Re: (ITS#5061) client/tools: Password Policy control handling
by quanah@zimbra.com
--On August 13, 2007 7:13:03 PM +0000 quanah(a)zimbra.com wrote:
>
>
> --On August 13, 2007 7:08:32 PM +0000 kurt(a)OpenLDAP.org wrote:
>
>> Given the ppolicy change backport for everything else was straight
>> forward for
>> every other command, and committed, seems reasonable to keep it.
>> Ando and/or
>> I likely can do a quick backport for ldapmodify.c.
>
> Sounds good. :)
Pierangelo noted I missed common.c, which has many of the same issues
around it as ldapmodify.c. I can back out the commits I made earlier
today, or the backporting can be done for those two... I think it would be
nice to have the functionality into 2.3.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
15 years, 9 months
Re: (ITS#5061) client/tools: Password Policy control handling
by quanah@zimbra.com
--On August 13, 2007 7:08:32 PM +0000 kurt(a)OpenLDAP.org wrote:
> Given the ppolicy change backport for everything else was straight
> forward for
> every other command, and committed, seems reasonable to keep it.
> Ando and/or
> I likely can do a quick backport for ldapmodify.c.
Sounds good. :)
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
15 years, 9 months
Re: (ITS#5061) client/tools: Password Policy control handling
by kurt@OpenLDAP.org
On Aug 13, 2007, at 6:06 PM, quanah(a)zimbra.com wrote:
> --On July 23, 2007 6:51:35 PM +0000 kurt(a)OpenLDAP.org wrote:
>
>> Full_Name: Kurt Zeilenga
>> Version: 2.3
>> OS: Mac OS X
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (130.129.101.249)
>> Submitted by: kurt
>>
>>
>> 2.3 (and 2.4) client tools only send the password policy control
>> with the
>> Bind requests. However, the control is not only valid with most
>> every
>> request, but useful to send with every request. HEAD has been
>> updated
>> to send, when -e ppolicy is selected, the control with every
>> request, and
>> to print the control details on return. While this could be
>> viewed as a
>> new feature by some it could abe viewed as a bug fix by others.
>> Given
>> this change scope is quite narrow (should only effect -e ppolicy
>> users),
>> I recommend it inclusion in the next patch release of 2.3.
>
> Hi Kurt,
>
> I've been working on this for the 2.3 release, however there is a
> problem
> when it comes to ldapmodify. Pierangelo made the change around
> controls to
> the ldapmodify code around revision 1.172. However, when 2.3 was
> branched
> (after revision 1.175), this new code was excluded by you. So, the
> question I have now, is should this code now be pulled into 2.3?
> It is
> quite a bit of change.
>
> --Quanah
If 2.3 wasn't quite frozen, I'd say just suck in the new tools...
But given 2.3 is very much frozen, and the change scope isn't as
narrow as I
thought it would be, seems more appropriate just to leave this out.
Oh well.
Another reason to push 2.4beta out, I guess.
-- Kurt
15 years, 9 months
Re: (ITS#5061) client/tools: Password Policy control handling
by quanah@zimbra.com
--On July 23, 2007 6:51:35 PM +0000 kurt(a)OpenLDAP.org wrote:
> Full_Name: Kurt Zeilenga
> Version: 2.3
> OS: Mac OS X
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (130.129.101.249)
> Submitted by: kurt
>
>
> 2.3 (and 2.4) client tools only send the password policy control with the
> Bind requests. However, the control is not only valid with most every
> request, but useful to send with every request. HEAD has been updated
> to send, when -e ppolicy is selected, the control with every request, and
> to print the control details on return. While this could be viewed as a
> new feature by some it could abe viewed as a bug fix by others. Given
> this change scope is quite narrow (should only effect -e ppolicy users),
> I recommend it inclusion in the next patch release of 2.3.
Hi Kurt,
I've been working on this for the 2.3 release, however there is a problem
when it comes to ldapmodify. Pierangelo made the change around controls to
the ldapmodify code around revision 1.172. However, when 2.3 was branched
(after revision 1.175), this new code was excluded by you. So, the
question I have now, is should this code now be pulled into 2.3? It is
quite a bit of change.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
15 years, 9 months
Re: (ITS#5090) Error with attribute "jpegPhoto"
by ando@sys-net.it
nicolas.sandraz(a)gmail.com wrote:
Fixed in HEAD & re23; please test.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati(a)sys-net.it
---------------------------------------
15 years, 9 months
Re: (ITS#5090) Error with attribute "jpegPhoto"
by ando@sys-net.it
Howard Chu wrote:
> ando(a)sys-net.it wrote:
>> marg(a)rz.tu-clausthal.de wrote:
>>> Oh, and that special syntax is a function of ldapadd/ldapmodify, not
>>> some standard way of importing images - so using it with slapadd
>>> won't work.
>
> Not true. Both slapadd and ldapadd use the same LDIF reading routines;
> they have since 2.3 was first released. All valid LDIF is accepted
> identically by both programs.
>
>> well, that's a SHOULD in RFC2849, so it is indeed a standard way of
>> importing values (works with any value) using LDIF. The fact it doesn't
>> work with slapadd should be seen as a limitation of that tool, which it
>> is not intended for use with arbitrary LDIF but rather with LDIF
>> produced by slapcat.
Well, I need to take both my claims back; I was writing
jpegPhoto: <file///...
while the right syntax (still with the missing ":") is
jpegPhoto:< file///...
and the error is still there in 2.3. I'll fix it in a moment.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati(a)sys-net.it
---------------------------------------
15 years, 9 months
Re: (ITS#5090) Error with attribute "jpegPhoto"
by hyc@symas.com
ando(a)sys-net.it wrote:
> marg(a)rz.tu-clausthal.de wrote:
>> Oh, and that special syntax is a function of ldapadd/ldapmodify, not
>> some standard way of importing images - so using it with slapadd won't work.
Not true. Both slapadd and ldapadd use the same LDIF reading routines; they
have since 2.3 was first released. All valid LDIF is accepted identically by
both programs.
> well, that's a SHOULD in RFC2849, so it is indeed a standard way of
> importing values (works with any value) using LDIF. The fact it doesn't
> work with slapadd should be seen as a limitation of that tool, which it
> is not intended for use with arbitrary LDIF but rather with LDIF
> produced by slapcat.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
15 years, 9 months
Re: (ITS#5090) Error with attribute "jpegPhoto"
by ando@sys-net.it
marg(a)rz.tu-clausthal.de wrote:
>> i use this line (on my ldif file) to add a picture on my LDAP directory:
>>
>> jpegPhoto: < file///etc/ldap/pictures/test.jpg
>
> Are you sure that you aren't missing a colon (':')? According to the
> manpage of ldapadd the line should look like this:
>
> jpegPhoto: < file:///etc/ldap/pictures/test.jpg
Moreover, this bug appears to have already been fixed. It is
recommended to check the latest version before reporting bugs.
> Oh, and that special syntax is a function of ldapadd/ldapmodify, not
> some standard way of importing images - so using it with slapadd won't work.
well, that's a SHOULD in RFC2849, so it is indeed a standard way of
importing values (works with any value) using LDIF. The fact it doesn't
work with slapadd should be seen as a limitation of that tool, which it
is not intended for use with arbitrary LDIF but rather with LDIF
produced by slapcat.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati(a)sys-net.it
---------------------------------------
15 years, 9 months
Re: (ITS#5090) Error with attribute "jpegPhoto"
by marg@rz.tu-clausthal.de
Hello,
nicolas.sandraz(a)gmail.com wrote:
> when i use a LDIF file with the falowing attribute jpegPhoto associate with the
> object class inetOrgPerson i have this error:
>
> slapadd : /tmp/build/openldap2.3-2.3.30/servers/slapd/schema_check.c:87 :
> entry_schema_check: Assertion `a->a_vals[0].bv_val != ((void *)0)' failed.
>
> i use this line (on my ldif file) to add a picture on my LDAP directory:
>
> jpegPhoto: < file///etc/ldap/pictures/test.jpg
Are you sure that you aren't missing a colon (':')? According to the
manpage of ldapadd the line should look like this:
jpegPhoto: < file:///etc/ldap/pictures/test.jpg
Oh, and that special syntax is a function of ldapadd/ldapmodify, not
some standard way of importing images - so using it with slapadd won't work.
bye
Christian
--
Christian Marg mail : mailto:marg@rz.tu-clausthal.de
Dezernat 2 TU Clausthal web : http://www.tu-clausthal.de
D-38678 Clausthal-Zellerfeld fon : 05323/72-2107
Germany jabber: ifcma(a)jabber.tu-clausthal.de
15 years, 9 months
