openldap-bugs February 2021

openldap-bugs@openldap.org

1 participants
522 discussions

[Issue 7259] slapo-policy count bytes not characters
by openldap-its＠openldap.org 24 Feb '21

24 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=7259 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |FIXED --- Comment #3 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • 3925b8e0 by Ondřej Kuzník at 2021-02-24T13:19:40+00:00 ITS#7259 Clarify password length considerations -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7832] Proposing ppolicy extended module for OpenLDAP
by openldap-its＠openldap.org 24 Feb '21

24 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=7832 --- Comment #18 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Quanah Gibson-Mount from comment #17) > (In reply to Quanah Gibson-Mount from comment #16) > > > > - I get a segfault when my client first connects to slapd when I compile > > > master branch with: > > Also please provide the exact configuration file or cn=config database you > are testing with. Additionally, file the fact it's crashing as its own issue with the above config as an attachment. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9347] ppolicy: Password policy not applied when pwdMaxAge overflows max int (32-bit)
by openldap-its＠openldap.org 24 Feb '21

24 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=9347 --- Comment #3 from Ondřej Kuzník <ondra(a)mistotebe.net> --- https://git.openldap.org/ondra/openldap/-/tree/its9347 tries to add better logs and potentially above mentioned fallback, if that's found to be desirable. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9347] ppolicy: Password policy not applied when pwdMaxAge overflows max int (32-bit)
by openldap-its＠openldap.org 24 Feb '21

24 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=9347 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Group|OpenLDAP-devs | --- Comment #2 from Ondřej Kuzník <ondra(a)mistotebe.net> --- This is certainly not an integer overflow of any kind, just an invalid policy, hence it is ignored and an error is logged. Whether that is a security issue is debatable, as every policy admin should make sure the policy they set is valid and is enforced correctly. As an aside, it might be worth trying to apply the default policy if a specified policy doesn't exist/doesn't validate, but that would be a change from existing behaviour as enshrined in the test suite. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7832] Proposing ppolicy extended module for OpenLDAP
by openldap-its＠openldap.org 23 Feb '21

23 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=7832 --- Comment #17 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Quanah Gibson-Mount from comment #16) > > - I get a segfault when my client first connects to slapd when I compile > > master branch with: Also please provide the exact configuration file or cn=config database you are testing with. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7832] Proposing ppolicy extended module for OpenLDAP
by openldap-its＠openldap.org 23 Feb '21

23 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=7832 --- Comment #16 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to David Coutadeur from comment #14) > Hello, > > I have made some progress in ppm integration, but I have some blocking > questions: > > - I suppose you want a merge request on openldap/openldap master branch and > not OPENLDAP_REL_ENG_2_5, am I right? Correct, all merges go against master. > - I get a segfault when my client first connects to slapd when I compile > master branch with: > Do you have the same error? Is this due to a specific option? I've not encountered any segfaults, so it may be a compile specific option. The master branch goes through constant CI/CD with the full test suite and is not exhibiting any problems. I will see if I can reproduce the issue with your specific compile options. > - I noticed nssov overlay does not compile correctly: there is a missing > #include <errno.h> somewhere, and other remaining bugs. Ok, feel free to open up issue reports about it. > - do you expect other integration things than the code deployed into > contrib/slapd-modules with an appropriate Makefile, README, LICENSE,...? Yes. > - about the Notice, I have made two separate files in the ppm directory: > LICENSE and NOTICES. The license is the OpenLDAP License. The notice is the > following: The IPR notification goes into this bug, not as a separate file. The LICENSE file itself sounds fine. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7832] Proposing ppolicy extended module for OpenLDAP
by openldap-its＠openldap.org 23 Feb '21

23 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=7832 --- Comment #15 from David Coutadeur <david.coutadeur(a)gmail.com> --- For reference, my merge request: https://git.openldap.org/openldap/openldap/-/merge_requests/252 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7832] Proposing ppolicy extended module for OpenLDAP
by openldap-its＠openldap.org 23 Feb '21

23 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=7832 --- Comment #14 from David Coutadeur <david.coutadeur(a)gmail.com> --- Hello, I have made some progress in ppm integration, but I have some blocking questions: - I suppose you want a merge request on openldap/openldap master branch and not OPENLDAP_REL_ENG_2_5, am I right? - I get a segfault when my client first connects to slapd when I compile master branch with: ``` ./configure --prefix=/usr/local/openldap --libdir=/usr/local/openldap/lib64 --enable-overlays --enable-modules --enable-dynamic=yes --with-tls=openssl --enable-debug --with-cyrus-sasl --enable-spasswd --enable-ppolicy --enable-crypt --enable-ldap -enable-slapi --enable-meta --enable-sock --enable-wrappers --enable-rlookups ``` Do you have the same error? Is this due to a specific option? ppm was working with my last test with Ondrej 6 month ago, so I suppose when this segfault is fixed it will work quite fast. - I noticed nssov overlay does not compile correctly: there is a missing #include <errno.h> somewhere, and other remaining bugs. - do you expect other integration things than the code deployed into contrib/slapd-modules with an appropriate Makefile, README, LICENSE,...? - about the Notice, I have made two separate files in the ppm directory: LICENSE and NOTICES. The license is the OpenLDAP License. The notice is the following: "The attached modifications to OpenLDAP Software are subject to the following notice: Copyright 2021 David Coutadeur Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License." Does it seem correct to you? -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7262] slapo-ppolicy overlay cannot use a policy stored in a different backend from the account that it controls
by openldap-its＠openldap.org 23 Feb '21

23 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=7262 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |IN_PROGRESS --- Comment #4 from Quanah Gibson-Mount <quanah(a)openldap.org> --- https://git.openldap.org/openldap/openldap/-/merge_requests/250 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8950] segfault with TXN+accesslog
by openldap-its＠openldap.org 23 Feb '21

23 Feb '21

https://bugs.openldap.org/show_bug.cgi?id=8950 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.5.1 |2.5.2 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

← Newer
1
...
16
17
18
19
20
21
22
...
53
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs February 2021