openldap-bugs March 2018

openldap-bugs@openldap.org

20 participants
50 discussions

Re: (ITS#8812) OpenLDAP 2.4 Standalone or embedded
by michael＠stroeder.com 07 Mar '18

07 Mar '18

muthamma.appaiah(a)wellsfargo.com wrote: > Full_Name: Muthamma > Version: 2.4 and 2.3 > OS: > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (2620:160:e708:6::a) > > > Hi team, > > Could you confirm if the product OpenLDAP is a stand-alone product or embedded? ITS is only used for reporting bugs. Please ask such a question on the openldap-technical mailing list. Ciao, Michael.

1 0

(ITS#8816) OpenLDAP - Embedded Prodcut or Stand-alone product
by muthamma.appaiah＠wellsfargo.com 07 Mar '18

07 Mar '18

Full_Name: Muthamma Version: OpenLDAP latest OS: URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2620:160:e708:6::a) Hi team, Could you confirm if the product OpenLDAP is a stand-alone product or embedded? If this comes bundled with any other product?

1 0

RE: (ITS#8618) ldapsearch - unexpected behavior with
by andrew.lawrence＠siemens.com 06 Mar '18

06 Mar '18

Hi Alex, I was wrong. It is not the lack of port that causes it to fail. On the third line of the output below you can see the ldapsearch request wi= thout the port has tried to construct a uri by appending "ldap://" to anoth= er ldap uri. $ ldapsearch -x -d 255 -h ldap://localhost ldap_create ldap_url_parse_ext(ldap://ldap:%2F%2Flocalhost) ldap_err2string Could not create LDAP session handle for URI=3Dldap://ldap: %2F%2Flocalhost (-9): Bad parameter to an ldap routine If you also specify the port it does not try to append "ldap://" to the fro= nt of the hostname/uri. From an external point of view the behaviour is cor= rect in that the command fails but the internal behaviour of the code is no= t as intended. Andy -----Original Message----- From: Alexandre Rosenberg [mailto:arekkusu@r42.ch]=20 Sent: 04 March 2018 12:30 To: Lawrence, Andy (MO MM R&D UK IXL); openldap-its(a)OpenLDAP.org Subject: Re: (ITS#8618) ldapsearch - unexpected behavior with =20

1 0

(ITS#8815) aarch64 autoconf error
by stephane＠qnap.com 06 Mar '18

06 Mar '18

Full_Name: stephane guerithault Version: 2.4.45 OS: Xenial Ubuntu arm64 ( aarch64) URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2a06:4282:6:6b00:b0e4:f061:db67:e31e) Open Ldap autoconf script need uptade to compile from Source on aarch64 architecture (arm64) Configuring OpenLDAP 2.4.45-Release ... checking build system type... build/config.guess: unable to guess system type This script, last modified 2010-09-24-OpenLDAP, has failed to recognize the operating system you are using. It is advised that you download the most up to date version of the config scripts from http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.gues… and http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;… If the version you run (build/config.guess) is already up to date, please send the following data and any information you think might be pertinent to <config-patches(a)gnu.org> in order to provide the needed information to handle your system. config.guess timestamp = 2010-09-24-OpenLDAP uname -m = aarch64 uname -r = 4.2.8 uname -s = Linux uname -v = #1 SMP Thu Feb 15 01:39:52 CST 2018 /usr/bin/uname -p = /bin/uname -X = hostinfo = /bin/universe = /usr/bin/arch -k = /bin/arch = /usr/bin/oslevel = /usr/convex/getsysinfo = UNAME_MACHINE = aarch64 UNAME_RELEASE = 4.2.8 UNAME_SYSTEM = Linux UNAME_VERSION = #1 SMP Thu Feb 15 01:39:52 CST 2018 configure: error: cannot guess build type; you must specify one root@TS-128A:/SRC/openldap-2.4.45# uname -a Linux TS-128A 4.2.8 #1 SMP Thu Feb 15 01:39:52 CST 2018 aarch64 aarch64 aarch64 GNU/Linux

1 0

(ITS#8814) aarch64 autoconf error
by stephane＠qnap.com 06 Mar '18

06 Mar '18

1 0

Re: (ITS#8777) [LMDB] Closing read cursor uses already freed transaction (MDB_VL32)
by markus＠greenrobot.de 04 Mar '18

04 Mar '18

--001a114db4265d5f2405669693c3 Content-Type: text/plain; charset="UTF-8" Because of another MDB_VL32 issue ( http://www.openldap.org/its/index.cgi?findid=8813), I would like to come back the MDB_SIZE64 patch suggested here. I understand that you have no intention to merge this in. For us, applying the patch makes perfectly sense nevertheless: It fixes a severe problem and the 2 GB limit on 32 bits is fine for our use case. Do you see any side effects the proposed patch might have? I'm aware you cannot give guarantees, but a simple "should work" from your side would be appreciated! Thanks! Markus I'd like to propose a different approach to 64 bits on 32 bit CPUs; > something like this: > [...] > lmdb.h > @@ -187,7 +187,15 @@ > # define MDB_FMT_Z "z" /**< printf/scanf format > modifier for size_t */ > #endif > > -#ifndef MDB_VL32 > +#if defined(MDB_VL32) && defined(MDB_SIZE64) > +#error either define MDB_VL32 OR MDB_SIZE64 > +#endif > +#ifdef MDB_SIZE64 > +typedef uint64_t mdb_size_t; > +# define MDB_SIZE_MAX SIZE_MAX /**< max #mdb_size_t */ > +# define MDB_PRIy(t) PRI##t##64 > +# define MDB_SCNy(t) SCN##t##64 > +#elif !defined(MDB_VL32)) > /** Unsigned type used for mapsize, entry counts and page/transaction IDs. > * > * It is normally size_t, hence the name. Defining MDB_VL32 makes it > --001a114db4265d5f2405669693c3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><div= >Because of another=C2=A0<span style=3D"color:rgb(34,34,34);font-family:ari= al,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:norm= al;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-alig= n:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing= :0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-d= ecoration-color:initial;float:none;display:inline">MDB_VL32 issue (<a href= =3D"http://www.openldap.org/its/index.cgi?findid=3D8813">http://www.openlda= p.org/its/index.cgi?findid=3D8813</a>), I would like to come back the=C2=A0= <span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:s= mall;font-style:normal;font-variant-ligatures:normal;font-variant-caps:norm= al;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;t= ext-transform:none;white-space:normal;word-spacing:0px;background-color:rgb= (255,255,255);text-decoration-style:initial;text-decoration-color:initial;f= loat:none;display:inline">MDB_SIZE64 patch <span style=3D"color:rgb(34,34,3= 4);font-family:arial,sans-serif;font-size:small;font-style:normal;font-vari= ant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacin= g:normal;text-align:start;text-indent:0px;text-transform:none;white-space:n= ormal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-st= yle:initial;text-decoration-color:initial;float:none;display:inline">sugges= ted<span>=C2=A0</span></span>here.</span></span></div><div><span style=3D"c= olor:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:= normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:4= 00;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:no= ne;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);te= xt-decoration-style:initial;text-decoration-color:initial;float:none;displa= y:inline"><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;f= ont-size:small;font-style:normal;font-variant-ligatures:normal;font-variant= -caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-in= dent:0px;text-transform:none;white-space:normal;word-spacing:0px;background= -color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color= :initial;float:none;display:inline"><br></span></span></div><div><span styl= e=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-= style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-we= ight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transf= orm:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,2= 55);text-decoration-style:initial;text-decoration-color:initial;float:none;= display:inline"><span style=3D"color:rgb(34,34,34);font-family:arial,sans-s= erif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-v= ariant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;t= ext-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;back= ground-color:rgb(255,255,255);text-decoration-style:initial;text-decoration= -color:initial;float:none;display:inline">I understand that you have no int= ention to merge this in. For us, applying the patch makes perfectly sense n= evertheless: It fixes a severe problem and the 2 GB limit on 32 bits is fin= e for our use case.=C2=A0</span></span></div><div><span style=3D"color:rgb(= 34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;fo= nt-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter= -spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-= space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decora= tion-style:initial;text-decoration-color:initial;float:none;display:inline"= ><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font-size:= small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:nor= mal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;= text-transform:none;white-space:normal;word-spacing:0px;background-color:rg= b(255,255,255);text-decoration-style:initial;text-decoration-color:initial;= float:none;display:inline"><br></span></span></div><div><span style=3D"colo= r:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:nor= mal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;= letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;= white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-= decoration-style:initial;text-decoration-color:initial;float:none;display:i= nline"><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font= -size:small;font-style:normal;font-variant-ligatures:normal;font-variant-ca= ps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-inden= t:0px;text-transform:none;white-space:normal;word-spacing:0px;background-co= lor:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:in= itial;float:none;display:inline">Do you see any side effects the proposed p= atch might have? I'm aware you cannot give guarantees, but a simple &qu= ot;should work" from your side would be appreciated!</span></span></di= v><div><span style=3D"color:rgb(34,34,34);font-family:arial,sans-serif;font= -size:small;font-style:normal;font-variant-ligatures:normal;font-variant-ca= ps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-inden= t:0px;text-transform:none;white-space:normal;word-spacing:0px;background-co= lor:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:in= itial;float:none;display:inline"><span style=3D"color:rgb(34,34,34);font-fa= mily:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatu= res:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;t= ext-align:start;text-indent:0px;text-transform:none;white-space:normal;word= -spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initia= l;text-decoration-color:initial;float:none;display:inline"><br></span></spa= n></div><div><span style=3D"color:rgb(34,34,34);font-family:arial,sans-seri= f;font-size:small;font-style:normal;font-variant-ligatures:normal;font-vari= ant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text= -indent:0px;text-transform:none;white-space:normal;word-spacing:0px;backgro= und-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-co= lor:initial;float:none;display:inline"><span style=3D"color:rgb(34,34,34);f= ont-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-= ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:no= rmal;text-align:start;text-indent:0px;text-transform:none;white-space:norma= l;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:= initial;text-decoration-color:initial;float:none;display:inline">Thanks!</s= pan></span></div><div><span style=3D"color:rgb(34,34,34);font-family:arial,= sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;= font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:s= tart;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0p= x;background-color:rgb(255,255,255);text-decoration-style:initial;text-deco= ration-color:initial;float:none;display:inline"><span style=3D"color:rgb(34= ,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font= -variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-s= pacing:normal;text-align:start;text-indent:0px;text-transform:none;white-sp= ace:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decorati= on-style:initial;text-decoration-color:initial;float:none;display:inline">M= arkus</span></span></div><div><span style=3D"color:rgb(34,34,34);font-famil= y:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures= :normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text= -align:start;text-indent:0px;text-transform:none;white-space:normal;word-sp= acing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;t= ext-decoration-color:initial;float:none;display:inline"><span style=3D"colo= r:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:nor= mal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;= letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;= white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-= decoration-style:initial;text-decoration-color:initial;float:none;display:i= nline"><br></span></span></div><div><br></div><blockquote class=3D"gmail_qu= ote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,20= 4);padding-left:1ex">I'd like to propose a different approach to 64 bit= s on 32 bit CPUs;<br> something like this:<br>[...]<br>lmdb.h<br> @@ -187,7 +187,15 @@<br> =C2=A0# define MDB_FMT_Z=C2=A0 =C2=A0 =C2=A0"z"=C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0/**< printf/s= canf format modifier for size_t */<br> =C2=A0#endif<br> <br> -#ifndef MDB_VL32<br> +#if defined(MDB_VL32) && defined(MDB_SIZE64)<br> +#error either define MDB_VL32 OR MDB_SIZE64<br> +#endif<br> +#ifdef MDB_SIZE64<br> +typedef uint64_t=C2=A0 =C2=A0 =C2=A0 =C2=A0mdb_size_t;<br> +# define MDB_SIZE_MAX=C2=A0 SIZE_MAX=C2=A0 =C2=A0 =C2=A0 =C2=A0 /**< ma= x #mdb_size_t */<br> +# define MDB_PRIy(t)=C2=A0 =C2=A0PRI##t##64<br> +# define MDB_SCNy(t)=C2=A0 =C2=A0SCN##t##64<br> +#elif !defined(MDB_VL32))<br> =C2=A0/** Unsigned type used for mapsize, entry counts and page/transaction= IDs.<br> =C2=A0 *<br> =C2=A0 *=C2=A0 =C2=A0 =C2=A0It is normally size_t, hence the name. Defining= MDB_VL32 makes it<br> </blockquote></div><br></div></div> --001a114db4265d5f2405669693c3--

1 0

(ITS#8813) MDB_VL32 causes MDB_TXN_FULL
by markus＠greenrobot.de 04 Mar '18

04 Mar '18

Full_Name: Markus Junginger Version: OS: URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (77.189.91.168) We have a 1GB LMDB file with 7M K/V entries. With MDB_VL32, we always get a MDB_TXN_FULL error for a transaction that is removing 2M entries (probably fails at a lower count, we haven't measured that). Without MDB_VL32 it works fine. Another observation: Once the transaction fails with MDB_TXN_FULL, the data file has grown to 1.5GB. Without MDB_VL32, the data file stays consistent at 1 GB even if all 7M entries are deleted in a single transaction. Expected behavior: No MDB_TXN_FULL error, no data file growth.

1 0

Re: (ITS#8618) ldapsearch - unexpected behavior with
by arekkusu＠r42.ch 04 Mar '18

04 Mar '18

Andry, I am sorry but I still don't understand... - You are saying ldapsearch internally converts '-h' and '-p' parameters into a URI, correct ? - The '-p' option in ldapsearch is optional, if it's not set it should use the default LDAP port (TCP/389). In the example bellow, when I am calling ldapsearch without specifying the port (1), it does not say anything about the ldap URI being invalid. It simply tries to connect to '/example.org:389' and fails. (which is expected). On the other hand the same example with the option '-p 389' added, result in the query going to localhost (2). I don't understand why. The default LDAP port is TCP/389, therefore I would expect ldapsearch to behave in the same way regardless if the '-p 389' argument is provided or not. (1) $ ldapsearch -x -d 255 -h /example.org ldap_create ldap_url_parse_ext(ldap://% 2Fexample.org) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ld ap_int_open_connection ldap_connect_to_host: TCP /example.org:389 ldap_connect_to_ host: getaddrinfo failed: Name or service not known ldap_err2string ldap_sasl_bind (SIMPLE): Can't contact LDAP server (-1) (2) $ ldapsearch -x -d 255 -h /example.org -p 389 ldap_create ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP localhost:389 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying ::1 389 ldap_pvt_connect: fd: 3 tm: -1 async: 0 attempting to connect: connect errno: 111 ldap_close_socket: 3 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 127.0.0.1:389 ldap_pvt_connect: fd: 3 tm: -1 async: 0 attempting to connect: connect errno: 111 ldap_close_socket: 3 ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Best, Alex On Sat, 2018-03-03 at 16:24 +0000, andrew.lawrence(a)siemens.com wrote: > @Alex The difference in behaviour is because it constructs a uri from the h= > ostname and port. If there is no port you end up with an invalid uri. I am = > not sure if this is necessarily a good thing. > > Cheers, > Andy > > >

1 0

Re: (ITS#8639) Remove support for LANMAN
by andrew.lawrence＠siemens.com 03 Mar '18

03 Mar '18

Hi, Is this just the support for LANMAN hashes of passwords in slapd? There seems to also be some stand alone support for samba LANMAN passwords = in the smbk5pwd module. Cheers, Andy

1 0

Re: (ITS#8618) ldapsearch - unexpected behavior with
by andrew.lawrence＠siemens.com 03 Mar '18

03 Mar '18

@Alex The difference in behaviour is because it constructs a uri from the h= ostname and port. If there is no port you end up with an invalid uri. I am = not sure if this is necessarily a good thing. Cheers, Andy

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs March 2018