From fedora-directory-commits at redhat.com Wed Jun 1 18:10:45 2005 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Wed, 1 Jun 2005 14:10:45 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/synctools/passwordsync/passsync syncserv.cpp, 1.7, 1.8 Message-ID: <200506011810.j51IAjpk006122@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6108 Modified Files: syncserv.cpp Log Message: Fix search scope for AD password sync - 159037 Index: syncserv.cpp =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync/syncserv.cpp,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- syncserv.cpp 19 Apr 2005 22:07:44 -0000 1.7 +++ syncserv.cpp 1 Jun 2005 18:10:42 -0000 1.8 @@ -411,7 +411,7 @@ _snprintf(searchFilter, SYNCSERV_BUF_SIZE, "(%s=%s)", ldapUsernameField, username); - lastLdapError = ldap_search_ext_s(mainLdapConnection, ldapSearchBase, LDAP_SCOPE_ONELEVEL, searchFilter, NULL, 0, NULL, NULL, NULL, -1, &results); + lastLdapError = ldap_search_ext_s(mainLdapConnection, ldapSearchBase, LDAP_SCOPE_SUBTREE, searchFilter, NULL, 0, NULL, NULL, NULL, -1, &results); if(lastLdapError != LDAP_SUCCESS) { From fedora-directory-commits at redhat.com Wed Jun 1 18:30:55 2005 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Wed, 1 Jun 2005 14:30:55 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/synctools/passwordsync/passsync syncserv.cpp, 1.7, 1.7.2.1 Message-ID: <200506011830.j51IUtWM006200@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6186 Modified Files: Tag: Directory71RtmBranch syncserv.cpp Log Message: Merged fix for bug 159037 to 71 branch Index: syncserv.cpp =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/synctools/passwordsync/passsync/syncserv.cpp,v retrieving revision 1.7 retrieving revision 1.7.2.1 diff -u -r1.7 -r1.7.2.1 --- syncserv.cpp 19 Apr 2005 22:07:44 -0000 1.7 +++ syncserv.cpp 1 Jun 2005 18:30:53 -0000 1.7.2.1 @@ -411,7 +411,7 @@ _snprintf(searchFilter, SYNCSERV_BUF_SIZE, "(%s=%s)", ldapUsernameField, username); - lastLdapError = ldap_search_ext_s(mainLdapConnection, ldapSearchBase, LDAP_SCOPE_ONELEVEL, searchFilter, NULL, 0, NULL, NULL, NULL, -1, &results); + lastLdapError = ldap_search_ext_s(mainLdapConnection, ldapSearchBase, LDAP_SCOPE_SUBTREE, searchFilter, NULL, 0, NULL, NULL, NULL, -1, &results); if(lastLdapError != LDAP_SUCCESS) { From fedora-directory-commits at redhat.com Thu Jun 9 17:42:17 2005 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 9 Jun 2005 13:42:17 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/test-plugins testbind.c, 1.4, 1.5 testdatainterop.c, 1.4, 1.5 testentry.c, 1.4, 1.5 testextendedop.c, 1.4, 1.5 testgetip.c, 1.4, 1.5 testpostop.c, 1.4, 1.5 testpreop.c, 1.4, 1.5 testsaslbind.c, 1.6, 1.7 Message-ID: <200506091742.j59HgHkB004780@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4752 Modified Files: testbind.c testdatainterop.c testentry.c testextendedop.c testgetip.c testpostop.c testpreop.c testsaslbind.c Log Message: Added testpreop_search to verify bug 147585 Plus fixed branding/version number. Index: testbind.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testbind.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- testbind.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testbind.c 9 Jun 2005 17:42:14 -0000 1.5 @@ -69,7 +69,7 @@ #include #include "slapi-plugin.h" -Slapi_PluginDesc bindpdesc = { "test-bind", "Netscape", "0.5", +Slapi_PluginDesc bindpdesc = { "test-bind", "Fedora Project", "7.1", "sample bind pre-operation plugin" }; static Slapi_ComponentId *plugin_id = NULL; Index: testdatainterop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testdatainterop.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- testdatainterop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testdatainterop.c 9 Jun 2005 17:42:14 -0000 1.5 @@ -88,8 +88,8 @@ nsslapd-pluginType: preoperation nsslapd-pluginEnabled: on nsslapd-pluginId: nullsuffix-preop - nsslapd-pluginVersion: 6.2 - nsslapd-pluginVendor: Netscape + nsslapd-pluginVersion: 7.1 + nsslapd-pluginVendor: Fedora Project nsslapd-pluginDescription: sample pre-operation null suffix plugin ******************************************/ @@ -113,7 +113,7 @@ /* * Static variables. */ -static Slapi_PluginDesc plugindesc = { PLUGIN_NAME, "Netscape", "0.5", +static Slapi_PluginDesc plugindesc = { PLUGIN_NAME, "Fedora Project", "7.1", "sample pre-operation null suffix plugin" }; static Slapi_ComponentId *plugin_id = NULL; Index: testentry.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testentry.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- testentry.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testentry.c 9 Jun 2005 17:42:14 -0000 1.5 @@ -90,7 +90,7 @@ #include #include "slapi-plugin.h" -Slapi_PluginDesc entrypdesc = { "test-entry", "Netscape", "0.5", +Slapi_PluginDesc entrypdesc = { "test-entry", "Fedora Project", "7.1", "sample entry modification plugin" }; /* Entry store plug-in function */ Index: testextendedop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testextendedop.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- testextendedop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testextendedop.c 9 Jun 2005 17:42:14 -0000 1.5 @@ -83,7 +83,7 @@ /* OID of the extended operation handled by this plug-in */ #define MY_OID "1.2.3.4" -Slapi_PluginDesc expdesc = { "test-extendedop", "Netscape", "0.5", +Slapi_PluginDesc expdesc = { "test-extendedop", "Fedora Project", "7.1", "sample extended operation plugin" }; Index: testgetip.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testgetip.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- testgetip.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testgetip.c 9 Jun 2005 17:42:14 -0000 1.5 @@ -74,7 +74,7 @@ #include "slapi-plugin.h" #include "nspr.h" -Slapi_PluginDesc getippdesc = { "test-getip", "Netscape", "0.5", +Slapi_PluginDesc getippdesc = { "test-getip", "Fedora Project", "7.1", "sample pre-operation plugin" }; static char *netaddr2str( PRNetAddr *addrp, char *buf, size_t buflen ); Index: testpostop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testpostop.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- testpostop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testpostop.c 9 Jun 2005 17:42:14 -0000 1.5 @@ -93,7 +93,7 @@ static char *changelogfile = "/tmp/changelog"; #endif -Slapi_PluginDesc postoppdesc = { "test-postop", "Netscape", "0.5", +Slapi_PluginDesc postoppdesc = { "test-postop", "Fedora Project", "7.1", "sample post-operation plugin" }; static void write_changelog( int optype, char *dn, void *change, int flag ); Index: testpreop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testpreop.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- testpreop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testpreop.c 9 Jun 2005 17:42:14 -0000 1.5 @@ -45,6 +45,7 @@ * testpreop_bind (called before an LDAP bind operation) * testpreop_add (called before an LDAP add operation) + * testpreop_search (called before an LDAP search operation) * testpreop_abandon (called before an LDAP abandon operation) testpreop_bind logs information about the LDAP bind operation @@ -78,7 +79,7 @@ #include #include "slapi-plugin.h" -Slapi_PluginDesc preoppdesc = { "test-preop", "Netscape", "0.5", +Slapi_PluginDesc preoppdesc = { "test-preop", "Fedora Project", "7.1", "sample pre-operation plugin" }; /* Pre-operation plug-in function */ @@ -159,6 +160,24 @@ return( 0 ); /* allow the operation to continue */ } +/* Pre-operation plug-in function */ +int +testpreop_search( Slapi_PBlock *pb ) +{ + char *base; + /* Log a message to indicate when the plug-in function starts */ + slapi_log_error( SLAPI_LOG_FATAL, "testpreop_search", + "*** PREOPERATION SEARCH PLUGIN ***\n"); + /* Get and log the base DN of the search criteria */ + if ( slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base ) == 0 ) + slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SEARCH_TARGET", + "%s\n", base ); + /* Get and log the original base DN */ + if ( slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET_DN, &base ) == 0 ) + slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_ORIGINAL_TARGET_DN", + "%s\n", base ); +} + /* Pre-operation plug-in function */ int @@ -236,9 +255,11 @@ (void *) testpreop_bind ) != 0 || slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_ADD_FN, (void *) testpreop_add ) != 0 || + slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_SEARCH_FN, + (void *) testpreop_search ) != 0 || slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_ABANDON_FN, (void *) testpreop_abandon ) != 0 ) { - slapi_log_error( SLAPI_LOG_PLUGIN, "testpreop_init", + slapi_log_error( SLAPI_LOG_FATAL, "testpreop_init", "Failed to set version and function\n" ); return( -1 ); } Index: testsaslbind.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testsaslbind.c,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- testsaslbind.c 19 Apr 2005 22:07:41 -0000 1.6 +++ testsaslbind.c 9 Jun 2005 17:42:14 -0000 1.7 @@ -65,7 +65,7 @@ objectclass: nsSlapdPlugin objectclass: extensibleObject cn: test-saslbind -nsslapd-pluginpath: /usr/fedora/servers/plugins/slapd/slapi/examples/libtest-plugin.so +nsslapd-pluginpath: /plugins/slapd/slapi/examples/libtest-plugin.so nsslapd-plugininitfunc: testsasl_init nsslapd-plugintype: preoperation nsslapd-pluginenabled: on From fedora-directory-commits at redhat.com Thu Jun 9 18:35:05 2005 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 9 Jun 2005 14:35:05 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/test-plugins testbind.c, 1.4, 1.4.2.1 testdatainterop.c, 1.4, 1.4.2.1 testentry.c, 1.4, 1.4.2.1 testextendedop.c, 1.4, 1.4.2.1 testgetip.c, 1.4, 1.4.2.1 testpostop.c, 1.4, 1.4.2.1 testpreop.c, 1.4, 1.4.2.1 testsaslbind.c, 1.6, 1.6.2.1 Message-ID: <200506091835.j59IZ5p0006606@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6578 Modified Files: Tag: Directory71RtmBranch testbind.c testdatainterop.c testentry.c testextendedop.c testgetip.c testpostop.c testpreop.c testsaslbind.c Log Message: Added testpreop_search to verify bug 147585 Plus fixed branding/version number. Index: testbind.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testbind.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- testbind.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testbind.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 @@ -69,7 +69,7 @@ #include #include "slapi-plugin.h" -Slapi_PluginDesc bindpdesc = { "test-bind", "Netscape", "0.5", +Slapi_PluginDesc bindpdesc = { "test-bind", "Fedora Project", "7.1", "sample bind pre-operation plugin" }; static Slapi_ComponentId *plugin_id = NULL; Index: testdatainterop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testdatainterop.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- testdatainterop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testdatainterop.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 @@ -88,8 +88,8 @@ nsslapd-pluginType: preoperation nsslapd-pluginEnabled: on nsslapd-pluginId: nullsuffix-preop - nsslapd-pluginVersion: 6.2 - nsslapd-pluginVendor: Netscape + nsslapd-pluginVersion: 7.1 + nsslapd-pluginVendor: Fedora Project nsslapd-pluginDescription: sample pre-operation null suffix plugin ******************************************/ @@ -113,7 +113,7 @@ /* * Static variables. */ -static Slapi_PluginDesc plugindesc = { PLUGIN_NAME, "Netscape", "0.5", +static Slapi_PluginDesc plugindesc = { PLUGIN_NAME, "Fedora Project", "7.1", "sample pre-operation null suffix plugin" }; static Slapi_ComponentId *plugin_id = NULL; Index: testentry.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testentry.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- testentry.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testentry.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 @@ -90,7 +90,7 @@ #include #include "slapi-plugin.h" -Slapi_PluginDesc entrypdesc = { "test-entry", "Netscape", "0.5", +Slapi_PluginDesc entrypdesc = { "test-entry", "Fedora Project", "7.1", "sample entry modification plugin" }; /* Entry store plug-in function */ Index: testextendedop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testextendedop.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- testextendedop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testextendedop.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 @@ -83,7 +83,7 @@ /* OID of the extended operation handled by this plug-in */ #define MY_OID "1.2.3.4" -Slapi_PluginDesc expdesc = { "test-extendedop", "Netscape", "0.5", +Slapi_PluginDesc expdesc = { "test-extendedop", "Fedora Project", "7.1", "sample extended operation plugin" }; Index: testgetip.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testgetip.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- testgetip.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testgetip.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 @@ -74,7 +74,7 @@ #include "slapi-plugin.h" #include "nspr.h" -Slapi_PluginDesc getippdesc = { "test-getip", "Netscape", "0.5", +Slapi_PluginDesc getippdesc = { "test-getip", "Fedora Project", "7.1", "sample pre-operation plugin" }; static char *netaddr2str( PRNetAddr *addrp, char *buf, size_t buflen ); Index: testpostop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testpostop.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- testpostop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testpostop.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 @@ -93,7 +93,7 @@ static char *changelogfile = "/tmp/changelog"; #endif -Slapi_PluginDesc postoppdesc = { "test-postop", "Netscape", "0.5", +Slapi_PluginDesc postoppdesc = { "test-postop", "Fedora Project", "7.1", "sample post-operation plugin" }; static void write_changelog( int optype, char *dn, void *change, int flag ); Index: testpreop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testpreop.c,v retrieving revision 1.4 retrieving revision 1.4.2.1 diff -u -r1.4 -r1.4.2.1 --- testpreop.c 19 Apr 2005 22:07:41 -0000 1.4 +++ testpreop.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 @@ -45,6 +45,7 @@ * testpreop_bind (called before an LDAP bind operation) * testpreop_add (called before an LDAP add operation) + * testpreop_search (called before an LDAP search operation) * testpreop_abandon (called before an LDAP abandon operation) testpreop_bind logs information about the LDAP bind operation @@ -78,7 +79,7 @@ #include #include "slapi-plugin.h" -Slapi_PluginDesc preoppdesc = { "test-preop", "Netscape", "0.5", +Slapi_PluginDesc preoppdesc = { "test-preop", "Fedora Project", "7.1", "sample pre-operation plugin" }; /* Pre-operation plug-in function */ @@ -159,6 +160,24 @@ return( 0 ); /* allow the operation to continue */ } +/* Pre-operation plug-in function */ +int +testpreop_search( Slapi_PBlock *pb ) +{ + char *base; + /* Log a message to indicate when the plug-in function starts */ + slapi_log_error( SLAPI_LOG_FATAL, "testpreop_search", + "*** PREOPERATION SEARCH PLUGIN ***\n"); + /* Get and log the base DN of the search criteria */ + if ( slapi_pblock_get( pb, SLAPI_SEARCH_TARGET, &base ) == 0 ) + slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_SEARCH_TARGET", + "%s\n", base ); + /* Get and log the original base DN */ + if ( slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET_DN, &base ) == 0 ) + slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_ORIGINAL_TARGET_DN", + "%s\n", base ); +} + /* Pre-operation plug-in function */ int @@ -236,9 +255,11 @@ (void *) testpreop_bind ) != 0 || slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_ADD_FN, (void *) testpreop_add ) != 0 || + slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_SEARCH_FN, + (void *) testpreop_search ) != 0 || slapi_pblock_set( pb, SLAPI_PLUGIN_PRE_ABANDON_FN, (void *) testpreop_abandon ) != 0 ) { - slapi_log_error( SLAPI_LOG_PLUGIN, "testpreop_init", + slapi_log_error( SLAPI_LOG_FATAL, "testpreop_init", "Failed to set version and function\n" ); return( -1 ); } Index: testsaslbind.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testsaslbind.c,v retrieving revision 1.6 retrieving revision 1.6.2.1 diff -u -r1.6 -r1.6.2.1 --- testsaslbind.c 19 Apr 2005 22:07:41 -0000 1.6 +++ testsaslbind.c 9 Jun 2005 18:35:02 -0000 1.6.2.1 @@ -65,7 +65,7 @@ objectclass: nsSlapdPlugin objectclass: extensibleObject cn: test-saslbind -nsslapd-pluginpath: /usr/fedora/servers/plugins/slapd/slapi/examples/libtest-plugin.so +nsslapd-pluginpath: /plugins/slapd/slapi/examples/libtest-plugin.so nsslapd-plugininitfunc: testsasl_init nsslapd-plugintype: preoperation nsslapd-pluginenabled: on From fedora-directory-commits at redhat.com Tue Jun 14 15:44:21 2005 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Tue, 14 Jun 2005 11:44:21 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src create_instance.c, 1.18, 1.19 Message-ID: <200506141544.j5EFiLws006774@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/admin/src In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6729/ldapserver/ldap/admin/src Modified Files: create_instance.c Log Message: Bug 160008 Coding done by David Irving, Fred Brittain, and Aaron Gagnon Reviewed by Rich Megginson - minor changes to md5_pwd.c Tested on RHEL3 with FDS post-7.1 Does not include the OpenLDAP migration script - that will be handled separately Index: create_instance.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/create_instance.c,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- create_instance.c 17 May 2005 23:07:12 -0000 1.18 +++ create_instance.c 14 Jun 2005 15:44:18 -0000 1.19 @@ -3216,6 +3216,16 @@ fprintf(f, "\n"); #endif + fprintf(f, "dn: cn=MD5,cn=Password Storage Schemes,cn=plugins,cn=config\n"); + fprintf(f, "objectclass: top\n"); + fprintf(f, "objectclass: nsSlapdPlugin\n"); + fprintf(f, "cn: MD5\n"); + fprintf(f, "nsslapd-pluginpath: %s/lib/pwdstorage-plugin%s\n", sroot, shared_lib); + fprintf(f, "nsslapd-plugininitfunc: md5_pwd_storage_scheme_init\n"); + fprintf(f, "nsslapd-plugintype: pwdstoragescheme\n"); + fprintf(f, "nsslapd-pluginenabled: on\n"); + fprintf(f, "\n"); + fprintf(f, "dn: cn=CLEAR,cn=Password Storage Schemes,cn=plugins,cn=config\n"); fprintf(f, "objectclass: top\n"); fprintf(f, "objectclass: nsSlapdPlugin\n"); From fedora-directory-commits at redhat.com Tue Jun 14 15:44:22 2005 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Tue, 14 Jun 2005 11:44:22 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/pwdstorage md5_pwd.c, NONE, 1.1 Makefile, 1.6, 1.7 pwd_init.c, 1.5, 1.6 pwdstorage.h, 1.5, 1.6 Message-ID: <200506141544.j5EFiM2Z006781@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/pwdstorage In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6729/ldapserver/ldap/servers/plugins/pwdstorage Modified Files: Makefile pwd_init.c pwdstorage.h Added Files: md5_pwd.c Log Message: Bug 160008 Coding done by David Irving, Fred Brittain, and Aaron Gagnon Reviewed by Rich Megginson - minor changes to md5_pwd.c Tested on RHEL3 with FDS post-7.1 Does not include the OpenLDAP migration script - that will be handled separately --- NEW FILE md5_pwd.c --- /** BEGIN COPYRIGHT BLOCK * This Program is free software; you can redistribute it and/or modify it under * the terms of the GNU General Public License as published by the Free Software * Foundation; version 2 of the License. * * This Program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. * * You should have received a copy of the GNU General Public License along with * this Program; if not, write to the Free Software Foundation, Inc., 59 Temple * Place, Suite 330, Boston, MA 02111-1307 USA. * * In addition, as a special exception, Red Hat, Inc. gives You the additional * right to link the code of this Program with code not covered under the GNU * General Public License ("Non-GPL Code") and to distribute linked combinations * including the two, subject to the limitations in this paragraph. Non-GPL Code * permitted under this exception must only link to the code of this Program * through those well defined interfaces identified in the file named EXCEPTION * found in the source code files (the "Approved Interfaces"). The files of * Non-GPL Code may instantiate templates or use macros or inline functions from * the Approved Interfaces without causing the resulting work to be covered by * the GNU General Public License. Only Red Hat, Inc. may make changes or * additions to the list of Approved Interfaces. You must obey the GNU General * Public License in all respects for all of the Program code and other code used * in conjunction with the Program except the Non-GPL Code covered by this * exception. If you modify this file, you may extend this exception to your * version of the file, but you are not obligated to do so. If you do not wish to * provide this exception without modification, you must delete this exception * statement from your version and license this file solely under the GPL without * exception. * * * Copyright (C) 2005 Red Hat, Inc. * All rights reserved. * END COPYRIGHT BLOCK **/ /* * MD5 Password Encryption/Comparison routines by David Irving, Fred Brittain, * and Aaron Gagnon -- University of Maine Farmington * Donated to the RedHat Directory Server Project 2005-06-10 */ #include #include #include #include #include #include #include "pwdstorage.h" #define MD5_HASH_LEN 20 #define MD5_SUBSYSTEM_NAME "MD5 password hash" int md5_pw_cmp( char *userpwd, char *dbpwd ) { int rc=-1; char * bver; PK11Context *ctx=NULL; unsigned int outLen; unsigned char hash_out[MD5_HASH_LEN]; unsigned char b2a_out[MD5_HASH_LEN*2]; /* conservative */ SECItem binary_item; ctx = PK11_CreateDigestContext(SEC_OID_MD5); if (ctx == NULL) { slapi_log_error(SLAPI_LOG_PLUGIN, MD5_SUBSYSTEM_NAME, "Could not create context for digest operation for password compare"); goto loser; } /* create the hash */ PK11_DigestBegin(ctx); PK11_DigestOp(ctx, userpwd, strlen(userpwd)); PK11_DigestFinal(ctx, hash_out, &outLen, sizeof hash_out); PK11_DestroyContext(ctx, 1); /* convert the binary hash to base64 */ binary_item.data = hash_out; binary_item.len = outLen; bver = NSSBase64_EncodeItem(NULL, b2a_out, sizeof b2a_out, &binary_item); /* bver points to b2a_out upon success */ if (bver) { rc = strcmp(bver,dbpwd); } else { slapi_log_error(SLAPI_LOG_PLUGIN, MD5_SUBSYSTEM_NAME, "Could not base64 encode hashed value for password compare"); } loser: return rc; } char * md5_pw_enc( char *pwd ) { char * bver, *enc=NULL; PK11Context *ctx=NULL; unsigned int outLen; unsigned char hash_out[MD5_HASH_LEN]; unsigned char b2a_out[MD5_HASH_LEN*2]; /* conservative */ SECItem binary_item; ctx = PK11_CreateDigestContext(SEC_OID_MD5); if (ctx == NULL) { slapi_log_error(SLAPI_LOG_PLUGIN, MD5_SUBSYSTEM_NAME, "Could not create context for digest operation for password encoding"); return NULL; } /* create the hash */ PK11_DigestBegin(ctx); PK11_DigestOp(ctx, pwd, strlen(pwd)); PK11_DigestFinal(ctx, hash_out, &outLen, sizeof hash_out); PK11_DestroyContext(ctx, 1); /* convert the binary hash to base64 */ binary_item.data = hash_out; binary_item.len = outLen; bver = NSSBase64_EncodeItem(NULL, b2a_out, sizeof b2a_out, &binary_item); if (bver) { enc = slapi_ch_smprintf("%c%s%c%s", PWD_HASH_PREFIX_START, MD5_SCHEME_NAME, PWD_HASH_PREFIX_END, bver ); } else { slapi_log_error(SLAPI_LOG_PLUGIN, MD5_SUBSYSTEM_NAME, "Could not base64 encode hashed value for password encoding"); } return( enc ); } Index: Makefile =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/pwdstorage/Makefile,v retrieving revision 1.6 retrieving revision 1.7 diff -u -r1.6 -r1.7 --- Makefile 20 Apr 2005 18:10:29 -0000 1.6 +++ Makefile 14 Jun 2005 15:44:19 -0000 1.7 @@ -68,7 +68,8 @@ ns-mta-md5_pwd.o \ sha_pwd.o \ ssha_pwd.o \ - md5c.o + md5c.o \ + md5_pwd.o ifneq ($(ARCH), WINNT) PWD_OBJS += crypt_pwd.o Index: pwd_init.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/pwdstorage/pwd_init.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- pwd_init.c 20 Apr 2005 18:10:29 -0000 1.5 +++ pwd_init.c 14 Jun 2005 15:44:19 -0000 1.6 @@ -55,6 +55,8 @@ static Slapi_PluginDesc ns_mta_md5_pdesc = { "NS-MTA-MD5-password-storage-scheme", PLUGIN_MAGIC_VENDOR_STR, PRODUCTTEXT, "Netscape MD5 (NS-MTA-MD5)" }; +static Slapi_PluginDesc md5_pdesc = { "md5-password-storage-scheme", PLUGIN_MAGIC_VENDOR_STR, PRODUCTTEXT, "MD5 hash algorithm (MD5)" }; + static char *plugin_name = "NSPwdStoragePlugin"; int @@ -180,3 +182,27 @@ slapi_log_error( SLAPI_LOG_PLUGIN, plugin_name, "<= ns_mta_md5_pwd_storage_scheme_init %d\n\n", rc ); return( rc ); } + +int +md5_pwd_storage_scheme_init( Slapi_PBlock *pb ) +{ + int rc; + char *name; + + slapi_log_error( SLAPI_LOG_PLUGIN, plugin_name, "=> md5_pwd_storage_scheme_init\n" ); + + rc = slapi_pblock_set( pb, SLAPI_PLUGIN_VERSION, + (void *) SLAPI_PLUGIN_VERSION_01 ); + rc |= slapi_pblock_set( pb, SLAPI_PLUGIN_DESCRIPTION, + (void *)&md5_pdesc ); + rc |= slapi_pblock_set( pb, SLAPI_PLUGIN_PWD_STORAGE_SCHEME_ENC_FN, + (void *) md5_pw_enc ); + rc |= slapi_pblock_set( pb, SLAPI_PLUGIN_PWD_STORAGE_SCHEME_CMP_FN, + (void *) md5_pw_cmp ); + name = slapi_ch_strdup("MD5"); + rc |= slapi_pblock_set( pb, SLAPI_PLUGIN_PWD_STORAGE_SCHEME_NAME, + name ); + + slapi_log_error( SLAPI_LOG_PLUGIN, plugin_name, "<= md5_pwd_storage_scheme_init %d\n\n", rc ); + return( rc ); +} Index: pwdstorage.h =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/pwdstorage/pwdstorage.h,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- pwdstorage.h 20 Apr 2005 18:10:29 -0000 1.5 +++ pwdstorage.h 14 Jun 2005 15:44:19 -0000 1.6 @@ -59,6 +59,8 @@ #define NS_MTA_MD5_NAME_LEN 10 #define CLEARTEXT_SCHEME_NAME "clear" #define CLEARTEXT_NAME_LEN 5 +#define MD5_SCHEME_NAME "MD5" +#define MD5_NAME_LEN 3 SECStatus sha1_salted_hash(unsigned char *hash_out, char *pwd, struct berval *salt); int sha1_pw_cmp( char *userpwd, char *dbpwd ); @@ -72,6 +74,8 @@ char *crypt_pw_enc( char *pwd ); #endif int ns_mta_md5_pw_cmp( char *userpwd, char *dbpwd ); +int md5_pw_cmp( char *userpwd, char *dbpwd ); +char *md5_pw_enc( char *pwd ); #if !defined(NET_SSL) From fedora-directory-commits at redhat.com Fri Jun 24 01:19:43 2005 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 23 Jun 2005 21:19:43 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/test-plugins testpreop.c, 1.5, 1.6 Message-ID: <200506240119.j5O1Jhvh019489@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19471 Modified Files: testpreop.c Log Message: [147585] test plugin to verify the bug, the previous check in was not returning SUCCESS. Index: testpreop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testpreop.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- testpreop.c 9 Jun 2005 17:42:14 -0000 1.5 +++ testpreop.c 24 Jun 2005 01:19:40 -0000 1.6 @@ -176,6 +176,8 @@ if ( slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET_DN, &base ) == 0 ) slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_ORIGINAL_TARGET_DN", "%s\n", base ); + + return( 0 ); /* allow the operation to continue */ } From fedora-directory-commits at redhat.com Fri Jun 24 01:26:41 2005 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 23 Jun 2005 21:26:41 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/test-plugins testpreop.c, 1.4.2.1, 1.4.2.2 Message-ID: <200506240126.j5O1QfU1019545@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19519 Modified Files: Tag: Directory71RtmBranch testpreop.c Log Message: [147585] test plugin to verify the bug, the previous check in was not returning SUCCESS. Index: testpreop.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/test-plugins/testpreop.c,v retrieving revision 1.4.2.1 retrieving revision 1.4.2.2 diff -u -r1.4.2.1 -r1.4.2.2 --- testpreop.c 9 Jun 2005 18:35:02 -0000 1.4.2.1 +++ testpreop.c 24 Jun 2005 01:26:39 -0000 1.4.2.2 @@ -176,6 +176,8 @@ if ( slapi_pblock_get( pb, SLAPI_ORIGINAL_TARGET_DN, &base ) == 0 ) slapi_log_error( SLAPI_LOG_FATAL, "SLAPI_ORIGINAL_TARGET_DN", "%s\n", base ); + + return( 0 ); /* allow the operation to continue */ }