openldap-bugs December 2023

openldap-bugs@openldap.org

1 participants
90 discussions

[Issue 10013] New: Some code (ppolicy, etc.) ignores REP_CTRLS_MUSTBEFREED when touching rs->sr_ctrls
by openldap-its＠openldap.org 17 Jan '24

17 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10013 Issue ID: 10013 Summary: Some code (ppolicy, etc.) ignores REP_CTRLS_MUSTBEFREED when touching rs->sr_ctrls Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Certain parts of the source indicate that rs->sr_ctrls shouldn't be realloc'd/free'd unless REP_CTRLS_MUSTBEFREED is set, but then other parts of slapd (slap_ctrl_whatFailed_add, glue_op_search?, ...) and overlays (ppolicy, syncprov, ...) will blindly overwrite and/or realloc it. slap_add_control() (an analog of slap_add_controls()) might be useful for this, possibly alongside some way to free the other data kept around to streamline the code other users need for correct operation. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9944] New: Reverting an olcDbACLBind statement breaks proxied write operations
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=9944 Issue ID: 9944 Summary: Reverting an olcDbACLBind statement breaks proxied write operations Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- On a system with olcDbIDAssertBind configured, and proxied authorizations working correctly, an olcDbACLBind statement was added to the configuration for lastbind support. However an incorrect identity was in place for the authzid in the ACL bind statement which caused proxy authorization to fail. The change was backed out (There was never any change to the olcDbIDAssertBind config fragment) and after that, all write operations failed instead of being proxied, with err=80. Restarting slapd fixed the issue, which indicates an underlying problem in the cn=config db in reverting to the original working state. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 10137] New: Ease redefining the MDB_IDL_LOGN value
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10137 Issue ID: 10137 Summary: Ease redefining the MDB_IDL_LOGN value Product: LMDB Version: 0.9.30 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: renault.cle(a)gmail.com Target Milestone: --- Created attachment 992 --> https://bugs.openldap.org/attachment.cgi?id=992&action=edit The patch do apply to midl.h Hello, I would like to slightly change the midl.h c file to make it possible to change the MDB_IDL_LOGN define without having to fork on my side. I know it can be redefined to reduce the amount of memory allocated by LMDB. I am using the latest `mdb.master` branch version of LMDB. https://github.com/mozilla/lmdb/pull/2 -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 10149] New: [PATCH] Allow certificates and keys to be read from URIs.
by openldap-its＠openldap.org 14 Jan '24

14 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10149 Issue ID: 10149 Summary: [PATCH] Allow certificates and keys to be read from URIs. Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: minfrin(a)sharp.fm Target Milestone: --- Add the LDAP_OPT_X_TLS_URIS and LDAP_OPT_X_TLS_CACERTURIS options to allow certificates and keys to be set using OpenSSL provider URIs. The attached patch file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Graham Leggett minfrin(a)sharp.fm. I have not assigned rights and/or interest in this work to any party. The attached modifications to OpenLDAP Software are subject to the following notice: Copyright 2023 Graham Leggett Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9660] New: back-mdb Permission denied => Restore from backup
by openldap-its＠openldap.org 12 Jan '24

12 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=9660 Issue ID: 9660 Summary: back-mdb Permission denied => Restore from backup Product: OpenLDAP Version: 2.5.7 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: geert.hendrickx(a)telenetgroup.be Target Milestone: --- Cosmetic issue: When an mdb database has incorrect ownership or permissions (typically after slapadd as root), back-mdb fails with: mdb_db_open: database "dc=my-domain,dc=com" cannot be opened: Permission denied (13). Restore from backup! "Permission denied" is correct, but "Restore from backup" is maybe not the most appropriate advice. ;-) -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10125] New: mdb_load: fix loading in Append mode
by openldap-its＠openldap.org 11 Jan '24

11 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10125 Issue ID: 10125 Summary: mdb_load: fix loading in Append mode Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: tools Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- After committing/flushing a batch of writes, the cursor is not correctly reinitialized in Append mode. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10148] New: About
by openldap-its＠openldap.org 26 Dec '23

26 Dec '23

https://bugs.openldap.org/show_bug.cgi?id=10148 Issue ID: 10148 Summary: About Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: pinkilhagency(a)gmail.com Target Milestone: --- Welcome to LH Talent Agency, a leading provider of live hosting talent for events and productions. In the fast-paced world of live hosting, finding the perfect individual to engage and captivate your audience is crucial. That's where LH Talent Agency comes in. With our extensive network of experienced and dynamic hosts, we can match you with the perfect talent to ensure your event is a success. Whether you need a skilled emcee, a charismatic presenter, or a engaging host, LH Talent Agency has the expertise and resources to meet your needs. Read on to learn more about how LH Talent Agency can elevate your live hosting experience. More Info - https://livehosting.xyz/ -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10146] New: Typo in doc/man/man3/lber-decode.3
by openldap-its＠openldap.org 19 Dec '23

19 Dec '23

https://bugs.openldap.org/show_bug.cgi?id=10146 Issue ID: 10146 Summary: Typo in doc/man/man3/lber-decode.3 Product: OpenLDAP Version: 2.6.6 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: joshua(a)joshua.hu Target Milestone: --- In doc/man/man3/lber-decode.3 it states that the fmt for null is: n Null. No parameter is required. The element is simply skipped if it is recognized. Should it not be 'N'? -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 7420] Possible to bypass overlay unique and constraint
by openldap-its＠openldap.org 19 Dec '23

19 Dec '23

https://bugs.openldap.org/show_bug.cgi?id=7420 Howard Chu <hyc(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |IN_PROGRESS --- Comment #7 from Howard Chu <hyc(a)openldap.org> --- Fix in https://git.openldap.org/openldap/openldap/-/merge_requests/665 please test -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10131] New: wildcard search crash slapd with OU containing parenthesis
by openldap-its＠openldap.org 12 Dec '23

12 Dec '23

https://bugs.openldap.org/show_bug.cgi?id=10131 Issue ID: 10131 Summary: wildcard search crash slapd with OU containing parenthesis Product: OpenLDAP Version: 2.5.16 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: bourguijl(a)gmail.com Target Milestone: --- Dears, When I do following ldapsearch as following : ldapsearch -x -H ldap://hostname:3891 -b "o=mobistar.be" -s subtree "(&(objectClass=groupOfUniqueNames)(uniqueMember=uid=jlb,ou=*,o=mobistar.be))" cn dn and the DB is containing these entries : dn: uid=jlb,ou=Test (aa),ou=Partners,o=mobistar.be dn: ou=Test (aa),ou=Partners,o=mobistar.be even if this "uid=jlb" isn't member of a group as uniqueMember, it makes slapd crashing. I did test it on versions 2.5.7 & 2.5.16, same result --> slapd crashed. Seems to be related to parenthesis presence in OU attribut. Is it a bug ? Thx, Jean-Luc. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs December 2023