https://bugs.openldap.org/show_bug.cgi?id=9348
Issue ID: 9348
Summary: libldap uses deprecated symbols sys_errlist and
sys_nerr
Product: OpenLDAP
Version: 2.4.53
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: libraries
Assignee: bugs(a)openldap.org
Reporter: ditu.alexandru(a)gmail.com
Target Milestone: ---
Starting with libc >= 2.32 the symbols sys_errlist and sys_nerr are removed:
From the release notes
(https://sourceware.org/git/?p=glibc.git;a=blob_plain;f=NEWS;hb=HEAD):
* The deprecated symbols sys_errlist, _sys_errlist, sys_nerr, and _sys_nerr
are no longer available to newly linked binaries, and their declarations
have been removed from from <stdio.h>. They are exported solely as
compatibility symbols to support old binaries. All programs should use
strerror or strerror_r instead.
Their usage should be removed from libldap (include/ac/errno.h) and replaced
with strerror or strerror_r.
Otherwise any library that uses libldap compiled with libc < 2.32 won't run on
systems that use newer libc versions (>= 2.32).
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9346
Issue ID: 9346
Summary: test063 only supports 2 servers, should handle up to 9
Product: OpenLDAP
Version: 2.4.52
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: hyc(a)openldap.org
Target Milestone: ---
And the default should be 4, as with test050 etc.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9344
Issue ID: 9344
Summary: test067-tls fails on solaris 10 due to unescaped
quotes in quoted string
Product: OpenLDAP
Version: 2.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
This statement in test067 causes it to fail in solaris 10:
TLS_PEERKEY_HASHED_FAIL="$TLS_PEERKEY_HASHALG:`echo "a fake key to
hash" | \
"${openssl}" dgst "-$TLS_PEERKEY_HASHALG" -binary 2>/dev/null |
\
"${openssl}" enc -base64 2>/dev/null`"
Solaris10's shell requires the quotes here to be escaped, like:
TLS_PEERKEY_HASHED_FAIL="$TLS_PEERKEY_HASHALG:`echo \"a fake key to
hash\" | \
"${openssl}" dgst "-$TLS_PEERKEY_HASHALG" -binary 2>/dev/null |
\
"${openssl}" enc -base64 2>/dev/null`"
With this change the test passes
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9335
Issue ID: 9335
Summary: test068 fails when openldap is built without SASL
support
Product: OpenLDAP
Version: 2.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
Need to fix test068 to test for SASL support.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9333
Issue ID: 9333
Summary: Delete TIMING variable from test suite
Product: OpenLDAP
Version: 2.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
The TIMING variable used in the test suite was introduced in OpenLDAP 2.0 for
the "bdb2" backend which hasn't existed in decades. The elapsed time data that
is generated in 2.5 supersedes this functionality as well.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9311
Issue ID: 9311
Summary: Singular overlays should be flagged as such
Product: OpenLDAP
Version: 2.4.51
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: overlays
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
After the fix for issue#9309 it is now possible to ensure the singularity of
overlays that should only be instantiated once on a DB. Currently only two are
marked this way: ppolicy and rwm.
The following overlays should also be marked this way:
auditlog
autoca
collect
constraint
dds
deref
dyngroup
dynlist
seqmod
sssvlv
syncprov
unique
valsort
The following overlays it is valid to have multiple instances:
accesslog
memberOf
pcache
refint
retcode
translucent
The contrib overlays need examining as well.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9307
Issue ID: 9307
Summary: --enable-<option>=mod should require --enable-modules
Product: OpenLDAP
Version: 2.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: ryan(a)openldap.org
Target Milestone: ---
In master/RE25,
./configure --enable-backends=mod
fails with:
checking configure arguments... configure: error: slapd requires a backend
if --enable-modules is not also specified.
In RE24, and for overlays in both versions, the specified modules get switched
to static automatically, and a warning is emitted for each:
configure: WARNING: building static accesslog overlay
The behaviour was changed in issue 8224; the idea was to have it fail earlier
if neither loadable module support nor any static backend was selected, but the
error is not clear enough.
Quanah and I agreed that it would be better to fail with an explicit error
message in this case, rather than automatically do something different than
requested.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9280
Issue ID: 9280
Summary: A read-only ppolicy installation
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: overlays
Assignee: bugs(a)openldap.org
Reporter: ondra(a)mistotebe.net
Target Milestone: ---
There might be environments where letting ppolicy write into the local database
is not appropriate, but neither is chaining. It should be possible to skip the
modifications altogether.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9264
Issue ID: 9264
Summary: Add lock to slapo-unique to delay new ops until
current op is complete
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: overlays
Assignee: bugs(a)openldap.org
Reporter: gnoe(a)symas.com
Target Milestone: ---
Locking is needed in slapo-unique to prevent duplicate values when new
operations are started before previous operations are completed.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9242
Bug ID: 9242
Summary: build failure with OpenSSL 0.9.7: EVP_sha256()
undefined
Product: OpenLDAP
Version: 2.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: ryan(a)openldap.org
Target Milestone: ---
git master fails to build with OpenSSL 0.9.7d:
$ openssl version
OpenSSL 0.9.7d 17 Mar 2004 (+ security fixes for: CVE-2005-2969 CVE-2006-2937
CVE-2006-2940 CVE-2006-3738 CVE-2006-4339 CVE-2006-4343 CVE-2006-7250
CVE-2007-5135 CVE-2007-3108 CVE-2008-5077 CVE-2008-7270 CVE-2009-0590
CVE-2009-2409 CVE-2009-3555 CVE-2010-4180 CVE-2011-4576 CVE-2011-4619
CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2131 CVE-2012-2333)
$ ./configure --with-tls=openssl --disable-slapd && make
[...]
libtool: link: gcc -g -O2 -o apitest apitest.o -L/usr/sfw/lib
./.libs/libldap.a /export/home/ryan/openldap/libraries/liblber/.libs/liblber.a
../../libraries/liblber/.libs/liblber.a ../../libraries/liblutil/liblutil.a
-lsasl -lssl -lcrypto -lresolv -lgen -lnsl -lsocket -R/usr/sfw/lib
Undefined first referenced
symbol in file
EVP_sha256 ./.libs/libldap.a(tls_o.o)
ld: fatal: symbol referencing errors. No output written to apitest
collect2: ld returned 1 exit status
*** Error code 1
The SHA-2 algorithms were first added in OpenSSL 0.9.8.
If the use of EVP_sha256() is to be unconditional, please make configure fail
if an older version is detected, and update the documentation as well (i.e.
admin guide for 2.5).
(This could also be an opportunity to make the CRL feature unconditional;
currently it is enabled only with OpenSSL 0.9.7d or later.)
--
You are receiving this mail because:
You are on the CC list for the bug.