Commit 42d85ef2 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

More Quanah suggested patches

+       Fixed slapadd cn=config issue (ITS#4194)
+       Fixed slapd dynacl tgrant/tdeny initialization
+       Fixed slapd backglue issue (ITS#4529)
parent f2e5e869
......@@ -8,10 +8,13 @@ OpenLDAP 2.3.22 Engineering
Fixed liblutil strtoul(3) usage (ITS#4503)
Updated ldapsearch(1) BASE output (ITS#4504)
Fixed slapd cn=config (ITS#4512)
Fixed slapadd cn=config issue (ITS#4194)
Fixed slapd thread pool init issue (ITS#4513)
Fixed slapd cn=config olcLimits (ITS#4515)
Fixed slapd cn=config ACL application fix
Fixed slapd runqueue use of freed memory (ITS#4517)
Fixed slapd dynacl tgrant/tdeny initialization
Fixed slapd backglue issue (ITS#4529)
Added slapd syncrepl mandatory searchbase check
Fixed slapo-accesslog bugs
Added slapo-accesslog oldReq feature
......
......@@ -1961,15 +1961,15 @@ slap_acl_mask(
}
/* start out with nothing granted, nothing denied */
ACL_INIT(tgrant);
ACL_INIT(tdeny);
ACL_INVALIDATE(tgrant);
ACL_INVALIDATE(tdeny);
for ( da = b->a_dynacl; da; da = da->da_next ) {
slap_access_t grant,
deny;
ACL_INIT(grant);
ACL_INIT(deny);
ACL_INVALIDATE(grant);
ACL_INVALIDATE(deny);
Debug( LDAP_DEBUG_ACL, " <= check a_dynacl: %s\n",
da->da_name, 0, 0 );
......
......@@ -124,20 +124,21 @@ int slap_str2ad(
}
static char *strchrlen(
const char *p,
const char *beg,
const char *end,
const char ch,
int *len )
{
int i;
const char *p;
for( i=0; p[i]; i++ ) {
if( p[i] == ch ) {
*len = i;
return (char *) &p[i];
for( p=beg; *p && p < end; p++ ) {
if( *p == ch ) {
*len = p - beg;
return (char *) p;
}
}
*len = i;
*len = p - beg;
return NULL;
}
......@@ -148,7 +149,7 @@ int slap_bv2ad(
{
int rtn = LDAP_UNDEFINED_TYPE;
AttributeDescription desc, *d2;
char *name, *options;
char *name, *options, *optn;
char *opt, *next;
int ntags;
int tagslen;
......@@ -201,11 +202,12 @@ int slap_bv2ad(
ntags = 0;
memset( tags, 0, sizeof( tags ));
tagslen = 0;
optn = bv->bv_val + bv->bv_len;
for( opt=options; opt != NULL; opt=next ) {
int optlen;
opt++;
next = strchrlen( opt, ';', &optlen );
next = strchrlen( opt, optn, ';', &optlen );
if( optlen == 0 ) {
*text = "zero length option is invalid";
......@@ -443,19 +445,21 @@ static int is_ad_subtags(
struct berval *subtagsbv,
struct berval *suptagsbv )
{
const char *suptags, *supp, *supdelimp;
const char *subtags, *subp, *subdelimp;
const char *suptags, *supp, *supdelimp, *supn;
const char *subtags, *subp, *subdelimp, *subn;
int suplen, sublen;
subtags =subtagsbv->bv_val;
suptags =suptagsbv->bv_val;
subn = subtags + subtagsbv->bv_len;
supn = suptags + suptagsbv->bv_len;
for( supp=suptags ; supp; supp=supdelimp ) {
supdelimp = strchrlen( supp, ';', &suplen );
supdelimp = strchrlen( supp, supn, ';', &suplen );
if( supdelimp ) supdelimp++;
for( subp=subtags ; subp; subp=subdelimp ) {
subdelimp = strchrlen( subp, ';', &sublen );
subdelimp = strchrlen( subp, subn, ';', &sublen );
if( subdelimp ) subdelimp++;
if ( suplen > sublen
......
......@@ -294,7 +294,7 @@ glue_op_search ( Operation *op, SlapReply *rs )
BackendDB *b1 = NULL, *btmp;
BackendInfo *bi0 = op->o_bd->bd_info;
int i;
long stoptime = 0;
long stoptime = 0, starttime;
glue_state gs = {NULL, NULL, NULL, 0, 0, 0, 0};
slap_callback cb = { NULL, glue_op_response, NULL, NULL };
int scope0, tlimit0;
......@@ -304,6 +304,7 @@ glue_op_search ( Operation *op, SlapReply *rs )
cb.sc_next = op->o_callback;
starttime = op->o_time;
stoptime = slap_get_time () + op->ors_tlimit;
op->o_bd = glue_back_select (b0, &op->o_req_ndn);
......@@ -347,7 +348,8 @@ glue_op_search ( Operation *op, SlapReply *rs )
if (!dnIsSuffix(&btmp->be_nsuffix[0], &b1->be_nsuffix[0]))
continue;
if (tlimit0 != SLAP_NO_LIMIT) {
op->ors_tlimit = stoptime - slap_get_time ();
op->o_time = slap_get_time();
op->ors_tlimit = stoptime - op->o_time;
if (op->ors_tlimit <= 0) {
rs->sr_err = gs.err = LDAP_TIMELIMIT_EXCEEDED;
break;
......@@ -419,6 +421,7 @@ glue_op_search ( Operation *op, SlapReply *rs )
end_of_loop:;
op->ors_scope = scope0;
op->ors_tlimit = tlimit0;
op->o_time = starttime;
op->o_req_dn = dn;
op->o_req_ndn = ndn;
......
......@@ -3015,10 +3015,18 @@ read_config(const char *fname, const char *dir) {
if ( rc != LDAP_NO_SUCH_OBJECT )
return 1;
/* ITS#4194: But if dir was specified and no fname,
* then we were supposed to read the dir.
* then we were supposed to read the dir. Unless we're
* trying to slapadd the dir...
*/
if ( dir && !fname )
return 1;
if ( dir && !fname ) {
if ( slapMode & (SLAP_SERVER_MODE|SLAP_TOOL_READMAIN|SLAP_TOOL_READONLY))
return 1;
/* Assume it's slapadd with a config dir, let it continue */
rc = 0;
cfb->cb_got_ldif = 1;
cfb->cb_use_ldif = 1;
goto done;
}
}
/* If we read the config from back-ldif, nothing to do here */
......@@ -3038,25 +3046,6 @@ read_config(const char *fname, const char *dir) {
if ( rc == 0 )
ber_str2bv( cfname, 0, 1, &cfb->cb_config->c_file );
/* If we got this far and failed, it may be a serious problem. In server
* mode, we should never come to this. However, it may be alright if we're
* using slapadd to create the conf dir.
*/
while ( rc ) {
if ( slapMode & (SLAP_SERVER_MODE|SLAP_TOOL_READMAIN|SLAP_TOOL_READONLY))
break;
/* If a config file was explicitly given, fail */
if ( fname )
break;
/* Seems to be slapadd with a config dir, let it continue */
if ( cfb->cb_use_ldif ) {
rc = 0;
cfb->cb_got_ldif = 1;
}
break;
}
done:
if ( rc == 0 && BER_BVISNULL( &frontendDB->be_schemadn ) ) {
ber_str2bv( SLAPD_SCHEMA_DN, STRLENOF( SLAPD_SCHEMA_DN ), 1,
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment