(ITS#5521) Can't change indexing of an attribute within a single modification
by rhafer@suse.de
Full_Name: Ralf Haferkamp
Version: HEAD, RE24
OS:
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (85.8.89.54)
The following modification to add an additional index an attribute fails with
the error messages pasted below:
--------------------------
dn: olcDatabase={1}bdb,cn=config
changetype: modify
delete: olcdbindex
olcDbIndex: cn pres,eq
-
add: olcdbindex
olcDbIndex: cn pres,eq,sub
--------------------------
modifying entry "olcDatabase={1}bdb,cn=config"
ldap_modify: Other (e.g., implementation specific) error (80)
additional info: <olcDbIndex> handler exited with 1
As far as I can see it fails because the old indexmask hat not yet been deleted
from the bdb-struct. The ainfo_insert()-call in
back-bdb/attr.c(bdb_attr_index_config()) returns with -1.
Splitting the above modification in two separate operations works around that
problem.
15 years, 4 months
(ITS#5520) infinite recursion in syncrepl overlay
by jeff@jeffrodriguez.com
Full_Name: Jeff Rodriguez
Version: 2.3.30
OS: Debian etch
URL: ftp://ftp.openldap.org/incoming/jeff-rodriguez-080520.tgz
Submission from: (NULL) (208.48.140.97)
syncprov seems to be causing a segfault when importing kerberos entries.
slapd.conf, LDIFs, heimdal kerberos schema, and logs included. These are live
files I was used to generate the segfault. It's also reproducible with the conf
and ldif files customized to the environment. Commenting out syncprov and
related lines in the conf eliminates the segfault.
1. stop slapd
2. wipe out current database
3. slapadd schema.ldif and chown the database to openldap user and group
4. start slapd with: /usr/sbin/slapd -g openldap -u openldap -d 1 -h "ldap:///
ldapi:///"
5. add ldif entries live: ldapadd -H ldapi:///var/run/ldapi -D
cn=admin,o=example -w CHANGE_THIS_PASSWORD -f bugged.ldif
6. segfault
uname -a:
Linux ds1.phx2 2.6.18-6-xen-amd64 #1 SMP Sun Feb 10 18:02:52 UTC 2008 x86_64
GNU/Linux
15 years, 4 months
Re: (ITS#5519) Compilation fails when linking with ldap threading symbols
by h.b.furuseth@usit.uio.no
fredme writes:
> Ldap compilation fails when I am trying to compile with-threads and
> back_shell enabled.
I think you mean --without-threads broke it...
BTW, note that --enable-backends and --enable-overlays enable all
backends/overlays, you don't need --enable-<individual backend/overlay>
switches in addition. And to drop the shell backend as Howard suggests,
you'd then override with --disable-shell.
--
Hallvard
15 years, 4 months
(ITS#5519)
by fredme@gmail.com
All works fine if I change the flags to --with-threads and --disable-shell.
15 years, 4 months
(ITS#5519) Compilation fails when linking with ldap threading symbols
by fredme@gmail.com
Full_Name: Eugenio Grytsenko
Version: 2.4.9
OS: Suse Linux Enterprise Server 9
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (200.5.92.164)
Ldap compilation fails when I am trying to compile with-threads and back_shell
enabled. Here is the trace:
============ CUT HERE ============
creating .libs/slapdS.c
(cd .libs && cc -c -fno-builtin "slapdS.c")
rm -f .libs/slapdS.c .libs/slapd.nm .libs/slapd.nmS .libs/slapd.nmT
cc -g -O2 .libs/slapdS.o -o .libs/slapd main.o globals.o bconfig.o config.o
daemon.o connection.o search.o filter.o add.o cr.o attr.o entry.o backend.o
backends.o result.o operation.o dn.o compare.o modify.o delete.o modrdn.o
ch_malloc.o value.o ava.o bind.o unbind.o abandon.o filterentry.o phonetic.o
acl.o str2filter.o aclparse.o init.o user.o lock.o controls.o extended.o
passwd.o schema.o schema_check.o schema_init.o schema_prep.o schemaparse.o ad.o
at.o mr.o syntax.o oc.o saslauthz.o oidm.o starttls.o index.o sets.o referral.o
root_dse.o sasl.o module.o mra.o mods.o sl_malloc.o zn_malloc.o limits.o
operational.o matchedValues.o cancel.o syncrepl.o backglue.o backover.o ctxcsn.o
ldapsync.o frontend.o slapadd.o slapcat.o slapcommon.o slapdn.o slapindex.o
slappasswd.o slaptest.o slapauth.o slapacl.o component.o aci.o alock.o txn.o
version.o -rdynamic -Wl,-rpath
-Wl,/usr/lib/perl5/5.8.3/x86_64-linux-thread-multi/CORE -Wl,--export-dynamic
libbackends.a liboverlays.a ../../libraries/liblunicode/liblunicode.a
../../libraries/librewrite/librewrite.a ../../libraries/liblutil/liblutil.a
../../libraries/libldap_r/.libs/libldap_r.so
/root/fred/ldap24/openldap-2.4.9/libraries/liblber/.libs/liblber.so
../../libraries/liblber/.libs/liblber.so /usr/lib64/libdb-4.2.so
-L/usr/local/lib64 /usr/lib/perl5/5.8.3/x86_64-linux-thread-multi/auto/DynaLoader/DynaLoader.a
-L/usr/lib/perl5/5.8.3/x86_64-linux-thread-multi/CORE -lperl
/usr/lib64/libodbc.so -lpthread /usr/lib64/libslp.so -lm -lnsl
/usr/lib64/libsasl2.so -lssl -lcrypto -lcrypt -lresolv libslapi.a
/usr/lib64/libltdl.so -ldl -lwrap
daemon.o(.text+0xe3f): In function `slap_listener_thread':
/root/fred/ldap24/openldap-2.4.9/servers/slapd/daemon.c:1824: warning:
`sys_errlist' is deprecated; use `strerror' or `strerror_r' instead
daemon.o(.text+0xe2e):/root/fred/ldap24/openldap-2.4.9/servers/slapd/daemon.c:1824:
warning: `sys_nerr' is deprecated; use `strerror' or `strerror_r' instead
result.o(.text+0x12cd): In function `slap_send_search_entry':
/root/fred/ldap24/openldap-2.4.9/servers/slapd/result.c:1042: undefined
reference to `ldap_pvt_thread_pool_pausing'
syncrepl.o(.text+0x6bd5): In function `do_syncrep2':
/root/fred/ldap24/openldap-2.4.9/servers/slapd/syncrepl.c:1140: undefined
reference to `ldap_pvt_thread_pool_pausing'
syncrepl.o(.text+0x6d2c):/root/fred/ldap24/openldap-2.4.9/servers/slapd/syncrepl.c:1140:
undefined reference to `ldap_pvt_thread_pool_pausing'
liboverlays.a(syncprov.o)(.text+0x4e2d): In function `syncprov_op_mod':
/root/fred/ldap24/openldap-2.4.9/servers/slapd/overlays/syncprov.c:1809:
undefined reference to `ldap_pvt_thread_pool_pausecheck'
collect2: ld returned 1 exit status
make[2]: *** [slapd] Error 1
make[2]: Leaving directory `/root/fred/ldap24/openldap-2.4.9/servers/slapd'
make[1]: *** [all-common] Error 1
make[1]: Leaving directory `/root/fred/ldap24/openldap-2.4.9/servers'
make: *** [all-common] Error 1
============ CUT HERE ============
OS I am using: Suse Linux Enterprise Server 9
GCC version string: Reading specs from
/usr/lib64/gcc-lib/x86_64-suse-linux/3.3.3/specs
Configured with: ../configure --enable-threads=posix --prefix=/usr
--with-local-prefix=/usr/local --infodir=/usr/share/info --mandir=/usr/share/man
--enable-languages=c,c++,f77,objc,java,ada --disable-checking
--libdir=/usr/lib64 --enable-libgcj --with-gxx-include-dir=/usr/include/g++
--with-slibdir=/lib64 --with-system-zlib --enable-shared --enable-__cxa_atexit
x86_64-suse-linux
Thread model: posix
gcc version 3.3.3 (SuSE Linux)
My machine architecture: x86_64
My Kernel: Linux cs9 2.6.16.27-0.9-xen #1 SMP Tue Feb 13 09:35:18 UTC 2007
x86_64 x86_64 x86_64 GNU/Linux
My OpenLDAP configure command:
./configure \
--prefix=/usr \
--exec-prefix=/usr \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--libexecdir=/usr/lib64 \
--datadir=/usr/share \
--sysconfdir=/etc \
--sharedstatedir=/usr/share/com \
--localstatedir=/var/run/slapd \
--libdir=/usr/lib64 \
--includedir=/usr/include \
--oldincludedir=/usr/include \
--infodir=/usr/share/info \
--mandir=/usr/share/man \
--enable-debug \
--enable-dynamic \
--enable-syslog \
--enable-proctitle \
--enable-ipv6 \
--enable-local \
--enable-slapd \
--enable-dynacl \
--enable-aci \
--enable-cleartext \
--enable-crypt \
--enable-lmpasswd \
--enable-spasswd \
--enable-modules \
--enable-rewrite \
--enable-rlookups \
--enable-slapi \
--enable-slp \
--enable-wrappers \
--enable-backends \
--enable-bdb \
--enable-dnssrv \
--enable-hdb \
--enable-ldap \
--enable-meta \
--enable-monitor \
--enable-null \
--enable-passwd \
--enable-perl \
--enable-relay \
--enable-shell \
--enable-sock \
--enable-sql \
--enable-overlays \
--enable-accesslog \
--enable-auditlog \
--enable-constraint \
--enable-dds \
--enable-dyngroup \
--enable-dynlist \
--enable-memberof \
--enable-ppolicy \
--enable-proxycache \
--enable-refint \
--enable-retcode \
--enable-rwm \
--enable-seqmod \
--enable-syncprov \
--enable-translucent \
--enable-unique \
--enable-valsort \
--enable-static \
--enable-shared \
--enable-fast-install \
--with-cyrus-sasl \
--without-threads \
--with-tls \
--with-yielding-select \
--with-mp \
--with-odbc=unixodbc \
--with-gnu-ld \
--with-pic
Thanks.
15 years, 4 months
Re: (ITS#5515) v2.4.9 + GnuTLS fails with wildcard certificate, OpenSSL works correctly
by quanah@zimbra.com
--On Sunday, May 18, 2008 6:24 AM +0000 hyc(a)symas.com wrote:
> bgoldsbury(a)gleim.com wrote:
>> Full_Name: Ben Goldsbury
>> Version: 2.4.9
>> OS: Debian
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (209.208.68.2)
>>
>>
>> When OpenLDAP 2.4.9 is compiled against GnuTLS (version 2.2.1 in my
>> testing) and using a valid Wildcard SSL certificate, TLS connections to
>> OpenLDAP fail with:
>>
>> TLS certificate verification: Error, unable to get local issuer
>> certificate
User verifies that this is a GnuTLS bug, this ITS will be closed. See last
follow up in:
<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=477396>
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
15 years, 4 months