Re: (ITS#6392) olcAuthIDRewrite handler exited with 1
by masarati@aero.polimi.it
> Yeah, I noticed that hyc had patched it differently. There is
> definitely a steep learning curve when it comes to helping out with
> anything.
> I see hyc's patch committed in the latest RE24. I have tested it with
> HEAD and the error message seems to be gone.
> I can't seem to get olcAuthIDRewrite to work -- but that's probably not
> an ITS problem. =)
Probably, yes. authzid-rewrite is used much like authz-regexp, only with
a slightly different syntax. Actually, when rewriting is available,
authz-regexp is handled by authzid-rewrite, using a subset of its syntax
(and thus of its semantics). So its use applies when authz-regexp is
appropriate. See slapd.conf(5) for usage of authz-regexp.
p.
13 years, 10 months
Re: (ITS#6391) missing check for broken filters
by masarati@aero.polimi.it
> syncrepl.c and overlays/pcache.c call str2filter() and str2filter_x()
> without checking for success.
>
> (so does retcode, but that overlay is only for testing anyway.)
Are you going to fix this? I can take care of it later, in case.
p.
13 years, 10 months
Re: (ITS#6394) syncrepl accepts rid>999 then assumes rid<=999
by hyc@symas.com
h.b.furuseth(a)usit.uio.no wrote:
> Full_Name: Hallvard B Furuseth
> Version: HEAD, RE24
> OS:
> URL:
> Submission from: (NULL) (129.240.6.233)
> Submitted by: hallvard
>
>
> syncrepl accepts rid values in range [0, SLAP_SYNC_SID_MAX(4095)], but
> proceeds to assume the rid is in range [0, SLAP_SYNC_RID_MAX (999)].
> This can produce buffer overruns for such rids.
>
> slapd.conf(5) says max rid = 4095, since ITS#5108.
>
> Possible fixes: either to revert to a limit of 999, or expand to 4
> digits to support the documented behavior, or to make them hex to keep
> the documented limit but still max 3 digits.
I've opted to revert to 999. The previous behavior was completely broken
anyway; aside from the syncrepl config parser all of the rest of the
infrastructure was still treating rids as 3 decimal digits: the config
unparser, slapd-config(5), slap_compose_sync_cookie, slap_parse_sync_cookie,
etc. etc... All of these would have had to change to hex to make the 4095
limit work, and they weren't. Also, for backward compatibility with 2.3, they
can't.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
13 years, 10 months
(ITS#6394) syncrepl accepts rid>999 then assumes rid<=999
by h.b.furuseth@usit.uio.no
Full_Name: Hallvard B Furuseth
Version: HEAD, RE24
OS:
URL:
Submission from: (NULL) (129.240.6.233)
Submitted by: hallvard
syncrepl accepts rid values in range [0, SLAP_SYNC_SID_MAX(4095)], but
proceeds to assume the rid is in range [0, SLAP_SYNC_RID_MAX (999)].
This can produce buffer overruns for such rids.
slapd.conf(5) says max rid = 4095, since ITS#5108.
Possible fixes: either to revert to a limit of 999, or expand to 4
digits to support the documented behavior, or to make them hex to keep
the documented limit but still max 3 digits.
13 years, 10 months
Re: (ITS#6393) test045-syncreplication-proxied for bdb: ldapsearch failed at slave (32)!
by hyc@symas.com
michael(a)stroeder.com wrote:
> michael(a)stroeder.com wrote:
>> quanah(a)zimbra.com wrote:
>>> --On Saturday, November 21, 2009 1:20 PM +0000 michael(a)stroeder.com wrote:
>>>
>>>> Full_Name: Michael Str?der
>>>> Version: HEAD
>>>> OS: openSUSE Linux 11.2 (x86_64)
>>>> URL:
>>>> Submission from: (NULL) (84.163.70.93)
>>> As I noted yesterday, constant changes were ongoing in HEAD.
>>>
>>> Please re-sync your sources and try now, I think Howard's done with what he
>>> was doing.
>>
>> My regular test process is as follows:
>
> Also note that this ITS is for HEAD not RE24.
Thanks, got it. A prior patch to syncrepl.c broke this, testing a fix now.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
13 years, 10 months
Re: (ITS#6393) test045-syncreplication-proxied for bdb: ldapsearch failed at slave (32)!
by michael@stroeder.com
michael(a)stroeder.com wrote:
> quanah(a)zimbra.com wrote:
>> --On Saturday, November 21, 2009 1:20 PM +0000 michael(a)stroeder.com wrote:
>>
>>> Full_Name: Michael Str?der
>>> Version: HEAD
>>> OS: openSUSE Linux 11.2 (x86_64)
>>> URL:
>>> Submission from: (NULL) (84.163.70.93)
>> As I noted yesterday, constant changes were ongoing in HEAD.
>>
>> Please re-sync your sources and try now, I think Howard's done with what he
>> was doing.
>
> My regular test process is as follows:
Also note that this ITS is for HEAD not RE24.
Ciao, Michael.
13 years, 10 months
Re: (ITS#6393) test045-syncreplication-proxied for bdb: ldapsearch failed at slave (32)!
by michael@stroeder.com
quanah(a)zimbra.com wrote:
> --On Saturday, November 21, 2009 1:20 PM +0000 michael(a)stroeder.com wrote:
>
>> Full_Name: Michael Str?der
>> Version: HEAD
>> OS: openSUSE Linux 11.2 (x86_64)
>> URL:
>> Submission from: (NULL) (84.163.70.93)
>
> As I noted yesterday, constant changes were ongoing in HEAD.
>
> Please re-sync your sources and try now, I think Howard's done with what he
> was doing.
My regular test process is as follows:
1. Whenever I test I do "cvs up" right before running the build.
(And so I did after your message.)
2. Run build script and make test.
3. If anything fails during "make test" I do a "cvs up" once again and watch
for changes. If there were changes I return to step 2.
4. If there were no changes I write an ITS.
No more changes were present when doing "cvs up" *now*.
Ciao, Michael.
13 years, 10 months
Re: (ITS#6392) olcAuthIDRewrite handler exited with 1
by wgillespie@es2eng.com
Yeah, I noticed that hyc had patched it differently. There is
definitely a steep learning curve when it comes to helping out with
anything.
I see hyc's patch committed in the latest RE24. I have tested it with
HEAD and the error message seems to be gone.
I can't seem to get olcAuthIDRewrite to work -- but that's probably not
an ITS problem. =)
Thanks for all the help!
13 years, 10 months
Re: (ITS#6392) olcAuthIDRewrite handler exited with 1
by quanah@zimbra.com
--On Saturday, November 21, 2009 10:15 AM -0800 Quanah Gibson-Mount
<quanah(a)zimbra.com> wrote:
> --On Saturday, November 21, 2009 3:22 AM +0000 wgillespie(a)es2eng.com
> wrote:
>
>> Full_Name: Willie Gillespie
>> Version: 2.4.X (from CVS)
>> OS: Ubuntu 9.10 x64
>> URL:
>> Submission from: (NULL) (208.47.173.116)
>
> Please update your CVS RE24 checkout and test.
Also, please be sure your patches aren't present. ;) They were not the
correct solution to the issue.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
13 years, 10 months