openldap-bugs June 2007

openldap-bugs@openldap.org

35 participants
170 discussions

start_tls while chasing referrals
by Bin Lu 06 Jul '07

06 Jul '07

Hi, I noticed the following bug fix in referral chasing http://bugzilla.padl.com/show_bug.cgi?id=210 This seems only to take care of the usage with pam ldap lib. What if the ldap connection is not from the pam lib? In that case, when an ldap operation reaches a referral point, would the new connection be consistent if the original connection is using TLS(and the referral url is not using ldaps)? Our test shows it is not. Please advice, if that is also a security hole? Regards, Wenwu

2 1

(ITS#5033) make depend breaks if configure doesn't know how
by h.b.furuseth＠usit.uio.no 30 Jun '07

30 Jun '07

Full_Name: Hallvard B Furuseth Version: RE23, HEAD OS: HP-UX URL: Submission from: (NULL) (129.240.202.105) Submitted by: hallvard If configure does not know how to make dependencies, it still asks us to run make depend. On HP-UX, that miscompile OpenLDAP. In addition to fixing the "please run make depend" message, I suggest: In build/openldap.m4, set OL_MKDEP= either ":" or "false". - ":" allows autobuild scripts that run "make depend" to work. - "false" warns people who do use "make depend" that build - modify source - rebuild may not work. I've got no strong preference. Will use ":" if nobody disagrees.

1 0

Re: (ITS#5032) cannot build on x86_64, needs newer libtool
by h.b.furuseth＠usit.uio.no 30 Jun '07

30 Jun '07

Howard Chu writes: > Strange. It all builds perfectly fine on my SuSE 9.2 x86_64 system. At > this point it's getting rather monotonous pointing out how much RedHat > gets wrong... For a chance, this doesn't look like a RedHat problem. It's not their fault that libtool mistranslates perfectly good -l<lib> command line options. OTOH, they did install db-4.3, so it's not as I'll be using it anyway. But I imagine I may run into the same problem with other /lib64/ libraries. -- Regards, Hallvard

1 0

Re: (ITS#5032) cannot build on x86_64, needs newer libtool
by hyc＠symas.com 30 Jun '07

30 Jun '07

h.b.furuseth(a)usit.uio.no wrote: > Full_Name: Hallvard B Furuseth > Version: RE23, HEAD > OS: RedHat Linux/x86_64 > URL: > Submission from: (NULL) (129.240.202.105) > Submitted by: hallvard > > > libtool translates -ldb-4.3 to /usr/lib/libdb-4.3.so, which breaks. > "cc -ldb-4.3" uses /lib64/libdb-4.3.so. > > Looks like the fix is to upgrade to libtool-1.5.24. Its NEWS says > * Search paths with GCC on multilib systems like x86_64 have been fixed. > > I haven't checked how to upgrade, though. Tried to install a private > libtool and run libtoolize, but it just said "You should update > your `aclocal.m4' by running aclocal" even after I ran aclocal. Strange. It all builds perfectly fine on my SuSE 9.2 x86_64 system. At this point it's getting rather monotonous pointing out how much RedHat gets wrong... -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#5032) cannot build on x86_64, needs newer libtool
by h.b.furuseth＠usit.uio.no 30 Jun '07

30 Jun '07

Full_Name: Hallvard B Furuseth Version: RE23, HEAD OS: RedHat Linux/x86_64 URL: Submission from: (NULL) (129.240.202.105) Submitted by: hallvard libtool translates -ldb-4.3 to /usr/lib/libdb-4.3.so, which breaks. "cc -ldb-4.3" uses /lib64/libdb-4.3.so. Looks like the fix is to upgrade to libtool-1.5.24. Its NEWS says * Search paths with GCC on multilib systems like x86_64 have been fixed. I haven't checked how to upgrade, though. Tried to install a private libtool and run libtoolize, but it just said "You should update your `aclocal.m4' by running aclocal" even after I ran aclocal.

1 0

Re: (ITS#5031) Question about transaction in OpenLDAP
by ghenry＠suretecsystems.com 28 Jun '07

28 Jun '07

<quote who="lixin922(a)huawei.com"> > Full_Name: lixin > Version: OpenLDAP2.4.4alpha > OS: Linux > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (210.21.230.126) > > > Hello, > > I have known that the OpenLDAP2.4 will support transaction from > roadmap.Now I am > testing OpenLDAP2.4.4alpha,But I am not sure whether this version suports > transation.If it supports how to use it.If not,about which version will > support > it,and when this version will appear. > > Thank you very much. Hi, Our ITS system is for reporting and tracking OpenLDAP bugs. Since you are asking a question that should be asked on openldap-software(a)openldap.org, this ITS will be closed. Kindly re-send your question to the correct list. Gavin.

1 0

(ITS#5031) Question about transaction in OpenLDAP
by lixin922＠huawei.com 27 Jun '07

27 Jun '07

Full_Name: lixin Version: OpenLDAP2.4.4alpha OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (210.21.230.126) Hello, I have known that the OpenLDAP2.4 will support transaction from roadmap.Now I am testing OpenLDAP2.4.4alpha,But I am not sure whether this version suports transation.If it supports how to use it.If not,about which version will support it,and when this version will appear. Thank you very much.

1 0

(ITS#5030) Setting/knowing max query size
by bruno_haleblian＠carrefour.com 27 Jun '07

27 Jun '07

Full_Name: Bruno Version: 2.3.21 OS: redhat AS 3 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (217.77.224.130) Hi, I am looking for a way to limit ldap query size - there may be one in slapd.conf but I could not find it yet(still reading). Sometimes slapd process crashes because of malformed - too lenghty requests. While this is due to a buggy EAI updater which will be fixed - I still think it should be safer to limit this size from server side. thanks

1 0

Re: (ITS#5028) incomplete slapcat docs
by ghenry＠suretecsystems.com 26 Jun '07

26 Jun '07

<quote who="h.b.furuseth(a)usit.uio.no"> > hyc(a)symas.com writes: >> steve(a)stevenwills.com wrote: >>> The slapcat man page says in the Limitations section: >>> >>> In general, your slapd(8) should not be running (at least, not >>> in >>> read-write mode) when you do this to ensure consistency of the >>> database. >>> (...) >> Given that back-ldbm has been deleted for 2.4, I guess we can just >> delete this sentence. > > It could produce garbage data with back-ldif, and with some foreign > database module. I think it should say it's safe with bdb (and null). > Could copy it to the slapd-bdb(5) too. (I don't suggest to make > slapcat(8) refer the user to that, since there is only one example > anyway.) Obviously hdb too. Would it produce garbage on 2.4? > > -- > Regards, > Hallvard > > >

1 0

Re: (ITS#5028) incomplete slapcat docs
by ghenry＠suretecsystems.com 26 Jun '07

26 Jun '07

<quote who="hyc(a)symas.com"> > steve(a)stevenwills.com wrote: >> Full_Name: Steve Wills >> Version: 2.3.19 >> OS: Fedora >> URL: ftp://ftp.openldap.org/incoming/ >> Submission from: (NULL) (65.15.231.202) >> >> >> The slapcat man page says in the Limitations section: >> >> In general, your slapd(8) should not be running (at least, not in >> read-write mode) when you do this to ensure consistency of the database. >> >> However, I've been told several times that this only applies to ldbm and >> not >> bdb. Not sure about other types, but it would be good to clarify this >> section. >> > Given that back-ldbm has been deleted for 2.4, I guess we can just delete > this > sentence. I would agree. > -- > -- Howard Chu > Chief Architect, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/ > > >

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs June 2007