[Pkg-freeipa-devel] [Git][freeipa-team/389-ds-base][upstream] 29 commits: Issue 49858 - Add backup/restore and import/export functionality to WebUI/CLI
Timo Aaltonen
gitlab at salsa.debian.org
Wed Oct 10 23:00:19 BST 2018
Timo Aaltonen pushed to branch upstream at FreeIPA packaging / 389-ds-base
Commits:
c393394f by Simon Pichugin at 2018-08-18T08:58:03Z
Issue 49858 - Add backup/restore and import/export functionality to WebUI/CLI
Description: dsconf tool now has:
'dsconf localhost backup create' and 'dsconf localhost backup restore';
'dsconf localhost backend import' and 'dsconf localhost backend export'.
Add basic tests for the CLI part
Add JS logic for online backup/restore.
Add more HTML and JS for online import/export functionality.
Fix CSS alignment issues. Fix validity checks in CLI.
https://pagure.io/389-ds-base/issue/49858
Reviewed by: mreynolds, wibrown, mhonek (Thanks!)
- - - - -
d06b5bb2 by William Brown at 2018-08-22T08:51:07Z
Ticket 49887: Fix SASL map creation when --disable-perl
When the SASL maps for single backend was made, it was assuming a number
of behaviours such as a single backend was added. This is *not* the
default in lib389, and caused a crashed when a valid ZERO backend
server was created. Additionally, it used a template file that
will not be present in the future.
This Fixes the behaviour to account for 0, 1 and multiple backends
and uses the correct saslmapping objects to create the types needed
for LDAPI
https://pagure.io/389-ds-base/issue/49887
Author: William Brown <william at blackhats.net.au>
- - - - -
104968b6 by Mark Reynolds at 2018-08-24T20:21:32Z
Revert "Ticket 49432 - filter optimise crash"
This reverts commit 5c89dd8f9c8eb77c967574412d049d55565bb364.
- - - - -
14a10a34 by Mark Reynolds at 2018-08-24T20:24:21Z
Revert "Ticket 49372 - filter optimisation improvements for common queries"
This reverts commit 4cd1a24b3ce88968ff5f9a2b87efdc84dee176da.
- - - - -
de78c494 by Mark Reynolds at 2018-08-24T20:34:25Z
Bump version to 1.4.0.16
- - - - -
09ad0d01 by Mark Reynolds at 2018-08-27T19:48:23Z
Ticket 49877 - Add log level functionality to UI
Description: Add logic to get and save the access & errors log levels
in the UI tables
https://pagure.io/389-ds-base/issue/49877
Reviewed by: ?
- - - - -
d6616221 by Simon Pichugin at 2018-08-28T13:19:38Z
Issue 49866 - Refactor PwPolicy lib389/CLI module
Description: Refactor Password Policy module and its CLI part.
Add PwPolicyManager object and PwPolicyEntry(DSLdapObject).
Validate LDIF and Backup dir paths. Don't accept a forward slash
because it can lead to a security flow.
Add an additional assertion to Backup/Restore CLI test suite.
https://pagure.io/389-ds-base/issue/49866
Reviewed by: mreynolds (Thanks!)
- - - - -
2dc26d9b by Amita Sharma at 2018-08-29T15:43:54Z
Issue 48053 - Add attribute encryption test cases
Description: Added test cases for attribute encryption
https://pagure.io/389-ds-base/issue/48053
Reviewed by: Simon and Viktor
- - - - -
78fc627a by Mark Reynolds at 2018-08-30T18:28:10Z
Ticket 49932 - Crash in delete_passwdPolicy when persistent search connections are terminated unexpectedly
Bug Description: We clone a pblock in a psearch search, and under certain
error conditions this pblock is freed, but it frees the
password policy struct which can lead to a double free
when the original pblock is destroyed.
Fix Description: During the cloning, set the pwppolicy struct to NULL
so the clone allocates its own policy if needed
https://pagure.io/389-ds-base/issue/49932
Reviewed by: ?
- - - - -
8857b150 by Akshay Adhikari at 2018-09-04T04:15:06Z
Issue 49930 - Correction of the existing fixture function names to remove test_ prefix
Description: Fixed fixture names and also python3 issue.
https://pagure.io/389-ds-base/issue/49930
Reviewed by: amsharma & spichugi (Thanks!)
- - - - -
c64f7fb1 by Mark Reynolds at 2018-09-04T13:33:18Z
Ticket 49866 - fix typo in cos template in pwpolicy subtree create
Description: Typo in the pwdpolicy subentry attribute name
https://pagure.io/389-ds-base/issue/49866
Reviewed by: mreynodls(one line commit rule)
- - - - -
8ff8cb85 by Mark Reynolds at 2018-09-05T18:10:42Z
Ticket 49937 - Log buffer exceeded emergency logging msg is not thread-safe
Bug Description: Multiple operations making modificatiosn on a DN
that is very large can crash the server, because
when we do emergency logging, we close and reopen
the errors log withgout hold the error log write
lock. This causes the FD pointer to be become
invalid and triggers a crash.
Fix description: Hold the errors log write lock while closing and
reopening the log
https://pagure.io/389-ds-base/issue/49937
Reviewed by: vashirov(Thanks!)
- - - - -
e59b309c by William Brown at 2018-09-12T10:36:02Z
Ticket 49887: Clean thread local usage
Clean the thread local usage of the logging system to be more inline with
pthread's intent, remove bad practices of case/switch get setters, and change
the types to be more effecient struct types. Generally make it better
https://pagure.io/389-ds-base/issue/49941
Author: William Brown <william at blackhats.net.au>
- - - - -
4881826e by Mark Reynolds at 2018-09-14T14:18:52Z
Ticket 49926 - Add replication functionality to dsconf
Description: Add replication functionality to the dsconf. This includes
repl config, agmts, winsync agmts, and cleanallruv/abort cleanallruv
Adjusted the backend options to use hyphens for consistency
https://pagure.io/389-ds-base/issue/49926
Reviewed by: spichugi & firstyear(Thanks!!)
- - - - -
fc2008c4 by Viktor Ashirov at 2018-09-17T12:01:35Z
Ticket 49926 - Fix replication tests on 1.3.x
Description:
nsAccount is not supported by 1.3.x branch.
Fix description:
Remove nsAccount objectClass from Replication Manager
if DS is older than 1.4.x.
https://pagure.io/389-ds-base/issue/49926
Reviewed by: mreynolds, firstyear (Thanks!)
- - - - -
219fd4b1 by Simon Pichugin at 2018-09-18T07:50:16Z
Issue 49928 - Refactor and improve schema CLI/lib389 part to DSLdapObject
Description: First commit that refactors Schema object and
removes SchemaLegacy usage from CLI.
Add full CLI Schema functionality to lib389.
It includes: list, query, add, edit, remove operations.
https://pagure.io/389-ds-base/issue/49928
Reviewed by: mreynolds, wibrown (Thanks!)
- - - - -
b4164ccf by Thierry Bordaz at 2018-09-18T12:33:20Z
Ticket 49954 - On s390x arch retrieved DB page size is stored as size_t rather than uint32_t
Bug Description:
The page size is retrieved from uint32_t dblayer_page_size.
Later it is stored in a size_t variable with a cast.
Depending on little/big endian the page size can be stored in the upper/lower bits of the 64bits variable.
Later the variable is used to set the page size of a database file using the lower bits (uint32_t) that are zeroed.
Fix Description:
The BDB callback to set the pagesize, expects a a uint32_t.
Make sure the field containing it is uint32_t (instead of size_t) as the page
size is retrieved as a uint32_t as well (dblayer_page_size/BACK_INFO_INDEXPAGESIZE)
https://pagure.io/389-ds-base/issue/49954
Reviewed by: Ludwig Krispen
Platforms tested: F27
Flag Day: no
Doc impact: no
- - - - -
efa39cbc by Simon Pichugin at 2018-09-21T14:26:38Z
Issue 49928 - WebUI schema functionality and improve CLI part
Description: Add schema functionality for add/edit/remove for
for attributes and objectClasses. Add get_attr_syntaxes funciton.
Fix small CLI schema issues and lib389 API part.
Set LogCapture level on the init.
Add copyright for cli/conf_backup_test.py.
https://pagure.io/389-ds-base/issue/49928
Reviewed by: mreynolds, mhonek (Thanks!)
- - - - -
ff3da975 by Thierry Bordaz at 2018-09-25T07:47:23Z
Ticket 49958: extended search fail to match entries
Bug Description:
During an extended search, a structure is created for each filter component.
The structure contains the keys generated from the assertion and using the given
matching rule indexer.
Later the keys will be compared (with the MR) with keys generated from the
attribute values of the candidate entries.
The bug is that parsing the assertion, instead of removing the heading spaces
the routine clear the assertion that is empty. So the generated keys is NULL.
Fix Description:
The fix consists to only remove heading spaces
https://pagure.io/389-ds-base/issue/49958
Reviewed by: Mark Reynolds
Platforms tested: F27
Flag Day: no
Doc impact: no
- - - - -
4f118f42 by Matúš Honěk at 2018-09-25T14:01:04Z
Issue 49947 - Coverity: 389-ds-base-1.4.0.16.20180905git8ff8cb8
Bugs and fixes description:
- 15607:
- in lib389/suffix.py: Structurally dead code
- 15604:
- in bug_harness.py: Null dereference
+ solved by removing the file as it is unused and outdated
- additionally, remove the static_var decorator definition as it
is not used anyway any more
- 15754:
- in pwdPolicy_syntax_test.py: fix typo in identifier
+ Fix log msg in file pw.c
- 17046, 17061, 17063, 17069, 17084:
- in backend_test and backendLegacy_test: fix use before NULL check
- 17473:
- in lib389/__init__.py: Identical code in different branches
+ removed the wrapper altogether as we don't support Python2 any more
- replace SafeConfigParser with ConfigParser for it has been just an
alias since Python 3.2 and will be removed in the future
https://pagure.io/389-ds-base/issue/49947
Author: mhonek
Review by: spichugi, firstyear (Thanks!)
- - - - -
c73cd26d by Viktor Ashirov at 2018-09-26T12:28:10Z
Issue 49963 - ASan build fails on F28
Bug Description:
When building with gcc, we need to link wit libasan.
Fix Description:
Add -lasan to compiler flags.
https://pagure.io/389-ds-base/issue/49963
Reviewed by: tbordaz (Thanks!)
- - - - -
bdb86769 by Thierry Bordaz at 2018-10-04T09:44:04Z
Ticket 49915 - Master ns-slapd had 100% CPU usage after starting replication and replication cannot finish
Bug Description:
During a total initialization the supplier builds a candidate list of the entries to send.
Because of https://fedorahosted.org/389/ticket/48755, the candidate list relies on parentid attribute.
All entries, except tombstones and suffix itself, have parentid.
There is an assumption that the first found key (i.e. '=1') contains the suffix children.
So when it finally finds the suffix key it adds its children to a leftover list rather to the candidate list.
Later idl_new_range_fetch loops for ever trying to add suffix children from leftover to candidate list.
Fix Description:
The fix consist to store the suffix_id (if it does not exist already) in the parentid index (with the key '=0').
Then get it to detect the suffix key from the index in idl_new_range_fetch.
https://pagure.io/389-ds-base/issue/49915
Reviewed by: Ludwig Krispenz, William Brown (thanks !)
Platforms tested: F27
Flag Day: no
Doc impact: no
- - - - -
e2810e78 by Matúš Honěk at 2018-10-05T08:46:36Z
Ticket 49943 - rfc3673_all_oper_attrs_test is not strict enough
Bug Description:
Test suites/filter/rfc3673_all_oper_attrs_test.py::test_search_basic
does not reach constraints extensively. The asserts are too
benevolent.
The commit 6ef4eb5 changed 'normal user' ACIs, however these changes
introduced new attr 'modifiersName' which was supposed to be missing
when searching.
In the first case, assert checks only for 'objectClass' and
pseudo-randomly one more attr to be present which is not sufficient.
In the second case, recently changed assert introduced weaker check
than the one present before.
Fix Description:
Bring back previous ACI to explicitly test the difference when binding
as normal user and the DM.
In case of add_attr == '*', test for all expected_attrs to be in
found_attrs. In the other case bring back the strict comparison as
there used to be before.
https://pagure.io/389-ds-base/issue/49943
Author: mhonek
Review by: firstyear, spichugi (Thanks!)
- - - - -
a49bd03d by Mark Reynolds at 2018-10-09T18:42:46Z
Ticket 49969 - DOS caused by malformed search operation (security fix)
Bug Description: There are two issues here. The one in we don't cloase a
connection when an invalid unbind occurs. The other is a
search request passing 8MB of NULL bytes as search attributes
will keep one thread busy for a long time. The reason is
that the attr array is copied/normalized to the searchattrs in
the search operation and does this using charray_add() which
iterates thru the array to determine the size of the array and
then allocate one element more. So this means we iterate 8
million times an array with a then average size of 4 million
elements.
Fix Description: We already have traversed the array once and know the size,
so we can allocate the needed size once and only copy the element.
In addition we check for the kind of degenerated attributes ""
as used in this test scenario. So the fix will reject invalid
attr lists and improve performance for valid ones
Author: Ludwig Krispens <lkrispen at redhat.com>
https://pagure.io/389-ds-base/issue/49969
Reviewed by: tbordaz & mreynolds (Thanks!)
- - - - -
068a00fb by Mark Reynolds at 2018-10-09T18:54:53Z
Bump version to 1.4.0.17
- - - - -
a6369790 by Mark Reynolds at 2018-10-10T13:27:36Z
Ticket 49969 - DOS caused by malformed search operation (part 2)
Description: Fix regression that casued a crash
https://pagure.io/389-ds-base/issue/49969
- - - - -
614837ac by German Parente at 2018-10-10T15:29:50Z
Ticket #49946 upgrade of 389-ds-base could remove replication agreements.
Bug Description:
when a replication agreement starts with "cn=->...", the upgrade is removing
the entry.
Fix Description:
a check is missing when re-building dse.ldif in "setup-ds.pl -u" that provoked this entry not to be re-added to the file.
https://pagure.io/389-ds-base/issue/49946
Author: German Parente <gparente at redhat.com>
Review by: ???
- - - - -
80d0d712 by Thierry Bordaz at 2018-10-10T15:39:04Z
Ticket 49968 - Confusing CRITICAL message: list_candidates - NULL idl was recieved from filter_candidates_ext
Bug Description:
When a filter component is indexed but returns an empty IDL
an alarming message is logged although it is normal.
Fix Description:
Remove the alarming message
https://pagure.io/389-ds-base/issue/49968
Reviewed by: Mark Reynolds
Platforms tested: F27 + testcase
Flag Day: no
Doc impact: no
- - - - -
d2aa131f by Mark Reynolds at 2018-10-10T16:32:17Z
Bump version to 1.4.0.18
- - - - -
30 changed files:
- Makefile.am
- VERSION.sh
- configure.ac
- + dirsrvtests/tests/suites/attr_encryption/attr_encryption_test.py
- dirsrvtests/tests/suites/basic/basic_test.py
- dirsrvtests/tests/suites/filter/filter_test.py
- dirsrvtests/tests/suites/filter/rfc3673_all_oper_attrs_test.py
- dirsrvtests/tests/suites/paged_results/paged_results_test.py
- dirsrvtests/tests/suites/password/pwdPolicy_attribute_test.py
- dirsrvtests/tests/suites/password/pwdPolicy_inherit_global_test.py
- dirsrvtests/tests/suites/password/pwdPolicy_syntax_test.py
- dirsrvtests/tests/suites/password/regression_test.py
- dirsrvtests/tests/suites/replication/acceptance_test.py
- dirsrvtests/tests/suites/replication/conflict_resolve_test.py
- dirsrvtests/tests/suites/replication/regression_test.py
- dirsrvtests/tests/tickets/ticket48808_test.py
- ldap/admin/src/scripts/FileConn.pm
- ldap/admin/src/scripts/ns-slapd-gdb.py
- ldap/servers/plugins/collation/orfilter.c
- ldap/servers/plugins/replication/cl5_api.c
- ldap/servers/plugins/replication/cl5_api.h
- ldap/servers/plugins/replication/repl5_agmt.c
- ldap/servers/plugins/replication/repl5_tot_protocol.c
- ldap/servers/slapd/back-ldbm/dblayer.c
- ldap/servers/slapd/back-ldbm/filterindex.c
- ldap/servers/slapd/back-ldbm/idl_new.c
- ldap/servers/slapd/back-ldbm/index.c
- ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
- ldap/servers/slapd/back-ldbm/ldbm_search.c
- ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/compare/94f30daf7c9b48a68a4690d4badd1cae336ec5e8...d2aa131f8af38f79a16f55a70add81e829056cd0
--
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/compare/94f30daf7c9b48a68a4690d4badd1cae336ec5e8...d2aa131f8af38f79a16f55a70add81e829056cd0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20181010/6c5a876e/attachment-0001.html>
More information about the Pkg-freeipa-devel
mailing list