Ticket 436 - nsds5ReplicaEnabled can be set with any invalid values.

Bug Description:  There is no checking of the value for nsds5ReplicaEnabled either
                  at startup or with ldapmodify.

Fix Description:  Verify the value is either "on" or "off", and report the
                  appropriate error message.

https://fedorahosted.org/389/ticket/436

Reviewed by: richm(Thanks!)

ldap/servers/plugins/replication/repl5.h

@@ -360,7 +360,7 @@ int get_agmt_agreement_type ( Repl_Agmt *agmt);
 void* agmt_get_connection( Repl_Agmt *ra);
 int agmt_has_protocol(Repl_Agmt *agmt);
 PRBool agmt_is_enabled(Repl_Agmt *ra);
-int agmt_set_enabled_from_entry(Repl_Agmt *ra, Slapi_Entry *e);
+int agmt_set_enabled_from_entry(Repl_Agmt *ra, Slapi_Entry *e, char *returntext);
 char **agmt_get_attrs_to_strip(Repl_Agmt *ra);
 int agmt_set_attrs_to_strip(Repl_Agmt *ra, Slapi_Entry *e);
 void agmt_set_cleanruv_notified_from_entry(Repl_Agmt *ra, Slapi_Entry *e);

ldap/servers/plugins/replication/repl5_agmt.c

@@ -350,7 +350,11 @@ agmt_new_from_entry(Slapi_Entry *e)
 		} else if(strcasecmp(tmpstr, "on") == 0){
 			ra->is_enabled = PR_TRUE;
 		} else {
-			ra->is_enabled = slapi_entry_attr_get_bool(e, type_nsds5ReplicaEnabled);
+			slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "Warning invalid value "
+			    "for nsds5ReplicaEnabled (%s), value must be \"on\" or \"off\".  Ignoring "
+			    "this repl agreement.\n",tmpstr);
+			slapi_ch_free_string(&tmpstr);
+			goto loser;
 		}
 		slapi_ch_free_string(&tmpstr);
 	} else {
@@ -2519,7 +2523,7 @@ agmt_is_enabled(Repl_Agmt *ra)
 }
 
 int
-agmt_set_enabled_from_entry(Repl_Agmt *ra, Slapi_Entry *e){
+agmt_set_enabled_from_entry(Repl_Agmt *ra, Slapi_Entry *e, char *returntext){
 	char *attr_val = NULL;
 	int rc = 0;
 
@@ -2536,7 +2540,13 @@ agmt_set_enabled_from_entry(Repl_Agmt *ra, Slapi_Entry *e){
 		} else if(strcasecmp(attr_val,"on") == 0){
 			is_enabled = PR_TRUE;
 		} else {
-			is_enabled = slapi_entry_attr_get_bool(e, type_nsds5ReplicaEnabled);
+			slapi_log_error(SLAPI_LOG_FATAL, repl_plugin_name, "agmt_set_enabled_from_entry: invalid "
+			    "value for nsds5ReplicaEnabled (%s), the value must be \"on\" or \"off\".\n", attr_val);
+			PR_snprintf(returntext, SLAPI_DSE_RETURNTEXT_SIZE, "Invalid value for nsds5ReplicaEnabled, "
+			    "the value must be \"on\" or \"off\".\n");
+			slapi_ch_free_string(&attr_val);
+			PR_Unlock(ra->lock);
+			return -1;
 		}
 		slapi_ch_free_string(&attr_val);
 		if(is_enabled){

ldap/servers/plugins/replication/repl5_agmtlist.c

@@ -492,7 +492,7 @@ agmtlist_modify_callback(Slapi_PBlock *pb, Slapi_Entry *entryBefore, Slapi_Entry
         }
         else if (slapi_attr_types_equivalent(mods[i]->mod_type, type_nsds5ReplicaEnabled))
         {
-            if(agmt_set_enabled_from_entry(agmt, e) != 0){
+            if(agmt_set_enabled_from_entry(agmt, e, returntext) != 0){
                 slapi_log_error(SLAPI_LOG_REPL, repl_plugin_name, "agmtlist_modify_callback: "
                     "failed to set replica agmt state \"enabled/disabled\" for %s\n",agmt_get_long_name(agmt));
                 *returncode = LDAP_OPERATIONS_ERROR;