From f3648ea812ea7327e88217cdeb8def360aa012ad Mon Sep 17 00:00:00 2001 From: Kurt Zeilenga Date: Fri, 4 Jun 2004 05:39:42 +0000 Subject: [PATCH] From HEAD + Fixed slapd abandon/cancel pending bug (ITS#3160) + Fixed slapd sl_malloc memory leak (ITS#3155) + Fixed pcache erroneous reply (ITS#3153) + Fixed pcache remove_query_data bug (ITS#3170) + Fixed liblutil passwd seed len bug (ITS#3169) --- CHANGES | 5 +++++ libraries/liblutil/passwd.c | 13 ++++++------- servers/slapd/abandon.c | 1 + servers/slapd/backend.c | 8 ++++++-- servers/slapd/backglue.c | 34 ++++++++++++++++++++++++--------- servers/slapd/cancel.c | 1 + servers/slapd/ctxcsn.c | 12 ++++++------ servers/slapd/overlays/pcache.c | 1 + servers/slapd/saslauthz.c | 5 +---- servers/slapd/sl_malloc.c | 20 +++++++++++++++++++ servers/slapd/slap.h | 4 +++- servers/slapd/starttls.c | 4 +--- 12 files changed, 76 insertions(+), 32 deletions(-) diff --git a/CHANGES b/CHANGES index 3afd71dd89..0886b5d4a0 100644 --- a/CHANGES +++ b/CHANGES @@ -11,11 +11,16 @@ OpenLDAP 2.2.12 Engineering Fixed slapd entry2mods normalization bug (ITS#3144,3152) Fixed slapd extended match memory leak (ITS#3146) Fixed slapd syncrepl persist interval issue (ITS#3064) + Fixed slapd abandon/cancel pending bug (ITS#3160) + Fixed slapd sl_malloc memory leak (ITS#3155) Fixed back-ldap normalization bug Fixed pcache cache_entries init bug (ITS#3150) Fixed pcache consistency_check bug (ITS#3151) + Fixed pcache erroneous reply (ITS#3153) + Fixed pcache remove_query_data bug (ITS#3170) Fixed libldap SASL mutex init bug (ITS#3123) Fixed libldap SASL buffering bug (ITS#3139) + Fixed liblutil passwd seed len bug (ITS#3169) Build Environment Fixed liblber memory debug portability bug (ITS#3116) Fixed back-perl perl portability bug (ITS#2554,2946) diff --git a/libraries/liblutil/passwd.c b/libraries/liblutil/passwd.c index 7f133a8367..f16b49a2bc 100644 --- a/libraries/liblutil/passwd.c +++ b/libraries/liblutil/passwd.c @@ -459,9 +459,8 @@ static int chk_ssha1( int rc; unsigned char *orig_pass = NULL; - /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < - sizeof(SHA1digest)+SALT_SIZE) { + /* safety check -- must have some salt */ + if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(SHA1digest)) { return LUTIL_PASSWD_ERR; } @@ -473,7 +472,8 @@ static int chk_ssha1( rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); - if (rc < (int)(sizeof(SHA1digest)+SALT_SIZE)) { + /* safety check -- must have some salt */ + if (rc <= (int)(sizeof(SHA1digest))) { ber_memfree(orig_pass); return LUTIL_PASSWD_ERR; } @@ -547,8 +547,7 @@ static int chk_smd5( unsigned char *orig_pass = NULL; /* safety check */ - if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) < - sizeof(MD5digest)+SALT_SIZE) { + if (LUTIL_BASE64_DECODE_LEN(passwd->bv_len) <= sizeof(MD5digest)) { return LUTIL_PASSWD_ERR; } @@ -560,7 +559,7 @@ static int chk_smd5( rc = lutil_b64_pton(passwd->bv_val, orig_pass, passwd->bv_len); - if (rc < (int)(sizeof(MD5digest)+SALT_SIZE)) { + if (rc <= (int)(sizeof(MD5digest))) { ber_memfree(orig_pass); return LUTIL_PASSWD_ERR; } diff --git a/servers/slapd/abandon.c b/servers/slapd/abandon.c index 96d29297c8..10dab8d82c 100644 --- a/servers/slapd/abandon.c +++ b/servers/slapd/abandon.c @@ -103,6 +103,7 @@ do_abandon( Operation *op, SlapReply *rs ) LDAP_STAILQ_FOREACH( o, &op->o_conn->c_pending_ops, o_next ) { if ( o->o_msgid == id ) { LDAP_STAILQ_REMOVE( &op->o_conn->c_pending_ops, o, slap_op, o_next ); + op->o_conn->c_n_ops_pending--; slap_op_free( o ); goto done; } diff --git a/servers/slapd/backend.c b/servers/slapd/backend.c index b8f4b17d00..aa91da1948 100644 --- a/servers/slapd/backend.c +++ b/servers/slapd/backend.c @@ -302,7 +302,9 @@ int backend_startup(Backend *be) if(be != NULL) { /* startup a specific backend database */ - LDAP_TAILQ_INIT( &be->be_pending_csn_list ); + be->be_pending_csn_list = (struct be_pcl *) + ch_calloc( 1, sizeof( struct be_pcl )); + LDAP_TAILQ_INIT( be->be_pending_csn_list ); #ifdef NEW_LOGGING LDAP_LOG( BACKEND, DETAIL1, "backend_startup: starting \"%s\"\n", @@ -381,7 +383,9 @@ int backend_startup(Backend *be) /* append global access controls */ acl_append( &backendDB[i].be_acl, global_acl ); - LDAP_TAILQ_INIT( &backendDB[i].be_pending_csn_list ); + backendDB[i].be_pending_csn_list = (struct be_pcl *) + ch_calloc( 1, sizeof( struct be_pcl )); + LDAP_TAILQ_INIT( backendDB[i].be_pending_csn_list ); if ( backendDB[i].be_suffix == NULL ) { #ifdef NEW_LOGGING diff --git a/servers/slapd/backglue.c b/servers/slapd/backglue.c index cd8a63d354..59ea867f52 100644 --- a/servers/slapd/backglue.c +++ b/servers/slapd/backglue.c @@ -138,6 +138,7 @@ glue_back_db_open ( glueOpened = 1; gi->bd.be_acl = be->be_acl; + gi->bd.be_pending_csn_list = be->be_pending_csn_list; if (gi->bd.bd_info->bi_db_open) rc = gi->bd.bd_info->bi_db_open(&gi->bd); @@ -193,7 +194,7 @@ glue_back_response ( Operation *op, SlapReply *rs ) switch(rs->sr_type) { case REP_SEARCH: - if ( gs->slimit && rs->sr_nentries >= gs->slimit ) { + if ( gs->slimit != -1 && rs->sr_nentries >= gs->slimit ) { rs->sr_err = gs->err = LDAP_SIZELIMIT_EXCEEDED; return -1; } @@ -206,7 +207,8 @@ glue_back_response ( Operation *op, SlapReply *rs ) rs->sr_err == LDAP_SIZELIMIT_EXCEEDED || rs->sr_err == LDAP_TIMELIMIT_EXCEEDED || rs->sr_err == LDAP_ADMINLIMIT_EXCEEDED || - gs->err != LDAP_SUCCESS) + rs->sr_err == LDAP_NO_SUCH_OBJECT || + gs->err != LDAP_SUCCESS) gs->err = rs->sr_err; if (gs->err == LDAP_SUCCESS && gs->matched) { ch_free (gs->matched); @@ -251,6 +253,7 @@ static int glue_back_search ( Operation *op, SlapReply *rs ) { BackendDB *b0 = op->o_bd; + BackendDB *b1 = NULL; glueinfo *gi = (glueinfo *) b0->bd_info; int i; long stoptime = 0; @@ -263,14 +266,12 @@ glue_back_search ( Operation *op, SlapReply *rs ) cb.sc_next = op->o_callback; - if (op->ors_tlimit) { - stoptime = slap_get_time () + op->ors_tlimit; - } + stoptime = slap_get_time () + op->ors_tlimit; + + op->o_bd = glue_back_select (b0, op->o_req_ndn.bv_val); switch (op->ors_scope) { case LDAP_SCOPE_BASE: - op->o_bd = glue_back_select (b0, op->o_req_ndn.bv_val); - if (op->o_bd && op->o_bd->be_search) { rs->sr_err = op->o_bd->be_search( op, rs ); } else { @@ -284,6 +285,17 @@ glue_back_search ( Operation *op, SlapReply *rs ) #ifdef LDAP_SCOPE_SUBORDINATE case LDAP_SCOPE_SUBORDINATE: /* FIXME */ #endif + + if ( op->o_sync_mode & SLAP_SYNC_REFRESH ) { + if (op->o_bd && op->o_bd->be_search) { + rs->sr_err = op->o_bd->be_search( op, rs ); + } else { + send_ldap_error(op, rs, LDAP_UNWILLING_TO_PERFORM, + "No search target found"); + } + return rs->sr_err; + } + op->o_callback = &cb; rs->sr_err = gs.err = LDAP_UNWILLING_TO_PERFORM; scope0 = op->ors_scope; @@ -291,6 +303,7 @@ glue_back_search ( Operation *op, SlapReply *rs ) tlimit0 = op->ors_tlimit; dn = op->o_req_dn; ndn = op->o_req_ndn; + b1 = op->o_bd; /* * Execute in reverse order, most general first @@ -298,14 +311,16 @@ glue_back_search ( Operation *op, SlapReply *rs ) for (i = gi->nodes-1; i >= 0; i--) { if (!gi->n[i].be || !gi->n[i].be->be_search) continue; - if (tlimit0) { + if (!dnIsSuffix(&gi->n[i].be->be_nsuffix[0], &b1->be_nsuffix[0])) + continue; + if (tlimit0 != -1) { op->ors_tlimit = stoptime - slap_get_time (); if (op->ors_tlimit <= 0) { rs->sr_err = gs.err = LDAP_TIMELIMIT_EXCEEDED; break; } } - if (slimit0) { + if (slimit0 != -1) { op->ors_slimit = slimit0 - rs->sr_nentries; if (op->ors_slimit < 0) { rs->sr_err = gs.err = LDAP_SIZELIMIT_EXCEEDED; @@ -352,6 +367,7 @@ glue_back_search ( Operation *op, SlapReply *rs ) case LDAP_SIZELIMIT_EXCEEDED: case LDAP_TIMELIMIT_EXCEEDED: case LDAP_ADMINLIMIT_EXCEEDED: + case LDAP_NO_SUCH_OBJECT: goto end_of_loop; default: diff --git a/servers/slapd/cancel.c b/servers/slapd/cancel.c index 70f3be3369..005dbba0b2 100644 --- a/servers/slapd/cancel.c +++ b/servers/slapd/cancel.c @@ -66,6 +66,7 @@ int cancel_extop( Operation *op, SlapReply *rs ) LDAP_STAILQ_FOREACH( o, &op->o_conn->c_pending_ops, o_next ) { if ( o->o_msgid == opid ) { LDAP_STAILQ_REMOVE( &op->o_conn->c_pending_ops, o, slap_op, o_next ); + op->o_conn->c_n_ops_pending--; slap_op_free( o ); found = 1; break; diff --git a/servers/slapd/ctxcsn.c b/servers/slapd/ctxcsn.c index ab1061978e..4672273293 100644 --- a/servers/slapd/ctxcsn.c +++ b/servers/slapd/ctxcsn.c @@ -41,14 +41,14 @@ slap_get_commit_csn( Operation *op, struct berval *csn ) ldap_pvt_thread_mutex_lock( &op->o_bd->be_pcl_mutex ); - LDAP_TAILQ_FOREACH( csne, &op->o_bd->be_pending_csn_list, ce_csn_link ) { + LDAP_TAILQ_FOREACH( csne, op->o_bd->be_pending_csn_list, ce_csn_link ) { if ( csne->ce_opid == op->o_opid && csne->ce_connid == op->o_connid ) { csne->ce_state = SLAP_CSN_COMMIT; break; } } - LDAP_TAILQ_FOREACH( csne, &op->o_bd->be_pending_csn_list, ce_csn_link ) { + LDAP_TAILQ_FOREACH( csne, op->o_bd->be_pending_csn_list, ce_csn_link ) { if ( csne->ce_state == SLAP_CSN_COMMIT ) committed_csne = csne; if ( csne->ce_state == SLAP_CSN_PENDING ) break; } @@ -64,7 +64,7 @@ slap_rewind_commit_csn( Operation *op ) ldap_pvt_thread_mutex_lock( &op->o_bd->be_pcl_mutex ); - LDAP_TAILQ_FOREACH( csne, &op->o_bd->be_pending_csn_list, ce_csn_link ) { + LDAP_TAILQ_FOREACH( csne, op->o_bd->be_pending_csn_list, ce_csn_link ) { if ( csne->ce_opid == op->o_opid && csne->ce_connid == op->o_connid ) { csne->ce_state = SLAP_CSN_PENDING; break; @@ -84,9 +84,9 @@ slap_graduate_commit_csn( Operation *op ) ldap_pvt_thread_mutex_lock( &op->o_bd->be_pcl_mutex ); - LDAP_TAILQ_FOREACH( csne, &op->o_bd->be_pending_csn_list, ce_csn_link ) { + LDAP_TAILQ_FOREACH( csne, op->o_bd->be_pending_csn_list, ce_csn_link ) { if ( csne->ce_opid == op->o_opid && csne->ce_connid == op->o_connid ) { - LDAP_TAILQ_REMOVE( &op->o_bd->be_pending_csn_list, + LDAP_TAILQ_REMOVE( op->o_bd->be_pending_csn_list, csne, ce_csn_link ); ch_free( csne->ce_csn->bv_val ); ch_free( csne->ce_csn ); @@ -166,7 +166,7 @@ slap_get_csn( pending->ce_connid = op->o_connid; pending->ce_opid = op->o_opid; pending->ce_state = SLAP_CSN_PENDING; - LDAP_TAILQ_INSERT_TAIL( &op->o_bd->be_pending_csn_list, + LDAP_TAILQ_INSERT_TAIL( op->o_bd->be_pending_csn_list, pending, ce_csn_link ); ldap_pvt_thread_mutex_unlock( &op->o_bd->be_pcl_mutex ); } diff --git a/servers/slapd/overlays/pcache.c b/servers/slapd/overlays/pcache.c index 60395e62c6..1b009b7509 100644 --- a/servers/slapd/overlays/pcache.c +++ b/servers/slapd/overlays/pcache.c @@ -911,6 +911,7 @@ remove_query_data ( mod.sml_desc = ad_queryid; mod.sml_type = ad_queryid->ad_cname; mod.sml_values = vals; + mod.sml_nvalues = NULL; mod.sml_next = NULL; #ifdef NEW_LOGGING LDAP_LOG( BACK_META, DETAIL1, diff --git a/servers/slapd/saslauthz.c b/servers/slapd/saslauthz.c index d38ad64079..dca9a0eb15 100644 --- a/servers/slapd/saslauthz.c +++ b/servers/slapd/saslauthz.c @@ -633,9 +633,7 @@ int slap_sasl_match( Operation *opx, struct berval *rule, &op.ors_filterstr ); if( rc != LDAP_SUCCESS ) goto CONCLUDED; - /* Massive shortcut: search scope == base */ switch ( op.oq_search.rs_scope ) { - case LDAP_SCOPE_BASE: case LDAP_X_SCOPE_EXACT: exact_match: if ( dn_match( &op.o_req_ndn, assertDN ) ) { @@ -886,9 +884,7 @@ void slap_sasl2dn( Operation *opx, /* Must do an internal search */ op.o_bd = select_backend( &op.o_req_ndn, 0, 1 ); - /* Massive shortcut: search scope == base */ switch ( op.oq_search.rs_scope ) { - case LDAP_SCOPE_BASE: case LDAP_X_SCOPE_EXACT: *sasldn = op.o_req_ndn; op.o_req_ndn.bv_len = 0; @@ -902,6 +898,7 @@ void slap_sasl2dn( Operation *opx, /* correctly parsed, but illegal */ goto FINISHED; + case LDAP_SCOPE_BASE: case LDAP_SCOPE_ONELEVEL: case LDAP_SCOPE_SUBTREE: #ifdef LDAP_SCOPE_SUBORDINATE diff --git a/servers/slapd/sl_malloc.c b/servers/slapd/sl_malloc.c index cb96ed09da..21afb52307 100644 --- a/servers/slapd/sl_malloc.c +++ b/servers/slapd/sl_malloc.c @@ -54,6 +54,10 @@ sl_mem_init() ber_set_option( NULL, LBER_OPT_MEMORY_FNS, &sl_mfuncs ); } +#ifdef NO_THREADS +static struct slab_heap *slheap; +#endif + void * sl_mem_create( ber_len_t size, @@ -63,7 +67,11 @@ sl_mem_create( struct slab_heap *sh = NULL; int pad = 2*sizeof(int)-1; +#ifdef NO_THREADS + sh = slheap; +#else ldap_pvt_thread_pool_getkey( ctx, (void *)sl_mem_init, (void **)&sh, NULL ); +#endif /* round up to doubleword boundary */ size += pad; @@ -72,7 +80,11 @@ sl_mem_create( if (!sh) { sh = ch_malloc( sizeof(struct slab_heap) ); sh->h_base = ch_malloc( size ); +#ifdef NO_THREADS + slheap = sh; +#else ldap_pvt_thread_pool_setkey( ctx, (void *)sl_mem_init, (void *)sh, sl_mem_destroy ); +#endif } else if ( size > (char *) sh->h_end - (char *) sh->h_base ) { sh->h_base = ch_realloc( sh->h_base, size ); } @@ -87,8 +99,12 @@ sl_mem_detach( void *memctx ) { +#ifdef NO_THREADS + slheap = NULL; +#else /* separate from context */ ldap_pvt_thread_pool_setkey( ctx, (void *)sl_mem_init, NULL, NULL ); +#endif } void * @@ -212,9 +228,13 @@ sl_context( void *ptr ) struct slab_heap *sh = NULL; void *ctx; +#ifdef NO_THREADS + sh = slheap; +#else ctx = ldap_pvt_thread_pool_context(); ldap_pvt_thread_pool_getkey( ctx, (void *)sl_mem_init, (void **)&sh, NULL ); +#endif if ( sh && ptr >= sh->h_base && ptr <= sh->h_end ) { return sh; diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index 99e492c472..0ceb96e1d9 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -1403,6 +1403,8 @@ typedef struct syncinfo_s { LDAP_STAILQ_ENTRY( syncinfo_s ) si_next; } syncinfo_t; +LDAP_TAILQ_HEAD( be_pcl, slap_csn_entry ); + struct slap_backend_db { BackendInfo *bd_info; /* pointer to shared backend info */ @@ -1548,7 +1550,7 @@ struct slap_backend_db { char *be_replogfile; /* replication log file (in master) */ struct berval be_update_ndn; /* allowed to make changes (in replicas) */ BerVarray be_update_refs; /* where to refer modifying clients to */ - LDAP_TAILQ_HEAD( be_pcl, slap_csn_entry ) be_pending_csn_list; + struct be_pcl *be_pending_csn_list; ldap_pvt_thread_mutex_t be_pcl_mutex; struct berval be_context_csn; ldap_pvt_thread_mutex_t be_context_csn_mutex; diff --git a/servers/slapd/starttls.c b/servers/slapd/starttls.c index ff164a4c61..11f2c0c917 100644 --- a/servers/slapd/starttls.c +++ b/servers/slapd/starttls.c @@ -77,9 +77,7 @@ starttls_extop ( Operation *op, SlapReply *rs ) } /* fail if TLS could not be initialized */ - if (ldap_pvt_tls_get_option( NULL, LDAP_OPT_X_TLS_CTX, &ctx ) != 0 - || ctx == NULL) - { + if ( slap_tls_ctx == NULL ) { if (default_referral != NULL) { /* caller will put the referral in the result */ rc = LDAP_REFERRAL; -- 2.39.2