openldap-bugs November 2021

openldap-bugs@openldap.org

1 participants
117 discussions

[Issue 9733] New: ppolicy.c:66:2: error: unknown type name ‘lt_dlhandle’
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9733 Issue ID: 9733 Summary: ppolicy.c:66:2: error: unknown type name ‘lt_dlhandle’ Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: smillerdev(a)me.com Target Milestone: --- On both Linux and macOS in Homebrew, there is a failure trying to compile OpenLDAP 2.6.0: /bin/sh ../../../libtool --tag=disable-shared --mode=compile gcc-5 -g -O2 -I../../../include -I../../../include -I.. -I./.. -I./../slapi -c log.c ppolicy.c:66:2: error: unknown type name ‘lt_dlhandle’ lt_dlhandle pwdCheckHandle; /* handle from lt_dlopen */ ^ on macOS there is also an additional errror: ppolicy.c:458:4: error: initializer element is not a compile-time constant (void *)offsetof(pp_info,hash_passwords), ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ See https://github.com/Homebrew/homebrew-core/pull/88036 for the full output -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9691] New: Allow syncrepl persist sessions against empty DBs
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9691 Issue ID: 9691 Summary: Allow syncrepl persist sessions against empty DBs Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review, replication Severity: enhancement Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- One way to set up an environment is to start with a completely empty DB, configure all nodes and replication paths and then populate them. Right now, the syncrepl sessions get rejected with a 32 NO_SUCH_OBJECT, triggering the retry cascade. Both the consumer and provider have an empty cookie, so they are in sync and we could actually transition to a persist phase and let the session proceed. This way the environment would start replicating almost immediately after first entries are added. Mind that ITS#9584 still pushes concurrent refreshes into the retry logic adding a short delay before *all* configured links are set up. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9751] New: Delta-MPR resolution too eager to drop attribute deletes
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9751 Issue ID: 9751 Summary: Delta-MPR resolution too eager to drop attribute deletes Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review, replication Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- syncrepl_resolve_cb will completely drop an attribute delete (or the delete part of replace) if there's a "newer" (timestamp-wise) op touching the same attribute. This way servers processing the "out of order" write end up keeping values that should have been removed (and have been on those that received it in the natural order). -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9756] New: syncprov_play_accesslog doesn't check minCSN properly
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9756 Issue ID: 9756 Summary: syncprov_play_accesslog doesn't check minCSN properly Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- When asked to replay the accesslog database for a refresh delete, syncprov doesn't interpret the minCSN data correctly, resulting in: - an inaccurate refresh if a purge removed some important data in the meantime - potentially a very expensive query when consumer is actually up to date w.r.t. to some sids in our contextCSN -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9752] New: Improperly normalized minCSN values in accesslog
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9752 Issue ID: 9752 Summary: Improperly normalized minCSN values in accesslog Product: OpenLDAP Version: 2.5.9 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- The CSN matching rules require normalized values to be provided. When normalized values are provided to attr_merge they must be distinct from the regular values. accesslog.c:1982 is providing the same berval in both regular and normalized value, which triggers an assert failure for this consistency check. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9747] New: dynlist overlay breaks member compare operation for groups
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9747 Issue ID: 9747 Summary: dynlist overlay breaks member compare operation for groups Product: OpenLDAP Version: 2.5.8 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: henson(a)acm.org Target Milestone: --- Given the following group: dn: uid=unxadmin,ou=group,dc=cpp,dc=edu objectClass: groupOfNames objectClass: cppGroup objectClass: posixGroup uid: unxadmin cn: Unix Administrators gidNumber: 17730 member: member: uid=gkuri,ou=user,dc=cpp,dc=edu member: uid=henson,ou=user,dc=cpp,dc=edu memberUid: gkuri memberUid: henson and the following dynlist config: dynlist-attrset groupOfURLs memberURL member+memberOf@groupOfNames ldap compare operations checking group membership fail erroneously: # ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/ uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu FALSE If the dynlist-attrset configuration is removed, the compare works as expected: # ldapcompare -x -H ldaps://ldap-vmc-01.ldap.cpp.edu/ uid=unxadmin,ou=group,dc=cpp,dc=edu member:uid=henson,ou=user,dc=cpp,dc=edu TRUE -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9749] New: logoldattr documentation is misleading
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9749 Issue ID: 9749 Summary: logoldattr documentation is misleading Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Reading the accesslog manpage, someone might expect that attributes specified in logoldattr would be logged regardless of whether the entry being modified matches any of the configured filters. This is not the case and should be clarified. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9707] New: Documentation synchronisation ODSEE --> openldap
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9707 Issue ID: 9707 Summary: Documentation synchronisation ODSEE --> openldap Product: OpenLDAP Version: 2.5.4 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: laurent.revillion(a)icloud.com Target Milestone: --- There is no documentation about the synchronisation between ODSEE and Openldap 2.5. Will there be one? -- You are receiving this mail because: You are on the CC list for the issue.

1 16

[Issue 9753] New: back-mdb index incorrect on modify/replace
by openldap-its＠openldap.org 20 Jan '22

20 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9753 Issue ID: 9753 Summary: back-mdb index incorrect on modify/replace Product: OpenLDAP Version: 2.4.6 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- When doing a modify/replace on an indexed attribute, back-mdb only deletes the old values from the index and doesn't add the new values into the index. -- You are receiving this mail because: You are on the CC list for the issue.

1 24

[Issue 9538] New: Accesslog entryCSN ordering is not always monotonous
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9538 Issue ID: 9538 Summary: Accesslog entryCSN ordering is not always monotonous Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- For delta-sync replication, we rely on CSN order being preserved at all times. When logops includes anything more than "writes", we don't use li_op_rmutex to maintain serialisation. A concurrent write and another operation (like bind) can have the write have its csn assigned before the bind. But before the write finishes on the main DB and is logged, the bind has already hit accesslog. This entry out of order doesn't match the usual filter, so non-persist sessions will not notice, however running persist sessions could get a new cookie sent, depending on how things are ordered when they hit syncprov. A sample: ---- 8< ---- Apr 26 19:56:04 localhost slapd[43930]: conn=1003 op=41 ADD dn="uid=dm01-R1H2-41660,ou=People,dc=example,dc=com" Apr 26 19:56:04 localhost slapd[43930]: conn=1003 op=41 syncprov_matchops: recording uuid for dn=reqStart=20210426195604.000350Z,cn=accesslog on opc=0x7d3d2800dc50 Apr 26 19:56:04 localhost slapd[43930]: slap_get_csn: conn=1003 op=42 generated new csn=20210426195604.556053Z#000000#002#000000 manage=1 Apr 26 19:56:04 localhost slapd[43930]: slap_queue_csn: queueing 0x7d3d38148f60 20210426195604.556053Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: conn=1005 op=1 BIND dn="dc=example,dc=com" method=128 Apr 26 19:56:04 localhost slapd[43930]: conn=1005 op=1 BIND dn="dc=example,dc=com" mech=SIMPLE bind_ssf=0 ssf=256 Apr 26 19:56:04 localhost slapd[43930]: conn=1003 op=41 RESULT tag=105 err=0 qtime=0.005874 etime=0.015182 text= Apr 26 19:56:04 localhost slapd[43930]: slap_get_csn: conn=1005 op=1 generated new csn=20210426195604.558683Z#000000#002#000000 manage=1 Apr 26 19:56:04 localhost slapd[43930]: slap_queue_csn: queueing 0x561f09113f80 20210426195604.558683Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: conn=1005 op=1 syncprov_matchops: recording uuid for dn=reqStart=20210426195604.000364Z,cn=accesslog on opc=0x561f0900fcf0 Apr 26 19:56:04 localhost slapd[43930]: conn=1002 op=2 syncprov_qresp: set up a new syncres mode=4 csn=20210426195604.558683Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: conn=1001 op=2 syncprov_qresp: set up a new syncres mode=4 csn=20210426195604.558683Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: conn=1000 op=2 syncprov_qresp: set up a new syncres mode=4 csn=20210426195604.558683Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: slap_graduate_commit_csn: removing 0x561f09113f80 20210426195604.558683Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: conn=1005 op=1 RESULT tag=97 err=0 qtime=0.000020 etime=0.004297 text= Apr 26 19:56:04 localhost slapd[43930]: slap_queue_csn: queueing 0x7d3d38148250 20210426195604.556053Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: slap_graduate_commit_csn: removing 0x7d3d38148250 20210426195604.556053Z#000000#002#000000 Apr 26 19:56:04 localhost slapd[43930]: slap_graduate_commit_csn: removing 0x7d3d38148f60 20210426195604.556053Z#000000#002#000000 ---- 8< ---- Example entries in the order slapcat sees them: ---- 8< ---- dn: reqStart=20210426195604.000364Z,cn=accesslog objectClass: auditBind reqStart: 20210426195604.000364Z reqEnd: 20210426195604.000365Z reqType: bind entryCSN: 20210426195604.558683Z#000000#002#000000 dn: reqStart=20210426195604.000351Z,cn=accesslog objectClass: auditAdd reqStart: 20210426195604.000351Z reqEnd: 20210426195604.000366Z reqType: add entryCSN: 20210426195604.556053Z#000000#002#000000 ---- 8< ---- -- You are receiving this mail because: You are on the CC list for the issue.

1 20

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs November 2021