openldap-bugs August 2021

openldap-bugs@openldap.org

1 participants
259 discussions

[Issue 9646] New: slapd-meta: deprecations in 2.4: “try-propagate is highly deprecated”
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9646 Issue ID: 9646 Summary: slapd-meta: deprecations in 2.4: “try-propagate is highly deprecated” Product: OpenLDAP Version: 2.5.4 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- The upgrade instructions from 2.4 at https://www.openldap.org/doc/admin25/appendix-upgrading.html says > B.4. ldap and meta backends > > Several deprecated configuration directives for slapd-ldap(5) and slapd-meta(5) have been removed. Configurations using those directive must be updated to use supported directives prior to upgrade. See the slapd-ldap(5) and slapd-meta(5) man pages from OpenLDAP 2.4 for a list of deprecated directives. The slapd-meta(5) for 2.4 says at https://www.openldap.org/software/man.cgi?query=slapd-meta&apropos=0&sektio… , when I search for “deprecated”: > tls {[try-]start|[try-]propagate} > The try- prefix instructs the proxy to continue operations if the StartTLS operation failed; its use is highly deprecated. ... > DEPRECATED STATEMENTS > The following statements have been deprecated and should no longer be used. > pseudorootdn <substitute DN in case of rootdn bind> > Use idassert-bind instead. > > pseudorootpw <substitute password in case of rootdn bind> > Use idassert-bind instead. I object the wording “highly deprecated”. It should be “highly discouraged”. With the current wording it is not very clear, whether the try- variants disappeared in 2.5 -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9656] New: slapd (2.5.7) crashes when ppm settings don't exist in the schema
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9656 Issue ID: 9656 Summary: slapd (2.5.7) crashes when ppm settings don't exist in the schema Product: OpenLDAP Version: unspecified Hardware: x86_64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ktmdms(a)gmail.com Target Milestone: --- using ppolicy with ppm causes slapd to crash (2.5.7. I would have selected that as the version but it's not available to be selected) when pwdCheckModuleArg doesn't exist in the schema and/or the full path to ppm.so isn't defined in pwdCheckModule. at the time slapd would crash, pwdCheckModule was set to ppm.so not the full path of /usr/local/libexec/openldap/ppm.so and the pwdCheckModuleArg attribute didn't exist at all. whenever I would attempt to change my user password, slapd would crash. setting the full path and creating and setting the Arg attribute has stopped that behavior but I'm unsure if it was simply added the attribute or some combination of setting the full path, creating the attribute, and populating the attribute. fwiw, the attribute is set as: bWluUXVhbGl0eSA0Cm1heExlbmd0aCAwCmNoZWNrUkROIDEKZm9yYmlkZGVuQ2hhcnMgCmNsYXNz LXVwcGVyQ2FzZSBBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWiAxIDEKY2xhc3MtbG93ZXJDYXNl IGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6IDEgMQpjbGFzcy1kaWdpdCAwMTIzNDU2Nzg5IDEg MQpjbGFzcy1zcGVjaWFsIDw+LD87LjovIcKnw7klKsK1XsKoJMKjwrImw6l+IiMneyhbLXzDqGBf XMOnXsOgQCldwrA9fSsgMSAxCgo= -- You are receiving this mail because: You are on the CC list for the issue.

1 23

[Issue 9644] New: provide a man page for ppm
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9644 Issue ID: 9644 Summary: provide a man page for ppm Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: david.coutadeur(a)gmail.com Target Milestone: --- Provide a man page for ppm proposed PR is coming -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9648] New: 'MAXPATHLEN' undeclared on some systems
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9648 Issue ID: 9648 Summary: 'MAXPATHLEN' undeclared on some systems Product: OpenLDAP Version: 2.5.4 Hardware: All OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: git(a)freundtech.com Target Milestone: --- Created attachment 834 --> https://bugs.openldap.org/attachment.cgi?id=834&action=edit Docker reproduction I'm trying to compile OpenLDAP 2.5.7 on Alpine Linux, but have verified that the problem exists since 2.5.4. Version 2.4.59 compiles correctly with everything else equal. Compilation fails with In file included from ldap-int.h:119, from request.c:53: request.c: In function 'ldap_dump_connection': ../../include/ldap_pvt.h:181:25: error: 'MAXPATHLEN' undeclared (first use in this function) 181 | #define LDAP_IPADDRLEN (MAXPATHLEN + sizeof("PATH=")) | ^~~~~~~~~~ request.c:859:17: note: in expansion of macro 'LDAP_IPADDRLEN' 859 | char from[LDAP_IPADDRLEN]; | ^~~~~~~~~~~~~~ ../../include/ldap_pvt.h:181:25: note: each undeclared identifier is reported only once for each function it appears in 181 | #define LDAP_IPADDRLEN (MAXPATHLEN + sizeof("PATH=")) | ^~~~~~~~~~ request.c:859:17: note: in expansion of macro 'LDAP_IPADDRLEN' 859 | char from[LDAP_IPADDRLEN]; | ^~~~~~~~~~~~~~ make[2]: Leaving directory '/tmp/openldap/libraries/libldap' Thanks to JoBbZ on IRC I found out that including <ac/param.h> in ldap_pvt.h seems to fix the issue. My best guess as to why this fails on Alpine Linux and not on other distributions is that Alpine uses musl instead of glibc as it's libc implementation. I have attacked an (unfinished) dockerfile for reproduction of the issue. -- You are receiving this mail because: You are on the CC list for the issue.

1 17

[Issue 9631] New: slapd-wt tests often fail/timeout
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9631 Issue ID: 9631 Summary: slapd-wt tests often fail/timeout Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Since merging wt into master, tests started to fail ~80-90% of the time, partly due to bugs in wt (https://git.openldap.org/openldap/openldap/-/jobs/8458) or timeouts in CI. I am about to remove the backend from make test for now (keeping it in alltests), opening this issue to discuss further. -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9463] New: back-wt: cumulative fix
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9463 Issue ID: 9463 Summary: back-wt: cumulative fix Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: hamano(a)osstech.co.jp Target Milestone: --- Hi, This is cumulative fix for back-wt. I'm sorry to making 2.5 patch has been delayed due to we're still using 2.4. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9639] New: slapd -r : what must be present in the chroot environment
by openldap-its＠openldap.org 01 Oct '21

01 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9639 Issue ID: 9639 Summary: slapd -r : what must be present in the chroot environment Product: OpenLDAP Version: 2.4.59 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- `man slapd` - https://www.openldap.org/software/man.cgi?query=slapd&apropos=0&sektion=0&m… - says that the -r option calls chroot. Please clarify, what must be present in the chroot environment: /proc, /tmp, /dev/shm , libc -- You are receiving this mail because: You are on the CC list for the issue.

1 14

[Issue 9464] New: Test suite file conf.sh tries to sed unused items
by openldap-its＠openldap.org 15 Sep '21

15 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9464 Issue ID: 9464 Summary: Test suite file conf.sh tries to sed unused items Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The conf.sh script tries to sed values that are not meant for replacement but instead are environment variables handled by run.in and defines.sh. This should be deleted from conf.sh -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9619] New: mdb_env_copy2 with MDB_CP_COMPACT in mdb.master3 produces corrupt mdb file
by openldap-its＠openldap.org 14 Sep '21

14 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9619 Issue ID: 9619 Summary: mdb_env_copy2 with MDB_CP_COMPACT in mdb.master3 produces corrupt mdb file Product: LMDB Version: 0.9.29 Hardware: All OS: Windows Status: UNCONFIRMED Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: kriszyp(a)gmail.com Target Milestone: --- When copying an LMDB database with mdb_env_copy2 with the MDB_CP_COMPACT with mdb.master3, the resulting mdb file seems to be corrupt and when using it in LMDB, I get segmentation faults. Copying without the compacting flag seems to work fine. I apologize, I know this is not a very good issue report, as I haven't had a chance to actually narrow this down to a more reproducible/isolated case, or look for how to patch. I thought I would report in case there are any ideas on what could cause this. The segmentation faults always seem to be memory write faults (as opposed to try fault on trying to read). Or perhaps the current backup/copying functionality is eventually going to be replaced by incremental backup/copying anyway (https://twitter.com/hyc_symas/status/1315651814096875520). I'll try to update this if I get a chance to investigate more, but otherwise feel free to ignore/consider low-priority since the work around is easy. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9571] New: Add Behera Draft 8 compatibility flag to ppolicy overlay
by openldap-its＠openldap.org 11 Sep '21

11 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9571 Issue ID: 9571 Summary: Add Behera Draft 8 compatibility flag to ppolicy overlay Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: mhardin(a)symas.com Target Milestone: --- The RFC for Behera Password Policy, Draft, 10 changes modification semantics of certain policy attributes from those that were in effect in Draft 8. To preserve compatibility with applications that depend on the Draft 8 semantics, a compatibility flag needs to be added to the ppolicy configuration that restores the Draft 8 semantics. -- You are receiving this mail because: You are on the CC list for the issue.

1 10

← Newer
1
...
7
8
9
10
11
12
13
...
26
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs August 2021