https://bugs.openldap.org/show_bug.cgi?id=10090
Issue ID: 10090
Summary: regex that contains a quoted literal space or escaped
space results in a parse error
Product: OpenLDAP
Version: 2.6.6
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: gburd(a)symas.com
Target Milestone: ---
Searching ACLs using regex expressions should allow for white space.
olcAccess: to dn.subtree="dc=example,dc=com" by dn.regex="ou=Before\
After,o=example[.]com,c=US$" read by * break
or
olcAccess: to dn.subtree="dc=example,dc=com" by dn.regex="ou=Before[
]After,o=example[.]com,c=US$" read by * break
or any regex that contains a literal space results in a parse error.
It seems like the string is broken on literal spaces irrespective of quoting.
Debug output from slapd:
64cd845c.253aa590 0x7fe6f4fc9640 slapd: line 0: regular expression "ou=Before\"
bad because of Trailing backslash
This should also include other methods for expressing white space such as
`:space:` or `\w` pattern matches.
olcAccess: to dn.subtree="dc=example,dc=com" by
dn.regex="ou=Before[[:space:]]After,o=example[.]com,c=US$" read by * break
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10073
Issue ID: 10073
Summary: database monitor | slapd fails to start when "database
ldap" without suffix exists
Product: OpenLDAP
Version: 2.5.14
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: cyusedfzfb(a)gmail.com
Target Milestone: ---
As requested on the mailinglist, I am filing an issue for this behaviour:
Today setup the cn=Monitor backend, and after doing so, openldap failed to
start with:
backend_startup_one (type=monitor, suffix="cn=Monitor"): bi_db_open failed!
(-1)
The reason turned out to be: we had configured one of our databases ("database
ldap") without a suffix.
After I added a suffix, openldap started, and cn=Monitor worked as expected.
It would be nice if this error message could become a little bit more specific.
:-)
Also: we've had the "database ldap" without a suffix in production working for
many years. Perhaps cn=Monitor should be able to deal with that config as
well..?
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10088
Issue ID: 10088
Summary: "DN index add failed" when renaming an entry
Product: OpenLDAP
Version: 2.5.13
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: git(a)zifbang.com
Target Milestone: ---
I recently updated a Docker image to the latest Debian release, which means I
got a new OpenLDAP version: 2.5.13 (not sure what it was before, but definitely
<=2.4.x). The old image's backend was HDB. That disappeared, so I made
changes(1) to use the default MDB store. Today I found out that one of my tests
is failing against this new image with a "DN index add failed" message. I
traced the message down to (2), but I don't understand what is causing the
message to be generated and cannot find any documentation on the function that
returned the error.
Basically, the test is renaming an entry to a very long name. This script shows
the error:
```sh
#!/usr/bin/env bash
set -e
function cleanup() {
echo "Stopping server..."
docker stop ldap-test 2>&1 1>/dev/null
}
trap cleanup EXIT
echo "Starting server..."
docker run --rm -d \
-p 1389:389 -p 1636:636 \
--name ldap-test \
ghcr.io/ldapjs/docker-test-openldap/openldap:2023-07-25 2>&1 1>/dev/null
echo "Waiting for server to start..."
sleep 3
echo "Renaming entry..."
docker exec ldap-test \
ldapmodrdn -x -H ldapi:/// \
-D 'cn=admin,dc=planetexpress,dc=com' \
-w 'GoodNewsEveryone' \
-v -d 2 \
'cn=Turanga Leela,ou=people,dc=planetexpress,dc=com' \
'cn=a292979f2c86d513d48bbb9786b564b3c5228146e5ba46f404724e322544a7304a2b1049168803a5485e2d57a544c6a0d860af91330acb77e5907a9e601ad1227e80e0dc50abe963b47a004f2c90f570450d0e920d15436fdc771e3bdac0487a9735473ed3a79361d1778d7e53a7fb0e5f01f97a75ef05837d1d5496fc86968ff47fcb64'
```
What changes do I need to make in order to solve this error? I have tried
applying the following ldif to my image creation, but it does not solve the
problem:
```ldif
dn: cn=config
changetype: modify
replace: oldIndexHash64
olcIndexHash64: TRUE
```
1: https://github.com/ldapjs/docker-test-openldap/pull/3/files
2:
https://git.openldap.org/openldap/openldap/-/blob/2738a32de3a324fc56effd44c…
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=8461
--- Comment #6 from Quanah Gibson-Mount <quanah(a)openldap.org> ---
*** Issue 10088 has been marked as a duplicate of this issue. ***
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=8461
Quanah Gibson-Mount <quanah(a)openldap.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |git(a)zifbang.com
--- Comment #5 from Quanah Gibson-Mount <quanah(a)openldap.org> ---
*** Issue 10088 has been marked as a duplicate of this issue. ***
--
You are receiving this mail because:
You are on the CC list for the issue.