1 --- a/schema/open-web-server_1_0.xsd Wed Sep 30 16:55:48 2009 +0530
2 +++ b/schema/open-web-server_1_0.xsd Mon Jan 25 15:35:57 2010 +0530
3 @@ -362,7 +362,7 @@
4
5 <xs:element name="acl-file" type="pathType" minOccurs="0" maxOccurs="unbounded"/>
6
7 - <xs:element name="krb5-ktname" type="pathType" minOccurs="0" maxOccurs="1">
8 + <xs:element name="krb5-keytab-file" type="pathType" minOccurs="0" maxOccurs="1">
9 <xs:annotation>
10 <xs:documentation>
11 Sets the value of the KRB5_KTNAME environment variable.
1.1 --- a/src/server/base/dbtbase.h Wed Sep 30 16:55:48 2009 +0530
1.2 +++ b/src/server/base/dbtbase.h Mon Jan 25 15:35:57 2010 +0530
1.3 @@ -388,6 +388,8 @@
1.4 ResDef( DBT_libsec_errors_167, 2167, "SEC_ERROR_PKCS11_GENERAL_ERROR: PKCS11 general error occured during cert validation." )
1.5 ResDef( DBT_libsec_errors_168, 2168, "SEC_ERROR_PKCS11_FUNCTION_FAILED: PKCS11 function failed." )
1.6 ResDef( DBT_libsec_errors_169, 2169, "SEC_ERROR_PKCS11_DEVICE_ERROR: PKCS11 device error." )
1.7 + ResDef( DBT_libsec_errors_170, 2170, "SEC_ERROR_BAD_INFO_ACCESS_METHOD: Bad access info." )
1.8 + ResDef( DBT_libsec_errors_171, 2171, "SEC_ERROR_CRL_IMPORT_FAILED: CRL import failed." )
1.9
1.10 /* DBT_libssl_errors: http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html */
1.11 ResDef( DBT_libssl_errors_0, 3000, "SSL_ERROR_EXPORT_ONLY_SERVER: Client does not support high-grade encryption." )
1.12 @@ -503,5 +505,7 @@
1.13 ResDef( DBT_libssl_errors_108, 3108, "SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT: SSL peer reported bad certificate hash value." )
1.14 ResDef( DBT_libssl_errors_109, 3109, "SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET: SSL received an unexpected New Session Ticket handshake message." )
1.15 ResDef( DBT_libssl_errors_110, 3110, "SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET: SSL received a malformed New Session Ticket handshake message." )
1.16 + ResDef( DBT_libssl_errors_111, 3111, "SSL_ERROR_DECOMPRESSION_FAILURE: SSL decompression failed." )
1.17 + ResDef( DBT_libssl_errors_112, 3112, "SSL_ERROR_RENEGOTIATION_NOT_ALLOWED: SSL renegotiation is not allowed." )
1.18
1.19 END_STR(base)
2.1 --- a/src/server/base/nscperror.c Wed Sep 30 16:55:48 2009 +0530
2.2 +++ b/src/server/base/nscperror.c Mon Jan 25 15:35:57 2010 +0530
2.3 @@ -95,7 +95,7 @@
2.4 };
2.5
2.6 #define NSCP_LIBSEC_ERROR_BASE (-8192)
2.7 -#define NSCP_LIBSEC_MAX_ERROR (NSCP_LIBSEC_ERROR_BASE + 169)
2.8 +#define NSCP_LIBSEC_MAX_ERROR (NSCP_LIBSEC_ERROR_BASE + 171)
2.9
2.10 int nscp_libsec_errors[NSCP_LIBSEC_MAX_ERROR - NSCP_LIBSEC_ERROR_BASE + 1] = {
2.11 DBT_libsec_errors_0,
2.12 @@ -267,11 +267,13 @@
2.13 DBT_libsec_errors_166,
2.14 DBT_libsec_errors_167,
2.15 DBT_libsec_errors_168,
2.16 - DBT_libsec_errors_169
2.17 + DBT_libsec_errors_169,
2.18 + DBT_libsec_errors_170,
2.19 + DBT_libsec_errors_171
2.20 };
2.21
2.22 #define NSCP_LIBSSL_ERROR_BASE (-12288)
2.23 -#define NSCP_LIBSSL_MAX_ERROR (NSCP_LIBSSL_ERROR_BASE + 110)
2.24 +#define NSCP_LIBSSL_MAX_ERROR (NSCP_LIBSSL_ERROR_BASE + 112)
2.25
2.26 int nscp_libssl_errors[NSCP_LIBSSL_MAX_ERROR - NSCP_LIBSSL_ERROR_BASE + 1] = {
2.27 DBT_libssl_errors_0,
2.28 @@ -384,7 +386,9 @@
2.29 DBT_libssl_errors_107,
2.30 DBT_libssl_errors_108,
2.31 DBT_libssl_errors_109,
2.32 - DBT_libssl_errors_110
2.33 + DBT_libssl_errors_110,
2.34 + DBT_libssl_errors_111,
2.35 + DBT_libssl_errors_112
2.36 };
2.37
2.38 #define MAXINDEX(a) (sizeof(a) / sizeof(a[0]) - 1)
3.1 --- a/src/server/base/servnss.cpp Wed Sep 30 16:55:48 2009 +0530
3.2 +++ b/src/server/base/servnss.cpp Mon Jan 25 15:35:57 2010 +0530
3.3 @@ -857,14 +857,19 @@
3.4 }
3.5 }
3.6
3.7 -NSAPI_PUBLIC CERTCertificate *servnss_get_cert_from_nickname(const char *nickname, PK11CertListType listType)
3.8 +NSAPI_PUBLIC CERTCertificate *servnss_get_cert_from_nickname(const char *nickname,
3.9 + PK11CertListType listType, CERTCertList* certList)
3.10 {
3.11 if (!nickname) { return NULL; }
3.12
3.13 CERTCertificate *currentCert = NULL, // Cursor in list
3.14 *savedCert = NULL; // Last matching cert
3.15
3.16 - CERTCertList* clist = PK11_ListCerts(listType, NULL);
3.17 + CERTCertList* clist;
3.18 + if (!certList)
3.19 + clist = PK11_ListCerts(listType, NULL);
3.20 + else
3.21 + clist = certList;
3.22 CERTCertListNode *cln;
3.23 for (cln = CERT_LIST_HEAD(clist); !CERT_LIST_END(cln,clist);
3.24 cln = CERT_LIST_NEXT(cln)) {
3.25 @@ -889,7 +894,8 @@
3.26 if (savedCert)
3.27 cert = CERT_DupCertificate(savedCert);
3.28
3.29 - CERT_DestroyCertList(clist);
3.30 + if(!certList)
3.31 + CERT_DestroyCertList(clist);
3.32
3.33 return cert;
3.34 }
4.1 --- a/src/server/base/servnss.h Wed Sep 30 16:55:48 2009 +0530
4.2 +++ b/src/server/base/servnss.h Mon Jan 25 15:35:57 2010 +0530
4.3 @@ -57,6 +57,6 @@
4.4 PRBool servssl_maybe_client_hello(void *buf, int sz);
4.5 void PR_CALLBACK servssl_handshake_callback(PRFileDesc *socket, void *arg);
4.6
4.7 -NSAPI_PUBLIC CERTCertificate *servnss_get_cert_from_nickname(const char *nickname, PK11CertListType type=PK11CertListUser);
4.8 +NSAPI_PUBLIC CERTCertificate *servnss_get_cert_from_nickname(const char *nickname, PK11CertListType type=PK11CertListUser, CERTCertList* clist=NULL);
4.9
4.10 #endif /* SERVNSS_H */
5.1 --- a/src/server/extras/binlog/binlog.cpp Wed Sep 30 16:55:48 2009 +0530
5.2 +++ b/src/server/extras/binlog/binlog.cpp Mon Jan 25 15:35:57 2010 +0530
5.3 @@ -243,7 +243,7 @@
5.4
5.5 tim = (time_t)i;
5.6
5.7 - if (flex_format_64(NULL,(PRInt64) tim, &arr) == -1) {
5.8 + if (flex_format_64_wrapper(NULL,(PRInt64) tim, &arr) == -1) {
5.9 fprintf(stderr, "Error converting time %lld to string\n",
5.10 i);
5.11 return -1;
5.12 @@ -305,7 +305,7 @@
5.13 p += convert(p, i);
5.14
5.15 // convert PRInt64 to string
5.16 - if (flex_format_64(NULL, i, &arr) == -1) {
5.17 + if (flex_format_64_wrapper(NULL, i, &arr) == -1) {
5.18 fprintf(stderr,
5.19 "Error converting content length %lld to string\n",
5.20 i);
6.1 --- a/src/server/httpdaemon/WebServer.cpp Wed Sep 30 16:55:48 2009 +0530
6.2 +++ b/src/server/httpdaemon/WebServer.cpp Mon Jan 25 15:35:57 2010 +0530
6.3 @@ -767,6 +767,7 @@
6.4
6.5 // Dole out the available file descriptors
6.6 if (weightSum) {
6.7 + PRBool lackOfFildes = PR_FALSE;
6.8 if (nFileCacheMaxOpenFiles == -1) {
6.9 nFileCacheMaxOpenFiles = round2(nAvailableDescriptors * weightFileCacheMaxOpenFiles / weightSum);
6.10 if (nFileCacheMaxOpenFiles > configuration->fileCache.maxEntries) {
6.11 @@ -777,10 +778,18 @@
6.12 nFileCacheMaxOpenFiles = configuration->fileCache.maxEntries;
6.13 }
6.14 }
6.15 - if (nKeepAliveMaxConnections == -1)
6.16 + if (nKeepAliveMaxConnections == -1) {
6.17 nKeepAliveMaxConnections = round2(nAvailableDescriptors * weightKeepAliveMaxConnections / weightSum);
6.18 - if (nThreadPoolQueueSize == -1)
6.19 + if (nKeepAliveMaxConnections < pool_maxthreads)
6.20 + lackOfFildes = PR_TRUE;
6.21 + }
6.22 + if (nThreadPoolQueueSize == -1) {
6.23 nThreadPoolQueueSize = round2(nAvailableDescriptors * weightThreadPoolQueueSize / weightSum);
6.24 + if (nThreadPoolQueueSize < pool_maxthreads)
6.25 + lackOfFildes = PR_TRUE;
6.26 + }
6.27 + if (lackOfFildes == PR_TRUE)
6.28 + ereport(LOG_MISCONFIG, XP_GetAdminStr(DBT_LackOfAvailableFileDescriptors));
6.29 }
6.30
6.31 // Update the maxopen in filecache if necessary
7.1 --- a/src/server/httpdaemon/acceptconn.cpp Wed Sep 30 16:55:48 2009 +0530
7.2 +++ b/src/server/httpdaemon/acceptconn.cpp Mon Jan 25 15:35:57 2010 +0530
7.3 @@ -130,6 +130,7 @@
7.4 {
7.5 PR_Close(socketAccept);
7.6 _connQ->AddUnused(conn);
7.7 + continue;
7.8 }
7.9
7.10 if (_connQ->AddReady(conn) != PR_SUCCESS) {
8.1 --- a/src/server/httpdaemon/dbthttpdaemon.h Wed Sep 30 16:55:48 2009 +0530
8.2 +++ b/src/server/httpdaemon/dbthttpdaemon.h Mon Jan 25 15:35:57 2010 +0530
8.3 @@ -321,4 +321,5 @@
8.4 ResDef(DBT_Configuration_CannotParseConfigFile, 358, "HTTP3358: Cannot parse the configuration file")
8.5 ResDef(DBT_Configuration_UnsupportedFeatureBeingUsed, 359, "HTTP3359: An unsupported element %s is being used. The server may not operate correctly if unsupported features are used.")
8.6 ResDef(DBT_ConnectionOverflow, 360, "HTTP3360: connection limit (%d) exceeded.")
8.7 + ResDef(DBT_LackOfAvailableFileDescriptors, 361, "CORE3361: Insufficient file descriptors for optimum configuration.")
8.8 END_STR(httpdaemon)
9.1 --- a/src/server/httpdaemon/kapollthr.cpp Wed Sep 30 16:55:48 2009 +0530
9.2 +++ b/src/server/httpdaemon/kapollthr.cpp Mon Jan 25 15:35:57 2010 +0530
9.3 @@ -479,6 +479,7 @@
9.4 KAPollThread::AcceleratedRespond(PRInt32 numAcceleratable, AcceleratorAsync *async, PRInt32& numClosed, PRInt32& numEnqueue)
9.5 {
9.6 PRInt32 numKeepAliveHits = 0;
9.7 + time_t now = ft_time();
9.8
9.9 for (PRInt32 i = 0; i < numAcceleratable; i++) {
9.10 PRInt32 pollArrayIndex = acceleratable[i].pollArrayIndex;
9.11 @@ -487,6 +488,7 @@
9.12 // Attempt to service the request using the accelerator cache
9.13 int status_num;
9.14 PRInt64 transmitted;
9.15 + time_t expiration = now + connection->keepAliveTimeout;
9.16 // Track session statistics
9.17 beginRequest();
9.18 VirtualServer* vs = GetVS(connection);
9.19 @@ -511,6 +513,7 @@
9.20 // Should the connection be kept alive?
9.21 if (connection->httpHeader.IsKeepAliveRequested()) {
9.22 pollArray.SetDescriptorEvents(pollArrayIndex, PollAdapter::READABLE);
9.23 + pollArray.SetDescriptorExpirationTime(pollArrayIndex, expiration);
9.24 } else {
9.25 pollArray.RemoveDescriptor(pollArrayIndex);
9.26 closed[numClosed++] = connection;
9.27 @@ -525,6 +528,7 @@
9.28 // it. We'll wait for the socket to be writable again.
9.29 pollArray.SetDescriptorEvents(pollArrayIndex, PollAdapter::WRITABLE);
9.30 // XXX elving need to set an IO timeout, perhaps value based on NetwriteTimeout directive?
9.31 + pollArray.SetDescriptorExpirationTime(pollArrayIndex, expiration);
9.32 break;
9.33
9.34 case ACCEL_ASYNC_FALSE:
9.35 @@ -540,8 +544,6 @@
9.36 // Track session statistics
9.37 setMode(STATS_THREAD_IDLE);
9.38 }
9.39 -
9.40 - // XXX elving update keep-alive timeout after each request
9.41
9.42 // record keep-alive hits
9.43 StatsManager::recordKeepaliveHits(numKeepAliveHits);
10.1 --- a/src/server/httpdaemon/statssession.cpp Wed Sep 30 16:55:48 2009 +0530
10.2 +++ b/src/server/httpdaemon/statssession.cpp Mon Jan 25 15:35:57 2010 +0530
10.3 @@ -252,6 +252,9 @@
10.4
10.5 PR_ASSERT(countFunctionNesting == 0);
10.6
10.7 + // End of the request for this VS
10.8 + entryCurrentVs = 0;
10.9 +
10.10 // The session is idle
10.11 inFunction(0);
10.12 thread->lock();
11.1 --- a/src/server/ldaputil/LdapOps.cpp Wed Sep 30 16:55:48 2009 +0530
11.2 +++ b/src/server/ldaputil/LdapOps.cpp Mon Jan 25 15:35:57 2010 +0530
11.3 @@ -49,6 +49,7 @@
11.4 #include "definesEnterprise.h"
11.5 #include "support/NSString.h"
11.6 #include "support/NSTokenizer.h"
11.7 +#include "base/ereport.h"
11.8
11.9 #define LDAP_METACHARS "*&|!()=<>"
11.10
11.11 @@ -251,18 +252,38 @@
11.12 int err = (uniqueNames && names) ? LDAPU_SUCCESS : LDAPU_ERR_OUT_OF_MEMORY;
11.13 void *iter;
11.14 const char *dn;
11.15 + char *buffer;
11.16 + size_t bufsize;
11.17
11.18 if (err == LDAPU_SUCCESS) {
11.19 // add group to filter
11.20 for (iter = m1.first(); iter != NULL; iter = m1.next(iter)) {
11.21 dn = m1.item(iter);
11.22 + // "3" because the escaping mechanism replace one char by 3
11.23 + // escaped character, this will ensure that we have enough space
11.24 + // to escape all characters
11.25 + bufsize = 3 * (strlen(dn)) + 1;
11.26 + buffer = (char *)ldapu_malloc(bufsize);
11.27 + if (!buffer) {
11.28 + err = LDAPU_ERR_OUT_OF_MEMORY;
11.29 + break;
11.30 + }
11.31 + int rc = ldap_create_filter(buffer, bufsize, "%e",NULL,NULL,NULL,(char *)dn,NULL);
11.32 + if (rc != LDAP_SUCCESS) {
11.33 + ereport(LOG_FAILURE, "ldap_create_filter for DN [%s]: failed(%s)\n", dn, ldap_err2string(rc));
11.34 + ldapu_str_free (uniqueNames);
11.35 + ldapu_str_free (names);
11.36 + ldapu_free (buffer);
11.37 + return rc;
11.38 + }
11.39 /*
11.40 if (((err = ldapu_str_append(uniqueNames, "(uniquemember=")) != LDAPU_SUCCESS) ||
11.41 - ((err = ldapu_str_append(uniqueNames, dn)) != LDAPU_SUCCESS) ||
11.42 + ((err = ldapu_str_append(uniqueNames, buffer)) != LDAPU_SUCCESS) ||
11.43 ((err = ldapu_str_append(uniqueNames, ")")) != LDAPU_SUCCESS) ||
11.44 ((err = ldapu_str_append(names, "(member=")) != LDAPU_SUCCESS) ||
11.45 - ((err = ldapu_str_append(names, dn)) != LDAPU_SUCCESS) ||
11.46 + ((err = ldapu_str_append(names, buffer)) != LDAPU_SUCCESS) ||
11.47 ((err = ldapu_str_append(names, ")")) != LDAPU_SUCCESS)) {
11.48 + ldapu_free (buffer);
11.49 break;
11.50 }
11.51 */
11.52 @@ -270,13 +291,15 @@
11.53 if (((err = ldapu_str_append(uniqueNames, "(")) != LDAPU_SUCCESS) ||
11.54 ((err = ldapu_str_append(uniqueNames, grpFilter )) != LDAPU_SUCCESS) ||
11.55 ((err = ldapu_str_append(uniqueNames, "=")) != LDAPU_SUCCESS) ||
11.56 - ((err = ldapu_str_append(uniqueNames, dn)) != LDAPU_SUCCESS) ||
11.57 + ((err = ldapu_str_append(uniqueNames, buffer)) != LDAPU_SUCCESS) ||
11.58 ((err = ldapu_str_append(uniqueNames, ")")) != LDAPU_SUCCESS) ||
11.59 ((err = ldapu_str_append(names, "(member=")) != LDAPU_SUCCESS) ||
11.60 - ((err = ldapu_str_append(names, dn)) != LDAPU_SUCCESS) ||
11.61 + ((err = ldapu_str_append(names, buffer)) != LDAPU_SUCCESS) ||
11.62 ((err = ldapu_str_append(names, ")")) != LDAPU_SUCCESS)) {
11.63 + ldapu_free (buffer);
11.64 break;
11.65 }
11.66 + ldapu_free (buffer);
11.67 }
11.68 }
11.69
11.70 @@ -1027,7 +1050,6 @@
11.71 /* Check if the extended operation was successful */
11.72 lastbindrv = ldap_result2error(session, res, 0);
11.73 int rv = (lastbindrv == LDAP_SUCCESS) ? LDAPU_SUCCESS : lastbindrv;
11.74 - boundto = (lastbindrv == LDAP_SUCCESS) ? OTHER : NONE;
11.75
11.76 if (lastbindrv == LDAP_INVALID_CREDENTIALS)
11.77 return LDAPU_FAILED;
12.1 --- a/src/server/ldaputil/LdapSession.cpp Wed Sep 30 16:55:48 2009 +0530
12.2 +++ b/src/server/ldaputil/LdapSession.cpp Mon Jan 25 15:35:57 2010 +0530
12.3 @@ -323,7 +323,7 @@
12.4
12.5 if (retryCount > maxRetries)
12.6 return new LdapSearchResult(this, NULL, LDAP_CONNECT_ERROR);
12.7 - if (boundto == NONE)
12.8 + if (boundto != DEFAULT)
12.9 rv = bindAsDefault();
12.10 // Using async search instead of sync search see bug: 6295325
12.11 if (rv == LDAP_SUCCESS)
12.12 @@ -334,10 +334,6 @@
12.13 rv = lastoprv = ldap_search_ext_s(session, base, scope, filter,
12.14 attrs, attrsonly,
12.15 NULL, NULL, &time_out, LDAP_NO_LIMIT, &search_results);
12.16 - // Initialize boundto to NONE if ldap search fails for any reason
12.17 - // so that next request can do a fresh ldap bind.
12.18 - if (rv != LDAP_SUCCESS)
12.19 - boundto = NONE;
12.20 if (rv == LDAP_TIMEOUT)
12.21 ereport(LOG_VERBOSE, (char*)"Ldap Search Timeout");
12.22 }
12.23 @@ -361,15 +357,10 @@
12.24
12.25 if (retryCount > maxRetries)
12.26 return LDAP_CONNECT_ERROR;
12.27 - if (boundto == NONE)
12.28 + if (boundto != DEFAULT)
12.29 rv = bindAsDefault();
12.30 if (rv == LDAP_SUCCESS)
12.31 rv = lastoprv = ldap_compare_s(session, dn, attr, value);
12.32 -
12.33 - // Initialize boundto to NONE if ldap compare fails for any reason
12.34 - // so that next request can do a fresh ldap bind.
12.35 - if (rv != LDAP_SUCCESS)
12.36 - boundto = NONE;
12.37 if (!serverDown(rv))
12.38 return rv;
12.39
12.40 @@ -390,15 +381,10 @@
12.41 if (retryCount > maxRetries)
12.42 return LDAP_CONNECT_ERROR;
12.43 int rv = LDAP_SUCCESS;
12.44 - if (boundto == NONE)
12.45 + if (boundto != DEFAULT)
12.46 rv = bindAsDefault();
12.47 if (rv == LDAP_SUCCESS)
12.48 rv = lastoprv = ldap_add_ext_s(session, name, val, NULL, NULL);
12.49 -
12.50 - // Initialize boundto to NONE if ldap add fails for any reason
12.51 - // so that next request can do a fresh ldap bind.
12.52 - if (rv != LDAP_SUCCESS)
12.53 - boundto = NONE;
12.54 if (!serverDown(rv))
12.55 return rv;
12.56 if (reconnect(retryCount++) == LDAP_SUCCESS)
12.57 @@ -412,15 +398,10 @@
12.58 if (retryCount > maxRetries)
12.59 return LDAP_CONNECT_ERROR;
12.60 int rv = LDAP_SUCCESS;
12.61 - if (boundto == NONE)
12.62 + if (boundto != DEFAULT)
12.63 rv = bindAsDefault();
12.64 if (rv == LDAP_SUCCESS)
12.65 rv = lastoprv = ldap_modify_ext_s(session, name, val, NULL, NULL);
12.66 -
12.67 - // Initialize boundto to NONE if ldap modify fails for any reason
12.68 - // so that next request can do a fresh ldap bind.
12.69 - if (rv != LDAP_SUCCESS)
12.70 - boundto = NONE;
12.71 if (!serverDown(rv))
12.72 return rv;
12.73 if (reconnect(retryCount++) == LDAP_SUCCESS)
12.74 @@ -434,15 +415,10 @@
12.75 if (retryCount > maxRetries)
12.76 return LDAP_CONNECT_ERROR;
12.77 int rv = LDAP_SUCCESS;
12.78 - if (boundto == NONE)
12.79 + if (boundto != DEFAULT)
12.80 rv = bindAsDefault();
12.81 if (rv == LDAP_SUCCESS)
12.82 rv = lastoprv = ldap_delete_ext_s(session, name, NULL, NULL);
12.83 -
12.84 - // Initialize boundto to NONE if ldap delete fails for any reason
12.85 - // so that next request can do a fresh ldap bind.
12.86 - if (rv != LDAP_SUCCESS)
12.87 - boundto = NONE;
12.88 if (!serverDown(rv))
12.89 return rv;
12.90 if (reconnect(retryCount++) == LDAP_SUCCESS)
12.91 @@ -456,14 +432,10 @@
12.92 if (retryCount > maxRetries)
12.93 return LDAP_CONNECT_ERROR;
12.94 int rv = LDAP_SUCCESS;
12.95 - if (boundto == NONE)
12.96 + if (boundto != DEFAULT)
12.97 rv = bindAsDefault();
12.98 if (rv == LDAP_SUCCESS)
12.99 rv = lastoprv = ldap_rename_s(session, source, newrdn, NULL, delOld, NULL, NULL);
12.100 - // Initialize boundto to NONE if ldap rename fails for any reason
12.101 - // so that next request can do a fresh ldap bind.
12.102 - if (rv != LDAP_SUCCESS)
12.103 - boundto = NONE;
12.104 if (!serverDown(rv))
12.105 return rv;
12.106 if (reconnect(retryCount++) == LDAP_SUCCESS)
13.1 --- a/src/server/libaccess/dbtlibaccess.h Wed Sep 30 16:55:48 2009 +0530
13.2 +++ b/src/server/libaccess/dbtlibaccess.h Mon Jan 25 15:35:57 2010 +0530
13.3 @@ -215,7 +215,7 @@
13.4 ResDef( DBT_lasOwnerEvalReceivedRequestForAtt_, 247, "HTTP5247: LASOwnerEval received request for attribute %s\n" )
13.5 ResDef( DBT_lasOwnerEvalIllegalComparatorDN_, 248, "HTTP5248: LASOwnerEval - illegal comparator %s\n" )
13.6 ResDef( DBT_lasOwnerEvalIllegalAttrPattern_, 249, "HTTP5249: LASOwnerEval - illegal attribute pattern %s\n" )
13.7 - ResDef( DBT_gssNoKeytab, 250, "HTTP5250: Internal error: No value for krb5-ktname element" )
13.8 + ResDef( DBT_gssNoKeytab, 250, "HTTP5250: Internal error: No value for krb5-keytab-file element" )
13.9 ResDef( DBT_kerberosDbUrlIsWrong, 251, "HTTP5251: kerberos authdb: URL must be 'kerberos'")
13.10 ResDef( DBT_kerberosOM, 252, "HTTP5252: kerberos authdb: out of memory")
13.11 ResDef( DBT_gssapiNoRq, 253, "HTTP5253: gssapi: internal error: no request object" )
14.1 --- a/src/server/libaccess/gssapi.cpp Wed Sep 30 16:55:48 2009 +0530
14.2 +++ b/src/server/libaccess/gssapi.cpp Mon Jan 25 15:35:57 2010 +0530
14.3 @@ -124,7 +124,7 @@
14.4 // initialize the keytab value here during startup.
14.5
14.6 if (env_keytab == NULL) {
14.7 - const char * keytabfilepath = (incoming->krb5Ktname).getStringValue();
14.8 + const char * keytabfilepath = (incoming->krb5KeytabFile).getStringValue();
14.9 ws_gss_setup_env(keytabfilepath);
14.10 }
14.11
14.12 @@ -143,7 +143,7 @@
14.13 // Get the current (what was the incoming) config
14.14 const Configuration * newconfig = ConfigurationManager::getConfiguration();
14.15 assert(newconfig != NULL);
14.16 - const char * ktp = (newconfig->krb5Ktname).getStringValue();
14.17 + const char * ktp = (newconfig->krb5KeytabFile).getStringValue();
14.18
14.19 ws_gss_setup_env(ktp);
14.20
15.1 --- a/src/server/plugins/htaccess/htpasswd.c Wed Sep 30 16:55:48 2009 +0530
15.2 +++ b/src/server/plugins/htaccess/htpasswd.c Mon Jan 25 15:35:57 2010 +0530
15.3 @@ -59,7 +59,7 @@
15.4
15.5 /* forward declares */
15.6 static void copy_file(FILE * source, FILE * dest);
15.7 -int getline(char *s, int n, FILE * f);
15.8 +int INTgetline(char *s, int n, FILE * f);
15.9 void putline(FILE * f, char *l);
15.10 int to64(register char *s, register long v, int n);
15.11 char *getpassword(const char *prompt);
15.12 @@ -83,7 +83,7 @@
15.13 }
15.14
15.15 /* Grab one line from a file */
15.16 -int getline(char *s, int n, FILE * f)
15.17 +int INTgetline(char *s, int n, FILE * f)
15.18 {
15.19 register int i = 0;
15.20
15.21 @@ -254,7 +254,7 @@
15.22 }
15.23
15.24 found = 0;
15.25 - while (!(getline(line, MAX_STRING_LEN, f))) {
15.26 + while (!(INTgetline(line, MAX_STRING_LEN, f))) {
15.27 if (found || (line[0] == '#') || (!line[0])) {
15.28 putline(tfp, line);
15.29 continue;
16.1 --- a/src/server/safs/flexlog.cpp Wed Sep 30 16:55:48 2009 +0530
16.2 +++ b/src/server/safs/flexlog.cpp Mon Jan 25 15:35:57 2010 +0530
16.3 @@ -710,8 +710,7 @@
16.4
16.5 /* ---------------------------- flex_format_64 ---------------------------- */
16.6
16.7 -extern "C" NSAPI_PUBLIC
16.8 -int flex_format_64(pool_handle_t *pool, PRInt64 v, const char **p)
16.9 +static inline int flex_format_64(pool_handle_t *pool, PRInt64 v, const char **p)
16.10 {
16.11 char *buf = (char *) pool_malloc(pool, UTIL_I64TOA_SIZE);
16.12 if (!buf)
16.13 @@ -720,6 +719,13 @@
16.14 *p = buf;
16.15
16.16 return util_i64toa(v, buf);
16.17 +}
16.18 +
16.19 +/* ------------------------ flex_format_64_wrapper ------------------------ */
16.20 +extern "C" NSAPI_PUBLIC
16.21 +int flex_format_64_wrapper(pool_handle_t *pool, PRInt64 v, const char **p)
16.22 +{
16.23 + return flex_format_64(pool, v, p);
16.24 }
16.25
16.26
16.27 @@ -818,16 +824,16 @@
16.28 }
16.29
16.30
16.31 -/* ------------------------- flex_format_duration ------------------------- */
16.32 +/* --------------------- flex_format_duration_binary --------------------- */
16.33
16.34 -static inline int flex_format_duration(Session *sn, Request *rq,
16.35 - const char **p, PRBool binary)
16.36 +static inline int flex_format_duration_binary(Session *sn, Request *rq,
16.37 + const char **p)
16.38 {
16.39 PRIntervalTime start_ticks;
16.40 if (request_get_start_interval(rq, &start_ticks) != PR_SUCCESS)
16.41 return -1;
16.42
16.43 - const int size = binary ? sizeof(PRUint64) : 15; // big enough for a year
16.44 + const int size = sizeof(PRUint64);
16.45 char *buf = (char *) pool_malloc(sn->pool, size);
16.46 if (!buf)
16.47 return -1;
16.48 @@ -838,11 +844,38 @@
16.49 int elapsed_s = ft_time() - rq->req_start;
16.50 if (elapsed_s > flex_max_seconds / 2) {
16.51 // Format duration as s*1000000 to avoid PRIntervalTime overflow
16.52 - if (binary) {
16.53 - PRUint64 t = elapsed_s*1000000;
16.54 - memcpy(buf, &t, size);
16.55 - return size;
16.56 - }
16.57 + PRUint64 t = elapsed_s*1000000;
16.58 + memcpy(buf, &t, size);
16.59 + return size;
16.60 + }
16.61 + }
16.62 +
16.63 + PRUint64 elapsed_ticks = PR_IntervalNow() - start_ticks;
16.64 + PRUint64 elapsed_us = elapsed_ticks * flex_us_per_tick;
16.65 +
16.66 + memcpy(buf, &elapsed_us, size);
16.67 + return size;
16.68 +}
16.69 +
16.70 +/* ------------------------- flex_format_duration ------------------------- */
16.71 +
16.72 +static inline int flex_format_duration(Session *sn, Request *rq, const char **p)
16.73 +{
16.74 + PRIntervalTime start_ticks;
16.75 + if (request_get_start_interval(rq, &start_ticks) != PR_SUCCESS)
16.76 + return -1;
16.77 +
16.78 + const int size = 15; // big enough for a year
16.79 + char *buf = (char *) pool_malloc(sn->pool, size);
16.80 + if (!buf)
16.81 + return -1;
16.82 +
16.83 + *p = buf;
16.84 +
16.85 + if (rq->req_start) {
16.86 + int elapsed_s = ft_time() - rq->req_start;
16.87 + if (elapsed_s > flex_max_seconds / 2) {
16.88 + // Format duration as s*1000000 to avoid PRIntervalTime overflow
16.89 return PR_snprintf(buf, size, "%d000000", elapsed_s);
16.90 }
16.91 }
16.92 @@ -850,10 +883,6 @@
16.93 PRUint64 elapsed_ticks = PR_IntervalNow() - start_ticks;
16.94 PRUint64 elapsed_us = elapsed_ticks * flex_us_per_tick;
16.95
16.96 - if (binary) {
16.97 - memcpy(buf, &elapsed_us, size);
16.98 - return size;
16.99 - }
16.100 return PR_snprintf(buf, size, "%llu", elapsed_us);
16.101 }
16.102
16.103 @@ -900,6 +929,235 @@
16.104 {
16.105 const FlexFormat *f = log->format;
16.106 int pos = 0;
16.107 +
16.108 + // Format tokens for a request served by NSAPI
16.109 + for (int ti = 0; ti < f->ntokens; ti++) {
16.110 + const FlexToken *t = &f->tokens[ti];
16.111 +
16.112 + const char *p = NULL;
16.113 + int len = -1;
16.114 + formatted[ti].appendNull = PR_FALSE;
16.115 +
16.116 + switch (t->type) {
16.117 + case TOKEN_TEXT_OFFSET:
16.118 + p = f->format + t->offset;
16.119 + len = t->len;
16.120 + break;
16.121 +
16.122 + case TOKEN_TEXT_POINTER:
16.123 + p = t->p;
16.124 + len = t->len;
16.125 + break;
16.126 +
16.127 + case TOKEN_MODEL:
16.128 + if (model_str_interpolate(t->model, sn, rq, &p, &len))
16.129 + log_error(LOG_VERBOSE, "flex-log", sn, rq, "error interpolating format (%s)", system_errmsg());
16.130 + break;
16.131 +
16.132 + case TOKEN_SYSDATE:
16.133 + len = flex_format_date(sn->pool, date_format_clf, &p);
16.134 + break;
16.135 +
16.136 + case TOKEN_LOCALEDATE:
16.137 + len = flex_format_date(sn->pool, date_format_locale, &p);
16.138 + break;
16.139 +
16.140 + case TOKEN_TIME:
16.141 + len = flex_format_64(sn->pool, ft_time(), &p);
16.142 + break;
16.143 +
16.144 + case TOKEN_RELATIVETIME:
16.145 + len = flex_format_64(sn->pool, (PRInt64) ft_time() - log->epoch, &p);
16.146 + break;
16.147 +
16.148 + case TOKEN_IP:
16.149 + p = pblock_findkeyval(pb_key_ip, sn->client);
16.150 + break;
16.151 +
16.152 + case TOKEN_DNS:
16.153 + if (!pblock_findkeyval(pb_key_iponly, pb))
16.154 + p = session_dns(sn);
16.155 + if (!p)
16.156 + p = pblock_findkeyval(pb_key_ip, sn->client);
16.157 + break;
16.158 +
16.159 + case TOKEN_METHOD_NUM:
16.160 + len = flex_format_method_num(sn->pool, rq->method_num, &p);
16.161 + break;
16.162 +
16.163 + case TOKEN_PROTV_NUM:
16.164 + len = flex_format_protv_num(sn->pool, rq->protv_num, &p);
16.165 + break;
16.166 +
16.167 + case TOKEN_REQUEST_LINE:
16.168 + p = pblock_findkeyval(pb_key_clf_request, rq->reqpb);
16.169 + break;
16.170 +
16.171 + case TOKEN_REQUEST_LINE_URI:
16.172 + p = pblock_findkeyval(pb_key_clf_request, rq->reqpb);
16.173 + p = flex_skip_method(p);
16.174 + if (p)
16.175 + for (len = 0; p[len] && !isspace(p[len]); len++);
16.176 + break;
16.177 +
16.178 + case TOKEN_REQUEST_LINE_URI_ABS_PATH:
16.179 + p = pblock_findkeyval(pb_key_clf_request, rq->reqpb);
16.180 + p = flex_skip_method(p);
16.181 + if (p)
16.182 + for (len = 0; p[len] && p[len] != '?' && !isspace(p[len]); len++);
16.183 + break;
16.184 +
16.185 + case TOKEN_REQUEST_LINE_URI_QUERY:
16.186 + p = pblock_findkeyval(pb_key_clf_request, rq->reqpb);
16.187 + p = flex_skip_prefix(p, '?');
16.188 + if (p)
16.189 + for (len = 0; p[len] && !isspace(p[len]); len++);
16.190 + break;
16.191 +
16.192 + case TOKEN_REQUEST_LINE_PROTOCOL:
16.193 + p = flex_get_request_line_protocol(rq);
16.194 + break;
16.195 +
16.196 + case TOKEN_REQUEST_LINE_PROTOCOL_NAME:
16.197 + p = flex_get_request_line_protocol(rq);
16.198 + if (p)
16.199 + for (len = 0; p[len] && p[len] != '/'; len++);
16.200 + break;
16.201 +
16.202 + case TOKEN_REQUEST_LINE_PROTOCOL_VERSION:
16.203 + p = flex_get_request_line_protocol(rq);
16.204 + p = flex_skip_prefix(p, '/');
16.205 + break;
16.206 +
16.207 + case TOKEN_METHOD:
16.208 + p = pblock_findkeyval(pb_key_method, rq->reqpb);
16.209 + break;
16.210 +
16.211 + case TOKEN_STATUS_CODE:
16.212 + p = pblock_findkeyval(pb_key_status, rq->srvhdrs);
16.213 + if (p && p[0] && p[1] && p[2])
16.214 + len = 3;
16.215 + break;
16.216 +
16.217 + case TOKEN_STATUS_REASON:
16.218 + p = pblock_findkeyval(pb_key_status, rq->srvhdrs);
16.219 + if (p && p[0] && p[1] && p[2] && p[3]) {
16.220 + p += 4;
16.221 + } else {
16.222 + p = NULL;
16.223 + }
16.224 + break;
16.225 +
16.226 + case TOKEN_CONTENT_LENGTH:
16.227 + p = pblock_findkeyval(pb_key_content_length, rq->srvhdrs);
16.228 + break;
16.229 +
16.230 + case TOKEN_REFERER:
16.231 + p = pblock_findkeyval(pb_key_referer, rq->headers);
16.232 + break;
16.233 +
16.234 + case TOKEN_USER_AGENT:
16.235 + p = pblock_findkeyval(pb_key_user_agent, rq->headers);
16.236 + break;
16.237 +
16.238 + case TOKEN_AUTH_USER:
16.239 + p = pblock_findkeyval(pb_key_auth_user, rq->vars);
16.240 + break;
16.241 +
16.242 + case TOKEN_VSID:
16.243 + p = vs_get_id(request_get_vs(rq));
16.244 + break;
16.245 +
16.246 + case TOKEN_DURATION:
16.247 + len = flex_format_duration(sn, rq, &p);
16.248 + break;
16.249 +
16.250 + case TOKEN_SUBSYSTEM:
16.251 + p = "NSAPI";
16.252 + len = 5;
16.253 + break;
16.254 +
16.255 + case TOKEN_COOKIE:
16.256 + len = flex_format_cookie(sn, rq, t->p, &p);
16.257 + break;
16.258 +
16.259 + case TOKEN_PB_KEY:
16.260 + p = pblock_findkeyval(t->key, pb);
16.261 + break;
16.262 +
16.263 + case TOKEN_PB_NAME:
16.264 + p = pblock_findval(t->p, pb);
16.265 + break;
16.266 +
16.267 + case TOKEN_SN_CLIENT_KEY:
16.268 + p = pblock_findkeyval(t->key, sn->client);
16.269 + break;
16.270 +
16.271 + case TOKEN_SN_CLIENT_NAME:
16.272 + p = pblock_findval(t->p, sn->client);
16.273 + break;
16.274 +
16.275 + case TOKEN_RQ_VARS_KEY:
16.276 + p = pblock_findkeyval(t->key, rq->vars);
16.277 + break;
16.278 +
16.279 + case TOKEN_RQ_VARS_NAME:
16.280 + p = pblock_findval(t->p, rq->vars);
16.281 + break;
16.282 +
16.283 + case TOKEN_RQ_REQPB_KEY:
16.284 + p = pblock_findkeyval(t->key, rq->reqpb);
16.285 + break;
16.286 +
16.287 + case TOKEN_RQ_REQPB_NAME:
16.288 + p = pblock_findval(t->p, rq->reqpb);
16.289 + break;
16.290 +
16.291 + case TOKEN_RQ_HEADERS_KEY:
16.292 + p = pblock_findkeyval(t->key, rq->headers);
16.293 + break;
16.294 +
16.295 + case TOKEN_RQ_HEADERS_NAME:
16.296 + p = pblock_findval(t->p, rq->headers);
16.297 + break;
16.298 +
16.299 + case TOKEN_RQ_SRVHDRS_KEY:
16.300 + p = pblock_findkeyval(t->key, rq->srvhdrs);
16.301 + break;
16.302 +
16.303 + case TOKEN_RQ_SRVHDRS_NAME:
16.304 + p = pblock_findval(t->p, rq->srvhdrs);
16.305 + break;
16.306 +
16.307 + default:
16.308 + PR_ASSERT(0);
16.309 + break;
16.310 + }
16.311 +
16.312 + if (p) {
16.313 + if (len == -1)
16.314 + len = strlen(p);
16.315 + } else {
16.316 + p = "-";
16.317 + len = 1;
16.318 + }
16.319 +
16.320 + formatted[ti].p = p;
16.321 + formatted[ti].len = len;
16.322 +
16.323 + pos += len;
16.324 + }
16.325 +
16.326 + return pos;
16.327 +}
16.328 +
16.329 +/* ---------------------- flex_format_nsapi_binary ------------------------ */
16.330 +
16.331 +static inline int flex_format_nsapi_binary(pblock *pb, Session *sn, Request *rq,
16.332 + FlexLog *log, FlexFormatted *formatted)
16.333 +{
16.334 + const FlexFormat *f = log->format;
16.335 + int pos = 0;
16.336 int nullCount = 0;
16.337
16.338 // Format tokens for a request served by NSAPI
16.339 @@ -914,11 +1172,7 @@
16.340 case TOKEN_TEXT_OFFSET:
16.341 p = f->format + t->offset;
16.342 // not writing beautification stuff in binary log
16.343 - if (f->binary) {
16.344 - len = 0;
16.345 - } else {
16.346 - len = t->len;
16.347 - }
16.348 + len = 0;
16.349 break;
16.350
16.351 case TOKEN_TEXT_POINTER:
16.352 @@ -929,43 +1183,30 @@
16.353 case TOKEN_MODEL:
16.354 if (model_str_interpolate(t->model, sn, rq, &p, &len))
16.355 log_error(LOG_VERBOSE, "flex-log", sn, rq, "error interpolating format (%s)", system_errmsg());
16.356 - else if (f->binary && p && (len > 0)) { // for '\0'
16.357 + else if (p && (len > 0)) { // for '\0'
16.358 formatted[ti].appendNull = PR_TRUE;
16.359 nullCount++;
16.360 }
16.361 break;
16.362
16.363 case TOKEN_SYSDATE:
16.364 - if (f->binary)
16.365 len = flex_format_binary <PRInt64> (sn->pool, (PRInt64)
16.366 ft_time(), &p);
16.367 - else
16.368 - len = flex_format_date(sn->pool, date_format_clf, &p);
16.369 break;
16.370
16.371 case TOKEN_LOCALEDATE:
16.372 - if (f->binary)
16.373 len = flex_format_binary <PRInt64> (sn->pool, (PRInt64)
16.374 ft_time(), &p);
16.375 - else
16.376 - len = flex_format_date(sn->pool, date_format_locale, &p);
16.377 break;
16.378
16.379 case TOKEN_TIME:
16.380 - if (f->binary)
16.381 len = flex_format_binary <PRInt64> (sn->pool, (PRInt64)
16.382 ft_time(), &p);
16.383 - else
16.384 - len = flex_format_64(sn->pool, ft_time(), &p);
16.385 break;
16.386
16.387 case TOKEN_RELATIVETIME:
16.388 - if (f->binary)
16.389 len = flex_format_binary <PRInt64> (sn->pool, (PRInt64)
16.390 (ft_time() - log->epoch), &p);
16.391 - else
16.392 - len = flex_format_64(sn->pool, (PRInt64) ft_time()
16.393 - - log->epoch, &p);
16.394 break;
16.395
16.396 case TOKEN_IP:
16.397 @@ -980,19 +1221,13 @@
16.398 break;
16.399
16.400 case TOKEN_METHOD_NUM:
16.401 - if (f->binary)
16.402 len = flex_format_binary <short> (sn->pool, (short)
16.403 rq->method_num, &p);
16.404 - else
16.405 - len = flex_format_method_num(sn->pool, rq->method_num, &p);
16.406 break;
16.407
16.408 case TOKEN_PROTV_NUM:
16.409 - if (f->binary)
16.410 len = flex_format_binary <short>(sn->pool, (short)
16.411 rq->protv_num, &p);
16.412 - else
16.413 - len = flex_format_protv_num(sn->pool, rq->protv_num, &p);
16.414 break;
16.415
16.416 case TOKEN_REQUEST_LINE:
16.417 @@ -1004,7 +1239,7 @@
16.418 p = flex_skip_method(p);
16.419 if (p)
16.420 for (len = 0; p[len] && !isspace(p[len]); len++);
16.421 - if (f->binary && p && (len > 0)) { // for '\0'
16.422 + if (p && (len > 0)) { // for '\0'
16.423 formatted[ti].appendNull = PR_TRUE;
16.424 nullCount++;
16.425 }
16.426 @@ -1015,7 +1250,7 @@
16.427 p = flex_skip_method(p);
16.428 if (p)
16.429 for (len = 0; p[len] && p[len] != '?' && !isspace(p[len]); len++);
16.430 - if (f->binary && p && (len > 0)) { // for '\0'
16.431 + if (p && (len > 0)) { // for '\0'
16.432 formatted[ti].appendNull = PR_TRUE;
16.433 nullCount++;
16.434 }
16.435 @@ -1026,7 +1261,7 @@
16.436 p = flex_skip_prefix(p, '?');
16.437 if (p)
16.438 for (len = 0; p[len] && !isspace(p[len]); len++);
16.439 - if (f->binary && p && (len > 0)) { // for '\0'
16.440 + if (p && (len > 0)) { // for '\0'
16.441 formatted[ti].appendNull = PR_TRUE;
16.442 nullCount++;
16.443 }
16.444 @@ -1040,7 +1275,7 @@
16.445 p = flex_get_request_line_protocol(rq);
16.446 if (p)
16.447 for (len = 0; p[len] && p[len] != '/'; len++);
16.448 - if (f->binary && p && (len > 0)) { // for '\0'
16.449 + if (p && (len > 0)) { // for '\0'
16.450 formatted[ti].appendNull = PR_TRUE;
16.451 nullCount++;
16.452 }
16.453 @@ -1058,12 +1293,8 @@
16.454 case TOKEN_STATUS_CODE:
16.455 p = pblock_findkeyval(pb_key_status, rq->srvhdrs);
16.456 if (p && p[0] && p[1] && p[2]) {
16.457 - if (f->binary) {
16.458 - short s = atoi(p);
16.459 - len = flex_format_binary <short> (sn->pool, s, &p);
16.460 - } else {
16.461 - len = 3;
16.462 - }
16.463 + short s = atoi(p);
16.464 + len = flex_format_binary <short> (sn->pool, s, &p);
16.465 }
16.466 break;
16.467
16.468 @@ -1078,7 +1309,7 @@
16.469
16.470 case TOKEN_CONTENT_LENGTH:
16.471 p = pblock_findkeyval(pb_key_content_length, rq->srvhdrs);
16.472 - if (f->binary && p) {
16.473 + if (p) {
16.474 PRInt64 cl = util_atoi64(p);
16.475 len = flex_format_binary <PRInt64> (sn->pool, cl, &p);
16.476 }
16.477 @@ -1101,21 +1332,20 @@
16.478 break;
16.479
16.480 case TOKEN_DURATION:
16.481 - len = flex_format_duration(sn, rq, &p, f->binary);
16.482 + len = flex_format_duration_binary(sn, rq, &p);
16.483 break;
16.484
16.485 case TOKEN_SUBSYSTEM:
16.486 p = "NSAPI";
16.487 len = 5;
16.488 - if (f->binary) { // for '\0'
16.489 - formatted[ti].appendNull = PR_TRUE;
16.490 - nullCount++;
16.491 - }
16.492 + // for '\0'
16.493 + formatted[ti].appendNull = PR_TRUE;
16.494 + nullCount++;
16.495 break;
16.496
16.497 case TOKEN_COOKIE:
16.498 len = flex_format_cookie(sn, rq, t->p, &p);
16.499 - if (f->binary && p && (len > 0)) { // for '\0'
16.500 + if (p && (len > 0)) { // for '\0'
16.501 formatted[ti].appendNull = PR_TRUE;
16.502 nullCount++;
16.503 }
16.504 @@ -1182,20 +1412,15 @@
16.505 if (p) {
16.506 if (len == -1) {
16.507 len = strlen(p);
16.508 - if (f->binary) { // for '\0'
16.509 - formatted[ti].appendNull = PR_TRUE;
16.510 - nullCount++;
16.511 - }
16.512 + // for '\0'
16.513 + formatted[ti].appendNull = PR_TRUE;
16.514 + nullCount++;
16.515 }
16.516 } else {
16.517 - if (f->binary) { // for '\0'
16.518 - len = 0;
16.519 - formatted[ti].appendNull = PR_TRUE;
16.520 - nullCount++;
16.521 - } else {
16.522 - p = "-";
16.523 - len = 1;
16.524 - }
16.525 + // for '\0'
16.526 + len = 0;
16.527 + formatted[ti].appendNull = PR_TRUE;
16.528 + nullCount++;
16.529 }
16.530
16.531 formatted[ti].p = p;
16.532 @@ -1206,16 +1431,168 @@
16.533
16.534 pos += nullCount;
16.535 // We now have buffer length we add copy it in the first field
16.536 - if (f->binary)
16.537 - memcpy((void *)(formatted[0].p), (void *)&pos, sizeof(PRInt32));
16.538 + memcpy((void *)(formatted[0].p), (void *)&pos, sizeof(PRInt32));
16.539
16.540 return pos;
16.541 }
16.542
16.543
16.544 +
16.545 /* -------------------------- flex_format_accel --------------------------- */
16.546
16.547 static inline int flex_format_accel(FlexLog *log, pool_handle_t *pool, Connection *connection, const char *status, int status_len, const char *vsid, int vsid_len, PRInt64 cl, FlexFormatted *formatted)
16.548 +{
16.549 + const FlexFormat *f = log->format;
16.550 + int pos = 0;
16.551 +
16.552 + // Format tokens for a request served from the accelerator cache
16.553 + for (int ti = 0; ti < f->ntokens; ti++) {
16.554 + const FlexToken *t = &f->tokens[ti];
16.555 +
16.556 + PR_ASSERT(flex_token_accel(t->type));
16.557 +
16.558 + const char *p = NULL;
16.559 + int len = -1;
16.560 + formatted[ti].appendNull = PR_FALSE;
16.561 +
16.562 + switch (t->type) {
16.563 + case TOKEN_TEXT_OFFSET:
16.564 + p = f->format + t->offset;
16.565 + len = t->len;
16.566 + break;
16.567 +
16.568 + case TOKEN_TEXT_POINTER:
16.569 + p = t->p;
16.570 + len = t->len;
16.571 + break;
16.572 +
16.573 + case TOKEN_SYSDATE:
16.574 + len = flex_format_date(pool, date_format_clf, &p);
16.575 + break;
16.576 +
16.577 + case TOKEN_LOCALEDATE:
16.578 + len = flex_format_date(pool, date_format_locale, &p);
16.579 + break;
16.580 +
16.581 + case TOKEN_TIME:
16.582 + len = flex_format_64(pool, ft_time(), &p);
16.583 + break;
16.584 +
16.585 + case TOKEN_RELATIVETIME:
16.586 + len = flex_format_64(pool, (PRInt64) ft_time() - log->epoch, &p);
16.587 + break;
16.588 +
16.589 + case TOKEN_IP:
16.590 + p = connection->remoteIP.buf;
16.591 + len = connection->remoteIP.len;
16.592 + break;
16.593 +
16.594 + case TOKEN_METHOD_NUM:
16.595 + PR_ASSERT(METHOD_GET == 1);
16.596 + p = "1";
16.597 + len = 1;
16.598 + break;
16.599 +
16.600 + case TOKEN_PROTV_NUM:
16.601 + len = flex_format_protv_num(pool, connection->httpHeader.GetNegotiatedProtocolVersion(), &p);
16.602 + break;
16.603 +
16.604 + case TOKEN_REQUEST_LINE:
16.605 + p = connection->httpHeader.GetRequestLine().ptr;
16.606 + len = connection->httpHeader.GetRequestLine().len;
16.607 + break;
16.608 +
16.609 + case TOKEN_REQUEST_LINE_URI:
16.610 + p = connection->httpHeader.GetRequestAbsPath().ptr;
16.611 + len = connection->httpHeader.GetRequestAbsPath().len;
16.612 + break;
16.613 +
16.614 + case TOKEN_REQUEST_LINE_URI_ABS_PATH:
16.615 + p = connection->httpHeader.GetRequestAbsPath().ptr;
16.616 + len = connection->httpHeader.GetRequestAbsPath().len;
16.617 + break;
16.618 +
16.619 + case TOKEN_REQUEST_LINE_URI_QUERY:
16.620 + break;
16.621 +
16.622 + case TOKEN_REQUEST_LINE_PROTOCOL:
16.623 + len = flex_format_protocol(pool, connection->httpHeader.GetClientProtocolVersion(), &p);
16.624 + break;
16.625 +
16.626 + case TOKEN_REQUEST_LINE_PROTOCOL_NAME:
16.627 + p = "HTTP";
16.628 + len = 4;
16.629 + break;
16.630 +
16.631 + case TOKEN_REQUEST_LINE_PROTOCOL_VERSION:
16.632 + len = flex_format_version(pool, connection->httpHeader.GetClientProtocolVersion(), &p);
16.633 + break;
16.634 +
16.635 + case TOKEN_METHOD:
16.636 + p = "GET";
16.637 + len = 3;
16.638 + break;
16.639 +
16.640 + case TOKEN_STATUS_CODE:
16.641 + p = status;
16.642 + len = status_len;
16.643 + break;
16.644 +
16.645 + case TOKEN_CONTENT_LENGTH:
16.646 + len = flex_format_64(pool, cl, &p);
16.647 + break;
16.648 +
16.649 + case TOKEN_REFERER:
16.650 + len = flex_format_hhstring(connection->httpHeader.GetReferer(), &p);
16.651 + break;
16.652 +
16.653 + case TOKEN_USER_AGENT:
16.654 + len = flex_format_hhstring(connection->httpHeader.GetUserAgent(), &p);
16.655 + break;
16.656 +
16.657 + case TOKEN_AUTH_USER:
16.658 + break;
16.659 +
16.660 + case TOKEN_VSID:
16.661 + p = vsid;
16.662 + len = vsid_len;
16.663 + break;
16.664 +
16.665 + case TOKEN_SUBSYSTEM:
16.666 + // XXX elving differentiate between sync and async in log
16.667 + p = "cache";
16.668 + len = 5;
16.669 + break;
16.670 +
16.671 + default:
16.672 + // XXX elving add support for getting arbitrary headers form HttpHeader
16.673 + PR_ASSERT(0);
16.674 + break;
16.675 + }
16.676 +
16.677 + if (p) {
16.678 + if (len == -1)
16.679 + len = strlen(p);
16.680 + } else {
16.681 + p = "-";
16.682 + len = 1;
16.683 + }
16.684 +
16.685 + formatted[ti].p = p;
16.686 + formatted[ti].len = len;
16.687 +
16.688 + pos += len;
16.689 + }
16.690 +
16.691 + return pos;
16.692 +}
16.693 +
16.694 +/* ---------------------- flex_format_accel_binary ------------------------ */
16.695 +
16.696 +static inline int flex_format_accel_binary(FlexLog *log, pool_handle_t *pool,
16.697 + Connection *connection, const char *status,
16.698 + int status_len, const char *vsid, int vsid_len,
16.699 + PRInt64 cl, FlexFormatted *formatted)
16.700 {
16.701 const FlexFormat *f = log->format;
16.702 int pos = 0;
16.703 @@ -1234,12 +1611,7 @@
16.704 switch (t->type) {
16.705 case TOKEN_TEXT_OFFSET:
16.706 p = f->format + t->offset;
16.707 - // not writing beautification stuff in binary log
16.708 - if (f->binary) {
16.709 - len = 0;
16.710 - } else {
16.711 - len = t->len;
16.712 - }
16.713 + len = 0;
16.714 break;
16.715
16.716 case TOKEN_TEXT_POINTER:
16.717 @@ -1248,42 +1620,29 @@
16.718 break;
16.719
16.720 case TOKEN_SYSDATE:
16.721 - if (f->binary)
16.722 - len = flex_format_binary <PRInt64> (pool, (PRInt64)
16.723 + len = flex_format_binary <PRInt64> (pool, (PRInt64)
16.724 ft_time(), &p);
16.725 - else
16.726 - len = flex_format_date(pool, date_format_clf, &p);
16.727 break;
16.728
16.729 case TOKEN_LOCALEDATE:
16.730 - if (f->binary)
16.731 - len = flex_format_binary <PRInt64> (pool, (PRInt64)
16.732 + len = flex_format_binary <PRInt64> (pool, (PRInt64)
16.733 ft_time(), &p);
16.734 - else
16.735 - len = flex_format_date(pool, date_format_locale, &p);
16.736 break;
16.737
16.738 case TOKEN_TIME:
16.739 - if (f->binary)
16.740 - len = flex_format_binary <PRInt64> (pool, (PRInt64)
16.741 + len = flex_format_binary <PRInt64> (pool, (PRInt64)
16.742 ft_time(), &p);
16.743 - else
16.744 - len = flex_format_64(pool, ft_time(), &p);
16.745 break;
16.746
16.747 case TOKEN_RELATIVETIME:
16.748 - if (f->binary)
16.749 - len = flex_format_binary <PRInt64> (pool, (PRInt64) (ft_time()
16.750 + len = flex_format_binary <PRInt64> (pool, (PRInt64) (ft_time()
16.751 - log->epoch), &p);
16.752 - else
16.753 - len = flex_format_64(pool, (PRInt64) ft_time() - log->epoch,
16.754 - &p);
16.755 break;
16.756
16.757 case TOKEN_IP:
16.758 p = connection->remoteIP.buf;
16.759 len = connection->remoteIP.len;
16.760 - if (f->binary && p && (len > 0)) { // for '\0'
16.761 + if (p && (len > 0)) { // for '\0'
16.762 formatted[ti].appendNull = PR_TRUE;
16.763 nullCount++;
16.764 }
16.765 @@ -1291,27 +1650,18 @@
16.766
16.767 case TOKEN_METHOD_NUM:
16.768 PR_ASSERT(METHOD_GET == 1);
16.769 - if (f->binary)
16.770 - len = flex_format_binary <short> (pool, (short)1, &p);
16.771 - else {
16.772 - p = "1";
16.773 - len = 1;
16.774 - }
16.775 + len = flex_format_binary <short> (pool, (short)1, &p);
16.776 break;
16.777
16.778 case TOKEN_PROTV_NUM:
16.779 - if (f->binary)
16.780 - len = flex_format_binary <short> (pool, (short)
16.781 - connection->httpHeader.GetNegotiatedProtocolVersion(), &p);
16.782 - else
16.783 - len = flex_format_protv_num(pool,
16.784 + len = flex_format_binary <short> (pool, (short)
16.785 connection->httpHeader.GetNegotiatedProtocolVersion(), &p);
16.786 break;
16.787
16.788 case TOKEN_REQUEST_LINE:
16.789 p = connection->httpHeader.GetRequestLine().ptr;
16.790 len = connection->httpHeader.GetRequestLine().len;
16.791 - if (f->binary && p && (len > 0)) { // for '\0'
16.792 + if (p && (len > 0)) { // for '\0'
16.793 formatted[ti].appendNull = PR_TRUE;
16.794 nullCount++;
16.795 }
16.796 @@ -1320,7 +1670,7 @@
16.797 case TOKEN_REQUEST_LINE_URI:
16.798 p = connection->httpHeader.GetRequestAbsPath().ptr;
16.799 len = connection->httpHeader.GetRequestAbsPath().len;
16.800 - if (f->binary && p && (len > 0)) { // for '\0'
16.801 + if (p && (len > 0)) { // for '\0'
16.802 formatted[ti].appendNull = PR_TRUE;
16.803 nullCount++;
16.804 }
16.805 @@ -1329,7 +1679,7 @@
16.806 case TOKEN_REQUEST_LINE_URI_ABS_PATH:
16.807 p = connection->httpHeader.GetRequestAbsPath().ptr;
16.808 len = connection->httpHeader.GetRequestAbsPath().len;
16.809 - if (f->binary && p && (len > 0)) { // for '\0'
16.810 + if (p && (len > 0)) { // for '\0'
16.811 formatted[ti].appendNull = PR_TRUE;
16.812 nullCount++;
16.813 }
16.814 @@ -1340,7 +1690,7 @@
16.815
16.816 case TOKEN_REQUEST_LINE_PROTOCOL:
16.817 len = flex_format_protocol(pool, connection->httpHeader.GetClientProtocolVersion(), &p);
16.818 - if (f->binary && p && (len > 0)) { // for '\0'
16.819 + if (p && (len > 0)) { // for '\0'
16.820 formatted[ti].appendNull = PR_TRUE;
16.821 nullCount++;
16.822 }
16.823 @@ -1349,15 +1699,14 @@
16.824 case TOKEN_REQUEST_LINE_PROTOCOL_NAME:
16.825 p = "HTTP";
16.826 len = 4;
16.827 - if (f->binary) { // for '\0'
16.828 - formatted[ti].appendNull = PR_TRUE;
16.829 - nullCount++;
16.830 - }
16.831 + // for '\0'
16.832 + formatted[ti].appendNull = PR_TRUE;
16.833 + nullCount++;
16.834 break;
16.835
16.836 case TOKEN_REQUEST_LINE_PROTOCOL_VERSION:
16.837 len = flex_format_version(pool, connection->httpHeader.GetClientProtocolVersion(), &p);
16.838 - if (f->binary && p && (len > 0)) { // for '\0'
16.839 + if (p && (len > 0)) { // for '\0'
16.840 formatted[ti].appendNull = PR_TRUE;
16.841 nullCount++;
16.842 }
16.843 @@ -1366,34 +1715,25 @@
16.844 case TOKEN_METHOD:
16.845 p = "GET";
16.846 len = 3;
16.847 - if (f->binary) { // for '\0'
16.848 - formatted[ti].appendNull = PR_TRUE;
16.849 - nullCount++;
16.850 - }
16.851 + // for '\0'
16.852 + formatted[ti].appendNull = PR_TRUE;
16.853 + nullCount++;
16.854 break;
16.855
16.856 case TOKEN_STATUS_CODE:
16.857 - if (f->binary) {
16.858 - if (status) {
16.859 - short s = atoi(status);
16.860 - len = flex_format_binary <short>(pool, s, &p);
16.861 - }
16.862 - } else {
16.863 - p = status;
16.864 - len = status_len;
16.865 + if (status) {
16.866 + short s = atoi(status);
16.867 + len = flex_format_binary <short>(pool, s, &p);
16.868 }
16.869 break;
16.870
16.871 case TOKEN_CONTENT_LENGTH:
16.872 - if (f->binary)
16.873 - len = flex_format_binary <PRInt64> (pool, cl, &p);
16.874 - else
16.875 - len = flex_format_64(pool, cl, &p);
16.876 + len = flex_format_binary <PRInt64> (pool, cl, &p);
16.877 break;
16.878
16.879 case TOKEN_REFERER:
16.880 len = flex_format_hhstring(connection->httpHeader.GetReferer(), &p);
16.881 - if (f->binary && p && (len > 0)) { // for '\0'
16.882 + if (p && (len > 0)) { // for '\0'
16.883 formatted[ti].appendNull = PR_TRUE;
16.884 nullCount++;
16.885 }
16.886 @@ -1401,7 +1741,7 @@
16.887
16.888 case TOKEN_USER_AGENT:
16.889 len = flex_format_hhstring(connection->httpHeader.GetUserAgent(), &p);
16.890 - if (f->binary && p && (len > 0)) { // for '\0'
16.891 + if (p && (len > 0)) { // for '\0'
16.892 formatted[ti].appendNull = PR_TRUE;
16.893 nullCount++;
16.894 }
16.895 @@ -1413,7 +1753,7 @@
16.896 case TOKEN_VSID:
16.897 p = vsid;
16.898 len = vsid_len;
16.899 - if (f->binary && p && (len > 0)) { // for '\0'
16.900 + if (p && (len > 0)) { // for '\0'
16.901 formatted[ti].appendNull = PR_TRUE;
16.902 nullCount++;
16.903 }
16.904 @@ -1423,10 +1763,9 @@
16.905 // XXX elving differentiate between sync and async in log
16.906 p = "cache";
16.907 len = 5;
16.908 - if (f->binary) { // for '\0'
16.909 - formatted[ti].appendNull = PR_TRUE;
16.910 - nullCount++;
16.911 - }
16.912 + // for '\0'
16.913 + formatted[ti].appendNull = PR_TRUE;
16.914 + nullCount++;
16.915 break;
16.916
16.917 case TOKEN_RECORD_SIZE:
16.918 @@ -1444,20 +1783,15 @@
16.919 if (p) {
16.920 if (len == -1) {
16.921 len = strlen(p);
16.922 - if (f->binary) { // for '\0'
16.923 - formatted[ti].appendNull = PR_TRUE;
16.924 - nullCount++;
16.925 - }
16.926 + // for '\0'
16.927 + formatted[ti].appendNull = PR_TRUE;
16.928 + nullCount++;
16.929 }
16.930 } else {
16.931 - if (f->binary) { // for '\0'
16.932 - len = 0;
16.933 - formatted[ti].appendNull = PR_TRUE;
16.934 - nullCount++;
16.935 - } else {
16.936 - p = "-";
16.937 - len = 1;
16.938 - }
16.939 + // for '\0'
16.940 + len = 0;
16.941 + formatted[ti].appendNull = PR_TRUE;
16.942 + nullCount++;
16.943 }
16.944
16.945 formatted[ti].p = p;
16.946 @@ -1468,8 +1802,7 @@
16.947
16.948 pos += nullCount;
16.949 // We now have buffer length we add copy it in the first field
16.950 - if (f->binary)
16.951 - memcpy((void *)(formatted[0].p), (void *)&pos, sizeof(PRInt32));
16.952 + memcpy((void *)(formatted[0].p), (void *)&pos, sizeof(PRInt32));
16.953
16.954 return pos;
16.955 }
16.956 @@ -1998,7 +2331,11 @@
16.957 return REQ_ABORTED;
16.958
16.959 // Format the tokens
16.960 - int len = flex_format_nsapi(pb, sn, rq, log, formatted);
16.961 + int len;
16.962 + if (f->binary)
16.963 + len = flex_format_nsapi_binary(pb, sn, rq, log, formatted);
16.964 + else
16.965 + len = flex_format_nsapi(pb, sn, rq, log, formatted);
16.966
16.967 // Write the entry to the log file
16.968 int rv = flex_write(sn->pool, log, formatted, len, NULL, f->binary);
16.969 @@ -2026,7 +2363,11 @@
16.970 FlexFormatted *formatted = (FlexFormatted *) pool_malloc(pool, sizeof(FlexFormatted) * f->ntokens);
16.971
16.972 // Format the tokens
16.973 - int len = flex_format_accel(log, pool, connection, status, status_len, vsid, vsid_len, cl, formatted);
16.974 + int len = 0;
16.975 + if (f->binary)
16.976 + len = flex_format_accel_binary(log, pool, connection, status, status_len, vsid, vsid_len, cl, formatted);
16.977 + else
16.978 + len = flex_format_accel(log, pool, connection, status, status_len, vsid, vsid_len, cl, formatted);
16.979
16.980 // Write the entry to the log file
16.981 flex_write(pool, log, formatted, len, NULL, f->binary);
16.982 @@ -2055,7 +2396,11 @@
16.983 FlexFormatted *formatted = (FlexFormatted *) pool_malloc(pool, sizeof(FlexFormatted) * f->ntokens);
16.984
16.985 // Format the tokens
16.986 - int len = flex_format_accel(log, pool, connection, status, status_len, vsid, vsid_len, cl, formatted);
16.987 + int len = 0;
16.988 + if (f->binary)
16.989 + len = flex_format_accel_binary(log, pool, connection, status, status_len, vsid, vsid_len, cl, formatted);
16.990 + else
16.991 + len = flex_format_accel(log, pool, connection, status, status_len, vsid, vsid_len, cl, formatted);
16.992 int desired = len + ((f->binary)?0:ENDLINE_LEN);
16.993 PRBool spaceAvailable = PR_FALSE;
16.994
17.1 --- a/src/server/safs/flexlogcommon.h Wed Sep 30 16:55:48 2009 +0530
17.2 +++ b/src/server/safs/flexlogcommon.h Mon Jan 25 15:35:57 2010 +0530
17.3 @@ -213,7 +213,7 @@
17.4 NSAPI_PUBLIC const char *flex_scan_percent_token(FlexFormat *f, const char *p);
17.5 NSAPI_PUBLIC const char *flex_scan_dollar_token(FlexFormat *f, const char *p);
17.6 NSAPI_PUBLIC const char *flex_scan_text_token(FlexFormat *f, const char *p);
17.7 -NSAPI_PUBLIC int flex_format_64(pool_handle_t *pool, PRInt64 v, const char **p);
17.8 +NSAPI_PUBLIC int flex_format_64_wrapper(pool_handle_t *pool, PRInt64 v, const char **p);
17.9 NSAPI_PUBLIC int flex_format_time(pool_handle_t *pool, time_t tim, int type, const char **p);
17.10
17.11
18.1 --- a/src/tools/httptest/nscperror.cpp Wed Sep 30 16:55:48 2009 +0530
18.2 +++ b/src/tools/httptest/nscperror.cpp Mon Jan 25 15:35:57 2010 +0530
18.3 @@ -44,9 +44,9 @@
18.4 #endif
18.5 #define NSCP_NSPR_MAX_ERROR (NSCP_NSPR_ERROR_BASE + 75)
18.6 #define NSCP_LIBSEC_ERROR_BASE (-8192)
18.7 -#define NSCP_LIBSEC_MAX_ERROR (NSCP_LIBSEC_ERROR_BASE + 169)
18.8 +#define NSCP_LIBSEC_MAX_ERROR (NSCP_LIBSEC_ERROR_BASE + 171)
18.9 #define NSCP_LIBSSL_ERROR_BASE (-12288)
18.10 -#define NSCP_LIBSSL_MAX_ERROR (NSCP_LIBSSL_ERROR_BASE + 110)
18.11 +#define NSCP_LIBSSL_MAX_ERROR (NSCP_LIBSSL_ERROR_BASE + 112)
18.12
18.13 typedef struct nscp_error_t {
18.14 int errorNumber;
18.15 @@ -309,7 +309,9 @@
18.16 { 166, "SEC_ERROR_LIBPKIX_INTERNAL: Libpkix internal error occured during cert validation." },
18.17 { 167, "SEC_ERROR_PKCS11_GENERAL_ERROR: PKCS11 general error occured during cert validation." },
18.18 { 168, "SEC_ERROR_PKCS11_FUNCTION_FAILED: PKCS11 function failed." },
18.19 - { 169, "SEC_ERROR_PKCS11_DEVICE_ERROR: PKCS11 device error." }
18.20 + { 169, "SEC_ERROR_PKCS11_DEVICE_ERROR: PKCS11 device error." },
18.21 + { 170, "SEC_ERROR_BAD_INFO_ACCESS_METHOD: Bad access info." },
18.22 + { 171, "SEC_ERROR_CRL_IMPORT_FAILED: CRL import failed." }
18.23
18.24 };
18.25
18.26 @@ -424,7 +426,9 @@
18.27 { 107, "SSL_ERROR_BAD_CERT_STATUS_RESPONSE_ALERT: SSL peer was unable to get an OCSP response for its certificate." },
18.28 { 108, "SSL_ERROR_BAD_CERT_HASH_VALUE_ALERT: SSL peer reported bad certificate hash value." },
18.29 { 109, "SSL_ERROR_RX_UNEXPECTED_NEW_SESSION_TICKET: SSL received an unexpected New Session Ticket handshake message." },
18.30 - { 110, "SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET: SSL received a malformed New Session Ticket handshake message." }
18.31 + { 110, "SSL_ERROR_RX_MALFORMED_NEW_SESSION_TICKET: SSL received a malformed New Session Ticket handshake message." },
18.32 + { 111, "SSL_ERROR_DECOMPRESSION_FAILURE: SSL decompression failed." },
18.33 + { 112, "SSL_ERROR_RENEGOTIATION_NOT_ALLOWED: SSL renegotiation not allowed." }
18.34
18.35 };
18.36