[Fedora-directory-commits] adminserver/admserv/cgi-src40 viewlog.c, 1.9, 1.10 security.c, 1.11, 1.12 cgicommon.h, 1.1, 1.2
Noriko Hosoi (nhosoi)
fedora-directory-commits at redhat.com
Wed Oct 31 05:30:56 UTC 2007
Author: nhosoi
Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv22940/admserv/cgi-src40
Modified Files:
viewlog.c security.c cgicommon.h
Log Message:
Resolves: #357501
Summary: Console/admin express: can't view log files
Description: Implemented getLogDir to get the log dir from the server's
config info. To share psetHasObjectClass, moved it from security.c to
lib/libadmin/util.c.
Index: viewlog.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewlog.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- viewlog.c 27 Jun 2007 22:24:59 -0000 1.9
+++ viewlog.c 31 Oct 2007 05:30:53 -0000 1.10
@@ -56,19 +56,19 @@
#define RESOURCE_FILE "viewlog"
#define resource_key(a,b) a b
-#define DBT_INV_NUMBER resource_key(RESOURCE_FILE, "1")
-#define DBT_INV_NUMBER_DESC resource_key(RESOURCE_FILE, "2")
-#define DBT_SUBTITLE resource_key(RESOURCE_FILE, "3")
-#define DBT_WITH resource_key(RESOURCE_FILE, "4")
-#define DBT_NO_DIR resource_key(RESOURCE_FILE, "5")
-#define DBT_NO_DIR_DESC resource_key(RESOURCE_FILE, "6")
-#define DBT_NO_FILE resource_key(RESOURCE_FILE, "7")
-#define DBT_NO_FILE_DESC resource_key(RESOURCE_FILE, "8")
-#define DBT_NO_DIR_FOUND resource_key(RESOURCE_FILE, "9")
-#define DBT_NO_ID resource_key(RESOURCE_FILE, "10")
-#define DBT_NO_ID_DESC resource_key(RESOURCE_FILE, "11")
-#define DBT_INV_NOHTML resource_key(RESOURCE_FILE, "12")
-#define DBT_INV_NOHTML_DESC resource_key(RESOURCE_FILE, "13")
+#define DBT_INV_NUMBER resource_key(RESOURCE_FILE, "1")
+#define DBT_INV_NUMBER_DESC resource_key(RESOURCE_FILE, "2")
+#define DBT_SUBTITLE resource_key(RESOURCE_FILE, "3")
+#define DBT_WITH resource_key(RESOURCE_FILE, "4")
+#define DBT_NO_DIR resource_key(RESOURCE_FILE, "5")
+#define DBT_NO_DIR_DESC resource_key(RESOURCE_FILE, "6")
+#define DBT_NO_FILE resource_key(RESOURCE_FILE, "7")
+#define DBT_NO_FILE_DESC resource_key(RESOURCE_FILE, "8")
+#define DBT_NO_DIR_FOUND resource_key(RESOURCE_FILE, "9")
+#define DBT_NO_ID resource_key(RESOURCE_FILE, "10")
+#define DBT_NO_ID_DESC resource_key(RESOURCE_FILE, "11")
+#define DBT_INV_NOHTML resource_key(RESOURCE_FILE, "12")
+#define DBT_INV_NOHTML_DESC resource_key(RESOURCE_FILE, "13")
/* html resource */
#define DBT_DISPLAY_LOGFILE_SELECT_BEGIN resource_key(RESOURCE_FILE, "20")
@@ -107,23 +107,23 @@
while(fgets(line, sizeof(line), cmd)) {
if(strncmp(line, "format=", 7))
if((!str) || (strstr(line, str))) {
- count++;
- if(count<=num) {
- if(!buffer)
- buffer = (char **)MALLOC(sizeof(char *));
- else
- buffer = (char **)REALLOC(buffer, count*(sizeof(char *)));
- }
- else
- FREE(buffer[replace]);
- temp = strlen(line);
- line[temp-1] = ' ';
- line[temp] = '\n';
- line[temp+1] = '\0';
- buffer[replace] = STRDUP(line);
- if(replace == (num-1))
- replace=0;
- else replace++;
+ count++;
+ if(count<=num) {
+ if(!buffer)
+ buffer = (char **)MALLOC(sizeof(char *));
+ else
+ buffer = (char **)REALLOC(buffer, count*(sizeof(char *)));
+ }
+ else
+ FREE(buffer[replace]);
+ temp = strlen(line);
+ line[temp-1] = ' ';
+ line[temp] = '\n';
+ line[temp+1] = '\0';
+ buffer[replace] = STRDUP(line);
+ if(replace == (num-1))
+ replace=0;
+ else replace++;
}
}
if(count < num) { /* could not find num entries */
@@ -133,7 +133,7 @@
/* replace is at the first entry to output */
for(temp=0; temp<count; temp++) {
- fputs(buffer[replace], stdout);
+ fputs(buffer[replace], stdout);
FREE(buffer[replace]);
if(replace == (num-1))
replace=0;
@@ -144,12 +144,12 @@
}
static void i18nInit() {
- i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
- i18nResource_common = res_find_and_init_resource(PROPERTYDIR, COMMON_RESOURCE_FILE);
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+ i18nResource_common = res_find_and_init_resource(PROPERTYDIR, COMMON_RESOURCE_FILE);
- if (getenv("HTTP_ACCEPT_LANGUAGE")) {
- acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
- }
+ if (getenv("HTTP_ACCEPT_LANGUAGE")) {
+ acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
+ }
}
@@ -176,12 +176,12 @@
for(x=0; logfiles && logfiles[x]; x++) {
if (curlog && !strcmp(curlog, logfiles[x])) {
- fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_VALUE_SELECTED),
- logfiles[x], logfiles[x]);
+ fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_VALUE_SELECTED),
+ logfiles[x], logfiles[x]);
}
else {
- fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_SELECT_VALUE),
- logfiles[x], logfiles[x]);
+ fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_SELECT_VALUE),
+ logfiles[x], logfiles[x]);
}
at_least_one = 1;
}
@@ -193,69 +193,88 @@
}
-
/*
- * Given the server's ID, find the log directory for that instance.
- * Note that the earlier version of the product supported having multiple log file
- * directories. This version assumes all log files are in the same directory. This
- * is a result of the FHS work which encourages the use of one log directory per
- * product or instance.
+ * With the FHS work, plus the injunction against
+ * paths in CGI parameters, we should get the
+ * logdir from the server config, using the pset interface
*/
-
-char *get_log_dir(char *id) {
-
- char *return_dir = NULL;
- PsetHndl pset = NULL;
- int rv = 0;
-
- char *errorlog_attr = NULL;
- char *accesslog_attr = NULL;
+static char *
+getLogDir(AdmldapInfo info, const char *id)
+{
+ int rval = 0;
+ char *logdir = NULL;
+ PsetHndl pset;
char *configdir = util_get_conf_dir();
- char *secdir = util_get_security_dir();
- rv = ADMSSL_InitSimple(configdir, secdir, 0);
- if (rv) {
- if (i18nResource) {
- char msgbuf[BUFSIZ];
- rpt_err(APP_ERROR,
- getResourceString(CMN_SSL_INIT_ERROR),
- NULL, NULL);
- } else {
- rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
- }
+ if (!PL_strncasecmp(id, "admin-serv", strlen("admin-serv"))) {
+ return PL_strdup(util_get_log_dir()); /* same as admin server log dir */
}
- pset = psetCreateSSL(id, configdir, NULL, NULL, &rv);
+ /* Log dir for the DS */
+ /* create pset with this dn */
+ pset = psetCreateSSL((char *)id, configdir, NULL, NULL, &rval);
+ if (pset && ((rval == PSET_OP_OK) || (rval == PSET_LOCAL_OPEN_FAIL))) { /* only admin-serv uses local file */
+ if (util_psetHasObjectClass(pset, DSOBJECTCLASS)) {
+ char *host = psetGetAttrSingleValue(pset, "serverHostName", &rval);
+ char *sport = psetGetAttrSingleValue(pset, "nsServerPort", &rval);
+ char *ssecport = psetGetAttrSingleValue(pset, "nsSecureServerPort", &rval);
+ char *ssecurity = psetGetAttrSingleValue(pset, "nsServerSecurity", &rval);
+ int port, security;
+ char *user = NULL;
+ char *binddn = NULL;
+ char *bindpw = admldapGetSIEPWD(info);
+ int freebindpw = 1;
+ char *p;
+
+ ADM_GetUserDNString(&rval, &user);
+ if (!user) {
+ ADM_GetCurrentUsername(&rval, &user);
+ }
+ /* if user is just attr val, get dn */
+ binddn = admldapGetUserDN(info, user);
+ if (!bindpw) {
+ freebindpw = 0;
+ ADM_GetCurrentPassword(&rval, &bindpw);
+ }
+ security = (ssecurity && !PL_strcasecmp(ssecurity, "on")) ? 1 : 0;
+ if (security) {
+ if (ssecport) {
+ port = atoi(ssecport);
+ } else {
+ port = 636;
+ }
+ } else {
+ if (sport) {
+ port = atoi(sport);
+ } else {
+ port = 389;
+ }
+ }
- if (pset) {
- return_dir = psetGetAttrSingleValue(pset, LOGDIRATTR, &rv);
- if (!return_dir) { /* no log dir - get dir from error log */
- char *errorlog = psetGetAttrSingleValue(pset, ERRORLOGATTR, &rv);
- if (errorlog) {
- char *ptr = strrchr(errorlog, FILE_PATHSEP);
- if (ptr) {
- *ptr = '\0';
- return_dir = errorlog;
- }
+ psetDelete(pset);
+ pset = psetRealCreateSSL(host, port, security, DSCONFIGENTRY,
+ binddn, bindpw, NULL, &rval);
+ logdir = psetGetAttrSingleValue(pset, DSERRORLOGDIR, &rval);
+ p = strstr(logdir, "/errors");
+ if (p) {
+ *p = '\0';
}
- }
- psetDelete(pset);
- }
- if(!return_dir) {
- char *logdir = util_get_log_dir();
- if (!strncasecmp(id, "admin-", 6)) {
- return PL_strdup(logdir);
- } else if (!strncmp(id, "slapd-", 6)) {
- /* DIRECTORY SERVER and admin server share the same log dir parent */
- return_dir = PR_smprintf("%s%c..%c%s", logdir, FILE_PATHSEP, FILE_PATHSEP, id);
+ PL_strfree(host);
+ PL_strfree(sport);
+ PL_strfree(ssecport);
+ PL_strfree(ssecurity);
+ PL_strfree(binddn);
+ if (freebindpw) {
+ PL_strfree(bindpw);
+ }
}
}
+ psetDelete(pset);
- return return_dir;
+ return logdir;
}
-
int main(int argc, char *argv[])
{
@@ -276,6 +295,9 @@
int print_html = 1;
int proceed = 0;
char msg[BUFSIZ];
+ AdmldapInfo ldapInfo = NULL; /* our config */
+ int rc = 0;
+ char *configdir = NULL;
i18nInit();
@@ -323,13 +345,20 @@
if(!num) num=DEF_SIZE;
- if(!logdir) {
- logdir = get_log_dir(id);
- if(!logdir) {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_DIR_FOUND), id);
- rpt_err(INCORRECT_USAGE,
- getResourceString(DBT_NO_DIR), msg, NULL);
- }
+ configdir = util_get_conf_dir();
+ ldapInfo = admldapBuildInfoOnly(configdir, &rc);
+ if (rc || !ldapInfo) {
+ PR_snprintf(line, sizeof(line),
+ getResourceString(CMN_CONFIGPROBLEM),
+ configdir ? configdir : "(null)", rc);
+ rpt_err(APP_ERROR, line, NULL, NULL);
+ } else {
+ logdir = getLogDir(ldapInfo, id);
+ if(!logdir) {
+ PR_snprintf(msg, sizeof(msg),
+ getResourceString(DBT_NO_DIR_FOUND), id);
+ rpt_err(INCORRECT_USAGE, getResourceString(DBT_NO_DIR), msg, NULL);
+ }
}
if(nohtml) {
@@ -417,5 +446,5 @@
}
}
- return 0;
+ return 0;
}
Index: security.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- security.c 28 Jun 2007 18:07:01 -0000 1.11
+++ security.c 31 Oct 2007 05:30:53 -0000 1.12
@@ -402,23 +402,6 @@
return (str==NULL?(char *)"(null)":str);
}
-static int
-psetHasObjectClass(PsetHndl pset, const char *ocname)
-{
- int rval = 0;
- char *val = NULL;
- ValueType nodeObjectClass = psetGetObjectClass(pset, "" /* use root node */, &rval);
- ValueType iter = nodeObjectClass;
-
- rval = 0;
- while ((!rval) && ((val = *iter++))) {
- rval = !PL_strcasecmp(ocname, val);
- }
-
- deleteValue(nodeObjectClass);
- return rval;
-}
-
/*
* With the FHS work, plus the injunction against
* paths in CGI parameters, we should get the
@@ -441,7 +424,7 @@
pset = psetCreateSSL((char *)sie, configdir, NULL, NULL, &rval);
if (pset && ((rval == PSET_OP_OK) || (rval == PSET_LOCAL_OPEN_FAIL))) { /* only admin-serv uses local file */
securitydir = psetGetAttrSingleValue(pset, "configuration.encryption.certdir", &rval);
- if (!securitydir && psetHasObjectClass(pset, DSOBJECTCLASS)) {
+ if (!securitydir && util_psetHasObjectClass(pset, DSOBJECTCLASS)) {
char *host = psetGetAttrSingleValue(pset, "serverHostName", &rval);
char *sport = psetGetAttrSingleValue(pset, "nsServerPort", &rval);
char *ssecport = psetGetAttrSingleValue(pset, "nsSecureServerPort", &rval);
Index: cgicommon.h
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/cgicommon.h,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- cgicommon.h 9 May 2007 00:26:30 -0000 1.1
+++ cgicommon.h 31 Oct 2007 05:30:53 -0000 1.2
@@ -34,5 +34,6 @@
#define DSOBJECTCLASS "nsdirectoryserver" /* name of table in cgicommon */
#define DSCONFIGENTRY "cn=config"
#define DSSECURITYDIR "nsslapd-certdir"
+#define DSERRORLOGDIR "nsslapd-errorlog"
#endif /* CGICOMMON_H */
More information about the Fedora-directory-commits
mailing list