The following NTF APIs need to add the protection for unadapted
producer/consumer against the notification containing any extended SaNameT,
which hereby is known as long DN notification:
1 - saNtfNotificationSend returns SA_AIS_ERR_INVALID_PARAM if one of the
following statements is true:
. Notification header contains notificationObject or notifyingObject as
long DN, or any extended SaNameT exists in additionalInfo
. As alarm notification, any field of
specificProblems/thresholdInformation/proposedRepairActions/monitoredAttributes
contains extended SaNameT
. As security alarm notification, any field of
serviceUser/serviceProvider contains extended SaNameT
Execeptionally, the changedAttributes of AttributeChange notification
and the objectAttributes of ObjectCreateDelete notification, have currently
treated the value type SA_NTF_VALUE_LDAP_NAME as SA_NTF_VALUE_STRING, so that
there’s no need to add the protection for unadapted producer against
changeAttributes and objectAttributes.
2 - saNtfNotificationReadInitialize returns SA_AIS_ERR_INVALID_PARAM if the
reader specifies the filter header containing any long DN object in
notificationObjects or notifyingObjects.
3 - saNtfNotificationReadNext skips any notification containing
notificationObject/notifyingObject as long DN, and continue reading next until
finding the notification without long DN notificationObject/notifyingObject
then returns SA_AIS_OK, or no more notification satisfying the criteria then
returns SA_AIS_ERR_NOT_EXIST.
4 - saNtfNotificationSubscribe returns SA_AIS_ERR_INVALID_PARAM if the
subscriber specifies the filter header containing any long DN object in
notificationObjects or notifyingObjects.
5 - Any Notification callback containing notificationObject/notifyingObject as
long DN is dropped at Agent and SA_AIS_NAME_TOO_LONG error code is returned to
subscriber.
6 - saNtfPtrValGet returns SA_AIS_ERR_NAME_TOO_LONG if any extended SaNameT
presents in additionalInfo, specificProblems, thresholdInformation,
proposedRepairActions, monitoredAttributes, serviceUser and serviceProvider.
---
** [tickets:#1114] NTF: Unadapted LongDns consumer crashes due to read/subsribe
long dn notification**
**Status:** accepted
**Milestone:** 4.5.0
**Created:** Fri Sep 19, 2014 05:15 AM UTC by Minh Hon Chau
**Last Updated:** Tue Sep 23, 2014 11:18 AM UTC
**Owner:** Minh Hon Chau
In a long dn upgraded system, currently if an unadapted producer by somehow
receives the long dn objects then sends out within a notification, the producer
is not able to send this notification and receives the IN_VALID_PARAM return
code.
Similarly, the unadapted consumer should fail to read/subscribe for a long dn
notification, rather than crash
---
Sent from sourceforge.net because [email protected] is
subscribed to https://sourceforge.net/p/opensaf/tickets/
To unsubscribe from further messages, a project admin can change settings at
https://sourceforge.net/p/opensaf/admin/tickets/options. Or, if this is a
mailing list, you can unsubscribe from the mailing list.
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets
