Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2015-10-12 10:00:52 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openldap2" Changes: -------- --- /work/SRC/openSUSE:Factory/openldap2/openldap2-client.changes 2015-07-25 07:43:36.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new/openldap2-client.changes 2015-10-12 10:01:09.000000000 +0200 @@ -1,0 +2,5 @@ +Thu Oct 1 11:08:59 UTC 2015 - h...@suse.com + +- Upgrade to upstream 2.4.42 release with accumulated bug fixes. + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2015-07-25 07:43:36.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new/openldap2.changes 2015-10-12 10:01:09.000000000 +0200 @@ -1,0 +2,5 @@ +Thu Oct 1 11:08:41 UTC 2015 - h...@suse.com + +- Upgrade to upstream 2.4.42 release with accumulated bug fixes. + +------------------------------------------------------------------- Old: ---- openldap-2.4.41.tgz New: ---- openldap-2.4.42.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openldap2-client.spec ++++++ --- /var/tmp/diff_new_pack.ndwyFN/_old 2015-10-12 10:01:11.000000000 +0200 +++ /var/tmp/diff_new_pack.ndwyFN/_new 2015-10-12 10:01:11.000000000 +0200 @@ -17,7 +17,7 @@ %define run_test_suite 0 -%define version_main 2.4.41 +%define version_main 2.4.42 %if ! %{defined _rundir} %define _rundir %{_localstatedir}/run @@ -27,7 +27,7 @@ Summary: The OpenLDAP commandline client tools License: OLDAP-2.8 Group: Productivity/Networking/LDAP/Clients -Version: 2.4.41 +Version: 2.4.42 Release: 0 Url: http://www.openldap.org Source: openldap-%{version_main}.tgz openldap2.spec: same change ++++++ openldap-2.4.41.tgz -> openldap-2.4.42.tgz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/CHANGES new/openldap-2.4.42/CHANGES --- old/openldap-2.4.41/CHANGES 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/CHANGES 2015-08-14 17:25:28.000000000 +0200 @@ -1,5 +1,15 @@ OpenLDAP 2.4 Change Log +OpenLDAP 2.4.42 Release (2015/08/14) + Fixed liblber address length for CLDAP (ITS#8158) + Fixed libldap dnssrv potential overflow with port number (ITS#7027,ITS#8195) + Fixed slapd cn=config when updating olcAttributeTypes (ITS#8199) + Fixed slapd-mdb to correctly update search candidates for scoped searches (ITS#8203) + Fixed slapo-ppolicy with redundant mod ops on glued trees (ITS#8184) + Fixed slapo-rwm crash when deleting rewrite rules (ITS#8213) + Build Environment + Fixed libdb detection with gcc 5.x (ITS#8056) + OpenLDAP 2.4.41 Release (2015/06/21) Fixed ldapsearch to explicitly flush its buffer (ITS#8118) Fixed libldap async connections (ITS#8090) @@ -48,7 +58,6 @@ Fixed slapo-syncprov potential loss of changes when under load (ITS#8081) Fixed slapo-unique enforcement of uniqueness with manageDSAit control (ITS#8057) Build Environment - Fixed libdb detection with gcc 5.x (ITS#8056) Fixed ftello reference for Win32 (ITS#8127) Enhanced contrib modules build paths (ITS#7782) Fixed contrib/autogroup internal operation identity (ITS#8006) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/build/version.var new/openldap-2.4.42/build/version.var --- old/openldap-2.4.41/build/version.var 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/build/version.var 2015-08-14 17:25:28.000000000 +0200 @@ -15,9 +15,9 @@ ol_package=OpenLDAP ol_major=2 ol_minor=4 -ol_patch=41 -ol_api_inc=20441 +ol_patch=42 +ol_api_inc=20442 ol_api_current=12 -ol_api_revision=4 +ol_api_revision=5 ol_api_age=10 -ol_release_date="2015/06/21" +ol_release_date="2015/08/14" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/configure new/openldap-2.4.42/configure --- old/openldap-2.4.41/configure 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/configure 2015-08-14 17:25:28.000000000 +0200 @@ -20324,7 +20324,7 @@ __db_version DB_VERSION_MAJOR _ACEOF - set X `eval "$ac_cpp conftest.$ac_ext" | $EGREP __db_version` none none + set X `eval "$ac_cpp -P conftest.$ac_ext" | $EGREP __db_version` none none ol_cv_bdb_major=${3} fi @@ -20350,7 +20350,7 @@ __db_version DB_VERSION_MINOR _ACEOF - set X `eval "$ac_cpp conftest.$ac_ext" | $EGREP __db_version` none none + set X `eval "$ac_cpp -P conftest.$ac_ext" | $EGREP __db_version` none none ol_cv_bdb_minor=${3} fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/contrib/slapd-modules/lastbind/lastbind.c new/openldap-2.4.42/contrib/slapd-modules/lastbind/lastbind.c --- old/openldap-2.4.41/contrib/slapd-modules/lastbind/lastbind.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/contrib/slapd-modules/lastbind/lastbind.c 2015-08-14 17:25:28.000000000 +0200 @@ -70,7 +70,7 @@ { "lastbind-precision", "seconds", 2, 2, 0, ARG_INT|ARG_OFFSET, (void *)offsetof(lastbind_info, timestamp_precision), - "( OLcfgAt:5.1 " + "( OLcfgCtAt:5.1 " "NAME 'olcLastBindPrecision' " "DESC 'Precision of authTimestamp attribute' " "SYNTAX OMsInteger SINGLE-VALUE )", NULL, NULL }, @@ -78,7 +78,7 @@ }; static ConfigOCs lastbindocs[] = { - { "( OLcfgOc:5.1 " + { "( OLcfgCtOc:5.1 " "NAME 'olcLastBindConfig' " "DESC 'Last Bind configuration' " "SUP olcOverlayConfig " diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/doc/guide/admin/guide.html new/openldap-2.4.42/doc/guide/admin/guide.html --- old/openldap-2.4.41/doc/guide/admin/guide.html 2015-07-01 07:40:49.000000000 +0200 +++ new/openldap-2.4.42/doc/guide/admin/guide.html 2015-08-14 20:34:47.000000000 +0200 @@ -23,7 +23,7 @@ <DIV CLASS="title"> <H1 CLASS="doc-title">OpenLDAP Software 2.4 Administrator's Guide</H1> <ADDRESS CLASS="doc-author">The OpenLDAP Project <<A HREF="http://www.openldap.org/">http://www.openldap.org/</A>></ADDRESS> -<ADDRESS CLASS="doc-modified">20 June 2015</ADDRESS> +<ADDRESS CLASS="doc-modified">14 August 2015</ADDRESS> <BR CLEAR="All"> </DIV> <DIV CLASS="contents"> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/liblber/debug.c new/openldap-2.4.42/libraries/liblber/debug.c --- old/openldap-2.4.41/libraries/liblber/debug.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/liblber/debug.c 2015-08-14 17:25:28.000000000 +0200 @@ -33,6 +33,7 @@ #include "ldap_pvt.h" static FILE *log_file = NULL; +static int debug_lastc = '\n'; int lutil_debug_file( FILE *file ) { @@ -46,6 +47,7 @@ { char buffer[4096]; va_list vl; + int len, off; if ( !(level & debug ) ) return; @@ -62,9 +64,17 @@ } #endif - sprintf(buffer, "%08x ", (unsigned) time(0L)); + if (debug_lastc == '\n') { + sprintf(buffer, "%08x ", (unsigned) time(0L)); + off = 9; + } else { + off = 0; + } va_start( vl, fmt ); - vsnprintf( buffer+9, sizeof(buffer)-9, fmt, vl ); + len = vsnprintf( buffer+off, sizeof(buffer)-off, fmt, vl ); + if (len > sizeof(buffer)-off) + len = sizeof(buffer)-off; + debug_lastc = buffer[len+off-1]; buffer[sizeof(buffer)-1] = '\0'; if( log_file != NULL ) { fputs( buffer, log_file ); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/liblber/sockbuf.c new/openldap-2.4.42/libraries/liblber/sockbuf.c --- old/openldap-2.4.41/libraries/liblber/sockbuf.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/liblber/sockbuf.c 2015-08-14 17:25:28.000000000 +0200 @@ -928,6 +928,7 @@ { ber_slen_t rc; struct sockaddr *dst; + socklen_t dstsize; assert( sbiod != NULL ); assert( SOCKBUF_VALID( sbiod->sbiod_sb ) ); @@ -936,9 +937,12 @@ dst = buf; buf = (char *) buf + sizeof( struct sockaddr_storage ); len -= sizeof( struct sockaddr_storage ); - - rc = sendto( sbiod->sbiod_sb->sb_fd, buf, len, 0, dst, - sizeof( struct sockaddr_storage ) ); + dstsize = dst->sa_family == AF_INET ? sizeof( struct sockaddr_in ) +#ifdef LDAP_PF_INET6 + : dst->sa_family == AF_INET6 ? sizeof( struct sockaddr_in6 ) +#endif + : sizeof( struct sockaddr_storage ); + rc = sendto( sbiod->sbiod_sb->sb_fd, buf, len, 0, dst, dstsize ); if ( rc < 0 ) return -1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/libldap/dnssrv.c new/openldap-2.4.42/libraries/libldap/dnssrv.c --- old/openldap-2.4.41/libraries/libldap/dnssrv.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/libldap/dnssrv.c 2015-08-14 17:25:28.000000000 +0200 @@ -399,7 +399,7 @@ if(cur>0){ hostlist[cur++]=' '; } - cur += sprintf(&hostlist[cur], "%s:%hd", hostent_head[i].hostname, hostent_head[i].port); + cur += sprintf(&hostlist[cur], "%s:%hu", hostent_head[i].hostname, hostent_head[i].port); } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/liblmdb/CHANGES new/openldap-2.4.42/libraries/liblmdb/CHANGES --- old/openldap-2.4.41/libraries/liblmdb/CHANGES 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/liblmdb/CHANGES 2015-08-14 17:25:28.000000000 +0200 @@ -1,5 +1,10 @@ LMDB 0.9 Change Log +LMDB 0.9.16 Release (2015/08/14) + Fix cursor EOF bug (ITS#8190) + Fix handling of subDB records (ITS#8181) + Fix mdb_midl_shrink() usage (ITS#8200) + LMDB 0.9.15 Release (2015/06/19) Fix txn init (ITS#7961,#7987) Fix MDB_PREV_DUP (ITS#7955,#7671) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/liblmdb/lmdb.h new/openldap-2.4.42/libraries/liblmdb/lmdb.h --- old/openldap-2.4.41/libraries/liblmdb/lmdb.h 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/liblmdb/lmdb.h 2015-08-14 17:25:28.000000000 +0200 @@ -184,7 +184,7 @@ /** Library minor version */ #define MDB_VERSION_MINOR 9 /** Library patch version */ -#define MDB_VERSION_PATCH 15 +#define MDB_VERSION_PATCH 16 /** Combine args a,b,c into a single integer for easy version comparisons */ #define MDB_VERINT(a,b,c) (((a) << 24) | ((b) << 16) | (c)) @@ -194,7 +194,7 @@ MDB_VERINT(MDB_VERSION_MAJOR,MDB_VERSION_MINOR,MDB_VERSION_PATCH) /** The release date of this library version */ -#define MDB_VERSION_DATE "June 19, 2015" +#define MDB_VERSION_DATE "August 14, 2015" /** A stringifier for the version info */ #define MDB_VERSTR(a,b,c,d) "LMDB " #a "." #b "." #c ": (" d ")" @@ -413,7 +413,14 @@ #define MDB_PAGE_FULL (-30786) /** Database contents grew beyond environment mapsize */ #define MDB_MAP_RESIZED (-30785) - /** MDB_INCOMPATIBLE: Operation and DB incompatible, or DB flags changed */ + /** Operation and DB incompatible, or DB type changed. This can mean: + * <ul> + * <li>The operation expects an #MDB_DUPSORT / #MDB_DUPFIXED database. + * <li>Opening a named DB when the unnamed DB has #MDB_DUPSORT / #MDB_INTEGERKEY. + * <li>Accessing a data record as a database, or vice versa. + * <li>The database was dropped and recreated with different flags. + * </ul> + */ #define MDB_INCOMPATIBLE (-30784) /** Invalid reuse of reader locktable slot */ #define MDB_BAD_RSLOT (-30783) @@ -1034,8 +1041,9 @@ * any other transaction in the process may use this function. * * To use named databases (with name != NULL), #mdb_env_set_maxdbs() - * must be called before opening the environment. Database names - * are kept as keys in the unnamed database. + * must be called before opening the environment. Database names are + * keys in the unnamed database, and may be read but not written. + * * @param[in] txn A transaction handle returned by #mdb_txn_begin() * @param[in] name The name of the database to open. If only a single * database is needed in the environment, this value may be NULL. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/liblmdb/mdb.c new/openldap-2.4.42/libraries/liblmdb/mdb.c --- old/openldap-2.4.41/libraries/liblmdb/mdb.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/liblmdb/mdb.c 2015-08-14 17:25:28.000000000 +0200 @@ -2822,8 +2822,8 @@ } if (!txn->mt_parent) { - if (mdb_midl_shrink(&txn->mt_free_pgs)) - env->me_free_pgs = txn->mt_free_pgs; + mdb_midl_shrink(&txn->mt_free_pgs); + env->me_free_pgs = txn->mt_free_pgs; /* me_pgstate: */ env->me_pghead = NULL; env->me_pglast = 0; @@ -3395,7 +3395,8 @@ goto fail; } data.mv_data = &txn->mt_dbs[i]; - rc = mdb_cursor_put(&mc, &txn->mt_dbxs[i].md_name, &data, 0); + rc = mdb_cursor_put(&mc, &txn->mt_dbxs[i].md_name, &data, + F_SUBDATA); if (rc) goto fail; } @@ -3408,8 +3409,8 @@ mdb_midl_free(env->me_pghead); env->me_pghead = NULL; - if (mdb_midl_shrink(&txn->mt_free_pgs)) - env->me_free_pgs = txn->mt_free_pgs; + mdb_midl_shrink(&txn->mt_free_pgs); + env->me_free_pgs = txn->mt_free_pgs; #if (MDB_DEBUG) > 2 mdb_audit(txn); @@ -3647,7 +3648,6 @@ /* Write to the SYNC fd */ mfd = env->me_flags & (MDB_NOSYNC|MDB_NOMETASYNC) ? env->me_fd : env->me_mfd; -retry_write: #ifdef _WIN32 { memset(&ov, 0, sizeof(ov)); @@ -3656,12 +3656,15 @@ rc = -1; } #else +retry_write: rc = pwrite(mfd, ptr, len, off); #endif if (rc != len) { rc = rc < 0 ? ErrCode() : EIO; +#ifndef _WIN32 if (rc == EINTR) goto retry_write; +#endif DPUTS("write failed, disk error?"); /* On a failure, the pagecache still contains the new data. * Write some old data back, to prevent it from being used. @@ -5214,6 +5217,8 @@ &mc->mc_dbx->md_name, &exact); if (!exact) return MDB_NOTFOUND; + if ((leaf->mn_flags & (F_DUPDATA|F_SUBDATA)) != F_SUBDATA) + return MDB_INCOMPATIBLE; /* not a named DB */ rc = mdb_node_read(mc->mc_txn, leaf, &data); if (rc) return rc; @@ -5725,8 +5730,10 @@ if (leaf == NULL) { DPUTS("===> inexact leaf not found, goto sibling"); - if ((rc = mdb_cursor_sibling(mc, 1)) != MDB_SUCCESS) + if ((rc = mdb_cursor_sibling(mc, 1)) != MDB_SUCCESS) { + mc->mc_flags |= C_EOF; return rc; /* no entries matched */ + } mp = mc->mc_pg[mc->mc_top]; mdb_cassert(mc, IS_LEAF(mp)); leaf = NODEPTR(mp, 0); @@ -6404,6 +6411,9 @@ goto new_sub; } current: + /* LMDB passes F_SUBDATA in 'flags' to write a DB record */ + if ((leaf->mn_flags ^ flags) & F_SUBDATA) + return MDB_INCOMPATIBLE; /* overflow page overwrites need special handling */ if (F_ISSET(leaf->mn_flags, F_BIGDATA)) { MDB_page *omp; @@ -6674,6 +6684,11 @@ goto fail; } } + /* LMDB passes F_SUBDATA in 'flags' to delete a DB record */ + else if ((leaf->mn_flags ^ flags) & F_SUBDATA) { + rc = MDB_INCOMPATIBLE; + goto fail; + } /* add overflow pages to free list */ if (F_ISSET(leaf->mn_flags, F_BIGDATA)) { @@ -9169,7 +9184,7 @@ if (rc == MDB_SUCCESS) { /* make sure this is actually a DB */ MDB_node *node = NODEPTR(mc.mc_pg[mc.mc_top], mc.mc_ki[mc.mc_top]); - if (!(node->mn_flags & F_SUBDATA)) + if ((node->mn_flags & (F_DUPDATA|F_SUBDATA)) != F_SUBDATA) return MDB_INCOMPATIBLE; } else if (rc == MDB_NOTFOUND && (flags & MDB_CREATE)) { /* Create if requested */ @@ -9362,7 +9377,7 @@ /* Can't delete the main DB */ if (del && dbi > MAIN_DBI) { - rc = mdb_del0(txn, MAIN_DBI, &mc->mc_dbx->md_name, NULL, 0); + rc = mdb_del0(txn, MAIN_DBI, &mc->mc_dbx->md_name, NULL, F_SUBDATA); if (!rc) { txn->mt_dbflags[dbi] = DB_STALE; mdb_dbi_close(txn->mt_env, dbi); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/liblmdb/midl.c new/openldap-2.4.42/libraries/liblmdb/midl.c --- old/openldap-2.4.41/libraries/liblmdb/midl.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/liblmdb/midl.c 2015-08-14 17:25:28.000000000 +0200 @@ -116,7 +116,7 @@ free(ids-1); } -int mdb_midl_shrink( MDB_IDL *idp ) +void mdb_midl_shrink( MDB_IDL *idp ) { MDB_IDL ids = *idp; if (*(--ids) > MDB_IDL_UM_MAX && @@ -124,9 +124,7 @@ { *ids++ = MDB_IDL_UM_MAX; *idp = ids; - return 1; } - return 0; } static int mdb_midl_grow( MDB_IDL *idp, int num ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/libraries/liblmdb/midl.h new/openldap-2.4.42/libraries/liblmdb/midl.h --- old/openldap-2.4.41/libraries/liblmdb/midl.h 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/libraries/liblmdb/midl.h 2015-08-14 17:25:28.000000000 +0200 @@ -98,9 +98,8 @@ /** Shrink an IDL. * Return the IDL to the default size if it has grown larger. * @param[in,out] idp Address of the IDL to shrink. - * @return 0 on no change, non-zero if shrunk. */ -int mdb_midl_shrink(MDB_IDL *idp); +void mdb_midl_shrink(MDB_IDL *idp); /** Make room for num additional elements in an IDL. * @param[in,out] idp Address of the IDL. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/servers/slapd/at.c new/openldap-2.4.42/servers/slapd/at.c --- old/openldap-2.4.41/servers/slapd/at.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/servers/slapd/at.c 2015-08-14 17:25:28.000000000 +0200 @@ -365,6 +365,10 @@ } #endif + if ( *at == NULL ) { + return 0; + } + *at = LDAP_STAILQ_NEXT(*at,sat_next); return (*at != NULL); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/servers/slapd/back-mdb/dn2id.c new/openldap-2.4.42/servers/slapd/back-mdb/dn2id.c --- old/openldap-2.4.41/servers/slapd/back-mdb/dn2id.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/servers/slapd/back-mdb/dn2id.c 2015-08-14 17:25:28.000000000 +0200 @@ -922,3 +922,46 @@ } return rc; } + +/* restore the nrdn/rdn pointers after a txn reset */ +void mdb_dn2id_wrestore ( + Operation *op, + IdScopes *isc +) +{ + MDB_val key, data; + diskNode *d; + int rc, n, nrlen; + char *ptr; + + /* We only need to restore up to the n-1th element, + * the nth element will be replaced anyway + */ + key.mv_size = sizeof(ID); + for ( n=0; n<isc->numrdns-1; n++ ) { + key.mv_data = &isc->scopes[n+1].mid; + rc = mdb_cursor_get( isc->mc, &key, &data, MDB_SET ); + if ( rc ) + continue; + /* we can't use this data directly since its nrlen + * is missing the high bit setting, so copy it and + * set it properly. we just copy enough to satisfy + * mdb_dup_compare. + */ + d = data.mv_data; + nrlen = ((d->nrdnlen[0] & 0x7f) << 8) | d->nrdnlen[1]; + ptr = op->o_tmpalloc( nrlen+2, op->o_tmpmemctx ); + memcpy( ptr, data.mv_data, nrlen+2 ); + key.mv_data = &isc->scopes[n].mid; + data.mv_data = ptr; + data.mv_size = 1; + *ptr |= 0x80; + mdb_cursor_get( isc->mc, &key, &data, MDB_GET_BOTH ); + op->o_tmpfree( ptr, op->o_tmpmemctx ); + + /* now we're back to where we wanted to be */ + d = data.mv_data; + isc->nrdns[n].bv_val = d->nrdn; + isc->rdns[n].bv_val = d->nrdn+isc->nrdns[n].bv_len+1; + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/servers/slapd/back-mdb/proto-mdb.h new/openldap-2.4.42/servers/slapd/back-mdb/proto-mdb.h --- old/openldap-2.4.41/servers/slapd/back-mdb/proto-mdb.h 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/servers/slapd/back-mdb/proto-mdb.h 2015-08-14 17:25:28.000000000 +0200 @@ -146,6 +146,10 @@ Operation *op, struct IdScopes *isc ); +void mdb_dn2id_wrestore( + Operation *op, + struct IdScopes *isc ); + MDB_cmp_func mdb_dup_compare; /* diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/servers/slapd/back-mdb/search.c new/openldap-2.4.42/servers/slapd/back-mdb/search.c --- old/openldap-2.4.41/servers/slapd/back-mdb/search.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/servers/slapd/back-mdb/search.c 2015-08-14 17:25:28.000000000 +0200 @@ -358,30 +358,22 @@ } static int -mdb_waitfixup( Operation *op, ww_ctx *ww, MDB_cursor *mci, MDB_cursor *mcd, ID2 *scopes ) +mdb_waitfixup( Operation *op, ww_ctx *ww, MDB_cursor *mci, MDB_cursor *mcd, IdScopes *isc ) { + MDB_val key; int rc = 0; ww->flag = 0; mdb_txn_renew( ww->txn ); mdb_cursor_renew( ww->txn, mci ); mdb_cursor_renew( ww->txn, mcd ); - if ( scopes[0].mid > 1 ) { - MDB_val key; - int i; - key.mv_size = sizeof(ID); - for ( i=1; i<scopes[0].mid; i++ ) { - if ( !scopes[i].mval.mv_data ) - continue; - key.mv_data = &scopes[i].mid; - mdb_cursor_get( mcd, &key, &scopes[i].mval, MDB_SET ); - } - } + key.mv_size = sizeof(ID); + if ( ww->mcd ) { /* scope-based search using dn2id_walk */ + MDB_val data; - if ( ww->mcd ) { - MDB_val key, data; + if ( isc->numrdns ) + mdb_dn2id_wrestore( op, isc ); - key.mv_size = sizeof(ID); key.mv_data = &ww->key; data = ww->data; rc = mdb_cursor_get( mcd, &key, &data, MDB_GET_BOTH ); @@ -400,6 +392,14 @@ } op->o_tmpfree( ww->data.mv_data, op->o_tmpmemctx ); ww->data.mv_data = NULL; + } else if ( isc->scopes[0].mid > 1 ) { /* candidate-based search */ + int i; + for ( i=1; i<isc->scopes[0].mid; i++ ) { + if ( !isc->scopes[i].mval.mv_data ) + continue; + key.mv_data = &isc->scopes[i].mid; + mdb_cursor_get( mcd, &key, &isc->scopes[i].mval, MDB_SET ); + } } return rc; } @@ -1049,7 +1049,7 @@ rs->sr_ref = NULL; if ( wwctx.flag ) { - rs->sr_err = mdb_waitfixup( op, &wwctx, mci, mcd, scopes ); + rs->sr_err = mdb_waitfixup( op, &wwctx, mci, mcd, &isc ); if ( rs->sr_err ) { send_ldap_result( op, rs ); goto done; @@ -1111,7 +1111,7 @@ goto done; } if ( wwctx.flag ) { - rs->sr_err = mdb_waitfixup( op, &wwctx, mci, mcd, scopes ); + rs->sr_err = mdb_waitfixup( op, &wwctx, mci, mcd, &isc ); if ( rs->sr_err ) { send_ldap_result( op, rs ); goto done; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/servers/slapd/overlays/ppolicy.c new/openldap-2.4.42/servers/slapd/overlays/ppolicy.c --- old/openldap-2.4.41/servers/slapd/overlays/ppolicy.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/servers/slapd/overlays/ppolicy.c 2015-08-14 17:25:28.000000000 +0200 @@ -1561,6 +1561,8 @@ LDAPControl *ctrl = NULL; LDAPControl **oldctrls = NULL; int is_pwdexop = 0; + int got_del_grace = 0, got_del_lock = 0, got_pw = 0, got_del_fail = 0; + int got_changed = 0, got_history = 0; op->o_bd->bd_info = (BackendInfo *)on->on_info; rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e ); @@ -1573,7 +1575,6 @@ */ if ( be_shadow_update( op )) { Modifications **prev; - int got_del_grace = 0, got_del_lock = 0, got_pw = 0, got_del_fail = 0; Attribute *a_grace, *a_lock, *a_fail; a_grace = attr_find( e->e_attrs, ad_pwdGraceUseTime ); @@ -1592,19 +1593,25 @@ int drop = 0; if ( ml->sml_desc == ad_pwdGraceUseTime ) { - got_del_grace = 1; - if ( !a_grace ) + if ( !a_grace || got_del_grace ) { drop = 1; + } else { + got_del_grace = 1; + } } else if ( ml->sml_desc == ad_pwdAccountLockedTime ) { - got_del_lock = 1; - if ( !a_lock ) + if ( !a_lock || got_del_lock ) { drop = 1; + } else { + got_del_lock = 1; + } } else if ( ml->sml_desc == ad_pwdFailureTime ) { - got_del_fail = 1; - if ( !a_fail ) + if ( !a_fail || got_del_fail ) { drop = 1; + } else { + got_del_fail = 1; + } } if ( drop ) { *prev = ml->sml_next; @@ -1756,6 +1763,20 @@ (ml->sml_op == LDAP_MOD_REPLACE)) zapReset = 0; } + if ( ml->sml_op == LDAP_MOD_DELETE ) { + if ( ml->sml_desc == ad_pwdGraceUseTime ) { + got_del_grace = 1; + } else if ( ml->sml_desc == ad_pwdAccountLockedTime ) { + got_del_lock = 1; + } else if ( ml->sml_desc == ad_pwdFailureTime ) { + got_del_fail = 1; + } + } + if ( ml->sml_desc == ad_pwdChangedTime ) { + got_changed = 1; + } else if (ml->sml_desc == ad_pwdHistory ) { + got_history = 1; + } } if (!BER_BVISEMPTY( &pwcons[op->o_conn->c_conn_idx].dn ) && !mod_pw_only ) { @@ -1992,32 +2013,34 @@ * up to date. */ - timestamp.bv_val = timebuf; - timestamp.bv_len = sizeof(timebuf); - slap_timestamp( &now, ×tamp ); - - mods = NULL; - if (pwmop != LDAP_MOD_DELETE) { - mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 ); - mods->sml_op = LDAP_MOD_REPLACE; - mods->sml_numvals = 1; - mods->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) ); - ber_dupbv( &mods->sml_values[0], ×tamp ); - BER_BVZERO( &mods->sml_values[1] ); - assert( !BER_BVISNULL( &mods->sml_values[0] ) ); - } else if (attr_find(e->e_attrs, ad_pwdChangedTime )) { - mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 ); - mods->sml_op = LDAP_MOD_DELETE; - } - if (mods) { - mods->sml_desc = ad_pwdChangedTime; - mods->sml_flags = SLAP_MOD_INTERNAL; - mods->sml_next = NULL; - modtail->sml_next = mods; - modtail = mods; + if (!got_changed) { + timestamp.bv_val = timebuf; + timestamp.bv_len = sizeof(timebuf); + slap_timestamp( &now, ×tamp ); + + mods = NULL; + if (pwmop != LDAP_MOD_DELETE) { + mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 ); + mods->sml_op = LDAP_MOD_REPLACE; + mods->sml_numvals = 1; + mods->sml_values = (BerVarray) ch_malloc( 2 * sizeof( struct berval ) ); + ber_dupbv( &mods->sml_values[0], ×tamp ); + BER_BVZERO( &mods->sml_values[1] ); + assert( !BER_BVISNULL( &mods->sml_values[0] ) ); + } else if (attr_find(e->e_attrs, ad_pwdChangedTime )) { + mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 ); + mods->sml_op = LDAP_MOD_DELETE; + } + if (mods) { + mods->sml_desc = ad_pwdChangedTime; + mods->sml_flags = SLAP_MOD_INTERNAL; + mods->sml_next = NULL; + modtail->sml_next = mods; + modtail = mods; + } } - if (attr_find(e->e_attrs, ad_pwdGraceUseTime )) { + if (!got_del_grace && attr_find(e->e_attrs, ad_pwdGraceUseTime )) { mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 ); mods->sml_op = LDAP_MOD_DELETE; mods->sml_desc = ad_pwdGraceUseTime; @@ -2027,7 +2050,7 @@ modtail = mods; } - if (attr_find(e->e_attrs, ad_pwdAccountLockedTime )) { + if (!got_del_lock && attr_find(e->e_attrs, ad_pwdAccountLockedTime )) { mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 ); mods->sml_op = LDAP_MOD_DELETE; mods->sml_desc = ad_pwdAccountLockedTime; @@ -2037,7 +2060,7 @@ modtail = mods; } - if (attr_find(e->e_attrs, ad_pwdFailureTime )) { + if (!got_del_fail && attr_find(e->e_attrs, ad_pwdFailureTime )) { mods = (Modifications *) ch_calloc( sizeof( Modifications ), 1 ); mods->sml_op = LDAP_MOD_DELETE; mods->sml_desc = ad_pwdFailureTime; @@ -2058,7 +2081,7 @@ modtail = mods; } - if (pp.pwdInHistory > 0) { + if (!got_history && pp.pwdInHistory > 0) { if (hsize >= pp.pwdInHistory) { /* * We use the >= operator, since we are going to add diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/servers/slapd/overlays/rwm.c new/openldap-2.4.42/servers/slapd/overlays/rwm.c --- old/openldap-2.4.41/servers/slapd/overlays/rwm.c 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/servers/slapd/overlays/rwm.c 2015-08-14 17:25:28.000000000 +0200 @@ -2179,7 +2179,10 @@ ca.line = rwmap->rwm_bva_rewrite[ i ].bv_val; ca.argc = 0; config_fp_parse_line( &ca ); - + + argv0 = ca.argv[ 0 ]; + ca.argv[ 0 ] += STRLENOF( "rwm-" ); + if ( strcasecmp( ca.argv[ 0 ], "suffixmassage" ) == 0 ) { rc = rwm_suffixmassage_config( &db, c->fname, c->lineno, ca.argc, ca.argv ); @@ -2189,6 +2192,8 @@ ca.argc, ca.argv ); } + ca.argv[ 0 ] = argv0; + ch_free( ca.tline ); ch_free( ca.argv ); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.41/tests/data/slapd-proxycache.conf new/openldap-2.4.42/tests/data/slapd-proxycache.conf --- old/openldap-2.4.41/tests/data/slapd-proxycache.conf 2015-06-21 02:19:58.000000000 +0200 +++ new/openldap-2.4.42/tests/data/slapd-proxycache.conf 2015-08-14 17:25:28.000000000 +0200 @@ -56,6 +56,9 @@ #bdb#cachesize 20 #hdb#cachesize 20 +#bdb#dbnosync +#hdb#dbnosync +#mdb#dbnosync #~null~#directory @TESTDIR@/db.2.a #indexdb#index objectClass eq