openldap-bugs June 2008

openldap-bugs@openldap.org

46 participants
176 discussions

Re: (ITS#5355) back-meta calls back-ldap directly
by vorlon＠debian.org 29 Jun '08

29 Jun '08

On Sun, Jun 29, 2008 at 05:23:57PM -0700, Howard Chu wrote: > Steve Langasek wrote: >> Is the correct fix to add >> this function to the ldap_extra_t struct, as in the attached patch? > Pretty much. There are a few other functions that need to be added as > well. All of them are provided in current CVS HEAD, just grab the > relevant changes from there. Ok. With the patch from CVS HEAD applied, I'm seeing a segfault in make test (specifically, the meta backend test): >>>>> Starting test035-meta ... running defines.sh Starting slapd on TCP/IP port 9011... Using ldapsearch to check that slapd is running... Using ldapadd to populate the database... Starting slapd on TCP/IP port 9012... Using ldapsearch to check that slapd is running... Using ldapadd to populate the database... Starting slapd on TCP/IP port 9013... /home/devel/openldap/build-area/openldap2.3-2.4.10/tests/scripts/test035-meta: line 118: 22990 Segmentation fault $SLAPD -f $CONF3 -h $URI3 -d $LVL /$TIMING > $LOG3 2>&1 Are you seeing this as well, or is this somehow specific to Debian? (It doesn't seem like it should be related to libltdl in any way, and we don't have any other patches that touch the meta backend; and I saw this segfault both with the version of the patch I sent, and the one extracted from CVS.) Unfortunately, running these tests under gdb seems to be pretty awkward. :/ -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek(a)ubuntu.com vorlon(a)debian.org

1 0

(ITS#5584)
by abartlet＠samba.org 29 Jun '08

29 Jun '08

--=-GddVbqVLc61XV3X/kWQ/ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable I've uploaded the patch to http://abartlet.net/memberof.patch --=20 Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. --=-GddVbqVLc61XV3X/kWQ/ Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQBIaD8sz4A8Wyi0NrsRAjTZAJ4mQaT1xP5zbZG4Db0UM1BbzfmDYACePtXf MCnHmzCUac6KL/WbRX7aSxE= =2c9m -----END PGP SIGNATURE----- --=-GddVbqVLc61XV3X/kWQ/--

1 0

[PATCH] (ITS#5584)
by abartlet＠samba.org 29 Jun '08

29 Jun '08

--=-AN4G/3lLejTAf6KGBTk7 Content-Type: multipart/mixed; boundary="=-NvwPd4A703Oz/HjyG5IJ" --=-NvwPd4A703Oz/HjyG5IJ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable I think I've figured out the right way to fix this, handling modify with 0 replacement elements just like a delete. See attached.=20 --=20 Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. --=-NvwPd4A703Oz/HjyG5IJ Content-Disposition: attachment; filename=memberof.patch Content-Type: text/x-patch; name=memberof.patch; charset=UTF-8 Content-Transfer-Encoding: base64 SW5kZXg6IHNlcnZlcnMvc2xhcGQvb3ZlcmxheXMvbWVtYmVyb2YuYw0KPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQ0KUkNT IGZpbGU6IC9yZXBvL09wZW5MREFQL3BrZy9sZGFwL3NlcnZlcnMvc2xhcGQvb3ZlcmxheXMvbWVt YmVyb2YuYyx2DQpyZXRyaWV2aW5nIHJldmlzaW9uIDEuMTkNCmRpZmYgLXUgLXIxLjE5IG1lbWJl cm9mLmMNCi0tLSBzZXJ2ZXJzL3NsYXBkL292ZXJsYXlzL21lbWJlcm9mLmMJMTEgSmFuIDIwMDgg MDU6MDc6NDMgLTAwMDAJMS4xOQ0KKysrIHNlcnZlcnMvc2xhcGQvb3ZlcmxheXMvbWVtYmVyb2Yu YwkzMCBKdW4gMjAwOCAwMToyODoxMiAtMDAwMA0KQEAgLTg0MywxMSArODQzLDE3IEBADQogCQkJ CQlicmVhazsNCiAJCQ0KIAkJCQljYXNlIExEQVBfTU9EX1JFUExBQ0U6DQorCQkJCQkvKiBIYW5k bGUgdGhpcyBqdXN0IGxpa2UgYSBkZWxldGUgKHNlZSBhYm92ZSkgKi8NCisJCQkJCWlmICggbWwt PnNtbF9udmFsdWVzID09IE5VTEwgKSB7DQorCQkJCQkJbWxwID0gJm1sLT5zbWxfbmV4dDsNCisJ CQkJCQlicmVhazsNCisJCQkJCX0NCisNCiAJCQkJY2FzZSBMREFQX01PRF9BREQ6DQogCQkJCQkv KiBOT1RFOiByaWdodCBub3csIHRoZSBhdHRyaWJ1dGVUeXBlIHdlIHVzZQ0KIAkJCQkJICogZm9y IG1lbWJlciBtdXN0IGhhdmUgYSBub3JtYWxpemVkIHZhbHVlICovDQogCQkJCQlhc3NlcnQoIG1s LT5zbWxfbnZhbHVlcyAhPSBOVUxMICk7DQotCQkNCisNCiAJCQkJCWZvciAoIGkgPSAwOyAhQkVS X0JWSVNOVUxMKCAmbWwtPnNtbF9udmFsdWVzWyBpIF0gKTsgaSsrICkgew0KIAkJCQkJCWludAkJ cmM7DQogCQkJCQkJRW50cnkJCSplOw0KQEAgLTEzNjIsNyArMTM2OCw3IEBADQogCQkJCQliZXJf YnZhcnJheV9mcmVlX3goIHZhbHMsIG9wLT5vX3RtcG1lbWN0eCApOw0KIAkJCQl9DQogCQ0KLQkJ CQlpZiAoIG1sLT5zbWxfb3AgPT0gTERBUF9NT0RfREVMRVRFICkgew0KKwkJCQlpZiAoIG1sLT5z bWxfb3AgPT0gTERBUF9NT0RfREVMRVRFIHx8IG1sLT5zbWxfbnZhbHVlcyA9PSBOVUxMKSB7DQog CQkJCQlicmVhazsNCiAJCQkJfQ0KIAkJCQkvKiBmYWxsIHRocnUgKi8NCg== --=-NvwPd4A703Oz/HjyG5IJ-- --=-AN4G/3lLejTAf6KGBTk7 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQBIaDb3z4A8Wyi0NrsRAqd2AJ9pvfUj4jqL8HyFCfMh3zE47IfNwwCfTXOo /lvXcMQzo0XgFPVqe8W/h1c= =ssFN -----END PGP SIGNATURE----- --=-AN4G/3lLejTAf6KGBTk7--

1 0

(ITS#5584) memberof and modify: replace with 0 new entries
by abartlet＠samba.org 29 Jun '08

29 Jun '08

Full_Name: Andrew Bartlett Version: CVS HEAD OS: Fedora 9 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (59.167.251.137) The memberOf plugin asserts if I attempt a modify like: (snippet from our python test script, using ldb, but I hope you get the idea) ldb.modify_ldif(""" dn: cn=ldaptestgroup2,cn=users,""" + self.base_dn + """ changetype: modify replace: member """) slapd: memberof.c:849: memberof_op_modify: Assertion `ml->sml_mod.sm_nvalues != ((void *)0)' failed. I think this just needs to be handled like the delete case, which our tests already show pass correctly.

1 0

Re: (ITS#5355) back-meta calls back-ldap directly
by hyc＠symas.com 29 Jun '08

29 Jun '08

Steve Langasek wrote: > Is the correct fix to add > this function to the ldap_extra_t struct, as in the attached patch? Pretty much. There are a few other functions that need to be added as well. All of them are provided in current CVS HEAD, just grab the relevant changes from there. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#5395) Patch for test system
by abartlet＠samba.org 29 Jun '08

29 Jun '08

--=-9ss+Mrcd1KUNsVlI3qDP Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Thu, 2008-02-28 at 10:15 +0100, Pierangelo Masarati wrote: > Andrew Bartlett wrote: > > On Thu, 2008-02-28 at 10:02 +0100, Pierangelo Masarati wrote: > >> abartlet(a)samba.org wrote: > >>> Full_Name: Andrew Bartlett > >>> Version: CVS HEAD > >>> OS: Fedora 8 > >>> URL: http://abartlet.net/patches/memberof-refint.patch > >>> Submission from: (NULL) (59.167.251.137) > >>> > >>> > >>> I've added a patch to show that refint and memberof work together. > >> Your patch seems to be missing some (trivial) modification to > >> tests/scripts/define.sh (the MEMBEROFREFINTOUT env var). >=20 > Thanks. In the meanwhile I figured it out (easy enough ;), and it seems > to work fine. I'm going to commit it, unless there's any IPR issue > (which I'd delegate to Howard or Kurt). Is there anything more that needs to be done here? If you need an IPR note, then please consider the modifications in this contribution licensed: Copyright 2008 Red Hat Inc. Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. --=20 Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. --=-9ss+Mrcd1KUNsVlI3qDP Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQBIaCZTz4A8Wyi0NrsRApQeAJ9iWFzB1Fp+5nsSZqDZg6HsB6WPWgCeLAkl dObIvmosUhr/R2Ju2KqIEuM= =RGa/ -----END PGP SIGNATURE----- --=-9ss+Mrcd1KUNsVlI3qDP--

1 0

Re: (ITS#5355) back-meta calls back-ldap directly
by vorlon＠debian.org 29 Jun '08

29 Jun '08

--BI5RvnYi6R4T2M87 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Sun, Jun 29, 2008 at 11:49:37AM -0700, Howard Chu wrote: > vorlon(a)debian.org wrote: >> This bug is marked as fixed in 2.4.8, but I still see the same problem in >> the test suite in 2.4.10. Trying to start slapd with back-meta gives: >> /home/devel/openldap/build-area/openldap2.3-2.4.10/debian/build/servers/slapd/.libs/lt-slapd: symbol lookup error: ../servers/slapd/back-meta/.libs/back_meta-2.4.so.2: undefined symbol: slap_idassert_parse_cf >> Is this a regression since 2.4.8? > Looks more like an incomplete fix. The functions in question haven't > changed since 2006. Since we're not using a hacked libltdl the problem > you're seeing doesn't show up here. I guess you should have tested this > sooner... Well, given that back_meta has been broken for an indeterminate period of time on systems whose libltdl doesn't use the insane RTLD_GLOBAL option :), the Debian userbase for that backend is roughly nonexistent which means verifying the fix was not a high priority (except that I would like to be able to turn on 'make test' during our builds). Is the correct fix to add this function to the ldap_extra_t struct, as in the attached patch? Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ slangasek(a)ubuntu.com vorlon(a)debian.org --BI5RvnYi6R4T2M87 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=no_backend_inter-linking Index: trunk/servers/slapd/back-ldap/back-ldap.h =================================================================== --- trunk.orig/servers/slapd/back-ldap/back-ldap.h +++ trunk/servers/slapd/back-ldap/back-ldap.h @@ -428,6 +428,8 @@ int (*proxy_authz_ctrl)( Operation *op, SlapReply *rs, struct berval *bound_ndn, int version, slap_idassert_t *si, LDAPControl *ctrl ); int (*controls_free)( Operation *op, SlapReply *rs, LDAPControl ***pctrls ); + int (*idassert_parse_cf)( const char *fname, int lineno, int argc, + char *argv[], slap_idassert_t *si ); } ldap_extra_t; LDAP_END_DECL Index: trunk/servers/slapd/back-meta/config.c =================================================================== --- trunk.orig/servers/slapd/back-meta/config.c +++ trunk/servers/slapd/back-meta/config.c @@ -1089,7 +1089,7 @@ } cargv[ 2 ] = binddn; - rc = slap_idassert_parse_cf( fname, lineno, cargc, cargv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert ); + rc = mi->mi_ldap_extra->idassert_parse_cf( fname, lineno, cargc, cargv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert ); if ( rc == 0 ) { struct berval bv; @@ -1159,7 +1159,7 @@ return 1; } - return slap_idassert_parse_cf( fname, lineno, argc, argv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert ); + return mi->mi_ldap_extra->idassert_parse_cf( fname, lineno, argc, argv, &mi->mi_targets[ mi->mi_ntargets - 1 ]->mt_idassert ); /* idassert-authzFrom */ } else if ( strcasecmp( argv[ 0 ], "idassert-authzFrom" ) == 0 ) { Index: trunk/servers/slapd/back-ldap/init.c =================================================================== --- trunk.orig/servers/slapd/back-ldap/init.c +++ trunk/servers/slapd/back-ldap/init.c @@ -34,7 +34,8 @@ static const ldap_extra_t ldap_extra = { ldap_back_proxy_authz_ctrl, - ldap_back_controls_free + ldap_back_controls_free, + slap_idassert_parse_cf }; int --BI5RvnYi6R4T2M87--

1 0

Re: (ITS#5583) slapadd core dumps
by dieter＠dkluenter.de 29 Jun '08

29 Jun '08

Pierangelo Masarati <ando(a)sys-net.it> writes: > Dieter Kluenter wrote: >> Pierangelo Masarati <ando(a)sys-net.it> writes: >> >>> dieter(a)dkluenter.de wrote: >>> >>>> Sorry, forgot it, >>> Should be fixed in HEAD, please test. I infer you're using multiple >>> instances of slapo-dynlist(5) in your slapd.conf, aren't you? >> No, just one instance. > > Sounds odd, because the error was related to executing slapo-dynlist's > db_open() function while the static vars holding the dgIdentity (and > the dgAuthz) attrs being already initialized. Can you test the fix to > overlays/dynlist.c 1.51->1.52? It is for HEAD, but should apply > straightforwardly to 2.4. I just compiled HEAD and slapadd added the ldif file as expected. But a second error occured, test failed with test001, but I will check this tomorrow, same as the dynlist patch. -Dieter -- Dieter Klünter | Systemberatung http://www.dkluenter.de GPG Key ID:8EF7B6C6

1 0

Re: (ITS#5574) Attribute type 'auditContext' not available in subschema
by ando＠sys-net.it 29 Jun '08

29 Jun '08

michael(a)stroeder.com wrote: > Full_Name: Michael Ströder > Version: RE24 > OS: OpenSUSE Linux 10.2 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (84.163.82.89) > > > Please add attribute type 'auditContext' to subschema. It is registered by slapo-accesslog(5). I can see it when slapo-accesslog(5) is built. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: ando(a)sys-net.it -----------------------------------

1 0

Re: (ITS#5583) slapadd core dumps
by ando＠sys-net.it 29 Jun '08

29 Jun '08

Dieter Kluenter wrote: > Pierangelo Masarati <ando(a)sys-net.it> writes: > >> dieter(a)dkluenter.de wrote: >> >>> Sorry, forgot it, >> Should be fixed in HEAD, please test. I infer you're using multiple >> instances of slapo-dynlist(5) in your slapd.conf, aren't you? > > No, just one instance. Sounds odd, because the error was related to executing slapo-dynlist's db_open() function while the static vars holding the dgIdentity (and the dgAuthz) attrs being already initialized. Can you test the fix to overlays/dynlist.c 1.51->1.52? It is for HEAD, but should apply straightforwardly to 2.4. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: ando(a)sys-net.it -----------------------------------

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs June 2008