https://bugs.openldap.org/show_bug.cgi?id=9436
Issue ID: 9436
Summary: OpenSSL 3.0: libldap uses depreciated functions
Product: OpenLDAP
Version: 2.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: libraries
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
OpenLDAP master fails to build against OpenSSL 3.0 alpha when "no-deprecated"
is specified.
Currently hitting these errors:
./.libs/libldap.so: undefined reference to `SSL_get_peer_certificate'
./.libs/libldap.so: undefined reference to `PEM_read_bio_DHparams'
./.libs/libldap.so: undefined reference to `ERR_get_error_line'
./.libs/libldap.so: undefined reference to `DH_free'
./.libs/libldap.so: undefined reference to `SSL_CTX_set_tmp_dh'
Notes:
SSL_get_peer_certificate is SSL_get1_peer_certificate in 3.0.0
SSL_CTX_set_tmp_dh should be replaced as follows:
# define SSL_CTX_set_tmp_dh(ctx,dh) \
SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)(dh))
Have to dig deeper for:
PEM_read_bio_DHparams
ERR_get_error_line
DH_free
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9832
Issue ID: 9832
Summary: back-monitor crash when sizelimit in operation
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: ondra(a)mistotebe.net
Target Milestone: ---
If a back-monitor search gets a failure in send_search_entry(), e.g. due to
sizelimit being reached, a pending server pause, etc., it will try to call
monitor_cache_release( mi, e ) where e == NULL instead of the correct entry to
release.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9460
Issue ID: 9460
Summary: Drop support for OpenSSL older than 1.1.1
Product: OpenLDAP
Version: 2.5
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: libraries
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
OpenSSL no longer supports the 1.0.2 series and specifically notes it should
not be used:
"All older versions (including 1.1.0, 1.0.2, 1.0.0 and 0.9.8) are now out of
support and should not be used."
Currently configure checks for 1.0.2 or higher.
OpenSSL 1.1.1 is supported through 11 Sep 2023.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9496
Issue ID: 9496
Summary: Some writes missing from database
Product: LMDB
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: liblmdb
Assignee: bugs(a)openldap.org
Reporter: igfoo(a)github.com
Target Milestone: ---
With the attached test program, some of my database writes appear not to
actually be written to the database. For example, a run may look like this:
$ ./run.sh
All done.
All finished
1802 test.txt
foo_200 is missing
bar_200 is missing
foo_404 is missing
bar_404 is missing
foo_407 is missing
bar_407 is missing
The script that I am using to run the program is below. This is using
mdb.master 52bc29ee2efccf09c650598635cd42a50b6ecffe on Linux, with an ext4
filesystem.
Is this an LMDB bug, or is there a bug in my code?
Thanks
Ian
#!/bin/sh
set -e
if ! [ -d lmdb ]
then
rm -rf lmdb
git clone https://github.com/LMDB/lmdb.git
INSTALL_DIR="`pwd`/inst"
cd lmdb/libraries/liblmdb
make install prefix="$INSTALL_DIR"
cd ../../..
fi
gcc -Wall -Werror -Iinst/include loop.c inst/lib/liblmdb.a -o loop -pthread
rm -f test.db test.db-lock
./loop
echo "All finished"
mdb_dump -np test.db > test.txt
wc -l test.txt
for i in `seq 100 999`
do
if ! grep -q "foo_$i" test.txt
then
echo "foo_$i is missing"
fi
if ! grep -q "bar_$i" test.txt
then
echo "bar_$i is missing"
fi
done
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9887
Issue ID: 9887
Summary: Offer to mirror OpenLDAP
Product: website
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: website
Assignee: bugs(a)openldap.org
Reporter: mirrors(a)jevincanders.net
Target Milestone: ---
Greetings,
We're from Jevin Canders, a hosting company based in New York (servers are in
Buffalo).
We're wondering if you wanted/needed another US mirror. We're already mirroring
other open source projects, including Kali Linux and F-Droid. As of next week
(tentatively), our mirror server will have a 20 Gbps pipe to work with, so
we'll be able to handle new projects.
Let us know if you have any questions, concerns, or requests.
Sincerely,
Josh Anders and Kevin Croissant
JC Mirrors Team
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9912
Issue ID: 9912
Summary: slapd attempting free on address which was not
malloced
Product: OpenLDAP
Version: 2.6.3
Hardware: x86_64
OS: Linux
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: kimjuhi96(a)snu.ac.kr
Target Milestone: ---
Providing following command-line input results in invalid free.
./servers/slapd/slapd -h1 -h1
This issue exists in openldap-2.6.3 and the master branch of git.
Environment:
- Ubuntu 20.04
- clang-14.0.6 with CFLAGS="-fsanitize=address"
Backtrace:
=================================================================
==3323395==ERROR: AddressSanitizer: attempting free on address which was not
malloc()-ed: 0x7ffc8512c238 in thread T0
#0 0x4d0077
(/home/juhee/project/foxfuzz/programs/network/openldap/servers/slapd/slapd+0x4d0077)
#1 0xb77152
(/home/juhee/project/foxfuzz/programs/network/openldap/servers/slapd/slapd+0xb77152)
#2 0x65ff02
(/home/juhee/project/foxfuzz/programs/network/openldap/servers/slapd/slapd+0x65ff02)
#3 0x5168a9
(/home/juhee/project/foxfuzz/programs/network/openldap/servers/slapd/slapd+0x5168a9)
#4 0x7ff21bd3c082 (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId:
1878e6b475720c7c51969e69ab2d276fae6d1dee)
#5 0x42130d
(/home/juhee/project/foxfuzz/programs/network/openldap/servers/slapd/slapd+0x42130d)
Address 0x7ffc8512c238 is located in stack of thread T0 at offset 10072 in
frame
#0 0x515fef
(/home/juhee/project/foxfuzz/programs/network/openldap/servers/slapd/slapd+0x515fef)
This frame has 10 object(s):
[32, 36) 'rc' (line 220)
[48, 52) 'syslogUser' (line 230)
[64, 72) 'waitfds' (line 234)
[96, 100) 'level' (line 402)
[112, 128) 'opt' (line 432)
[144, 148) 'opt393' (line 717)
[160, 168) 'errmsg' (line 726)
[192, 196) 'buf' (line 778)
[208, 336) 'ebuf' (line 798)
[368, 496) 'ebuf524' (line 821) <== Memory access at offset 10072 overflows
this variable
HINT: this may be a false positive if your program uses some custom stack
unwind mechanism, swapcontext or vfork
(longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: bad-free
(/home/juhee/project/foxfuzz/programs/network/openldap/servers/slapd/slapd+0x4d0077)
==3323395==ABORTING
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9913
Issue ID: 9913
Summary: Some lloadd shutdown code doesn't protect memory
correctly
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: lloadd
Assignee: bugs(a)openldap.org
Reporter: ondra(a)mistotebe.net
Target Milestone: ---
During shutdown, clients_destroy and tier_destroy are called while worker
threads might still be alive, therefore they need to participate in memory
management.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9907
Issue ID: 9907
Summary: lloadd config/shutdown leaks
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: lloadd
Assignee: bugs(a)openldap.org
Reporter: ondra(a)mistotebe.net
Target Milestone: ---
lloadd leaks some memory in cn=config and at shutdown time. Fixes coming
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9906
Issue ID: 9906
Summary: cn=monitor leaks in lloadd
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: ondra(a)mistotebe.net
Target Milestone: ---
lloadd registers various types of monitor_subsys_t but currently doesn't tear
all parts of them down correctly, leaking memory on server shutdown. Partly
down to how back-monitor shutdown works at the moment.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9898
Issue ID: 9898
Summary: slapd-addel.c contains invalid struct initialization
which does not compile on HP-UX aCC
Product: OpenLDAP
Version: 2.6.3
Hardware: All
OS: Other
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: michael.osipov(a)siemens.com
Target Milestone: ---
My compiler (cc: HP C/aC++ B3910B A.06.29 [Oct 18 2016]) gives me:
/opt/aCC/bin/aCC -Ae -g -I../../include -I../../include -I/opt/ports/include
-I/opt/ports/include -c -o slapd-addel.o slapd-addel.c
"slapd-addel.c", line 68: error #2029: expected an expression
LDIFRecord record = {};
^
"slapd-addel.c", line 70: error #2029: expected an expression
struct berval bv = {};
^
This is invalid C code, it can be easily solved by using "{0}" and the code
does compile.
--
You are receiving this mail because:
You are on the CC list for the issue.