November 2009 - openldap-bugs

Re: (ITS#6392) olcAuthIDRewrite handler exited with 1

by masarati＠aero.polimi.it

> Yeah, I noticed that hyc had patched it differently. There is > definitely a steep learning curve when it comes to helping out with > anything. > I see hyc's patch committed in the latest RE24. I have tested it with > HEAD and the error message seems to be gone. > I can't seem to get olcAuthIDRewrite to work -- but that's probably not > an ITS problem. =) Probably, yes. authzid-rewrite is used much like authz-regexp, only with a slightly different syntax. Actually, when rewriting is available, authz-regexp is handled by authzid-rewrite, using a subset of its syntax (and thus of its semantics). So its use applies when authz-regexp is appropriate. See slapd.conf(5) for usage of authz-regexp. p.

13 years, 10 months

1
0
0 / 0

Re: (ITS#6391) missing check for broken filters

by h.b.furuseth＠usit.uio.no

masarati(a)aero.polimi.it writes: > Are you going to fix this? Probably not. -- Hallvard

13 years, 10 months

1
0
0 / 0

Re: (ITS#6391) missing check for broken filters

by masarati＠aero.polimi.it

> syncrepl.c and overlays/pcache.c call str2filter() and str2filter_x() > without checking for success. > > (so does retcode, but that overlay is only for testing anyway.) Are you going to fix this? I can take care of it later, in case. p.

13 years, 10 months

1
0
0 / 0

Re: (ITS#6394) syncrepl accepts rid>999 then assumes rid<=999

by hyc＠symas.com

h.b.furuseth(a)usit.uio.no wrote: > Full_Name: Hallvard B Furuseth > Version: HEAD, RE24 > OS: > URL: > Submission from: (NULL) (129.240.6.233) > Submitted by: hallvard > > > syncrepl accepts rid values in range [0, SLAP_SYNC_SID_MAX(4095)], but > proceeds to assume the rid is in range [0, SLAP_SYNC_RID_MAX (999)]. > This can produce buffer overruns for such rids. > > slapd.conf(5) says max rid = 4095, since ITS#5108. > > Possible fixes: either to revert to a limit of 999, or expand to 4 > digits to support the documented behavior, or to make them hex to keep > the documented limit but still max 3 digits. I've opted to revert to 999. The previous behavior was completely broken anyway; aside from the syncrepl config parser all of the rest of the infrastructure was still treating rids as 3 decimal digits: the config unparser, slapd-config(5), slap_compose_sync_cookie, slap_parse_sync_cookie, etc. etc... All of these would have had to change to hex to make the 4095 limit work, and they weren't. Also, for backward compatibility with 2.3, they can't. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

13 years, 10 months

1
0
0 / 0

(ITS#6394) syncrepl accepts rid>999 then assumes rid<=999

by h.b.furuseth＠usit.uio.no

Full_Name: Hallvard B Furuseth Version: HEAD, RE24 OS: URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard syncrepl accepts rid values in range [0, SLAP_SYNC_SID_MAX(4095)], but proceeds to assume the rid is in range [0, SLAP_SYNC_RID_MAX (999)]. This can produce buffer overruns for such rids. slapd.conf(5) says max rid = 4095, since ITS#5108. Possible fixes: either to revert to a limit of 999, or expand to 4 digits to support the documented behavior, or to make them hex to keep the documented limit but still max 3 digits.

13 years, 10 months

1
0
0 / 0

Re: (ITS#6393) test045-syncreplication-proxied for bdb: ldapsearch failed at slave (32)!

by hyc＠symas.com

michael(a)stroeder.com wrote: > michael(a)stroeder.com wrote: >> quanah(a)zimbra.com wrote: >>> --On Saturday, November 21, 2009 1:20 PM +0000 michael(a)stroeder.com wrote: >>> >>>> Full_Name: Michael Str?der >>>> Version: HEAD >>>> OS: openSUSE Linux 11.2 (x86_64) >>>> URL: >>>> Submission from: (NULL) (84.163.70.93) >>> As I noted yesterday, constant changes were ongoing in HEAD. >>> >>> Please re-sync your sources and try now, I think Howard's done with what he >>> was doing. >> >> My regular test process is as follows: > > Also note that this ITS is for HEAD not RE24. Thanks, got it. A prior patch to syncrepl.c broke this, testing a fix now. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

13 years, 10 months

1
0
0 / 0

Re: (ITS#6393) test045-syncreplication-proxied for bdb: ldapsearch failed at slave (32)!

by michael＠stroeder.com

michael(a)stroeder.com wrote: > quanah(a)zimbra.com wrote: >> --On Saturday, November 21, 2009 1:20 PM +0000 michael(a)stroeder.com wrote: >> >>> Full_Name: Michael Str?der >>> Version: HEAD >>> OS: openSUSE Linux 11.2 (x86_64) >>> URL: >>> Submission from: (NULL) (84.163.70.93) >> As I noted yesterday, constant changes were ongoing in HEAD. >> >> Please re-sync your sources and try now, I think Howard's done with what he >> was doing. > > My regular test process is as follows: Also note that this ITS is for HEAD not RE24. Ciao, Michael.

13 years, 10 months

1
0
0 / 0

Re: (ITS#6393) test045-syncreplication-proxied for bdb: ldapsearch failed at slave (32)!

by michael＠stroeder.com

quanah(a)zimbra.com wrote: > --On Saturday, November 21, 2009 1:20 PM +0000 michael(a)stroeder.com wrote: > >> Full_Name: Michael Str?der >> Version: HEAD >> OS: openSUSE Linux 11.2 (x86_64) >> URL: >> Submission from: (NULL) (84.163.70.93) > > As I noted yesterday, constant changes were ongoing in HEAD. > > Please re-sync your sources and try now, I think Howard's done with what he > was doing. My regular test process is as follows: 1. Whenever I test I do "cvs up" right before running the build. (And so I did after your message.) 2. Run build script and make test. 3. If anything fails during "make test" I do a "cvs up" once again and watch for changes. If there were changes I return to step 2. 4. If there were no changes I write an ITS. No more changes were present when doing "cvs up" *now*. Ciao, Michael.

13 years, 10 months

1
0
0 / 0

Re: (ITS#6392) olcAuthIDRewrite handler exited with 1

by wgillespie＠es2eng.com

Yeah, I noticed that hyc had patched it differently. There is definitely a steep learning curve when it comes to helping out with anything. I see hyc's patch committed in the latest RE24. I have tested it with HEAD and the error message seems to be gone. I can't seem to get olcAuthIDRewrite to work -- but that's probably not an ITS problem. =) Thanks for all the help!

13 years, 10 months

1
0
0 / 0

Re: (ITS#6392) olcAuthIDRewrite handler exited with 1

by quanah＠zimbra.com

--On Saturday, November 21, 2009 10:15 AM -0800 Quanah Gibson-Mount <quanah(a)zimbra.com> wrote: > --On Saturday, November 21, 2009 3:22 AM +0000 wgillespie(a)es2eng.com > wrote: > >> Full_Name: Willie Gillespie >> Version: 2.4.X (from CVS) >> OS: Ubuntu 9.10 x64 >> URL: >> Submission from: (NULL) (208.47.173.116) > > Please update your CVS RE24 checkout and test. Also, please be sure your patches aren't present. ;) They were not the correct solution to the issue. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration

13 years, 10 months

1
0
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs November 2009