openldap-bugs May 2023

openldap-bugs@openldap.org

1 participants
109 discussions

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 15 May '23

15 May '23

https://bugs.openldap.org/show_bug.cgi?id=4501 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 15 May '23

15 May '23

https://bugs.openldap.org/show_bug.cgi?id=4501 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED --- Comment #11 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • f200ebd2 by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Set javac source="8". • 578fba58 by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Delete unused class Compare. JDK 1.5 removed the String.compareTo(Object) method so this class won't compile anymore, but luckily it's unused and can simply be deleted. • fa6c4c44 by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Replace use of 'enum' as an identifier. Java 1.5 made 'enum' a keyword, which may not be used as an identifier. • 339120d5 by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Replace use of deprecated class StringBufferInputStream. JDK 1.1 deprecated class StringBufferInputStream because it does not properly convert characters into bytes. • f494f56d by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Replace call to deprecated LDAPConnection.bind() method. JLDAP Sep_ndk_2003 deprecated LDAPConnection.bind(int, String, String) in favour of LDAPConnection.bind(int, String, byte[]). • 70b87f22 by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Replace call to deprecated File.toURL() method. JDK 6 deprecated File.toURL() in favour of File.toURI().toURL() because it does not automatically escape characters that are illegal in URLs. • 44c3341b by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Add @Deprecated annotations to deprecated interface methods. JDK 1.5 deprecated these interface methods so they should be annotated as deprecated also in this implementation of that interface. • 25e88de0 by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Use full package name to disambiguate ambiguous reference. JDK 8 introduced java.util.Base64 which has the same class name as com.novell.ldap.util.Base64 which this code calls. • 762419dc by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Add java.sql interface methods introduced by JDK 6. • 8432fbfe by Fredrik Roubert at 2023-02-18T18:27:29+01:00 ITS#4501 Add java.sql interface methods introduced by JDK 7. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10053] New: liblber/idtest.c (and psap.h dependency) irrelevant to OpenLDAP
by openldap-its＠openldap.org 15 May '23

15 May '23

https://bugs.openldap.org/show_bug.cgi?id=10053 Issue ID: 10053 Summary: liblber/idtest.c (and psap.h dependency) irrelevant to OpenLDAP Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- configure.ac checks for psap.h presence, the only user being liblber's idtest.c - a test program that uses none of liblber API and claims to be part of ISODE X.500 code. I'm tempted to remove the configure check and the source file, letting that project adopt it if they still use it for something. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 10 May '23

10 May '23

https://bugs.openldap.org/show_bug.cgi?id=4501 --- Comment #10 from Shawn McKinney <smckinney(a)symas.com> --- (In reply to Fredrik Roubert from comment #9) > I never managed to find any documentation about what JAR files were needed, > so instead I used guesswork and Google to come up with this list on my own > for building with JDK 1.4.2: > > ant-1.7.0.jar > ant-junit-1.6.5.jar > ant-launcher-1.6.5.jar > jface-3.0.1.jar > junit-3.8.1.jar > novell-jldap-2013.08.30.1433-xplat.jar > swt-linux-gtk-3.0.1.jar > > I have no idea how correct that list might be, but at least it turned out to > be sufficent to make the build work. > > For building with JDK 8, the list becomes substantially smaller: > > jface-3.0.1.jar > novell-jldap-2013.08.30.1433-xplat.jar > swt-linux-gtk-3.0.1.jar Thanks, before I saw your reply, got it built with these (similar list): jldap-2009-10-07.jar junit-4.13.2.jar org.eclipse.jface-3.29.0.jar org.eclipse.swt.gtk.linux.x86_64-3.122.0.jar > > But I can't help wondering about JdbcLdapBrowserApp, whether that really is > something that is ever used by anyone anymore, for if it is not, you would > be able to simplify your codebase considerably by deleting all that source > code (and with that, the need for org.eclipse.swt and jfaces). Fortunately, these jars, other than jdbcldap, are recent, meaning they at least have no known CVE's outstanding? But, like you I'm left with the same thoughts. Who's using this, what parts can be sundowned, how do we test it, what to do next. -- Shawn -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 10 May '23

10 May '23

https://bugs.openldap.org/show_bug.cgi?id=4501 --- Comment #9 from Fredrik Roubert <fredrik(a)roubert.name> --- I never managed to find any documentation about what JAR files were needed, so instead I used guesswork and Google to come up with this list on my own for building with JDK 1.4.2: ant-1.7.0.jar ant-junit-1.6.5.jar ant-launcher-1.6.5.jar jface-3.0.1.jar junit-3.8.1.jar novell-jldap-2013.08.30.1433-xplat.jar swt-linux-gtk-3.0.1.jar I have no idea how correct that list might be, but at least it turned out to be sufficent to make the build work. For building with JDK 8, the list becomes substantially smaller: jface-3.0.1.jar novell-jldap-2013.08.30.1433-xplat.jar swt-linux-gtk-3.0.1.jar But I can't help wondering about JdbcLdapBrowserApp, whether that really is something that is ever used by anyone anymore, for if it is not, you would be able to simplify your codebase considerably by deleting all that source code (and with that, the need for org.eclipse.swt and jfaces). -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10052] New: ldapsearch error "can't contact LDAP Server" <1%
by openldap-its＠openldap.org 10 May '23

10 May '23

https://bugs.openldap.org/show_bug.cgi?id=10052 Issue ID: 10052 Summary: ldapsearch error "can't contact LDAP Server" <1% Product: OpenLDAP Version: 2.4.44 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: w3eagle(a)yahoo.com Target Milestone: --- version used: 2.4.44 that is from Amazon2 core OS: AWS Linux2 Details: Users reported occasional issues with AD server authentication with MicroStrategy. Open case with MicroStrategy and learnt then use openldap library for the AD authentication. We were able to reproduce the issue with ldapsearch like below. ldapsearch -H ldaps://$REMOTEHOST:$REMOTEPORT \ -x -D "CN=??????" \ -y pssd.txt -LLL \ -b "OU=???????" "(sAMAccountName=????)" dn We use crontab to query AD once every minute, and we were able to see a few issues each day, error rate is more than 1/1000 but less than 1/100. The error looks like below - ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Not much info was logged other than this. We tried all kinds of stuff but it didn't help, eg. the ldap.conf settings to ignore certs validation, simplify the cert folder files etc. and the like. We think perhaps the TLS might be the issue, so we setup an nginx node within the same vpc, which communicates with AD server over TLS, but terminates TLS and talk to other ec2 with clear text. We were not able to see any errors. So we have proved, for some reason, then ldapsearch over ldaps fails with a low percentage. I previously reported case 10049, but it was closed. The message is like openldap is using other components for https/tls; so possibly bugs from other libraires. So to prove this issue is indeep on openldap, I schedule the same ldapsearch on the nginx box itself. Knowing nginx was using the same openssl library (openssl 1.0.2k), we reproduced the same, ~1% "can't contact LDAP server" error, on the nginx box. So this error is perhaps more related to openldap, or perhaps Cyrus SASL? (cyrus-sasl-lib 2.1.26). My question is whether this sounds like an openldap bug. Please advise. Thanks -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10051] New: ldapsearch error can't contact LDAP <1%
by openldap-its＠openldap.org 10 May '23

10 May '23

https://bugs.openldap.org/show_bug.cgi?id=10051 Issue ID: 10051 Summary: ldapsearch error can't contact LDAP <1% Product: OpenLDAP Version: 2.4.44 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: w3eagle(a)yahoo.com Target Milestone: --- -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10049] New: ldapsearch can't contact LDAP
by openldap-its＠openldap.org 10 May '23

10 May '23

https://bugs.openldap.org/show_bug.cgi?id=10049 Issue ID: 10049 Summary: ldapsearch can't contact LDAP Product: OpenLDAP Version: 2.4.44 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: w3eagle(a)yahoo.com Target Milestone: --- -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 10 May '23

10 May '23

https://bugs.openldap.org/show_bug.cgi?id=4501 --- Comment #8 from Shawn McKinney <smckinney(a)symas.com> --- I've setup a build env, using Java 8, apache ant 1.10, etc. Now, getting errors on missing dependencies, org.eclipse.swt.*, jfaces, ... I have not found instructions on openldap.org website how to build this. That's fine, certainly not something for this MR to address. But, before I go spend time chasing this down, are there steps written down? Doesn't have to be accurate, anything at all would help. Thanks -- You are receiving this mail because: You are on the CC list for the issue.

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs May 2023