openldap-bugs

openldap-bugs@openldap.org

1 participants
20967 discussions

Re: (ITS#7763) undefined references during LTO enabled build
by hyc＠symas.com 13 Dec '13

13 Dec '13

nheghathivhistha(a)gmail.com wrote: > Full_Name: David Kredba > Version: 2.4.38 > OS: Linux > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (88.101.228.82) > > > I am trying to rebuild my system with LTO enabled gcc. > > Compilation of Gentoo package /net-nds/openldap-2.4.38-r1 ended with: You cut off the trace just at the crucial line. It should say, e.g.: ar ru librewrite.a config.o context.o info.o ldapmap.o map.o params.o rule.o session.o subst.o var.o xmap.o version.o ar: creating librewrite.a Anyway, I see no build errors here. Closing this ITS. Ask for help on the -technical mailing list. > x86_64-pc-linux-gnu-ar: creating librewrite.a > /bin/bash ../../libtool --mode=link x86_64-pc-linux-gnu-gcc -O2 -ggdb -pipe > -march=native -mtune=native -flto=4 -fuse-linker-plugin -D_GNU_SOURCE > -Wl,--as-needed -Wl,-O1 -Wl,--hash-style=gnu -Wl,--sort-common -O2 -ggdb -pipe > -march=native -mtune=native -flto=4 -fuse-linker-plugin -o rewrite rewrite.o > parse.o librewrite.a ../../libraries/liblutil/liblutil.a > ../../libraries/libldap_r/libldap_r.la ../../libraries/liblber/liblber.la > -lssl -lcrypto -lcrypt -lresolv -pthread > libtool: link: x86_64-pc-linux-gnu-gcc -O2 -ggdb -pipe -march=native > -mtune=native -flto=4 -fuse-linker-plugin -D_GNU_SOURCE -Wl,-O1 > -Wl,--hash-style=gnu -Wl,--sort-common -O2 -ggdb -pipe -march=native > -mtune=native -flto=4 -fuse-linker-plugin -o .libs/rewrite rewrite.o parse.o > -pthread -Wl,--as-needed librewrite.a ../../libraries/liblutil/liblutil.a > ../../libraries/libldap_r/.libs/libldap_r.so > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/liblber/.libs/liblber.so > ../../libraries/liblber/.libs/liblber.so -lssl -lcrypto -lcrypt -lresolv > -pthread > /var/tmp/portage/net-nds/openldap-2.4.38-r1/temp/ccTxyjV6.ltrans0.ltrans.o: In > function `rewrite_read': > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/parse.c:112: > undefined reference to `rewrite_parse' > /var/tmp/portage/net-nds/openldap-2.4.38-r1/temp/ccTxyjV6.ltrans0.ltrans.o: In > function `main': > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:141: > undefined reference to `lutil_atoix' > /var/tmp/portage/net-nds/openldap-2.4.38-r1/temp/ccTxyjV6.ltrans0.ltrans.o: In > function `apply': > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:52: > undefined reference to `rewrite_info_init' > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:58: > undefined reference to `rewrite_param_set' > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:60: > undefined reference to `rewrite_session_init' > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:75: > undefined reference to `rewrite_session' > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:120: > undefined reference to `rewrite_session_delete' > /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:122: > undefined reference to `rewrite_info_delete' > collect2: error: ld returned 1 exit status > Makefile:290: recipe for target 'rewrite' failed > make[2]: *** [rewrite] Error 1 > make[2]: Leaving directory > '/var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite' > Makefile:296: recipe for target 'all-common' failed > make[1]: *** [all-common] Error 1 > make[1]: Leaving directory > '/var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries' > Makefile:312: recipe for target 'all-common' failed > > Coul you kindly please look into it? I think that header(s) can be missing in > source files and library(ies) at link time. > > I uploaded david-kredba-20131213-build.log and david-kredba-20131213-config.log > to your ftp server. > > Thank you in advance. > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#7763) undefined references during LTO enabled build
by nheghathivhistha＠gmail.com 13 Dec '13

13 Dec '13

Full_Name: David Kredba Version: 2.4.38 OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (88.101.228.82) I am trying to rebuild my system with LTO enabled gcc. Compilation of Gentoo package /net-nds/openldap-2.4.38-r1 ended with: x86_64-pc-linux-gnu-ar: creating librewrite.a /bin/bash ../../libtool --mode=link x86_64-pc-linux-gnu-gcc -O2 -ggdb -pipe -march=native -mtune=native -flto=4 -fuse-linker-plugin -D_GNU_SOURCE -Wl,--as-needed -Wl,-O1 -Wl,--hash-style=gnu -Wl,--sort-common -O2 -ggdb -pipe -march=native -mtune=native -flto=4 -fuse-linker-plugin -o rewrite rewrite.o parse.o librewrite.a ../../libraries/liblutil/liblutil.a ../../libraries/libldap_r/libldap_r.la ../../libraries/liblber/liblber.la -lssl -lcrypto -lcrypt -lresolv -pthread libtool: link: x86_64-pc-linux-gnu-gcc -O2 -ggdb -pipe -march=native -mtune=native -flto=4 -fuse-linker-plugin -D_GNU_SOURCE -Wl,-O1 -Wl,--hash-style=gnu -Wl,--sort-common -O2 -ggdb -pipe -march=native -mtune=native -flto=4 -fuse-linker-plugin -o .libs/rewrite rewrite.o parse.o -pthread -Wl,--as-needed librewrite.a ../../libraries/liblutil/liblutil.a ../../libraries/libldap_r/.libs/libldap_r.so /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/liblber/.libs/liblber.so ../../libraries/liblber/.libs/liblber.so -lssl -lcrypto -lcrypt -lresolv -pthread /var/tmp/portage/net-nds/openldap-2.4.38-r1/temp/ccTxyjV6.ltrans0.ltrans.o: In function `rewrite_read': /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/parse.c:112: undefined reference to `rewrite_parse' /var/tmp/portage/net-nds/openldap-2.4.38-r1/temp/ccTxyjV6.ltrans0.ltrans.o: In function `main': /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:141: undefined reference to `lutil_atoix' /var/tmp/portage/net-nds/openldap-2.4.38-r1/temp/ccTxyjV6.ltrans0.ltrans.o: In function `apply': /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:52: undefined reference to `rewrite_info_init' /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:58: undefined reference to `rewrite_param_set' /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:60: undefined reference to `rewrite_session_init' /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:75: undefined reference to `rewrite_session' /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:120: undefined reference to `rewrite_session_delete' /var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite/rewrite.c:122: undefined reference to `rewrite_info_delete' collect2: error: ld returned 1 exit status Makefile:290: recipe for target 'rewrite' failed make[2]: *** [rewrite] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries/librewrite' Makefile:296: recipe for target 'all-common' failed make[1]: *** [all-common] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-nds/openldap-2.4.38-r1/work/openldap-2.4.38/libraries' Makefile:312: recipe for target 'all-common' failed Coul you kindly please look into it? I think that header(s) can be missing in source files and library(ies) at link time. I uploaded david-kredba-20131213-build.log and david-kredba-20131213-config.log to your ftp server. Thank you in advance.

1 0

Re: (ITS#7762) ldap_dn2bv_x misbehaves for "empty" dn
by hyc＠symas.com 11 Dec '13

11 Dec '13

marc.schmitzer(a)richard-wolf.com wrote: > Full_Name: Marc Schmitzer > Version: 2.4.28 > OS: Linux > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (217.6.229.211) > > > The ldap_dn2bv_x function misbehaves for the LDAPV2 and LDAPV3 formats when it > is passed an "empty" DN in the form of an LDAPRDN-array whose first element is > NULL. The "len" variable remains zero throughout the function, as no RDNS are > processed. Finally, the bv_len member of the output struct berval is set to > len-1. The result is a berval with bv_len = UINT_MAX. > > Tested with 2.4.28, but the problem appears to present in the current git master > as well. Thanks for the report, fixed now in git master. > > The following code snippet demonstrates the problem: > > #include <stdio.h> > #include <ldap.h> > > int main(int argc, char** argv) > { > LDAPRDN dn[1] = { NULL }; > struct berval bv = { 0, NULL }; > int res = ldap_dn2bv(dn, &bv, LDAP_DN_FORMAT_LDAPV3); > > printf("res: %d\n", res); > printf("len: %u\n", (unsigned int) bv.bv_len); > > return 0; > } > > > Output: > res: 0 > len: 4294967295 > > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#7762) ldap_dn2bv_x misbehaves for "empty" dn
by marc.schmitzer＠richard-wolf.com 11 Dec '13

11 Dec '13

Full_Name: Marc Schmitzer Version: 2.4.28 OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (217.6.229.211) The ldap_dn2bv_x function misbehaves for the LDAPV2 and LDAPV3 formats when it is passed an "empty" DN in the form of an LDAPRDN-array whose first element is NULL. The "len" variable remains zero throughout the function, as no RDNS are processed. Finally, the bv_len member of the output struct berval is set to len-1. The result is a berval with bv_len = UINT_MAX. Tested with 2.4.28, but the problem appears to present in the current git master as well. The following code snippet demonstrates the problem: #include <stdio.h> #include <ldap.h> int main(int argc, char** argv) { LDAPRDN dn[1] = { NULL }; struct berval bv = { 0, NULL }; int res = ldap_dn2bv(dn, &bv, LDAP_DN_FORMAT_LDAPV3); printf("res: %d\n", res); printf("len: %u\n", (unsigned int) bv.bv_len); return 0; } Output: res: 0 len: 4294967295

1 0

(ITS#7761) Issue with modifying loglevel during long search operation
by mwarren＠symas.com 10 Dec '13

10 Dec '13

Full_Name: Mark Warren Version: 2.4.38 OS: RHEL 5 x86-64 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (199.190.53.83) There is an issue where OpenLDAP will stop sending search results and fail to update a dynamic config when the loglevel is modified during a long search operation. Symptoms: * No further search results sent to client although internally the operation continues. * Log level change does not take effect Cause(Via Howard): * send_search_entry() correctly returns an error because back-config wants a pause * back-bdb/back-hdb ignores this error * The entry it tried to send doesn't get sent, and it just loops back to fetch the next entry instead of quitting Steps to reproduce: 1. Create large sample database. 2 million entries was more than sufficient locally. 2. Issue a search request for all entries. 3. Submit a modify request on olcLogLevel within cn=config while the above search is still in progress. Notes(Also via Howard): * This is not a total hang as everything should resume after the internal search operation finishes. Regards, Mark Warren

1 0

Re: (ITS#7759) Wrong parsing of LDAP message
by hyc＠symas.com 09 Dec '13

09 Dec '13

This is a multi-part message in MIME format. --------------050905040301060400050300 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Lukas Slebodnik wrote: > On (09/12/13 04:01), Howard Chu wrote: >>>> Meanwhile you can refer to draft-behera-ldap-password-policy for the >>>> specification of the response control. The control value is mandatory >>>> for this control. >>> If I read draft "6.2. Response Control" correctly, >>> http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-6.2 >>> response can be sequence of "PasswordPolicyResponseValue". >>> I think that sequence means "0 or more values" >> >> The sequence is required to begin with a Sequence marker. >> >>> In theory, there needn't be any password policy response value after control >>> type. In this case, either my patch or your patch are wrong. >>> Did I miss something? >>> >>> The controlType is 1.3.6.1.4.1.42.2.27.8.5.1 and the controlValue is >>> the BER encoding of the following type: >> >> "the controlValue is the BER encoding of a Sequence." - even if the >> sequence has zero members, it cannot be omitted. >> > Thank you for your explanation. > > I am attaching output from ldapwhoami with enabled ppolicy, > but I am sure that problem is in the server apacheds, because there is nothing > after controlType 1.3.6.1.4.1.42.2.27.8.5.1 > (at least Sequence marker should be after controlType) Agreed, that looks like an ApacheDS bug. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/ --------------050905040301060400050300 Content-Type: text/plain; charset=UTF-8; name="ldapwhoami.log" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="ldapwhoami.log" W3Jvb3RAdm0tMjE5IH5dIyBsZGFwd2hvYW1pIC1kNyAtRCAiY249V2lsbGlhbSBCdXNoLG91 PXBlb3BsZSxkYz1leGFtcGxlLGRjPXNrIiAtdyBqYWhvZGEuMTIzIC1IIGxkYXA6Ly92bS0x MzcuaWRtLmxhYi5sb2NhbCAtZSBwcG9saWN5CmxkYXBfdXJsX3BhcnNlX2V4dChsZGFwOi8v dm0tMTM3LmlkbS5sYWIubG9jYWwpCmxkYXBfY3JlYXRlCmxkYXBfdXJsX3BhcnNlX2V4dChs ZGFwOi8vdm0tMTM3LmlkbS5sYWIubG9jYWw6Mzg5Lz8/YmFzZSkKbGRhcF9zYXNsX2JpbmQK bGRhcF9zZW5kX2luaXRpYWxfcmVxdWVzdApsZGFwX25ld19jb25uZWN0aW9uIDEgMSAwCmxk YXBfaW50X29wZW5fY29ubmVjdGlvbgpsZGFwX2Nvbm5lY3RfdG9faG9zdDogVENQIHZtLTEz Ny5pZG0ubGFiLmxvY2FsOjM4OQpsZGFwX25ld19zb2NrZXQ6IDMKbGRhcF9wcmVwYXJlX3Nv Y2tldDogMwpsZGFwX2Nvbm5lY3RfdG9faG9zdDogVHJ5aW5nIDEwLjM0LjQ3LjEzNzozODkK bGRhcF9wdnRfY29ubmVjdDogZmQ6IDMgdG06IC0xIGFzeW5jOiAwCmF0dGVtcHRpbmcgdG8g Y29ubmVjdDogCmNvbm5lY3Qgc3VjY2VzcwpsZGFwX29wZW5fZGVmY29ubjogc3VjY2Vzc2Z1 bApsZGFwX3NlbmRfc2VydmVyX3JlcXVlc3QKYmVyX3NjYW5mIGZtdCAoe2l0KSBiZXI6CmJl cl9zY2FuZiBmbXQgKHtpKSBiZXI6CmJlcl9mbHVzaDI6IDk3IGJ5dGVzIHRvIHNkIDMKbGRh cF93cml0ZTogd2FudD05Nywgd3JpdHRlbj05NwogIDAwMDA6ICAzMCA1ZiAwMiAwMSAwMSA2 MCAzYiAwMiAgMDEgMDMgMDQgMmEgNjMgNmUgM2QgNTcgICAwXy4uLmA7Li4uLipjbj1XICAK ICAwMDEwOiAgNjkgNmMgNmMgNjkgNjEgNmQgMjAgNDIgIDc1IDczIDY4IDJjIDZmIDc1IDNk IDcwICAgaWxsaWFtIEJ1c2gsb3U9cCAgCiAgMDAyMDogIDY1IDZmIDcwIDZjIDY1IDJjIDY0 IDYzICAzZCA2NSA3OCA2MSA2ZCA3MCA2YyA2NSAgIGVvcGxlLGRjPWV4YW1wbGUgIAogIDAw MzA6ICAyYyA2NCA2MyAzZCA3MyA2YiA4MCAwYSAgNmEgNjEgNjggNmYgNjQgNjEgMmUgMzEg ICAsZGM9c2suLmphaG9kYS4xICAKICAwMDQwOiAgMzIgMzMgYTAgMWQgMzAgMWIgMDQgMTkg IDMxIDJlIDMzIDJlIDM2IDJlIDMxIDJlICAgMjMuLjAuLi4xLjMuNi4xLiAgCiAgMDA1MDog IDM0IDJlIDMxIDJlIDM0IDMyIDJlIDMyICAyZSAzMiAzNyAyZSAzOCAyZSAzNSAyZSAgIDQu MS40Mi4yLjI3LjguNS4gIAogIDAwNjA6ICAzMSAgICAgICAgICAgICAgICAgICAgICAgICAg ICAgICAgICAgICAgICAgICAgICAgICAxICAgICAgICAgICAgICAgICAKbGRhcF9yZXN1bHQg bGQgMHg3ZmMwZTg1N2JkNTAgbXNnaWQgMQp3YWl0NG1zZyBsZCAweDdmYzBlODU3YmQ1MCBt c2dpZCAxIChpbmZpbml0ZSB0aW1lb3V0KQp3YWl0NG1zZyBjb250aW51ZSBsZCAweDdmYzBl ODU3YmQ1MCBtc2dpZCAxIGFsbCAxCioqIGxkIDB4N2ZjMGU4NTdiZDUwIENvbm5lY3Rpb25z OgoqIGhvc3Q6IHZtLTEzNy5pZG0ubGFiLmxvY2FsICBwb3J0OiAzODkgIChkZWZhdWx0KQog IHJlZmNudDogMiAgc3RhdHVzOiBDb25uZWN0ZWQKICBsYXN0IHVzZWQ6IE1vbiBEZWMgIDkg MTM6MTU6MTQgMjAxMwoKCioqIGxkIDB4N2ZjMGU4NTdiZDUwIE91dHN0YW5kaW5nIFJlcXVl c3RzOgogKiBtc2dpZCAxLCAgb3JpZ2lkIDEsIHN0YXR1cyBJblByb2dyZXNzCiAgIG91dHN0 YW5kaW5nIHJlZmVycmFscyAwLCBwYXJlbnQgY291bnQgMAogIGxkIDB4N2ZjMGU4NTdiZDUw IHJlcXVlc3QgY291bnQgMSAoYWJhbmRvbmVkIDApCioqIGxkIDB4N2ZjMGU4NTdiZDUwIFJl c3BvbnNlIFF1ZXVlOgogICBFbXB0eQogIGxkIDB4N2ZjMGU4NTdiZDUwIHJlc3BvbnNlIGNv dW50IDAKbGRhcF9jaGtSZXNwb25zZUxpc3QgbGQgMHg3ZmMwZTg1N2JkNTAgbXNnaWQgMSBh bGwgMQpsZGFwX2Noa1Jlc3BvbnNlTGlzdCByZXR1cm5zIGxkIDB4N2ZjMGU4NTdiZDUwIE5V TEwKbGRhcF9pbnRfc2VsZWN0CnJlYWQxbXNnOiBsZCAweDdmYzBlODU3YmQ1MCBtc2dpZCAx IGFsbCAxCmJlcl9nZXRfbmV4dApsZGFwX3JlYWQ6IHdhbnQ9OCwgZ290PTgKICAwMDAwOiAg MzAgMmIgMDIgMDEgMDEgNjEgMDcgMGEgICAgICAgICAgICAgICAgICAgICAgICAgICAgMCsu Li5hLi4gICAgICAgICAgCmxkYXBfcmVhZDogd2FudD0zNywgZ290PTM3CiAgMDAwMDogIDAx IDAwIDA0IDAwIDA0IDAwIGEwIDFkICAzMCAxYiAwNCAxOSAzMSAyZSAzMyAyZSAgIC4uLi4u Li4uMC4uLjEuMy4gIAogIDAwMTA6ICAzNiAyZSAzMSAyZSAzNCAyZSAzMSAyZSAgMzQgMzIg MmUgMzIgMmUgMzIgMzcgMmUgICA2LjEuNC4xLjQyLjIuMjcuICAKICAwMDIwOiAgMzggMmUg MzUgMmUgMzEgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgOC41LjEgICAg ICAgICAgICAgCmJlcl9nZXRfbmV4dDogdGFnIDB4MzAgbGVuIDQzIGNvbnRlbnRzOgpyZWFk MW1zZzogbGQgMHg3ZmMwZTg1N2JkNTAgbXNnaWQgMSBtZXNzYWdlIHR5cGUgYmluZApiZXJf c2NhbmYgZm10ICh7ZUFBKSBiZXI6CnJlYWQxbXNnOiBsZCAweDdmYzBlODU3YmQ1MCAwIG5l dyByZWZlcnJhbHMKcmVhZDFtc2c6ICBtYXJrIHJlcXVlc3QgY29tcGxldGVkLCBsZCAweDdm YzBlODU3YmQ1MCBtc2dpZCAxCnJlcXVlc3QgZG9uZTogbGQgMHg3ZmMwZTg1N2JkNTAgbXNn aWQgMQpyZXNfZXJybm86IDAsIHJlc19lcnJvcjogPD4sIHJlc19tYXRjaGVkOiA8PgpsZGFw X2ZyZWVfcmVxdWVzdCAob3JpZ2lkIDEsIG1zZ2lkIDEpCmxkYXBfcGFyc2VfcmVzdWx0CmJl cl9zY2FuZiBmbXQgKHtpQUEpIGJlcjoKYmVyX3NjYW5mIGZtdCAoe2EpIGJlcjoKYmVyX3Nj YW5mIGZtdCAofSkgYmVyOgpsZGFwX21zZ2ZyZWUKbGRhcHdob2FtaTogaW8uYzoxMDg6IGJl cl93cml0ZTogQXNzZXJ0aW9uIGBidWYgIT0gKCh2b2lkICopMCknIGZhaWxlZC4KQWJvcnRl ZCAoY29yZSBkdW1wZWQpCltyb290QHZtLTIxOSB+XSMK --------------050905040301060400050300--

1 0

Re: (ITS#7754) Unaligned MDB_DUPSORT sub-pages
by hyc＠symas.com 09 Dec '13

09 Dec '13

h.b.furuseth(a)usit.uio.no wrote: > I wrote: >> (...) >> A fix with a format change would be to put the padding byte in front >> of the sub-page instead of at the end. Sounds fine to me. back-mdb only uses even-sized keys with DUPSORT, so this change has no impact on OpenLDAP. And most likely no one else has hit this situation yet otherwise they'd be crashing. > Ignore next paragraph: >> One fix with a format change could be that the data item gets uneven >> size too, with a padding byte in front of the sub-page. > > Because that's repeated as the 2nd alternative after this one: > >> The most general way would be to do that in all nodes with uneven- >> sized key and even-sized data: > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7759) Wrong parsing of LDAP message
by hyc＠symas.com 09 Dec '13

09 Dec '13

Lukas Slebodnik wrote: > On (09/12/13 00:59), Howard Chu wrote: >> Lukas Slebodnik wrote: >>> On (07/12/13 08:37), Howard Chu wrote: >>>> lslebodn(a)redhat.com wrote: >>>>> Full_Name: Lukas Slebodnik >>>>> Version: 2.4.38 >>>>> OS: Fedora >>>>> URL: ftp://ftp.openldap.org/incoming/Lukas-Slebodnik-131205.tar.gz >>>>> Submission from: (NULL) (209.132.186.34) >>>> >>>> Fixed now in git master. >>> >>> Thank you. >>> >>> According commit 80e6316d37dd024bf32ed6db024f195c1b51ef7f, it seems to me >>> I was right that ApacheDS send wrong response. >>> Could you confirm this statement? because I am not expert in ldap protocol >>> and I would like to file a bug to ApacheDS upstream. >> >> The hex dumps you included were a bit difficult to read. I couldn't >> tell what was sent from the server vs the client and what the message >> boundaries were. > It is output directly from wireshark. Indented lines represent response > from server. > > ldap_communication_without_PP.hexdump > ---------------------------------------------------------------------------- > 00000000 30 5f 02 01 01 60 3b 02 01 03 04 2a 63 6e 3d 57 0_...`;. ...*cn=W > 00000010 69 6c 6c 69 61 6d 20 42 75 73 68 2c 6f 75 3d 70 illiam B ush,ou=p > 00000020 65 6f 70 6c 65 2c 64 63 3d 65 78 61 6d 70 6c 65 eople,dc =example > 00000030 2c 64 63 3d 73 6b 80 0a 6a 61 68 6f 64 61 2e 31 ,dc=sk.. jahoda.1 > 00000040 32 33 a0 1d 30 1b 04 19 31 2e 33 2e 36 2e 31 2e 23..0... 1.3.6.1. > 00000050 34 2e 31 2e 34 32 2e 32 2e 32 37 2e 38 2e 35 2e 4.1.42.2 .27.8.5. > 00000060 31 1 > ^^^^^^^^ > client > > 00000000 30 0c 02 01 01 61 07 0a 01 00 04 00 04 00 0....a.. ...... > ^^^^^^^^ > server > > 00000061 30 05 02 01 02 42 00 0....B. > ^^^^^^^^ > client > ---------------------------------------------------------------------------- > >> If you can reproduce the behavior using e.g. >> ldapwhoami -d7 that would be more legible. > output from command ldapwhoami is in the attached file screenlog.2 > but it loks like ApacheDS does not support LDAP_EXOP_WHO_AM_I. The point was to show a Bind request using the ppolicy control. The actual WhoAmI operation was irrelevant. But you didn't specify ppolicy in your invocation. Please read the ldapwhoami manpage. Use -E ppolicy to use the ppolicy control, the screenlog you attached has nothing interesting without the ppolicy traffic. >> Meanwhile you can refer to draft-behera-ldap-password-policy for the >> specification of the response control. The control value is mandatory >> for this control. > If I read draft "6.2. Response Control" correctly, > http://tools.ietf.org/html/draft-behera-ldap-password-policy-10#section-6.2 > response can be sequence of "PasswordPolicyResponseValue". > I think that sequence means "0 or more values" The sequence is required to begin with a Sequence marker. > In theory, there needn't be any password policy response value after control > type. In this case, either my patch or your patch are wrong. > Did I miss something? > > The controlType is 1.3.6.1.4.1.42.2.27.8.5.1 and the controlValue is > the BER encoding of the following type: "the controlValue is the BER encoding of a Sequence." - even if the sequence has zero members, it cannot be omitted. > PasswordPolicyResponseValue ::= SEQUENCE { > warning [0] CHOICE { > ...snip... } OPTIONAL, > error [1] ENUMERATED { > ...snip... } OPTIONAL > } > > Thank you very much for response. > > LS > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7753) "make" should not be hardcoded
by hyc＠symas.com 09 Dec '13

09 Dec '13

dam(a)opencsw.org wrote: > Full_Name: Dagobert Michelsen > Version: 2.4.38 > OS: Solaris > URL: http://sourceforge.net/apps/trac/gar/browser/csw/mgar/pkg/openldap/trunk/fi… > Submission from: (NULL) (86.103.212.188) > > > In Makefile.in the tests are invoked with "make test" which breaks if make has a > different name (e.g. gmake) and should better be invoked with "$(MAKE) test". > > This tiny patch also fixes the issue: > http://sourceforge.net/apps/trac/gar/browser/csw/mgar/pkg/openldap/trunk/fi… > > Thanks, fixed now in git master. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7759) Wrong parsing of LDAP message
by hyc＠symas.com 09 Dec '13

09 Dec '13

Lukas Slebodnik wrote: > On (07/12/13 08:37), Howard Chu wrote: >> lslebodn(a)redhat.com wrote: >>> Full_Name: Lukas Slebodnik >>> Version: 2.4.38 >>> OS: Fedora >>> URL: ftp://ftp.openldap.org/incoming/Lukas-Slebodnik-131205.tar.gz >>> Submission from: (NULL) (209.132.186.34) >> >> Fixed now in git master. > > Thank you. > > According commit 80e6316d37dd024bf32ed6db024f195c1b51ef7f, it seems to me > I was right that ApacheDS send wrong response. > Could you confirm this statement? because I am not expert in ldap protocol > and I would like to file a bug to ApacheDS upstream. The hex dumps you included were a bit difficult to read. I couldn't tell what was sent from the server vs the client and what the message boundaries were. If you can reproduce the behavior using e.g. ldapwhoami -d7 that would be more legible. Meanwhile you can refer to draft-behera-ldap-password-policy for the specification of the response control. The control value is mandatory for this control. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs