9:19 a.m.
ldap/admin/src/logconv.pl | 2
ldap/servers/slapd/backend.c | 27 +++-
ldap/servers/slapd/slapi-plugin.h | 2
lib/libaccess/oneeval.cpp | 249 ++++++++++++++++++--------------------
4 files changed, 147 insertions(+), 133 deletions(-)
New commits:
commit 13dd9625b01d820526d7187e524669ee83edfe62
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Tue Oct 8 13:59:59 2013 -0600
ticket #47550 wip
(cherry picked from commit 82377636267787be5182457d619d5a0b662d2658)
(cherry picked from commit 181fde98aee96868189bc5557c5f33fefa026952)
diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
index 8b423ca..e7d7507 100755
--- a/ldap/admin/src/logconv.pl
+++ b/ldap/admin/src/logconv.pl
@@ -1911,7 +1911,7 @@ sub parseLineNormal
elsif (m/- U1/){ $hashes->{rsrc}->{"U1"}++; }
else { $hashes->{rsrc}->{"other"}++; }
}
- if ($usage =~ /g/ || $usage =~ /c/ || $usage =~ /i/ || $verb eq "yes"){
+ if ($usage =~ /g/ || $usage =~ /c/ || $usage =~ /i/ || $usage =~ /f/ || $verb eq
"yes"){
$exc = "no";
if ($_ =~ /connection from *([0-9A-fa-f\.\:]+)/i ) {
for (my $xxx = 0; $xxx < $#excludeIP; $xxx++){
commit 21dccd37e7883ff3b9ace01350e3123dc42b3b82
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Tue Jun 25 10:38:26 2013 -0400
Coverity Fixes
13177 - Unreachable code (backend.c)
13175 - Resource leak (repl5_ruv.c)
Did code cleanup in libaccess/oneval.cpp before I do the fix for 13176(resource
leak).
This is will be a separate commit.
https://bugzilla.redhat.com/show_bug.cgi?id=970221
Reviewed by: richm(Thanks!)
(cherry picked from commit 6e07f4df6c1963f40368d0ae17e0775aa33362af)
removed the repl5_ruv.c changes because they do not apply to 1.3.1
diff --git a/ldap/servers/slapd/backend.c b/ldap/servers/slapd/backend.c
index ead251e..8a72b13 100644
--- a/ldap/servers/slapd/backend.c
+++ b/ldap/servers/slapd/backend.c
@@ -669,7 +669,6 @@ slapi_back_transaction_commit(Slapi_PBlock *pb)
} else {
return txn_commit(pb);
}
- return txn_commit(pb);
}
/* API to expose DB transaction abort */
diff --git a/lib/libaccess/oneeval.cpp b/lib/libaccess/oneeval.cpp
index fbaa6d8..8077969 100644
--- a/lib/libaccess/oneeval.cpp
+++ b/lib/libaccess/oneeval.cpp
@@ -358,8 +358,8 @@ ACLEvalBuildContext(
/* Allocate the cache context and link it into the ACLListHandle */
cache = (ACLListCache_t *)PERM_CALLOC(sizeof(ACLListCache_t));
if (cache == NULL) {
- nserrGenerate(errp, ACLERRNOMEM, ACLERR4010, ACL_Program, 0);
- goto error;
+ nserrGenerate(errp, ACLERRNOMEM, ACLERR4010, ACL_Program, 0);
+ goto error;
}
/* Allocate the access rights hash table */
@@ -371,9 +371,9 @@ ACLEvalBuildContext(
NULL);
if (cache->Table == NULL) {
- nserrGenerate(errp, ACLERRNOMEM, ACLERR4000, ACL_Program, 1,
- XP_GetAdminStr(DBT_EvalBuildContextUnableToCreateHash));
- goto error;
+ nserrGenerate(errp, ACLERRNOMEM, ACLERR4000, ACL_Program, 1,
+ XP_GetAdminStr(DBT_EvalBuildContextUnableToCreateHash));
+ goto error;
}
wrapper = acleval->acllist->acl_list_head;
@@ -395,162 +395,159 @@ ACLEvalBuildContext(
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAceEntry));
goto error;
}
- new_ace->acep = ace;
+ new_ace->acep = ace;
ace_cnt++;
if (cache->acelist == NULL)
- cache->acelist = acelast = new_ace;
+ cache->acelist = acelast = new_ace;
else {
if(acelast)
- acelast->next = new_ace;
- acelast = new_ace;
- new_ace->acep = ace;
+ acelast->next = new_ace;
+ acelast = new_ace;
+ new_ace->acep = ace;
}
- new_ace->next = NULL;
+ new_ace->next = NULL;
- argp = ace->expr_argv;
+ argp = ace->expr_argv;
- switch (ace->expr_type)
- {
- case ACL_EXPR_TYPE_ALLOW:
- case ACL_EXPR_TYPE_DENY:
-
- /* Add this ACE to the appropriate entries in the access rights
- * hash table
- */
- while (*argp)
- {
- entry =
- (ACLAceNumEntry_t *)PERM_CALLOC(sizeof(ACLAceNumEntry_t));
- if (entry == (ACLAceNumEntry_t *)NULL) {
- nserrGenerate(errp, ACLERRNOMEM, ACLERR4030, ACL_Program, 1,
-
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAceEntry));
- goto error;
- }
- if (cache->chain_head == NULL)
- cache->chain_head = cache->chain_tail = entry;
- else {
- cache->chain_tail->chain = entry;
- cache->chain_tail = entry;
+ switch (ace->expr_type)
+ {
+ case ACL_EXPR_TYPE_ALLOW:
+ case ACL_EXPR_TYPE_DENY:
+
+ /* Add this ACE to the appropriate entries in the access rights
+ * hash table
+ */
+ while (*argp)
+ {
+ entry = (ACLAceNumEntry_t
*)PERM_CALLOC(sizeof(ACLAceNumEntry_t));
+ if (entry == (ACLAceNumEntry_t *)NULL) {
+ nserrGenerate(errp, ACLERRNOMEM, ACLERR4030, ACL_Program, 1,
+
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAceEntry));
+ goto error;
+ }
+ if (cache->chain_head == NULL)
+ cache->chain_head = cache->chain_tail = entry;
+ else {
+ cache->chain_tail->chain = entry;
+ cache->chain_tail = entry;
+ }
+ entry->acenum = ace_cnt;
+
+ /*
+ * OK to call PL_HasTableLookup() even though it mods
+ * the Table as this routine is called in critical section.
+ */
+ temp_entry = (ACLAceNumEntry_t
*)PL_HashTableLookup(cache->Table, *argp);
+ /* the first ACE for this right? */
+ if (temp_entry) {
+ /* Link it in at the end */
+ while (temp_entry->next) {
+ temp_entry = temp_entry->next;
+ }
+ temp_entry->next = entry;
+ } else /* just link it in */
+ PR_HashTableAdd(cache->Table, *argp, entry);
+ argp++;
}
- entry->acenum = ace_cnt;
-
- /*
- * OK to call PL_HasTableLookup() even though it mods
- * the Table as this routine is called in critical section.
- */
- temp_entry = (ACLAceNumEntry_t *)PL_HashTableLookup(cache->Table, *argp);
- /* the first ACE for this right? */
- if (temp_entry) {
- /* Link it in at the end */
- while (temp_entry->next) {
- temp_entry = temp_entry->next;
- }
- temp_entry->next = entry;
- } else /* just link it in */
- PR_HashTableAdd(cache->Table, *argp, entry);
-
- argp++;
- }
-
- /* See if any of the clauses require authentication. */
- if (curauthplist) {
- for (i = 0; i < ace->expr_term_index; i++) {
- expr = &ace->expr_arry[i];
- rv = PListFindValue(curauthplist, expr->attr_name,
- NULL, &authplist);
- if (rv > 0) {
- /* First one for this ACE? */
- if (!new_ace->autharray) {
- new_ace->autharray = (PList_t
*)PERM_CALLOC(sizeof(PList_t) * ace->expr_term_index);
+ /* See if any of the clauses require authentication. */
+ if (curauthplist) {
+ for (i = 0; i < ace->expr_term_index; i++) {
+ expr = &ace->expr_arry[i];
+ rv = PListFindValue(curauthplist, expr->attr_name,
+ NULL, &authplist);
+ if (rv > 0) {
+ /* First one for this ACE? */
if (!new_ace->autharray) {
- nserrGenerate(errp, ACLERRNOMEM, ACLERR4040, ACL_Program, 1,
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPointerArray));
- goto error;
- }
- }
- new_ace->autharray[i] = authplist;
- }
- }
- }
- break;
-
- case ACL_EXPR_TYPE_AUTH:
+ new_ace->autharray = (PList_t
*)PERM_CALLOC(sizeof(PList_t) * ace->expr_term_index);
+ if (!new_ace->autharray) {
+ nserrGenerate(errp, ACLERRNOMEM, ACLERR4040,
ACL_Program, 1,
+
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPointerArray));
+ goto error;
+ }
+ }
+ new_ace->autharray[i] = authplist;
+ }
+ }
+ }
+ break;
- /* Allocate the running auth tables if none yet */
- if (!curauthplist) {
- curauthplist = PListNew(NULL);
- if (!curauthplist) {
- nserrGenerate(errp, ACLERRNOMEM, ACLERR4050, ACL_Program, 1,
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPlist));
- goto error;
- }
- absauthplist = PListNew(NULL);
- if (!absauthplist) {
- nserrGenerate(errp, ACLERRNOMEM, ACLERR4050, ACL_Program, 1,
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPlist));
- goto error;
- }
- } else { /* duplicate the existing auth table */
- curauthplist = PListDuplicate(curauthplist, NULL, 0);
- if (!curauthplist) {
- nserrGenerate(errp, ACLERRNOMEM, ACLERR4050, ACL_Program, 1,
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPlist));
- goto error;
- }
- }
+ case ACL_EXPR_TYPE_AUTH:
+
+ /* Allocate the running auth tables if none yet */
+ if (!curauthplist) {
+ curauthplist = PListNew(NULL);
+ if (!curauthplist) {
+ nserrGenerate(errp, ACLERRNOMEM, ACLERR4050, ACL_Program, 1,
+
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPlist));
+ goto error;
+ }
+ absauthplist = PListNew(NULL);
+ if (!absauthplist) {
+ nserrGenerate(errp, ACLERRNOMEM, ACLERR4050, ACL_Program, 1,
+
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPlist));
+ goto error;
+ }
+ } else { /* duplicate the existing auth table */
+ curauthplist = PListDuplicate(curauthplist, NULL, 0);
+ if (!curauthplist) {
+ nserrGenerate(errp, ACLERRNOMEM, ACLERR4050, ACL_Program, 1,
+
XP_GetAdminStr(DBT_EvalBuildContextUnableToAllocAuthPlist));
+ goto error;
+ }
+ }
- /* For each listed attribute */
- while (*argp)
- {
- /* skip any attributes that were absoluted */
- if (PListFindValue(absauthplist, *argp, NULL, NULL) < 0)
- {
- /* Save pointer to the property list */
- PListInitProp(curauthplist, 0, *argp, ace->expr_auth,
- ace->expr_auth);
- if (IS_ABSOLUTE(ace->expr_flags))
- PListInitProp(absauthplist, 0, *argp, NULL,
- NULL);
- }
+ /* For each listed attribute */
+ while (*argp) {
+ /* skip any attributes that were absoluted */
+ if (PListFindValue(absauthplist, *argp, NULL, NULL) < 0){
+ /* Save pointer to the property list */
+ PListInitProp(curauthplist, 0, *argp, ace->expr_auth,
ace->expr_auth);
+ if (IS_ABSOLUTE(ace->expr_flags))
+ PListInitProp(absauthplist, 0, *argp, NULL, NULL);
+ }
+ argp++;
+ }
- argp++;
- }
+ break;
- break;
+ case ACL_EXPR_TYPE_RESPONSE:
+ (void) ACL_ExprGetDenyWith(NULL, ace, &cache->deny_type,
+ &cache->deny_response);
+ break;
- case ACL_EXPR_TYPE_RESPONSE:
- (void) ACL_ExprGetDenyWith(NULL, ace, &cache->deny_type,
- &cache->deny_response);
- break;
+ default:
+ PR_ASSERT(0);
- default:
- PR_ASSERT(0);
-
- } /* switch expr_type */
+ } /* switch expr_type */
- new_ace->global_auth = curauthplist;
- ace = ace->expr_next;
- }
+ new_ace->global_auth = curauthplist;
+ ace = ace->expr_next;
+ } /* while (ace) */
- /* Next ACL please */
+ /* Next ACL please */
wrapper = wrapper->wrap_next;
}
if (absauthplist)
- PListDestroy(absauthplist);
+ PListDestroy(absauthplist);
/* This must be done last to avoid a race in initialization */
- acleval->acllist->cache = (void *)cache;
+ acleval->acllist->cache = (void *)cache;
return 0;
error:
if (curauthplist)
- PListDestroy(curauthplist);
+ PListDestroy(curauthplist);
if (absauthplist)
- PListDestroy(absauthplist);
+ PListDestroy(absauthplist);
if (cache) {
ACL_EvalDestroyContext(cache);
}
acleval->acllist->cache = NULL;
+
return ACL_RES_ERROR;
}
commit badcb1ac60bfb4c54fe264088a3c730b2ce2ac11
Author: Mark Reynolds <mreynolds(a)redhat.com>
Date: Fri Jun 21 10:47:09 2013 -0400
Ticket 47329 - Improve slapi_back_transaction_begin() return code when transactions
are not available
Bug Description: The slapi_back_transaction_begin() function needs it's
return codes
to be changed to be more friendly for plug-in writers when
transactions are not available.
Fix Description: Added new error code SLAPI_BACK_TRANSACTION_NOT_SUPPORTED, and
updated the slapi_plugin.h
https://fedorahosted.org/389/ticket/47329
Reviewed by: Noriko, Ludwig, and Rich(Thanks!!!)
(cherry picked from commit 8879ed2efa48e96f2b920a3ab83036b07e3b3ae4)
diff --git a/ldap/servers/slapd/backend.c b/ldap/servers/slapd/backend.c
index ad253f1..ead251e 100644
--- a/ldap/servers/slapd/backend.c
+++ b/ldap/servers/slapd/backend.c
@@ -648,8 +648,13 @@ int
slapi_back_transaction_begin(Slapi_PBlock *pb)
{
IFP txn_begin;
- slapi_pblock_get(pb, SLAPI_PLUGIN_DB_BEGIN_FN, (void*)&txn_begin);
- return txn_begin(pb);
+ if(slapi_pblock_get(pb, SLAPI_PLUGIN_DB_BEGIN_FN, (void*)&txn_begin) ||
+ !txn_begin)
+ {
+ return SLAPI_BACK_TRANSACTION_NOT_SUPPORTED;
+ } else {
+ return txn_begin(pb);
+ }
}
/* API to expose DB transaction commit */
@@ -657,7 +662,13 @@ int
slapi_back_transaction_commit(Slapi_PBlock *pb)
{
IFP txn_commit;
- slapi_pblock_get(pb, SLAPI_PLUGIN_DB_COMMIT_FN, (void*)&txn_commit);
+ if(slapi_pblock_get(pb, SLAPI_PLUGIN_DB_COMMIT_FN, (void*)&txn_commit) ||
+ !txn_commit)
+ {
+ return SLAPI_BACK_TRANSACTION_NOT_SUPPORTED;
+ } else {
+ return txn_commit(pb);
+ }
return txn_commit(pb);
}
@@ -666,6 +677,11 @@ int
slapi_back_transaction_abort(Slapi_PBlock *pb)
{
IFP txn_abort;
- slapi_pblock_get(pb, SLAPI_PLUGIN_DB_ABORT_FN, (void*)&txn_abort);
- return txn_abort(pb);
+ if(slapi_pblock_get(pb, SLAPI_PLUGIN_DB_ABORT_FN, (void*)&txn_abort) ||
+ !txn_abort)
+ {
+ return SLAPI_BACK_TRANSACTION_NOT_SUPPORTED;
+ } else {
+ return txn_abort(pb);
+ }
}
diff --git a/ldap/servers/slapd/slapi-plugin.h b/ldap/servers/slapd/slapi-plugin.h
index 26a3a44..0b2fab8 100644
--- a/ldap/servers/slapd/slapi-plugin.h
+++ b/ldap/servers/slapd/slapi-plugin.h
@@ -6123,6 +6123,7 @@ const char * slapi_be_gettype(Slapi_Backend *be);
*
* \param pb Pblock which is supposed to set (Slapi_Backend *) to SLAPI_BACKEND
* \return 0 if successful
+ * \return SLAPI_BACK_TRANSACTION_NOT_SUPPORTED if transaction support is not available
for this backend
* \return Non-zero if an error occurred
*
* \see slapi_back_transaction_commit
@@ -6960,6 +6961,7 @@ typedef struct slapi_plugindesc {
#define SLAPI_PARENT_TXN 190
#define SLAPI_TXN 191
#define SLAPI_TXN_RUV_MODS_FN 1901
+#define SLAPI_BACK_TRANSACTION_NOT_SUPPORTED 1902
/*
* The following are used to pass information back and forth
2321
days inactive
2321
days old
389-commits@lists.fedoraproject.org
0 comments
1 participants
participants (1)
-
Richard Allen Megginson