From fedora-directory-commits at redhat.com Thu Nov 1 20:24:09 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 1 Nov 2007 16:24:09 -0400 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd vattr.c, 1.7, 1.8 Message-ID: <200711012024.lA1KO90i009709@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9625 Modified Files: vattr.c Log Message: Resolves: #193724 Summary: "nested" filtered roles result in deadlock Description: Function slapi_vattr_values_get_sp used to use the context allocated on the stack. Changed it to call vattr_context_new to set the locally created pblock (local_pb). The pblock is used to pass the context loop info as the stack gets deeper to prevent the stack overflow. At the end of this function slapi_vattr_values_get_sp, slapi_pblock_destroy is called if the context is local (use_local_ctx). The function cleans up pb_vattr_context internally. Index: vattr.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/vattr.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- vattr.c 12 Oct 2007 18:03:42 -0000 1.7 +++ vattr.c 1 Nov 2007 20:24:07 -0000 1.8 @@ -630,163 +630,162 @@ */ SLAPI_DEPRECATED int slapi_vattr_values_get_sp(vattr_context *c, - /* Entry we're interested in */ Slapi_Entry *e, - /* attr type name */ char *type, - /* pointer to result set */ Slapi_ValueSet** results, - int *type_name_disposition, - char** actual_type_name, int flags, - int *buffer_flags) -{ - - PRBool use_local_ctx=PR_FALSE; - vattr_context ctx; - int rc = 0; - int sp_bit = 0; /* Set if an SP supplied an answer */ - vattr_sp_handle_list *list = NULL; - - vattr_get_thang my_get = {0}; - - if (c != NULL) { - rc = vattr_context_grok(&c); - if (0 != rc) { - if(!vattr_context_is_loop_msg_displayed(&c)) - { - /* Print a handy error log message */ - LDAPDebug(LDAP_DEBUG_ANY,"Detected virtual attribute loop in get on entry %s, attribute %s\n", slapi_entry_get_dn_const(e), type, 0); - vattr_context_set_loop_msg_displayed(&c); - } - return rc; - } - } else { - use_local_ctx=PR_TRUE; - ctx.vattr_context_loop_count=1; - ctx.error_displayed = 0; - } - - /* For attributes which are in the entry, we just need to get to the Slapi_Attr structure and yank out the slapi_value_set - structure. We either return a pointer directly to it, or we copy it, depending upon whether the caller asked us to try to - avoid copying. - */ - - /* First grok the entry, and remember what we saw. This call does no more than walk down the entry attribute list, do some string compares and copy pointers. */ - vattr_helper_get_entry_conts(e,type, &my_get); - /* Having done that, we now consult the attribute map to find service providers who are interested */ - /* Look for attribute in the map */ - if(!(flags & SLAPI_REALATTRS_ONLY)) - { - list = vattr_map_sp_getlist(type); - if (list) { - vattr_sp_handle *current_handle = NULL; - void *hint = NULL; - /* first lets consult the cache to save work */ - int cache_status; - - cache_status = - slapi_entry_vattrcache_find_values_and_type(e, type, - results, - actual_type_name); - switch(cache_status) - { - case SLAPI_ENTRY_VATTR_RESOLVED_EXISTS: /* cached vattr */ - { - sp_bit = 1; - - /* Complete analysis of type matching */ - if ( 0 == slapi_attr_type_cmp( type , *actual_type_name, SLAPI_TYPE_CMP_EXACT) ) - { - *type_name_disposition = SLAPI_VIRTUALATTRS_TYPE_NAME_MATCHED_EXACTLY_OR_ALIAS; - } else { - *type_name_disposition = SLAPI_VIRTUALATTRS_TYPE_NAME_MATCHED_SUBTYPE; - } - - break; - } - - case SLAPI_ENTRY_VATTR_RESOLVED_ABSENT: /* does not exist */ - break; /* look in entry */ - - case SLAPI_ENTRY_VATTR_NOT_RESOLVED: /* not resolved */ - default: /* any other result, resolve */ - { - for (current_handle = vattr_map_sp_first(list,&hint); current_handle; current_handle = vattr_map_sp_next(current_handle,&hint)) - { - if (use_local_ctx) - { - rc = vattr_call_sp_get_value(current_handle,&ctx,e,&my_get,type,results,type_name_disposition,actual_type_name,flags,buffer_flags, hint); - } - else - { - /* call this SP */ - rc = vattr_call_sp_get_value(current_handle,c,e,&my_get,type,results,type_name_disposition,actual_type_name,flags,buffer_flags, hint); - } - - if (0 == rc) - { - sp_bit = 1; - break; - } - } - - if(!sp_bit) - { - /* clean up, we have failed and must now examine the - * entry itself - * But first lets cache the no result - * Creates the type (if necessary). - */ - slapi_entry_vattrcache_merge_sv(e, type, NULL ); - - } - else - { - /* - * we need to cache the virtual attribute - * creates the type (if necessary) and dups - * results. - */ - slapi_entry_vattrcache_merge_sv(e, *actual_type_name, - *results ); - } - - break; - } - } - } - } - /* If no SP supplied the answer, take it from the entry */ - if (!sp_bit && !(flags & SLAPI_VIRTUALATTRS_ONLY)) - { - rc = 0; /* reset return code (cause an sp must have failed) */ - *type_name_disposition = my_get.get_name_disposition; - - if (my_get.get_present) { - if (flags & SLAPI_VIRTUALATTRS_REQUEST_POINTERS) { - *results = my_get.get_present_values; - *actual_type_name = my_get.get_type_name; - } else { - *results = valueset_dup(my_get.get_present_values); - if (NULL == *results) { - rc = ENOMEM; - } else { - *actual_type_name = slapi_ch_strdup(my_get.get_type_name); - if (NULL == *actual_type_name) { - rc = ENOMEM; - } - } - } - if (flags & SLAPI_VIRTUALATTRS_REQUEST_POINTERS) { - *buffer_flags = SLAPI_VIRTUALATTRS_RETURNED_POINTERS; - } else { - *buffer_flags = SLAPI_VIRTUALATTRS_RETURNED_COPIES; - } - } else { - rc = SLAPI_VIRTUALATTRS_NOT_FOUND; - } - } - if (!use_local_ctx) { - vattr_context_ungrok(&c); - } - return rc; + /* Entry we're interested in */ Slapi_Entry *e, + /* attr type name */ char *type, + /* pointer to result set */ Slapi_ValueSet** results, + int *type_name_disposition, + char** actual_type_name, int flags, + int *buffer_flags) +{ + PRBool use_local_ctx = PR_FALSE; + Slapi_PBlock *local_pb = NULL; + vattr_context *ctx = NULL; + int rc = 0; + int sp_bit = 0; /* Set if an SP supplied an answer */ + vattr_sp_handle_list *list = NULL; + + vattr_get_thang my_get = {0}; + + if (c != NULL) { + rc = vattr_context_grok(&c); + if (0 != rc) { + if(!vattr_context_is_loop_msg_displayed(&c)) + { + /* Print a handy error log message */ + LDAPDebug(LDAP_DEBUG_ANY, + "Detected virtual attribute loop in get on entry %s, attribute %s\n", + slapi_entry_get_dn_const(e), type, 0); + vattr_context_set_loop_msg_displayed(&c); + } + return rc; + } + ctx = c; + } else { + use_local_ctx = PR_TRUE; + local_pb = slapi_pblock_new(); + ctx = vattr_context_new( local_pb ); + ctx->vattr_context_loop_count = 1; + ctx->error_displayed = 0; + } + + /* For attributes which are in the entry, we just need to get to the Slapi_Attr structure and yank out the slapi_value_set + structure. We either return a pointer directly to it, or we copy it, depending upon whether the caller asked us to try to + avoid copying. + */ + + /* First grok the entry, and remember what we saw. This call does no more than walk down the entry attribute list, do some string compares and copy pointers. */ + vattr_helper_get_entry_conts(e,type, &my_get); + /* Having done that, we now consult the attribute map to find service providers who are interested */ + /* Look for attribute in the map */ + if(!(flags & SLAPI_REALATTRS_ONLY)) + { + list = vattr_map_sp_getlist(type); + if (list) { + vattr_sp_handle *current_handle = NULL; + void *hint = NULL; + /* first lets consult the cache to save work */ + int cache_status; + + cache_status = + slapi_entry_vattrcache_find_values_and_type(e, type, + results, + actual_type_name); + switch(cache_status) + { + case SLAPI_ENTRY_VATTR_RESOLVED_EXISTS: /* cached vattr */ + { + sp_bit = 1; + + /* Complete analysis of type matching */ + if ( 0 == slapi_attr_type_cmp( type , *actual_type_name, SLAPI_TYPE_CMP_EXACT) ) + { + *type_name_disposition = SLAPI_VIRTUALATTRS_TYPE_NAME_MATCHED_EXACTLY_OR_ALIAS; + } else { + *type_name_disposition = SLAPI_VIRTUALATTRS_TYPE_NAME_MATCHED_SUBTYPE; + } + + break; + } + + case SLAPI_ENTRY_VATTR_RESOLVED_ABSENT: /* does not exist */ + break; /* look in entry */ + + case SLAPI_ENTRY_VATTR_NOT_RESOLVED: /* not resolved */ + default: /* any other result, resolve */ + { + for (current_handle = vattr_map_sp_first(list,&hint); current_handle; current_handle = vattr_map_sp_next(current_handle,&hint)) + { + rc = vattr_call_sp_get_value(current_handle,ctx,e,&my_get,type,results,type_name_disposition,actual_type_name,flags,buffer_flags, hint); + if (0 == rc) + { + sp_bit = 1; + break; + } + } + + if(!sp_bit) + { + /* clean up, we have failed and must now examine the + * entry itself + * But first lets cache the no result + * Creates the type (if necessary). + */ + slapi_entry_vattrcache_merge_sv(e, type, NULL ); + + } + else + { + /* + * we need to cache the virtual attribute + * creates the type (if necessary) and dups + * results. + */ + slapi_entry_vattrcache_merge_sv(e, *actual_type_name, + *results ); + } + + break; + } + } + } + } + /* If no SP supplied the answer, take it from the entry */ + if (!sp_bit && !(flags & SLAPI_VIRTUALATTRS_ONLY)) + { + rc = 0; /* reset return code (cause an sp must have failed) */ + *type_name_disposition = my_get.get_name_disposition; + + if (my_get.get_present) { + if (flags & SLAPI_VIRTUALATTRS_REQUEST_POINTERS) { + *results = my_get.get_present_values; + *actual_type_name = my_get.get_type_name; + } else { + *results = valueset_dup(my_get.get_present_values); + if (NULL == *results) { + rc = ENOMEM; + } else { + *actual_type_name = slapi_ch_strdup(my_get.get_type_name); + if (NULL == *actual_type_name) { + rc = ENOMEM; + } + } + } + if (flags & SLAPI_VIRTUALATTRS_REQUEST_POINTERS) { + *buffer_flags = SLAPI_VIRTUALATTRS_RETURNED_POINTERS; + } else { + *buffer_flags = SLAPI_VIRTUALATTRS_RETURNED_COPIES; + } + } else { + rc = SLAPI_VIRTUALATTRS_NOT_FOUND; + } + } + if (use_local_ctx) { + /* slapi_pblock_destroy cleans up pb_vattr_context, as well */ + slapi_pblock_destroy(local_pb); + } else { + vattr_context_ungrok(&c); + } + return rc; } /* From fedora-directory-commits at redhat.com Tue Nov 6 18:13:59 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Tue, 6 Nov 2007 13:13:59 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src/scripts template-verify-db.pl.in, 1.8, 1.9 Message-ID: <200711061813.lA6IDxqY005584@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4861 Modified Files: template-verify-db.pl.in Log Message: Resolves: #367671 Summary: verify-db.pl : can't find dbverify (comment #5) Fix: added the inst_dir to PATH to tell verify-db.pl where dbverify is located. Index: template-verify-db.pl.in =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/template-verify-db.pl.in,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- template-verify-db.pl.in 7 Sep 2007 19:08:45 -0000 1.8 +++ template-verify-db.pl.in 6 Nov 2007 18:13:57 -0000 1.9 @@ -169,7 +169,7 @@ my $dbdirs = getDbDir($startpoint); my $prefix = "{{DS-ROOT}}"; -$ENV{'PATH'} = "$prefix at db_bindir@:$prefix/usr/bin:@db_bindir@:/usr/bin"; +$ENV{'PATH'} = "{{SERVER-DIR}}/{{PRODUCT-NAME}}-{{SERV-ID}}:$prefix at db_bindir@:$prefix/usr/bin:@db_bindir@:/usr/bin"; $ENV{'LD_LIBRARY_PATH'} = "@db_libdir@:@libdir@"; $ENV{'SHLIB_PATH'} = "@db_libdir@:@libdir@"; From fedora-directory-commits at redhat.com Tue Nov 6 18:16:04 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Tue, 6 Nov 2007 13:16:04 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/cgi-src40 ds_create.in, 1.5, 1.6 Message-ID: <200711061816.lA6IG410006293@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/admserv/cgi-src40 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv6264/adminserver/admserv/cgi-src40 Modified Files: ds_create.in Log Message: Resolves: bug 367941 Bug Description: On HPUX, Unable to create a 2nd instance of DS using console Reviewed by: nhosoi, nkinder (Thanks!) Fix Description: We weren't looking in the with-fhs-opt location for the start-slapd script. But we shouldn't call this script directly anyway, we should use the DSCreate::startServer method. Platforms tested: HP-UX Flag Day: no Doc impact: no QA impact: This impacts instance creation with the console on all platforms, so we'll have to test those. New Tests integrated into TET: none Index: ds_create.in =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/ds_create.in,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- ds_create.in 2 Aug 2007 14:44:10 -0000 1.5 +++ ds_create.in 6 Nov 2007 18:16:02 -0000 1.6 @@ -72,24 +72,10 @@ my $servid = $query->param('servid'); if (!defined($start_server) or $start_server) { - # ok to use here because not only will createDSInstance have validated that - # servid contains only good characters, but we test for the existence - # of this file first - my $prog = "@dslibdir@/slapd-$servid/start-slapd"; - if (-x $prog) { - $? = 0; - # run the CGI - my $output = `$prog 2>&1`; - my $status = $?; - if ($status) { - print "Content-type: text/plain\n\n"; - print "NMC_ErrInfo: Could not start directory server: $output\n"; - print "NMC_Status: $status\n"; - exit $status; - } - } else { + $inf->{slapd}->{start_server} = 1; + if (@errs = DSCreate::startServer($inf)) { print "Content-type: text/plain\n\n"; - print "NMC_ErrInfo: The program $prog does not exist\n"; + print "NMC_ErrInfo: ", $res->getText(@errs), "\n"; print "NMC_Status: 1\n"; exit 1; } From fedora-directory-commits at redhat.com Wed Nov 7 15:08:24 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 7 Nov 2007 10:08:24 -0500 Subject: [Fedora-directory-commits] ldapserver configure, 1.76, 1.77 configure.ac, 1.43, 1.44 aclocal.m4, 1.59, 1.60 missing, 1.44, 1.45 install-sh, 1.44, 1.45 depcomp, 1.44, 1.45 compile, 1.43, 1.44 config.sub, 1.43, 1.44 config.guess, 1.43, 1.44 Makefile.in, 1.80, 1.81 Message-ID: <200711071508.lA7F8OGh023078@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23009/ldapserver Modified Files: configure configure.ac aclocal.m4 missing install-sh depcomp compile config.sub config.guess Makefile.in Log Message: bump source code version to 1.1.0 beta 2 Index: configure =================================================================== RCS file: /cvs/dirsec/ldapserver/configure,v retrieving revision 1.76 retrieving revision 1.77 diff -u -r1.76 -r1.77 --- configure 26 Oct 2007 22:04:37 -0000 1.76 +++ configure 7 Nov 2007 15:08:21 -0000 1.77 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.59 for dirsrv 1.1.0b1. +# Generated by GNU Autoconf 2.59 for dirsrv 1.1.0b2. # # Report bugs to . # @@ -423,8 +423,8 @@ # Identity of this package. PACKAGE_NAME='dirsrv' PACKAGE_TARNAME='dirsrv' -PACKAGE_VERSION='1.1.0b1' -PACKAGE_STRING='dirsrv 1.1.0b1' +PACKAGE_VERSION='1.1.0b2' +PACKAGE_STRING='dirsrv 1.1.0b2' PACKAGE_BUGREPORT='http://bugzilla.redhat.com/' # Factoring default headers for most tests. @@ -954,7 +954,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures dirsrv 1.1.0b1 to adapt to many kinds of systems. +\`configure' configures dirsrv 1.1.0b2 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1020,7 +1020,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of dirsrv 1.1.0b1:";; + short | recursive ) echo "Configuration of dirsrv 1.1.0b2:";; esac cat <<\_ACEOF @@ -1201,7 +1201,7 @@ test -n "$ac_init_help" && exit 0 if $ac_init_version; then cat <<\_ACEOF -dirsrv configure 1.1.0b1 +dirsrv configure 1.1.0b2 generated by GNU Autoconf 2.59 Copyright (C) 2003 Free Software Foundation, Inc. @@ -1215,7 +1215,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by dirsrv $as_me 1.1.0b1, which was +It was created by dirsrv $as_me 1.1.0b2, which was generated by GNU Autoconf 2.59. Invocation command line was $ $0 $@ @@ -1861,7 +1861,7 @@ # Define the identity of the package. PACKAGE='dirsrv' - VERSION='1.1.0b1' + VERSION='1.1.0b2' cat >>confdefs.h <<_ACEOF @@ -25741,7 +25741,7 @@ } >&5 cat >&5 <<_CSEOF -This file was extended by dirsrv $as_me 1.1.0b1, which was +This file was extended by dirsrv $as_me 1.1.0b2, which was generated by GNU Autoconf 2.59. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -25804,7 +25804,7 @@ cat >>$CONFIG_STATUS <<_ACEOF ac_cs_version="\\ -dirsrv config.status 1.1.0b1 +dirsrv config.status 1.1.0b2 configured by $0, generated by GNU Autoconf 2.59, with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\" Index: configure.ac =================================================================== RCS file: /cvs/dirsec/ldapserver/configure.ac,v retrieving revision 1.43 retrieving revision 1.44 diff -u -r1.43 -r1.44 --- configure.ac 19 Oct 2007 18:48:27 -0000 1.43 +++ configure.ac 7 Nov 2007 15:08:21 -0000 1.44 @@ -2,7 +2,7 @@ # Process this file with autoconf to produce a configure script. AC_PREREQ(2.59) # This version is the version returned by ns-slapd -v -AC_INIT([dirsrv], [1.1.0b1], [http://bugzilla.redhat.com/]) +AC_INIT([dirsrv], [1.1.0b2], [http://bugzilla.redhat.com/]) # AC_CONFIG_HEADER must be called right after AC_INIT. AC_CONFIG_HEADERS([config.h]) AM_INIT_AUTOMAKE([1.9 foreign subdir-objects]) From fedora-directory-commits at redhat.com Wed Nov 7 16:21:03 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 7 Nov 2007 11:21:03 -0500 Subject: [Fedora-directory-commits] adminserver/pkg - New directory Message-ID: <200711071621.lA7GL38T010348@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/pkg In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10333/pkg Log Message: Directory /cvs/dirsec/adminserver/pkg added to the repository From fedora-directory-commits at redhat.com Wed Nov 7 16:21:58 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 7 Nov 2007 11:21:58 -0500 Subject: [Fedora-directory-commits] adminserver/pkg fedora-ds-admin.spec, NONE, 1.1 Message-ID: <200711071621.lA7GLwLg010489@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/pkg In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10461 Added Files: fedora-ds-admin.spec Log Message: added spec files --- NEW FILE fedora-ds-admin.spec --- %define shortname fedora-ds %define pkgname dirsrv Summary: Fedora Administration Server (admin) Name: fedora-ds-admin Version: 1.1.0 Release: 1.15%{?dist} License: GPL URL: http://directory.fedoraproject.org/ Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: nspr-devel >= 4.6.4 BuildRequires: nss-devel >= 3.11.4 BuildRequires: svrcore-devel >= 4.0.3 BuildRequires: mozldap-devel >= 6.0.4 BuildRequires: cyrus-sasl-devel >= 2.1.19 BuildRequires: icu >= 3.4 BuildRequires: libicu-devel >= 3.4 BuildRequires: httpd-devel BuildRequires: apr-devel BuildRequires: mod_nss BuildRequires: adminutil-devel Requires: fedora-ds-base Requires: mod_nss # the following are needed for some of our scripts Requires: perl-Mozilla-LDAP # for the init script Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig Requires(preun): /sbin/service Source0: %{name}-%{version}.tar.bz2 # fedora-ds-cvs.sh should be used to generate the source tarball from CVS Source1: %{name}-cvs.sh %description Fedora Administration Server is an HTTP agent that provides management features for Fedora Directory Server. It provides some management web apps that can be used through a web browser. It provides the authentication, access control, and CGI utilities used by the console. %prep %setup -q -n %{name}-%{version} %build %configure --disable-rpath # Generate symbolic info for debuggers export XCFLAGS=$RPM_OPT_FLAGS %ifarch x86_64 ppc64 ia64 s390x sparc64 export USE_64=1 %endif make %{?_smp_mflags} %install rm -rf $RPM_BUILD_ROOT make DESTDIR="$RPM_BUILD_ROOT" install # make console jars directory mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java #remove libtool and static libs rm -f $RPM_BUILD_ROOT%{_libdir}/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/*.so rm -f $RPM_BUILD_ROOT%{_libdir}/*.la rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.la %clean rm -rf $RPM_BUILD_ROOT %post /sbin/chkconfig --add %{pkgname}-admin /sbin/ldconfig %preun if [ $1 = 0 ]; then /sbin/service %{pkgname}-admin stop >/dev/null 2>&1 || : /sbin/chkconfig --del %{pkgname}-admin fi %postun -p /sbin/ldconfig %files %defattr(-,root,root,-) %doc LICENSE %dir %{_sysconfdir}/%{pkgname}/admin-serv %config(noreplace)%{_sysconfdir}/%{pkgname}/admin-serv/*.conf %{_datadir}/%{pkgname} %{_initrddir}/%{pkgname}-admin %{_sysconfdir}/sysconfig/%{pkgname}-admin %{_sbindir}/* %{_libdir}/*.so.* %{_libdir}/%{pkgname} %changelog * Mon Oct 15 2007 Rich Megginson - 1.1.0-1.15 - fix bogus dist macro - change mozldap6 to mozldap * Thu Oct 11 2007 Rich Megginson - 1.1.0-1.14 - make admin server work with SELinux enabled - fix wording errors in setup * Mon Oct 8 2007 Rich Megginson - 1.1.0-1.13 - added /etc/sysconfig/dirsrv-admin the file that allows you to set - the environment used to start up the admin server (e.g. keytab, ulimit, etc.) - the initscript and admin start script use this file now - This version also has a fix to print the correct error message if the admin - server cannot be contacted during setup or migration. * Thu Sep 27 2007 Rich Megginson - 1.1.0-1.12 - fix a couple of migration issues, including the rpath $libdir problem - allow ds_remove from console to remove instances * Wed Sep 19 2007 Rich Megginson - 1.1.0-1.11 - one line fix to fix of 295001 - console.conf clobbered * Tue Sep 18 2007 Rich Megginson - 1.1.0-1.10 - fixed migration issue bugzilla 295001 - console.conf clobbered * Fri Sep 14 2007 Rich Megginson - 1.1.0-1.9 - fix several more migration problems * Fri Sep 14 2007 Rich Megginson - 1.1.0-1.8 - fix migration - servers are started as they are migrated now * Tue Aug 21 2007 Rich Megginson - 1.1.0-1.7 - Fix the with-fhs-opt configure flag * Fri Aug 17 2007 Rich Megginson - 1.1.0-1.6 - remove curses - make mod_admserv link against sasl - add the usual .m4 files to mod_admserv instead of having all of - the component logic in configure.in * Thu Aug 16 2007 Rich Megginson - 1.1.0-1.5 - incorporate Noriko's migration fix * Wed Aug 15 2007 Rich Megginson - 1.1.0-1.4 - address several migration issues * Mon Aug 13 2007 Rich Megginson - 1.1.0-1.3 - there is no devel package, so remove unused .so files * Mon Aug 13 2007 Rich Megginson - 1.1.0-1.2 - forgot to tag the modules * Fri Aug 10 2007 Rich Megginson - 1.1.0-1.1 - get rid of cvsdate - use pkgname of dirsrv for filesystem path naming - get rid of devel package - simplify files section * Fri Aug 10 2007 Noriko Hosoi - 1.1.0-0.3.20070810 - updated to latest sources - upgraded the mozldap6 version to 6.0.4 * Wed Aug 8 2007 Noriko Hosoi - 1.1.0-0.2.20070808 - updated to latest sources -- bug fixes in the setup scripts * Mon Aug 6 2007 Rich Megginson - 1.1.0-0.1.20070806 - updated to latest sources * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.4.20070802 - There are no files in bindir anymore * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.3.20070802 - forgot to prepend build root to java dir creation * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.2.20070802 - forgot to add mod_admserv and mod_restartd to source * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.1.20070802 - updated to latest sources - fix build breakage - add console jars dir under html * Mon Jul 23 2007 Rich Megginson - 1.1.0-0.1.20070725 - Initial version based on fedora-ds-base.spec From fedora-directory-commits at redhat.com Wed Nov 7 16:21:59 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 7 Nov 2007 11:21:59 -0500 Subject: [Fedora-directory-commits] adminserver/pkg/el4 fedora-ds-admin.spec, NONE, 1.1 Message-ID: <200711071621.lA7GLxIR010497@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/pkg/el4 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10461/el4 Added Files: fedora-ds-admin.spec Log Message: added spec files --- NEW FILE fedora-ds-admin.spec --- %define shortname fedora-ds %define pkgname dirsrv Summary: Fedora Administration Server (admin) Name: fedora-ds-admin Version: 1.1.0 Release: 1.15%{?dist} License: GPL URL: http://directory.fedoraproject.org/ Group: System Environment/Daemons BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: dirsec-nspr-devel >= 4.6.4 BuildRequires: dirsec-nss-devel >= 3.11.4 BuildRequires: svrcore-devel >= 4.0.3 BuildRequires: mozldap6-devel >= 6.0.4 BuildRequires: cyrus-sasl-devel >= 2.1.19 BuildRequires: icu >= 3.4 BuildRequires: libicu-devel >= 3.4 BuildRequires: httpd-devel BuildRequires: apr-devel BuildRequires: fortitude-mod_nss BuildRequires: adminutil-devel Requires: fedora-ds-base Requires: fortitude-mod_nss # the following are needed for some of our scripts Requires: perl-Mozilla-LDAP # for the init script Requires(post): /sbin/chkconfig Requires(preun): /sbin/chkconfig Requires(preun): /sbin/service Source0: %{name}-%{version}.tar.bz2 # fedora-ds-cvs.sh should be used to generate the source tarball from CVS Source1: %{name}-cvs.sh %description Fedora Administration Server is an HTTP agent that provides management features for Fedora Directory Server. It provides some management web apps that can be used through a web browser. It provides the authentication, access control, and CGI utilities used by the console. %prep %setup -q -n %{name}-%{version} %build %configure --disable-rpath --with-fortitude # Generate symbolic info for debuggers export XCFLAGS=$RPM_OPT_FLAGS %ifarch x86_64 ppc64 ia64 s390x sparc64 export USE_64=1 %endif make %{?_smp_mflags} %install rm -rf $RPM_BUILD_ROOT make DESTDIR="$RPM_BUILD_ROOT" install # make console jars directory mkdir -p $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java #remove libtool and static libs rm -f $RPM_BUILD_ROOT%{_libdir}/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/*.so rm -f $RPM_BUILD_ROOT%{_libdir}/*.la rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.a rm -f $RPM_BUILD_ROOT%{_libdir}/%{pkgname}/modules/*.la %clean rm -rf $RPM_BUILD_ROOT %post /sbin/chkconfig --add %{pkgname}-admin /sbin/ldconfig %preun if [ $1 = 0 ]; then /sbin/service %{pkgname}-admin stop >/dev/null 2>&1 || : /sbin/chkconfig --del %{pkgname}-admin fi %postun -p /sbin/ldconfig %files %defattr(-,root,root,-) %doc LICENSE %dir %{_sysconfdir}/%{pkgname}/admin-serv %config(noreplace)%{_sysconfdir}/%{pkgname}/admin-serv/*.conf %{_datadir}/%{pkgname} %{_initrddir}/%{pkgname}-admin %{_sysconfdir}/sysconfig/%{pkgname}-admin %{_sbindir}/* %{_libdir}/*.so.* %{_libdir}/%{pkgname} %changelog * Mon Oct 15 2007 Rich Megginson - 1.1.0-1.15 - fix bogus dist macro - change mozldap6 to mozldap * Thu Oct 11 2007 Rich Megginson - 1.1.0-1.14 - make admin server work with SELinux enabled - fix wording errors in setup * Mon Oct 8 2007 Rich Megginson - 1.1.0-1.13 - added /etc/sysconfig/dirsrv-admin the file that allows you to set - the environment used to start up the admin server (e.g. keytab, ulimit, etc.) - the initscript and admin start script use this file now - This version also has a fix to print the correct error message if the admin - server cannot be contacted during setup or migration. * Thu Sep 27 2007 Rich Megginson - 1.1.0-1.12 - fix a couple of migration issues, including the rpath $libdir problem - allow ds_remove from console to remove instances * Wed Sep 19 2007 Rich Megginson - 1.1.0-1.11 - one line fix to fix of 295001 - console.conf clobbered * Tue Sep 18 2007 Rich Megginson - 1.1.0-1.10 - fixed migration issue bugzilla 295001 - console.conf clobbered * Fri Sep 14 2007 Rich Megginson - 1.1.0-1.9 - fix several more migration problems * Fri Sep 14 2007 Rich Megginson - 1.1.0-1.8 - fix migration - servers are started as they are migrated now * Tue Aug 21 2007 Rich Megginson - 1.1.0-1.7 - Fix the with-fhs-opt configure flag * Fri Aug 17 2007 Rich Megginson - 1.1.0-1.6 - remove curses - make mod_admserv link against sasl - add the usual .m4 files to mod_admserv instead of having all of - the component logic in configure.in * Thu Aug 16 2007 Rich Megginson - 1.1.0-1.5 - incorporate Noriko's migration fix * Wed Aug 15 2007 Rich Megginson - 1.1.0-1.4 - address several migration issues * Mon Aug 13 2007 Rich Megginson - 1.1.0-1.3 - there is no devel package, so remove unused .so files * Mon Aug 13 2007 Rich Megginson - 1.1.0-1.2 - forgot to tag the modules * Fri Aug 10 2007 Rich Megginson - 1.1.0-1.1 - get rid of cvsdate - use pkgname of dirsrv for filesystem path naming - get rid of devel package - simplify files section * Fri Aug 10 2007 Noriko Hosoi - 1.1.0-0.3.20070810 - updated to latest sources - upgraded the mozldap6 version to 6.0.4 * Wed Aug 8 2007 Noriko Hosoi - 1.1.0-0.2.20070808 - updated to latest sources -- bug fixes in the setup scripts * Mon Aug 6 2007 Rich Megginson - 1.1.0-0.1.20070806 - updated to latest sources * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.4.20070802 - There are no files in bindir anymore * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.3.20070802 - forgot to prepend build root to java dir creation * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.2.20070802 - forgot to add mod_admserv and mod_restartd to source * Thu Aug 2 2007 Rich Megginson - 1.1.0-0.1.20070802 - updated to latest sources - fix build breakage - add console jars dir under html * Mon Jul 23 2007 Rich Megginson - 1.1.0-0.1.20070725 - Initial version based on fedora-ds-base.spec From fedora-directory-commits at redhat.com Wed Nov 7 16:21:21 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 7 Nov 2007 11:21:21 -0500 Subject: [Fedora-directory-commits] adminserver/pkg/el4 - New directory Message-ID: <200711071621.lA7GLLim010385@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/pkg/el4 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv10370/el4 Log Message: Directory /cvs/dirsec/adminserver/pkg/el4 added to the repository From fedora-directory-commits at redhat.com Wed Nov 7 20:38:17 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 7 Nov 2007 15:38:17 -0500 Subject: [Fedora-directory-commits] fedora-idm-console fedora-idm-console.spec, 1.1.1.1, 1.2 Message-ID: <200711072038.lA7KcHTW025103@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/fedora-idm-console In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25060 Modified Files: fedora-idm-console.spec Log Message: package is not noarch Index: fedora-idm-console.spec =================================================================== RCS file: /cvs/dirsec/fedora-idm-console/fedora-idm-console.spec,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- fedora-idm-console.spec 1 Aug 2007 23:08:51 -0000 1.1.1.1 +++ fedora-idm-console.spec 7 Nov 2007 20:38:15 -0000 1.2 @@ -3,7 +3,7 @@ Name: fedora-idm-console Version: %{major_version}.%{minor_version} -Release: 3 +Release: 4 Summary: Fedora Management Console Group: Applications @@ -11,7 +11,6 @@ URL: http://directory.fedoraproject.org BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -BuildArch: noarch Source: %{name}-%{version}.tar.bz2 Requires: idm-console-framework >= 1.1 BuildRequires: ant >= 1.6.2 @@ -48,13 +47,16 @@ rm -rf $RPM_BUILD_ROOT %files -%defattr(-,root,root) +%defattr(-,root,root,-) %{_javadir}/%{name}-%{version}_en.jar %{_javadir}/%{name}-%{major_version}_en.jar %{_javadir}/%{name}_en.jar %{_bindir}/%{name} %changelog +* Thu Oct 25 2007 Nathan Kinder 1.1.0-4 +- Removed noarch to ensure we find the 64-bit library. + * Wed Aug 1 2007 Nathan Kinder 1.1.0-3 - Separated theme package. From fedora-directory-commits at redhat.com Wed Nov 7 22:07:19 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 7 Nov 2007 17:07:19 -0500 Subject: [Fedora-directory-commits] admservconsole fedora-admin-console.spec, 1.3, 1.4 Message-ID: <200711072207.lA7M7JMw014654@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/admservconsole In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv14635 Modified Files: fedora-admin-console.spec Log Message: fix symlinks Index: fedora-admin-console.spec =================================================================== RCS file: /cvs/dirsec/admservconsole/fedora-admin-console.spec,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- fedora-admin-console.spec 9 Aug 2007 16:26:13 -0000 1.3 +++ fedora-admin-console.spec 7 Nov 2007 22:07:17 -0000 1.4 @@ -3,10 +3,11 @@ %define dsname fedora-ds %define shortname fedora-admin +%define pkgname dirsrv Name: fedora-admin-console Version: %{major_version}.%{minor_version} -Release: 2 +Release: 3%{?dist} Summary: Fedora Admin Server Management Console Group: Applications @@ -35,15 +36,15 @@ %install rm -rf $RPM_BUILD_ROOT -install -d $RPM_BUILD_ROOT%{_datadir}/%{dsname}/html/java -install -m777 built/package/%{shortname}* $RPM_BUILD_ROOT%{_datadir}/%{dsname}/html/java -install -d $RPM_BUILD_ROOT%{_datadir}/%{dsname}/manual/en/admin/help -install -m644 help/en/*.html $RPM_BUILD_ROOT%{_datadir}/%{dsname}/manual/en/admin -install -m644 help/en/tokens.map $RPM_BUILD_ROOT%{_datadir}/%{dsname}/manual/en/admin -install -m644 help/en/help/*.html $RPM_BUILD_ROOT%{_datadir}/%{dsname}/manual/en/admin/help +install -d $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java +install -m777 built/package/%{shortname}* $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java +install -d $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/admin/help +install -m644 help/en/*.html $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/admin +install -m644 help/en/tokens.map $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/admin +install -m644 help/en/help/*.html $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/manual/en/admin/help # create symlinks -pushd $RPM_BUILD_ROOT%{_datadir}/%{dsname}/html/java +pushd $RPM_BUILD_ROOT%{_datadir}/%{pkgname}/html/java ln -s %{shortname}-%{version}.jar %{shortname}-%{major_version}.jar ln -s %{shortname}-%{version}.jar %{shortname}.jar ln -s %{shortname}-%{version}_en.jar %{shortname}-%{major_version}_en.jar @@ -55,18 +56,21 @@ %files %defattr(-,root,root) -%{_datadir}/%{dsname}/html/java/%{shortname}-%{version}.jar -%{_datadir}/%{dsname}/html/java/%{shortname}-%{major_version}.jar -%{_datadir}/%{dsname}/html/java/%{shortname}.jar -%{_datadir}/%{dsname}/html/java/%{shortname}-%{version}_en.jar -%{_datadir}/%{dsname}/html/java/%{shortname}-%{major_version}_en.jar -%{_datadir}/%{dsname}/html/java/%{shortname}_en.jar -%dir %{_datadir}/%{dsname}/manual/en/admin -%{_datadir}/%{dsname}/manual/en/admin/tokens.map -%doc %{_datadir}/%{dsname}/manual/en/admin/*.html -%doc %{_datadir}/%{dsname}/manual/en/admin/help/*.html - +%{_datadir}/%{pkgname}/html/java/%{shortname}-%{version}.jar +%{_datadir}/%{pkgname}/html/java/%{shortname}-%{major_version}.jar +%{_datadir}/%{pkgname}/html/java/%{shortname}.jar +%{_datadir}/%{pkgname}/html/java/%{shortname}-%{version}_en.jar +%{_datadir}/%{pkgname}/html/java/%{shortname}-%{major_version}_en.jar +%{_datadir}/%{pkgname}/html/java/%{shortname}_en.jar +%dir %{_datadir}/%{pkgname}/manual/en/admin +%{_datadir}/%{pkgname}/manual/en/admin/tokens.map +%doc %{_datadir}/%{pkgname}/manual/en/admin/*.html +%doc %{_datadir}/%{pkgname}/manual/en/admin/help/*.html + %changelog +* Thu Oct 25 2007 Rich Megginson - 1.1.0-3 +- updated sources - use dirsrv as package name + * Wed Aug 8 2007 Nathan Kinder 1.1.0-2 - Added online help files into package. From fedora-directory-commits at redhat.com Mon Nov 12 19:24:54 2007 From: fedora-directory-commits at redhat.com (Jack Magne (jmagne)) Date: Mon, 12 Nov 2007 14:24:54 -0500 Subject: [Fedora-directory-commits] coolkey/applet/src/com/redhat/ckey/applet CardEdge.java, 1.3, 1.4 Message-ID: <200711121924.lACJOstM004617@cvs-int.fedora.redhat.com> Author: jmagne Update of /cvs/dirsec/coolkey/applet/src/com/redhat/ckey/applet In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4440 Modified Files: CardEdge.java Log Message: Correctly parse application specific initialization data such that the "issuerInfo" URL can be encoded onto the card. Bug #367751, rev. rrelyea. Index: CardEdge.java =================================================================== RCS file: /cvs/dirsec/coolkey/applet/src/com/redhat/ckey/applet/CardEdge.java,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- CardEdge.java 6 Dec 2006 19:11:21 -0000 1.3 +++ CardEdge.java 12 Nov 2007 19:24:51 -0000 1.4 @@ -123,8 +123,8 @@ private static final byte VERSION_PROTOCOL_MINOR = 1; private static final byte VERSION_APPLET_MAJOR = 1; private static final byte VERSION_APPLET_MINOR = 3; - private static final short BUILDID_MAJOR = (short) 0x4577; - private static final short BUILDID_MINOR = (short) 0x09c8; + private static final short BUILDID_MAJOR = (short) 0x4734; + private static final short BUILDID_MINOR = (short) 0xb002; private static final short ZEROS = 0; // * Enable pin size check @@ -504,47 +504,210 @@ // // initialize the parameters to their default values + //Save offset of the instance aid length. + byte remainingLength = bLength; + short mem_size = (short)6000; create_object_ACL = RA_ACL; create_key_ACL = RA_ACL; create_pin_ACL = RA_ACL; enable_ACL_change = 0; // can't change ACLs by default - // allow configuration of the mem_size, since it can't be changed - // on the fly. - if ((bArray[bOffset] & 0x80) != 0) { - mem_size = (short) - (Util.makeShort(ZEROB,(byte)(bArray[bOffset] & 0x7e))* 100); - enable_ACL_change = (byte)(bArray[bOffset] & 0x1); - bOffset++; - bLength--; - // we can create APDU's to change the ACL's. - } + pins = new OwnerPIN [MAX_NUM_PINS]; + keys = new Key [MAX_NUM_KEYS]; + keyMate = new byte [MAX_NUM_KEYS]; + keyACLs = new byte [MAX_NUM_KEYS * KEY_ACL_SIZE]; + keyTries = new byte [MAX_NUM_KEYS]; + keyPairs = new KeyPair [MAX_NUM_KEYS]; + ciphers = new Cipher [MAX_NUM_KEYS]; + signatures = new Signature [MAX_NUM_KEYS]; + default_nonce = new byte [NONCE_SIZE]; + issuerInfo = new byte [ISSUER_INFO_SIZE]; + + for (byte i = 0; i < MAX_NUM_KEYS; i++) { + keyTries[i] = MAX_KEY_TRIES; + keyMate[i] = -1; + } + + Util.arrayFillNonAtomic(default_nonce, ZEROS, NONCE_SIZE, ZEROB); + Util.arrayFillNonAtomic(issuerInfo, ZEROS,ISSUER_INFO_SIZE, ZEROB); + + byte appDataLen = 0; + byte issuerLen = 0; + + //Attempt to parse app specific initialization data + //Format + // n bytes- System header data, skip past to get to app data + // App specific data + // 1 byte - Issuer Info Len + // n bytes- Issuer Info Value, string of characters + // 1 byte - Custem memory size Len, agree upon 2 + // 2 bytes- Custom memory size value + // 1 byte - Applet bit mask Len, now only handle 1, allow for more in future + // n bytes- Applet bit mask value. Process 1 now. + + + //Skip past the header data provided by the system + + //Get instance AID length + + byte len = bArray[bOffset]; + + short customMemSize = 0; + do { + + if(remainingLength <= 0) { + break; + } + + if( len > remainingLength) { + break; + } + + //Skip past the instance AID + // + bOffset+= len + 1; + remainingLength-= (len + 1); + + if(remainingLength <= 0) { + break; + } + + //Get app privileges length + + len = bArray[bOffset]; + + if(len > remainingLength) { + break; + } + //Skip past the app privileges + + bOffset+= len + 1; + remainingLength-=(len + 1); + + if(remainingLength <= 0) { + break; + } + + //Get length of the entire application specific data block + + appDataLen = bArray[bOffset]; + + if( appDataLen > remainingLength) + { + break; + } + + bOffset +=1; + remainingLength=appDataLen; + + if(remainingLength <= 0) { + break; + } + + //Get the issuer info length + + issuerLen = bArray[bOffset]; + + if(issuerLen > remainingLength) { + break; + } + + bOffset++; + remainingLength--; + + if(remainingLength <= 0) { + break; + } + + //Actually copy our issuer info data + + if(issuerLen != 0) { + if((short) issuerLen < ISSUER_INFO_SIZE) { + Util.arrayCopyNonAtomic(bArray,bOffset,issuerInfo,ZEROB,issuerLen); + } else { + break; + } + } + + //skip past the issuer data if any + + bOffset+= issuerLen ; + remainingLength-= issuerLen; + if(remainingLength <= 0) { + break; + } + + //Get memory size length + + byte memSizeLen= bArray[bOffset]; + + if(memSizeLen > remainingLength) { + break; + } + + bOffset+=1; + remainingLength-=1; + if(remainingLength <= 0) { + break; + } + + //allow configuration of the mem_size, since it can't be changed + //on the fly. + //Get memory size from next block,assume 2 bytes + + if(memSizeLen == 2) { + customMemSize = Util.makeShort(bArray[bOffset],bArray[(short) (bOffset + 1)]); + bOffset += 2; + remainingLength-=2; + } + + //Sanity check the mem size + + if(customMemSize > 0) { + mem_size = (short) customMemSize ; + } + + if(remainingLength <= 0) { + break; + } + + //obtain the applet bit mask to alter the behavior as needed + //only pay attention to first byte now. + + byte appletBitMask = 0; + byte bitMaskLen = 0; + + bitMaskLen = bArray[bOffset]; + + if(bitMaskLen > remainingLength) { + break; + } + + if(bitMaskLen > 0) { + bOffset += 1; + remainingLength-=1; + appletBitMask = bArray[bOffset]; + } + + if(remainingLength <= 0) { + break; + } + + //The first thing in the bitmask we support is allowing the change of ACL's + + if(appletBitMask != 0) { + enable_ACL_change = (byte)(appletBitMask & 0x1); + } + + } while(false); + + //Memory Management data instantiation + + mem = new MemoryManager(mem_size); + om = new ObjectManager(mem); - mem = new MemoryManager(mem_size); - om = new ObjectManager(mem); - pins = new OwnerPIN [MAX_NUM_PINS]; - keys = new Key [MAX_NUM_KEYS]; - keyMate = new byte [MAX_NUM_KEYS]; - keyACLs = new byte [MAX_NUM_KEYS * KEY_ACL_SIZE]; - keyTries = new byte [MAX_NUM_KEYS]; - keyPairs = new KeyPair [MAX_NUM_KEYS]; - ciphers = new Cipher [MAX_NUM_KEYS]; - signatures = new Signature [MAX_NUM_KEYS]; - default_nonce = new byte [NONCE_SIZE]; - issuerInfo = new byte [ISSUER_INFO_SIZE]; - - for (byte i = 0; i < MAX_NUM_KEYS; i++) { - keyTries[i] = MAX_KEY_TRIES; - keyMate[i] = -1; - } - Util.arrayFillNonAtomic(default_nonce, ZEROS, NONCE_SIZE, ZEROB); - Util.arrayFillNonAtomic(issuerInfo, ZEROS,ISSUER_INFO_SIZE, ZEROB); - // copy the rest of the param date into issuerInfo. - if (bLength > 0) { - Util.arrayCopyNonAtomic(bArray,bOffset,issuerInfo,ZEROB,bLength); - } authenticated_id = 0; nonce_ids = 0; From fedora-directory-commits at redhat.com Wed Nov 14 15:04:53 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 10:04:53 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm ldbm_config.c, 1.11, 1.12 ldbm_instance_config.c, 1.8, 1.9 Message-ID: <200711141504.lAEF4rZA012885@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12862/ldapserver/ldap/servers/slapd/back-ldbm Modified Files: ldbm_config.c ldbm_instance_config.c Log Message: Resolves: bug 339041 Bug Description: migration : encryption key entries missing when source is 6.21 Reviewed by: nhosoi (Thanks!) Fix Description: I found out why it wasn't always adding the attribute encryption entries. If the cn=monitor entry existed for the database, it would not add the other container entries. I don't know why it did that. I changed it to always add those entries, and just skip the ones that already exist. This should ensure that the attribute encryption entries always exist. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: ldbm_config.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/ldbm_config.c,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- ldbm_config.c 15 Mar 2007 21:34:32 -0000 1.11 +++ ldbm_config.c 14 Nov 2007 15:04:51 -0000 1.12 @@ -82,8 +82,10 @@ Slapi_Entry *e; Slapi_PBlock *util_pb = NULL; int rc; + int result; char entry_string[512]; int dont_write_file = 0; + char ebuf[BUFSIZ]; if (flags & LDBM_INSTANCE_CONFIG_DONT_WRITE) { dont_write_file = 1; @@ -93,11 +95,21 @@ util_pb = slapi_pblock_new(); PR_snprintf(entry_string, 512, entries[x], string1, string2, string3); e = slapi_str2entry(entry_string, 0); + PR_snprintf(ebuf, sizeof(ebuf), slapi_entry_get_dn_const(e)); /* for logging */ slapi_add_entry_internal_set_pb(util_pb, e, NULL, li->li_identity, 0); slapi_pblock_set(util_pb, SLAPI_DSE_DONT_WRITE_WHEN_ADDING, &dont_write_file); - if ((rc = slapi_add_internal_pb(util_pb)) != LDAP_SUCCESS) { - LDAPDebug(LDAP_DEBUG_ANY, "Unable to add config entries to the DSE: %d\n", rc, 0, 0); + rc = slapi_add_internal_pb(util_pb); + slapi_pblock_get(util_pb, SLAPI_PLUGIN_INTOP_RESULT, &result); + if (!rc && (result == LDAP_SUCCESS)) { + LDAPDebug(LDAP_DEBUG_CONFIG, "Added database config entry [%s]\n", + ebuf, 0, 0); + } else if (result == LDAP_ALREADY_EXISTS) { + LDAPDebug(LDAP_DEBUG_TRACE, "Database config entry [%s] already exists - skipping\n", + ebuf, 0, 0); + } else { + LDAPDebug(LDAP_DEBUG_ANY, "Unable to add config entry [%s] to the DSE: %d %d\n", + ebuf, result, rc); } slapi_pblock_destroy(util_pb); } Index: ldbm_instance_config.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/ldbm_instance_config.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- ldbm_instance_config.c 25 Jul 2007 15:20:01 -0000 1.8 +++ ldbm_instance_config.c 14 Nov 2007 15:04:51 -0000 1.9 @@ -490,27 +490,11 @@ slapi_pblock_destroy(search_pb); } - /* now check for cn=monitor -- if not present, add default child entries */ - search_pb = slapi_pblock_new(); - PR_snprintf(dn, BUFSIZ, "cn=monitor, cn=%s, cn=%s, cn=plugins, cn=config", - inst->inst_name, li->li_plugin->plg_name); - slapi_search_internal_set_pb(search_pb, dn, LDAP_SCOPE_BASE, - "objectclass=*", NULL, 0, NULL, NULL, - li->li_identity, 0); - slapi_search_internal_pb(search_pb); - slapi_pblock_get(search_pb, SLAPI_PLUGIN_INTOP_RESULT, &res); - - if (res == LDAP_NO_SUCH_OBJECT) { - /* Add skeleton dse entries for this instance */ - ldbm_config_add_dse_entries(li, ldbm_instance_skeleton_entries, - inst->inst_name, li->li_plugin->plg_name, - inst->inst_name, 0); - } - - if (search_pb) { - slapi_free_search_results_internal(search_pb); - slapi_pblock_destroy(search_pb); - } + /* Add skeleton dse entries for this instance */ + /* IF they already exist, that's ok */ + ldbm_config_add_dse_entries(li, ldbm_instance_skeleton_entries, + inst->inst_name, li->li_plugin->plg_name, + inst->inst_name, 0); /* setup the dse callback functions for the ldbm instance config entry */ PR_snprintf(dn, BUFSIZ, "cn=%s, cn=%s, cn=plugins, cn=config", From fedora-directory-commits at redhat.com Wed Nov 14 15:07:37 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 10:07:37 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/tools/rsearch/scripts dbgen.pl.in, 1.1, 1.2 Message-ID: <200711141507.lAEF7bva013221@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/rsearch/scripts In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13204 Modified Files: dbgen.pl.in Log Message: Resolves: bug 367721 Bug Description: dbgen.pl uses incorrect perl interpreter on hpux Reviewed by: nhosoi (Thanks!) Fix Description: Set @perlexec@ to the correct platform specific perl location. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: dbgen.pl.in =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/rsearch/scripts/dbgen.pl.in,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- dbgen.pl.in 16 Jul 2007 16:49:41 -0000 1.1 +++ dbgen.pl.in 14 Nov 2007 15:07:35 -0000 1.2 @@ -1,4 +1,4 @@ -#!/usr/bin/perl +#!@perlexec@ # BEGIN COPYRIGHT BLOCK # This Program is free software; you can redistribute it and/or modify it under # the terms of the GNU General Public License as published by the Free Software From fedora-directory-commits at redhat.com Wed Nov 14 15:12:12 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 10:12:12 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSMigration.pm.in, 1.22, 1.23 Message-ID: <200711141512.lAEFCCaZ013377@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13360 Modified Files: DSMigration.pm.in Log Message: Resolves: bug 345711 Description: migration : ignore idl switch value in 6.21 and earlier Fix Description: Have to assign the values directly to the array ref - not to a temp array ref Index: DSMigration.pm.in =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSMigration.pm.in,v retrieving revision 1.22 retrieving revision 1.23 diff -u -r1.22 -r1.23 --- DSMigration.pm.in 25 Oct 2007 18:11:59 -0000 1.22 +++ DSMigration.pm.in 14 Nov 2007 15:12:09 -0000 1.23 @@ -143,8 +143,7 @@ my $line = ; close DBVERSION; chomp($line); - my @foo = split("/", $line); - $data = \@foo; + @{$data} = split("/", $line); return (); } From fedora-directory-commits at redhat.com Wed Nov 14 16:46:18 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Wed, 14 Nov 2007 11:46:18 -0500 Subject: [Fedora-directory-commits] admservconsole/help/en tokens.map, 1.2, 1.3 Message-ID: <200711141646.lAEGkIRO027266@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/admservconsole/help/en In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27109/en Modified Files: tokens.map Log Message: Resolves: 379211 Summary: Online help corrections. Index: tokens.map =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/tokens.map,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- tokens.map 20 Sep 2007 16:33:13 -0000 1.2 +++ tokens.map 14 Nov 2007 16:46:15 -0000 1.3 @@ -130,7 +130,7 @@ CertRequestWizard-help = help/certificate_request_wizard_introduction.html CertRequestInfoPage-help = help/certificate_request_wizard_requestor_information.html TokenPasswordPage-help = help/certificate_request_install_wizard_token_password.html -CertRequestSubmissionPage = help/certificate_request_wizard_request_submission.html +CertRequestSubmissionPage-help = help/certificate_request_wizard_request_submission.html ;CERTIFICATE INSTALLATION WIZARD CertInstallCertPage-help = help/certificate_install_wizard_certificate_location.html From fedora-directory-commits at redhat.com Wed Nov 14 16:46:18 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Wed, 14 Nov 2007 11:46:18 -0500 Subject: [Fedora-directory-commits] admservconsole/help/en/help add_crl_ckl.html, 1.1, 1.2 certificate_information_detail.html, 1.1, 1.2 certificate_request_wizard_introduction.html, 1.1, 1.2 configure_administration_server_access.html, 1.1, 1.2 configure_administration_server_configuration_ds.html, 1.1, 1.2 configure_administration_server_encryption.html, 1.1, 1.2 configure_administration_server_network.html, 1.1, 1.2 configure_administration_server_user_ds.html, 1.1, 1.2 create_user_administrator.html, 1.1, 1.2 host_information.html, 1.1, 1.2 logging_options.html, 1.1, 1.2 manage_certificates_ca_certs.html, 1.1, 1.2 manage_certificates_revoked_certs.html, 1.1, 1.2 select_organizational_unit.html, 1.1, 1.2 server_group_information.html, 1.1, 1.2 server_information.html, 1.1, 1.2 set_security_device_password_change_security_device_password.html, 1.1, 1.2 users_and_groups.html, 1.1, 1.2 Message-ID: <200711141646.lAEGkIYv027274@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/admservconsole/help/en/help In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27109/en/help Modified Files: add_crl_ckl.html certificate_information_detail.html certificate_request_wizard_introduction.html configure_administration_server_access.html configure_administration_server_configuration_ds.html configure_administration_server_encryption.html configure_administration_server_network.html configure_administration_server_user_ds.html create_user_administrator.html host_information.html logging_options.html manage_certificates_ca_certs.html manage_certificates_revoked_certs.html select_organizational_unit.html server_group_information.html server_information.html set_security_device_password_change_security_device_password.html users_and_groups.html Log Message: Resolves: 379211 Summary: Online help corrections. Index: add_crl_ckl.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/add_crl_ckl.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- add_crl_ckl.html 9 Aug 2007 16:04:04 -0000 1.1 +++ add_crl_ckl.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -6,7 +6,7 @@ Use this dialog box to add a Certificate Revocation List (CRL) or a Compromised Key List (CKL) to the trust database.

-Enter full path to CRL/CKL file. Provide the full path to the file containing the CRL or CKL. +Enter CRL/CKL file. Provide the name of the file containing the CRL or CKL. This file must exist in the same directory as your key and cert database.

File contains a Certificate Revocation List (CRL). Select this option if the file contains a CRL. Index: certificate_information_detail.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/certificate_information_detail.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- certificate_information_detail.html 9 Aug 2007 16:04:04 -0000 1.1 +++ certificate_information_detail.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -7,7 +7,23 @@

-Organizational Unit. If an organizational unit was specified during the certificate request process, it is displayed here. +Locality. If a locality was specified during the certificate request process, it is displayed here. +

+ +

+Organization. If an organization was specified during the certificate request process, it is displayed here. +

+ +

+Organization Unit. If an organization unit was specified during the certificate request process, it is displayed here. +

+ +

+State. If a state was specified during the certificate request process, it is displayed here. +

+ +

+Country. If a country was specified during the certificate request process, it is displayed here.

Index: certificate_request_wizard_introduction.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/certificate_request_wizard_introduction.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- certificate_request_wizard_introduction.html 9 Aug 2007 16:04:04 -0000 1.1 +++ certificate_request_wizard_introduction.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -3,7 +3,7 @@

-You can use Management Console to generate a manual or automatic certificate request. A manual request requires you to submit information to a CA. An automatic request is submitted for you by Console. In order to send an automatic request to a CA, you need to obtain a plug-in. For more information, contact your CA. +You can use the Management Console to generate a manual or automatic certificate request. A manual request requires you to submit information to a CA. An automatic request is submitted for you by Console. In order to send an automatic request to a CA, you need to obtain a plug-in. For more information, contact your CA.

Index: configure_administration_server_access.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/configure_administration_server_access.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configure_administration_server_access.html 9 Aug 2007 16:04:04 -0000 1.1 +++ configure_administration_server_access.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -3,13 +3,10 @@

-Use this tab to specify a user name and password for the Administration Server Administrator and to enable or disable Directory Server Gateway access. +Use this tab to specify a user name and password for the Administration Server Administrator.

-The Administration Server Administrator is a special user that has full access to all features in the Administration Server. This user is created during installation for the purpose of starting Console if a Directory Server is unavailable. The Administration Server Administrator user name and password are stored in the file <server_root>/admin-serv/config/admpw. -

-

-The Directory Server Gateway is a service that provides web-based access to the entire user directory. The Directory Server Gateway must be installed before you can use this option. +The Administration Server Administrator is a special user that has full access to all features in the Administration Server. This user is created during installation. The Administration Server Administrator user name and password are stored in the file admpw in your Administration Server configuration directory.

User name. Enter the user ID for the Administration Server Administrator. Index: configure_administration_server_configuration_ds.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/configure_administration_server_configuration_ds.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configure_administration_server_configuration_ds.html 9 Aug 2007 16:04:04 -0000 1.1 +++ configure_administration_server_configuration_ds.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -15,5 +15,5 @@ LDAP Port. Enter the port number for the configuration directory that this Administration Server uses.

-Secure Connection. Select this option if the configuration directory is already SSL enabled. +Secure Connection. Select this option if you would like the Administration Server to communicate with the configuration directory using SSL.

Index: configure_administration_server_encryption.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/configure_administration_server_encryption.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configure_administration_server_encryption.html 9 Aug 2007 16:04:04 -0000 1.1 +++ configure_administration_server_encryption.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -9,7 +9,7 @@ Enable SSL for this server. Select this option if you want to secure this server with Secure Sockets Layer (SSL) encryption. All other SSL encryption options listed here become available to you only when you enable SSL by checking this box.

-Use this cipher family. When you enable SSL encryption, the cipher families available to you are listed here. The Management Console currently supports two cipher families: RSA and Fortezza. The internal security device supports only RSA. If you're using a Fortezza card, you'll also see the Fortezza cipher family listed in the Encryption tab. Select the cipher families you want to use. +Use this cipher family. When you enable SSL encryption, the cipher families available to you are listed here. The internal security device supports only the RSA cipher family.

Security Device. Choose internal (software) if the key is stored in the local key database. All other choices on this list are available only if you are using an external module. Index: configure_administration_server_network.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/configure_administration_server_network.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configure_administration_server_network.html 9 Aug 2007 16:04:04 -0000 1.1 +++ configure_administration_server_network.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -9,16 +9,16 @@ Port. Enter the port number you want the Administration Server to use. The port number can be any number between 1 and 65535, but it is typically a random number greater than 1024.

-IP Address. Enter the IP address you want the server to use for incoming requests and connections. +IP Address. Enter the IP address you want the server to use for incoming requests and connections. Leaving this field empty will cause the Administration Server to listen on all available network interfaces.

-Connection Restrictions. Displays a list of hosts currently allowed to connect to the Administration Server. Use the drop-down list to indicate whether you're adding to the list by DNS name or by IP address. The list is evaluated first by host name and then by IP address. +Connection Restrictions. Displays a list of hosts currently allowed to connect to the Administration Server. Use the drop-down list to indicate whether you're adding to the list by host name or by IP address. The list is evaluated first by host name and then by IP address.

Add. Displays a dialog box for adding a host to the list of computers allowed to connect to the Administration Server.

-Edit. Displays a dialog box for editing a Host IP address or DNS name on the list of computers allowed to connect to the Administration Server. +Edit. Displays a dialog box for editing a host name or IP address on the list of computers allowed to connect to the Administration Server.

Remove. Removes a selected entry from the list of allowed hosts. Index: configure_administration_server_user_ds.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/configure_administration_server_user_ds.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configure_administration_server_user_ds.html 9 Aug 2007 16:04:04 -0000 1.1 +++ configure_administration_server_user_ds.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -3,7 +3,7 @@

-Use this screen to specify one or more Directory Servers to use when authenticating users. +Use this screen to specify one or more Directory Servers to use when authenticating users to this Administration Server.

Use Default User Directory. Choose this option if you want to use the user directory associated with the domain. Its LDAP URL is displayed here. @@ -41,9 +41,6 @@ -
-
-

Secure Connection. Select this option if the new user directory is already SSL enabled.

Index: create_user_administrator.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/create_user_administrator.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- create_user_administrator.html 9 Aug 2007 16:04:04 -0000 1.1 +++ create_user_administrator.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -32,6 +32,3 @@

Fax. (Optional) Enter the user or administrator's fax number.

-

-Access Permissions Help. Provides information on setting access controls that apply to users and groups. -

Index: host_information.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/host_information.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- host_information.html 9 Aug 2007 16:04:04 -0000 1.1 +++ host_information.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -12,10 +12,10 @@ You can edit the following information about the selected host:

-Host name. Specifies the name of the host machine as displayed in the navigation tree. The host name is usually the fully qualified machine name, but any label is acceptable. For example, a host name could be eastcoast.example.com or East Coast Sun ES10000. +Host name. Specifies the name of the host machine as displayed in the navigation tree. The host name is usually the fully qualified machine name, but any label is acceptable. For example, a host name could be westcoast.example.com or West Coast Server.

-Description. (Optional) Contains a brief description of this host. For example, Sun ES10000 for the East Coast division of Example Corporation. +Description. (Optional) Contains a brief description of this host. For example, Server for the West Coast division of Example Corporation.

Location. (Optional) Specifies the physical location of this host. For example, Cube 17043 or Building 15 - Third Floor - Lab No. 1. @@ -24,8 +24,8 @@ You can view, but not edit, the following information about the selected host:

-Platform. Indicates the host machine's architecture. For example, Intel. +Platform. Indicates the host machine's architecture. For example, i686.

-Operating system. Indicates the operating system that this host is running. For example, Windows NT 4.0 (Build 1381). +Operating system. Indicates the operating system that this host is running as reported by uname. For example, Linux westcoast.example.com 2.6.9-55.0.9.ELsmp Tue Sep 25 02:17:24 EDT i686 i686 i386 GNU/Linux.

Index: logging_options.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/logging_options.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- logging_options.html 9 Aug 2007 16:04:04 -0000 1.1 +++ logging_options.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -3,13 +3,13 @@

-The Administration Server uses an access log and an error log. The access log monitors activity while the error log keeps track of server events and problems. Use this panel to indicate where to store each of these log files. +The Administration Server uses an access log and an error log. The access log monitors activity while the error log keeps track of server events and problems. Use this panel to indicate the filename to use for each of these log files.

-Access Log - Log File. Enter a path and filename for the access log. This path can be absolute or relative to the server root. Example: /export/server_logs/access. +Access Log - Log File. Enter a filename for the access log. This must be a filename with no path provided.

-Error Log - Log File. Enter a path and filename for the error log. This path can be absolute or relative to the server root. Example: /export/server_logs/error. +Error Log - Log File. Enter a filename for the error log. This must be a filename with no path provided.

Index: manage_certificates_ca_certs.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/manage_certificates_ca_certs.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- manage_certificates_ca_certs.html 9 Aug 2007 16:04:04 -0000 1.1 +++ manage_certificates_ca_certs.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -3,7 +3,7 @@

-Use this dialog to view, request, and manage Certificate Authority (CA) certificates. +Use this dialog to view and manage Certificate Authority (CA) certificates.

Security Device. Choose the security device that you want to manage. Unless you have installed an external device, only internal (software) will be available. Index: manage_certificates_revoked_certs.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/manage_certificates_revoked_certs.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- manage_certificates_revoked_certs.html 9 Aug 2007 16:04:04 -0000 1.1 +++ manage_certificates_revoked_certs.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -3,7 +3,7 @@

-Use this dialog to view, request, and manage Certificate Revocation Lists (CRLs) and Compromised Key Lists (CKLs). +Use this dialog to view and manage Certificate Revocation Lists (CRLs) and Compromised Key Lists (CKLs).

Index: select_organizational_unit.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/select_organizational_unit.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- select_organizational_unit.html 9 Aug 2007 16:04:04 -0000 1.1 +++ select_organizational_unit.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -7,5 +7,5 @@

-An organizational unit is a type of branch point in an LDAP directory. Typically, it is used to represent a major entity in your enterprise. This can be a real-life division such as Engineering or a logical grouping of directory entries such as People or Groups. In Distinguished Name (DN) syntax, an organizational unit is represented by ou. The Engineering division of a company might exist under ou=Engineering, o=example.com. Employees may be stored under ou=People, o=example.com. +An organizational unit is a type of branch point in an LDAP directory. Typically, it is used to represent a major entity in your enterprise. This can be a real-life division such as Engineering or a logical grouping of directory entries such as People or Groups. In Distinguished Name (DN) syntax, an organizational unit is represented by ou. The Engineering division of a company might exist under ou=Engineering, dc=example, dc=com. Employees may be stored under ou=People, dc=example, dc=com.

Index: server_group_information.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/server_group_information.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- server_group_information.html 9 Aug 2007 16:04:04 -0000 1.1 +++ server_group_information.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -12,14 +12,8 @@ You can edit the following information about the selected server group:

-Group name. Specifies the name of the server group as displayed in the network tree. The group name usually indicates the type of group that is selected. For example, Western Sales Servers, Finance Department's Directory Server, or Example Corporation's Messaging Servers. +Group name. Specifies the name of the server group as displayed in the network tree. The group name usually indicates the type of group that is selected. For example, Western Sales Servers or Example Corporation's Directory Servers.

Description. (Optional) Contains a brief description of this server group. For example, Servers for the Western region sales force.

-

-You can view, but not edit, the following information about the selected server group: -

-

-Installation path. Indicates the path to this server group. This path is also called the "server root." -

Index: server_information.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/server_information.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- server_information.html 9 Aug 2007 16:04:04 -0000 1.1 +++ server_information.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -15,7 +15,7 @@ You can edit the following information about the selected server:

-Server Name. Specifies the name of the server as displayed in the network tree. The server name usually indicates the type of server that is selected. For example, Administration Server, Messaging Server, or Directory Server. +Server Name. Specifies the name of the server as displayed in the network tree. The server name usually indicates the type of server that is selected. For example, Administration Server or Directory Server.

Description. (Optional) Contains a brief description of this server. For example, Directory Server for the Eastern region sales force. @@ -27,9 +27,6 @@ Installation Date. Indicates date and time the server was installed.

-Server Root. Indicates directory where the server binaries are installed. -

-

Product Name. Indicates the server's official product name.

@@ -45,7 +42,7 @@ Revision. Indicates whether this server has been upgraded or patched. If no value is present, this is an unpatched installation.

-Security Level. Indicates whether the server uses domestic (US based, 128-bit ciphers) or export (non-US based, 40-bit ciphers) encryption levels. +Security Level. Indicates whether the server uses domestic (128-bit ciphers) or export (40-bit ciphers) encryption levels.

Server Status. Indicates whether the server is on or off. Index: set_security_device_password_change_security_device_password.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/set_security_device_password_change_security_device_password.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- set_security_device_password_change_security_device_password.html 9 Aug 2007 16:04:04 -0000 1.1 +++ set_security_device_password_change_security_device_password.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -10,7 +10,7 @@ The first time you use Administration Server's security features, you are prompted to specify a password for the internal (software) security device.

-
    +
    • If you are setting the password for the internal security device for the first time, enter information for the following fields:
      • Index: users_and_groups.html =================================================================== RCS file: /cvs/dirsec/admservconsole/help/en/help/users_and_groups.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- users_and_groups.html 9 Aug 2007 16:04:04 -0000 1.1 +++ users_and_groups.html 14 Nov 2007 16:46:16 -0000 1.2 @@ -6,7 +6,7 @@ This is a multipurpose dialog box you can use to do the following:

      -
        +
        • Locate existing users or groups
          • From fedora-directory-commits at redhat.com Wed Nov 14 17:51:57 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 12:51:57 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/cgi-ds addindex.c, 1.2, NONE ds_bak2db.c, 1.2, NONE ds_db2bak.c, 1.2, NONE ds_db2ldif.c, 1.2, NONE ds_ldif2db.c, 1.2, NONE ds_rmdb.c, 1.2, NONE vlvindex.c, 1.2, NONE Message-ID: <200711141751.lAEHpvkd005379@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/admserv/cgi-ds In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/admserv/cgi-ds Removed Files: addindex.c ds_bak2db.c ds_db2bak.c ds_db2ldif.c ds_ldif2db.c ds_rmdb.c vlvindex.c Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none --- addindex.c DELETED --- --- ds_bak2db.c DELETED --- --- ds_db2bak.c DELETED --- --- ds_db2ldif.c DELETED --- --- ds_ldif2db.c DELETED --- --- ds_rmdb.c DELETED --- --- vlvindex.c DELETED --- From fedora-directory-commits at redhat.com Wed Nov 14 17:51:58 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 12:51:58 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/schema/ldif 11dstasks.ldif.tmpl, 1.4, 1.5 Message-ID: <200711141751.lAEHpwfu005385@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/admserv/schema/ldif In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/admserv/schema/ldif Modified Files: 11dstasks.ldif.tmpl Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: 11dstasks.ldif.tmpl =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/schema/ldif/11dstasks.ldif.tmpl,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- 11dstasks.ldif.tmpl 4 Jul 2007 01:31:33 -0000 1.4 +++ 11dstasks.ldif.tmpl 14 Nov 2007 17:51:55 -0000 1.5 @@ -63,7 +63,6 @@ objectClass: nstask objectClass: nsAdminObject nsClassname: com.netscape.admin.dirserv.task.Backup@%ds_console_jar%@%as_sie% -nsExecRef: ds_db2bak cn: Backup dn: cn=Restore, cn=operation, cn=Tasks, %ds_sie% @@ -71,7 +70,6 @@ objectClass: nstask objectClass: nsAdminObject nsClassname: com.netscape.admin.dirserv.task.Restore@%ds_console_jar%@%as_sie% -nsExecRef: ds_bak2db cn: Restore dn: cn=KeyCert, cn=operation, cn=Tasks, %ds_sie% @@ -102,20 +100,6 @@ nsClassname: com.netscape.admin.dirserv.task.CompleteExport@%ds_console_jar%@%as_sie% cn: CompleteExport -dn: cn=Export, cn=operation, cn=Tasks, %ds_sie% -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_db2ldif -cn: Export - -dn: cn=Import, cn=operation, cn=Tasks, %ds_sie% -objectClass: top -objectClass: nstask -objectClass: nsAdminObject -nsExecRef: ds_ldif2db -cn: Import - dn: cn=ViewLog, cn=operation, cn=Tasks, %ds_sie% objectClass: top objectClass: nstask @@ -141,14 +125,12 @@ objectClass: top objectClass: nstask objectClass: nsAdminObject -nsExecRef: ds_vlvindex cn: CreateVLVIndex dn: cn=AddIndex, cn=operation, cn=Tasks, %ds_sie% objectClass: top objectClass: nstask objectClass: nsAdminObject -nsExecRef: ds_addindex cn: AddIndex dn: cn=SNMPCtrl, cn=operation, cn=Tasks, %ds_sie% From fedora-directory-commits at redhat.com Wed Nov 14 17:51:57 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 12:51:57 -0500 Subject: [Fedora-directory-commits] adminserver Makefile.am, 1.34, 1.35 aclocal.m4, 1.33, 1.34 configure, 1.37, 1.38 missing, 1.23, 1.24 install-sh, 1.23, 1.24 Makefile.in, 1.40, 1.41 depcomp, 1.23, 1.24 config.sub, 1.23, 1.24 config.guess, 1.23, 1.24 compile, 1.22, 1.23 Message-ID: <200711141751.lAEHpvg0005366@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver Modified Files: Makefile.am aclocal.m4 configure missing install-sh Makefile.in depcomp config.sub config.guess compile Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: Makefile.am =================================================================== RCS file: /cvs/dirsec/adminserver/Makefile.am,v retrieving revision 1.34 retrieving revision 1.35 diff -u -r1.34 -r1.35 --- Makefile.am 5 Oct 2007 23:48:01 -0000 1.34 +++ Makefile.am 14 Nov 2007 17:51:55 -0000 1.35 @@ -176,8 +176,7 @@ cgibin_PROGRAMS = admpw security ugdsconfig ReadLog start_config_ds \ config statpingserv viewdata dsconfig monreplication restartsrv \ statusping viewlog htmladmin sec-activate stopsrv download help \ - ds_start ds_restart ds_shutdown ds_ldif2db ds_db2ldif ds_bak2db \ - ds_db2bak ds_listdb ds_rmdb ds_snmpctrl ds_vlvindex ds_addindex + ds_start ds_restart ds_shutdown ds_listdb ds_snmpctrl cgibin_SCRIPTS = admserv/cgi-src40/ds_create \ admserv/cgi-src40/ds_remove \ @@ -206,15 +205,11 @@ libdsa_a_SOURCES = lib/libdsa/dsalib_conf.c \ lib/libdsa/dsalib_debug.c \ - lib/libdsa/dsalib_ldif.c \ lib/libdsa/dsalib_tailf.c \ lib/libdsa/dsalib_confs.c \ - lib/libdsa/dsalib_dn.c \ lib/libdsa/dsalib_location.c \ lib/libdsa/dsalib_updown.c \ lib/libdsa/dsalib_db.c \ - lib/libdsa/dsalib_filename.c \ - lib/libdsa/dsalib_pw.c \ lib/libdsa/dsalib_util.c libdsa_a_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include/libdsa @ldapsdk_inc@ @nss_inc@ @nspr_inc@ @@ -292,51 +287,16 @@ ds_shutdown_LDADD = libdsa.a $(DEFAULT_LIBS) ds_shutdown_LINK = $(MYLINK) -ds_ldif2db_SOURCES = admserv/cgi-ds/ds_ldif2db.c admserv/cgi-ds/init_ds_env.c -ds_ldif2db_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_ldif2db_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_ldif2db_LINK = $(MYLINK) - -ds_db2ldif_SOURCES = admserv/cgi-ds/ds_db2ldif.c admserv/cgi-ds/init_ds_env.c -ds_db2ldif_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_db2ldif_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_db2ldif_LINK = $(MYLINK) - -ds_bak2db_SOURCES = admserv/cgi-ds/ds_bak2db.c admserv/cgi-ds/init_ds_env.c -ds_bak2db_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_bak2db_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_bak2db_LINK = $(MYLINK) - -ds_db2bak_SOURCES = admserv/cgi-ds/ds_db2bak.c admserv/cgi-ds/init_ds_env.c -ds_db2bak_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_db2bak_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_db2bak_LINK = $(MYLINK) - ds_listdb_SOURCES = admserv/cgi-ds/ds_listdb.c admserv/cgi-ds/init_ds_env.c ds_listdb_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) ds_listdb_LDADD = libdsa.a $(DEFAULT_LIBS) ds_listdb_LINK = $(MYLINK) -ds_rmdb_SOURCES = admserv/cgi-ds/ds_rmdb.c admserv/cgi-ds/init_ds_env.c -ds_rmdb_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_rmdb_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_rmdb_LINK = $(MYLINK) - ds_snmpctrl_SOURCES = admserv/cgi-ds/ds_snmpctrl.c admserv/cgi-ds/init_ds_env.c ds_snmpctrl_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) ds_snmpctrl_LDADD = libdsa.a $(DEFAULT_LIBS) ds_snmpctrl_LINK = $(MYLINK) -ds_vlvindex_SOURCES = admserv/cgi-ds/vlvindex.c admserv/cgi-ds/init_ds_env.c -ds_vlvindex_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_vlvindex_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_vlvindex_LINK = $(MYLINK) - -ds_addindex_SOURCES = admserv/cgi-ds/addindex.c admserv/cgi-ds/init_ds_env.c -ds_addindex_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_addindex_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_addindex_LINK = $(MYLINK) - ############## Data Files ################ HTMLDIR = admserv/html dist_html_DATA = $(HTMLDIR)/htmladmin.html $(HTMLDIR)/monreplication.html $(HTMLDIR)/viewdata.html $(HTMLDIR)/viewlog.html $(HTMLDIR)/admserv.html Index: Makefile.in =================================================================== RCS file: /cvs/dirsec/adminserver/Makefile.in,v retrieving revision 1.40 retrieving revision 1.41 diff -u -r1.40 -r1.41 --- Makefile.in 5 Oct 2007 23:48:02 -0000 1.40 +++ Makefile.in 14 Nov 2007 17:51:55 -0000 1.41 @@ -49,10 +49,7 @@ statusping$(EXEEXT) viewlog$(EXEEXT) htmladmin$(EXEEXT) \ sec-activate$(EXEEXT) stopsrv$(EXEEXT) download$(EXEEXT) \ help$(EXEEXT) ds_start$(EXEEXT) ds_restart$(EXEEXT) \ - ds_shutdown$(EXEEXT) ds_ldif2db$(EXEEXT) ds_db2ldif$(EXEEXT) \ - ds_bak2db$(EXEEXT) ds_db2bak$(EXEEXT) ds_listdb$(EXEEXT) \ - ds_rmdb$(EXEEXT) ds_snmpctrl$(EXEEXT) ds_vlvindex$(EXEEXT) \ - ds_addindex$(EXEEXT) + ds_shutdown$(EXEEXT) ds_listdb$(EXEEXT) ds_snmpctrl$(EXEEXT) DIST_COMMON = README $(am__configure_deps) $(dist_help_DATA) \ $(dist_html_DATA) $(dist_icon_DATA) $(srcdir)/Makefile.am \ $(srcdir)/Makefile.in $(srcdir)/config.h.in \ @@ -81,15 +78,11 @@ am__dirstamp = $(am__leading_dot)dirstamp am_libdsa_a_OBJECTS = lib/libdsa/libdsa_a-dsalib_conf.$(OBJEXT) \ lib/libdsa/libdsa_a-dsalib_debug.$(OBJEXT) \ - lib/libdsa/libdsa_a-dsalib_ldif.$(OBJEXT) \ lib/libdsa/libdsa_a-dsalib_tailf.$(OBJEXT) \ lib/libdsa/libdsa_a-dsalib_confs.$(OBJEXT) \ - lib/libdsa/libdsa_a-dsalib_dn.$(OBJEXT) \ lib/libdsa/libdsa_a-dsalib_location.$(OBJEXT) \ lib/libdsa/libdsa_a-dsalib_updown.$(OBJEXT) \ lib/libdsa/libdsa_a-dsalib_db.$(OBJEXT) \ - lib/libdsa/libdsa_a-dsalib_filename.$(OBJEXT) \ - lib/libdsa/libdsa_a-dsalib_pw.$(OBJEXT) \ lib/libdsa/libdsa_a-dsalib_util.$(OBJEXT) libdsa_a_OBJECTS = $(am_libdsa_a_OBJECTS) am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; @@ -140,29 +133,6 @@ am_download_OBJECTS = admserv/cgi-src40/download.$(OBJEXT) download_OBJECTS = $(am_download_OBJECTS) download_LDADD = $(LDADD) -am_ds_addindex_OBJECTS = \ - admserv/cgi-ds/ds_addindex-addindex.$(OBJEXT) \ - admserv/cgi-ds/ds_addindex-init_ds_env.$(OBJEXT) -ds_addindex_OBJECTS = $(am_ds_addindex_OBJECTS) -ds_addindex_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) -am_ds_bak2db_OBJECTS = admserv/cgi-ds/ds_bak2db-ds_bak2db.$(OBJEXT) \ - admserv/cgi-ds/ds_bak2db-init_ds_env.$(OBJEXT) -ds_bak2db_OBJECTS = $(am_ds_bak2db_OBJECTS) -ds_bak2db_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) -am_ds_db2bak_OBJECTS = admserv/cgi-ds/ds_db2bak-ds_db2bak.$(OBJEXT) \ - admserv/cgi-ds/ds_db2bak-init_ds_env.$(OBJEXT) -ds_db2bak_OBJECTS = $(am_ds_db2bak_OBJECTS) -ds_db2bak_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) -am_ds_db2ldif_OBJECTS = \ - admserv/cgi-ds/ds_db2ldif-ds_db2ldif.$(OBJEXT) \ - admserv/cgi-ds/ds_db2ldif-init_ds_env.$(OBJEXT) -ds_db2ldif_OBJECTS = $(am_ds_db2ldif_OBJECTS) -ds_db2ldif_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) -am_ds_ldif2db_OBJECTS = \ - admserv/cgi-ds/ds_ldif2db-ds_ldif2db.$(OBJEXT) \ - admserv/cgi-ds/ds_ldif2db-init_ds_env.$(OBJEXT) -ds_ldif2db_OBJECTS = $(am_ds_ldif2db_OBJECTS) -ds_ldif2db_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) am_ds_listdb_OBJECTS = admserv/cgi-ds/ds_listdb-ds_listdb.$(OBJEXT) \ admserv/cgi-ds/ds_listdb-init_ds_env.$(OBJEXT) ds_listdb_OBJECTS = $(am_ds_listdb_OBJECTS) @@ -171,10 +141,6 @@ admserv/cgi-ds/ds_restart-init_ds_env.$(OBJEXT) ds_restart_OBJECTS = $(am_ds_restart_OBJECTS) ds_restart_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) -am_ds_rmdb_OBJECTS = admserv/cgi-ds/ds_rmdb-ds_rmdb.$(OBJEXT) \ - admserv/cgi-ds/ds_rmdb-init_ds_env.$(OBJEXT) -ds_rmdb_OBJECTS = $(am_ds_rmdb_OBJECTS) -ds_rmdb_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) am_ds_shutdown_OBJECTS = \ admserv/cgi-ds/ds_shutdown-shutdown.$(OBJEXT) \ admserv/cgi-ds/ds_shutdown-init_ds_env.$(OBJEXT) @@ -189,11 +155,6 @@ admserv/cgi-ds/ds_start-init_ds_env.$(OBJEXT) ds_start_OBJECTS = $(am_ds_start_OBJECTS) ds_start_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) -am_ds_vlvindex_OBJECTS = \ - admserv/cgi-ds/ds_vlvindex-vlvindex.$(OBJEXT) \ - admserv/cgi-ds/ds_vlvindex-init_ds_env.$(OBJEXT) -ds_vlvindex_OBJECTS = $(am_ds_vlvindex_OBJECTS) -ds_vlvindex_DEPENDENCIES = libdsa.a $(am__DEPENDENCIES_2) am_dsconfig_OBJECTS = admserv/cgi-src40/dsconfig.$(OBJEXT) dsconfig_OBJECTS = $(am_dsconfig_OBJECTS) dsconfig_DEPENDENCIES = $(am__DEPENDENCIES_2) @@ -267,13 +228,10 @@ $(CXXFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ SOURCES = $(libdsa_a_SOURCES) $(libds_admin_serv_la_SOURCES) \ $(ReadLog_SOURCES) $(admpw_SOURCES) $(config_SOURCES) \ - $(download_SOURCES) $(ds_addindex_SOURCES) \ - $(ds_bak2db_SOURCES) $(ds_db2bak_SOURCES) \ - $(ds_db2ldif_SOURCES) $(ds_ldif2db_SOURCES) \ - $(ds_listdb_SOURCES) $(ds_restart_SOURCES) $(ds_rmdb_SOURCES) \ + $(download_SOURCES) $(ds_listdb_SOURCES) $(ds_restart_SOURCES) \ $(ds_shutdown_SOURCES) $(ds_snmpctrl_SOURCES) \ - $(ds_start_SOURCES) $(ds_vlvindex_SOURCES) $(dsconfig_SOURCES) \ - $(help_SOURCES) $(htmladmin_SOURCES) $(monreplication_SOURCES) \ + $(ds_start_SOURCES) $(dsconfig_SOURCES) $(help_SOURCES) \ + $(htmladmin_SOURCES) $(monreplication_SOURCES) \ $(restartsrv_SOURCES) $(sec_activate_SOURCES) \ $(security_SOURCES) $(start_config_ds_SOURCES) \ $(statpingserv_SOURCES) $(statusping_SOURCES) \ @@ -281,13 +239,10 @@ $(viewlog_SOURCES) DIST_SOURCES = $(libdsa_a_SOURCES) $(libds_admin_serv_la_SOURCES) \ $(ReadLog_SOURCES) $(admpw_SOURCES) $(config_SOURCES) \ - $(download_SOURCES) $(ds_addindex_SOURCES) \ - $(ds_bak2db_SOURCES) $(ds_db2bak_SOURCES) \ - $(ds_db2ldif_SOURCES) $(ds_ldif2db_SOURCES) \ - $(ds_listdb_SOURCES) $(ds_restart_SOURCES) $(ds_rmdb_SOURCES) \ + $(download_SOURCES) $(ds_listdb_SOURCES) $(ds_restart_SOURCES) \ $(ds_shutdown_SOURCES) $(ds_snmpctrl_SOURCES) \ - $(ds_start_SOURCES) $(ds_vlvindex_SOURCES) $(dsconfig_SOURCES) \ - $(help_SOURCES) $(htmladmin_SOURCES) $(monreplication_SOURCES) \ + $(ds_start_SOURCES) $(dsconfig_SOURCES) $(help_SOURCES) \ + $(htmladmin_SOURCES) $(monreplication_SOURCES) \ $(restartsrv_SOURCES) $(sec_activate_SOURCES) \ $(security_SOURCES) $(start_config_ds_SOURCES) \ $(statpingserv_SOURCES) $(statusping_SOURCES) \ @@ -638,15 +593,11 @@ libds_admin_serv_la_LINK = $(MYLINK) libdsa_a_SOURCES = lib/libdsa/dsalib_conf.c \ lib/libdsa/dsalib_debug.c \ - lib/libdsa/dsalib_ldif.c \ lib/libdsa/dsalib_tailf.c \ lib/libdsa/dsalib_confs.c \ - lib/libdsa/dsalib_dn.c \ lib/libdsa/dsalib_location.c \ lib/libdsa/dsalib_updown.c \ lib/libdsa/dsalib_db.c \ - lib/libdsa/dsalib_filename.c \ - lib/libdsa/dsalib_pw.c \ lib/libdsa/dsalib_util.c libdsa_a_CPPFLAGS = $(AM_CPPFLAGS) -I$(srcdir)/include/libdsa @ldapsdk_inc@ @nss_inc@ @nspr_inc@ @@ -719,42 +670,14 @@ ds_shutdown_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) ds_shutdown_LDADD = libdsa.a $(DEFAULT_LIBS) ds_shutdown_LINK = $(MYLINK) -ds_ldif2db_SOURCES = admserv/cgi-ds/ds_ldif2db.c admserv/cgi-ds/init_ds_env.c -ds_ldif2db_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_ldif2db_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_ldif2db_LINK = $(MYLINK) -ds_db2ldif_SOURCES = admserv/cgi-ds/ds_db2ldif.c admserv/cgi-ds/init_ds_env.c -ds_db2ldif_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_db2ldif_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_db2ldif_LINK = $(MYLINK) -ds_bak2db_SOURCES = admserv/cgi-ds/ds_bak2db.c admserv/cgi-ds/init_ds_env.c -ds_bak2db_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_bak2db_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_bak2db_LINK = $(MYLINK) -ds_db2bak_SOURCES = admserv/cgi-ds/ds_db2bak.c admserv/cgi-ds/init_ds_env.c -ds_db2bak_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_db2bak_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_db2bak_LINK = $(MYLINK) ds_listdb_SOURCES = admserv/cgi-ds/ds_listdb.c admserv/cgi-ds/init_ds_env.c ds_listdb_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) ds_listdb_LDADD = libdsa.a $(DEFAULT_LIBS) ds_listdb_LINK = $(MYLINK) -ds_rmdb_SOURCES = admserv/cgi-ds/ds_rmdb.c admserv/cgi-ds/init_ds_env.c -ds_rmdb_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_rmdb_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_rmdb_LINK = $(MYLINK) ds_snmpctrl_SOURCES = admserv/cgi-ds/ds_snmpctrl.c admserv/cgi-ds/init_ds_env.c ds_snmpctrl_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) ds_snmpctrl_LDADD = libdsa.a $(DEFAULT_LIBS) ds_snmpctrl_LINK = $(MYLINK) -ds_vlvindex_SOURCES = admserv/cgi-ds/vlvindex.c admserv/cgi-ds/init_ds_env.c -ds_vlvindex_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_vlvindex_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_vlvindex_LINK = $(MYLINK) -ds_addindex_SOURCES = admserv/cgi-ds/addindex.c admserv/cgi-ds/init_ds_env.c -ds_addindex_CPPFLAGS = -I$(srcdir)/include/libdsa $(AM_CPPFLAGS) -ds_addindex_LDADD = libdsa.a $(DEFAULT_LIBS) -ds_addindex_LINK = $(MYLINK) ############## Data Files ################ HTMLDIR = admserv/html @@ -1010,16 +933,12 @@ lib/libdsa/libdsa_a-dsalib_debug.$(OBJEXT): \ lib/libdsa/$(am__dirstamp) \ lib/libdsa/$(DEPDIR)/$(am__dirstamp) -lib/libdsa/libdsa_a-dsalib_ldif.$(OBJEXT): lib/libdsa/$(am__dirstamp) \ - lib/libdsa/$(DEPDIR)/$(am__dirstamp) lib/libdsa/libdsa_a-dsalib_tailf.$(OBJEXT): \ lib/libdsa/$(am__dirstamp) \ lib/libdsa/$(DEPDIR)/$(am__dirstamp) lib/libdsa/libdsa_a-dsalib_confs.$(OBJEXT): \ lib/libdsa/$(am__dirstamp) \ lib/libdsa/$(DEPDIR)/$(am__dirstamp) -lib/libdsa/libdsa_a-dsalib_dn.$(OBJEXT): lib/libdsa/$(am__dirstamp) \ - lib/libdsa/$(DEPDIR)/$(am__dirstamp) lib/libdsa/libdsa_a-dsalib_location.$(OBJEXT): \ lib/libdsa/$(am__dirstamp) \ lib/libdsa/$(DEPDIR)/$(am__dirstamp) @@ -1028,11 +947,6 @@ lib/libdsa/$(DEPDIR)/$(am__dirstamp) lib/libdsa/libdsa_a-dsalib_db.$(OBJEXT): lib/libdsa/$(am__dirstamp) \ lib/libdsa/$(DEPDIR)/$(am__dirstamp) -lib/libdsa/libdsa_a-dsalib_filename.$(OBJEXT): \ - lib/libdsa/$(am__dirstamp) \ - lib/libdsa/$(DEPDIR)/$(am__dirstamp) -lib/libdsa/libdsa_a-dsalib_pw.$(OBJEXT): lib/libdsa/$(am__dirstamp) \ - lib/libdsa/$(DEPDIR)/$(am__dirstamp) lib/libdsa/libdsa_a-dsalib_util.$(OBJEXT): lib/libdsa/$(am__dirstamp) \ lib/libdsa/$(DEPDIR)/$(am__dirstamp) libdsa.a: $(libdsa_a_OBJECTS) $(libdsa_a_DEPENDENCIES) @@ -1186,51 +1100,6 @@ admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp): @$(mkdir_p) admserv/cgi-ds/$(DEPDIR) @: > admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_addindex-addindex.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_addindex-init_ds_env.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -ds_addindex$(EXEEXT): $(ds_addindex_OBJECTS) $(ds_addindex_DEPENDENCIES) - @rm -f ds_addindex$(EXEEXT) - $(ds_addindex_LINK) $(ds_addindex_LDFLAGS) $(ds_addindex_OBJECTS) $(ds_addindex_LDADD) $(LIBS) -admserv/cgi-ds/ds_bak2db-ds_bak2db.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_bak2db-init_ds_env.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -ds_bak2db$(EXEEXT): $(ds_bak2db_OBJECTS) $(ds_bak2db_DEPENDENCIES) - @rm -f ds_bak2db$(EXEEXT) - $(ds_bak2db_LINK) $(ds_bak2db_LDFLAGS) $(ds_bak2db_OBJECTS) $(ds_bak2db_LDADD) $(LIBS) -admserv/cgi-ds/ds_db2bak-ds_db2bak.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_db2bak-init_ds_env.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -ds_db2bak$(EXEEXT): $(ds_db2bak_OBJECTS) $(ds_db2bak_DEPENDENCIES) - @rm -f ds_db2bak$(EXEEXT) - $(ds_db2bak_LINK) $(ds_db2bak_LDFLAGS) $(ds_db2bak_OBJECTS) $(ds_db2bak_LDADD) $(LIBS) -admserv/cgi-ds/ds_db2ldif-ds_db2ldif.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_db2ldif-init_ds_env.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -ds_db2ldif$(EXEEXT): $(ds_db2ldif_OBJECTS) $(ds_db2ldif_DEPENDENCIES) - @rm -f ds_db2ldif$(EXEEXT) - $(ds_db2ldif_LINK) $(ds_db2ldif_LDFLAGS) $(ds_db2ldif_OBJECTS) $(ds_db2ldif_LDADD) $(LIBS) -admserv/cgi-ds/ds_ldif2db-ds_ldif2db.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_ldif2db-init_ds_env.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -ds_ldif2db$(EXEEXT): $(ds_ldif2db_OBJECTS) $(ds_ldif2db_DEPENDENCIES) - @rm -f ds_ldif2db$(EXEEXT) - $(ds_ldif2db_LINK) $(ds_ldif2db_LDFLAGS) $(ds_ldif2db_OBJECTS) $(ds_ldif2db_LDADD) $(LIBS) admserv/cgi-ds/ds_listdb-ds_listdb.$(OBJEXT): \ admserv/cgi-ds/$(am__dirstamp) \ admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) @@ -1249,15 +1118,6 @@ ds_restart$(EXEEXT): $(ds_restart_OBJECTS) $(ds_restart_DEPENDENCIES) @rm -f ds_restart$(EXEEXT) $(ds_restart_LINK) $(ds_restart_LDFLAGS) $(ds_restart_OBJECTS) $(ds_restart_LDADD) $(LIBS) -admserv/cgi-ds/ds_rmdb-ds_rmdb.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_rmdb-init_ds_env.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -ds_rmdb$(EXEEXT): $(ds_rmdb_OBJECTS) $(ds_rmdb_DEPENDENCIES) - @rm -f ds_rmdb$(EXEEXT) - $(ds_rmdb_LINK) $(ds_rmdb_LDFLAGS) $(ds_rmdb_OBJECTS) $(ds_rmdb_LDADD) $(LIBS) admserv/cgi-ds/ds_shutdown-shutdown.$(OBJEXT): \ admserv/cgi-ds/$(am__dirstamp) \ admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) @@ -1285,15 +1145,6 @@ ds_start$(EXEEXT): $(ds_start_OBJECTS) $(ds_start_DEPENDENCIES) @rm -f ds_start$(EXEEXT) $(ds_start_LINK) $(ds_start_LDFLAGS) $(ds_start_OBJECTS) $(ds_start_LDADD) $(LIBS) -admserv/cgi-ds/ds_vlvindex-vlvindex.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -admserv/cgi-ds/ds_vlvindex-init_ds_env.$(OBJEXT): \ - admserv/cgi-ds/$(am__dirstamp) \ - admserv/cgi-ds/$(DEPDIR)/$(am__dirstamp) -ds_vlvindex$(EXEEXT): $(ds_vlvindex_OBJECTS) $(ds_vlvindex_DEPENDENCIES) - @rm -f ds_vlvindex$(EXEEXT) - $(ds_vlvindex_LINK) $(ds_vlvindex_LDFLAGS) $(ds_vlvindex_OBJECTS) $(ds_vlvindex_LDADD) $(LIBS) admserv/cgi-src40/dsconfig.$(OBJEXT): \ admserv/cgi-src40/$(am__dirstamp) \ admserv/cgi-src40/$(DEPDIR)/$(am__dirstamp) @@ -1494,30 +1345,16 @@ mostlyclean-compile: -rm -f *.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_addindex-addindex.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_addindex-init_ds_env.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_bak2db-ds_bak2db.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_bak2db-init_ds_env.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_db2bak-ds_db2bak.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_db2bak-init_ds_env.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_db2ldif-ds_db2ldif.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_db2ldif-init_ds_env.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_ldif2db-ds_ldif2db.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_ldif2db-init_ds_env.$(OBJEXT) -rm -f admserv/cgi-ds/ds_listdb-ds_listdb.$(OBJEXT) -rm -f admserv/cgi-ds/ds_listdb-init_ds_env.$(OBJEXT) -rm -f admserv/cgi-ds/ds_restart-init_ds_env.$(OBJEXT) -rm -f admserv/cgi-ds/ds_restart-restart.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_rmdb-ds_rmdb.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_rmdb-init_ds_env.$(OBJEXT) -rm -f admserv/cgi-ds/ds_shutdown-init_ds_env.$(OBJEXT) -rm -f admserv/cgi-ds/ds_shutdown-shutdown.$(OBJEXT) -rm -f admserv/cgi-ds/ds_snmpctrl-ds_snmpctrl.$(OBJEXT) -rm -f admserv/cgi-ds/ds_snmpctrl-init_ds_env.$(OBJEXT) -rm -f admserv/cgi-ds/ds_start-init_ds_env.$(OBJEXT) -rm -f admserv/cgi-ds/ds_start-start.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_vlvindex-init_ds_env.$(OBJEXT) - -rm -f admserv/cgi-ds/ds_vlvindex-vlvindex.$(OBJEXT) -rm -f admserv/cgi-src40/ReadLog.$(OBJEXT) -rm -f admserv/cgi-src40/admpw.$(OBJEXT) -rm -f admserv/cgi-src40/config.$(OBJEXT) @@ -1566,11 +1403,7 @@ -rm -f lib/libdsa/libdsa_a-dsalib_confs.$(OBJEXT) -rm -f lib/libdsa/libdsa_a-dsalib_db.$(OBJEXT) -rm -f lib/libdsa/libdsa_a-dsalib_debug.$(OBJEXT) - -rm -f lib/libdsa/libdsa_a-dsalib_dn.$(OBJEXT) - -rm -f lib/libdsa/libdsa_a-dsalib_filename.$(OBJEXT) - -rm -f lib/libdsa/libdsa_a-dsalib_ldif.$(OBJEXT) -rm -f lib/libdsa/libdsa_a-dsalib_location.$(OBJEXT) - -rm -f lib/libdsa/libdsa_a-dsalib_pw.$(OBJEXT) -rm -f lib/libdsa/libdsa_a-dsalib_tailf.$(OBJEXT) -rm -f lib/libdsa/libdsa_a-dsalib_updown.$(OBJEXT) -rm -f lib/libdsa/libdsa_a-dsalib_util.$(OBJEXT) @@ -1590,30 +1423,16 @@ distclean-compile: -rm -f *.tab.c - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_listdb-ds_listdb.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_listdb-init_ds_env.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_restart-init_ds_env.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_restart-restart.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_shutdown-init_ds_env.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_shutdown-shutdown.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_snmpctrl-ds_snmpctrl.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_snmpctrl-init_ds_env.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_start-init_ds_env.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_start-start.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-src40/$(DEPDIR)/ReadLog.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-src40/$(DEPDIR)/admpw.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at admserv/cgi-src40/$(DEPDIR)/config.Po at am__quote@ @@ -1649,11 +1468,7 @@ @AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_confs.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_db.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_debug.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_location.Po at am__quote@ - at AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_tailf.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_updown.Po at am__quote@ @AMDEP_TRUE@@am__include@ @am__quote at lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_util.Po at am__quote@ @@ -1716,20 +1531,6 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_debug.obj `if test -f 'lib/libdsa/dsalib_debug.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_debug.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_debug.c'; fi` -lib/libdsa/libdsa_a-dsalib_ldif.o: lib/libdsa/dsalib_ldif.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_ldif.o -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_ldif.o `test -f 'lib/libdsa/dsalib_ldif.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_ldif.c; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_ldif.c' object='lib/libdsa/libdsa_a-dsalib_ldif.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_ldif.o `test -f 'lib/libdsa/dsalib_ldif.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_ldif.c - -lib/libdsa/libdsa_a-dsalib_ldif.obj: lib/libdsa/dsalib_ldif.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_ldif.obj -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_ldif.obj `if test -f 'lib/libdsa/dsalib_ldif.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_ldif.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_ldif.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_ldif.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_ldif.c' object='lib/libdsa/libdsa_a-dsalib_ldif.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_ldif.obj `if test -f 'lib/libdsa/dsalib_ldif.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_ldif.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_ldif.c'; fi` - lib/libdsa/libdsa_a-dsalib_tailf.o: lib/libdsa/dsalib_tailf.c @am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_tailf.o -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_tailf.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_tailf.o `test -f 'lib/libdsa/dsalib_tailf.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_tailf.c; \ @am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_tailf.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_tailf.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_tailf.Tpo"; exit 1; fi @@ -1758,20 +1559,6 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_confs.obj `if test -f 'lib/libdsa/dsalib_confs.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_confs.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_confs.c'; fi` -lib/libdsa/libdsa_a-dsalib_dn.o: lib/libdsa/dsalib_dn.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_dn.o -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_dn.o `test -f 'lib/libdsa/dsalib_dn.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_dn.c; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_dn.c' object='lib/libdsa/libdsa_a-dsalib_dn.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_dn.o `test -f 'lib/libdsa/dsalib_dn.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_dn.c - -lib/libdsa/libdsa_a-dsalib_dn.obj: lib/libdsa/dsalib_dn.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_dn.obj -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_dn.obj `if test -f 'lib/libdsa/dsalib_dn.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_dn.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_dn.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_dn.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_dn.c' object='lib/libdsa/libdsa_a-dsalib_dn.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_dn.obj `if test -f 'lib/libdsa/dsalib_dn.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_dn.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_dn.c'; fi` - lib/libdsa/libdsa_a-dsalib_location.o: lib/libdsa/dsalib_location.c @am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_location.o -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_location.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_location.o `test -f 'lib/libdsa/dsalib_location.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_location.c; \ @am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_location.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_location.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_location.Tpo"; exit 1; fi @@ -1814,34 +1601,6 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_db.obj `if test -f 'lib/libdsa/dsalib_db.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_db.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_db.c'; fi` -lib/libdsa/libdsa_a-dsalib_filename.o: lib/libdsa/dsalib_filename.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_filename.o -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_filename.o `test -f 'lib/libdsa/dsalib_filename.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_filename.c; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_filename.c' object='lib/libdsa/libdsa_a-dsalib_filename.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_filename.o `test -f 'lib/libdsa/dsalib_filename.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_filename.c - -lib/libdsa/libdsa_a-dsalib_filename.obj: lib/libdsa/dsalib_filename.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_filename.obj -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_filename.obj `if test -f 'lib/libdsa/dsalib_filename.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_filename.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_filename.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_filename.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_filename.c' object='lib/libdsa/libdsa_a-dsalib_filename.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_filename.obj `if test -f 'lib/libdsa/dsalib_filename.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_filename.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_filename.c'; fi` - -lib/libdsa/libdsa_a-dsalib_pw.o: lib/libdsa/dsalib_pw.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_pw.o -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_pw.o `test -f 'lib/libdsa/dsalib_pw.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_pw.c; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_pw.c' object='lib/libdsa/libdsa_a-dsalib_pw.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_pw.o `test -f 'lib/libdsa/dsalib_pw.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_pw.c - -lib/libdsa/libdsa_a-dsalib_pw.obj: lib/libdsa/dsalib_pw.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_pw.obj -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_pw.obj `if test -f 'lib/libdsa/dsalib_pw.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_pw.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_pw.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_pw.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='lib/libdsa/dsalib_pw.c' object='lib/libdsa/libdsa_a-dsalib_pw.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_pw.obj `if test -f 'lib/libdsa/dsalib_pw.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_pw.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_pw.c'; fi` - lib/libdsa/libdsa_a-dsalib_util.o: lib/libdsa/dsalib_util.c @am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT lib/libdsa/libdsa_a-dsalib_util.o -MD -MP -MF "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_util.Tpo" -c -o lib/libdsa/libdsa_a-dsalib_util.o `test -f 'lib/libdsa/dsalib_util.c' || echo '$(srcdir)/'`lib/libdsa/dsalib_util.c; \ @am__fastdepCC_TRUE@ then mv -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_util.Tpo" "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_util.Po"; else rm -f "lib/libdsa/$(DEPDIR)/libdsa_a-dsalib_util.Tpo"; exit 1; fi @@ -1856,146 +1615,6 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(libdsa_a_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o lib/libdsa/libdsa_a-dsalib_util.obj `if test -f 'lib/libdsa/dsalib_util.c'; then $(CYGPATH_W) 'lib/libdsa/dsalib_util.c'; else $(CYGPATH_W) '$(srcdir)/lib/libdsa/dsalib_util.c'; fi` -admserv/cgi-ds/ds_addindex-addindex.o: admserv/cgi-ds/addindex.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_addindex-addindex.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Tpo" -c -o admserv/cgi-ds/ds_addindex-addindex.o `test -f 'admserv/cgi-ds/addindex.c' || echo '$(srcdir)/'`admserv/cgi-ds/addindex.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/addindex.c' object='admserv/cgi-ds/ds_addindex-addindex.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_addindex-addindex.o `test -f 'admserv/cgi-ds/addindex.c' || echo '$(srcdir)/'`admserv/cgi-ds/addindex.c - -admserv/cgi-ds/ds_addindex-addindex.obj: admserv/cgi-ds/addindex.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_addindex-addindex.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Tpo" -c -o admserv/cgi-ds/ds_addindex-addindex.obj `if test -f 'admserv/cgi-ds/addindex.c'; then $(CYGPATH_W) 'admserv/cgi-ds/addindex.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/addindex.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-addindex.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/addindex.c' object='admserv/cgi-ds/ds_addindex-addindex.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_addindex-addindex.obj `if test -f 'admserv/cgi-ds/addindex.c'; then $(CYGPATH_W) 'admserv/cgi-ds/addindex.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/addindex.c'; fi` - -admserv/cgi-ds/ds_addindex-init_ds_env.o: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_addindex-init_ds_env.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_addindex-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_addindex-init_ds_env.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_addindex-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c - -admserv/cgi-ds/ds_addindex-init_ds_env.obj: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_addindex-init_ds_env.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_addindex-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_addindex-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_addindex-init_ds_env.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_addindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_addindex-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` - -admserv/cgi-ds/ds_bak2db-ds_bak2db.o: admserv/cgi-ds/ds_bak2db.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_bak2db-ds_bak2db.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Tpo" -c -o admserv/cgi-ds/ds_bak2db-ds_bak2db.o `test -f 'admserv/cgi-ds/ds_bak2db.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_bak2db.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_bak2db.c' object='admserv/cgi-ds/ds_bak2db-ds_bak2db.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_bak2db-ds_bak2db.o `test -f 'admserv/cgi-ds/ds_bak2db.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_bak2db.c - -admserv/cgi-ds/ds_bak2db-ds_bak2db.obj: admserv/cgi-ds/ds_bak2db.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_bak2db-ds_bak2db.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Tpo" -c -o admserv/cgi-ds/ds_bak2db-ds_bak2db.obj `if test -f 'admserv/cgi-ds/ds_bak2db.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_bak2db.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_bak2db.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-ds_bak2db.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_bak2db.c' object='admserv/cgi-ds/ds_bak2db-ds_bak2db.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_bak2db-ds_bak2db.obj `if test -f 'admserv/cgi-ds/ds_bak2db.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_bak2db.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_bak2db.c'; fi` - -admserv/cgi-ds/ds_bak2db-init_ds_env.o: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_bak2db-init_ds_env.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_bak2db-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_bak2db-init_ds_env.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_bak2db-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c - -admserv/cgi-ds/ds_bak2db-init_ds_env.obj: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_bak2db-init_ds_env.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_bak2db-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_bak2db-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_bak2db-init_ds_env.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_bak2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_bak2db-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` - -admserv/cgi-ds/ds_db2bak-ds_db2bak.o: admserv/cgi-ds/ds_db2bak.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2bak-ds_db2bak.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Tpo" -c -o admserv/cgi-ds/ds_db2bak-ds_db2bak.o `test -f 'admserv/cgi-ds/ds_db2bak.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_db2bak.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_db2bak.c' object='admserv/cgi-ds/ds_db2bak-ds_db2bak.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2bak-ds_db2bak.o `test -f 'admserv/cgi-ds/ds_db2bak.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_db2bak.c - -admserv/cgi-ds/ds_db2bak-ds_db2bak.obj: admserv/cgi-ds/ds_db2bak.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2bak-ds_db2bak.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Tpo" -c -o admserv/cgi-ds/ds_db2bak-ds_db2bak.obj `if test -f 'admserv/cgi-ds/ds_db2bak.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_db2bak.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_db2bak.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-ds_db2bak.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_db2bak.c' object='admserv/cgi-ds/ds_db2bak-ds_db2bak.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2bak-ds_db2bak.obj `if test -f 'admserv/cgi-ds/ds_db2bak.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_db2bak.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_db2bak.c'; fi` - -admserv/cgi-ds/ds_db2bak-init_ds_env.o: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2bak-init_ds_env.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_db2bak-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_db2bak-init_ds_env.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2bak-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c - -admserv/cgi-ds/ds_db2bak-init_ds_env.obj: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2bak-init_ds_env.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_db2bak-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2bak-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_db2bak-init_ds_env.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2bak_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2bak-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` - -admserv/cgi-ds/ds_db2ldif-ds_db2ldif.o: admserv/cgi-ds/ds_db2ldif.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2ldif-ds_db2ldif.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Tpo" -c -o admserv/cgi-ds/ds_db2ldif-ds_db2ldif.o `test -f 'admserv/cgi-ds/ds_db2ldif.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_db2ldif.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_db2ldif.c' object='admserv/cgi-ds/ds_db2ldif-ds_db2ldif.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2ldif-ds_db2ldif.o `test -f 'admserv/cgi-ds/ds_db2ldif.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_db2ldif.c - -admserv/cgi-ds/ds_db2ldif-ds_db2ldif.obj: admserv/cgi-ds/ds_db2ldif.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2ldif-ds_db2ldif.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Tpo" -c -o admserv/cgi-ds/ds_db2ldif-ds_db2ldif.obj `if test -f 'admserv/cgi-ds/ds_db2ldif.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_db2ldif.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_db2ldif.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-ds_db2ldif.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_db2ldif.c' object='admserv/cgi-ds/ds_db2ldif-ds_db2ldif.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2ldif-ds_db2ldif.obj `if test -f 'admserv/cgi-ds/ds_db2ldif.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_db2ldif.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_db2ldif.c'; fi` - -admserv/cgi-ds/ds_db2ldif-init_ds_env.o: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2ldif-init_ds_env.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_db2ldif-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_db2ldif-init_ds_env.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2ldif-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c - -admserv/cgi-ds/ds_db2ldif-init_ds_env.obj: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_db2ldif-init_ds_env.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_db2ldif-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_db2ldif-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_db2ldif-init_ds_env.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_db2ldif_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_db2ldif-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` - -admserv/cgi-ds/ds_ldif2db-ds_ldif2db.o: admserv/cgi-ds/ds_ldif2db.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_ldif2db-ds_ldif2db.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Tpo" -c -o admserv/cgi-ds/ds_ldif2db-ds_ldif2db.o `test -f 'admserv/cgi-ds/ds_ldif2db.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_ldif2db.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_ldif2db.c' object='admserv/cgi-ds/ds_ldif2db-ds_ldif2db.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_ldif2db-ds_ldif2db.o `test -f 'admserv/cgi-ds/ds_ldif2db.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_ldif2db.c - -admserv/cgi-ds/ds_ldif2db-ds_ldif2db.obj: admserv/cgi-ds/ds_ldif2db.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_ldif2db-ds_ldif2db.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Tpo" -c -o admserv/cgi-ds/ds_ldif2db-ds_ldif2db.obj `if test -f 'admserv/cgi-ds/ds_ldif2db.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_ldif2db.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_ldif2db.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-ds_ldif2db.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_ldif2db.c' object='admserv/cgi-ds/ds_ldif2db-ds_ldif2db.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_ldif2db-ds_ldif2db.obj `if test -f 'admserv/cgi-ds/ds_ldif2db.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_ldif2db.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_ldif2db.c'; fi` - -admserv/cgi-ds/ds_ldif2db-init_ds_env.o: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_ldif2db-init_ds_env.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_ldif2db-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_ldif2db-init_ds_env.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_ldif2db-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c - -admserv/cgi-ds/ds_ldif2db-init_ds_env.obj: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_ldif2db-init_ds_env.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_ldif2db-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_ldif2db-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_ldif2db-init_ds_env.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_ldif2db_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_ldif2db-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` - admserv/cgi-ds/ds_listdb-ds_listdb.o: admserv/cgi-ds/ds_listdb.c @am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_listdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_listdb-ds_listdb.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_listdb-ds_listdb.Tpo" -c -o admserv/cgi-ds/ds_listdb-ds_listdb.o `test -f 'admserv/cgi-ds/ds_listdb.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_listdb.c; \ @am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_listdb-ds_listdb.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_listdb-ds_listdb.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_listdb-ds_listdb.Tpo"; exit 1; fi @@ -2052,34 +1671,6 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_restart_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_restart-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` -admserv/cgi-ds/ds_rmdb-ds_rmdb.o: admserv/cgi-ds/ds_rmdb.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_rmdb-ds_rmdb.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Tpo" -c -o admserv/cgi-ds/ds_rmdb-ds_rmdb.o `test -f 'admserv/cgi-ds/ds_rmdb.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_rmdb.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_rmdb.c' object='admserv/cgi-ds/ds_rmdb-ds_rmdb.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_rmdb-ds_rmdb.o `test -f 'admserv/cgi-ds/ds_rmdb.c' || echo '$(srcdir)/'`admserv/cgi-ds/ds_rmdb.c - -admserv/cgi-ds/ds_rmdb-ds_rmdb.obj: admserv/cgi-ds/ds_rmdb.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_rmdb-ds_rmdb.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Tpo" -c -o admserv/cgi-ds/ds_rmdb-ds_rmdb.obj `if test -f 'admserv/cgi-ds/ds_rmdb.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_rmdb.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_rmdb.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-ds_rmdb.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/ds_rmdb.c' object='admserv/cgi-ds/ds_rmdb-ds_rmdb.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_rmdb-ds_rmdb.obj `if test -f 'admserv/cgi-ds/ds_rmdb.c'; then $(CYGPATH_W) 'admserv/cgi-ds/ds_rmdb.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/ds_rmdb.c'; fi` - -admserv/cgi-ds/ds_rmdb-init_ds_env.o: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_rmdb-init_ds_env.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_rmdb-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_rmdb-init_ds_env.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_rmdb-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c - -admserv/cgi-ds/ds_rmdb-init_ds_env.obj: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_rmdb-init_ds_env.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_rmdb-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_rmdb-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_rmdb-init_ds_env.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_rmdb_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_rmdb-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` - admserv/cgi-ds/ds_shutdown-shutdown.o: admserv/cgi-ds/shutdown.c @am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_shutdown_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_shutdown-shutdown.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_shutdown-shutdown.Tpo" -c -o admserv/cgi-ds/ds_shutdown-shutdown.o `test -f 'admserv/cgi-ds/shutdown.c' || echo '$(srcdir)/'`admserv/cgi-ds/shutdown.c; \ @am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_shutdown-shutdown.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_shutdown-shutdown.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_shutdown-shutdown.Tpo"; exit 1; fi @@ -2164,34 +1755,6 @@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ @am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_start_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_start-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` -admserv/cgi-ds/ds_vlvindex-vlvindex.o: admserv/cgi-ds/vlvindex.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_vlvindex-vlvindex.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Tpo" -c -o admserv/cgi-ds/ds_vlvindex-vlvindex.o `test -f 'admserv/cgi-ds/vlvindex.c' || echo '$(srcdir)/'`admserv/cgi-ds/vlvindex.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/vlvindex.c' object='admserv/cgi-ds/ds_vlvindex-vlvindex.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_vlvindex-vlvindex.o `test -f 'admserv/cgi-ds/vlvindex.c' || echo '$(srcdir)/'`admserv/cgi-ds/vlvindex.c - -admserv/cgi-ds/ds_vlvindex-vlvindex.obj: admserv/cgi-ds/vlvindex.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_vlvindex-vlvindex.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Tpo" -c -o admserv/cgi-ds/ds_vlvindex-vlvindex.obj `if test -f 'admserv/cgi-ds/vlvindex.c'; then $(CYGPATH_W) 'admserv/cgi-ds/vlvindex.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/vlvindex.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-vlvindex.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/vlvindex.c' object='admserv/cgi-ds/ds_vlvindex-vlvindex.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_vlvindex-vlvindex.obj `if test -f 'admserv/cgi-ds/vlvindex.c'; then $(CYGPATH_W) 'admserv/cgi-ds/vlvindex.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/vlvindex.c'; fi` - -admserv/cgi-ds/ds_vlvindex-init_ds_env.o: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_vlvindex-init_ds_env.o -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_vlvindex-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_vlvindex-init_ds_env.o' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_vlvindex-init_ds_env.o `test -f 'admserv/cgi-ds/init_ds_env.c' || echo '$(srcdir)/'`admserv/cgi-ds/init_ds_env.c - -admserv/cgi-ds/ds_vlvindex-init_ds_env.obj: admserv/cgi-ds/init_ds_env.c - at am__fastdepCC_TRUE@ if $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -MT admserv/cgi-ds/ds_vlvindex-init_ds_env.obj -MD -MP -MF "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Tpo" -c -o admserv/cgi-ds/ds_vlvindex-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi`; \ - at am__fastdepCC_TRUE@ then mv -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Tpo" "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Po"; else rm -f "admserv/cgi-ds/$(DEPDIR)/ds_vlvindex-init_ds_env.Tpo"; exit 1; fi - at AMDEP_TRUE@@am__fastdepCC_FALSE@ source='admserv/cgi-ds/init_ds_env.c' object='admserv/cgi-ds/ds_vlvindex-init_ds_env.obj' libtool=no @AMDEPBACKSLASH@ - at AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ - at am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(ds_vlvindex_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -c -o admserv/cgi-ds/ds_vlvindex-init_ds_env.obj `if test -f 'admserv/cgi-ds/init_ds_env.c'; then $(CYGPATH_W) 'admserv/cgi-ds/init_ds_env.c'; else $(CYGPATH_W) '$(srcdir)/admserv/cgi-ds/init_ds_env.c'; fi` - .cpp.o: @am__fastdepCXX_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`; \ @am__fastdepCXX_TRUE@ if $(CXXCOMPILE) -MT $@ -MD -MP -MF "$$depbase.Tpo" -c -o $@ $<; \ From fedora-directory-commits at redhat.com Wed Nov 14 17:51:58 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 12:51:58 -0500 Subject: [Fedora-directory-commits] adminserver/lib/libdsa dsalib_conf.c, 1.5, 1.6 dsalib_db.c, 1.4, 1.5 dsalib_util.c, 1.3, 1.4 dsalib_dn.c, 1.2, NONE dsalib_filename.c, 1.2, NONE dsalib_ldif.c, 1.3, NONE dsalib_pw.c, 1.2, NONE Message-ID: <200711141751.lAEHpwTl005399@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/lib/libdsa In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/lib/libdsa Modified Files: dsalib_conf.c dsalib_db.c dsalib_util.c Removed Files: dsalib_dn.c dsalib_filename.c dsalib_ldif.c dsalib_pw.c Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: dsalib_conf.c =================================================================== RCS file: /cvs/dirsec/adminserver/lib/libdsa/dsalib_conf.c,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- dsalib_conf.c 31 Aug 2007 17:01:38 -0000 1.5 +++ dsalib_conf.c 14 Nov 2007 17:51:56 -0000 1.6 @@ -139,94 +139,3 @@ } return NULL; } - -static size_t -count_quotes (const char* s) -{ - size_t count = 0; - const char* t = s; - if (t) while ((t = strpbrk (t, "\"\\")) != NULL) { - ++count; - ++t; - } - return count; -} - -DS_EXPORT_SYMBOL char* -ds_enquote_config_value (int paramnum, char* s) -{ - char* result; - char* brkcharset = "\"\\ \t\r\n"; - char *encoded_quote = "22"; /* replace quote with \22 */ - int encoded_quote_len = strlen(encoded_quote); - char *begin = s; - if (*s && ! strpbrk (s, brkcharset) && - ! (paramnum == DS_AUDITFILE || paramnum == DS_ACCESSLOG || -#if defined( XP_WIN32 ) - paramnum == DS_SUFFIX || -#endif - paramnum == DS_ERRORLOG)) { - result = s; - } else { - char* t = malloc (strlen (s) + count_quotes (s) + 3); - result = t; - *t++ = '"'; - while (*s) { - switch (*s) { - - case '"': - /* convert escaped quotes by replacing the quote with - escape code e.g. 22 so that \" is converted to \22 "*/ - if ((s > begin) && (*(s - 1) == '\\')) - { - strcpy(t, encoded_quote); - t += encoded_quote_len; - } - else /* unescaped ", just replace with \22 "*/ - { - *t++ = '\\'; - strcpy(t, encoded_quote); - t += encoded_quote_len; - } - ++s; - break; - - default: - *t++ = *s++; /* just copy it */ - break; - } - } - *t++ = '"'; - *t = '\0'; - } - return result; -} - -DS_EXPORT_SYMBOL char* -ds_DNS_to_DN (char* DNS) -{ - static const char* const RDN = "dc="; - char* DN; - char* dot; - size_t components; - if (DNS == NULL || *DNS == '\0') { - return strdup (""); - } - components = 1; - for (dot = strchr (DNS, '.'); dot != NULL; dot = strchr (dot + 1, '.')) { - ++components; - } - DN = malloc (strlen (DNS) + (components * strlen(RDN)) + 1); - strcpy (DN, RDN); - for (dot = strchr (DNS, '.'); dot != NULL; dot = strchr (dot + 1, '.')) { - *dot = '\0'; - strcat (DN, DNS); - strcat (DN, ","); - strcat (DN, RDN); - DNS = dot + 1; - *dot = '.'; - } - strcat (DN, DNS); - dn_normalize (DN); - return DN; -} Index: dsalib_db.c =================================================================== RCS file: /cvs/dirsec/adminserver/lib/libdsa/dsalib_db.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- dsalib_db.c 24 Jul 2007 20:10:18 -0000 1.4 +++ dsalib_db.c 14 Nov 2007 17:51:56 -0000 1.5 @@ -80,308 +80,3 @@ return(bak_dirs); } - -/* - * Restore a database based on a backup directory name. - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_bak2db(char *file) -{ - char startup_line[BIG_LINE]; - char statfile[PATH_MAX]; - char *tmp_dir; - char *instdir; - int haderror = 0; - int error = -1; - int status; - FILE *sf = NULL; - struct stat fstats; - - if ( file == NULL ) { - return DS_NULL_PARAMETER; - } - status = ds_get_updown_status(); - if ( status == DS_SERVER_UP ) { - return DS_SERVER_MUST_BE_DOWN; - } - if ( (instdir = ds_get_instance_dir()) == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - if ( file[strlen(file) - 1] == '\n' ) /* strip out returns */ - file[strlen(file) - 1] = '\0'; - - if( stat( file, &fstats ) == -1 && errno == ENOENT ) { - return DS_CANNOT_OPEN_BACKUP_FILE; - } else if( !(fstats.st_mode & S_IFDIR) ) { - return DS_NOT_A_DIRECTORY; - } - - tmp_dir = ds_get_tmp_dir(); - PR_snprintf(statfile, PATH_MAX, "%s%cbak2db.%d", tmp_dir, FILE_SEP, (int)getpid()); - PR_snprintf(startup_line, BIG_LINE, - "%s%cbak2db " - "%s%s%s > " - "%s%s%s 2>&1", - instdir, FILE_SEP, - ENQUOTE, file, ENQUOTE, - ENQUOTE, statfile, ENQUOTE ); - alter_startup_line(startup_line); - fflush(0); - error = system(startup_line); - fflush(0); - if ( error == -1 ) { - return DS_CANNOT_EXEC; - } - fflush(0); - if( !(sf = fopen(statfile, "r")) ) { - return DS_CANNOT_OPEN_STAT_FILE; - } - - while ( fgets(startup_line, BIG_LINE, sf) ) { - if ((strstr(startup_line, "- Restoring file")) || - (strstr(startup_line, "- Checkpointing"))) { - ds_show_message(startup_line); - } else { - haderror = 1; - ds_send_error(startup_line, 0); - } - } - - fclose(sf); - unlink(statfile); - - if ( haderror ) - return DS_UNKNOWN_ERROR; - return 0; -} - -/* - * Create a backup based on a file name. - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_db2bak(char *file) -{ - char startup_line[BIG_LINE]; - char statfile[PATH_MAX]; - char *tmp_dir; - char *instdir; - int haderror = 0; - int error = -1; - FILE *sf = NULL; - int lite = 0; -#ifdef XP_WIN32 - time_t ltime; -#endif - - if ( (instdir = ds_get_instance_dir()) == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - if ( (file == NULL) || (strlen(file) == 0) ) - file = NULL; - - tmp_dir = ds_get_tmp_dir(); - PR_snprintf(statfile, PATH_MAX, "%s%cdb2bak.%d", tmp_dir, FILE_SEP, (int)getpid()); - - -#if defined( XP_WIN32 ) - if( file == NULL ) - { - file = malloc( BIG_LINE ); - - time( <ime ); - PR_snprintf( file, BIG_LINE, "%s", ctime( <ime ) ); - ds_timetofname( file ); - } - - /* Check if the directory exists or can be created */ - if ( !ds_file_exists( file ) ) { - char *errmsg = ds_mkdir_p( file, NEWDIR_MODE ); - if( errmsg != NULL ) { -/* ds_send_error(errmsg, 10); - */ - return DS_CANNOT_CREATE_DIRECTORY; - } - } -#endif - -/* DBDB: note on the following line. - * Originally this had quotes round the directory name. - * I found that this made the script not work becuase - * a path of the form "foo"/bar/"baz" was passed to slapd. - * the c runtime didn't like this. Perhaps there's a simple - * solution, but for now I've modified this line here to - * not quote the directory name. This means that backup - * directories can't have spaces in them. - */ - - - PR_snprintf(startup_line, sizeof(startup_line), - "%s%cdb2bak " - "%s%s%s > " - "%s%s%s 2>&1", - instdir, FILE_SEP, - ENQUOTE, - (file == NULL) ? "" : file, - ENQUOTE, - ENQUOTE, statfile, ENQUOTE); - - PATH_FOR_PLATFORM( startup_line ); - alter_startup_line(startup_line); - fflush(0); - error = system(startup_line); - if ( error == -1 ) { - return DS_CANNOT_EXEC; - } - if( !(sf = fopen(statfile, "r")) ) { - return DS_CANNOT_OPEN_STAT_FILE; - } - - while ( fgets(startup_line, BIG_LINE, sf) ) { - if (strstr(startup_line, " - Backing up file") || - strstr(startup_line, " - Checkpointing database")) { - ds_show_message(startup_line); - } else { - haderror = 1; - if (strstr ( startup_line, "restricted mode")) { - lite = 1; - } - ds_send_error(startup_line, 0); - } - } - fclose(sf); - unlink(statfile); - - if ( lite && haderror ) - return DS_HAS_TOBE_READONLY_MODE; - - if ( haderror ) - return DS_UNKNOWN_ERROR; - return 0; -} - -static void -process_and_report( char *line, int line_size, FILE *cmd ) -{ - while(fgets(line, line_size, cmd)) { - /* Strip off line feeds */ - int ind = strlen( line ) - 1; - while ( (ind >= 0) && - ((line[ind] == '\n') || - (line[ind] == '\r')) ) { - line[ind] = 0; - ind--; - } - if ( ind < 1 ) { - continue; - } - ds_send_status(line); - } -} - -static int exec_and_report( char *startup_line ) -{ - FILE *cmd = NULL; - char line[BIG_LINE]; - int haderror = 0; - - PATH_FOR_PLATFORM( startup_line ); - alter_startup_line(startup_line); - - /* - fprintf( stdout, "Launching <%s>\n", startup_line ); - */ - - fflush(0); - cmd = popen(startup_line, "r"); - if(!cmd) { - return DS_CANNOT_EXEC; - } - process_and_report( line, sizeof(line), cmd ); - pclose(cmd); - - /* - ** The VLV indexing code prints OK, - ** if the index was successfully created. - */ - if (strcmp(line,"OK")==0) { - haderror = 0; - } else { - haderror = DS_UNKNOWN_ERROR; - } - - return haderror; -} - -/* - * Create a vlv index - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_vlvindex(char **backendList, char **vlvList) -{ - char startup_line[BIG_LINE]; - char *instdir; - char **vlvc = NULL; - - - instdir = ds_get_instance_dir(); - if ( instdir == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - PR_snprintf(startup_line, sizeof(startup_line), "%s/%s db2index " - "-D %s%s/%s " - "-n %s ", - CMDBINDIR, SLAPD_NAME, - ENQUOTE, instdir, ENQUOTE, - backendList[0]); - - - /* Create vlv TAG */ - vlvc=vlvList; - while( *vlvc != NULL ) { - PR_snprintf( startup_line, sizeof(startup_line), "%s -T %s%s%s", startup_line,"\"",*vlvc,"\"" ); - vlvc++; - } - - return exec_and_report( startup_line ); -} - -/* - * Create one or more indexes - * 0: success - * anything else: failure - */ -DS_EXPORT_SYMBOL int -ds_addindex(char **attrList, char *backendName) -{ - char startup_line[BIG_LINE]; - char *instdir; - - instdir = ds_get_instance_dir(); - - if ( instdir == NULL ) { - return DS_NO_INSTANCE_DIR; - } - - PR_snprintf(startup_line, sizeof(startup_line), "%s/%s db2index " - "-D %s%s%s " - "-n %s", - CMDBINDIR, SLAPD_NAME, - ENQUOTE, instdir, ENQUOTE, - backendName); - - while( *attrList != NULL ) { - PR_snprintf( startup_line, sizeof(startup_line), "%s -t %s", startup_line, *attrList ); - attrList++; - } - - return exec_and_report( startup_line ); -} Index: dsalib_util.c =================================================================== RCS file: /cvs/dirsec/adminserver/lib/libdsa/dsalib_util.c,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- dsalib_util.c 31 Aug 2007 17:01:38 -0000 1.3 +++ dsalib_util.c 14 Nov 2007 17:51:56 -0000 1.4 @@ -81,51 +81,6 @@ return 0; } -DS_EXPORT_SYMBOL int -ds_mkdir(char *dir, int mode) -{ - if(!ds_file_exists(dir)) { -#ifdef XP_UNIX - if(mkdir(dir, mode) == -1) -#else /* XP_WIN32 */ - if(!CreateDirectory(dir, NULL)) -#endif /* XP_WIN32 */ - return -1; - } - return 0; -} - - -DS_EXPORT_SYMBOL char * -ds_mkdir_p(char *dir, int mode) -{ - static char errmsg[ERR_SIZE]; - struct stat fi; - char *t; - -#ifdef XP_UNIX - t = dir + 1; -#else /* XP_WIN32 */ - t = dir + 3; -#endif /* XP_WIN32 */ - - while(1) { - t = strchr(t, FILE_PATHSEP); - - if(t) *t = '\0'; - if(stat(dir, &fi) == -1) { - if(ds_mkdir(dir, mode) == -1) { - PR_snprintf(errmsg, sizeof(errmsg), "mkdir %s failed (%s)", dir, ds_system_errmsg()); - return errmsg; - } - } - if(t) *t++ = FILE_PATHSEP; - else break; - } - return NULL; -} - - /* * Given the name of a directory, return a NULL-terminated array of * the file names contained in that directory. Returns NULL if the directory @@ -210,100 +165,6 @@ } #endif /* ( XP_WIN32 ) */ - -DS_EXPORT_SYMBOL time_t -ds_get_mtime(char *filename) -{ - struct stat fi; - - if ( stat(filename, &fi) ) - return 0; - return fi.st_mtime; -} - -/* - * Copy files: return is - * 1: success - * 0: failure - * Print errors as needed. - */ -DS_EXPORT_SYMBOL int -ds_cp_file(char *sfile, char *dfile, int mode) -{ -#if defined( XP_WIN32 ) - return( CopyFile( sfile, dfile, FALSE ) ); /* Copy even if dfile exists */ -#else - int sfd, dfd, len; - struct stat fi; - char copy_buffer[COPY_BUFFER_SIZE]; - unsigned long read_len; - char error[BIG_LINE]; - -/* Make sure we're in the right umask */ - umask(022); - - if( (sfd = open(sfile, O_RDONLY)) == -1) { - PR_snprintf(error, sizeof(error), "Can't open file %s for reading.", sfile); - ds_send_error(error, 1); - return(0); - } - - fstat(sfd, &fi); - if (!(S_ISREG(fi.st_mode))) { - PR_snprintf(error, sizeof(error), "File %s is not a regular file.", sfile); - ds_send_error(error, 1); - close(sfd); - return(0); - } - len = fi.st_size; - - if( (dfd = open(dfile, O_RDWR | O_CREAT | O_TRUNC, mode)) == -1) { - PR_snprintf(error, sizeof(error), "can't write to file %s", dfile); - ds_send_error(error, 1); - close(sfd); - return(0); - } - while (len) { - read_len = len>COPY_BUFFER_SIZE?COPY_BUFFER_SIZE:len; - - if ( (read_len = read(sfd, copy_buffer, read_len)) == -1) { - PR_snprintf(error, sizeof(error), "Error reading file %s for copy.", sfile); - ds_send_error(error, 1); - close(sfd); - close(dfd); - return(0); - } - - if ( write(dfd, copy_buffer, read_len) != read_len) { - PR_snprintf(error, sizeof(error), "Error writing file %s for copy.", dfile); - ds_send_error(error, 1); - close(sfd); - close(dfd); - return(0); - } - - len -= read_len; - } - close(sfd); - close(dfd); - return(1); -#endif -} - -DS_EXPORT_SYMBOL void -ds_unixtodospath(char *szText) -{ - if(szText) - { - while(*szText) - { - if( *szText == '/' ) - *szText = '\\'; - szText++; - } - } -} - /* converts '\' chars to '/' */ DS_EXPORT_SYMBOL void ds_dostounixpath(char *szText) @@ -319,134 +180,6 @@ } } -/* converts ':' chars to ' ' */ -DS_EXPORT_SYMBOL void -ds_timetofname(char *szText) -{ - if(szText) - { - /* Replace trailing newline */ - szText[ strlen( szText ) -1 ] = 0; - while(*szText) - { - if( *szText == ':' || - *szText == ' ' ) - *szText = '_'; - szText++; - } - } -} - -/* Effects a rename in 2 steps, needed on NT because if the -target of a rename() already exists, the rename() will fail. */ -DS_EXPORT_SYMBOL int -ds_saferename(char *szSrc, char *szTarget) -{ -#ifdef XP_WIN32 - int iRetVal; - char *szTmpFile; - struct stat buf; -#endif - - if( !szSrc || !szTarget ) - return 1; - -#if defined( XP_WIN32 ) - - szTmpFile = mktemp("slrnXXXXXX" ); - if( stat( szTarget, &buf ) == 0 ) - { - /* Target file exists */ - if( !szTmpFile ) - return 1; - - if( !ds_cp_file( szTarget, szTmpFile, 0644) ) - return( 1 ); - - unlink( szTarget ); - if( (iRetVal = rename( szSrc, szTarget )) != 0 ) - { - /* Failed to rename, copy back. */ - ds_cp_file( szTmpFile, szTarget, 0644); - } - /* Now remove temp file */ - unlink( szTmpFile ); - } - else - iRetVal = rename(szSrc, szTarget); - - return iRetVal; -#else - return rename(szSrc, szTarget); -#endif - -} - -DS_EXPORT_SYMBOL char* -ds_encode_all (const char* s) -{ - char* r; - size_t l; - size_t i; - if (s == NULL || *s == '\0') { - return strdup (""); - } - l = strlen (s); - r = malloc (l * 3 + 1); - for (i = 0; *s != '\0'; ++s) { - r[i++] = '%'; - sprintf (r + i, "%.2X", 0xFF & (unsigned int)*s); - i += 2; - } - r[i] = '\0'; - return r; -} - -DS_EXPORT_SYMBOL char* -ds_URL_encode (const char* s) -{ - char* r; - size_t l; - size_t i; - if (s == NULL || *s == '\0') { - return strdup (""); - } - l = strlen (s) + 1; - r = malloc (l); - for (i = 0; *s != '\0'; ++s) { - if (*s >= 0x20 && *s <= 0x7E && strchr (" <>\"#%{}[]|\\^~`?,;=+\n", *s) == NULL) { - if (l - i <= 1) r = realloc (r, l *= 2); - r[i++] = *s; - } else { /* encode *s */ - if (l - i <= 3) r = realloc (r, l *= 2); - r[i++] = '%'; - sprintf (r + i, "%.2X", 0xFF & (unsigned int)*s); - i += 2; - } - } - r[i] = '\0'; - return r; -} - -DS_EXPORT_SYMBOL char* -ds_URL_decode (const char* original) -{ - char* r = strdup (original); - char* s; - for (s = r; *s != '\0'; ++s) { - if (*s == '+') { - *s = ' '; - } - else if (*s == '%' && isxdigit(s[1]) && isxdigit(s[2])) { - memmove (s, s+1, 2); - s[2] = '\0'; - *s = (char)strtoul (s, NULL, 16); - memmove (s+1, s+3, strlen (s+3) + 1); - } - } - return r; -} - #if !defined( XP_WIN32 ) #include /* errno */ #include /* getpwnam */ @@ -547,26 +280,6 @@ #endif } -/* - * When a path containing a long filename is passed to system(), the call - * fails. Therfore, we need to use the short version of the path, when - * constructing the path to pass to system(). - */ -DS_EXPORT_SYMBOL char* -ds_makeshort( char * filepath ) -{ -#if defined( XP_WIN32 ) - char *shortpath = malloc( MAX_PATH ); - DWORD dwStatus; - if( shortpath ) - { - dwStatus = GetShortPathName( filepath, shortpath, MAX_PATH ); - return( shortpath ); - } -#endif - return filepath; -} - /* returns 1 if string "searchstring" found in file "filename" */ /* if found, returnstring is allocated and filled with the line */ /* caller should release the memory */ @@ -711,46 +424,6 @@ return; } -DS_EXPORT_SYMBOL void -ds_show_key_value(char *key, char *value) -{ - FILE *logfp; - printf("%s%s%s\n", key, SEPARATOR, value); - - if ((logfp = get_logfp())) { - fprintf(logfp, "%s%s%s\n", key, SEPARATOR, value); - fclose(logfp); - } - return; -} - -/* Stolen from the Admin Server dsgw_escape_for_shell */ -DS_EXPORT_SYMBOL char * -ds_escape_for_shell( char *s ) -{ - char *escaped; - char tmpbuf[4]; - size_t x,l; - - if ( s == NULL ) { - return( s ); - } - - l = 3 * strlen( s ) + 1; - escaped = malloc( l ); - memset( escaped, 0, l ); - for ( x = 0; s[x]; x++ ) { - if (( (unsigned char)s[x] & 0x80 ) == 0 ) { - strncat( escaped, &s[x], 1 ); - } else { - /* not an ASCII character - escape it */ - sprintf( tmpbuf, "\\%x", (unsigned)(((unsigned char)(s[x])) & 0xff) ); - strcat( escaped, tmpbuf ); - } - } - return( escaped ); -} - DS_EXPORT_SYMBOL char * ds_system_errmsg(void) { --- dsalib_dn.c DELETED --- --- dsalib_filename.c DELETED --- --- dsalib_ldif.c DELETED --- --- dsalib_pw.c DELETED --- From fedora-directory-commits at redhat.com Wed Nov 14 17:51:58 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 12:51:58 -0500 Subject: [Fedora-directory-commits] adminserver/include/libdsa dsalib.h, 1.5, 1.6 Message-ID: <200711141751.lAEHpwxh005391@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/include/libdsa In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5290/adminserver/include/libdsa Modified Files: dsalib.h Log Message: Resolves: bug 186280 Bug Description: Close potential security vulnerabilities in CGI code Reviewed by: nhosoi (Thanks!) Fix Description: This is for the CGIs moved into adminserver from ds. There is quite a bit of code here that we don't use anymore. We can also get rid of Import.java and Export.java in the ds console code. This addresses the security issues because, even though the console doesn't ever call the tasks that invoke the CGIs for db2ldif, ldif2db, etc. a malicious user could still attempt to invoke a task remotely and pass in bogus file and directory names. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: dsalib.h =================================================================== RCS file: /cvs/dirsec/adminserver/include/libdsa/dsalib.h,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- dsalib.h 31 Aug 2007 17:01:38 -0000 1.5 +++ dsalib.h 14 Nov 2007 17:51:56 -0000 1.6 @@ -119,12 +119,6 @@ #endif #endif -#if defined( XP_WIN32 ) - #define PATH_FOR_PLATFORM(_path) ds_unixtodospath(_path) -#else - #define PATH_FOR_PLATFORM(_path) -#endif - #define START_SCRIPT "start-slapd" #define RESTART_SCRIPT "restart-slapd" #define STOP_SCRIPT "stop-slapd" @@ -230,14 +224,6 @@ extern struct ds_cfg_info ds_cfg_info[]; -#define LDBM_DATA_SIZE 5 - -/*ldbm specific backend information*/ -struct ldbm_data { - char *tv[LDBM_DATA_SIZE][2]; /*type and value*/ -}; - - /* * varname for ds_showparam() * NOTE: these must be kept in synch with the ds_cfg_info array defined @@ -284,9 +270,6 @@ extern DS_EXPORT_SYMBOL char *ds_get_server_name(); extern DS_EXPORT_SYMBOL void ds_send_error(char *errstr, int print_errno); extern DS_EXPORT_SYMBOL void ds_send_status(char *str); -extern DS_EXPORT_SYMBOL char *ds_get_cgi_var(char *cgi_var_name); -extern DS_EXPORT_SYMBOL char *ds_get_cgi_var_simple(int index); -extern DS_EXPORT_SYMBOL char *ds_get_cgi_multiple(char *cgi_var_name); extern DS_EXPORT_SYMBOL char *ds_get_errors_name(); extern DS_EXPORT_SYMBOL char *ds_get_access_name(); extern DS_EXPORT_SYMBOL char *ds_get_audit_name(); @@ -298,19 +281,7 @@ extern DS_EXPORT_SYMBOL int ds_get_file_size(char *fileName); extern DS_EXPORT_SYMBOL void ds_display_tail(char *fileName, int timeOut, int startSeek, char *doneMsg, char *lastLine); -extern DS_EXPORT_SYMBOL int ds_ldif2db_preserve(char *file); -extern DS_EXPORT_SYMBOL int ds_ldif2db(char *file); -extern DS_EXPORT_SYMBOL int ds_ldif2db_backend_subtree(char *file, char *backend, char *subtree); -extern DS_EXPORT_SYMBOL int ds_db2ldif(char *file); -extern DS_EXPORT_SYMBOL int ds_vlvindex(char **backendList, char **attrList); -extern DS_EXPORT_SYMBOL int ds_addindex(char **attrList, char *backendName); -extern DS_EXPORT_SYMBOL int ds_db2ldif_subtree(char *file, char *subtree); extern DS_EXPORT_SYMBOL char **ds_get_bak_dirs(); -extern DS_EXPORT_SYMBOL int ds_db2bak(char *file); -extern DS_EXPORT_SYMBOL int ds_bak2db(char *file); -extern DS_EXPORT_SYMBOL int ds_get_monitor(int frontend, char *port); -extern DS_EXPORT_SYMBOL int ds_get_bemonitor(char *bemdn, char *port); -extern DS_EXPORT_SYMBOL int ds_client_access(char *port, char *dn); extern DS_EXPORT_SYMBOL char **ds_get_config(int type); extern DS_EXPORT_SYMBOL char *ds_get_config_dir(); extern DS_EXPORT_SYMBOL void ds_set_config_dir(char *config_dir); @@ -318,84 +289,15 @@ extern DS_EXPORT_SYMBOL void ds_set_run_dir(char *run_dir); extern DS_EXPORT_SYMBOL char *ds_get_bak_dir(); extern DS_EXPORT_SYMBOL void ds_set_bak_dir(char *bak_dir); -extern DS_EXPORT_SYMBOL char *ds_get_pwenc(char *passwd_hash, char *password); extern DS_EXPORT_SYMBOL int ds_check_config(int type); -extern DS_EXPORT_SYMBOL int ds_check_pw(char *pwhash, char *pwclear); -extern DS_EXPORT_SYMBOL int ds_set_config(char *change_file_name); extern DS_EXPORT_SYMBOL char **ds_get_conf_from_file(FILE *conf); -extern DS_EXPORT_SYMBOL void ds_display_config(char **ds_config); extern DS_EXPORT_SYMBOL char *ds_get_var_name(int varnum); -extern DS_EXPORT_SYMBOL int ds_showparam(char **ds_config, int varname, int phase, - int occurance, char *dispname, int size, int maxlength, unsigned flags, - char *url); -extern DS_EXPORT_SYMBOL void ds_show_pwmaxage(char *value); -extern DS_EXPORT_SYMBOL void ds_show_pwhash(char *value); extern DS_EXPORT_SYMBOL char *ds_get_value(char **ds_config, char *parm, int phase, int occurance); -extern DS_EXPORT_SYMBOL void ds_apply_cfg_changes(int param_list[], int changed); -extern DS_EXPORT_SYMBOL int ds_commit_cfg_changes(); -extern DS_EXPORT_SYMBOL int ds_config_updated(); -extern DS_EXPORT_SYMBOL void ds_display_header(char *font_size, char *header); -extern DS_EXPORT_SYMBOL void ds_display_message(char *font_size, char *header); -extern DS_EXPORT_SYMBOL void ds_print_file_form(char *action, char *fileptr, char *full_fileptr); -extern DS_EXPORT_SYMBOL char *ds_get_file_meaning(char *file); -extern DS_EXPORT_SYMBOL void ds_print_file_name(char *fileptr); extern DS_EXPORT_SYMBOL int ds_file_exists(char *filename); -extern DS_EXPORT_SYMBOL int ds_cp_file(char *sfile, char *dfile, int mode); -extern DS_EXPORT_SYMBOL time_t ds_get_mtime(char *filename); extern DS_EXPORT_SYMBOL char *ds_get_config_value( int option ); extern DS_EXPORT_SYMBOL char **ds_get_file_list( char *dir ); extern DS_EXPORT_SYMBOL char *ds_get_tmp_dir(); -extern DS_EXPORT_SYMBOL void ds_unixtodospath(char *szText); -extern DS_EXPORT_SYMBOL void ds_timetofname(char *szText); extern DS_EXPORT_SYMBOL void ds_dostounixpath(char *szText); -extern DS_EXPORT_SYMBOL int ds_saferename(char *szSrc, char *szTarget); -extern DS_EXPORT_SYMBOL char *get_specific_help_button(char *help_link, - char *dispname, char *helpinfo); - -/* Change the DN to a canonical format (in place); return DN. */ -extern DS_EXPORT_SYMBOL char* dn_normalize (char* DN); - -/* Change the DN to a canonical format (in place) and convert to v3; return DN. */ -extern DS_EXPORT_SYMBOL char* dn_normalize_convert (char* DN); - -/* if dn contains an unescaped quote return true */ -extern DS_EXPORT_SYMBOL int ds_dn_uses_LDAPv2_quoting(const char *dn); - -/* Return a copy of the DN, but with optional whitespace inserted. */ -extern DS_EXPORT_SYMBOL char* ds_dn_expand (char* DN); - -/* Return the value if it can be stored 'as is' in a config file. - If it requires enquoting, allocate and return its enquoted form. - The caller should free() the returned pointer iff it's != value. - On Windows, we don't want to double up on "\" characters in filespecs, - so we need to pass in the value type */ -extern DS_EXPORT_SYMBOL char* ds_enquote_config_value (int paramnum, char* value); - -/* - * Bring up a javascript alert. - */ -extern DS_EXPORT_SYMBOL void ds_alert_user(char *header, char *message); - -/* Construct and return the DN that corresponds to the give DNS name. - The caller should free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_DNS_to_DN (char* DNS); - -/* Construct and return the DN of the LDAP server's own entry. - The caller must NOT free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_get_config_DN (char** ds_config); - -/* Encode characters, as described in RFC 1738 section 2.2, - if they're 'unsafe' (as defined in RFC 1738), or '?' or - (as defined in RFC 1779). - The caller should free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_URL_encode (const char*); - -/* Decode characters, as described in RFC 1738 section 2.2. - The caller should free() the returned pointer. */ -extern DS_EXPORT_SYMBOL char* ds_URL_decode (const char*); - -/* Encode all characters, even if 'safe' */ -extern DS_EXPORT_SYMBOL char* ds_encode_all (const char*); /* Change the effective UID and GID of this process to those associated with the given localuser (if any). */ @@ -409,8 +311,6 @@ what they were before calling ds_become_localuser(). */ extern DS_EXPORT_SYMBOL char* ds_become_original(); -extern DS_EXPORT_SYMBOL char* ds_makeshort(char *filepath); - extern DS_EXPORT_SYMBOL int ds_search_file(char *filename, char *searchstring, char **returnstring); /* Display an error to the user and exit from a CGI */ @@ -419,34 +319,13 @@ /* Display a warning to the user */ extern DS_EXPORT_SYMBOL void ds_report_warning(int type, char *errmsg, char *details); -/* These functions are used by the program to alter the output behaviour -if not executing in a CGI context */ -extern DS_EXPORT_SYMBOL int ds_get_formatted_output(void); -extern DS_EXPORT_SYMBOL void ds_set_formatted_output(int val); - /* show a message to be parsed by the non-HTML front end */ extern DS_EXPORT_SYMBOL void ds_show_message(const char *message); -/* show a key/value pair to be parsed by the non-HTML front end */ -extern DS_EXPORT_SYMBOL void ds_show_key_value(char *key, char *value); - -extern DS_EXPORT_SYMBOL void ds_submit(char *helptarget) ; -extern DS_EXPORT_SYMBOL char *ds_get_helpbutton(char *topic); - extern DS_EXPORT_SYMBOL void alter_startup_line(char *startup_line); -extern DS_EXPORT_SYMBOL int ds_dir_exists(char *fn); -extern DS_EXPORT_SYMBOL int ds_mkdir(char *dir, int mode); -extern DS_EXPORT_SYMBOL char *ds_mkdir_p(char *dir, int mode); -extern DS_EXPORT_SYMBOL char *ds_salted_sha1_pw_enc (char* pwd); -extern DS_EXPORT_SYMBOL char * ds_escape_for_shell( char *s ); - -extern DS_EXPORT_SYMBOL char **ds_string_to_vec(char *s); - extern DS_EXPORT_SYMBOL char *ds_system_errmsg(void); -extern DS_EXPORT_SYMBOL int ds_exec_and_report(char *cmd); - /* remove a registry key and report an error message if unsuccessful */ From fedora-directory-commits at redhat.com Wed Nov 14 17:53:47 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 14 Nov 2007 12:53:47 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/passthru ptconfig.c, 1.7, 1.8 Message-ID: <200711141753.lAEHrlKc005454@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/passthru In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5435/ldapserver/ldap/servers/plugins/passthru Modified Files: ptconfig.c Log Message: Resolves: bug 197997 Bug Description: PTA config parsing broken Reviewed by: nhosoi (Thanks!) Fix Description: The problem is that it is very difficult to use a comma as a delimiter between the url and the optional settings. This is because the suffix may contain many commas. The argument string may look like this: ldap://host1:port1 host2:port2 .... hostN:portN/a,long,suffix1:a,long,suffix2;....;a,long,suffixN optional,numeric,settings The ldap url may not contain any spaces after the hostlist - the suffixlist part must contain only url encoded spaces if the suffix actually has a space in it. So the solution is to use a space to separate the url from the options list. The parser looks for the first space after the last "/" in the url. This should be ok - at least it will not break the most common use of pta, which is to allow the config DS admin user to log into servers that do not have the o=NetscapeRoot. setup will use something like this: ldap://configdshost:configdsport/o=NetscapeRoot with not optional settings - this should parse just fine with the new code. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: ptconfig.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/passthru/ptconfig.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- ptconfig.c 28 Sep 2007 22:46:50 -0000 1.7 +++ ptconfig.c 14 Nov 2007 17:53:44 -0000 1.8 @@ -131,10 +131,29 @@ */ prevsrvr = NULL; for ( i = 0; i < argc; ++i ) { + char *p = NULL; srvr = (PassThruServer *)slapi_ch_calloc( 1, sizeof( PassThruServer )); srvr->ptsrvr_url = slapi_ch_strdup( argv[i] ); - if (( p = strchr( srvr->ptsrvr_url, ',' )) == NULL ) { + /* since the ldap url may contain both spaces (to delimit multiple hosts) + and commas (in suffixes), we have to search for the first space + after the last /, then look for any commas after that + This assumes the ldap url looks like this: + ldap(s)://host:port host:port .... host:port/suffixes + That is, it assumes there is always a trailing slash on the ldapurl + and that the url does not look like this: ldap://host + also assumes suffixes do not have any / in them + */ + if (p = strrchr(srvr->ptsrvr_url, '/')) { /* look for last / */ + p = strchr(p, ' '); /* look for first space after last / */ + if (p) { + if (!strchr(p, ',')) { /* no comma */ + p = NULL; /* just use defaults */ + } + } + } + + if (!p) { /* * use defaults for maxconnections, maxconcurrency, timeout, * LDAP version, and connlifetime. @@ -152,7 +171,7 @@ * maxconnections,maxconcurrency,timeout,ldapversion * OR maxconnections,maxconcurrency,timeout,ldapversion,lifetime */ - *p++ = '\0'; + *p++ = '\0'; /* p points at space preceding optional arguments */ rc = sscanf( p, "%d,%d,%d,%d,%d", &srvr->ptsrvr_maxconnections, &srvr->ptsrvr_maxconcurrency, &tosecs, &srvr->ptsrvr_ldapversion, &srvr->ptsrvr_connlifetime ); From fedora-directory-commits at redhat.com Wed Nov 14 20:18:55 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 14 Nov 2007 15:18:55 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd daemon.c, 1.17, 1.18 Message-ID: <200711142018.lAEKItjH002740@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2709 Modified Files: daemon.c Log Message: Resolves: #383141 Summary: listenhost: hostname associated with multiple addresses 1) parentheses were needed around *addr, which should have been evaluated before the array. 2) fixed a small memory leak. Index: daemon.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/daemon.c,v retrieving revision 1.17 retrieving revision 1.18 diff -u -r1.17 -r1.18 --- daemon.c 18 Oct 2007 00:08:34 -0000 1.17 +++ daemon.c 14 Nov 2007 20:18:53 -0000 1.18 @@ -2870,11 +2870,11 @@ slapi_ch_free ((void**)&netaddr); } *addr = (PRNetAddr **)slapi_ch_calloc(2, sizeof (PRNetAddr *)); - *addr[0] = netaddr; + (*addr)[0] = netaddr; } else if (PR_SUCCESS == PR_StringToNetAddr(listenhost, netaddr)) { /* PR_StringNetAddr newer than NSPR v4.6.2 supports both IPv4&v6 */; *addr = (PRNetAddr **)slapi_ch_calloc(2, sizeof (PRNetAddr *)); - *addr[0] = netaddr; + (*addr)[0] = netaddr; } else { PRAddrInfo *infop = PR_GetAddrInfoByName( listenhost, PR_AF_UNSPEC, (PR_AI_ADDRCONFIG|PR_AI_NOCANONNAME) ); @@ -2901,9 +2901,10 @@ for ( i = 0; i < addrcnt; i++ ) { iter = PR_EnumerateAddrInfo( iter, infop, 0, netaddr ); if ( NULL == iter ) { + slapi_ch_free((void **)&netaddr); /* not used */ break; } - *addr[i] = netaddr; + (*addr)[i] = netaddr; netaddr = (PRNetAddr *)slapi_ch_calloc(1, sizeof(PRNetAddr)); } } From fedora-directory-commits at redhat.com Wed Nov 14 23:42:45 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Wed, 14 Nov 2007 18:42:45 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/cgi-src40 security.c, 1.12, 1.13 Message-ID: <200711142342.lAENgjof002024@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/adminserver/admserv/cgi-src40 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1999 Modified Files: security.c Log Message: Resolves: 370071 Summary: Fixed issues with loading CRL files. Index: security.c =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- security.c 31 Oct 2007 05:30:53 -0000 1.12 +++ security.c 14 Nov 2007 23:42:43 -0000 1.13 @@ -93,8 +93,10 @@ #define FOOTER "-----END CERTIFICATE-----" #define HEADERREQUEST "-----BEGIN %s CERTIFICATE REQUEST-----\n" #define FOOTERREQUEST "\n-----END %s CERTIFICATE REQUEST-----\n" -#define CRLHEADER "-----BEGIN X509 CRL-----" -#define CRLFOOTER "-----END X509 CRL-----" +#define X509CRLHEADER "-----BEGIN X509 CRL-----" +#define X509CRLFOOTER "-----END X509 CRL-----" +#define CRLHEADER "-----BEGIN CERTIFICATE REVOCATION LIST-----\n" +#define CRLFOOTER "-----END CERTIFICATE REVOCATION LIST-----\n" /*#else #define HEADER "-----BEGIN CERTIFICATE----\n" #define FOOTER "\n-----END CERTIFICATE-----\n" @@ -1494,6 +1496,7 @@ SECItem derCrl; char msg[BIG_LINE]; char *secdir = util_get_security_dir(); + char full_path[PATH_MAX]; int list_type = (type && !PORT_Strcmp(type, "CKL"))? SEC_KRL_TYPE : SEC_CRL_TYPE; if (!filename || !*filename || @@ -1506,9 +1509,12 @@ {/*try open the file*/ FILE *f; + + PR_snprintf(full_path, sizeof(full_path), "%s%c%s", secdir, FILE_PATHSEP, filename); + form_unescape(full_path); - if( !(f = fopen(filename, "rb")) ) { - PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), filename); + if( !(f = fopen(full_path, "rb")) ) { + PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), full_path); errorRpt(FILE_ERROR, msg); } else { int size; @@ -1543,23 +1549,36 @@ ascii text file. */ { + int headerlen = 0; char *DERCert = NULL; char* begin = (char*) PORT_Strstr((const char*)ascii, CRLHEADER); char* end = (char*) PORT_Strstr((const char*)ascii, CRLFOOTER); + /* Check for the alternate CRL header and footer format */ + if (begin == NULL) { + begin = (char*) PORT_Strstr((const char*)ascii, X509CRLHEADER); + headerlen = strlen(X509CRLHEADER); + } else { + headerlen = strlen(CRLHEADER); + } + + if (end == NULL) { + end = (char*) PORT_Strstr((const char*)ascii, X509CRLFOOTER); + } + if ((begin != NULL) && (end != NULL)) { - end += PORT_Strlen(FOOTER); + /* chop the footer off */ *end = '\0'; - DERCert = (char*)PORT_ZAlloc(PORT_Strlen(begin)); - - strcpy(DERCert, begin+strlen(CRLHEADER)); + /* don't copy the header */ + DERCert = (char*)PORT_ZAlloc(PORT_Strlen(begin - headerlen + 1)); + strcpy(DERCert, (begin + headerlen)); if ( SECFailure == ATOB_ConvertAsciiToItem(&derCrl, DERCert) ) { errorRpt(SYSTEM_ERROR, getResourceString(DBT_DECODE_CRL_ERROR)); } } else { - PR_snprintf(msg, sizeof(msg), getResourceString(DBT_INVALID_CRL), filename); + PR_snprintf(msg, sizeof(msg), getResourceString(DBT_INVALID_CRL), full_path); errorRpt(FILE_ERROR, msg); } } From fedora-directory-commits at redhat.com Thu Nov 15 16:56:55 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Thu, 15 Nov 2007 11:56:55 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/console LoginDialog.java, 1.2, 1.3 console.properties, 1.8, 1.9 Message-ID: <200711151656.lAFGutd6020691@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/console In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/console Modified Files: LoginDialog.java console.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: LoginDialog.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/console/LoginDialog.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- LoginDialog.java 29 Jun 2007 20:32:28 -0000 1.2 +++ LoginDialog.java 15 Nov 2007 16:56:52 -0000 1.3 @@ -249,18 +249,14 @@ * invoke help */ protected void helpInvoked() { - String urlString = Console._resource.getString("login", "help"); - if (urlString.length()>0) { - //one level up to the instead of /java - File f = new File(".."); - - try { - URL url = f.toURL(); - - Browser browser = new Browser(); - browser.open(url.toString()+urlString, Browser.EXISTING_WINDOW); - } catch (Exception urlError) { - } + /* Display a help dialog */ + String helpMsg = Console._resource.getString("login", "help"); + if (helpMsg.length()>0) { + JOptionPane.showMessageDialog( + SplashScreen.getInstance(), helpMsg, + Console._resource.getString("login","helptitle"), + JOptionPane.INFORMATION_MESSAGE); + ModalDialogUtil.sleep(); } } } Index: console.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/console/console.properties,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- console.properties 2 Jul 2007 18:49:24 -0000 1.8 +++ console.properties 15 Nov 2007 16:56:52 -0000 1.9 @@ -22,7 +22,8 @@ login-password=Password: login-url=Administration URL: login-copyright=Copyright (C) Red Hat, Inc. -login-help=manual/en/console/help/login.htm +login-help=Login to your Administration Server.\n\nYour admin user and Administration Server URL were configured at setup time.\n\nPlease refer to the setup log in your system tmp directory if you are unsure of\nthe Administration Server port or your admin user's userid. +login-helptitle=Login Help login-passwordDialogTitle=Bind Password restart-title=Restart Directory Server From fedora-directory-commits at redhat.com Thu Nov 15 16:56:55 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Thu, 15 Nov 2007 11:56:55 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/keycert CertManagementResource.properties, 1.1.1.1, 1.2 Message-ID: <200711151656.lAFGutrd020697@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/keycert In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/keycert Modified Files: CertManagementResource.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: CertManagementResource.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/keycert/CertManagementResource.properties,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- CertManagementResource.properties 18 Jul 2005 00:34:15 -0000 1.1.1.1 +++ CertManagementResource.properties 15 Nov 2007 16:56:53 -0000 1.2 @@ -68,7 +68,7 @@ # Add CRL Certificate Dialog AddCRLCertificateDialog-dialogTitle=Add CRL/CKL -AddCRLCertificateDialog-filename=Please enter full path to CRL/CKL file: +AddCRLCertificateDialog-filename=Please enter CRL/CKL file: AddCRLCertificateDialog-cklfiletype=File contains a Compromised Key List (CKL) AddCRLCertificateDialog-crlfiletype=File contains a Certificate Revocation List (CRL) AddCRLCertificateDialog-help=admin From fedora-directory-commits at redhat.com Thu Nov 15 16:56:55 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Thu, 15 Nov 2007 11:56:55 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/security securityResource.properties, 1.1.1.1, 1.2 Message-ID: <200711151656.lAFGutBo020703@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/security In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/security Modified Files: securityResource.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: securityResource.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/security/securityResource.properties,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- securityResource.properties 18 Jul 2005 00:34:17 -0000 1.1.1.1 +++ securityResource.properties 15 Nov 2007 16:56:53 -0000 1.2 @@ -162,7 +162,7 @@ # Install CRL InstallCRLDialog-help=admin InstallCRLDialog-title=Add CRL/CKL -InstallCRLDialog-enterFilename=Enter full path to CRL/CKL file: +InstallCRLDialog-enterFilename=Enter CRL/CKL file: InstallCRLDialog-crl=File contain a Certificate Revocation List (CRL) InstallCRLDialog-krl=File contain a Compromised Key List (CKL) From fedora-directory-commits at redhat.com Thu Nov 15 16:56:56 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Thu, 15 Nov 2007 11:56:56 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client/topology AbstractServerObject.java, 1.4, 1.5 AdminGroupNode.java, 1.2, 1.3 topology.properties, 1.3, 1.4 Message-ID: <200711151656.lAFGuuUN020711@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client/topology In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv20617/src/com/netscape/management/client/topology Modified Files: AbstractServerObject.java AdminGroupNode.java topology.properties Log Message: Resolves: 379211 Summary: Removed unused labels, corrected CRL file label, and added help dialog to LoginDialog class. Index: AbstractServerObject.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/AbstractServerObject.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- AbstractServerObject.java 9 Jul 2007 19:01:01 -0000 1.4 +++ AbstractServerObject.java 15 Nov 2007 16:56:53 -0000 1.5 @@ -74,7 +74,6 @@ "nsVendor", //"nsNickName", "nsProductVersion", "nsBuildNumber", "nsRevisionNumber", //"nsSerialNumber", - //"nsInstalledLocation", //"installationTimeStamp", //"nsExpirationDate", "nsBuildSecurity", }; Index: AdminGroupNode.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/AdminGroupNode.java,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- AdminGroupNode.java 29 Jun 2007 20:32:29 -0000 1.2 +++ AdminGroupNode.java 15 Nov 2007 16:56:53 -0000 1.3 @@ -152,10 +152,7 @@ "nsAdminGroupName"), getName(), true, true), new NodeData("description", _resource.getString("ServerObject","description"), - _description, true), - new NodeData("nsInstalledLocation", - _resource.getString("ServerObject", - "nsInstalledLocation"), _installPath, false), }; + _description, true), }; } /** Index: topology.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/topology/topology.properties,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- topology.properties 29 Jun 2007 20:32:29 -0000 1.3 +++ topology.properties 15 Nov 2007 16:56:53 -0000 1.4 @@ -243,7 +243,6 @@ ServerObject-nsBuildNumber=Build number ServerObject-nsRevisionNumber=Revision ServerObject-nsSerialNumber=Serial number -ServerObject-nsInstalledLocation=Installation path ServerObject-installationTimeStamp=Installed date ServerObject-nsExpirationDate=Expiration date ServerObject-nsBuildSecurity=Security level From fedora-directory-commits at redhat.com Thu Nov 15 17:02:04 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 15 Nov 2007 12:02:04 -0500 Subject: [Fedora-directory-commits] adminserver Makefile.am, 1.35, 1.36 aclocal.m4, 1.34, 1.35 configure, 1.38, 1.39 missing, 1.24, 1.25 install-sh, 1.24, 1.25 Makefile.in, 1.41, 1.42 depcomp, 1.24, 1.25 config.sub, 1.24, 1.25 config.guess, 1.24, 1.25 compile, 1.23, 1.24 Message-ID: <200711151702.lAFH24FX027599@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27530/adminserver Modified Files: Makefile.am aclocal.m4 configure missing install-sh Makefile.in depcomp config.sub config.guess compile Log Message: Resolves: bug 383301 Bug Description: Admin Server main html page refers to dsgw, org Reviewed by: nhosoi (Thanks!) Fix Description: Introduce a new directive - INCLUDEIFEXISTS. This will include the html file specified if it exists, or just skip it if not found. When dsgw, org, etc. are ready, we can just plug in the appropriate html file. I added the html excerpts to the data directory so we can have them in case we want to use them - just copy them to the html directory and reload the main admin server page. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: Makefile.am =================================================================== RCS file: /cvs/dirsec/adminserver/Makefile.am,v retrieving revision 1.35 retrieving revision 1.36 diff -u -r1.35 -r1.36 --- Makefile.am 14 Nov 2007 17:51:55 -0000 1.35 +++ Makefile.am 15 Nov 2007 17:02:02 -0000 1.36 @@ -162,7 +162,10 @@ admserv/schema/ldif/20asdata.ldif.tmpl \ admserv/schema/ldif/21astasks.ldif.tmpl \ admserv/schema/ldif/22ascommands.ldif.tmpl \ - admserv/schema/ldif/asmigrate.ldif.tmpl + admserv/schema/ldif/asmigrate.ldif.tmpl \ + admserv/html/admserv_phonebook.html \ + admserv/html/admserv_orgchart.html \ + admserv/html/admserv_dsgw.html inf_DATA = admserv/newinst/src/admin.inf \ admserv/newinst/src/setup.inf \ Index: Makefile.in =================================================================== RCS file: /cvs/dirsec/adminserver/Makefile.in,v retrieving revision 1.41 retrieving revision 1.42 diff -u -r1.41 -r1.42 --- Makefile.in 14 Nov 2007 17:51:55 -0000 1.41 +++ Makefile.in 15 Nov 2007 17:02:02 -0000 1.42 @@ -556,7 +556,10 @@ admserv/schema/ldif/20asdata.ldif.tmpl \ admserv/schema/ldif/21astasks.ldif.tmpl \ admserv/schema/ldif/22ascommands.ldif.tmpl \ - admserv/schema/ldif/asmigrate.ldif.tmpl + admserv/schema/ldif/asmigrate.ldif.tmpl \ + admserv/html/admserv_phonebook.html \ + admserv/html/admserv_orgchart.html \ + admserv/html/admserv_dsgw.html inf_DATA = admserv/newinst/src/admin.inf \ admserv/newinst/src/setup.inf \ From fedora-directory-commits at redhat.com Thu Nov 15 17:02:04 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 15 Nov 2007 12:02:04 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/cgi-src40 download.c, 1.7, 1.8 Message-ID: <200711151702.lAFH243G027605@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/admserv/cgi-src40 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27530/adminserver/admserv/cgi-src40 Modified Files: download.c Log Message: Resolves: bug 383301 Bug Description: Admin Server main html page refers to dsgw, org Reviewed by: nhosoi (Thanks!) Fix Description: Introduce a new directive - INCLUDEIFEXISTS. This will include the html file specified if it exists, or just skip it if not found. When dsgw, org, etc. are ready, we can just plug in the appropriate html file. I added the html excerpts to the data directory so we can have them in case we want to use them - just copy them to the html directory and reload the main admin server page. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: download.c =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/download.c,v retrieving revision 1.7 retrieving revision 1.8 diff -u -r1.7 -r1.8 --- download.c 9 May 2007 00:26:30 -0000 1.7 +++ download.c 15 Nov 2007 17:02:02 -0000 1.8 @@ -71,9 +71,6 @@ #define MYHTMLFILE "admserv.html" -#define DSGW_BLOCK "" -#define DSGW_BLOCK_CLOSE "" - static int safe_snprintf(char *buf, size_t size, const char *fmt, ...) { @@ -99,11 +96,9 @@ { char line[PATH_LENGTH]; FILE *html; - int i, dsgwblock, has_dsgw; + int i; char *acceptLanguage = NULL; char *loc; - - has_dsgw = 1; /* hardcoded for now until we can figure out a better mechanism */ acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE"); if (acceptLanguage == NULL) @@ -121,6 +116,7 @@ HTMLDIR, FILE_SEP, loc[0],loc[1], FILE_SEP, MYHTMLFILE); if ((html = fopen(line, "r")) != NULL) { + loc[2] = '\0'; break; } else @@ -134,6 +130,7 @@ { error_exit(MYHTMLFILE " not found"); } + loc = ""; break; } } @@ -141,30 +138,32 @@ printf("Content-type: text/html\n\n"); - dsgwblock = 0; - while (fgets(line, PATH_LENGTH, html)) { - if (!STRNCASECMP(line, DSGW_BLOCK, strlen(DSGW_BLOCK))) - { - dsgwblock = 1; - continue; - } - - if (!STRNCASECMP(line, DSGW_BLOCK_CLOSE, strlen(DSGW_BLOCK_CLOSE))) - { - dsgwblock =0; +#define INCLUDEIFEXISTS ""); + if (p && *p && end) { + char includefile[PATH_LENGTH]; + FILE *includedhtml = NULL; + *end = '\0'; + safe_snprintf(includefile, sizeof(includefile), + "%s%c%s%s%s", + HTMLDIR, FILE_SEP, loc ? loc : "", + loc ? "/" : "", p); + includedhtml = fopen(includefile, "r"); + while (includedhtml && fgets(line, PATH_LENGTH, includedhtml)) { + printf("%s", line); + } + if (includedhtml) { + fclose(includedhtml); + includedhtml = NULL; + } + } continue; } - - if (!dsgwblock) - { - printf("%s", line); - continue; - } - - if (dsgwblock && has_dsgw) - printf("%s", line); + printf("%s", line); } fflush(stdout); From fedora-directory-commits at redhat.com Thu Nov 15 17:02:05 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 15 Nov 2007 12:02:05 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/html admserv_dsgw.html, NONE, 1.1 admserv_orgchart.html, NONE, 1.1 admserv_phonebook.html, NONE, 1.1 admserv.html, 1.1, 1.2 Message-ID: <200711151702.lAFH25NT027611@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/admserv/html In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27530/adminserver/admserv/html Modified Files: admserv.html Added Files: admserv_dsgw.html admserv_orgchart.html admserv_phonebook.html Log Message: Resolves: bug 383301 Bug Description: Admin Server main html page refers to dsgw, org Reviewed by: nhosoi (Thanks!) Fix Description: Introduce a new directive - INCLUDEIFEXISTS. This will include the html file specified if it exists, or just skip it if not found. When dsgw, org, etc. are ready, we can just plug in the appropriate html file. I added the html excerpts to the data directory so we can have them in case we want to use them - just copy them to the html directory and reload the main admin server page. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none --- NEW FILE admserv_dsgw.html ---   Directory Server Gateway
          Search for and edit directory entries.               --- NEW FILE admserv_orgchart.html ---   Directory Server Org Charts
          Browse org charts of your organization.               --- NEW FILE admserv_phonebook.html ---   Directory Server Express
          Search for users by name, user ID or extension.               Index: admserv.html =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/html/admserv.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- admserv.html 9 May 2007 00:26:31 -0000 1.1 +++ admserv.html 15 Nov 2007 17:02:02 -0000 1.2 @@ -49,28 +49,8 @@ - -   - - Directory Server Express
          - Search for users by name, user ID or extension.           - - - -   -   - - -   - - Directory Server Org Charts
          - Browse org charts of your organization.           - - - -   -   - + +   @@ -89,17 +69,7 @@ - -   - - Directory Server Gateway
          - Search for and edit directory entries.           - - - -   -   - +   Fedora Home Page
          From fedora-directory-commits at redhat.com Thu Nov 15 17:32:25 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Thu, 15 Nov 2007 12:32:25 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/cgi-src40 config.c, 1.13, 1.14 config.properties, 1.3, 1.4 Message-ID: <200711151732.lAFHWP07031142@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/adminserver/admserv/cgi-src40 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31123/adminserver/admserv/cgi-src40 Modified Files: config.c config.properties Log Message: Resolves: bug 368481 Bug Description: Unable to change Admin Server log paths in Console Reviewed by: nkinder (Thanks!) Fix Description: This is for the CGI part. The CGI will now return one error if the input is not a valid filename (i.e. it is a path), and return a different error if the filename could not be opened. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: config.c =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/config.c,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- config.c 13 Jul 2007 19:47:15 -0000 1.13 +++ config.c 15 Nov 2007 17:32:22 -0000 1.14 @@ -84,13 +84,13 @@ #define DBT_PORT_INUSE resource_key(RESOURCE_FILE, "20") #define DBT_PORT_EACCESS resource_key(RESOURCE_FILE, "21") #define DBT_PORT_NOT_AVAIL resource_key(RESOURCE_FILE, "22") -#define DBT_ACCESSLOG_INVALID resource_key(RESOURCE_FILE, "23") -#define DBT_ERRORLOG_INVALID resource_key(RESOURCE_FILE, "24") +#define DBT_ERROR_OPENING_LOG resource_key(RESOURCE_FILE, "23") +#define DBT_LOG_INVALID resource_key(RESOURCE_FILE, "24") static char * read_conf(char *file, char *name); static int update_conf(char *file, char *name, char *val); static int validate_addr(char* ip); -static int validate_logfile(char* name); +static int validate_logfile(char *logdir, char* name); #ifdef XP_UNIX static int rename_pidlog_file(PsetHndl pset, char* newname); static int change_uid_all(char *dir, int curuid, int newuid); @@ -538,15 +538,28 @@ /* Check if access log file is being changed */ if (strcasecmp(nameptr,"configuration.nsaccesslog") == 0) { - if (!validate_logfile(valptr)) { + int rc = validate_logfile(logdir, valptr); + if (rc == 2) { /* report error */ psetDelete(pset); if (i18nResource) PR_snprintf(error_info, sizeof(error_info), - res_getstring(i18nResource, DBT_ACCESSLOG_INVALID, + res_getstring(i18nResource, DBT_LOG_INVALID, acceptLanguage, msgbuf, sizeof(msgbuf), NULL), - nameptr); - else PR_snprintf(error_info, sizeof(error_info), "Invalid access log file specified"); + "Access", nameptr); + else PR_snprintf(error_info, sizeof(error_info), "%s log file name must be a valid file name and must not include the path. [%s] is invalid.", + "Access", nameptr); + rpt_err(APP_ERROR, error_info, NULL, NULL); + } else if (rc == 0) { + /* report error */ + psetDelete(pset); + if (i18nResource) + PR_snprintf(error_info, sizeof(error_info), + res_getstring(i18nResource, DBT_ERROR_OPENING_LOG, + acceptLanguage, msgbuf, sizeof(msgbuf), NULL), + "access", nameptr, strerror(errno)); + else PR_snprintf(error_info, sizeof(error_info), "Could not open %s log file [%s]. Error: %s", + "access", nameptr, strerror(errno)); rpt_err(APP_ERROR, error_info, NULL, NULL); } else { @@ -558,15 +571,28 @@ /* Check if error log file is being changed */ if (strcasecmp(nameptr,"configuration.nserrorlog") == 0) { - if (!validate_logfile(valptr)) { + int rc = validate_logfile(logdir, valptr); + if (rc == 2) { /* report error */ psetDelete(pset); if (i18nResource) PR_snprintf(error_info, sizeof(error_info), - res_getstring(i18nResource, DBT_ERRORLOG_INVALID, + res_getstring(i18nResource, DBT_LOG_INVALID, acceptLanguage, msgbuf, sizeof(msgbuf), NULL), - nameptr); - else PR_snprintf(error_info, sizeof(error_info), "Invalid error log file specified"); + "Error", nameptr); + else PR_snprintf(error_info, sizeof(error_info), "%s log file name must be a valid file name and must not include the path. [%s] is invalid.", + "Error", nameptr); + rpt_err(APP_ERROR, error_info, NULL, NULL); + } else if (rc == 0) { + /* report error */ + psetDelete(pset); + if (i18nResource) + PR_snprintf(error_info, sizeof(error_info), + res_getstring(i18nResource, DBT_ERROR_OPENING_LOG, + acceptLanguage, msgbuf, sizeof(msgbuf), NULL), + "error", nameptr, strerror(errno)); + else PR_snprintf(error_info, sizeof(error_info), "Could not open %s log file [%s]. Error: %s", + "error", nameptr, strerror(errno)); rpt_err(APP_ERROR, error_info, NULL, NULL); } else { @@ -1042,16 +1068,16 @@ * 0 error * */ -static int validate_logfile(char *name) { +static int validate_logfile(char *logdir, char *name) { FILE *f; char *fullname; if (!name || !*name || !util_is_valid_path_string(name)) { - return 0; /* error */ + return 2; /* error */ } - fullname = PR_smprintf("%s/%s", LOGDIR, name); + fullname = PR_smprintf("%s/%s", logdir, name); f = fopen(fullname, "a+"); PR_smprintf_free(fullname); Index: config.properties =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/config.properties,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- config.properties 18 Aug 2005 18:59:03 -0000 1.3 +++ config.properties 15 Nov 2007 17:32:22 -0000 1.4 @@ -46,7 +46,7 @@ config20 { "Port is already in use" } config21 { "Inadequate permission. Port is protected." } config22 { "Port is not available" } -config23 { "Invalid access log file specified" } -config24 { "Invalid error log file specified" } +config23 { "Could not open %s log file [%s]. Error: %s" } +config24 { "%s log file name must be a valid file name and must not include the path. [%s] is invalid." } } From fedora-directory-commits at redhat.com Thu Nov 15 18:28:10 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Thu, 15 Nov 2007 13:28:10 -0500 Subject: [Fedora-directory-commits] directoryconsole/help/en/help adv_search.html, 1.1, 1.2 configtab_rootnode.html, 1.1, 1.2 configtab_rootnode3.html, 1.1, 1.2 dir_browser2.html, 1.1, 1.2 dir_browser3.html, 1.1, 1.2 dirtab_cos2.html, 1.1, 1.2 dirtab_role.html, 1.1, 1.2 property_editor.html, 1.1, 1.2 statustab_performance.html, 1.1, 1.2 statustab_performance2.html, 1.1, 1.2 Message-ID: <200711151828.lAFISAfI008651@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/directoryconsole/help/en/help In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8588 Modified Files: adv_search.html configtab_rootnode.html configtab_rootnode3.html dir_browser2.html dir_browser3.html dirtab_cos2.html dirtab_role.html property_editor.html statustab_performance.html statustab_performance2.html Log Message: Resolves: #379191 Summary: Online help: Directory Console (ds-console) Details: Comment #1 & #2 with the fixes suggested by Rich. Index: adv_search.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/adv_search.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- adv_search.html 13 Aug 2007 22:28:09 -0000 1.1 +++ adv_search.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -9,3 +9,11 @@

          Search Filter. Enter the search filter you want to use in this text box and then click OK.

          + +

          +Search (button). Click to begin searching. +

          + +

          +Basic (button). Click to go back to the basic search. +

          Index: configtab_rootnode.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_rootnode.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_rootnode.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_rootnode.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -7,6 +7,11 @@

          +Network Settings +

          + +
            +

            Port. Port number used for non-SSL communications. By default, the port number is 389.

            @@ -17,6 +22,7 @@

            Referrals to. LDAP URL of the default referral returned to client applications who submit requests based at a DN not maintained by your directory.

            +

          Make entire server read-only. Causes the server to be placed in read-only mode. Selecting this option also places all databases managed by the server into read-only mode, meaning you cannot create, modify, or delete any entries. Index: configtab_rootnode3.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_rootnode3.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_rootnode3.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_rootnode3.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -14,6 +14,7 @@ Use this cipher family. Select the checkbox next to the cipher family or families you want the server to use for SSL communications.

          +

            Security Device. Select the device you want the server to use.

            @@ -25,8 +26,7 @@

            Cipher settings. Opens the Encryption Preferences dialog box, where you can select which ciphers you want the server to use from the cipher families you have already selected. By default, Directory Server comes with the following SSL ciphers:

            -
            -
            +
            @@ -128,10 +128,14 @@
            +
          + -
          -
          +

          +Client Authentication +

          +

            Do not allow client authentication. Select this option if you want client applications to connect to the server using only simple authentication.

            @@ -155,6 +159,7 @@

            If you use this option with client authentication, communication between the Management Console and the server will take place over a secure channel, but without client authentication.

            +

          Check hostname against name in certificate for outbound SSL connections. Select this check box if you want an SSL-enabled Directory Server (with certificate based client authentication turned on) to verify authenticity of a request by matching the hostname against the value assigned to the Common Name (CN) attribute of the subject name in the certificate being presented. Index: dir_browser2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/dir_browser2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- dir_browser2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ dir_browser2.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -11,6 +11,11 @@

          +User Password Change +

          + +
            +

            User must change password after reset. When selected, users must change their passwords when they first log in or after the administrator resets the passwords.

            @@ -29,8 +34,13 @@

            Remember X passwords. If the server is keeping a password history, this option specifies how many old passwords the server should store in the history list. The valid value range is from 2 to 24. The default value is 6.

            +

          +Password Expiration +

          +
            +

            Password never expires. Select this if you do not require users to change their passwords periodically.

            @@ -53,35 +63,78 @@

            Allow up to X attempt(s) after password expires. Indicates the number of grace logins permitted after a user's password has expired. Grace logins are not permitted by default.

            +

          +Password Syntax +

          +
            +

            Check password syntax. Select this checkbox to enforce password syntax checking. Syntax checking ensures that the password strings conform to the syntax guidelines, such as minimum password length.

            -Password minimum length. If syntax checking is on, this option specifies the minimum number of characters that must be used in directory server passwords. The valid value range is from 2 to 512 characters. The default value is 6. +Password minimum length. If syntax checking is on, this option specifies the minimum number of characters that must be used in directory server passwords. The valid value range is from 2 to 512 characters. The default value is 8. +

            + +

            +Minimum required digit characters. If syntax checking is on, this option specifies the minimum number of digit characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

            + +

            +Minimum required alpha characters. If syntax checking is on, this option specifies the minimum number of alpha characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

            + +

            +Minimum required uppercase characters. If syntax checking is on, this option specifies the minimum number of uppercase characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

            + +

            +Minimum required lowercase characters. If syntax checking is on, this option specifies the minimum number of lowercase characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

            + +

            +Minimum required special characters. If syntax checking is on, this option specifies the minimum number of special characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

            + +

            +Minimum required 8-bit characters. If syntax checking is on, this option specifies the minimum number of 8-bit characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

            + +

            +Maximum number of repeated characters. If syntax checking is on, this option specifies the maximum number of repeated characters that is allowed to used in directory server passwords. The valid value range is from 0 to 64 characters. If 0 is set, the server does not check the repeated characters. The default value is 0. +

            + +

            +Minimum required character categories. If syntax checking is on, this option specifies the minimum number of character categories that must be used in directory server passwords. The valid value range is from 1 to 5 characters. The default value is 3. +

            + +

            +Minimum token length. If syntax checking is on, this option specifies the minimum token length that must be used in directory server passwords. The valid value range is from 1 to 64 characters. The default value is 3.

            +

          Password encryption. Identifies how user passwords are stored in the directory. You can specify one of the following encryption formats:

            -
          • -Salted Secure Hashing Algorithm (SSHA). This method is recommended as the most secure. SSHA is the default encryption method. -
            • - -
          • -UNIX crypt algorithm (CRYPT). Provided for compatibility with UNIX passwords. -
            • - -
          • -Secure Hashing Algorithm (SHA). A one-way has algorithm that is the default encryption schema in Directory Server 4.x. -
            • - -
          • -No encryption (CLEAR). This encryption type indicates that the password will appear in plain text. -
            • +

            +Salted Secure Hashing Algorithm (SSHA). This method is recommended as the most secure. SSHA is the default encryption method. +

            + +

            +UNIX crypt algorithm (CRYPT). Provided for compatibility with UNIX passwords. +

            + +

            +Secure Hashing Algorithm (SHA, SHA256, SHA384, SHA512). One-way hash algorithms. +

            + +

            +No encryption (CLEAR). This encryption type indicates that the password will appear in plain text. +

            +

          Index: dir_browser3.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/dir_browser3.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- dir_browser3.html 13 Aug 2007 22:28:09 -0000 1.1 +++ dir_browser3.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -11,6 +11,10 @@

          +Password Lockout +

          +
            +

            Lockout account after X login failures. Specify the number of times a user can fail to bind before they are locked out of the directory. Valid values are 1 to 32,767 attempts. This option is available only if account lockout is enabled.

            @@ -25,3 +29,4 @@

            Lockout duration X minutes. Select this option to indicate the amount of time a user will be locked out of the directory after a series of failed bind attempts. If you select this option, you must enter a number of minutes in the text box. Valid values are 1 to 35,791,394 minutes. This option is available only if account lockout is enabled.

            +
          Index: dirtab_cos2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/dirtab_cos2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- dirtab_cos2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ dirtab_cos2.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -11,5 +11,5 @@

          -Description. Enter a description of your class of service. +Description (Optional). Enter a description of your class of service.

          Index: dirtab_role.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/dirtab_role.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- dirtab_role.html 13 Aug 2007 22:28:09 -0000 1.1 +++ dirtab_role.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -7,30 +7,12 @@

          -LDAP filter. Enter the filter in this text field or click Construct to be guided through the construction of an LDAP filter. The Construct dialog box contains the following fields: +LDAP filter. Enter the filter in this text field or click Construct to be guided through the construction of an LDAP filter.

          -
            -
          • -Search. Select whether to search for entries within the base DN, one level below the base DN, or the whole subtree beneath the base DN. -
            • - -
          • -For. Select the types of entries you want to filter from this list. You can choose between users, groups, or both. -
            • - -
          • -Where. Select an attribute from this drop-down list. The two fields following it allow you to refine your search by selecting one of the qualifiers from the drop-down list (such as contains, does not contain, is, is not). Enter an attribute value in the text box. -
            • - -
          • -More. Click this button to add additional filters. -
            • - -
          • -Fewer. Click this button to remove unnecessary filters. -
            • -
          +

          +Construct... (button). Click to use the Construct dialog box to generate a filter. +

          Test. Click this button to try your filter. The entries matching your filter appear in the table. The following information is displayed: Index: property_editor.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/property_editor.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- property_editor.html 13 Aug 2007 22:28:09 -0000 1.1 +++ property_editor.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -7,6 +7,8 @@

          +View +

          Show Attribute Names. Select this option if you want the property editor to display the names of the attributes as they appear in the schema. For example, mail instead of Email address.

          @@ -23,6 +25,14 @@

          +Show Effective Rights. Select this checkbox if you want to view the entry's effective rights. +

          +

          + +

          +Edit + +

          Add Value. If the currently selected attribute is not the objectclass attribute or a binary attribute, you can use this command to insert a blank text box for the currently selected attribute. Enter the new value in the text box.

          @@ -41,3 +51,4 @@

          Delete Attribute. Use this command to delete the currently selected attribute from the entry.

          +

          Index: statustab_performance.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/statustab_performance.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- statustab_performance.html 13 Aug 2007 22:28:09 -0000 1.1 +++ statustab_performance.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -7,6 +7,11 @@

          +General Information +

          + +
            +

            Server version. Identifies the current server version.

            @@ -17,9 +22,10 @@

            Current time on server. Displays the current date and time on the server.

            +

          -Refresh. Click refresh to update the current display. +Refresh (button). Click refresh to update the current display.

          @@ -31,25 +37,25 @@

            -
          • -Connections. Gives the total number of connections to this server since startup and the average number of connections per minute since startup. -
            • - -
          • -Operations Initiated. Gives the total number of operations initiated since server startup and the average number of operations per minute since startup. -
            • - -
          • -Operations Completed. Gives the total number of operations completed by the server since startup and the average number of operations per minute since server startup. -
            • - -
          • -Entries Sent To Clients. Gives the total number of entries sent to client applications since server startup in response to search requests and the average number of entries sent to client application per minute since server startup. -
            • - -
          • -Bytes Sent To Clients. Gives the total number of bytes sent to client applications and the average number of bytes sent to client applications since server startup. -
            • +

            +Connections. Gives the total number of connections to this server since startup and the average number of connections per minute since startup. +

            + +

            +Operations Initiated. Gives the total number of operations initiated since server startup and the average number of operations per minute since startup. +

            + +

            +Operations Completed. Gives the total number of operations completed by the server since startup and the average number of operations per minute since server startup. +

            + +

            +Entries Sent To Clients. Gives the total number of entries sent to client applications since server startup in response to search requests and the average number of entries sent to client application per minute since server startup. +

            + +

            +Bytes Sent To Clients. Gives the total number of bytes sent to client applications and the average number of bytes sent to client applications since server startup. +

          @@ -57,25 +63,25 @@

            -
          • -Active Threads. Current number of active threads used for handling requests. -
            • - -
          • -Open Connections. Total number of open connections. -
            • - -
          • -Remaining Available Connections. Total number of remaining connections that the server can concurrently open. -
            • - -
          • -Threads Waiting To Read From Client. Provides the current total. This condition occurs when the server starts to receive a request from a client application and then the transmission is halted. This total generally indicates a slow network or client application. -
            • - -
          • -Database In Use. Total number of databases being used by the server. -
            • +

            +Active Threads. Current number of active threads used for handling requests. +

            + +

            +Open Connections. Total number of open connections. +

            + +

            +Remaining Available Connections. Total number of remaining connections that the server can concurrently open. +

            + +

            +Threads Waiting To Read From Client. Provides the current total. This condition occurs when the server starts to receive a request from a client application and then the transmission is halted. This total generally indicates a slow network or client application. +

            + +

            +Database In Use. Total number of databases being used by the server. +

          @@ -83,25 +89,25 @@

            -
          • -Time opened. Indicates when the connection was opened. -
            • - -
          • -Started. Indicates the number of operations initiated by this connection. -
            • - -
          • -Completed. Indicates the number of operations completed by the server for this connection. -
            • - -
          • -Bound As. Indicates the DN used by the client application to connect to the server. -
            • - -
          • -Read/Write. Indicates whether the server is currently blocked for read or write access by the client application. -
            • +

            +Time opened. Indicates when the connection was opened. +

            + +

            +Started. Indicates the number of operations initiated by this connection. +

            + +

            +Completed. Indicates the number of operations completed by the server for this connection. +

            + +

            +Bound As. Indicates the DN used by the client application to connect to the server. +

            + +

            +Read/Write. Indicates whether the server is currently blocked for read or write access by the client application. +

          @@ -109,35 +115,32 @@

            -
          • -Hits. Indicates the number of times the server could process a request by obtaining data from the cache rather than by going to the disk. -
            • - -
          • -Tries. The total number of requests performed on your directory since server startup. -
            • - -
          • -Hit Ratio. The ratio of cache tries to successful cache lookups. The closer this number is to 100% the better. -
            • - -
          • -Pages read in. Indicates the number of pages read from disk into the cache. -
            • - -
          • -Pages written out. Indicates the number of pages written from the cache back to disk. -
            • - -
          • -Read-only page evicts. Indicates the number of read-only pages discarded from the cache to make room for new pages. Pages discarded from the cache have to be written to disk, possibly affecting server performance. The lower the number of page evicts the better. -
            • - -
          • -Read-write page evicts. Indicates the number of read-write pages discarded from the cache to make room for new pages. This value differs from Pages Written Out in that these are discarded read-write pages that have not been modified. -
            • -
            -
            +

            +Hits. Indicates the number of times the server could process a request by obtaining data from the cache rather than by going to the disk. +

            + +

            +Tries. The total number of requests performed on your directory since server startup. +

            + +

            +Hit Ratio. The ratio of cache tries to successful cache lookups. The closer this number is to 100% the better. +

            + +

            +Pages read in. Indicates the number of pages read from disk into the cache. +

            + +

            +Pages written out. Indicates the number of pages written from the cache back to disk. +

            + +

            +Read-only page evicts. Indicates the number of read-only pages discarded from the cache to make room for new pages. Pages discarded from the cache have to be written to disk, possibly affecting server performance. The lower the number of page evicts the better. +

            + +

            +Read-write page evicts. Indicates the number of read-write pages discarded from the cache to make room for new pages. This value differs from Pages Written Out in that these are discarded read-write pages that have not been modified. Pages discarded from the cache have to be written to disk, possibly affecting server performance. The lower the number of page evicts the better. -
             

            +

          Index: statustab_performance2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/statustab_performance2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- statustab_performance2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ statustab_performance2.html 15 Nov 2007 18:28:07 -0000 1.2 @@ -7,15 +7,21 @@

          +General Information. +

          + +
            +

            Database. Identifies the type of database being monitored.

            Configuration DN. Identifies the distinguished name you can use to obtain these results using the ldapsearch command-line utility.

            +

          -Refresh. Click refresh to update the current display. +Refresh (button). Click refresh to update the current display.

          @@ -27,29 +33,29 @@

            -
          • -Read-only status. Indicates whether the database is currently in read-only mode. -
            • - -
          • -Entry cache hits. Indicates the number of times the server could process a search request by obtaining data from the cache rather than by going to the disk. -
            • - -
          • -Entry cache tries. The total number of search operations performed against your server since server startup. -
            • - -
          • -Entry cache hit ratio. The ratio of entry cache tries to successful entry cache lookups. The closer this number is to 100% the better. -
            • - -
          • -Current size of entry cache (in bytes). Total number of bytes currently used by the entry cache. -
            • - -
          • -Maximum size of entry cache (in bytes). Maximum number of bytes available to the entry cache. -
            • +

            +Read-only status. Indicates whether the database is currently in read-only mode. +

            + +

            +Entry cache hits. Indicates the number of times the server could process a search request by obtaining data from the cache rather than by going to the disk. +

            + +

            +Entry cache tries. The total number of search operations performed against your server since server startup. +

            + +

            +Entry cache hit ratio. The ratio of entry cache tries to successful entry cache lookups. The closer this number is to 100% the better. +

            + +

            +Current size of entry cache (in bytes). Total number of bytes currently used by the entry cache. +

            + +

            +Maximum size of entry cache (in bytes). Maximum number of bytes available to the entry cache. +

          @@ -57,19 +63,19 @@

            -
          • -Cache hits. Indicates the number of times the server could process a request by obtaining data from the cache rather than by going to the disk. -
            • - -
          • -Cache misses. Number of times the cache does not contain the information being requested by the client application. -
            • - -
          • -Pages read in. Number of pages read from disk into the database cache. -
            • - -
          • -Pages written out. Number of pages written from the cache back to disk. -
            • +

            +Cache hits. Indicates the number of times the server could process a request by obtaining data from the cache rather than by going to the disk. +

            + +

            +Cache misses. Number of times the cache does not contain the information being requested by the client application. +

            + +

            +Pages read in. Number of pages read from disk into the database cache. +

            + +

            +Pages written out. Number of pages written from the cache back to disk. +

          From fedora-directory-commits at redhat.com Fri Nov 16 01:48:49 2007 From: fedora-directory-commits at redhat.com (Jack Magne (jmagne)) Date: Thu, 15 Nov 2007 20:48:49 -0500 Subject: [Fedora-directory-commits] coolkey/applet Makefile,1.3,1.4 Message-ID: <200711160148.lAG1mn6N028777@cvs-int.fedora.redhat.com> Author: jmagne Update of /cvs/dirsec/coolkey/applet In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28730 Modified Files: Makefile Log Message: Minor change to the Windows classpath separator char, from ";" to "\;" since Cygwin eats the sem if not escaped. Rev. rrelyea. Index: Makefile =================================================================== RCS file: /cvs/dirsec/coolkey/applet/Makefile,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- Makefile 5 Oct 2006 00:57:36 -0000 1.3 +++ Makefile 16 Nov 2007 01:48:47 -0000 1.4 @@ -83,7 +83,7 @@ endif ifdef windir -SEP=";" +SEP="\;" else SEP=":" endif From fedora-directory-commits at redhat.com Fri Nov 16 21:22:49 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 16 Nov 2007 16:22:49 -0500 Subject: [Fedora-directory-commits] directoryconsole/src/com/netscape/admin/dirserv/panel ChainingSettingPanel.java, 1.1.1.1, 1.2 Message-ID: <200711162122.lAGLMnee002232@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2071 Modified Files: ChainingSettingPanel.java Log Message: Resolves: #386041 Summary: "Select control OID(s) to add" dialog shows redundant OIDs at the end Description: changed to initialize _possibleControls before copying the new list (removed _knownUnsupportedControls from original _possibleControls) into _possibleControls. Index: ChainingSettingPanel.java =================================================================== RCS file: /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel/ChainingSettingPanel.java,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- ChainingSettingPanel.java 18 Jul 2005 00:55:54 -0000 1.1.1.1 +++ ChainingSettingPanel.java 16 Nov 2007 21:22:46 -0000 1.2 @@ -426,12 +426,12 @@ Vector tmpControls = new Vector(_possibleControls.length); for (int ii = 0; ii < _knownUnsupportedControls.length; ++ii) { for (int jj = 0; jj < _possibleControls.length; ++jj) { - if (!_possibleControls[jj]. - equals(_knownUnsupportedControls[ii])) { + if (!_possibleControls[jj].equals(_knownUnsupportedControls[ii])) { tmpControls.addElement(_possibleControls[jj]); } } } + _possibleControls = new String[tmpControls.size()]; tmpControls.copyInto(_possibleControls); } From fedora-directory-commits at redhat.com Mon Nov 19 17:23:53 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Mon, 19 Nov 2007 12:23:53 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/plugins/replication cl5_api.c, 1.20, 1.21 Message-ID: <200711191723.lAJHNrbh017107@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/servers/plugins/replication In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv17078/ldapserver/ldap/servers/plugins/replication Modified Files: cl5_api.c Log Message: Resolves: bug 388021 Bug Description: MMR breaks from master that has been reinited Reviewed by: nkinder (Thanks!) Fix Description: This problem occurs when you have two or more masters, and you have updates that have originated at a master that have been sent to other masters (so that the other masters have a valid min/max csn for that replica in the ruv). If that master needs to be reinitialized for some reason (crash, etc.) the reinit will erase the changelog. The RUV for that master will now contain CSNs that are not in the changelog. If that master attempts to update another master, it will first look at the RUV from the consumer, which will contain the old CSNs, and it will look for those CSNs in the changelog, fail, and abort the update process, meaning this master can no longer send updates to other servers. The solution is for the master to just use the min CSN in its own RUV as the new starting point, if it has not been purged. In the case of purging, if the CSN is not found, this means the consumer is too far behind and must be reinitialized. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no Index: cl5_api.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/plugins/replication/cl5_api.c,v retrieving revision 1.20 retrieving revision 1.21 diff -u -r1.20 -r1.21 --- cl5_api.c 19 Oct 2007 02:09:24 -0000 1.20 +++ cl5_api.c 19 Nov 2007 17:23:50 -0000 1.21 @@ -5707,18 +5707,47 @@ to any consumers; that is, we can assume that no changes were lost due to either changelog purging or database reload - bug# 603061 - richm at netscape.com */ - if (rc == 0 || (rc == DB_NOTFOUND && !ruv_has_csns(file->purgeRUV))) + if ((rc == DB_NOTFOUND) && !ruv_has_csns(file->purgeRUV)) { + /* use the supplier min csn for the buffer start csn - we know + this csn is in our changelog */ + slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, + "%s: CSN %s not found and no purging, probably a reinit\n", + agmt_name, csnStr); + if ((RUV_SUCCESS == ruv_get_min_csn(supplierRuv, &startCSN)) && + startCSN) + { /* must now free startCSN */ + csn_as_string(startCSN, PR_FALSE, csnStr); + slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, + "%s: Will try to use supplier min CSN %s to load changelog\n", + agmt_name, csnStr); + rc = clcache_load_buffer (clcache, startCSN, DB_SET); + } + else + { + slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, + "%s: Could not get the min csn from the supplier RUV\n", + agmt_name); + } + } + + if (rc == 0) { haveChanges = PR_TRUE; rc = CL5_SUCCESS; - slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, + slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, "%s: CSN %s found, position set for replay\n", agmt_name, csnStr); + if (startCSN != csns[i]) { + csn_free(&startCSN); + } break; } else if (rc == DB_NOTFOUND) /* entry not found */ { /* check whether this csn should be present */ rc = _cl5CheckMissingCSN (startCSN, supplierRuv, file); + if (startCSN != csns[i]) { + csn_free(&startCSN); + } if (rc == CL5_MISSING_DATA) /* we should have had the change but we don't */ { slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name_cl, @@ -5735,6 +5764,9 @@ } else { + if (startCSN != csns[i]) { + csn_free(&startCSN); + } /* db error */ slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name_cl, From fedora-directory-commits at redhat.com Mon Nov 19 18:17:14 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Mon, 19 Nov 2007 13:17:14 -0500 Subject: [Fedora-directory-commits] directoryconsole/src/com/netscape/admin/dirserv/panel NewSuffixPanel.java, 1.1.1.1, 1.2 Message-ID: <200711191817.lAJIHEog002234@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2067/src/com/netscape/admin/dirserv/panel Modified Files: NewSuffixPanel.java Log Message: Resolves: #379191 Summary: Online help: Directory Console (ds-console) (Comment #5) Description: if the suffix to be created is root, show the help of "Creating a New Root Suffix". Index: NewSuffixPanel.java =================================================================== RCS file: /cvs/dirsec/directoryconsole/src/com/netscape/admin/dirserv/panel/NewSuffixPanel.java,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- NewSuffixPanel.java 18 Jul 2005 00:56:02 -0000 1.1.1.1 +++ NewSuffixPanel.java 19 Nov 2007 18:17:12 -0000 1.2 @@ -50,10 +50,11 @@ public NewSuffixPanel(IDSModel model, LDAPEntry node, boolean isRoot) { super( model, _section ); - _helpToken = "configuration-new-mapping-sub-suffix-dbox-help"; if( isRoot ) { + _helpToken = "configuration-new-mapping-node-dbox-help"; setTitle( DSUtil._resource.getString( _section, "new-root-title" )); } else { + _helpToken = "configuration-new-mapping-sub-suffix-dbox-help"; setTitle( DSUtil._resource.getString( _section, "new-title" )); } _model = model; From fedora-directory-commits at redhat.com Mon Nov 19 18:21:40 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Mon, 19 Nov 2007 13:21:40 -0500 Subject: [Fedora-directory-commits] directoryconsole/help/en/help configtab_chaindb.html, 1.1, 1.2 configtab_chaindb2.html, 1.1, 1.2 configtab_chaindb3.html, 1.1, 1.2 configtab_chaindb5.html, 1.1, 1.2 configtab_db2.html, 1.1, 1.2 configtab_db5.html, 1.1, 1.2 configtab_ldbmdb.html, 1.1, 1.2 configtab_maptree.html, 1.1, 1.2 configtab_maptree4.html, 1.1, 1.2 configtab_rootnode6.html, 1.1, 1.2 configtab_rootnode7.html, 1.1, 1.2 Message-ID: <200711191821.lAJILebK002937@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/directoryconsole/help/en/help In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2754/en/help Modified Files: configtab_chaindb.html configtab_chaindb2.html configtab_chaindb3.html configtab_chaindb5.html configtab_db2.html configtab_db5.html configtab_ldbmdb.html configtab_maptree.html configtab_maptree4.html configtab_rootnode6.html configtab_rootnode7.html Log Message: Resolves: #379191 Summary: Online help: Directory Console (ds-console) (comment #6) Description: help pages referred from Directory Console | Configuration Tab | Data tree Index: configtab_chaindb.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_chaindb.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_chaindb.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_chaindb.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -7,6 +7,15 @@

          +New Database Link info +

          + +
            +

            +Database suffix. Suffix the database link is created from. +

            + +

            Database link name. Unique name of the database link.

            @@ -22,6 +31,7 @@ Remote server(s) information. In this section you provide information about the remote data sources used by the database link.

            +

              Use a secure LDAP connection between servers. Selecting this checkbox indicates that the connection between the server and the remote server is secure.

              @@ -41,7 +51,9 @@

              Port. Port number of an alternative remote server.

              +

            LDAP URL. This field contains a dynamically created LDAP URL that combines the server names and port numbers you specified in the remote server information fields.

            +
              Index: configtab_chaindb2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_chaindb2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_chaindb2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_chaindb2.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -12,19 +12,27 @@
              • -Virtual list view (VLV) control. This control provides lists of parts of entries rather than returning all entry information. The OID of this control is 2.16.840.1.113730.3.4.9. +

                +Managed DSA control. This control returns smart referrals as entries rather than following the referral. This allows you to modify or delete the smart referral itself. The OID for this control is 2.16.840.1.113730.3.4.2. +

              • -Server side sorting control. This control sorts entries according to their attribute values. The OID for this control is 1.2.840.113556.1.4.473. +

                +Virtual list view (VLV) control. This control provides lists of parts of entries rather than returning all entry information. The OID of this control is 2.16.840.1.113730.3.4.9. +

              • -Managed DSA control. This control returns smart referrals as entries rather than following the referral. This allows you to modify or delete the smart referral itself. The OID for this control is 2.16.840.1.113730.3.4.2. +

                +Server side sorting control. This control sorts entries according to their attribute values. The OID for this control is 1.2.840.113556.1.4.473. +

              • +

                Loop detection control. This control contains a count that is decremented each time the server tries to chain. When the server receives a count of 0 it determines that a loop has been detected and notifies the client application. The OID for this control is 1.3.6.1.4.1.1466.29539.12. +

              Index: configtab_chaindb3.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_chaindb3.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_chaindb3.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_chaindb3.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -31,19 +31,6 @@

              -2.16.840.1.113730.3.4.3 -

              - -

              -Persistent search control. -

              -This control is used with a search request to indicate that the server should not complete the request when all the matching entries have been returned. Instead, the server should keep the operation active and send results to the client whenever an entry matching the search filter is added, deleted, or modified. -

              - - - - -

              2.16.840.1.113730.3.4.4

              @@ -109,6 +96,43 @@

              +2.16.840.1.113730.3.4.19 +

              + +

              +Virtual attributes only request control. +

              +This control requests that the server return only attributes generated by the roles and class of service features. +

              + + + + +

              +1.3.6.1.4.1.42.2.27.8.5.1 +

              + +

              +Password policy request control. +

              + + + + + +

              +1.3.6.1.4.1.42.2.27.9.5.2 +

              + +

              +Get effective rights request control. +

              + + + + + +

              2.16.840.1.113730.3.4.14

              @@ -122,6 +146,19 @@

              +2.16.840.1.113730.3.4.20 +

              + +

              +Extended version of Search on specific database control. +

              +This control can be used when the database name is supplied or not supplied. When it is not supplied,it retrieves the database name from the base of the search. +

              + + + + +

              2.16.840.1.113730.3.4.12

              @@ -135,6 +172,19 @@

              +2.16.840.1.113730.3.4.18 +

              + +

              +Proxied authorization (new "version 2" specification) control. +

              +Allows the client to assume another identity for the duration of a request +

              + + + + +

              2.16.840.1.113730.3.4.13

              Index: configtab_chaindb5.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_chaindb5.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_chaindb5.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_chaindb5.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -59,11 +59,11 @@
            • -Timeout before abandon. The number of seconds that pass before the server checks for abandon operations. The default value is 10 second The range is 0 to 2147483647. +Timeout before abandon. The number of seconds that pass before the server checks for abandon operations. The default value is 1 second The range is 0 to 2147483647.
            • -Maximum LDAP connection(s). Maximum number of LDAP connections the database link establishes with the remote server. The default value is 10 connections. The range is 1 to 50. +Maximum LDAP connection(s). Maximum number of LDAP connections the database link establishes with the remote server. The default value is 20 connections. The range is 1 to 50.
            • @@ -71,7 +71,7 @@
            • -Maximum operations per connection. Maximum number of outstanding operations per connection. The default value is 10 operations per second. The range is 0 to 50. +Maximum operations per connection. Maximum number of outstanding operations per connection. The default value is 2 operations per second. The range is 0 to 50.
            • Index: configtab_db2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_db2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_db2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_db2.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -11,6 +11,11 @@

              +User Password Change +

              + +
                +

                User must change password after reset. When selected, users must change their passwords when they first log in or after the administrator resets the passwords.

                @@ -29,8 +34,13 @@

                Remember X passwords. If the server is keeping a password history, this option specifies how many old passwords the server should store in the history list. The valid value range is from 2 to 24. The default value is 6.

                +

              +Password Expiration +

              +
                +

                Password never expires. Select this if you do not require users to change their passwords periodically.

                @@ -51,37 +61,80 @@

                -Allow up to X login attempt(s) after password expires. Indicates the number of grace logins permitted after a user's password has expired. Grace logins are not permitted by default. +Allow up to X attempt(s) after password expires. Indicates the number of grace logins permitted after a user's password has expired. Grace logins are not permitted by default.

                +

              +Password Syntax +

              +
                +

                Check password syntax. Select this checkbox to enforce password syntax checking. Syntax checking ensures that the password strings conform to the syntax guidelines, such as minimum password length.

                -Password minimum length. If syntax checking is on, this option specifies the minimum number of characters that must be used in directory server passwords. The valid value range is from 2 to 512 characters. The default value is 6. +Password minimum length. If syntax checking is on, this option specifies the minimum number of characters that must be used in directory server passwords. The valid value range is from 2 to 512 characters. The default value is 8. +

                + +

                +Minimum required digit characters. If syntax checking is on, this option specifies the minimum number of digit characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

                + +

                +Minimum required alpha characters. If syntax checking is on, this option specifies the minimum number of alpha characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

                + +

                +Minimum required uppercase characters. If syntax checking is on, this option specifies the minimum number of uppercase characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

                + +

                +Minimum required lowercase characters. If syntax checking is on, this option specifies the minimum number of lowercase characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

                + +

                +Minimum required special characters. If syntax checking is on, this option specifies the minimum number of special characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

                + +

                +Minimum required 8-bit characters. If syntax checking is on, this option specifies the minimum number of 8-bit characters that must be used in directory server passwords. The valid value range is from 0 to 64 characters. The default value is 0. +

                + +

                +Maximum number of repeated characters. If syntax checking is on, this option specifies the maximum number of repeated characters that is allowed to used in directory server passwords. The valid value range is from 0 to 64 characters. If 0 is set, the server does not check the repeated characters. The default value is 0. +

                + +

                +Minimum required character categories. If syntax checking is on, this option specifies the minimum number of character categories that must be used in directory server passwords. The valid value range is from 1 to 5 characters. The default value is 3. +

                + +

                +Minimum token length. If syntax checking is on, this option specifies the minimum token length that must be used in directory server passwords. The valid value range is from 1 to 64 characters. The default value is 3.

                +

              Password encryption. Identifies how user passwords are stored in the directory. You can specify one of the following encryption formats:

                -
              • -Salted Secure Hashing Algorithm (SSHA). This method is recommended as the most secure. SSHA is the default encryption method. -
                • - -
              • -UNIX crypt algorithm (CRYPT). Provided for compatibility with UNIX passwords. -
                • - -
              • -Secure Hashing Algorithm (SHA). A one-way has algorithm that is the default encryption schema in Directory Server 4.x. -
                • - -
              • -No encryption (CLEAR). This encryption type indicates that the password will appear in plain text. -
                • +

                +Salted Secure Hashing Algorithm (SSHA). This method is recommended as the most secure. SSHA is the default encryption method. +

                + +

                +UNIX crypt algorithm (CRYPT). Provided for compatibility with UNIX passwords. +

                + +

                +Secure Hashing Algorithm (SHA, SHA256, SHA384, SHA512). One-way hash algorithms. +

                + +

                +No encryption (CLEAR). This encryption type indicates that the password will appear in plain text. +

                +

              Index: configtab_db5.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_db5.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_db5.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_db5.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -15,10 +15,6 @@

              -Maximum entries in cache. Maximum number of entries stored in the database cache for processing client search requests. A value of -1 indicates no limit. For performance tuning purposes. -

              - -

              Memory available for cache. Maximum memory available to the database for storing cached entries, in bytes. For performance tuning purposes.

              Index: configtab_ldbmdb.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_ldbmdb.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_ldbmdb.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_ldbmdb.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -7,11 +7,12 @@

              -Suffix Name. This field appears only when you create a new database in an existing suffix. Gives the name of the suffix contained by the database. +Database information. Use these options to specify the database name and location.

              +

                -Database information. Use these options to specify the database name and location. +Suffix Name. This field appears only when you create a new database in an existing suffix. Gives the name of the suffix contained by the database.

                @@ -21,3 +22,4 @@

                Create database in. Enter the full path to the location on your machine where you want the new database to reside. Click Browse to locate a directory.

                +
              Index: configtab_maptree.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_maptree.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_maptree.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_maptree.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -18,6 +18,7 @@ Suffix request processing. These options help you configure how requests from client applications are managed by this suffix.

              +

                Use the Databases. Select this option if you want the databases and database links to be used for processing all requests made by client applications.

                @@ -29,3 +30,4 @@

                Return Referrals for Update Operations. Select this option to return a referral only during update requests. This is useful for redirecting client requests made to read-only databases.

                +
              Index: configtab_maptree4.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_maptree4.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_maptree4.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_maptree4.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -7,9 +7,10 @@

              -Enter a new referral. Enter a referral in LDAP URL format, or click Construct to be guided through the process. Click Add to add the referral to the list. +Current referrals for this suffix. Lists the referrals currently in place for this suffix. The entire list of referrals is returned to client applications in response to a request, when you select Referral or Referral on Update in the Suffix Settings tab. Click Delete to remove a referral from the list.

              -Current referrals for this suffix. Lists the referrals currently in place for this suffix. The entire list of referrals is returned to client applications in response to a request, when you select Referral or Referral on Update in the Suffix Settings tab. Click Delete to remove a referral from the list. +Enter a new referral. Enter a referral in LDAP URL format, or click Construct to be guided through the process. Click Add to add the referral to the list.

              + Index: configtab_rootnode6.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_rootnode6.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_rootnode6.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_rootnode6.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -24,7 +24,7 @@
            • -Secure Hashing Algorithm (SHA). A one-way has algorithm that is the default encryption schema in Directory Server 4.x. +Secure Hashing Algorithm (SHA, SHA256, SHA384, SHA512) One-way hash algorithms.
            • Index: configtab_rootnode7.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_rootnode7.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_rootnode7.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_rootnode7.html 19 Nov 2007 18:21:38 -0000 1.2 @@ -12,20 +12,34 @@
              • +

                Name. The name of the SASL identity. +

                +

              • +

                Regular Expression. A regular expression that maps the SASL identity. +

                +

              • +

                Search Base DN. The base DN for the SASL mapping identity search. +

              • +

                Search Filter. The search filter for the SASL mapping identity search. +

                • + +

                +Kerberos uid mapping, rfc 2829 dn syntax, rfc 2829 u syntax, and uid mapping are configured by default. +

              From fedora-directory-commits at redhat.com Mon Nov 19 19:23:31 2007 From: fedora-directory-commits at redhat.com (Jack Magne (jmagne)) Date: Mon, 19 Nov 2007 14:23:31 -0500 Subject: [Fedora-directory-commits] esc/src/app/xul/esc/chrome/content/esc ESC.js, 1.13, 1.13.4.1 Message-ID: <200711191923.lAJJNVlO015778@cvs-int.fedora.redhat.com> Author: jmagne Update of /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15660 Modified Files: Tag: RHPKI_7_3_BRANCH ESC.js Log Message: Add code to read a global phone home pref under strict circumstances. Bug#352991. Index: ESC.js =================================================================== RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/ESC.js,v retrieving revision 1.13 retrieving revision 1.13.4.1 diff -u -r1.13 -r1.13.4.1 --- ESC.js 5 Apr 2007 18:39:52 -0000 1.13 +++ ESC.js 19 Nov 2007 19:23:29 -0000 1.13.4.1 @@ -51,6 +51,8 @@ const ESC_FACE_TO_FACE_MODE = "esc.face.to.face.mode"; const ESC_SECURITY_URL="esc.security.url"; const ESC_SECURE_URL="esc.secure.url"; +const ESC_GLOBAL_PHONE_HOME_URL= "esc.global.phone.home.url"; +const SPECIAL_ATR="3B769400FF6276010000"; const CLEAN_TOKEN = "cleanToken"; const UNINITIALIZED = 1; @@ -280,6 +282,11 @@ return true; } + //Check for special key since we have no phone home info. + + + home = GetGlobalPhoneHomeUrl(keyType,keyID); + var homeRes = false; @@ -291,8 +298,9 @@ // Launch the config dialog only if we can't // Phone Home and we are not in the special security mode + // or if we are not using a special key - if(!homeRes && !CheckForSecurityMode()) + if(!homeRes && !CheckForSecurityMode() ) { recordMessage("About to launch CONFIG , non secmode..."); @@ -301,6 +309,48 @@ return homeRes; } + +//Get global phone home url only for a special key + +function GetGlobalPhoneHomeUrl(keyType,keyID) +{ + + var globalIssuerURL=null; + var specialATR=SPECIAL_ATR; + var phonHomeURL= DoCoolKeyGetATR(keyType,keyID); + + var specialAppletVerMaj=1; + var specialAppletVerMin=1; + + + var appletVerMaj = DoGetCoolKeyGetAppletVer(keyType, keyID , true); + var appletVerMin = DoGetCoolKeyGetAppletVer(keyType, keyID, false); + + if( (appletVerMaj != specialAppletVerMaj) || + ( appletVerMin != specialAppletVerMin)) { + + return null; + } + + var keyATR = DoCoolKeyGetATR(keyType,keyID); + + if( keyATR != specialATR) { + + return null; + + } + + globalIssuerURL = DoCoolKeyGetConfigValue(ESC_GLOBAL_PHONE_HOME_URL); + + if(globalIssuerURL==null) { + return null; + } + + return globalIssuerURL; + +} + + //Test Phone Home url in config UI function DoPhoneHomeTest() From fedora-directory-commits at redhat.com Tue Nov 20 17:35:11 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Tue, 20 Nov 2007 12:35:11 -0500 Subject: [Fedora-directory-commits] directoryconsole/help/en/help configtab_replication.html, 1.1, 1.2 configtab_replication2.html, 1.1, 1.2 configtab_replication3.html, 1.1, 1.2 configtab_replication8.html, 1.1, 1.2 replication_wizard.html, 1.1, 1.2 replication_wizard4.html, 1.1, 1.2 replication_wizard6.html, 1.1, 1.2 synchronization_wizard2.html, 1.1, 1.2 Message-ID: <200711201735.lAKHZBVh002338@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/directoryconsole/help/en/help In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv2062/help Modified Files: configtab_replication.html configtab_replication2.html configtab_replication3.html configtab_replication8.html replication_wizard.html replication_wizard4.html replication_wizard6.html synchronization_wizard2.html Log Message: Resolves: #379191 Summary: Online help: Directory Console (ds-console) (Comment #8) Description: help pages referred from Directory Console | Configuration Tab | Replication tree 1) format change (added indentation for grouping). 2) eliminated "serverRoot" as well as obsolete descriptions. 3) repl/win-sync agreement summary panel is shared. added notes on both. Index: configtab_replication.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_replication.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_replication.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_replication.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -11,13 +11,19 @@

              +Authentication +

              + +
                +

                Supplier DN. Use this field to specify the distinguished name that any supplier server must use to bind to this consumer server to send replication updates. The supplier DN must correspond to an entry that is stored on the consumer server. This entry must not be part of the replicated database.

                -New supplier password. If a password is specified, the supplier server uses this password to bind to the consumer server. +New supplier password (min 8 char). If a password is specified, the supplier server uses this password to bind to the consumer server. Minimum 8 characters.

                Confirm new supplier password. Confirms that the password entered in the "New supplier password" field is correct.

                +
              Index: configtab_replication2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_replication2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_replication2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_replication2.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -11,15 +11,20 @@

              +Replication Changelog +

              + +
                +

                Changelog database directory. The directory in which the supplier server stores the change log.

                -Browse. If you want the server to display a file selector so that you can select a directory for storing the change log database, click this button. +Browse (button). If you want the server to display a file selector so that you can select a directory for storing the change log database, click this button.

                -Use default. If you want the server to suggest a default path name for the change log database, click this button. +Use default (button). If you want the server to suggest a default path name for the change log database, click this button.

                @@ -29,6 +34,7 @@

                Max changelog age. When an entry in the change log reaches the age specified here, the server removes the entry from the change log. If you select the Unlimited checkbox, the server does not remove entries from the change log based on age.

                +

              To remove a change log database that has grown too big, you must manually delete it. Index: configtab_replication3.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_replication3.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_replication3.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_replication3.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -11,6 +11,11 @@

              +Replica Role. Select one of the replica roles +

              + +
                +

                Single Master. Select this radio button if you want this Directory Server to act as the single supplier server for this database.

                @@ -25,13 +30,19 @@

                Dedicated Consumer. Select this radio button if you want this Directory Server to accept updates from a supplier server. A dedicated consumer can service search operations but not update operations. Update operations will be referred to a supplier server.

                +

              -Replica ID. An integer between 1 and 255 that identifies the replica. The replica IDs of the master replicas must be unique. In other words, master replicas involved in the same multi-master configuration must have different replica IDs. However, two master replicas (corresponding to different suffixes) on the same server can have the same replica ID. +Common Settings.

              +

                -If the ID is incorrect, the field labels turn red and the Save button is disabled. +Replica ID. An integer between 1 and 255 that identifies the replica. The replica IDs of the master replicas must be unique. In other words, master replicas involved in the same multi-master configuration must have different replica IDs. However, two master replicas (corresponding to different suffixes) on the same server can have the same replica ID. +

                + +

                +If the ID is incorrect, the field labels turn red and the Save button is disabled. Dedicated Consumer does not require Replica ID.

                @@ -41,11 +52,18 @@

                Updatable by a 4.x Replica. Check this checkbox if you want this Directory Server to act as a legacy consumer of a 4.x supplier server.

                +
              + +

              +Update Settings. +

              +

                -Current Supplier DNs. This field lists the supplier bind DNs that supplier servers must use to update this replica. You can now specify multiple supplier bind DNs per replica, but only one supplier DN per replication agreement. Use the "Enter a new Supplier DN" field to specify a new supplier DN and click Add to add it to this list. If you have configured replication over SSL, specify the DN of the entry that contains the supplier's certificate in the "Enter a new Supplier DN" field and click Add to add it to this list. +Current Supplier DNs. This field lists the supplier bind DNs that supplier servers must use to update this replica. You can now specify multiple supplier bind DNs per replica, but only one supplier DN per replication agreement. Use the "Enter a new Supplier DN" field to specify a new supplier DN and click Add to add it to this list. If you have configured replication over SSL, specify the DN of the entry that contains the supplier's certificate in the "Enter a new Supplier DN" field and click Add to add it to this list.

                Current URLs for referrals (Optional). Directory Server uses the information contained in the replication agreement to create referrals from the consumer server to the appropriate supplier servers. This field lists the URLs you specify in addition to the automatic URLs which will be set up automatically. If you want the consumer to return an ldaps:// URL, so that clients will bind to the supplier servers using SSL, enter the URL in the "Enter a new URL" field and click Add to add it to this list of current URLs. In the same way, if you have a cascading replication scenario and you want the referral returned to clients to point to the original supplier instead of the hub supplier, enter the corresponding URL in the "Enter a new URL" field and click Add to add it to this list of current URLs.

                +
              Index: configtab_replication8.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_replication8.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_replication8.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_replication8.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -7,9 +7,5 @@

              -LDIF file (on remote machine). Enter the full path to the LDIF file. Click Browse to locate it on your machine. By default, if you are running the console locally, the file is stored in the current directory. -

              - -

              -When the Browse button is not enabled, by default the file is stored in the serverRoot/slapd-serverID/ldif +LDIF file. Enter the full path to the LDIF file. Or click Browse to locate it on your machine.

              Index: replication_wizard.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/replication_wizard.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- replication_wizard.html 13 Aug 2007 22:28:09 -0000 1.1 +++ replication_wizard.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -11,13 +11,14 @@

              -Consumer. Select the consumer server in the replication agreement from this drop-down menu. To ensure that all servers in your deployment appear in this drop-down menu, you must bind as Administrator. If the consumer server you want still does not appear in the list, click Other to enter the host and port of the consumer. +Consumer. Select the consumer server in the replication agreement from this drop-down menu. To ensure that all servers in your deployment appear in this drop-down menu, you must bind as Administrator. If the consumer server you want still does not appear in the list, click Other button to enter the host and port of the consumer.

              -Other. Click this button to manually enter the host and port of a consumer server +Connection

              +

                Using Encrypted SSL Connection. If you want the supplier and consumer servers to use SSL for secure communication, select this checkbox. To use this option, you must have first configured your servers to use SSL.

                @@ -51,6 +52,7 @@

                Password. If you are not using SSL, or you are using SSL with simple authentication, enter the Supplier DN password in the Password field.

                +

              Subtree. Identifies the content to be replicated. Index: replication_wizard4.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/replication_wizard4.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- replication_wizard4.html 13 Aug 2007 22:28:09 -0000 1.1 +++ replication_wizard4.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -7,5 +7,11 @@

              +Replication agreement wizard. If you selected "Initialize Consumer Now" in the Initialize Consumer dialog box, the consumer is initialized immediately. Synchronization begins immediately.

              + +

              +Windows Sync Agreement wizard. +The server creates the synchronization agreement and dismisses the synchronization wizard. Synchronization begins immediately. +

              Index: replication_wizard6.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/replication_wizard6.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- replication_wizard6.html 13 Aug 2007 22:28:09 -0000 1.1 +++ replication_wizard6.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -11,17 +11,17 @@

              -Add All. If any or all attributes have been moved to the "Excluded" column on the left, selecting this button will move them back to the "Included" column. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected. +Add All (button). If any or all attributes have been moved to the "Excluded" column on the left, selecting this button will move them back to the "Included" column. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected.

              -Add ->.  This button will move the highlight entry/entries from the "Excluded" column on the left to the "Included" column on the right. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected. +Add -> (button).  This button will move the highlight entry/entries from the "Excluded" column on the left to the "Included" column on the right. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected.

              -<- Remove. This button will move the highlight entry/entries from the "Included" column on the right to the "Excluded" column on the left. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected. +<- Remove (button). This button will move the highlight entry/entries from the "Included" column on the right to the "Excluded" column on the left. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected.

              -Remove All. This button will move all the attributes from the "Included" column to the "Excluded" column. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected. +Remove All (button). This button will move all the attributes from the "Included" column to the "Excluded" column. This button is grayed out unless the "Enable Fractional Replication" checkbox is selected.

              Index: synchronization_wizard2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/synchronization_wizard2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- synchronization_wizard2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ synchronization_wizard2.html 20 Nov 2007 17:35:08 -0000 1.2 @@ -11,6 +11,11 @@

              +Windows Domain Information +

              + +
                +

                Windows Domain Name. This is the name of the Windows domain that contains the Windows subtree which you are synchronizing with the Directory Server subtree. For example: example.com

                @@ -19,6 +24,10 @@

                +Sync New Windows Groups. Check this checkbox if you want to add new Windows groups automatically to the Directory Server. +

                + +

                Windows Subtree. This is the Windows subtree which you are synchronizing with the Directory Server subtree. If the subtree which you are synchronizing is ou=People, than the Windows subtree is set by default to cn=Users, and the remaining information is supplied by the Windows domain information.

                @@ -33,7 +42,13 @@

                Port Num. The Windows domain controller port number. By default, this is 389; this is automatically reset to 636 if you check the "Using encrypted SSL connection" checkbox (even if you had previously set a different value).

                +
              + +

              +Connection +

              +

                Using Encrypted SSL Connection. If you want the Directory Server and Windows servers to use SSL for secure communication, select this checkbox. To use this option, you must have first configured your servers to use SSL. It is strongly recommended that you use an SSL connection. Passwords will not be synchronized if you do not enable SSL.

                @@ -45,6 +60,7 @@

                Password. Enter the supplier DN password in the Password field.

                +

              When you are creating a new synchronization agreement from the Replication folder, you can choose the subtree you want to synchronize. If you are creating a new synchronization agreement from a database under the Replication folder, the subtree is the same as that contained by the database and cannot be changed. From fedora-directory-commits at redhat.com Tue Nov 20 18:32:08 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Tue, 20 Nov 2007 13:32:08 -0500 Subject: [Fedora-directory-commits] directoryconsole/help/en/help configtab_logs.html, 1.1, 1.2 configtab_logs2.html, 1.1, 1.2 configtab_logs3.html, 1.1, 1.2 configtab_plugins.html, 1.1, 1.2 configtab_schema.html, 1.1, 1.2 configtab_schema2.html, 1.1, 1.2 configtab_schema3.html, 1.1, 1.2 configtab_schema4.html, 1.1, 1.2 configtab_schema5.html, 1.1, 1.2 Message-ID: <200711201832.lAKIW8Rm013368@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/directoryconsole/help/en/help In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13335 Modified Files: configtab_logs.html configtab_logs2.html configtab_logs3.html configtab_plugins.html configtab_schema.html configtab_schema2.html configtab_schema3.html configtab_schema4.html configtab_schema5.html Log Message: Resolves: 379191 Summary: Corrected formatting and path issues in online help files. Index: configtab_logs.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_logs.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_logs.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_logs.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -15,11 +15,7 @@

              -Log File. Contains the full path and name of the access log file. By default, the value is: -

              - -

              -serverRoot/slapd-serverID/logs/access +Log File. Contains the full path and name of the access log file.

              Index: configtab_logs2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_logs2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_logs2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_logs2.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -15,12 +15,7 @@

              -Log File. Contains the full path and filename of the error log. By default, the value is: -

              - -

              -serverRoot/slapd-serverID/logs/errors - +Log File. Contains the full path and filename of the error log.

              @@ -48,7 +43,7 @@

              -Maximum number of logs. The number of logs to archive per directory. The default value is 1 log, meaning that the server does not rotate the log and it grows indefinitely. +Maximum number of logs. The number of logs to archive per directory.

              Index: configtab_logs3.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_logs3.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_logs3.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_logs3.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -15,11 +15,7 @@

              -Log File. Contains the full path and name of the audit log. By default, the value is: -

              - -

              -serverRoot/slapd-serverID/logs/audit +Log File. Contains the full path and name of the audit log.

              Index: configtab_plugins.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_plugins.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_plugins.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_plugins.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -35,7 +35,7 @@

              -Plug-in module path. Gives the name and path of the shared object or dynamic link library that contains the plug-in. +Plug-in module path. Gives the name and path of the shared object that contains the plug-in. The path and shared object suffix can be omitted if the plug-in is in the server's default plug-in directory.

              Index: configtab_schema.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_schema.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_schema.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_schema.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -3,7 +3,7 @@

              -Use this tab to view information about all object classes that currently exist in your directory schema. You can also delete an object class that you have created using this tab. You cannot edit or delete standard object classes. +Use this tab to view information about all object classes that currently exist in your directory schema as well as create new object classes. You can also edit or delete an object class that you have created using this tab. You cannot edit or delete standard object classes.

              Index: configtab_schema2.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_schema2.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_schema2.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_schema2.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -1,5 +1,5 @@

              -Create Object Class +Create/Edit Object Class

              Index: configtab_schema3.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_schema3.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_schema3.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_schema3.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -10,7 +10,7 @@ Standard Attributes (Read-Only). The Standard Attributes table lists all standard attributes along with their OIDs and corresponding attribute syntax. The alphabetical listing of all available attributes helps you determine whether or not you need to create a new attribute. The information in the table is defined below.

              -
                +
                • Name—The unique name of the attribute.
                  • Index: configtab_schema4.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_schema4.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_schema4.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_schema4.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -1,5 +1,5 @@

                  -Create Attribute Dialog Box +Create/Edit Attribute

                  @@ -23,7 +23,7 @@

                  -Syntax. Select a syntax that describes the data to be held by the attribute. Available syntaxes are Integer, IA5String, Case Exact String, Case Ignore String, URI, GeneralizedTime, DistinguishedName (DN), TelephoneNumber, Boolean, Binary, DirectoryString, CountryName, PostalAddress, and Octet String. The default value is DirectoryString. +Syntax. Select a syntax that describes the data to be held by the attribute.

                  Index: configtab_schema5.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_schema5.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_schema5.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_schema5.html 20 Nov 2007 18:32:06 -0000 1.2 @@ -26,7 +26,7 @@ The possible name types include:

                  -
                    +
                    • caseIgnoreOrderingMatch-(Lang)
                      • From fedora-directory-commits at redhat.com Wed Nov 21 02:00:45 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Tue, 20 Nov 2007 21:00:45 -0500 Subject: [Fedora-directory-commits] directoryconsole/help/en/help configtab_db7.html, 1.1, 1.2 configtab_db8.html, 1.1, 1.2 configtab_db9.html, 1.1, 1.2 Message-ID: <200711210200.lAL20j5Q009970@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/directoryconsole/help/en/help In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9739 Modified Files: configtab_db7.html configtab_db8.html configtab_db9.html Log Message: Resolves: #379191 Summary: Online help: Directory Console (ds-console) (Comment #12) Description: cvs diffs (help pages referred from Directory Console | Configuration Tab | top Console menu) 1) adjusted the text, e.g., "From local machine" to "on console machine". 2) added missing items Index: configtab_db7.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_db7.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_db7.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_db7.html 21 Nov 2007 02:00:41 -0000 1.2 @@ -1,5 +1,5 @@

                      -Import +Initialize Databases

                      @@ -11,13 +11,26 @@

                      -The following two options apply only if you operate the console from a machine remote to the server containing the LDIF file. +on console machine. +Select this radio button to initialize the database with a file on the local machine. +This option is not visible if you are running Directory Server Console on the directory's host. +By default, the console looks for a file stored in the current directory.

                      -From local machine. Select this radio button to indicate that the LDIF file is located on the local server. By default, the console looks for a file stored in the current directory. +on server machine. +Select this radio button to initialize the database with a file on the server's host machine. +This option is not visible if you are running Directory Server Console on the directory's host.

                      -From server machine. Select this radio button to indicate that the LDIF file is located on a remote server. By default, the console looks for the file in the following directory: /opt/productID/slapd-serverID/ldif. +Database Name. Backend database name +

                      + +

                      +Suffix of the Database. Suffix of the database +

                      + +

                      +Initialize Database. Select database to initialize with the LDIF file

                      Index: configtab_db8.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_db8.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_db8.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_db8.html 21 Nov 2007 02:00:41 -0000 1.2 @@ -10,16 +10,11 @@ LDIF file. Enter the full path to the LDIF file you want to import. Click Browse to locate it on your machine.

                      -

                      -If you are operating the console from a machine remote to the server containing the LDIF file, select one of the following options: -

                      +on console machine. +Select this radio button to initialize the database with a file on the local machine. +This option is not visible if you are running Directory Server Console on the directory's host. +By default, the console looks in the current directory for the LDIF file. -
                        -
                      • -From local machine. Indicates that the LDIF file is located on the local server. By default, the console looks in the current directory for the LDIF file. -
                        • - -
                      • -From server machine. Indicates that the LDIF file is located on a remote server. -
                        • -
                      +on server machine. +Select this radio button to initialize the database with a file on the server's host machine. +This option is not visible if you are running Directory Server Console on the directory's host. Index: configtab_db9.html =================================================================== RCS file: /cvs/dirsec/directoryconsole/help/en/help/configtab_db9.html,v retrieving revision 1.1 retrieving revision 1.2 diff -u -r1.1 -r1.2 --- configtab_db9.html 13 Aug 2007 22:28:09 -0000 1.1 +++ configtab_db9.html 21 Nov 2007 02:00:41 -0000 1.2 @@ -11,11 +11,12 @@

                      -To Local Machine. Choose this option to export the database to a local file. This option is not visible if you are running Directory Server Console on the directory's host. +on console machine. Choose this option to export the database to a local file. This option is not visible if you are running Directory Server Console on the directory's host.

                      -To Server Machine. Choose this option to export the database to a file on the server's host machine. If you choose this option, you cannot Browse to select a different file. This option is not visible if you are running Directory Server Console on the directory's host. +on server machine. +Choose this option to export the database to a file on the server's host machine. If you choose this option, you cannot Browse to select a different file. This option is not visible if you are running Directory Server Console on the directory's host.

                      From fedora-directory-commits at redhat.com Wed Nov 21 16:54:48 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Wed, 21 Nov 2007 11:54:48 -0500 Subject: [Fedora-directory-commits] console/src/com/netscape/management/client Framework.java, 1.4, 1.5 default.properties, 1.8, 1.9 Message-ID: <200711211654.lALGsmDs007940@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/console/src/com/netscape/management/client In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7916/src/com/netscape/management/client Modified Files: Framework.java default.properties Log Message: Resolves: 393461 Summary: Move documentation home link to theme package. Index: Framework.java =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/Framework.java,v retrieving revision 1.4 retrieving revision 1.5 diff -u -r1.4 -r1.5 --- Framework.java 2 Jul 2007 18:49:16 -0000 1.4 +++ Framework.java 21 Nov 2007 16:54:46 -0000 1.5 @@ -797,7 +797,8 @@ { // Launch a browser Browser browser = new Browser(); - boolean res = browser.open(i18n("menu", "HelpDocHome"), Browser.NEW_WINDOW); + boolean res = browser.open(_resource_theme.getString("menu", "HelpDocHome"), + Browser.NEW_WINDOW); } else Debug.println("Unrecognized Help Menu ID: " + menuID); Index: default.properties =================================================================== RCS file: /cvs/dirsec/console/src/com/netscape/management/client/default.properties,v retrieving revision 1.8 retrieving revision 1.9 diff -u -r1.8 -r1.9 --- default.properties 26 Jul 2007 15:53:02 -0000 1.8 +++ default.properties 21 Nov 2007 16:54:46 -0000 1.9 @@ -64,7 +64,6 @@ menu-HelpIndex=&Index menu-HelpWebHelp=Web-based &Resources menu-HelpSuiteSpot=Documentation &Home -menu-HelpDocHome=directory.fedora.redhat.com menu-HelpBookshelf=&Bookshelf menu-HelpAbout=&About... From fedora-directory-commits at redhat.com Wed Nov 21 16:55:23 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Wed, 21 Nov 2007 11:55:23 -0500 Subject: [Fedora-directory-commits] fedora-idm-console/com/netscape/management/client/theme theme.properties, 1.1.1.1, 1.2 Message-ID: <200711211655.lALGtNVe007989@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/fedora-idm-console/com/netscape/management/client/theme In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7955/com/netscape/management/client/theme Modified Files: theme.properties Log Message: Resolves: 393461 Summary: Move documentation home link to theme package. Index: theme.properties =================================================================== RCS file: /cvs/dirsec/fedora-idm-console/com/netscape/management/client/theme/theme.properties,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- theme.properties 1 Aug 2007 23:08:51 -0000 1.1.1.1 +++ theme.properties 21 Nov 2007 16:55:20 -0000 1.2 @@ -31,5 +31,4 @@ CertInstallTypePage-defaultServerName=Fedora Server CertInstallTypePage-defaultSIE=Fedora Server Instance - - +menu-HelpDocHome=http://directory.fedoraproject.org From fedora-directory-commits at redhat.com Wed Nov 21 20:27:40 2007 From: fedora-directory-commits at redhat.com (Richard Allen Megginson (rmeggins)) Date: Wed, 21 Nov 2007 15:27:40 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src/scripts DSDialogs.pm, 1.5, 1.6 Util.pm.in, 1.12, 1.13 setup-ds.res.in, 1.11, 1.12 Message-ID: <200711212027.lALKReYN019212@cvs-int.fedora.redhat.com> Author: rmeggins Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19191/ldapserver/ldap/admin/src/scripts Modified Files: DSDialogs.pm Util.pm.in setup-ds.res.in Log Message: Resolves: bug 371771 Bug Description: '.' (dot) in the server ID Reviewed by: nkinder (Thanks!) Fix Description: Remove . and , from the characters allowed in the server ID. Also use the more descriptive error message. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no QA impact: should be covered by regular nightly and manual testing New Tests integrated into TET: none Index: DSDialogs.pm =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/DSDialogs.pm,v retrieving revision 1.5 retrieving revision 1.6 diff -u -r1.5 -r1.6 --- DSDialogs.pm 15 Aug 2007 22:04:31 -0000 1.5 +++ DSDialogs.pm 21 Nov 2007 20:27:38 -0000 1.6 @@ -99,9 +99,9 @@ my $res = $DialogManager::SAME; my $path = $self->{manager}->{setup}->{configdir} . "/slapd-" . $ans; if (!isValidServerID($ans)) { - $self->{manager}->alert("dialog_dsserverid_error", $ans); + $self->{manager}->alert("error_invalid_serverid", $ans); } elsif (-d $path) { - $self->{manager}->alert("dialog_dsserverid_inuse", $ans); + $self->{manager}->alert("error_server_already_exists", $path); } else { $res = $DialogManager::NEXT; $self->{manager}->{inf}->{slapd}->{ServerIdentifier} = $ans; Index: Util.pm.in =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/Util.pm.in,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- Util.pm.in 14 Sep 2007 02:41:13 -0000 1.12 +++ Util.pm.in 21 Nov 2007 20:27:38 -0000 1.13 @@ -107,7 +107,7 @@ sub isValidServerID { my $servid = shift; - my $validchars = '#%,.:\w at _-'; + my $validchars = '#%:\w at _-'; return $servid =~ /^[$validchars]+$/o; } Index: setup-ds.res.in =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/setup-ds.res.in,v retrieving revision 1.11 retrieving revision 1.12 diff -u -r1.11 -r1.12 --- setup-ds.res.in 11 Oct 2007 14:10:00 -0000 1.11 +++ setup-ds.res.in 21 Nov 2007 20:27:38 -0000 1.12 @@ -108,7 +108,7 @@ program, or low port restriction. Please choose another value for\ ServerPort. Error: $!\n error_invalid_serverid = The ServerIdentifier '%s' contains invalid characters. It must\ -contain only alphanumeric characters and the following: #%,.:@_-\n +contain only alphanumeric characters and the following: #%:@_-\n\n error_opening_scripttmpl = Could not open the script template file '%s'. Error: %s\n error_creating_directory = Could not create directory '%s'. Error: %s\n error_chowning_directory = Could not change ownership of directory '%s' to userid '%s': Error: %s\n From fedora-directory-commits at redhat.com Tue Nov 27 16:55:51 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Tue, 27 Nov 2007 11:55:51 -0500 Subject: [Fedora-directory-commits] adminserver/admserv/cgi-src40 security.c, 1.13, 1.14 Message-ID: <200711271655.lARGtpc4027977@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/adminserver/admserv/cgi-src40 In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv27940 Modified Files: security.c Log Message: Resolves: 370071 Summary: Fixed malloc issue when importing a CRL. Index: security.c =================================================================== RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v retrieving revision 1.13 retrieving revision 1.14 diff -u -r1.13 -r1.14 --- security.c 14 Nov 2007 23:42:43 -0000 1.13 +++ security.c 27 Nov 2007 16:55:49 -0000 1.14 @@ -1571,7 +1571,7 @@ *end = '\0'; /* don't copy the header */ - DERCert = (char*)PORT_ZAlloc(PORT_Strlen(begin - headerlen + 1)); + DERCert = (char*)PORT_ZAlloc(PORT_Strlen(begin) - headerlen + 1); strcpy(DERCert, (begin + headerlen)); if ( SECFailure == ATOB_ConvertAsciiToItem(&derCrl, DERCert) ) { From fedora-directory-commits at redhat.com Wed Nov 28 17:21:42 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 28 Nov 2007 12:21:42 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/tools dbscan.c, 1.18, 1.19 Message-ID: <200711281721.lASHLgFg025509@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/tools In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv25334 Modified Files: dbscan.c Log Message: Resolves: #345671 Summary: clu test failures (Comment #7) Description: 1) Removing obsolete PATH info from Usage 2) Replacing "idl" with "ID list" following the suggestion from Doc. Index: dbscan.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/tools/dbscan.c,v retrieving revision 1.18 retrieving revision 1.19 diff -u -r1.18 -r1.19 --- dbscan.c 18 Oct 2007 00:08:34 -0000 1.18 +++ dbscan.c 28 Nov 2007 17:21:39 -0000 1.19 @@ -68,7 +68,7 @@ #if ( defined( hpux ) ) #ifdef _XOPEN_SOURCE_EXTENDED -#include /* for ntohl, et al. */ +#include /* for ntohl, et al. */ #endif #endif @@ -101,9 +101,9 @@ /* changelog ruv info. These correspond with some special csn * timestamps from cl5_api.c */ -#define ENTRY_COUNT_KEY "0000006f" /* 111 csn timestamp */ -#define PURGE_RUV_KEY "000000de" /* 222 csn timestamp */ -#define MAX_RUV_KEY "0000014d" /* 333 csn timestamp */ +#define ENTRY_COUNT_KEY "0000006f" /* 111 csn timestamp */ +#define PURGE_RUV_KEY "000000de" /* 222 csn timestamp */ +#define MAX_RUV_KEY "0000014d" /* 333 csn timestamp */ #define ONEMEG (1024*1024) @@ -708,7 +708,7 @@ } else if (strncasecmp((char *)key->data, PURGE_RUV_KEY, 8) == 0) { printf("\tpurge ruv:\n"); print_ruv(data->data); - } else if (strncasecmp((char *)key->data, MAX_RUV_KEY, 8) == 0) { + } else if (strncasecmp((char *)key->data, MAX_RUV_KEY, 8) == 0) { printf("\tmax ruv:\n"); print_ruv(data->data); } else { @@ -772,7 +772,26 @@ static void usage(char *argv0) { - printf("\n%s - scan a db file and dump the contents\n", argv0); + char *copy = strdup(argv0); + char *p0 = NULL, *p1 = NULL; + if (NULL != copy) { + /* the full path is not needed in the usages */ + p0 = strrchr(argv0, '/'); + if (NULL != p0) { + *p0 = '\0'; + p0++; + } else { + p0 = argv0; + } + p1 = strrchr(p0, '-'); /* get rid of -bin from the usage */ + if (NULL != p1) { + *p1 = '\0'; + } + } + if (NULL == p0) { + p0 = argv0; + } + printf("\n%s - scan a db file and dump the contents\n", p0); printf(" common options:\n"); printf(" -f specify db file\n"); printf(" -R dump as raw data\n"); @@ -785,21 +804,20 @@ printf(" (default %d; 40 bytes <= size <= 1048576 bytes)\n", MAX_BUFFER); printf(" -G only display index entries with more than ids\n"); - printf(" -n display idl lengths\n"); - printf(" -r display the conents of idl\n"); + printf(" -n display ID list lengths\n"); + printf(" -r display the conents of ID list\n"); printf(" -s Summary of index counts\n"); printf(" sample usages:\n"); - printf(" # set /usr/lib/:/usr/lib:/usr/lib in the library path\n"); printf(" # dump the entry file\n"); - printf(" %s -f id2entry.db\n", argv0); + printf(" %s -f id2entry.db\n", p0); printf(" # display index keys in cn.db4\n"); - printf(" %s -f cn.db4\n", argv0); + printf(" %s -f cn.db4\n", p0); printf(" # display index keys and the count of entries having the key in mail.db4\n"); - printf(" %s -r -f mail.db4\n", argv0); + printf(" %s -r -f mail.db4\n", p0); printf(" # display index keys and the IDs having more than 20 IDs in sn.db4\n"); - printf(" %s -r -G 20 -f sn.db4\n", argv0); + printf(" %s -r -G 20 -f sn.db4\n", p0); printf(" # display summary of objectclass.db4\n"); - printf(" %s -f objectclass.db4\n", argv0); + printf(" %s -f objectclass.db4\n", p0); printf("\n"); exit(1); } From fedora-directory-commits at redhat.com Wed Nov 28 18:06:17 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 28 Nov 2007 13:06:17 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src/scripts template-verify-db.pl.in, 1.9, 1.10 Message-ID: <200711281806.lASI6Hf3001958@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1822 Modified Files: template-verify-db.pl.in Log Message: Resolves: #371751 Summary: verify-db.pl : can't find dbverify Index: template-verify-db.pl.in =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/admin/src/scripts/template-verify-db.pl.in,v retrieving revision 1.9 retrieving revision 1.10 diff -u -r1.9 -r1.10 --- template-verify-db.pl.in 6 Nov 2007 18:13:57 -0000 1.9 +++ template-verify-db.pl.in 28 Nov 2007 18:06:14 -0000 1.10 @@ -169,7 +169,7 @@ my $dbdirs = getDbDir($startpoint); my $prefix = "{{DS-ROOT}}"; -$ENV{'PATH'} = "{{SERVER-DIR}}/{{PRODUCT-NAME}}-{{SERV-ID}}:$prefix at db_bindir@:$prefix/usr/bin:@db_bindir@:/usr/bin"; +$ENV{'PATH'} = "{{INST-DIR}}:$prefix at db_bindir@:$prefix/usr/bin:@db_bindir@:/usr/bin"; $ENV{'LD_LIBRARY_PATH'} = "@db_libdir@:@libdir@"; $ENV{'SHLIB_PATH'} = "@db_libdir@:@libdir@"; From fedora-directory-commits at redhat.com Wed Nov 28 19:03:44 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Wed, 28 Nov 2007 14:03:44 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd/back-ldbm ldbm_config.c, 1.12, 1.13 Message-ID: <200711281903.lASJ3ipC016750@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16565 Modified Files: ldbm_config.c Log Message: Resolves: #238649 Summary: Hide nsslapd-db-transaction Description: don't show the configuration parameter nsslapd-db-transaction in dse.ldif. Index: ldbm_config.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/back-ldbm/ldbm_config.c,v retrieving revision 1.12 retrieving revision 1.13 diff -u -r1.12 -r1.13 --- ldbm_config.c 14 Nov 2007 15:04:51 -0000 1.12 +++ ldbm_config.c 28 Nov 2007 19:03:42 -0000 1.13 @@ -1202,7 +1202,7 @@ {CONFIG_DB_LOGDIRECTORY, CONFIG_TYPE_STRING, "", &ldbm_config_db_logdirectory_get, &ldbm_config_db_logdirectory_set, CONFIG_FLAG_ALWAYS_SHOW}, {CONFIG_DB_DURABLE_TRANSACTIONS, CONFIG_TYPE_ONOFF, "on", &ldbm_config_db_durable_transactions_get, &ldbm_config_db_durable_transactions_set, CONFIG_FLAG_ALWAYS_SHOW}, {CONFIG_DB_CIRCULAR_LOGGING, CONFIG_TYPE_ONOFF, "on", &ldbm_config_db_circular_logging_get, &ldbm_config_db_circular_logging_set, 0}, - {CONFIG_DB_TRANSACTION_LOGGING, CONFIG_TYPE_ONOFF, "on", &ldbm_config_db_transaction_logging_get, &ldbm_config_db_transaction_logging_set, CONFIG_FLAG_ALWAYS_SHOW}, + {CONFIG_DB_TRANSACTION_LOGGING, CONFIG_TYPE_ONOFF, "on", &ldbm_config_db_transaction_logging_get, &ldbm_config_db_transaction_logging_set, 0}, {CONFIG_DB_CHECKPOINT_INTERVAL, CONFIG_TYPE_INT, "60", &ldbm_config_db_checkpoint_interval_get, &ldbm_config_db_checkpoint_interval_set, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE}, {CONFIG_DB_TRANSACTION_BATCH, CONFIG_TYPE_INT, "0", &dblayer_get_batch_transactions, &dblayer_set_batch_transactions, CONFIG_FLAG_ALWAYS_SHOW|CONFIG_FLAG_ALLOW_RUNNING_CHANGE}, {CONFIG_DB_LOGBUF_SIZE, CONFIG_TYPE_SIZE_T, "0", &ldbm_config_db_logbuf_size_get, &ldbm_config_db_logbuf_size_set, CONFIG_FLAG_ALWAYS_SHOW}, From fedora-directory-commits at redhat.com Thu Nov 29 23:22:21 2007 From: fedora-directory-commits at redhat.com (Nathan Kinder (nkinder)) Date: Thu, 29 Nov 2007 18:22:21 -0500 Subject: [Fedora-directory-commits] mod_admserv mod_admserv.c,1.32,1.33 Message-ID: <200711292322.lATNMLCW011489@cvs-int.fedora.redhat.com> Author: nkinder Update of /cvs/dirsec/mod_admserv In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11357 Modified Files: mod_admserv.c Log Message: Resolves: 400341 Summary: Be sure to only change admin user's password in change-sie-password. Index: mod_admserv.c =================================================================== RCS file: /cvs/dirsec/mod_admserv/mod_admserv.c,v retrieving revision 1.32 retrieving revision 1.33 diff -u -r1.32 -r1.33 --- mod_admserv.c 6 Jul 2007 18:06:19 -0000 1.32 +++ mod_admserv.c 29 Nov 2007 23:22:18 -0000 1.33 @@ -701,6 +701,9 @@ return admserv_ldap_auth_userdn_password(server, data->bindDN, data->bindPW, &ignored); } +/* The returned string is allocated from a pool in APR. Attempting to free this string + * will result in a crash. APR will deal with the cleanup itself when it cleans up the + * entire pool. */ static char * formLdapURL(LdapServerData *data, apr_pool_t *p) { @@ -1196,19 +1199,44 @@ const char* bindpw, request_rec *r) { LDAP *ld; + AdmldapInfo ldapInfo; int ldapError; char *ldapURL = NULL; const char *userDN = NULL; + char *adminDN = NULL; LDAPMod mod, *mods[2]; char *vals[2]; char *attrs[2]; int rval = 0; + int error; - /* update password for uid */ + /* We need ldapInfo to fetch the adminDN */ + ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, NULL, + "task_update_registry_server_bindpw: getting ldap info for [%s]", + configdir); + ldapInfo = admldapBuildInfo(configdir, &error); + + if (!ldapInfo) { + ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, + "task_update_registry_server_bindpw: Could not build ldap info for config in [%s]: %d", + configdir, error); + goto bailout; + } + + /* get the admin user DN */ + adminDN = admldapGetUserDN(ldapInfo, NULL); + + if (!adminDN) { + ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, + "failed to retreive admin user DN"); + goto bailout; + } + + /* update password for adminDN */ if (!(ld = openLDAPConnection(®istryServer))) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "task_update_registry_server_bindpw(): cannot connect to the Configuration Directory Server"); - return rval; + goto bailout; } userDN = apr_table_get(r->notes, RQ_NOTES_USERDN); @@ -1246,21 +1274,33 @@ mod.mod_values = vals; mods[0] = &mod; mods[1] = NULL; - if (LDAP_SUCCESS != (ldapError = ldap_modify_s(ld, userDN, mods))) { + if (LDAP_SUCCESS != (ldapError = ldap_modify_s(ld, adminDN, mods))) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "task_update_registry_server_bindpw(): ldap_modify for %s failed: %s", - userDN, ldap_err2string(ldapError)); + adminDN, ldap_err2string(ldapError)); goto bailout; } - /* update the auth_users cache */ + + /* we don't want to free this since APR allocates it from a pool. APR will take care of it */ ldapURL = formLdapURL(®istryServer, r->pool); - create_auth_users_cache_entry(uid, (char *)userDN, password, ldapURL); + + /* update the auth_users cache */ + create_auth_users_cache_entry(uid, adminDN, password, ldapURL); + + /* We only want to reset the pwd in the request if RQ_NOTES_USERDN is the admin user */ + if(strcasecmp(adminDN, userDN) == 0) { + apr_table_set(r->notes, RQ_NOTES_USERPW, password); + } rval = 1; + bailout: - closeLDAPConnection(ld); - if (NULL != ldapURL) - free(ldapURL); + if (ld) { + closeLDAPConnection(ld); + } + if (ldapInfo) { + destroyAdmldap(ldapInfo); + } return rval; } @@ -1271,12 +1311,12 @@ change_sie_password(const char *name, char *query, void* arg, request_rec *r) { FILE *f; - char *uid=NULL ,*pw=NULL, *col=NULL; + char *uid=NULL ,*pw=NULL, *col=NULL, *origpw_hash=NULL; char *newpw=query; char filename[BIG_LINE]; char inbuf[BIG_LINE]; char outbuf[64]; /* needs at least 36 bytes */ - char *origpw = (char *)apr_table_get(r->notes, RQ_NOTES_USERPW); + char *bindpw = (char *)apr_table_get(r->notes, RQ_NOTES_USERPW); int admpwd_done = 0; apr_snprintf(filename, sizeof(filename), "%s/admpw", configdir); @@ -1307,7 +1347,7 @@ return 0; } - uid = inbuf; *col=0; pw=col+1; + uid = inbuf; *col=0; origpw_hash=col+1; apr_sha1_base64(newpw, strlen(newpw), outbuf); if (!update_admpwd(configdir, uid, outbuf)) { @@ -1317,18 +1357,17 @@ } admpwd_done = 1; - if (!task_update_registry_server_bindpw(uid, strdup(newpw), origpw, r)) { + if (!task_update_registry_server_bindpw(uid, strdup(newpw), bindpw, r)) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "failed to update server bindpw"); goto recover; } - apr_table_set(r->notes, RQ_NOTES_USERPW, newpw); + return 1; recover: if (admpwd_done) { - apr_sha1_base64(origpw, strlen(origpw), outbuf); - update_admpwd(configdir, uid, outbuf); + update_admpwd(configdir, uid, origpw_hash); } return 0; } From fedora-directory-commits at redhat.com Thu Nov 29 23:58:19 2007 From: fedora-directory-commits at redhat.com (Jack Magne (jmagne)) Date: Thu, 29 Nov 2007 18:58:19 -0500 Subject: [Fedora-directory-commits] esc/src/app/xul/esc/chrome/content/esc ESC.js, 1.13.4.1, 1.13.4.2 Message-ID: <200711292358.lATNwJqD013809@cvs-int.fedora.redhat.com> Author: jmagne Update of /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv13790 Modified Files: Tag: RHPKI_7_3_BRANCH ESC.js Log Message: Actually check for the correct ATR for the special keys before using the global phone home preference, #Bug#352991. Index: ESC.js =================================================================== RCS file: /cvs/dirsec/esc/src/app/xul/esc/chrome/content/esc/ESC.js,v retrieving revision 1.13.4.1 retrieving revision 1.13.4.2 diff -u -r1.13.4.1 -r1.13.4.2 --- ESC.js 19 Nov 2007 19:23:29 -0000 1.13.4.1 +++ ESC.js 29 Nov 2007 23:58:17 -0000 1.13.4.2 @@ -52,7 +52,7 @@ const ESC_SECURITY_URL="esc.security.url"; const ESC_SECURE_URL="esc.secure.url"; const ESC_GLOBAL_PHONE_HOME_URL= "esc.global.phone.home.url"; -const SPECIAL_ATR="3B769400FF6276010000"; +const SPECIAL_ATR="3B76940000FF6276010000"; const CLEAN_TOKEN = "cleanToken"; const UNINITIALIZED = 1; @@ -258,6 +258,8 @@ recordMessage("Attempting phone home..."); +//alert("about to get IssuerUrl"); + var home = DoCoolKeyGetIssuerUrl(keyType,keyID); recordMessage("Returned IssuerURL " + home); @@ -284,9 +286,9 @@ //Check for special key since we have no phone home info. - - home = GetGlobalPhoneHomeUrl(keyType,keyID); - + if(!home) { + home = GetGlobalPhoneHomeUrl(keyType,keyID); + } var homeRes = false; @@ -325,26 +327,23 @@ var appletVerMaj = DoGetCoolKeyGetAppletVer(keyType, keyID , true); var appletVerMin = DoGetCoolKeyGetAppletVer(keyType, keyID, false); - + + if( (appletVerMaj != specialAppletVerMaj) || - ( appletVerMin != specialAppletVerMin)) { + ( appletVerMin > specialAppletVerMin)) { return null; } var keyATR = DoCoolKeyGetATR(keyType,keyID); - if( keyATR != specialATR) { + if( keyATR != specialATR) { return null; - } globalIssuerURL = DoCoolKeyGetConfigValue(ESC_GLOBAL_PHONE_HOME_URL); - if(globalIssuerURL==null) { - return null; - } return globalIssuerURL; @@ -3386,12 +3385,18 @@ function DoCoolKeyGetIssuerUrl(keyType,keyID) { var url = null; + var isMac = 0; + var agent = navigator.userAgent.toLowerCase(); //Back door for testing, ignore the value if so configured + if(agent && agent.indexOf("mac") != -1) { + isMac = 1; + } + var ignoreIssuer = DoCoolKeyGetConfigValue(ESC_IGNORE_KEY_ISSUER_INFO); - recordMessage("DoCoolKeyGetIssuerUrl ignoreIssuer: " + ignoreIssuer); + recordMessage("DoCoolKeyGetIssuerUrl agent " + agent); if(ignoreIssuer == "yes") { @@ -3403,15 +3408,19 @@ netscape.security.PrivilegeManager.enablePrivilege("UniversalXPConnect"); var tries = 0; - while(tries < 3) + while(tries < 3 ) { url = netkey.GetCoolKeyIssuerInfo(keyType, keyID); - if(url.length < 10) // Check for bogus junk + if(!isMac) { + break; + } + + if(!url || url.length < 10) // Check for bogus junk { recordMessage("Bogus url found ...."); url = null; - Sleep(150); + Sleep(250); recordMessage("Going to try again... "); } else @@ -3434,11 +3443,14 @@ { url = netkey.GetCoolKeyIssuerInfo(keyType, keyID); - if(url.length < 10) // Check for bogus junk + if(!isMac) { + break; + } + if(!url || url.length < 10) // Check for bogus junk { recordMessage("Bogus url found from exception...."); url = null; - sleep(150); + sleep(250); recordMessage("From exception. Going to try again... "); } else @@ -3446,6 +3458,11 @@ tries ++; } + if(url) + { + var issuer_config_value_exp = ConfigValueWithKeyID(keyID,KEY_ISSUER_URL); + var result_exp = DoCoolKeySetConfigValue(issuer_config_value_exp,url); + } recordMessage("From exception returning " + url); return url; } From fedora-directory-commits at redhat.com Fri Nov 30 17:23:16 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 30 Nov 2007 12:23:16 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/servers/slapd util.c, 1.15, 1.16 Message-ID: <200711301723.lAUHNGEw023492@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/servers/slapd In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv23306 Modified Files: util.c Log Message: Resolves: #316281 Summary: db2bak fails if the archive path exists and ends with '/' (Comment #8) Description: Changed the condition to normalize the path: if '.' or '/' is included in the path, normalize it. Index: util.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/util.c,v retrieving revision 1.15 retrieving revision 1.16 diff -u -r1.15 -r1.16 --- util.c 3 Oct 2007 00:55:35 -0000 1.15 +++ util.c 30 Nov 2007 17:23:13 -0000 1.16 @@ -529,8 +529,8 @@ } } retpath = slapi_ch_strdup(abspath); - /* if there's no '.', no need to call normalize_path */ - if (NULL != strchr(abspath, '.') || NULL != strstr(abspath, _PSEP2)) + /* if there's no '.' or separators, no need to call normalize_path */ + if (NULL != strchr(abspath, '.') || NULL != strstr(abspath, _PSEP)) { char **norm_path = normalize_path(abspath); char **np, *rp; From fedora-directory-commits at redhat.com Fri Nov 30 18:07:58 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 30 Nov 2007 13:07:58 -0500 Subject: [Fedora-directory-commits] ldapserver/lib/base Makefile,1.8,NONE Message-ID: <200711301807.lAUI7we2000678@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/lib/base In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv607/lib/base Removed Files: Makefile Log Message: Resolves: #237040 Summary: Remove obsolete makefiles Description: removing leftover makefiles in the lib directory ./lib/base/Makefile ./lib/libaccess/Makefile ./lib/libadmin/Makefile ./lib/libsi18n/Makefile --- Makefile DELETED --- From fedora-directory-commits at redhat.com Fri Nov 30 18:07:58 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 30 Nov 2007 13:07:58 -0500 Subject: [Fedora-directory-commits] ldapserver/lib/libaccess Makefile, 1.8, NONE Message-ID: <200711301807.lAUI7wC3000683@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/lib/libaccess In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv607/lib/libaccess Removed Files: Makefile Log Message: Resolves: #237040 Summary: Remove obsolete makefiles Description: removing leftover makefiles in the lib directory ./lib/base/Makefile ./lib/libaccess/Makefile ./lib/libadmin/Makefile ./lib/libsi18n/Makefile --- Makefile DELETED --- From fedora-directory-commits at redhat.com Fri Nov 30 18:07:58 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 30 Nov 2007 13:07:58 -0500 Subject: [Fedora-directory-commits] ldapserver/lib/libadmin Makefile, 1.11, NONE Message-ID: <200711301807.lAUI7wat000688@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/lib/libadmin In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv607/lib/libadmin Removed Files: Makefile Log Message: Resolves: #237040 Summary: Remove obsolete makefiles Description: removing leftover makefiles in the lib directory ./lib/base/Makefile ./lib/libaccess/Makefile ./lib/libadmin/Makefile ./lib/libsi18n/Makefile --- Makefile DELETED --- From fedora-directory-commits at redhat.com Fri Nov 30 18:07:59 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 30 Nov 2007 13:07:59 -0500 Subject: [Fedora-directory-commits] ldapserver/lib/libsi18n Makefile, 1.8, NONE Message-ID: <200711301807.lAUI7xmC000693@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/lib/libsi18n In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv607/lib/libsi18n Removed Files: Makefile Log Message: Resolves: #237040 Summary: Remove obsolete makefiles Description: removing leftover makefiles in the lib directory ./lib/base/Makefile ./lib/libaccess/Makefile ./lib/libadmin/Makefile ./lib/libsi18n/Makefile --- Makefile DELETED --- From fedora-directory-commits at redhat.com Fri Nov 30 18:39:10 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 30 Nov 2007 13:39:10 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src/scripts template-dsml-activate.pl, 1.7, NONE template-migrateInstance5, 1.5, NONE template-migrateTo6, 1.5, NONE template-migrate50to51, 1.6, NONE template-migrateInstance6, 1.5, NONE template-migrate5to6, 1.5, NONE template-migrateTo5, 1.6, NONE Message-ID: <200711301839.lAUIdAvs001686@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/admin/src/scripts In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1642/scripts Removed Files: template-dsml-activate.pl template-migrateInstance5 template-migrateTo6 template-migrate50to51 template-migrateInstance6 template-migrate5to6 template-migrateTo5 Log Message: Resolves: #229576 Summary: clean up template-scriptname which is derived from template-scriptname.in (comment #3,4) Description: removing obsolete scripts: ds_viewlog.pl scripts/template-dsml-activate.pl scripts/template-migrateInstance5 scripts/template-migrateTo6 scripts/template-migrate50to51 scripts/template-migrateInstance6 scripts/template-migrate5to6 scripts/template-migrateTo5 --- template-dsml-activate.pl DELETED --- --- template-migrateInstance5 DELETED --- --- template-migrateTo6 DELETED --- --- template-migrate50to51 DELETED --- --- template-migrateInstance6 DELETED --- --- template-migrate5to6 DELETED --- --- template-migrateTo5 DELETED --- From fedora-directory-commits at redhat.com Fri Nov 30 18:39:10 2007 From: fedora-directory-commits at redhat.com (Noriko Hosoi (nhosoi)) Date: Fri, 30 Nov 2007 13:39:10 -0500 Subject: [Fedora-directory-commits] ldapserver/ldap/admin/src ds_viewlog.pl, 1.5, NONE Message-ID: <200711301839.lAUIdAV2001681@cvs-int.fedora.redhat.com> Author: nhosoi Update of /cvs/dirsec/ldapserver/ldap/admin/src In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv1642 Removed Files: ds_viewlog.pl Log Message: Resolves: #229576 Summary: clean up template-scriptname which is derived from template-scriptname.in (comment #3,4) Description: removing obsolete scripts: ds_viewlog.pl scripts/template-dsml-activate.pl scripts/template-migrateInstance5 scripts/template-migrateTo6 scripts/template-migrate50to51 scripts/template-migrateInstance6 scripts/template-migrate5to6 scripts/template-migrateTo5 --- ds_viewlog.pl DELETED ---