[Pkg-fedora-ds-maintainers] 389-ds-base: Changes to 'upstream-unstable'

Timo Aaltonen tjaalton-guest at alioth.debian.org
Thu Aug 29 21:53:49 UTC 2013


 VERSION.sh                                               |    2 -
 ldap/admin/src/logconv.pl                                |   30 +++++++--------
 ldap/admin/src/scripts/DSUtil.pm.in                      |    9 +++-
 ldap/servers/plugins/replication/windows_protocol_util.c |   10 ++++-
 ldap/servers/slapd/modify.c                              |    4 --
 5 files changed, 31 insertions(+), 24 deletions(-)

New commits:
commit 60cfb7370ca457b36fdfaa2820bf05fbe3f26859
Author: Noriko Hosoi <nhosoi at redhat.com>
Date:   Wed Aug 28 14:53:36 2013 -0700

    bump version to 1.3.1.7

diff --git a/VERSION.sh b/VERSION.sh
index 6bd724d..3a45057 100644
--- a/VERSION.sh
+++ b/VERSION.sh
@@ -10,7 +10,7 @@ vendor="389 Project"
 # PACKAGE_VERSION is constructed from these
 VERSION_MAJOR=1
 VERSION_MINOR=3
-VERSION_MAINT=1.6
+VERSION_MAINT=1.7
 # if this is a PRERELEASE, set VERSION_PREREL
 # otherwise, comment it out
 # be sure to include the dot prefix in the prerel

commit abdf69842a2525b6a670aafd2a940a0c67b656ec
Author: Rich Megginson <rmeggins at redhat.com>
Date:   Fri Aug 23 14:16:29 2013 -0600

    Bug 999634 - ns-slapd crash due to bogus DN
    
    https://bugzilla.redhat.com/show_bug.cgi?id=999634
    Reviewed by: ???
    Branch: 389-ds-base-1.3.1
    Fix Description: When the target DN is not a valid DN, the code will bypass
    the initialization of unhashed_pw_smod, and attempt to call slapi_smods_done.
    Depending on what memory is in the unhashed_pw_smod, if both mods and
    free_mods are true, an attempt will be made to free mods or *mods and the
    server will crash.  It is tricky to find the right sequence of operations
    that will write the stack in such a way that both unhashed_pw_smod.mods
    and unhashed_pw_smod.free_mods are set.
    The fix is to just get rid of unhashed_pw_smod which is not used.
    I also check this code and other operation code for similar cases, but the
    rest of the code is clean.
    Platforms tested: RHEL6 x86_64
    Flag Day: no
    Doc impact: no
    (cherry picked from commit a3d65ac00df871675896f587b0da2c24eab961bb)

diff --git a/ldap/servers/slapd/modify.c b/ldap/servers/slapd/modify.c
index 2677b92..957f36e 100644
--- a/ldap/servers/slapd/modify.c
+++ b/ldap/servers/slapd/modify.c
@@ -653,7 +653,6 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
 	int passin_sdn = 0;
 	LDAPMod	**mods, *pw_mod, **tmpmods = NULL;
 	Slapi_Mods smods;
-	Slapi_Mods unhashed_pw_smod;	
 	int repl_op, internal_op, lastmod, skip_modified_attrs;
 	char *unhashed_pw_attr = NULL;
 	Slapi_Operation *operation;
@@ -692,8 +691,6 @@ static void op_shared_modify (Slapi_PBlock *pb, int pw_change, char *old_pw)
 
 	slapi_mods_init_passin (&smods, mods);
 
-	slapi_mods_init(&unhashed_pw_smod, 0);
-
 	/* target spec is used to decide which plugins are applicable for the operation */
 	operation_set_target_spec (pb->pb_op, sdn);
 
@@ -1138,7 +1135,6 @@ free_and_return:
 	if (be)
 		slapi_be_Unlock(be);
 
-	slapi_mods_done(&unhashed_pw_smod); /* can finalize now */
 	if (unhashed_pw_attr)
 		slapi_ch_free ((void**)&unhashed_pw_attr);
 

commit 529a544a2fe9961d9286e191346fb5faca27d38b
Author: Noriko Hosoi <nhosoi at redhat.com>
Date:   Tue Aug 20 14:09:26 2013 -0700

    Ticket #47488 - Users from AD sub OU does not sync to IPA
    
    Bug description: When processing a DN from AD, the DN is passed to
    a helper function is_subject_of_agreement_remote (windows_protocol_
    util.c) to check if the DN is a subject of the sync service or not.
    The helper function was checking if the AD DN is just one-level
    child of the agreement subtree top (nsds7WindowsReplicaSubtree) but
    not the subtree-level descendents.  Note: the DN is an original one
    in AD, which has not be flattened yet.  Therefore, the AD entry was
    determined not to be synchronized.
    
    Fix description: This bug was fixed in the master tree with the
    ticket #521 - modrdn + NSMMReplicationPlugin - Consumer failed to
    replay change.
     3) is_subject_of_agreement_remote (windows_protocol_util.c):
        When checking if the entry was in the subtree defined in the
        agreement or not, it returned true only if the entry is a
        direct child of the agreement subtree top. This patch returns
        true if the entry is the further descendent of the subtree.
    The fix is back ported to 389-ds-base-1.3.1 branch.
    
    Reviewed by Rich (Thank you!!)
    
    https://fedorahosted.org/389/ticket/47488

diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c b/ldap/servers/plugins/replication/windows_protocol_util.c
index 964566a..730d9a6 100644
--- a/ldap/servers/plugins/replication/windows_protocol_util.c
+++ b/ldap/servers/plugins/replication/windows_protocol_util.c
@@ -3950,7 +3950,12 @@ error:
 	return retval;
 }
 
-/* Tests if the entry is subject to our agreement (i.e. is it in the sync'ed subtree in AD and either a user or a group ?) */
+/* 
+ * Tests if the entry is subject to our agreement
+ * (i.e. is it in the sync'ed subtree in AD and either a user or a group ?)
+ * return value: 1 -- it is subject to the agreement
+ *               0 -- out of scope
+ */
 static int 
 is_subject_of_agreement_remote(Slapi_Entry *e, const Repl_Agmt *ra)
 {
@@ -3981,7 +3986,8 @@ is_subject_of_agreement_remote(Slapi_Entry *e, const Repl_Agmt *ra)
 		 * 'e' as out of scope.
 		 */
 		slapi_sdn_get_parent(sdn, &psdn);
-		if (0 == slapi_sdn_compare(&psdn, agreement_subtree)) {
+		if (slapi_sdn_issuffix(&psdn, agreement_subtree)) {
+			/* parent is in agreement_subtree. */
 			retval = 1;
 		} else {
 			/* If parent entry is not local, the entry is out of scope */

commit 3e7ee7ca886feb56b3b26df97882c40d81bfff55
Author: Mark Reynolds <mreynolds at redhat.com>
Date:   Wed Aug 14 15:32:36 2013 -0400

    Ticket 47461 - logconv.pl - Use of comma-less variable list is deprecated
    
    Description:  In newer versions of perl commas are needed to separate variables
                  when "formatting" output.  Also fixed a typo.
    
    https://fedorahosted.org/389/ticket/47461
    
    Reviewed by: nhosoi(Thanks!)
    (cherry picked from commit 7e9cae5fa2292168e88e87eee2f9249171a1e9d8)

diff --git a/ldap/admin/src/logconv.pl b/ldap/admin/src/logconv.pl
index efc5970..77088ff 100755
--- a/ldap/admin/src/logconv.pl
+++ b/ldap/admin/src/logconv.pl
@@ -594,7 +594,7 @@ print "Restarts:                     $serverRestartCount\n";
 print "Total Connections:            $connectionCount\n";
 print " - StartTLS Connections:      $startTLSCount\n";
 print " - LDAPS Connections:         $sslCount\n";
-print " - LDAPI Conections:          $ldapiCount\n";
+print " - LDAPI Connections:         $ldapiCount\n";
 print "Peak Concurrent Connections:  $maxsimConnection\n";
 print "Total Operations:             $allOps\n";
 print "Total Results:                $allResults\n";
@@ -614,20 +614,20 @@ $compareStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$cmpCount/$totalTimeInSecs, $c
 $bindCountStat = sprintf "(%.2f/sec)  (%.2f/min)\n",$bindCount/$totalTimeInSecs, $bindCount/($totalTimeInSecs/60);
 
 format STDOUT =
-Searches:                     @<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<
-                              $srchCount,        $searchStat
-Modifications:                @<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<
-                              $modCount,           $modStat
-Adds:                         @<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<
-                              $addCount,           $addStat
-Deletes:                      @<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<
-                              $delCount,        $deleteStat
-Mod RDNs:                     @<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<
-                              $modrdnCount,        $modrdnStat
-Compares:                     @<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<
-                              $cmpCount,       $compareStat
-Binds:                        @<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<
-                              $bindCount           $bindCountStat
+Searches:                     @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+                              $srchCount,   $searchStat,
+Modifications:                @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+                              $modCount,    $modStat,
+Adds:                         @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+                              $addCount,    $addStat,
+Deletes:                      @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+                              $delCount,    $deleteStat,
+Mod RDNs:                     @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+                              $modrdnCount, $modrdnStat,
+Compares:                     @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+                              $cmpCount,    $compareStat,
+Binds:                        @<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
+                              $bindCount,   $bindCountStat,
 .
 write STDOUT;
 

commit a7bdcc535b213455b785be004153c51b71ccc3be
Author: Mark Reynolds <mreynolds at redhat.com>
Date:   Tue Aug 13 16:39:57 2013 -0400

    Ticket 47473 - setup-ds.pl doesn't lookup the "root" group correctly
    
    Bug Description:  Silent install will fail, if you set the "SuiteSpotUserID"
                      to root, but do not set "SuiteSpotGroup".
    
    Fix Description:  The root gid is zero, and this incorrectly triggered an
                      error that cancelled the install.  Fix is to check if the
                      user info is set, instead of checking the group id value;
    
    https://fedorahosted.org/389/ticket/47473
    
    Reviewed by: richm(Thanks!)
    (cherry picked from commit 8aa9e8c38186c8447e6825839ef2f784f3ad9815)

diff --git a/ldap/admin/src/scripts/DSUtil.pm.in b/ldap/admin/src/scripts/DSUtil.pm.in
index b971dac..eaf5e4b 100644
--- a/ldap/admin/src/scripts/DSUtil.pm.in
+++ b/ldap/admin/src/scripts/DSUtil.pm.in
@@ -160,8 +160,13 @@ sub getLogin {
 # Look up the primary group name for the supplied user
 sub getGroup {
     my $user = shift;
-    my $gid = (getpwnam($user))[3] || confess "Error: could not determine the current group ID: $!"; 
-    return (getgrgid($gid))[0] || confess "Error: could not determine the current group name: $!";
+    my @userinfo = getpwnam($user);
+    
+    if(!@userinfo){
+        confess "Error: could not find user ID ($user): $!";
+    }
+   
+    return (getgrgid($userinfo[3]))[0] || confess "Error: could not determine the current group name from gid ($userinfo[3]): $!";
 }
 
 sub isValidUser {



More information about the Pkg-fedora-ds-maintainers mailing list