[Pkg-openldap-devel] r694 - in openldap/trunk-2.3/debian: . patches

Matthijs Mohlmann active2-guest at costa.debian.org
Fri Jul 21 16:18:02 UTC 2006 

Author: active2-guest
Date: 2006-07-21 16:18:01 +0000 (Fri, 21 Jul 2006)
New Revision: 694

Added:
   openldap/trunk-2.3/debian/patches/accesslog-purge-bug
   openldap/trunk-2.3/debian/patches/bv-replace-fix
   openldap/trunk-2.3/debian/patches/import-ldif-width-ppolicy-clear-text-fix
   openldap/trunk-2.3/debian/patches/passwd-length-fix
   openldap/trunk-2.3/debian/patches/syncrepl-dont-replicate-fix
Modified:
   openldap/trunk-2.3/debian/changelog
   openldap/trunk-2.3/debian/patches/series
Log:
 * Added patches from Quanah Gibson-Mount.


Modified: openldap/trunk-2.3/debian/changelog
===================================================================
--- openldap/trunk-2.3/debian/changelog	2006-07-18 22:13:45 UTC (rev 693)
+++ openldap/trunk-2.3/debian/changelog	2006-07-21 16:18:01 UTC (rev 694)
@@ -1,3 +1,15 @@
+openldap2.3 (2.3.24-3) unstable; urgency=low
+
+  * Patches by Quanah Gibson-Mount <quanah at stanford.edu>
+    - fix sometimes syncrepl DELs don't propagate (ITS#4589)
+    - fix accesslog purge bug with cn=config (ITS#4595)
+    - fix for having Ppolicy_hash_cleartext and ldapadd which imports hashes
+      to unverifiable passwords. (ITS#4575)
+    - fix for a bv replace
+    - fix for password length
+
+ -- Matthijs Mohlmann <matthijs at cacholong.nl>  Fri, 21 Jul 2006 18:13:11 +0200
+
 openldap2.3 (2.3.24-2) unstable; urgency=low
 
   * Switch slapd from running as root to running as user.

Added: openldap/trunk-2.3/debian/patches/accesslog-purge-bug
===================================================================
--- openldap/trunk-2.3/debian/patches/accesslog-purge-bug	2006-07-18 22:13:45 UTC (rev 693)
+++ openldap/trunk-2.3/debian/patches/accesslog-purge-bug	2006-07-21 16:18:01 UTC (rev 694)
@@ -0,0 +1,61 @@
+Index: doc/man/man5/slapo-accesslog.5
+===================================================================
+--- doc/man/man5/slapo-accesslog.5.orig
++++ doc/man/man5/slapo-accesslog.5
+@@ -26,9 +26,10 @@
+ .B logdb <suffix>
+ Specify the suffix of a database to be used for storing the log records.
+ The specified database must have already been configured in a prior section
+-of the config file. The suffix entry of the log database will be created
+-automatically by this overlay. The log entries will be generated as the
+-immediate children of the suffix entry.
++of the config file, and it must have a rootDN configured. The access controls
++on the log database should prevent general write access. The suffix entry
++of the log database will be created automatically by this overlay. The log
++entries will be generated as the immediate children of the suffix entry.
+ .TP
+ .B logops <operations>
+ Specify which types of operations to log. The valid operation types are
+Index: servers/slapd/overlays/accesslog.c
+===================================================================
+--- servers/slapd/overlays/accesslog.c.orig
++++ servers/slapd/overlays/accesslog.c
+@@ -601,6 +601,10 @@
+ 			rc = mask_to_verbs( logops, li->li_ops, &c->rvalue_vals );
+ 			break;
+ 		case LOG_PURGE:
++			if ( !li->li_age ) {
++				rc = 1;
++				break;
++			}
+ 			agebv.bv_val = agebuf;
+ 			log_age_unparse( li->li_age, &agebv );
+ 			agebv.bv_val[agebv.bv_len] = ' ';
+@@ -672,6 +676,13 @@
+ 				Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
+ 					c->log, c->msg, c->value_dn.bv_val );
+ 				rc = 1;
++			} else if ( BER_BVISEMPTY( &li->li_db->be_rootdn )) {
++				snprintf( c->msg, sizeof( c->msg ),
++						"<%s> no rootDN was configured for suffix",
++						c->argv[0] );
++				Debug( LDAP_DEBUG_ANY, "%s: %s \"%s\"\n",
++						c->log, c->msg, c->value_dn.bv_val );
++				rc = 1;
+ 			}
+ 			ch_free( c->value_dn.bv_val );
+ 			ch_free( c->value_ndn.bv_val );
+@@ -683,11 +694,11 @@
+ 			break;
+ 		case LOG_PURGE:
+ 			li->li_age = log_age_parse( c->argv[1] );
+-			if ( li->li_age == -1 ) {
++			if ( li->li_age < 1 ) {
+ 				rc = 1;
+ 			} else {
+ 				li->li_cycle = log_age_parse( c->argv[2] );
+-				if ( li->li_cycle == -1 ) {
++				if ( li->li_cycle < 1 ) {
+ 					rc = 1;
+ 				} else if ( slapMode & SLAP_SERVER_MODE ) {
+ 					struct re_s *re = li->li_task;

Added: openldap/trunk-2.3/debian/patches/bv-replace-fix
===================================================================
--- openldap/trunk-2.3/debian/patches/bv-replace-fix	2006-07-18 22:13:45 UTC (rev 693)
+++ openldap/trunk-2.3/debian/patches/bv-replace-fix	2006-07-21 16:18:01 UTC (rev 694)
@@ -0,0 +1,15 @@
+Index: libraries/liblber/memory.c
+===================================================================
+--- libraries/liblber/memory.c.orig
++++ libraries/liblber/memory.c
+@@ -700,8 +700,9 @@
+ ber_bvreplace_x( struct berval *dst, LDAP_CONST struct berval *src, void *ctx )
+ {
+ 	assert( dst != NULL );
++	assert( !BER_BVISNULL( src ) );
+ 
+-	if ( dst->bv_len < src->bv_len ) {
++	if ( BER_BVISNULL( dst ) || dst->bv_len < src->bv_len ) {
+ 		dst->bv_val = ber_memrealloc_x( dst->bv_val, src->bv_len + 1, ctx );
+ 	}
+ 

Added: openldap/trunk-2.3/debian/patches/import-ldif-width-ppolicy-clear-text-fix
===================================================================
--- openldap/trunk-2.3/debian/patches/import-ldif-width-ppolicy-clear-text-fix	2006-07-18 22:13:45 UTC (rev 693)
+++ openldap/trunk-2.3/debian/patches/import-ldif-width-ppolicy-clear-text-fix	2006-07-21 16:18:01 UTC (rev 694)
@@ -0,0 +1,19 @@
+Index: servers/slapd/overlays/ppolicy.c
+===================================================================
+--- servers/slapd/overlays/ppolicy.c.orig
++++ servers/slapd/overlays/ppolicy.c
+@@ -435,9 +435,11 @@
+ 	if (cred->bv_val[e]) {
+ 		int rc;
+ 		rc = lutil_passwd_scheme( cred->bv_val );
+-		if (rc && sch) {
+-			sch->bv_val = cred->bv_val;
+-			sch->bv_len = e;
++		if (rc) {
++			if (sch) {
++				sch->bv_val = cred->bv_val;
++				sch->bv_len = e;
++			}
+ 			return LDAP_SUCCESS;
+ 		}
+ 	}

Added: openldap/trunk-2.3/debian/patches/passwd-length-fix
===================================================================
--- openldap/trunk-2.3/debian/patches/passwd-length-fix	2006-07-18 22:13:45 UTC (rev 693)
+++ openldap/trunk-2.3/debian/patches/passwd-length-fix	2006-07-21 16:18:01 UTC (rev 694)
@@ -0,0 +1,13 @@
+Index: libraries/liblutil/passwd.c
+===================================================================
+--- libraries/liblutil/passwd.c.orig
++++ libraries/liblutil/passwd.c
+@@ -309,7 +309,7 @@
+ 	 * didn't recognize? Assume a scheme name is at least 1 character.
+ 	 */
+ 	if (( passwd->bv_val[0] == '{' ) &&
+-		( strchr( passwd->bv_val, '}' ) > passwd->bv_val+1 ))
++		( ber_bvchr( passwd, '}' ) > passwd->bv_val+1 ))
+ 	{
+ 		return 1;
+ 	}

Modified: openldap/trunk-2.3/debian/patches/series
===================================================================
--- openldap/trunk-2.3/debian/patches/series	2006-07-18 22:13:45 UTC (rev 693)
+++ openldap/trunk-2.3/debian/patches/series	2006-07-21 16:18:01 UTC (rev 694)
@@ -17,3 +17,8 @@
 syncrepl-fails-when-rootdn-not-defined -p0
 tls-concurrency-issues -p0
 auditlog-db-init -p0
+bv-replace-fix -p0
+passwd-length-fix -p0
+import-ldif-width-ppolicy-clear-text-fix -p0
+syncrepl-dont-replicate-fix -p0
+accesslog-purge-bug -p0

Added: openldap/trunk-2.3/debian/patches/syncrepl-dont-replicate-fix
===================================================================
--- openldap/trunk-2.3/debian/patches/syncrepl-dont-replicate-fix	2006-07-18 22:13:45 UTC (rev 693)
+++ openldap/trunk-2.3/debian/patches/syncrepl-dont-replicate-fix	2006-07-21 16:18:01 UTC (rev 694)
@@ -0,0 +1,42 @@
+Index: servers/slapd/ldapsync.c
+===================================================================
+--- servers/slapd/ldapsync.c.orig
++++ servers/slapd/ldapsync.c
+@@ -38,24 +38,29 @@
+ 	int rid )
+ {
+ 	char cookiestr[ LDAP_LUTIL_CSNSTR_BUFSIZE + 20 ];
++	int len;
+ 
+ 	if ( BER_BVISNULL( csn )) {
+ 		if ( rid == -1 ) {
+ 			cookiestr[0] = '\0';
++			len = 0;
+ 		} else {
+-			snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
++			len = snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
+ 					"rid=%03d", rid );
+ 		}
+ 	} else {
+-		if ( rid == -1 ) {
+-			snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
+-					"csn=%s", csn->bv_val );
+-		} else {
+-			snprintf( cookiestr, LDAP_LUTIL_CSNSTR_BUFSIZE + 20,
+-					"csn=%s,rid=%03d", csn->bv_val, rid );
++		char *end = cookiestr + sizeof(cookiestr);
++		char *ptr = lutil_strcopy( cookiestr, "csn=" );
++		len = csn->bv_len;
++		if ( ptr + len >= end )
++			len = end - ptr;
++		ptr = lutil_strncopy( ptr, csn->bv_val, len );
++		if ( rid != -1 && ptr < end - STRLENOF(",rid=xxx") ) {
++			ptr += sprintf( ptr, ",rid=%03d", rid );
+ 		}
++		len = ptr - cookiestr;
+ 	}
+-	ber_str2bv_x( cookiestr, strlen(cookiestr), 1, cookie, 
++	ber_str2bv_x( cookiestr, len, 1, cookie,
+ 		op ? op->o_tmpmemctx : NULL );
+ }
+

More information about the Pkg-openldap-devel mailing list