[Pkg-freeipa-devel] [Git][freeipa-team/389-ds-base][upstream] 49 commits: Ticket 50095 - cleanup deprecated key.h includes
Timo Aaltonen
gitlab at salsa.debian.org
Tue Feb 12 14:13:02 GMT 2019
Timo Aaltonen pushed to branch upstream at FreeIPA packaging / 389-ds-base
Commits:
174c4683 by Mark Reynolds at 2018-12-14T21:21:41Z
Ticket 50095 - cleanup deprecated key.h includes
Description: key.h has been deprecated in favor of keyhi.h
https://pagure.io/389-ds-base/issue/50095
Reviewed by: mreynolds(one line commit rule)
- - - - -
07b367ea by Akshay Adhikari at 2018-12-17T07:45:12Z
Issue 49588 - Add py3 support for tickets : part-5
Description: Added py3 support by explicitly changing strings to bytes.
Fixed old legacy objects.
https://pagure.io/389-ds-base/issue/49588
Reviewed by: mreynolds (Thanks!)
- - - - -
8d51c979 by Ludwig Krispenz at 2018-12-18T12:43:55Z
Ticket 49574 - remove index subsystem
There is code for an indexing subsystem, which looks like it was intended
to provide special indexes for specific search filters (not vlv).
But it is not used and not documented and unclear if it ever worked or will
work. It only contains calls in search processing to check if something is defined
and so only provides a bit of overhead in searches.
We can remove this dead code. We can also remove the broker api for idl_xxx since it is not used
anywhere else.
- - - - -
4b53c312 by Anuj Borah at 2018-12-18T14:27:37Z
Issue: 50082 - Port state test suite
Description: Port state test suite
issue: https://pagure.io/389-ds-base/issue/50082
Reviewed by: Mark Reynolds
- - - - -
00c3b7a9 by Simon Pichugin at 2018-12-18T19:15:43Z
Issue 50041 - Add basic plugin UI/CLI wrappers
Description: Add plugin UI tabs with basic data editing,
enable/disable and dynamic plugin switch.
Fix loading. Fix small CSS issues.
React. Add customCollapse element. Make customToolbar customizable.
Rework data flow in the component.
CLI. Put all the plugins to 'plugin' parser. Add wrappers for
all main plugins. Clean up plugin args (remove get_dn, generic enable and disable)
https://pagure.io/389-ds-base/issue/50041
Reviewed by: mreynolds, mhonek (Thanks!)
- - - - -
76847e82 by Thierry Bordaz at 2018-12-19T09:58:44Z
Ticket 50099 - In FIPS mode, the server can select an unsupported password storage scheme
Bug Description:
When running in FIPS mode, DS selects SSHA512 as password storage schema else it selects PBKDF2_SHA256.
The problem is that in FIPS mode it selects PBKDF2_SHA256 that is currently not supported by NSS.
So DS fails to hash password
The scheme selection is done in the early phase of DS startup (slapd_bootstrap_config).
To determine it is in FIPS mode, DS calls PK11_IsFIPS that requires that NSS has been initialized.
The problem is that during slapd_bootstrap_config, NSS is not yet initialized and PK11_IsFIPS returns
PR_FALSE even in FIPS mode
Fix Description:
The fix consists to check if NSS is initialized. If it is initialize, then rely on PK11_IsFIPS.
If it is not initialized then retrieve the FIPS mode from the system, assuming that if system
is in FIPS mode, then NSS will be in FIPS mode as well
https://pagure.io/389-ds-base/issue/50099
Reviewed by: Mark Reynolds (thanks Mark !)
Platforms tested: F27
Flag Day: no
Doc impact: no
- - - - -
ecdf6d8d by Thierry Bordaz at 2018-12-19T13:34:55Z
Ticket 50099 - extend error messages
- - - - -
14890380 by Anuj Borah at 2018-12-21T05:50:33Z
Issue: 48064
Bug Description: CI test - disk_monitoring
Fix Description: Scripts are ported
https://pagure.io/389-ds-base/issue/48064
Reviewed by: Simon Pichugin
- - - - -
ad1b78ea by Mark Reynolds at 2018-12-21T15:08:02Z
Ticket 50056 - Fix UI bugs (part 2)
Description: Fix issues with deleting SASL mappings, loading the
replicated suffix dropdown select lists, improve root
dn password change validation, improved docs in dscreate
template for suffixes, hide password values in console
logging, remove ssca directory whenremoivnign the last
instance, and issues with audit fail logging in UI.
https://pagure.io/389-ds-base/issue/50056
Reviewed by: vashirov(Thanks!)
- - - - -
4bb89f16 by Anuj Borah at 2019-01-03T03:42:42Z
Issue: 49761
Bug Description:Fix CI test suite issues
Fix Description: Ported test scrips
https://pagure.io/389-ds-base/issue/49761
Reviewed by: Mark Reynolds and spichugi
- - - - -
01df5d52 by Simon Pichugin at 2019-01-03T16:05:06Z
Issue 49938 - lib389 - Clean up CLI logging
Description: We set DEBUG log level if self.verbose is true.
So we should properly log the information through self.log.debug
when it is necessary.
https://pagure.io/389-ds-base/issue/49938
Reviewed by: mreynolds (Thanks!)
- - - - -
a3d35b9d by Viktor Ashirov at 2019-01-04T10:48:28Z
Issue 48064 - Fix various issues in disk monitoring test suite
Bug Description:
1. Some tests were hanging after disk monitoring test suite was executed,
because we didn't do a proper cleanup: log directories were still
mounted after test has ended.
2. Deprecation warnings from re module.
Fix Description:
1. Change scope of the fixture to 'module' instead of 'function'.
Split setup fixture to have a separate fixture for log reset for each
test.
2. Use raw strings for re functions' parameters.
https://pagure.io/389-ds-base/issue/48064
Reviewed by: mreynolds and spichugi (Thanks!)
- - - - -
3a1628f6 by Mark Reynolds at 2019-01-04T16:42:52Z
Ticket 49999 - rpm.mk dist-bz2 should clean cockpit_dist first
Description: make -f rpm.mk dist-bz2 should always generate this directory
from scratch:
src/cockpit/389-console/cockpit_dist
https://pagure.io/389-ds-base/issue/49999
Reviewed by: spichugi & mreynolds
- - - - -
ff00b074 by Thierry Bordaz at 2019-01-07T08:40:04Z
Ticket 50117 - after certain failed import operation, impossible to replay an import operation
Bug Description:
At the beginning of an import, a flag is set to mark the target backend is busy.
Then import tests if there are pending operations. If such operations exist the import can not proceed and fails.
The problem is that in such case of pending operations, the import fails without resetting the busy flag.
It let the backend busy (until next reboot) and prevent new import.
Fix Description:
It needs to reset the busy flag if there are pending operations
https://pagure.io/389-ds-base/issue/50117
Reviewed by: Mark Reynolds, William Brown
Platforms tested: F27
Flag Day: no
Doc impact: no
- - - - -
f574332f by Barbora Smejkalová at 2019-01-07T11:09:32Z
Issue 49618 - Set nsslapd-cachememsize to custom value
Description:
Added function for getting available memory.
Added test case to set nsslapd-cachememsize to custom value above 3805132804 bytes. Test is skipped if available memory is lower than we want to set.
https://pagure.io/389-ds-base/issue/49618
Reviewed by: vashirov, spichugi (Thanks!)
- - - - -
410d3bb9 by William Brown at 2019-01-08T03:55:55Z
Ticket 50128 - NS Stress fails without ipv6
Bug Description: Docker for osx doesn't support ipv6, which
means that in ipv4 only environments this test fails.
We aren't trying to test ipv4/ipv6 here, only that NS handles
load, so swapping to ipv4 is not a change to the test
Fix Description: Change the PR_AF_INET6 to PR_AF_INET
https://pagure.io/389-ds-base/issue/50128
Author: William Brown <william at blackhats.net.au>
Review by: ???
- - - - -
f03ea8ec by Barbora Smejkalová at 2019-01-08T13:53:26Z
Issue 50091 - shadowWarning is not generated if passwordWarning is lower than 86400 seconds (1 day).
Description:
Added test case to check if shadowWarning attribute is generated when passwordWarning is set to lower value than 84600 seconds.
https://pagure.io/389-ds-base/issue/50091
Reviewed by: vashirov, amsharma, spichugi, firstyear (Thank you!)
- - - - -
d97514a9 by Anuj Borah at 2019-01-08T13:56:30Z
Issue: 50101 - Port fourwaymmr Test TET suit to python3
Port fourwaymmr Test TET suit to python3
https://pagure.io/389-ds-base/issue/50101
Reviewed by: Simon Pichugin
- - - - -
a9ed1e6a by William Brown at 2019-01-08T22:39:45Z
Issue 50122 - Selinux test for presence
Description: Selinux is not present on all systems. Trying to
import python-selinux when it's not available fails, but we
can not guarantee that the with_selinux flag to defaults is
correct because some systems build with selinux but may not
have it enabled. We should check if we can access the tools
instead, and skip them (with warnings) if we can't make changes
https://pagure.io/389-ds-base/issue/50122
Reviewed by: mreynolds
- - - - -
07b5532e by Matúš Honěk at 2019-01-09T08:30:42Z
Ticket 50134 - fixup-memberof.pl does not respect protocol requested
Bug Description:
fixup-memberof.pl tries with StartTLS even though LDAP was specified.
Fix Description:
Fix protocol assignment to $info, probably missed during a previous code porting.
https://pagure.io/389-ds-base/issue/50134
Author: mhonek
Review by: mreynolds, firstyear (thanks!)
- - - - -
c1cc0acd by Marc Muehlfeld at 2019-01-09T13:56:33Z
Issue 50130 - Building RPMs on RHEL8 fails
Description: Due to an incorrect path in a "mv" command in
389-ds-base.spec.in, building RPMs on RHEL8 failed
https://pagure.io/389-ds-base/issue/50130
Reviewed by: vashirov & wibrown
- - - - -
50e290dc by William Brown at 2019-01-09T23:13:23Z
Ticket 50126 - Incorrect usage of sudo in test
Bug Description:
Sudo is assumed to be present and working in passwordless
mode with basictest.
Fix Description:
We can not make this assumption, that sudo is installed (docker)
or in passwordless mode. As a result for this test to work, we should
run the suite as "sudo py.test" or "dirsrv". Potentially we may need
to update defaults.inf for people who want to run the tests as
their own user ID.
https://pagure.io/389-ds-base/issue/50126
Author: William Brown <william at blackhats.net.au>
Review by: ???
- - - - -
83223d5f by Ludwig Krispenz at 2019-01-10T10:39:59Z
Ticket 50078 - cannot add cenotaph in read only consumer
Bug: For modrdn operations a cenotaph entry is created to be used in later conflict
resolution procedures, this is done by an internal add operation and
fails on hubs and consumers
Fix: Add the "bypass referral" flag to the internal add operation to allow it
Reviewed by: Thierry, thanks
- - - - -
a4632aa6 by Mark Reynolds at 2019-01-10T17:49:10Z
Ticket 50056 - dsctl db2ldif throws an exception
Description: dsctl db2ldif throws an exception because of a typo in
a parameter name.
https://pagure.io/389-ds-base/issue/50056
Reviewed by: mreynolds(one line commit rule)
- - - - -
e31057e2 by Simon Pichugin at 2019-01-10T23:39:37Z
Issue 50145 - Add a verbose option to the backup tools
Bug description: RHDS 9 does not require a -q option to not log debugging messages.
-q also suppresses the output that had been included before when doing an import.
Fix description:
Make -q option less verbose by removing error log messages
and add -V option which enables Verbose DEBUG output.
https://pagure.io/389-ds-base/issue/50145
Reviewed by: mreynolds (Thanks!)
- - - - -
4b8b470f by William Brown at 2019-01-11T00:42:34Z
Ticket 50122 - Fix incorrect path spec
Bug Description: Due to human error, I missed a path spec in
a change I made
Fix Description: Fix the path
https://pagure.io/389-ds-base/issue/50122
Author: William Brown <william at blackhats.net.au>
Review by: ???
- - - - -
55045dab by Matúš Honěk at 2019-01-11T13:40:00Z
Ticket 50138 - db2bak.pl -P LDAPS does not work when nsslapd-securePort is missing
Bug Description:
When nsslapd-securePort is not set in dse.ldif, DSUtil (in case of LDAPS)
interpolates ldapmodify (and other) call to a URI ending only with a colon
because obtained securePort is just an empty string. The very same turns out to
happen for the nsslapd-port.
Fix Description:
Hardcode the default ports, which is a short variant of omitting the
colon and port, and which would be chosen by the OpenLDAP utils any way.
https://pagure.io/389-ds-base/issue/50138
Author: mhonek
Review by: mreynolds (thanks!)
- - - - -
c1f96bd3 by Mark Reynolds at 2019-01-11T16:23:32Z
Ticket 49994 - Adjust dsconf backend usage
Description: Slightly rearrange the backend usage to move create/delete
to main subcommands instead of being under suffix.
https://pagure.io/389-ds-base/issue/49994
Reviewed by: spichugi & firstyear(Thanks!!)
- - - - -
9f433e82 by William Brown at 2019-01-13T22:39:04Z
Update .gitignore to hide extra files
Description: Add a small number of files to gitignore
- - - - -
b5e4fca0 by William Brown at 2019-01-13T22:39:04Z
Ticket 50136 - Allow resetting passwords on the CLI
Bug Description: This allows resetting passwords on the CLI for
accounts, as well as allowing accounts to self-change their
passwords.
Fix Description: Add reset and change password functions, and
fix a number of issues with non-DM bind in the server, regrissions
in tls enable during tests.
https://pagure.io/389-ds-base/issue/50136
Author: William Brown <william at blackhats.net.au>
Review by: ???
- - - - -
7096094e by Mark Reynolds at 2019-01-14T14:56:37Z
Ticket 50077 - RFE - improve automember plugin to work with modify ops
Description:
Previously automember was only invoked for ADD operations. This enhancement
allows it to work with modify operations, and it will also maintain the
correct memberships. So if a modify changes which groups the user would
belong to, it will add the user to the new group, and remove them from the
old group.
https://pagure.io/389-ds-base/issue/50077
Reviewed by: spichugi & firstyear (Thanks!!)
- - - - -
a8fa9a99 by Mark Reynolds at 2019-01-14T15:10:20Z
Ticket 49984 - python installer add option to create suffix entry
Description: Making the top suffix entry should be optional, and
not the fixed default behavior. Added a new option:
create_suffix_entry True/False
https://pagure.io/389-ds-base/issue/49984
Reviewed by: ?
- - - - -
0666b520 by William Brown at 2019-01-15T00:03:37Z
Ticket 50123 - with_tmpfiles_d is associated to systemd
Description: with_tmpfiles_d does not operate unless it's
part of a systemd install. This moves the configure check
and operation to within the "with_systemd" code.
https://pagure.io/389-ds-base/issue/50123
Reviewed by: vashirov (Thanks!)
- - - - -
ca13f42d by Mark Reynolds at 2019-01-15T03:53:10Z
Ticket 50153 - Increase default max logs
Bug Description: The errors & audit logs default to max number of logs to 1.
This prevents the max log size rotation policy from working.
This is documented in the docs, but the problem is that this
can allow the server to fill up the FS on /var under certain
conditions.
Fix Description: Change the default max number of logs to "2". This is still
a small value, and it allows the rotation policy to be effective.
https://pagure.io/389-ds-base/issue/50153
Reviewed by: spichugi & firstyear (Thanks!!)
- - - - -
8bac1e29 by Marc Muehlfeld at 2019-01-15T14:26:24Z
Ticket 50161 - Fixed some descriptions in "dsconf backend --help"
Description: - Help for "suffix" was no longer correct
- Help for "create" changed to "Create a backend database"
- Changed descriptions to start with a capital letter for consistency
https://pagure.io/389-ds-base/issue/50161
Reviewed by: mhonek, mreynolds
- - - - -
ff9387bb by Thierry Bordaz at 2019-01-15T16:57:30Z
Ticket 49972 - use-after-free in case of several parallel krb authentication
Bug Description:
When several threads (RA) authenticates to the same host and at the same time
There is a good chance they will share the same credential cache.
If one authentication fails, the thread will clear the cache (krb5_cc_destroy)
although others threads may still use it.
Fix Description:
The best approach is to drop using krb5 function and use gssapi.
It is a quite intrusive change and a simplest temporary fix will serialize
all krb5 calls.
During initialization of the interaction structure (sasl), if using gssapi mechanism,
the calls to krb5 functions are serialized with a lock.
Then the lock is released for the authentication and cleanup.
Cleanup needs to be serialized as well as it calls krb5_cc_destroy.
The fix consist to acquire the lock over initialization/authentication/cleanup.
So only one RA can authenticate at the same time.
https://pagure.io/389-ds-base/issue/49972
Reviewed by: Robbie Harwood, William Brown (many thanks for your reviews !!)
Platforms tested: F27 & F28
Flag Day: no
Doc impact: no
- - - - -
eae696f1 by Mark Reynolds at 2019-01-15T18:46:06Z
Ticket 50077 - Fix compiler warnings in automember rebuild task
https://pagure.io/389-ds-base/issue/50077
Reviewed by: mreynolds(one line commit rule)
- - - - -
58be90b8 by Mark Reynolds at 2019-01-15T18:55:18Z
Ticket 49540 - FIx compiler warning in ldif2ldbm
https://pagure.io/389-ds-base/issue/49540
Reviewed by: mreynolds(one line commit rule)
- - - - -
bf34abab by Mark Reynolds at 2019-01-15T19:06:51Z
Ticket - Fix compiler warning in init.c
https://pagure.io/389-ds-base/issue/49574
Reviewed by: mreynolds(one line commit rule)
- - - - -
e0485033 by Mark Reynolds at 2019-01-15T19:40:39Z
Fix compiler warning in snmp main()
Reviewed by: mreynolds(one line commit rule)
- - - - -
ada2dfdd by Simon Pichugin at 2019-01-16T10:26:48Z
Issue 50152 - Replace os.getenv('HOME') with os.path.expanduser
Description: When HOME env var is not set, the call will fail with an exception.
Instead of HOME we can use expanduser method. The expanduser will do the right thing
and get home directory on all platforms from either env vars or password database.
https://pagure.io/389-ds-base/issue/50152
Reviewed by: mreynolds, wibrown (Thanks!)
- - - - -
68e08801 by Mark Reynolds at 2019-01-16T17:36:59Z
Ticket 50165 - Fix dscreate issues
Description: There were some recent regressions about selinux in dscreate.
- When skipping labelling of default port an error message was incorrectly logged
- restorecon was not using the correct path
https://pagure.io/389-ds-base/issue/50165
Reviewed by: firstyear & mhonek (Thanks!!)
- - - - -
c57528b1 by Mark Reynolds at 2019-01-16T18:08:41Z
Ticket 50169 - lib389 changed hardcoded systemctl path
Description: Currently the server is using "/usr/bin/systemctl", but
this fails on Debian. There is no need for a path anyway
so jsut strip it.
https://pagure.io/389-ds-base/issue/50169
Reviewed by: mhonek(Thanks!)
- - - - -
7f3f9786 by German Parente at 2019-01-17T13:17:35Z
Fix for ticket 50059: If an object is nsds5replica, it must be cn=replica
Bug Description:
We should enforce that if an object is of type nsds5replica, it must be named cn=replica.
This has caused some confusion where people have misconfigured their system by trying alternate names.
Fix Description:
Check that rdn of replica dn is exactly REPLICA_RDN
https://pagure.io/389-ds-base/issue/50059
Author: German Parente <gparente at redhat.com>
Review by: ???
- - - - -
b6ed4534 by Mark Reynolds at 2019-01-17T13:33:00Z
Ticket 50164 - Add test for dscreate
Description: Add a simple test in basic suite to make sure dscreate works,
also moved setup/remove tests from lib389 and moved them inside
dirsrvtests directory
https://pagure.io/389-ds-base/issue/50164
Reviewed by: ?
- - - - -
d23ef6d3 by William Brown at 2019-01-17T23:11:21Z
Ticket 50125 - perl fix ups for tmpfiles
Bug Description: I missed updating the perl tools during the tmpfiles
fix.
Fix Description: Change the name in dscreate.pm
https://pagure.io/389-ds-base/issue/50125
Author: William Brown <william at blackhats.net.au>
Review by: vashirov (Thanks!)
- - - - -
e08b20cc by German Parente at 2019-01-18T08:48:20Z
Merge #50079 `Fix for ticket 50059: If an object is nsds5replica, it must be cn=replica`
- - - - -
0be01490 by Simon Pichugin at 2019-01-31T14:45:22Z
Issue 50041 - CLI and WebUI - Add memberOf plugin functionality
Description: Add the main functionality to memberOf plugin tab.
Increase the eslint max line length from 80 to 100.
Rework plugin properties to be more compact.
Eslint webpack config. Add react-bootstrap-typeahead for
multivalued attributes. Fix the word 'successfully' typos.
https://pagure.io/389-ds-base/issue/50041
Reviewed by: mreynolds, wibrown (Thanks!)
- - - - -
92909976 by Mark Reynolds at 2019-01-31T14:46:11Z
Bump version to 1.4.0.21
- - - - -
28 changed files:
- .gitignore
- Makefile.am
- VERSION.sh
- configure.ac
- + dirsrvtests/tests/suites/automember_plugin/automember_mod_test.py
- dirsrvtests/tests/suites/basic/basic_test.py
- dirsrvtests/tests/suites/config/regression_test.py
- + dirsrvtests/tests/suites/disk_monitoring/disk_monitoring_test.py
- + dirsrvtests/tests/suites/fourwaymmr/__init__.py
- + dirsrvtests/tests/suites/fourwaymmr/fourwaymmr_test.py
- dirsrvtests/tests/suites/password/pwdPolicy_warning_test.py
- + dirsrvtests/tests/suites/replication/regression_nsslapd_plugin_binddn_tracking_test.py
- dirsrvtests/tests/suites/setup_ds/__init__.py
- src/lib389/lib389/tests/instance/setup_test.py → dirsrvtests/tests/suites/setup_ds/dscreate_test.py
- src/lib389/lib389/tests/instance/remove_test.py → dirsrvtests/tests/suites/setup_ds/remove_test.py
- + dirsrvtests/tests/suites/stat/__init__.py
- + dirsrvtests/tests/suites/stat/mmt_state_test.py
- + dirsrvtests/tests/suites/vlv/regression_test.py
- dirsrvtests/tests/tickets/ticket48252_test.py
- dirsrvtests/tests/tickets/ticket48266_test.py
- dirsrvtests/tests/tickets/ticket48325_test.py
- dirsrvtests/tests/tickets/ticket48759_test.py
- dirsrvtests/tests/tickets/ticket48906_test.py
- dirsrvtests/tests/tickets/ticket49020_test.py
- dirsrvtests/tests/tickets/ticket49039_test.py
- dirsrvtests/tests/tickets/ticket49121_test.py
- dirsrvtests/tests/tickets/ticket49180_test.py
- dirsrvtests/tests/tickets/ticket49287_test.py
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/compare/b43380f77d70b0b78f75a22c694b57fb5ee8811e...92909976b6b741a8932c8b6db42fa9ba660c1520
--
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/compare/b43380f77d70b0b78f75a22c694b57fb5ee8811e...92909976b6b741a8932c8b6db42fa9ba660c1520
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20190212/fc70a816/attachment-0001.html>
More information about the Pkg-freeipa-devel
mailing list