[Pkg-openldap-devel] r1282 - in openldap/trunk: . build contrib/slapd-modules/nssov contrib/slapd-modules/samba4 debian doc/guide/admin doc/man/man5 include libraries/libldap libraries/liblutil servers/slapd servers/slapd/back-bdb servers/slapd/back-dnssrv servers/slapd/back-ldap servers/slapd/back-meta servers/slapd/overlays tests/scripts
matthijs at alioth.debian.org
matthijs at alioth.debian.org
Mon Jul 12 07:03:33 UTC 2010
Author: matthijs
Date: 2010-07-12 07:03:32 +0000 (Mon, 12 Jul 2010)
New Revision: 1282
Added:
openldap/trunk/contrib/slapd-modules/samba4/vernum.c
Modified:
openldap/trunk/CHANGES
openldap/trunk/build/version.var
openldap/trunk/contrib/slapd-modules/nssov/network.c
openldap/trunk/contrib/slapd-modules/samba4/Makefile
openldap/trunk/contrib/slapd-modules/samba4/README
openldap/trunk/debian/changelog
openldap/trunk/debian/rules
openldap/trunk/doc/guide/admin/guide.html
openldap/trunk/doc/man/man5/slapd-config.5
openldap/trunk/include/ldap.h
openldap/trunk/libraries/libldap/cyrus.c
openldap/trunk/libraries/libldap/request.c
openldap/trunk/libraries/libldap/result.c
openldap/trunk/libraries/libldap/unbind.c
openldap/trunk/libraries/liblutil/utils.c
openldap/trunk/servers/slapd/back-bdb/dn2id.c
openldap/trunk/servers/slapd/back-bdb/operational.c
openldap/trunk/servers/slapd/back-dnssrv/config.c
openldap/trunk/servers/slapd/back-dnssrv/init.c
openldap/trunk/servers/slapd/back-ldap/bind.c
openldap/trunk/servers/slapd/back-meta/search.c
openldap/trunk/servers/slapd/backglue.c
openldap/trunk/servers/slapd/dn.c
openldap/trunk/servers/slapd/modrdn.c
openldap/trunk/servers/slapd/overlays/ppolicy.c
openldap/trunk/servers/slapd/overlays/refint.c
openldap/trunk/servers/slapd/overlays/rwm.c
openldap/trunk/servers/slapd/overlays/rwmconf.c
openldap/trunk/servers/slapd/overlays/sssvlv.c
openldap/trunk/servers/slapd/overlays/syncprov.c
openldap/trunk/servers/slapd/overlays/valsort.c
openldap/trunk/servers/slapd/schema_init.c
openldap/trunk/servers/slapd/syncrepl.c
openldap/trunk/tests/scripts/test043-delta-syncrepl
Log:
* New upstream version (2.4.23)
Modified: openldap/trunk/CHANGES
===================================================================
--- openldap/trunk/CHANGES 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/CHANGES 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,28 @@
OpenLDAP 2.4 Change Log
+OpenLDAP 2.4.23 Release (2010/06/30)
+ Fixed libldap to return server's error code (ITS#6569)
+ Fixed libldap memleaks (ITS#6568)
+ Fixed liblutil off-by-one with delta (ITS#6541)
+ Fixed slapd acls with glued databases (ITS#6468)
+ Fixed slapd syncrepl rid logging (ITS#6533)
+ Fixed slapd modrdn handling of invalid values (ITS#6570)
+ Fixed slapd-bdb hasSubordinates computation (ITS#6549)
+ Fixed slapd-bdb to use memcpy instead for strcpy (ITS#6474)
+ Fixed slapd-bdb entry cache delete failure (ITS#6577)
+ Fixed slapd-ldap to return control responses (ITS#6530)
+ Fixed slapo-ppolicy to use Debug (ITS#6566)
+ Fixed slapo-refint to zero out freed DN vals (ITS#6572)
+ Fixed slapo-rwm to use Debug (ITS#6566)
+ Fixed slapo-sssvlv to use Debug (ITS#6566)
+ Fixed slapo-syncprov lost deletes in refresh phase (ITS#6555)
+ Fixed slapo-valsort to use Debug (ITS#6566)
+ Fixed contrib/nssov network.c missing patch (ITS#6562)
+ Build Environment
+ Fixed test043 attribute sorting (ITS#6553)
+ Documentation
+ slapd-config(5) note default rootdn (ITS#6546)
+
OpenLDAP 2.4.22 Release (2010/04/24)
Added slapd SLAP_SCHEMA_EXPOSE flag for hidden schema elements (ITS#6435)
Added slapd tools selective iterations (ITS#6442)
@@ -25,7 +48,7 @@
Fixed slapd sasl auxprop ssf (ITS#5195)
Fixed slapd syncrepl for attributes with no matching rule (ITS#6458)
Fixed slapd syncrepl for unknown attrs and delta-sync (ITS#6473)
- Fixed slapd syncrep loop with moddn (ITS#6472)
+ Fixed slapd syncrepl loop with moddn (ITS#6472)
Fixed slapo-accesslog to not replicate internal purges (ITS#6519)
Fixed slapd-bdb contextCSN updates from updatedn (ITS#6469)
Fixed slapd-bdb lockobj zeroing (ITS#6501)
@@ -49,7 +72,7 @@
Build Environment
Added back-ldif, back-null test support (ITS#5810)
Documentation
- admin24 avoid explicity moduleload statements (ITS#6486)
+ admin24 avoid explicit moduleload statements (ITS#6486)
admin24 broken link fixes (ITS#6493,ITS#6515)
slapd.access(5) val.regex explanation (ITS#5804)
@@ -195,6 +218,8 @@
Documentation
admin24 fix broken link (ITS#6264)
ldap_open(3) document URI (ITS#6261)
+ ldap_set/get_option(3) SASL/TLS options added (ITS#6260)
+ man page format updates (ITS#6023)
OpenLDAP 2.4.17 Release (2009/07/13)
Fixed liblber to use ber_strnlen (ITS#6080)
Modified: openldap/trunk/build/version.var
===================================================================
--- openldap/trunk/build/version.var 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/build/version.var 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
#! /bin/sh
-# $OpenLDAP: pkg/ldap/build/version.var,v 1.9.2.70 2010/04/21 22:53:53 quanah Exp $
+# $OpenLDAP: pkg/ldap/build/version.var,v 1.9.2.73 2010/06/29 15:23:31 kurt Exp $
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2010 The OpenLDAP Foundation.
@@ -15,9 +15,9 @@
ol_package=OpenLDAP
ol_major=2
ol_minor=4
-ol_patch=22
-ol_api_inc=20422
+ol_patch=23
+ol_api_inc=20423
ol_api_current=7
-ol_api_revision=5
+ol_api_revision=6
ol_api_age=5
-ol_release_date="2010/04/24"
+ol_release_date="2010/06/30"
Modified: openldap/trunk/contrib/slapd-modules/nssov/network.c
===================================================================
--- openldap/trunk/contrib/slapd-modules/nssov/network.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/contrib/slapd-modules/nssov/network.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* network.c - network address lookup routines */
-/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/network.c,v 1.1.2.5 2010/04/13 20:22:28 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/nssov/network.c,v 1.1.2.7 2010/05/26 15:21:53 hyc Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2008-2010 The OpenLDAP Foundation.
@@ -91,7 +91,7 @@
addrs = a->a_vals;
numaddr = a->a_numvals;
/* write the entry */
- WRITE_INT32(cbp->fp,NSLCD_RESULT_SUCCESS);
+ WRITE_INT32(cbp->fp,NSLCD_RESULT_BEGIN);
WRITE_BERVAL(cbp->fp,&name);
if ( dupname >= 0 ) {
WRITE_INT32(cbp->fp,numname-1);
@@ -118,7 +118,7 @@
struct berval filter = {sizeof(fbuf)};
filter.bv_val = fbuf;
BER_BVZERO(&cbp.addr);
- READ_STRING_BUF2(fp,cbp.buf,sizeof(cbp.buf));
+ READ_STRING(fp,cbp.buf);
cbp.name.bv_len = tmpint32;
cbp.name.bv_val = cbp.buf;,
Debug(LDAP_DEBUG_TRACE,"nssov_network_byname(%s)\n",cbp.name.bv_val,0,0);,
Modified: openldap/trunk/contrib/slapd-modules/samba4/Makefile
===================================================================
--- openldap/trunk/contrib/slapd-modules/samba4/Makefile 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/contrib/slapd-modules/samba4/Makefile 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-# $OpenLDAP: pkg/ldap/contrib/slapd-modules/samba4/Makefile,v 1.3.2.2 2010/04/21 20:13:22 quanah Exp $
+# $OpenLDAP: pkg/ldap/contrib/slapd-modules/samba4/Makefile,v 1.3.2.3 2010/06/10 17:44:02 quanah Exp $
# This work is part of OpenLDAP Software <http://www.openldap.org/>.
#
# Copyright 1998-2010 The OpenLDAP Foundation.
@@ -20,7 +20,7 @@
OPT=-g -O2
CC=gcc
-DEFS=-DSLAPD_OVER_RDNVAL=2 -DSLAPD_OVER_PGUID=2
+DEFS=-DSLAPD_OVER_RDNVAL=2 -DSLAPD_OVER_PGUID=2 -DSLAPD_OVER_VERNUM=2
LDAP_INC=-I$(LDAP_SRC)/include -I$(LDAP_SRC)/servers/slapd \
-I$(LDAP_BUILD)/include
@@ -37,7 +37,7 @@
libexecdir=$(exec_prefix)/libexec
moduledir = $(libexecdir)$(ldap_subdir)
-PROGRAMS = pguid.la rdnval.la
+PROGRAMS = pguid.la rdnval.la vernum.la
all: $(PROGRAMS)
@@ -55,10 +55,18 @@
$(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \
-rpath $(moduledir) -module -o $@ $? $(LIBS)
+vernum.lo: vernum.c
+ $(LIBTOOL) --mode=compile $(CC) $(OPT) $(DEFS) $(INCS) -c $?
+
+vernum.la: vernum.lo
+ $(LIBTOOL) --mode=link $(CC) $(OPT) -version-info 0:0:0 \
+ -rpath $(moduledir) -module -o $@ $? $(LIBS)
+
clean:
rm -f \
pguid.o pguid.lo pguid.la \
- rdnval.o rdnval.lo rdnval.la
+ rdnval.o rdnval.lo rdnval.la \
+ vernum.o vernum.lo vernum.la
install: $(PROGRAMS)
mkdir -p $(DESTDIR)$(moduledir)
Modified: openldap/trunk/contrib/slapd-modules/samba4/README
===================================================================
--- openldap/trunk/contrib/slapd-modules/samba4/README 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/contrib/slapd-modules/samba4/README 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-# $OpenLDAP: pkg/ldap/contrib/slapd-modules/samba4/README,v 1.2.2.2 2010/04/21 20:13:22 quanah Exp $
+# $OpenLDAP: pkg/ldap/contrib/slapd-modules/samba4/README,v 1.2.2.3 2010/06/10 17:44:02 quanah Exp $
This directory contains slapd overlays specific to samba4 LDAP backend:
@@ -41,14 +41,21 @@
to your slapd configuration file. An instance is required for each database
that needs to maintain this attribute.
-This overlay is only set up to be built as a dynamically loaded module.
-On most platforms, in order for the module to be usable, all of the
+
+ - VERNUM
+
+This overlay increments a counter any time an attribute is modified.
+It is intended to increment the counter 'msDS-KeyVersionNumber' when
+the attribute 'unicodePwd' is modified.
+
+
+These overlays are only set up to be built as a dynamically loaded modules.
+On most platforms, in order for the modules to be usable, all of the
library dependencies must also be available as shared libraries.
-If you need to build the overlay statically, you will have to move it into the
-slapd/overlays directory and edit the Makefile and overlays.c to reference
-it. You will also have to define SLAPD_OVER_SMBK5PWD to SLAPD_MOD_STATIC,
-and add the relevant libraries to the main slapd link command.
+If you need to build the overlays statically, you will have to move them
+into the slapd/overlays directory and edit the Makefile and overlays.c
+to reference them.
---
This work is part of OpenLDAP Software <http://www.openldap.org/>.
Copied: openldap/trunk/contrib/slapd-modules/samba4/vernum.c (from rev 1281, openldap/vendor/openldap-2.4.23/contrib/slapd-modules/samba4/vernum.c)
===================================================================
--- openldap/trunk/contrib/slapd-modules/samba4/vernum.c (rev 0)
+++ openldap/trunk/contrib/slapd-modules/samba4/vernum.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -0,0 +1,459 @@
+/* vernum.c - RDN value overlay */
+/* $OpenLDAP: pkg/ldap/contrib/slapd-modules/samba4/vernum.c,v 1.2.2.2 2010/06/10 17:44:02 quanah Exp $ */
+/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
+ *
+ * Copyright 1998-2009 The OpenLDAP Foundation.
+ * Portions Copyright 2008 Pierangelo Masarati.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted only as authorized by the OpenLDAP
+ * Public License.
+ *
+ * A copy of this license is available in the file LICENSE in the
+ * top-level directory of the distribution or, alternatively, at
+ * <http://www.OpenLDAP.org/license.html>.
+ */
+/* ACKNOWLEDGEMENTS:
+ * This work was initially developed by Pierangelo Masarati
+ * for inclusion in OpenLDAP Software.
+ */
+
+#include "portable.h"
+
+#ifdef SLAPD_OVER_VERNUM
+
+#include <stdio.h>
+
+#include "ac/string.h"
+#include "ac/socket.h"
+
+#include "slap.h"
+#include "config.h"
+
+#include "lutil.h"
+
+/*
+ * Maintain an attribute (e.g. msDS-KeyVersionNumber) that consists
+ * in a counter of modifications of another attribute (e.g. unicodePwd).
+ */
+
+typedef struct vernum_t {
+ AttributeDescription *vn_attr;
+ AttributeDescription *vn_vernum;
+} vernum_t;
+
+static AttributeDescription *ad_msDS_KeyVersionNumber;
+
+static struct berval val_init = BER_BVC( "0" );
+static slap_overinst vernum;
+
+static int
+vernum_op_add( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ vernum_t *vn = (vernum_t *)on->on_bi.bi_private;
+
+ Attribute *a, **ap;
+ int rc;
+
+ /* NOTE: should we accept an entry still in mods format? */
+ assert( op->ora_e != NULL );
+
+ if ( BER_BVISEMPTY( &op->ora_e->e_nname ) ) {
+ return SLAP_CB_CONTINUE;
+ }
+
+ a = attr_find( op->ora_e->e_attrs, vn->vn_attr );
+ if ( a == NULL ) {
+ return SLAP_CB_CONTINUE;
+ }
+
+ if ( attr_find( op->ora_e->e_attrs, vn->vn_vernum ) != NULL ) {
+ /* already present - leave it alone */
+ return SLAP_CB_CONTINUE;
+ }
+
+ a = attr_alloc( vn->vn_vernum );
+
+ value_add_one( &a->a_vals, &val_init );
+ a->a_nvals = a->a_vals;
+ a->a_numvals = 1;
+
+ for ( ap = &op->ora_e->e_attrs; *ap != NULL; ap = &(*ap)->a_next )
+ /* goto tail */ ;
+
+ *ap = a;
+
+ return SLAP_CB_CONTINUE;
+}
+
+static int
+vernum_op_modify( Operation *op, SlapReply *rs )
+{
+ slap_overinst *on = (slap_overinst *) op->o_bd->bd_info;
+ vernum_t *vn = (vernum_t *)on->on_bi.bi_private;
+
+ Modifications *ml, **mlp;
+ struct berval val = BER_BVC( "1" );
+ int rc;
+ unsigned got = 0;
+
+ for ( ml = op->orm_modlist; ml != NULL; ml = ml->sml_next ) {
+ if ( ml->sml_desc == vn->vn_vernum ) {
+ /* already present - leave it alone
+ * (or should we increment it anyway?) */
+ return SLAP_CB_CONTINUE;
+ }
+
+ if ( ml->sml_desc == vn->vn_attr ) {
+ got = 1;
+ }
+ }
+
+ if ( !got ) {
+ return SLAP_CB_CONTINUE;
+ }
+
+ for ( mlp = &op->orm_modlist; *mlp != NULL; mlp = &(*mlp)->sml_next )
+ /* goto tail */ ;
+
+ /* ITS#6561 */
+#ifdef SLAP_MOD_ADD_IF_NOT_PRESENT
+ /* the initial value is only added if the vernum attr is not present */
+ ml = SLAP_CALLOC( sizeof( Modifications ), 1 );
+ ml->sml_values = SLAP_CALLOC( sizeof( struct berval ) , 2 );
+ value_add_one( &ml->sml_values, &val_init );
+ ml->sml_nvalues = NULL;
+ ml->sml_numvals = 1;
+ ml->sml_op = SLAP_MOD_ADD_IF_NOT_PRESENT;
+ ml->sml_flags = SLAP_MOD_INTERNAL;
+ ml->sml_desc = vn->vn_vernum;
+ ml->sml_type = vn->vn_vernum->ad_cname;
+
+ *mlp = ml;
+ mlp = &ml->sml_next;
+#endif /* SLAP_MOD_ADD_IF_NOT_PRESENT */
+
+ /* this increments by 1 the vernum attr */
+ ml = SLAP_CALLOC( sizeof( Modifications ), 1 );
+ ml->sml_values = SLAP_CALLOC( sizeof( struct berval ) , 2 );
+ value_add_one( &ml->sml_values, &val );
+ ml->sml_nvalues = NULL;
+ ml->sml_numvals = 1;
+ ml->sml_op = LDAP_MOD_INCREMENT;
+ ml->sml_flags = SLAP_MOD_INTERNAL;
+ ml->sml_desc = vn->vn_vernum;
+ ml->sml_type = vn->vn_vernum->ad_cname;
+
+ *mlp = ml;
+
+ return SLAP_CB_CONTINUE;
+}
+
+static int
+vernum_db_init(
+ BackendDB *be,
+ ConfigReply *cr)
+{
+ slap_overinst *on = (slap_overinst *) be->bd_info;
+ vernum_t *vn = NULL;
+
+ if ( SLAP_ISGLOBALOVERLAY( be ) ) {
+ Log0( LDAP_DEBUG_ANY, LDAP_LEVEL_ERR,
+ "vernum_db_init: vernum cannot be used as global overlay.\n" );
+ return 1;
+ }
+
+ if ( be->be_nsuffix == NULL ) {
+ Log0( LDAP_DEBUG_ANY, LDAP_LEVEL_ERR,
+ "vernum_db_init: database must have suffix\n" );
+ return 1;
+ }
+
+ if ( BER_BVISNULL( &be->be_rootndn ) || BER_BVISEMPTY( &be->be_rootndn ) ) {
+ Log1( LDAP_DEBUG_ANY, LDAP_LEVEL_ERR,
+ "vernum_db_init: missing rootdn for database DN=\"%s\", YMMV\n",
+ be->be_suffix[ 0 ].bv_val );
+ }
+
+ vn = (vernum_t *)ch_calloc( 1, sizeof( vernum_t ) );
+
+ on->on_bi.bi_private = (void *)vn;
+
+ return 0;
+}
+
+typedef struct vernum_mod_t {
+ struct berval ndn;
+ struct vernum_mod_t *next;
+} vernum_mod_t;
+
+typedef struct {
+ BackendDB *bd;
+ vernum_mod_t *mods;
+} vernum_repair_cb_t;
+
+static int
+vernum_repair_cb( Operation *op, SlapReply *rs )
+{
+ int rc;
+ vernum_repair_cb_t *rcb = op->o_callback->sc_private;
+ vernum_mod_t *mod;
+ ber_len_t len;
+ BackendDB *save_bd = op->o_bd;
+
+ switch ( rs->sr_type ) {
+ case REP_SEARCH:
+ break;
+
+ case REP_SEARCHREF:
+ case REP_RESULT:
+ return rs->sr_err;
+
+ default:
+ assert( 0 );
+ }
+
+ assert( rs->sr_entry != NULL );
+
+ len = sizeof( vernum_mod_t ) + rs->sr_entry->e_nname.bv_len + 1;
+ mod = op->o_tmpalloc( len, op->o_tmpmemctx );
+ mod->ndn.bv_len = rs->sr_entry->e_nname.bv_len;
+ mod->ndn.bv_val = (char *)&mod[1];
+ lutil_strncopy( mod->ndn.bv_val, rs->sr_entry->e_nname.bv_val, rs->sr_entry->e_nname.bv_len );
+
+ mod->next = rcb->mods;
+ rcb->mods = mod;
+
+ Debug( LDAP_DEBUG_TRACE, "%s: vernum_repair_cb: scheduling entry DN=\"%s\" for repair\n",
+ op->o_log_prefix, rs->sr_entry->e_name.bv_val, 0 );
+
+ return 0;
+}
+
+static int
+vernum_repair( BackendDB *be )
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ vernum_t *vn = (vernum_t *)on->on_bi.bi_private;
+ void *ctx = ldap_pvt_thread_pool_context();
+ Connection conn = { 0 };
+ OperationBuffer opbuf;
+ Operation *op;
+ BackendDB db;
+ slap_callback sc = { 0 };
+ vernum_repair_cb_t rcb = { 0 };
+ SlapReply rs = { REP_RESULT };
+ vernum_mod_t *rmod;
+ int nrepaired = 0;
+
+ connection_fake_init2( &conn, &opbuf, ctx, 0 );
+ op = &opbuf.ob_op;
+
+ op->o_tag = LDAP_REQ_SEARCH;
+ memset( &op->oq_search, 0, sizeof( op->oq_search ) );
+
+ assert( !BER_BVISNULL( &be->be_nsuffix[ 0 ] ) );
+
+ op->o_bd = select_backend( &be->be_nsuffix[ 0 ], 0 );
+ assert( op->o_bd != NULL );
+ assert( op->o_bd->be_nsuffix != NULL );
+
+ op->o_req_dn = op->o_bd->be_suffix[ 0 ];
+ op->o_req_ndn = op->o_bd->be_nsuffix[ 0 ];
+
+ op->o_dn = op->o_bd->be_rootdn;
+ op->o_ndn = op->o_bd->be_rootndn;
+
+ op->ors_scope = LDAP_SCOPE_SUBTREE;
+ op->ors_tlimit = SLAP_NO_LIMIT;
+ op->ors_slimit = SLAP_NO_LIMIT;
+ op->ors_attrs = slap_anlist_no_attrs;
+
+ op->ors_filterstr.bv_len = STRLENOF( "(&(=*)(!(=*)))" )
+ + vn->vn_attr->ad_cname.bv_len
+ + vn->vn_vernum->ad_cname.bv_len;
+ op->ors_filterstr.bv_val = op->o_tmpalloc( op->ors_filterstr.bv_len + 1, op->o_tmpmemctx );
+ snprintf( op->ors_filterstr.bv_val, op->ors_filterstr.bv_len + 1,
+ "(&(%s=*)(!(%s=*)))",
+ vn->vn_attr->ad_cname.bv_val,
+ vn->vn_vernum->ad_cname.bv_val );
+
+ op->ors_filter = str2filter_x( op, op->ors_filterstr.bv_val );
+ if ( op->ors_filter == NULL ) {
+ rs.sr_err = LDAP_OTHER;
+ goto done_search;
+ }
+
+ op->o_callback = ≻
+ sc.sc_response = vernum_repair_cb;
+ sc.sc_private = &rcb;
+ rcb.bd = &db;
+ db = *be;
+ db.bd_info = (BackendInfo *)on;
+
+ (void)op->o_bd->bd_info->bi_op_search( op, &rs );
+
+ op->o_tag = LDAP_REQ_MODIFY;
+ sc.sc_response = slap_null_cb;
+ sc.sc_private = NULL;
+ memset( &op->oq_modify, 0, sizeof( req_modify_s ) );
+
+ for ( rmod = rcb.mods; rmod != NULL; ) {
+ vernum_mod_t *rnext;
+ Modifications mod;
+ struct berval vals[2] = { BER_BVNULL };
+ SlapReply rs2 = { REP_RESULT };
+
+ mod.sml_flags = SLAP_MOD_INTERNAL;
+ mod.sml_op = LDAP_MOD_REPLACE;
+ mod.sml_desc = vn->vn_vernum;
+ mod.sml_type = vn->vn_vernum->ad_cname;
+ mod.sml_values = vals;
+ mod.sml_values[0] = val_init;
+ mod.sml_nvalues = NULL;
+ mod.sml_numvals = 1;
+ mod.sml_next = NULL;
+
+ op->o_req_dn = rmod->ndn;
+ op->o_req_ndn = rmod->ndn;
+
+ op->orm_modlist = &mod;
+
+ op->o_bd->be_modify( op, &rs2 );
+
+ slap_mods_free( op->orm_modlist->sml_next, 1 );
+ if ( rs2.sr_err == LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_TRACE, "%s: vernum_repair: entry DN=\"%s\" repaired\n",
+ op->o_log_prefix, rmod->ndn.bv_val, 0 );
+ nrepaired++;
+
+ } else {
+ Debug( LDAP_DEBUG_ANY, "%s: vernum_repair: entry DN=\"%s\" repair failed (%d)\n",
+ op->o_log_prefix, rmod->ndn.bv_val, rs2.sr_err );
+ }
+
+ rnext = rmod->next;
+ op->o_tmpfree( rmod, op->o_tmpmemctx );
+ rmod = rnext;
+ }
+
+done_search:;
+ op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx );
+ filter_free_x( op, op->ors_filter, 1 );
+
+ Log1( LDAP_DEBUG_STATS, LDAP_LEVEL_INFO,
+ "vernum: repaired=%d\n", nrepaired );
+
+ return 0;
+}
+
+static int
+vernum_db_open(
+ BackendDB *be,
+ ConfigReply *cr )
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ vernum_t *vn = (vernum_t *)on->on_bi.bi_private;
+
+ if ( SLAP_SINGLE_SHADOW( be ) ) {
+ Log1( LDAP_DEBUG_ANY, LDAP_LEVEL_ERR,
+ "vernum incompatible with shadow database \"%s\".\n",
+ be->be_suffix[ 0 ].bv_val );
+ return 1;
+ }
+
+ /* default: unicodePwd & msDS-KeyVersionNumber */
+ if ( vn->vn_attr == NULL ) {
+ const char *text = NULL;
+ int rc;
+
+ rc = slap_str2ad( "unicodePwd", &vn->vn_attr, &text );
+ if ( rc != LDAP_SUCCESS ) {
+ Debug( LDAP_DEBUG_ANY, "vernum: unable to find attribute 'unicodePwd' (%d: %s)\n",
+ rc, text, 0 );
+ return 1;
+ }
+
+ vn->vn_vernum = ad_msDS_KeyVersionNumber;
+ }
+
+ return vernum_repair( be );
+}
+
+static int
+vernum_db_destroy(
+ BackendDB *be,
+ ConfigReply *cr )
+{
+ slap_overinst *on = (slap_overinst *)be->bd_info;
+ vernum_t *vn = (vernum_t *)on->on_bi.bi_private;
+
+ if ( vn ) {
+ ch_free( vn );
+ on->on_bi.bi_private = NULL;
+ }
+
+ return 0;
+}
+
+static struct {
+ char *desc;
+ AttributeDescription **adp;
+} as[] = {
+ { "( 1.2.840.113556.1.4.1782 "
+ "NAME 'msDS-KeyVersionNumber' "
+ "DESC 'in the original specification the syntax is 2.5.5.9' "
+ "SYNTAX '1.3.6.1.4.1.1466.115.121.1.27' "
+ "EQUALITY integerMatch "
+ "SINGLE-VALUE "
+ "USAGE dSAOperation "
+ "NO-USER-MODIFICATION "
+ ")",
+ &ad_msDS_KeyVersionNumber },
+ { NULL }
+};
+
+int
+vernum_initialize(void)
+{
+ int code, i;
+
+ for ( i = 0; as[ i ].desc != NULL; i++ ) {
+ code = register_at( as[ i ].desc, as[ i ].adp, 0 );
+ if ( code ) {
+ Debug( LDAP_DEBUG_ANY,
+ "vernum_initialize: register_at #%d failed\n",
+ i, 0, 0 );
+ return code;
+ }
+
+ /* Allow Manager to set these as needed */
+ if ( is_at_no_user_mod( (*as[ i ].adp)->ad_type ) ) {
+ (*as[ i ].adp)->ad_type->sat_flags |=
+ SLAP_AT_MANAGEABLE;
+ }
+ }
+
+ vernum.on_bi.bi_type = "vernum";
+
+ vernum.on_bi.bi_op_add = vernum_op_add;
+ vernum.on_bi.bi_op_modify = vernum_op_modify;
+
+ vernum.on_bi.bi_db_init = vernum_db_init;
+ vernum.on_bi.bi_db_open = vernum_db_open;
+ vernum.on_bi.bi_db_destroy = vernum_db_destroy;
+
+ return overlay_register( &vernum );
+}
+
+#if SLAPD_OVER_VERNUM == SLAPD_MOD_DYNAMIC
+int
+init_module( int argc, char *argv[] )
+{
+ return vernum_initialize();
+}
+#endif /* SLAPD_OVER_VERNUM == SLAPD_MOD_DYNAMIC */
+
+#endif /* SLAPD_OVER_VERNUM */
Modified: openldap/trunk/debian/changelog
===================================================================
--- openldap/trunk/debian/changelog 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/debian/changelog 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-openldap (2.4.22-1) unstable; urgency=low
+openldap (2.4.23-1) unstable; urgency=low
* New upstream version
* Change to build dependency libdb4.8-dev instead of libdb4.7-dev
@@ -8,7 +8,7 @@
* Updated german translation thanks Helge Kreutzmann (Closes: #579582)
* Fix bashisms in debian/rules (Closes: #581454)
- -- Matthijs Mohlmann <matthijs at cacholong.nl> Fri, 21 May 2010 08:50:50 +0200
+ -- Matthijs Mohlmann <matthijs at cacholong.nl> Mon, 12 Jul 2010 08:33:50 +0200
openldap (2.4.21-1) unstable; urgency=low
Modified: openldap/trunk/debian/rules
===================================================================
--- openldap/trunk/debian/rules 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/debian/rules 2010-07-12 07:03:32 UTC (rev 1282)
@@ -42,7 +42,7 @@
# These variables are used only by get-orig-source, which will normally only
# be run by maintainers.
-VERSION = 2.4.22
+VERSION = 2.4.23
URL = http://www.openldap.org/software/download/OpenLDAP/openldap-release/
# Download the upstream source and make changes as required for DFSG reasons.
Modified: openldap/trunk/doc/guide/admin/guide.html
===================================================================
--- openldap/trunk/doc/guide/admin/guide.html 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/doc/guide/admin/guide.html 2010-07-12 07:03:32 UTC (rev 1282)
@@ -23,7 +23,7 @@
<DIV CLASS="title">
<H1 CLASS="doc-title">OpenLDAP Software 2.4 Administrator's Guide</H1>
<ADDRESS CLASS="doc-author">The OpenLDAP Project <<A HREF="http://www.openldap.org/">http://www.openldap.org/</A>></ADDRESS>
-<ADDRESS CLASS="doc-modified">24 April 2010</ADDRESS>
+<ADDRESS CLASS="doc-modified">29 June 2010</ADDRESS>
<BR CLEAR="All">
</DIV>
<DIV CLASS="contents">
Modified: openldap/trunk/doc/man/man5/slapd-config.5
===================================================================
--- openldap/trunk/doc/man/man5/slapd-config.5 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/doc/man/man5/slapd-config.5 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,7 +1,7 @@
.TH SLAPD-CONFIG 5 "RELEASEDATE" "OpenLDAP LDVERSION"
.\" Copyright 1998-2010 The OpenLDAP Foundation All Rights Reserved.
.\" Copying restrictions apply. See COPYRIGHT/LICENSE.
-.\" $OpenLDAP: pkg/ldap/doc/man/man5/slapd-config.5,v 1.13.2.25 2010/04/16 18:05:07 quanah Exp $
+.\" $OpenLDAP: pkg/ldap/doc/man/man5/slapd-config.5,v 1.13.2.26 2010/06/10 17:17:53 quanah Exp $
.SH NAME
slapd\-config \- configuration backend to slapd
.SH SYNOPSIS
@@ -1552,6 +1552,13 @@
may also be provided using the
.B olcRootPW
directive. Note that the rootdn is always needed when using syncrepl.
+The
+.B olcRootDN
+of the
+.B cn=config
+database defaults to
+.B cn=config
+itself.
.TP
.B olcRootPW: <password>
Specify a password (or hash of the password) for the rootdn. The
Modified: openldap/trunk/include/ldap.h
===================================================================
--- openldap/trunk/include/ldap.h 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/include/ldap.h 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/include/ldap.h,v 1.312.2.24 2010/04/13 20:22:47 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/include/ldap.h,v 1.312.2.25 2010/06/10 18:48:36 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -187,6 +187,7 @@
#define LDAP_OPT_X_SASL_MECHLIST 0x610a /* read-only */
#define LDAP_OPT_X_SASL_NOCANON 0x610b
#define LDAP_OPT_X_SASL_USERNAME 0x610c /* read-only */
+#define LDAP_OPT_X_SASL_GSS_CREDS 0x610d
/* OpenLDAP GSSAPI options */
#define LDAP_OPT_X_GSSAPI_DO_NOT_FREE_CONTEXT 0x6200
Modified: openldap/trunk/libraries/libldap/cyrus.c
===================================================================
--- openldap/trunk/libraries/libldap/cyrus.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/libraries/libldap/cyrus.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/libldap/cyrus.c,v 1.133.2.16 2010/04/13 20:22:56 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/libldap/cyrus.c,v 1.133.2.18 2010/06/12 22:06:11 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -1042,6 +1042,25 @@
/* this option is write only */
return -1;
+#ifdef SASL_GSS_CREDS
+ case LDAP_OPT_X_SASL_GSS_CREDS: {
+ sasl_conn_t *ctx;
+ int sc;
+
+ if ( ld->ld_defconn == NULL )
+ return -1;
+
+ ctx = ld->ld_defconn->lconn_sasl_authctx;
+ if ( ctx == NULL )
+ return -1;
+
+ sc = sasl_getprop( ctx, SASL_GSS_CREDS, arg );
+ if ( sc != SASL_OK )
+ return -1;
+ }
+ break;
+#endif
+
default:
return -1;
}
@@ -1124,6 +1143,25 @@
return sc == LDAP_SUCCESS ? 0 : -1;
}
+#ifdef SASL_GSS_CREDS
+ case LDAP_OPT_X_SASL_GSS_CREDS: {
+ sasl_conn_t *ctx;
+ int sc;
+
+ if ( ld->ld_defconn == NULL )
+ return -1;
+
+ ctx = ld->ld_defconn->lconn_sasl_authctx;
+ if ( ctx == NULL )
+ return -1;
+
+ sc = sasl_setprop( ctx, SASL_GSS_CREDS, arg );
+ if ( sc != SASL_OK )
+ return -1;
+ }
+ break;
+#endif
+
default:
return -1;
}
Modified: openldap/trunk/libraries/libldap/request.c
===================================================================
--- openldap/trunk/libraries/libldap/request.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/libraries/libldap/request.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/libldap/request.c,v 1.125.2.16 2010/04/13 20:22:59 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/libldap/request.c,v 1.125.2.17 2010/06/10 17:39:48 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -124,10 +124,14 @@
if (ld->ld_options.ldo_cldapdn)
ldap_memfree(ld->ld_options.ldo_cldapdn);
ld->ld_options.ldo_cldapdn = ldap_strdup(dn);
+ ber_free( ber, 1 );
return 0;
}
if (msgtype != LDAP_REQ_ABANDON && msgtype != LDAP_REQ_SEARCH)
+ {
+ ber_free( ber, 1 );
return LDAP_PARAM_ERROR;
+ }
}
#endif
#ifdef LDAP_R_COMPILE
Modified: openldap/trunk/libraries/libldap/result.c
===================================================================
--- openldap/trunk/libraries/libldap/result.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/libraries/libldap/result.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* result.c - wait for an ldap result */
-/* $OpenLDAP: pkg/ldap/libraries/libldap/result.c,v 1.124.2.22 2010/04/15 23:59:41 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/libldap/result.c,v 1.124.2.23 2010/06/10 17:41:05 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -994,6 +994,7 @@
/* need to return -1, because otherwise
* a valid result is expected */
+ ld->ld_errno = lderr;
return -1;
}
}
Modified: openldap/trunk/libraries/libldap/unbind.c
===================================================================
--- openldap/trunk/libraries/libldap/unbind.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/libraries/libldap/unbind.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/libldap/unbind.c,v 1.56.2.7 2010/04/13 20:23:01 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/libldap/unbind.c,v 1.56.2.8 2010/06/10 17:39:48 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -154,6 +154,11 @@
LDAP_FREE( ld->ld_options.ldo_peer );
ld->ld_options.ldo_peer = NULL;
}
+
+ if ( ld->ld_options.ldo_cldapdn != NULL ) {
+ LDAP_FREE( ld->ld_options.ldo_cldapdn );
+ ld->ld_options.ldo_cldapdn = NULL;
+ }
#endif
#ifdef HAVE_CYRUS_SASL
Modified: openldap/trunk/libraries/liblutil/utils.c
===================================================================
--- openldap/trunk/libraries/liblutil/utils.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/libraries/liblutil/utils.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/libraries/liblutil/utils.c,v 1.33.2.28 2010/04/19 16:53:01 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/libraries/liblutil/utils.c,v 1.33.2.29 2010/06/10 17:23:20 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -147,7 +147,7 @@
snprintf( p, smax - 15, "%02ld%02ld", delta / 3600,
( delta % 3600 ) / 60 );
- return ret + 5;
+ return ret + 4;
}
int lutil_tm2time( struct lutil_tm *tm, struct lutil_timet *tt )
Modified: openldap/trunk/servers/slapd/back-bdb/dn2id.c
===================================================================
--- openldap/trunk/servers/slapd/back-bdb/dn2id.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/back-bdb/dn2id.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* dn2id.c - routines to deal with the dn2id index */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-bdb/dn2id.c,v 1.137.2.21 2010/04/13 20:23:24 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-bdb/dn2id.c,v 1.137.2.23 2010/06/23 15:57:26 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2000-2010 The OpenLDAP Foundation.
@@ -23,7 +23,6 @@
#include "idl.h"
#include "lutil.h"
-#if 0
#define bdb_dn2id_lock BDB_SYMBOL(dn2id_lock)
static int
@@ -49,9 +48,6 @@
&lockobj, db_rw, lock);
return rc;
}
-#else
-#define bdb_dn2id_lock(a,b,c,d,e) 0
-#endif
#ifndef BDB_HIER
int
@@ -680,7 +676,7 @@
d->nrdnlen[0] = (BEI(e)->bei_nrdn.bv_len >> 8) | 0x80;
dlen[0] = d->nrdnlen[0];
dlen[1] = d->nrdnlen[1];
- strcpy( d->nrdn, BEI(e)->bei_nrdn.bv_val );
+ memcpy( d->nrdn, BEI(e)->bei_nrdn.bv_val, BEI(e)->bei_nrdn.bv_len+1 );
data.data = d;
rc = db->cursor( db, txn, &cursor, bdb->bi_db_opflags );
Modified: openldap/trunk/servers/slapd/back-bdb/operational.c
===================================================================
--- openldap/trunk/servers/slapd/back-bdb/operational.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/back-bdb/operational.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* operational.c - bdb backend operational attributes function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-bdb/operational.c,v 1.29.2.6 2010/04/13 20:23:25 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-bdb/operational.c,v 1.29.2.7 2010/06/10 17:25:02 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2000-2010 The OpenLDAP Foundation.
@@ -39,6 +39,7 @@
OpExtra *oex;
DB_TXN *rtxn;
int rc;
+ int release = 0;
assert( e != NULL );
@@ -48,7 +49,18 @@
* let's disable the hasSubordinate feature for back-relay.
*/
if ( BEI( e ) == NULL ) {
- return LDAP_OTHER;
+ Entry *ee = NULL;
+ rc = be_entry_get_rw( op, &e->e_nname, NULL, NULL, 0, &ee );
+ if ( rc != LDAP_SUCCESS || ee == NULL ) {
+ rc = LDAP_OTHER;
+ goto done;
+ }
+ e = ee;
+ release = 1;
+ if ( BEI( ee ) == NULL ) {
+ rc = LDAP_OTHER;
+ goto done;
+ }
}
/* Check for a txn in a parent op, otherwise use reader txn */
@@ -61,7 +73,10 @@
rtxn = opinfo->boi_txn;
} else {
rc = bdb_reader_get(op, bdb->bi_dbenv, &rtxn);
- if ( rc ) return LDAP_OTHER;
+ if ( rc ) {
+ rc = LDAP_OTHER;
+ goto done;
+ }
}
retry:
@@ -92,6 +107,8 @@
rc = LDAP_OTHER;
}
+done:;
+ if ( release && e != NULL ) be_entry_release_r( op, e );
return rc;
}
Modified: openldap/trunk/servers/slapd/back-dnssrv/config.c
===================================================================
--- openldap/trunk/servers/slapd/back-dnssrv/config.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/back-dnssrv/config.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* config.c - DNS SRV backend configuration file routine */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-dnssrv/config.c,v 1.16.2.5 2010/04/13 20:23:26 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-dnssrv/config.c,v 1.16.2.6 2010/06/17 20:09:16 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2000-2010 The OpenLDAP Foundation.
@@ -29,6 +29,7 @@
#include "slap.h"
#include "proto-dnssrv.h"
+#if 0
int
dnssrv_back_db_config(
BackendDB *be,
@@ -50,3 +51,4 @@
/* no configuration options (yet) */
return SLAP_CONF_UNKNOWN;
}
+#endif
Modified: openldap/trunk/servers/slapd/back-dnssrv/init.c
===================================================================
--- openldap/trunk/servers/slapd/back-dnssrv/init.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/back-dnssrv/init.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* init.c - initialize ldap backend */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-dnssrv/init.c,v 1.29.2.6 2010/04/13 20:23:26 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-dnssrv/init.c,v 1.29.2.7 2010/06/17 20:09:16 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2000-2010 The OpenLDAP Foundation.
@@ -49,7 +49,7 @@
bi->bi_db_init = 0;
bi->bi_db_destroy = 0;
- bi->bi_db_config = dnssrv_back_db_config;
+ bi->bi_db_config = 0 /* dnssrv_back_db_config */;
bi->bi_db_open = 0;
bi->bi_db_close = 0;
Modified: openldap/trunk/servers/slapd/back-ldap/bind.c
===================================================================
--- openldap/trunk/servers/slapd/back-ldap/bind.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/back-ldap/bind.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* bind.c - ldap backend bind function */
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/bind.c,v 1.162.2.28 2010/04/19 19:28:15 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-ldap/bind.c,v 1.162.2.29 2010/06/10 19:38:49 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2010 The OpenLDAP Foundation.
@@ -1886,19 +1886,12 @@
send_ldap_result( op, rs );
}
- if ( match ) {
- if ( rs->sr_matched != match ) {
- free( (char *)rs->sr_matched );
- }
- rs->sr_matched = NULL;
- ldap_memfree( match );
- }
-
if ( text ) {
ldap_memfree( text );
}
rs->sr_text = NULL;
+ /* there can't be refs with a (successful) bind */
if ( rs->sr_ref ) {
op->o_tmpfree( rs->sr_ref, op->o_tmpmemctx );
rs->sr_ref = NULL;
@@ -1908,10 +1901,50 @@
ber_memvfree( (void **)refs );
}
- if ( ctrls ) {
- assert( rs->sr_ctrls != NULL );
+ /* match should not be possible with a successful bind */
+ if ( match ) {
+ if ( rs->sr_matched != match ) {
+ free( (char *)rs->sr_matched );
+ }
+ rs->sr_matched = NULL;
+ ldap_memfree( match );
+ }
+
+ if ( ctrls != NULL ) {
+ if ( op->o_tag == LDAP_REQ_BIND && rs->sr_err == LDAP_SUCCESS ) {
+ int i;
+
+ for ( i = 0; ctrls[i] != NULL; i++ );
+
+ rs->sr_ctrls = op->o_tmpalloc( sizeof( LDAPControl * )*( i + 1 ),
+ op->o_tmpmemctx );
+ for ( i = 0; ctrls[ i ] != NULL; i++ ) {
+ char *ptr;
+ ber_len_t oidlen = strlen( ctrls[i]->ldctl_oid );
+ ber_len_t size = sizeof( LDAPControl )
+ + oidlen + 1
+ + ctrls[i]->ldctl_value.bv_len + 1;
+
+ rs->sr_ctrls[ i ] = op->o_tmpalloc( size, op->o_tmpmemctx );
+ rs->sr_ctrls[ i ]->ldctl_oid = (char *)&rs->sr_ctrls[ i ][ 1 ];
+ lutil_strcopy( rs->sr_ctrls[ i ]->ldctl_oid, ctrls[i]->ldctl_oid );
+ rs->sr_ctrls[ i ]->ldctl_value.bv_val
+ = (char *)&rs->sr_ctrls[ i ]->ldctl_oid[oidlen + 1];
+ rs->sr_ctrls[ i ]->ldctl_value.bv_len
+ = ctrls[i]->ldctl_value.bv_len;
+ ptr = lutil_memcopy( rs->sr_ctrls[ i ]->ldctl_value.bv_val,
+ ctrls[i]->ldctl_value.bv_val, ctrls[i]->ldctl_value.bv_len );
+ *ptr = '\0';
+ }
+ rs->sr_ctrls[ i ] = NULL;
+ rs->sr_flags |= REP_CTRLS_MUSTBEFREED;
+
+ } else {
+ assert( rs->sr_ctrls != NULL );
+ rs->sr_ctrls = NULL;
+ }
+
ldap_controls_free( ctrls );
- rs->sr_ctrls = NULL;
}
return( LDAP_ERR_OK( rs->sr_err ) ? LDAP_SUCCESS : rs->sr_err );
Modified: openldap/trunk/servers/slapd/back-meta/search.c
===================================================================
--- openldap/trunk/servers/slapd/back-meta/search.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/back-meta/search.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/back-meta/search.c,v 1.146.2.26 2010/04/15 22:22:28 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/back-meta/search.c,v 1.146.2.27 2010/06/10 17:26:51 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2010 The OpenLDAP Foundation.
@@ -232,6 +232,21 @@
assert( msc->msc_ld != NULL );
+ if ( !BER_BVISEMPTY( &binddn ) && BER_BVISEMPTY( &cred ) ) {
+ /* bind anonymously? */
+ Debug( LDAP_DEBUG_ANY, "%s meta_search_dobind_init[%d] mc=%p: "
+ "non-empty dn with empty cred; binding anonymously\n",
+ op->o_log_prefix, candidate, (void *)mc );
+ cred = slap_empty_bv;
+
+ } else if ( BER_BVISEMPTY( &binddn ) && !BER_BVISEMPTY( &cred ) ) {
+ /* error */
+ Debug( LDAP_DEBUG_ANY, "%s meta_search_dobind_init[%d] mc=%p: "
+ "empty dn with non-empty cred: error\n",
+ op->o_log_prefix, candidate, (void *)mc );
+ goto other;
+ }
+
/* connect must be async only the first time... */
ldap_set_option( msc->msc_ld, LDAP_OPT_CONNECT_ASYNC, LDAP_OPT_ON );
Modified: openldap/trunk/servers/slapd/backglue.c
===================================================================
--- openldap/trunk/servers/slapd/backglue.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/backglue.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* backglue.c - backend glue */
-/* $OpenLDAP: pkg/ldap/servers/slapd/backglue.c,v 1.112.2.24 2010/04/15 20:15:19 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/backglue.c,v 1.112.2.25 2010/06/10 19:33:40 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2001-2010 The OpenLDAP Foundation.
@@ -1472,6 +1472,29 @@
return rc;
}
+static int
+glue_access_allowed(
+ Operation *op,
+ Entry *e,
+ AttributeDescription *desc,
+ struct berval *val,
+ slap_access_t access,
+ AccessControlState *state,
+ slap_mask_t *maskp )
+{
+ BackendDB *b0, *be = glue_back_select( op->o_bd, &e->e_nname );
+ int rc;
+
+ if ( be == NULL || be == op->o_bd || be->bd_info->bi_access_allowed == NULL )
+ return SLAP_CB_CONTINUE;
+
+ b0 = op->o_bd;
+ op->o_bd = be;
+ rc = be->bd_info->bi_access_allowed ( op, e, desc, val, access, state, maskp );
+ op->o_bd = b0;
+ return rc;
+}
+
int
glue_sub_init()
{
@@ -1492,6 +1515,7 @@
glue.on_bi.bi_chk_controls = glue_chk_controls;
glue.on_bi.bi_entry_get_rw = glue_entry_get_rw;
glue.on_bi.bi_entry_release_rw = glue_entry_release_rw;
+ glue.on_bi.bi_access_allowed = glue_access_allowed;
glue.on_response = glue_response;
Modified: openldap/trunk/servers/slapd/dn.c
===================================================================
--- openldap/trunk/servers/slapd/dn.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/dn.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* dn.c - routines for dealing with distinguished names */
-/* $OpenLDAP: pkg/ldap/servers/slapd/dn.c,v 1.182.2.15 2010/04/13 20:23:14 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/dn.c,v 1.182.2.16 2010/06/10 17:48:06 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -302,16 +302,13 @@
ava->la_attr = ad->ad_cname;
if( ava->la_flags & LDAP_AVA_BINARY ) {
- if( ava->la_value.bv_len == 0 ) {
- /* BER encoding is empty */
- return LDAP_INVALID_SYNTAX;
- }
+ /* AVA is binary encoded, not supported */
+ return LDAP_INVALID_SYNTAX;
/* Do not allow X-ORDERED 'VALUES' naming attributes */
} else if( ad->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
return LDAP_INVALID_SYNTAX;
- /* AVA is binary encoded, don't muck with it */
} else if( flags & SLAP_LDAPDN_PRETTY ) {
transf = ad->ad_type->sat_syntax->ssyn_pretty;
if( !transf ) {
@@ -379,6 +376,10 @@
ava->la_value = bv;
ava->la_flags |= LDAP_AVA_FREE_VALUE;
}
+ /* reject empty values */
+ if (!ava->la_value.bv_len) {
+ return LDAP_INVALID_SYNTAX;
+ }
}
rc = LDAP_SUCCESS;
Modified: openldap/trunk/servers/slapd/modrdn.c
===================================================================
--- openldap/trunk/servers/slapd/modrdn.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/modrdn.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/modrdn.c,v 1.170.2.7 2010/04/13 20:23:16 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/modrdn.c,v 1.170.2.8 2010/06/10 17:48:07 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -445,12 +445,19 @@
mod_tmp->sml_values[1].bv_val = NULL;
if( desc->ad_type->sat_equality->smr_normalize) {
mod_tmp->sml_nvalues = ( BerVarray )ch_malloc( 2 * sizeof( struct berval ) );
- (void) (*desc->ad_type->sat_equality->smr_normalize)(
+ rs->sr_err = desc->ad_type->sat_equality->smr_normalize(
SLAP_MR_EQUALITY|SLAP_MR_VALUE_OF_ASSERTION_SYNTAX,
desc->ad_type->sat_syntax,
desc->ad_type->sat_equality,
&mod_tmp->sml_values[0],
&mod_tmp->sml_nvalues[0], NULL );
+ if (rs->sr_err != LDAP_SUCCESS) {
+ ch_free(mod_tmp->sml_nvalues);
+ ch_free(mod_tmp->sml_values[0].bv_val);
+ ch_free(mod_tmp->sml_values);
+ ch_free(mod_tmp);
+ goto done;
+ }
mod_tmp->sml_nvalues[1].bv_val = NULL;
} else {
mod_tmp->sml_nvalues = NULL;
Modified: openldap/trunk/servers/slapd/overlays/ppolicy.c
===================================================================
--- openldap/trunk/servers/slapd/overlays/ppolicy.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/overlays/ppolicy.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/ppolicy.c,v 1.75.2.30 2010/04/19 19:43:21 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/ppolicy.c,v 1.75.2.31 2010/06/10 17:37:40 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2004-2010 The OpenLDAP Foundation.
@@ -2230,7 +2230,7 @@
if ( cr ){
snprintf( cr->msg, sizeof(cr->msg),
"slapo-ppolicy cannot be global" );
- fprintf( stderr, "%s\n", cr->msg );
+ Debug( LDAP_DEBUG_ANY, "%s\n", cr->msg, 0, 0 );
}
return 1;
}
@@ -2247,7 +2247,7 @@
snprintf( cr->msg, sizeof(cr->msg),
"User Schema load failed for attribute \"%s\". Error code %d: %s",
pwd_UsSchema[i].def, code, err );
- fprintf( stderr, "%s\n", cr->msg );
+ Debug( LDAP_DEBUG_ANY, "%s\n", cr->msg, 0, 0 );
}
return code;
}
@@ -2340,7 +2340,7 @@
SLAP_CTRL_ADD|SLAP_CTRL_BIND|SLAP_CTRL_MODIFY|SLAP_CTRL_HIDE, extops,
ppolicy_parseCtrl, &ppolicy_cid );
if ( code != LDAP_SUCCESS ) {
- fprintf( stderr, "Failed to register control %d\n", code );
+ Debug( LDAP_DEBUG_ANY, "Failed to register control %d\n", code, 0, 0 );
return code;
}
Modified: openldap/trunk/servers/slapd/overlays/refint.c
===================================================================
--- openldap/trunk/servers/slapd/overlays/refint.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/overlays/refint.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* refint.c - referential integrity module */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/refint.c,v 1.19.2.13 2010/04/13 20:23:45 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/refint.c,v 1.19.2.15 2010/06/17 20:08:31 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2004-2010 The OpenLDAP Foundation.
@@ -76,7 +76,6 @@
} refint_q;
typedef struct refint_data_s {
- const char *message; /* breadcrumbs */
struct refint_attrs_s *attrs; /* list of known attrs */
BerValue dn; /* basedn in parent, */
BerValue nothing; /* the nothing value, if needed */
@@ -210,21 +209,17 @@
rc = 0;
break;
case REFINT_NOTHING:
- if ( dd->nothing.bv_val )
- ber_memfree ( dd->nothing.bv_val );
- if ( dd->nnothing.bv_val )
- ber_memfree ( dd->nnothing.bv_val );
- dd->nothing.bv_len = 0;
- dd->nnothing.bv_len = 0;
+ ch_free( dd->nothing.bv_val );
+ ch_free( dd->nnothing.bv_val );
+ BER_BVZERO( &dd->nothing );
+ BER_BVZERO( &dd->nnothing );
rc = 0;
break;
case REFINT_MODIFIERSNAME:
- if ( dd->refint_dn.bv_val )
- ber_memfree ( dd->refint_dn.bv_val );
- if ( dd->refint_ndn.bv_val )
- ber_memfree ( dd->refint_ndn.bv_val );
- dd->refint_dn.bv_len = 0;
- dd->refint_ndn.bv_len = 0;
+ ch_free( dd->refint_dn.bv_val );
+ ch_free( dd->refint_ndn.bv_val );
+ BER_BVZERO( &dd->refint_dn );
+ BER_BVZERO( &dd->refint_ndn );
rc = 0;
break;
default:
@@ -256,22 +251,26 @@
}
break;
case REFINT_NOTHING:
- if ( dd->nothing.bv_val )
- ber_memfree ( dd->nothing.bv_val );
- if ( dd->nnothing.bv_val )
- ber_memfree ( dd->nnothing.bv_val );
- dd->nothing = c->value_dn;
- dd->nnothing = c->value_ndn;
- rc = 0;
+ if ( !BER_BVISNULL( &c->value_ndn )) {
+ ch_free ( dd->nothing.bv_val );
+ ch_free ( dd->nnothing.bv_val );
+ dd->nothing = c->value_dn;
+ dd->nnothing = c->value_ndn;
+ rc = 0;
+ } else {
+ rc = ARG_BAD_CONF;
+ }
break;
case REFINT_MODIFIERSNAME:
- if ( dd->refint_dn.bv_val )
- ber_memfree ( dd->refint_dn.bv_val );
- if ( dd->refint_ndn.bv_val )
- ber_memfree ( dd->refint_ndn.bv_val );
- dd->refint_dn = c->value_dn;
- dd->refint_ndn = c->value_ndn;
- rc = 0;
+ if ( !BER_BVISNULL( &c->value_ndn )) {
+ ch_free( dd->refint_dn.bv_val );
+ ch_free( dd->refint_ndn.bv_val );
+ dd->refint_dn = c->value_dn;
+ dd->refint_ndn = c->value_ndn;
+ rc = 0;
+ } else {
+ rc = ARG_BAD_CONF;
+ }
break;
default:
abort ();
@@ -299,7 +298,6 @@
slap_overinst *on = (slap_overinst *)be->bd_info;
refint_data *id = ch_calloc(1,sizeof(refint_data));
- id->message = "_init";
on->on_bi.bi_private = id;
ldap_pvt_thread_mutex_init( &id->qmutex );
return(0);
@@ -335,7 +333,6 @@
{
slap_overinst *on = (slap_overinst *)be->bd_info;
refint_data *id = on->on_bi.bi_private;
- id->message = "_open";
if ( BER_BVISNULL( &id->dn )) {
if ( BER_BVISNULL( &be->be_nsuffix[0] ))
@@ -354,7 +351,6 @@
** foreach configured attribute:
** free it;
** free our basedn;
-** (do not) free id->message;
** reset on_bi.bi_private;
** free our config data;
**
@@ -369,7 +365,6 @@
slap_overinst *on = (slap_overinst *) be->bd_info;
refint_data *id = on->on_bi.bi_private;
refint_attrs *ii, *ij;
- id->message = "_close";
for(ii = id->attrs; ii; ii = ij) {
ij = ii->next;
@@ -870,8 +865,6 @@
BackendDB *db = NULL;
refint_attrs *ip;
- id->message = "_refint_response";
-
/* If the main op failed or is not a Delete or ModRdn, ignore it */
if (( op->o_tag != LDAP_REQ_DELETE && op->o_tag != LDAP_REQ_MODRDN ) ||
rs->sr_err != LDAP_SUCCESS )
Modified: openldap/trunk/servers/slapd/overlays/rwm.c
===================================================================
--- openldap/trunk/servers/slapd/overlays/rwm.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/overlays/rwm.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* rwm.c - rewrite/remap operations */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwm.c,v 1.70.2.35 2010/04/19 19:32:31 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwm.c,v 1.70.2.36 2010/06/10 17:37:40 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2003-2010 The OpenLDAP Foundation.
@@ -122,7 +122,7 @@
#if 0
ldap_pvt_thread_mutex_lock( &op->o_conn->c_mutex );
/* too late, c_mutex released */
- fprintf( stderr, "*** DN: \"%s\" => \"%s\"\n",
+ Debug( LDAP_DEBUG_ANY, "*** DN: \"%s\" => \"%s\"\n",
op->o_conn->c_ndn.bv_val,
op->o_req_ndn.bv_val );
ber_bvreplace( &op->o_conn->c_ndn,
@@ -1626,12 +1626,12 @@
*/
if ( argc == 2 ) {
if ( be->be_suffix == NULL ) {
- fprintf( stderr, "%s: line %d: "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: "
" \"suffixMassage [<suffix>]"
" <massaged suffix>\" without "
"<suffix> part requires database "
"suffix be defined first.\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
bvnc = be->be_suffix[ 0 ];
@@ -1642,22 +1642,22 @@
massaged = 2;
} else {
- fprintf( stderr, "%s: line %d: syntax is"
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: syntax is"
" \"suffixMassage [<suffix>]"
" <massaged suffix>\"\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
if ( dnPrettyNormal( NULL, &bvnc, &pvnc, &nvnc, NULL ) != LDAP_SUCCESS ) {
- fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: suffix DN %s is invalid\n",
fname, lineno, bvnc.bv_val );
return 1;
}
ber_str2bv( argv[ massaged ], 0, 0, &brnc );
if ( dnPrettyNormal( NULL, &brnc, &prnc, &nrnc, NULL ) != LDAP_SUCCESS ) {
- fprintf( stderr, "%s: line %d: suffix DN %s is invalid\n",
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: suffix DN %s is invalid\n",
fname, lineno, brnc.bv_val );
free( nvnc.bv_val );
free( pvnc.bv_val );
@@ -1776,9 +1776,9 @@
} else if ( strcasecmp( argv[0], "t-f-support" ) == 0 ) {
if ( argc != 2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"t-f-support {no|yes|discover}\" needs 1 argument.\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
@@ -1790,17 +1790,17 @@
/* TODO: not implemented yet */
} else if ( strcasecmp( argv[ 1 ], "discover" ) == 0 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"discover\" not supported yet "
"in \"t-f-support {no|yes|discover}\".\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
#if 0
rwmap->rwm_flags |= RWM_F_SUPPORT_T_F_DISCOVER;
#endif
} else {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: unknown value \"%s\" for \"t-f-support {no|yes|discover}\".\n",
fname, lineno, argv[ 1 ] );
return 1;
@@ -1808,9 +1808,9 @@
} else if ( strcasecmp( argv[0], "normalize-mapped-attrs" ) == 0 ) {
if ( argc !=2 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: \"normalize-mapped-attrs {no|yes}\" needs 1 argument.\n",
- fname, lineno );
+ fname, lineno, 0 );
return( 1 );
}
Modified: openldap/trunk/servers/slapd/overlays/rwmconf.c
===================================================================
--- openldap/trunk/servers/slapd/overlays/rwmconf.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/overlays/rwmconf.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* rwmconf.c - rewrite/map configuration file routines */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwmconf.c,v 1.25.2.6 2010/04/13 20:23:46 kurt Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/rwmconf.c,v 1.25.2.7 2010/06/10 17:37:40 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1999-2010 The OpenLDAP Foundation.
@@ -50,9 +50,9 @@
int rc = 0;
if ( argc < 3 || argc > 4 ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: syntax is \"map {objectclass | attribute} [<local> | *] {<foreign> | *}\"\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -64,10 +64,10 @@
map = at_map;
} else {
- fprintf( stderr, "%s: line %d: syntax is "
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: syntax is "
"\"map {objectclass | attribute} [<local> | *] "
"{<foreign> | *}\"\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
@@ -98,18 +98,18 @@
&& ( strcasecmp( src, "objectclass" ) == 0
|| strcasecmp( dst, "objectclass" ) == 0 ) )
{
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: objectclass attribute cannot be mapped\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
mapping = (struct ldapmapping *)ch_calloc( 2,
sizeof(struct ldapmapping) );
if ( mapping == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: out of memory\n",
- fname, lineno );
+ fname, lineno, 0 );
return 1;
}
ber_str2bv( src, 0, 1, &mapping[0].m_src );
@@ -127,7 +127,7 @@
if ( src[0] != '\0' ) {
mapping[0].m_src_oc = oc_bvfind( &mapping[0].m_src );
if ( mapping[0].m_src_oc == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, source objectClass '%s' "
"should be defined in schema\n",
fname, lineno, src );
@@ -145,14 +145,14 @@
mapping[0].m_dst_oc = oc_bvfind( &mapping[0].m_dst );
if ( mapping[0].m_dst_oc == NULL ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, destination objectClass '%s' "
"is not defined in schema\n",
fname, lineno, dst );
mapping[0].m_dst_oc = oc_bvfind_undef( &mapping[0].m_dst );
if ( mapping[0].m_dst_oc == NULL ) {
- fprintf( stderr, "%s: line %d: unable to mimic destination objectClass '%s'\n",
+ Debug( LDAP_DEBUG_ANY, "%s: line %d: unable to mimic destination objectClass '%s'\n",
fname, lineno, dst );
goto error_return;
}
@@ -170,7 +170,7 @@
rc = slap_bv2ad( &mapping[0].m_src,
&mapping[0].m_src_ad, &text );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, source attributeType '%s' "
"should be defined in schema\n",
fname, lineno, src );
@@ -184,9 +184,12 @@
&mapping[0].m_src_ad, &text,
SLAP_AD_PROXIED );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
- "%s: line %d: source attributeType '%s': %d (%s)\n",
- fname, lineno, src, rc, text ? text : "null" );
+ char prefix[1024];
+ snprintf( prefix, sizeof(prefix),
+ "%s: line %d: source attributeType '%s': %d",
+ fname, lineno, src, rc );
+ Debug( LDAP_DEBUG_ANY, "%s (%s)\n",
+ prefix, text ? text : "null", 0 );
goto error_return;
}
@@ -196,7 +199,7 @@
rc = slap_bv2ad( &mapping[0].m_dst, &mapping[0].m_dst_ad, &text );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: warning, destination attributeType '%s' "
"is not defined in schema\n",
fname, lineno, dst );
@@ -205,9 +208,12 @@
&mapping[0].m_dst_ad, &text,
SLAP_AD_PROXIED );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr,
- "%s: line %d: destination attributeType '%s': %d (%s)\n",
- fname, lineno, dst, rc, text ? text : "null" );
+ char prefix[1024];
+ snprintf( prefix, sizeof(prefix),
+ "%s: line %d: destination attributeType '%s': %d",
+ fname, lineno, dst, rc );
+ Debug( LDAP_DEBUG_ANY, "%s (%s)\n",
+ prefix, text ? text : "null", 0 );
goto error_return;
}
}
@@ -217,9 +223,9 @@
if ( ( src[0] != '\0' && avl_find( map->map, (caddr_t)mapping, rwm_mapping_cmp ) != NULL)
|| avl_find( map->remap, (caddr_t)&mapping[1], rwm_mapping_cmp ) != NULL)
{
- fprintf( stderr,
+ Debug( LDAP_DEBUG_ANY,
"%s: line %d: duplicate mapping found.\n",
- fname, lineno );
+ fname, lineno, 0 );
/* FIXME: free stuff */
goto error_return;
}
Modified: openldap/trunk/servers/slapd/overlays/sssvlv.c
===================================================================
--- openldap/trunk/servers/slapd/overlays/sssvlv.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/overlays/sssvlv.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* sssvlv.c - server side sort / virtual list view */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/sssvlv.c,v 1.9.2.6 2010/04/14 17:56:50 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/sssvlv.c,v 1.9.2.9 2010/06/10 17:37:40 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2009-2010 The OpenLDAP Foundation.
@@ -471,7 +471,9 @@
be = op->o_bd;
for ( i=0; i<j; i++ ) {
sort_node *sn = cur_node->avl_data;
-
+
+ if ( slapd_shutdown ) break;
+
op->o_bd = select_backend( &sn->sn_dn, 0 );
e = NULL;
rc = be_entry_get_rw( op, &sn->sn_dn, NULL, NULL, 0, &e );
@@ -503,6 +505,8 @@
while ( cur_node && rs->sr_nentries < so->so_page_size ) {
sort_node *sn = cur_node->avl_data;
+ if ( slapd_shutdown ) break;
+
next_node = tavl_next( cur_node, TAVL_DIR_RIGHT );
op->o_bd = select_backend( &sn->sn_dn, 0 );
@@ -822,6 +826,8 @@
so->so_vlv = op->o_ctrlflag[vlv_cid];
so->so_vlv_target = 0;
so->so_vlv_rc = 0;
+ } else {
+ so->so_vlv = SLAP_CONTROL_NONE;
}
}
so->so_vcontext = (unsigned long)so;
@@ -1230,11 +1236,11 @@
if ( rc == LDAP_SUCCESS ) {
rc = overlay_register( &sssvlv );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr, "Failed to register server side sort overlay\n" );
+ Debug( LDAP_DEBUG_ANY, "Failed to register server side sort overlay\n", 0, 0, 0 );
}
}
else {
- fprintf( stderr, "Failed to register control %d\n", rc );
+ Debug( LDAP_DEBUG_ANY, "Failed to register control %d\n", rc, 0, 0 );
}
return rc;
Modified: openldap/trunk/servers/slapd/overlays/syncprov.c
===================================================================
--- openldap/trunk/servers/slapd/overlays/syncprov.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/overlays/syncprov.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,4 +1,4 @@
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/syncprov.c,v 1.147.2.73 2010/04/19 16:53:04 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/syncprov.c,v 1.147.2.75 2010/06/10 18:50:48 quanah Exp $ */
/* syncprov.c - syncrepl provider */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
@@ -1301,7 +1301,15 @@
op2.o_hdr = &oh;
op2.o_extra = op->o_extra;
op2.o_callback = NULL;
- rc = test_filter( &op2, e, ss->s_op->ors_filter );
+ ldap_pvt_thread_mutex_lock( &ss->s_mutex );
+ if (ss->s_flags & PS_FIX_FILTER) {
+ /* Skip the AND/GE clause that we stuck on in front. We
+ would lose deletes/mods that happen during the refresh
+ phase otherwise (ITS#6555) */
+ op2.ors_filter = ss->s_op->ors_filter->f_and->f_next;
+ }
+ ldap_pvt_thread_mutex_unlock( &ss->s_mutex );
+ rc = test_filter( &op2, e, op2.ors_filter );
}
Debug( LDAP_DEBUG_TRACE, "syncprov_matchops: sid %03x fscope %d rc %d\n",
@@ -1413,6 +1421,7 @@
SlapReply rsm = { 0 };
slap_callback cb = {0};
BackendDB be;
+ BackendInfo *bi;
#ifdef CHECK_CSN
Syntax *syn = slap_schema.si_ad_contextCSN->ad_type->sat_syntax;
@@ -1442,6 +1451,7 @@
}
opm.o_req_dn = si->si_contextdn;
opm.o_req_ndn = si->si_contextdn;
+ bi = opm.o_bd->bd_info;
opm.o_bd->bd_info = on->on_info->oi_orig;
opm.o_managedsait = SLAP_CONTROL_NONCRITICAL;
opm.o_no_schema_check = 1;
@@ -1459,6 +1469,7 @@
if ( e == opm.ora_e )
be_entry_release_w( &opm, opm.ora_e );
}
+ opm.o_bd->bd_info = bi;
if ( mod.sml_next != NULL ) {
slap_mods_free( mod.sml_next, 1 );
Modified: openldap/trunk/servers/slapd/overlays/valsort.c
===================================================================
--- openldap/trunk/servers/slapd/overlays/valsort.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/overlays/valsort.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* valsort.c - sort attribute values */
-/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/valsort.c,v 1.17.2.8 2010/04/14 17:26:11 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/overlays/valsort.c,v 1.17.2.9 2010/06/10 17:37:40 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2005-2010 The OpenLDAP Foundation.
@@ -568,7 +568,7 @@
SLAP_CTRL_SEARCH | SLAP_CTRL_HIDE, NULL, valsort_parseCtrl,
&valsort_cid );
if ( rc != LDAP_SUCCESS ) {
- fprintf( stderr, "Failed to register control %d\n", rc );
+ Debug( LDAP_DEBUG_ANY, "Failed to register control %d\n", rc, 0, 0 );
return rc;
}
Modified: openldap/trunk/servers/slapd/schema_init.c
===================================================================
--- openldap/trunk/servers/slapd/schema_init.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/schema_init.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* schema_init.c - init builtin schema */
-/* $OpenLDAP: pkg/ldap/servers/slapd/schema_init.c,v 1.386.2.39 2010/04/14 18:12:15 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/schema_init.c,v 1.386.2.40 2010/06/10 17:48:07 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 1998-2010 The OpenLDAP Foundation.
@@ -1735,8 +1735,9 @@
? LDAP_UTF8_APPROX : 0;
val = UTF8bvnormalize( val, &tmp, flags, ctx );
+ /* out of memory or syntax error, the former is unlikely */
if( val == NULL ) {
- return LDAP_OTHER;
+ return LDAP_INVALID_SYNTAX;
}
/* collapse spaces (in place) */
Modified: openldap/trunk/servers/slapd/syncrepl.c
===================================================================
--- openldap/trunk/servers/slapd/syncrepl.c 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/servers/slapd/syncrepl.c 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
/* syncrepl.c -- Replication Engine which uses the LDAP Sync protocol */
-/* $OpenLDAP: pkg/ldap/servers/slapd/syncrepl.c,v 1.254.2.105 2010/04/19 19:24:41 quanah Exp $ */
+/* $OpenLDAP: pkg/ldap/servers/slapd/syncrepl.c,v 1.254.2.106 2010/06/10 17:15:14 quanah Exp $ */
/* This work is part of OpenLDAP Software <http://www.openldap.org/>.
*
* Copyright 2003-2010 The OpenLDAP Foundation.
@@ -4592,9 +4592,10 @@
return 1;
} else {
Debug( LDAP_DEBUG_CONFIG,
- "Config: ** successfully added syncrepl \"%s\"\n",
+ "Config: ** successfully added syncrepl %s \"%s\"\n",
+ si->si_ridtxt,
BER_BVISNULL( &si->si_bindconf.sb_uri ) ?
- "(null)" : si->si_bindconf.sb_uri.bv_val, 0, 0 );
+ "(null)" : si->si_bindconf.sb_uri.bv_val, 0 );
if ( c->be->be_syncinfo ) {
syncinfo_t *sip;
Modified: openldap/trunk/tests/scripts/test043-delta-syncrepl
===================================================================
--- openldap/trunk/tests/scripts/test043-delta-syncrepl 2010-07-12 06:57:19 UTC (rev 1281)
+++ openldap/trunk/tests/scripts/test043-delta-syncrepl 2010-07-12 07:03:32 UTC (rev 1282)
@@ -1,5 +1,5 @@
#! /bin/sh
-# $OpenLDAP: pkg/ldap/tests/scripts/test043-delta-syncrepl,v 1.4.2.7 2010/04/19 19:14:35 quanah Exp $
+# $OpenLDAP: pkg/ldap/tests/scripts/test043-delta-syncrepl,v 1.4.2.8 2010/06/10 17:28:50 quanah Exp $
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2010 The OpenLDAP Foundation.
@@ -339,9 +339,9 @@
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo "Filtering producer results..."
-$LDIFFILTER < $MASTEROUT | grep -iv "^auditcontext:" > $MASTERFLT
+$LDIFFILTER -s bdb=a,hdb=a < $MASTEROUT | grep -iv "^auditcontext:" > $MASTERFLT
echo "Filtering consumer results..."
-$LDIFFILTER < $SLAVEOUT | grep -iv "^auditcontext:" > $SLAVEFLT
+$LDIFFILTER -s bdb=a,hdb=a < $SLAVEOUT | grep -iv "^auditcontext:" > $SLAVEFLT
echo "Comparing retrieved entries from producer and consumer..."
$CMP $MASTERFLT $SLAVEFLT > $CMPOUT
More information about the Pkg-openldap-devel
mailing list