https://bugs.openldap.org/show_bug.cgi?id=10056
Issue ID: 10056
Summary: test069-delta-multiprovider-starttls failures on
static builds
Product: OpenLDAP
Version: 2.6.4
Hardware: x86_64
OS: Linux
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: kaction(a)disroot.org
Target Milestone: ---
Hello.
I am getting following test error when trying to build `openldap` statically:
```
[nix-shell:/tmp/openldap-static/openldap-2.6.4/tests]$ ./run
test069-delta-multiprovider-starttls
Cleaning up test run directory leftover from previous run.
Running ./scripts/test069-delta-multiprovider-starttls for mdb...
running defines.sh
Initializing server configurations...
Starting server 1 on TCP/IP port 9011...
Using ldapsearch to check that server 1 is running...
Waiting 5 seconds for slapd to start...
Using ldapadd for context on server 1...
Starting server 2 on TCP/IP port 9012...
Using ldapsearch to check that server 2 is running...
Waiting 5 seconds for slapd to start...
Using ldapadd to populate server 1...
Waiting 7 seconds for syncrepl to receive changes...
Using ldapsearch to read all the entries from server 1...
Using ldapsearch to read all the entries from server 2...
Comparing retrieved entries from server 1 and server 2...
Using ldapadd to populate server 2...
Using ldapsearch to read all the entries from server 1...
Using ldapsearch to read all the entries from server 2...
Comparing retrieved entries from server 1 and server 2...
Breaking replication between server 1 and 2...
Using ldapmodify to force conflicts between server 1 and 2...
Restoring replication between server 1 and 2...
Waiting 7 seconds for syncrepl to receive changes...
Using ldapsearch to read all the entries from server 1...
Using ldapsearch to read all the entries from server 2...
Comparing retrieved entries from server 1 and server 2...
test failed - server 1 and server 2 databases differ (561)
```
I added line number (561) into error message to pinpoint it more precisely.
And here is difference between databases:
```
--- /tmp/openldap-static/openldap-2.6.4/tests/testrun/server1.flt
2023-05-23 22:53:51.000965129 -0400
+++ /tmp/openldap-static/openldap-2.6.4/tests/testrun/server2.flt
2023-05-23 22:53:51.005965136 -0400
@@ -289,13 +289,10 @@
userPassword:: amFq
dn: cn=James A Jones 2,ou=Alumni Association,ou=People,dc=example,dc=com
-carLicense: 123-XYZ
cn: James A Jones 2
cn: James Jones
cn: Jim Jones
-description: Amazing
description: Bizarre
-description: Mindboggling
description: Stupendous
employeeNumber: 64
employeeType: deadwood
@@ -307,7 +304,7 @@
pager: +1 313 555 3923
postalAddress: Alumni Association $ 111 Maple St $ Anytown, MI 48109
seeAlso: cn=All Staff,ou=Groups,dc=example,dc=com
-sn: Surname
+sn: Jones
telephoneNumber: +1 313 555 0895
title: Mad Cow Researcher, UM Alumni Association
uid: jaj
```
Suggestions on what more information I can provide are welcome. You can also
try to build `pkgsStatic.openldap` in this nixpkgs
[commit](f9e32f61282275eb5fa9064e08bbd0a92d1187de)
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10061
Issue ID: 10061
Summary: Query on setting TLSVerifyClient option set to demand
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: ramajay52(a)gmail.com
Target Milestone: ---
Dear Experts,
In my case, I had set TLSVerifyClient to demand.
I couldn't be able to establish a connection While providing
TLSCACertificateFile alone.
While setting the TLSVerifyClient option demand is it mandatory to provide the
following option?
1. TLSCACertificateFile
2. TLSCertificateKeyFile
3. TLSCertificateFile
Regards,
Ram
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=8447
Quanah Gibson-Mount <quanah(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|TEST |FIXED
--- Comment #6 from Quanah Gibson-Mount <quanah(a)openldap.org> ---
Fixed in RE0.9:
• 76bad923
by Howard Chu at 2023-05-25T19:33:44+00:00
ITS#8447 fix cursor_put(MDB_CURRENT) on DUPSORT DB with different-sized data
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9736
Issue ID: 9736
Summary: pwrite bug in OSX breaking LMDB promise about the
maximum value size
Product: LMDB
Version: unspecified
Hardware: All
OS: Mac OS
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: liblmdb
Assignee: bugs(a)openldap.org
Reporter: renault.cle(a)gmail.com
Target Milestone: ---
Hi,
I was working with LMDB and found an issue when trying to write a value of
approximately 3.3GiB in the database, I dive into the LMDB source code of the
mdb_put method using the lldb debugger and found out that it was not related to
an issue in LMDB itself but rather a bug in the pwrite function of the Mac OS
libc implementation.
The pwrite function is given four parameters, the file descriptor, the buffer,
the count of bytes to write from the buffer and, the offset of where to write
it in the file. On Mac OS the count of bytes is a size_t that must be a 64bits
unsigned integer but when you call pwrite with a number bigger or equal to 2^31
it returns an error 22 (invalid argument). LMDB was returning a 22 error from
the mdb_put call and not an EINVAL because the error was cause by an internal
issue and not something catchable by LMDB.
I am not sure about what we can do, can we implement this single pwrite [1] as
multiple pwrite with counts smaller than 2^31 in a loop, just for Mac OS? Like
for Windows where we do specific things for this operating system too?
I also found this issue on the RocksDB repository [2] about a similar problem
they have with pwrite and write on Mac OS it seems. I understand that this is
not a real promise that LMDB is specifying but rather an "in theory" rule [3].
Thank you for your time,
kero
[1]:
https://github.com/LMDB/lmdb/blob/01b1b7dc204abdf3849536979205dc9e3a0e3ece/…
[2]: https://github.com/facebook/rocksdb/issues/5169
[3]: http://www.lmdb.tech/doc/group__mdb.html#structMDB__val
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10055
Issue ID: 10055
Summary: EOS EOL
Product: OpenLDAP
Version: 2.4.44
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: documentation
Assignee: bugs(a)openldap.org
Reporter: andrew.hudson(a)rtx.com
Target Milestone: ---
Hello,
I work with Raytheon Intelligence and Space. I just have a quick question. I am
in charge of keeping track of the software that is on my program's environment.
We are on version 2.4.44. I am just wondering what the End of Support and the
end of life of this version. Thank you very much.
Andrew Hudson
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=4501
Quanah Gibson-Mount <quanah(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |VERIFIED
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=4501
Quanah Gibson-Mount <quanah(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |FIXED
Status|UNCONFIRMED |RESOLVED
--- Comment #11 from Quanah Gibson-Mount <quanah(a)openldap.org> ---
Commits:
• f200ebd2
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Set javac source="8".
• 578fba58
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Delete unused class Compare.
JDK 1.5 removed the String.compareTo(Object) method so this class won't
compile anymore, but luckily it's unused and can simply be deleted.
• fa6c4c44
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Replace use of 'enum' as an identifier.
Java 1.5 made 'enum' a keyword, which may not be used as an identifier.
• 339120d5
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Replace use of deprecated class StringBufferInputStream.
JDK 1.1 deprecated class StringBufferInputStream because it does not
properly convert characters into bytes.
• f494f56d
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Replace call to deprecated LDAPConnection.bind() method.
JLDAP Sep_ndk_2003 deprecated LDAPConnection.bind(int, String, String)
in favour of LDAPConnection.bind(int, String, byte[]).
• 70b87f22
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Replace call to deprecated File.toURL() method.
JDK 6 deprecated File.toURL() in favour of File.toURI().toURL() because
it does not automatically escape characters that are illegal in URLs.
• 44c3341b
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Add @Deprecated annotations to deprecated interface methods.
JDK 1.5 deprecated these interface methods so they should be annotated
as deprecated also in this implementation of that interface.
• 25e88de0
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Use full package name to disambiguate ambiguous reference.
JDK 8 introduced java.util.Base64 which has the same class name as
com.novell.ldap.util.Base64 which this code calls.
• 762419dc
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Add java.sql interface methods introduced by JDK 6.
• 8432fbfe
by Fredrik Roubert at 2023-02-18T18:27:29+01:00
ITS#4501 Add java.sql interface methods introduced by JDK 7.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10053
Issue ID: 10053
Summary: liblber/idtest.c (and psap.h dependency) irrelevant to
OpenLDAP
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: libraries
Assignee: bugs(a)openldap.org
Reporter: ondra(a)mistotebe.net
Target Milestone: ---
configure.ac checks for psap.h presence, the only user being liblber's idtest.c
- a test program that uses none of liblber API and claims to be part of ISODE
X.500 code.
I'm tempted to remove the configure check and the source file, letting that
project adopt it if they still use it for something.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=4501
--- Comment #10 from Shawn McKinney <smckinney(a)symas.com> ---
(In reply to Fredrik Roubert from comment #9)
> I never managed to find any documentation about what JAR files were needed,
> so instead I used guesswork and Google to come up with this list on my own
> for building with JDK 1.4.2:
>
> ant-1.7.0.jar
> ant-junit-1.6.5.jar
> ant-launcher-1.6.5.jar
> jface-3.0.1.jar
> junit-3.8.1.jar
> novell-jldap-2013.08.30.1433-xplat.jar
> swt-linux-gtk-3.0.1.jar
>
> I have no idea how correct that list might be, but at least it turned out to
> be sufficent to make the build work.
>
> For building with JDK 8, the list becomes substantially smaller:
>
> jface-3.0.1.jar
> novell-jldap-2013.08.30.1433-xplat.jar
> swt-linux-gtk-3.0.1.jar
Thanks, before I saw your reply, got it built with these (similar list):
jldap-2009-10-07.jar
junit-4.13.2.jar
org.eclipse.jface-3.29.0.jar
org.eclipse.swt.gtk.linux.x86_64-3.122.0.jar
>
> But I can't help wondering about JdbcLdapBrowserApp, whether that really is
> something that is ever used by anyone anymore, for if it is not, you would
> be able to simplify your codebase considerably by deleting all that source
> code (and with that, the need for org.eclipse.swt and jfaces).
Fortunately, these jars, other than jdbcldap, are recent, meaning they at least
have no known CVE's outstanding? But, like you I'm left with the same thoughts.
Who's using this, what parts can be sundowned, how do we test it, what to do
next.
--
Shawn
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=4501
--- Comment #9 from Fredrik Roubert <fredrik(a)roubert.name> ---
I never managed to find any documentation about what JAR files were needed, so
instead I used guesswork and Google to come up with this list on my own for
building with JDK 1.4.2:
ant-1.7.0.jar
ant-junit-1.6.5.jar
ant-launcher-1.6.5.jar
jface-3.0.1.jar
junit-3.8.1.jar
novell-jldap-2013.08.30.1433-xplat.jar
swt-linux-gtk-3.0.1.jar
I have no idea how correct that list might be, but at least it turned out to be
sufficent to make the build work.
For building with JDK 8, the list becomes substantially smaller:
jface-3.0.1.jar
novell-jldap-2013.08.30.1433-xplat.jar
swt-linux-gtk-3.0.1.jar
But I can't help wondering about JdbcLdapBrowserApp, whether that really is
something that is ever used by anyone anymore, for if it is not, you would be
able to simplify your codebase considerably by deleting all that source code
(and with that, the need for org.eclipse.swt and jfaces).
--
You are receiving this mail because:
You are on the CC list for the issue.