Attachment #6995 for bug #38823

(-)a/univention-directory-listener/debian/changelog (+6 lines)

Lines 1-3	Link Here

univention-directory-listener (12.0.1-12) unstable; urgency=low

  * Issue #2387: Implement local cache filter

 -- Philipp Hahn <hahn@univention.de>  Wed, 01 Jul 2015 17:07:10 +0200

univention-directory-listener (12.0.1-11) unstable; urgency=low

univention-directory-listener (12.0.1-11) unstable; urgency=low

  * create /etc/ldap/rootpw.conf if missing

  * create /etc/ldap/rootpw.conf if missing

(-)a/univention-directory-listener/debian/univention-directory-listener.univention-config-registry-variables (+6 lines)

Lines 27-29 Description[de]=Ist diese Variable auf 'yes' gesetzt, führt der Univention Dire	Link Here

Description[en]=If this variable is set to 'yes', the Univention Directory Listener performs consistency checks to prevent a user name being added into a group multiple times. These checks can be deactivated by setting the variables 'listener/memberuid/skip' and 'listener/uniquemember/skip' to 'no'.

Description[en]=If this variable is set to 'yes', the Univention Directory Listener performs consistency checks to prevent a user name being added into a group multiple times. These checks can be deactivated by setting the variables 'listener/memberuid/skip' and 'listener/uniquemember/skip' to 'no'.

Type=str

Type=str

Categories=service-ln

Categories=service-ln

[listener/cache/filter]

Description[de]=LDAP filter string, um das lokale Cachen zu verhindern.

Description[en]=LDAP filter string to prevent local caching

Type=str

Categories=service-ln




CC=gcc
DB_LDADD=-ldb3
DB_CFLAGS=-I/usr/include/db3 -DWITH_DB3
DB_OBJS=cache.o cache_entry.o cache_lowlevel.o base64.o filter.o

CFLAGS=-g -Wall -Werror -D_FILE_OFFSET_BITS=64 $(DB_CFLAGS)
LDADD=-g -luniventiondebug
LISTENER_LDADD=$(LDADD) -luniventionpolicy -lldap -lpython2.6 $(DB_LDADD)
LISTENER_OBJS=main.o notifier.o transfile.o handlers.o change.o network.o signals.o select_server.o $(DB_OBJS)
DUMP_LDADD=$(LDADD) -lldap -luniventionconfig $(DB_LDADD)
DUMP_OBJS=dump.o dump_signals.o $(DB_OBJS)
DEMO_LDADD=$(LDADD) -luniventionconfig

(-)a/univention-directory-listener/src/cache.c (+22 lines)

Lines 71-76	Link Here

#include <stdbool.h>

#include <stdbool.h>

#include <univention/debug.h>

#include <univention/debug.h>

#include <univention/config.h>

#include "common.h"

#include "common.h"

#include "cache.h"

#include "cache.h"

Lines 78-83	Link Here

#include "cache_entry.h"

#include "cache_entry.h"

#include "network.h"

#include "network.h"

#include "signals.h"

#include "signals.h"

#include "filter.h"

#include "utils.h"

#define MASTER_KEY "__master__"

#define MASTER_KEY "__master__"

#define MASTER_KEY_SIZE (sizeof MASTER_KEY)

#define MASTER_KEY_SIZE (sizeof MASTER_KEY)

Lines 94-99 DB_ENV *dbenvp;	Link Here

#endif

#endif

static FILE *lock_fp=NULL;

static FILE *lock_fp=NULL;

100

static struct filter cache_filter;

101

static struct filter *cache_filters[] = {&cache_filter, NULL};

102

103

static void setup_cache_filter(void) {

104

	cache_filter.filter = univention_config_get_string("listener/cache/filter");

105

	if (cache_filter.filter && cache_filter.filter[0]) {

106

		cache_filter.base = univention_config_get_string("ldap/base");

107

		cache_filter.scope = LDAP_SCOPE_SUBTREE;

108

	} else {

109

		FREE(cache_filter.filter);

110

		FREE(cache_filter.base);

111

112

113

#ifdef WITH_DB42

114

#ifdef WITH_DB42

static void cache_panic_call(DB_ENV *dbenvp, int errval)

115

static void cache_panic_call(DB_ENV *dbenvp, int errval)

116

Lines 192-197 int cache_init(void)	Link Here

192

209

193

	dbp->set_errcall(dbp, cache_error_message);

210

	dbp->set_errcall(dbp, cache_error_message);

194

#endif

211

#endif

212

	setup_cache_filter();

195

	return 0;

213

	return 0;

196

214

197

215

Lines 429-434 int cache_update_entry_lower(NotifierID id, char dn, CacheEntry entry)	Link Here

429

	char *lower_dn;

447

	char *lower_dn;

430

	int rv = 0;

448

	int rv = 0;

431

449

450

	/* IN8 Issue 2387: Skip caching certain entries matching LDAP filter */

451

	if (cache_filter.filter && cache_entry_ldap_filter_match(cache_filters, dn, entry))

452

		return rv;

453

432

	lower_dn = _convert_to_lower(dn);

454

	lower_dn = _convert_to_lower(dn);

433

	rv = cache_update_entry(id, lower_dn, entry);

455

	rv = cache_update_entry(id, lower_dn, entry);

434

456

(-)a/univention-directory-listener/src/handlers.c (-2 / +2 lines)

Lines 88-94 static PyObject* module_import(char *filename)	Link Here

	namep = strrchr(filename, '.');

	namep = strrchr(filename, '.');

	if ((namep != NULL) && (strcmp(namep, ".pyo") == 0)) {

	if ((namep != NULL) && (strcmp(namep, ".pyo") == 0)) {

		long magic;

		__attribute__((unused)) long magic;

		magic = PyMarshal_ReadLongFromFile(fp);

		magic = PyMarshal_ReadLongFromFile(fp);

		/* we should probably check the magic here */

		/* we should probably check the magic here */

Lines 936-942 int handlers_set_data_all(char key, char value)	Link Here

936

937

	Handler *handler;

937

	Handler *handler;

938

	PyObject *argtuple;

938

	PyObject *argtuple;

939

	int rv = 1;

939

	__attribute__((unused))  int rv = 1;

940

941

	univention_debug(UV_DEBUG_LISTENER, UV_DEBUG_INFO, "setting data for all handlers: key=%s  value=%s", key, strcmp("bindpw", key) ? value : "<HIDDEN>");

941

	univention_debug(UV_DEBUG_LISTENER, UV_DEBUG_INFO, "setting data for all handlers: key=%s  value=%s", key, strcmp("bindpw", key) ? value : "<HIDDEN>");

942

(-)a/univention-directory-listener/src/utils.h (-1 / +5 lines)

Lines 4-9	Link Here

#include <ldap.h>

#include <ldap.h>

#define FREE(ptr) \

	free(ptr); \

	ptr = NULL;

static inline bool BERSTREQ(const struct berval *ber, const char *str, size_t len) {

static inline bool BERSTREQ(const struct berval *ber, const char *str, size_t len) {

	return ber->bv_len == len && memcmp(ber->bv_val, str, len) == 0;

	return ber->bv_len == len && memcmp(ber->bv_val, str, len) == 0;

Return to bug 38823