lists.arthurdejong.org
RSS feed

nss-pam-ldapd branch master updated. 0.9.4-14-g246aba5

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd branch master updated. 0.9.4-14-g246aba5



This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".

The branch, master has been updated
       via  246aba5ef80d8385053be9205fe8984172a9fc08 (commit)
       via  d0f896a8146548d052457c396eda53b6dcf815fd (commit)
      from  ee82d2f519cc97aa433cf050b6c96d3430aa5a61 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=246aba5ef80d8385053be9205fe8984172a9fc08

commit 246aba5ef80d8385053be9205fe8984172a9fc08
Author: Patrick McLean <chutzpah@gentoo.org>
Date:   Wed Mar 11 10:59:19 2015 -0700

    Avoid comparison of static array to null pointer
    
    There are several places where a static length array in a struct is
    compared to a null pointer. These comparisons will always be false,
    since an array in a struct is not actually a pointer, so they can be
    removed.

diff --git a/nslcd/myldap.c b/nslcd/myldap.c
index 2501974..d7adad3 100644
--- a/nslcd/myldap.c
+++ b/nslcd/myldap.c
@@ -534,10 +534,10 @@ static int do_ppolicy_bind(MYLDAP_SESSION *session, LDAP 
*ld, const char *uri)
   requestctrls[1] = NULL;
   /* build password berval */
   cred.bv_val = (char *)session->bindpw;
-  cred.bv_len = (session->bindpw == NULL) ? 0 : strlen(session->bindpw);
+  cred.bv_len = strlen(session->bindpw);
   /* do a SASL simple bind with the binddn and bindpw */
   log_log(LOG_DEBUG, "ldap_sasl_bind(\"%s\",%s) (uri=\"%s\")", session->binddn,
-          ((session->bindpw != NULL) && (session->bindpw[0] != '\0')) ? 
"\"***\"" : "\"\"", uri);
+          (session->bindpw[0] != '\0') ? "\"***\"" : "\"\"", uri);
   rc = ldap_sasl_bind(ld, session->binddn, LDAP_SASL_SIMPLE, &cred, 
requestctrls, NULL, &msgid);
   if (rc != LDAP_SUCCESS)
     return rc;
@@ -622,7 +622,7 @@ static int do_bind(MYLDAP_SESSION *session, LDAP *ld, const 
char *uri)
   }
 #endif /* LDAP_OPT_X_TLS */
   /* check if the binddn and bindpw are overwritten in the session */
-  if ((session->binddn != NULL) && (session->binddn[0] != '\0'))
+  if (session->binddn[0] != '\0')
   {
 #if defined(HAVE_LDAP_SASL_BIND) && defined(LDAP_SASL_SIMPLE)
     return do_ppolicy_bind(session, ld, uri);
@@ -630,7 +630,7 @@ static int do_bind(MYLDAP_SESSION *session, LDAP *ld, const 
char *uri)
     /* do a simple bind */
     log_log(LOG_DEBUG, "ldap_simple_bind_s(\"%s\",%s) (uri=\"%s\")",
             session->binddn,
-            ((session->bindpw != NULL) && (session->bindpw[0] != '\0')) ? 
"\"***\"" : "\"\"",
+            (session->bindpw[0] != '\0') ? "\"***\"" : "\"\"",
             uri);
     return ldap_simple_bind_s(ld, session->binddn, session->bindpw);
 #endif
diff --git a/pam/pam.c b/pam/pam.c
index dcefa46..f927022 100644
--- a/pam/pam.c
+++ b/pam/pam.c
@@ -462,7 +462,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
   {
     rc = nslcd_request_config_get(pamh, &cfg, 
NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE,
                                   &resp);
-    if ((rc == PAM_SUCCESS) && (resp.msg != NULL) && (resp.msg[0] != '\0'))
+    if ((rc == PAM_SUCCESS) && (resp.msg[0] != '\0'))
     {
       /* we silently ignore errors to get the configuration option */
       pam_syslog(pamh, LOG_NOTICE, "password change prohibited: %s; user=%s",
@@ -665,7 +665,7 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
   /* check if password modification is allowed */
   rc = nslcd_request_config_get(pamh, &cfg, 
NSLCD_CONFIG_PAM_PASSWORD_PROHIBIT_MESSAGE,
                                 &resp);
-  if ((rc == PAM_SUCCESS) && (resp.msg != NULL) && (resp.msg[0] != '\0'))
+  if ((rc == PAM_SUCCESS) && (resp.msg[0] != '\0'))
   {
     /* we silently ignore errors to get the configuration option */
     pam_syslog(pamh, LOG_NOTICE, "password change prohibited: %s; user=%s",

http://arthurdejong.org/git/nss-pam-ldapd/commit/?id=d0f896a8146548d052457c396eda53b6dcf815fd

commit d0f896a8146548d052457c396eda53b6dcf815fd
Author: Patrick McLean <chutzpah@gentoo.org>
Date:   Tue Mar 10 19:41:00 2015 -0700

    Don't let the oom killer kill nslcd
    
    Adjust the Linux OOM (Out-Of-Memory) killer score by -1000 for nslcd so
    that it should not be killed.

diff --git a/AUTHORS b/AUTHORS
index 4320dc9..ac0bb82 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -130,3 +130,4 @@ Davy Defaud <davy.defaud@free.fr>
 Lukas Slebodnik <lslebodn@redhat.com>
 ushi <ushi@honkgong.info>
 Tim Harder <radhermit@gmail.com>
+Patrick McLean <chutzpah@gentoo.org>
diff --git a/nslcd/nslcd.c b/nslcd/nslcd.c
index 3fb03ed..36b151d 100644
--- a/nslcd/nslcd.c
+++ b/nslcd/nslcd.c
@@ -78,6 +78,10 @@
 #define WRITEBUFFER_MINSIZE 1024
 #define WRITEBUFFER_MAXSIZE 1 * 1024 * 1024
 
+/* adjust the oom killer score */
+#define OOM_SCORE_ADJ_FILE "/proc/self/oom_score_adj"
+#define OOM_SCORE_ADJ "-1000"
+
 /* flag to indicate if we are in debugging mode */
 static int nslcd_debugging = 0;
 
@@ -640,6 +644,24 @@ static void disable_nss_ldap(void)
 #endif /* RTLD_NODELETE */
 }
 
+/* poke the OOM killer so nslcd will never get killed */
+static void adjust_oom_score(void)
+{
+  int oom_adj_fd;
+  if ((oom_adj_fd = open(OOM_SCORE_ADJ_FILE, O_WRONLY)) >= 0)
+  {
+    if (write(oom_adj_fd, OOM_SCORE_ADJ, strlen(OOM_SCORE_ADJ)) < 0)
+      log_log(LOG_WARNING, "writing oom score adjustment of %s failed: %s",
+        OOM_SCORE_ADJ, strerror(errno));
+    close(oom_adj_fd);
+  }
+  else
+  {
+    log_log(LOG_DEBUG, "could not open %s to adjust the OOM score: %s",
+      OOM_SCORE_ADJ_FILE, strerror(errno));
+  }
+}
+
 /* the main program... */
 int main(int argc, char *argv[])
 {
@@ -740,6 +762,7 @@ int main(int argc, char *argv[])
     daemonize_ready(EXIT_FAILURE, "atexit() failed\n");
     exit(EXIT_FAILURE);
   }
+  adjust_oom_score();
   /* create socket */
   nslcd_serversocket = create_socket(NSLCD_SOCKET);
   /* start subprocess to do invalidating if reconnect_invalidate is set */

-----------------------------------------------------------------------

Summary of changes:
 AUTHORS        |    1 +
 nslcd/myldap.c |    8 ++++----
 nslcd/nslcd.c  |   23 +++++++++++++++++++++++
 pam/pam.c      |    4 ++--
 4 files changed, 30 insertions(+), 6 deletions(-)


hooks/post-receive
-- 
nss-pam-ldapd
-- 
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/