[Pkg-freeipa-devel] [Git][freeipa-team/389-ds-base][master] 120 commits: Issue 6282 - BUG - out of tree build fails (#6283)
Timo Aaltonen (@tjaalton)
gitlab at salsa.debian.org
Thu Apr 10 12:07:15 BST 2025
Timo Aaltonen pushed to branch master at FreeIPA packaging / 389-ds-base
Commits:
ea3cc552 by Firstyear at 2024-08-02T09:25:30+10:00
Issue 6282 - BUG - out of tree build fails (#6283)
Bug Description: When building with an external builddir
the build fails.
Fix Description: Due to how python setup.py works, we have
to specifically template it into srcdir rather than the
build dir.
Rename cargo/config to cargo/config.toml to avoid future
build errors.
fixes: https://github.com/389ds/389-ds-base/issues/6282
Author: William Brown <william at blackhats.net.au>
Review by: @vashirov (Thanks!)
- - - - -
e7b0e20c by Firstyear at 2024-08-05T08:57:35+10:00
Issue 6284 - BUG - freelist ordering causes high wtime (#6285)
Bug Description: Multithread listeners were added to
support having multiple threads able to perform IO
for connections to reduce wtime. However, when the server
is first started if the number of clients is less than
the size of a single listeners conntable this causes
extremely high wtimes.
This is because the initial connection freelist
construction adds every connection in order of *listener*
so new connections always fill the first listener thread,
then only once that listener is full it spills over to the
next.
If the conntable size is small, this isn't noticeable, but
an example is if your contable is 16384 elements with 4
listeners, then the first 4096 connections will always
go to the first listener.
Fix Description: When the freelist is constructed rather
than iterate over each listener *then* each slot, we
iterate over each slot then each listenr. This causes
the initial freelist to be interleaved between all
listeners so that even with a small number of connections
the work is spread fairly without lasering a single
listener.
A supplied test from a user shows a significant drop in
wtime and an increase in throughput of operations with
this change.
fixes: https://github.com/389ds/389-ds-base/issues/6284
Author: William Brown <william at blackhats.net.au>
Review by: @tbordaz and @jchapma (Thanks!)
- - - - -
b607e393 by Simon Pichugin at 2024-08-08T11:02:25-07:00
Issue 2324 - Add a CI test (#6289)
Description: Add and refactor @tbordaz test suite to \suites\memberof_plugin\nested_groups_test.py
It verifies that the issue doesn't happen anymore.
Relates: https://github.com/389ds/389-ds-base/issues/2324
Reviewed by: @tbordaz (Thanks!)
- - - - -
816a3627 by Navid Yaghoobi at 2024-08-12T12:35:45+02:00
Issue 6288 - dsidm crash with account policy when alt-state-attr is disabled (#6292)
Bug Description:
If disable alt-state-attr for account policy plugin by using value 1.1 then
dsidm command will crash if state-attr doesn't exit at that time.
Fix Description:
Check if alt-state-attri key exist under account data dict before getting its value.
relates: https://github.com/389ds/389-ds-base/issues/6288
Author: Navid Yaghoobi
Reviewed by: @progier389
- - - - -
8a4b5380 by Viktor Ashirov at 2024-08-14T15:37:31+02:00
Issue 6294 - Nightly copr builds are failing
Bug Description:
Nightly copr builds fail to generate SRPM due to missing cargo-license.
And fails to build RPM due to missing libdb tarball.
Fix Description:
* Update Makefile for copr to install cargo-license before SRPM is
generated.
* Update rpm.mk to use $RPMBUILD_OPTIONS for extracting jemalloc and
libdb tarball URLs using rpmspec command.
Fixes: https://github.com/389ds/389-ds-base/issues/6294
Reviewed by: @progier389 (Thanks!)
- - - - -
31e9ac57 by Viktor Ashirov at 2024-08-16T13:27:06+02:00
Issue 6295 - test_password_modify_non_utf8 should set default password storage scheme
Bug Description:
Test dirsrvtests/tests/suites/password/password_test.py::test_password_modify_non_utf8
assumes the default password storage scheme is PBKDF2-SHA512, but it's not true
on old versions.
Fix Description:
The test should set PBKDF2-SHA512 explicitly, since it tests a crash in pwdchan
plugin that provides this storage scheme.
Fixes: https://github.com/389ds/389-ds-base/issues/6295
Reviewed by: @tbordaz (Thanks!)
- - - - -
e70c22fa by James Chapman at 2024-08-21T23:00:37+01:00
Issue 6296 - basic_test.py::test_conn_limits fails in main branch (#6300)
Description:
A CI test to validate connection management functionality by
configuring an instance with a very small connection table fails,
with the instance failing to start.
Fix description:
In a multi list connection table configuration, the connection table
code has been updated to expand the connection table size to include
a head for each list. This expanded size needs to be accounted for
when we determine if we can accept new connections and on final check
at server starup time.
Relates: https://github.com/389ds/389-ds-base/issues/6296
Reviewed by: @droideck (Thank you)
- - - - -
0cfe9f26 by tbordaz at 2024-08-26T10:44:03+02:00
Issue 6280 - Changelog trims updates from a given RID even if a consumer has not received any of them (#6281)
Bug description:
If a consumer has not received any of the updates from a given RID, the RUV
(in the replication agreement) contains no csn.
In such case, the changelog trimming thread compute the starting purge csn
using the supplier RUV instead of the RA RUV.
Later the supplier will miss this csn to update the consumer and
replication is broken
Fix description:
The function that iterates the elements of the replication agreement RUV
should call the callback (_cl5EnumConsumerRUV) with all elements even those
containing empty CSN.
The callback (_cl5EnumConsumerRUV) should remove the RID
from the replica RUV in case the RA.RUV is empty.
relates: #6280
Reviewed by: Pierre Rogier, Simon Pichugin (Thanks)
- - - - -
e2495b19 by Simon Pichugin at 2024-08-26T18:25:00-07:00
Issue 6301 - Fix long delay when setting replication agreement with dsconf (#6303)
Bug Description:
When creating a replication agreement using dsconf, the command line would get
stuck for approximately 65 seconds. This delay did not occur when creating and
initializing the agreement through the WebUI.
Fix Description:
The fix implements an "atomic" approach by performing the initialization at the
point of agreement creation entry, rather than as a separate step immediately
after.
Fixes: https://github.com/389ds/389-ds-base/issues/6301
Reviewed by: @progier389 @tbordaz (Thank you!)
- - - - -
98e03582 by Simon Pichugin at 2024-08-26T18:32:46-07:00
Issue 5843 - Fix size formatting in dscreate output and enhance tests (#6309)
Description:
Fix the size formatting in `get_default_mdb_max_size` within `utils.py` to ensure `dscreate` displays the correct value in both interactive and create-template installs.
Additionally, improve and fix related LMDB configuration tests to validate the correctness of size handling. Fix typos in the test descriptions.
Relates: https://github.com/389ds/389-ds-base/issues/5843
Reviewed by: @progier389 (Thanks!)
- - - - -
4d02d4e3 by Simon Pichugin at 2024-08-27T15:20:30+02:00
Issue 3555 - UI - Fix audit issue with npm - micromatch (#6310)
Description: Run npm audit fix to address the vulnerability
in micromatch.
Relates: https://github.com/389ds/389-ds-base/issues/3555
Reviewed by: @progier389
- - - - -
6a784ef2 by Simon Pichugin at 2024-09-03T16:05:37-07:00
Issue 6276 - Schema lib389 object is not keeping custom schema data upon editing (#6279)
Description: Fix the condition in the _edit_schema_object function
to correctly evaluate when to set an empty value to the schema object.
Add tests to cover adding and editing Schema operations.
Fixes: https://github.com/389ds/389-ds-base/issues/6276
Reviewed by: @tbordaz, @progier389 (Thanks!)
- - - - -
a9c7ff94 by Simon Pichugin at 2024-09-03T16:17:36-07:00
Issue 2472 - Add a CI test (#6314)
Description: Add a test that checks changelog trimming for the case when,
for any reason, a replica agreement is disabled for a short period of time,
and the trimming thread runs at that time.
Also, add topology_m2_c1 to topologies.py.
Relates: https://github.com/389ds/389-ds-base/issues/2472
Reviewed by: @tbordaz (Thanks!)
- - - - -
dc952e22 by tbordaz at 2024-09-05T10:19:59+02:00
Issue 6307 - Wrong set of entries returned for some search filters (#6308)
Bug description:
When the server returns an entry to a search it
checks both access and matching of the filter.
When evaluating a '!' (NOT) logical expression the server,
in a first phase evaluates ONLY the right to access the
related component (and its subcomponents).
Then in a second phase verifies the matching.
If the related component is a OR, in the first phase it
evaluates access AND matching, this even if the call was
to evaluate only access.
This result in incoherent results.
Fix description:
Make sure that when the function vattr_test_filter_list_or
is called to only check access, it does not evaluate the matching.
fixes: #6307
Reviewed by: Pierre Rogier (Thanks !!)
- - - - -
25e1d168 by progier389 at 2024-09-06T14:45:06+02:00
Issue 6090 - Fix dbscan options and man pages (#6315)
* Issue 6090 - Fix dbscan options and man pages
dbscan -d option is dangerously confusing as it removes a database instance while in db_stat it identify the database
(cf issue #5609 ).
This fix implements long options in dbscan, rename -d in --remove, and requires a new --do-it option for action that change the database content.
The fix should also align both the usage and the dbscan man page with the new set of options
Issue: #6090
Reviewed by: @tbordaz, @droideck (Thanks!)
- - - - -
0c8fdf7c by progier389 at 2024-09-06T18:07:17+02:00
Issue 6316 - lmdb reindex is broken if index type is specified (#6318)
While reindexing using task or offline reindex, if the attribute name contains the index type (for example :eq,pres)
Then the attribute is not reindexed. Problem occurs when lmdb is used, things are working fine with bdb.
Solution: strip the index type in reindex as it is done in bdb case.
Anyway the reindex design requires that for a given attribute all the configured index types must be rebuild.
Issue: #6316
Reviewed by: @tbordaz, @droideck (Thanks!)
- - - - -
8331c026 by progier389 at 2024-09-09T13:15:28+02:00
Issue 6245 - Fix some other coverity scan regressions (#6273)
Code cleanup to remove some of the issues reported by static analyzers
- - - - -
4b1fd46e by progier389 at 2024-09-10T16:29:00+02:00
Issue 6321 - lib389 get_db_lib function may returns the wrong db type (#6322)
* Issue 6321 - lib389 get_db_lib function may returns the wrong db type
get_db_lib returns the default db type instead of the configured one because of caught exceptions
Fix the import issue if instance is online
Fix the DSEldif parameter for the offline case
Issue: #6321
Reviewed by: @tbordaz (Thanks!)
- - - - -
02cdc0c0 by Viktor Ashirov at 2024-09-11T15:18:53+02:00
Issue 6319 - bdb subpackage has `%description` in the wrong place
Bug Description:
Currently, `%description` section comes before `Requires` and `Provides`.
This is a problem for rpmbuild because it is still reading lines for the
description when it encounters the `Requires` and `Provides` lines. So those
never end up in the subpackage RPM header which causes the rpminspect error.
Fix Description:
* The %description section needs to come after the Requires and Provides lines.
* Add `Requires` for 389-ds-base-libs
Fixes: https://github.com/389ds/389-ds-base/issues/6319
Relates: https://github.com/rpminspect/rpminspect/issues/1427
Reviewed by: @progier389, @droideck (Thanks!)
- - - - -
393489b6 by Sumedh Sidhaye at 2024-09-12T18:25:22+02:00
Issue 6188 - Check if nsslapd-haproxy-trusted-ip attribute is returned in default schema
Description:
Add a test to check if nsslapd-haproxy-trusted-ip is
returned in default schema
Relates: https://github.com/389ds/389-ds-base/issues/6188
Reviewed by: vashirov (Thanks)
Signed-off-by: Sumedh Sidhaye <ssidhaye at redhat.com>
- - - - -
09b76956 by Simon Pichugin at 2024-09-17T17:05:43-07:00
Issue 5965 - UI, CLI - Fix Account Policy Plugin functionality issues (#6323)
Description: Make state attributes creatable.
Fix existing accpol_check_all_state_attrs_test test.
Add new notification modal - WarningModal.
Fix configArea to nsslapd-pluginarg0 in UI and CLI.
Fix various minor UI issues.
Note: CoS entry and Account Policy configuration entry can be created
using LDAP Browser.
Fixes: https://github.com/389ds/389-ds-base/issues/5965
Reviewed by: @progier389 (Thanks!)
- - - - -
82dcdab1 by Simon Pichugin at 2024-09-17T18:11:41-07:00
Issue 6324 - Provide more information in the error message during setup_ol_tls_conn() (#6325)
Description: When there's a problem with creating a new TLS context, we just fail with -1 error code.
We can improve it by providing more information that can be extracted from LDAP_OPT_DIAGNOSTIC_MESSAGE or LDAP_OPT_ERROR_STRING.
Use slapi_ldap_get_lderrno to get more information from the ld structure.
Add a test case.
Fixes: https://github.com/389ds/389-ds-base/issues/6324
Reviewed by: @progier389 (Thanks!)
- - - - -
3b448758 by James Chapman at 2024-09-20T10:10:21+01:00
Issue 6329 - lmdb typo in error log notice message (#6330)
Description: Typo in the NOTICE message generated when
a user sets the number of --mdb-max-readers
Fixes: https://github.com/389ds/389-ds-base/issues/6329
Reviewed by: @droideck (Thank you)
- - - - -
a82d9f07 by tbordaz at 2024-09-20T17:05:39+02:00
Issue 6304 - RFE when memberof is enabled, defer updates of members from the update of the group (#6305)
Bug Description:
When an update of a static group changes
impacts a large portion of its members, memberof triggers
a large number of internal updates on members.
All the updates are done a same TXN that may hold
sensitive DB pages and block others SRCH req
waiting for those pages.
In extreme condition, all workers are stuck on
SRCH req waiting for the completion of the update.
Then the server appears unresponsive.
Fix Description:
The fix is to defer the update of the members.
Memberof tests:
- for the verification of the membership, if deferred update is set,
then adds a delay before checking
- automember_plugin/automember_test.py
- automember_plugin/basic_test.py
- memberof_plugin/memberof_include_scopes_test.py
- plugins/acceptance_test.py
- plugins/entryusn_test.py
- plugins/memberof_test.py
- lib389/plugins.py
- original update (group) succeeds even if deferred updates fails (multiple TXN)
- betxns/betxn_test.py
- Check replication of memberof
- memberof_plugin/memberof_deferred_repl_test.py
- Check deferred update and shutdown
- memberof_plugin/memberof_include_scopes_test.py
Core implementation:
- Make sure that direct update (not internal) wait for
deferred update before returning a result
- back-ldbm/ldbm_add.c
- back-ldbm/ldbm_delete.c
- back-ldbm/ldbm_modify.c
- back-ldbm/ldbm_modrdn.c
- Implementation of the deferred update
- memberof/memberof.h
- memberof/memberof.c
- memberof/memberof_config.c
- slapd/pblock.c
- slapd/pblock_v3.h
- slapd/schema.c
- slapd/slapi-plugin.h
memberof_be_postop_init
registers memberof_push_deferred_task that:
push deferred update to deferred thread
task taken from pblock (SLAPI_MEMBEROF_DEFERRED_TASK)
push to the memberof config deferred_list
deferred thread (deferred_thread_func)
if 'memberOfNeedFixup: on' then run fixup task
loop until shutdown
fetch task (remove_deferred_task) from the memberof config deferred_list
proceed with the task
if it exits abruptly, it logs an alert and add 'memberOfNeedFixup: on' to the config
memberof_postop_start
if deferred update is configured then it creates a deferred_list in the config
it spawn the deferred thread + CV
Each postop_operation memberof_postop_modrdn, memberof_postop_del, memberof_postop_modify, memberof_postop_add
if deferred update it allocates a task and add it in the pblock (SLAPI_MEMBEROF_DEFERRED_TASK)
Related: #6304
Reviewed by: Simon Pichugin (Thanks!!)
- - - - -
cbb9e0e9 by PavlNekrasov at 2024-09-23T15:07:41+02:00
Fix duplicate detection logic by ensuring exact match on string length (#6333)
Fix single valued parameters configuration code that accepts multiple comma separated values .
Updated the condition for checking duplicates to ensure that the lengths of the candidate and original strings are equal. This prevents false positives by confirming that the strings are identical at the start and match in length, enforcing an exact duplicate check.
- - - - -
b0fc4684 by tbordaz at 2024-09-23T15:43:44+02:00
Issue 6336 - Fix failing CI tests (roles) due to slow import (#6337)
Bug description:
Tests test_managed_and_filtered_role_rewrite and test_not_such_entry_role_rewrite
import a significant number of entries (>90K).
If import rate drop below 800/sec the tests fail
Fix description:
increase the maximum time to wait.
fixes: 636
Reviewed by: Pierre Rogier (Thanks)
- - - - -
c1b842ea by progier389 at 2024-09-27T17:06:45+02:00
Issue 6064 - bdb2mdb shows errors (#6341)
Fix several issues with dsctl dblib migration tools:
Fix some problem related to dbscan -D bdb --import:
random crash when closing the database - Fixed by fully cleaning the bdb framework if open in read-write mode
random records were missing - Fixed by fully starting the bdb framework when it is open in read-write mode
and by using txn
Fixed error messages displayed when trying to reopen ldap connection on restarted instance by not reopening the connection that are not needed.
Fixed error messages displayed when there is no replication changelog by detecting the presence of replication changelog before trying to export it.
Issue: #6064
Reviewed by: @tbordaz (Thans!)
- - - - -
8fbc7d8d by Simon Pichugin at 2024-09-27T21:42:55-07:00
Issue 6345 - Ensure all slapi_log_err calls end format strings with newline character \n (#6346)
Description: In the codebase, there are instances where calls to slapi_log_err
are missing a newline character \n at the end of the format string.
This omission can lead to log messages being concatenated in the logs,
affecting readability and potentially hindering log parsing and analysis tools.
Fix the typos.
Fixes: https://github.com/389ds/389-ds-base/issues/6345
Reviewed by: @progier389, @tbordaz (Thanks!)
- - - - -
edbc83ac by Mark Reynolds at 2024-09-30T15:41:52-04:00
Issue 6343 - Improve online import robustness when the server is under load
Description:
When the server is under load is can sometimes cause an online import to
fail with an error message about "pending operations".
Move this ref count check (pending op check) after the backend is disabled,
and retry for a few seconds. If there are still pending operations then abort
the import, otherwise continue.
Fixes: https://github.com/389ds/389-ds-base/issues/6343
Reviewed by: progier389(Thanks!)
- - - - -
d862f3a8 by progier389 at 2024-10-02T15:39:27+02:00
Issue 6347 - VLV search sometime fails with operation error (#6349)
if enabling certificate pruning freeipa tests sometime fails because VLV search sometime fails with err=1 and
error logs show - ERR - vlv_build_idl - Can't follow db cursor (err -12797)
Cause: The end of records is reached when trying to get a record in vlv index using its position
Solution: avoid to return MDB_NOT_FOUND in such case but return the last record instead
Issue: #6347
Reviewed by: tbodaz (Thanks!)
- - - - -
b808a2de by progier389 at 2024-10-04T11:09:38+02:00
Issue 6328 - vlv control may not be logged (#6354)
VLV control is logged only after succesfully sending the VLV response control
which means that VLV is not visible if the search fail which make troubleshooting harder.
This fix, logs the VLV (with None as vlv result) everytime a VLV is used
This fix also improve lmdb debug log about VLVs
Issue: #6328
Reviewed by: @tbordaz, @droideck (Thanks!)
- - - - -
60289c90 by Simon Pichugin at 2024-10-04T08:55:11-07:00
Issue 6339 - Address Coverity scan issues in memberof and bdb_layer (#6353)
Description: Add null check for memberof attribute in memberof.c
Fix memory leak by freeing 'cookie' in memberof.c
Add null check for database environment in bdb_layer.c
Fix race condition by adding mutex lock/unlock in bdb_layer.c
Fixes: https://github.com/389ds/389-ds-base/issues/6339
Reviewed by: @progier389, @tbordaz (Thanks!)
- - - - -
433549f9 by James Chapman at 2024-10-07T16:05:44+01:00
Issue 6056 - WebUI supports only instances with BDB (#6299)
Description:
BDB specific attributes are not supported by the web
console, resulting in an "Ooops" when the Database tab is selected.
Fix Description:
Add a new global Database configuration element for MDB layout.
Add support to detect what DB engine is configured, and display
the correct layout on rendering.
Relates: https://github.com/389ds/389-ds-base/issues/6065
Reviewed by: @mreynolds389, @vashirov , @progier389 , @droideck (Thank you)
- - - - -
145e7f4a by tbordaz at 2024-10-09T15:20:48+02:00
Issue 6356 - On LMDB, after an update the impact VLV index, the vlv recno cache is not systematically cleared (#6357)
Bug description:
The VLV manages/uses an index database.
In LMDB in addition to the index there is one 'recno cache' database per VLV index.
This recno cache, related to a given VLV index, is cleared when an update impacts the VLV index.
The recno cache is not systematically cleared upon update of the VLV index.
The way to clear the cache is to delete the record with key "OK".
When the 'recno cache' does not contain this key, the next
lookup to the cache, clears all entries and rebuild the cache
from the vlv index.
The deletion is done with mdb_del with both KEY and DATA
refering to the same mdb_val. This means it deletes the records
matching if both KEY/DATA.
It should not match the DATA as the "OK" record is just
a flag and all entries with that key should be removed.
Fix description:
The fix consist to call mdb_del only with key
fixes: #6356
Reviewed by: Pierre Rogier (Thanks!!)
- - - - -
5fa26eaf by Simon Pichugin at 2024-10-09T22:30:13-07:00
Issue 6331 - UI - Instance fails to load when DB backup directory doesn't exist (#6332)
Description: RHDS Console will fail to load an instance if the DB backup directory
( nsslapd-bakdir ) is set to a non-existing directory.
The Console will show a spinner and won't allow to select any other RHDS instances.
Correctly process 'failed' case, update the progress bar and send a notification.
Also, validate all settings tabs after the load, so the error is visible right away.
Fixes: https://github.com/389ds/389-ds-base/issues/6331
Reviewed by: @progier389 (Thanks!)
- - - - -
92eadd1e by progier389 at 2024-10-10T11:26:28+02:00
Issue 6243 - dsctl bdb2mdb should cleanly fail if bundled libdb is not available (#6351)
Issue 6243 - dsctl bdb2mdb should cleanly fail if bundled libdb is not avaiable
Determine what kind of Berkeley Database library is available
and display a clear error message if it is not available or not usable
Issue: #6243
Reviewed by: @tbordaz , @vashirov , @droideck (Thanks!)
- - - - -
83668192 by progier389 at 2024-10-10T11:29:00+02:00
Issue 6347 - better fix for desyncronized vlv cache (#6358)
A better fix than PR 6349 about corrupted vlv cache
Problem is a race condition because txn was released while building the cache.
Solution keep the write txn open until the cache is fully rebuilt.
Also fixed some debug logs
And also added the source of a tool useful to check the vlv cache consistency
Note: this remove PR #6349 and integrate PR #6356
Issue: #6347
Reviewed by @tbodaz (Thanks!)
- - - - -
ffb9e8a0 by Simon Pichugin at 2024-10-16T19:24:55-07:00
Issue 6067 - Update dsidm to prioritize basedn from .dsrc over interactive input (#6362)
Description: Modifies dsidm CLI tool to check for the basedn in the .dsrc configuration file
when the -b option is not provided.
Previously, users were required to always specify the basedn interactively if -b was omitted,
even if it was available in .dsrc.
Now, the basedn is determined by first checking the -b option, then the .dsrc file, and finally
prompting the user if neither is set.
Related: https://github.com/389ds/389-ds-base/issues/6067
Reviewed by: @Firstyear (Thanks!)
- - - - -
b1b4356c by Firstyear at 2024-10-18T11:29:19+10:00
Issue 6349 - RFE - Use previously extracted key path (#6363)
Bug Description: slapd_SSL_client_auth uses the values of
KeyExtractFile and CertExtractFile from the configuration
entry, and each time it's called attempts to determine if
this is an absolute or relative path. If the path is
relative, it prepends a /tmp location based on if the
running system /tmp is a private namespace or not. This
causes a replication client that uses TLS certificate
authentication to repeatedly emit warnings that the
key extraction occurred to non-private tmp in a
container.
Fix Description: During key extraction, we extract
keys and files using the "last token" from nss as the
item that we extract. Because of this, we know that there
can only be a single extracted key and cert, allowing
us to extract these and store the full abs path of
the extracted files rather than deriving them during
each client iteration.
fixes: https://github.com/389ds/389-ds-base/issues/6349
Author: William Brown <william at blackhats.net.au>
Review by: @tbordaz @progier389 @droideck (Thanks!)
- - - - -
118a7f94 by progier389 at 2024-10-22T17:26:46+02:00
Issue 6377 - syntax error in setup.py (#6378)
Syntax error due to badly nested quotes in dblib.py cause trouble in setup.py and dsconf dblib b2b2mdb/mdb2dbd
Fix bit using double quotes in the f-expression and quotes for the embedded strings.
Issue: #6377
Reviewed by: @tbordaz, @droideck (Thank!)
- - - - -
1b55b308 by Viktor Ashirov at 2024-10-23T14:33:01+02:00
Issue 5920 - pamModuleIsThreadSafe is missing in the schema
Description:
Add missing pamModuleIsThreadSafe definition to PAM plugin schema.
Fixes: https://github.com/389ds/389-ds-base/issues/5920
Relates: https://github.com/389ds/389-ds-base/issues/5271
Reviewed by: @tbordaz (Thanks!)
- - - - -
95cef49f by Mark Reynolds at 2024-10-25T12:42:02-04:00
Issue 6381 - CleanAllRUV - move changelog purging to the very end of the task
Description:
There are deadlock situations that can occur when cleanAllRUV is removing the
clean task attribute (nsds5ReplicaCleanRUV) from the replica config, while
the change log purging is occurring. Instead do the the changelog purge after
everything else is done and have the changelog purging code remove the rid
from the cleaned list once it finishes.
Also improved the task logging.
Fixes: https://github.com/389ds/389-ds-base/issues/6381
Reviewed by: progier389(Thanks!)
- - - - -
0c6fdd67 by Viktor Ashirov at 2024-10-30T08:08:07+01:00
Issue 6359 - Add exception to GPL license in license tag
Description:
Update license string generator tool with the GPL exception.
See https://gitlab.com/fedora/legal/fedora-license-data/-/issues/517
Fixes: https://github.com/389ds/389-ds-base/issues/6359
Reviewed by: @tbordaz, @progier389, @droideck (Thanks!)
- - - - -
e3578414 by Viktor Ashirov at 2024-11-04T18:26:49+01:00
Issue 6387 - Use make macro in the spec file
Description:
Update spec file to adhere to Fedora Packaging Guidelines [1] and use
make macro [2] instead of direct invocations.
[1] https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make
[2] https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
Fixes: https://github.com/389ds/389-ds-base/issues/6387
Reviewed by: @tbordaz (Thanks!)
- - - - -
7478498e by Firstyear at 2024-11-07T10:40:50+10:00
Issue 6349 - RFE - extract keys once (#6363) (#6394)
Bug Description: Keys/Certs are extracted to PEM
repeatedly causing many warnings during outbound TLS
authenticated replication
Fix Description: slapd_ssl_init() is called every time
an outbound TLS connection is made, and will trigger
a key extraction. If key extraction is already complete
then the extraction is skipped.
fixes: https://github.com/389ds/389-ds-base/issues/6349
Author: William Brown <william at blackhats.net.au>
Review by: @progier389 @tbordaz
- - - - -
2995fe72 by Mark Reynolds at 2024-11-07T15:23:40-05:00
Issue 6390 - Adjust cleanAllRUV max per txn and interval limits
The cleanAllRUV changelog purging and the "normal" changelog trimming are
using different limits. The cleanAllRUV "purging" holds the transaction 10
times longer than the "trimming" does. When we use the same/smaller limits
the CPU still gets high but it's spread out and it should not block other
threads from running.
Improved overall work flow of cleanAllRUV - changed changelog purging to
be a function and not a thread which simplifies other parts of the code.
Also fixed typo in repl logs (issue 6369), and deadlock with lmdb during
purging (issue 6396)
relates: https://github.com/389ds/389-ds-base/issues/6390
fixes: https://github.com/389ds/389-ds-base/issues/6396
fixes: https://github.com/389ds/389-ds-base/issues/6369
Reviewed by: jchapman & progier (Thanks!!)
- - - - -
4c718586 by Mark Reynolds at 2024-11-08T17:08:06-05:00
Issue 6397 - Remove deprecated setting for HR time stamps in logs
Remove the code for checking is CLOCK exists and the
logging_hr_timestamps config settings
Also fixed some compiler warnings
relates: https://github.com/389ds/389-ds-base/issues/6397
Reviewed by: progier & spichugi (Thanks!!)
- - - - -
3ffcb34e by Mark Reynolds at 2024-11-12T12:18:09-05:00
Issue 5842 - Add log buffering for error log
Description:
Adding log buffering for error log. Also refactored and cleaned up some
of the code.
relates: https://github.com/389ds/389-ds-base/issues/5842
Reviewed by: tbordaz & progier (Thanks!!)
- - - - -
56cd3389 by progier389 at 2024-11-13T15:31:35+01:00
Issue 6374 - nsslapd-mdb-max-dbs autotuning doesn't work properly (#6400)
* Issue 6374 - nsslapd-mdb-max-dbs autotuning doesn't work properly
Several issues:
After restarting the server nsslapd-mdb-max-dbs may not be high enough to add a new backend
because the value computation is wrong.
dbscan fails to open the database if nsslapd-mdb-max-dbs has been increased.
dbscan crashes when closing the database (typically when using -S)
When starting the instance the nsslapd-mdb-max-dbs parameter is increased to ensure that a new backend may be added.
When dse.ldif path is not specified, the db environment is now open using the INFO.mdb data instead of using the default values.
synchronization between thread closure and database context destruction is hardened
Issue: #6374
Reviewed by: @tbordaz , @vashirov (Thanks!)
- - - - -
ca9ee573 by Mark Reynolds at 2024-11-13T15:33:44-05:00
Issue 6404 - UI - Add npm pretter package
Description:
Add prettier to the porject to catch and fix code stylings
npm run prettier
npm run prettier:fix
relates: https://github.com/389ds/389-ds-base/issues/6404
Reviewed by: spichugi(Thanks!)
- - - - -
cc75718a by Mark Reynolds at 2024-11-14T08:39:56-05:00
Issue 6401 - Remove logging macros
Descripion:
Remove the log macros as they no longer serve their original purpose of
dealing with issue on Windows NT. LOG_WRITE_NOW was not even used.
Also did basic code cleanup.
relates: https://github.com/389ds/389-ds-base/issues/6401
Reviewed by: spichugi & tbordaz(Thanks!!)
- - - - -
a48be7b2 by progier389 at 2024-11-15T12:43:30+01:00
Issue 6386 - backup/restore broken after db log rotation (#6406)
Restore does fail if the db log file have rotated since the backup. The reason is that the current log files are not removed mixing old and new log file which confuse the database.
Solution is to remove all existing log files before copying the backuped files.
Note: the number of db region should not change and having an extra db file should not be a problem so only the log files must be removed.
Issue: #6386
Reviewed by: @mreynolds389, @tbordaz (Thanks!)
- - - - -
e0dcfcab by dependabot[bot] at 2024-11-18T22:20:19-08:00
Bump cross-spawn from 7.0.3 to 7.0.6 in /src/cockpit/389-console (#6407)
Bumps [cross-spawn](https://github.com/moxystudio/node-cross-spawn) from 7.0.3 to 7.0.6.
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md)
- [Commits](https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6)
---
updated-dependencies:
- dependency-name: cross-spawn
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support at github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- - - - -
144f9334 by Anuar Beisembayev at 2024-11-19T20:48:17+01:00
Issue 6258 - Resolve race condition for two tests in health_config.py
The following two tests in health_config.py have race conditions preventing them from working consistently:
dirsrvtests/tests/suites/healthcheck/health_config_test.py::test_healthcheck_notes_unindexed_search
dirsrvtests/tests/suites/healthcheck/health_config_test.py::test_healthcheck_notes_unknown_attribute
These failures are mitigated by adding a sleep command shortly after the filter command to ensure it has time to complete.
Helps fix: https://github.com/389ds/389-ds-base/issues/6258
- - - - -
bec05101 by Lenka Doudova at 2024-11-28T07:38:42-08:00
Issue 6420 - Update dsidm user get_dn test (#6421)
Description: The user get_dn test was marked as an expected fail, updating it to working status.
Relates: https://github.com/389ds/389-ds-base/issues/5373
Relates: https://github.com/389ds/389-ds-base/issues/6420
Author: Lenka Doudova
Reviewed by: @droideck
Co-authored-by: Lenka Doudova <lryznaro at lryznaro-thinkpadp1gen4i.tpbc.csb>
- - - - -
5813c697 by Firstyear at 2024-11-29T12:51:17+10:00
Issue 6415 - BUG - Incorrect icu linking (#6416)
Bug Description: ICU has been updated to version 76.x - the .pc file of icu-18n for example no
longer includes -licuuc, which was so far the most common reason for buildfailures (as icu-uc is
not linked automatically, resulting in underlining)
Fix Description: Correct configure.ac to request linking to icu-uc
fixes: https://github.com/389ds/389-ds-base/issues/6415
Author: William Brown <william at blackhats.net.au>
Review by: @droideck
- - - - -
65773c37 by Firstyear at 2024-11-29T12:51:41+10:00
Issue 6340 - RFE - extract keys once (#6413)
Bug Description: Keys/Certs are extracted to PEM
repeatedly causing many warnings during outbound TLS
authenticated replication
Fix Description: After more testing, if the connection is
dropped and restarted, the certpath is retrieved but
re-extraction does not occur. This still triggers the
warning however. To resolve this, we only warn about
the tpm namespace during library initialisation.
I really hope I got it right this time :(
fixes: https://github.com/389ds/389-ds-base/issues/6340
Author: William Brown <william at blackhats.net.au>
Review by: @progier389 @vashirov
- - - - -
7aabfbda by progier389 at 2024-11-29T14:08:03+01:00
Issue 6422 - test_db_home_dir_online_backup CI test break other tests (#6423)
test_db_home_dir_online_backup CI test change the dbhome to a directory that
is removed at the test completion but the dbhome is not restored.
The solution is to use a python context manager to change and restore the dse.ldif
Issue: #6422
Reviewed by: @tbordaz , @droideck (Thanks!)
- - - - -
fd627001 by tbordaz at 2024-11-29T18:27:57+01:00
Issue 6367 - RFE support of Session Tracking Control internet draft (#6403)
Bug description:
This RFE is to support https://datatracker.ietf.org/doc/html/draft-wahl-ldap-session-03
In short, it allows a client to send strings in a control.
Those strings are added to the operation result logged in the
access logs.
Those strings are meaningful for the client (debug,
kmonitoring,...).
Fix description:
The design is https://www.port389.org/docs/389ds/design/session-identifier-in-logs.html
fixes: #6367
Reviewed by: William Brown, Pierre Rogier (Thanks !!!)
- - - - -
99e6707c by tbordaz at 2024-12-02T17:18:32+01:00
Issue 6417 - If an entry RDN is identical to the suffix, then Entryrdn gets broken during a reindex (#6418)
Bug description:
During a reindex, the entryrdn index is built at the end from
each entry in the suffix.
If one entry has a RDN that is identical to the suffix DN,
then entryrdn_lookup_dn may erroneously return the suffix DN
as the DN of the entry.
Fix description:
When the lookup entry has no parent (because index is under
work) the loop lookup the entry using the RDN.
If this RDN matches the suffix DN, then it exits from the loop
with the suffix DN.
Before exiting it checks that the original lookup entryID
is equal to suffix entryID. If it does not match
the function fails and then the DN from the entry will be
built from id2enty
fixes: #6417
Reviewed by: Pierre Rogier, Simon Pichugin (Thanks !!!)
- - - - -
976f43ec by Simon Pichugin at 2024-12-02T15:55:00-08:00
Issue 6375 - UI - Update cockpit.js code to the latest version (#6376)
Description: Update src/cockpit/389-console/pkg/lib/cockpit.js to the latest version.
Update the entire src/cockpit/389-console/pkg/lib directory from Cockpit's repository.
Update package.json.
Update 389 DS UI components to PF5.
Fixes: https://github.com/389ds/389-ds-base/issues/6375
Reviewed by: @progier389, @mreynolds389 (Thanks!!)
- - - - -
3c91a994 by Mark Reynolds at 2024-12-03T18:21:50-05:00
Issue 6427 - fix various memory leaks
Description:
This was all on main branch
- Display attributes were leaked on searches
- Work thread indexes were leaked at shutdown
- Accept thread was leaked at shutdown
- When we reused a search pblock, we did not free the "operation" and "search
attributes" before overwriting them with freshly allocated structures.
Fixes: https://github.com/389ds/389-ds-base/issues/6427
Reviewed by: progier (Thanks!)
- - - - -
1fbca8f6 by Mark Reynolds at 2024-12-04T09:28:00-05:00
Issue 6268 - write access log format infrastructure (part 1)
Description:
Create the config and layout for implementing a new logging format.
Also fixed some compiler warnings and minor UI bugs.
Relates: https://github.com/389ds/389-ds-base/issues/6368
Reviewed by: spichugi, progier, tbordaz (Thanks!!!)
- - - - -
e8be545f by Mark Reynolds at 2024-12-04T20:45:15-05:00
Issue 6368 - UI - fix regression with onChange parameters for new
settings on the access log page
Description:
The event and string parameters were switched for time format and log
format settings on the access log page
Relates: https://github.com/389ds/389-ds-base/issues/6368
Reviewed by: spichugi(Thanks!)
- - - - -
d00f769f by Simon Pichugin at 2024-12-04T18:59:40-08:00
Issue 6302 - Allow to run replication status without a prompt (#6410)
Description: We should allow running replication status and
other similar commands without requesting a password and bind DN.
This way, the current instance's root DN and root PW will be used on other
instances when requesting CSN info. If they are incorrect,
then the info won't be printed, but otherwise, the agreement status
will be displayed correctly.
Fixes: https://github.com/389ds/389-ds-base/issues/6302
Reviewed by: @progier389 (Thanks!)
- - - - -
3398e73e by Simon Pichugin at 2024-12-04T19:29:11-08:00
Issue 5798 - Fix dsconf config multi-valued attr operations (#6426)
Description:
Fix add operation to properly handle multi-valued attributes
so they persist after server restart.
Add support for multiple values at once via dsconf config.
Handle delete operation in a more flexible way.
Refactor attribute handling code for better error handling and consistency.
*Add CI test suite
Fixes: https://github.com/389ds/389-ds-base/issues/5798
Reviewed by: @progier389 (Thanks!)
- - - - -
c64859d1 by Mark Reynolds at 2024-12-05T15:41:19-05:00
Issue 6432 - Crash during bind when acct policy plugin does not have "alwaysrecordlogin" set
Description:
If alwaysrecordlogin is off then we dereference NULL ptr cfg->login_history_attr
when trying to write the history/time value. Instead we should skip
over this code if it is not set.
Relates: https://github.com/389ds/389-ds-base/issues/6432
Reviewed by: tbordaz(Thanks!)
- - - - -
c1c46c1a by Anuar Beisembayev at 2024-12-09T17:30:31+01:00
Issue 6258 - Mitigate race condition in paged_results_test.py (#6433)
The regression test dirsrvtests/tests/suites/paged_results/paged_results_test.py::test_multi_suffix_search has a race condition causing it to fail due to multiple queries potentially writing their logs out of chronological order.
This failure is mitigated by sorting the retrieved access_log_lines by their "op" value. This ensures the log lines are in chronological order, as expected by the assertions at the end of test_multi_suffix_search().
Helps fix: #6258
Reviewed by: @droideck , @progier389 (Thanks!)
- - - - -
c7d5883e by Lenka Doudova at 2024-12-09T17:50:24+01:00
Issue 6424 - Add basic dsidm group tests
New basic dsidm group tests - create, delete, list, get, get_dn, modify, rename, rename with keep old rdn option.
Relates: https://github.com/389ds/389-ds-base/issues/6424
Author: Lenka Doudova
Reviewed by: Pierre Rogier, Barbora Simonova, Thierry Bordaz
- - - - -
6873ced1 by tbordaz at 2024-12-12T16:30:50+01:00
Issue 6446 - on replica consumer, account policy plugin fails to manage the last login history (#6448)
Bug description:
An internal update needs the flag SLAPI_OP_FLAG_BYPASS_REFERRALS
on a RO consumer. Else the server does not select the backend
and returns LDAP_REFERRAL to the internal operation.
In acct_update_login_history the flag is missing.
Fix description:
Use the same flags in acct_update_login_history as it is
used in acct_record_login
fixes: #6446
Reviewed by: Mark Reynolds (Thanks!)
- - - - -
bc0c543c by Viktor Ashirov at 2024-12-16T14:03:12+01:00
Issue 6368 - fix basic test suite
Bug Description:
Basic test suite started to error out:
> target_be = CustomSetup._search_be(backend_options, backend)
E TypeError: CustomSetup._search_be() missing 1 required positional argument: 'beinfo'
Fix Description:
Add missing argument.
Relates: https://github.com/389ds/389-ds-base/issues/6368
Reviewed by: @progier389, @droideck (Thanks!)
- - - - -
9683aa59 by Viktor Ashirov at 2024-12-17T18:35:11+01:00
Issue 3555 - UI - Fix issues reported by npm audit
Description:
Update npm packages to fix issues reported by npm audit
Relates: #3555
Reviewed by: @progier389 (Thanks!)
- - - - -
fcd1cb70 by Mark Reynolds at 2024-12-18T16:30:45-05:00
Issue 6442 - Fix latest covscan memory leaks
Description:
Fixed a majority of the memory leaks (except ACL leaks).
Fixes: https://github.com/389ds/389-ds-base/issues/6442
Reviewed by: progier(Thanks!)
- - - - -
196a4106 by Mark Reynolds at 2024-12-18T19:53:40-05:00
Issue 6442 - Fix latest covscan memory leaks (part 2)
Description:
Missed part of the fix becuase of a rebase issue
Fixes: https://github.com/389ds/389-ds-base/issues/6442
Reviewed by: progier & spichugi(Thanks!!)
- - - - -
8fcc1dde by Lenka Doudova at 2024-12-19T10:47:41+01:00
Issue 6441 - Add basic dsidm posixgroup tests
New basic dsidm posixgroup test - create, list, get, get_dn, modify, rename, rename with keep-old-rdn option.
Contains fix for failing get_dn option - #6439.
Relates: https://github.com/389ds/389-ds-base/issues/6441, https://github.com/389ds/389-ds-base/issues/6439
Author: Lenka Doudova
Reviewed by: Simon Pichugin
- - - - -
f5732e1d by Mike Weinberg at 2024-12-23T18:48:05-08:00
PR 6462 - UI - Fix spelling error in cockpit-389-ds certificateManagement.jsx
Description: Fix the misspelling from "Certificate Sigining Requests" to "Certificate Signing Requests"
in cockpit-389-ds’s certificateManagement.jsx.
Relates: https://github.com/389ds/389-ds-base/pull/6462
Reviewed by: @droideck
- - - - -
6f6a2f79 by Mike Weinberg at 2024-12-24T18:41:59-08:00
Issue 6464 - UI - Fixed spelling in cockpit messages
Description:
I used typos-cli to assist in correcting more spelling errors in cockpit 389-console.
I focused only on messages displayed to users in the cockpit project.
I also attempted to fix the Japanese translation file so it wouldn't break.
Relates: https://github.com/389ds/389-ds-base/issues/6464
Reviewed by: @droideck
- - - - -
d2b04cea by Mark Reynolds at 2025-01-02T07:37:08-05:00
Issue 6368 - Fix crash when testing access json logging
Description:
An uninitialized pointer led to a crash when getting the bind dn from the
pblock and then freeing it.
Fixes: https://github.com/389ds/389-ds-base/issues/6368
Reviewed by: progier(Thanks!)
- - - - -
f4553b8f by progier389 at 2025-01-02T14:49:04+01:00
Issue 6459 - crash on 3.0/3.1 branch (#6461)
vlv_rebuild_scope_filter code looks fishy:
it aborts the dblayer_read_txn_begin txn with dblayer_txn_abort instead of dblayer_read_txn_abort
(Meaning that it tries to release the backend serial lock without having locked it.)
This generates assertion failure on some distributions.
Issue: 6459
Reviewed by: @tbordaz (Thanks!)
Fix verified bu @stanislavlevin (Thanks!)
- - - - -
a79887ea by tbordaz at 2025-01-06T14:00:39+01:00
Issue 6417 - (2nd) If an entry RDN is identical to the suffix, then Entryrdn gets broken during a reindex (#6460)
Bug description:
The primary fix has a flaw as it assumes that the
suffix ID is '1'.
If the RUV entry is the first entry of the database
the server loops indefinitely
Fix description:
Read the suffix ID from the entryrdn index
fixes: #6417
Reviewed by: Pierre Rogier (also reviewed the first fix)
- - - - -
89aef892 by Mark Reynolds at 2025-01-06T13:25:30-05:00
Issue 6472 - CLI - Improve error message format
Description:
For non-json/non-verbose generic exceptions format the message into
something more readable and friendly (desc, result, and info)
Relates: https://github.com/389ds/389-ds-base/issues/6472
Reviewed by: tbordaz & spichugi (Thanks!!)
- - - - -
a7f7cd94 by Mark Reynolds at 2025-01-06T14:33:41-05:00
Issue 6468 - RFE - CLI - Add logging settings to dsconf
Description:
It would be nice to have a more friendly CLI interface for managing the server
logging. Specifically the log levels. This PR adds a new subcommand "logging"
that can handle each log type and allthe settings for it.
relates: https://github.com/389ds/389-ds-base/issues/6468
Reviewed by: spichugi(Thanks!)
- - - - -
6aac203a by Mark Reynolds at 2025-01-06T15:16:30-05:00
Issue 6468 - CLI - Remove security log settings that don't exist
Description:
JSON log settings were incorrectly added for security log
relates: https://github.com/389ds/389-ds-base/issues/6468
Reviewed by: spichugi(Thanks!)
- - - - -
b6565e21 by Lenka Doudova at 2025-01-07T08:41:29+01:00
Issue 6439 - Fix dsidm service get_dn option
Fix for failing 'dsidm service get_dn' option including update of corresponding test.
Relates: https://github.com/389ds/389-ds-base/issues/6439
Author: Lenka Doudova
Reviewed by: ???
- - - - -
0c691340 by Lenka Doudova at 2025-01-07T08:43:50+01:00
Issue 6438 - Add basic dsidm organizational unit tests
New basic dsidm organizationalunit test - create, list, get, get_dn, modify, rename, rename with keep-old-rdn option
Contains fix for failing get_dn option - #6439.
Relates: https://github.com/389ds/389-ds-base/issues/6438, https://github.com/389ds/389-ds-base/issues/6439
Author: Lenka Doudova
Reviewed by: ???
- - - - -
7e98ab34 by progier389 at 2025-01-07T11:40:16+01:00
Issue 6372 - Deadlock while doing online backup (#6475)
* Issue 6372 - Deadlock while doing online backup
Sometime server hangs during online backup because of a deadlock due to lock order inversion between the dse backup_lock mutex and the dse rwlock.
Solution:
Add functions to manage the lock/unlock to ensure consistency.
Ensure that threads always tries to lock dse_backup_lock mutex before the dse write lock
Code cleanup:
Move the backup_lock into the dse struct
Avoid the obsolete warning during tests (I think that we will have to do a second cleanup phase later to see if we could not replace self.conn.add_s by self.create .
Issue: #6372
Reviewed by: @mreynolds389 (Thanks!)
- - - - -
ba092498 by progier389 at 2025-01-07T13:30:16+01:00
Issue 6478 - fix compilation warning related to deferred memberof delay (#6479)
Trivial compilation warning fix.
Issue: #6478
Reviewed by: @tbordaz
- - - - -
b8e442bc by Simon Pichugin at 2025-01-07T18:36:48-08:00
Issue 6269 - RFE - Add nsslapd-pwdPBKDF2Rounds configuration to PBKDF2-* plugins (#6447)
Description: Add nsslapd-pwdPBKDF2Rounds attribute that can be configured in
PBKDF2-* password storage plugin entries. This is a password hashing round value that can be adjusted.
Certain compliance requirements (like from BSI) require specific hashing round values greater than what we currently provide.
Add CLI, Web UI option, and CI tests.
Increase DEFAULT_PBKDF2_ROUNDS to 100_000.
Fixes: https://github.com/389ds/389-ds-base/issues/6269
Reviewed by: @Firstyear, @progier389, @tbordaz (Thanks!!!)
- - - - -
6935548e by Mark Reynolds at 2025-01-09T08:39:50-05:00
Issue 6483 - CI - fix filter_test - test_match_large_valueset
Description:
Fix filter_test::test_match_large_valueset
The suffix and parent parameters to dbgen_users was switched
Relates: https://github.com/389ds/389-ds-base/issues/6483
Reviewed by: spichugi(Thanks!)
- - - - -
986cb5c7 by Mark Reynolds at 2025-01-09T13:58:39-05:00
Issue 6485 - Fix double free in USN cleanup task
Description:
ASAN report shows double free of bind dn in the USN cleanup task data. The bind
dn was passed as a reference so it should never have to be freed by the cleanup
task.
Relates: https://github.com/389ds/389-ds-base/issues/6485
Reviewed by: tbordaz(Thanks!)
- - - - -
f2abeb0f by Mark Reynolds at 2025-01-10T22:17:49-05:00
Issue 6490 - Remove the rust error log message for pbkdf2 rounds
Description:
We log an info message about the pbkdf2 iterations, but the severity level is
ERR. Just removing the logging for now, and it will added back later at
a more appropriate location.
Relates: https://github.com/389ds/389-ds-base/issues/6490
Reviewed by: spichugi(Thanks!)
- - - - -
ea7de484 by tbordaz at 2025-01-13T15:52:07+01:00
Issue 6417 - (3rd) If an entry RDN is identical to the suffix, then Entryrdn gets broken during a reindex (#6480)
Bug description:
The previous fix had a flaw.
In case entryrdn_lookup_dn is called with an undefined suffix
the lookup of the suffix trigger a crash.
For example it can occur during internal search of an
unexisting map (view plugin).
The issue exists in all releases but is hidden since 2.3.
Fix description:
testing the suffix is defined
fixes: #6417
Reviewed by: Pierre Rogier (THnaks !)
- - - - -
4bd27ecc by progier389 at 2025-01-13T18:03:07+01:00
Issue 6494 - Various errors when using extended matching rule on vlv sort filter (#6495)
* Issue 6494 - Various errors when using extended matching rule on vlv sort filter
Various issues when configuring and using extended matching rule within a vlv sort filter:
Race condition about the keys storage while indexing leading to various heap and data corruption. (lmdb only)
Crash while indexing if vlv are misconfigured because NULL key is not checked.
Read after block because of data type mismatch between SlapiValue and berval
Memory leaks
Solution:
Serialize the vlv index key generation if vlv filter has an extended matching rule.
Check null keys
Always provides SlapiValue even ifg we want to get keys as bervals
Free properly the resources
Issue: #6494
Reviewed by: @mreynolds389 (Thanks!)
- - - - -
2bb63629 by Simon Pichugin at 2025-01-13T19:46:08-08:00
Issue 6490 - Add a new macro function and print rounds on startup (#6496)
Description: This commit introduces a new macro function (log_error_ext!) to improve logging by providing a way to write a custom subsystem instead of file:line. It also modifies the handle_pbkdf2_rounds_config method to print the PBKDF2 rounds (number of iterations) on startup.
Fixes: https://github.com/389ds/389-ds-base/issues/6490
Reviewed by: @mreynolds389 (Thanks!)
- - - - -
9e092353 by Mark Reynolds at 2025-01-14T11:37:05-05:00
Issue 6453 - Fix memory leaks in entryrdn
Description:
We leak memory when processing long DN's (mdb). We have to loop over
long DN's and on each pass we leak the previous rdn element. In the
tombstone case we just need to free the current childelem
Relates: //github.com/389ds/389-ds-base/issues/6453
Reviewed by: progier & spichugi(Thanks!!)
- - - - -
e6ad63be by tbordaz at 2025-01-14T18:12:56+01:00
Issue 6470 - Some replication status data are reset upon a restart (#6471)
Bug description:
The replication agreement contains operational attributes
related to the total init: nsds5replicaLastInitStart,
nsds5replicaLastInitEnd, nsds5replicaLastInitStatus.
Those attributes are reset at restart
Fix description:
When reading the replication agreement from config
(agmt_new_from_entry) restore the attributes into
the in-memory RA.
Updates the RA config entry from the in-memory RA
during shutdown/cleanallruv/enable_ra
fixes: #6470
Reviewed by: Simon Pichugin (Thanks !!)
- - - - -
eed4305b by Simon Pichugin at 2025-01-14T10:55:03-08:00
Issue 6497 - lib389 - Configure replication for multiple suffixes (#6498)
Bug Description: When trying to set up replication across multiple suffixes -
particularly if one of those suffixes is a subsuffix - lib389 fails to properly
configure the replication agreements, service accounts, and required groups.
The references to the replication_managers group and service account
naming do not correctly account for non-default additional suffixes.
Fix Description: Ensure replication DNs and credentials are correctly tied to each suffix.
Enable DSLdapObject.present method to compare values as
a normalized DNs if they are DNs.
Add a test (test_multi_subsuffix_replication) to verify multi-suffix
replication across four suppliers.
Fix tests that are related to repl service accounts.
Fixes: https://github.com/389ds/389-ds-base/issues/6497
Reviewed: @progier389 (Thanks!)
- - - - -
7adcd8af by James Chapman at 2025-01-14T21:17:00+00:00
Issue 6481 - UI - When ports that are in use are used to update a DS instance the error message is not helpful (#6482)
Bug description:
When updating port values on a DS instance, if the port value is already in use
the error message displayed by the UI is not helpful.
Fix description:
Add a UI method that checks if the updated port value is already in use.
If it is, disable the save button.
Fixes: https://github.com/389ds/389-ds-base/issues/6481
Reviewed by: @mreynolds389, @droideck (Thank you)
- - - - -
11f473da by tbordaz at 2025-01-15T17:31:12+01:00
Issue 6453 - (cont) Fix memory leaks in entryrdn (#6504)
Bug description:
Few regressions in CI (filter/import/mapping_tree)
Fix description:
Test a pointer before deref
fixes: #6453
Reviewed by: Mark Reynolds (Thanks)
- - - - -
3f1c3c3c by progier389 at 2025-01-20T13:19:38+01:00
Issue 6507 - changelog modifiers operation not displayed in dbscan (#6511)
Problem: when dbscan dumps the changelog, it does not display modify operation modifier sub operation
(i.e: add/delete/replace) on the specified attribute
Solution:
Use a format similar to the ldif one:
suboperation: type
type: value
...
-
but only when dumpoing a modify operation : add and modrdn still use the
type:value
...
format
Issue: #6507
Reviewed by: @mreynolds389, @tbordaz (Thanks!)
- - - - -
05144540 by Mark Reynolds at 2025-01-20T11:46:49-05:00
Issue 6509 - Race condition with Paged Result searches
Description:
There is a race condition with Paged Result searches when a new operation comes
in while a paged search is finishing. This triggers an invalid time out error
and closes the connection with a T3 code.
The problem is that we do not use the "PagedResult lock" when checking the
connection's paged result data for a timeout event. This causes the paged
result timeout value to change unexpectedly and trigger a false timeout when a
new operation arrives.
Now we check the timeout without hte conn lock, if its expired it could
be a race condition and false positive. Try the lock again and test the
timeout. This also prevents blocking non-paged result searches from
getting held up by the lock when it's not necessary.
This also fixes some memory leaks that occur when an error happens.
Relates: https://github.com/389ds/389-ds-base/issues/6509
Reviewed by: tbordaz & proger (Thanks!!)
- - - - -
a580fc4f by Lenka Doudova at 2025-01-21T14:00:03+01:00
Issue 6505 - Add basic dsidm role tests
Automating basic dsidm role tests
Relates: https://github.com/389ds/389-ds-base/issues/6505
Author: Lenka Doudova
Reviewed by: ???
- - - - -
09885e6c by Viktor Ashirov at 2025-01-21T18:33:20+01:00
Issue 6525 - Fix srpm generation in COPR
Bug Description:
After update of COPR to F41 and DNF5, srpm generation no longer works
due to missing `builddep` command.
Fix Description:
Instead of installing all build dependencies, we should install the ones
required for srpm generation.
Reviewed by: @mreynolds389 (Thanks!)
Fixes: https://github.com/389ds/389-ds-base/issues/6525
- - - - -
4a6a126c by Lenka Doudova at 2025-01-22T07:29:28+01:00
Issue 6513 - Add basic dsidm uniquegroup tests
Automating basic dsidm uniquegroup tests
Relates: https://github.com/389ds/389-ds-base/issues/6513
Author: Lenka Doudova
Reviewer: ???
- - - - -
654db44e by Lenka Doudova at 2025-01-22T07:29:28+01:00
Issue 6523 - dsidm uniquegroup members not implemented
Filling in missing method implementing 'dsidm uniquegroup members'.
Automated tests for dsidm uniquegroup members, add_member and
remove_member commands.
Relates: https://github.com/389ds/389-ds-base/issues/6523
Author: Lenka Doudova
Reviewed by: ???
- - - - -
8838821d by Lenka Doudova at 2025-01-22T16:39:13+01:00
Issue 6521 - Typo in dsidm (unique)group add_member prompt
Fixing a typo in dsidm group/uniquegroup add_member prompt
Relates to: https://github.com/389ds/389-ds-base/issues/6521
Author: Lenka Doudova
Reviewed by: ???
- - - - -
bd1152a3 by tbordaz at 2025-01-22T18:20:51+01:00
Issue 6516 - Allow to configure the password scheme not updated on bind (#6517)
Bug description:
The configuration option 'nsslapd-enable-upgrade-hash: on' allows
to update, during a user bind, the password storage hash of the
user password.
The update sets the password storage hash to the one defined in the
password policy (passwordStorageScheme)
If the current user password hash is 'CRYPT' or 'CLEAR' then the
password storage hash is not updated. This is hardcoded.
Fix description:
Introduce a new configuration parameter that list the hashes
that are *not* upgraded during a bind.
'nsslapd-scheme-list-no-upgrade-hash'
fixes: #6516
Reviewed by: Pierre Rogier
- - - - -
f2896a9b by Lenka Doudova at 2025-01-23T08:03:32+01:00
Issue 6424 - Filling in dsidm group tests
Adding missing automated tests for dsidm group members, add_member and
remove_member commands.
Relates: https://github.com/389ds/389-ds-base/issues/6424
Author: Lenka Doudova
Reviewed by: ???
- - - - -
fd9acfe0 by Viktor Ashirov at 2025-01-23T11:54:47+01:00
Issue 6359 - Fix incorrect License tag
Description:
License tag generated by bundle-rust-npm.py had misplaced 'AND' for
the default license.
Relates: https://github.com/389ds/389-ds-base/issues/6359
Reviewed by: @droideck (Thanks!)
- - - - -
0646e238 by progier389 at 2025-01-23T14:49:19+01:00
Issue 6531 - Fix CI Tests - Decrease mdb map size for large topologies (#6532)
Decrease mdb map size to 10 gb when using topologies whose number of instances is > 3
Issue: #6531
Reviewed by: @tbordaz (Thanks!)
- - - - -
c5e1fb1e by James Chapman at 2025-01-23T14:35:25+00:00
Issue 3342 - RFE logconv.pl should have a replacement in CLI tools (#6444)
Bug description:
Perl DB is not available in RHEL 10 so the server access log
analyzer tool (logconv.pl) needs to be ported to python.
Fix description:
Initial draft of logconv.py, this is a work in progress. This
commit message will be updated following code review/rework.
Fixes: https://github.com/389ds/389-ds-base/issues/3342
Reviewed by: @progier389 @mreynolds389 (Thank you)
- - - - -
e171a636 by Viktor Ashirov at 2025-01-23T21:31:56+01:00
Bump version to 3.1.2
- - - - -
f406881c by Timo Aaltonen at 2025-04-10T11:26:25+03:00
vendor: Import ahash 0.7.8. (Closes: #1095537)
- - - - -
bdfe5dc4 by Timo Aaltonen at 2025-04-10T11:27:06+03:00
Merge branch 'upstream'
- - - - -
70375e53 by Timo Aaltonen at 2025-04-10T11:27:39+03:00
version bump
- - - - -
fa36643c by Timo Aaltonen at 2025-04-10T13:25:11+03:00
patches: Refreshed.
- - - - -
aae9cd68 by Timo Aaltonen at 2025-04-10T13:46:59+03:00
control, rules: Drop obsolete perl depends, install pythonized logconv.
- - - - -
046ff2b6 by Timo Aaltonen at 2025-04-10T13:57:04+03:00
patches: Fix CVE-2025-2487. (Closes: #1100994)
- - - - -
376f3ec8 by Timo Aaltonen at 2025-04-10T14:06:12+03:00
control: Migrate to pkgconf.
- - - - -
aaa48fb1 by Timo Aaltonen at 2025-04-10T14:06:18+03:00
releasing package 389-ds-base version 3.1.2+dfsg1-1
- - - - -
478 changed files:
- .cargo/config.in → .cargo/config.toml.in
- .copr/Makefile
- Makefile.am
- VERSION.sh
- configure.ac
- debian/changelog
- debian/control
- debian/copyright
- + debian/patches/0001-Security-fix-for-CVE-2025-2487.patch
- debian/patches/base64.diff
- debian/patches/series
- debian/patches/use-packaged-rust-registry.diff
- debian/rules
- + debian/vendor/ahash/.cargo-checksum.json
- + debian/vendor/ahash/Cargo.toml
- + debian/vendor/ahash/FAQ.md
- + debian/vendor/ahash/LICENSE-APACHE
- + debian/vendor/ahash/LICENSE-MIT
- + debian/vendor/ahash/README.md
- + debian/vendor/ahash/build.rs
- + debian/vendor/ahash/rustfmt.toml
- + debian/vendor/ahash/src/aes_hash.rs
- + debian/vendor/ahash/src/convert.rs
- + debian/vendor/ahash/src/fallback_hash.rs
- + debian/vendor/ahash/src/hash_map.rs
- + debian/vendor/ahash/src/hash_quality_test.rs
- + debian/vendor/ahash/src/hash_set.rs
- + debian/vendor/ahash/src/lib.rs
- + debian/vendor/ahash/src/operations.rs
- + debian/vendor/ahash/src/random_state.rs
- + debian/vendor/ahash/src/specialize.rs
- + debian/vendor/ahash/tests/bench.rs
- + debian/vendor/ahash/tests/map_tests.rs
- + debian/vendor/ahash/tests/nopanic.rs
- dirsrvtests/tests/suites/automember_plugin/automember_test.py
- dirsrvtests/tests/suites/automember_plugin/basic_test.py
- dirsrvtests/tests/suites/backups/backup_test.py
- dirsrvtests/tests/suites/basic/basic_test.py
- dirsrvtests/tests/suites/basic/haproxy_test.py
- dirsrvtests/tests/suites/betxns/betxn_test.py
- dirsrvtests/tests/suites/clu/__init__.py
- + dirsrvtests/tests/suites/clu/dbscan_test.py
- + dirsrvtests/tests/suites/clu/dsconf_agmt_create_test.py
- + dirsrvtests/tests/suites/clu/dsconf_config_test.py
- + dirsrvtests/tests/suites/clu/dsconf_logging.py
- dirsrvtests/tests/suites/clu/dsctl_dblib_test.py
- + dirsrvtests/tests/suites/clu/dsidm_group_test.py
- dirsrvtests/tests/suites/clu/dsidm_organizational_unit_test.py
- + dirsrvtests/tests/suites/clu/dsidm_posixgroup_test.py
- + dirsrvtests/tests/suites/clu/dsidm_role_test.py
- dirsrvtests/tests/suites/clu/dsidm_services_test.py
- + dirsrvtests/tests/suites/clu/dsidm_uniquegroup_test.py
- dirsrvtests/tests/suites/clu/dsidm_user_test.py
- dirsrvtests/tests/suites/clu/repl_monitor_test.py
- dirsrvtests/tests/suites/clu/schema_test.py
- dirsrvtests/tests/suites/config/config_test.py
- dirsrvtests/tests/suites/ds_logs/ds_logs_test.py
- dirsrvtests/tests/suites/ds_tools/replcheck_test.py
- dirsrvtests/tests/suites/filter/filter_test.py
- dirsrvtests/tests/suites/healthcheck/health_config_test.py
- dirsrvtests/tests/suites/healthcheck/healthcheck_test.py
- dirsrvtests/tests/suites/import/import_test.py
- dirsrvtests/tests/suites/indexes/entryrdn_test.py
- dirsrvtests/tests/suites/indexes/regression_test.py
- dirsrvtests/tests/suites/lib389/config_compare_test.py
- + dirsrvtests/tests/suites/memberof_plugin/memberof_deferred_repl_test.py
- dirsrvtests/tests/suites/memberof_plugin/memberof_include_scopes_test.py
- + dirsrvtests/tests/suites/memberof_plugin/nested_groups_test.py
- dirsrvtests/tests/suites/memberof_plugin/regression_test.py
- dirsrvtests/tests/suites/openldap_2_389/migrate_hdb_test.py
- dirsrvtests/tests/suites/openldap_2_389/migrate_memberof_test.py
- dirsrvtests/tests/suites/openldap_2_389/migrate_monitor_test.py
- dirsrvtests/tests/suites/openldap_2_389/migrate_test.py
- dirsrvtests/tests/suites/paged_results/paged_results_test.py
- dirsrvtests/tests/suites/password/password_test.py
- dirsrvtests/tests/suites/password/pbkdf2_upgrade_plugin_test.py
- dirsrvtests/tests/suites/plugins/acceptance_test.py
- dirsrvtests/tests/suites/plugins/accpol_check_all_state_attrs_test.py
- dirsrvtests/tests/suites/plugins/accpol_test.py
- dirsrvtests/tests/suites/plugins/entryusn_test.py
- dirsrvtests/tests/suites/plugins/memberof_test.py
- dirsrvtests/tests/suites/pwp_storage/storage_test.py
- dirsrvtests/tests/suites/replication/acceptance_test.py
- dirsrvtests/tests/suites/replication/changelog_trimming_test.py
- dirsrvtests/tests/suites/replication/cleanallruv_shutdown_crash_test.py
- dirsrvtests/tests/suites/replication/regression_m2_test.py
- + dirsrvtests/tests/suites/replication/regression_m2c1_test.py
- dirsrvtests/tests/suites/replication/single_master_test.py
- dirsrvtests/tests/suites/replication/tls_client_auth_repl_test.py
- dirsrvtests/tests/suites/replication/wait_for_async_feature_test.py
- dirsrvtests/tests/suites/roles/basic_test.py
- + dirsrvtests/tests/suites/session_tracking/session_test.py
- dirsrvtests/tests/suites/tls/tls_cert_namespace_test.py
- + dirsrvtests/tests/suites/tls/tls_repl_clientauth_test.py
- dirsrvtests/tests/suites/vlv/regression_test.py
- + ldap/admin/src/logconv.py
- ldap/ldif/template-dse-minimal.ldif.in
- ldap/ldif/template-dse.ldif.in
- ldap/schema/01core389.ldif
- ldap/schema/60pam-plugin.ldif
- ldap/servers/plugins/acctpolicy/acct_plugin.c
- ldap/servers/plugins/acl/aclgroup.c
- ldap/servers/plugins/acl/acllas.c
- ldap/servers/plugins/acl/aclutil.c
- ldap/servers/plugins/chainingdb/cb_conn_stateless.c
- ldap/servers/plugins/memberof/memberof.c
- ldap/servers/plugins/memberof/memberof.h
- ldap/servers/plugins/memberof/memberof_config.c
- ldap/servers/plugins/replication/cl5_api.c
- ldap/servers/plugins/replication/cl5_api.h
- ldap/servers/plugins/replication/cl5_clcache.c
- ldap/servers/plugins/replication/cl5_init.c
- ldap/servers/plugins/replication/profile.c
- ldap/servers/plugins/replication/repl5.h
- ldap/servers/plugins/replication/repl5_agmt.c
- ldap/servers/plugins/replication/repl5_agmtlist.c
- ldap/servers/plugins/replication/repl5_connection.c
- ldap/servers/plugins/replication/repl5_protocol_util.c
- ldap/servers/plugins/replication/repl5_replica.c
- ldap/servers/plugins/replication/repl5_ruv.c
- ldap/servers/plugins/replication/repl5_ruv.h
- ldap/servers/plugins/replication/repl5_tot_protocol.c
- ldap/servers/plugins/replication/repl_cleanallruv.c
- ldap/servers/plugins/replication/repl_controls.c
- ldap/servers/plugins/replication/repl_globals.c
- ldap/servers/plugins/retrocl/retrocl_trim.c
- ldap/servers/plugins/rootdn_access/rootdn_access.c
- ldap/servers/plugins/schema_reload/schema_reload.c
- ldap/servers/plugins/syntaxes/inchain.c
- ldap/servers/plugins/syntaxes/string.c
- ldap/servers/plugins/usn/usn_cleanup.c
- ldap/servers/plugins/whoami/whoami.c
- ldap/servers/slapd/abandon.c
- + ldap/servers/slapd/accesslog.c
- ldap/servers/slapd/add.c
- ldap/servers/slapd/agtmmap.c
- ldap/servers/slapd/auditlog.c
- ldap/servers/slapd/back-ldbm/back-ldbm.h
- ldap/servers/slapd/back-ldbm/cleanup.c
- ldap/servers/slapd/back-ldbm/db-bdb/bdb_import.c
- ldap/servers/slapd/back-ldbm/db-bdb/bdb_import_threads.c
- ldap/servers/slapd/back-ldbm/db-bdb/bdb_layer.c
- ldap/servers/slapd/back-ldbm/db-bdb/bdb_ldif2db.c
- ldap/servers/slapd/back-ldbm/db-bdb/bdb_misc.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_config.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_debug.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_debug.h
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_import.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_import_threads.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_instance.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_layer.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_layer.h
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_ldif2db.c
- ldap/servers/slapd/back-ldbm/db-mdb/mdb_txn.c
- ldap/servers/slapd/back-ldbm/dbimpl.c
- ldap/servers/slapd/back-ldbm/dblayer.c
- ldap/servers/slapd/back-ldbm/dblayer.h
- ldap/servers/slapd/back-ldbm/filterindex.c
- ldap/servers/slapd/back-ldbm/idl_new.c
- ldap/servers/slapd/back-ldbm/import.c
- ldap/servers/slapd/back-ldbm/index.c
- ldap/servers/slapd/back-ldbm/init.c
- ldap/servers/slapd/back-ldbm/ldbm_add.c
- ldap/servers/slapd/back-ldbm/ldbm_attr.c
- ldap/servers/slapd/back-ldbm/ldbm_attrcrypt.c
- ldap/servers/slapd/back-ldbm/ldbm_delete.c
- ldap/servers/slapd/back-ldbm/ldbm_entryrdn.c
- ldap/servers/slapd/back-ldbm/ldbm_modify.c
- ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
- ldap/servers/slapd/back-ldbm/ldbm_search.c
- ldap/servers/slapd/back-ldbm/matchrule.c
- ldap/servers/slapd/back-ldbm/proto-back-ldbm.h
- ldap/servers/slapd/back-ldbm/sort.c
- ldap/servers/slapd/back-ldbm/vlv.c
- ldap/servers/slapd/back-ldbm/vlv_srch.c
- ldap/servers/slapd/bind.c
- ldap/servers/slapd/charray.c
- ldap/servers/slapd/compare.c
- ldap/servers/slapd/config.c
- ldap/servers/slapd/connection.c
- ldap/servers/slapd/conntable.c
- ldap/servers/slapd/control.c
- ldap/servers/slapd/csngen.c
- ldap/servers/slapd/daemon.c
- ldap/servers/slapd/delete.c
- ldap/servers/slapd/dse.c
- ldap/servers/slapd/entry.c
- ldap/servers/slapd/extendop.c
- ldap/servers/slapd/fedse.c
- ldap/servers/slapd/filterentry.c
- ldap/servers/slapd/generation.c
- ldap/servers/slapd/ldapi.c
- ldap/servers/slapd/ldaputil.c
- ldap/servers/slapd/libglobs.c
- ldap/servers/slapd/log.c
- ldap/servers/slapd/log.h
- ldap/servers/slapd/main.c
- ldap/servers/slapd/modify.c
- ldap/servers/slapd/modrdn.c
- ldap/servers/slapd/modutil.c
- ldap/servers/slapd/operation.c
- ldap/servers/slapd/opshared.c
- ldap/servers/slapd/pagedresults.c
- ldap/servers/slapd/passwd_extop.c
- ldap/servers/slapd/pblock.c
- ldap/servers/slapd/pblock_v3.h
- ldap/servers/slapd/plugin.c
- ldap/servers/slapd/plugin_internal_op.c
- ldap/servers/slapd/plugin_mr.c
- ldap/servers/slapd/proto-slap.h
- ldap/servers/slapd/pw.c
- ldap/servers/slapd/result.c
- ldap/servers/slapd/saslbind.c
- ldap/servers/slapd/schema.c
- ldap/servers/slapd/slap.h
- ldap/servers/slapd/slapi-memberof.c
- ldap/servers/slapd/slapi-plugin.h
- ldap/servers/slapd/slapi-private.h
- ldap/servers/slapd/slapi_pal.c
- ldap/servers/slapd/ssl.c
- ldap/servers/slapd/task.c
- ldap/servers/slapd/thread_data.c
- + ldap/servers/slapd/tools/chkvlv.c
- ldap/servers/slapd/tools/dbscan.c
- ldap/servers/slapd/tools/ldclt/ldclt.c
- ldap/servers/slapd/unbind.c
- ldap/servers/slapd/util.c
- ldap/servers/slapd/vattr.c
- ldap/servers/snmp/main.c
- lib/libaccess/lasip.cpp
- lib/libadmin/util.c
- lib/libsi18n/reshash.c
- man/man1/dbscan.1
- + man/man1/logconv.py.1
- rpm.mk
- rpm/389-ds-base.spec.in
- rpm/bundle-rust-npm.py
- src/cockpit/389-console/build.js
- src/cockpit/389-console/buildAndRun.sh
- src/cockpit/389-console/package-lock.json
- src/cockpit/389-console/package.json
- src/cockpit/389-console/pkg/lib/README
- + src/cockpit/389-console/pkg/lib/cockpit-components-context-menu.tsx
- src/cockpit/389-console/pkg/lib/cockpit-components-dialog.jsx
- + src/cockpit/389-console/pkg/lib/cockpit-components-dropdown.tsx
- + src/cockpit/389-console/pkg/lib/cockpit-components-dynamic-list.jsx
- + src/cockpit/389-console/pkg/lib/cockpit-components-dynamic-list.scss
- src/cockpit/389-console/pkg/lib/cockpit-components-empty-state.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-file-autocomplete.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-firewalld-request.jsx
- + src/cockpit/389-console/pkg/lib/cockpit-components-form-helper.tsx
- + src/cockpit/389-console/pkg/lib/cockpit-components-inline-notification.tsx
- src/cockpit/389-console/pkg/lib/cockpit-components-install-dialog.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-listing-panel.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-listing-panel.scss
- src/cockpit/389-console/pkg/lib/cockpit-components-logs-panel.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-modifications.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-password.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-password.scss
- src/cockpit/389-console/pkg/lib/cockpit-components-plot.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-privileged.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-shutdown.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-table.jsx
- src/cockpit/389-console/pkg/lib/cockpit-components-table.scss
- src/cockpit/389-console/pkg/lib/cockpit-components-terminal.jsx
- + src/cockpit/389-console/pkg/lib/cockpit-components-truncate.jsx
- + src/cockpit/389-console/pkg/lib/cockpit-components-truncate.scss
- + src/cockpit/389-console/pkg/lib/cockpit-connect-ssh.tsx
- + src/cockpit/389-console/pkg/lib/cockpit-dark-theme.ts
- + src/cockpit/389-console/pkg/lib/cockpit-path.ts
- src/cockpit/389-console/pkg/lib/cockpit-po-plugin.js
- src/cockpit/389-console/pkg/lib/cockpit-rsync-plugin.js
- + src/cockpit/389-console/pkg/lib/cockpit-upload-helper.ts
- + src/cockpit/389-console/pkg/lib/cockpit.d.ts
- src/cockpit/389-console/pkg/lib/cockpit.js
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/base64.js
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/channel.js
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/common.ts
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/deferred.js
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/event-mixin.js
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/location.ts
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/parentwebsocket.ts
- + src/cockpit/389-console/pkg/lib/cockpit/_internal/transport.ts
- + src/cockpit/389-console/pkg/lib/cockpit/channel.ts
- + src/cockpit/389-console/pkg/lib/cockpit/event.ts
- + src/cockpit/389-console/pkg/lib/cockpit/fsinfo.ts
- src/cockpit/389-console/pkg/lib/console.css
- src/cockpit/389-console/pkg/lib/credentials.js
- + src/cockpit/389-console/pkg/lib/dialogs.tsx
- src/cockpit/389-console/pkg/lib/esbuild-cleanup-plugin.js
- src/cockpit/389-console/pkg/lib/esbuild-common.js
- src/cockpit/389-console/pkg/lib/esbuild-compress-plugin.js
- src/cockpit/389-console/pkg/lib/esbuild-test-html-plugin.js
- src/cockpit/389-console/pkg/lib/get-timesync-backend.py
- + src/cockpit/389-console/pkg/lib/hooks.ts
- src/cockpit/389-console/pkg/lib/html2po.js
- src/cockpit/389-console/pkg/lib/inotify.py
- src/cockpit/389-console/pkg/lib/journal.css
- src/cockpit/389-console/pkg/lib/journal.js
- + src/cockpit/389-console/pkg/lib/kernelopt.sh
- src/cockpit/389-console/pkg/lib/long-running-process.js
- src/cockpit/389-console/pkg/lib/machine-info.js
- src/cockpit/389-console/pkg/lib/manifest2po.js
- src/cockpit/389-console/pkg/lib/notifications.js
- src/cockpit/389-console/pkg/lib/os-release.js
- src/cockpit/389-console/pkg/lib/packagekit.js
- + src/cockpit/389-console/pkg/lib/pam_user_parser.ts
- src/cockpit/389-console/pkg/lib/patternfly/_fonts.scss
- src/cockpit/389-console/pkg/lib/patternfly/patternfly-5-overrides.scss
- src/cockpit/389-console/pkg/lib/plot.js
- src/cockpit/389-console/pkg/lib/polyfills.js
- src/cockpit/389-console/pkg/lib/python.js
- + src/cockpit/389-console/pkg/lib/qunit-tap.d.ts
- src/cockpit/389-console/pkg/lib/qunit-template.html.in
- + src/cockpit/389-console/pkg/lib/qunit-tests.ts
- src/cockpit/389-console/pkg/lib/serverTime.js
- src/cockpit/389-console/pkg/lib/service.js
- + src/cockpit/389-console/pkg/lib/ssh-add-key.sh
- + src/cockpit/389-console/pkg/lib/ssh-show-default-key.sh
- src/cockpit/389-console/pkg/lib/superuser.js
- src/cockpit/389-console/pkg/lib/table.css
- + src/cockpit/389-console/pkg/lib/test-path.ts
- + src/cockpit/389-console/pkg/lib/timeformat.ts
- + src/cockpit/389-console/pkg/lib/utils.tsx
- src/cockpit/389-console/po/ja.po
- src/cockpit/389-console/src/LDAPEditor.jsx
- src/cockpit/389-console/src/css/_fonts.scss
- src/cockpit/389-console/src/database.jsx
- src/cockpit/389-console/src/ds.jsx
- src/cockpit/389-console/src/dsModals.jsx
- src/cockpit/389-console/src/lib/database/attrEncryption.jsx
- src/cockpit/389-console/src/lib/database/backups.jsx
- src/cockpit/389-console/src/lib/database/chaining.jsx
- src/cockpit/389-console/src/lib/database/databaseConfig.jsx
- src/cockpit/389-console/src/lib/database/databaseModal.jsx
- src/cockpit/389-console/src/lib/database/databaseTables.jsx
- src/cockpit/389-console/src/lib/database/globalPwp.jsx
- src/cockpit/389-console/src/lib/database/indexes.jsx
- src/cockpit/389-console/src/lib/database/localPwp.jsx
- src/cockpit/389-console/src/lib/database/referrals.jsx
- src/cockpit/389-console/src/lib/database/suffix.jsx
- src/cockpit/389-console/src/lib/database/suffixConfig.jsx
- src/cockpit/389-console/src/lib/database/vlvIndexes.jsx
- src/cockpit/389-console/src/lib/ldap_editor/lib/editableTable.jsx
- src/cockpit/389-console/src/lib/ldap_editor/lib/genericPagination.jsx
- src/cockpit/389-console/src/lib/ldap_editor/search.jsx
- src/cockpit/389-console/src/lib/ldap_editor/tableView.jsx
- src/cockpit/389-console/src/lib/ldap_editor/treeView.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/aci.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/cos.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/deleteOperation.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/newEntry.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/aciBindRuleTable.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/aciNew.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/addCosDefinition.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/addCosTemplate.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/addGroup.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/addLdapEntry.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/addRole.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/addUser.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/editGroup.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/editLdapEntry.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/genericUpdate.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/groupTable.jsx
- src/cockpit/389-console/src/lib/ldap_editor/wizards/operations/renameEntry.jsx
- src/cockpit/389-console/src/lib/monitor/accesslog.jsx
- src/cockpit/389-console/src/lib/monitor/auditfaillog.jsx
- src/cockpit/389-console/src/lib/monitor/auditlog.jsx
- src/cockpit/389-console/src/lib/monitor/chainingMonitor.jsx
- src/cockpit/389-console/src/lib/monitor/errorlog.jsx
- src/cockpit/389-console/src/lib/monitor/monitorModals.jsx
- src/cockpit/389-console/src/lib/monitor/monitorTables.jsx
- src/cockpit/389-console/src/lib/monitor/replMonAgmts.jsx
- src/cockpit/389-console/src/lib/monitor/replMonConflict.jsx
- src/cockpit/389-console/src/lib/monitor/replMonTasks.jsx
- src/cockpit/389-console/src/lib/monitor/replMonWinsync.jsx
- src/cockpit/389-console/src/lib/monitor/replMonitor.jsx
- src/cockpit/389-console/src/lib/monitor/securitylog.jsx
- src/cockpit/389-console/src/lib/monitor/serverMonitor.jsx
- src/cockpit/389-console/src/lib/monitor/suffixMonitor.jsx
- src/cockpit/389-console/src/lib/notifications.jsx
- src/cockpit/389-console/src/lib/plugins/accountPolicy.jsx
- src/cockpit/389-console/src/lib/plugins/attributeUniqueness.jsx
- src/cockpit/389-console/src/lib/plugins/autoMembership.jsx
- src/cockpit/389-console/src/lib/plugins/dna.jsx
- src/cockpit/389-console/src/lib/plugins/linkedAttributes.jsx
- src/cockpit/389-console/src/lib/plugins/managedEntries.jsx
- src/cockpit/389-console/src/lib/plugins/memberOf.jsx
- src/cockpit/389-console/src/lib/plugins/pamPassThru.jsx
- src/cockpit/389-console/src/lib/plugins/passthroughAuthentication.jsx
- src/cockpit/389-console/src/lib/plugins/pluginBasicConfig.jsx
- src/cockpit/389-console/src/lib/plugins/pluginTables.jsx
- src/cockpit/389-console/src/lib/plugins/referentialIntegrity.jsx
- src/cockpit/389-console/src/lib/plugins/retroChangelog.jsx
- src/cockpit/389-console/src/lib/plugins/rootDNAccessControl.jsx
- src/cockpit/389-console/src/lib/plugins/usn.jsx
- src/cockpit/389-console/src/lib/plugins/winsync.jsx
- src/cockpit/389-console/src/lib/replication/replAgmts.jsx
- src/cockpit/389-console/src/lib/replication/replChangelog.jsx
- src/cockpit/389-console/src/lib/replication/replConfig.jsx
- src/cockpit/389-console/src/lib/replication/replModals.jsx
- src/cockpit/389-console/src/lib/replication/replSuffix.jsx
- src/cockpit/389-console/src/lib/replication/replTables.jsx
- src/cockpit/389-console/src/lib/replication/replTasks.jsx
- src/cockpit/389-console/src/lib/replication/winsyncAgmts.jsx
- src/cockpit/389-console/src/lib/schema/schemaModals.jsx
- src/cockpit/389-console/src/lib/schema/schemaTables.jsx
- src/cockpit/389-console/src/lib/security/certificateManagement.jsx
- src/cockpit/389-console/src/lib/security/ciphers.jsx
- src/cockpit/389-console/src/lib/security/securityModals.jsx
- src/cockpit/389-console/src/lib/security/securityTables.jsx
- src/cockpit/389-console/src/lib/server/accessLog.jsx
- src/cockpit/389-console/src/lib/server/auditLog.jsx
- src/cockpit/389-console/src/lib/server/auditfailLog.jsx
- src/cockpit/389-console/src/lib/server/errorLog.jsx
- src/cockpit/389-console/src/lib/server/ldapi.jsx
- src/cockpit/389-console/src/lib/server/sasl.jsx
- src/cockpit/389-console/src/lib/server/securityLog.jsx
- src/cockpit/389-console/src/lib/server/serverModals.jsx
- src/cockpit/389-console/src/lib/server/serverTables.jsx
- src/cockpit/389-console/src/lib/server/settings.jsx
- src/cockpit/389-console/src/lib/server/tuning.jsx
- src/cockpit/389-console/src/lib/tools.jsx
- src/cockpit/389-console/src/monitor.jsx
- src/cockpit/389-console/src/plugins.jsx
- src/cockpit/389-console/src/replication.jsx
- src/cockpit/389-console/src/schema.jsx
- src/cockpit/389-console/src/security.jsx
- src/cockpit/389-console/src/server.jsx
- src/contrib/back-ldif/modify.c
- src/lib389/cli/dsconf
- src/lib389/cli/dscreate
- src/lib389/cli/dsctl
- src/lib389/cli/dsidm
- src/lib389/cli/openldap_to_ds
- src/lib389/lib389/__init__.py
- src/lib389/lib389/_constants.py
- src/lib389/lib389/_mapped_object.py
- src/lib389/lib389/backend.py
- src/lib389/lib389/cli_base/__init__.py
- src/lib389/lib389/cli_conf/config.py
- + src/lib389/lib389/cli_conf/logging.py
- src/lib389/lib389/cli_conf/plugin.py
- src/lib389/lib389/cli_conf/plugins/accountpolicy.py
- + src/lib389/lib389/cli_conf/plugins/pwstorage.py
- src/lib389/lib389/cli_conf/replication.py
- src/lib389/lib389/cli_ctl/dblib.py
- src/lib389/lib389/cli_idm/__init__.py
- src/lib389/lib389/cli_idm/group.py
- src/lib389/lib389/cli_idm/organizationalunit.py
- src/lib389/lib389/cli_idm/posixgroup.py
- src/lib389/lib389/cli_idm/role.py
- src/lib389/lib389/cli_idm/service.py
- src/lib389/lib389/cli_idm/uniquegroup.py
- src/lib389/lib389/config.py
- src/lib389/lib389/dirsrv_log.py
- src/lib389/lib389/idm/account.py
- src/lib389/lib389/idm/group.py
- src/lib389/lib389/lint.py
- src/lib389/lib389/password_plugins.py
- src/lib389/lib389/plugins.py
- src/lib389/lib389/properties.py
- src/lib389/lib389/replica.py
- src/lib389/lib389/schema.py
- src/lib389/lib389/tasks.py
- src/lib389/lib389/tests/healthcheck_test.py
- src/lib389/lib389/topologies.py
- src/lib389/lib389/utils.py
- src/plugins/pwdchan/src/lib.rs
- − src/plugins/pwdchan/src/pbkdf2.rs
- − src/plugins/pwdchan/src/pbkdf2_sha1.rs
- − src/plugins/pwdchan/src/pbkdf2_sha256.rs
- − src/plugins/pwdchan/src/pbkdf2_sha512.rs
- src/rewriters/adfilter.c
- src/slapi_r_plugin/src/error.rs
- src/slapi_r_plugin/src/init.c
- src/slapi_r_plugin/src/macros.rs
- src/slapi_r_plugin/src/pblock.rs
The diff was not included because it is too large.
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/-/compare/a618389269c57052cb9583a18e1bab228557871d...aaa48fb153889aa32a97b9bb80b0377152fdd1f8
--
View it on GitLab: https://salsa.debian.org/freeipa-team/389-ds-base/-/compare/a618389269c57052cb9583a18e1bab228557871d...aaa48fb153889aa32a97b9bb80b0377152fdd1f8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-freeipa-devel/attachments/20250410/8e99f5f0/attachment-0001.htm>
More information about the Pkg-freeipa-devel
mailing list