openldap-bugs September 2021

openldap-bugs@openldap.org

1 participants
198 discussions

[Issue 9493] New: slapo-accesslog handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 14 Dec '21

14 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9493 Issue ID: 9493 Summary: slapo-accesslog handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: 2.4.57 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: svella(a)technologist.com Target Milestone: --- I observed this in the debugger while working on a small feature addition to slapo-accesslog. log_cf_gen(), when handling the initial configuration of oldAccessLogOldAttr (accesslog.c:989), linked list li_oldattrs is being built by inserting each value in order at the head of the list, resulting in the list being in reverse order. But when handling LDAP_MOD_DELETE of same attribute (accesslog.c:989), it is using the index of the removed value (valx) to find and removed the entry in the linked list, but it's counting from the head of li_oldattrs and not the tail, resulting in the wrong item being removed from the list unless counting from the head or the tail happens find the same item. (Line numbers refer to commit 6c469f07935e351e349bf38fc223dab704c51a76) Handling of oldAccessLogBase appears to have the same problem, and a cursory glance through the source of other overlays reveals a similar pattern, and I'm guessing the same problem. -- You are receiving this mail because: You are on the CC list for the issue.

1 21

[Issue 9282] New: Syncrepl re-creates deleted entry
by openldap-its＠openldap.org 13 Dec '21

13 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9282 Issue ID: 9282 Summary: Syncrepl re-creates deleted entry Product: OpenLDAP Version: 2.4.50 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Scenario: 2 node Multi-provider replication Add database to provider A ensure database replicates to provider B Stop provider A delete entry on provider B Start provider A Wait for provider B to reconnect to provider A Deleted entry re-appears -- You are receiving this mail because: You are on the CC list for the issue.

1 22

[Issue 9492] New: Add local logging capa
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9492 Issue ID: 9492 Summary: Add local logging capa Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: mhardin(a)symas.com Target Milestone: --- Enhancement request: Add capability to slapd to log to a local file with log rotation features. Log format should not change from syslog-generated log style. -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9641] New: accesslog when logging failed operations interferes with deltasync
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9641 Issue ID: 9641 Summary: accesslog when logging failed operations interferes with deltasync Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: replication Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Take delta-MPR setup and accesslog configured with logsuccess off. We encounter a conflicting write (one that fails to apply in the DB) and fall back to plain syncrepl. Since we are configured to log that write, syncprov sees it (it is a failure, so doesn't match filter, which should contain reqResult=0) and sends a LDAP_SYNC_NEW_COOKIE with that CSN to our delta-consumers. While we apply this write locally in the fallback session, the consumers will skip what they see as a duplicate and lose the change. My understanding is that for failed operations, we should ignore the CSN we received with the operation and instead set up a new one (with our own sid). -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9700] New: Need to determine new library ABI versioning starting point
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9700 Issue ID: 9700 Summary: Need to determine new library ABI versioning starting point Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- With the change in how OpenLDAP client libraries are versioned vs prior releases, we need to determine a useful starting point for the current ABI prior to release. Since current libldap is versioned as libldap.so.2, we may want to start with ol_api_current=2 -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9666] New: 2.5 to 2.6 upgrade documentation
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9666 Issue ID: 9666 Summary: 2.5 to 2.6 upgrade documentation Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Need to document any upgrade issues for going from 2.5 to 2.6 -- You are receiving this mail because: You are on the CC list for the issue.

1 11

[Issue 9575] New: Object class olcGlobal should not allow olcPasswordHash
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9575 Issue ID: 9575 Summary: Object class olcGlobal should not allow olcPasswordHash Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: michael(a)stroeder.com Target Milestone: --- Object class olcGlobal should not allow olcPasswordHash because slapd will crash during start if attribute is set. Reported in this thread: https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/… -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9536] New: back-asyncmeta crashes when traffic is directed to a new database, created via cn=config
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9536 Issue ID: 9536 Summary: back-asyncmeta crashes when traffic is directed to a new database, created via cn=config Product: OpenLDAP Version: unspecified Hardware: All OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- A new back-asyncmeta database is successfully created via cn=config, but the first LDAP request it tries to proxy causes a segmentation fault: 0# 0x00007F4C1E346629 in /usr/src/backend/src/main/c++/overlay-proxy/.libs/overlay_proxy-2.4.so.0 1# 0x00007F4C26D701E0 in /lib64/libc.so.6 2# pthread_mutex_lock in /lib64/libpthread.so.0 3# ldap_pvt_thread_mutex_lock in /usr/local/libexec/slapd 4# asyncmeta_getconn in /usr/local/libexec/slapd 5# asyncmeta_back_add in /usr/local/libexec/slapd 6# fe_op_add in /usr/local/libexec/slapd 7# overlay_op_walk in /usr/local/libexec/slapd 8# 0x00000000004D8EFB in /usr/local/libexec/slapd 9# 0x00000000004D90DC in /usr/local/libexec/slapd 10# do_add in /usr/local/libexec/slapd 11# 0x0000000000445B20 in /usr/local/libexec/slapd 12# 0x00000000004460FB in /usr/local/libexec/slapd 13# 0x0000000000563C54 in /usr/local/libexec/slapd 14# 0x00007F4C270FB569 in /lib64/libpthread.so.0 15# clone in /lib64/libc.so.6 -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9581] New: Add precision setting for slapd lastbind setting
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9581 Issue ID: 9581 Summary: Add precision setting for slapd lastbind setting Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The lastbind functionality that was imported into slapd for 2.5 is missing the ability to fine tune the precision with which to allow the updates that was present in the original overlay. It would be nice to have an option for it. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9615] New: ppolicy pwcheck module should be a configuration setting
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9615 Issue ID: 9615 Summary: ppolicy pwcheck module should be a configuration setting Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- With the current implementation, the external pwcheck module for ppolicy is dl opened every time a given password policy is checked during a password modify operation. This appears to be problematic because eventually systems start reporting: check_password_quality: lt_dlopen failed: (ppm.so) file not found." There's really zero reason for this functionality to be implemented this way. Instead, an external password policy check module should be defined as a password policy config item, and then whether or not to use it remains a part of a given policy. This means the external module will only need to be opened a single time. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

← Newer
1
...
5
6
7
8
9
10
11
...
20
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs September 2021