https://bugs.openldap.org/show_bug.cgi?id=10164
Issue ID: 10164
Summary: back-meta hangs when used with dynlist overlay
Product: OpenLDAP
Version: 2.6.7
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: nivanova(a)symas.com
Target Milestone: ---
When back-meta is configured with the dynlist overlay, on a search request that
triggers dynlist, it will hang. This happens because of a bug in back-meta that
is only revealed when an overlay issues an internal operation while processing
a result or an entry, as dynlist does, as apposed to issuing it when the client
op is first received ( on the way "down" to the backend).
The issue is reproduced by configuring dynlist over a back-meta database, and
sending a subtree search request with the database suffix as dn.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9823
Issue ID: 9823
Summary: syncprov doesn't fallback when deltasync consumer's
offline beyond accesslog depth
Product: OpenLDAP
Version: 2.6.1
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: smckinney(a)symas.com
Target Milestone: ---
Configured w/ deltasync. When a consumer goes offline for a duration exceeding
the the logpurge interval, won't fallback into syncrepl, resulting in a dsync.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10165
Issue ID: 10165
Summary: back-meta fails to bind to target when proxying an
internal operation
Product: OpenLDAP
Version: 2.6.7
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: nivanova(a)symas.com
Target Milestone: ---
When the target is configured as follows:
idassert-bind bindmethod=sasl saslmech=EXTERNAL authz=proxyauthz flags=override
and an overlay issues an internal operation, back-meta attempts to open a new
connection to the target, but the bind fails, so the internal operation cannot
be executed.
The target server returns the following error (as logged by back-meta):
<unauthenticated bind (DN with no password) disallowed>
Example configuration of the target server:
authz-regexp gidNumber=.*\+uidNumber=.*,cn=peercred,cn=external,cn=auth
cn=config
logfile ./main.log
database config
database mdb
directory ./main
rootdn cn=config
suffix o=example.com
overlay accesslog
logdb cn=log
logops writes
logsuccess true
database mdb
suffix cn=log
directory ./log
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10160
Issue ID: 10160
Summary: Add negset and negurl for slapo-constraint
Product: OpenLDAP
Version: 2.6.6
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: overlays
Assignee: bugs(a)openldap.org
Reporter: manu(a)netbsd.org
Target Milestone: ---
Created attachment 1003
--> https://bugs.openldap.org/attachment.cgi?id=1003&action=edit
Add negset and negurl for slapo-constraint
Add negset and negurl constraints for slapo-constraint. THe two new types are
logical not of set and url. They will fire a constraint violation if the set or
LDAP URL query is non empty.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10163
Issue ID: 10163
Summary: Cleanup configure/test integration
Product: OpenLDAP
Version: 2.6.6
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: build
Assignee: bugs(a)openldap.org
Reporter: hyc(a)openldap.org
Target Milestone: ---
The sed commandline configure uses to perform substitutions is getting unwieldy
and may be exceeding platform limits on various systems.
All of the BUILD_xxx substitutions for overlays are only used in tests/run.in.
They could be completely removed, and instead each of the enabled overlays
could be emitted into a separate file that just gets included by the test
scripts. There's no need for them to be part of the sed invocation at all.
There's also leftover BUILD_xxx cruft from backends that we've removed (e.g.
back-shell BUILD_SHELL) that nothing else in the tree references any more.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9795
Issue ID: 9795
Summary: Remove memberof overlay
Product: OpenLDAP
Version: 2.6.1
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: overlays
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
The memberof overlay was deprecated with the release of OpenLDAP 2.5. It
should be removed prior for the next minor release (i.e., 2.7)
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=7249
--- Comment #18 from Ondřej Kuzník <ondra(a)mistotebe.net> ---
Looking at the Arch patch, might be related to ITS#10135?
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=6509
Ondřej Kuzník <ondra(a)mistotebe.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://bugs.openldap.org/s
| |how_bug.cgi?id=10161
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10014
Issue ID: 10014
Summary: TLS handle using MbedTLS
Product: OpenLDAP
Version: 2.6.4
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: contrib
Assignee: bugs(a)openldap.org
Reporter: johan.pascal(a)linphone.org
Target Milestone: ---
Created attachment 950
--> https://bugs.openldap.org/attachment.cgi?id=950&action=edit
Add a TLS handle using MbedTLS
Hi,
I wrote a TLS handle based on MbedTLS.
I attach the patch here but I can also put in on gitlab and make a merge
request there.
The patch contains the minimal modifications to build openldap using MbedTLS as
backend for TLS. You must run aclocal, autoheader amd autoconf to regenerate
the archived aclocal.m4, configure and include/portable.hin files.
This contribution was originally written for the linphone project, and
copyright belongs to Belledonne Communications SARL.
The attached file is derived from OpenLDAP Software. All of the modifications
to OpenLDAP Software represented in the following patch were developed by
Belledonne Communications SARL. Belledonne Communications SARL has not assigned
rights and/or interest in this work to any party. I, Johan Pascal am authorized
by Belledonne Communications, my employer, to release this work under the
following terms.
The attached modifications to OpenLDAP Software are subject to the following
notice:
Copyright 2010-2023 Belledonne Communications SARL
Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP Public License.
--
You are receiving this mail because:
You are on the CC list for the issue.