Projects
Kolab:3.4
389-ds-base
Log In
Username
Password
We truncated the diff of some files because they were too big. If you want to see the full diff for every file,
click here
.
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 9
View file
389-ds-base.changes
Changed
@@ -1,4 +1,14 @@ ------------------------------------------------------------------- +Wed Aug 20 09:25:42 UTC 2014 - aj@ajaissle.de + +- New upstream release 1.2.11.30 + +------------------------------------------------------------------- +Wed Aug 20 09:13:42 UTC 2014 - aj@ajaissle.de + +- Spec cleanup + +------------------------------------------------------------------- Wed May 14 14:08:16 UTC 2014 - aj@ajaissle.de - New upstream release 1.2.11.29
View file
389-ds-base.spec
Changed
@@ -24,7 +24,7 @@ Name: 389-ds-base Summary: 389 Directory Server -Version: 1.2.11.29 +Version: 1.2.11.30 Release: 0 Group: Productivity/Networking/LDAP/Servers @@ -32,7 +32,7 @@ Url: http://port389.org/ #DL-URL: http://port389.org/wiki/Source #Git-Clone: git://git.fedorahosted.org/389/ds -Source: %{name}-%{version}.tar.bz2 +Source: http://port389.org/sources/%{name}-%{version}.tar.bz2 # Patch1: Make init scripts LSB conform Patch1: 389-ds-base-1.2.11.15_dirsrv_init.patch # Patch2: Fix Kolab bug 2229 @@ -66,7 +66,6 @@ %endif BuildRoot: %{_tmppath}/%{name}-%{version}-build -Requires: 389-admin Requires: perl-Mozilla-LDAP %if %{?with_systemd} == 0 @@ -83,11 +82,10 @@ Requires(post): fillup %endif -%if 0%{?suse_version} -Suggests: 389-ds-console -%endif +Obsoletes: 389-ds < %{version} +Provides: 389-ds = %{version} -Provides: 389-ds +Recommends: 389-admin %description 389 Directory Server is a full-featured LDAPv3 compliant server. In @@ -116,7 +114,7 @@ %prep %setup -q -%patch -P 1 -p 0 +%patch1 -p 0 %build # openldap has no pkgconfig file; because of that, 389-ds will prefer @@ -139,7 +137,7 @@ %if %{?with_systemd} == 1 # systemd directory used for instances created with setup -mkdir -p %{buildroot}/%{_sysconfdir}/systemd/system/dirsrv.target.wants +%{__install} -d %{buildroot}%{_unitdir}/dirsrv.target.wants %endif %if 0%{?suse_version} @@ -202,7 +200,6 @@ %endif %if %{?with_systemd} == 1 %{_unitdir}/dirsrv* -%dir %{_sysconfdir}/systemd/system/dirsrv.target.wants %else %{_initddir}/* %endif
View file
389-ds-base-1.2.11.29.tar.bz2/VERSION.sh -> 389-ds-base-1.2.11.30.tar.bz2/VERSION.sh
Changed
@@ -10,7 +10,7 @@ # PACKAGE_VERSION is constructed from these VERSION_MAJOR=1 VERSION_MINOR=2 -VERSION_MAINT=11.29 +VERSION_MAINT=11.30 # if this is a PRERELEASE, set VERSION_PREREL # otherwise, comment it out # be sure to include the dot prefix in the prerel
View file
389-ds-base-1.2.11.30.tar.bz2/dirsrvtests
Added
+(directory)
View file
389-ds-base-1.2.11.30.tar.bz2/dirsrvtests/tickets
Added
+(directory)
View file
389-ds-base-1.2.11.30.tar.bz2/dirsrvtests/tickets/ticket47787_test.py
Added
@@ -0,0 +1,630 @@ +''' +Created on April 14, 2014 + +@author: tbordaz +''' +import os +import sys +import time +import ldap +import logging +import socket +import time +import logging +import pytest +import re +from lib389 import DirSrv, Entry, tools, NoSuchEntryError +from lib389.tools import DirSrvTools +from lib389._constants import * +from lib389.properties import * +from constants import * +from lib389._constants import REPLICAROLE_MASTER + +logging.getLogger(__name__).setLevel(logging.DEBUG) +log = logging.getLogger(__name__) + +# +# important part. We can deploy Master1 and Master2 on different versions +# +installation1_prefix = None +installation2_prefix = None + +# set this flag to False so that it will assert on failure _status_entry_both_server +DEBUG_FLAG = False + +TEST_REPL_DN = "cn=test_repl, %s" % SUFFIX + +STAGING_CN = "staged user" +PRODUCTION_CN = "accounts" +EXCEPT_CN = "excepts" + +STAGING_DN = "cn=%s,%s" % (STAGING_CN, SUFFIX) +PRODUCTION_DN = "cn=%s,%s" % (PRODUCTION_CN, SUFFIX) +PROD_EXCEPT_DN = "cn=%s,%s" % (EXCEPT_CN, PRODUCTION_DN) + +STAGING_PATTERN = "cn=%s*,%s" % (STAGING_CN[:2], SUFFIX) +PRODUCTION_PATTERN = "cn=%s*,%s" % (PRODUCTION_CN[:2], SUFFIX) +BAD_STAGING_PATTERN = "cn=bad*,%s" % (SUFFIX) +BAD_PRODUCTION_PATTERN = "cn=bad*,%s" % (SUFFIX) + +BIND_CN = "bind_entry" +BIND_DN = "cn=%s,%s" % (BIND_CN, SUFFIX) +BIND_PW = "password" + +NEW_ACCOUNT = "new_account" +MAX_ACCOUNTS = 20 + +CONFIG_MODDN_ACI_ATTR = "nsslapd-moddn-aci" + +class TopologyMaster1Master2(object): + def __init__(self, master1, master2): + master1.open() + self.master1 = master1 + + master2.open() + self.master2 = master2 + + +@pytest.fixture(scope="module") +def topology(request): + ''' + This fixture is used to create a replicated topology for the 'module'. + The replicated topology is MASTER1 <-> Master2. + At the beginning, It may exists a master2 instance and/or a master2 instance. + It may also exists a backup for the master1 and/or the master2. + + Principle: + If master1 instance exists: + restart it + If master2 instance exists: + restart it + If backup of master1 AND backup of master2 exists: + create or rebind to master1 + create or rebind to master2 + + restore master1 from backup + restore master2 from backup + else: + Cleanup everything + remove instances + remove backups + Create instances + Initialize replication + Create backups + ''' + global installation1_prefix + global installation2_prefix + + # allocate master1 on a given deployement + master1 = DirSrv(verbose=False) + if installation1_prefix: + args_instance[SER_DEPLOYED_DIR] = installation1_prefix + + # Args for the master1 instance + args_instance[SER_HOST] = HOST_MASTER_1 + args_instance[SER_PORT] = PORT_MASTER_1 + args_instance[SER_SERVERID_PROP] = SERVERID_MASTER_1 + args_master = args_instance.copy() + master1.allocate(args_master) + + # allocate master1 on a given deployement + master2 = DirSrv(verbose=False) + if installation2_prefix: + args_instance[SER_DEPLOYED_DIR] = installation2_prefix + + # Args for the consumer instance + args_instance[SER_HOST] = HOST_MASTER_2 + args_instance[SER_PORT] = PORT_MASTER_2 + args_instance[SER_SERVERID_PROP] = SERVERID_MASTER_2 + args_master = args_instance.copy() + master2.allocate(args_master) + + + # Get the status of the backups + backup_master1 = master1.checkBackupFS() + backup_master2 = master2.checkBackupFS() + + # Get the status of the instance and restart it if it exists + instance_master1 = master1.exists() + if instance_master1: + master1.stop(timeout=10) + master1.start(timeout=10) + + instance_master2 = master2.exists() + if instance_master2: + master2.stop(timeout=10) + master2.start(timeout=10) + + if backup_master1 and backup_master2: + # The backups exist, assuming they are correct + # we just re-init the instances with them + if not instance_master1: + master1.create() + # Used to retrieve configuration information (dbdir, confdir...) + master1.open() + + if not instance_master2: + master2.create() + # Used to retrieve configuration information (dbdir, confdir...) + master2.open() + + # restore master1 from backup + master1.stop(timeout=10) + master1.restoreFS(backup_master1) + master1.start(timeout=10) + + # restore master2 from backup + master2.stop(timeout=10) + master2.restoreFS(backup_master2) + master2.start(timeout=10) + else: + # We should be here only in two conditions + # - This is the first time a test involve master-consumer + # so we need to create everything + # - Something weird happened (instance/backup destroyed) + # so we discard everything and recreate all + + # Remove all the backups. So even if we have a specific backup file + # (e.g backup_master) we clear all backups that an instance my have created + if backup_master1: + master1.clearBackupFS() + if backup_master2: + master2.clearBackupFS() + + # Remove all the instances + if instance_master1: + master1.delete() + if instance_master2: + master2.delete() + + # Create the instances + master1.create() + master1.open() + master2.create() + master2.open() + + # + # Now prepare the Master-Consumer topology + # + # First Enable replication + master1.replica.enableReplication(suffix=SUFFIX, role=REPLICAROLE_MASTER, replicaId=REPLICAID_MASTER_1) + master2.replica.enableReplication(suffix=SUFFIX, role=REPLICAROLE_MASTER, replicaId=REPLICAID_MASTER_2) + + # Initialize the supplier->consumer + + properties = {RA_NAME: r'meTo_$host:$port', + RA_BINDDN: defaultProperties[REPLICATION_BIND_DN], + RA_BINDPW: defaultProperties[REPLICATION_BIND_PW], + RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD], + RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/admin/src/logconv.pl -> 389-ds-base-1.2.11.30.tar.bz2/ldap/admin/src/logconv.pl
Changed
@@ -56,7 +56,7 @@ Getopt::Long::Configure ("permute"); if ($#ARGV < 0){; -&displayUsage; + &displayUsage; } ####################################### @@ -78,8 +78,8 @@ my $startTLSoid = "1.3.6.1.4.1.1466.20037"; my @statnames=qw(last last_str results srch add mod modrdn moddn cmp del abandon conns sslconns bind anonbind unbind notesA notesU etime); -my $s_stats = new_stats_block( ); -my $m_stats = new_stats_block( ); +my $s_stats; +my $m_stats; my $verb = "no"; my @excludeIP; my $xi = 0; @@ -99,7 +99,6 @@ my @vlvconn; my @vlvop; my @fds; -my $fdds = 0; my $reportBinds = "no"; my $rootDN = ""; my $needCleanup = 0; @@ -196,8 +195,8 @@ # # ####################################### -print "\nAccess Log Analyzer $logversion\n"; -print "\nCommand: logconv.pl @ARGV\n\n"; +print "Access Log Analyzer $logversion\n"; +print "Command: logconv.pl @ARGV\n"; my $rootDNBindCount = 0; my $anonymousBindCount = 0; @@ -392,41 +391,49 @@ ########################################## if ($files[$#files] =~ m/access.rotationinfo/) { $file_count--; } +$logCount = $file_count; + +print "Processing $logCount Access Log(s)...\n"; -print "Processing $file_count Access Log(s)...\n\n"; #print "Filename\t\t\t Total Lines\n"; #print "--------------------------------------------------\n"; my $skipFirstFile = 0; -if ($file_count > 1 && $files[0] =~ /\/access$/){ - $files[$file_count] = $files[0]; - $file_count++; - $skipFirstFile = 1; +if ($logCount > 1 && $files[0] =~ /\/access$/){ + $files[$logCount] = $files[0]; + $skipFirstFile = 1; + $file_count++; } -$logCount = $file_count; + my $logline; my $totalLineCount = 0; for (my $count=0; $count < $file_count; $count++){ # we moved access to the end of the list, so if its the first file skip it - if($file_count > 1 && $count == 0 && $skipFirstFile == 1){ - next; - } - $linesProcessed = 0; $lineBlockCount = 0; + if($logCount > 1 && $count == 0 && $skipFirstFile == 1){ + next; + } + $linesProcessed = 0; $lineBlockCount = 0; + my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$atime,$mtime,$ctime,$blksize,$blocks); + ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$cursize, + $atime,$mtime,$ctime,$blksize,$blocks) = stat($files[$count]); + print sprintf "[%03d] %-30s\tsize (bytes): %12s\n",$logCount, $files[$count], $cursize; $logCount--; - my $logCountStr; + if ($cursize == 0){ + # access log is empty + print "Skipping empty access log ($files[$count])...\n"; + next; + } + + my $logCountStr; if($logCount < 10 ){ # add a zero for formatting purposes $logCountStr = "0" . $logCount; } else { $logCountStr = $logCount; } - my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$atime,$mtime,$ctime,$blksize,$blocks); - ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$cursize, - $atime,$mtime,$ctime,$blksize,$blocks) = stat($files[$count]); - print sprintf "[%s] %-30s\tsize (bytes): %12s\n",$logCountStr, $files[$count], $cursize; open(LOG,"$files[$count]") or do { openFailed($!, $files[$count]) }; my $firstline = "yes"; @@ -452,7 +459,12 @@ print_stats_block( $s_stats ); print_stats_block( $m_stats ); $totalLineCount = $totalLineCount + $linesProcessed; - statusreport(); + statusreport(); +} + +if ($totalLineCount eq "0"){ + print "There was no logging to process, exiting...\n"; + exit 1; } print "\n\nTotal Log Lines Analysed: " . ($totalLineCount - 1) . "\n"; @@ -599,6 +611,12 @@ &displayBindReport(); } +if($reportStats ne ""){ + # No need to print the general report, so exit here + removeDataFiles(); + exit (0); +} + # # Continue with standard report # @@ -1353,9 +1371,9 @@ # We're done, clean up the data files # removeDataFiles(); - exit (0); + ####################### # # # Display Usage # @@ -1366,7 +1384,7 @@ print "Usage:\n\n"; - print " ./logconv.pl [-h] [-d|--rootdn <rootDN>] [-s|--sizeLimit <size limit>] [-v|verison] [-Vi|verbose]\n"; + print " ./logconv.pl [-h] [-d|--rootdn <rootDN>] [-s|--sizeLimit <size limit>] [-v|verison] [-V|verbose]\n"; print " [-S|--startTime <start time>] [-E|--endTime <end time>] \n"; print " [-efcibaltnxrgjuyp] [ access log ... ... ]\n\n"; @@ -1511,7 +1529,11 @@ $bindReport{$dn}{"failedBind"} = 0; } if ($_ =~ /conn= *([0-9A-Z]+)/i) { - $bindReport{$dn}{"conn"} = $bindReport{$dn}{"conn"} . " $1 "; + if($bindReport{$dn}{"conn"}){ + $bindReport{$dn}{"conn"} = $bindReport{$dn}{"conn"} . " $1 "; + } else { + $bindReport{$dn}{"conn"} = $1; + } } return; } @@ -1632,7 +1654,7 @@ # Additional performance stats my ($time, $tzone) = split (' ', $_); - if (($reportStats or ($verb eq "yes") || ($usage =~ /y/)) && (!defined($last_tm) or ($time ne $last_tm))) + if (($reportStats || ($verb eq "yes") || ($usage =~ /y/)) && (!defined($last_tm) or ($time ne $last_tm))) { $last_tm = $time; $time =~ s/\[//; @@ -1672,12 +1694,16 @@ if($reportStats){ inc_stats('srch',$s_stats,$m_stats); } if ($_ =~ / attrs=\"(.*)\"/i){ $anyAttrs++; - my $attr = $hashes->{attr}; - map { $attr->{$_}++ } split /\s/, $1; + if ($usage =~ /r/i || $verb eq "yes"){ + my $attr = $hashes->{attr}; + map { $attr->{$_}++ } split /\s/, $1; + } } if (/ attrs=ALL/){ - my $attr = $hashes->{attr}; - $attr->{"All Attributes"}++; + if ($usage =~ /r/i || $verb eq "yes"){ + my $attr = $hashes->{attr}; + $attr->{"All Attributes"}++; + } $anyAttrs++; } if ($verb eq "yes"){ @@ -1755,16 +1781,20 @@ $bindCount++; if($reportStats){ inc_stats('bind',$s_stats,$m_stats); } if ($1 ne ""){ - $tmpp = $1; - $tmpp =~ tr/A-Z/a-z/;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/admin/src/scripts/60upgradeschemafiles.pl -> 389-ds-base-1.2.11.30.tar.bz2/ldap/admin/src/scripts/60upgradeschemafiles.pl
Changed
@@ -11,7 +11,7 @@ # these schema files are obsolete, or we want to replace # them with newer versions - my @toremove = qw(00core.ldif 01core389.ldif 01common.ldif 02common.ldif 05rfc2247.ldif 05rfc4523.ldif 05rfc4524.ldif 06inetorgperson.ldif 10presence.ldif 28pilot.ldif 30ns-common.ldif 50ns-directory.ldif 60mozilla.ldif 60pam-plugin.ldif 60sudo.ldif); + my @toremove = qw(00core.ldif 01core389.ldif 01common.ldif 02common.ldif 05rfc2247.ldif 05rfc4523.ldif 05rfc4524.ldif 06inetorgperson.ldif 10presence.ldif 10dna-plugin.ldif 28pilot.ldif 30ns-common.ldif 50ns-mail.ldif 50ns-directory.ldif 60qmail.ldif 60radius.ldif 60mozilla.ldif 60pam-plugin.ldif 60sudo.ldif 60rfc3712.ldif 60samba3.ldif 60posix-winsync-plugin.ldif 60sabayon.ldif 60nis.ldif 60sendmail.ldif); # these hashes will be used to check for obsolete schema # in 99user.ldif
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/admin/src/scripts/repl-monitor.pl.in -> 389-ds-base-1.2.11.30.tar.bz2/ldap/admin/src/scripts/repl-monitor.pl.in
Changed
@@ -281,6 +281,7 @@ # Start with the given host and port # The index names in %ld are defined in Mozilla::LDAP::Utils::ldapArgs() + &set_server_params(); &add_server ("$ld{host}:$ld{port}:$ld{bind}:$ld{pswd}:$ld{cert}"); $serveridx = 0; @@ -325,6 +326,32 @@ return $rc; } +sub set_server_params +{ + my ($host, $port, $binddn, $bindpwd, $bindcert); + + ($host, $port, $binddn, $bindpwd, $bindcert) = split (/:/, $allconnections[0]); + if($opt_p && $opt_p ne ""){ + $ld{port} = $opt_p + } elsif(!$port || $port eq ""){ + $ld{port} = "389"; + } else { + $ld{port} = $port; + } + if($host && $host ne ""){ + $ld{host} = $host; + } + if($binddn){ + $ld{bind} = $binddn; + } + if($bindpwd){ + $ld{pswd} = $bindpwd; + } + if($bindcert){ + $ld{cert} = $bindcert; + } +} + sub read_cfg_file { ($fn) = @_; @@ -981,7 +1008,10 @@ $hostnode = $1 if $host =~ /^(.+?)\./; # new host:port - if (!$binddn || $binddn eq "" || !$bindpwd || $bindpwd eq "" || !$bindcert || $bindcert eq "") { + if (!$binddn || $binddn eq "" || $binddn eq "*" || + !$bindpwd || $bindpwd eq "" || $bindpwd eq "*" || + !$bindcert || $bindcert eq "" || $bindcert eq "*" ) + { # # Look up connection parameter in the order of # host:port @@ -1016,8 +1046,8 @@ $binddn = $d; } } - if($prompt eq "yes" && ($w eq "" || (!$bindpwd || $bindpwd eq ""))){ - $bindpwd = passwdPrompt($h, $p); + if($prompt eq "yes" && ($w eq "" || (!$bindpwd || $bindpwd eq "" || $bindpwd eq "*"))){ + $bindpwd = passwdPrompt($h, $p); } elsif ($passwd ne ""){ $bindpwd = $passwd; } else {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/acl/acl.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/acl/acl.c
Changed
@@ -2799,6 +2799,11 @@ if (access & ( SLAPI_ACL_SEARCH | SLAPI_ACL_READ)) { + /* We can not reused results obtained on a other entry */ + if (aci->aci_type & ACI_CACHE_RESULT_PER_ENTRY) { + aclpb->aclpb_state |= ACLPB_CACHE_RESULT_PER_ENTRY_SKIP; + } + /* * aclpb->aclpb_cache_result[0..aclpb->aclpb_last_cache_result] is * a cache of info about whether applicable acis @@ -3010,6 +3015,10 @@ if (access & ( SLAPI_ACL_SEARCH | SLAPI_ACL_READ)) { + /* We can not reused results obtained on a other entry */ + if (aci->aci_type & ACI_CACHE_RESULT_PER_ENTRY) { + aclpb->aclpb_state |= ACLPB_CACHE_RESULT_PER_ENTRY_SKIP; + } /* * aclpb->aclpb_cache_result[0..aclpb->aclpb_last_cache_result] is * a cache of info about whether applicable acis @@ -3794,8 +3803,23 @@ } else { context_type = ACLPB_EVALCONTEXT_PREV; c_evalContext = &aclpb->aclpb_prev_entryEval_context; - } + } + /* we can not reused access evaluation done on a previous entry + * so just skip that cache + */ + if (aclpb->aclpb_state & ACLPB_CACHE_RESULT_PER_ENTRY_SKIP) { + aclpb->aclpb_state &= ~ACLPB_MATCHES_ALL_ACLS; + aclpb->aclpb_state |= ACLPB_UPD_ACLCB_CACHE; + /* Did not match */ + if (context_type == ACLPB_EVALCONTEXT_ACLCB) { + aclpb->aclpb_state &= ~ACLPB_HAS_ACLCB_EVALCONTEXT; + } else { + aclpb->aclpb_state |= ACLPB_COPY_EVALCONTEXT; + c_evalContext->acle_numof_tmatched_handles = 0; + } + return -1; + } if ( aclpb->aclpb_res_type & (ACLPB_NEW_ENTRY | ACLPB_EFFECTIVE_RIGHTS) ) { aclpb->aclpb_state |= ACLPB_MATCHES_ALL_ACLS;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/acl/acl.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/acl/acl.h
Changed
@@ -468,13 +468,14 @@ #define ACLPB_UPD_ACLCB_CACHE 0x100000 #define ACLPB_ATTR_RULE_EVALUATED 0x200000 #define ACLPB_DONOT_EVALUATE_PROXY 0x400000 +#define ACLPB_CACHE_RESULT_PER_ENTRY_SKIP 0x800000 #define ACLPB_RESET_MASK ( ACLPB_ACCESS_ALLOWED_ON_A_ATTR | ACLPB_ACCESS_DENIED_ON_ALL_ATTRS | \ ACLPB_ACCESS_ALLOWED_ON_ENTRY | ACLPB_ATTR_STAR_MATCHED | \ ACLPB_FOUND_ATTR_RULE | ACLPB_EVALUATING_FIRST_ATTR | \ ACLPB_FOUND_A_ENTRY_TEST_RULE ) -#define ACLPB_STATE_ALL 0x3fffff +#define ACLPB_STATE_ALL 0xffffff int aclpb_res_type;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/acl/acllas.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/acl/acllas.c
Changed
@@ -3624,7 +3624,7 @@ /* Check the scope */ if ( ludp->lud_scope == LDAP_SCOPE_SUBTREE ) { if (!slapi_dn_issuffix(n_clientdn, ludp->lud_dn)) { - slapi_log_error( SLAPI_LOG_FATAL, plugin_name, + slapi_log_error( SLAPI_LOG_ACL, plugin_name, "acllas__client_match_URL: url [%s] scope is subtree but dn [%s] " "is not a suffix of [%s]\n", normed, ludp->lud_dn, n_clientdn ); @@ -3634,7 +3634,7 @@ char *parent = slapi_dn_parent (n_clientdn); if (slapi_utf8casecmp ((ACLUCHP)parent, (ACLUCHP)ludp->lud_dn) != 0 ) { - slapi_log_error( SLAPI_LOG_FATAL, plugin_name, + slapi_log_error( SLAPI_LOG_ACL, plugin_name, "acllas__client_match_URL: url [%s] scope is onelevel but dn [%s] " "is not a direct child of [%s]\n", normed, ludp->lud_dn, parent ); @@ -3644,7 +3644,7 @@ slapi_ch_free_string(&parent); } else { /* default */ if (slapi_utf8casecmp ( (ACLUCHP)n_clientdn, (ACLUCHP)ludp->lud_dn) != 0 ) { - slapi_log_error( SLAPI_LOG_FATAL, plugin_name, + slapi_log_error( SLAPI_LOG_ACL, plugin_name, "acllas__client_match_URL: url [%s] scope is base but dn [%s] " "does not match [%s]\n", normed, ludp->lud_dn, n_clientdn );
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/acl/aclparse.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/acl/aclparse.c
Changed
@@ -784,6 +784,8 @@ goto error; } } else if ( 0 == strncmp ( s, DS_LAS_USERDN, 6 )) { + char *prefix; + p = PL_strnchr (s, '=', end - s); if (NULL == p) { goto error; @@ -808,6 +810,23 @@ goto error; } + /* skip the ldap prefix */ + prefix = PL_strncasestr(p, LDAP_URL_prefix, end - p); + if (prefix) { + prefix += strlen(LDAP_URL_prefix); + } else { + prefix = PL_strncasestr(p, LDAPS_URL_prefix, end - p); + if (prefix) { + prefix += strlen(LDAPS_URL_prefix); + } + } + if (prefix == NULL) { + /* userdn value does not starts with LDAP(S)_URL_prefix */ + goto error; + } + p = prefix; + + /* we have a rule like userdn = "ldap:///blah". s points to blah now. ** let's find if we have a SELF rule like userdn = "ldap:///self". ** Since the resource changes on entry basis, we can't cache the
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/chainingdb/cb_config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/chainingdb/cb_config.c
Changed
@@ -380,7 +380,7 @@ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); - for (i = 0; mods[i] ; i++) { + for (i = 0; mods && mods[i] ; i++) { attr_name = mods[i]->mod_type; if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_FORWARD_CTRLS )) { @@ -413,7 +413,7 @@ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); - for (i = 0; mods[i] ; i++) { + for (i = 0; mods && mods[i] ; i++) { attr_name = mods[i]->mod_type; if ( !strcasecmp ( attr_name, CB_CONFIG_GLOBAL_FORWARD_CTRLS )) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/chainingdb/cb_instance.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/chainingdb/cb_instance.c
Changed
@@ -305,7 +305,7 @@ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); /* First pass to validate input */ - for (i = 0; mods[i] && LDAP_SUCCESS == rc; i++) { + for (i = 0; mods && mods[i] && LDAP_SUCCESS == rc; i++) { attr_name = mods[i]->mod_type; /* specific processing for multi-valued attributes */ @@ -378,7 +378,7 @@ /* input checked in the preop modify callback */ - for (i = 0; mods[i] && LDAP_SUCCESS == rc; i++) { + for (i = 0; mods && mods[i] && LDAP_SUCCESS == rc; i++) { attr_name = mods[i]->mod_type; /* specific processing for multi-valued attributes */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/chainingdb/cb_modify.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/chainingdb/cb_modify.c
Changed
@@ -291,7 +291,7 @@ slapi_rwlock_wrlock(inst->rwl_config_lock); for (j=0; inst->illegal_attributes[j]; j++) { - for ( i = 0; mods[i] != NULL; i++ ) { + for ( i = 0; mods && mods[i] != NULL; i++ ) { if (slapi_attr_types_equivalent(inst->illegal_attributes[j],mods[i]->mod_type)) { tmp = mods[i]; for ( j = i; mods[j] != NULL; j++ ) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/cos/cos_cache.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/cos/cos_cache.c
Changed
@@ -767,7 +767,8 @@ * if a particular attempt to add a definition fails: info.ret gets set to * zero only if we succed to add a def. */ -static int cos_dn_defs_cb (Slapi_Entry* e, void *callback_data) +static int +cos_dn_defs_cb (Slapi_Entry* e, void *callback_data) { struct dn_defs_info *info; cosAttrValue **pSneakyVal = 0; @@ -917,31 +918,10 @@ dnVals[valIndex]->bv_val); } - if(!pCosTargetTree) - { - /* get the parent of the definition */ - char *orig = slapi_dn_parent(pDn->val); - Slapi_DN *psdn = slapi_sdn_new_dn_byval(orig); - char *parent = (char *)slapi_sdn_get_dn(psdn); - if (!parent) { - parent = (char *)slapi_sdn_get_udn(psdn); - LDAPDebug(LDAP_DEBUG_ANY, - "cos_cache_build_definition_list: " - "failed to normalize parent dn %s. " - "Adding the pre normalized dn.\n", - parent, 0, 0); - } - cos_cache_add_attrval(&pCosTargetTree, parent); - if (!pCosTemplateDn) { - cos_cache_add_attrval(&pCosTemplateDn, parent); - } - slapi_sdn_free(&psdn); - } - slapi_vattrspi_regattr((vattr_sp_handle *)vattr_handle, dnVals[valIndex]->bv_val, NULL, NULL); } /* if(attrType is cosAttribute) */ - + /* * Add the attributetype to the appropriate * list. @@ -953,6 +933,50 @@ ber_bvecfree( dnVals ); dnVals = NULL; } while(!slapi_entry_next_attr(e, dnAttr, &dnAttr)); + + if (pCosAttribute && (!pCosTargetTree || !pCosTemplateDn)) { + /* get the parent of the definition */ + char *orig = slapi_dn_parent(pDn->val); + char *parent = NULL; + if (orig) { + parent = slapi_create_dn_string("%s", orig); + if (!parent) { + parent = orig; + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cos_dn_defs_cb: " + "failed to normalize parent dn %s. " + "Adding the pre normalized dn.\n", + parent); + } + if (!pCosTargetTree) { + cos_cache_add_attrval(&pCosTargetTree, parent); + } + if (!pCosTemplateDn) { + cos_cache_add_attrval(&pCosTemplateDn, parent); + } + if (parent != orig) { + slapi_ch_free_string(&parent); + } + slapi_ch_free_string(&orig); + } else { + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cos_dn_defs_cb: " + "failed to get parent dn of cos definition %s.\n", + pDn->val); + if (!pCosTemplateDn) { + if (!pCosTargetTree) { + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cosTargetTree and cosTemplateDn are not set.\n"); + } else { + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cosTemplateDn is not set.\n"); + } + } else if (!pCosTargetTree) { + slapi_log_error(SLAPI_LOG_FATAL, COS_PLUGIN_SUBSYSTEM, + "cosTargetTree is not set.\n"); + } + } + } /* determine the type of class of service scheme @@ -991,9 +1015,7 @@ */ /* these must exist */ - if( pDn && - pObjectclass && - + if(pDn && pObjectclass && ( (cosType == COSTYPE_CLASSIC && pCosTemplateDn && @@ -3623,14 +3645,9 @@ { pObj = (char*)slapi_value_get_string(val); - /* - * objectclasses are ascii--maybe strcasecmp() is faster than - * slapi_utf8casecmp() - */ - if( !strcasecmp(pObj, "cosdefinition") || - !strcasecmp(pObj, "cossuperdefinition") || - !strcasecmp(pObj, "costemplate") - ) + if(!strcasecmp(pObj, "cosdefinition") || + !strcasecmp(pObj, "cossuperdefinition") || + !strcasecmp(pObj, "costemplate")) { rc = 1; }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/deref/deref.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/deref/deref.c
Changed
@@ -597,14 +597,10 @@ Slapi_Entry **entries = NULL; int rc; - if (deref_check_access(pb, NULL, derefdn, attrs, &retattrs, - (SLAPI_ACL_SEARCH|SLAPI_ACL_READ))) { - slapi_log_error(SLAPI_LOG_PLUGIN, DEREF_PLUGIN_SUBSYSTEM, - "The client does not have permission to read the requested " - "attributes in entry %s\n", derefdn); - return; - } - +/* If the access check on the attributes is done without retrieveing the entry + * it cannot handle acis which need teh entry, eg to apply a targetfilter rule + * So the determination of attrs which can be dereferenced is delayed + */ derefpb = slapi_pblock_new(); slapi_search_internal_set_pb(derefpb, derefdn, LDAP_SCOPE_BASE, "(objectclass=*)", retattrs, 0, @@ -623,61 +619,68 @@ } else { int ii; int needattrvals = 1; /* need attrvals sequence? */ - for (ii = 0; retattrs[ii]; ++ii) { - Slapi_Value *sv; - int idx = 0; - Slapi_ValueSet* results = NULL; - int type_name_disposition = 0; - char* actual_type_name = NULL; - int flags = 0; - int buffer_flags = 0; - int needpartialattr = 1; /* need PartialAttribute sequence? */ - int needvalsset = 1; - - if (is_type_forbidden(retattrs[ii])) { - slapi_log_error(SLAPI_LOG_PLUGIN, DEREF_PLUGIN_SUBSYSTEM, - "skip forbidden attribute [%s]\n", derefdn); - continue; - } + if (deref_check_access(pb, entries[0], derefdn, attrs, &retattrs, + (SLAPI_ACL_SEARCH|SLAPI_ACL_READ))) { + slapi_log_error(SLAPI_LOG_PLUGIN, DEREF_PLUGIN_SUBSYSTEM, + "The client does not have permission to read the requested " + "attributes in entry %s\n", derefdn); + } else { + for (ii = 0; retattrs[ii]; ++ii) { + Slapi_Value *sv; + int idx = 0; + Slapi_ValueSet* results = NULL; + int type_name_disposition = 0; + char* actual_type_name = NULL; + int flags = 0; + int buffer_flags = 0; + int needpartialattr = 1; /* need PartialAttribute sequence? */ + int needvalsset = 1; + + if (is_type_forbidden(retattrs[ii])) { + slapi_log_error(SLAPI_LOG_PLUGIN, DEREF_PLUGIN_SUBSYSTEM, + "skip forbidden attribute [%s]\n", derefdn); + continue; + } - deref_get_values(entries[0], retattrs[ii], &results, &type_name_disposition, - &actual_type_name, flags, &buffer_flags); + deref_get_values(entries[0], retattrs[ii], &results, &type_name_disposition, + &actual_type_name, flags, &buffer_flags); - if (results) { - idx = slapi_valueset_first_value(results, &sv); - } - for (; results && sv; idx = slapi_valueset_next_value(results, idx, &sv)) { - const struct berval *bv = slapi_value_get_berval(sv); - if (needattrvals) { - /* we have at least one attribute with values in - DerefRes.attrVals */ - /* attrVals is OPTIONAL - only added if there are - any values to send */ - ber_printf(ctrlber, "t{", (LBER_CLASS_CONTEXT|LBER_CONSTRUCTED)); - needattrvals = 0; + if (results) { + idx = slapi_valueset_first_value(results, &sv); } - if (needpartialattr) { - /* This attribute in attrVals has values */ - ber_printf(ctrlber, "{s", retattrs[ii]); - needpartialattr = 0; + for (; results && sv; idx = slapi_valueset_next_value(results, idx, &sv)) { + const struct berval *bv = slapi_value_get_berval(sv); + if (needattrvals) { + /* we have at least one attribute with values in + DerefRes.attrVals */ + /* attrVals is OPTIONAL - only added if there are + any values to send */ + ber_printf(ctrlber, "t{", (LBER_CLASS_CONTEXT|LBER_CONSTRUCTED)); + needattrvals = 0; + } + if (needpartialattr) { + /* This attribute in attrVals has values */ + ber_printf(ctrlber, "{s", retattrs[ii]); + needpartialattr = 0; + } + if (needvalsset) { + /* begin the vals SET of values for this attribute */ + ber_printf(ctrlber, "["); + needvalsset = 0; + } + ber_printf(ctrlber, "O", bv); + } /* for each value in retattrs[ii] */ + deref_values_free(&results, &actual_type_name, buffer_flags); + if (needvalsset == 0) { + ber_printf(ctrlber, "]"); } - if (needvalsset) { - /* begin the vals SET of values for this attribute */ - ber_printf(ctrlber, "["); - needvalsset = 0; + if (needpartialattr == 0) { + ber_printf(ctrlber, "}"); } - ber_printf(ctrlber, "O", bv); - } /* for each value in retattrs[ii] */ - deref_values_free(&results, &actual_type_name, buffer_flags); - if (needvalsset == 0) { - ber_printf(ctrlber, "]"); - } - if (needpartialattr == 0) { + } /* for each attr in retattrs */ + if (needattrvals == 0) { ber_printf(ctrlber, "}"); } - } /* for each attr in retattrs */ - if (needattrvals == 0) { - ber_printf(ctrlber, "}"); } } } else { /* nothing */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/memberof/memberof.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/memberof/memberof.c
Changed
@@ -1101,17 +1101,33 @@ Slapi_Entry *e = 0; memberofstringll *ll = 0; char *op_str = 0; - const char *op_to = slapi_sdn_get_ndn(op_to_sdn); - const char *op_this = slapi_sdn_get_ndn(op_this_sdn); - Slapi_Value *to_dn_val = slapi_value_new_string(op_to); - Slapi_Value *this_dn_val = slapi_value_new_string(op_this); - - if(this_dn_val == NULL || to_dn_val == NULL){ + const char *op_to; + const char *op_this; + Slapi_Value *to_dn_val = NULL; + Slapi_Value *this_dn_val = NULL; + + op_to = slapi_sdn_get_ndn(op_to_sdn); + op_this = slapi_sdn_get_ndn(op_this_sdn); + + /* Make sure we have valid DN's for the group(op_this) and the new member(op_to) */ + if(op_to && op_this){ + to_dn_val = slapi_value_new_string(op_to); + this_dn_val = slapi_value_new_string(op_this); + } + if(to_dn_val == NULL){ + const char *udn = op_to_sdn ? slapi_sdn_get_udn(op_to_sdn) : ""; slapi_log_error( SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM, - "memberof_modop_one_replace_r: failed to get DN values (NULL)\n"); + "memberof_modop_one_replace_r: failed to get DN value from " + "member value (%s)\n", udn); + goto bail; + } + if(this_dn_val == NULL){ + const char *udn = op_this_sdn ? slapi_sdn_get_udn(op_this_sdn) : ""; + slapi_log_error( SLAPI_LOG_FATAL, MEMBEROF_PLUGIN_SUBSYSTEM, + "memberof_modop_one_replace_r: failed to get DN value from " + "group (%s)\n", udn); goto bail; } - /* op_this and op_to are both case-normalized */ slapi_value_set_flags(this_dn_val, SLAPI_ATTR_FLAG_NORMALIZED_CIS); slapi_value_set_flags(to_dn_val, SLAPI_ATTR_FLAG_NORMALIZED_CIS);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/mep/mep.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/mep/mep.c
Changed
@@ -1462,38 +1462,56 @@ /* Add forward link to origin entry. */ LDAPMod oc_mod; LDAPMod pointer_mod; - LDAPMod *mods[3]; + LDAPMod *mods[2]; char *oc_vals[2]; char *pointer_vals[2]; /* Clear out the pblock for reuse. */ slapi_pblock_init(mod_pb); - /* Add the origin entry objectclass. */ + /* + * Add the origin entry objectclass. Do not check the result + * as we could be here because of a modrdn operation - in which + * case the objectclass already exists. + */ oc_vals[0] = MEP_ORIGIN_OC; oc_vals[1] = 0; oc_mod.mod_op = LDAP_MOD_ADD; oc_mod.mod_type = SLAPI_ATTR_OBJECTCLASS; oc_mod.mod_values = oc_vals; + mods[0] = &oc_mod; + mods[1] = NULL; + + /* add the objectclass */ + slapi_modify_internal_set_pb_ext(mod_pb, slapi_entry_get_sdn(origin), + mods, 0, 0, mep_get_plugin_id(), 0); + slapi_modify_internal_pb(mod_pb); + slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &result); + if (result != LDAP_SUCCESS && result != LDAP_TYPE_OR_VALUE_EXISTS){ + slapi_log_error(SLAPI_LOG_FATAL, MEP_PLUGIN_SUBSYSTEM, + "mep_add_managed_entry: Failed to add managed entry " + "objectclass in origin entry \"%s\", error (%s)\n", + slapi_entry_get_dn(origin), ldap_err2string(result)); + } + slapi_pblock_init(mod_pb); - /* Add a pointer to the managed entry. */ + /* + * Now, add a pointer to the managed entry. + */ pointer_vals[0] = managed_dn; pointer_vals[1] = 0; pointer_mod.mod_op = LDAP_MOD_ADD; pointer_mod.mod_type = MEP_MANAGED_ENTRY_TYPE; pointer_mod.mod_values = pointer_vals; + mods[0] = &pointer_mod; + mods[1] = NULL; - mods[0] = &oc_mod; - mods[1] = &pointer_mod; - mods[2] = 0; - - /* Perform the modify operation. */ slapi_log_error(SLAPI_LOG_PLUGIN, MEP_PLUGIN_SUBSYSTEM, "Adding %s pointer to \"%s\" in entry \"%s\"\n.", MEP_MANAGED_ENTRY_TYPE, managed_dn, slapi_entry_get_dn(origin)); - slapi_modify_internal_set_pb_ext(mod_pb, - slapi_entry_get_sdn(origin), - mods, 0, 0, mep_get_plugin_id(), 0); + + slapi_modify_internal_set_pb_ext(mod_pb, slapi_entry_get_sdn(origin), + mods, 0, 0, mep_get_plugin_id(), 0); slapi_modify_internal_pb(mod_pb); slapi_pblock_get(mod_pb, SLAPI_PLUGIN_INTOP_RESULT, &result);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/posix-winsync/posix-group-func.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/posix-winsync/posix-group-func.c
Changed
@@ -23,12 +23,12 @@ #include <string.h> #include <nspr.h> #include "posix-wsp-ident.h" +#include "posix-group-func.h" #define MAX_RECURSION_DEPTH (5) Slapi_Value ** valueset_get_valuearray(const Slapi_ValueSet *vs); /* stolen from proto-slap.h */ -static int hasObjectClass(Slapi_Entry *entry, const char *objectClass); static PRMonitor *memberuid_operation_lock = 0; @@ -262,7 +262,7 @@ return rc; } -static int +int hasObjectClass(Slapi_Entry *entry, const char *objectClass) { int rc = 0;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/posix-winsync/posix-group-func.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/posix-winsync/posix-group-func.h
Changed
@@ -19,5 +19,6 @@ int memberUidLockInit(); int addUserToGroupMembership(Slapi_Entry *entry); void propogateDeletionsUpward(Slapi_Entry *, const Slapi_DN *, Slapi_ValueSet*, Slapi_ValueSet *, int); +int hasObjectClass(Slapi_Entry *entry, const char *objectClass); #endif
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/posix-winsync/posix-group-task.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/posix-winsync/posix-group-task.c
Changed
@@ -89,7 +89,7 @@ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "posix_group_task_add: retrieved basedn: %s\n", dn); - if ((filter = fetch_attr(e, "filter", "(objectclass=ntGroup)")) == NULL) { + if ((filter = fetch_attr(e, "filter", "(&(objectclass=ntGroup)(|(uniquemember=*)(memberuid=*)))")) == NULL) { *returncode = LDAP_OBJECT_CLASS_VIOLATION; rv = SLAPI_DSE_CALLBACK_ERROR; goto out; @@ -240,6 +240,7 @@ static int posix_group_fix_memberuid_callback(Slapi_Entry *e, void *callback_data) { + int i; slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "_fix_memberuid ==>\n"); cb_data *the_cb_data = (cb_data *) callback_data; @@ -253,7 +254,11 @@ char *dn = slapi_entry_get_dn(e); Slapi_DN *sdn = slapi_entry_get_sdn(e); LDAPMod **mods = NULL; + int is_posix_group = 0; + if (hasObjectClass(e, "posixGroup")) { + is_posix_group = 1; + } /* Clean out memberuids and dsonlymemberuids without a valid referant */ rc = slapi_entry_attr_find(e, "memberuid", &muid_attr); if (rc == 0 && muid_attr) { @@ -272,7 +277,6 @@ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "_fix_memberuid scan for orphaned memberuids\n"); - int i; for (i = slapi_attr_first_value(muid_attr, &v); i != -1; i = slapi_attr_next_value(muid_attr, i, &v)) { const char *muid = slapi_value_get_string(v); @@ -337,10 +341,8 @@ if (rc == 0 && obj_attr) { int fixMembership = 0; Slapi_ValueSet *bad_ums = NULL; - - int i; - Slapi_Value * uniqval = NULL; /* uniquemeber Attribute values */ - + Slapi_Value *uniqval = NULL; /* uniquemeber Attribute values */ + Slapi_ValueSet *uids = NULL; slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "_fix_memberuid scan uniquemember, group %s\n", dn); for (i = slapi_attr_first_value(obj_attr, &uniqval); i != -1; @@ -350,11 +352,14 @@ char *attrs[] = { "uid", "objectclass", NULL }; Slapi_Entry *child = getEntry(member, attrs); - if (!child) { + if (child) { + slapi_entry_free(child); + } else { slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "_fix_memberuid orphaned uniquemember found: %s\n", member); - if (strncasecmp(member, "cn=", 3) == 0) { + if ((strncasecmp(member, "cn=", 3) == 0) || + (strncasecmp(member, "uid=", 4) == 0)) { fixMembership = 1; } if (!bad_ums) { @@ -362,12 +367,51 @@ } slapi_valueset_add_value(bad_ums, uniqval); } + + if (is_posix_group) { + char *uid = NULL; + /* search uid for member (DN) */ + slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "search %s\n", member); + if ((uid = searchUid(member)) != NULL) { + Slapi_Value *value = slapi_value_new(); + /* Search an entry having "member" as DN and get uid value from it. */ + slapi_value_set_string_passin(value, uid); + /* add uids ValueSet */ + if (NULL == uids) { + uids = slapi_valueset_new(); + } + slapi_valueset_add_value(uids, value); + slapi_value_free(&value); + } + } + } + /* If we found some posix members, replace the existing memberuid attribute + * with the found values. */ + if (uids && slapi_valueset_count(uids)) { + Slapi_Value *val = 0; + Slapi_Mod *smod = slapi_mod_new(); + int hint = 0; + + slapi_mod_init(smod, 0); + slapi_mod_set_operation(smod, LDAP_MOD_REPLACE | LDAP_MOD_BVALUES); + slapi_mod_set_type(smod, "memberuid"); + + /* Loop through all of our values and add them to smod */ + hint = slapi_valueset_first_value(uids, &val); + while (val) { + /* this makes a copy of the berval */ + slapi_mod_add_value(smod, slapi_value_get_berval(val)); + hint = slapi_valueset_next_value(uids, hint, &val); + } + slapi_mods_add_ldapmod(smods, slapi_mod_get_ldapmod_passout(smod)); + slapi_mod_free(&smod); } + slapi_valueset_free(uids); slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "_fix_memberuid Finishing...\n"); - if (fixMembership && posix_winsync_config_get_mapNestedGrouping()) { + if (fixMembership && posix_winsync_config_get_mapNestedGrouping()) { Slapi_ValueSet *del_nested_vs = slapi_valueset_new(); slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, @@ -383,7 +427,7 @@ } } - mods = slapi_mods_get_ldapmods_passout(smods); + mods = slapi_mods_get_ldapmods_byref(smods); if (mods) { Slapi_PBlock *mod_pb = NULL; mod_pb = slapi_pblock_new(); @@ -400,7 +444,13 @@ slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "_fix_memberuid <==\n"); - return rc; + /* + * Since Ticket #481 "expand nested posix groups", + * there's a possibility the found entry does not contain + * uniqueMember attribute. But "not found" error shoud not + * be returned, which stops the further fixup task. + */ + return 0; } static void
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/posix-winsync/posix-winsync-config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/posix-winsync/posix-winsync-config.c
Changed
@@ -72,7 +72,8 @@ sdn = slapi_get_first_suffix(&node, 0); while (sdn) { - if (slapi_sdn_isparent(sdn, ds_subtree) == 0) { + /* if sdn is a parent of ds_subtree or sdn is the WinSync Subtree itself */ + if (slapi_sdn_isparent(sdn, ds_subtree) || !slapi_sdn_compare(sdn, ds_subtree)) { theConfig.rep_suffix = sdn; slapi_log_error(SLAPI_LOG_PLUGIN, POSIX_WINSYNC_PLUGIN_NAME, "Found suffix's '%s'\n", slapi_sdn_get_dn(sdn));
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/cl5_clcache.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/cl5_clcache.c
Changed
@@ -111,6 +111,7 @@ DBT buf_data; /* data retrived from db */ void *buf_record_ptr; /* ptr to the current record in data */ CSN *buf_missing_csn; /* used to detect persistent missing of CSN */ + CSN *buf_prev_missing_csn; /* used to surpress the repeated messages */ /* fields for control the CSN sequence sent to the consumer */ struct csn_seq_ctrl_block **buf_cscbs; @@ -376,9 +377,12 @@ else if ( anchorcsn ) { /* Report error only when the missing is persistent */ if ( buf->buf_missing_csn && csn_compare (buf->buf_missing_csn, anchorcsn) == 0 ) { - slapi_log_error ( SLAPI_LOG_FATAL, buf->buf_agmt_name, - "Can't locate CSN %s in the changelog (DB rc=%d). The consumer may need to be reinitialized.\n", - (char*)buf->buf_key.data, rc ); + if (!buf->buf_prev_missing_csn || csn_compare (buf->buf_prev_missing_csn, anchorcsn)) { + slapi_log_error ( SLAPI_LOG_FATAL, buf->buf_agmt_name, + "Can't locate CSN %s in the changelog (DB rc=%d). If replication stops, the consumer may need to be reinitialized.\n", + (char*)buf->buf_key.data, rc ); + csn_dup_or_init_by_csn (&buf->buf_prev_missing_csn, anchorcsn); + } } else { csn_dup_or_init_by_csn (&buf->buf_missing_csn, anchorcsn); @@ -915,6 +919,7 @@ slapi_ch_free (&( (*buf)->buf_data.data )); csn_free (&( (*buf)->buf_current_csn )); csn_free (&( (*buf)->buf_missing_csn )); + csn_free (&( (*buf)->buf_prev_missing_csn )); slapi_ch_free ( (void **) buf ); } }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/cl5_config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/cl5_config.c
Changed
@@ -340,7 +340,7 @@ config.maxAge = slapi_ch_strdup(CL5_STR_IGNORE); slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); - for (i = 0; mods[i] != NULL; i++) + for (i = 0; mods && mods[i] != NULL; i++) { if (mods[i]->mod_op & LDAP_MOD_DELETE) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/legacy_consumer.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/legacy_consumer.c
Changed
@@ -321,7 +321,7 @@ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); slapi_rwlock_wrlock (legacy_consumer_config_lock); - for (i = 0; (mods[i] && (!not_allowed)); i++) + for (i = 0; mods && (mods[i] && (!not_allowed)); i++) { if (mods[i]->mod_op & LDAP_MOD_DELETE) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/repl5.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/repl5.h
Changed
@@ -60,6 +60,7 @@ #include "llist.h" #include "repl5_ruv.h" #include "cl4.h" +#include "plstr.h" #define REPLICA_TYPE_WINDOWS 1 #define REPLICA_TYPE_MULTIMASTER 0
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/repl5_agmt.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/repl5_agmt.c
Changed
@@ -1838,7 +1838,7 @@ int i, j; slapi_pblock_get(pb, SLAPI_MODIFY_MODS, &mods); - for (i = 0; !affects_non_fractional_attribute && NULL != agmt->frac_attrs[i]; i++) + for (i = 0; mods && !affects_non_fractional_attribute && NULL != agmt->frac_attrs[i]; i++) { for (j = 0; !affects_non_fractional_attribute && NULL != mods[j]; j++) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/repl5_inc_protocol.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/repl5_inc_protocol.c
Changed
@@ -1694,15 +1694,15 @@ switch (rc) { case CL5_SUCCESS: - /* check that we don't return dummy entries */ - if (is_dummy_operation (entry.op)) - { - slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, - "%s: changelog iteration code returned a dummy entry with csn %s, " - "skipping ...\n", + /* check that we don't return dummy entries */ + if (is_dummy_operation (entry.op)) + { + slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, + "%s: changelog iteration code returned a dummy entry with csn %s, " + "skipping ...\n", agmt_get_long_name(prp->agmt), csn_as_string(entry.op->csn, PR_FALSE, csn_str)); - continue; - } + continue; + } replay_crc = replay_update(prp, entry.op, &message_id); if (message_id) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/repl5_protocol_util.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/repl5_protocol_util.c
Changed
@@ -689,12 +689,17 @@ int repl5_strip_fractional_mods(Repl_Agmt *agmt, LDAPMod ** mods) { - char **a = agmt_get_fractional_attrs(agmt); + char **a; char **attrs_to_strip; int retval = 0; int strip = 1; int i, j, k; + if (mods == NULL) { + return retval; + } + + a = agmt_get_fractional_attrs(agmt); if (a) { /* Iterate through the fractional attr list */ for ( i = 0; a[i] != NULL; i++ )
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/repl5_replica.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/repl5_replica.c
Changed
@@ -75,7 +75,7 @@ void *csn_pl_reg_id; /* registration assignment for csn callbacks */ unsigned long repl_state_flags; /* state flags */ PRUint32 repl_flags; /* persistent, externally visible flags */ - PRLock *repl_lock; /* protects entire structure */ + PRMonitor *repl_lock; /* protects entire structure */ Slapi_Eq_Context repl_eqcxt_rs; /* context to cancel event that saves ruv */ Slapi_Eq_Context repl_eqcxt_tr; /* context to cancel event that reaps tombstones */ Object *repl_csngen; /* CSN generator for this replica */ @@ -125,7 +125,19 @@ static void _delete_tombstone(const char *tombstone_dn, const char *uniqueid, int ext_op_flags); static void replica_strip_cleaned_rids(Replica *r); -/* Allocates new replica and reads its state and state of its component from +static void +replica_lock(PRMonitor *lock) +{ + PR_EnterMonitor(lock); +} + +static void +replica_unlock(PRMonitor *lock) +{ + PR_ExitMonitor(lock); +} +/* + * Allocates new replica and reads its state and state of its component from * various parts of the DIT. */ Replica * @@ -188,7 +200,7 @@ goto done; } - if ((r->repl_lock = PR_NewLock()) == NULL) + if ((r->repl_lock = PR_NewMonitor()) == NULL) { if (NULL != errortext) { @@ -289,17 +301,16 @@ PR_ASSERT(NULL != r); if (NULL != r) { - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); /* Make sure we dump the CSNGen state */ r->repl_csn_assigned = PR_TRUE; - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); /* This function take the Lock Inside */ /* And also write the RUV */ _replica_update_state((time_t)0, r->repl_name); } } - /* * Deallocate a replica. arg should point to the address of a * pointer that points to a replica structure. @@ -361,7 +372,7 @@ if (r->repl_lock) { - PR_DestroyLock(r->repl_lock); + PR_DestroyMonitor(r->repl_lock); r->repl_lock = NULL; } @@ -420,7 +431,7 @@ PR_ASSERT(r); - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); if (r->repl_state_flags & REPLICA_IN_USE) { if (isInc) @@ -461,7 +472,7 @@ slapi_ch_free_string(&r->locking_purl); r->locking_purl = slapi_ch_strdup(locking_purl); } - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); return rval; } @@ -475,7 +486,7 @@ PR_ASSERT(r); - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); isInc = (r->repl_state_flags & REPLICA_INCREMENTAL_IN_PROGRESS); /* check to see if the replica is in use and log a warning if not */ if (!(r->repl_state_flags & REPLICA_IN_USE)) @@ -500,7 +511,7 @@ else r->repl_state_flags &= ~(REPLICA_TOTAL_IN_PROGRESS); } - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); } /* @@ -547,9 +558,9 @@ ReplicaId rid; PR_ASSERT(r); - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); rid = r->repl_rid; - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); return rid; } @@ -561,9 +572,9 @@ { PR_ASSERT(r); - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); r->repl_rid = rid; - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); } /* Returns true if replica was initialized through ORC or import; @@ -588,7 +599,7 @@ PR_ASSERT(r); - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); PR_ASSERT (r->repl_ruv); @@ -596,7 +607,7 @@ ruv = r->repl_ruv; - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); return ruv; } @@ -611,7 +622,7 @@ { PR_ASSERT(r && ruv); - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); if(NULL != r->repl_ruv) { @@ -647,7 +658,7 @@ r->repl_ruv = object_new((void*)ruv, (FNFree)ruv_destroy); r->repl_ruv_dirty = PR_TRUE; - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); } /* @@ -685,7 +696,7 @@ else { RUV *ruv; - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); if (r->repl_ruv != NULL) { @@ -752,7 +763,7 @@ slapi_sdn_get_dn(r->repl_root)); rc = RUV_NOTFOUND; } - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); } return rc; } @@ -768,12 +779,12 @@ PR_ASSERT(r); - PR_Lock(r->repl_lock); + replica_lock(r->repl_lock); object_acquire (r->repl_csngen); csngen = r->repl_csngen; - PR_Unlock(r->repl_lock); + replica_unlock(r->repl_lock); return csngen; } @@ -796,9 +807,9 @@ { PR_ASSERT(r);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/repl5_replica_config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/repl5_replica_config.c
Changed
@@ -349,7 +349,7 @@ if (*returncode != LDAP_SUCCESS) break; - for (i = 0; (mods[i] && (LDAP_SUCCESS == rc)); i++) + for (i = 0; mods && (mods[i] && (LDAP_SUCCESS == rc)); i++) { if (*returncode != LDAP_SUCCESS) break; @@ -600,7 +600,7 @@ if (*returncode != LDAP_SUCCESS) break; - for (i = 0; (mods[i] && (LDAP_SUCCESS == rc)); i++) + for (i = 0; mods && (mods[i] && (LDAP_SUCCESS == rc)); i++) { if (*returncode != LDAP_SUCCESS) break;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/urp.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/urp.c
Changed
@@ -58,7 +58,6 @@ static int mod_namingconflict_attr (const char *uniqueid, const Slapi_DN *entrysdn, const Slapi_DN *conflictsdn, CSN *opcsn); static int del_replconflict_attr (Slapi_Entry *entry, CSN *opcsn, int opflags); static char *get_dn_plus_uniqueid(char *sessionid,const Slapi_DN *oldsdn,const char *uniqueid); -static char *get_rdn_plus_uniqueid(char *sessionid,const char *olddn,const char *uniqueid); static int is_suffix_entry (Slapi_PBlock *pb, Slapi_Entry *entry, Slapi_DN **parenddn); /* @@ -372,6 +371,9 @@ slapi_entry_get_sdn (target_entry), "renameTombstone", opcsn); */ op_result = LDAP_NO_SUCH_OBJECT; + slapi_log_error(SLAPI_LOG_REPL, sessionid, + "urp_modrdn: target_entry %s is a tombstone; returning NO_SUCH_OBJECT.\n", + slapi_entry_get_dn(target_entry)); slapi_pblock_set(pb, SLAPI_RESULT_CODE, &op_result); if (op_result == 0) { @@ -448,16 +450,16 @@ slapi_pblock_set(pb, SLAPI_RESULT_CODE, &op_result); rc= -1; /* Ignore this Operation */ PROFILE_POINT; /* ModRDN Conflict; Entry with Target DN Exists; - Unique ID already in RDN - Change to Lost and Found entry */ + Unique ID already in RDN - Change to Lost and Found entry */ goto bailout; } mod_namingconflict_attr (op_uniqueid, target_sdn, existing_sdn, opcsn); slapi_pblock_set(pb, SLAPI_MODRDN_NEWRDN, newrdn_with_uniqueid); slapi_log_error(slapi_log_urp, sessionid, - "Naming conflict MODRDN. Rename target entry to %s\n", - newrdn_with_uniqueid ); + "urp_modrdn_operation: Naming conflict MODRDN. Rename target entry from %s to %s\n", + newrdn, newrdn_with_uniqueid ); - rc= slapi_setbit_int(rc,SLAPI_RTN_BIT_FETCH_EXISTING_DN_ENTRY); + rc= slapi_setbit_int(rc, SLAPI_RTN_BIT_FETCH_EXISTING_DN_ENTRY); PROFILE_POINT; /* ModRDN Conflict; Entry with Target DN Exists; Rename Operation Entry */ goto bailout; } @@ -608,14 +610,20 @@ op_result= LDAP_NO_SUCH_OBJECT; slapi_pblock_set(pb, SLAPI_RESULT_CODE, &op_result); rc= -1; /* Don't apply the Delete */ + slapi_log_error(slapi_log_urp, "no sessionid", + "Entry %s does not exist; returning NO_SUCH_OBJECT.\n", + slapi_entry_get_dn(deleteentry)); PROFILE_POINT; /* Delete Operation; Entry not exist. */ } else if(is_tombstone_entry(deleteentry)) { /* The entry is already a Tombstone, ignore this delete. */ - op_result= LDAP_SUCCESS; + op_result= LDAP_ALREADY_EXISTS; slapi_pblock_set(pb, SLAPI_RESULT_CODE, &op_result); rc = -1; /* Don't apply the Delete */ + slapi_log_error(slapi_log_urp, "no sessionid", + "Entry %s is already a tombstone; returning ALREADY_EXISTS.\n", + slapi_entry_get_dn(deleteentry)); PROFILE_POINT; /* Delete Operation; Already a Tombstone. */ } else /* The entry to be deleted exists and is not a tombstone */ @@ -639,7 +647,10 @@ op_result= LDAP_SUCCESS; slapi_pblock_set(pb, SLAPI_RESULT_CODE, &op_result); rc = -1; /* Don't apply the Delete */ - PROFILE_POINT; /* Delete Operation; Entry has children. */ + slapi_log_error(slapi_log_urp, sessionid, + "Entry %s was turned to a glue; returning SUCCESS.\n", + slapi_entry_get_dn(deleteentry) ); + PROFILE_POINT; /* Delete Operation; Entry has children. */ } } return rc; @@ -785,7 +796,7 @@ } int -urp_fixup_rename_entry (Slapi_Entry *entry, const char *newrdn, int opflags) +urp_fixup_rename_entry (Slapi_Entry *entry, const char *newrdn, const char *parentuniqueid, int opflags) { Slapi_PBlock *newpb; Slapi_Operation *op; @@ -813,7 +824,12 @@ opcsn = (CSN *)entry_get_dncsn (entry); slapi_pblock_get (newpb, SLAPI_OPERATION, &op); operation_set_csn (op, opcsn); - + if (parentuniqueid) + { + struct slapi_operation_parameters *op_params; + slapi_pblock_get( newpb, SLAPI_OPERATION_PARAMETERS, &op_params ); + op_params->p.p_modrdn.modrdn_newsuperior_address.uniqueid = (char*)parentuniqueid; /* Consumes parentuniqueid */ + } slapi_modrdn_internal_pb(newpb); slapi_pblock_get(newpb, SLAPI_PLUGIN_INTOP_RESULT, &op_result); @@ -1012,7 +1028,7 @@ if(newrdn!=NULL) { mod_namingconflict_attr (uniqueid, basesdn, basesdn, opcsn); - op_result = urp_fixup_rename_entry ( entry, newrdn, 0 ); + op_result = urp_fixup_rename_entry ( entry, newrdn, NULL, 0 ); switch(op_result) { case LDAP_SUCCESS: @@ -1191,7 +1207,7 @@ * is done after DB lock was released. The backend modrdn * will acquire the DB lock if it sees this flag. */ - op_result = urp_fixup_rename_entry (min_naming_conflict_entry, newrdnstr, OP_FLAG_ACTION_INVOKE_FOR_REPLOP); + op_result = urp_fixup_rename_entry (min_naming_conflict_entry, newrdnstr, NULL, OP_FLAG_ACTION_INVOKE_FOR_REPLOP); if ( op_result != LDAP_SUCCESS ) { slapi_log_error (slapi_log_urp, sessionid, @@ -1224,15 +1240,19 @@ static char * get_dn_plus_uniqueid(char *sessionid, const Slapi_DN *oldsdn, const char *uniqueid) { - Slapi_RDN *rdn= slapi_rdn_new(); - char *newdn; + Slapi_RDN *rdn = slapi_rdn_new(); + char *newdn = NULL; + int rc = slapi_rdn_init_all_sdn_ext(rdn, oldsdn, 1); + if (rc) { + slapi_log_error(SLAPI_LOG_FATAL, sessionid, + "Failed to convert %s to RDN\n", slapi_sdn_get_dn(oldsdn)); + goto bail; + } PR_ASSERT(uniqueid!=NULL); /* Check if the RDN already contains the Unique ID */ - slapi_rdn_set_dn(rdn, slapi_sdn_get_dn(oldsdn)); - if(slapi_rdn_contains(rdn,SLAPI_ATTR_UNIQUEID,uniqueid,strlen(uniqueid))) - { + if (slapi_rdn_is_conflict(rdn)) { /* The Unique ID is already in the RDN. * This is a highly improbable collision. * It suggests that a duplicate UUID was generated. @@ -1241,7 +1261,6 @@ */ slapi_log_error(SLAPI_LOG_FATAL, sessionid, "Annotated DN %s has naming conflict\n", slapi_sdn_get_dn(oldsdn) ); - newdn= NULL; } else { @@ -1250,21 +1269,27 @@ newdn = slapi_ch_smprintf("%s,%s", slapi_rdn_get_rdn(rdn), parentdn); slapi_ch_free_string(&parentdn); } +bail: slapi_rdn_free(&rdn); return newdn; } -static char * +char * get_rdn_plus_uniqueid(char *sessionid, const char *olddn, const char *uniqueid) { - char *newrdn; + char *newrdn = NULL; /* Check if the RDN already contains the Unique ID */ - Slapi_DN *sdn= slapi_sdn_new_dn_byval(olddn); - Slapi_RDN *rdn= slapi_rdn_new(); - slapi_sdn_get_rdn(sdn,rdn); + Slapi_DN *sdn = slapi_sdn_new_dn_byval(olddn); + Slapi_RDN *rdn = slapi_rdn_new(); + int rc = slapi_rdn_init_all_sdn_ext(rdn, sdn, 1); + if (rc) { + slapi_log_error(SLAPI_LOG_FATAL, sessionid, + "Failed to convert %s to RDN\n", olddn); + goto bail; + } + PR_ASSERT(uniqueid!=NULL); - if(slapi_rdn_contains(rdn,SLAPI_ATTR_UNIQUEID,uniqueid,strlen(uniqueid))) - { + if (slapi_rdn_is_conflict(rdn)) { /* The Unique ID is already in the RDN. * This is a highly improbable collision. * It suggests that a duplicate UUID was generated. @@ -1272,14 +1297,14 @@ * require admin intercession */ slapi_log_error(SLAPI_LOG_FATAL, sessionid, - "Annotated DN %s has naming conflict\n", olddn ); - newrdn= NULL; + "Annotated RDN %s has naming conflict\n", olddn); } else { slapi_rdn_add(rdn,SLAPI_ATTR_UNIQUEID,uniqueid); - newrdn= slapi_ch_strdup(slapi_rdn_get_rdn(rdn)); + newrdn = slapi_ch_strdup(slapi_rdn_get_rdn(rdn)); } +bail: slapi_sdn_free(&sdn); slapi_rdn_free(&rdn); return newrdn;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/urp.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/urp.h
Changed
@@ -55,11 +55,12 @@ int urp_post_delete_operation( Slapi_PBlock *pb ); int urp_modrdn_operation( Slapi_PBlock *pb ); int urp_post_modrdn_operation( Slapi_PBlock *pb ); +char *get_rdn_plus_uniqueid(char *sessionid, const char *olddn, const char *uniqueid); /* urp internal ops */ int urp_fixup_add_entry (Slapi_Entry *e, const char *target_uniqueid, const char *parentuniqueid, CSN *opcsn, int opflags); int urp_fixup_delete_entry (const char *uniqueid, const char *dn, CSN *opcsn, int opflags); -int urp_fixup_rename_entry (Slapi_Entry *entry, const char *newrdn, int opflags); +int urp_fixup_rename_entry (Slapi_Entry *entry, const char *newrdn, const char *parentuniqueid, int opflags); int urp_fixup_modify_entry (const char *uniqueid, const Slapi_DN *sdn, CSN *opcsn, Slapi_Mods *smods, int opflags); int is_suffix_dn (Slapi_PBlock *pb, const Slapi_DN *dn, Slapi_DN **parenddn); @@ -78,6 +79,6 @@ * urp_tombstone.c */ int is_tombstone_entry(const Slapi_Entry* entry); -int tombstone_to_glue(Slapi_PBlock *pb, const char *sessionid, Slapi_Entry *entry, const Slapi_DN *parentdn, const char *reason, CSN *opcsn); +int tombstone_to_glue(Slapi_PBlock *pb, char *sessionid, Slapi_Entry *entry, const Slapi_DN *parentdn, const char *reason, CSN *opcsn); int entry_to_tombstone ( Slapi_PBlock *pb, Slapi_Entry *entry ); PRBool get_tombstone_csn(const Slapi_Entry *entry, const CSN **delcsn);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/urp_glue.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/urp_glue.c
Changed
@@ -153,7 +153,7 @@ "objectclass: top\n" "objectclass: extensibleObject\n" /* JCMREPL - To avoid schema checking. */ "objectclass: glue\n" - "nsuniqueid: %s\n" + "nsuniqueid: %s\n" /* this uniqueid is set to Slapi_Entry in slapi_str2entry. */ "%s: %s\n"; /* Add why it's been created */ static int @@ -166,15 +166,15 @@ Slapi_DN *sdn = NULL; Slapi_RDN *newrdn = slapi_rdn_new_rdn(rdn); char *estr, *rdnstr, *rdntype, *rdnval, *rdnpair; - sdn = slapi_sdn_new_dn_byval(slapi_sdn_get_ndn(superiordn)); + sdn = slapi_sdn_new_ndn_byval(slapi_sdn_get_ndn(superiordn)); slapi_sdn_add_rdn(sdn,rdn); /* must take care of multi-valued rdn: split rdn into different lines introducing * '\n' between each type/value pair. - */ + */ alloc_len = RDNBUFSIZE; rdnstr = slapi_ch_malloc(alloc_len); - rdnpair = rdnstr; + rdnpair = rdnstr; *rdnpair = '\0'; /* so that strlen(rdnstr) may return 0 the first time it's called */ while ((rdnval_index = slapi_rdn_get_next(newrdn, rdnval_index, &rdntype, &rdnval)) != -1) { rdntype_len = strlen(rdntype); @@ -188,7 +188,7 @@ } slapi_ldif_put_type_and_value_with_options(&rdnpair, rdntype, rdnval, rdnval_len, LDIF_OPT_NOWRAP); *rdnpair = '\0'; - } + } estr= slapi_ch_smprintf(glue_entry, slapi_sdn_get_ndn(sdn), rdnstr, uniqueid, ATTR_NSDS5_REPLCONFLICT, reason); slapi_ch_free((void**)&rdnstr); @@ -196,9 +196,7 @@ slapi_ch_free((void**)&newrdn); e = slapi_str2entry( estr, 0 ); PR_ASSERT(e!=NULL); - if ( e!=NULL ) - { - slapi_entry_set_uniqueid (e, slapi_ch_strdup(uniqueid)); + if (e) { op_result = urp_fixup_add_entry (e, NULL, NULL, opcsn, 0); } slapi_ch_free_string(&estr); @@ -232,7 +230,7 @@ slapi_pblock_get( pb, SLAPI_BACKEND, &backend ); slapi_sdn_get_backend_parent ( dn, superiordn, backend ); - slapi_sdn_get_rdn ( dn, rdn ); + slapi_rdn_set_dn_ext(rdn, slapi_sdn_get_dn(dn), 1/* skip nsuniqeid=..., in dn */); while(!done) { @@ -246,16 +244,30 @@ done= 1; break; case LDAP_ALREADY_EXISTS: + { + struct slapi_operation_parameters *op_params; + /* This is okay. While creating a glue, a real entry was added. */ slapi_log_error ( SLAPI_LOG_FATAL, repl_plugin_name, "%s: Skipped creating glue entry %s uniqueid=%s reason Entry Already Exists\n", sessionid, dnstr, uniqueid); + op_result = LDAP_SUCCESS; + /* If we could not create a glue having the nsuniqueid, + * we have to abandon it. */ + slapi_pblock_get(pb, SLAPI_OPERATION_PARAMETERS, &op_params); + slapi_ch_free_string(&op_params->p.p_add.parentuniqueid); done= 1; break; + } case LDAP_NO_SUCH_OBJECT: /* The parent is missing */ { /* JCMREPL - Create the parent ... recursion?... but what's the uniqueid? */ - PR_ASSERT(0); /* JCMREPL */ + slapi_log_error (SLAPI_LOG_FATAL, repl_plugin_name, + "%s: Can't created glue entry %s uniqueid=%s, error %d; " + "Possibly, parent entry is a conflict entry.\n", + sessionid, dnstr, uniqueid, op_result); + done= 1; + break; } default: slapi_log_error ( SLAPI_LOG_FATAL, repl_plugin_name,
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/replication/urp_tombstone.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/replication/urp_tombstone.c
Changed
@@ -84,7 +84,7 @@ static int tombstone_to_glue_resolve_parent ( Slapi_PBlock *pb, - const char *sessionid, + char *sessionid, const Slapi_DN *parentdn, const char *parentuniqueid, CSN *opcsn) @@ -144,7 +144,7 @@ int tombstone_to_glue ( Slapi_PBlock *pb, - const char *sessionid, + char *sessionid, Slapi_Entry *tombstoneentry, const Slapi_DN *tombstonedn, const char *reason, @@ -156,6 +156,7 @@ Slapi_Entry *addingentry; const char *addingdn; int op_result; + int rdn_is_conflict = 0; /* JCMREPL * Nothing logged to the 5.0 Change Log @@ -170,18 +171,19 @@ * which won't help us identify the correct backend to search. */ is_suffix_dn_ext (pb, tombstonedn, &parentdn, 1 /* is_tombstone */); - parentuniqueid= slapi_entry_attr_get_charptr (tombstoneentry, - SLAPI_ATTR_VALUE_PARENT_UNIQUEID); /* Allocated */ + parentuniqueid= slapi_entry_attr_get_charptr (tombstoneentry, SLAPI_ATTR_VALUE_PARENT_UNIQUEID); /* Allocated */ tombstone_to_glue_resolve_parent (pb, sessionid, parentdn, parentuniqueid, opcsn); - slapi_sdn_free(&parentdn); - /* Submit an Add operation to turn the tombstone entry into glue. */ + /* Submit an Add operation to turn the tombstone entry into glue. */ /* * The tombstone is stored with an invalid DN, we must fix this. */ addingentry = slapi_entry_dup(tombstoneentry); addingdn = slapi_sdn_get_dn(tombstonedn); slapi_entry_set_sdn(addingentry, tombstonedn); + /* not just e_sdn, e_rsdn needs to be updated. */ + slapi_rdn_set_all_dn(slapi_entry_get_srdn(addingentry), slapi_entry_get_dn_const(addingentry)); + rdn_is_conflict = slapi_rdn_is_conflict(slapi_entry_get_srdn(addingentry)); if (!slapi_entry_attr_hasvalue(addingentry, ATTR_NSDS5_REPLCONFLICT, reason)) { @@ -189,18 +191,57 @@ slapi_entry_add_string(addingentry, ATTR_NSDS5_REPLCONFLICT, reason); } tombstoneuniqueid= slapi_entry_get_uniqueid(tombstoneentry); - op_result = urp_fixup_add_entry (addingentry, tombstoneuniqueid, parentuniqueid, opcsn, OP_FLAG_RESURECT_ENTRY); + /* + * addingentry and parentuniqueid are consumed in urp_fixup_add_entry, + * regardless of the result. + * Note: addingentry is not really consumed in ldbm_back_add. + * tombstoneentry from DB/entry cache is duplicated and turned to be a glue. + * This addingentry is freed in op_shared_add. + */ + op_result = urp_fixup_add_entry (addingentry, tombstoneuniqueid, slapi_ch_strdup(parentuniqueid), opcsn, OP_FLAG_RESURECT_ENTRY); + if ((LDAP_ALREADY_EXISTS == op_result) && !rdn_is_conflict) { + /* conflict -- there's already the same named entry added. + * But this to-be-glued entry needs to be added since this is a parent of child entries... + * So, rename this tombstone parententry a conflict, glue entry. + * Instead of "fixup_add", we have to "fixup_rename"... + * */ + char *conflictrdn = get_rdn_plus_uniqueid(sessionid, addingdn, tombstoneuniqueid); + if (conflictrdn) { + addingentry = slapi_entry_dup(tombstoneentry); + if (!slapi_entry_attr_hasvalue(addingentry, ATTR_NSDS5_REPLCONFLICT, reason)) { + /* Add the reason of turning it to glue - The backend code will use it*/ + slapi_entry_add_string(addingentry, ATTR_NSDS5_REPLCONFLICT, reason); + } + slapi_log_error (SLAPI_LOG_FATAL, repl_plugin_name, + "%s: Can't resurrect tombstone to glue reason '%s'. " + "Try with conflict dn %s, error=%d\n", + sessionid, reason, addingdn, op_result); + op_result = urp_fixup_rename_entry(addingentry, (const char *)conflictrdn, parentuniqueid, + OP_FLAG_RESURECT_ENTRY|OP_FLAG_TOMBSTONE_ENTRY); + slapi_entry_free(addingentry); + addingentry = NULL; + } + } + slapi_ch_free_string(&parentuniqueid); if (op_result == LDAP_SUCCESS) { slapi_log_error (slapi_log_urp, repl_plugin_name, "%s: Resurrected tombstone %s to glue reason '%s'\n", sessionid, addingdn, reason); } + else if (LDAP_ALREADY_EXISTS == op_result) + { + slapi_log_error(slapi_log_urp, repl_plugin_name, + "%s: No need to turn tombstone %s to glue; it was already resurrected.\n", + sessionid, addingdn); + op_result = LDAP_SUCCESS; + } else { slapi_log_error (SLAPI_LOG_FATAL, repl_plugin_name, "%s: Can't resurrect tombstone %s to glue reason '%s', error=%d\n", sessionid, addingdn, reason, op_result); } + slapi_sdn_free(&parentdn); return op_result; }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/uiduniq/7bit.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/uiduniq/7bit.c
Changed
@@ -455,7 +455,7 @@ which are add or replace ops and are bvalue encoded */ /* find out how many mods meet this criteria */ - for(mods=firstMods;*mods;mods++) + for(mods=firstMods;mods && *mods;mods++) { mod = *mods; if ((slapi_attr_type_cmp(mod->mod_type, attr_name, 1) == 0) && /* mod contains target attr */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/plugins/uiduniq/uid.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/plugins/uiduniq/uid.c
Changed
@@ -761,7 +761,7 @@ which are add or replace ops and are bvalue encoded */ /* find out how many mods meet this criteria */ - for(;*mods;mods++) + for(;mods && *mods;mods++) { mod = *mods; if ((slapi_attr_type_cmp(mod->mod_type, attrName, 1) == 0) && /* mod contains target attr */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/add.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/add.c
Changed
@@ -699,10 +699,17 @@ slapi_pblock_get(pb, SLAPI_ENTRY_POST_OP, &pse); do_ps_service(pse, NULL, LDAP_CHANGETYPE_ADD, 0); - - /* If be_add succeeded, then e is consumed. We - * set e to NULL to prevent freeing it ourselves. */ - e = NULL; + /* + * If be_add succeeded, then e is consumed except the resurect case. + * If it is resurect, the corresponding tombstone entry is resurected + * and put into the cache. + * Otherwise, we set e to NULL to prevent freeing it ourselves. + */ + if (operation_is_flag_set(operation,OP_FLAG_RESURECT_ENTRY) && save_e) { + e = save_e; + } else { + e = NULL; + } } else {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/attrlist.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/attrlist.c
Changed
@@ -288,13 +288,21 @@ if (vals == NULL || vals[0] == NULL) { (void)attrlist_delete(alist, type); } else { - attrlist_find_or_create(alist, type, &a); + int created = attrlist_find_or_create(alist, type, &a); valuearray_init_bervalarray(vals, &values); if (slapi_attr_is_dn_syntax_attr(*a)) { valuearray_dn_normalize_value(values); (*a)->a_flags |= SLAPI_ATTR_FLAG_NORMALIZED_CES; } - rc = attr_replace(*a, values); + rc = attr_replace(*a, values); /* values is consumed */ + if (rc) { + slapi_log_error(SLAPI_LOG_FATAL, "attrlist_replace", + "attr_replace (%s, %s) failed.\n", + type, vals[0]->bv_val); + if (created) { + attrlist_delete(alist, type); + } + } } return rc; } @@ -315,13 +323,21 @@ if (vals == NULL || vals[0] == NULL) { (void)attrlist_delete(alist, type); } else { - attrlist_find_or_create(alist, type, &a); + int created = attrlist_find_or_create(alist, type, &a); valuearray_init_bervalarray_with_flags(vals, &values, flags); if (slapi_attr_is_dn_syntax_attr(*a)) { valuearray_dn_normalize_value(values); (*a)->a_flags |= SLAPI_ATTR_FLAG_NORMALIZED_CES; } rc = attr_replace(*a, values); + if (rc) { + slapi_log_error(SLAPI_LOG_FATAL, "attrlist_replace", + "attr_replace (%s, %s) failed.\n", + type, vals[0]->bv_val); + if (created) { + attrlist_delete(alist, type); + } + } } return rc; }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/auditlog.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/auditlog.c
Changed
@@ -154,7 +154,7 @@ addlenstr( l, attr_changetype ); addlenstr( l, ": modify\n" ); mods = change; - for ( j = 0; mods[j] != NULL; j++ ) + for ( j = 0; (mods != NULL) && (mods[j] != NULL); j++ ) { int operationtype= mods[j]->mod_op & ~LDAP_MOD_BVALUES;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ancestorid.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ancestorid.c
Changed
@@ -136,7 +136,7 @@ LDAPDebug(LDAP_DEBUG_TRACE, "found %lu nodes for ancestorid\n", (u_long)IDL_NIDS(nodes), 0, 0); } else { - idl_free(nodes); + idl_free(&nodes); *idl = NULL; } @@ -264,7 +264,7 @@ /* Insert into ancestorid for this node */ if (id2idl_hash_lookup(ht, &id, &ididl)) { descendants = idl_union_allids(be, ai_aid, ididl->idl, children); - idl_free(children); + idl_free(&children); if (id2idl_hash_remove(ht, &id) == 0) { LDAPDebug(LDAP_DEBUG_ANY, "ancestorid hash_remove failed\n", 0,0,0); } else { @@ -279,21 +279,21 @@ /* Get parentid for this entry */ ret = ldbm_parentid(be, txn, id, &parentid); if (ret != 0) { - idl_free(descendants); + idl_free(&descendants); break; } /* A suffix entry does not have a parent */ if (parentid == NOID) { - idl_free(descendants); + idl_free(&descendants); continue; } /* Insert into ancestorid for this node's parent */ if (id2idl_hash_lookup(ht, &parentid, &ididl)) { IDList *idl = idl_union_allids(be, ai_aid, ididl->idl, descendants); - idl_free(descendants); - idl_free(ididl->idl); + idl_free(&descendants); + idl_free(&(ididl->idl)); ididl->idl = idl; } else { ididl = (id2idl*)slapi_ch_calloc(1,sizeof(id2idl)); @@ -324,7 +324,7 @@ id2idl_hash_destroy(ht); /* Free any leftover idlists */ - idl_free(nodes); + idl_free(&nodes); /* Release the parentid file */ if (db_pid != NULL) { @@ -456,7 +456,7 @@ /* Insert into ancestorid for this node */ ret = idl_store_block(be, db_aid, &key, children, txn, ai_aid); if (ret != 0) { - idl_free(children); + idl_free(&children); break; } @@ -467,13 +467,13 @@ slapi_log_error(SLAPI_LOG_FATAL, sourcefile, "Error: ldbm_parentid on node index [" ID_FMT "] of [" ID_FMT "]\n", nids, nodes->b_nids); - idl_free(children); + idl_free(&children); goto out; } /* A suffix entry does not have a parent */ if (parentid == NOID) { - idl_free(children); + idl_free(&children); break; } @@ -485,7 +485,7 @@ /* Insert into ancestorid for this node's parent */ ret = idl_store_block(be, db_aid, &key, children, txn, ai_aid); if (ret != 0) { - idl_free(children); + idl_free(&children); goto out; } id = parentid; @@ -504,7 +504,7 @@ } /* Free any leftover idlists */ - idl_free(nodes); + idl_free(&nodes); /* Release the parentid file */ if (db_pid != NULL) { @@ -583,7 +583,7 @@ static void id2idl_free(id2idl **ididl) { - idl_free((*ididl)->idl); + idl_free(&((*ididl)->idl)); slapi_ch_free((void**)ididl); } @@ -785,7 +785,7 @@ break; } node_id = idl_firstid(idl); - idl_free(idl); + idl_free(&idl); } /* Update ancestorid for the base entry */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/back-ldbm.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/back-ldbm.h
Changed
@@ -215,6 +215,7 @@ #define DEFAULT_IMPORT_INDEX_BUFFER_SIZE 0 #define SUBLEN 3 #define LDBM_CACHE_RETRY_COUNT 1000 /* Number of times we re-try a cache operation */ +#define RETRY_CACHE_LOCK 2 /* error code to signal a retry of the cache lock */ #define IDL_FETCH_RETRY_COUNT 5 /* Number of times we re-try idl_fetch if it returns deadlock */ #define IMPORT_SUBCOUNT_HASHTABLE_SIZE 500 /* Number of buckets in hash used to accumulate subcount for broody parents */ @@ -892,7 +893,8 @@ /* operation for parent_update_on_childchange */ #define PARENTUPDATE_ADD 0x1 #define PARENTUPDATE_DEL 0x2 -#define PARENTUPDATE_MASK (PARENTUPDATE_ADD|PARENTUPDATE_DEL) +#define PARENTUPDATE_RESURECT 0x4 +#define PARENTUPDATE_MASK (PARENTUPDATE_ADD|PARENTUPDATE_DEL|PARENTUPDATE_RESURECT) #define PARENTUPDATE_CREATE_TOMBSTONE 0x10 #define PARENTUPDATE_DELETE_TOMBSTONE 0x20
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/backentry.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/backentry.c
Changed
@@ -52,6 +52,7 @@ return; } ep = *bep; + PR_ASSERT(ep->ep_state & (ENTRY_STATE_DELETED|ENTRY_STATE_NOTINCACHE)); if ( ep->ep_entry != NULL ) { slapi_entry_free( ep->ep_entry ); }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/cache.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/cache.c
Changed
@@ -890,7 +890,7 @@ } else { - LOG("remove %d from id hash failed\n", e->ep_id, 0, 0); + LOG("remove %s (%d) from id hash failed\n", ndn, e->ep_id, 0); } } #ifdef UUIDCACHE_ON @@ -984,13 +984,19 @@ static int entrycache_replace(struct cache *cache, struct backentry *olde, struct backentry *newe) { - int found; + int found = 0; + int found_in_dn = 0; + int found_in_id = 0; +#ifdef UUIDCACHE_ON + int found_in_uuid = 0; +#endif const char *oldndn; const char *newndn; #ifdef UUIDCACHE_ON const char *olduuid; const char *newuuid; #endif + struct backentry *alte = NULL; LOG("=> entrycache_replace (%s) -> (%s)\n", backentry_get_ndn(olde), backentry_get_ndn(newe), 0); @@ -1013,31 +1019,21 @@ * cache tables, operation error */ if ( (olde->ep_state & ENTRY_STATE_NOTINCACHE) == 0 ) { - int found_in_dn = remove_hash(cache->c_dntable, (void *)oldndn, strlen(oldndn)); - int found_in_id = remove_hash(cache->c_idtable, &(olde->ep_id), sizeof(ID)); + found_in_dn = remove_hash(cache->c_dntable, (void *)oldndn, strlen(oldndn)); + found_in_id = remove_hash(cache->c_idtable, &(olde->ep_id), sizeof(ID)); #ifdef UUIDCACHE_ON - int found_in_uuid = remove_hash(cache->c_uuidtable, (void *)olduuid, strlen(olduuid)); + found_in_uuid = remove_hash(cache->c_uuidtable, (void *)olduuid, strlen(olduuid)); #endif found = found_in_dn && found_in_id; #ifdef UUIDCACHE_ON found = found && found_in_uuid; #endif - if (!found) { -#ifdef UUIDCACHE_ON - LOG("entry cache replace: cache index tables out of sync - found dn [%d] id [%d] uuid [%d]\n", - found_in_dn, found_in_id, found_in_uuid); -#else - LOG("entry cache replace: cache index tables out of sync - found dn [%d] id [%d]\n", - found_in_dn, found_in_id, 0); -#endif - PR_Unlock(cache->c_mutex); - return 1; - } } - if (! entry_same_dn(newe, (void *)oldndn) && - (newe->ep_state & ENTRY_STATE_NOTINCACHE) == 0) { - /* if we're doing a modrdn, the new entry can be in the dn table - * already, so we need to remove that too. + /* If fails, we have to make sure the both entires are removed from the cache, + * otherwise, we have no idea what's left in the cache or not... */ + if (!entry_same_dn(newe, (void *)oldndn) && (newe->ep_state & ENTRY_STATE_NOTINCACHE) == 0) { + /* if we're doing a modrdn or turning an entry to a tombstone, + * the new entry can be in the dn table already, so we need to remove that too. */ if (remove_hash(cache->c_dntable, (void *)newndn, strlen(newndn))) { @@ -1046,20 +1042,44 @@ LOG("entry cache replace remove entry size %lu\n", newe->ep_size, 0, 0); } } - + /* + * The old entry could have been "removed" between the add and this replace, + * The entry is NOT freed, but NOT in the dn hash. + * which could happen since the entry is not necessarily locked. + * This is ok. + */ + olde->ep_state = ENTRY_STATE_DELETED; /* olde is removed from the cache, so set DELETED here. */ + if (!found) { + if (olde->ep_state & ENTRY_STATE_DELETED) { + LOG("entry cache replace (%s): cache index tables out of sync - found dn [%d] id [%d]; but the entry is alreay deleted.\n", + oldndn, found_in_dn, found_in_id); + } else { +#ifdef UUIDCACHE_ON + LOG("entry cache replace: cache index tables out of sync - found dn [%d] id [%d] uuid [%d]\n", + found_in_dn, found_in_id, found_in_uuid); +#else + LOG("entry cache replace (%s): cache index tables out of sync - found dn [%d] id [%d]\n", + oldndn, found_in_dn, found_in_id); +#endif + PR_Unlock(cache->c_mutex); + return 1; + } + } /* now, add the new entry to the hashtables */ /* (probably don't need such extensive error handling, once this has been * tested enough that we believe it works.) */ - if (!add_hash(cache->c_dntable, (void *)newndn, strlen(newndn), newe, NULL)) { - LOG("entry cache replace: can't add dn\n", 0, 0, 0); + if (!add_hash(cache->c_dntable, (void *)newndn, strlen(newndn), newe, (void **)&alte)) { + LOG("entry cache replace (%s): can't add to dn table (returned %s)\n", + newndn, alte?slapi_entry_get_dn(alte->ep_entry):"none", 0); PR_Unlock(cache->c_mutex); return 1; } - if (!add_hash(cache->c_idtable, &(newe->ep_id), sizeof(ID), newe, NULL)) { - LOG("entry cache replace: can't add id\n", 0, 0, 0); + if (!add_hash(cache->c_idtable, &(newe->ep_id), sizeof(ID), newe, (void **)&alte)) { + LOG("entry cache replace (%s): can't add to id table (returned %s)\n", + newndn, alte?slapi_entry_get_dn(alte->ep_entry):"none", 0); if(remove_hash(cache->c_dntable, (void *)newndn, strlen(newndn)) == 0){ - LOG("entry cache replace: failed to remove dn table\n", 0, 0, 0); + LOG("entry cache replace: failed to remove dn table\n", 0, 0, 0); } PR_Unlock(cache->c_mutex); return 1; @@ -1069,10 +1089,10 @@ newe, NULL)) { LOG("entry cache replace: can't add uuid\n", 0, 0, 0); if(remove_hash(cache->c_dntable, (void *)newndn, strlen(newndn)) == 0){ - LOG("entry cache replace: failed to remove dn table(uuid cache)\n", 0, 0, 0); + LOG("entry cache replace: failed to remove dn table(uuid cache)\n", 0, 0, 0); } if(remove_hash(cache->c_idtable, &(newe->ep_id), sizeof(ID)) == 0){ - LOG("entry cache replace: failed to remove id table(uuid cache)\n", 0, 0, 0); + LOG("entry cache replace: failed to remove id table(uuid cache)\n", 0, 0, 0); } PR_Unlock(cache->c_mutex); return 1; @@ -1086,7 +1106,6 @@ } else if (newe->ep_size < olde->ep_size) { slapi_counter_subtract(cache->c_cursize, olde->ep_size - newe->ep_size); } - olde->ep_state = ENTRY_STATE_DELETED; newe->ep_state = 0; PR_Unlock(cache->c_mutex); LOG("<= entrycache_replace OK, cache size now %lu cache count now %ld\n", @@ -1269,7 +1288,7 @@ PR_Lock(cache->c_mutex); if (! add_hash(cache->c_dntable, (void *)ndn, strlen(ndn), e, (void **)&my_alt)) { - LOG("entry \"%s\" already in dn cache\n", backentry_get_ndn(e), 0, 0); + LOG("entry \"%s\" already in dn cache\n", ndn, 0, 0); /* add_hash filled in 'my_alt' if necessary */ if (my_alt == e) { @@ -1309,14 +1328,15 @@ { if (my_alt->ep_state & ENTRY_STATE_CREATING) { - LOG("the entry is reserved\n", 0, 0, 0); + LOG("the entry %s is reserved (ep_state: 0x%x, state: 0x%x\n", ndn, e->ep_state, state); e->ep_state |= ENTRY_STATE_NOTINCACHE; PR_Unlock(cache->c_mutex); return -1; } else if (state != 0) { - LOG("the entry already exists. cannot reserve it.\n", 0, 0, 0); + LOG("the entry %s already exists. cannot reserve it. (ep_state: 0x%x, state: 0x%x\n", + ndn, e->ep_state, state); e->ep_state |= ENTRY_STATE_NOTINCACHE; PR_Unlock(cache->c_mutex); return -1; @@ -1328,6 +1348,11 @@ if ((*alt)->ep_refcnt == 0) lru_delete(cache, (void *)*alt); (*alt)->ep_refcnt++; + LOG("the entry %s already exists. returning existing entry %s (state: 0x%x)\n", + ndn, backentry_get_ndn(my_alt), state); + } else { + LOG("the entry %s already exists. Not returning existing entry %s (state: 0x%x)\n", + ndn, backentry_get_ndn(my_alt), state); } PR_Unlock(cache->c_mutex); return 1; @@ -1342,7 +1367,7 @@ if (state == 0) { /* neither of these should fail, or something is very wrong. */ if (! add_hash(cache->c_idtable, &(e->ep_id), sizeof(ID), e, NULL)) { - LOG("entry %s already in id cache!\n", backentry_get_ndn(e), 0, 0); + LOG("entry %s already in id cache!\n", ndn, 0, 0); if (already_in) { /* there's a bug in the implementatin of 'modify' and 'modrdn' * that i'm working around here. basically they do a @@ -1364,10 +1389,12 @@ return 0; } if(remove_hash(cache->c_dntable, (void *)ndn, strlen(ndn)) == 0){ - LOG("entrycache_add_int: failed to remove dn table\n", 0, 0, 0); + LOG("entrycache_add_int: failed to remove %s from dn table\n", 0, 0, 0); } e->ep_state |= ENTRY_STATE_NOTINCACHE; PR_Unlock(cache->c_mutex); + LOG("entrycache_add_int: failed to add %s to cache (ep_state: %x, already_in: %d)\n",
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/dbhelp.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/dbhelp.c
Changed
@@ -139,6 +139,12 @@ (*(p + sizeof(LDBM_ENTRYRDN_STR) - 1) == '.')) { /* entryrdn.db */ struct attrinfo *ai = NULL; + if (NULL == inst) { + LDAPDebug0Args(LDAP_DEBUG_ANY, + "dblayer_copy_file_keybykey(entryrdn), " + "dup_cmp_fn cannot be retrieved since inst is NULL.\n"); + goto error; + } ainfo_get(inst->inst_be, LDBM_ENTRYRDN_STR, &ai); if (ai->ai_dup_cmp_fn) { /* If set, use the special dup compare callback */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/dblayer.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/dblayer.c
Changed
@@ -5526,17 +5526,15 @@ char *dest_dir, int restore, int *cnt, - int instance_dir_flag, int indexonly, - int resetlsns) + int resetlsns, + int is_changelog) { dblayer_private *priv = NULL; char *new_src_dir = NULL; char *new_dest_dir = NULL; PRDir *dirhandle = NULL; PRDirEntry *direntry = NULL; - size_t filename_length = 0; - size_t offset = 0; char *compare_piece = NULL; char *filename1; char *filename2; @@ -5545,8 +5543,8 @@ char *inst_dirp = NULL; char inst_dir[MAXPATHLEN]; char sep; - int suffix_len = 0; - ldbm_instance *inst = NULL; + int src_is_fullpath = 0; + ldbm_instance *inst = NULL; if (!src_dir || '\0' == *src_dir) { @@ -5570,20 +5568,28 @@ else relative_instance_name++; - inst = ldbm_instance_find_by_name(li, relative_instance_name); - if (NULL == inst) { - LDAPDebug(LDAP_DEBUG_ANY, "Backend instance \"%s\" does not exist; " - "Instance path %s could be invalid.\n", - relative_instance_name, src_dir, 0); - return return_value; + if (is_fullpath(src_dir)) { + src_is_fullpath = 1; + } + if (is_changelog) { + if (!src_is_fullpath) { + LDAPDebug1Arg(LDAP_DEBUG_ANY, "Changelogdir \"%s\" is not full path; " + "Skipping it.\n", src_dir); + return 0; + } + } else { + inst = ldbm_instance_find_by_name(li, relative_instance_name); + if (NULL == inst) { + LDAPDebug(LDAP_DEBUG_ANY, "Backend instance \"%s\" does not exist; " + "Instance path %s could be invalid.\n", + relative_instance_name, src_dir, 0); + return return_value; + } } - if (is_fullpath(src_dir)) - { + if (src_is_fullpath) { new_src_dir = src_dir; - } - else - { + } else { int len; inst_dirp = dblayer_get_full_inst_dir(inst->inst_li, inst, @@ -5610,7 +5616,6 @@ return return_value; } - suffix_len = sizeof(LDBM_SUFFIX) - 1; while (NULL != (direntry = PR_ReadDir(dirhandle, PR_SKIP_DOT | PR_SKIP_DOT_DOT))) { @@ -5624,15 +5629,10 @@ continue; } - /* Look at the last three characters in the filename */ - filename_length = strlen(direntry->name); - if (filename_length > suffix_len) { - offset = filename_length - suffix_len; - } else { - offset = 0; + compare_piece = PL_strrchr((char *)direntry->name, '.'); + if (NULL == compare_piece) { + compare_piece = (char *)direntry->name; } - compare_piece = (char *)direntry->name + offset; - /* rename .db3 -> .db4 or .db4 -> .db */ if (0 == strcmp(compare_piece, LDBM_FILENAME_SUFFIX) || 0 == strcmp(compare_piece, LDBM_SUFFIX_OLD) || @@ -5732,6 +5732,7 @@ /* * Get changelogdir from cn=changelog5,cn=config * The value does not have trailing spaces nor slashes. + * The changelogdir value must be a fullpath. */ static int _dblayer_get_changelogdir(struct ldbminfo *li, char **changelogdir) @@ -5947,7 +5948,7 @@ return_value = dblayer_copy_directory(li, task, changelogdir, changelog_destdir, 0 /* backup */, - &cnt, 0, 0, 0); + &cnt, 0, 0, 1); if (return_value) { LDAPDebug(LDAP_DEBUG_ANY, "Backup: error in copying directory " @@ -6619,7 +6620,8 @@ /* Get the parent dir of changelogdir */ *cldirname = '\0'; return_value = dblayer_copy_directory(li, task, filename1, - changelogdir, 1 /* restore */, &cnt, 0, 0, 0); + changelogdir, 1 /* restore */, + &cnt, 0, 0, 1); *cldirname = '/'; if (return_value) { LDAPDebug1Arg(LDAP_DEBUG_ANY, @@ -6651,7 +6653,7 @@ restore_dir = inst->inst_parent_dir_name; /* If we're doing a partial restore, we need to reset the LSNs on the data files */ if (dblayer_copy_directory(li, task, filename1, - restore_dir, 1 /* restore */, &cnt, 0, 0, (bename) ? 1 : 0) == 0) + restore_dir, 1 /* restore */, &cnt, 0, (bename) ? 1 : 0, 0) == 0) continue; else {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/filterindex.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/filterindex.c
Changed
@@ -399,7 +399,7 @@ LDAPDebug(LDAP_DEBUG_TRACE, "fallback to eq index as pres index gave allids\n", 0, 0, 0); - idl_free(idl); + idl_free(&idl); idl = index_range_read_ext(pb, be, type, indextype_EQUALITY, SLAPI_OP_GREATER_OR_EQUAL, NULL, NULL, 0, &txn, err, allidslimit); @@ -481,7 +481,7 @@ else if (keys == NULL || keys[0] == NULL) { /* no keys */ - idl_free (idl); + idl_free (&idl); idl = idl_allids (be); } else @@ -516,8 +516,8 @@ else { IDList* tmp = idl_intersection (be, idl2, idl3); - idl_free (idl2); - idl_free (idl3); + idl_free (&idl2); + idl_free (&idl3); idl2 = tmp; } if (idl2 == NULL) break; /* look no further */ @@ -529,8 +529,8 @@ else if (idl2 != NULL) { IDList* tmp = idl_union (be, idl, idl2); - idl_free (idl); - idl_free (idl2); + idl_free (&idl); + idl_free (&idl2); idl = tmp; } } @@ -797,7 +797,7 @@ { LDAPDebug( LDAP_DEBUG_TRACE, "<= list_candidates NULL\n", 0, 0, 0 ); - idl_free( idl ); + idl_free( &idl ); idl = NULL; goto out; } @@ -807,7 +807,7 @@ == NULL && ftype == LDAP_FILTER_AND ) { LDAPDebug( LDAP_DEBUG_TRACE, "<= list_candidates NULL\n", 0, 0, 0 ); - idl_free( idl ); + idl_free( &idl ); idl = NULL; goto out; } @@ -822,18 +822,24 @@ } } else if ( ftype == LDAP_FILTER_AND ) { if (isnot) { - IDList *new_idl = NULL; - int notin_result = 0; - notin_result = idl_notin( be, idl, tmp, &new_idl ); - if (notin_result) { - idl_free(idl); - idl = new_idl; + /* + * If tmp is NULL or ALLID, idl_notin just duplicates idl. + * We don't have to do it. + */ + if (!tmp && !idl_is_allids(tmp)) { + IDList *new_idl = NULL; + int notin_result = 0; + notin_result = idl_notin( be, idl, tmp, &new_idl ); + if (notin_result) { + idl_free(&idl); + idl = new_idl; + } } } else { idl = idl_intersection(be, idl, tmp); - idl_free( tmp2 ); + idl_free( &tmp2 ); } - idl_free( tmp ); + idl_free( &tmp ); /* stop if the list has gotten too small */ if ((idl == NULL) || (idl_length(idl) <= FILTER_TEST_THRESHOLD)) @@ -843,8 +849,8 @@ slapi_pblock_get( pb, SLAPI_OPERATION, &operation ); idl = idl_union( be, idl, tmp ); - idl_free( tmp ); - idl_free( tmp2 ); + idl_free( &tmp ); + idl_free( &tmp2 ); /* stop if we're already committed to an exhaustive * search. :( */ @@ -853,7 +859,7 @@ if (op_is_pagedresults(operation)) { int nids = IDL_NIDS(idl); if ( allidslimit > 0 && nids > allidslimit ) { - idl_free( idl ); + idl_free( &idl ); idl = idl_allids( be ); } } @@ -976,7 +982,7 @@ } #endif if ( idl2 == NULL ) { - idl_free( idl ); + idl_free( &idl ); idl = NULL; break; } @@ -988,8 +994,8 @@ tmp = idl; idl = idl_intersection(be, idl, idl2); - idl_free( idl2 ); - idl_free( tmp ); + idl_free( &idl2 ); + idl_free( &tmp ); if ( idl == NULL ) { break; }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/idl.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/idl.c
Changed
@@ -280,12 +280,12 @@ if ( ! INDIRECT_BLOCK( idl ) ) { /* make sure we have the current value of highest id */ if ( ALLIDS(idl) ) { - idl_free( idl ); + idl_free( &idl ); idl = idl_allids( be ); } return( idl ); } - idl_free( idl ); + idl_free( &idl ); /* Taking a transaction is expensive; so we try and optimize for the common case by not taking one above. If we have a indirect block; we need to take a transaction and re-read @@ -307,7 +307,7 @@ dblayer_read_txn_commit(li,&s_txn); /* make sure we have the current value of highest id */ if ( ALLIDS(idl) ) { - idl_free( idl ); + idl_free( &idl ); idl = idl_allids( be ); } return( idl ); @@ -367,7 +367,7 @@ dblayer_read_txn_commit(li,&s_txn); tmp[i] = NULL; slapi_ch_free((void**)&kstr ); - idl_free( idl ); + idl_free( &idl ); /* allocate space for the big block */ idl = idl_alloc( nids ); @@ -384,7 +384,7 @@ tmp[i]->b_nids * sizeof(ID) ); nids += tmp[i]->b_nids; - idl_free( tmp[i] ); + idl_free( &tmp[i] ); } slapi_ch_free((void**)&tmp ); @@ -629,7 +629,7 @@ rc, (msg = dblayer_strerror( rc )) ? msg : "", 0 ); } - idl_free( idl ); + idl_free( &idl ); idl_unlock_list(a->ai_idl,key); return( rc ); } @@ -655,10 +655,10 @@ case 3: /* id not inserted - block must be split */ /* check threshold for marking this an all-id block */ if ( a->ai_idl->idl_maxindirect < 2 ) { - idl_free( idl ); + idl_free( &idl ); idl = idl_allids( be ); rc = idl_store( be, db, key, idl, txn ); - idl_free( idl ); + idl_free( &idl ); idl_unlock_list(a->ai_idl,key); if ( rc != 0 && rc != DB_LOCK_DEADLOCK) @@ -673,7 +673,7 @@ } idl_split_block( idl, id, &tmp, &tmp2 ); - idl_free( idl ); + idl_free( &idl ); /* create the header indirect block */ idl = idl_alloc( 3 ); @@ -686,9 +686,9 @@ /* store it */ rc = idl_store( be, db, key, idl, txn ); if ( rc != 0 ) { - idl_free( idl ); - idl_free( tmp ); - idl_free( tmp2 ); + idl_free( &idl ); + idl_free( &tmp ); + idl_free( &tmp2 ); if ( rc != DB_LOCK_DEADLOCK ) { LDAPDebug( LDAP_DEBUG_ANY, "idl_insert_key 3 BAD %d %s\n", @@ -712,9 +712,9 @@ k2.dsize = strlen( kstr ) + 1; rc = idl_store( be, db, &k2, tmp2, txn ); if ( rc != 0 ) { - idl_free( idl ); - idl_free( tmp ); - idl_free( tmp2 ); + idl_free( &idl ); + idl_free( &tmp ); + idl_free( &tmp2 ); if ( rc != DB_LOCK_DEADLOCK ) { LDAPDebug( LDAP_DEBUG_ANY, "idl_insert_key 4 BAD %d %s\n", @@ -726,12 +726,12 @@ "idl_insert_key", "split", key, id); slapi_ch_free((void**)&kstr ); - idl_free( tmp ); - idl_free( tmp2 ); + idl_free( &tmp ); + idl_free( &tmp2 ); break; } - idl_free( idl ); + idl_free( &idl ); idl_unlock_list(a->ai_idl,key); if ( rc != 0 && rc != DB_LOCK_DEADLOCK ) { @@ -759,7 +759,7 @@ (u_long)id, key.dptr, i); #endif idl_unlock_list(a->ai_idl,key); - idl_free( idl ); + idl_free( &idl ); return( 0 ); } if ( i != 0 ) { @@ -783,7 +783,7 @@ LDAPDebug( LDAP_DEBUG_ANY, "nonexistent continuation block (%s)\n", k2.dptr, 0, 0 ); idl_unlock_list(a->ai_idl,key); - idl_free( idl ); + idl_free( &idl ); slapi_ch_free((void**)&kstr ); return( -1 ); } @@ -911,9 +911,9 @@ slapi_ch_free( (void **)&(k2.dptr) ); slapi_ch_free( (void **)&(k3.dptr) ); - idl_free( tmp ); - idl_free( tmp2 ); - idl_free( idl ); + idl_free( &tmp ); + idl_free( &tmp2 ); + idl_free( &idl ); idl_unlock_list(a->ai_idl,key); return( rc ); @@ -941,7 +941,7 @@ * which is not correct. */ rc = 0; - idl_free( tmp2 ); + idl_free( &tmp2 ); break; } if ( rc != 0 ) { @@ -986,7 +986,7 @@ /* store allid block in place of header block */ if ( 0 == rc ) { - idl_free( idl ); + idl_free( &idl ); idl = idl_allids( be ); rc = idl_store( be, db, key, idl, txn ); if (NULL != disposition) { @@ -996,14 +996,14 @@ slapi_ch_free( (void **)&(k2.dptr) ); slapi_ch_free( (void **)&(k3.dptr) ); - idl_free( idl ); - idl_free( tmp ); + idl_free( &idl ); + idl_free( &tmp ); idl_unlock_list(a->ai_idl,key); return( rc ); } idl_split_block( tmp, id, &tmp2, &tmp3 ); - idl_free( tmp ); + idl_free( &tmp ); /* create a new updated indirect header block */ tmp = idl_alloc( idl->b_nmax + 1 ); @@ -1021,8 +1021,8 @@ /* store the header block */ rc = idl_store( be, db, key, tmp, txn ); if ( rc != 0 ) { - idl_free( tmp2 ); - idl_free( tmp3 ); + idl_free( &tmp2 ); + idl_free( &tmp3 ); break; } @@ -1033,8 +1033,8 @@ k2.dsize = strlen( kstr ) + 1; rc = idl_store( be, db, &k2, tmp2, txn ); if ( rc != 0 ) { - idl_free( tmp2 ); - idl_free( tmp3 ); + idl_free( &tmp2 );
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/idl_common.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/idl_common.c
Changed
@@ -85,13 +85,13 @@ } void -idl_free( IDList *idl ) /* JCM - pass in ** */ +idl_free( IDList **idl ) { - if ( idl == NULL ) { + if ((NULL == idl) || (NULL == *idl)) { return; } - slapi_ch_free((void**)&idl ); + slapi_ch_free((void**)idl); } @@ -151,7 +151,7 @@ /* copy over the existing contents */ idl_new->b_nids = idl->b_nids; memcpy(idl_new->b_ids, idl->b_ids, sizeof(ID) * idl->b_nids); - idl_free(idl); + idl_free(&idl); idl = idl_new; } @@ -243,7 +243,7 @@ } if ( ni == 0 ) { - idl_free( n ); + idl_free( &n ); return( NULL ); } n->b_nids = ni; @@ -355,7 +355,7 @@ } if ( ni == n->b_nmax ) { - idl_free( n ); + idl_free( &n ); *new_result = idl_allids( be ); } else { n->b_nids = ni; @@ -494,3 +494,9 @@ return t; } +ID idl_iterator_dereference_decrement(idl_iterator *i, const IDList *idl) +{ + idl_iterator_decrement(i); + return idl_iterator_dereference(*i,idl); + +}
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/idl_new.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/idl_new.c
Changed
@@ -277,7 +277,7 @@ idl_rc = idl_append_extend(&idl, id); if (idl_rc) { LDAPDebug(LDAP_DEBUG_ANY, "unable to extend id list (err=%d)\n", idl_rc, 0, 0); - idl_free(idl); idl = NULL; + idl_free(&idl); goto error; } @@ -314,7 +314,7 @@ idl_rc = idl_append_extend(&idl, id); if (idl_rc) { LDAPDebug(LDAP_DEBUG_ANY, "unable to extend id list (err=%d)\n", idl_rc); - idl_free(idl); idl = NULL; + idl_free(&idl); goto error; } #if defined(DB_ALLIDS_ON_READ) @@ -330,7 +330,7 @@ #endif if (ret != DB_NOTFOUND) { - idl_free(idl); idl = NULL; + idl_free(&idl); ldbm_nasty(filename,59,ret); goto error; } @@ -339,7 +339,7 @@ /* check for allids value */ if (idl != NULL && idl->b_nids == 1 && idl->b_ids[0] == ALLID) { - idl_free(idl); + idl_free(&idl); idl = idl_allids(be); LDAPDebug(LDAP_DEBUG_TRACE, "idl_new_fetch %s returns allids\n", key.data, 0, 0);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/import-merge.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/import-merge.c
Changed
@@ -169,8 +169,8 @@ IDList *new_idl = idl_union(be, current_entry->thang.payload.idl, idl); - idl_free(current_entry->thang.payload.idl); - idl_free(idl); + idl_free(&(current_entry->thang.payload.idl)); + idl_free(&idl); current_entry->thang.payload.idl = new_idl; /* Add this file id into the entry's referenced list */ (current_entry->file_referenced_list)[fileno] = 1; @@ -567,7 +567,7 @@ ret = idl_store_block(be, output_file, &key, thang.payload.idl, NULL, worker->index_info->ai); /* Free the key we got back from the queue */ - idl_free(thang.payload.idl); + idl_free(&(thang.payload.idl)); thang.payload.idl = NULL; } slapi_ch_free(&(key.data));
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/import-threads.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/import-threads.c
Changed
@@ -2005,7 +2005,7 @@ */ if (IDL) { ID id = idl_firstid(IDL); /* entrydn is a single attr */ - idl_free(IDL); + idl_free(&IDL); if (id != entry->ep_id) { /* case (2) */ import_log_notice(job, "Duplicated entrydn detected: \"%s\": " "Entry ID: (%d, %d)", @@ -2031,7 +2031,7 @@ "\"%s\" found at line %d of file \"%s\"", slapi_entry_get_dn(entry->ep_entry), fi->line, fi->filename); - idl_free(IDL); + idl_free(&IDL); /* skip this one */ fi->bad = FIFOITEM_BAD; job->skipped++; @@ -2349,9 +2349,9 @@ goto error; } - if (entryrdn_get_switch() /* subtree-rename: on */ || - !slapi_entry_flag_is_set(fi->entry->ep_entry, - SLAPI_ENTRY_FLAG_TOMBSTONE)) { + if ((entryrdn_get_switch() /* subtree-rename: on */ && + !slapi_entry_flag_is_set(fi->entry->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE)) || + !entryrdn_get_switch() ) { /* parentid index * (we have to do this here, because the parentID is dependent on * looking up by entrydn/entryrdn.) @@ -2362,7 +2362,7 @@ if (ret != 0) goto error; } - + if (!slapi_entry_flag_is_set(fi->entry->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE)) { /* Lastly, before we're finished with the entry, pass it to the
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/index.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/index.c
Changed
@@ -197,7 +197,7 @@ goto error; } slapi_ch_free( &(bin->key.data) ); - idl_free(bin->value); + idl_free(&(bin->value)); /* If we're already at allids, store an allids block to prevent needless accumulation of blocks */ if (old_idl && ALLIDS(old_idl)) { bin->value = idl_allids(be); @@ -207,10 +207,10 @@ } error: if (old_idl) { - idl_free(old_idl); + idl_free(&old_idl); } if (new_idl && need_to_freed_new_idl) { - idl_free(new_idl); + idl_free(&new_idl); } dblayer_release_index_file( be, a, db ); return ret; @@ -268,8 +268,7 @@ for (i = 0; i < handle->buffer_size; i++) { bin = &(handle->bins[i]); if (bin->value) { - idl_free(bin->value); - bin->value = NULL; + idl_free(&(bin->value)); } slapi_ch_free(&(bin->key.data)); } @@ -1511,9 +1510,7 @@ */ /* Check to see if we've already looked too hard */ if (idl != NULL && lookthrough_limit != -1 && idl->b_nids > (ID)lookthrough_limit) { - if (NULL != idl) { - idl_free(idl); - } + idl_free(&idl); idl = idl_allids( be ); LDAPDebug(LDAP_DEBUG_TRACE, "index_range_read lookthrough_limit exceeded\n", 0, 0, 0); @@ -1538,10 +1535,7 @@ * when the connection is closed by the client). */ if ( slapi_op_abandoned( pb )) { - if (NULL != idl) { - idl_free(idl); - idl = NULL; - } + idl_free(&idl); LDAPDebug(LDAP_DEBUG_TRACE, "index_range_read - operation abandoned\n", 0, 0, 0); break; /* clean up happens outside the while() loop */ @@ -1577,7 +1571,7 @@ /* idl tmp only contains one id */ /* append it at the end here; sort idlist at the end */ if (ALLIDS(tmp)) { - idl_free(idl); + idl_free(&idl); idl = tmp; } else { ID id; @@ -1588,7 +1582,7 @@ 1097, *err); } } - idl_free(tmp); + idl_free(&tmp); } if (ALLIDS(idl)) { LDAPDebug(LDAP_DEBUG_TRACE, "index_range_read hit an allids value\n",
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_add.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_add.c
Changed
@@ -79,7 +79,6 @@ backend *be; struct ldbminfo *li; ldbm_instance *inst; - const char *dn = NULL; Slapi_Entry *e = NULL; struct backentry *tombstoneentry = NULL; struct backentry *addingentry = NULL; @@ -94,8 +93,8 @@ char *msg; int managedsait; int ldap_result_code = LDAP_SUCCESS; - char *ldap_result_message= NULL; - char *ldap_result_matcheddn= NULL; + char *ldap_result_message = NULL; + char *ldap_result_matcheddn = NULL; int retry_count = 0; int disk_full = 0; modify_context parent_modify_c = {0}; @@ -117,6 +116,8 @@ int is_ruv = 0; /* True if the current entry is RUV */ CSN *opcsn = NULL; entry_address addr = {0}; + int parent_switched = 0; + int noabort = 1; slapi_pblock_get( pb, SLAPI_PLUGIN_PRIVATE, &li ); slapi_pblock_get( pb, SLAPI_ADD_ENTRY, &e ); @@ -209,15 +210,14 @@ slapi_pblock_get( pb, SLAPI_ADD_TARGET_SDN, &sdn ); if (NULL == sdn) { - LDAPDebug0Args(LDAP_DEBUG_ANY, - "ldbm_back_add: Null target dn\n"); + LDAPDebug0Args(LDAP_DEBUG_ANY, "ldbm_back_add: FETCH_EXISTING_DN_ENTRY is set, but target dn is NULL.\n"); + ldap_result_code = LDAP_OPERATIONS_ERROR; goto error_return; } /* not need to check the dn syntax as this is a replicated op */ if(!is_replicated_operation){ - dn = slapi_sdn_get_dn(sdn); - ldap_result_code = slapi_dn_syntax_check(pb, dn, 1); + ldap_result_code = slapi_dn_syntax_check(pb, slapi_sdn_get_dn(sdn), 1); if (ldap_result_code) { ldap_result_code = LDAP_INVALID_DN_SYNTAX; @@ -225,7 +225,10 @@ goto error_return; } } - + /* + * If the parent is conflict, slapi_sdn_get_backend_parent does not support it. + * That is, adding children to a conflict entry is not allowed. + */ slapi_sdn_get_backend_parent(sdn, &parentsdn, pb->pb_backend); /* Check if an entry with the intended DN already exists. */ done_with_pblock_entry(pb,SLAPI_ADD_EXISTING_DN_ENTRY); /* Could be through this multiple times */ @@ -233,30 +236,27 @@ addr.udn = NULL; addr.uniqueid = NULL; ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_EXISTING_DN_ENTRY, !is_replicated_operation); - if(ldap_result_code==LDAP_OPERATIONS_ERROR || - ldap_result_code==LDAP_INVALID_DN_SYNTAX) - { - goto error_return; + if ((ldap_result_code == LDAP_OPERATIONS_ERROR) || (ldap_result_code==LDAP_INVALID_DN_SYNTAX)) { + goto error_return; } } /* if we can find the parent by dn or uniqueid, and the operation has requested the parent then get it */ - if(have_parent_address(&parentsdn, operation->o_params.p.p_add.parentuniqueid) && - slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_PARENT_ENTRY)) - { + if (have_parent_address(&parentsdn, operation->o_params.p.p_add.parentuniqueid) && + slapi_isbitset_int(rc,SLAPI_RTN_BIT_FETCH_PARENT_ENTRY)) { done_with_pblock_entry(pb,SLAPI_ADD_PARENT_ENTRY); /* Could be through this multiple times */ addr.sdn = &parentsdn; addr.udn = NULL; addr.uniqueid = operation->o_params.p.p_add.parentuniqueid; - ldap_result_code= get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_PARENT_ENTRY, !is_replicated_operation); - /* need to set parentsdn or parentuniqueid if either is not set? */ + ldap_result_code = get_copy_of_entry(pb, &addr, &txn, SLAPI_ADD_PARENT_ENTRY, + !is_replicated_operation); } /* Call the Backend Pre Add plugins */ + ldap_result_code = LDAP_SUCCESS; slapi_pblock_set(pb, SLAPI_RESULT_CODE, &ldap_result_code); - rc= plugin_call_plugins(pb, SLAPI_PLUGIN_BE_PRE_ADD_FN); - if(rc==-1) - { + rc = plugin_call_plugins(pb, SLAPI_PLUGIN_BE_PRE_ADD_FN); + if (rc == -1) { int opreturn = 0; /* * Plugin indicated some kind of failure, @@ -283,7 +283,7 @@ * the loop once again to get the new present state. */ /* JCMREPL - Warning: A Plugin could cause an infinite loop by always returning a result code that requires some action. */ - } + } /* * Originally (in the U-M LDAP 3.3 code), there was a comment near this @@ -308,10 +308,14 @@ /* Set the parentuniqueid now */ operation->o_params.p.p_add.parentuniqueid = slapi_ch_strdup(slapi_entry_get_uniqueid(parententry->ep_entry)); } - if (slapi_sdn_isempty(&parentsdn)) { + if (slapi_sdn_isempty(&parentsdn) || + slapi_sdn_compare(&parentsdn, slapi_entry_get_sdn(parententry->ep_entry))) { /* Set the parentsdn now */ slapi_sdn_set_dn_byval(&parentsdn, slapi_entry_get_dn_const(parententry->ep_entry)); } + } else { + LDAPDebug2Args(LDAP_DEBUG_BACKLDBM, "find_entry2modify_only returned NULL parententry pdn: %s, uniqueid: %s\n", + slapi_sdn_get_dn(&parentsdn), addr.uniqueid?addr.uniqueid:"none"); } modify_init(&parent_modify_c,parententry); } @@ -319,11 +323,39 @@ /* Check if the entry we have been asked to add already exists */ { Slapi_Entry *entry; - slapi_pblock_get( pb, SLAPI_ADD_EXISTING_DN_ENTRY, &entry); - if ( entry != NULL ) - { - /* The entry already exists */ - ldap_result_code= LDAP_ALREADY_EXISTS; + slapi_pblock_get(pb, SLAPI_ADD_EXISTING_DN_ENTRY, &entry); + if (entry) { + if (is_resurect_operation) { + Slapi_Entry *uniqentry; + slapi_pblock_get(pb, SLAPI_ADD_EXISTING_UNIQUEID_ENTRY, &uniqentry); + if (uniqentry == entry) { + /* + * adding entry having the uniqueid exists. + * No need to resurrect. + */ + ldap_result_code = LDAP_SUCCESS; + } else { + /* + * The entry having the DN already exists. + * But the + */ + if (uniqentry) { + if (PL_strcmp(slapi_entry_get_uniqueid(entry), + slapi_entry_get_uniqueid(uniqentry))) { + /* Not match; conflict. */ + ldap_result_code = LDAP_ALREADY_EXISTS; + } else { + /* Same entry; no need to resurrect. */ + ldap_result_code = LDAP_SUCCESS; + } + } else { + ldap_result_code = LDAP_ALREADY_EXISTS; + } + } + } else { + /* The entry already exists */ + ldap_result_code = LDAP_ALREADY_EXISTS; + } goto error_return; } else @@ -334,7 +366,7 @@ * entry we did match has a referral we should return * instead. we do this only if managedsait is not on. */ - if ( !managedsait && !is_tombstone_operation ) + if (!managedsait && !is_tombstone_operation && !is_resurect_operation) { int err= 0; Slapi_DN ancestorsdn; @@ -391,14 +423,14 @@ if ( tombstoneentry==NULL ) { ldap_result_code= -1; - goto error_return; /* error result sent by find_entry2modify() */ + goto error_return; /* error result sent by find_entry2modify() */ } tombstone_in_cache = 1; addingentry = backentry_dup( tombstoneentry ); if ( addingentry==NULL ) { - ldap_result_code= LDAP_OPERATIONS_ERROR; + ldap_result_code = LDAP_OPERATIONS_ERROR; goto error_return; } /* @@ -410,17 +442,21 @@ */ if (NULL == sdn) { LDAPDebug0Args(LDAP_DEBUG_ANY, "ldbm_back_add: Null target dn\n"); + ldap_result_code = LDAP_OPERATIONS_ERROR;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_attrcrypt_config.c
Changed
@@ -287,7 +287,7 @@ return SLAPI_DSE_CALLBACK_ERROR; } - for (i = 0; mods[i] != NULL; i++) { + for (i = 0; (mods != NULL) && (mods[i] != NULL); i++) { char *config_attr = (char *)mods[i]->mod_type;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_config.c
Changed
@@ -2006,7 +2006,7 @@ * 2nd pass: set apply mods to 1 to apply changes to internal storage */ for ( apply_mod = 0; apply_mod <= 1 && LDAP_SUCCESS == rc; apply_mod++ ) { - for (i = 0; mods[i] && LDAP_SUCCESS == rc; i++) { + for (i = 0; mods && mods[i] && LDAP_SUCCESS == rc; i++) { attr_name = mods[i]->mod_type; /* There are some attributes that we don't care about, like modifiersname. */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_delete.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_delete.c
Changed
@@ -75,7 +75,7 @@ modify_context ruv_c = {0}; int rc = 0; int ldap_result_code= LDAP_SUCCESS; - char *ldap_result_message= NULL; + char *ldap_result_message = NULL; Slapi_DN *sdnp = NULL; char *e_uniqueid = NULL; Slapi_DN nscpEntrySDN; @@ -91,6 +91,7 @@ /* replication, we must create a new tombstone entry */ int tombstone_in_cache = 0; int e_in_cache = 0; + int remove_e_from_cache = 0; entry_address *addr; int addordel_flags = 0; /* passed to index_addordel */ char *entryusn_str = NULL; @@ -108,6 +109,7 @@ slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation ); slapi_sdn_init(&nscpEntrySDN); + slapi_sdn_init(&parentsdn); /* dblayer_txn_init needs to be called before "goto error_return" */ dblayer_txn_init(li,&txn); @@ -177,18 +179,29 @@ } /* find and lock the entry we are about to modify */ + /* + * A corner case: + * If a conflict occurred in a MMR topology, a replicated delete + * op from another master could target a conflict entry; while the + * corresponding entry on this server could have been already + * deleted. That is, the entry 'e' found with "addr" is a tomb- + * stone. If it is the case, we need to back off. + */ if ( (e = find_entry2modify( pb, be, addr, &txn )) == NULL ) { ldap_result_code= LDAP_NO_SUCH_OBJECT; /* retval is -1 */ + LDAPDebug0Args(LDAP_DEBUG_BACKLDBM, "ldbm_back_delete: Deleting entry is already deleted.\n"); goto error_return; /* error result sent by find_entry2modify() */ } e_in_cache = 1; /* e is cached */ - if ( slapi_entry_has_children( e->ep_entry ) ) - { + retval = slapi_entry_has_children(e->ep_entry); + if (retval) { ldap_result_code= LDAP_NOT_ALLOWED_ON_NONLEAF; - /* retval is -1 */ + slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_delete", "Deleting entry %s has %d children.\n", + slapi_entry_get_dn(e->ep_entry), retval); + retval = -1; goto error_return; } @@ -220,7 +233,17 @@ * Plugin indicated some kind of failure, * or that this Operation became a No-Op. */ + slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code); if (!ldap_result_code) { + if (LDAP_ALREADY_EXISTS == ldap_result_code) { + /* + * The target entry is already a tombstone. + * We need to treat this as a success, + * but we need to remove the entry e from the entry cache. + */ + remove_e_from_cache = 1; + ldap_result_code = LDAP_SUCCESS; + } slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code); } /* restore original entry so the front-end delete code can free it */ @@ -232,8 +255,7 @@ goto error_return; } /* the flag could be set in a preop plugin (e.g., USN) */ - delete_tombstone_entry = operation_is_flag_set(operation, - OP_FLAG_TOMBSTONE_ENTRY); + delete_tombstone_entry = operation_is_flag_set(operation, OP_FLAG_TOMBSTONE_ENTRY); } /* @@ -321,7 +343,6 @@ * seems to deadlock the database when dblayer_txn_begin is * called. */ - slapi_sdn_init(&parentsdn); slapi_sdn_get_backend_parent_ext(sdnp, &parentsdn, pb->pb_backend, is_tombstone_entry); if ( !slapi_sdn_isempty(&parentsdn) ) { @@ -335,25 +356,50 @@ * (find_entry2modify_only_ext), a wrong parent could be found, * and numsubordinate count could get confused. */ - ID pid = (ID)strtol(pid_str, (char **)NULL, 10); + ID pid; + int cache_retry_count = 0; + int cache_retry = 0; + + pid = (ID)strtol(pid_str, (char **)NULL, 10); slapi_ch_free_string(&pid_str); - parent = id2entry(be, pid ,NULL, &retval); - if (parent && cache_lock_entry(&inst->inst_cache, parent)) { - /* Failed to obtain parent entry's entry lock */ - CACHE_RETURN(&(inst->inst_cache), &parent); - retval = -1; - goto error_return; + + /* + * Its possible that the parent entry retrieved from the cache in id2entry + * could be removed before we lock it, because tombstone purging updated/replaced + * the parent. If we fail to lock the entry, just try again. + */ + while(1){ + parent = id2entry(be, pid ,NULL, &retval); + if (parent && (cache_retry = cache_lock_entry(&inst->inst_cache, parent))) { + /* Failed to obtain parent entry's entry lock */ + if(cache_retry == RETRY_CACHE_LOCK && + cache_retry_count < LDBM_CACHE_RETRY_COUNT) + { + /* try again */ + DS_Sleep(PR_MillisecondsToInterval(100)); + cache_retry_count++; + continue; + } + retval = -1; + CACHE_RETURN(&(inst->inst_cache), &parent); + goto error_return; + } else { + /* entry locked, move on */ + break; + } } } if (NULL == parent) { entry_address parent_addr; - + if (is_tombstone_entry) { + parent_addr.uniqueid = slapi_entry_attr_get_charptr(e->ep_entry, SLAPI_ATTR_VALUE_PARENT_UNIQUEID); + } else { + parent_addr.uniqueid = NULL; + } parent_addr.sdn = &parentsdn; - parent_addr.uniqueid = NULL; - parent = find_entry2modify_only_ext(pb, be, &parent_addr, - TOMBSTONE_INCLUDED, &txn); + parent = find_entry2modify_only_ext(pb, be, &parent_addr, TOMBSTONE_INCLUDED, &txn); } - if (NULL != parent) { + if (parent) { int isglue; size_t haschildren = 0; int op = PARENTUPDATE_DEL; @@ -370,11 +416,11 @@ } else if (delete_tombstone_entry) { op |= PARENTUPDATE_DELETE_TOMBSTONE; } - retval = parent_update_on_childchange(&parent_modify_c, - op, &haschildren); + retval = parent_update_on_childchange(&parent_modify_c, op, &haschildren); /* The modify context now contains info needed later */ if (0 != retval) { ldap_result_code= LDAP_OPERATIONS_ERROR; + slapi_sdn_done(&parentsdn); goto error_return; } @@ -393,7 +439,6 @@ } } } - slapi_sdn_done(&parentsdn); if(create_tombstone_entry) { @@ -404,10 +449,18 @@ */ const char *childuniqueid= slapi_entry_get_uniqueid(e->ep_entry); const char *parentuniqueid= NULL; - char *tombstone_dn = compute_entry_tombstone_dn(slapi_entry_get_dn(e->ep_entry), - childuniqueid); + char *edn = slapi_entry_get_dn(e->ep_entry); + char *tombstone_dn; Slapi_Value *tomb_value; + if (slapi_is_special_rdn(edn, RDN_IS_TOMBSTONE)) { + LDAPDebug1Arg(LDAP_DEBUG_ANY, "Turning a tombstone into a tombstone! \"%s\"\n", edn); + ldap_result_code= LDAP_OPERATIONS_ERROR; + retval = -1; + goto error_return; + } + tombstone_dn = compute_entry_tombstone_dn(edn, childuniqueid); + slapi_sdn_set_ndn_byval(&nscpEntrySDN, slapi_sdn_get_ndn(slapi_entry_get_sdn(e->ep_entry))); /* Copy the entry unique_id for URP conflict checking */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
Changed
@@ -387,7 +387,7 @@ rc = slapi_rdn_init_all_sdn(&srdn, sdn); if (rc < 0) { - slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG, + slapi_log_error(SLAPI_LOG_BACKLDBM, ENTRYRDN_TAG, "entryrdn_index_read: Param error: Failed to convert " "%s to Slapi_RDN\n", slapi_sdn_get_dn(sdn)); rc = LDAP_INVALID_DN_SYNTAX; @@ -501,7 +501,8 @@ Slapi_RDN *newsrdn, /* new rdn */ const Slapi_DN *newsupsdn, /* new superior dn */ ID id, - back_txn *txn) + back_txn *txn, + int flags) { int rc = -1; struct attrinfo *ai = NULL; @@ -543,7 +544,7 @@ goto bail; } - rc = slapi_rdn_init_all_sdn(&oldsrdn, oldsdn); + rc = slapi_rdn_init_all_sdn_ext(&oldsrdn, oldsdn, flags); if (rc < 0) { slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG, "entryrdn_rename_subtree: Failed to convert olddn " @@ -968,7 +969,8 @@ const Slapi_DN *sdn, ID id, IDList **subordinates, - back_txn *txn) + back_txn *txn, + int flags) { int rc = -1; struct attrinfo *ai = NULL; @@ -1000,7 +1002,7 @@ goto bail; } - rc = slapi_rdn_init_all_sdn(&srdn, sdn); + rc = slapi_rdn_init_all_sdn_ext(&srdn, sdn, flags); if (rc) { if (rc < 0) { slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG, @@ -1088,7 +1090,7 @@ bail: if (rc && subordinates && *subordinates) { - idl_free(*subordinates); + idl_free(subordinates); } slapi_ch_free_string(&keybuf); slapi_ch_free((void **)&elem); @@ -2793,6 +2795,8 @@ int issuffix = 0; Slapi_RDN *tmpsrdn = NULL; int db_retry = 0; + int done = 0; + char buffer[RDN_BULK_FETCH_BUFFER_SIZE]; slapi_log_error(SLAPI_LOG_TRACE, ENTRYRDN_TAG, "--> _entryrdn_delete_key\n"); @@ -2826,45 +2830,79 @@ /* check if the target element has a child or not */ keybuf = slapi_ch_smprintf("%c%u", RDN_INDEX_CHILD, id); key.data = (void *)keybuf; - key.size = key.ulen = strlen(nrdn) + 1; + key.size = key.ulen = strlen(keybuf) + 1; key.flags = DB_DBT_USERMEM; + /* Setting the bulk fetch buffer */ memset(&data, 0, sizeof(data)); - data.flags = DB_DBT_MALLOC; + data.ulen = sizeof(buffer); + data.size = sizeof(buffer); + data.data = buffer; + data.flags = DB_DBT_USERMEM; - for (db_retry = 0; db_retry < RETRY_TIMES; db_retry++) { - rc = cursor->c_get(cursor, &key, &data, DB_SET); - if (rc) { + done = 0; + while (!done) { + rc = cursor->c_get(cursor, &key, &data, DB_SET|DB_MULTIPLE); + if (DB_LOCK_DEADLOCK == rc) { + slapi_log_error(ENTRYRDN_LOGLEVEL(rc), ENTRYRDN_TAG, + "_entryrdn_delete_key: cursor get deadlock\n"); +#ifdef FIX_TXN_DEADLOCKS +#error if txn != NULL, have to retry the entire transaction +#endif + /* try again */ + continue; + } else if (DB_NOTFOUND == rc) { + /* no children; ok */ + done = 1; + continue; + } else if (rc) { + _entryrdn_cursor_print_error("_entryrdn_delete_key", + key.data, data.size, data.ulen, rc); + goto bail; + } + + do { + rdn_elem *childelem = NULL; + DBT dataret; + void *ptr; + DB_MULTIPLE_INIT(ptr, &data); + do { + memset(&dataret, 0, sizeof(dataret)); + DB_MULTIPLE_NEXT(ptr, &data, dataret.data, dataret.size); + if (NULL == dataret.data || NULL == ptr) { + break; + } + childelem = (rdn_elem *)dataret.data; + if (!slapi_is_special_rdn(childelem->rdn_elem_nrdn_rdn, RDN_IS_TOMBSTONE)) { + /* there's at least one live child */ + slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG, + "_entryrdn_delete_key: Failed to remove %s; " + "has a child %s\n", nrdn, + (char *)childelem->rdn_elem_nrdn_rdn); + rc = -1; + goto bail; + } + } while (NULL != dataret.data && NULL != ptr); +retry_get: + rc = cursor->c_get(cursor, &key, &data, DB_NEXT_DUP|DB_MULTIPLE); if (DB_LOCK_DEADLOCK == rc) { slapi_log_error(ENTRYRDN_LOGLEVEL(rc), ENTRYRDN_TAG, - "_entryrdn_delete_key: cursor get deadlock\n"); + "_entryrdn_delete_key: retry cursor get deadlock\n"); +#ifdef FIX_TXN_DEADLOCKS +#error if txn != NULL, have to retry the entire transaction +#endif /* try again */ - if (db_txn) { - goto bail; /* have to abort/retry the entire transaction */ - } else { - ENTRYRDN_DELAY; /* sleep for a bit then retry immediately */ - } - } else if (DB_NOTFOUND != rc) { + goto retry_get; + } else if (DB_NOTFOUND == rc) { + rc = 0; + done = 1; + break; + } else if (rc) { _entryrdn_cursor_print_error("_entryrdn_delete_key", key.data, data.size, data.ulen, rc); goto bail; - } else { - break; /* DB_NOTFOUND - ok */ } - } else { - slapi_ch_free(&data.data); - slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG, - "_entryrdn_delete_key: Failed to remove %s; " - "has children\n", nrdn); - rc = -1; - goto bail; - } - } - if (RETRY_TIMES == db_retry) { - slapi_log_error(SLAPI_LOG_FATAL, ENTRYRDN_TAG, - "_entryrdn_delete_key: failed after [%d] iterations\n", db_retry); - rc = DB_LOCK_DEADLOCK; - goto bail; + } while (0 == rc); } workid = id;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_index_config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_index_config.c
Changed
@@ -341,19 +341,26 @@ int ldbm_instance_index_config_enable_index(ldbm_instance *inst, Slapi_Entry* e) { - char *index_name; - int rc; + char *index_name = NULL; + int rc = LDAP_SUCCESS; + struct attrinfo *ai = NULL; - rc=ldbm_index_parse_entry(inst, e, "from DSE add", &index_name); + index_name = slapi_entry_attr_get_charptr(e, "cn"); + if (index_name) { + ainfo_get(inst->inst_be, index_name, &ai); + } + if (!ai) { + rc=ldbm_index_parse_entry(inst, e, "from DSE add", &index_name); + } if (rc == LDAP_SUCCESS) { /* Assume the caller knows if it is OK to go online immediately */ - struct attrinfo *ai = NULL; - - ainfo_get(inst->inst_be, index_name, &ai); + if (!ai) { + ainfo_get(inst->inst_be, index_name, &ai); + } PR_ASSERT(ai != NULL); ai->ai_indexmask &= ~INDEX_OFFLINE; - slapi_ch_free((void **)&index_name); - } + } + slapi_ch_free_string(&index_name); return rc; }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c
Changed
@@ -767,7 +767,7 @@ * 2nd pass: set apply mods to 1 to apply changes to internal storage */ for ( apply_mod = 0; apply_mod <= 1 && LDAP_SUCCESS == rc; apply_mod++ ) { - for (i = 0; mods[i] && LDAP_SUCCESS == rc; i++) { + for (i = 0; mods && mods[i] && LDAP_SUCCESS == rc; i++) { attr_name = mods[i]->mod_type; if (strcasecmp(attr_name, CONFIG_INSTANCE_SUFFIX) == 0) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_modify.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_modify.c
Changed
@@ -116,9 +116,57 @@ ldbm_instance *inst = (ldbm_instance *) be->be_instance_info; int ret = 0; if (mc->old_entry!=NULL && mc->new_entry!=NULL) { - ret = cache_replace(&(inst->inst_cache), mc->old_entry, mc->new_entry); - if (ret == 0) mc->new_entry_in_cache = 1; + ret = cache_replace(&(inst->inst_cache), mc->old_entry, mc->new_entry); + if (ret == 0) { + mc->new_entry_in_cache = 1; + } else { + LDAPDebug(LDAP_DEBUG_CACHE, "modify_switch_entries: replacing %s with %s failed (%d)\n", + slapi_entry_get_dn(mc->old_entry->ep_entry), + slapi_entry_get_dn(mc->new_entry->ep_entry), ret); + } + } + return ret; +} + +/* + * Switch the new with the old(original) - undoing modify_switch_entries() + * This expects modify_term() to be called next, as the old "new" entry + * is now gone(replaced by the original entry). + */ +int +modify_unswitch_entries(modify_context *mc,backend *be) +{ + struct backentry *tmp_be; + ldbm_instance *inst = (ldbm_instance *) be->be_instance_info; + int ret = 0; + + if (mc->old_entry!=NULL && mc->new_entry!=NULL) { + /* switch the entries, and reset the new, new, entry */ + tmp_be = mc->new_entry; + mc->new_entry = mc->old_entry; + mc->new_entry->ep_state = 0; + mc->new_entry->ep_refcnt = 0; + mc->new_entry_in_cache = 0; + mc->old_entry = tmp_be; + + ret = cache_replace(&(inst->inst_cache), mc->old_entry, mc->new_entry); + if (ret == 0) { + /* + * The new entry was originally locked, so since we did the + * switch we need to unlock the "new" entry, and return the + * "old" one. modify_term() will then return the "new" entry. + */ + cache_unlock_entry(&inst->inst_cache, mc->new_entry); + CACHE_RETURN( &(inst->inst_cache), &(mc->old_entry) ); + mc->new_entry_in_cache = 1; + mc->old_entry = NULL; + } else { + LDAPDebug(LDAP_DEBUG_CACHE, "modify_unswitch_entries: replacing %s with %s failed (%d)\n", + slapi_entry_get_dn(mc->old_entry->ep_entry), + slapi_entry_get_dn(mc->new_entry->ep_entry), ret); + } } + return ret; } @@ -253,7 +301,7 @@ * If the objectClass attribute type was modified in any way, expand * the objectClass values to reflect the inheritance hierarchy. */ - for ( i = 0; mods[i] != NULL && !repl_op; ++i ) { + for ( i = 0; (mods != NULL) && (mods[i] != NULL) && !repl_op; ++i ) { if ( 0 == strcasecmp( SLAPI_ATTR_OBJECTCLASS, mods[i]->mod_type )) { slapi_schema_expand_objectclasses( ec->ep_entry ); break; @@ -406,7 +454,7 @@ } if (!is_fixup_operation) { - if (slapi_entry_flag_is_set(e->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE)) { + if (!repl_op && slapi_entry_flag_is_set(e->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE)) { ldap_result_code = LDAP_UNWILLING_TO_PERFORM; ldap_result_message = "Operation not allowed on tombstone entry."; slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_modify", @@ -684,6 +732,12 @@ MOD_SET_ERROR(ldap_result_code, LDAP_OPERATIONS_ERROR, retry_count); goto error_return; } + /* e uncached */ + /* we must return both e (which has been deleted) and new entry ec */ + /* cache_replace removes e from the caches */ + cache_unlock_entry( &inst->inst_cache, e ); + CACHE_RETURN( &inst->inst_cache, &e ); + /* lock new entry in cache to prevent usage until we are complete */ cache_lock_entry( &inst->inst_cache, ec ); ec_in_cache = 1; @@ -694,10 +748,6 @@ /* invalidate virtual cache */ ec->ep_entry->e_virtual_watermark = 0; - /* we must return both e (which has been deleted) and new entry ec */ - /* cache_replace removes e from the caches */ - cache_unlock_entry( &inst->inst_cache, e ); - CACHE_RETURN( &inst->inst_cache, &e ); /* * LP Fix of crash when the commit will fail: * If the commit fail, the common error path will @@ -776,6 +826,7 @@ LDAPDebug1Arg( LDAP_DEBUG_TRACE, "SLAPI_PLUGIN_BE_TXN_POST_MODIFY_FN plugin " "returned error code %d\n", retval ); slapi_pblock_get(pb, SLAPI_RESULT_CODE, &ldap_result_code); + slapi_pblock_get(pb, SLAPI_PB_RESULT_TEXT, &ldap_result_message); slapi_pblock_get(pb, SLAPI_PLUGIN_OPRETURN, &opreturn); if (!opreturn) { slapi_pblock_set(pb, SLAPI_PLUGIN_OPRETURN, ldap_result_code ? &ldap_result_code : &retval); @@ -795,8 +846,10 @@ CACHE_REMOVE( &inst->inst_cache, ec ); /* if ec was in cache, e was not - add back e */ if (e) { - CACHE_ADD( &inst->inst_cache, e, NULL ); - cache_lock_entry( &inst->inst_cache, e ); + if (CACHE_ADD( &inst->inst_cache, e, NULL )) { + LDAPDebug1Arg( LDAP_DEBUG_CACHE, "ldbm_modify: CACHE_ADD %s failed\n", + slapi_entry_get_dn(e->ep_entry)); + } } } @@ -811,11 +864,12 @@ else { backentry_free(&ec); - } - - if (e!=NULL) { - cache_unlock_entry( &inst->inst_cache, e); - CACHE_RETURN( &inst->inst_cache, &e); + /* if ec was not in cache, cache_replace was not done. + * i.e., e was not unlocked. */ + if (e) { + cache_unlock_entry( &inst->inst_cache, e); + CACHE_RETURN( &inst->inst_cache, &e); + } } /* result code could be used in the bepost plugin functions. */ @@ -854,7 +908,7 @@ LDAPMod *tmp; /* remove any attempts by the user to modify these attrs */ - for ( i = 0; mods[i] != NULL; i++ ) { + for ( i = 0; (mods != NULL) && (mods[i] != NULL); i++ ) { if ( strcasecmp( mods[i]->mod_type, numsubordinates ) == 0 || strcasecmp( mods[i]->mod_type, hassubordinates ) == 0 ) {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
Changed
@@ -45,10 +45,10 @@ #include "back-ldbm.h" -static const char *moddn_get_newdn(Slapi_PBlock *pb, Slapi_DN *dn_olddn, Slapi_DN *dn_newrdn, Slapi_DN *dn_newsuperiordn); +static const char *moddn_get_newdn(Slapi_PBlock *pb, Slapi_DN *dn_olddn, Slapi_DN *dn_newrdn, Slapi_DN *dn_newsuperiordn, int is_tombstone); static void moddn_unlock_and_return_entry(backend *be,struct backentry **targetentry); static int moddn_newrdn_mods(Slapi_PBlock *pb, const char *olddn, struct backentry *ec, Slapi_Mods *smods_wsi, int is_repl_op); -static IDList *moddn_get_children(back_txn *ptxn, Slapi_PBlock *pb, backend *be, struct backentry *parententry, Slapi_DN *parentdn, struct backentry ***child_entries, struct backdn ***child_dns); +static IDList *moddn_get_children(back_txn *ptxn, Slapi_PBlock *pb, backend *be, struct backentry *parententry, Slapi_DN *parentdn, struct backentry ***child_entries, struct backdn ***child_dns, int is_resurect_operation); static int moddn_rename_children(back_txn *ptxn, Slapi_PBlock *pb, backend *be, IDList *children, Slapi_DN *dn_parentdn, Slapi_DN *dn_newsuperiordn, struct backentry *child_entries[]); static int modrdn_rename_entry_update_indexes(back_txn *ptxn, Slapi_PBlock *pb, struct ldbminfo *li, struct backentry *e, struct backentry **ec, Slapi_Mods *smods1, Slapi_Mods *smods2, Slapi_Mods *smods3, int *e_in_cache, int *ec_in_cache); static void mods_remove_nsuniqueid(Slapi_Mods *smods); @@ -111,6 +111,8 @@ int dblock_acquired= 0; int is_replicated_operation= 0; int is_fixup_operation = 0; + int is_resurect_operation = 0; + int is_tombstone = 0; entry_address new_addr; entry_address *old_addr; entry_address oldparent_addr; @@ -136,6 +138,8 @@ slapi_pblock_get( pb, SLAPI_IS_REPLICATED_OPERATION, &is_replicated_operation ); is_ruv = operation_is_flag_set(operation, OP_FLAG_REPL_RUV); is_fixup_operation = operation_is_flag_set(operation, OP_FLAG_REPL_FIXUP); + is_resurect_operation = operation_is_flag_set(operation,OP_FLAG_RESURECT_ENTRY); + is_tombstone = operation_is_flag_set(operation,OP_FLAG_TOMBSTONE_ENTRY); /* tombstone_to_glue on parent entry*/ if (NULL == sdn) { slapi_send_ldap_result( pb, LDAP_INVALID_DN_SYNTAX, NULL, @@ -168,7 +172,13 @@ slapi_pblock_get( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, &dn_newsuperiordn ); slapi_sdn_init_normdn_byref(&dn_newrdn, newrdn); /* slapi_sdn_init_normdn_byref(&dn_newsuperiordn, newsuperiordn); */ - slapi_sdn_get_parent(sdn, &dn_parentdn); + if (is_resurect_operation) { + /* no need to free this pdn. */ + const char *pdn = slapi_dn_find_parent_ext(slapi_sdn_get_dn(sdn), is_resurect_operation); + slapi_sdn_set_dn_byval(&dn_parentdn, pdn); + } else { + slapi_sdn_get_parent(sdn, &dn_parentdn); + } } /* if old and new superior are equals, newsuperior should not be set @@ -235,7 +245,7 @@ * it's passed to slapi_sdn_init_normdn_byref */ slapi_pblock_get(pb, SLAPI_MODRDN_NEWRDN, &newrdn); slapi_sdn_init_normdn_byref(&dn_newrdn, newrdn); - newdn= moddn_get_newdn(pb,sdn, &dn_newrdn, dn_newsuperiordn); + newdn = moddn_get_newdn(pb, sdn, &dn_newrdn, dn_newsuperiordn, is_tombstone); slapi_sdn_set_dn_passin(&dn_newdn,newdn); new_addr.sdn = &dn_newdn; new_addr.udn = NULL; @@ -353,11 +363,14 @@ } e_in_cache = 1; /* e is in the cache and locked */ if (slapi_entry_flag_is_set(e->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE) ) { - ldap_result_code = LDAP_UNWILLING_TO_PERFORM; - ldap_result_message = "Operation not allowed on tombstone entry."; - slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_modrdn", - "Attempt to rename a tombstone entry %s\n", slapi_sdn_get_dn(slapi_entry_get_sdn_const( e->ep_entry ))); - goto error_return; + if (!is_resurect_operation) { + ldap_result_code = LDAP_UNWILLING_TO_PERFORM; + ldap_result_message = "Operation not allowed on tombstone entry."; + slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_modrdn", + "Attempt to rename a tombstone entry %s\n", + slapi_sdn_get_dn(slapi_entry_get_sdn_const( e->ep_entry ))); + goto error_return; + } } /* Check that an entry with the same DN doesn't already exist. */ { @@ -375,7 +388,11 @@ /* Fetch and lock the parent of the entry that is moving */ oldparent_addr.sdn = &dn_parentdn; - oldparent_addr.uniqueid = NULL; + if (is_resurect_operation) { + oldparent_addr.uniqueid = operation->o_params.p.p_modrdn.modrdn_newsuperior_address.uniqueid; + } else { + oldparent_addr.uniqueid = NULL; + } parententry = find_entry2modify_only( pb, be, &oldparent_addr, &txn ); modify_init(&parent_modify_context,parententry); @@ -383,7 +400,11 @@ if(slapi_sdn_get_ndn(dn_newsuperiordn) != NULL) { slapi_pblock_get (pb, SLAPI_MODRDN_NEWSUPERIOR_ADDRESS, &newsuperior_addr); + if (is_resurect_operation) { + newsuperior_addr->uniqueid = slapi_entry_attr_get_charptr(e->ep_entry, SLAPI_ATTR_VALUE_PARENT_UNIQUEID); + } newparententry = find_entry2modify_only( pb, be, newsuperior_addr, &txn ); + slapi_ch_free_string(&newsuperior_addr->uniqueid); modify_init(&newparent_modify_context,newparententry); } @@ -426,8 +447,7 @@ } slapi_pblock_set( pb, SLAPI_MODRDN_NEWSUPERIOR_SDN, dn_newsuperiordn ); } - slapi_sdn_set_dn_passin(&dn_newdn, - moddn_get_newdn(pb, sdn, &dn_newrdn, dn_newsuperiordn)); + slapi_sdn_set_dn_passin(&dn_newdn, moddn_get_newdn(pb, sdn, &dn_newrdn, dn_newsuperiordn, is_tombstone)); /* Check that we're allowed to add an entry below the new superior */ if ( newparententry == NULL ) @@ -528,6 +548,57 @@ slapi_rdn_done(&srdn); } + if(is_resurect_operation) { + slapi_log_error(SLAPI_LOG_REPL, "ldbm_back_modrdn", + "Resurrecting an entry %s\n", slapi_entry_get_dn(ec->ep_entry)); + slapi_entry_attr_delete(ec->ep_entry, SLAPI_ATTR_VALUE_PARENT_UNIQUEID); + slapi_entry_delete_string(ec->ep_entry, SLAPI_ATTR_OBJECTCLASS, SLAPI_ATTR_VALUE_TOMBSTONE); + /* Now also remove the nscpEntryDN */ + if (slapi_entry_attr_delete(ec->ep_entry, SLAPI_ATTR_NSCP_ENTRYDN) != 0){ + LDAPDebug(LDAP_DEBUG_REPL, "Resurrection of %s - Couldn't remove %s\n", + slapi_entry_get_dn(ec->ep_entry), SLAPI_ATTR_NSCP_ENTRYDN, 0); + } + + /* Set the reason (this is only a reason why modrdn is needed for resurrection) */ + slapi_entry_add_string(ec->ep_entry, "nsds5ReplConflict", "deletedEntryHasChildren"); + + /* Clear the Tombstone Flag in the entry */ + slapi_entry_clear_flag(ec->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE); + + /* make sure the objectclass + - does not contain any duplicate values + - has CSNs for the new values we added + */ + { + Slapi_Attr *sa = NULL; + Slapi_Value sv; + const struct berval *svbv = NULL; + + /* add the extensibleobject objectclass with csn if not present */ + slapi_entry_attr_find(ec->ep_entry, SLAPI_ATTR_OBJECTCLASS, &sa); + slapi_value_init_string(&sv, "extensibleobject"); + svbv = slapi_value_get_berval(&sv); + if (slapi_attr_value_find(sa, svbv)) { /* not found, so add it */ + if (opcsn) { + value_update_csn(&sv, CSN_TYPE_VALUE_UPDATED, opcsn); + } + slapi_attr_add_value(sa, &sv); + } + value_done(&sv); + + /* add the glue objectclass with csn if not present */ + slapi_value_init_string(&sv, "glue"); + svbv = slapi_value_get_berval(&sv); + if (slapi_attr_value_find(sa, svbv)) { /* not found, so add it */ + if (opcsn) { + value_update_csn(&sv, CSN_TYPE_VALUE_UPDATED, opcsn); + } + slapi_attr_add_value(sa, &sv); + } + value_done(&sv); + } + } + /* create it in the cache - prevents others from creating it */ if (( cache_add_tentative( &inst->inst_cache, ec, NULL ) != 0 ) ) { ec_in_cache = 0; /* not in cache */ @@ -537,6 +608,10 @@ /* somebody must've created it between dn2entry() and here */ /* JCMREPL - Hmm... we can't permit this to happen...? */ ldap_result_code= LDAP_ALREADY_EXISTS; + if (is_resurect_operation) { + slapi_log_error(SLAPI_LOG_CACHE, "ldbm_back_modrdn", + "cache_add_tentative failed: %s\n", slapi_entry_get_dn(ec->ep_entry)); + } goto error_return; } /* so if the old dn is the same as the new dn, the entry will not be cached @@ -584,8 +659,8 @@ } } - slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); - slapi_mods_init_byref(&smods_operation_wsi,mods); + slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); + slapi_mods_init_byref(&smods_operation_wsi,mods); /* * We are about to pass the last abandon test, so from now on we are @@ -675,10 +750,8 @@ /* * Update the subordinate count of the parents to reflect the moved child. */ - if ( parententry!=NULL ) - { - retval = parent_update_on_childchange(&parent_modify_context, - PARENTUPDATE_DEL, NULL); + if (parententry) { + retval = parent_update_on_childchange(&parent_modify_context, PARENTUPDATE_DEL, NULL);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_search.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldbm_search.c
Changed
@@ -46,6 +46,16 @@ #include "back-ldbm.h" #include "vlv_srch.h" +/* + * Used for ldap_result passed to ldbm_back_search_cleanup. + * If (ldap_result == LDBM_SRCH_DEFAULT_RESULT) || (ldap_result == LDAP_SUCCESS), + * don't call slapi_send_ldap_result. + * Note: mozldap ldap_result codes are all positive; openldap result codes could + * be negative values. OL (-1) is LDAP_SERVER_DOWN. Thus, it's safe to + * borrow the value here. + */ +#define LDBM_SRCH_DEFAULT_RESULT (-1) + /* prototypes */ static int build_candidate_list( Slapi_PBlock *pb, backend *be, struct backentry *e, const char * base, int scope, @@ -160,12 +170,14 @@ char* ldap_result_description, int function_result, struct vlv_request *vlv_request_control, - struct backentry *e) + struct backentry *e, + IDList *candidates) { int estimate = 0; /* estimated search result count */ backend *be; ldbm_instance *inst; back_search_result_set *sr = NULL; + int free_candidates = 1; slapi_pblock_get( pb, SLAPI_BACKEND, &be ); inst = (ldbm_instance *) be->be_instance_info; @@ -175,20 +187,27 @@ { sort_spec_free(sort_control); } - if(ldap_result>=LDAP_SUCCESS) - { + if ((ldap_result != LDBM_SRCH_DEFAULT_RESULT) && (ldap_result != LDAP_SUCCESS)) { slapi_send_ldap_result( pb, ldap_result, NULL, ldap_result_description, 0, NULL ); } /* code to free the result set if we don't need it */ /* We get it and check to see if the structure was ever used */ slapi_pblock_get(pb, SLAPI_SEARCH_RESULT_SET, &sr); if (sr) { - if (function_result) { + if (function_result) { /* failed case */ slapi_pblock_set(pb, SLAPI_SEARCH_RESULT_SET_SIZE_ESTIMATE, &estimate); slapi_pblock_set(pb, SLAPI_SEARCH_RESULT_ENTRY, NULL); + if (sr->sr_candidates == candidates) { + free_candidates = 0; + } delete_search_result_set(pb, &sr); + } else if (sr->sr_candidates == candidates) { /* succeeded case */ + free_candidates = 0; } } + if (free_candidates) { + idl_free(&candidates); + } if (vlv_request_control) { berval_done(&vlv_request_control->value); @@ -331,7 +350,7 @@ back_search_result_set *sr = NULL; /* Fix for bugid #394184, SD, 20 Jul 00 */ - int tmp_err = -1; /* must be lower than LDAP_SUCCESS */ + int tmp_err = LDBM_SRCH_DEFAULT_RESULT; char * tmp_desc = NULL; /* end Fix for defect #394184 */ @@ -383,9 +402,29 @@ if(r!=0) { /* Badly formed SORT control */ - return ldbm_back_search_cleanup(pb, li, sort_control, - LDAP_PROTOCOL_ERROR, "Sort Control", - SLAPI_FAIL_GENERAL, NULL, NULL); + if (is_sorting_critical_orig) { + /* RFC 4511 4.1.11 the server must not process the operation + * and return LDAP_UNAVAILABLE_CRITICAL_EXTENSION + */ + return ldbm_back_search_cleanup(pb, li, sort_control, + LDAP_UNAVAILABLE_CRITICAL_EXTENSION, "Sort Control", + SLAPI_FAIL_GENERAL, NULL, NULL, candidates); + } else { + PRUint64 conn_id; + int op_id; + + /* Just ignore the control */ + sort = 0; + slapi_pblock_get(pb, SLAPI_CONN_ID, &conn_id); + slapi_pblock_get(pb, SLAPI_OPERATION_ID, &op_id); + + LDAPDebug(LDAP_DEBUG_ANY, + "Warning: Sort control ignored for conn=%d op=%d\n", + conn_id, op_id, 0); + } + } else { + /* set this operation includes the server side sorting */ + operation->o_flags |= OP_FLAG_SERVER_SIDE_SORTING; } /* set this operation includes the server side sorting */ operation->o_flags |= OP_FLAG_SERVER_SIDE_SORTING; @@ -401,44 +440,61 @@ if(r!=LDAP_SUCCESS) { /* Badly formed VLV control */ - return ldbm_back_search_cleanup(pb, li, sort_control, - r, "VLV Control", SLAPI_FAIL_GENERAL, - &vlv_request_control, NULL); - } - { + if (is_vlv_critical) { + /* RFC 4511 4.1.11 the server must not process the operation + * and return LDAP_UNAVAILABLE_CRITICAL_EXTENSION + */ + return ldbm_back_search_cleanup(pb, li, sort_control, + LDAP_UNAVAILABLE_CRITICAL_EXTENSION, "VLV Control", SLAPI_FAIL_GENERAL, + &vlv_request_control, NULL, candidates); + } else { + PRUint64 conn_id; + int op_id; + + /* Just ignore the control */ + virtual_list_view = 0; + slapi_pblock_get(pb, SLAPI_CONN_ID, &conn_id); + slapi_pblock_get(pb, SLAPI_OPERATION_ID, &op_id); + + LDAPDebug(LDAP_DEBUG_ANY, + "Warning: VLV control ignored for conn=%d op=%d\n", + conn_id, op_id, 0); + } + + } else { /* Access Control Check to see if the client is allowed to use the VLV Control. */ Slapi_Entry *feature; + int rc; char dn[128]; char *dummyAttr = "dummy#attr"; - char *dummyAttrs[2] = { NULL, NULL }; + char *dummyAttrs[2] = {NULL, NULL}; dummyAttrs[0] = dummyAttr; /* This dn is normalized. */ - PR_snprintf(dn,sizeof(dn),"dn: oid=%s,cn=features,cn=config",LDAP_CONTROL_VLVREQUEST); - feature= slapi_str2entry(dn,0); - r= plugin_call_acl_plugin (pb, feature, dummyAttrs, NULL, SLAPI_ACL_READ, ACLPLUGIN_ACCESS_DEFAULT, NULL); + PR_snprintf(dn, sizeof (dn), "dn: oid=%s,cn=features,cn=config", LDAP_CONTROL_VLVREQUEST); + feature = slapi_str2entry(dn, 0); + rc = plugin_call_acl_plugin(pb, feature, dummyAttrs, NULL, SLAPI_ACL_READ, ACLPLUGIN_ACCESS_DEFAULT, NULL); slapi_entry_free(feature); - if(r!=LDAP_SUCCESS) - { + if (rc != LDAP_SUCCESS) { /* Client isn't allowed to do this. */ - return ldbm_back_search_cleanup(pb, li, sort_control, - r, "VLV Control", SLAPI_FAIL_GENERAL, - &vlv_request_control, NULL); + return ldbm_back_search_cleanup(pb, li, sort_control, + rc, "VLV Control", SLAPI_FAIL_GENERAL, + &vlv_request_control, NULL, candidates); } + /* + * Sorting must always be critical for VLV; Force it be so. + */ + is_sorting_critical= 1; + virtual_list_view= 1; } - /* - * Sorting must always be critical for VLV; Force it be so. - */ - is_sorting_critical= 1; - virtual_list_view= 1; } else { /* Can't have a VLV control without a SORT control */ return ldbm_back_search_cleanup(pb, li, sort_control, LDAP_SORT_CONTROL_MISSING, "VLV Control", - SLAPI_FAIL_GENERAL, &vlv_request_control, NULL); + SLAPI_FAIL_GENERAL, &vlv_request_control, NULL, candidates); } } } @@ -491,13 +547,13 @@ { return ldbm_back_search_cleanup(pb, li, sort_control, LDAP_UNWILLING_TO_PERFORM, ctrlstr, - SLAPI_FAIL_GENERAL, &vlv_request_control, NULL); + SLAPI_FAIL_GENERAL, &vlv_request_control, NULL, candidates); } else { return ldbm_back_search_cleanup(pb, li, sort_control, LDAP_VIRTUAL_LIST_VIEW_ERROR, ctrlstr, - SLAPI_FAIL_GENERAL, &vlv_request_control, NULL);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/ldif2ldbm.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/ldif2ldbm.c
Changed
@@ -291,7 +291,7 @@ if ( (idl = index_read( be, LDBM_ENTRYDN_STR, indextype_EQUALITY, &bv, NULL, &err )) != NULL ) { pid = idl_firstid( idl ); - idl_free( idl ); + idl_free( &idl ); } else { /* empty idl */ if ( 0 != err && DB_NOTFOUND != err ) { @@ -591,7 +591,7 @@ /* We get the count from the IDL */ sub_count = idl->b_nids; } - idl_free(idl); + idl_free(&idl); } /* Did we get the count ? */ if (found_count) { @@ -889,8 +889,7 @@ continue; } id = idl_firstid(idl); - idl_free(idl); - idl = NULL; + idl_free(&idl); } /* @@ -898,7 +897,7 @@ */ if (entryrdn_get_noancestorid()) { /* subtree-rename: on && no ancestorid */ - *err = entryrdn_get_subordinates(be, &sdn, id, &idl, txn); + *err = entryrdn_get_subordinates(be, &sdn, id, &idl, txn, 0); } else { *err = ldbm_ancestorid_read(be, txn, id, &idl); } @@ -928,8 +927,8 @@ idltotal = idl; } else if (idl) { idltmp = idl_union(be, idltotal, idl); - idl_free(idltotal); - idl_free(idl); + idl_free(&idltotal); + idl_free(&idl); idltotal = idltmp; } } /* for (i = 0; include[i]; i++) */ @@ -1331,8 +1330,7 @@ /* allids list is no help at all -- revert to trawling * the whole list. */ ok_index = 0; - idl_free(idl); - idl = NULL; + idl_free(&idl); } idindex = 0; } @@ -1588,7 +1586,7 @@ } bye: if (idl) { - idl_free(idl); + idl_free(&idl); } if (dbc) { dbc->c_close(dbc); @@ -1619,7 +1617,7 @@ } ldbm_back_free_incl_excl(include_suffix, exclude_suffix); - idl_free(eargs.pre_exported_idl); + idl_free(&(eargs.pre_exported_idl)); return( return_value ); } @@ -1933,8 +1931,7 @@ } } else if (ALLIDS(idl)) { /* that's no help. */ - idl_free(idl); - idl = NULL; + idl_free(&idl); } } @@ -2443,7 +2440,7 @@ err_out: backentry_free( &ep ); /* if ep or *ep is NULL, it does nothing */ if (idl) { - idl_free(idl); + idl_free(&idl); } else { dbc->c_close(dbc); }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/parents.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/parents.c
Changed
@@ -58,11 +58,17 @@ * The routine is allowed to modify the parent entry, and to return a set of * LDAPMods reflecting the changes it made. The LDAPMods array must be freed * by the called by calling ldap_free_mods(p,1) + * + * PARENTUPDATE_RESURECT == turning a tombstone into an entry + * tombstone_numsubordinates-- + * numsubordinates++ */ /* - * PARENTUPDATE_CREATE_TOMBSTONE: increment tombstone_numsubordinates + * PARENTUPDATE_CREATE_TOMBSTONE: turning an entry into a tombstone + * numsubordinates-- + * tombstone_numsubordinates++ * PARENTUPDATE_DELETE_TOMBSTONE: don't touch numsubordinates, and - * decrement tombstone_numsubordinates + * tombstone_numsubordinates-- */ int @@ -84,7 +90,7 @@ op &= PARENTUPDATE_MASK; /* Check nobody is trying to use op == 3, it's not implemented yet */ - PR_ASSERT( (op == PARENTUPDATE_ADD) || (op == PARENTUPDATE_DEL)); + PR_ASSERT((op == PARENTUPDATE_ADD) || (op == PARENTUPDATE_DEL) || (op == PARENTUPDATE_RESURECT)); /* We want to invent a mods set to be passed to modify_apply_mods() */ @@ -114,16 +120,17 @@ if (PARENTUPDATE_DELETE_TOMBSTONE != repl_op) { /* are we adding ? */ - if ( (PARENTUPDATE_ADD == op) && !already_present) { + if (((PARENTUPDATE_ADD == op) || (PARENTUPDATE_RESURECT == op)) && !already_present) { /* If so, and the parent entry does not already have a subcount * attribute, we need to add it */ mod_op = LDAP_MOD_ADD; } else if (PARENTUPDATE_DEL == op) { if (!already_present) { /* This means that something is wrong---deleting a child but no subcount present on parent */ - LDAPDebug0Args( LDAP_DEBUG_ANY, - "numsubordinates assertion failure\n" ); + LDAPDebug(LDAP_DEBUG_ANY, "Parent %s has no children. (op 0x%x, repl_op 0x%x)\n", + slapi_entry_get_dn(mc->old_entry->ep_entry), op, repl_op); slapi_mods_free(&smods); + PR_ASSERT(0); return -1; } else { if (current_sub_count == 1) { @@ -138,7 +145,7 @@ } /* Now compute the new value */ - if (PARENTUPDATE_ADD == op) { + if ((PARENTUPDATE_ADD == op) || (PARENTUPDATE_RESURECT == op)) { current_sub_count++; } else { current_sub_count--; @@ -159,8 +166,8 @@ /* tombstoneNumSubordinates is needed only when this is repl op * and a child is being deleted */ - if (repl_op && (PARENTUPDATE_DEL == op)) { - current_sub_count = LDAP_MAXINT; + current_sub_count = LDAP_MAXINT; + if ((repl_op && (PARENTUPDATE_DEL == op)) || (PARENTUPDATE_RESURECT == op)) { ret = slapi_entry_attr_find(mc->old_entry->ep_entry, tombstone_numsubordinates, &read_attr); if (0 == ret) { @@ -175,7 +182,7 @@ } } - if (PARENTUPDATE_DELETE_TOMBSTONE == repl_op) { + if ((PARENTUPDATE_DELETE_TOMBSTONE == repl_op) || (PARENTUPDATE_RESURECT == op)) { /* deleting a tombstone entry: * reaping or manually deleting it */ if ((current_sub_count != LDAP_MAXINT) && @@ -187,9 +194,7 @@ tombstone_numsubordinates, strlen(value_buffer), value_buffer); } - } - - if (PARENTUPDATE_CREATE_TOMBSTONE == repl_op) { + } else if (PARENTUPDATE_CREATE_TOMBSTONE == repl_op) { /* creating a tombstone entry */ if (current_sub_count != LDAP_MAXINT) { current_sub_count++;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
Changed
@@ -137,8 +137,8 @@ int dblayer_restore(struct ldbminfo *li, char* source_directory, Slapi_Task *task, char *bename); int dblayer_copy_directory(struct ldbminfo *li, Slapi_Task *task, char *instance_dir, char *destination_dir, - int restore, int *cnt, int instance_dir_flag, - int indexonly, int resetlsns); + int restore, int *cnt, int indexonly, + int resetlsns, int is_changelog); int dblayer_copyfile(char* source, char * destination, int overwrite, int mode); int dblayer_delete_instance_dir(backend *be); int dblayer_delete_database(struct ldbminfo *li); @@ -190,6 +190,7 @@ struct backentry *dn2entry_or_ancestor(Slapi_Backend *be, const Slapi_DN *sdn, Slapi_DN *ancestor, back_txn *txn, int *err); struct backentry *dn2ancestor(Slapi_Backend *be,const Slapi_DN *sdn,Slapi_DN *ancestordn,back_txn *txn,int *err); int get_copy_of_entry(Slapi_PBlock *pb, const entry_address *addr, back_txn *txn, int plock_parameter, int must_exist); +int get_copy_of_entry_ext(Slapi_PBlock *pb, ID id, const entry_address *addr, back_txn *txn, int plock_parameter, int must_exist); void done_with_pblock_entry(Slapi_PBlock *pb, int plock_parameter); /* @@ -231,7 +232,7 @@ * idl.c */ IDList * idl_alloc( NIDS nids ); -void idl_free( IDList *idl ); +void idl_free( IDList **idl ); NIDS idl_length(IDList *idl); int idl_is_allids(IDList *idl); int idl_append(IDList *idl, ID id); @@ -266,6 +267,7 @@ idl_iterator idl_iterator_decrement(idl_iterator *i); ID idl_iterator_dereference(idl_iterator i, const IDList *idl); ID idl_iterator_dereference_increment(idl_iterator *i, const IDList *idl); +ID idl_iterator_dereference_decrement(idl_iterator *i, const IDList *idl); size_t idl_sizeof(IDList *idl); int idl_store_block(backend *be,DB *db,DBT *key,IDList *idl,DB_TXN *txn,struct attrinfo *a); void idl_set_tune(int val); @@ -349,6 +351,7 @@ int modify_apply_mods(modify_context *mc, Slapi_Mods *smods); int modify_term(modify_context *mc,backend *be); int modify_switch_entries(modify_context *mc,backend *be); +int modify_unswitch_entries(modify_context *mc,backend *be); int modify_apply_mods_ignore_error(modify_context *mc, Slapi_Mods *smods, int error); /* @@ -697,8 +700,8 @@ int entryrdn_index_read(backend *be, const Slapi_DN *sdn, ID *id, back_txn *txn); int entryrdn_index_read_ext(backend *be, const Slapi_DN *sdn, ID *id, int flags, back_txn *txn); -int entryrdn_rename_subtree(backend *be, const Slapi_DN *oldsdn, Slapi_RDN *newsrdn, const Slapi_DN *newsupsdn, ID id, back_txn *txn); -int entryrdn_get_subordinates(backend *be, const Slapi_DN *sdn, ID id, IDList **subordinates, back_txn *txn); +int entryrdn_rename_subtree(backend *be, const Slapi_DN *oldsdn, Slapi_RDN *newsrdn, const Slapi_DN *newsupsdn, ID id, back_txn *txn, int flags); +int entryrdn_get_subordinates(backend *be, const Slapi_DN *sdn, ID id, IDList **subordinates, back_txn *txn, int flags); int entryrdn_lookup_dn(backend *be, const char *rdn, ID id, char **dn, back_txn *txn); int entryrdn_get_parent(backend *be, const char *rdn, ID id, char **prdn, ID *pid, back_txn *txn); #endif
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/seq.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/seq.c
Changed
@@ -235,6 +235,7 @@ key.flags = 0; for (retry_count = 0; retry_count < IDL_FETCH_RETRY_COUNT; retry_count++) { err = NEW_IDL_DEFAULT; + idl_free(&idl); idl = idl_fetch( be, db, &key, NULL, ai, &err ); if(err == DB_LOCK_DEADLOCK) { ldbm_nasty("ldbm_back_seq deadlock retry", 1600, err); @@ -289,7 +290,7 @@ } CACHE_RETURN( &inst->inst_cache, &e ); } - idl_free( idl ); + idl_free( &idl ); } dblayer_release_index_file( be, ai, db );
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldbm/vlv.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldbm/vlv.c
Changed
@@ -1112,7 +1112,7 @@ goto done; error: - if (idl) idl_free(idl); + if (idl) idl_free(&idl); done: return rc;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/back-ldif/modify.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/back-ldif/modify.c
Changed
@@ -560,7 +560,7 @@ LDAPDebug( LDAP_DEBUG_TRACE, "=> apply_mods\n", 0, 0, 0 ); err = LDAP_SUCCESS; - for ( j = 0; mods[j] != NULL; j++ ) { + for ( j = 0; (mods != NULL) && (mods[j] != NULL); j++ ) { switch ( mods[j]->mod_op & ~LDAP_MOD_BVALUES ) { case LDAP_MOD_ADD: LDAPDebug( LDAP_DEBUG_ARGS, " add: %s\n",
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/bind.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/bind.c
Changed
@@ -131,6 +131,7 @@ ber_tag_t ber_rc; int rc = 0; Slapi_DN *sdn = NULL; + int bind_sdn_in_pb = 0; /* is sdn set in the pb? */ Slapi_Entry *referral; char errorbuf[BUFSIZ]; char **supported, **pmech; @@ -369,6 +370,7 @@ isroot = slapi_dn_isroot( slapi_sdn_get_ndn(sdn) ); slapi_pblock_set( pb, SLAPI_REQUESTOR_ISROOT, &isroot ); slapi_pblock_set( pb, SLAPI_BIND_TARGET_SDN, (void*)sdn ); + bind_sdn_in_pb = 1; /* pb now owns sdn */ slapi_pblock_set( pb, SLAPI_BIND_METHOD, &method ); slapi_pblock_set( pb, SLAPI_BIND_SASLMECHANISM, saslmech ); slapi_pblock_set( pb, SLAPI_BIND_CREDENTIALS, &cred ); @@ -861,7 +863,9 @@ free_and_return:; if (be) slapi_be_Unlock(be); - slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn); + if (bind_sdn_in_pb) { + slapi_pblock_get(pb, SLAPI_BIND_TARGET_SDN, &sdn); + } slapi_sdn_free(&sdn); slapi_ch_free_string( &saslmech ); slapi_ch_free( (void **)&cred.bv_val );
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/computed.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/computed.c
Changed
@@ -44,6 +44,7 @@ /* Handles computed attributes for entries as they're returned to the client */ #include "slap.h" +#include "proto-slap.h" /* Structure used to pass the context needed for completing a computed attribute operation */ @@ -58,11 +59,15 @@ struct _compute_evaluator { struct _compute_evaluator *next; slapi_compute_callback_t function; + int rootonly; }; typedef struct _compute_evaluator compute_evaluator; +static PRBool startup_completed = PR_FALSE; + static compute_evaluator *compute_evaluators = NULL; static Slapi_RWLock *compute_evaluators_lock = NULL; +static PRBool require_compute_evaluator_lock = PR_FALSE; static int compute_stock_evaluator(computed_attr_context *c,char* type,Slapi_Entry *e,slapi_compute_output_t outputfn); @@ -75,6 +80,7 @@ static compute_rewriter *compute_rewriters = NULL; static Slapi_RWLock *compute_rewriters_lock = NULL; +static PRBool require_compute_rewriters_lock = PR_FALSE; /* Function called by evaluators to have the value output */ static int @@ -83,17 +89,43 @@ return encode_attr (c->pb, c->ber, e, a, c->attrsonly, c->requested_type); } +static +int compute_call_evaluators_nolock(computed_attr_context *c,slapi_compute_output_t outfn,char *type,Slapi_Entry *e) +{ + int rc = -1; + compute_evaluator *current = NULL; + + for (current = compute_evaluators; (current != NULL) && (-1 == rc); current = current->next) { + if (current->rootonly) { + int isroot; + slapi_pblock_get(c->pb, SLAPI_REQUESTOR_ISROOT, &isroot); + if (!isroot) { + continue; + } + } + rc = (*(current->function))(c,type,e,outfn); + } + return rc; +} + static int compute_call_evaluators(computed_attr_context *c,slapi_compute_output_t outfn,char *type,Slapi_Entry *e) { int rc = -1; - compute_evaluator *current = NULL; + int need_lock = require_compute_evaluator_lock; + /* Walk along the list (locked) calling the evaluator functions util one says yes, an error happens, or we finish */ - slapi_rwlock_rdlock(compute_evaluators_lock); - for (current = compute_evaluators; (current != NULL) && (-1 == rc); current = current->next) { - rc = (*(current->function))(c,type,e,outfn); - } - slapi_rwlock_unlock(compute_evaluators_lock); + + if (need_lock) { + slapi_rwlock_rdlock(compute_evaluators_lock); + } + + rc = compute_call_evaluators_nolock(c, outfn, type, e); + + if (need_lock) { + slapi_rwlock_unlock(compute_evaluators_lock); + } + return rc; } @@ -132,25 +164,59 @@ return rc; /* I see no ships */ } +static void +compute_add_evaluator_nolock(slapi_compute_callback_t function, compute_evaluator *new_eval, int rootonly) +{ + new_eval->next = compute_evaluators; + new_eval->function = function; + new_eval->rootonly = rootonly; + compute_evaluators = new_eval; +} int slapi_compute_add_evaluator(slapi_compute_callback_t function) { + return slapi_compute_add_evaluator_ext(function, 0); +} +int slapi_compute_add_evaluator_ext(slapi_compute_callback_t function, int rootonly) +{ int rc = 0; compute_evaluator *new_eval = NULL; PR_ASSERT(NULL != function); PR_ASSERT(NULL != compute_evaluators_lock); - slapi_rwlock_wrlock(compute_evaluators_lock); + if (startup_completed) { + /* We are now in multi-threaded and we still add + * a attribute evaluator. + * switch to use locking mechanimsm + */ + require_compute_evaluator_lock = PR_TRUE; + } + new_eval = (compute_evaluator *)slapi_ch_calloc(1,sizeof (compute_evaluator)); if (NULL == new_eval) { rc = ENOMEM; } else { - new_eval->next = compute_evaluators; - new_eval->function = function; - compute_evaluators = new_eval; + int need_lock = require_compute_evaluator_lock; + + if (need_lock) { + slapi_rwlock_wrlock(compute_evaluators_lock); + } + + compute_add_evaluator_nolock(function, new_eval, rootonly); + + if (need_lock) { + slapi_rwlock_unlock(compute_evaluators_lock); + } } - slapi_rwlock_unlock(compute_evaluators_lock); + return rc; } +/* Called when */ +void +compute_plugins_started() +{ + startup_completed = PR_TRUE; +} + /* Call this on server startup, before the first LDAP operation is serviced */ int compute_init() { @@ -200,6 +266,14 @@ return 0; } +static void +compute_add_search_rewrite_nolock(slapi_search_rewrite_callback_t function, compute_rewriter *new_rewriter) +{ + new_rewriter->next = compute_rewriters; + new_rewriter->function = function; + compute_rewriters = new_rewriter; +} + /* Functions dealing with re-writing of search filters */ int slapi_compute_add_search_rewriter(slapi_search_rewrite_callback_t function) @@ -208,36 +282,66 @@ compute_rewriter *new_rewriter = NULL; PR_ASSERT(NULL != function); PR_ASSERT(NULL != compute_rewriters_lock); + if (startup_completed) { + /* We are now in multi-threaded and we still add + * a filter rewriter. + * switch to use locking mechanimsm + */ + require_compute_rewriters_lock = PR_TRUE; + } new_rewriter = (compute_rewriter *)slapi_ch_calloc(1,sizeof (compute_rewriter)); if (NULL == new_rewriter) { rc = ENOMEM; } else { - slapi_rwlock_wrlock(compute_rewriters_lock); - new_rewriter->next = compute_rewriters; - new_rewriter->function = function; - compute_rewriters = new_rewriter; - slapi_rwlock_unlock(compute_rewriters_lock); + int need_lock = require_compute_rewriters_lock; + + if (need_lock) { + slapi_rwlock_wrlock(compute_rewriters_lock); + } + + compute_add_search_rewrite_nolock(function, new_rewriter); + + if (need_lock) { + slapi_rwlock_unlock(compute_rewriters_lock); + } } return rc; } -int compute_rewrite_search_filter(Slapi_PBlock *pb) +static +int compute_rewrite_search_filter_nolock(Slapi_PBlock *pb)
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/configdse.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/configdse.c
Changed
@@ -392,7 +392,7 @@ */ for ( apply_mods = 0; apply_mods <= 1; apply_mods++ ) { int i = 0; - for (i = 0; (mods[i] && (LDAP_SUCCESS == rc)); i++) { + for (i = 0; mods && (mods[i] && (LDAP_SUCCESS == rc)); i++) { /* send all aci modifications to the backend */ config_attr = (char *)mods[i]->mod_type; if (ignore_attr_type(config_attr)) @@ -487,7 +487,7 @@ slapi_pblock_get( pb, SLAPI_MODIFY_MODS, &mods ); returntext[0] = '\0'; - for (i = 0; mods[i]; i++) { + for (i = 0; mods && mods[i]; i++) { if (mods[i]->mod_op & LDAP_MOD_REPLACE ) { /* Check if the server needs to be restarted */ for (j = 0; j < num_requires_restart; j++)
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/connection.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/connection.c
Changed
@@ -2210,6 +2210,27 @@ in connection_activity when the conn is added to the work queue, setup_pr_read_pds won't add the connection prfd to the poll list */ + if(pb->pb_conn->c_opscompleted == 0){ + /* + * We have a new connection, set the anonymous reslimit idletimeout + * if applicable. + */ + char *anon_dn = config_get_anon_limits_dn(); + int idletimeout; + /* If an anonymous limits dn is set, use it to set the limits. */ + if (anon_dn && (strlen(anon_dn) > 0)) { + Slapi_DN *anon_sdn = slapi_sdn_new_normdn_byref( anon_dn ); + reslimit_update_from_dn( pb->pb_conn, anon_sdn ); + slapi_sdn_free( &anon_sdn ); + if (slapi_reslimit_get_integer_limit(pb->pb_conn, pb->pb_conn->c_idletimeout_handle, + &idletimeout) + == SLAPI_RESLIMIT_STATUS_SUCCESS) + { + pb->pb_conn->c_idletimeout = idletimeout; + } + } + slapi_ch_free_string( &anon_dn ); + } if (connection_call_io_layer_callbacks(pb->pb_conn)) { LDAPDebug0Args( LDAP_DEBUG_ANY, "Error: could not add/remove IO layers from connection\n" ); }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/daemon.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/daemon.c
Changed
@@ -1081,7 +1081,7 @@ if ( n_tcps != NULL ) { PRFileDesc **fdesp; PRNetAddr **nap = ports->n_listenaddr; - for (fdesp = n_tcps; fdesp && *fdesp; fdesp++, nap++) { + for (fdesp = n_tcps; fdesp && *fdesp && nap && *nap; fdesp++, nap++) { if ( PR_Listen( *fdesp, config_get_listen_backlog_size() ) == PR_FAILURE ) { PRErrorCode prerr = PR_GetError(); char addrbuf[ 256 ]; @@ -1779,7 +1779,7 @@ &idletimeout_reslimit_handle )); } - +#if 0 /* NOT USED */ /* * Compute the idle timeout for the connection. * @@ -1827,7 +1827,7 @@ return( idletimeout ); } - +#endif #ifdef _WIN32 static void @@ -1871,9 +1871,8 @@ /* idle timeout */ } - else if (( idletimeout = compute_idletimeout( - slapdFrontendConfig, c )) > 0 && - (curtime - c->c_idlesince) >= idletimeout && + else if (( c->c_idletimeout > 0 && + (curtime - c->c_idlesince) >= c->c_idletimeout && NULL == c->c_ops ) { disconnect_server_nomutex( c, c->c_connid, -1, @@ -1893,8 +1892,6 @@ { Connection *c; time_t curtime = current_time(); - slapdFrontendConfig_t *slapdFrontendConfig = getFrontendConfig(); - int idletimeout; #if defined( XP_WIN32 ) int i; #endif @@ -1957,10 +1954,9 @@ /* This is where the work happens ! */ connection_activity( c ); } - else if (( idletimeout = compute_idletimeout( slapdFrontendConfig, - c )) > 0 && + else if (( c->c_ideltimeout > 0 && c->c_prfd == ct->fd[i].fd && - (curtime - c->c_idlesince) >= idletimeout && + (curtime - c->c_idlesince) >= c->c_ideltimeout && NULL == c->c_ops ) { /* idle timeout */ @@ -2031,9 +2027,8 @@ SLAPD_DISCONNECT_POLL, EPIPE ); } } - else if (( idletimeout = compute_idletimeout( - slapdFrontendConfig, c )) > 0 && - (curtime - c->c_idlesince) >= idletimeout && + else if (c->c_idletimeout > 0 && + (curtime - c->c_idlesince) >= c->c_idletimeout && NULL == c->c_ops ) { /* idle timeout */ @@ -2602,6 +2597,7 @@ /* struct sockaddr_in from;*/ PRNetAddr from; PRFileDesc *pr_clonefd = NULL; + slapdFrontendConfig_t *fecfg = getFrontendConfig(); memset(&from, 0, sizeof(from)); /* reset to nulls so we can see what was set */ if ( (ns = accept_and_configure( tcps, pr_acceptfd, &from, @@ -2618,6 +2614,13 @@ } PR_Lock( conn->c_mutex ); + /* + * Set the default idletimeout and the handle. We'll update c_idletimeout + * after each bind so we can correctly set the resource limit. + */ + conn->c_idletimeout = fecfg->idletimeout; + conn->c_idletimeout_handle = idletimeout_reslimit_handle; + #if defined( XP_WIN32 ) if( !secure ) ber_sockbuf_set_option(conn->c_sb,LBER_SOCKBUF_OPT_DESC,&ns);
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/entry.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/entry.c
Changed
@@ -2602,7 +2602,7 @@ Slapi_Attr **a= NULL; attrlist_find_or_create(&e->e_attrs, type, &a); if(value != (Slapi_Value *) NULL) { - slapi_valueset_add_value ( &(*a)->a_present_values, value); + slapi_valueset_add_attr_value_ext(*a, &(*a)->a_present_values, (Slapi_Value *)value, 0); } return 0; } @@ -3113,9 +3113,10 @@ * Author/Modifier: RJP */ int -slapi_entry_has_children(const Slapi_Entry *entry) +slapi_entry_has_children_ext(const Slapi_Entry *entry, int include_tombstone) { Slapi_Attr *attr; + int count = 0; LDAPDebug( LDAP_DEBUG_TRACE, "=> slapi_has_children( %s )\n", slapi_entry_get_dn_const(entry), 0, 0); @@ -3125,15 +3126,34 @@ Slapi_Value *sval; slapi_attr_first_value( attr, &sval ); if(sval!=NULL) - { + { const struct berval *bval = slapi_value_get_berval( sval ); if(bval!=NULL) { /* The entry has the attribute, and it's non-zero */ - if (strcmp(bval->bv_val, "0") != 0) - { - LDAPDebug( LDAP_DEBUG_TRACE, "<= slapi_has_children 1\n", 0, 0, 0 ); - return(1); + count = strtol(bval->bv_val, (char **)NULL, 10); + if (count > 0) { + LDAPDebug1Arg( LDAP_DEBUG_TRACE, "<= slapi_has_children %d\n", count); + return count; + } + } + } + } + /*If the subordinatecount exists, and it's nonzero, then return 1.*/ + if (include_tombstone && (slapi_entry_attr_find( entry, "tombstonenumsubordinates", &attr) == 0)) + { + Slapi_Value *sval; + slapi_attr_first_value( attr, &sval ); + if(sval!=NULL) + { + const struct berval *bval = slapi_value_get_berval( sval ); + if(bval!=NULL) + { + /* The entry has the attribute, and it's non-zero */ + count = strtol(bval->bv_val, (char **)NULL, 10); + if (count > 0) { + LDAPDebug1Arg( LDAP_DEBUG_TRACE, "<= slapi_has_tombstone_children %d\n", count); + return count; } } } @@ -3142,6 +3162,12 @@ return(0); } +int +slapi_entry_has_children(const Slapi_Entry *entry) +{ + return slapi_entry_has_children_ext(entry, 0); +} + /* * Renames an entry to simulate a MODRDN operation */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/entrywsi.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/entrywsi.c
Changed
@@ -864,7 +864,7 @@ int entry_computed_attr_init() { - slapi_compute_add_evaluator(entry_compute_nscpentrywsi); + slapi_compute_add_evaluator_ext(entry_compute_nscpentrywsi, 1 /* root only */); return 0; } @@ -1184,6 +1184,8 @@ */ /* just remove the deleted value */ entry_deleted_value_to_zapped_value(a,pending_value); + /* move the attribute to the present attributes list */ + entry_deleted_attribute_to_present_attribute(e,a); pending_value = NULL; attr_set_deletion_csn(a,NULL); return; /* we are done - we are keeping the present value */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/libglobs.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/libglobs.c
Changed
@@ -132,6 +132,144 @@ static int config_set_schemareplace ( const char *attrname, char *value, char *errorbuf, int apply ); +/* Keeping the initial values */ +/* CONFIG_INT/CONFIG_LONG */ +#define DEFAULT_LOG_ROTATIONSYNCHOUR "0" +#define DEFAULT_LOG_ROTATIONSYNCMIN "0" +#define DEFAULT_LOG_ROTATIONTIME "1" +#define DEFAULT_LOG_ACCESS_MAXNUMLOGS "10" +#define DEFAULT_LOG_MAXNUMLOGS "1" +#define DEFAULT_LOG_EXPTIME "1" +#define DEFAULT_LOG_ACCESS_MAXDISKSPACE "500" +#define DEFAULT_LOG_MAXDISKSPACE "100" +#define DEFAULT_LOG_MAXLOGSIZE "100" +#define DEFAULT_LOG_MINFREESPACE "5" +#define DEFAULT_ACCESSLOGLEVEL "256" +#define DEFAULT_SIZELIMIT "2000" +#define DEFAULT_TIMELIMIT "3600" +#define DEFAULT_PAGEDSIZELIMIT "0" +#define DEFAULT_IDLE_TIMEOUT "0" +#define DEFAULT_MAXDESCRIPTORS "1024" +#define DEFAULT_RESERVE_FDS "64" +#define DEFAULT_MAX_BERSIZE "0" +#define DEFAULT_MAX_THREADS "30" +#define DEFAULT_MAX_THREADS_PER_CONN "5" +#define DEFAULT_IOBLOCK_TIMEOUT "1800000" +#define DEFAULT_OUTBOUND_LDAP_IO_TIMEOUT "300000" +#define DEFAULT_MAX_FILTER_NEST_LEVEL "40" +#define DEFAULT_GROUPEVALNESTLEVEL "0" +#define DEFAULT_MAX_SASLIO_SIZE "2097152" +#define DEFAULT_DISK_THRESHOLD "2097152" +#define DEFAULT_DISK_GRACE_PERIOD "60" +#define DEFAULT_LOCAL_SSF "71" +#define DEFAULT_MIN_SSF "0" +#define DEFAULT_PW_INHISTORY "6" +#define DEFAULT_PW_GRACELIMIT "0" +#define DEFAULT_PW_MINLENGTH "0" +#define DEFAULT_PW_MINDIGITS "0" +#define DEFAULT_PW_MINALPHAS "0" +#define DEFAULT_PW_MINUPPERS "0" +#define DEFAULT_PW_MINLOWERS "0" +#define DEFAULT_PW_MINSPECIALS "0" +#define DEFAULT_PW_MIN8BIT "0" +#define DEFAULT_PW_MAXREPEATS "0" +#define DEFAULT_PW_MINCATEGORIES "3" +#define DEFAULT_PW_MINTOKENLENGTH "3" +#define DEFAULT_PW_MAXAGE "8640000" +#define DEFAULT_PW_MINAGE "0" +#define DEFAULT_PW_WARNING "86400" +#define DEFAULT_PW_MAXFAILURE "3" +#define DEFAULT_PW_RESETFAILURECOUNT "600" +#define DEFAULT_PW_LOCKDURATION "3600" +#define DEFAULT_NDN_SIZE "20971520" +#ifdef MEMPOOL_EXPERIMENTAL +#define DEFAULT_MEMPOOL_MAXFREELIST "1024" +#endif + +/* CONFIG_STRING... */ +#define INIT_ACCESSLOG_MODE "600" +#define INIT_ERRORLOG_MODE "600" +#define INIT_AUDITLOG_MODE "600" +#define INIT_ACCESSLOG_ROTATIONUNIT "day" +#define INIT_ERRORLOG_ROTATIONUNIT "week" +#define INIT_AUDITLOG_ROTATIONUNIT "week" +#define INIT_ACCESSLOG_EXPTIMEUNIT "month" +#define INIT_ERRORLOG_EXPTIMEUNIT "month" +#define INIT_AUDITLOG_EXPTIMEUNIT "month" +#define DEFAULT_DIRECTORY_MANAGER "cn=Directory Manager" +#define DEFAULT_UIDNUM_TYPE "uidNumber" +#define DEFAULT_GIDNUM_TYPE "gidNumber" +#define DEFAULT_LDAPI_SEARCH_BASE "dc=example,dc=com" +#define DEFAULT_LDAPI_AUTO_DN "cn=peercred,cn=external,cn=auth" +#define ENTRYUSN_IMPORT_INIT "0" +#define DEFAULT_ALLOWED_TO_DELETE_ATTRS "nsslapd-listenhost nsslapd-securelistenhost nsslapd-defaultnamingcontext" +#define SALTED_SHA1_SCHEME_NAME "SSHA" + +/* CONFIG_ON_OFF */ +int init_accesslog_rotationsync_enabled; +int init_errorlog_rotationsync_enabled; +int init_auditlog_rotationsync_enabled; +int init_accesslog_logging_enabled; +int init_accesslogbuffering; +int init_errorlog_logging_enabled; +int init_auditlog_logging_enabled; +int init_auditlog_logging_hide_unhashed_pw; +int init_csnlogging; +int init_pw_unlock; +int init_pw_must_change; +int init_pwpolicy_local; +int init_pw_lockout; +int init_pw_history; +int init_pw_is_global_policy; +int init_pw_is_legacy; +int init_pw_track_update_time; +int init_pw_change; +int init_pw_exp; +int init_pw_syntax; +int init_schemacheck; +int init_ds4_compatible_schema; +int init_schema_ignore_trailing_spaces; +int init_enquote_sup_oc; +int init_rewrite_rfc1274; +int init_syntaxcheck; +int init_syntaxlogging; +int init_dn_validate_strict; +int init_attrname_exceptions; +int init_return_exact_case; +int init_result_tweak; +int init_plugin_track; +int init_lastmod; +int init_readonly; +int init_accesscontrol; +int init_nagle; +int init_security; +int init_ssl_check_hostname; +int init_ldapi_switch; +int init_ldapi_bind_switch; +int init_ldapi_map_entries; +int init_allow_unauth_binds; +int init_require_secure_binds; +int init_minssf_exclude_rootdse; +int init_force_sasl_external; +int init_slapi_counters; +int init_entryusn_global; +int init_disk_monitoring; +int init_disk_logging_critical; +int init_listen_backlog_size; +int init_ignore_time_skew; +#if defined (LINUX) +int init_malloc_mxfast; +int init_malloc_trim_threshold; +int init_malloc_mmap_threshold; +#endif +#ifdef MEMPOOL_EXPERIMENTAL +int init_mempool_switch; +#endif + +#define DEFAULT_SSLCLIENTAPTH "off" +#define DEFAULT_ALLOW_ANON_ACCESS "on" +#define DEFAULT_VALIDATE_CERT "warn" + static int isInt(ConfigVarType type) { @@ -152,584 +290,735 @@ void** config_var_addr; /* address of member of slapdFrontendConfig struct */ ConfigVarType config_var_type; /* cast to this type when getting */ ConfigGetFunc getfunc; /* for special handling */ + void *initvalue; } ConfigList[] = { {CONFIG_AUDITLOG_MODE_ATTRIBUTE, NULL, log_set_mode, SLAPD_AUDIT_LOG, - (void**)&global_slapdFrontendConfig.auditlog_mode, CONFIG_STRING, NULL}, + (void**)&global_slapdFrontendConfig.auditlog_mode, + CONFIG_STRING, NULL, INIT_AUDITLOG_MODE}, {CONFIG_AUDITLOG_LOGROTATIONSYNCENABLED_ATTRIBUTE, NULL, log_set_rotationsync_enabled, SLAPD_AUDIT_LOG, - (void**)&global_slapdFrontendConfig.auditlog_rotationsync_enabled, CONFIG_ON_OFF, NULL}, + (void**)&global_slapdFrontendConfig.auditlog_rotationsync_enabled, + CONFIG_ON_OFF, NULL, &init_auditlog_rotationsync_enabled}, {CONFIG_AUDITLOG_LOGROTATIONSYNCHOUR_ATTRIBUTE, NULL, log_set_rotationsynchour, SLAPD_AUDIT_LOG, - (void**)&global_slapdFrontendConfig.auditlog_rotationsynchour, CONFIG_INT, NULL}, + (void**)&global_slapdFrontendConfig.auditlog_rotationsynchour, + CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCHOUR}, {CONFIG_AUDITLOG_LOGROTATIONSYNCMIN_ATTRIBUTE, NULL, log_set_rotationsyncmin, SLAPD_AUDIT_LOG, - (void**)&global_slapdFrontendConfig.auditlog_rotationsyncmin, CONFIG_INT, NULL}, + (void**)&global_slapdFrontendConfig.auditlog_rotationsyncmin, + CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONSYNCMIN}, {CONFIG_AUDITLOG_LOGROTATIONTIME_ATTRIBUTE, NULL, log_set_rotationtime, SLAPD_AUDIT_LOG, - (void**)&global_slapdFrontendConfig.auditlog_rotationtime, CONFIG_INT, NULL}, + (void**)&global_slapdFrontendConfig.auditlog_rotationtime, + CONFIG_INT, NULL, DEFAULT_LOG_ROTATIONTIME}, {CONFIG_ACCESSLOG_MODE_ATTRIBUTE, NULL, log_set_mode, SLAPD_ACCESS_LOG, - (void**)&global_slapdFrontendConfig.accesslog_mode, CONFIG_STRING, NULL}, + (void**)&global_slapdFrontendConfig.accesslog_mode, + CONFIG_STRING, NULL, INIT_ACCESSLOG_MODE}, {CONFIG_ACCESSLOG_MAXNUMOFLOGSPERDIR_ATTRIBUTE, NULL, log_set_numlogsperdir, SLAPD_ACCESS_LOG, - (void**)&global_slapdFrontendConfig.accesslog_maxnumlogs, CONFIG_INT, NULL}, + (void**)&global_slapdFrontendConfig.accesslog_maxnumlogs, + CONFIG_INT, NULL, DEFAULT_LOG_ACCESS_MAXNUMLOGS}, {CONFIG_LOGLEVEL_ATTRIBUTE, config_set_errorlog_level, NULL, 0, (void**)&global_slapdFrontendConfig.errorloglevel, - CONFIG_SPECIAL_ERRORLOGLEVEL, NULL}, + CONFIG_SPECIAL_ERRORLOGLEVEL, NULL, NULL}, {CONFIG_ERRORLOG_LOGGING_ENABLED_ATTRIBUTE, NULL, log_set_logging, SLAPD_ERROR_LOG, - (void**)&global_slapdFrontendConfig.errorlog_logging_enabled, CONFIG_ON_OFF, NULL}, + (void**)&global_slapdFrontendConfig.errorlog_logging_enabled, + CONFIG_ON_OFF, NULL, &init_errorlog_logging_enabled}, {CONFIG_ERRORLOG_MODE_ATTRIBUTE, NULL, log_set_mode, SLAPD_ERROR_LOG, - (void**)&global_slapdFrontendConfig.errorlog_mode, CONFIG_STRING, NULL}, + (void**)&global_slapdFrontendConfig.errorlog_mode,
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/main.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/main.c
Changed
@@ -1171,7 +1171,8 @@ slapi_td_dn_init(); plugin_print_lists(); - plugin_startall(argc, argv, 1 /* Start Backends */, 1 /* Start Globals */); + plugin_startall(argc, argv, 1 /* Start Backends */, 1 /* Start Globals */); + compute_plugins_started(); if (housekeeping_start((time_t)0, NULL) == NULL) { return_value = 1; goto cleanup;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/mapping_tree.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/mapping_tree.c
Changed
@@ -1074,7 +1074,7 @@ return SLAPI_DSE_CALLBACK_ERROR; } - for (i = 0; mods[i] != NULL; i++) { + for (i = 0; (mods != NULL) && (mods[i] != NULL); i++) { if ( (strcasecmp(mods[i]->mod_type, "cn") == 0) || (strcasecmp(mods[i]->mod_type, MAPPING_TREE_PARENT_ATTRIBUTE) == 0) )
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/modify.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/modify.c
Changed
@@ -391,16 +391,19 @@ mods = slapi_mods_get_ldapmods_passout (&smods); /* normalize the mods */ - normalized_mods = normalize_mods2bvals((const LDAPMod**)mods); - ldap_mods_free (mods, 1 /* Free the Array and the Elements */); - if (normalized_mods == NULL) { - op_shared_log_error_access(pb, "MOD", rawdn?rawdn:"", - "mod includes invalid dn format"); - send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL, - "mod includes invalid dn format", 0, NULL); - goto free_and_return; + if (mods) { + normalized_mods = normalize_mods2bvals((const LDAPMod**)mods); + ldap_mods_free (mods, 1 /* Free the Array and the Elements */); + if (normalized_mods == NULL) { + /* NOTE: normalize_mods2bvals only handles DN syntax currently */ + op_shared_log_error_access(pb, "MOD", rawdn?rawdn:"", + "mod includes invalid dn format"); + send_ldap_result(pb, LDAP_INVALID_DN_SYNTAX, NULL, + "mod includes invalid dn format", 0, NULL); + goto free_and_return; + } + slapi_pblock_set(pb, SLAPI_MODIFY_MODS, normalized_mods); } - slapi_pblock_set(pb, SLAPI_MODIFY_MODS, normalized_mods); op_shared_modify ( pb, pw_change, old_pw ); @@ -1396,7 +1399,7 @@ return 0; } - for (i=0; mods[i] != NULL; i++) { + for (i=0; (mods != NULL) && (mods[i] != NULL); i++) { LDAPMod *mod = mods[i]; if (strcasecmp (mod->mod_type, CONFIG_ROOTPW_ATTRIBUTE) != 0) continue;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/operation.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/operation.c
Changed
@@ -200,6 +200,7 @@ o->o_connid = 0; o->o_next = NULL; o->o_flags= flags; + o->o_reverse_search_state = 0; if ( config_get_accesslog_level() & LDAP_DEBUG_TIMING ) { o->o_interval = PR_IntervalNow(); } else {
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/opshared.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/opshared.c
Changed
@@ -510,7 +510,6 @@ err_code = slapi_mapping_tree_select_all(pb, be_list, referral_list, errorbuf); if (((err_code != LDAP_SUCCESS) && (err_code != LDAP_OPERATIONS_ERROR) && (err_code != LDAP_REFERRAL)) || ((err_code == LDAP_OPERATIONS_ERROR) && (be_list[0] == NULL))) - { send_ldap_result(pb, err_code, NULL, errorbuf, 0, NULL); rc = -1; @@ -713,10 +712,6 @@ curr_search_count = -1; } else { curr_search_count = pnentries; - /* no more entries, but at least another backend */ - if (pagedresults_set_current_be(pb->pb_conn, next_be, pr_idx) < 0) { - goto free_and_return; - } } estimate = 0; } else { @@ -731,12 +726,20 @@ pagedresults_set_search_result_set_size_estimate(pb->pb_conn, operation, estimate, pr_idx); - next_be = NULL; /* to break the loop */ - if (curr_search_count == -1) { + if (PAGEDRESULTS_SEARCH_END == pr_stat) { pagedresults_lock(pb->pb_conn, pr_idx); slapi_pblock_set(pb, SLAPI_SEARCH_RESULT_SET, NULL); pagedresults_free_one(pb->pb_conn, operation, pr_idx); pagedresults_unlock(pb->pb_conn, pr_idx); + if (next_be) { + /* no more entries, but at least another backend */ + if (pagedresults_set_current_be(pb->pb_conn, next_be, pr_idx) < 0) { + goto free_and_return; + } + } + next_be = NULL; /* to break the loop */ + } else if (PAGEDRESULTS_PAGE_END == pr_stat) { + next_be = NULL; /* to break the loop */ } } else { /* be_suffix null means that we are searching the default backend
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/pagedresults.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/pagedresults.c
Changed
@@ -130,11 +130,13 @@ } } } - if (!conn->c_pagedresults.prl_list[*index].pr_mutex) { + if ((*index > -1) && (*index < conn->c_pagedresults.prl_maxlen) && + !conn->c_pagedresults.prl_list[*index].pr_mutex) { conn->c_pagedresults.prl_list[*index].pr_mutex = PR_NewLock(); } conn->c_pagedresults.prl_count++; } else { + PagedResults *prp = NULL; /* Repeated paged results request. * PagedResults is already allocated. */ char *ptr = slapi_ch_malloc(cookie.bv_len + 1); @@ -142,6 +144,10 @@ *(ptr+cookie.bv_len) = '\0'; *index = strtol(ptr, NULL, 10); slapi_ch_free_string(&ptr); + prp = conn->c_pagedresults.prl_list + *index; + if (!(prp->pr_search_result_set)) { /* freed and reused for the next backend. */ + conn->c_pagedresults.prl_count++; + } } /* reset sizelimit */ op->o_pagedresults_sizelimit = -1; @@ -270,6 +276,7 @@ prp->pr_current_be->be_search_results_release && prp->pr_search_result_set) { prp->pr_current_be->be_search_results_release(&(prp->pr_search_result_set)); + prp->pr_current_be = NULL; } if (prp->pr_mutex) { /* pr_mutex is reused; back it up and reset it. */ @@ -307,6 +314,7 @@ prp->pr_current_be->be_search_results_release && prp->pr_search_result_set) { prp->pr_current_be->be_search_results_release(&(prp->pr_search_result_set)); + prp->pr_current_be = NULL; } prp->pr_flags |= CONN_FLAG_PAGEDRESULTS_ABANDONED; prp->pr_flags &= ~CONN_FLAG_PAGEDRESULTS_PROCESSING; @@ -724,6 +732,7 @@ if (prp->pr_current_be && prp->pr_search_result_set && prp->pr_current_be->be_search_results_release) { prp->pr_current_be->be_search_results_release(&(prp->pr_search_result_set)); + prp->pr_current_be = NULL; rc = 1; } if (prp->pr_mutex) { @@ -771,6 +780,7 @@ if (prp->pr_current_be && prp->pr_search_result_set && prp->pr_current_be->be_search_results_release) { prp->pr_current_be->be_search_results_release(&(prp->pr_search_result_set)); + prp->pr_current_be = NULL; rc = 1; } }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/pblock.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/pblock.c
Changed
@@ -3647,6 +3647,9 @@ bind_credentials_set_nolock( Connection *conn, char *authtype, char *normdn, char *extauthtype, char *externaldn, CERTCertificate *clientcert, Slapi_Entry * bind_target_entry ) { + slapdFrontendConfig_t *fecfg = getFrontendConfig(); + int idletimeout = 0; + /* clear credentials */ bind_credentials_clear( conn, PR_FALSE /* conn is already locked */, ( extauthtype != NULL ) /* clear external creds. if requested */ ); @@ -3690,8 +3693,17 @@ slapi_ch_free_string( &anon_dn ); } + if (slapi_reslimit_get_integer_limit(conn, conn->c_idletimeout_handle, + &idletimeout) + != SLAPI_RESLIMIT_STATUS_SUCCESS) + { + conn->c_idletimeout = fecfg->idletimeout; + } else { + conn->c_idletimeout = idletimeout; + } } else { /* For root dn clear about the resource limits */ reslimit_update_from_entry( conn, NULL ); + conn->c_idletimeout = 0; } }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/proto-slap.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/proto-slap.h
Changed
@@ -248,6 +248,7 @@ int compute_attribute(char *type, Slapi_PBlock *pb,BerElement *ber,Slapi_Entry *e,int attrsonly,char *requested_type); int compute_init(); int compute_terminate(); +void compute_plugins_started(); /*
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/rdn.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/rdn.c
Changed
@@ -124,7 +124,7 @@ * 1 -- "dn" does not belong to the database; could be "rdn" */ static int -_slapi_rdn_init_all_dn_ext(Slapi_RDN *rdn, const Slapi_DN *sdn) +_slapi_rdn_init_all_dn_ext(Slapi_RDN *rdn, const Slapi_DN *sdn, int is_tombstone) { const char *dn = NULL; const char *ndn= NULL; @@ -202,9 +202,16 @@ } /* Get the last matched position */ - if(dns) - { - rdn->rdn = slapi_ch_strdup(dns[0]); + if (dns) { + if (is_tombstone && slapi_is_special_rdn(dns[0], RDN_IS_TOMBSTONE)) { + /* merge nsuniqueid=...,<rdn> into one rdn */ + rdn->rdn = slapi_ch_smprintf("%s,%s", dns[0], dns[1]); + slapi_ch_free_string(&dns[0]); + dns[0] = slapi_ch_strdup(rdn->rdn); + charray_remove(dns, dns[1], 1); + } else { + rdn->rdn = slapi_ch_strdup(dns[0]); + } rdn->all_rdns = dns; slapi_setbit_uchar(rdn->flag,FLAG_ALL_RDNS); } @@ -238,7 +245,7 @@ slapi_rdn_init(rdn); slapi_sdn_init(&sdn); slapi_sdn_set_dn_byval(&sdn, dn); - rc = _slapi_rdn_init_all_dn_ext(rdn, (const Slapi_DN *)&sdn); + rc = _slapi_rdn_init_all_dn_ext(rdn, (const Slapi_DN *)&sdn, 0); slapi_sdn_done(&sdn); return rc; } @@ -257,6 +264,33 @@ * 1 -- dn does not belong to the database */ int +slapi_rdn_init_all_sdn_ext(Slapi_RDN *rdn, const Slapi_DN *sdn, int is_tombstone) +{ + int rc = 0; /* success */ + + if (NULL == rdn || NULL == sdn) + { + return -1; + } + slapi_rdn_init(rdn); + rc = _slapi_rdn_init_all_dn_ext(rdn, sdn, is_tombstone); + return rc; +} + +/* + * This function sets DN from sdn to Slapi_RDN. + * Note: The underlying function _slapi_rdn_init_all_dn_ext checks if the DN + * is in the root or sub suffix the server owns. If it is, the root or sub + * suffix is treated as one "rdn" (e.g., "dc=sub,dc=example,dc=com") and 0 is + * returned. If it is not, the DN is separated by ',' and each string is set + * to RDN array. (e.g., input: "uid=A,ou=does_not_exist" ==> "uid=A", "ou= + * does_not_exist") and 1 is returned. + * + * Return Value: 0 -- Success + * -1 -- Error + * 1 -- dn does not belong to the database + */ +int slapi_rdn_init_all_sdn(Slapi_RDN *rdn, const Slapi_DN *sdn) { int rc = 0; /* success */ @@ -266,7 +300,7 @@ return -1; } slapi_rdn_init(rdn); - rc = _slapi_rdn_init_all_dn_ext(rdn, sdn); + rc = _slapi_rdn_init_all_dn_ext(rdn, sdn, 0); return rc; } @@ -291,6 +325,17 @@ } void +slapi_rdn_set_dn_ext(Slapi_RDN *rdn,const char *dn, int skip_tombstone) +{ + const char *mydn = dn; + slapi_rdn_done(rdn); + if (skip_tombstone && slapi_is_special_rdn(dn, RDN_IS_TOMBSTONE)) { + mydn = dn + slapi_uniqueIDRdnSize() + 1/*,*/; + } + slapi_rdn_init_dn(rdn, mydn); +} + +void slapi_rdn_set_dn(Slapi_RDN *rdn,const char *dn) { slapi_rdn_done(rdn); @@ -473,6 +518,33 @@ } int +slapi_rdn_is_multivalued(Slapi_RDN *rdn) +{ + char *p = NULL; + if (rdn && rdn->rdn) { + p = PL_strchr(rdn->rdn, '+'); + } + if (p) { + return 1; + } else { + return 0; + } +} + +/* + * Return value 1: if rdn is a conflict rdn + * 0: otherwise + */ +int +slapi_rdn_is_conflict(Slapi_RDN *rdn) +{ + if (!rdn) { + return 0; + } + return slapi_is_special_rdn(slapi_rdn_get_nrdn(rdn), RDN_IS_CONFLICT); +} + +int slapi_rdn_add(Slapi_RDN *rdn, const char *type, const char *value) { PR_ASSERT(NULL != type); @@ -484,12 +556,32 @@ } else { - /* type=value+rdn '\0' */ - char *newrdn = slapi_create_dn_string("%s=%s+%s", type, value, rdn->rdn); + char *newrdn = NULL; + char *rp = rdn->rdn; + PRUint32 uniqueidlen = slapi_uniqueIDRdnSize(); + + if (slapi_is_special_rdn(rp, RDN_IS_TOMBSTONE)) { + char *corerp = rp + uniqueidlen + 1; + *(rp + uniqueidlen) = '\0'; + newrdn = slapi_create_dn_string("%s,%s=%s+%s", rp, type, value, corerp); + } else { + /* type=value+rdn '\0' */ + newrdn = slapi_create_dn_string("%s=%s+%s", type, value, rp); + } slapi_ch_free_string(&rdn->rdn); rdn->rdn = newrdn; } slapi_unsetbit_uchar(rdn->flag,FLAG_RDNS); + + if (rdn->all_rdns && rdn->all_rdns[0]) { + slapi_ch_free_string(&rdn->all_rdns[0]); + rdn->all_rdns[0] = slapi_ch_strdup(rdn->rdn); + } + if (rdn->all_nrdns && rdn->all_nrdns[0]) { + slapi_ch_free_string(&rdn->all_nrdns[0]); + rdn->all_nrdns[0] = slapi_ch_strdup(rdn->rdn); + slapi_dn_ignore_case(rdn->all_nrdns[0]); + } return 1; }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/schema.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/schema.c
Changed
@@ -1676,7 +1676,7 @@ * True for DS 4.x as well, although it tried to keep going even after * an error was detected (which was very wrong). */ - for (i = 0; rc == SLAPI_DSE_CALLBACK_OK && mods[i]; i++) { + for (i = 0; rc == SLAPI_DSE_CALLBACK_OK && mods && mods[i]; i++) { schema_dse_attr_name = (char *) mods[i]->mod_type; num_mods++; /* incr the number of mods */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/search.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/search.c
Changed
@@ -69,6 +69,7 @@ int i, err, attrsonly; ber_int_t scope, deref, sizelimit, timelimit; char *rawbase = NULL; + int rawbase_set_in_pb = 0; /* was rawbase set in pb? */ char *base = NULL, *fstr = NULL; struct slapi_filter *filter = NULL; char **attrs = NULL; @@ -339,6 +340,7 @@ } slapi_pblock_set( pb, SLAPI_ORIGINAL_TARGET_DN, rawbase ); + rawbase_set_in_pb = 1; /* rawbase is now owned by pb */ slapi_pblock_set( pb, SLAPI_SEARCH_SCOPE, &scope ); slapi_pblock_set( pb, SLAPI_SEARCH_DEREF, &deref ); slapi_pblock_set( pb, SLAPI_SEARCH_FILTER, filter ); @@ -375,7 +377,9 @@ operation->o_flags &= ~OP_FLAG_PS; } /* we strdup'd this above - need to free */ - slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &rawbase); + if (rawbase_set_in_pb) { + slapi_pblock_get(pb, SLAPI_ORIGINAL_TARGET_DN, &rawbase); + } slapi_ch_free_string(&rawbase); } }
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/slap.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/slap.h
Changed
@@ -1348,6 +1348,7 @@ struct slapi_operation_parameters o_params; struct slapi_operation_results o_results; int o_pagedresults_sizelimit; + int o_reverse_search_state; } Operation; /* @@ -1405,7 +1406,7 @@ char *c_authtype; /* auth method used to bind c_dn */ char *c_external_dn; /* client DN of this SSL session */ char *c_external_authtype; /* used for c_external_dn */ - PRNetAddr *cin_addr; /* address of client on this conn */ + PRNetAddr *cin_addr; /* address of client on this conn */ PRNetAddr *cin_destaddr; /* address client connected to */ struct berval **c_domain; /* DNS names of client */ Operation *c_ops; /* list of pending operations */ @@ -1420,6 +1421,8 @@ PRLock *c_mutex; /* protect each conn structure */ PRLock *c_pdumutex; /* only write one pdu at a time */ time_t c_idlesince; /* last time of activity on conn */ + int c_idletimeout; /* local copy of idletimeout */ + int c_idletimeout_handle; /* the resource limits handle */ Conn_private *c_private; /* data which is not shared outside*/ /* connection.c */ int c_flags; /* Misc flags used only for SSL */
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/slapi-plugin.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/slapi-plugin.h
Changed
@@ -196,10 +196,10 @@ Used for DN. */ /* operation flags */ -#define SLAPI_OP_FLAG_INTERNAL 0x00020 /* An operation generated by the core server or a plugin. */ -#define SLAPI_OP_FLAG_NEVER_CHAIN 0x00800 /* Do not chain the operation */ -#define SLAPI_OP_FLAG_NO_ACCESS_CHECK 0x10000 /* Do not check for access control - bypass them */ -#define SLAPI_OP_FLAG_BYPASS_REFERRALS 0x40000 /* Useful for performing internal operations on read-only replica */ +#define SLAPI_OP_FLAG_INTERNAL 0x000020 /* An operation generated by the core server or a plugin. */ +#define SLAPI_OP_FLAG_NEVER_CHAIN 0x000800 /* Do not chain the operation */ +#define SLAPI_OP_FLAG_NO_ACCESS_CHECK 0x10000 /* Do not check for access control - bypass them */ +#define SLAPI_OP_FLAG_BYPASS_REFERRALS 0x40000 /* Useful for performing internal operations on read-only replica */ #define SLAPI_OC_FLAG_REQUIRED 0x0001 #define SLAPI_OC_FLAG_ALLOWED 0x0002 @@ -1868,6 +1868,17 @@ int slapi_entry_has_children(const Slapi_Entry *e); /** + * This function determines if the specified entry has child entries + * including the tombstoned descendents. + * + * \param e Entry that you want to test for child entries. + * \param include_tombstone If non-zero, check tombstone_subordinates, too. + * \return \c 1 if the entry you supply has child entries. + * \return \c 0 if the entry you supply has child entries. + */ +int slapi_entry_has_children_ext(const Slapi_Entry *e, int include_tombstone); + +/** * This function determines if an entry is the root DSE. * * The root DSE is a special entry that contains information about the Directory @@ -2966,9 +2977,11 @@ * \see slapi_rdn_set_rdn() */ void slapi_rdn_set_dn(Slapi_RDN *rdn,const char *dn); +void slapi_rdn_set_dn_ext(Slapi_RDN *rdn,const char *dn, int skip_tombstone); Slapi_RDN *slapi_rdn_new_all_dn(const char *dn); int slapi_rdn_init_all_dn(Slapi_RDN *rdn, const char *dn); int slapi_rdn_init_all_sdn(Slapi_RDN *rdn, const Slapi_DN *sdn); +int slapi_rdn_init_all_sdn_ext(Slapi_RDN *rdn, const Slapi_DN *sdn, int is_tombstone); /** * Sets the RDN value in a \c Slapi_RDN structure from a \c Slapi_DN. @@ -3384,6 +3397,24 @@ */ char * slapi_rdn_get_value(const char *rdn); +/** + * Check if the rdn is multivalued or not + * + * \param rdn A pointer to rdn to exam. + * \return 1, if the rdn is multi valued. + * 0, if the rdn is simgle valued. + */ +int slapi_rdn_is_multivalued(Slapi_RDN *rdn); + +/** + * Check if the rdn is a conflict rdn or not + * + * \param rdn A pointer to rdn to exam. + * \return 1, if the rdn is a conflict rdn + * 0, if the rdn is not a conflict rdn + */ +int slapi_rdn_is_conflict(Slapi_RDN *rdn); + /* * utility routines for dealing with DNs */ @@ -5983,6 +6014,7 @@ typedef int (*slapi_compute_callback_t)(computed_attr_context *c,char* type,Slapi_Entry *e,slapi_compute_output_t outputfn); typedef int (*slapi_search_rewrite_callback_t)(Slapi_PBlock *pb); int slapi_compute_add_evaluator(slapi_compute_callback_t function); +int slapi_compute_add_evaluator_ext(slapi_compute_callback_t function, int rootonly); int slapi_compute_add_search_rewriter(slapi_search_rewrite_callback_t function); int compute_rewrite_search_filter(Slapi_PBlock *pb); @@ -7337,6 +7369,20 @@ */ const char *slapi_system_strerror( const int syserrno ); +/** Check if rdn is a slecial rdn/dn or not. + * + * \param rdn rdn/dn to check + * \param flags specify the type: RDN_IS_TOMBSTONE or RDN_IS_CONFLICT or 0 + * + * \return 1 if rdn matches the flag. + * If flag is IS_TOMBSTONE, returns 1 if rdn is a tombstone rdn/dn. + * If flag is IS_CONFLICT, returns 1 if rdn is a conflict rdn/dn. + * \return 0 otherwise + */ +#define RDN_IS_TOMBSTONE 0x1 +#define RDN_IS_CONFLICT 0x2 +int slapi_is_special_rdn(const char *rdn, int flag); + #ifdef __cplusplus } #endif
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/slapi-private.h -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/slapi-private.h
Changed
@@ -396,43 +396,47 @@ /* operation.c */ -#define OP_FLAG_PS 0x00001 -#define OP_FLAG_PS_CHANGESONLY 0x00002 -#define OP_FLAG_GET_EFFECTIVE_RIGHTS 0x00004 -#define OP_FLAG_REPLICATED 0x00008 /* A Replicated Operation */ -#define OP_FLAG_REPL_FIXUP 0x00010 /* A Fixup Operation, +#define OP_FLAG_PS 0x000001 +#define OP_FLAG_PS_CHANGESONLY 0x000002 +#define OP_FLAG_GET_EFFECTIVE_RIGHTS 0x000004 +#define OP_FLAG_REPLICATED 0x000008 /* A Replicated Operation */ +#define OP_FLAG_REPL_FIXUP 0x000010 /* A Fixup Operation, * generated as a consequence * of a Replicated Operation. */ -#define OP_FLAG_INTERNAL SLAPI_OP_FLAG_INTERNAL /* 0x00020 */ -#define OP_FLAG_ACTION_LOG_ACCESS 0x00040 -#define OP_FLAG_ACTION_LOG_AUDIT 0x00080 -#define OP_FLAG_ACTION_SCHEMA_CHECK 0x00100 -#define OP_FLAG_ACTION_LOG_CHANGES 0x00200 -#define OP_FLAG_ACTION_INVOKE_FOR_REPLOP 0x00400 -#define OP_FLAG_NEVER_CHAIN SLAPI_OP_FLAG_NEVER_CHAIN /* 0x0800 */ -#define OP_FLAG_TOMBSTONE_ENTRY 0x01000 -#define OP_FLAG_RESURECT_ENTRY 0x02000 -#define OP_FLAG_LEGACY_REPLICATION_DN 0x04000 /* Operation done by legacy +#define OP_FLAG_INTERNAL SLAPI_OP_FLAG_INTERNAL /* 0x000020 */ +#define OP_FLAG_ACTION_LOG_ACCESS 0x000040 +#define OP_FLAG_ACTION_LOG_AUDIT 0x000080 +#define OP_FLAG_ACTION_SCHEMA_CHECK 0x000100 +#define OP_FLAG_ACTION_LOG_CHANGES 0x000200 +#define OP_FLAG_ACTION_INVOKE_FOR_REPLOP 0x000400 +#define OP_FLAG_NEVER_CHAIN SLAPI_OP_FLAG_NEVER_CHAIN /* 0x000800 */ +#define OP_FLAG_TOMBSTONE_ENTRY 0x001000 +#define OP_FLAG_RESURECT_ENTRY 0x002000 +#define OP_FLAG_LEGACY_REPLICATION_DN 0x004000 /* Operation done by legacy * replication DN */ -#define OP_FLAG_ACTION_NOLOG 0x08000 /* Do not log the entry in +#define OP_FLAG_ACTION_NOLOG 0x008000 /* Do not log the entry in * audit log or change log */ -#define OP_FLAG_SKIP_MODIFIED_ATTRS 0x10000 /* Do not update the +#define OP_FLAG_SKIP_MODIFIED_ATTRS 0x010000 /* Do not update the * modifiersname, * modifiedtimestamp, etc. * attributes */ -#define OP_FLAG_REPL_RUV 0x20000 /* Flag to tell to the backend +#define OP_FLAG_REPL_RUV 0x020000 /* Flag to tell to the backend * that the entry to be added/ * modified is RUV. This info * is used to skip VLV op. * (see #329951) */ -#define OP_FLAG_PAGED_RESULTS 0x40000 /* simple paged results */ -#define OP_FLAG_SERVER_SIDE_SORTING 0x80000 /* server side sorting */ +#define OP_FLAG_PAGED_RESULTS 0x040000 /* simple paged results */ +#define OP_FLAG_SERVER_SIDE_SORTING 0x080000 /* server side sorting */ +#define OP_FLAG_REVERSE_CANDIDATE_ORDER 0x100000 /* reverse the search candidate list */ +/* reverse search states */ +#define REV_STARTED 1 +#define LAST_REV_ENTRY 2 CSN *operation_get_csn(Slapi_Operation *op); void operation_set_csn(Slapi_Operation *op,CSN *csn); @@ -994,6 +998,13 @@ */ int slapi_uniqueIDSize( void ); +/* Name: slapi_uniqueIDRdnSize + Description: returns size of SLAPI_ATTR_UNIQUEID=slapi_uniqueIDSize() + Parameters: none + Return: size of the string version of "SLAPI_ATTR_UNIQUEID=uniqueID" in bytes + */ +int slapi_uniqueIDRdnSize( void ); + /* Name: slapi_uniqueIDDup Description: duplicates an UniqueID object Parameters: uId - id to duplicate
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/task.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/task.c
Changed
@@ -774,7 +774,7 @@ /* ignore eAfter, just scan the mods for anything unacceptable */ slapi_pblock_get(pb, SLAPI_MODIFY_MODS, &mods); - for (i = 0; mods[i] != NULL; i++) { + for (i = 0; (mods != NULL) && (mods[i] != NULL); i++) { /* for some reason, "modifiersName" and "modifyTimestamp" are * stuck in by the server */ if ((strcasecmp(mods[i]->mod_type, "ttl") != 0) &&
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/test-plugins/testpostop.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/test-plugins/testpostop.c
Changed
@@ -355,7 +355,7 @@ that has been added, replaced, or deleted. */ fprintf( fp, "changetype: modify\n" ); mods = (LDAPMod **)change; - for ( j = 0; mods[j] != NULL; j++ ) { + for ( j = 0; (mods != NULL) && (mods[j] != NULL); j++ ) { switch ( mods[j]->mod_op & ~LDAP_MOD_BVALUES ) { case LDAP_MOD_ADD: fprintf( fp, "add: %s\n", mods[j]->mod_type );
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/tools/rsearch/nametable.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/tools/rsearch/nametable.c
Changed
@@ -152,8 +152,8 @@ if (!fd) return 0; while (PR_Available(fd) > 0) { - char temp[256], *s; - if (PR_GetLine(fd, temp, 256)) break; + char temp[4096], *s; + if (PR_GetLine(fd, temp, sizeof(temp))) break; s = strdup(temp); if (!s) break; if (!nt_push(nt, s)) break;
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/util.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/util.c
Changed
@@ -1089,3 +1089,77 @@ (v6 << 36) | (v7 << 32) | (v8 << 28) | (v9 << 24) | (v10 << 20) | (v11 << 16) | (v12 << 12) | (v13 << 8) | (v14 << 4) | v15; } + +/* + * Check if rdn is a slecial rdn/dn or not. + * If flag is IS_TOMBSTONE, returns 1 if rdn is a tombstone rdn/dn. + * If flag is IS_CONFLICT, returns 1 if rdn is a conflict rdn/dn. + * Otherwise returns 0. + */ +static int util_uniqueidlen = 0; +int +slapi_is_special_rdn(const char *rdn, int flag) +{ + char *rp; + int plus = 0; + if (!util_uniqueidlen) { + util_uniqueidlen = SLAPI_ATTR_UNIQUEID_LENGTH + slapi_uniqueIDSize() + 1/*=*/; + } + + if ((RDN_IS_TOMBSTONE != flag) && (RDN_IS_CONFLICT != flag)) { + LDAPDebug1Arg(LDAP_DEBUG_ANY, "slapi_is_special_rdn: invalid flag %d\n", flag); + return 0; /* not a special rdn/dn */ + } + if (!rdn) { + LDAPDebug0Args(LDAP_DEBUG_ANY, "slapi_is_special_rdn: NULL rdn\n"); + return 0; /* not a special rdn/dn */ + } + + if (strlen(rdn) < util_uniqueidlen) { + return 0; /* not a special rdn/dn */ + } + rp = (char *)rdn; + while (rp) { + char *endp = NULL; + if (!PL_strncasecmp(rp, SLAPI_ATTR_UNIQUEID, SLAPI_ATTR_UNIQUEID_LENGTH) && + (*(rp + SLAPI_ATTR_UNIQUEID_LENGTH) == '=')) { + if (RDN_IS_TOMBSTONE == flag) { + if ((*(rp + util_uniqueidlen) == ',') || + (*(rp + util_uniqueidlen) == '\0')) { + return 1; + } else { + return 0; + } + } else { + if ((*(rp + util_uniqueidlen) == '+') || + (plus && ((*(rp + util_uniqueidlen) == ',') || + (*(rp + util_uniqueidlen) == '\0')))) { + return 1; + } + } + } else if (RDN_IS_TOMBSTONE == flag) { + /* If the first part of rdn does not start with SLAPI_ATTR_UNIQUEID, + * it's not a tombstone RDN. */ + return 0; + } + endp = PL_strchr(rp, ','); + if (!endp) { + endp = rp + strlen(rp); + } + rp = PL_strchr(rp, '+'); + if (rp && (rp < endp)) { + plus = 1; + rp++; + } + } + return 0; +} + +int +slapi_uniqueIDRdnSize() +{ + if (!util_uniqueidlen) { + util_uniqueidlen = SLAPI_ATTR_UNIQUEID_LENGTH + slapi_uniqueIDSize() + 1/*=*/; + } + return util_uniqueidlen; +}
View file
389-ds-base-1.2.11.29.tar.bz2/ldap/servers/slapd/valueset.c -> 389-ds-base-1.2.11.30.tar.bz2/ldap/servers/slapd/valueset.c
Changed
@@ -895,16 +895,10 @@ "slapi_attr_values2keys_sv failed for type %s\n", a->a_type, 0, 0 ); } else { - struct berval *bv1, *bv2; + const struct berval *bv1, *bv2; bv1 = &keyvals[0]->bv; bv2 = &keyvals[1]->bv; - if ( bv1->bv_len < bv2->bv_len ) { - rc = -1; - } else if ( bv1->bv_len > bv2->bv_len ) { - rc = 1; - } else { - rc = memcmp( bv1->bv_val, bv2->bv_val, bv1->bv_len ); - } + rc = slapi_berval_cmp (bv1, bv2); } if (keyvals != NULL) valuearray_free( &keyvals ); @@ -1044,7 +1038,7 @@ int passin = flags & SLAPI_VALUE_FLAG_PASSIN; int dupcheck = flags & SLAPI_VALUE_FLAG_DUPCHECK; - if (naddvals == 0) + if (naddvals <= 0) return (rc); need = vs->num + naddvals + 1; @@ -1078,6 +1072,11 @@ } vs->max= allocate; } + if (NULL == vs->va) { + LDAPDebug1Arg(LDAP_DEBUG_ANY, "slapi_valueset_add_attr_valuearray_ext: " + "%s: valuearray is NULL\n", a->a_type); + return LDAP_OPERATIONS_ERROR; + } if ( (vs->num + naddvals > VALUESET_ARRAY_SORT_THRESHOLD || dupcheck ) && !vs->sorted ) {
View file
389-ds-base.dsc
Changed
@@ -2,7 +2,7 @@ Source: 389-ds-base Binary: 389-ds, 389-ds-base-libs, 389-ds-base-libs-dbg, 389-ds-base-dev, 389-ds-base, 389-ds-base-dbg Architecture: any all -Version: 1.2.11.29-0 +Version: 1.2.11.30-1 Maintainer: Debian 389ds Team <pkg-fedora-ds-maintainers@lists.alioth.debian.org> Uploaders: Timo Aaltonen <tjaalton@ubuntu.com>, Krzysztof Klimonda <kklimonda@syntaxhighlighted.com> Homepage: http://directory.fedoraproject.org @@ -18,5 +18,5 @@ 389-ds-base-libs deb libs optional 389-ds-base-libs-dbg deb debug extra Files: - 00000000000000000000000000000000 0 389-ds-base-1.2.11.29.tar.bz2 + 00000000000000000000000000000000 0 389-ds-base-1.2.11.30.tar.bz2 00000000000000000000000000000000 0 debian.tar.gz
View file
debian.changelog
Changed
@@ -1,3 +1,9 @@ +389-ds-base (1.2.11.30-1) unstable; urgency=low + + * New upstream release 1.2.11.30 + + -- Aeneas Jaissle <aj@ajaissle.de> Wed, 20 Aug 2014 11:24:10 +0200 + 389-ds-base (1.2.11.29-0) unstable; urgency=low * New upstream release 1.2.11.29
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.