From ecf7b877c158e79739845bcc6616821fc6e44535 Mon Sep 17 00:00:00 2001 From: Mark Reynolds Date: Fri, 11 May 2012 13:00:50 -0400 Subject: [PATCH 31/33] Ticket 367 - Invalid chaining config triggers a disk full error and shutdown Bug Description: If you use the root DN for the chaining bind DN a error -2 (LDAP_LOCAL_ERROR) is returned from the callback. This is the same error code for SLAPI_FAIL_DISKFULL. Once the error -2 is retuned, the server thinks we are out of disk space and the instance is shutdown. Fix Description: Return -1, instead of -2(LDAP_LOCAL_ERROR) https://fedorahosted.org/389/ticket/367 Note: also did a little code cleanup with indentation Reviewed by: (cherry picked from commit dc379838f8e4cfd2c736e8c2fb8366fb3b4f73d4) --- ldap/servers/plugins/chainingdb/cb_instance.c | 192 ++++++++++++------------- 1 files changed, 92 insertions(+), 100 deletions(-) diff --git a/ldap/servers/plugins/chainingdb/cb_instance.c b/ldap/servers/plugins/chainingdb/cb_instance.c index 9a33916..8fb694a 100644 --- a/ldap/servers/plugins/chainingdb/cb_instance.c +++ b/ldap/servers/plugins/chainingdb/cb_instance.c @@ -511,15 +511,15 @@ int cb_instance_modify_config_callback(Slapi_PBlock *pb, Slapi_Entry* entryBefor */ int -cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e) { - - int rc =LDAP_SUCCESS; - Slapi_Attr *attr = NULL; - Slapi_Value *sval; - const struct berval *attrValue; - cb_backend_instance *inst=NULL; - char *instname; - char retmsg[CB_BUFSIZE]; +cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e) +{ + cb_backend_instance *inst = NULL; + Slapi_Attr *attr = NULL; + Slapi_Value *sval; + const struct berval *attrValue; + char *instname; + char retmsg[CB_BUFSIZE]; + int rc = LDAP_SUCCESS; CB_ASSERT(e!=NULL); @@ -529,17 +529,17 @@ cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e) { */ if ( 0 == slapi_entry_attr_find( e, CB_CONFIG_INSTNAME, &attr )) { - slapi_attr_first_value(attr, &sval); - attrValue = slapi_value_get_berval(sval); - instname=attrValue->bv_val; + slapi_attr_first_value(attr, &sval); + attrValue = slapi_value_get_berval(sval); + instname = attrValue->bv_val; } else { slapi_log_error( SLAPI_LOG_PLUGIN, CB_PLUGIN_SUBSYSTEM, "Malformed backend instance (<%s> missing)>\n", CB_CONFIG_INSTNAME); - return LDAP_LOCAL_ERROR; + return -1; } - /* Allocate a new backend internal data structure */ - inst = cb_instance_alloc(cb,instname,slapi_entry_get_dn(e)); + /* Allocate a new backend internal data structure */ + inst = cb_instance_alloc(cb,instname,slapi_entry_get_dn(e)); /* Emulate a add config entry to configure */ /* this backend instance. */ @@ -556,99 +556,96 @@ cb_parse_instance_config_entry(cb_backend * cb, Slapi_Entry * e) { */ static int -cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int phase, int apply) { - - int rc =LDAP_SUCCESS; - Slapi_Attr *attr = NULL; - Slapi_Value *sval; - struct berval * bval; - int using_def_connlifetime,i; - char err_buf[SLAPI_DSE_RETURNTEXT_SIZE]; - int urlfound=0; - char *rootdn; +cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int phase, int apply) +{ + Slapi_Attr *attr = NULL; + Slapi_Value *sval; + Slapi_DN *suffix; + struct berval *bval; + char err_buf[SLAPI_DSE_RETURNTEXT_SIZE]; + char *attr_name = NULL; + char *rootdn; + int using_def_connlifetime, i; + int urlfound = 0; + int rc = LDAP_SUCCESS; using_def_connlifetime=1; - for (slapi_entry_first_attr(e, &attr); attr; slapi_entry_next_attr(e, attr, &attr)) { - char * attr_name=NULL; - slapi_attr_get_type(attr, &attr_name); + for (slapi_entry_first_attr(e, &attr); attr; slapi_entry_next_attr(e, attr, &attr)) { + attr_name = NULL; + slapi_attr_get_type(attr, &attr_name); if ( !strcasecmp ( attr_name, CB_CONFIG_SUFFIX )) { if (apply && ( inst->inst_be != NULL )) { - Slapi_DN *suffix; suffix = slapi_sdn_new(); - i = slapi_attr_first_value(attr, &sval); - while (i != -1 ) { - bval = (struct berval *) slapi_value_get_berval(sval); - slapi_sdn_set_dn_byref(suffix, bval->bv_val); - - if (!slapi_be_issuffix(inst->inst_be, suffix)) { - slapi_be_addsuffix(inst->inst_be, suffix); - } - i = slapi_attr_next_value(attr, i, &sval); - } + i = slapi_attr_first_value(attr, &sval); + while (i != -1 ) { + bval = (struct berval *) slapi_value_get_berval(sval); + slapi_sdn_set_dn_byref(suffix, bval->bv_val); + + if (!slapi_be_issuffix(inst->inst_be, suffix)) { + slapi_be_addsuffix(inst->inst_be, suffix); + } + i = slapi_attr_next_value(attr, i, &sval); + } slapi_sdn_free(&suffix); } - continue; - } else - if ( !strcasecmp ( attr_name, CB_CONFIG_CHAINING_COMPONENTS )) { - - if (apply) { - slapi_rwlock_wrlock(inst->rwl_config_lock); - i = slapi_attr_first_value(attr, &sval); + continue; + } else if ( !strcasecmp ( attr_name, CB_CONFIG_CHAINING_COMPONENTS )) { + if (apply) { + slapi_rwlock_wrlock(inst->rwl_config_lock); + i = slapi_attr_first_value(attr, &sval); charray_free(inst->chaining_components); inst->chaining_components=NULL; - while (i != -1 ) { - bval = (struct berval *) slapi_value_get_berval(sval); + while (i != -1 ) { + bval = (struct berval *) slapi_value_get_berval(sval); charray_add(&inst->chaining_components, - slapi_dn_normalize(slapi_ch_strdup(bval->bv_val))); - i = slapi_attr_next_value(attr, i, &sval); - } - slapi_rwlock_unlock(inst->rwl_config_lock); - } - continue; - } else - if ( !strcasecmp ( attr_name, CB_CONFIG_ILLEGAL_ATTRS )) { - - if (apply) { - slapi_rwlock_wrlock(inst->rwl_config_lock); - i = slapi_attr_first_value(attr, &sval); + slapi_dn_normalize(slapi_ch_strdup(bval->bv_val))); + i = slapi_attr_next_value(attr, i, &sval); + } + slapi_rwlock_unlock(inst->rwl_config_lock); + } + continue; + } else if ( !strcasecmp ( attr_name, CB_CONFIG_ILLEGAL_ATTRS )) { + if (apply) { + slapi_rwlock_wrlock(inst->rwl_config_lock); + i = slapi_attr_first_value(attr, &sval); charray_free(inst->illegal_attributes); inst->illegal_attributes=NULL; - while (i != -1 ) { - bval = (struct berval *) slapi_value_get_berval(sval); + while (i != -1 ) { + bval = (struct berval *) slapi_value_get_berval(sval); charray_add(&inst->illegal_attributes, - slapi_ch_strdup(bval->bv_val)); - i = slapi_attr_next_value(attr, i, &sval); - } - slapi_rwlock_unlock(inst->rwl_config_lock); - } - continue; + slapi_ch_strdup(bval->bv_val)); + i = slapi_attr_next_value(attr, i, &sval); + } + slapi_rwlock_unlock(inst->rwl_config_lock); + } + continue; } if ( !strcasecmp ( attr_name, CB_CONFIG_HOSTURL )) { urlfound=1; } - - /* We are assuming that each of these attributes are to have - * only one value. If they have more than one value, like - * the nsslapd-suffix attribute, then they need to be - * handled differently. */ + /* + * We are assuming that each of these attributes are to have + * only one value. If they have more than one value, like + * the nsslapd-suffix attribute, then they need to be + * handled differently. + */ - slapi_attr_first_value(attr, &sval); - bval = (struct berval *) slapi_value_get_berval(sval); - - if (cb_instance_config_set((void *) inst, attr_name, + slapi_attr_first_value(attr, &sval); + bval = (struct berval *) slapi_value_get_berval(sval); + + if (cb_instance_config_set((void *) inst, attr_name, cb_the_instance_config, bval, err_buf, phase, apply ) != LDAP_SUCCESS) { - slapi_log_error( SLAPI_LOG_FATAL, - CB_PLUGIN_SUBSYSTEM,"Error with config attribute %s : %s\n", + slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM,"Error with config attribute %s : %s\n", attr_name, err_buf); - rc=LDAP_LOCAL_ERROR; - break; - } - if ( !strcasecmp ( attr_name, CB_CONFIG_CONNLIFETIME )) { + rc = -1; + break; + } + if ( !strcasecmp ( attr_name, CB_CONFIG_CONNLIFETIME )) { using_def_connlifetime=0; } } @@ -661,20 +658,17 @@ cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int if (LDAP_SUCCESS == rc) { if (!urlfound) { - slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM, - "Malformed backend instance entry. Mandatory attr <%s> missing\n", - CB_CONFIG_HOSTURL); - rc= LDAP_LOCAL_ERROR; + slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM, + "Malformed backend instance entry. Mandatory attr <%s> missing\n",CB_CONFIG_HOSTURL); + rc = -1; } if (apply ) { - if ( using_def_connlifetime && - strchr( inst->pool->hostname, ' ' ) != NULL ) { - - cb_instance_config_set((void *)inst, CB_CONFIG_CONNLIFETIME, - cb_the_instance_config, NULL /* use default */, err_buf, + if ( using_def_connlifetime && strchr( inst->pool->hostname, ' ' ) != NULL ) { + cb_instance_config_set((void *)inst, CB_CONFIG_CONNLIFETIME, + cb_the_instance_config, NULL /* use default */, err_buf, CB_CONFIG_PHASE_INITIALIZATION, 1 ); - } + } } } @@ -683,15 +677,13 @@ cb_instance_config_initialize(cb_backend_instance * inst, Slapi_Entry * e , int ** It is forbidden to use directory manager as proxy user ** due to a bug in the acl check */ - - rootdn=cb_get_rootdn(); + rootdn = cb_get_rootdn(); if (inst->impersonate && inst->pool && inst->pool->binddn && !strcmp(inst->pool->binddn,rootdn)) { /* UTF8 aware */ - slapi_log_error( SLAPI_LOG_FATAL, - CB_PLUGIN_SUBSYSTEM,"Error with config attribute %s (%s: forbidden value)\n", - CB_CONFIG_BINDUSER, rootdn); - rc=LDAP_LOCAL_ERROR; + slapi_log_error( SLAPI_LOG_FATAL, CB_PLUGIN_SUBSYSTEM, + "Error with config attribute %s (%s: forbidden value)\n", CB_CONFIG_BINDUSER, rootdn); + rc= -1; } slapi_ch_free((void **)&rootdn); @@ -1494,7 +1486,7 @@ struct berval *bval, char *err_buf, int phase, int apply_mod) int use_default; int int_val; long long_val; - int retval=LDAP_LOCAL_ERROR; + int retval = -1; config = cb_get_config_info(config_array, attr_name); if (NULL == config) { -- 1.7.7.6