From patchwork Fri Dec 14 22:38:19 2012
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Chuck Lever <chuck.lever@oracle.com>
X-Patchwork-Id: 206581
Return-Path: <fedfs-utils-devel-bounces@oss.oracle.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client CN "userp1040.oracle.com",
	Issuer "VeriSign Class 3 International Server CA - G3" (not
	verified)) by ozlabs.org (Postfix) with ESMTPS id 03BAF2C008F
	for <incoming@patchwork.ozlabs.org>;
	Sat, 15 Dec 2012 09:38:30 +1100 (EST)
Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238])
	by userp1040.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2)
	with ESMTP id qBEMcRgE016842
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
	Fri, 14 Dec 2012 22:38:28 GMT
Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51])
	by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	qBEMcQwM003863
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 14 Dec 2012 22:38:27 GMT
Received: from localhost ([127.0.0.1] helo=oss.oracle.com)
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <fedfs-utils-devel-bounces@oss.oracle.com>)
	id 1Tjdti-0005vx-Te; Fri, 14 Dec 2012 14:38:26 -0800
Received: from ucsinet21.oracle.com ([156.151.31.93])
	by oss.oracle.com with esmtp (Exim 4.63)
	(envelope-from <chucklever@gmail.com>) id 1Tjdte-0005ve-3O
	for fedfs-utils-devel@oss.oracle.com; Fri, 14 Dec 2012 14:38:22 -0800
Received: from userp1030.oracle.com (userp1030.oracle.com [156.151.31.80])
	by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id
	qBEMcLL9000544
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK)
	for <fedfs-utils-devel@oss.oracle.com>; Fri, 14 Dec 2012 22:38:21 GMT
Received: from mail-ia0-f171.google.com (mail-ia0-f171.google.com
	[209.85.210.171])
	by userp1030.oracle.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with
	ESMTP id qBEMcKhA027001
	(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK)
	for <fedfs-utils-devel@oss.oracle.com>; Fri, 14 Dec 2012 22:38:21 GMT
Received: by mail-ia0-f171.google.com with SMTP id k27so3643368iad.2
	for <fedfs-utils-devel@oss.oracle.com>;
	Fri, 14 Dec 2012 14:38:20 -0800 (PST)
Received: by 10.50.85.170 with SMTP id i10mr3184167igz.14.1355524700547;
	Fri, 14 Dec 2012 14:38:20 -0800 (PST)
Received: from seurat.1015granger.net ([99.26.161.222])
	by mx.google.com with ESMTPS id fa6sm5068560igb.2.2012.12.14.14.38.19
	(version=TLSv1/SSLv3 cipher=OTHER);
	Fri, 14 Dec 2012 14:38:20 -0800 (PST)
From: Chuck Lever <chuck.lever@oracle.com>
To: fedfs-utils-devel@oss.oracle.com
Date: Fri, 14 Dec 2012 17:38:19 -0500
Message-ID: <20121214223818.22243.90.stgit@seurat.1015granger.net>
In-Reply-To: <20121214221556.22243.9462.stgit@seurat.1015granger.net>
References: <20121214221556.22243.9462.stgit@seurat.1015granger.net>
User-Agent: StGIT/0.14.3
MIME-Version: 1.0
X-Flow-Control-Info: class=Default reputation=ipRepBelow100 ip=209.85.210.171
	ct-class=R5 ct-vol1=0 ct-vol2=8 ct-vol3=7 ct-risk=49
	ct-spam1=75 ct-spam2=7 ct-bulk=5 rcpts=1 size=7371
X-MM-CT-Classification: not spam
X-MM-CT-RefID: str=0001.0A090208.50CBAA5D.0035,ss=1,re=0.000,fgs=0
Subject: [fedfs-utils] [PATCH 07/11] nsdbc: Do not follow LDAP referrals
	during administrator operations
X-BeenThere: fedfs-utils-devel@oss.oracle.com
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: fedfs-utils Developers <fedfs-utils-devel@oss.oracle.com>
List-Id: fedfs-utils Developers <fedfs-utils-devel.oss.oracle.com>
List-Unsubscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=unsubscribe>
List-Archive: <http://oss.oracle.com/pipermail/fedfs-utils-devel>
List-Post: <mailto:fedfs-utils-devel@oss.oracle.com>
List-Help: <mailto:fedfs-utils-devel-request@oss.oracle.com?subject=help>
List-Subscribe: <https://oss.oracle.com/mailman/listinfo/fedfs-utils-devel>,
	<mailto:fedfs-utils-devel-request@oss.oracle.com?subject=subscribe>
Sender: fedfs-utils-devel-bounces@oss.oracle.com
Errors-To: fedfs-utils-devel-bounces@oss.oracle.com
X-Source-IP: acsinet22.oracle.com [141.146.126.238]

NSDB tools that perform administrative operations are not ever
allowed to follow LDAP referrals.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---

 src/nsdbc/nsdb-annotate.c    |    4 ++++
 src/nsdbc/nsdb-create-fsl.c  |    5 +++++
 src/nsdbc/nsdb-create-fsn.c  |    5 +++++
 src/nsdbc/nsdb-delete-fsl.c  |    5 +++++
 src/nsdbc/nsdb-delete-fsn.c  |    5 +++++
 src/nsdbc/nsdb-delete-nsdb.c |    5 +++++
 src/nsdbc/nsdb-describe.c    |    4 ++++
 src/nsdbc/nsdb-nces.c        |    5 +++++
 src/nsdbc/nsdb-remove-nci.c  |    5 +++++
 src/nsdbc/nsdb-simple-nce.c  |    5 +++++
 src/nsdbc/nsdb-update-fsl.c  |    5 +++++
 src/nsdbc/nsdb-update-nci.c  |    5 +++++
 12 files changed, 58 insertions(+), 0 deletions(-)

diff --git a/src/nsdbc/nsdb-annotate.c b/src/nsdbc/nsdb-annotate.c
index 2d3acec..c4ad5f4 100644
--- a/src/nsdbc/nsdb-annotate.c
+++ b/src/nsdbc/nsdb-annotate.c
@@ -300,6 +300,10 @@ main(int argc, char **argv)
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
 		switch (ldap_err) {
+		case LDAP_REFERRAL:
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
 		case LDAP_NO_SUCH_ATTRIBUTE:
 			fprintf(stderr, "Annotation \"%s\" = \"%s\" not found\n",
 				keyword, value);
diff --git a/src/nsdbc/nsdb-create-fsl.c b/src/nsdbc/nsdb-create-fsl.c
index 278d14e..845d452 100644
--- a/src/nsdbc/nsdb-create-fsl.c
+++ b/src/nsdbc/nsdb-create-fsl.c
@@ -289,6 +289,11 @@ main(int argc, char **argv)
 			fprintf(stderr, "NCE %s does not exist\n", nce);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to create FSL %s: %s\n",
 			fsl_uuid, ldap_err2string(ldap_err));
 		break;
diff --git a/src/nsdbc/nsdb-create-fsn.c b/src/nsdbc/nsdb-create-fsn.c
index 5591516..fd53120 100644
--- a/src/nsdbc/nsdb-create-fsn.c
+++ b/src/nsdbc/nsdb-create-fsn.c
@@ -266,6 +266,11 @@ main(int argc, char **argv)
 			fprintf(stderr, "NCE %s does not exist\n", nce);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to create FSN: %s\n",
 			ldap_err2string(ldap_err));
 		break;
diff --git a/src/nsdbc/nsdb-delete-fsl.c b/src/nsdbc/nsdb-delete-fsl.c
index 9dc48aa..726845f 100644
--- a/src/nsdbc/nsdb-delete-fsl.c
+++ b/src/nsdbc/nsdb-delete-fsl.c
@@ -252,6 +252,11 @@ main(int argc, char **argv)
 			nsdbname, nsdbport, fsl_uuid);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to delete FSL %s: %s\n",
 			fsl_uuid, ldap_err2string(ldap_err));
 		break;
diff --git a/src/nsdbc/nsdb-delete-fsn.c b/src/nsdbc/nsdb-delete-fsn.c
index 3efaeb8..f3927f0 100644
--- a/src/nsdbc/nsdb-delete-fsn.c
+++ b/src/nsdbc/nsdb-delete-fsn.c
@@ -261,6 +261,11 @@ main(int argc, char **argv)
 		fprintf(stderr, "FSN %s still has FSL entries\n", fsn_uuid);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		/* XXX: "Operation not allowed on non-leaf" means
 		 *	this FSN still has children FSLs. */
 		fprintf(stderr, "Failed to delete FSN %s: %s\n",
diff --git a/src/nsdbc/nsdb-delete-nsdb.c b/src/nsdbc/nsdb-delete-nsdb.c
index 88b811b..f76d786 100644
--- a/src/nsdbc/nsdb-delete-nsdb.c
+++ b/src/nsdbc/nsdb-delete-nsdb.c
@@ -218,6 +218,11 @@ main(int argc, char **argv)
 		fprintf(stderr, "NCE %s does not exist\n", nce);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to remove NCE %s: %s\n",
 			nce, ldap_err2string(ldap_err));
 		break;
diff --git a/src/nsdbc/nsdb-describe.c b/src/nsdbc/nsdb-describe.c
index f90cb2a..947cab1 100644
--- a/src/nsdbc/nsdb-describe.c
+++ b/src/nsdbc/nsdb-describe.c
@@ -243,6 +243,10 @@ main(int argc, char **argv)
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
 		switch (ldap_err) {
+		case LDAP_REFERRAL:
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
 		case LDAP_NO_SUCH_OBJECT:
 			fprintf(stderr, "Entry \"%s\" not found\n", entry);
 			break;
diff --git a/src/nsdbc/nsdb-nces.c b/src/nsdbc/nsdb-nces.c
index 523a44b..247ccf6 100644
--- a/src/nsdbc/nsdb-nces.c
+++ b/src/nsdbc/nsdb-nces.c
@@ -199,6 +199,11 @@ main(int argc, char **argv)
 	case FEDFS_OK:
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to list NCEs: %s\n",
 			ldap_err2string(ldap_err));
 		goto out_close;
diff --git a/src/nsdbc/nsdb-remove-nci.c b/src/nsdbc/nsdb-remove-nci.c
index ddbfb9f..4de2b10 100644
--- a/src/nsdbc/nsdb-remove-nci.c
+++ b/src/nsdbc/nsdb-remove-nci.c
@@ -215,6 +215,11 @@ main(int argc, char **argv)
 		fprintf(stderr, "NCE %s does not exist\n", nce);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to remove NCI for NCE %s: %s\n",
 			nce, ldap_err2string(ldap_err));
 		break;
diff --git a/src/nsdbc/nsdb-simple-nce.c b/src/nsdbc/nsdb-simple-nce.c
index aa8c8fe..d6530cf 100644
--- a/src/nsdbc/nsdb-simple-nce.c
+++ b/src/nsdbc/nsdb-simple-nce.c
@@ -229,6 +229,11 @@ main(int argc, char **argv)
 			"for this NSDB\n", nce);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to update NCI: %s\n",
 			ldap_err2string(ldap_err));
 		break;
diff --git a/src/nsdbc/nsdb-update-fsl.c b/src/nsdbc/nsdb-update-fsl.c
index 413e8b9..cfd7e13 100644
--- a/src/nsdbc/nsdb-update-fsl.c
+++ b/src/nsdbc/nsdb-update-fsl.c
@@ -260,6 +260,11 @@ main(int argc, char **argv)
 			fprintf(stderr, "NCE %s does not exist\n", nce);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to update FSL %s: %s\n",
 			fsl_uuid, ldap_err2string(ldap_err));
 		break;
diff --git a/src/nsdbc/nsdb-update-nci.c b/src/nsdbc/nsdb-update-nci.c
index 3fdcaf6..cb057af 100644
--- a/src/nsdbc/nsdb-update-nci.c
+++ b/src/nsdbc/nsdb-update-nci.c
@@ -234,6 +234,11 @@ main(int argc, char **argv)
 			"for this NSDB\n", nce);
 		break;
 	case FEDFS_ERR_NSDB_LDAP_VAL:
+		if (ldap_err == LDAP_REFERRAL) {
+			fprintf(stderr, "Encountered LDAP referral on %s:%u\n",
+				nsdbname, nsdbport);
+			break;
+		}
 		fprintf(stderr, "Failed to update NCI: %s\n",
 			ldap_err2string(ldap_err));
 		break;