openldap-bugs June 2012

openldap-bugs@openldap.org

29 participants
84 discussions

(ITS#7293) [PATCH] Add missing function declarations and make some functions static
by fumiyas＠osstech.co.jp 07 Jun '12

07 Jun '12

Full_Name: SATOH Fumiyasu Version: master, 2.4.31 OS: URL: ftp://ftp.openldap.org/incoming/openldap-2.4.31-function-declarations.patch Submission from: (NULL) (220.100.28.128) This patch adds missing function declarations to *.h, and make some functions and a global variable static.

1 0

Re: (ITS#7168) [PATCH] Fix count constraint when using multiple modifications
by hyc＠symas.com 07 Jun '12

07 Jun '12

jsynacek(a)redhat.com wrote: > Full_Name: Jan Synacek > Version: 2.4.29 > OS: Fedora 16 > URL: http://jsynacek.fedorapeople.org/openldap/jsynacek-20120216-constraint-coun… > Submission from: (NULL) (209.132.186.34) > > > Constraint overlay doesn't take into account multiple modifications when using > count. > > Example: If count for 'description' attribute is set e.g. to 2, the following > results in a constraint violation: > > dn: cn=usr2, dc=my-domain,dc=com > add: description > description: d1 > description: d2 > description: d3-viol > > However, this passes: > > dn: cn=usr2, dc=my-domain,dc=com > add: description > description: d1 > - > add: description > description: d2 > - > add: description > description: d3 > > This patch fixes the behavior in case multiple modifications are used. > > Original bug report: https://bugzilla.redhat.com/show_bug.cgi?id=742163 > > The patch is uploaded on fedorapeople.org: > http://jsynacek.fedorapeople.org/openldap/jsynacek-20120216-constraint-coun… > > I wasn't able to use ftp.openldap.org due to 'No space left' error. This code (and the original) don't seem to properly take deletes into account. It resets the ce counter to 0 on any delete op, but it should be decrementing based on the number of values provided. (And of course, it can only do that if the specified value is actually present in the attribute.) > The attached file is derived from OpenLDAP Software. All of the modifications > to > OpenLDAP Software represented in the following patch(es) were developed by Red > Hat. Red Hat has not assigned rights and/or interest in this work to any party. > I, Jan Synacek am authorized by Red Hat, my employer, to release this work > under > the following terms. > > Red Hat hereby place the following modifications to OpenLDAP Software (and only > these modifications) into the public domain. Hence, these modifications may be > freely used and/or redistributed for any purpose with or without attribution > and/or other notice. > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7291) [PATCH] MozNSS: read pin from file file can cause infinite loop
by hyc＠symas.com 07 Jun '12

07 Jun '12

jvcelak(a)redhat.com wrote: >> might read initialized memory and consider it to be a password. In this > > sorry, typo: uninitialized Thanks for the patch, committed to master. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7289) Mozilla NSS: cipher suite selection by name may be ignored
by hyc＠symas.com 07 Jun '12

07 Jun '12

tim.strobell.ctr(a)nrl.navy.mil wrote: > Forgot to add that this bug is (was) masked by ITS#7285. Thanks for the patch, committed to master. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7292) Memory leak with MMR + delta syncrepl
by brandon.hume＠DAL.CA 06 Jun '12

06 Jun '12

On 06/ 6/12 12:57 PM, Quanah Gibson-Mount wrote: > > These may not be causing the issue you are seeing, but they should be > fixed and then the setup retested. Of particular concern to me is > item (a). I would make cn=monitor be olcDatabase {3}. Done, thanks for pointing out the problems. I think I introduced them accidentally while backend-hopping during testing, but I'll check my prod setup as well. I've made the changes and retested. The new node is still replicating, but after 50 cpu-minutes the process is at 10.2G and still going. I believe the leak is still present.

1 0

Re: (ITS#7291) [PATCH] MozNSS: read pin from file file can cause infinite loop
by jvcelak＠redhat.com 06 Jun '12

06 Jun '12

> might read initialized memory and consider it to be a password. In this sorry, typo: uninitialized

1 0

Re: (ITS#7286) Malformed search filter to back-ldap/slapo-rwm crashes slapd
by michael＠stroeder.com 06 Jun '12

06 Jun '12

masarati(a)aero.polimi.it wrote: > On 06/05/2012 12:48 PM, hyc(a)symas.com wrote: >> gahaverkamp(a)lbl.gov wrote: >>> --e89a8fb1fbfae973ef04c1b0bad6 >>> Content-Type: text/plain; charset=ISO-8859-1 >>> >>> I thought I had, but I now see that I left off "full". >>> >>> (gdb) bt full >> >> We slso need to see the slapd config. > > Without carefully looking at it, it could be related to reinstalling the > original context because of the error. See ITS#6166. There's a similar issue ITS#6997 in which you also referenced ITS#6166. In case of ITS#6997 it used to work with OpenLDAP 2.4.23 but does not with 2.4.24+. Maybe Greg could check whether his setup would also work with 2.4.23. Ciao, Michael.

1 0

Re: (ITS#7292) Memory leak with MMR + delta syncrepl
by quanah＠zimbra.com 06 Jun '12

06 Jun '12

--On Wednesday, June 06, 2012 2:33 PM +0000 brandon.hume(a)dal.ca wrote: > Full_Name: Brandon Hume > Version: 2.4.31 > OS: RHEL EL6.1, kernel 2.6.32-131.12.1.el6.x86_64 > URL: http://den.bofh.ca/~hume/ol-2.4.31_memleak.tar.gz > Submission from: (NULL) (2001:410:a010:2:223:aeff:fe74:400e) > > > OpenLDAP 2.4.31 compiled in 64-bit with BerkeleyDB 5.3.15 appears to > exhibit a memory leak while replicating the full database from another > node in MMR. There are definite errors in your cn=config configuration. a) You have multiple databases numbered "1": dn: olcDatabase={1}hdb,cn=config dn: olcDatabase={1}monitor,cn=config b) Syncprov overlay for accesslog: dn: olcOverlay={0}syncprov,olcDatabase={1}hdb,cn=config Remove the checkpoint and sessionlog settings c) There should be no sessionlog on the primary DB with delta-syncrepl MMR: dn: olcOverlay={0}syncprov,olcDatabase={2}hdb,cn=config Remove olcSpSessionlog: 10000 These may not be causing the issue you are seeing, but they should be fixed and then the setup retested. Of particular concern to me is item (a). I would make cn=monitor be olcDatabase {3}. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

(ITS#7292) Memory leak with MMR + delta syncrepl
by brandon.hume＠dal.ca 06 Jun '12

06 Jun '12

Full_Name: Brandon Hume Version: 2.4.31 OS: RHEL EL6.1, kernel 2.6.32-131.12.1.el6.x86_64 URL: http://den.bofh.ca/~hume/ol-2.4.31_memleak.tar.gz Submission from: (NULL) (2001:410:a010:2:223:aeff:fe74:400e) OpenLDAP 2.4.31 compiled in 64-bit with BerkeleyDB 5.3.15 appears to exhibit a memory leak while replicating the full database from another node in MMR. A two-node MMR configuration has been set up. Node 1 is full populated with data, approximately 338k DNs, which occupies around 1G on-disk (including bdb __db.* and log.* files). Node 1 is brought up and on a 64-bit system occupies around 5.5G VM and 4.7G RSS. Node 2 is initialized with a copy of cn=config (slapcat/slapadd method) and brought up with an empty database to begin replication. Over the course of the replication, node 2's slapd will grow continuously. On the one occasion it managed to "finish" the replication (with the test database), node 2's slapd occupied 14G VM and approximately 6G RSS. I've included a link to the test kit I put together. This includes a fairly large, anonimized database, as well as a simplified copy of the configuration. I've left in the sendmail and misc schemas but removed irrelevant local schemas. Also included are the DB_CONFIGs used for the main database and accesslog, and the configuration scripts used for compiling both bdb and OpenLDAP. Steps to reproduce: - Compile and install bdb and OpenLDAP with options the same as in the config-db.sh and config-ldap.sh scripts. - Initialize configuration on node 1 and 2 using "slapadd -F etc/slapd.d -b cn=config -l slapd-conf.ldif". - Initialize main DB on node 1 using "slapadd -l test_dit.ldif" - Start node 1. The slapd process should stabilize at around 5G VM in use. - Start node 2 and allow it to begin replication. I've tested with node 2 on both RHEL6 and on Solaris 10. In both cases, node 2's slapd became extremely bloated over the course of several hours. Only the Solaris SPARC box was able to complete the replication, stabilizing at 14G VM used. The Redhat x86 box continued to grow far beyond the 16G swap limit and was killed by the OS. I've attempted to use the Solaris libumem tools to trace the memory leak, using gcore on the running process and "::findleaks -dv" within mdb running on the core. I've included the report generated in case it provides any useful information as "mdb_findleaks_analysis.txt". Disregard if you wish. (I apologize for the large test LDIF. I wanted something to definitively show the problem so didn't want to trim it too much...)

1 0

(ITS#7291) [PATCH] MozNSS: read pin from file file can cause infinite loop
by jvcelak＠redhat.com 06 Jun '12

06 Jun '12

Full_Name: Jan Vcelak Version: git master OS: Linux URL: ftp://ftp.openldap.org/incoming/jvcelak-20120606-moznss-read-pin-from-file-… Submission from: (NULL) (209.132.186.34) The buffer allocated for reading password (pin) file has to be initialized with zeros, or we need to append zero at the end of the file. Otherwise we might read initialized memory and consider it to be a password. In this situation, all incoming TLS connections can hang. Attached patch fixes this bug. The attached file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Red Hat. Red Hat has not assigned rights and/or interest in this work to any party. I, Jan Vcelak am authorized by Red Hat, my employer, to release this work under the following terms. Red Hat hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.

1 0

← Newer
1
2
3
4
5
6
7
8
9
Older →

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs June 2012