openldap-bugs January 2024

openldap-bugs@openldap.org

1 participants
120 discussions

[Issue 10110] New: Chained searches skip callbacks for returned entries
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10110 Issue ID: 10110 Summary: Chained searches skip callbacks for returned entries Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Regardless of overlay ordering, slapo-chain's handling of entries returned will skip any callbacks that have been registered on the operation. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10076] New: suffixmassage in back-asyncmeta does not handle empty remote suffix correctly
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10076 Issue ID: 10076 Summary: suffixmassage in back-asyncmeta does not handle empty remote suffix correctly Product: OpenLDAP Version: 2.6.4 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- When configuring a suffixmassage directive on an asyncmeta database, a configuration like: suffixmassage "dc=example,dc=com" "" causes search requests to return error 34 "Invalid DN", because the empty remote suffix is massaged incorrectly, adding an unnecessary ",". The issue applies only to asyncmeta, on other proxies it functions correctly. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 10139] back-config discloses existence of entries contrary to ACL
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10139 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Group|OpenLDAP-devs | -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7420] Possible to bypass overlay unique and constraint
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=7420 --- Comment #11 from Quanah Gibson-Mount <quanah(a)openldap.org> --- commit d56dcccb6f6cfd590eb20628eec39ab815a65f5a Author: Howard Chu <hyc(a)openldap.org> Date: Sun Jan 28 04:43:44 2024 +0000 ITS#7420 clarify prev commit commit 03338946b3e165e3c703c57cede266c42418cc1f Author: Howard Chu <hyc(a)openldap.org> Date: Sun Jan 28 04:00:34 2024 +0000 ITS#7420 more for prev commit On naming error, don't free modvals -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 25 Jan '24

25 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #28 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Quanah Gibson-Mount from comment #27) > (In reply to Quanah Gibson-Mount from comment #26) > > Additionally, this was clearly documented in the UPGRADE section of the Admin guide. > > Specifically, in the OpenLDAP 2.5 admin guide section on upgrading from > OpenLDAP 2.4 or prior releases. https://www.openldap.org/doc/admin25/appendix-upgrading.html#Client%20utili… -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 25 Jan '24

25 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #27 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Quanah Gibson-Mount from comment #26) > Additionally, this was clearly documented in the UPGRADE section of the Admin guide. Specifically, in the OpenLDAP 2.5 admin guide section on upgrading from OpenLDAP 2.4 or prior releases. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 25 Jan '24

25 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #26 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to jel+git from comment #23) > 1) If one decides to drop an option, it should be > a) communicated clearly. > b) documented and alternatives shown Hello, The options were *clearly* marked as deprecated for the last 24 years in the man pages for the ldap client utilities. It appears whomever wrote the scripts in question chose to ignore this clearly documented deprecation of the options and used them anyway. Additionally, this was clearly documented in the UPGRADE section of the Admin guide. In other words, this change has been clearly communicated for years, and well documented. Perhaps in the future it would be wise to read the supplied upgrade documentation prior to performing an upgrade of software and to pay attention to deprecation notices in the software documentation instead of attacking a volunteer powered open source software project. Regards, Quanah -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10159] New: Unable to Use ldapi:// - ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
by openldap-its＠openldap.org 24 Jan '24

24 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10159 Issue ID: 10159 Summary: Unable to Use ldapi:// - ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) Product: OpenLDAP Version: 2.5.13 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: chilimili1(a)outlook.de Target Milestone: --- Problem: When attempting to use the ldapi:// URI to interact with the OpenLDAP server using commands like ldapmodify or ldapsearch, an error is encountered: ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1). Process is running # ps -aux |grep ldap ldap 9 0.0 0.4 42232968 79472 ? Sl Jan23 0:10 /usr/libexec/slapd -u ldap -h ldap:/// ldapi:/// ldaps:/// -F /etc/openldap/slapd.d -d 256 Troubleshooting Steps Taken: Verified the ldapi URI configuration. Inspected the OpenLDAP configuration using slapd.conf or cn=config. Examined ACLs and access control rules. Additional Information: OpenLDAP is running as a Docker container Docker Compose configuration includes port mappings for LDAP (3269:389) and LDAPS (3268:636). The whole configuration was migrated from a working Server Any additional insights or recommendations for resolving the ldapi connection issue would be greatly appreciated. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 24 Jan '24

24 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #25 from Howard Chu <hyc(a)openldap.org> --- Also: the time to raise objections to a change is before the release. The 2.5 call for testing went out in April 2021. https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/… You're about 3 years late complaining about the removal of a feature deprecated 24 years ago. Demanding that volunteers work on what you want the way you want won't fly. Only people who are actively involved will have their concerns listened to. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 24 Jan '24

24 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #24 from Howard Chu <hyc(a)openldap.org> --- A reminder that the OpenLDAP Project is worked solely by volunteers. Symas does not direct the operation of the Project. They merely provide support for what the Project releases. Your criticism of Symas is wholly out of place. Meanwhile, criticizing work that was given to you for free, without you ever lifting a finger to contribute, just makes you a selfish, entitled, ungrateful ass. If you think you can run things better, then actively contribute. That is the only way that open source projects advance. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs January 2024