[prev in list] [next in list] [prev in thread] [next in thread]
List: fedora-directory-commits
Subject: [389-commits] ldap/servers
From: Ludwig Krispenz <lkrispen () fedoraproject ! org>
Date: 2013-06-20 9:02:13
Message-ID: 20130620090213.A073060EEA () fedorahosted ! org
[Download RAW message or body]
ldap/servers/slapd/back-ldbm/ldbm_modify.c | 7 +++++++
ldap/servers/slapd/back-ldbm/ldbm_modrdn.c | 7 +++++++
2 files changed, 14 insertions(+)
New commits:
commit 0c9e3b140803af8cb9530f5d4a67c1869620a3bd
Author: Ludwig Krispenz <lkrispen@redhat.com>
Date: Tue Jun 18 15:00:20 2013 +0200
Ticket 47396 - crash on modrdn of tombstone
Bug Description: a client modrdn operation on a tombstone entry can crash the \
server
Fix Description: client modrdns and modifies on tombstone entries should not be
accepted. Tombstones aer internally kept for eventual conflict resolution, \
normal clients should not touch them.
an exception would be to force purging of tombstones or a kind of "undo" for
a delete, which could resurrect a tombstone, but this is not in the scope of \
this ticket
https://fedorahosted.org/389/ticket/47396
Reviewed by: Rich, thanks
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modify.c \
b/ldap/servers/slapd/back-ldbm/ldbm_modify.c index 17adc87..c00194b 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modify.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modify.c
@@ -485,6 +485,13 @@ ldbm_back_modify( Slapi_PBlock *pb )
if ( !is_fixup_operation )
{
+ if (slapi_entry_flag_is_set(e->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE) ) {
+ ldap_result_code = LDAP_UNWILLING_TO_PERFORM;
+ ldap_result_message = "Operation not allowed on tombstone \
entry."; + slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_modify",
+ "Attempt to modify a tombstone entry %s\n", \
slapi_sdn_get_dn(slapi_entry_get_sdn_const( e->ep_entry ))); + goto error_return;
+ }
opcsn = operation_get_csn (operation);
if (NULL == opcsn && operation->o_csngen_handler)
{
diff --git a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c \
b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c index bcc59b3..fe53554 100644
--- a/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
+++ b/ldap/servers/slapd/back-ldbm/ldbm_modrdn.c
@@ -479,6 +479,13 @@ ldbm_back_modrdn( Slapi_PBlock *pb )
goto error_return; /* error result sent by find_entry2modify() */
}
e_in_cache = 1; /* e is in the cache and locked */
+ if (slapi_entry_flag_is_set(e->ep_entry, SLAPI_ENTRY_FLAG_TOMBSTONE) ) {
+ ldap_result_code = LDAP_UNWILLING_TO_PERFORM;
+ ldap_result_message = "Operation not allowed on tombstone entry.";
+ slapi_log_error(SLAPI_LOG_FATAL, "ldbm_back_modrdn",
+ "Attempt to rename a tombstone entry %s\n", \
slapi_sdn_get_dn(slapi_entry_get_sdn_const( e->ep_entry ))); + goto error_return;
+ }
/* Check that an entry with the same DN doesn't already exist. */
{
Slapi_Entry *entry;
--
389 commits mailing list
389-commits@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-commits
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic