Re: (ITS#8812) OpenLDAP 2.4 Standalone or embedded
by michael@stroeder.com
muthamma.appaiah(a)wellsfargo.com wrote:
> Full_Name: Muthamma
> Version: 2.4 and 2.3
> OS:
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (2620:160:e708:6::a)
>
>
> Hi team,
>
> Could you confirm if the product OpenLDAP is a stand-alone product or embedded?
ITS is only used for reporting bugs. Please ask such a question on the
openldap-technical mailing list.
Ciao, Michael.
2 years, 10 months
RE: (ITS#8618) ldapsearch - unexpected behavior with
by andrew.lawrence@siemens.com
Hi Alex,
I was wrong. It is not the lack of port that causes it to fail.
On the third line of the output below you can see the ldapsearch request wi=
thout the port has tried to construct a uri by appending "ldap://" to anoth=
er ldap uri.
$ ldapsearch -x -d 255 -h ldap://localhost
ldap_create
ldap_url_parse_ext(ldap://ldap:%2F%2Flocalhost)
ldap_err2string
Could not create LDAP session handle for URI=3Dldap://ldap:
%2F%2Flocalhost (-9): Bad parameter to an ldap routine
If you also specify the port it does not try to append "ldap://" to the fro=
nt of the hostname/uri. From an external point of view the behaviour is cor=
rect in that the command fails but the internal behaviour of the code is no=
t as intended.
Andy
-----Original Message-----
From: Alexandre Rosenberg [mailto:arekkusu@r42.ch]=20
Sent: 04 March 2018 12:30
To: Lawrence, Andy (MO MM R&D UK IXL); openldap-its(a)OpenLDAP.org
Subject: Re: (ITS#8618) ldapsearch - unexpected behavior with
=20
2 years, 10 months
(ITS#8815) aarch64 autoconf error
by stephane@qnap.com
Full_Name: stephane guerithault
Version: 2.4.45
OS: Xenial Ubuntu arm64 ( aarch64)
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2a06:4282:6:6b00:b0e4:f061:db67:e31e)
Open Ldap autoconf script need uptade to compile from Source on aarch64
architecture (arm64)
Configuring OpenLDAP 2.4.45-Release ...
checking build system type... build/config.guess: unable to guess system type
This script, last modified 2010-09-24-OpenLDAP, has failed to recognize
the operating system you are using. It is advised that you
download the most up to date version of the config scripts from
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.gu...
and
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.su...
If the version you run (build/config.guess) is already up to date, please
send the following data and any information you think might be
pertinent to <config-patches(a)gnu.org> in order to provide the needed
information to handle your system.
config.guess timestamp = 2010-09-24-OpenLDAP
uname -m = aarch64
uname -r = 4.2.8
uname -s = Linux
uname -v = #1 SMP Thu Feb 15 01:39:52 CST 2018
/usr/bin/uname -p =
/bin/uname -X =
hostinfo =
/bin/universe =
/usr/bin/arch -k =
/bin/arch =
/usr/bin/oslevel =
/usr/convex/getsysinfo =
UNAME_MACHINE = aarch64
UNAME_RELEASE = 4.2.8
UNAME_SYSTEM = Linux
UNAME_VERSION = #1 SMP Thu Feb 15 01:39:52 CST 2018
configure: error: cannot guess build type; you must specify one
root@TS-128A:/SRC/openldap-2.4.45# uname -a
Linux TS-128A 4.2.8 #1 SMP Thu Feb 15 01:39:52 CST 2018 aarch64 aarch64 aarch64
GNU/Linux
2 years, 10 months
(ITS#8814) aarch64 autoconf error
by stephane@qnap.com
Full_Name: stephane guerithault
Version: 2.4.45
OS: Xenial Ubuntu arm64 ( aarch64)
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (2a06:4282:6:6b00:b0e4:f061:db67:e31e)
Open Ldap autoconf script need uptade to compile from Source on aarch64
architecture (arm64)
Configuring OpenLDAP 2.4.45-Release ...
checking build system type... build/config.guess: unable to guess system type
This script, last modified 2010-09-24-OpenLDAP, has failed to recognize
the operating system you are using. It is advised that you
download the most up to date version of the config scripts from
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.gu...
and
http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.su...
If the version you run (build/config.guess) is already up to date, please
send the following data and any information you think might be
pertinent to <config-patches(a)gnu.org> in order to provide the needed
information to handle your system.
config.guess timestamp = 2010-09-24-OpenLDAP
uname -m = aarch64
uname -r = 4.2.8
uname -s = Linux
uname -v = #1 SMP Thu Feb 15 01:39:52 CST 2018
/usr/bin/uname -p =
/bin/uname -X =
hostinfo =
/bin/universe =
/usr/bin/arch -k =
/bin/arch =
/usr/bin/oslevel =
/usr/convex/getsysinfo =
UNAME_MACHINE = aarch64
UNAME_RELEASE = 4.2.8
UNAME_SYSTEM = Linux
UNAME_VERSION = #1 SMP Thu Feb 15 01:39:52 CST 2018
configure: error: cannot guess build type; you must specify one
root@TS-128A:/SRC/openldap-2.4.45# uname -a
Linux TS-128A 4.2.8 #1 SMP Thu Feb 15 01:39:52 CST 2018 aarch64 aarch64 aarch64
GNU/Linux
2 years, 10 months
Re: (ITS#8777) [LMDB] Closing read cursor uses already freed transaction (MDB_VL32)
by markus@greenrobot.de
--001a114db4265d5f2405669693c3
Content-Type: text/plain; charset="UTF-8"
Because of another MDB_VL32 issue (
http://www.openldap.org/its/index.cgi?findid=8813), I would like to come
back the MDB_SIZE64 patch suggested here.
I understand that you have no intention to merge this in. For us, applying
the patch makes perfectly sense nevertheless: It fixes a severe problem and
the 2 GB limit on 32 bits is fine for our use case.
Do you see any side effects the proposed patch might have? I'm aware you
cannot give guarantees, but a simple "should work" from your side would be
appreciated!
Thanks!
Markus
I'd like to propose a different approach to 64 bits on 32 bit CPUs;
> something like this:
> [...]
> lmdb.h
> @@ -187,7 +187,15 @@
> # define MDB_FMT_Z "z" /**< printf/scanf format
> modifier for size_t */
> #endif
>
> -#ifndef MDB_VL32
> +#if defined(MDB_VL32) && defined(MDB_SIZE64)
> +#error either define MDB_VL32 OR MDB_SIZE64
> +#endif
> +#ifdef MDB_SIZE64
> +typedef uint64_t mdb_size_t;
> +# define MDB_SIZE_MAX SIZE_MAX /**< max #mdb_size_t */
> +# define MDB_PRIy(t) PRI##t##64
> +# define MDB_SCNy(t) SCN##t##64
> +#elif !defined(MDB_VL32))
> /** Unsigned type used for mapsize, entry counts and page/transaction IDs.
> *
> * It is normally size_t, hence the name. Defining MDB_VL32 makes it
>
--001a114db4265d5f2405669693c3
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><div=
>Because of another=C2=A0<span style=3D"color:rgb(34,34,34);font-family:ari=
al,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:norm=
al;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-alig=
n:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing=
:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-d=
ecoration-color:initial;float:none;display:inline">MDB_VL32 issue (<a href=
=3D"http://www.openldap.org/its/index.cgi?findid=3D8813">http://www.openlda=
p.org/its/index.cgi?findid=3D8813</a>), I would like to come back the=C2=A0=
<span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:s=
mall;font-style:normal;font-variant-ligatures:normal;font-variant-caps:norm=
al;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;t=
ext-transform:none;white-space:normal;word-spacing:0px;background-color:rgb=
(255,255,255);text-decoration-style:initial;text-decoration-color:initial;f=
loat:none;display:inline">MDB_SIZE64 patch <span style=3D"color:rgb(34,34,3=
4);font-family:arial,sans-serif;font-size:small;font-style:normal;font-vari=
ant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacin=
g:normal;text-align:start;text-indent:0px;text-transform:none;white-space:n=
ormal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-st=
yle:initial;text-decoration-color:initial;float:none;display:inline">sugges=
ted<span>=C2=A0</span></span>here.</span></span></div><div><span style=3D"c=
olor:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:=
normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:4=
00;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:no=
ne;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);te=
xt-decoration-style:initial;text-decoration-color:initial;float:none;displa=
y:inline"><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;f=
ont-size:small;font-style:normal;font-variant-ligatures:normal;font-variant=
-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-in=
dent:0px;text-transform:none;white-space:normal;word-spacing:0px;background=
-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color=
:initial;float:none;display:inline"><br></span></span></div><div><span styl=
e=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-=
style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-we=
ight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transf=
orm:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,2=
55);text-decoration-style:initial;text-decoration-color:initial;float:none;=
display:inline"><span style=3D"color:rgb(34,34,34);font-family:arial,sans-s=
erif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-v=
ariant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;t=
ext-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;back=
ground-color:rgb(255,255,255);text-decoration-style:initial;text-decoration=
-color:initial;float:none;display:inline">I understand that you have no int=
ention to merge this in. For us, applying the patch makes perfectly sense n=
evertheless: It fixes a severe problem and the 2 GB limit on 32 bits is fin=
e for our use case.=C2=A0</span></span></div><div><span style=3D"color:rgb(=
34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;fo=
nt-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter=
-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-=
space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decora=
tion-style:initial;text-decoration-color:initial;float:none;display:inline"=
><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:=
small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:nor=
mal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;=
text-transform:none;white-space:normal;word-spacing:0px;background-color:rg=
b(255,255,255);text-decoration-style:initial;text-decoration-color:initial;=
float:none;display:inline"><br></span></span></div><div><span style=3D"colo=
r:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:nor=
mal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;=
letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;=
white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-=
decoration-style:initial;text-decoration-color:initial;float:none;display:i=
nline"><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font=
-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-ca=
ps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-inden=
t:0px;text-transform:none;white-space:normal;word-spacing:0px;background-co=
lor:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:in=
itial;float:none;display:inline">Do you see any side effects the proposed p=
atch might have? I'm aware you cannot give guarantees, but a simple &qu=
ot;should work" from your side would be appreciated!</span></span></di=
v><div><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font=
-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-ca=
ps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-inden=
t:0px;text-transform:none;white-space:normal;word-spacing:0px;background-co=
lor:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:in=
itial;float:none;display:inline"><span style=3D"color:rgb(34,34,34);font-fa=
mily:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatu=
res:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;t=
ext-align:start;text-indent:0px;text-transform:none;white-space:normal;word=
-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initia=
l;text-decoration-color:initial;float:none;display:inline"><br></span></spa=
n></div><div><span style=3D"color:rgb(34,34,34);font-family:arial,sans-seri=
f;font-size:small;font-style:normal;font-variant-ligatures:normal;font-vari=
ant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text=
-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;backgro=
und-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-co=
lor:initial;float:none;display:inline"><span style=3D"color:rgb(34,34,34);f=
ont-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-=
ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:no=
rmal;text-align:start;text-indent:0px;text-transform:none;white-space:norma=
l;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:=
initial;text-decoration-color:initial;float:none;display:inline">Thanks!</s=
pan></span></div><div><span style=3D"color:rgb(34,34,34);font-family:arial,=
sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;=
font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:s=
tart;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0p=
x;background-color:rgb(255,255,255);text-decoration-style:initial;text-deco=
ration-color:initial;float:none;display:inline"><span style=3D"color:rgb(34=
,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font=
-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-s=
pacing:normal;text-align:start;text-indent:0px;text-transform:none;white-sp=
ace:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decorati=
on-style:initial;text-decoration-color:initial;float:none;display:inline">M=
arkus</span></span></div><div><span style=3D"color:rgb(34,34,34);font-famil=
y:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures=
:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text=
-align:start;text-indent:0px;text-transform:none;white-space:normal;word-sp=
acing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;t=
ext-decoration-color:initial;float:none;display:inline"><span style=3D"colo=
r:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:nor=
mal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;=
letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;=
white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-=
decoration-style:initial;text-decoration-color:initial;float:none;display:i=
nline"><br></span></span></div><div><br></div><blockquote class=3D"gmail_qu=
ote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,20=
4);padding-left:1ex">I'd like to propose a different approach to 64 bit=
s on 32 bit CPUs;<br>
something like this:<br>[...]<br>lmdb.h<br>
@@ -187,7 +187,15 @@<br>
=C2=A0# define MDB_FMT_Z=C2=A0 =C2=A0 =C2=A0"z"=C2=A0 =C2=A0 =C2=
=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0/**< printf/s=
canf format modifier for size_t */<br>
=C2=A0#endif<br>
<br>
-#ifndef MDB_VL32<br>
+#if defined(MDB_VL32) && defined(MDB_SIZE64)<br>
+#error either define MDB_VL32 OR MDB_SIZE64<br>
+#endif<br>
+#ifdef MDB_SIZE64<br>
+typedef uint64_t=C2=A0 =C2=A0 =C2=A0 =C2=A0mdb_size_t;<br>
+# define MDB_SIZE_MAX=C2=A0 SIZE_MAX=C2=A0 =C2=A0 =C2=A0 =C2=A0 /**< ma=
x #mdb_size_t */<br>
+# define MDB_PRIy(t)=C2=A0 =C2=A0PRI##t##64<br>
+# define MDB_SCNy(t)=C2=A0 =C2=A0SCN##t##64<br>
+#elif !defined(MDB_VL32))<br>
=C2=A0/** Unsigned type used for mapsize, entry counts and page/transaction=
IDs.<br>
=C2=A0 *<br>
=C2=A0 *=C2=A0 =C2=A0 =C2=A0It is normally size_t, hence the name. Defining=
MDB_VL32 makes it<br>
</blockquote></div><br></div></div>
--001a114db4265d5f2405669693c3--
2 years, 10 months
(ITS#8813) MDB_VL32 causes MDB_TXN_FULL
by markus@greenrobot.de
Full_Name: Markus Junginger
Version:
OS:
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (77.189.91.168)
We have a 1GB LMDB file with 7M K/V entries. With MDB_VL32, we always get a
MDB_TXN_FULL error for a transaction that is removing 2M entries (probably fails
at a lower count, we haven't measured that). Without MDB_VL32 it works fine.
Another observation:
Once the transaction fails with MDB_TXN_FULL, the data file has grown to 1.5GB.
Without MDB_VL32, the data file stays consistent at 1 GB even if all 7M entries
are deleted in a single transaction.
Expected behavior:
No MDB_TXN_FULL error, no data file growth.
2 years, 10 months
Re: (ITS#8618) ldapsearch - unexpected behavior with
by arekkusu@r42.ch
Andry, I am sorry but I still don't understand...
- You are saying ldapsearch internally converts '-h' and '-p' parameters into a
URI, correct ?
- The '-p' option in ldapsearch is optional, if it's not set it should use the
default LDAP port (TCP/389).
In the example bellow, when I am calling ldapsearch without specifying the port
(1), it does not say anything about the ldap URI being invalid. It simply tries
to connect to '/example.org:389' and fails. (which is expected).
On the other hand the same example with the option '-p 389' added, result in the
query going to localhost (2). I don't understand why.
The default LDAP port is TCP/389, therefore I would expect ldapsearch to behave
in the same way regardless if the '-p 389' argument is provided or not.
(1)
$ ldapsearch -x -d 255 -h /example.org
ldap_create
ldap_url_parse_ext(ldap://%
2Fexample.org)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ld
ap_int_open_connection
ldap_connect_to_host: TCP /example.org:389
ldap_connect_to_
host: getaddrinfo failed: Name or service not known
ldap_err2string
ldap_sasl_bind
(SIMPLE): Can't contact LDAP server (-1)
(2)
$ ldapsearch -x -d 255 -h /example.org -p 389
ldap_create
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP localhost:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying ::1 389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
attempting to connect:
connect errno: 111
ldap_close_socket: 3
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 127.0.0.1:389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
attempting to connect:
connect errno: 111
ldap_close_socket: 3
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
Best, Alex
On Sat, 2018-03-03 at 16:24 +0000, andrew.lawrence(a)siemens.com wrote:
> @Alex The difference in behaviour is because it constructs a uri from the h=
> ostname and port. If there is no port you end up with an invalid uri. I am =
> not sure if this is necessarily a good thing.
>
> Cheers,
> Andy
>
>
>
2 years, 10 months
Re: (ITS#8639) Remove support for LANMAN
by andrew.lawrence@siemens.com
Hi,
Is this just the support for LANMAN hashes of passwords in slapd?
There seems to also be some stand alone support for samba LANMAN passwords =
in the smbk5pwd module.
Cheers,
Andy
2 years, 10 months
Re: (ITS#8618) ldapsearch - unexpected behavior with
by andrew.lawrence@siemens.com
@Alex The difference in behaviour is because it constructs a uri from the h=
ostname and port. If there is no port you end up with an invalid uri. I am =
not sure if this is necessarily a good thing.
Cheers,
Andy
2 years, 10 months