https://bugs.openldap.org/show_bug.cgi?id=9398
Issue ID: 9398
Summary: Stale accesslog cookie due to unclean shutdown
Product: OpenLDAP
Version: 2.4.56
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
If slapd terminates uncleanly, a checkpoint will be lost on the accesslog db.
Depending on the syncprov overlay checkpoint settings (usually no checkpointing
is enabled on the accesslog db) this can cause the system to refuse engage in
replication at startup.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=9225
Bug ID: 9225
Summary: back-mdb: Add support for PREPARE/2-phase commit
Product: OpenLDAP
Version: 2.4.50
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
Add support for PREPARE/2-phase commit in back-mdb
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugs.openldap.org/show_bug.cgi?id=9186
Bug ID: 9186
Summary: RFE: More metrics in cn=monitor
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: backends
Assignee: bugs(a)openldap.org
Reporter: michael(a)stroeder.com
Target Milestone: ---
Currently I'm grepping metrics from syslog with mtail:
https://gitlab.com/ae-dir/ansible-ae-dir-server/-/blob/master/templates/mta…
With a new binary logging this is not possible anymore.
Thus it would be nice if cn=monitor provides more metrics.
1. Overall connection count per listener starting at 0 when started. This would
be a simple counter added to:
entries cn=Listener 0,cn=Listeners,cn=Monitor
2. Counter for the various "deferring" messages separated by the reason for
deferring.
3. Counters for all possible result codes. In my mtail program I also label it
with the result type.
--
You are receiving this mail because:
You are on the CC list for the bug.
https://bugs.openldap.org/show_bug.cgi?id=9796
Issue ID: 9796
Summary: Deprecate GnuTLS support
Product: OpenLDAP
Version: 2.6.1
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: libraries
Assignee: bugs(a)openldap.org
Reporter: quanah(a)openldap.org
Target Milestone: ---
Support for GnuTLS was added specifically for the Debian (and thus Ubuntu) due
to the license objections at the time that the Debian project had for the
OpenSSL license.
Since that time, Debian has reclassified OpenSSL as a core library and the
OpenSSL project has resolved the original complaint by licensing OpenSSL 3 and
later under the Apache License v2.
Thus there is no longer a reason to maintain support for GnuTLS and given the
long standing concerns over the security and quality of the GnuTLS bridge in
addition to the extra cost of maintaining that code, it should be marked as
deprecated and removed in a future release.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10147
Issue ID: 10147
Summary: Bind dn is getting malformed inside ldap_sasl_bind
function
Product: OpenLDAP
Version: 2.6.3
Hardware: x86_64
OS: Linux
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: satishkumar1728(a)gmail.com
Target Milestone: ---
Hi team,
We are using open ldap version 2.6 in one of our application processes.
We are using ldap_sasl_bind function defined in open ldap api to send bind
request to ldap server.
We are passing the dn name to the above function and it is parsing the dn name
as expected.
We have added some print statements inside ldap_sasl_bind function and it is
printing the dn string that we passed to the function.
Also, ldap_sasl_bind function will accept const char pointer to dn as an
argument. So, it cannot modify the dn string inside the function.
But somehow the bind dn is getting malformed and we are getting failed bind
response from the ldap server (invalid DN).
We did some analysis using tcpdump and we found out that the dn string that we
passed to the ldap_sasl_bind function and the dn string from the tcpdump are
different.
We did some code walkthrough of ldap_sasl_bind function and it is observed that
it is doing some ber encoding of dn name inside the function.
We are suspecting that the encoding is not happening properly.
Example dn that we passed to ldap_sasl_bin function: "uid=abc, ou=users,
dc=fds, dc=mr"
Dn name that was captured in tcpdump at source: "uid=abc, o dc= dc= dc= dc=
dc=mr"
Is there any specific reason for the bind DN to get malformed like this inside
ldap_sasl_bind function.
Do you have any observations like this in any scenario. Kindly provide some
inputs to resolve this issue.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10175
Issue ID: 10175
Summary: Secure LDAP is not working on GCC 10.3.0
Product: OpenLDAP
Version: 2.6.3
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: libraries
Assignee: bugs(a)openldap.org
Reporter: bluesoulprince(a)gmail.com
Target Milestone: ---
Hi Team,
We have recently migrated our C++ application which is using OpenLDAP 2.6 to
GCC version 10.3.0.
We are observing difference in LDAP behavior. The non-secure version of LDAP is
able to return the result in GCC 10.3.0, however when we switch to secure LDAP,
it is not able to return with result.
There was no compilation / build issue observed while building our application.
Our query is, does secure LDAP from OpenLDAP ver 2.6 have any compatibility
issues over GCC 10.3.0?
If there are any issues identified over this version, how to resolve those? in
which version fixes for them are available?
Thanks,
Vivek
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10140
Issue ID: 10140
Summary: Add microsecond timestamp format for local file
logging
Product: OpenLDAP
Version: 2.6.6
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: bugs(a)openldap.org
Reporter: gnoe(a)symas.com
Target Milestone: ---
Add microsecond-level timestamps to local file logging.
Format is:
"YYYY-mm-ddTHH:MM:SS.ffffffZ"
The attached patch file is derived from OpenLDAP Software. All of the
modifications to OpenLDAP Software represented in the following patch(es) were
developed by Gregory Noe gnoe(a)symas.com. I have not assigned rights and/or
interest in this work to any party.
The attached modifications to OpenLDAP Software are subject to the following
notice:
Copyright 2023 Gregory Noe
Redistribution and use in source and binary forms, with or without
modification, are permitted only as authorized by the OpenLDAP Public License.
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10138
Issue ID: 10138
Summary: Allow generating multiple nested read transactions
from a write transaction
Product: LMDB
Version: 0.9.30
Hardware: All
OS: All
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: liblmdb
Assignee: bugs(a)openldap.org
Reporter: renault.cle(a)gmail.com
Target Milestone: ---
Hello,
I have a feature request. Would it be possible to read a database from the
point of view of a non-yet-committed write transaction?
What I want to do is to write a lot of entries into a database, use a couple of
threads to read those entries (using MDB_NOTLS) to generate a lot of new
entries (that will be written to disk and then once the generation is done,
drop the read-transaction handles and write (with MDB_APPEND) those new entries
from disk into LMDB.
This would have been possible if I had committed the first entries, but
unfortunately, it is impossible. I need to do this in the same transaction.
Have a great day,
kero
--
You are receiving this mail because:
You are on the CC list for the issue.
https://bugs.openldap.org/show_bug.cgi?id=10220
Issue ID: 10220
Summary: Feature Request: new option for append-only write
transaction
Product: LMDB
Version: unspecified
Hardware: x86_64
OS: Linux
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: liblmdb
Assignee: bugs(a)openldap.org
Reporter: xhtang518(a)gmail.com
Target Milestone: ---
My project uses LMDB to store values larger than 100KB, and rarely delete
values. So I can afford wasting some space on free pages, then LMDB can reduce
4KB-write operations and improve write performance when committing write
transactions.
I suppose this feature is not hard to implement: just pretend the free-list is
empty in this transaction if the new option is present.
Is this feature reasonable?
--
You are receiving this mail because:
You are on the CC list for the issue.