openldap-bugs March 2009

openldap-bugs@openldap.org

48 participants
245 discussions

Re: (ITS#5860) slapd memeory leak under openldap 2.4
by hyc＠symas.com 01 Mar '09

01 Mar '09

Rodrigo Costa wrote: > Howard, > > One more comment. If you take a longer time between the ldapsearches the issue doesn't appear sometimes. > > So you need to start the first ldapsearh and like 15 seconds later start > the second one. With this scenario the problem will for sure appear. I was finally able to reproduce this issue, by running two identical searches simultaneously on a server with more than 2 CPU cores. Given any delay between the two search invocation, the problem did not appear. This is now fixed in HEAD. Thanks for your help in providing data for reproducing the issue. > In this way we will see large chunks of memory being allocated and after > it stabilizes the query get stuck returning as the issue before 16 records per minute, or very slow and getting stuck all the time. I should point out - the memory use is stabilized now (as it should be) but the search performance of a configuration such as yours will be extremely poor due to the unavoidable thrashing that such a query pattern exerts on the cache. Setting a larger minfree can help reduce some of the contention but it will still be much slower than normal. > Regards, > > Rodrigo. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#5983) ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC
by mariusp44＠gmail.com 01 Mar '09

01 Mar '09

Full_Name: Marius Paulauskas Version: 2.4.11 OS: Solaris 10 (SPARC) URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (76.201.141.149) I am trying to change a password for ldap entry using ldappasswd -vx -D "cn=root,dc=test,dc=com" -w foobarr "uid=mariusp,ou=people,dc=test,dc=com" and reply I get is: Result: Other (e.g., implementation specific) error (80) Additional info: password hash failed This error occurs if password-hash is set to SSHA, SMD5 and CRYPT. It works fine if it is CLEARTEXT, SHA and MD5. I am running openldap 2.4.11 on Solaris 10 latest on SPARC. It is in testing meaning there is nothing special about its configuration all defaults. Database has two entries just to play with. Same error occurs if I use downloaded pre-compiled version from sunfreeware.com or compile it myself using gcc.

1 0

Re: (ITS#5981) TLSVerifyClient try setting fails with GnuTLS
by hyc＠symas.com 01 Mar '09

01 Mar '09

peter(a)adpm.de wrote: > Full_Name: Peter Marschall > Version: 2.4.15 > OS: Linux > URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch > Submission from: (NULL) (92.75.56.86) > > > Hi, > > when OpenLDAP 2.4.15 is compiled with GnuTLS, then setting > TLSVerifyClient Try > in slapd.conf makes TLS connections without certificates impossible. > > This is caused by incomplete decoding in tls_g.c > > The patch in ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch > fixes this issue together with a few other little cleanups: > - remove unused variables (less compiler warnings) > - use correct types (less compiler warnings) > - detect failed calls for activation/exiration functions to > avoid giving wrong information > > Please consider adding this patch to OpenLDAP Thanks for the patch, committed to HEAD. > > Regards > Peter > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#5982) man page for ldapexop
by peter＠adpm.de 01 Mar '09

01 Mar '09

Full_Name: Peter Marschall Version: 2.4.15 OS: Linux URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301-ldapexop.1 Submission from: (NULL) (94.217.131.234) Hi, doing a little bug triaging for Debian, I noticed there is not man page for ldapexop. At ftp://ftp.openldap.org/incoming/Peter-Marschall-090301-ldapexop.1 you can find my first draft for it. Please adapt as you please and add it to the next release. Regards Peter

1 0

(ITS#5981) TLSVerifyClient try setting fails with GnuTLS
by peter＠adpm.de 01 Mar '09

01 Mar '09

Full_Name: Peter Marschall Version: 2.4.15 OS: Linux URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch Submission from: (NULL) (92.75.56.86) Hi, when OpenLDAP 2.4.15 is compiled with GnuTLS, then setting TLSVerifyClient Try in slapd.conf makes TLS connections without certificates impossible. This is caused by incomplete decoding in tls_g.c The patch in ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch fixes this issue together with a few other little cleanups: - remove unused variables (less compiler warnings) - use correct types (less compiler warnings) - detect failed calls for activation/exiration functions to avoid giving wrong information Please consider adding this patch to OpenLDAP Regards Peter

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs March 2009