+ myObject.insts[0].replace("slapd-", ""),
+ action
+ );
+ } else {
+ this.setState({
+ serverId: "",
+ pageLoadingState: {
+ state: "noInsts",
+ jsx: staticStates["noInsts"]
+ }
+ });
+ }
+ }
+ })
+ .fail(_ => {
this.setState({
+ instList: [],
serverId: "",
+ loadingOperate: false,
pageLoadingState: {
state: "noInsts",
jsx: staticStates["noInsts"]
}
});
- }
- }
- })
- .fail(_ => {
- this.setState({
- instList: [],
- serverId: "",
- loadingOperate: false,
- pageLoadingState: {
- state: "noInsts",
- jsx: staticStates["noInsts"]
- }
- });
- });
+ });
+ }
+ );
}
loadBackups() {
@@ -322,8 +336,7 @@ export class DSInstance extends React.Component {
handleServerIdChange(e) {
this.setState({
pageLoadingState: { state: "loading", jsx: "" },
- progressValue: 25,
- serverId: e.target.value
+ progressValue: 25
});
this.loadInstanceList(e.target.value);
}
diff --git a/src/lib389/cli/dsconf b/src/lib389/cli/dsconf
index 71fc2b6..befeaee 100755
--- a/src/lib389/cli/dsconf
+++ b/src/lib389/cli/dsconf
@@ -139,7 +139,7 @@ if __name__ == '__main__':
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dscreate b/src/lib389/cli/dscreate
index dc4c706..d6edcbd 100755
--- a/src/lib389/cli/dscreate
+++ b/src/lib389/cli/dscreate
@@ -80,7 +80,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dsctl b/src/lib389/cli/dsctl
index 21aabd1..fe9bc10 100755
--- a/src/lib389/cli/dsctl
+++ b/src/lib389/cli/dsctl
@@ -141,7 +141,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dsidm b/src/lib389/cli/dsidm
index ae38d14..bac02c3 100755
--- a/src/lib389/cli/dsidm
+++ b/src/lib389/cli/dsidm
@@ -134,7 +134,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/lib389/__init__.py b/src/lib389/lib389/__init__.py
index c3dc6f2..99ea9cc 100644
--- a/src/lib389/lib389/__init__.py
+++ b/src/lib389/lib389/__init__.py
@@ -1130,9 +1130,7 @@ class DirSrv(SimpleLDAPObject, object):
if self.with_systemd():
self.log.debug("systemd status -> True")
# Do systemd things here ...
- subprocess.check_call(["systemctl",
- "start",
- "dirsrv@%s" % self.serverid])
+ subprocess.check_output(["systemctl", "start", "dirsrv@%s" % self.serverid], stderr=subprocess.STDOUT)
else:
self.log.debug("systemd status -> False")
# Start the process.
@@ -1201,9 +1199,7 @@ class DirSrv(SimpleLDAPObject, object):
if self.with_systemd():
self.log.debug("systemd status -> True")
# Do systemd things here ...
- subprocess.check_call(["systemctl",
- "stop",
- "dirsrv@%s" % self.serverid])
+ subprocess.check_output(["systemctl", "stop", "dirsrv@%s" % self.serverid], stderr=subprocess.STDOUT)
else:
self.log.debug("systemd status -> False")
# TODO: Make the pid path in the files things
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0
[389-ds-base] branch 389-ds-base-1.4.2 updated: Issue 51136 - JSON Error output has redundant messages
by pagure@pagure.io
This is an automated email from the git hooks/post-receive script.
spichugi pushed a commit to branch 389-ds-base-1.4.2
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.4.2 by this push:
new d6ca851 Issue 51136 - JSON Error output has redundant messages
d6ca851 is described below
commit d6ca851eb8853ee5cf10ec28b7599c005f2af2a9
Author: Simon Pichugin <spichugi(a)redhat.com>
AuthorDate: Tue Jul 21 23:42:06 2020 +0200
Issue 51136 - JSON Error output has redundant messages
Bug Description: When we try to start an instance for which
'systemctl start' command has failed, it produces excessive
output which is not a clear JSON.
Fix Description: Redirect stderr to stdout as we don't need
the info in CLI. User needs to check logs if something went wrong.
Add a new-line character in the end of DS CLI tool's stderr.
Clean up React state processing for setServerID callback.
https://pagure.io/389-ds-base/issue/51136
Reviewed by: mreynolds (Thanks!)
---
src/cockpit/389-console/src/ds.jsx | 103 +++++++++++++++++++++----------------
src/lib389/cli/dsconf | 2 +-
src/lib389/cli/dscreate | 2 +-
src/lib389/cli/dsctl | 2 +-
src/lib389/cli/dsidm | 2 +-
src/lib389/lib389/__init__.py | 8 +--
6 files changed, 64 insertions(+), 55 deletions(-)
diff --git a/src/cockpit/389-console/src/ds.jsx b/src/cockpit/389-console/src/ds.jsx
index 691a6f2..1963c39 100644
--- a/src/cockpit/389-console/src/ds.jsx
+++ b/src/cockpit/389-console/src/ds.jsx
@@ -62,7 +62,7 @@ export class DSInstance extends React.Component {
backupRows: [],
notifications: [],
activeKey: 1,
- wasActiveList: [1],
+ wasActiveList: [],
progressValue: 0,
loadingOperate: false,
@@ -140,7 +140,8 @@ export class DSInstance extends React.Component {
this.updateProgress(25);
this.setState(
{
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: [this.state.activeKey]
},
() => {
this.loadBackups();
@@ -149,11 +150,13 @@ export class DSInstance extends React.Component {
if (action === "restart") {
this.setState(
{
- serverId: ""
+ serverId: "",
+ wasActiveList: []
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: [this.state.activeKey]
});
}
);
@@ -171,7 +174,8 @@ export class DSInstance extends React.Component {
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: []
});
}
);
@@ -186,7 +190,8 @@ export class DSInstance extends React.Component {
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: []
});
}
);
@@ -204,7 +209,8 @@ export class DSInstance extends React.Component {
},
() => {
this.setState({
- serverId: serverId
+ serverId: serverId,
+ wasActiveList: []
});
}
);
@@ -220,51 +226,59 @@ export class DSInstance extends React.Component {
}
}));
}
- let cmd = ["dsctl", "-l", "-j"];
- log_cmd("loadInstanceList", "Load the instance list select", cmd);
- cockpit
- .spawn(cmd, { superuser: true })
- .done(data => {
- this.updateProgress(25);
- let myObject = JSON.parse(data);
- this.setState({
- instList: myObject.insts,
- loadingOperate: false
- });
- // Set default value for the inst select
- if (serverId !== undefined && serverId !== "") {
- this.setState({
- wasActiveList: [this.state.activeKey]
- });
- this.setServerId(serverId, action);
- } else {
- if (myObject.insts.length > 0) {
+ this.setState(
+ {
+ wasActiveList: []
+ },
+ () => {
+ let cmd = ["dsctl", "-l", "-j"];
+ log_cmd(
+ "loadInstanceList",
+ "Load the instance list select",
+ cmd
+ );
+ cockpit
+ .spawn(cmd, { superuser: true })
+ .done(data => {
+ this.updateProgress(25);
+ let myObject = JSON.parse(data);
this.setState({
- wasActiveList: [this.state.activeKey]
+ instList: myObject.insts,
+ loadingOperate: false
});
- this.setServerId(myObject.insts[0].replace("slapd-", ""), action);
- } else {
+ // Set default value for the inst select
+ if (serverId !== undefined && serverId !== "") {
+ this.setServerId(serverId, action);
+ } else {
+ if (myObject.insts.length > 0) {
+ this.setServerId(
+ myObject.insts[0].replace("slapd-", ""),
+ action
+ );
+ } else {
+ this.setState({
+ serverId: "",
+ pageLoadingState: {
+ state: "noInsts",
+ jsx: staticStates["noInsts"]
+ }
+ });
+ }
+ }
+ })
+ .fail(_ => {
this.setState({
+ instList: [],
serverId: "",
+ loadingOperate: false,
pageLoadingState: {
state: "noInsts",
jsx: staticStates["noInsts"]
}
});
- }
- }
- })
- .fail(_ => {
- this.setState({
- instList: [],
- serverId: "",
- loadingOperate: false,
- pageLoadingState: {
- state: "noInsts",
- jsx: staticStates["noInsts"]
- }
- });
- });
+ });
+ }
+ );
}
loadBackups() {
@@ -322,8 +336,7 @@ export class DSInstance extends React.Component {
handleServerIdChange(e) {
this.setState({
pageLoadingState: { state: "loading", jsx: "" },
- progressValue: 25,
- serverId: e.target.value
+ progressValue: 25
});
this.loadInstanceList(e.target.value);
}
diff --git a/src/lib389/cli/dsconf b/src/lib389/cli/dsconf
index 71fc2b6..befeaee 100755
--- a/src/lib389/cli/dsconf
+++ b/src/lib389/cli/dsconf
@@ -139,7 +139,7 @@ if __name__ == '__main__':
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dscreate b/src/lib389/cli/dscreate
index dc4c706..d6edcbd 100755
--- a/src/lib389/cli/dscreate
+++ b/src/lib389/cli/dscreate
@@ -80,7 +80,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args and args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dsctl b/src/lib389/cli/dsctl
index 758c7ca..d210af9 100755
--- a/src/lib389/cli/dsctl
+++ b/src/lib389/cli/dsctl
@@ -141,7 +141,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/cli/dsidm b/src/lib389/cli/dsidm
index ae38d14..bac02c3 100755
--- a/src/lib389/cli/dsidm
+++ b/src/lib389/cli/dsidm
@@ -134,7 +134,7 @@ if __name__ == '__main__':
log.debug(e, exc_info=True)
msg = format_error_to_dict(e)
if args.json:
- sys.stderr.write(json.dumps(msg, indent=4))
+ sys.stderr.write(f"{json.dumps(msg, indent=4)}\n")
else:
log.error("Error: %s" % " - ".join(str(val) for val in msg.values()))
result = False
diff --git a/src/lib389/lib389/__init__.py b/src/lib389/lib389/__init__.py
index a233788..030fb75 100644
--- a/src/lib389/lib389/__init__.py
+++ b/src/lib389/lib389/__init__.py
@@ -1124,9 +1124,7 @@ class DirSrv(SimpleLDAPObject, object):
if self.with_systemd():
self.log.debug("systemd status -> True")
# Do systemd things here ...
- subprocess.check_call(["systemctl",
- "start",
- "dirsrv@%s" % self.serverid])
+ subprocess.check_output(["systemctl", "start", "dirsrv@%s" % self.serverid], stderr=subprocess.STDOUT)
else:
self.log.debug("systemd status -> False")
# Start the process.
@@ -1190,9 +1188,7 @@ class DirSrv(SimpleLDAPObject, object):
if self.with_systemd():
self.log.debug("systemd status -> True")
# Do systemd things here ...
- subprocess.check_call(["systemctl",
- "stop",
- "dirsrv@%s" % self.serverid])
+ subprocess.check_output(["systemctl", "stop", "dirsrv@%s" % self.serverid], stderr=subprocess.STDOUT)
else:
self.log.debug("systemd status -> False")
# TODO: Make the pid path in the files things
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
3 years, 4 months
- 1
- 0