openldap-bugs October 2021

openldap-bugs@openldap.org

1 participants
176 discussions

[Issue 9729] New: Allow setting multiprovider before adding syncrepl stanzas
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9729 Issue ID: 9729 Summary: Allow setting multiprovider before adding syncrepl stanzas Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- It should be possible to set multiprovider first, avoiding the window of the DB being read-only while performing an online upgrade of a single provider to an MPR set up and generally simplifying configuration. Instead, the only requirement should be that serverID has been explicitly set (hopefully != 0). -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9493] New: slapo-accesslog handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 14 Dec '21

14 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9493 Issue ID: 9493 Summary: slapo-accesslog handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: 2.4.57 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: svella(a)technologist.com Target Milestone: --- I observed this in the debugger while working on a small feature addition to slapo-accesslog. log_cf_gen(), when handling the initial configuration of oldAccessLogOldAttr (accesslog.c:989), linked list li_oldattrs is being built by inserting each value in order at the head of the list, resulting in the list being in reverse order. But when handling LDAP_MOD_DELETE of same attribute (accesslog.c:989), it is using the index of the removed value (valx) to find and removed the entry in the linked list, but it's counting from the head of li_oldattrs and not the tail, resulting in the wrong item being removed from the list unless counting from the head or the tail happens find the same item. (Line numbers refer to commit 6c469f07935e351e349bf38fc223dab704c51a76) Handling of oldAccessLogBase appears to have the same problem, and a cursory glance through the source of other overlays reveals a similar pattern, and I'm guessing the same problem. -- You are receiving this mail because: You are on the CC list for the issue.

1 21

[Issue 9282] New: Syncrepl re-creates deleted entry
by openldap-its＠openldap.org 13 Dec '21

13 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9282 Issue ID: 9282 Summary: Syncrepl re-creates deleted entry Product: OpenLDAP Version: 2.4.50 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Scenario: 2 node Multi-provider replication Add database to provider A ensure database replicates to provider B Stop provider A delete entry on provider B Start provider A Wait for provider B to reconnect to provider A Deleted entry re-appears -- You are receiving this mail because: You are on the CC list for the issue.

1 22

[Issue 9732] New: OpenLDAP TLS ciphersuite and groups limit issue
by openldap-its＠openldap.org 29 Oct '21

29 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9732 Issue ID: 9732 Summary: OpenLDAP TLS ciphersuite and groups limit issue Product: OpenLDAP Version: 2.4.54 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: narayananballem(a)gmail.com Target Milestone: --- Hi Team, Hope you can help with this issue. I am trying to disable SSLV3 on OpenLDAP servers we are using OpenLDAP as a proxy with upstream Active directory servers. we are using CA certs on this openssl we would like to disable SSLV3 I added the below entry slapd.conf but when I tried to start slapd it's failing to start TLSCipherSuite HIGH:MEDIUM:!SSLv2:!SSLV3 errors as below slapd[19899]: main: TLS init def ctx failed: -1 slapd[19899]: slapd stopped. slapd[19899]: connections_destroy: nothing to destroy. debug logs restart as below TLS: could not set cipher list HIGH:MEDIUM:!SSLv2:!SSLV3. 617c64c1 main: TLS init def ctx failed: -1 617c64c1 slapd stopped. Also, did anybody notice this issue? I am facing the issue with a group display we have several users in group while looking for groups in getent group we are seeing a few groups not sure if there is any limit on group filed in Database -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9002] Add option to slapcat to honor rtxnsize setting
by openldap-its＠openldap.org 28 Oct '21

28 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9002 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=8226 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8226] long searches are bad for back-mdb
by openldap-its＠openldap.org 28 Oct '21

28 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8226 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9002 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9715] New: Consolidate code for loglevel/logfile for better shared usage between slapd and lloadd
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9715 Issue ID: 9715 Summary: Consolidate code for loglevel/logfile for better shared usage between slapd and lloadd Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- In a future release, consolidate logging code, loglevel bits to be better shared between slapd and stand-alone lloadd. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9723] New: C_EOF not reset in mdb_cursor_get with MDB_FIRST_DUP
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9723 Issue ID: 9723 Summary: C_EOF not reset in mdb_cursor_get with MDB_FIRST_DUP Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: stephan.j.bircher(a)gmail.com Target Milestone: --- I'm on the master branch of lmdb. Steps to reproduce // search for an non-existent key rc = mdb_cursor_get(cursor, &key, &val, MDB_SET_RANGE); if (rc == MDB_NOTFOUND) { // C_EOF is not set on the cursor flags // go to the last. // C_EOF remains set which is ok mdb_cursor_get(mdbCursor, &key, &val, MDB_LAST); // go to the first dup of the last // C_EOF remains set which is NOT OK mdb_cursor_get(mdbCursor, &key, &val, MDB_FIRST_DUP); // return MDB_NOTFOUND in any case whether there are duplicates or not // because C_EOF was not cleared mdb_cursor_get(mdbCursor, &key, &val, MDB_NEXT_NODUP); } Possible fix: case MDB_FIRST_DUP: mfunc = mdb_cursor_first; mmove: if (data == NULL || !(mc->mc_flags & C_INITIALIZED)) { rc = EINVAL; break; } if (mc->mc_xcursor == NULL) { rc = MDB_INCOMPATIBLE; break; } if (mc->mc_ki[mc->mc_top] >= NUMKEYS(mc->mc_pg[mc->mc_top])) { mc->mc_ki[mc->mc_top] = NUMKEYS(mc->mc_pg[mc->mc_top]); rc = MDB_NOTFOUND; break; } { MDB_node *leaf = NODEPTR(mc->mc_pg[mc->mc_top], mc->mc_ki[mc->mc_top]); if (!F_ISSET(leaf->mn_flags, F_DUPDATA)) { MDB_GET_KEY(leaf, key); rc = mdb_node_read(mc, leaf, data); break; } } if (!(mc->mc_xcursor->mx_cursor.mc_flags & C_INITIALIZED)) { rc = EINVAL; break; } rc = mfunc(&mc->mc_xcursor->mx_cursor, data, NULL); // FIX: clear C_EOF if (rc == MDB_SUCCESS && mc->mc_flags & C_EOF && mfunc == mdb_cursor_first) { mc->mc_flags ^= C_EOF; } break; -- You are receiving this mail because: You are on the CC list for the issue.

1 10

[Issue 9492] New: Add local logging capa
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9492 Issue ID: 9492 Summary: Add local logging capa Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: mhardin(a)symas.com Target Milestone: --- Enhancement request: Add capability to slapd to log to a local file with log rotation features. Log format should not change from syslog-generated log style. -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9641] New: accesslog when logging failed operations interferes with deltasync
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9641 Issue ID: 9641 Summary: accesslog when logging failed operations interferes with deltasync Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: replication Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Take delta-MPR setup and accesslog configured with logsuccess off. We encounter a conflicting write (one that fails to apply in the DB) and fall back to plain syncrepl. Since we are configured to log that write, syncprov sees it (it is a failure, so doesn't match filter, which should contain reqResult=0) and sends a LDAP_SYNC_NEW_COOKIE with that CSN to our delta-consumers. While we apply this write locally in the fallback session, the consumers will skip what they see as a duplicate and lose the change. My understanding is that for failed operations, we should ignore the CSN we received with the operation and instead set up a new one (with our own sid). -- You are receiving this mail because: You are on the CC list for the issue.

1 6

← Newer
1
...
6
7
8
9
10
11
12
...
18
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs October 2021