openldap-bugs February 2013

openldap-bugs@openldap.org

22 participants
48 discussions

Re: (ITS#7519) a suspicious bug about OpenLDAP Software 2.4 Administrator's Guide
by michael＠stroeder.com 05 Feb '13

05 Feb '13

This is a cryptographically signed message in MIME format. --------------ms040601090102040300070904 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable ouyangguang(a)huawei.com wrote: > But when I browse the functions "ldap_bind" > and "ldap_bind_s", none of LDAP_AUTH_KRBV4, LDAP_AUTH_KRBV41 or LDAP_AU= TH_KRBV42 > mode is supported. So I think it is wrong with the document. > Anybody knows that? This is not a bug. The options you mentioned were for deprecated Krb4 (as= the names show) which you definitely don't want to use. Please post questions about how to use SASL/GSSAPI-Krb5 bind to the openldap-technical mailing list and not into the bug tracker. Ciao, Michael. --------------ms040601090102040300070904 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIILHzCC BT8wggQnoAMCAQICDwCmSwABAAIAivjZQ8SBvzANBgkqhkiG9w0BAQUFADB8MQswCQYDVQQG EwJERTEcMBoGA1UEChMTVEMgVHJ1c3RDZW50ZXIgR21iSDElMCMGA1UECxMcVEMgVHJ1c3RD ZW50ZXIgQ2xhc3MgMSBMMSBDQTEoMCYGA1UEAxMfVEMgVHJ1c3RDZW50ZXIgQ2xhc3MgMSBM MSBDQSBJWDAeFw0xMjA2MDYxOTAyMTZaFw0xMzA2MDcxOTAyMTZaMCgxCzAJBgNVBAYTAkRF MRkwFwYDVQQDDBBNaWNoYWVsIFN0csO2ZGVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEAxXZGav40rnGNLxEggBW94MILWHlfC8a23Jew5U1gPlfRTXOjjzmoaZ1uCyGdgF6M VvuO9T1aTQNGH+OdeGe3P7Tfc/NsLJFJ2wtd8blvhmodUgse2eypiWjNOd4gZuhalBhgsQ0K b5D6/1foghII4E264iZlJ7AJ+UYcO+GxvFWT0YMTbLckgDkZk7c3qwTozdhYvXarvqx+8Ou/ kuxpQQhac/ebzxpu0N+RHSf2KIUS0g0tEGnPtGv6iL+9QNHc4JKo9Y9KKVw3tQy+Re+FQLxB 1fPE5F+qxuD3AUENpOwkMsqWLM94ohtx3CFqLpxfUPrnKFLAHOhHEbByYGvFPwIDAQABo4IC EDCCAgwwgaUGCCsGAQUFBwEBBIGYMIGVMFEGCCsGAQUFBzAChkVodHRwOi8vd3d3LnRydXN0 Y2VudGVyLmRlL2NlcnRzZXJ2aWNlcy9jYWNlcnRzL3RjX2NsYXNzMV9MMV9DQV9JWC5jcnQw QAYIKwYBBQUHMAGGNGh0dHA6Ly9vY3NwLml4LnRjY2xhc3MxLnRjdW5pdmVyc2FsLWkudHJ1 c3RjZW50ZXIuZGUwHwYDVR0jBBgwFoAU6bgoHUbP/M34TpvF7ktg69g7P9EwDAYDVR0TAQH/ BAIwADBKBgNVHSAEQzBBMD8GCSqCFAAsAQEBATAyMDAGCCsGAQUFBwIBFiRodHRwOi8vd3d3 LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwDgYDVR0PAQH/BAQDAgTwMB0GA1UdDgQWBBS2 KAWfTfgJ/JQ63qLGwTXYLnI+LzBiBgNVHR8EWzBZMFegVaBThlFodHRwOi8vY3JsLml4LnRj Y2xhc3MxLnRjdW5pdmVyc2FsLWkudHJ1c3RjZW50ZXIuZGUvY3JsL3YyL3RjX0NsYXNzMV9M MV9DQV9JWC5jcmwwMwYDVR0lBCwwKgYIKwYBBQUHAwIGCCsGAQUFBwMEBggrBgEFBQcDBwYK KwYBBAGCNxQCAjAfBgNVHREEGDAWgRRtaWNoYWVsQHN0cm9lZGVyLmNvbTANBgkqhkiG9w0B AQUFAAOCAQEAQ3bvVUpEq+cQrLpcogyt5BJNk/WvUvOHqhzyj28M9pg9hcDl1+MYl5qqj6tR GSTLPQZyf287pcmbMwbcTGZO/gbW9v7RYcut6RauWdwKMCUmKC3J4fVfDq9ZETA2WOV68ef4 B3Gzdhghsbp3Rhp5dDmrCVKAHlafm6ZwJrEQ9P76fxnQZzRLgeKpZep5ePH5YHUB3+YaOQvJ FG0bOXvfHhRiRG7/HW2G+yDgjHSxDz8AFzMWL/RFePqZ4pn6T/SM/qU6WEpW39MWyJNoH/Kx QDYK8gGYuesn1ciMCTnjrvZQj0fonGTO4SfWekJRkuGrJ7dYSZRjYbDcWBBkdFLWzzCCBdgw ggTAoAMCAQICDgboAAEAAkqWLSQM/sXJMA0GCSqGSIb3DQEBBQUAMHkxCzAJBgNVBAYTAkRF MRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMSQwIgYDVQQLExtUQyBUcnVzdENlbnRl ciBVbml2ZXJzYWwgQ0ExJjAkBgNVBAMTHVRDIFRydXN0Q2VudGVyIFVuaXZlcnNhbCBDQSBJ MB4XDTA5MTEwMzE0MDgxOVoXDTI1MTIzMTIxNTk1OVowfDELMAkGA1UEBhMCREUxHDAaBgNV BAoTE1RDIFRydXN0Q2VudGVyIEdtYkgxJTAjBgNVBAsTHFRDIFRydXN0Q2VudGVyIENsYXNz IDEgTDEgQ0ExKDAmBgNVBAMTH1RDIFRydXN0Q2VudGVyIENsYXNzIDEgTDEgQ0EgSVgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC75pBuz2Lp6QuqthDVR+V8XSsncZpozVVt 5KLv5P7yemMRwleKyH3PjmYfZUVL64Biab1GjovFblqVGCrep/EfdRonq20yU+P7TVhiLP8Z 5cegDZotIYhZhM0d8cPIij6w5d4IJM/8QCy6QSOUu4ASiTVItoYE4AFPjLqpmPwcie0fiqHH hpgmHnJla/7PZdkMZEsaCfVDEWBmJuMzVprJPT40anjG5VBLyM2I5DlsUCaeQCy2O3w3sqf1 3dyzUcv03IICuNc63towXA31Qt0TaVNU6YAmQjMepdfMbspmCZ+G8D2+xophEPPR/1vkstst smUMqX0XrLonTUJczglPAgMBAAGjggJZMIICVTCBmgYIKwYBBQUHAQEEgY0wgYowUgYIKwYB BQUHMAKGRmh0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvY2VydHNlcnZpY2VzL2NhY2VydHMv dGNfdW5pdmVyc2FsX3Jvb3RfSS5jcnQwNAYIKwYBBQUHMAGGKGh0dHA6Ly9vY3NwLnRjdW5p dmVyc2FsLUkudHJ1c3RjZW50ZXIuZGUwHwYDVR0jBBgwFoAUkqR1LKSevoFE63n8isWVpesQ dXMwEgYDVR0TAQH/BAgwBgEB/wIBADBSBgNVHSAESzBJMAYGBFUdIAAwPwYJKoIUACwBAQEB MDIwMAYIKwYBBQUHAgEWJGh0dHA6Ly93d3cudHJ1c3RjZW50ZXIuZGUvZ3VpZGVsaW5lczAO BgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFOm4KB1Gz/zN+E6bxe5LYOvYOz/RMIH9BgNVHR8E gfUwgfIwge+ggeyggemGRmh0dHA6Ly9jcmwudGN1bml2ZXJzYWwtSS50cnVzdGNlbnRlci5k ZS9jcmwvdjIvdGNfdW5pdmVyc2FsX3Jvb3RfSS5jcmyGgZ5sZGFwOi8vd3d3LnRydXN0Y2Vu dGVyLmRlL0NOPVRDJTIwVHJ1c3RDZW50ZXIlMjBVbml2ZXJzYWwlMjBDQSUyMEksTz1UQyUy MFRydXN0Q2VudGVyJTIwR21iSCxPVT1yb290Y2VydHMsREM9dHJ1c3RjZW50ZXIsREM9ZGU/ Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlPzANBgkqhkiG9w0BAQUFAAOCAQEAOcjE m+6+mO5Icm+N53G2DpCM07LBFSGoRpBoX0oE8TrJaIQh2KXmBHVdn9LU8kt3QzLclctgvwJV 0KwcsMUUl5tlCsMPpR3s2Ek5lbWpvvr0HqtW56blAQiINV9nBd1EJFASIkRjefGbV2nOq9Yz UU+N8HA7jq1ROhd/NZZraGhjthwKyfjfHV7PKxGlY+3M0MbTIG+q/GhIfm0euDpFqhKG88e9 ALXr/uoSn3MzeOcoOWjTpW3adtFO4VWVgKbgG7jNrFbvRVlHmFLbOm4msjE5aXWxLiTwpJ2X iF4zKca1vAdAOgw9us90jEtOeiH6GzjNxEMvb7TfeO6Zkuc6HDGCA84wggPKAgEBMIGPMHwx CzAJBgNVBAYTAkRFMRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMSUwIwYDVQQLExxU QyBUcnVzdENlbnRlciBDbGFzcyAxIEwxIENBMSgwJgYDVQQDEx9UQyBUcnVzdENlbnRlciBD bGFzcyAxIEwxIENBIElYAg8ApksAAQACAIr42UPEgb8wCQYFKw4DAhoFAKCCAhMwGAYJKoZI hvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTMwMjA1MTQ0NjI1WjAjBgkq hkiG9w0BCQQxFgQU/uCgt9UJwE1eF6/+PhHEzEpoylkwbAYJKoZIhvcNAQkPMV8wXTALBglg hkgBZQMEASowCwYJYIZIAWUDBAECMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggq hkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBoAYJKwYBBAGCNxAEMYGSMIGP MHwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMSUwIwYDVQQL ExxUQyBUcnVzdENlbnRlciBDbGFzcyAxIEwxIENBMSgwJgYDVQQDEx9UQyBUcnVzdENlbnRl ciBDbGFzcyAxIEwxIENBIElYAg8ApksAAQACAIr42UPEgb8wgaIGCyqGSIb3DQEJEAILMYGS oIGPMHwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKExNUQyBUcnVzdENlbnRlciBHbWJIMSUwIwYD VQQLExxUQyBUcnVzdENlbnRlciBDbGFzcyAxIEwxIENBMSgwJgYDVQQDEx9UQyBUcnVzdENl bnRlciBDbGFzcyAxIEwxIENBIElYAg8ApksAAQACAIr42UPEgb8wDQYJKoZIhvcNAQEBBQAE ggEAdrTmfQp7wmG7rRQ65ZLKN1YbhvY2QtL3Qqg9OscNNpJEfVUzvVbycBXl5zgKz8WAIrzq X44MVDRKMAOf2/voXuKVg29pPIJE2gcGHdY+7IrLeLssuLE5tbqY9yX3BM7Utp1IihOIeAeU wYBOZbthOxrb21aQf8pWatOmyHlkdzlomqjX/h8WBcccCtK66zGVjncDFqxPIarq/M0PSIn3 qJmcz5KBWU6wIt7p//D5hbnqHvyW9j9uHi8HrusNPSdssL+FO8cG0A/HIyOu0Mwp39tet6LR AGpWDGJqWJHYWS4TuNlJWOhPq3esTUJkPSSoh3TT/Z6a+9ExohQgpfLOFgAAAAAAAA== --------------ms040601090102040300070904--

1 0

(ITS#7519) a suspicious bug about OpenLDAP Software 2.4 Administrator's Guide
by ouyangguang＠huawei.com 05 Feb '13

05 Feb '13

Full_Name: OuYang Guang Version: openldap-2.4.33 OS: Suse linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (219.133.0.1) I'm trying build a ldap client with OpenLDAP-2.4.33 and I want to use Kerberos authentication services. According to the chapter "4.2.3. Kerberos Authentication Service" of OpenLDAP Software 2.4 Administrator's Guide, OpenLDAP clients and servers support Kerberos authentication services. But when I browse the functions "ldap_bind" and "ldap_bind_s", none of LDAP_AUTH_KRBV4, LDAP_AUTH_KRBV41 or LDAP_AUTH_KRBV42 mode is supported. So I think it is wrong with the document. Anybody knows that? Thank you!

1 0

(ITS#7518) nssov sync'ed up with nss_pam_ldapd.0.8.11
by tedcheng＠symas.com 04 Feb '13

04 Feb '13

Full_Name: Ted C. Cheng Version: HEAD OS: Linux/Solaris URL: https://dl.dropbox.com/u/94235048/nssov_sync_w_nss_pam_ldapd_0_8_11.patch Submission from: (NULL) (76.174.253.197) Please find nssov patch in the link provided: 1. Sync'ed up with nss-pam-ldapd 0.8.11: * added nssov_config support * added password_prohibit_message, similar to PADL * self-pwd-changes are made as user identities; root changing user passwords as nssov-pam-pwdmgr-dn 2. Fixed a bug that connection DN was not constructed correctly. 3. Fixed a service debug crash issue when protocol value is NULL 4. Added more debugging msgs

1 0

(ITS#7517) mdb_dbi_close(dbi updated in existing txn) breaks
by h.b.furuseth＠usit.uio.no 02 Feb '13

02 Feb '13

Full_Name: Hallvard B Furuseth Version: mdb.master 48dc782ea612f85e8356a50bfbafe22e5be121cf OS: Linux x86_64 URL: Submission from: (NULL) (193.69.163.163) Submitted by: hallvard If a thread modifies a named MDB database and closes it before committing, the changes are lost. The mdb_dbi_close() doc only says we must not close DBs which _other_ theads will reference. I expect mdb_dbi_close() could check if the env has an active write txn where the DB is dirty, and mdb_put() it first. And in any parent txns which have it open, dunno if that's doable. If not, in this case maybe _close() could stash away the DB info so mdb_txn_commit()/mdb_txn_reset0() can save the updates. Note that another mdb_dbi_open() can reuse the closed DBI, so carelessness could e.g. save the changes with the wrong DB name. Test case (no nested txns): #include <lmdb.h> #include <stdio.h> #include <stdlib.h> int main(void) { char *dbname = "test.mdb"; MDB_env *env; MDB_txn *txn; MDB_dbi dbi; int rdonly, rc; MDB_val key = {3, "foo"}, data = {3, "abc"}, rdata; # define E(e) { rc = (e); if (rc) { fprintf(stderr, "%s:%d: %s: %s\n", \ __FILE__, __LINE__, #e, mdb_strerror(rc)); abort(); } } remove(dbname); for (rdonly = 0; rdonly <= MDB_RDONLY; rdonly += MDB_RDONLY) { E(mdb_env_create(&env)); E(mdb_env_set_maxdbs(env, 1)); E(mdb_env_open(env, dbname, MDB_NOSYNC|MDB_NOSUBDIR, 0666)); E(mdb_txn_begin(env, NULL, rdonly, &txn)); E(mdb_dbi_open(txn, NULL, rdonly ? 0 : MDB_CREATE, &dbi)); if (!rdonly) { E(mdb_put(txn, dbi, &key, &data, 0)); mdb_dbi_close(env, dbi); } else { E(mdb_get(txn, dbi, &key, &rdata)); } E(mdb_txn_commit(txn)); mdb_env_close(env); } return 0; }

1 0

Re: (ITS#7516) Mysql backend is readonly with included metadata sql files
by masarati＠aero.polimi.it 01 Feb '13

01 Feb '13

On 02/01/2013 01:56 PM, povilas(a)Daukas.lt wrote: > Full_Name: Povilas Daukas > Version: any > OS: Ubuntu > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (78.63.107.40) > > > > Hi, > > While trying to setup mysql as backend to the openldap server i noticed that it > only allowed reading from the database but not updating as the metadata was not > there to handle the updates. > > So I adopted the functions and sql from PostgreSQL to make it read write. the > file to modify is below. Thank you, but please follow guidelines for contributions here <http://www.openldap.org/devel/contributing.html> to ease review and integration. Thanks, p. -- Pierangelo Masarati Associate Professor Dipartimento di Scienze e Tecnologie Aerospaziali Politecnico di Milano

1 0

(ITS#7516) Mysql backend is readonly with included metadata sql files
by povilas＠Daukas.lt 01 Feb '13

01 Feb '13

Full_Name: Povilas Daukas Version: any OS: Ubuntu URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (78.63.107.40) Hi, While trying to setup mysql as backend to the openldap server i noticed that it only allowed reading from the database but not updating as the metadata was not there to handle the updates. So I adopted the functions and sql from PostgreSQL to make it read write. the file to modify is below. Hope you and others will find it useful. Kind regards Paul ---------------------------------------------------------------------- File: servers/slapd/back-sql/rdbms_depend/mysql/testdb_metadata.sql ---------------------------------------------------------------------- -- mappings -- objectClass mappings: these may be viewed as structuralObjectClass, the ones that are used to decide how to build an entry -- id a unique number identifying the objectClass -- name the name of the objectClass; it MUST match the name of an objectClass that is loaded in slapd's schema -- keytbl the name of the table that is referenced for the primary key of an entry -- keycol the name of the column in "keytbl" that contains the primary key of an entry; the pair "keytbl.keycol" uniquely identifies an entry of objectClass "id" -- create_proc a procedure to create the entry -- delete_proc a procedure to delete the entry; it takes "keytbl.keycol" of the row to be deleted -- expect_return a bitmap that marks whether create_proc (1) and delete_proc (2) return a value or not INSERT INTO `ldap_oc_mappings` (id,name,keytbl,keycol,create_proc,delete_proc,expect_return) VALUES ('1', 'inetOrgPerson', 'persons', 'id', 'SELECT create_person()', 'DELETE FROM persons WHERE id=?', 0); INSERT INTO `ldap_oc_mappings` (id,name,keytbl,keycol,create_proc,delete_proc,expect_return) VALUES ('2', 'document', 'documents', 'id', 'SELECT create_doc()', 'DELETE FROM documents WHERE id=?', 0); INSERT INTO `ldap_oc_mappings` (id,name,keytbl,keycol,create_proc,delete_proc,expect_return) VALUES ('3', 'organization', 'institutes', 'id', 'SELECT create_o()', 'DELETE FROM institutes WHERE id=?', 0); INSERT INTO `ldap_oc_mappings` (id,name,keytbl,keycol,create_proc,delete_proc,expect_return) VALUES ('4', 'referral', 'referrals', 'id', 'SELECT create_referral()', 'DELETE FROM referrals WHERE id=?', 0); -- attributeType mappings: describe how an attributeType for a certain objectClass maps to the SQL data. -- id a unique number identifying the attribute -- oc_map_id the value of "ldap_oc_mappings.id" that identifies the objectClass this attributeType is defined for -- name the name of the attributeType; it MUST match the name of an attributeType that is loaded in slapd's schema -- sel_expr the expression that is used to select this attribute (the "select <sel_expr> from ..." portion) -- from_tbls the expression that defines the table(s) this attribute is taken from (the "select ... from <from_tbls> where ..." portion) -- join_where the expression that defines the condition to select this attribute (the "select ... where <join_where> ..." portion) -- add_proc a procedure to insert the attribute; it takes the value of the attribute that is added, and the "keytbl.keycol" of the entry it is associated to -- delete_proc a procedure to delete the attribute; it takes the value of the attribute that is added, and the "keytbl.keycol" of the entry it is associated to -- param_order a mask that marks if the "keytbl.keycol" value comes before or after the value in add_proc (1) and delete_proc (2) -- expect_return a mask that marks whether add_proc (1) and delete_proc(2) are expected to return a value or not INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('1', '1', 'cn', 'concat(persons.name,\' \',persons.surname)', null, 'persons', null, 'SELECT update_person_cn(?,?)', 'SELECT 1 FROM persons WHERE persons.name=? AND persons.id=? AND 1=0', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('2', '1', 'telephoneNumber', 'phones.phone', null, 'persons,phones', 'phones.pers_id=persons.id', 'SELECT add_phone(?,?)', 'DELETE FROM phones WHERE phone=? AND pers_id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('3', '1', 'givenName', 'persons.name', null, 'persons', null, 'UPDATE persons SET name=? WHERE id=?', 'UPDATE persons SET name=\'\' WHERE (name=? OR name=\'\') AND id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('4', '1', 'sn', 'persons.surname', null, 'persons', null, 'UPDATE persons SET surname=? WHERE id=?', 'UPDATE persons SET surname=\'\' WHERE (surname=? OR surname=\'\') AND id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('5', '1', 'userPassword', 'persons.password', null, 'persons', 'persons.password IS NOT NULL', 'UPDATE persons SET password=? WHERE id=?', 'UPDATE persons SET password=NULL WHERE password=? AND id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('6', '1', 'seeAlso', 'seeAlso.dn', null, 'ldap_entries AS seeAlso,documents,authors_docs,persons', 'seeAlso.keyval=documents.id AND seeAlso.oc_map_id=2 AND authors_docs.doc_id=documents.id AND authors_docs.pers_id=persons.id', null, 'DELETE from authors_docs WHERE authors_docs.doc_id=(SELECT documents.id FROM documents,ldap_entries AS seeAlso WHERE seeAlso.keyval=documents.id AND seeAlso.oc_map_id=2 AND seeAlso.dn=?) AND authors_docs.pers_id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('7', '2', 'description', 'documents.abstract', null, 'documents', null, 'UPDATE documents SET abstract=? WHERE id=?', 'UPDATE documents SET abstract=\'\'\'\' WHERE abstract=? AND id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('8', '2', 'documentTitle', 'documents.title', null, 'documents', null, 'UPDATE documents SET title=? WHERE id=?', 'UPDATE documents SET title=\'\' WHERE title=? AND id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('9', '2', 'documentAuthor', 'documentAuthor.dn', null, 'ldap_entries AS documentAuthor,documents,authors_docs,persons', 'documentAuthor.keyval=persons.id AND documentAuthor.oc_map_id=1 AND authors_docs.doc_id=documents.id AND authors_docs.pers_id=persons.id', 'INSERT INTO authors_docs (pers_id,doc_id) VALUES ((SELECT ldap_entries.keyval FROM ldap_entries WHERE upper(?)=upper(ldap_entries.dn)),?)', 'DELETE FROM authors_docs WHERE authors_docs.pers_id=(SELECT ldap_entries.keyval FROM ldap_entries WHERE upper(?)=upper(ldap_entries.dn)) AND authors_docs.doc_id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('10', '2', 'documentIdentifier', 'concat(\'document \',documents.id)', null, 'documents', null, null, 'SELECT 1 FROM documents WHERE title=? AND id=? AND 1=0', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('11', '3', 'o', 'institutes.name', null, 'institutes', null, 'UPDATE institutes SET name=? WHERE id=?', 'UPDATE institutes SET name=\'\' WHERE name=? AND id=?', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('12', '3', 'dc', 'lower(institutes.name)', null, 'institutes,ldap_entries AS dcObject,ldap_entry_objclasses as auxObjectClass', 'institutes.id=dcObject.keyval AND dcObject.oc_map_id=3 AND dcObject.id=auxObjectClass.entry_id AND auxObjectClass.oc_name=\'dcObject\'', null, 'SELECT 1 FROM institutes WHERE lower(name)=? AND id=? and 1=0', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('13', '4', 'ou', 'referrals.name', null, 'referrals', null, 'UPDATE referrals SET name=? WHERE id=?', 'SELECT 1 FROM referrals WHERE name=? AND id=? and 1=0', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('14', '4', 'ref', 'referrals.url', null, 'referrals', null, 'UPDATE referrals SET url=? WHERE id=?', 'SELECT 1 FROM referrals WHERE url=? and id=? and 1=0', '3', '0'); INSERT INTO `ldap_attr_mappings` into ldap_attr_mappings (id,oc_map_id,name,sel_expr,from_tbls,join_where,add_proc,delete_proc,param_order,expect_return) VALUES ('15', '1', 'userCertificate', 'certs.cert', null, 'persons,certs', 'certs.pers_id=persons.id', null, null, '3', '0'); -- entries mapping: each entry must appear in this table, with a unique DN rooted at the database naming context -- id a unique number > 0 identifying the entry -- dn the DN of the entry, in "pretty" form -- oc_map_id the "ldap_oc_mappings.id" of the main objectClass of this entry (view it as the structuralObjectClass) -- parent the "ldap_entries.id" of the parent of this objectClass; 0 if it is the "suffix" of the database -- keyval the value of the "keytbl.keycol" defined for this objectClass insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (1,'dc=example,dc=com',3,0,1); insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (2,'cn=Mitya Kovalev,dc=example,dc=com',1,1,1); insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (3,'cn=Torvlobnor Puzdoy,dc=example,dc=com',1,1,2); insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (4,'cn=Akakiy Zinberstein,dc=example,dc=com',1,1,3); insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (5,'documentTitle=book1,dc=example,dc=com',2,1,1); insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (6,'documentTitle=book2,dc=example,dc=com',2,1,2); insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values (7,'ou=Referral,dc=example,dc=com',4,1,1); -- objectClass mapping: entries that have multiple objectClass instances are listed here with the objectClass name (view them as auxiliary objectClass) -- entry_id the "ldap_entries.id" of the entry this objectClass value must be added -- oc_name the name of the objectClass; it MUST match the name of an objectClass that is loaded in slapd's schema insert into ldap_entry_objclasses (entry_id,oc_name) values (1,'dcObject'); insert into ldap_entry_objclasses (entry_id,oc_name) values (4,'pkiUser'); insert into ldap_entry_objclasses (entry_id,oc_name) values (7,'extensibleObject'); ---------------------------------- -- FUNCTIONS TO SUPPORT UPDATES AND DELETIONS -- ---------------------------- -- Function structure for `add_phone` -- ---------------------------- DROP FUNCTION IF EXISTS `add_phone`; DELIMITER ;; CREATE FUNCTION `add_phone`(`input_value` varchar(255),`input_id` int(11)) RETURNS int(11) BEGIN DECLARE return_value int(11); SET return_value = 0; insert into phones (phone,pers_id) values (input_value, input_id); select max(id) into return_value from phones; RETURN return_value; END ;; DELIMITER ; -- ---------------------------- -- Function structure for `create_doc` -- ---------------------------- DROP FUNCTION IF EXISTS `create_doc`; DELIMITER ;; CREATE FUNCTION `create_doc`() RETURNS int(11) BEGIN DECLARE return_value int(11); SET return_value = 0; insert into documents(id,title,abstract) values (null,'',''); select max(id) into return_value from documents; RETURN return_value; END ;; DELIMITER ; -- ---------------------------- -- Function structure for `create_o` -- ---------------------------- DROP FUNCTION IF EXISTS `create_o`; DELIMITER ;; CREATE FUNCTION `create_o`() RETURNS int(11) BEGIN DECLARE return_value int(11); SET return_value = 0; insert into institutes(id,name) values (null,''); select max(id) into return_value from institutes; RETURN return_value; END ;; DELIMITER ; -- ---------------------------- -- Function structure for `create_person` -- ---------------------------- DROP FUNCTION IF EXISTS `create_person`; DELIMITER ;; CREATE FUNCTION `create_person`() RETURNS int(11) BEGIN DECLARE return_value int(11); SET return_value = 0; insert into persons (id,name,surname) values (null,'',''); select max(id) into return_value from persons; RETURN return_value; END ;; DELIMITER ; -- ---------------------------- -- Function structure for `create_referral` -- ---------------------------- DROP FUNCTION IF EXISTS `create_referral`; DELIMITER ;; CREATE FUNCTION `create_referral`() RETURNS int(11) BEGIN DECLARE return_value int(11); SET return_value = 0; insert into referrals(id,name, url) values (null, '', ''); select max(id) into return_value from referrals; RETURN return_value; END ;; DELIMITER ; -- ---------------------------- -- Function structure for `update_person_cn` -- ---------------------------- DROP FUNCTION IF EXISTS `update_person_cn`; DELIMITER ;; CREATE FUNCTION `update_person_cn`(`input_value` varchar(255),`input_id` int(11)) RETURNS int(11) BEGIN #Routine body goes here... update persons set name = ( select case when position(' ' in input_value) = 0 then input_value else substr($1, 1, position(' ' in input_value) - 1) end ),surname = ( select case when position(' ' in input_value) = 0 then '' else substr(input_value, position(' ' in input_value) + 1) end ) where id = input_id; RETURN input_id; END ;; DELIMITER ;

1 0

Re: (ITS#7515) Nested liblmdb transaction bugs
by hyc＠symas.com 31 Jan '13

31 Jan '13

hyc(a)symas.com wrote: > h.b.furuseth(a)usit.uio.no wrote: >> Can't use a DBI from an aborted child txn, unlike aborted main txn: >> >> $ ./bug R[cp] # Create a named DB and put an item there >> $ ./bug [[o}g] # Open that DB in a child, abort, use the DBI >> 40: mdb_get(txn, dbi, &key, &rdata): Invalid argument >> $ ./bug [[o]g] # Success: Commit instead of abort the child >> $ ./bug [o}[g] # Success: Use the DBI from an aborted main txn > > Sounds like the latter is a different bug - a DBI opened in an aborted txn > should not be valid after the abort. > This bit is now fixed in mdb.master. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7515) Nested liblmdb transaction bugs
by hyc＠symas.com 31 Jan '13

31 Jan '13

h.b.furuseth(a)usit.uio.no wrote: > Can't use a DBI from an aborted child txn, unlike aborted main txn: > > $ ./bug R[cp] # Create a named DB and put an item there > $ ./bug [[o}g] # Open that DB in a child, abort, use the DBI > 40: mdb_get(txn, dbi, &key, &rdata): Invalid argument > $ ./bug [[o]g] # Success: Commit instead of abort the child > $ ./bug [o}[g] # Success: Use the DBI from an aborted main txn Sounds like the latter is a different bug - a DBI opened in an aborted txn should not be valid after the abort. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs February 2013