This is an automated email from the git hooks/post-receive script.
mreynolds pushed a commit to branch 389-ds-base-1.3.8
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.3.8 by this push:
new 8cf4488 BZ1518320 - entry cache crash fix
8cf4488 is described below
commit 8cf448806e77d28198963a2c1a4adb31e3342d4f
Author: Mark Reynolds <mreynolds@redhat.com>
AuthorDate: Thu Jun 20 15:50:08 2019 -0400
BZ1518320 - entry cache crash fix
Description: THis patch is combination of all the entry cache fixes.
If these fixes are not enough, there is an experimental
"fix" that should prevent the crash. A message will be
logged that reports the crash was averted:
"(avoided crash, but cache was corrupted)"
The customer should monitor the errors log for this text,
and let GSS know if they see it.
---
configure.ac | 3 -
dirsrvtests/tests/suites/betxns/betxn_test.py | 57 +++++++++
ldap/servers/slapd/back-ldbm/back-ldbm.h | 68 ++++++-----
ldap/servers/slapd/back-ldbm/backentry.c | 2 +-
ldap/servers/slapd/back-ldbm/cache.c | 163 +++++++++++++++++++++++--
ldap/servers/slapd/back-ldbm/ldbm_add.c | 13 ++
ldap/servers/slapd/back-ldbm/ldbm_delete.c | 12 ++
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 12 ++
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 22 +++-
ldap/servers/slapd/back-ldbm/proto-back-ldbm.h | 1 +
ldap/servers/slapd/slapi-plugin.h | 15 +++
ldap/servers/slapd/time.c | 26 ++++
12 files changed, 341 insertions(+), 53 deletions(-)
diff --git a/configure.ac b/configure.ac
index 91d6d39..ea528ff 100644
--- a/configure.ac
+++ b/configure.ac
@@ -72,9 +72,6 @@ AC_FUNC_STRFTIME
AC_FUNC_VPRINTF
AC_CHECK_FUNCS([endpwent ftruncate getcwd gethostbyname inet_ntoa localtime_r memmove memset mkdir munmap putenv rmdir setrlimit socket strcasecmp strchr strcspn strdup strerror strncasecmp strpbrk strrchr strstr strtol tzset])
-# These functions are *required* without option.
-AC_CHECK_FUNCS([clock_gettime], [], AC_MSG_ERROR([unable to locate required symbol clock_gettime]))
-
# This will detect if we need to add the LIBADD_DL value for us.
LT_LIB_DLLOAD
diff --git a/dirsrvtests/tests/suites/betxns/betxn_test.py b/dirsrvtests/tests/suites/betxns/betxn_test.py
index 1754964..48181a9 100644
--- a/dirsrvtests/tests/suites/betxns/betxn_test.py
+++ b/dirsrvtests/tests/suites/betxns/betxn_test.py
@@ -8,6 +8,7 @@
#
import pytest
import six
+import ldap
from lib389.tasks import *
from lib389.utils import *
from lib389.topologies import topology_st
@@ -248,6 +249,62 @@ def test_betxn_memberof(topology_st, dynamic_plugins):
log.info('test_betxn_memberof: PASSED')
+def test_betxn_modrdn_memberof(topology_st):
+ """Test modrdn operartions and memberOf
+
+ :id: 70d0b96e-b693-4bf7-bbf5-102a66ac5994
+
+ :setup: Standalone instance
+
+ :steps: 1. Enable and configure memberOf plugin
+ 2. Set memberofgroupattr="member" and memberofAutoAddOC="nsContainer"
+ 3. Create group and user outside of memberOf plugin scope
+ 4. Do modrdn to move group into scope
+ 5. Do modrdn to move group into scope (again)
+
+ :expectedresults:
+ 1. memberOf plugin plugin should be ON
+ 2. Set memberofgroupattr="member" and memberofAutoAddOC="nsContainer" should PASS
+ 3. Creating group and user should PASS
+ 4. Modrdn should fail with objectclass violation
+ 5. Second modrdn should also fail with objectclass violation
+ """
+
+ peoplebase = 'ou=people,%s' % DEFAULT_SUFFIX
+ memberof = MemberOfPlugin(topology_st.standalone)
+ memberof.enable()
+ memberof.set_autoaddoc('nsContainer') # Bad OC
+ memberof.set('memberOfEntryScope', peoplebase)
+ memberof.set('memberOfAllBackends', 'on')
+ topology_st.standalone.restart()
+
+ groups = Groups(topology_st.standalone, DEFAULT_SUFFIX)
+ group = groups.create(properties={
+ 'cn': 'group',
+ })
+
+ # Create user and add it to group
+ users = UserAccounts(topology_st.standalone, basedn=DEFAULT_SUFFIX)
+ user = users.create(properties=TEST_USER_PROPERTIES)
+ if not ds_is_older('1.3.7'):
+ user.remove('objectClass', 'nsMemberOf')
+
+ group.add_member(user.dn)
+
+ # Attempt modrdn that should fail, but the original entry should stay in the cache
+ with pytest.raises(ldap.OBJECTCLASS_VIOLATION):
+ group.rename('cn=group_to_people', newsuperior=peoplebase)
+
+ # Should fail, but not with NO_SUCH_OBJECT as the original entry should still be in the cache
+ with pytest.raises(ldap.OBJECTCLASS_VIOLATION):
+ group.rename('cn=group_to_people', newsuperior=peoplebase)
+
+ #
+ # Done
+ #
+ log.info('test_betxn_modrdn_memberof: PASSED')
+
+
if __name__ == '__main__':
# Run isolated
# -s for DEBUG mode
diff --git a/ldap/servers/slapd/back-ldbm/back-ldbm.h b/ldap/servers/slapd/back-ldbm/back-ldbm.h
index 4727961..3995085 100644
--- a/ldap/servers/slapd/back-ldbm/back-ldbm.h
+++ b/ldap/servers/slapd/back-ldbm/back-ldbm.h
@@ -310,36 +310,37 @@ typedef struct
#define CACHE_TYPE_ENTRY 0
#define CACHE_TYPE_DN 1
-struct backcommon
-{
- int ep_type; /* to distinguish backdn from backentry */
- struct backcommon *ep_lrunext; /* for the cache */
- struct backcommon *ep_lruprev; /* for the cache */
- ID ep_id; /* entry id */
- char ep_state; /* state in the cache */
-#define ENTRY_STATE_DELETED 0x1 /* entry is marked as deleted */
-#define ENTRY_STATE_CREATING 0x2 /* entry is being created; don't touch it */
-#define ENTRY_STATE_NOTINCACHE 0x4 /* cache_add failed; not in the cache */
- int ep_refcnt; /* entry reference cnt */
- size_t ep_size; /* for cache tracking */
+struct backcommon {
+ int ep_type; /* to distinguish backdn from backentry */
+ struct backcommon *ep_lrunext; /* for the cache */
+ struct backcommon *ep_lruprev; /* for the cache */
+ ID ep_id; /* entry id */
+ char ep_state; /* state in the cache */
+#define ENTRY_STATE_DELETED 0x1 /* entry is marked as deleted */
+#define ENTRY_STATE_CREATING 0x2 /* entry is being created; don't touch it */
+#define ENTRY_STATE_NOTINCACHE 0x4 /* cache_add failed; not in the cache */
+#define ENTRY_STATE_INVALID 0x8 /* cache entry is invalid and needs to be removed */
+ int ep_refcnt; /* entry reference cnt */
+ size_t ep_size; /* for cache tracking */
+ struct timespec ep_create_time; /* the time the entry was added to the cache */
};
/* From ep_type through ep_size MUST be identical to backcommon */
-struct backentry
-{
- int ep_type; /* to distinguish backdn from backentry */
- struct backcommon *ep_lrunext; /* for the cache */
- struct backcommon *ep_lruprev; /* for the cache */
- ID ep_id; /* entry id */
- char ep_state; /* state in the cache */
- int ep_refcnt; /* entry reference cnt */
- size_t ep_size; /* for cache tracking */
- Slapi_Entry *ep_entry; /* real entry */
- Slapi_Entry *ep_vlventry;
- void *ep_dn_link; /* linkage for the 3 hash */
- void *ep_id_link; /* tables used for */
- void *ep_uuid_link; /* looking up entries */
- PRMonitor *ep_mutexp; /* protection for mods; make it reentrant */
+struct backentry {
+ int ep_type; /* to distinguish backdn from backentry */
+ struct backcommon *ep_lrunext; /* for the cache */
+ struct backcommon *ep_lruprev; /* for the cache */
+ ID ep_id; /* entry id */
+ char ep_state; /* state in the cache */
+ int ep_refcnt; /* entry reference cnt */
+ size_t ep_size; /* for cache tracking */
+ struct timespec ep_create_time; /* the time the entry was added to the cache */
+ Slapi_Entry *ep_entry; /* real entry */
+ Slapi_Entry *ep_vlventry;
+ void * ep_dn_link; /* linkage for the 3 hash */
+ void * ep_id_link; /* tables used for */
+ void * ep_uuid_link; /* looking up entries */
+ PRMonitor *ep_mutexp; /* protection for mods; make it reentrant */
};
/* From ep_type through ep_size MUST be identical to backcommon */
@@ -348,12 +349,13 @@ struct backdn
int ep_type; /* to distinguish backdn from backentry */
struct backcommon *ep_lrunext; /* for the cache */
struct backcommon *ep_lruprev; /* for the cache */
- ID ep_id; /* entry id */
- char ep_state; /* state in the cache; share ENTRY_STATE_* */
- int ep_refcnt; /* entry reference cnt */
- size_t ep_size; /* for cache tracking */
- Slapi_DN *dn_sdn;
- void *dn_id_link; /* for hash table */
+ ID ep_id; /* entry id */
+ char ep_state; /* state in the cache; share ENTRY_STATE_* */
+ int ep_refcnt; /* entry reference cnt */
+ size_t ep_size; /* for cache tracking */
+ struct timespec ep_create_time; /* the time the entry was added to the cache */
+ Slapi_DN *dn_sdn;
+ void *dn_id_link; /* for hash table */
};
/* for the in-core cache of entries */
diff --git a/ldap/servers/slapd/back-ldbm/backentry.c b/ldap/servers/slapd/back-ldbm/backentry.c
index f2fe780..a1f3ca1 100644
--- a/ldap/servers/slapd/back-ldbm/backentry.c
+++ b/ldap/servers/slapd/back-ldbm/backentry.c
@@ -23,7 +23,7 @@ backentry_free(struct backentry **bep)
return;
}
ep = *bep;
- PR_ASSERT(ep->ep_state & (ENTRY_STATE_DELETED | ENTRY_STATE_NOTINCACHE));
+ PR_ASSERT(ep->ep_state & (ENTRY_STATE_DELETED | ENTRY_STATE_NOTINCACHE | ENTRY_STATE_INVALID));
if (ep->ep_entry != NULL) {
slapi_entry_free(ep->ep_entry);
}
diff --git a/ldap/servers/slapd/back-ldbm/cache.c b/ldap/servers/slapd/back-ldbm/cache.c
index 86e1f7b..054766d 100644
--- a/ldap/servers/slapd/back-ldbm/cache.c
+++ b/ldap/servers/slapd/back-ldbm/cache.c
@@ -56,6 +56,11 @@
#define LOG(...)
No comments:
Post a Comment