[Fedora-directory-devel] Please Review: (439628) memberOf - Verify indirect membership before removing a memberOf value

Nathan Kinder nkinder at redhat.com
Mon Apr 21 16:20:20 UTC 2008 

https://bugzilla.redhat.com/show_bug.cgi?id=439628
Resolves: bug 439628
Bug Description: When deleting a member value from a group, the member
    entry has the proper memberOf value removed, but a check is not made
    to see if the entry is still a member of parent groups through some
    other grouping path first.  This results in an inconsistency between
    member and memberOf attribute values.
Reviewed by: ???
Files: see diff
Branch: HEAD
Fix Description: The fix is to check if an entry is an indirect group
    member before removing the memberOf attribute value form the entry.

    I had to add a few new helper functions to perform this check.  The new
    utility functions allow you to check if a specific entry is a member of
    a specific group by looking at member values only.  There is a function
    for checking if the entry is a direct member, and one that will check
    for direct or indirect membership.  Both of these functions will not
    modify the entry, which is what was lacking in the previous code.  These
    utility functions required a recursive function underneath to trace
    through indirect memberships.  This recursive function will detect group
    loopings to ensure it doesn't endlessly recurse.

    I also did some refactoring and commenting of existing code to make 
things
    more clear.  These changes have been checked for memory leaks with 
valgrind,
    and I've also checked for regressions of other recently fixed bugs 
in the
    memberOf plug-in.
Platforms tested: RHEL5.1 x86_64
Flag Day: No.
Doc impact: None.
https://bugzilla.redhat.com/attachment.cgi?id=302951&action=diff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3241 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-devel/attachments/20080421/d73821e8/attachment.bin>

More information about the Fedora-directory-devel mailing list