Summary: NTF: Add protection against longDn notification for unadapted producer/consumer V2 Review request for Trac Ticket(s): 1114 Peer Reviewer(s): Anders W, Praveen, Lennart, Mathi Pull request to: Affected branch(es): 4.5 Development branch: default (4.6)
-------------------------------- Impacted area Impact y/n -------------------------------- Docs n Build system n RPM/packaging n Configuration files n Startup scripts n SAF services y OpenSAF services n Core libraries n Samples n Tests y Other n Comments (indicate scope for each "y" above): --------------------------------------------- Changes in V2: - Add description for README - saNtfDispatch returns OK if longDNs is found in callback - In V1, detection of extended SaNameT was done in decodeNtfValueT() by setting dataSize=0. This will make SaNameT field lost in variable data. In V2, removing changes in decodeNtfValueT(), adding getTypeFromValue() and saNtfPtrValGet() returns SA_AIS_ERR_NAME_TOO_LONG if any invalid extended SaNameT is found. changeset d5e2e895479d191630c11f07a620ea77fa90f4ca Author: Minh Hon Chau <[email protected]> Date: Wed, 01 Oct 2014 13:31:56 +1000 NTF: Add description of long DNs support to osaf/services/saf/ntfsv/README This should be added together with #873, but now it's a chance to get in with #1114 changeset d9bffe9c86fb2b039b1fdcd1451049d4777d43f9 Author: Minh Hon Chau <[email protected]> Date: Wed, 01 Oct 2014 13:31:56 +1000 NTF: Add notification to test unadapted consumer in "ntftest 36 1"[#1114] Send additional notification with shortDn for notificationObject and notifyingObject but having extended SaNameT in AdditionalInfo, to test whether the unadapted consumer can receives this notification but can not retreive the AdditionalInfo changeset 4fd061faa058a5158cece9fa4ff45328593f41ef Author: Minh Hon Chau <[email protected]> Date: Wed, 01 Oct 2014 13:31:56 +1000 NTF: Add protection against longDn notification for unadapted producer/consumer [#1114] V2 Currently if any unadapted longDn consumer receives notification having extended SaNameT in notification (notificationObject(s), notifyingObject(s), value type as LDAP_NAME) will be crashed The crash is due to invalid access to extended SaNameT The patch makes longDn notification invisible to unadapted consumer. Also if unadapted producer is going to send a longDn notification or unadapted consumer specifies longDn object for filter, the error code SA_AIS_ERR_INVALID_PARAM is returned. Affected APIs: saNtfNotificationSend, saNtfNotificationReadNext, saNtfNotificationReadInitialize, saNtfNotificationSubscribe, saNtfPtrValGet, and notificationCallback. Complete diffstat: ------------------ osaf/libs/agents/saf/ntfa/ntfa_api.c | 532 +++++++++++++++++++++++++++++++++++++++---------------- osaf/libs/agents/saf/ntfa/ntfa_util.c | 39 ++++- osaf/libs/common/ntfsv/ntfsv_mem.c | 1 + osaf/services/saf/ntfsv/README | 70 +++++++ tests/ntfsv/tet_longDnObject_notification.c | 5 + 5 files changed, 487 insertions(+), 160 deletions(-) Testing Commands: ----------------- - ntftest 36 1, ntftest 31 1 - Run unadapted ntfread, ntfsubscribe (without #873) Testing, Expected Results: -------------------------- - Unadapted consumer can not receive notification having longDn for notificationObject, notifyingObject - Unadapted consumer can not retrieve extended SaNameT in AdditionalInfo Conditions of Submission: ------------------------- Ack from reviewers Arch Built Started Linux distro ------------------------------------------- mips n n mips64 n n x86 n n x86_64 y n powerpc n n powerpc64 n n Reviewer Checklist: ------------------- [Submitters: make sure that your review doesn't trigger any checkmarks!] Your checkin has not passed review because (see checked entries): ___ Your RR template is generally incomplete; it has too many blank entries that need proper data filled in. ___ You have failed to nominate the proper persons for review and push. ___ Your patches do not have proper short+long header ___ You have grammar/spelling in your header that is unacceptable. ___ You have exceeded a sensible line length in your headers/comments/text. ___ You have failed to put in a proper Trac Ticket # into your commits. ___ You have incorrectly put/left internal data in your comments/files (i.e. internal bug tracking tool IDs, product names etc) ___ You have not given any evidence of testing beyond basic build tests. Demonstrate some level of runtime or other sanity testing. ___ You have ^M present in some of your files. These have to be removed. ___ You have needlessly changed whitespace or added whitespace crimes like trailing spaces, or spaces before tabs. ___ You have mixed real technical changes with whitespace and other cosmetic code cleanup changes. These have to be separate commits. ___ You need to refactor your submission into logical chunks; there is too much content into a single commit. ___ You have extraneous garbage in your review (merge commits etc) ___ You have giant attachments which should never have been sent; Instead you should place your content in a public tree to be pulled. ___ You have too many commits attached to an e-mail; resend as threaded commits, or place in a public tree for a pull. ___ You have resent this content multiple times without a clear indication of what has changed between each re-send. ___ You have failed to adequately and individually address all of the comments and change requests that were proposed in the initial review. ___ You have a misconfigured ~/.hgrc file (i.e. username, email etc) ___ Your computer have a badly configured date and time; confusing the the threaded patch review. ___ Your changes affect IPC mechanism, and you don't present any results for in-service upgradability test. ___ Your changes affect user manual and documentation, your patch series do not contain the patch that updates the Doxygen manual. ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ Opensaf-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opensaf-devel
