openldap-bugs February 2008

openldap-bugs@openldap.org

42 participants
207 discussions

Re: (ITS#5374) accesslog+hdb crash with test043-delta-syncrepl
by quanah＠zimbra.com 12 Feb '08

12 Feb '08

--On February 12, 2008 12:11:50 PM +0000 h.b.furuseth(a)usit.uio.no wrote: > Full_Name: Hallvard B Furuseth > Version: RE23 > OS: Linux > URL: > Submission from: (NULL) (129.240.6.233) > Submitted by: hallvard > > > /configure \ > --disable-dynamic --disable-aci --enable-crypt --enable-lmpasswd \ > --enable-spasswd --enable-rlookups --enable-slapi --enable-wrappers \ > --enable-backends --disable-sql --enable-overlays \ > CPPFLAGS='-DLDAP_THREAD_DEBUG -DLDAP_RDWR_DEBUG' I built as: LD_LIBRARY_PATH="/usr/local/lib" CC=gcc CXX=g++ CFLAGS='-g -O0' CXXFLAGS='-g -O0' CPPFLAGS='-DLDAP_THREAD_DEBUG -DLDAP_RDWR_DEBUG' sh configure --datadir='${prefix}/lib' --libexecdir='${prefix}/lib' --sharedstatedir='${prefix}/lib' --prefix=/usr/local --disable-ipv6 --with-cyrus-sasl --with-tls --enable-dynamic --enable-slapd --enable-modules --enable-spasswd --enable-rewrite --enable-rlookups --enable-wrappers --enable-backends=mod --disable-shell --disable-sql --enable-overlays=mod --enable-slapi=yes Thread package selected is: -pthread s,@LTHREAD_LIBS@, -pthread,;t t --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

Re: (ITS#5375) Slapd core dumps
by quanah＠zimbra.com 12 Feb '08

12 Feb '08

--On February 12, 2008 2:58:12 PM +0000 ecip(a)gmv.es wrote: > Full_Name: Eduardo Izaguirre Pazos > Version: 2.4.7 > OS: Solaris 10 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (212.0.110.2) > > > Hi all, we are using Openldap as a metadirectory against a couple of AD > servers. The slapd server core dumps when a request of all attributes of > one entry is issued. This is the output of the slapd server using the > debug level -1: Hi Eduardo, Please test with the current CVS of REL_ENG_2_4. Please build without optimization, and with debugging symbols. Make sure you don't strip slapd on install. If you can repeat this with current CVS, please provide a gdb backtrace of the non-optimized, non-stripped slapd. Thanks, Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

Re: (ITS#5373) ppolicy issues when deleting the password attribute, even if no password checking is enforced
by quanah＠zimbra.com 12 Feb '08

12 Feb '08

This sounds like a duplicate of ITS#5285 to me. Which will be fixed in 2.4.8, but is not being fixed in 2.3. --Quanah --On February 12, 2008 9:57:46 AM +0000 Guillaume.Rousse(a)inria.fr wrote: > Full_Name: Guillaume Rousse > Version: 2.3.40 > OS: linux > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (193.55.250.67) > > > Here are my ppolicy settings: > password policy > overlay ppolicy > ppolicy_use_lockout > ppolicy_default cn=default,ou=policies,dc=futurs,dc=inria,dc=fr > > Here is my default entry: > dn: cn=default,ou=policies,dc=futurs,dc=inria,dc=fr > cn: default > objectClass: pwdPolicy > objectClass: organizationalRole > pwdAttribute: userPassword > pwdMaxAge: 0 > pwdInHistory: 0 > pwdCheckQuality: 0 > > According to documentation, no user password quality checking should take > places, however, trying to delete userPassword attribute for an user > triggers at least a server error with this LDIF fragment: > dn: userdn > changetype: modify > delete: userPassword > > ldapmodify: Internal (implementation specific) error (80) > additional info: Internal Error > > Error message in logs: "cannot locate modification supplying new password" > > Or worst, a server crash with this one: > dn: userdn > changetype: modify > replace: userPassword > > No error message from ldapmodify, and no error message in the logs in > this case. > > -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

(ITS#5375) Slapd core dumps
by ecip＠gmv.es 12 Feb '08

12 Feb '08

Full_Name: Eduardo Izaguirre Pazos Version: 2.4.7 OS: Solaris 10 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (212.0.110.2) Hi all, we are using Openldap as a metadirectory against a couple of AD servers. The slapd server core dumps when a request of all attributes of one entry is issued. This is the output of the slapd server using the debug level -1: /opt/openldap-2.4.7/libexec/slapd -d -1 -f /opt/openldap-2.4.7/etc/openldap/slapd.conf -h "ldap://172.22.2.43/" and the output is: <<< dnPretty: <cn=Eduardo Izaguirre Pazos,ou=SISTEMAS,ou=people,dc=gmv,dc=es> Assertion failed: ( nvals == NULL && (*a)->a_nvals == (*a)->a_vals ) || ( nvals != NULL && ( ( (*a)->a_vals == NULL && (*a)->a_nvals == NULL ) || ( (*a)->a_nvals != (*a)->a_vals ) ) ), file attr.c, line 480 The server wa compiled with the following configure: ./configure --prefix=/opt/openldap-2.4.7 --enable-cleartext --enable-crypt --enable-lmpasswd --enable-rewrite --enable-bdb --enable-ldap --enable-meta --with-tls --enable-proxycache --enable-rwm Cheers and thanks in advance. Eduardo

1 0

(ITS#5374) accesslog+hdb crash with test043-delta-syncrepl
by h.b.furuseth＠usit.uio.no 12 Feb '08

12 Feb '08

Full_Name: Hallvard B Furuseth Version: RE23 OS: Linux URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard /configure \ --disable-dynamic --disable-aci --enable-crypt --enable-lmpasswd \ --enable-spasswd --enable-rlookups --enable-slapi --enable-wrappers \ --enable-backends --disable-sql --enable-overlays \ CPPFLAGS='-DLDAP_THREAD_DEBUG -DLDAP_RDWR_DEBUG' ./run -b hdb test043-delta-syncrepl server 1 crashes at accesslog.c line 918, which unlocks &li->li_op_mutex when it is owned by another thread. (Can also check it by setting li_unlock = (int) ldap_pvt_thread_self() instead of 1 after lock, and assert()ing the same before unlock.) accesslog_op_mod() has a comment /* FIXME: this needs to be a recursive mutex to allow * overlays like refint to keep working. */ ldap_pvt_thread_mutex_lock( &li->li_op_mutex ); but this problem is not recursive use of the mutex. (gdb) thread apply all backtrace Thread 4 (process 10963): #0 0x007e87a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #1 0x00a64297 in pthread_join () from /lib/tls/libpthread.so.0 #2 0x081f0f62 in ldap_int_thread_join (thread=20061088, thread_return=0x0) at thr_posix.c:193 #3 0x081c3de4 in ldap_pvt_thread_join (thread=20061088, thread_return=0x0) at thr_debug.c:612 #4 0x0807bb54 in slapd_daemon () at daemon.c:2579 #5 0x08066554 in main (argc=8, argv=0xbfffefd4) at main.c:859 Thread 3 (process 10965): #0 0x007e87a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #1 0x008cb82e in epoll_wait () from /lib/tls/libc.so.6 #2 0x0807ae29 in slapd_daemon_task (ptr=0x0) at daemon.c:2174 #3 0x00a633cc in start_thread () from /lib/tls/libpthread.so.0 #4 0x008cb1ae in clone () from /lib/tls/libc.so.6 Thread 2 (process 10967): #0 0x007e87a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #1 0x008bc29b in __write_nocancel () from /lib/tls/libc.so.6 #2 0x0086064f in _IO_new_file_write () from /lib/tls/libc.so.6 #3 0x0086089c in _IO_new_file_xsputn () from /lib/tls/libc.so.6 #4 0x00855af1 in fputs () from /lib/tls/libc.so.6 #5 0x081f6160 in lutil_debug (debug=261, level=1, fmt=0x8237950 "<= key_change %d\n") at debug.c:89 #6 0x0814f485 in hdb_key_change (be=0x3061d24, db=0x838d518, txn=0x839bfe0, k=0xb7bba47c, id=16, op=1) at key.c:101 #7 0x0814e7ca in indexer (op=0x83799c0, txn=0x839bfe0, ad=0x830c6e8, atname=0x830d21c, vals=0x839aaa0, id=16, opid=1, mask=1814) at index.c:244 #8 0x0814e9a3 in index_at_values (op=0x83799c0, txn=0x839bfe0, ad=0x830c6e8, type=0x830d1e0, tags=0x830c6f8, vals=0x839aaa0, id=16, opid=1) at index.c:324 #9 0x0814eb05 in hdb_index_values (op=0x83799c0, txn=0x839bfe0, desc=0x830c6e8, vals=0x839aaa0, id=16, opid=1) at index.c:373 #10 0x0814eec1 in hdb_index_entry (op=0x83799c0, txn=0x839bfe0, opid=1, e=0x83946e8) at index.c:544 #11 0x0813ce65 in hdb_add (op=0x83799c0, rs=0x306218c) at add.c:304 #12 0x080e8903 in overlay_op_walk (op=0x83799c0, rs=0x306218c, which=op_add, oi=0x830c800, on=0x0) at backover.c:650 #13 0x080e8ab8 in over_op_func (op=0x83799c0, rs=0x306218c, which=op_add) at backover.c:702 #14 0x080e8bc4 in over_op_add (op=0x83799c0, rs=0x306218c) at backover.c:748 #15 0x080869e1 in fe_op_add (op=0x83799c0, rs=0x306218c) at add.c:342 #16 0x08086457 in do_add (op=0x83799c0, rs=0x306218c) at add.c:182 #17 0x0807e428 in connection_operation (ctx=0x3062218, arg_v=0x83799c0) at connection.c:1133 #18 0x081c1d40 in ldap_int_thread_pool_wrapper (xpool=0x82c86c8) at tpool.c:478 #19 0x00a633cc in start_thread () from /lib/tls/libpthread.so.0 #20 0x008cb1ae in clone () from /lib/tls/libc.so.6 Thread 1 (process 10976): #0 0x007e87a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2 #1 0x00829815 in raise () from /lib/tls/libc.so.6 #2 0x0082b279 in abort () from /lib/tls/libc.so.6 #3 0x081c2b9e in error (file=0x82749bd "thr_debug.c", line=784, msg=0x82750a0 "ldap_pvt_thread_mutex_unlock", var=0x8274d72 "rc", val=1) at thr_debug.c:155 #4 0x081c44ec in ldap_pvt_thread_mutex_unlock (mutex=0x830cd04) at thr_debug.c:784 #5 0x08183fdf in accesslog_response (op=0x8386bc8, rs=0x220318c) at accesslog.c:918 #6 0x08184f14 in accesslog_mod_cleanup (op=0x8386bc8, rs=0x220318c) at accesslog.c:1241 #7 0x0808fcca in send_ldap_response (op=0x8386bc8, rs=0x220318c) at result.c:458 #8 0x080903f1 in slap_send_ldap_result (op=0x8386bc8, rs=0x220318c) at result.c:574 #9 0x0813d474 in hdb_add (op=0x8386bc8, rs=0x220318c) at add.c:409 #10 0x080e8903 in overlay_op_walk (op=0x8386bc8, rs=0x220318c, which=op_add, oi=0x830c800, on=0x0) at backover.c:650 #11 0x080e8ab8 in over_op_func (op=0x8386bc8, rs=0x220318c, which=op_add) at backover.c:702 #12 0x080e8bc4 in over_op_add (op=0x8386bc8, rs=0x220318c) at backover.c:748 #13 0x080869e1 in fe_op_add (op=0x8386bc8, rs=0x220318c) at add.c:342 #14 0x08086457 in do_add (op=0x8386bc8, rs=0x220318c) at add.c:182 #15 0x0807e428 in connection_operation (ctx=0x2203218, arg_v=0x8386bc8) at connection.c:1133 #16 0x081c1d40 in ldap_int_thread_pool_wrapper (xpool=0x82c86c8) at tpool.c:478 #17 0x00a633cc in start_thread () from /lib/tls/libpthread.so.0 #18 0x008cb1ae in clone () from /lib/tls/libc.so.6

1 0

(ITS#5373) ppolicy issues when deleting the password attribute, even if no password checking is enforced
by Guillaume.Rousse＠inria.fr 12 Feb '08

12 Feb '08

Full_Name: Guillaume Rousse Version: 2.3.40 OS: linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (193.55.250.67) Here are my ppolicy settings: password policy overlay ppolicy ppolicy_use_lockout ppolicy_default cn=default,ou=policies,dc=futurs,dc=inria,dc=fr Here is my default entry: dn: cn=default,ou=policies,dc=futurs,dc=inria,dc=fr cn: default objectClass: pwdPolicy objectClass: organizationalRole pwdAttribute: userPassword pwdMaxAge: 0 pwdInHistory: 0 pwdCheckQuality: 0 According to documentation, no user password quality checking should take places, however, trying to delete userPassword attribute for an user triggers at least a server error with this LDIF fragment: dn: userdn changetype: modify delete: userPassword ldapmodify: Internal (implementation specific) error (80) additional info: Internal Error Error message in logs: "cannot locate modification supplying new password" Or worst, a server crash with this one: dn: userdn changetype: modify replace: userPassword No error message from ldapmodify, and no error message in the logs in this case.

1 0

Re: (ITS#5344) Wrong check for bad Modify DN
by h.b.furuseth＠usit.uio.no 11 Feb '08

11 Feb '08

Pierangelo Masarati writes: > You should apply your initial patch (to HEAD, 2.4), Done. > then modify HEAD to pass dest_dn/dest_ndn Later. -- Hallvard

1 0

Re: (ITS#5328) backends sending/setting results
by h.b.furuseth＠usit.uio.no 11 Feb '08

11 Feb '08

Some fixed in HEAD. Remaining bugs: > Looking at the code, some overlays also send results when used as > be_extended: pcache:pcache_op_privdb(), retcode, rwm, slapi_overlay. Hmm - back-ldap does send_ldap_extended() too. I don't know any of that code well though. Might have a look later, if nobody else does. > * be->be_fetch() (bi->bi_entry_get_rw()): > The LDAP result code matters (...) It can return just a boolean > in (...) back-relay. I haven't looked at what it should return when not forwarding to the backend. relay_back_has_subordinates() is also broken. It should return an LDAP result code, and if returning LDAP_SUCCESS it must also set *hasSubs to LDAP_COMPARE_FALSE or LDAP_COMPARE_TRUE. See bdb_hasSubordinates() for an example. However: slapd's be_has_subordinates() API seems broken: It has no way to return "don't know" or normal errors which slapd will pay attention to. If it returns non-success, test_ava_filter(,,,LDAP_FILTER_EQUALITY) returns LDAP_OTHER. Looks abit excessive. OTOH test_presence_filter() assumes that if the backend function exists then attr hasSubordinates does too. > back-ldap:ldap_back_entry_get() can return LDAP_NO_MEMORY. > Maybe that's OK and instead send_ldap_response() should change > negative negative result codes to LDAP_OTHER? Awaiting opinions - will do the smallest change and patch back-ldap if nobody says anything. -- Hallvard

1 0

Re: (ITS#5369) GSSAPI support for client library
by mimir＠samba.org 11 Feb '08

11 Feb '08

--UugvWAfsgieZRqgk Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Kurt, On Mon, Feb 11, 2008 at 09:06:19AM -0800, Kurt Zeilenga wrote: > On Feb 11, 2008, at 1:09 AM, mimir(a)samba.org wrote: > >> Full_Name: Rafal Szczesniak >> Version: HEAD >> OS: GNU/Linux >> URL: http://www.samba.org/~mimir/gssapi-head.diff > > The submitted patch file does not contain (at the top of the file, not = =20 > as part of the diffs) the required notices. I'm sorry about that. I was submitting it late yesterday and must have miss= ed that. I'll update the diff and let you know soon. > Please review=20 > http://www.openldap.org/devel/contributing.html and insert appropriate=20 > notices. Also, please don't include in the diffs derived files (e.g.,=20 > configure). Of course. My mistake. cheers, --=20 Rafal Szczesniak Samba Team member http://www.samba.org Likewise Software http://www.likewisesoftware.com --UugvWAfsgieZRqgk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHsK9nHvdfyv3qiKkRAiusAKChoX739lSkfFFRSqXxZG9ht5l3oQCghVrP mWR71B2o2KIifs5uaiMzH58= =SPnD -----END PGP SIGNATURE----- --UugvWAfsgieZRqgk--

1 0

Re: (ITS#5370) race condition in slap_op_time()
by hyc＠symas.com 11 Feb '08

11 Feb '08

h.b.furuseth(a)usit.uio.no wrote: > Full_Name: Hallvard B Furuseth > Version: HEAD, RE23, RE24 > OS: > URL: > Submission from: (NULL) (129.240.6.233) > Submitted by: hallvard > > > slapd/operation.c:slap_op_time() can decrease last_time: > > thread 1: *t = slap_get_time(); > <clock: increment time()> > thread 2: *t = slap_get_time(); > thread 2: with mutex lock: increment last_time, set last_incr = 0; > thread 1: with mutex lock: decrement last_time, set last_incr = 0; > > The simplest fix is to move the slap_get_time() call inside the > (global) slap_op_mutex lock. > > However as far as I can tell, only the accesslog overlay uses > op->o_tincr, the value which needs the mutex. And accesslog > calls slap_op_time() itself when it needs that value. > So maybe we should remove the op->o_tincr field. Other calls > to slap_op_time() can be replaced with slap_get_time(). Sounds like a good idea. It was somewhat redundant with the CSN counter (except that this was for all operations, and CSN was only for write operations) and it never became generally useful. (Shifted to microsecond timestamps in 2.4, because tincr isn't useful across multiple servers.) I guess it makes more sense to make it specific to accesslog. -- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

← Newer
1
...
7
8
9
10
11
12
13
...
21
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs February 2008