January 2022 - openldap-bugs

[Issue 9792] New: During replication, slapd tries to modify hasSubordinates (and fails)

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=9792 Issue ID: 9792 Summary: During replication, slapd tries to modify hasSubordinates (and fails) Product: OpenLDAP Version: 2.5.9 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: christophe(a)armaghast.eu Target Milestone: --- During relication, this strange error occurs: Jan 25 14:46:42 annu slapd[471040]: conn=1001 op=2796 MOD attr=userPassword pwdChangedTime pwdHistory entryCSN modifiersName modifyTimestamp hasSubordinates Jan 25 14:46:42 annu slapd[471040]: conn=1001 op=2796 RESULT tag=103 err=16 qtime=0.000030 etime=0.000462 text=modify/delete: hasSubordinates: no such attribute Why does slapd try to modify this (virtual) attribute ? -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
4
0 / 0

[Issue 9786] New: liblber: missing export of ber_pvt_wsa_err2string

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=9786 Issue ID: 9786 Summary: liblber: missing export of ber_pvt_wsa_err2string Product: OpenLDAP Version: 2.6.1 Hardware: All OS: Windows Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: tobias.junghans(a)veyon.io Target Milestone: --- When building (cross-compiling) OpenLDAP via GCC/mingw-w64, an undefined reference to ber_pvt_wsa_err2string() is reported when libldap.dll is linked. This can be fixed easily by adding ber_pvt_wsa_err2string() to libraries/liblber/lber.map -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
3
0 / 0

[Issue 9350] New: Expand test suite for null base

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=9350 Issue ID: 9350 Summary: Expand test suite for null base Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Currently we have no tests that use the empty suffix (null base). This is an entirely valid configuration setup, and there are unique challenges and bugs that crop up with this usage. We need to ensure we're covering this use case, particularly with syncrepl and delta-syncrepl configurations. -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
4
0 / 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=8255 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |IN_PROGRESS Ever confirmed|0 |1 --- Comment #10 from Ondřej Kuzník <ondra(a)mistotebe.net> --- https://git.openldap.org/openldap/openldap/-/merge_requests/487 for the clarification. -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
0
0 / 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=8255 --- Comment #9 from Ondřej Kuzník <ondra(a)mistotebe.net> --- (In reply to Ondřej Kuzník from comment #8) > and probably need to stop referencing the slapd-shell manpage too. Ah, we already did that, forgot I was reading the installed, not the local manpage. -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
0
0 / 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=8255 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Component|backends |documentation --- Comment #8 from Ondřej Kuzník <ondra(a)mistotebe.net> --- (In reply to Howard Chu from comment #7) > (In reply to Ondřej Kuzník from comment #6) >> str2result() doesn't expect "msgid:" to be passed in the response, even >> though that's part of the protocol as documented. > > Incorrect. The docs clearly show msgid: is not part of the response message. True, I misread the manpage because there is little structure in there to support quick reference. I think we should put the "sockresp result" string in the relevant paragraph and probably need to stop referencing the slapd-shell manpage too. -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
0
0 / 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=8255 --- Comment #7 from Howard Chu <hyc(a)openldap.org> --- (In reply to Ondřej Kuzník from comment #6) > str2result() doesn't expect "msgid:" to be passed in the response, even > though that's part of the protocol as documented. Incorrect. The docs clearly show msgid: is not part of the response message. >>>> The commands - except unbind - should output: RESULT code: <integer> matched: <matched DN> info: <text> where only RESULT is mandatory, and then close the socket. <<<< The msgid: is only included in messages from back-sock to the external program. There is no bug in back-sock or in its documentation. -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
0
0 / 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=8255 --- Comment #6 from Ondřej Kuzník <ondra(a)mistotebe.net> --- str2result() doesn't expect "msgid:" to be passed in the response, even though that's part of the protocol as documented. Now that back-sock is its only user, it should just be added. -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
0
0 / 0

[Issue 9793] New: Question regarding password dictionary rules for when a user changes their password.

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=9793 Issue ID: 9793 Summary: Question regarding password dictionary rules for when a user changes their password. Product: OpenLDAP Version: 2.6.1 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: alan_andrea(a)yahoo.com Target Milestone: --- I have a question regarding password rules that are enforced when a user changes their password. We have a need to implement a dictionary rule whereby words and phrases in a dictionary are not allowed in a users password. I am not able to see currently where such functionality exists in OpenLDAP and am wondering if there are any extensions to OPenLDAP that were developed to support this or if it would be required to write code to support this feature. If you can please give me some guidelines here, that would be really great ! -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
2
0 / 0

[Issue 9742] New: syncprov-nopresent is harmful

by openldap-its＠openldap.org

https://bugs.openldap.org/show_bug.cgi?id=9742 Issue ID: 9742 Summary: syncprov-nopresent is harmful Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- If setting up a new delta-MPR environment such that: - server A has been slapadd-ed the seed data - accesslog is set to "logops all" There is a sequence of events where servers are started and replicate from each other before they get a chance to talk to A, they will each generate a CSN and replicate it. Once they start talking to A, it will see that it has a CSN (its own) that none of them have sent and "syncprov-nopresent" makes it just go ahead where the only sane outcome is to send SYNC_REFRESH_REQUIRED. Am I missing a usecase for this or should it just have been this way all along? -- You are receiving this mail because: You are on the CC list for the issue.

1 year, 4 months

1
13
0 / 0

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs January 2022