June 2007 - openldap-bugs

Re: (ITS#5021) test021-certificate fails on HP-UX

by h.b.furuseth＠usit.uio.no

Bug in OpenSSL 0.9.7d - unless it's with how OpenLDAP uses it, I don't know. The offending operation (on Jennifer Smith) adds one certificate and deletes the old one. However the added and the old certificate compare equal because certificateExactNormalize() produces the same string for both: 0$email=ca(a)example.com,cn=example ca, o=openldap example\2C ltd.,st=california,c=us That's because i2s_ASN1_INTEGER(0, sn ) in certificateExactNormalize() returns serial number "0". The inputs to that function are (gdb) p *sn $6 = {length = 1, type = 2, data = 0x402e5278 "\003", flags = 0} and (gdb) p *sn $8 = {length = 1, type = 2, data = 0x402e5cf0 "\001xample.@\036", flags = 0} Those *sn values are the same as on a successful run on Linux, except the 2nd data[1...] (the xample... string) which I presume does not matter when length=1. The input certificates ('val' arg to certificateExactNormalize()) are correct. -- Regards, Hallvard

15 years, 9 months

1
0
0 / 0

Re: (ITS#5021) test021-certificate fails on HP-UX

by h.b.furuseth＠usit.uio.no

quanah(a)zimbra.com writes: > conn=1 op=4 MOD attr=userCertificate;binary userCertificate;binary > Why is it modifying the same attribute twice? It adds one cert and deletes another in the same op. The log from a successful run on Linux shows the same. -- Regards, Hallvard

15 years, 9 months

1
0
0 / 0

Re: (ITS#5021) test021-certificate fails on HP-UX

by quanah＠zimbra.com

--On June 15, 2007 9:59:56 PM +0000 h.b.furuseth(a)usit.uio.no wrote: > Full_Name: Hallvard B Furuseth > Version: RE23, 2.3.35 > OS: HP-UX > URL: ftp://ftp.openldap.org/incoming/Hallvard-Furuseth-070615.tgz > Submission from: (NULL) (129.240.202.105) > Submitted by: hallvard > > > test021-certificate fails on HP-UX in RE23 and 2.3.35. It succeeds in > HEAD. > > OpenSSL version: 0.9.7d. > > I enclose the testrun directory from: > > $ ./run -b ldif test021-certificate > Cleaning up test run directory leftover from previous run. > Running ./scripts/test021-certificate... > running defines.sh > Running slapadd to build slapd database... > Starting slapd on TCP/IP port 9011... > Testing certificate handling... > Add certificates... > ldapmodify failed (20)! > The last modify is erroring with already exists. The last logged modify looks really weird to me: conn=1 op=4 MOD attr=userCertificate;binary userCertificate;binary Why is it modifying the same attribute twice? --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration

15 years, 9 months

1
0
0 / 0

(ITS#5021) test021-certificate fails on HP-UX

by h.b.furuseth＠usit.uio.no

Full_Name: Hallvard B Furuseth Version: RE23, 2.3.35 OS: HP-UX URL: ftp://ftp.openldap.org/incoming/Hallvard-Furuseth-070615.tgz Submission from: (NULL) (129.240.202.105) Submitted by: hallvard test021-certificate fails on HP-UX in RE23 and 2.3.35. It succeeds in HEAD. OpenSSL version: 0.9.7d. I enclose the testrun directory from: $ ./run -b ldif test021-certificate Cleaning up test run directory leftover from previous run. Running ./scripts/test021-certificate... running defines.sh Running slapadd to build slapd database... Starting slapd on TCP/IP port 9011... Testing certificate handling... Add certificates... ldapmodify failed (20)!

15 years, 9 months

1
0
0 / 0

Re: (ITS#5020) configure needs -pthread to find pthread.h

by h.b.furuseth＠usit.uio.no

I wrote: > ./configure CC="cc -pthread" works. Well, it configures. Then it fails to build shared libraries because libtool invokes ld ... -pthread, and ld does not accept -pthread. But I guess that should be reported to the libtool folks. ./configure --disable-shared CC="cc -pthread" does work. -- Regards, Hallvard

15 years, 9 months

1
0
0 / 0

Re: (ITS#5014) syncrepl failure syslog

by donn＠u.washington.edu

On Jun 14, 2007, at 2:08 PM, Pierangelo Masarati wrote: > So what's really relevant in your patch, and > missing from the code, is a test for "err" after the "done" label. I > have applied something along those lines to the code. Please test. Yes, this works in my case - if indeed the test is after "done:". You accidentally put it before, and it doesn't work there. Thanks! Donn Cave, donn(a)u.washington.edu

15 years, 9 months

1
0
0 / 0

(ITS#5020) configure needs -pthread to find pthread.h

by h.b.furuseth＠usit.uio.no

Full_Name: Hallvard B Furuseth Version: HEAD, RE23 OS: OSF1 V5.1 alpha URL: Submission from: (NULL) (129.240.202.105) Submitted by: hallvard /configure on OSF1 alpha finds no suitable threading library. config.log says: configure:19993: checking pthread.h usability configure:20005: cc -c -g -I/local/include -I/local/gnu/include conftest.c >&5 cc: Error: /usr/include/pthread.h, line 1251: #error "Please compile the module including pthread.h with -pthread" (errormessage) due to this snippet of pthread.h: # ifndef _REENTRANT # error "Please compile the module including pthread.h with -pthread" # endif ./configure CC="cc -pthread" works. Not sure how to deal with that one. Seems a bit excessive to run all the OL_PTHREAD_TRY()s _before_ detecting that the system has pthread. Maybe write a special case, like try for pthread.h with -D_REENTRANT if not found without that?

15 years, 9 months

1
0
0 / 0

Re: (ITS#5016) slapd generates unjustified error 3 (Time Limit Exceeded) at checkpoint time

by ali.pouya＠free.fr

pierangelo.masarati(a)sys-net.it wrote : > Would it be possible to get, from the consumer's log, what was the > actually requested time limit in those cases? This means: track down > what connection/operation was concluded by a "Time Limit Exceeded" > response; then find out the corresponding request, and see what was the > requested time limit. You need "args" debug level for this purpose, and > you need to look at the second of the three numbers that end the SRCH > line in the logs; for example: Hi Pierangelo; The problem came from my LDAP client which specified timelimit=1. I repaired the client and everything works fine since several hours :-) Thanks for your help and sorry for wasting your time. For me the ITS is to be closed (the error "Time Limit Exceeded" produced for syncrepl connection every 3600 seconds does not bother me). Best regards Ali

15 years, 9 months

1
0
0 / 0

Re: memory leak (ITS#5018)

by niloulili＠hotmail.com

OK,I've download release 2.3.32,after removing and test ,i'll report whether problem still exits. Thank you so much. best regards nina >From: Pierangelo Masarati <openldap-its(a)OpenLDAP.org> >To: niloulili(a)hotmail.com >Subject: Re: memory leak (ITS#5018) >Date: Thu, 14 Jun 2007 08:13:11 GMT > >OpenLDAP 2.2.19 (and OpenLDAP 2.2) has been abandoned long ago, so it is no >longer maintained. Please upgrade to a recent version and check if the problem >persists. Otherwise this ITS will be closed. > >p. _________________________________________________________________ ÓëÁª»úµÄÅóÓÑœøÐÐœ»Á÷£¬ÇëÊ¹ÓÃ MSN Messenger: http://messenger.msn.com/cn

15 years, 9 months

1
0
0 / 0

Re: (ITS#4995) SampleLDAP.pm w/back_perl appears to be broken

by rra＠stanford.edu

Quanah Gibson-Mount <quanah(a)zimbra.com> writes: > --On Saturday, June 02, 2007 4:43 AM +0000 rra(a)stanford.edu wrote: >> While investigating another issue with back_perl, I tried to use the >> SampleLDAP.pm module that comes with the OpenLDAP source. I added the >> following to my slapd.conf: >> database perl >> suffix "o=AnyOrg,c=US" >> perlModulePath /home/eagle/SampleLDAP.pm >> perlModule SampleLDAP [...] > database perl > suffix "o=AnyOrg,c=US" > perlModulePath /usr/local/etc/openldap > perlModule SampleLDAP I detect an intriguing difference in our configurations. I was misled by this comment in SampleLDAP.pm: # Usage: Add something like this to slapd.conf: # # database perl # suffix "o=AnyOrg,c=US" # perlModulePath /path/to/this/file # perlModule SampleLDAP The man page is more accurate. This was apparently actually a minor bug in the comments. :) -- Russ Allbery (rra(a)stanford.edu) <http://www.eyrie.org/~eagle/>

15 years, 9 months

1
0
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs June 2007