Re: (ITS#5533) test035-meta crashes --without-threads
by h.b.furuseth@usit.uio.no
quanah(a)zimbra.com writes:
> Isn't this just a duplicate of ITS#5489?
Apparently not. Got it again at 4th run with daemon.c 1.380.2.12.
Also in a somewhat patched HEAD with the same configuration.
Hm, the crashes happen for extended operations. So far
6 times "Passwd ExOp failed (1)!", once "WhoAmI failed (49)!".
--
Hallvard
15 years, 4 months
(ITS#5533) test035-meta crashes --without-threads
by h.b.furuseth@usit.uio.no
Full_Name: Hallvard B Furuseth
Version: RE24
OS:
URL: ftp://ftp.openldap.org/incoming/Hallvard-Furuseth-080527.tgz.1
Submission from: (NULL) (129.240.6.233)
Submitted by: hallvard
slapd crashes in test035 after 10 runs:
daemon.c:979: assert( SLAP_SOCK_IS_ACTIVE( s ));
RE24 + libraries/libldap_r/thr_stub.c rev 1.35
./configure --quiet --without-threads --enable-meta --enable-ldap 'CFLAGS=-O0
-g'
(declare -i n=0; while n=n+1 && echo "run #$n" && ./run test035; do sleep 5;
done)
Testrun directory enclosed, with files OUTPUT (from tty) and slapd.*.GDB.
Removed database directories though.
(Argh, I messed up with passive mode again. Oh well.)
15 years, 4 months
Re: (ITS#5524) Additions to the Security section of the Admin Guide
by ghenry@OpenLDAP.org
<quote who="Kurt(a)OpenLDAP.org">
>
> On May 26, 2008, at 12:48 PM, andrew.findlay(a)skills-1st.co.uk wrote:
>
>> On Mon, May 26, 2008 at 01:07:22PM +0100, Gavin Henry wrote:
>>
>>> I've patched security.sdf and I'm abotu to clean up some typos and
>>> formating.
>>
>> Thanks.
>>
>>> Should we also mention that CRYPT is platform specific?
>>
>> I put in a note about the glibc2 version, but I was not aware of any
>> platform oddities on the traditional 13-character version. Are there
>> other MD5 variants?
>>
>> We could also mention the LANMAN scheme which I forgot to include as
>> it is a compile-time option.
>>
>>> Lastly, should I also put:
>>>
>>> Portions Copyright 2008 Andrew Findlay <andrew.findlay(a)skills-1st.co.uk
>>> >
>>>
>>> into doc/guide/COPYRIGHT ?
>
> No.
>
> This file is a copy of the main OpenLDAP Software COPYRIGHT file.
> That file is intended to contain notices of copyright holders which
> hold signfiicant rights in OpenLDAP Software. Notices for copyright
> holders, as noted in the COPYRIGHT file, are generally to be placed in
> the individual source files which the holder holds significant rights
> in. That is, this notice belongs in security.sdf itself. I have so
> updated the source documents.
Good, this clears things up and make it clear going forward. Thanks.
> Though the preface does clearly say that admin guide is part of
> OpenLDAP Software, I've also updated the preface to note that portions
> of the document may be copyright by others as indicated in source files.
Thanks again.
15 years, 4 months
Re: (ITS#5529) test048-syncrepl-multiproxy --without-threads hangs
by h.b.furuseth@usit.uio.no
ando(a)sys-net.it writes:
>h.b.furuseth(a)usit.uio.no wrote:
>> RE24 configured with --quiet --without-threads --enable-ldap 'CFLAGS=-O0 -g'
Sorry, that's RE24 + the ITS#5519 (--without-thread miscompiles) patch:
cvs diff -r1.34 -r1.35 -I'[$]OpenLDAP[$:]' libraries/libldap_r/thr_stub.c
> Probably, sync replication should not be allowed when building
> --without-threads.
Or there could be a warning that --without-threads breaks some features.
Looking closer I see the server replicates from itself in this test. I
can see how that'd be a problem in single-threaded mode...
Most other syncrepl tests succeed. Though test050 crashes:
daemon.c:979: slapd_set_read: Assertion `((slap_daemon.sd_index[(s)]) != -1)' failed.
(Argh, it refuses to dump core for some reason. I've done
ulimit -c unlimited and put it in defines.sh too.)
--
Hallvard
15 years, 4 months
Re: (ITS#5524) Additions to the Security section of the Admin Guide
by Kurt@OpenLDAP.org
On May 26, 2008, at 12:48 PM, andrew.findlay(a)skills-1st.co.uk wrote:
> On Mon, May 26, 2008 at 01:07:22PM +0100, Gavin Henry wrote:
>
>> I've patched security.sdf and I'm abotu to clean up some typos and
>> formating.
>
> Thanks.
>
>> Should we also mention that CRYPT is platform specific?
>
> I put in a note about the glibc2 version, but I was not aware of any
> platform oddities on the traditional 13-character version. Are there
> other MD5 variants?
>
> We could also mention the LANMAN scheme which I forgot to include as
> it is a compile-time option.
>
>> Lastly, should I also put:
>>
>> Portions Copyright 2008 Andrew Findlay <andrew.findlay(a)skills-1st.co.uk
>> >
>>
>> into doc/guide/COPYRIGHT ?
No.
This file is a copy of the main OpenLDAP Software COPYRIGHT file.
That file is intended to contain notices of copyright holders which
hold signfiicant rights in OpenLDAP Software. Notices for copyright
holders, as noted in the COPYRIGHT file, are generally to be placed in
the individual source files which the holder holds significant rights
in. That is, this notice belongs in security.sdf itself. I have so
updated the source documents.
Though the preface does clearly say that admin guide is part of
OpenLDAP Software, I've also updated the preface to note that portions
of the document may be copyright by others as indicated in source files.
-- Kurt
15 years, 4 months
(ITS#5532) incorrect timestamp of slapd replica log
by hai.zhao@gmail.com
Full_Name: Zhao Hai
Version: 2.3.41
OS: Linux 2.4.21 arm
URL: ftp://ftp.openldap.org/incoming/zhaohai-080527.patch
Submission from: (NULL) (205.209.140.4)
Problem:
race condition makes incorrect timestamp in replogfile, cause certain
modification of entries not replicate to slurp slaves.
replica: 180.0.10.2:1234
replica: 180.0.10.3:1234
time: 1211855467
^^^^^^^^^^ this timestamp
How to reproduce the problem:
1) run under very slow machines (my environ: arm 266MHz)
2) slapd is configed to generate replogfile
3) ldapadd about 5 entries, then ldapmodify 2 entries without delay.
Patch:
Please look the attached patch. It works for me.
15 years, 4 months
Re: (ITS#5524) Additions to the Security section of the Admin Guide
by ghenry@OpenLDAP.org
<quote who="Andrew Findlay">
> On Mon, May 26, 2008 at 01:07:22PM +0100, Gavin Henry wrote:
>
>> I've patched security.sdf and I'm abotu to clean up some typos and
>> formating.
>
> Thanks.
>
>> Should we also mention that CRYPT is platform specific?
>
> I put in a note about the glibc2 version, but I was not aware of any
> platform oddities on the traditional 13-character version. Are there
> other MD5 variants?
See http://www.openldap.org/faq/index.cgi?_highlightWords=crypt&file=344
>
> We could also mention the LANMAN scheme which I forgot to include as
> it is a compile-time option.
Sure, could do.
>
>> Lastly, should I also put:
>>
>> Portions Copyright 2008 Andrew Findlay <andrew.findlay(a)skills-1st.co.uk>
>>
>> into doc/guide/COPYRIGHT ?
>
> Yes please.
Done. Check in HEAD
--
Kind Regards,
Gavin Henry.
OpenLDAP Engineering Team.
E ghenry(a)OpenLDAP.org
Community developed LDAP software.
http://www.openldap.org/project/
15 years, 4 months
Re: (ITS#5524) Additions to the Security section of the Admin Guide
by andrew.findlay@skills-1st.co.uk
On Mon, May 26, 2008 at 01:07:22PM +0100, Gavin Henry wrote:
> I've patched security.sdf and I'm abotu to clean up some typos and
> formating.
Thanks.
> Should we also mention that CRYPT is platform specific?
I put in a note about the glibc2 version, but I was not aware of any
platform oddities on the traditional 13-character version. Are there
other MD5 variants?
We could also mention the LANMAN scheme which I forgot to include as
it is a compile-time option.
> Lastly, should I also put:
>
> Portions Copyright 2008 Andrew Findlay <andrew.findlay(a)skills-1st.co.uk>
>
> into doc/guide/COPYRIGHT ?
Yes please.
Andrew
--
-----------------------------------------------------------------------
| From Andrew Findlay, Skills 1st Ltd |
| Consultant in large-scale systems, networks, and directory services |
| http://www.skills-1st.co.uk/ +44 1628 782565 |
-----------------------------------------------------------------------
15 years, 4 months