openldap-bugs January 2022

openldap-bugs@openldap.org

1 participants
151 discussions

[Issue 9748] New: Deleted values of pwdFailureTime seem to reappear
by openldap-its＠openldap.org 03 Mar '22

03 Mar '22

https://bugs.openldap.org/show_bug.cgi?id=9748 Issue ID: 9748 Summary: Deleted values of pwdFailureTime seem to reappear Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Created attachment 854 --> https://bugs.openldap.org/attachment.cgi?id=854&action=edit accesslog for uid=dm01-R2H2-956,ou=People,dc=example,dc=com Somehow, ppolicy seems to be able to reference values of pwdFailureTime that had been deleted before the actual bind even started. In the attached accesslog, trace, deletion of everything (including "20211115154510.478330Z") is recorded from reqSession: 3, then a bind comes in and the same value is explicitly removed again. -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Bug 9256] New: The ACLs required for SASL binding are not fully documented
by openldap-its＠openldap.org 28 Feb '22

28 Feb '22

https://bugs.openldap.org/show_bug.cgi?id=9256 Bug ID: 9256 Summary: The ACLs required for SASL binding are not fully documented Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: kop(a)karlpinc.com Target Milestone: --- Created attachment 727 --> https://bugs.openldap.org/attachment.cgi?id=727&action=edit Patch massaging the SASL binding requirement docs While some ACL requirements for SASL binding are documented, some are not. E.g, that olcAuthzRegexp requires =x on objectClass when direct DN mapping is not documented. Other requirements can be reasoned out based on the existing documentation, but this can be very difficult when unfamiliar with all the moving parts and the places they are documented. E.g. knowing that (objectClass=*) is the default filter, and that there's _always_ _some_ filter, and connecting this with ACLs required to do search-based SASL mapping. The attached patch brings all the SASL binding requirements together in one place in the docs and makes everything explicit. The word "SASL" is included, for those searching for that keyword. I, Karl O. Pinc, hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice. -- You are receiving this mail because: You are on the CC list for the bug.

1 27

[Issue 9731] New: startup messages still go to syslog when logfile-only is on
by openldap-its＠openldap.org 28 Feb '22

28 Feb '22

https://bugs.openldap.org/show_bug.cgi?id=9731 Issue ID: 9731 Summary: startup messages still go to syslog when logfile-only is on Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- When setting logfile-only on, slapd still logs its startup message to syslog: Oct 29 21:07:47 u18test slapd[18534]: @(#) $OpenLDAP: slapd 2.6.0 (Oct 29 2021 05:12:17) $#012#011openldap This is useful information to have consolidated into the specified logfile. Note that: 617c62a3.16f03fdb 0x7f9325ed67c0 slapd starting does make it to the logfile. However, it would be useful to have the build date and version in the specified logfile. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9502] New: Implement TCP_USER_TIMEOUT in meta and asyncmeta
by openldap-its＠openldap.org 18 Feb '22

18 Feb '22

https://bugs.openldap.org/show_bug.cgi?id=9502 Issue ID: 9502 Summary: Implement TCP_USER_TIMEOUT in meta and asyncmeta Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- Implement TCP_USER_TIMEOUT as an option to libldap and as a configuration option in back-meta and back-asyncmeta -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Bug 9189] New: Add GSSAPI channel-bindings support
by openldap-its＠openldap.org 18 Feb '22

18 Feb '22

https://bugs.openldap.org/show_bug.cgi?id=9189 Bug ID: 9189 Summary: Add GSSAPI channel-bindings support Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: iboukris(a)gmail.com Target Milestone: --- Recently MS has announce they plan to enforce channel-bindings for LDAP over TLS (ADV190023). To support it on client side, we need to pass "tls-endpoint" bindings (RFC 5929) to the SASL plugin, and make use of that in GSSAPI. See also: https://github.com/cyrusimap/cyrus-sasl/pull/601 -- You are receiving this mail because: You are on the CC list for the bug.

1 13

[Issue 8375] paged results control results in full db search?
by openldap-its＠openldap.org 31 Jan '22

31 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=8375 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.2 |2.7.0 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken
by openldap-its＠openldap.org 31 Jan '22

31 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=8255 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |ondra(a)mistotebe.net -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9792] New: During replication, slapd tries to modify hasSubordinates (and fails)
by openldap-its＠openldap.org 31 Jan '22

31 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9792 Issue ID: 9792 Summary: During replication, slapd tries to modify hasSubordinates (and fails) Product: OpenLDAP Version: 2.5.9 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: christophe(a)armaghast.eu Target Milestone: --- During relication, this strange error occurs: Jan 25 14:46:42 annu slapd[471040]: conn=1001 op=2796 MOD attr=userPassword pwdChangedTime pwdHistory entryCSN modifiersName modifyTimestamp hasSubordinates Jan 25 14:46:42 annu slapd[471040]: conn=1001 op=2796 RESULT tag=103 err=16 qtime=0.000030 etime=0.000462 text=modify/delete: hasSubordinates: no such attribute Why does slapd try to modify this (virtual) attribute ? -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9350] New: Expand test suite for null base
by openldap-its＠openldap.org 31 Jan '22

31 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9350 Issue ID: 9350 Summary: Expand test suite for null base Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Currently we have no tests that use the empty suffix (null base). This is an entirely valid configuration setup, and there are unique challenges and bugs that crop up with this usage. We need to ensure we're covering this use case, particularly with syncrepl and delta-syncrepl configurations. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 8255] slapd-sock: response parsing in str2result() is broken
by openldap-its＠openldap.org 31 Jan '22

31 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=8255 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |IN_PROGRESS Ever confirmed|0 |1 --- Comment #10 from Ondřej Kuzník <ondra(a)mistotebe.net> --- https://git.openldap.org/openldap/openldap/-/merge_requests/487 for the clarification. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

← Newer
1
...
6
7
8
9
10
11
12
...
16
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs January 2022