openldap-bugs March 2020

openldap-bugs@openldap.org

9 participants
1404 discussions

[Bug 9001] try_read1msg() takes O(n) steps to lookup a matching request
by openldap-its＠openldap.org 31 Mar '20

31 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=9001 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=8345 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8837] fix pw-pbkdf2 manpage name to get it installed
by openldap-its＠openldap.org 30 Mar '20

30 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=8837 --- Comment #7 from Quanah Gibson-Mount <quanah(a)openldap.org> --- I was really planning to get this fixed as part of 8628, which covers a bunch of modules with the same problem.. ;) -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9156] latest ppolicy draft support
by openldap-its＠openldap.org 30 Mar '20

30 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=9156 --- Comment #5 from Ondřej Kuzník <ondra(a)mistotebe.net> --- On Fri, Mar 27, 2020 at 05:02:02PM +0000, openldap-its(a)openldap.org wrote: > Hello, > > Here are the things I have basically tested: > > - pwdLastSuccess, pwdMaxIdle: KO: the user is able to authenticate after the > pwdMaxIdle delay. Also, the pwdLastSuccess is never written (see > https://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-5.…). > For information, I have enabled lastbind. The slapo-ppolicy man page does not > mention pwdLastSuccess by the way. Hi David, could you show a configuration when this happens? I cannot reproduce either issue on master. I will update the manpage to mention pwdLastSuccess is used. > - pwdStartTime, pwdEndTime: OK, but there is no special ppolicy code returned, > and if I read correctly the draft > (https://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-7.1), > an "accountLocked" extended error code should be triggered. Again, can't seem to be able to reproduce that and test022-ppolicy passes for me. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9086] Add debug logging for GnuTLS configuration errors
by openldap-its＠openldap.org 29 Mar '20

29 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=9086 --- Comment #2 from Ryan Tandy <ryan(a)openldap.org> --- https://git.openldap.org/openldap/openldap/-/merge_requests/17 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8837] fix pw-pbkdf2 manpage name to get it installed
by openldap-its＠openldap.org 29 Mar '20

29 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=8837 Ryan Tandy <ryan(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |TEST Status|UNCONFIRMED |RESOLVED --- Comment #6 from Ryan Tandy <ryan(a)openldap.org> --- Fixed in d86caacaa1772e0c9a4c856558e1c5d538c5b549 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8456] slapacl segfaults with mdb if object does not exists
by openldap-its＠openldap.org 27 Mar '20

27 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=8456 Ryan Tandy <ryan(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |WORKSFORME Status|UNCONFIRMED |RESOLVED --- Comment #2 from Ryan Tandy <ryan(a)openldap.org> --- Hello, Thank you for the report, however I cannot reproduce this segfault, with 2.4.42 or with any other version I tried. e.g. # slapacl -D cn=admin,dc=example,dc=com -u -b uid=nonexistent,dc=example,dc=com objectClass authcDN: "cn=admin,dc=example,dc=com" objectClass: manage(=mwrscxd) Closing as WORKSFORME, feel free to reopen if you can still reproduce. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 7530] gethostbyname_r fails if initial buffer size is too small
by openldap-its＠openldap.org 27 Mar '20

27 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=7530 Ryan Tandy <ryan(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |CONFIRMED -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9057] Makefile:291: recipe for target 'mdb-yes' failed
by openldap-its＠openldap.org 27 Mar '20

27 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=9057 Ryan Tandy <ryan(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |WORKSFORME --- Comment #1 from Ryan Tandy <ryan(a)openldap.org> --- Hello, The TLS tests are passing for me on Ubuntu 18.04. I will close this bug now. If you still reproduce this failure, please reopen the bug and attach the file "tests/testrun/test.out". Thank you! -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8729] saslregex mapping failure
by openldap-its＠openldap.org 27 Mar '20

27 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=8729 Ryan Tandy <ryan(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |WORKSFORME Status|UNCONFIRMED |RESOLVED --- Comment #1 from Ryan Tandy <ryan(a)openldap.org> --- Hello, I'm afraid I can't reproduce this. I'm using OpenLDAP 2.4.47 and Heimdal on Debian buster. I've configured slapd both as a server (allowing clients to authenticate using GSSAPI) and as a client (running a syncrepl client with GSSAPI bind). I have broken the setup in a bunch of different ways (removing slapd's credentials cache; stopping the KDC; entering wrong info in /etc/krb5.conf; deleting /etc/krb5.conf) and I have not seen it fail to respect my olcAuthzRegexp rules for EXTERNAL (tested ldapi: gidNumber/uidNumber as well as TLS client cert). Marking WORKSFORME, but feel free to reopen if you can provide further info about your case. Thanks! -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8376] Use getaddrinfo to resolve FQDN
by openldap-its＠openldap.org 27 Mar '20

27 Mar '20

https://bugs.openldap.org/show_bug.cgi?id=8376 --- Comment #13 from Ryan Tandy <ryan(a)openldap.org> --- I may have set up my environment incorrectly for this, but I don't see how the patch fixes the issue described, since getaddrinfo() is also backed by NSS. With the patch applied (note getaddrinfo() at #7) I still see nss_ldap deadlocking with itself: (gdb) bt #0 0x00007ffff7d1329c in __lll_lock_wait () from /lib/x86_64-linux-gnu/libpthread.so.0 #1 0x00007ffff7d0c714 in pthread_mutex_lock () from /lib/x86_64-linux-gnu/libpthread.so.0 #2 0x00007ffff7dd8683 in _nss_ldap_enter () at ldap-nss.c:595 #3 0x00007ffff7dd9fbc in _nss_ldap_getbyname (args=args@entry=0x7fffffffc500, result=0x7fffffffc650, buffer=0x7fffffffc8c0 "\377\002", buflen=1024, errnop=0x7ffff7fcb4c0, filterprot=0x7ffff7dee980 <_nss_ldap_filt_gethostbyname> "(&(objectClass=ipHost)(cn=%s))", sel=LM_HOSTS, parser=0x7ffff7ddc5e0 <_nss_ldap_parse_hostv4>) at ldap-nss.c:3509 #4 0x00007ffff7ddc645 in _nss_ldap_gethostbyname2_r (af=<optimized out>, h_errnop=0x7ffff7fcb524, errnop=<optimized out>, buflen=<optimized out>, buffer=<optimized out>, result=<optimized out>, name=<optimized out>) at ldap-hosts.c:287 #5 _nss_ldap_gethostbyname2_r (name=<optimized out>, af=<optimized out>, result=<optimized out>, buffer=<optimized out>, buflen=<optimized out>, errnop=<optimized out>, h_errnop=0x7ffff7fcb524) at ldap-hosts.c:269 #6 0x00007ffff7eebfb7 in ?? () from /lib/x86_64-linux-gnu/libc.so.6 #7 0x00007ffff7eece37 in getaddrinfo () from /lib/x86_64-linux-gnu/libc.so.6 #8 0x00007ffff7db257e in ldap_pvt_get_fqdn (name=0x7fffffffcd50 "t570", name@entry=0x0) at util-int.c:866 #9 0x00007ffff7db09c5 in ldap_int_initialize (gopts=gopts@entry=0x7ffff7dcfde0 <ldap_int_global_options>, dbglvl=dbglvl@entry=0x0) at init.c:645 #10 0x00007ffff7d97122 in ldap_create (ldp=ldp@entry=0x7fffffffcec8) at open.c:109 #11 0x00007ffff7d9737f in ldap_initialize (ldp=ldp@entry=0x7ffff7de8360 <__session>, url=url@entry=0x7ffff7de8be8 <__configbuf+1480> "ldap://::1") at open.c:241 #12 0x00007ffff7dd7796 in do_init_session (ld=0x7ffff7de8360 <__session>, defport=0, uri=0x7ffff7de8be8 <__configbuf+1480> "ldap://::1") at ldap-nss.c:1066 #13 do_init () at ldap-nss.c:1360 #14 0x00007ffff7dd8a73 in _nss_ldap_search_s (args=args@entry=0x7fffffffe8e0, filterprot=filterprot@entry=0x7ffff7dee980 <_nss_ldap_filt_gethostbyname> "(&(objectClass=ipHost)(cn=%s))", sel=sel@entry=LM_HOSTS, user_attrs=user_attrs@entry=0x0, sizelimit=sizelimit@entry=1, res=res@entry=0x7fffffffe870) at ldap-nss.c:3098 #15 0x00007ffff7dd9ff3 in _nss_ldap_getbyname (args=args@entry=0x7fffffffe8e0, result=0x7ffff7fc8060, buffer=0x55555555e8d0 "\377\002", buflen=1024, errnop=0x7ffff7fcb4c0, filterprot=0x7ffff7dee980 <_nss_ldap_filt_gethostbyname> "(&(objectClass=ipHost)(cn=%s))", sel=LM_HOSTS, parser=0x7ffff7ddc5e0 <_nss_ldap_parse_hostv4>) at ldap-nss.c:3517 #16 0x00007ffff7ddc645 in _nss_ldap_gethostbyname2_r (af=<optimized out>, h_errnop=0x7fffffffe9ec, errnop=<optimized out>, buflen=<optimized out>, buffer=<optimized out>, result=<optimized out>, name=<optimized out>) at ldap-hosts.c:287 #17 _nss_ldap_gethostbyname2_r (name=<optimized out>, af=<optimized out>, result=<optimized out>, buffer=<optimized out>, buflen=<optimized out>, errnop=<optimized out>, h_errnop=0x7fffffffe9ec) at ldap-hosts.c:269 #18 0x00007ffff7f148b5 in gethostbyname2_r () from /lib/x86_64-linux-gnu/libc.so.6 #19 0x00007ffff7f145ac in gethostbyname2 () from /lib/x86_64-linux-gnu/libc.so.6 #20 0x0000555555558bc7 in ?? () #21 0x000055555555771c in ?? () #22 0x00007ffff7e2d09b in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6 #23 0x00005555555577ea in ?? () What am I missing, please? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

← Newer
1
2
3
4
5
6
7
...
141
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs March 2020