|
|
3f51ca |
From b047d30b8aabad424fa2bd30872721f9fab9e325 Mon Sep 17 00:00:00 2001
|
|
|
3f51ca |
From: Thierry Bordaz <tbordaz@redhat.com>
|
|
|
3f51ca |
Date: Mon, 25 Sep 2017 16:41:51 +0200
|
|
|
3f51ca |
Subject: [PATCH] 389-ds-base crashed as part of ipa-server-intall in ipa-uuid
|
|
|
3f51ca |
|
|
|
3f51ca |
Bug Description:
|
|
|
3f51ca |
When adding an entry, ipa-uuid plugin may generate a unique value
|
|
|
3f51ca |
for some of its attribute.
|
|
|
3f51ca |
If the generated attribute is part of the RDN, the target DN
|
|
|
3f51ca |
is replaced on the fly and the previous one freed.
|
|
|
3f51ca |
Unfortunately, previous DN may be later used instead of
|
|
|
3f51ca |
the new one.
|
|
|
3f51ca |
|
|
|
3f51ca |
Fix Description:
|
|
|
3f51ca |
Make sure to use only the current DN of the operation
|
|
|
3f51ca |
|
|
|
3f51ca |
https://bugzilla.redhat.com/show_bug.cgi?id=1496226
|
|
|
3f51ca |
https://pagure.io/freeipa/issue/7227
|
|
|
3f51ca |
|
|
|
3f51ca |
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
|
|
|
3f51ca |
---
|
|
|
3f51ca |
daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c | 12 +++++++++---
|
|
|
3f51ca |
1 file changed, 9 insertions(+), 3 deletions(-)
|
|
|
3f51ca |
|
|
|
3f51ca |
diff --git a/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c b/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c
|
|
|
3f51ca |
index ffade14672e8cd9e3f3e18d45a0a7095a6341d30..87d8be2d88d9ff9bbf7d47eab57b765063f7a230 100644
|
|
|
3f51ca |
--- a/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c
|
|
|
3f51ca |
+++ b/daemons/ipa-slapi-plugins/ipa-uuid/ipa_uuid.c
|
|
|
3f51ca |
@@ -911,6 +911,7 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
|
|
|
3f51ca |
list != ipauuid_global_config;
|
|
|
3f51ca |
list = PR_NEXT_LINK(list)) {
|
|
|
3f51ca |
cfgentry = (struct configEntry *) list;
|
|
|
3f51ca |
+ char *current_dn = NULL;
|
|
|
3f51ca |
|
|
|
3f51ca |
generate = false;
|
|
|
3f51ca |
set_attr = false;
|
|
|
3f51ca |
@@ -920,16 +921,21 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
|
|
|
3f51ca |
cfgentry->attr)) {
|
|
|
3f51ca |
continue;
|
|
|
3f51ca |
}
|
|
|
3f51ca |
+ /* Current DN may have been reset by
|
|
|
3f51ca |
+ * slapi_pblock_set(pb, SLAPI_ADD_TARGET,..) see below
|
|
|
3f51ca |
+ * need to reread it
|
|
|
3f51ca |
+ */
|
|
|
3f51ca |
+ current_dn = ipauuid_get_dn(pb);
|
|
|
3f51ca |
|
|
|
3f51ca |
/* is the entry in scope? */
|
|
|
3f51ca |
if (cfgentry->scope) {
|
|
|
3f51ca |
- if (!slapi_dn_issuffix(dn, cfgentry->scope)) {
|
|
|
3f51ca |
+ if (!slapi_dn_issuffix(current_dn, cfgentry->scope)) {
|
|
|
3f51ca |
continue;
|
|
|
3f51ca |
}
|
|
|
3f51ca |
}
|
|
|
3f51ca |
|
|
|
3f51ca |
if (cfgentry->exclude_subtree) {
|
|
|
3f51ca |
- if (slapi_dn_issuffix(dn, cfgentry->exclude_subtree)) {
|
|
|
3f51ca |
+ if (slapi_dn_issuffix(current_dn, cfgentry->exclude_subtree)) {
|
|
|
3f51ca |
continue;
|
|
|
3f51ca |
}
|
|
|
3f51ca |
}
|
|
|
3f51ca |
@@ -1108,7 +1114,7 @@ static int ipauuid_pre_op(Slapi_PBlock *pb, int modtype)
|
|
|
3f51ca |
ret = LDAP_OPERATIONS_ERROR;
|
|
|
3f51ca |
goto done;
|
|
|
3f51ca |
}
|
|
|
3f51ca |
- sdn = slapi_sdn_new_dn_byval(dn);
|
|
|
3f51ca |
+ sdn = slapi_sdn_new_dn_byval(current_dn);
|
|
|
3f51ca |
if (!sdn) {
|
|
|
3f51ca |
LOG_OOM();
|
|
|
3f51ca |
ret = LDAP_OPERATIONS_ERROR;
|
|
|
3f51ca |
--
|
|
|
3f51ca |
2.13.6
|
|
|
3f51ca |
|