openldap-bugs April 2024

openldap-bugs@openldap.org

1 participants
83 discussions

[Issue 10207] New: configure: Syntax error: Unterminated quoted string (2.6.8 (RE26))
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10207 Issue ID: 10207 Summary: configure: Syntax error: Unterminated quoted string (2.6.8 (RE26)) Product: OpenLDAP Version: unspecified Hardware: All OS: FreeBSD Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: brett(a)gladserv.com Target Milestone: --- Created attachment 1017 --> https://bugs.openldap.org/attachment.cgi?id=1017&action=edit Patch for configure.ac Testing RE26 (2.6.8) On FreeBSD and NetBSD, configure fails with the following error: checking whether stripping libraries is possible... yes checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes ./configure: 13865: Syntax error: Unterminated quoted string Patch for configure.ac attached. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10161] New: Move nested group support to its own overlay
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10161 Issue ID: 10161 Summary: Move nested group support to its own overlay Product: OpenLDAP Version: 2.6.6 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: enhancement Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Adding the feature to dynlist has made that code overly complex, along with killing performance. -- You are receiving this mail because: You are on the CC list for the issue.

1 10

[Issue 10185] New: autogroup doesn't populate members in newly added dynamic groups
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10185 Issue ID: 10185 Summary: autogroup doesn't populate members in newly added dynamic groups Product: OpenLDAP Version: 2.6.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- This was broken in 316afb1190c4fa8d96dc56b38b41f4a6ffb163e9 ITS#6970 -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10183] New: ldapadd jump option
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10183 Issue ID: 10183 Summary: ldapadd jump option Product: OpenLDAP Version: 2.6.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: enhancement Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Same as the jump option added for slapadd in ITS#4555. Should have been added long ago. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 10167] New: slapo-memberof should have a way of reacting to a member entry being added after group referencing it
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10167 Issue ID: 10167 Summary: slapo-memberof should have a way of reacting to a member entry being added after group referencing it Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- If a group (with member: values) is added before the member entries exist, the memberof values never get populated. This can happen e.g. during replication. No idea how it meshes with the refint functionality of memberof if it's indeed reconcilable at all. Silly example (Hird's memberof will be empty): ```ldif dn: cn=GNU,ou=Groups,dc=example,dc=com objectClass: groupOfNames member: cn=Hurd,ou=Groups,dc=example,dc=com dn: cn=Hurd,ou=Groups,dc=example,dc=com objectClass: groupOfNames member: cn=Hird,ou=Groups,dc=example,dc=com member: cn=Roger Rabbit,ou=People,dc=example,dc=com dn: cn=Hird,ou=Groups,dc=example,dc=com objectClass: groupOfNames member: cn=Tweety Bird,ou=People,dc=example,dc=com member: cn=Hurd,ou=Groups,dc=example,dc=com ``` -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10186] New: Overlay response callbacks should ignore op->o_abandon
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10186 Issue ID: 10186 Summary: Overlay response callbacks should ignore op->o_abandon Product: OpenLDAP Version: 2.6.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Overlays that need to perform other DB write operations in their response callbacks usually create a new Operation by copying the existing *op. If the op had its o_abandon flag set, then every op the overlay starts will be immediately abandoned instead of executing. They should zero out the op->o_abandon flag, because the fact that the response callback got invoked means the original operation already completed. If the main op actually observed the abandon request, the response callbacks wouldn't have gotten triggered. This in particular affects the memberof overlay, which must perform other modifications after the main op completes. It also affects the contrib autogroup overlay. It might be relevant for accesslog as well, but I haven't looked at that yet. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10176] New: new atexit() call to atexit(ldap_exit_tls_destroy) in 2.5.17 crashes AIX application
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10176 Issue ID: 10176 Summary: new atexit() call to atexit(ldap_exit_tls_destroy) in 2.5.17 crashes AIX application Product: OpenLDAP Version: 2.5.17 Hardware: Other OS: Other Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: philip.miloslavsky(a)gmail.com Target Milestone: --- We have a long standing openldap application that's being ported from 2.4.58 to 2.5.17. On ppc AIX (but not on linux for which we also build), when we exit the main application we get a crash in exit() because it is trying to run the atexit which LDAP regsitered, but ldap has already been unloaded and the unloading caused that atexit function pointer to become zero. So I tracked it to this line of code in ldap 2.5.17 that was not there in 2.4.58 libraries/libldap/tls2.c: atexit( ldap_exit_tls_destroy ); If I remove that line of code, my issue goes away. So, now on to dlcose and atexit. So we have a main kernel (irisdb), a C++ library (ldap.so) that we wrote that calls ldap client libraries, and the 2 actual openldap libraries which ldap.so is linked against. During irisdb exit (the h command) irisdb does call dlclose on ldap.so, which as a side effect results in the unloading of the 2 official openldap libraries, but no one calls unatexit() (on the 0x09001000a04947a8 below). After the 3 libraries are unloaded, the atexit registration is still there but its been replaced with zeroes. At what point in this process should we call unatexit or some LDAP function and why does this sequence of events work right on linux but not AIX? [5] stop in ldap_unbind_s (dbx) c [1] stopped in unload_sharedlib at line 7793 in file "/nethome/pmilosla/perforce/projects/OpenLDAP4/kernel/common/src/cdzf.c" ($t1) 7793 if (!libptr) (dbx) where unload_sharedlib(libptr = 0x0000000000000004), line 7793 in "cdzf.c" UnloadZFETable(zfetabdescp = 0x0a00010000032790), line 7346 in "cdzf.c" ResetZFETable(), line 7940 in "cdzf.c" zfrundown(), line 10135 in "cdzf.c" chsub2(), line 3480 in "dmisc2.c" chalt(flag = 1), line 3222 in "dmisc2.c" Chaltcmd(), line 3146 in "dmisc2.c" (dbx) p zfetabdescp->fnameptr "/home/gavlak/gavlakcre7424/bin/ldap.so" (dbx) 0x09001000a04947a8/2x 0x09001000a04947a8: 0900 0000 (dbx) 0x09001000a04947a8/4x 0x09001000a04947a8: 0900 0000 0491 8ec0 (dbx) c [3] stopped in dlclose at 0x90000000029da40 ($t1) 0x90000000029da40 (dlclose) 7c0802a6 mflr r0 (dbx) where dlclose(0x4) at 0x90000000029da40 unload_sharedlib(libptr = 0x0000000000000004), line 7804 in "cdzf.c" UnloadZFETable(zfetabdescp = 0x0a00010000032790), line 7346 in "cdzf.c" ResetZFETable(), line 7940 in "cdzf.c" zfrundown(), line 10135 in "cdzf.c" chsub2(), line 3480 in "dmisc2.c" chalt(flag = 1), line 3222 in "dmisc2.c" Chaltcmd(), line 3146 in "dmisc2.c" (dbx) p zfetabdescp->fnameptr "/home/gavlak/gavlakcre7424/bin/ldap.so" (dbx) c [2] stopped in exit at 0x9000000002524a0 ($t1) 0x9000000002524a0 (exit) 7c0802a6 mflr r0 (dbx) 0x09001000a04947a8/4x 0x09001000a04947a8: 0000 0000 0000 0000 (dbx) c Illegal instruction in . at 0x0 ($t1) 0x0000000000000000 00000000 Invalid opcode. (dbx) where .() at 0x0 exit(??) at 0x900000000252610 syshalt(a = 0), line 6925 in "emisc.c" chalt(flag = 1), line 3227 in "dmisc2.c" Chaltcmd(), line 3146 in "dmisc2.c" -- You are receiving this mail because: You are on the CC list for the issue.

1 17

[Issue 10170] New: accesslog breaks if internal ops done in startup
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10170 Issue ID: 10170 Summary: accesslog breaks if internal ops done in startup Product: OpenLDAP Version: 2.5.17 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- If some other overlay performs some internal operations in its db_open handler, before all DBs and overlays are fully initialized, and accesslog_response is invoked, it may crash if its logDB hasn't been initialized yet. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 10044] New: dynlist sometimes crashes when a search operation is abandoned
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10044 Issue ID: 10044 Summary: dynlist sometimes crashes when a search operation is abandoned Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Playing with the DB provided in ITS#10041 on master, interrupting the ldapsearch sometimes leads to a slapd crash. It's not 100% repeatable and the debugger shows dynlist_search2resp touching memory freed by dynlist_search_cleanup already, which doesn't make sense. Might be something else is happening at the same time. -- You are receiving this mail because: You are on the CC list for the issue.

1 11

[Issue 10165] New: back-meta fails to bind to target when proxying an internal operation
by openldap-its＠openldap.org 21 May '24

21 May '24

https://bugs.openldap.org/show_bug.cgi?id=10165 Issue ID: 10165 Summary: back-meta fails to bind to target when proxying an internal operation Product: OpenLDAP Version: 2.6.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- When the target is configured as follows: idassert-bind bindmethod=sasl saslmech=EXTERNAL authz=proxyauthz flags=override and an overlay issues an internal operation, back-meta attempts to open a new connection to the target, but the bind fails, so the internal operation cannot be executed. The target server returns the following error (as logged by back-meta): <unauthenticated bind (DN with no password) disallowed> Example configuration of the target server: authz-regexp gidNumber=.*\+uidNumber=.*,cn=peercred,cn=external,cn=auth cn=config logfile ./main.log database config database mdb directory ./main rootdn cn=config suffix o=example.com overlay accesslog logdb cn=log logops writes logsuccess true database mdb suffix cn=log directory ./log -- You are receiving this mail because: You are on the CC list for the issue.

1 5

← Newer
1
2
3
4
5
6
7
8
9
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs April 2024