Commit a04835be authored by Quanah Gibson-Mount's avatar Quanah Gibson-Mount
Browse files

ITS#5972

parent 7d03aa8b
......@@ -8,10 +8,12 @@ OpenLDAP 2.4.16 Engineering
Fixed libldap peer cert memory leak again (ITS#5849)
Fixed libldap referral chasing (ITS#5980)
Fixed slapd backglue with empty DBs (ITS#5986)
Fixed slapd syncrepl newCookie sync messages (ITS#5972)
Fixed slapd-bdb/hdb cachesize handling (ITS#5860)
Fixed slapd-ldap/meta with broken AD results (ITS#5977)
Fixed slapd-ldap/meta with invalid attrs again (ITS#5959)
Fixed slapo-accesslog interaction with ppolicy (ITS#5979)
Fixed slapo-syncprov newCookie sync messages (ITS#5972)
Documentation
admin24 clarified MMR URI requirements (ITS#5942,ITS#5987)
slapd-ldap/meta(5) added missing TLS options (ITS#5989)
......
......@@ -282,6 +282,7 @@ typedef struct ldapcontrol {
#define LDAP_SYNC_ADD 1
#define LDAP_SYNC_MODIFY 2
#define LDAP_SYNC_DELETE 3
#define LDAP_SYNC_NEW_COOKIE 4
/* Password policy Controls *//* work in progress */
......
......@@ -876,27 +876,34 @@ syncprov_qplay( Operation *op, struct re_s *rtask )
break;
ldap_pvt_thread_mutex_unlock( &so->s_mutex );
opc.sdn = sr->s_dn;
opc.sndn = sr->s_ndn;
opc.suuid = sr->s_uuid;
opc.sctxcsn = sr->s_csn;
opc.sreference = sr->s_isreference;
e = NULL;
if ( sr->s_mode != LDAP_SYNC_DELETE ) {
rc = overlay_entry_get_ov( op, &opc.sndn, NULL, NULL, 0, &e, on );
if ( rc ) {
Debug( LDAP_DEBUG_SYNC, "syncprov_qplay: failed to get %s, "
"error (%d), ignoring...\n", opc.sndn.bv_val, rc, 0 );
ch_free( sr );
rc = 0;
continue;
if ( sr->s_mode == LDAP_SYNC_NEW_COOKIE ) {
SlapReply rs = { REP_INTERMEDIATE };
rc = syncprov_sendinfo( op, &rs, LDAP_TAG_SYNC_NEW_COOKIE,
&sr->s_csn, 0, NULL, 0 );
} else {
opc.sdn = sr->s_dn;
opc.sndn = sr->s_ndn;
opc.suuid = sr->s_uuid;
opc.sctxcsn = sr->s_csn;
opc.sreference = sr->s_isreference;
e = NULL;
if ( sr->s_mode != LDAP_SYNC_DELETE ) {
rc = overlay_entry_get_ov( op, &opc.sndn, NULL, NULL, 0, &e, on );
if ( rc ) {
Debug( LDAP_DEBUG_SYNC, "syncprov_qplay: failed to get %s, "
"error (%d), ignoring...\n", opc.sndn.bv_val, rc, 0 );
ch_free( sr );
rc = 0;
continue;
}
}
}
rc = syncprov_sendresp( op, &opc, so, &e, sr->s_mode );
rc = syncprov_sendresp( op, &opc, so, &e, sr->s_mode );
if ( e ) {
overlay_entry_release_ov( op, e, 0, on );
if ( e ) {
overlay_entry_release_ov( op, e, 0, on );
}
}
ch_free( sr );
......@@ -1007,17 +1014,25 @@ static int
syncprov_qresp( opcookie *opc, syncops *so, int mode )
{
syncres *sr;
int sid, srsize;
/* Don't send changes back to their originator */
sid = slap_parse_csn_sid( &opc->sctxcsn );
if ( sid >= 0 && sid == so->s_sid )
return LDAP_SUCCESS;
int srsize;
struct berval cookie = opc->sctxcsn;
if ( mode == LDAP_SYNC_NEW_COOKIE ) {
syncprov_info_t *si = opc->son->on_bi.bi_private;
slap_compose_sync_cookie( NULL, &cookie, si->si_ctxcsn,
so->s_rid, so->s_sid);
} else if ( opc->sctxcsn.bv_len ) {
/* Don't send changes back to their originator */
int sid = slap_parse_csn_sid( &opc->sctxcsn );
if ( sid >= 0 && sid == so->s_sid )
return LDAP_SUCCESS;
}
srsize = sizeof(syncres) + opc->suuid.bv_len + 1 +
opc->sdn.bv_len + 1 + opc->sndn.bv_len + 1;
if ( opc->sctxcsn.bv_len )
srsize += opc->sctxcsn.bv_len + 1;
if ( cookie.bv_len )
srsize += cookie.bv_len + 1;
sr = ch_malloc( srsize );
sr->s_next = NULL;
sr->s_dn.bv_val = (char *)(sr + 1);
......@@ -1031,13 +1046,17 @@ syncprov_qresp( opcookie *opc, syncops *so, int mode )
opc->sndn.bv_val ) + 1;
sr->s_uuid.bv_len = opc->suuid.bv_len;
AC_MEMCPY( sr->s_uuid.bv_val, opc->suuid.bv_val, opc->suuid.bv_len );
if ( opc->sctxcsn.bv_len ) {
if ( cookie.bv_len ) {
sr->s_csn.bv_val = sr->s_uuid.bv_val + sr->s_uuid.bv_len + 1;
strcpy( sr->s_csn.bv_val, opc->sctxcsn.bv_val );
strcpy( sr->s_csn.bv_val, cookie.bv_val );
} else {
sr->s_csn.bv_val = NULL;
}
sr->s_csn.bv_len = opc->sctxcsn.bv_len;
sr->s_csn.bv_len = cookie.bv_len;
if ( mode == LDAP_SYNC_NEW_COOKIE && cookie.bv_val ) {
ch_free( cookie.bv_val );
}
ldap_pvt_thread_mutex_lock( &so->s_mutex );
if ( !so->s_res ) {
......@@ -1266,6 +1285,8 @@ syncprov_matchops( Operation *op, opcookie *opc, int saveit )
} else if ( !saveit && found ) {
/* send DELETE */
syncprov_qresp( opc, ss, LDAP_SYNC_DELETE );
} else if ( !saveit ) {
syncprov_qresp( opc, ss, LDAP_SYNC_NEW_COOKIE );
}
if ( !saveit && found ) {
/* Decrement s_inuse, was incremented when called
......
......@@ -1037,6 +1037,17 @@ do_syncrep2(
"LDAP_RES_INTERMEDIATE",
"NEW_COOKIE" );
ber_scanf( ber, "tm", &tag, &cookie );
Debug( LDAP_DEBUG_SYNC,
"do_syncrep2: %s NEW_COOKIE: %s\n",
si->si_ridtxt,
cookie.bv_val, 0);
if ( !BER_BVISNULL( &cookie ) ) {
ch_free( syncCookie.octet_str.bv_val );
ber_dupbv( &syncCookie.octet_str, &cookie );
}
if (!BER_BVISNULL( &syncCookie.octet_str ) ) {
slap_parse_sync_cookie( &syncCookie, NULL );
}
break;
case LDAP_TAG_SYNC_REFRESH_DELETE:
case LDAP_TAG_SYNC_REFRESH_PRESENT:
......@@ -1149,6 +1160,7 @@ do_syncrep2(
if ( match < 0 ) {
if ( si->si_refreshPresent == 1 &&
si_tag != LDAP_TAG_SYNC_NEW_COOKIE &&
syncCookie_req.numcsns == syncCookie.numcsns ) {
syncrepl_del_nonpresent( op, si, NULL,
&syncCookie, m );
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment