Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 311733 Details for
Bug 442103
rhds8.0 "manage certificates" and ssl in console java.lang.NullPointerException
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
diffs
diffs.bug442103 (text/plain), 30.50 KB, created by
Rich Megginson
on 2008-07-14 16:57:24 UTC
(
hide
)
Description:
diffs
Filename:
MIME Type:
Creator:
Rich Megginson
Created:
2008-07-14 16:57:24 UTC
Size:
30.50 KB
patch
obsolete
>Index: adminserver/admserv/cgi-src40/config.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/config.c,v >retrieving revision 1.14 >diff -u -8 -r1.14 config.c >--- adminserver/admserv/cgi-src40/config.c 15 Nov 2007 17:32:22 -0000 1.14 >+++ adminserver/admserv/cgi-src40/config.c 14 Jul 2008 16:56:40 -0000 >@@ -143,18 +143,16 @@ > char *method; > int rv, cnt, i, j, x, errorCode; > int err; > int *errp = &err; > char *username = 0; > char *localAdmin = 0; > char *binddn = 0; > char *bindpw = 0; >- char *newValue = 0; >- char *portVal = 0; > char **inputs = 0; > char *operation = 0; > char *qs = 0; > char *nameptr, *valptr, *val; > char error_info[128]; > char *valsbuf[2]; > int setFlag = 0, getFlag = 0, forceSetFlag = 0; > int ignorePsetErrors = 0; >@@ -258,17 +256,17 @@ > } > } > } > > if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw); > > adminfo = admldapBuildInfo(configdir, &rv); > >- errorCode = ADMSSL_InitSimple(configdir, secdir, 0); >+ errorCode = ADMSSL_InitSimple(configdir, secdir, 1); > if (errorCode) { > if (i18nResource) > rpt_err(APP_ERROR, > res_getstring(i18nResource, > DBT_SSL_INIT_ERROR, > acceptLanguage, msgbuf, sizeof(msgbuf), NULL), > NULL, NULL); > else rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL); >@@ -397,17 +395,17 @@ > NULL, NULL); > else rpt_err(APP_ERROR, "Attribute(s) does not exist", NULL, NULL); > } > } > else rpt_success(NULL); > > if (resultList) { > nvl = resultList; >- while (nv = *nvl++) { >+ while ((nv = *nvl++)) { > fprintf(stdout, "%s: %s\n", > nv->attrName, > nv->attrVal ? (nv->attrVal[0] ? nv->attrVal[0] : "") : ""); > } > deleteAttributeList(resultList); > } > #if 0 > if (execPath) fprintf(stdout, "execPath: %s\n", execPath); >@@ -692,16 +690,17 @@ > res_destroy_resource(i18nResource); > } > exit (0); > } > if (updateList) deleteAttributeList(updateList); > if (addList) deleteAttributeList(addList); > psetDelete(pset); > >+ return 1; > } > > > /* > * Get Val from the specified conf file > * The returned value is allocated - caller must free > */ > static char * read_conf(char *file, char *name) { >@@ -865,16 +864,17 @@ > if (change_uid_all(configdir, 0, newuid) || change_uid_all(secdir, 0, newuid) || > change_uid_all(logdir, 0, newuid) || (pidfile && change_uid(pidfile, 0, newuid))) { > return -1; > } > } > > else return 0; > >+ return -1; > } > #endif > > /* > * Verify if newuname can be used as the admin server uid. The new uid must > * belong to the sysgroup (recorded in adm.conf) > * > * Returns error : -1 >@@ -1050,17 +1050,17 @@ > > PR_StringToNetAddr(ip, &netaddr); > > pr_st = PR_GetSystemInfo(PR_SI_HOSTNAME, systemInfo, SYS_INFO_BUFFER_LENGTH); > > pr_st = PR_GetHostByName(systemInfo, buf, PR_NETDB_BUF_SIZE, &hostentry); > > index = 0; >- while (index = PR_EnumerateHostEnt(index, &hostentry, 8000, &netaddr1)) { >+ while ((index = PR_EnumerateHostEnt(index, &hostentry, 8000, &netaddr1))) { > if (netaddr1.inet.ip == netaddr.inet.ip) return 1; > } > > return 0; > } > > /* > * Try to open a log file in append mode. If the file is not present, it will be created >Index: adminserver/admserv/cgi-src40/getport.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/getport.c,v >retrieving revision 1.6 >diff -u -8 -r1.6 getport.c >--- adminserver/admserv/cgi-src40/getport.c 11 May 2007 19:44:05 -0000 1.6 >+++ adminserver/admserv/cgi-src40/getport.c 14 Jul 2008 16:56:40 -0000 >@@ -80,17 +80,17 @@ > rpt_err(INCORRECT_USAGE, "NO USER DN", NULL, NULL); > } > } > } > > if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw); > > /* Initialize the pset */ >- rv = ADMSSL_InitSimple(configdir, secdir); >+ rv = ADMSSL_InitSimple(configdir, secdir, 1); > if (rv) { > rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL); > } > > pset = psetCreateSSL("admin-serv", > /* configRoot */ configdir, > /* userDN */ binddn, > /* passwd */ bindpw, >Index: adminserver/admserv/cgi-src40/htmladmin.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/htmladmin.c,v >retrieving revision 1.9 >diff -u -8 -r1.9 htmladmin.c >--- adminserver/admserv/cgi-src40/htmladmin.c 11 May 2007 19:44:05 -0000 1.9 >+++ adminserver/admserv/cgi-src40/htmladmin.c 14 Jul 2008 16:56:41 -0000 >@@ -320,17 +320,17 @@ > > AdmldapInfo ldapInfo = NULL; > int rv; > > ldapInfo = admldapBuildInfo((char *)configdir, &rv); > if(!ldapInfo) > exit(0); > >- rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0); >+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1); > if(rv) > exit(0); > > return(ldapInfo); > } > > int sorted_search( char *sortattr, LDAP *ld, const char *base, int scope, > const char *filter, char **attrs, int attrsonly, LDAPMessage **res ) { >@@ -476,18 +476,16 @@ > > > int get_host_and_port(LDAP *server, char *sie, LDAPMessage *sie_entry, char **host, int **port) { > > LDAPMessage *result; > LDAPMessage *entry; > int ldapError; > >- char *security = NULL; >- > char **vals; > char sie_conf[BIG_LINE]; > > *host=NULL; > *port=NULL; > > if((vals = ldap_get_values(server, sie_entry, ADMIN_HOST)) != NULL) { > *host = strdup(vals[0]); >@@ -805,33 +803,33 @@ > > /* rate is specified in seconds */ > static int get_topology_refresh_rate(AdmldapInfo admInfo) { > > char *val = NULL; > char *endptr = NULL; > int rate = 300; > >- if (val = admldapGetExpressRefreshRate(admInfo)) { >+ if ((val = admldapGetExpressRefreshRate(admInfo))) { > rate = strtol(val, &endptr, 10); > PL_strfree(val); > } > > return rate; > } > > > /* rate is specified in seconds */ > static int get_cgi_timeout_rate(AdmldapInfo admInfo) { > > char *endptr = NULL; > char *val = NULL; > int rate = 60; > >- if (val = admldapGetExpressCGITimeout(admInfo)) { >+ if ((val = admldapGetExpressCGITimeout(admInfo))) { > rate = strtol(val, &endptr, 10); > PL_strfree(val); > } > > return rate; > } > > >@@ -1039,17 +1037,17 @@ > else if(strstr(ldap_get_dn(server, isie_entry), "Enterprise")) > img = strdup("enterpriseic.gif"); > else if(strstr(ldap_get_dn(server, isie_entry), "Certificate")) > img = strdup("cert16.gif"); > else > img = strdup("oldservic.gif"); > } > >- if(vals2 = ldap_get_values(server, isie_entry, ISIE_PRODVER_ATTR)) { >+ if((vals2 = ldap_get_values(server, isie_entry, ISIE_PRODVER_ATTR))) { > version = (char *)malloc(4+strlen(vals2[0])); > sprintf(version, " %s", vals2[0]); > } > else { > version = strdup(""); > } > > >Index: adminserver/admserv/cgi-src40/migrateConfig.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/migrateConfig.c,v >retrieving revision 1.7 >diff -u -8 -r1.7 migrateConfig.c >--- adminserver/admserv/cgi-src40/migrateConfig.c 11 May 2007 19:44:05 -0000 1.7 >+++ adminserver/admserv/cgi-src40/migrateConfig.c 14 Jul 2008 16:56:41 -0000 >@@ -223,17 +223,17 @@ > acceptLanguage, msgbuf, sizeof(msgbuf), NULL))) > rpt_err(ELEM_MISSING, errMsg, NULL, NULL); > else rpt_err(ELEM_MISSING, "NO USER DN!", NULL, NULL); > } > } > } > > if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw); >- rv = ADMSSL_InitSimple(configdir, secdir); >+ rv = ADMSSL_InitSimple(configdir, secdir, 1); > if (rv) { > if (i18nResource && > (errMsg = res_getstring(i18nResource, > DBT_SSL_INIT_ERROR, > acceptLanguage, msgbuf, sizeof(msgbuf), NULL))) > rpt_err(APP_ERROR, errMsg, NULL, NULL); > else rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL); > } >Index: adminserver/admserv/cgi-src40/restartsrv.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/restartsrv.c,v >retrieving revision 1.8 >diff -u -8 -r1.8 restartsrv.c >--- adminserver/admserv/cgi-src40/restartsrv.c 15 May 2007 16:45:45 -0000 1.8 >+++ adminserver/admserv/cgi-src40/restartsrv.c 14 Jul 2008 16:56:41 -0000 >@@ -290,17 +290,16 @@ > static char * get_pid_file() { > > FILE *f; > static char inbuf[BIG_LINE]; > static char filename[BIG_LINE]; > static char buf[BIG_LINE]; > char * p = NULL; > const char *configdir = util_get_conf_dir(); >- const char *logdir = util_get_log_dir(); > const char *piddir = util_get_pid_dir(); > > util_find_file_in_paths(filename, sizeof(filename), "console.conf", configdir, "", "admin-serv/config"); > > f = fopen(filename, "r"); > if (f==NULL) { > rpt_err(SYSTEM_ERROR, "Can not open file console.conf for reading", NULL, NULL); > } >Index: adminserver/admserv/cgi-src40/sec-activate.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/sec-activate.c,v >retrieving revision 1.10 >diff -u -8 -r1.10 sec-activate.c >--- adminserver/admserv/cgi-src40/sec-activate.c 6 Jul 2007 18:06:19 -0000 1.10 >+++ adminserver/admserv/cgi-src40/sec-activate.c 14 Jul 2008 16:56:41 -0000 >@@ -486,17 +486,16 @@ > char *clientauth = NULL; > > char *configdir; /* where to find config files */ > char *securitydir = NULL; /* where to find security files */ > family_input *family_head = NULL; > char error_info[BIG_LINE]; > AdmldapInfo ldapInfo = NULL; > char *lang; >- char line[BIG_LINE]; > > memset((void *)errp, 0, sizeof(int)); > method = getenv("REQUEST_METHOD"); > > if(method && *method) { > lang=getenv("HTTP_ACCEPT_LANGUAGE"); > } > else { >Index: adminserver/admserv/cgi-src40/security.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v >retrieving revision 1.14 >diff -u -8 -r1.14 security.c >--- adminserver/admserv/cgi-src40/security.c 27 Nov 2007 16:55:49 -0000 1.14 >+++ adminserver/admserv/cgi-src40/security.c 14 Jul 2008 16:56:42 -0000 >@@ -49,16 +49,17 @@ > #include "secasn1.h" > > #include "prio.h" > #include "prtypes.h" > > #include "libadminutil/admutil.h" > #include "libadminutil/distadm.h" > #include "libadminutil/resource.h" >+#include "libadmsslutil/admsslutil.h" > #include "libadmsslutil/certmgt.h" > #include "libadmsslutil/psetcssl.h" > > #include "config.h" > > #include "cgicommon.h" > > #include "libadmin/libadmin.h" >@@ -220,16 +221,17 @@ > > PR_snprintf(line, sizeof(line), getResourceString(DBT_MISSING_THIS), keyName); > > return get_cgi_var(key, getResourceString(DBT_PARAMETERMISSING), line); > } > > static void closeAllSecurityDB() { > /* close all db */ >+ SSL_ClearSessionCache(); > NSS_Shutdown(); > } > > static void errorAllocateMem() { > rpt_err(MEMORY_ERROR, > getResourceString(DBT_INTERNAL_ERROR), > getResourceString(DBT_ALLOCATE_ERROR), > NULL); >@@ -720,17 +722,17 @@ > if (crl->crl.entries != NULL) { > int x = 0; > > while (1) { > CERTCrlEntry *entry = crl->crl.entries[x]; > > if (entry != NULL) { > fprintf(stdout, "\t<ENTRY%d>\n", x); >- fprintf(stdout, "\t\t<SERIAL_NUMBER>%d</SERIAL_NUMBER>\n", Hexify(&entry->serialNumber)); >+ fprintf(stdout, "\t\t<SERIAL_NUMBER>%s</SERIAL_NUMBER>\n", processNullString(Hexify(&entry->serialNumber))); > fprintf(stdout, "\t\t<REVOKE_DATE>%s</REVOKE_DATE>\n",DER_UTCTimeToAscii(&entry->revocationDate)); > fprintf(stdout, "\t</ENTRY%d>\n", x); > x++; > } else { > break; > } > } > } >@@ -832,32 +834,32 @@ > PK11SlotInfo *internal_slot; > char *internalTokenName; > > if (!slot) { > errorRpt(GENERAL_FAILURE, getResourceString(DBT_TOKEN_NAME)); > return; > } > >- internal_slot = PK11_GetInternalKeySlot(); >- if (!internal_slot) { >- errorRpt(GENERAL_FAILURE, getResourceString(DBT_INIT_FAIL)); >- return; >+ if (PK11_IsInternal(slot)) { >+ internal_slot = slot; >+ } else { >+ internal_slot = PK11_GetInternalKeySlot(); >+ if (!internal_slot) { >+ errorRpt(GENERAL_FAILURE, getResourceString(DBT_INIT_FAIL)); >+ return; >+ } > } > > internalTokenName = PK11_GetTokenName(internal_slot); > >- { >- PK11SlotInfo *slot = PK11_GetInternalKeySlot(); >- >- if (PK11_NeedUserInit(slot) == PR_TRUE) { >- fprintf(stdout, "<NEEDINIT_INTERNAL>TRUE</NEEDINIT_INTERNAL>\n"); >- } else { >- fprintf(stdout, "<NEEDINIT_INTERNAL>FALSE</NEEDINIT_INTERNAL>\n"); >- } >+ if (PK11_NeedUserInit(internal_slot) == PR_TRUE) { >+ fprintf(stdout, "<NEEDINIT_INTERNAL>TRUE</NEEDINIT_INTERNAL>\n"); >+ } else { >+ fprintf(stdout, "<NEEDINIT_INTERNAL>FALSE</NEEDINIT_INTERNAL>\n"); > } > > certList = PK11_ListCerts(PK11CertListUnique, NULL); > if (certList == NULL) { > errorRpt(GENERAL_FAILURE, getResourceString(DBT_CERT_LIST_FAIL)); > } > for (cln = CERT_LIST_HEAD(certList); !CERT_LIST_END(cln,certList); > cln = CERT_LIST_NEXT(cln)) { >@@ -879,21 +881,28 @@ > * List "Builtin Object Token" as if it is the internal token > * This is a special NSS read-only token for storing predefined CA certs > */ > else if ((strcmp(tokenName, internalTokenName) == 0) && > (strcmp(certTokenName, "Builtin Object Token") == 0)) { > printCert(cln->cert, /*showDetail=*/PR_FALSE, NULL); > } > } >+ CERT_DestroyCertList(certList); > > if (PK11_IsInternal(slot)) { > showCRL(certdb, SEC_CRL_TYPE); > showCRL(certdb, SEC_KRL_TYPE); > } >+ >+ if (slot != internal_slot) { >+ PK11_FreeSlot(internal_slot); >+ } >+ PK11_FreeSlot(slot); >+ > } > > /* > * Find a certificate and print in detail mode. > */ > static void printCertDetail(char *certFingerprint) { > CERTCertificate* cert = findCertByFingerprint(certFingerprint); > /* see if certificate if found */ >@@ -1506,17 +1515,16 @@ > PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), filename); > errorRpt(FILE_ERROR, msg); > } > > {/*try open the file*/ > FILE *f; > > PR_snprintf(full_path, sizeof(full_path), "%s%c%s", secdir, FILE_PATHSEP, filename); >- form_unescape(full_path); > > if( !(f = fopen(full_path, "rb")) ) { > PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), full_path); > errorRpt(FILE_ERROR, msg); > } else { > int size; > #define BLOCK_SIZE 2048 > char buf[BLOCK_SIZE]; >@@ -1759,19 +1767,16 @@ > > /* > * List all the possible tokens resides under any pkcs11 device > */ > void tokenInfo() { > PK11SlotList* slotList; > PK11SlotListElement *slot; > >- /* Mechanism to be used to get all the tokens in PK11_GetAllTokens */ >- CK_MECHANISM_TYPE all = CKM_INVALID_MECHANISM; >- > slotList = PK11_GetAllTokens(CKM_RSA_PKCS, PR_FALSE, PR_FALSE, NULL); > > fprintf(stdout, "<TOKENINFO>\n"); > > for(slot = slotList->head; slot != NULL; slot = slot->next) { > > fprintf(stdout, "\t<%s>\n", PK11_GetTokenName(slot->slot)); > >@@ -1951,23 +1956,23 @@ > errorRpt(INCORRECT_USAGE, getResourceString(DBT_MIGRATION_NOT_SUPPORTED)); > } > > int main(int argc, char *argv[]) > { > /* cgi env setup */ > int _ai = ADMUTIL_Init(); > char * m = getenv("REQUEST_METHOD"); >- char * qs = 0; > char *securitydir = NULL; /* looked up via sie */ > char msg[BIG_LINE]; > AdmldapInfo ldapInfo; /* our config */ > int rc = 0; > char *sie; > char *configdir = util_get_conf_dir(); >+ const char *secdir = util_get_security_dir(); > > #if 0 > CGI_Debug("security"); > #endif > > /*setup i18n stuff*/ > { > char *lang=getenv("HTTP_ACCEPT_LANGUAGE"); >@@ -1993,16 +1998,20 @@ > > sie = getParameter("sie", getResourceString(DBT_SIE)); > ldapInfo = admldapBuildInfoOnly(configdir, &rc); > if (rc || !ldapInfo) { > PR_snprintf(line, sizeof(line), getResourceString(CMN_CONFIGPROBLEM), configdir ? configdir : "(null)", rc); > errorRpt(FILE_ERROR, line); > } > >+ if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) { >+ errorRpt(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR)); >+ } >+ > securitydir = getSecurityDir(ldapInfo, sie); > > { > char* operation = getParameter("formop",getResourceString(DBT_OP)); > > if (!operation) { > /* if we got here it means front end pass back > a bogus operation string */ >@@ -2016,16 +2025,19 @@ > security library will hog up the file and we can not remove it.*/ > if (!util_verify_file_or_dir(securitydir, PR_FILE_DIRECTORY, NULL, 0, PR_FILE_FILE)) { > PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), > securitydir ? securitydir : "(null)"); > errorRpt(INCORRECT_USAGE, msg); > } > > /* we got here, we think sie is a valid prefix */ >+ /* close all db - we may have had to open the admin server key/cert db >+ in order to use LDAPS before - now have to shut down NSS and reinit */ >+ closeAllSecurityDB(); > securityInitialization(securitydir); > > if (!PORT_Strcmp(operation, "LIST_CERTIFICATE")) { > /* list cert */ > listCert(getParameter("tokenname",getResourceString(DBT_TOKEN_NAME))); > /* fprintf(stdout, "total_cert:%d",num_of_certs++); */ > > } else if (!PORT_Strcmp(operation, "CHANGE_TRUST")) { >Index: adminserver/admserv/cgi-src40/setport.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/setport.c,v >retrieving revision 1.6 >diff -u -8 -r1.6 setport.c >--- adminserver/admserv/cgi-src40/setport.c 11 May 2007 19:44:05 -0000 1.6 >+++ adminserver/admserv/cgi-src40/setport.c 14 Jul 2008 16:56:42 -0000 >@@ -109,17 +109,17 @@ > else { > rpt_err(ELEM_MISSING, "ErrorString: NO USER DN!", NULL, NULL); > } > } > } > > if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw); > >- rv = ADMSSL_InitSimple(configdir, secdir); >+ rv = ADMSSL_InitSimple(configdir, secdir, 1); > if (rv) { > rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL); > } > > /* Initialize the pset */ > > pset = psetCreateSSL("admin-serv", > /* configRoot */ configdir, >Index: adminserver/admserv/cgi-src40/statpingserv.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/statpingserv.c,v >retrieving revision 1.6 >diff -u -8 -r1.6 statpingserv.c >--- adminserver/admserv/cgi-src40/statpingserv.c 9 May 2007 00:26:30 -0000 1.6 >+++ adminserver/admserv/cgi-src40/statpingserv.c 14 Jul 2008 16:56:42 -0000 >@@ -69,18 +69,16 @@ > int retcode; > PRNetAddr netAddr; > > char *result; > char *host; > int port; > > PRFileDesc *gif; >- int character; >- int count=0; > char *file; > char *portstr; > struct PRFileInfo64 prfileinfo; > > m = getenv("REQUEST_METHOD"); > /* > { > int d=1; >Index: adminserver/admserv/cgi-src40/ugdsconfig.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/ugdsconfig.c,v >retrieving revision 1.10 >diff -u -8 -r1.10 ugdsconfig.c >--- adminserver/admserv/cgi-src40/ugdsconfig.c 18 Dec 2007 19:55:23 -0000 1.10 >+++ adminserver/admserv/cgi-src40/ugdsconfig.c 14 Jul 2008 16:56:42 -0000 >@@ -231,17 +231,17 @@ > } > > static AdmldapInfo > local_get_admldapinfo(const char *configdir, const char *securitydir) > { > AdmldapInfo adminfo; > int rc; > >- if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0)) { >+ if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1)) { > rpt_err(SYSTEM_ERROR, i18nMsg(DBT_ADMSSL_INIT_FAILED,"Cannot initialize SSL"), NULL, NULL); > return NULL; > } > > adminfo = admldapBuildInfo((char *)configdir, &rc); > if (adminfo == NULL) { > logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value((char *)configdir)); > PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_BUILD_LDAPINFO,"Failed to build ldap info (err=%d)"), rc); >Index: adminserver/admserv/cgi-src40/viewdata.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewdata.c,v >retrieving revision 1.8 >diff -u -8 -r1.8 viewdata.c >--- adminserver/admserv/cgi-src40/viewdata.c 11 May 2007 19:44:05 -0000 1.8 >+++ adminserver/admserv/cgi-src40/viewdata.c 14 Jul 2008 16:56:42 -0000 >@@ -108,17 +108,17 @@ > > AdmldapInfo ldapInfo = NULL; > int rv; > > ldapInfo = admldapBuildInfo((char *)configdir, &rv); > if(!ldapInfo) > exit(0); > >- rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0); >+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 1); > if(rv) > exit(0); > > return(ldapInfo); > } > > > >@@ -256,21 +256,21 @@ > > if((ldapError = ldap_search_s(server, dn, LDAP_SCOPE_BASE, > "(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS) { > PR_smprintf_free(dn); > return 1; > } > > PR_smprintf_free(dn); >- if(vals = ldap_get_values(server, entry, "nshtmladminproducturl")) { >+ if((vals = ldap_get_values(server, entry, "nshtmladminproducturl"))) { > *url = strdup(vals[0]); > ldap_value_free(vals); > } >- if(vals = ldap_get_values(server, entry, "nshtmladminproducttext")) { >+ if((vals = ldap_get_values(server, entry, "nshtmladminproducttext"))) { > *text = strdup(vals[0]); > ldap_value_free(vals); > } > > if(*url && *text) > return 0; > return 1; > } >@@ -287,23 +287,23 @@ > > /* SIE has some data... */ > > if((ldapError = ldap_search_s(server, sie, LDAP_SCOPE_BASE, > "(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS) > return; > > >- if(vals = ldap_get_values(server, entry, "serverproductname")) { >+ if((vals = ldap_get_values(server, entry, "serverproductname"))) { > fprintf(stdout,(const char*)getResourceString(DBT_OUTPUT_DATA_SERVER_PRODUCT_NAME), vals[0]); > ldap_value_free(vals); > } > > >- if(vals = ldap_get_values(server, entry, "installationtimestamp")) { >+ if((vals = ldap_get_values(server, entry, "installationtimestamp"))) { > struct tm tm; > char buf[BIG_LINE]; > > /* only PARSE YYYYmmddHHMMSS */ > sscanf(vals[0], "%4d%2d%2d%2d%2d%2d", &tm.tm_year, &tm.tm_mon, > &tm.tm_mday, &tm.tm_hour, &tm.tm_min, &tm.tm_sec); > > tm.tm_year -= 1900; /* the number of years since 1900 */ >@@ -318,17 +318,17 @@ > #endif > > > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_DATE), buf); > ldap_value_free(vals); > } > > >- if(vals = ldap_get_values(server, entry, "serverroot")) { >+ if((vals = ldap_get_values(server, entry, "serverroot"))) { > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_SERVER_ROOT), vals[0]); > ldap_value_free(vals); > } > > if(!(vals = ldap_get_values(server, entry, "nsserverport"))) { > /* argh, port can be in the configuration object */ > > char *config_buf = PR_smprintf("cn=configuration, %s", sie); >@@ -353,67 +353,61 @@ > isie = strtok(NULL, "\0"); > while(*isie == ' ') > isie++; /* eliminate spaces */ > > if((ldapError = ldap_search_s(server, isie, LDAP_SCOPE_BASE, > "(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS) > return; > >- if(vals = ldap_get_values(server, entry, "nsproductname")) { >+ if((vals = ldap_get_values(server, entry, "nsproductname"))) { > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_PRODUCT_NAME), vals[0]); > ldap_value_free(vals); > } > >- if(vals = ldap_get_values(server, entry, "nsvendor")) { >+ if((vals = ldap_get_values(server, entry, "nsvendor"))) { > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_VENDOR), vals[0]); > ldap_value_free(vals); > } > >- if(vals = ldap_get_values(server, entry, "nsproductversion")) { >+ if((vals = ldap_get_values(server, entry, "nsproductversion"))) { > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_PRODUCT_VERSION), vals[0]); > ldap_value_free(vals); > } > >- if(vals = ldap_get_values(server, entry, "nsbuildnumber")) { >+ if((vals = ldap_get_values(server, entry, "nsbuildnumber"))) { > fprintf(stdout,(const char*)getResourceString(DBT_OUTPUT_DATA_BUILD_NUMBER), vals[0]); > ldap_value_free(vals); > } > >- if(vals = ldap_get_values(server, entry, "nsbuildsecurity")) { >+ if((vals = ldap_get_values(server, entry, "nsbuildsecurity"))) { > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_BUILD_SECURITY), vals[0]); > ldap_value_free(vals); > } > >- if(vals = ldap_get_values(server, entry, "nsrevisionnumber")) { >+ if((vals = ldap_get_values(server, entry, "nsrevisionnumber"))) { > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_REVISION_NUMBER), vals[0]); > ldap_value_free(vals); > } > >- if(vals = ldap_get_values(server, entry, "description")) { >+ if((vals = ldap_get_values(server, entry, "description"))) { > fprintf(stdout, (const char*)getResourceString(DBT_OUTPUT_DATA_DESCRIPTION), vals[0]); > ldap_value_free(vals); > } > > } > > int main(int argc, char *argv[]) > { > > int _ai = ADMUTIL_Init(); > char *qs = getenv("QUERY_STRING"); > char line[BIG_LINE]; > FILE *html = open_html_file(MY_PAGE); > char *sie = NULL; >- >- char *request; >- int errorcode; >- PRFileDesc *sockd; >- bufstruct *nbuf; >- > char *binddn, *bindpw; > LDAP *server; > LDAPMessage *entry; > int ldapError; > const char *configdir = util_get_conf_dir(); > const char *secdir = util_get_security_dir(); > > AdmldapInfo ldapInfo = get_adm_ldapinfo(configdir, secdir); >@@ -448,17 +442,17 @@ > fprintf(stdout, getResourceString(DBT_MAIN_TABLE_FOOTER)); > } > else if(directive_is(line, "ID_TITLE")) { > char **vals; > if((ldapError = ldap_search_s(server, sie, LDAP_SCOPE_BASE, > "(objectclass=*)", NULL, 0, &entry)) != LDAP_SUCCESS) > continue; > >- if(vals = ldap_get_values(server, entry, "nsserverid")) { >+ if((vals = ldap_get_values(server, entry, "nsserverid"))) { > fprintf(stdout, (const char*)getResourceString(DBT_MAIN_SERVER_ID), vals[0]); > ldap_value_free(vals); > } > } > else if(directive_is(line, "SHOW_URL")) { > char *text; > char *url; > >Index: adminserver/admserv/cgi-src40/viewlog.c >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewlog.c,v >retrieving revision 1.10 >diff -u -8 -r1.10 viewlog.c >--- adminserver/admserv/cgi-src40/viewlog.c 31 Oct 2007 05:30:53 -0000 1.10 >+++ adminserver/admserv/cgi-src40/viewlog.c 14 Jul 2008 16:56:42 -0000 >@@ -151,17 +151,16 @@ > acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE"); > } > } > > > void display_logfiles(char *logdir, char *default_logfile) > { > int x; >- int cnt=0; > char *seps = "/"; > char *token; > char *curlog = NULL; > char **logfiles; > int at_least_one=0; > > if (default_logfile != NULL) { > token = strtok(default_logfile, seps); >@@ -284,17 +283,16 @@ > FILE *html = open_html_file(MY_PAGE); > char *method = NULL; > char *nohtml = NULL; > char *num=NULL; > char *str=NULL; > char *file; > char *logdir = NULL; > char *id; >- char **logfiles = NULL; > char tmp[BIG_LINE]; > int x; > int print_html = 1; > int proceed = 0; > char msg[BUFSIZ]; > AdmldapInfo ldapInfo = NULL; /* our config */ > int rc = 0; > char *configdir = NULL; >@@ -348,16 +346,21 @@ > configdir = util_get_conf_dir(); > ldapInfo = admldapBuildInfoOnly(configdir, &rc); > if (rc || !ldapInfo) { > PR_snprintf(line, sizeof(line), > getResourceString(CMN_CONFIGPROBLEM), > configdir ? configdir : "(null)", rc); > rpt_err(APP_ERROR, line, NULL, NULL); > } else { >+ const char *secdir = util_get_security_dir(); >+ if(ADMSSL_InitSimple((char *)configdir, (char *)secdir, 1)) { >+ rpt_err(SYSTEM_ERROR, getResourceString(CMN_SSL_INIT_ERROR), NULL, NULL); >+ } >+ > logdir = getLogDir(ldapInfo, id); > if(!logdir) { > PR_snprintf(msg, sizeof(msg), > getResourceString(DBT_NO_DIR_FOUND), id); > rpt_err(INCORRECT_USAGE, getResourceString(DBT_NO_DIR), msg, NULL); > } > } > >@@ -402,17 +405,16 @@ > #endif > if (!file || !*file || > !util_is_valid_path_string(file) || > !util_verify_file_or_dir(logdir, PR_FILE_DIRECTORY, file, -1, PR_FILE_FILE)) { > continue; > } > > PR_snprintf(full_path, sizeof(full_path), "%s%c%s", logdir, FILE_PATHSEP, file); >- form_unescape(full_path); /* bug 27409, 31807 */ > cmd = fopen(full_path, "r"); > fprintf(stdout, getResourceString(DBT_MAIN_WIDTH)); > PR_snprintf(tmp, sizeof(tmp), getResourceString(DBT_SUBTITLE), num, file, (str)? getResourceString(DBT_WITH) : "", > (str)? str : ""); > > fprintf(stdout, (const char*)getResourceString(DBT_MAIN_TABLE), tmp); > > /* begin search */ >@@ -430,17 +432,16 @@ > char full_path[PATH_MAX]; > > #ifdef AIX > fflush(stdout); > #endif > if (file || *file || util_is_valid_path_string(file) || > util_verify_file_or_dir(logdir, PR_FILE_DIRECTORY, file, -1, PR_FILE_FILE)) { > PR_snprintf(full_path, sizeof(full_path), "%s%c%s", logdir, FILE_PATHSEP, file); >- form_unescape(full_path); /* bug 27409, 31807 */ > cmd = fopen(full_path, "r"); > > /* begin search */ > if(cmd) { > search_file(cmd, atoi(num), str); > fclose(cmd); > } > } >Index: adminserver/admserv/newinst/src/AdminServer.pm.in >=================================================================== >RCS file: /cvs/dirsec/adminserver/admserv/newinst/src/AdminServer.pm.in,v >retrieving revision 1.12 >diff -u -8 -r1.12 AdminServer.pm.in >--- adminserver/admserv/newinst/src/AdminServer.pm.in 7 Dec 2007 00:09:36 -0000 1.12 >+++ adminserver/admserv/newinst/src/AdminServer.pm.in 14 Jul 2008 16:56:42 -0000 >@@ -61,16 +61,25 @@ > } > > sub setFileOwnerPerms { > my $setup = shift; > my $configdir = shift; > my $admConf = getAdmConf($configdir); > my $uid = getpwnam $admConf->{sysuser}; > >+ # chown the config directory >+ $! = 0; # clear errno >+ chown $uid, -1, $configdir; >+ if ($!) { >+ $setup->msg($FATAL, 'error_chowning_file', $configdir, >+ $admConf->{sysuser}, $!); >+ return 0; >+ } >+ > # chown and chmod other files appropriately > for (glob("$configdir/*")) { > # these are owned by root > next if (/httpd.conf$/); > next if (/nss.conf$/); > next if (/admserv.conf$/); > next if (! -f $_); # should never happen > # all other files should be owned by SysUser
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=311733">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 442103
: 311733 |
311739
|
311765
|
311767