Nicholas James

OPENAM-7304, OPENAM-6305: fixes for installer upgrade.

OPENAM-6936: Agent 4.0 2Gb cache size limit + change to log messages for shm allocation failure.

    • -3
    • +2
    /trunk/policy-agents/source/net_client.c
    • -32
    • +42
    /trunk/policy-agents/source/cache.c
    • -32
    • +59
    /trunk/policy-agents/source/shared.c
    • -71
    • +61
    /trunk/policy-agents/tests/test_policy_cache.c
OPENAM-6987: Use of synchronous comms in net_ops.

    • -429
    • +386
    /trunk/policy-agents/source/net_client.c
    • -10
    • +6
    /trunk/policy-agents/source/net_client.h
    • -40
    • +34
    /trunk/policy-agents/source/net_ops.c
OPENAM-7072 - correction of fix to remove PLL request for session notification when notifications are not enabled.

OPENAM-7072: Only send PLL SessionRequest/AddSessionListener if com.sun.identity.agents.config.notification.enable is set

    • -2
    • +4
    /trunk/policy-agents/source/net_client.c
    • -16
    • +25
    /trunk/policy-agents/source/net_ops.c
    • -1
    • +1
    /trunk/policy-agents/source/net_client.h
OPENAM-6987: addition of free lists to shared memory cache - does not resolve 6987.

    • -18
    • +173
    /trunk/policy-agents/source/shared.c
    • -4
    • +7
    /trunk/policy-agents/tests/test_policy_cache.c
OPENAM-6939 - Agent 4 handling of large stateless session tokens.

    • -38
    • +85
    /trunk/policy-agents/source/cache.c
    • -24
    • +56
    /trunk/policy-agents/tests/test_policy_cache.c
OPENAM-6860 fix to make agent clear up persistent shared memory and semaphore resources after crash.

    • -0
    • +113
    /trunk/policy-agents/source/init.c
    • -0
    • +60
    /trunk/policy-agents/tests/test_init.c
  • More
  • CR-8202
  • summarized and closed
This fix was incorporated into OPENAM-6859, so I'm closing this review.

This fix was incorporated into OPENAM-6859, so I'm closing this review.

ok thats what i thought. i'm done here.

ok thats what i thought. i'm done here.

Can i just check i understand the strategy here - is it that since either the timer thread or the waiting thread can finish after the other, we are preventing the second one from trying to use a mu...

Can i just check i understand the strategy here - is it that since either the timer thread or the waiting thread can finish after the other, we are preventing the second one from trying to use a mutex/condition when it has already been destroyed?

should this be *e = NULL;

should this be
*e = NULL;

Can we set the hostmap_sz after the malloc has succeeded, so that it is 0 if the malloc fails?

Can we set the hostmap_sz after the malloc has succeeded, so that it is 0 if the malloc fails?

i have no preference the code might be ok as is: the first one is strdup'ed and subsequently realloced.

i have no preference
the code might be ok as is: the first one is strdup'ed and subsequently realloced.

sure. good spot. or strcpy?

sure. good spot. or strcpy?

ok

ok

should these header values be concatenated without spaces between them?

should these header values be concatenated without spaces between them?

OK by me. Its the trusted ca certs that have ben a problem i guess.

OK by me. Its the trusted ca certs that have ben a problem i guess.

i've been wondering whether it would be better to blow up if other bits are missing, in case openssl expects that too: like the client cert file. i don't know...

i've been wondering whether it would be better to blow up if other bits are missing, in case openssl expects that too: like the client cert file. i don't know...

i had here ..} else if ca_file_loaded { set verify peer, set verify depth } else { the above error }

i had here

..} else if ca_file_loaded { set verify peer, set verify depth } else { the above error } 
can we update this to cover failing if verifying and trusted ca file not specified (as well as not loaded)?

can we update this to cover failing if verifying and trusted ca file not specified (as well as not loaded)?

Is this nginx code or https://github.com/joyent/http-parser/commit/8dabce6ec7142319bc5c883ff53bf7302f0d83ce
I think I need to cause this error if (after line 638) the ca file is not supplied and verifypeer is true.

I think I need to cause this error if (after line 638) the ca file is not supplied and verifypeer is true.

Agent 4 should fail when it is set to verify peer and the trusted ca certificates file cannot be loaded
Agent 4 should fail when it is set to verify peer and the trusted ca certificates file cannot be loaded
  • More
  • CR-8150
  • summarized and closed
OPENAM-6820, OPENAM-6836: non-windows line endings on new install properties files; correction of installer crash on windows/apache.

    • -15
    • +15
    /trunk/policy-agents/config/agent.conf.template
  • More
  • CR-8185
  • summarized and closed
  • More
  • CR-8193
  • summarized and closed