From ecf7b877c158e79739845bcc6616821fc6e44535 Mon Sep 17 00:00:00 2001

From: Mark Reynolds <mareynol@redhat.com>

Date: Fri, 11 May 2012 13:00:50 -0400

Subject: [PATCH 31/33] Ticket 367 - Invalid chaining config triggers a disk

 full error and shutdown

Bug Description:  If you use the root DN for the chaining bind DN a error -2 (LDAP_LOCAL_ERROR)

                  is returned from the callback.  This is the same error code for SLAPI_FAIL_DISKFULL.

                  Once the error -2 is retuned, the server thinks we are out of disk space and the

                  instance is shutdown.

Fix Description:  Return -1, instead of -2(LDAP_LOCAL_ERROR)

https://fedorahosted.org/389/ticket/367

Note:  also did a little code cleanup with indentation

Reviewed by:

(cherry picked from commit dc379838f8e4cfd2c736e8c2fb8366fb3b4f73d4)

---

 ldap/servers/plugins/chainingdb/cb_instance.c |  192 ++++++++++++-------------

 1 files changed, 92 insertions(+), 100 deletions(-)

diff --git a/ldap/servers/plugins/chainingdb/cb_instance.c b/ldap/servers/plugins/chainingdb/cb_instance.c

index 9a33916..8fb694a 100644

--- a/ldap/servers/plugins/chainingdb/cb_instance.c

+++ b/ldap/servers/plugins/chainingdb/cb_instance.c

@@ -511,15 +511,15 @@ int cb_instance_modify_config_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefor

 */

 int

-cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e) {

-

-	int rc 			=LDAP_SUCCESS;

-        Slapi_Attr 		*attr = NULL;

-        Slapi_Value 		*sval;

-    	const struct berval 	*attrValue;

-	cb_backend_instance 	*inst=NULL;

-	char			*instname;

-	char 			retmsg[CB_BUFSIZE];

+cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e)

+{

+	cb_backend_instance *inst = NULL;

+	Slapi_Attr *attr = NULL;

+	Slapi_Value *sval;

+	const struct berval *attrValue;

+	char *instname;

+	char retmsg[CB_BUFSIZE];

+	int rc = LDAP_SUCCESS;

 	CB_ASSERT(e!=NULL);

@@ -529,17 +529,17 @@ cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e) {

 	*/

 	if ( 0 == slapi_entry_attr_find( e, CB_CONFIG_INSTNAME, &attr )) {

-    		slapi_attr_first_value(attr, &sval);

-    		attrValue = slapi_value_get_berval(sval);

-		instname=attrValue->bv_val;

+		slapi_attr_first_value(attr, &sval);

+		attrValue = slapi_value_get_berval(sval);

+		instname = attrValue->bv_val;

 	} else {

 		slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM, 

 			"Malformed backend instance (<%s> missing)>\n", CB_CONFIG_INSTNAME); 

-		return LDAP_LOCAL_ERROR;

+		return -1;

 	}

-        /* Allocate a new backend internal data structure */

-        inst = cb_instance_alloc(cb,instname,slapi_entry_get_dn(e));

+	/* Allocate a new backend internal data structure */

+	inst = cb_instance_alloc(cb,instname,slapi_entry_get_dn(e));

 	/* Emulate a add config entry to configure */

 	/* this backend instance.		   */

@@ -556,99 +556,96 @@ cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e) {

 */

 static int 

-cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int phase, int apply) {

-

-        int rc                  =LDAP_SUCCESS;

-        Slapi_Attr              *attr = NULL;

-        Slapi_Value             *sval;

-	struct berval * 	 bval;

-	int 			using_def_connlifetime,i;

-        char 			err_buf[SLAPI_DSE_RETURNTEXT_SIZE];

-	int 			urlfound=0;

-	char 			*rootdn;

+cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int phase, int apply)

+{

+	Slapi_Attr *attr = NULL;

+	Slapi_Value *sval;

+	Slapi_DN *suffix;

+	struct berval *bval;

+	char err_buf[SLAPI_DSE_RETURNTEXT_SIZE];

+	char *attr_name = NULL;

+	char *rootdn;

+	int using_def_connlifetime, i;

+	int urlfound = 0;

+	int rc = LDAP_SUCCESS;

 	using_def_connlifetime=1;

-        for (slapi_entry_first_attr(e, &attr); attr; slapi_entry_next_attr(e, attr, &attr)) {

-		char * attr_name=NULL;	

-                slapi_attr_get_type(attr, &attr_name);

+	for (slapi_entry_first_attr(e, &attr); attr; slapi_entry_next_attr(e, attr, &attr)) {

+		attr_name = NULL;

+		slapi_attr_get_type(attr, &attr_name);

 		if ( !strcasecmp ( attr_name, CB_CONFIG_SUFFIX )) {

 			if (apply && ( inst->inst_be != NULL )) {

-  				Slapi_DN *suffix;

 				suffix = slapi_sdn_new();

-                        	i = slapi_attr_first_value(attr, &sval);

-                        	while (i != -1 ) {

-                                	bval = (struct berval *) slapi_value_get_berval(sval);

-                                	slapi_sdn_set_dn_byref(suffix, bval->bv_val);

-

-                                	if (!slapi_be_issuffix(inst->inst_be, suffix)) {

-                                        	slapi_be_addsuffix(inst->inst_be, suffix);

-                                	}

-                                	i = slapi_attr_next_value(attr, i, &sval);

-                        	}

+				i = slapi_attr_first_value(attr, &sval);

+				while (i != -1 ) {

+					bval = (struct berval *) slapi_value_get_berval(sval);

+					slapi_sdn_set_dn_byref(suffix, bval->bv_val);

+

+					if (!slapi_be_issuffix(inst->inst_be, suffix)) {

+							slapi_be_addsuffix(inst->inst_be, suffix);

+					}

+					i = slapi_attr_next_value(attr, i, &sval);

+				}

 				slapi_sdn_free(&suffix);

 			}

-                        continue;

-		} else

-		if ( !strcasecmp ( attr_name, CB_CONFIG_CHAINING_COMPONENTS )) {

-

-       			if (apply) {

-	                	slapi_rwlock_wrlock(inst->rwl_config_lock);

-                                i = slapi_attr_first_value(attr, &sval);

+			continue;

+		} else if ( !strcasecmp ( attr_name, CB_CONFIG_CHAINING_COMPONENTS )) {

+			if (apply) {

+				slapi_rwlock_wrlock(inst->rwl_config_lock);

+				i = slapi_attr_first_value(attr, &sval);

 				charray_free(inst->chaining_components);

 				inst->chaining_components=NULL;

-                                while (i != -1 ) {

-                                        bval = (struct berval *) slapi_value_get_berval(sval);

+				while (i != -1 ) {

+					bval = (struct berval *) slapi_value_get_berval(sval);

 					charray_add(&inst->chaining_components,

-						slapi_dn_normalize(slapi_ch_strdup(bval->bv_val)));

-                                        i = slapi_attr_next_value(attr, i, &sval);

-                                }

-	                	slapi_rwlock_unlock(inst->rwl_config_lock);

-                        }

-                        continue;

-		} else

-		if ( !strcasecmp ( attr_name, CB_CONFIG_ILLEGAL_ATTRS )) {

-

-       			if (apply) {

-	                	slapi_rwlock_wrlock(inst->rwl_config_lock);

-                                i = slapi_attr_first_value(attr, &sval);

+					slapi_dn_normalize(slapi_ch_strdup(bval->bv_val)));

+					i = slapi_attr_next_value(attr, i, &sval);

+				}

+				slapi_rwlock_unlock(inst->rwl_config_lock);

+			}

+			continue;

+		} else if ( !strcasecmp ( attr_name, CB_CONFIG_ILLEGAL_ATTRS )) {

+			if (apply) {

+				slapi_rwlock_wrlock(inst->rwl_config_lock);

+				i = slapi_attr_first_value(attr, &sval);

 				charray_free(inst->illegal_attributes);

 				inst->illegal_attributes=NULL;

-                                while (i != -1 ) {

-                                        bval = (struct berval *) slapi_value_get_berval(sval);

+				while (i != -1 ) {

+					bval = (struct berval *) slapi_value_get_berval(sval);

 					charray_add(&inst->illegal_attributes,

-						slapi_ch_strdup(bval->bv_val));

-                                        i = slapi_attr_next_value(attr, i, &sval);

-                                }

-	                	slapi_rwlock_unlock(inst->rwl_config_lock);

-                        }

-                        continue;

+					slapi_ch_strdup(bval->bv_val));

+					i = slapi_attr_next_value(attr, i, &sval);

+				}

+				slapi_rwlock_unlock(inst->rwl_config_lock);

+			}

+			continue;

 		}

 		if ( !strcasecmp ( attr_name, CB_CONFIG_HOSTURL )) {

 			urlfound=1;

 		}

-			

-      		/* We are assuming that each of these attributes are to have

-                 * only one value.  If they have more than one value, like

-                 * the nsslapd-suffix attribute, then they need to be

-                 * handled differently. */

+		/*

+		 * We are assuming that each of these attributes are to have

+		 * only one value.  If they have more than one value, like

+		 * the nsslapd-suffix attribute, then they need to be

+		 * handled differently.

+		 */

-                slapi_attr_first_value(attr, &sval);

-                bval = (struct berval *) slapi_value_get_berval(sval);

- 

-                if (cb_instance_config_set((void *) inst, attr_name, 

+		slapi_attr_first_value(attr, &sval);

+		bval = (struct berval *) slapi_value_get_berval(sval);

+

+		if (cb_instance_config_set((void *) inst, attr_name,

 			cb_the_instance_config, bval, err_buf, phase, apply ) != LDAP_SUCCESS) {

-                        slapi_log_error( SLAPI_LOG_FATAL, 

-				CB_PLUGIN_SUBSYSTEM,"Error with config attribute %s : %s\n",

+			slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM,"Error with config attribute %s : %s\n",

 				attr_name, err_buf);

-			rc=LDAP_LOCAL_ERROR;

-                        break;

-                }

-                if ( !strcasecmp ( attr_name, CB_CONFIG_CONNLIFETIME )) {

+			rc = -1;

+			break;

+		}

+		if ( !strcasecmp ( attr_name, CB_CONFIG_CONNLIFETIME )) {

 			using_def_connlifetime=0;

 		}

 	}

@@ -661,20 +658,17 @@ cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int

 	if (LDAP_SUCCESS == rc) {

 		if (!urlfound) {

-       	 		slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM,

-			"Malformed backend instance entry. Mandatory attr <%s> missing\n",

-			CB_CONFIG_HOSTURL);

-			rc= LDAP_LOCAL_ERROR;

+			slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM,

+				"Malformed backend instance entry. Mandatory attr <%s> missing\n",CB_CONFIG_HOSTURL);

+			rc = -1;

 		}

 		if (apply ) {

-    			if ( using_def_connlifetime &&

-                		strchr( inst->pool->hostname, ' ' ) != NULL ) {

-

-                		cb_instance_config_set((void *)inst, CB_CONFIG_CONNLIFETIME, 

-				cb_the_instance_config, NULL /* use default */, err_buf, 

+    		if ( using_def_connlifetime && strchr( inst->pool->hostname, ' ' ) != NULL ) {

+    			cb_instance_config_set((void *)inst, CB_CONFIG_CONNLIFETIME,

+    			cb_the_instance_config, NULL /* use default */, err_buf,

 					CB_CONFIG_PHASE_INITIALIZATION, 1 );

-        		}

+    		}

 		}

 	}

@@ -683,15 +677,13 @@ cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int

 	** It is forbidden to use directory manager as proxy user

 	** due to a bug in the acl check

 	*/

-

-	rootdn=cb_get_rootdn();

+	rootdn = cb_get_rootdn();

 	if (inst->impersonate && inst->pool && inst->pool->binddn && 

 		!strcmp(inst->pool->binddn,rootdn)) {	/* UTF8 aware */

-                slapi_log_error( SLAPI_LOG_FATAL,

-                	CB_PLUGIN_SUBSYSTEM,"Error with config attribute %s (%s: forbidden value)\n",

-                                CB_CONFIG_BINDUSER, rootdn);

-                        rc=LDAP_LOCAL_ERROR;

+		slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM,

+			"Error with config attribute %s (%s: forbidden value)\n", CB_CONFIG_BINDUSER, rootdn);

+		rc= -1;

 	}

 	slapi_ch_free((void **)&rootdn);

@@ -1494,7 +1486,7 @@ struct berval *bval, char *err_buf, int phase, int apply_mod)

         int use_default;

         int int_val;

         long long_val;

-        int retval=LDAP_LOCAL_ERROR;

+        int retval = -1;

         config = cb_get_config_info(config_array, attr_name);

         if (NULL == config) {

-- 

1.7.7.6