Commits on Source (68)
-
Mark Reynolds authored
Description: There is no upgrade script to add the PBKDF2 plugin, this fix adds the script. https://pagure.io/389-ds-base/issue/49665 Reviewed by: ?dc690dd2 -
Mark Reynolds authored
Description: There is no upgrade script to add the new CRYPT plugins, this fix adds the script. https://pagure.io/389-ds-base/issue/49665 Reviewed by: vashirov(Thanks!)91dc8324 -
Mark Reynolds authored
Description: I had previously overwritten most of PF stylesheets. This patch contains that conversion. https://pagure.io/389-ds-base/issue/495193a70d8a4 -
Mark Reynolds authored
Bug Description: Regression from ticket https://pagure.io/389-ds-base/issue/49618 This ticket accidentally set a MAX_INT cap on the entry cachesize. Fix Description: Set proper max value allowed for entry and dn caches (uint64) https://pagure.io/389-ds-base/issue/49673 Reviewed by: mreynolds(one line commit rule)
5d700cc4 -
Mark Reynolds authored
Bug Description: When a hub receives an update that triggers the memberOf plugin, but that interal operation has no csn and that causes the update to the changelog to fail and break replication. Fix Description: Do not write internal updates with no csns to the changelog on read-only replicas. https://pagure.io/389-ds-base/issue/49671 Reviewed by: simon, tbordaz, and lkrispen (Thanks!!!)afb755bd -
Simon Pichugin authored
Bug description: We should be able to create cascading replication topology with existing lib389 API. Fix existing topology in topologies.py and add the functionality to replica.py API accordingly. Fix description: Add the code to join_hub function. Get agreement name from the last three port numbers. When we call _create_service_group on read-only instance do not try to create it. Generate the replica credentials when adding the service account and store them in ReplicationManager object. Fix a few small issues in replica.py. In topologies.py, divide the instance and replica creation. Refactor topology_m1h1c1 according to the changes. During the finalizer, check if instance exists before the removal. https://pagure.io/389-ds-base/issue/49657 Reviewed by: mreynolds (Thanks!)
50732c9e -
Viktor Ashirov authored
Bug Description: Binaries like /usr/sbin/ds_selinux_enabled /usr/sbin/ds_selinux_port_query /usr/sbin/ds_systemd_ask_password_acl are not user-runnable, they are executed by other programs (setup-ds.pl for example). They should not reside in /usr/sbin, since it's used for storing binaries for system administration. Instead they should be placed in /usr/libexec/dirsrv/ which is designed to store binaries that are executed by other programs. Fix Description: Change install path to libexec. https://pagure.io/389-ds-base/issue/49106 Reviewed by: mhonek, wibrown (Thanks!)
6e1ee76e -
Viktor Ashirov authored
Bug Description: `make clean` fails if cargo is not installed. Fix Description: Call `cargo clean` only when we enable Rust. https://pagure.io/389-ds-base/issue/49685 Reviewed by: mreynolds (Thanks!)
3037674a -
Viktor Ashirov authored
Bug Description: AC_PROG_CC macro sets CFLAGS/CXXFLAGS environment variable to ` -g -O2` for GCC if CFLAGS/CXXFLAGS are not defined. Fix Description: Use an empty default for CFLAGS and CXXFLAGS instead. https://pagure.io/389-ds-base/issue/49684 Reviewed by: mreynolds (Thanks!)
68ecbff0 -
Mark Reynolds authored
Bug Description: If you manually set the dbcachememsize to something larger than a uint64_t the server can crash from a NULL pointer being dereferenced. Fix Description: Catch the NULL pointer before it is dereferenced, and abort the restore. https://pagure.io/389-ds-base/issue/49669 Reviewed by: firstyear & tbordaz (Thanks!!)15ff2e3d -
Ludwig Krispenz authored
Bug: there was a scenario where two threads could process replication operations in parallel. The reason was that for a new repl start request the repl conn flag is not set and the connection is made readable. When the start repl op is finished, the flagi set, but in a small window the supplier could already have sent updates and more_data would trigger this thread also to continue to process repl operations. Fix: In the situation where a thread successfully processed a start repl request and just set the repl_conn flag do not use more_data. Reviewed by: Thierry, thanks0282ef26 -
Thierry Bordaz authored
Ticket 49693 - A DB_DEADLOCK while adding a tombstone (RUV) leads to access of an already freed entry Bug Description: During a ADD, in order to manage DB_DEADLOCK, instead of using the entry provided in the pblock (i.e. 'e') the code uses a couple addingentry/originalentry. Only in the initial attempt addingentry refers to 'e', in the others it refers to a duplicate one. On DB_DEADLOCK, the entry is freed immediately (as it was not in the cache) if we hit a DB_DEADLOCK then 'e' is freed and the next attempt is with a duplicate of 'e'. But if the added entry is a tombstone we log a message dumping 'e', unfortunately 'e' was already freed. Fix Description: Use addingentry->ep_entry instead of 'e'. Also as it is for logging, test if the logging level is set before dumping the entry. https://pagure.io/389-ds-base/issue/49693 Reviewed by: Ludwig Krispenz, Mark Reynolds (thanks !!) Platforms tested: F26 Flag Day: no Doc impact: no
6157c6a8 -
Mark Reynolds authored
Description: Remove the recently added upgrade scripts as they are obsolete in 1.4.0. https://pagure.io/389-ds-base/issue/49665 Reviewed by: ?70314dc2 -
Simon Pichugin authored
Description: Refactor plugins module and fix tests accordingly. Divide the tests into three functions: accaptance, memory corrruption and stress. Add absent Task and Plugin objects. Add docstrings for every fixed object. Move plugin acceptance tests to a separate module in plugins suite https://pagure.io/389-ds-base/issue/49581 Reviewed by: vashirov, mreynolds, wibrown (Thanks!)
dc7f1083 -
Mark Reynolds authored
Description: Remove files from Pattern we do not use in order to help reduce its footprint on the package https://pagure.io/389-ds-base/issue/49698 Reviewed by: mreynolds(one line commit rule)4521fe33 -
Thierry Bordaz authored
Bug description: During shutdown we would not close connections. In the past this may have just been an annoyance, but now with the way nunc-stans works, io events can still trigger on open xeisting connectinos during shutdown. Because of NS dynamic it can happen that several jobs wants to work on the same connection. In such case (a job is already set in c_job) we delay the new job that will retry. In addition: - some call needed c_mutex - test uninitialized nunc-stans in case of shutdown while startup is not completed Fix Description: Close connections during shutdown rather than leaving them alive. https://pagure.io/389-ds-base/issue/48184 Reviewed by: Original was Ludwig and Viktor Second fix reviewed by Mark Platforms tested: F26 Flag Day: no Doc impact: noe562157c -
Mark Reynolds authored
Description: This patch addresses the recvent changes to conflict entries and tombstones. https://pagure.io/389-ds-base/issue/49576 Reviewed by: tbordaz(Thanks!)53e58cdb -
Akshay Adhikari authored
Description: Added py3 support by explicitly changing strings to bytes. Ported tests from ticket to test suites, also added docstrings. https://pagure.io/389-ds-base/issue/49588 Reviewed by: spichugi,vashirov (Thanks!)
262e6aaf -
Viktor Ashirov authored
Add missing nunc-stans documentation from the old repo. This also should fix doxygen warnings about missing files https://pagure.io/389-ds-base/issue/49679 Reviewed by: mreynolds (Thanks!)
9ff284fc -
Mark Reynolds authored
Description: Move the new UI plugin to a subpackage of 389-ds-base. Special thanks to Viktor Ashirov for helping on this one! https://pagure.io/389-ds-base/issue/49689 Reviewed by: vashirov(Thanks!)50b54494 -
Mark Reynolds authored
Bug Description: When doing a local "make install" the cockpit UI files are not copied to the "buildroot", which then leads to rsync failing. Fix Description: If the "source directory" is not the same as the current directory, then its a local "make install" and not a "make rpms". In that case just copy over the cockpit ui directory to the local buildroot. This makes it easy to test Cockpit UI changes using "make install". https://pagure.io/389-ds-base/issue/49689 Reviewed by: mreynolds(one line commit rule)efc96f10 -
Viktor Ashirov authored
Bug description: RFC4519 defines 'organization' object class using Oxford spelling. It is common for academic, formal, and technical writing for an international readership. We should be following common spelling in function names and methods, otherwise it is confusing and annoying to remember which one is used where. Fix description: Use Oxford spelling for 'organization' and 'organizationalUnit'. https://pagure.io/389-ds-base/issue/49678 Reviewed by: spichugi, mhonek (Thanks!)
c1e022d4 -
Viktor Ashirov authored
Bug description: Default CFLAGS and CXXFLAGS might be unset without --enable-debug. Fix description: * Provide default CFLAGS and CXXFLAGS that would be set by AC_PROG_CC otherwise. * Split compiler flags and preprocessor flags into separate variables so they are applied in a correct order. https://pagure.io/389-ds-base/issue/49684 Reviewed by: mhonek (Thanks!)
8330887e -
Mark Reynolds authored
Description: A few modals were not converted to PF, and other minor issues with JS and updating tables https://pagure.io/389-ds-base/issue/49706 Reviewed by: ?164a9591 -
Mark Reynolds authored
Description: Also need to check for ";deletedattribute" when processing LDIF file https://pagure.io/389-ds-base/issue/49576 Reviewed by: tbordaz(Thanks!)
9e046a35 -
Mark Reynolds authored
Description: Fixed these coverity issues. Some of these fixes are just to quiet convscan: 16852 Unsigned compared - entrycache_add_int 16848 Unsigned compared - dncache_add_int 16704 Explicit null dereferenced s- lapd_SSL_client_auth 15953 Resource leak - new_task 15583 Out-of-bounds read - create_filter 15445 Unused value - ruv_update_ruv 15442 Argument cannot be negative - dse_write_file_nolock 15223 Double unlock - ruv_get_referrals 15170 Explicit null dereferenced - passwd_apply_mods 15581 Wrong sizeof argument - slapi_be_new 15144 Constant expression result - upgradedn_producer Also fixed a few compiler warnings https://pagure.io/389-ds-base/issue/49675 Reviewed by: spichugi & lkrispenz(Thanks!!)7a8b5ace -
Anuj Borah authored
Description: Fix memberof_plugin/regression_test.py by switching to ReplicationManager. https://pagure.io/389-ds-base/issue/49582 Reviewed by: vashirov
1d9a80fb -
Mark Reynolds authored
Ticket 49722 - Errors log full of " WARN - keys2idl - recieved NULL idl from index_read_ext_allids, treating as empty set" messages Description: If searching on entrydn, and the value is not found return an empty list instead of NULL. This prevent these harmless error messages in log https://pagure.io/389-ds-base/issue/49722 Reviewed by: ?e350a268 -
Mark Reynolds authored
Bug Description: Currently DS only accepts fortezza and RSA cipher families. This prevents things like ECC certificates from being used. Fix Description: Instead of hardcoding the cipher families, just grab the current type and use it. Also cleaned up code: removed unncessary "ifdefs", and switched for loops to use size_t. https://pagure.io/389-ds-base/issue/49726 Reviewed by: ?27a16a06 -
Mark Reynolds authored
Description: Created new bootpopup wrapper functions that use the "content" option to add html messages. Then we use "pre" html tags for messages that come from the CLI, and regular "p" tags for generic messages. Also durign instance creation we now strip "slapd-" from instance name because the installer automatically adds "slapd-" to the name anyway. https://pagure.io/389-ds-base/issue/49704 Reviewed by: firstyear(Thanks!)6bfe74fc -
Mark Reynolds authored
Description: This is the initial patch for adding a json option to the CLI tools. This patch also addresses issues with using LDAPI with the CLI. https://pagure.io/389-ds-base/issue/49683 Reviewed by: firstyear & spichugi (Thanks!!)593a73e6 -
Matúš Honěk authored
Bug Description: Until resolving ticket 49689 in 50b54494, running `make clean' removed also man pages which were tracked in the versioning system (notably man1 and man8). Fix Description: Bring back only removal of man3 man pages as they are autogenerated and thus should not be tracked. https://pagure.io/389-ds-base/issue/49333 Author: mhonek Review by: mreynolds (thanks!)
2e467029 -
Mark Reynolds authored
Description: Fix issues with last coverity patch: missing unlock, and a return code was needed. Also fixed issue 17472 (memory leak in uid.c) https://pagure.io/389-ds-base/issue/49675 Reviewed by: tbordaz & lkrispenz(Thanks!!)1b7198a0 -
Thierry Bordaz authored
Bug description: During shutdown we would not close connections. In the past this may have just been an annoyance, but now with the way nunc-stans works, io events can still trigger on open xeisting connectinos during shutdown. Fix Description: Because of NS dynamic it can happen that several jobs wants to work on the same connection. In such case (a job is already set in c_job) we delay the new job that will retry. In addition: - some call needed c_mutex - test uninitialized nunc-stans in case of shutdown while startup is not completed If it is not possible to schedule immediately a job it is sometime useless to wait: - if the connection is already freed, just cancel the scheduled job and do not register a new one - If we are in middle of a shutdown we do not know if the scheduled job is ns_handle_closure, so cancel the scheduled job and schedule ns_handle_closure. https://pagure.io/389-ds-base/issue/48184 Reviewed by: Original fix reviewed by Ludwig and Viktor Second fix reviewed by Mark Third fix reviewed by Mark Platforms tested: F26 Flag Day: no Doc impact: no085e99f7 -
Mark Reynolds authored
On F28 these fonts are requested by both Firefox and Chrome so I'm adding them back. Reviewed by: mreynolds
d09a57d4 -
Thierry Bordaz authored
Bug Description: In case of a bug in the management of the connection refcnt it can happen that there are several attempts to move a connection out of the active list. It triggers a crash because when derefencing c->c_prev. c_prev is never NULL on the active list Fix Description: The fix tests if the connection is already out of the active list. If such case, it just returns. A potential issue that is not addressed by this fix is: Thread A and Thread B are using 'c' but c->refcnt=1 (it should be 2) Thread A "closes" 'c', 'c' is move out of active list (free) because of refcnt=0 A new connection happens selecting the free connection 'c', moving it to the active list. Thread C is using 'c' from the new connection c->refcnt=1 Thread B "closes" 'c', 'c' is moved out of the active list. -> new operation coming on 'c' will not be detected -> Thread C will likely crash when sending result https://pagure.io/389-ds-base/issue/49736 Reviewed by: Mark Reynolds (thanks!) Platforms tested: F26 Flag Day: no Doc impact: no
b0e05806 -
Mark Reynolds authored
Descriptrion: gperftools is going away in RHEL, that includes tcmalloc, so we now need to bundle jemalloc again. https://pagure.io/389-ds-base/issue/48377 Reviewed by: vashirov(Thanks!)d5e1164a -
Mark Reynolds authored
Description: When performing a search as the Directory Manager resource limits should not apply. So there is no need to "get" the limits if its a Directory Manager initiated search. I'm seeing around 2% performance increase when we skip getting the resource limits. https://pagure.io/389-ds-base/issue/49732 Reviewed by: tbordaz (Thanks!) Signed-off-by:Mark Reynolds <mreynolds@redhat.com>
67efef07 -
Mark Reynolds authored
Description: While you can configure a connection to use StartTLS the plugin code did not attempt to use StartTLS. https://pagure.io/389-ds-base/issue/49748 Reviewed by: tbordaz & lkrispenz(Thanks!!)d870eb0d -
Simon Pichugin authored
Description: Add a new option to setup.inf file - self_sign_cert_valid_months which accepts int value. dscreate should renew Self-signed CA if it is expired or it will expire less than in 2 months. Also, we need to import it to other existing instances. Remove the NSS DB in the test topology during a teardown. Fix small issues in nss_tls_test. Add format_cmd_list function to utils.py. It returns a nicely formatted quoted representation of the command list we put into subprocess call. Add more logging to nss_tls.py. Change the default validity period to 24 months. https://pagure.io/389-ds-base/issue/49646 Reviewed by: mreynolds, tbordaz, mhonek (Thanks!)
809be53d -
Simon Pichugin authored
Description: Add and refactor the test case docstrings. They should follow one exact format for communicating with internal tool. Also it should be readable enough to provide the main idea about the test case. https://pagure.io/389-ds-base/issue/49381 Reviewed by: vashirov (Thanks!)
791e5aab -
Mark Reynolds authored
Description: Added checkbox to turn on server log continuous refresh https://pagure.io/389-ds-base/issue/49702 Reviewed by: spichugi(Thanks!)
7c9ccb80 -
Mark Reynolds authored
Bug Description: If you create an instance with dscreate and try to upgrade that instance using setup-ds.pl it will fail. While you should not mix and match the python and perl tools, it is still possible and it should work. Fix Description: The first problem was that the instance dir (inst_dir) was not set during dscreate, and second we were also not setting the correct inst_dir in defaults.inf. Also dscreate does not create a backend by default, which caused 80upgradednformat.pl to fail on an upgrade. Finally updated UI's instance creation template to use the correct inst_dir. https://pagure.io/389-ds-base/issue/49754 Reviewed by: vashirov(Thanks!)9d8887ad -
Simon Pichugin authored
Description: A lot of tests are failing because of the API changes. We need to fix them ASAP. Fix description: Add __init__.py to import and mapping_tree test suite so it will create its own __pycache__. Use the new Agriments object for reinit. Run range_search memory leak test only when ASAN is enabled and remove valgrind support because ASAN is enough. Generate ou=People and ou=Groups in the dbgen.py module, it is required by some tests. In the replica.py module, use existing credentials when we join master to the existing first_master and when we failed to get it from the ReplicationManager. https://pagure.io/389-ds-base/issue/49761 Reviewed by: mreynolds (Thanks!)
88950b0d -
Mark Reynolds authored
Description: Add a filtering option for error logging that allows for filtering log content by severity levels. This includes a generic option for all "errors" and all "info messages" https://pagure.io/389-ds-base/issue/49745 Reviewed by: spichugi(Thanks!)dec51953 -
Thierry Bordaz authored
Bug Description: The fix https://pagure.io/389-ds-base/issue/48184 allowed to schedule several NS handlers where each handler waits for the dispatch of the previous handler before being schedule. In case the current handler is never called (connection inactivity) those that are waiting can wait indefinitely (until timeout or connection closure). But those that are waiting delay the processing of the operation when the scheduling is called by connection_threadmain. The some operations can appear hanging. This scenario happens with async operations Fix Description: Instead of waiting for the completion of the scheduled handler, evaluates if the scheduled handler needs to be cleared (ns_job_done) or the waiting handler to be canceled. https://pagure.io/389-ds-base/issue/49765 Reviewed by: Mark Reynolds (thanks Mark !) Platforms tested: F26 Flag Day: no Doc impact: no
cfb7dc2b -
Mark Reynolds authored
Description: For prefix isntallations we need to make sure the destination location directory tree is created: mkdir -p https://pagure.io/389-ds-base/issue/49689 Reviewed by: mreynolds(one line commit rule)68cf69c8 -
Thierry Bordaz authored2a82ad2d
-
Thierry Bordaz authored
Ticket 49768 - Under network intensive load persistent search can erronously decrease connection refcnt Bug Description: If a connection enters in turbo mode (because of high traffic) or a worker reads several requests in the read buffer (more_data), the thread keeps processing connection. In that condition it should not decrease the refcnt. In case the operation is a persistent search, it decreases systematically the refcnt. So refcnt can become lower than the actual number of threads active on the connection. Most of the time it can create messages like Attempt to release connection that is not acquired In some rare case, if the a connection is out of the active list but a remaining thread tries to remove it again it can lead to a crash Fix Description: The fix consist, when processing a PS, to decrease the refcnt at the condition the connection is not in turbo mode or in more_data. https://pagure.io/389-ds-base/issue/49768 Reviewed by: Mark Reynolds Platforms tested: F26 Flag Day: no Doc impact: no
8f04487f -
Thierry Bordaz authored
Bug Description: new_passwdPolicy is called with an entry DN. In case of fine grain password policy we need to retrieve the possible password policy (pwdpolicysubentry) that applies to that entry. It triggers an internal search to retrieve the entry. In case of a search operation (add_shadow_ext_password_attrs), the entry is already in the pblock. So it is useless to do an additional internal search for it. Fix Description: in case of fine grain password policy and a SRCH operation, if the entry DN matches the entry stored in the pblock (SLAPI_SEARCH_RESULT_ENTRY) then use that entry instead of doing an internal search https://pagure.io/389-ds-base/issue/49742 Reviewed by: Mark Reynolds Platforms tested: F26 Flag Day: no Doc impact: no
05587eda -
Mark Reynolds authored
This patch addresses these tickets: https://pagure.io/389-ds-base/issue/49741 - Fixed repl agreement edit form https://pagure.io/389-ds-base/issue/49740 - Set color-blind friendly colors. Also used Thumbs up/down icons for repl state https://pagure.io/389-ds-base/issue/49703 - Set default values in create instance form (also checks if default ports are available Reviewed by: vashirov(Thanks!)e33c5013 -
Mark Reynolds authored
Bug Description: With 1.4.0 fast coming, we need to split the legacy perl out to a subpackage, and coerce our tests to python installer by default. Fix Description: Add a legacy tools subpackage https://pagure.io/389-ds-base/issue/49571 Author: wibrown & vashirov(Thanks!!)
9186bcec -
Simon Pichugin authored
Bug description: Schema check errors are logged in the error log at start up. It happens because of the missing attributes that are required by nsslapdPlugin objectclass. Also we add the Password Storage Schemes two times: in config.c and in fedse.c. Fix description: Remove PBKDF2_SHA256 from slapd_bootstrap_config because setup_internal_backends will happen shortly after (during main.c). Another part of the fix - add nsslapd-pluginId, nsslapd-pluginVersion, nsslapd-pluginVendor, and nsslapd-pluginDescription attributes to fedse.c. The values don't matter because it will be rewritten shortly after from pwd_storage_scheme_init functions (still during the startup). https://pagure.io/389-ds-base/issue/49640 Reviewed by: mreynolds (Thanks!)
2dad1cd8 -
Mark Reynolds authored6175d376
-
Mark Reynolds authored
This reverts commit 6175d376.
db80854c -
Mark Reynolds authored
Description: There were still a few lingering compiler errors https://pagure.io/389-ds-base/issue/46918 Reviewed by: mreynolds(one line commit rule)
afd83086 -
Mark Reynolds authored24c5c00f
-
Mark Reynolds authored
Description: The tool would crash if you attempted to use a certificate directory for conntacting replicas. https://pagure.io/389-ds-base/issue/49576 Reviewed by: ?8807440b -
Mark Reynolds authored
Description: Change the @pythonexec@ macro to use python3 https://pagure.io/389-ds-base/issue/48204 Reviewed by: ?
0d7259fa -
Mark Reynolds authoredf9d19b0b
-
Akshay Adhikari authored
Description: Added py3 support by explicitly changing strings to bytes. Ported tests from ticket to test suites, also added docstrings. https://pagure.io/389-ds-base/issue/49588 Reviewed by: spichugi (Thanks!)
60339ce8 -
Mark Reynolds authored
Description: I've also included the work for 49775 in this patch since there was a lot of overldap. For dsctl functions we need to check for True and False in order to detect an error. For dsconf & dsidm we need to catch exceptions. Once an error is detected we return error code (1). The changes for 49775 was to use the default archive directory if one was not specified to db2bak, and use the default ldif location for db2ldif. This how the old tools worked, no reason not to carry over this convenience. Also the format used for the file name (Instance name + Date/Time) is the same as the old cli tools. Also did some pep8 cleanup. https://pagure.io/389-ds-base/issue/49712 Reviewed by: spichugi(Thanks!)5226bf99 -
Mark Reynolds authored
Description: Added a "config" subcomand to dsconf for getting and setting cn=config attributes. Also fixed JSON issues. https://pagure.io/389-ds-base/issue/49777 Reviewed by: spichugi(Thanks!)5fe4e21a -
Dj Padzensky authored2707e398
-
Dj Padzensky authoreda518313e
-
Mark Reynolds authoredd590a1cd
-
Timo Aaltonen authored6dee0c1d
-
Timo Aaltonen authored2cab7ba3
debian/patches/ftbs_lsoftotkn3.diff
deleted
100644 → 0
This diff is collapsed.
This diff is collapsed.
dirsrvtests/tests/suites/import/__init__.py
0 → 100644