openldap-bugs

openldap-bugs@openldap.org

1 participants
20969 discussions

Re: (ITS#7136) [PATCH] MozNSS: store TLS params until the deferred initialization is finished
by hyc＠symas.com 25 Jan '12

25 Jan '12

jvcelak(a)redhat.com wrote: > Full_Name: Jan Vcelak > Version: git master > OS: Linux > URL: ftp://ftp.openldap.org/incoming/jvcelak-20120125-nss-params-deferred-init.p… > Submission from: (NULL) (209.132.186.34) > > > Deferred TLS initialization is used with Mozilla NSS. The real initialization > takes place when the TLS context is needed for the first time. If the > initialization parameters were freed immediately after tlsm_ctx_init was called, > they were not available at the time of deferred initialization which caused > segmentation fault. > > This situation happens e.g. with syncrepl. > > With this patch, initialization parameters are copied and stored until the > deferred initialization is finished. The parameters are freed afterwards. > > Original bug report: https://bugzilla.redhat.com/show_bug.cgi?id=783431 > > Patch uploaded. Thanks, committed to git master. > > The attached file is derived from OpenLDAP Software. All of the modifications to > OpenLDAP Software represented in the following patch(es) were developed by Red > Hat. Red Hat has not assigned rights and/or interest in this work to any party. > I, Jan Vcelak am authorized by Red Hat, my employer, to release this work under > the following terms. > > Red Hat hereby place the following modifications to OpenLDAP Software (and only > these modifications) into the public domain. Hence, these modifications may be > freely used and/or redistributed for any purpose with or without attribution > and/or other notice. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7135) [PATCH] MozNSS, PEM: fix segfault when TLS certificate key is not set
by hyc＠symas.com 25 Jan '12

25 Jan '12

jvcelak(a)redhat.com wrote: > Full_Name: Jan Vcelak > Version: git master > OS: Linux > URL: ftp://ftp.openldap.org/incoming/jvcelak-20120125-nss-pem-segfault-tls-certk… > Submission from: (NULL) (209.132.186.34) > > > Slapd segfaults when PEM certificate is used with Mozilla NSS crypto backend and > olcTLSCertificateKeyFile is not set. > > Original report: https://bugzilla.redhat.com/show_bug.cgi?id=772890 > > Patch is uploaded. Thanks, committed to git master. > > The attached file is derived from OpenLDAP Software. All of the modifications to > OpenLDAP Software represented in the following patch(es) were developed by Red > Hat. Red Hat has not assigned rights and/or interest in this work to any party. > I, Jan Vcelak am authorized by Red Hat, my employer, to release this work under > the following terms. > > Red Hat hereby place the following modifications to OpenLDAP Software (and only > these modifications) into the public domain. Hence, these modifications may be > freely used and/or redistributed for any purpose with or without attribution > and/or other notice. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#7137) Wrong -R path for installed programs
by quanah＠zimbra.com 25 Jan '12

25 Jan '12

--On Wednesday, January 25, 2012 9:33 PM +0000 holm(a)informatik.umu.se wrote: > Full_Name: ?ke Holmlund > Version: 2.4.28 > OS: Solaris 10, Ubuntu 10.04 > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (2001:6b0:e:4a43::25) > > > After compiling and installing OpenLDAP, the tools and servers are linked > with the wrong library path. They use the libraries in the source tree > instead of the installed libraries. It sounds to me like you failed to correctly set your paths etc while compiling and installing then. I build OpenLDAP on some 20 different Linux distributions with a large variety of gcc and kernel releases, and the RPATH always correct. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

(ITS#7137) Wrong -R path for installed programs
by holm＠informatik.umu.se 25 Jan '12

25 Jan '12

Full_Name: Åke Holmlund Version: 2.4.28 OS: Solaris 10, Ubuntu 10.04 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:6b0:e:4a43::25) After compiling and installing OpenLDAP, the tools and servers are linked with the wrong library path. They use the libraries in the source tree instead of the installed libraries. Example from Ubuntu: ldd ldapsearch linux-vdso.so.1 => (0x00007fffefd6a000) libldap-2.4.so.2 => /src/new/OpenLDAP/openldap-2.4.28/build-lnx/libraries/libldap/.libs/libldap-2.4.so.2 (0x00007f264082c000) liblber-2.4.so.2 => /src/new/OpenLDAP/openldap-2.4.28/build-lnx/libraries/liblber/.libs/liblber-2.4.so.2 (0x00007f264061c000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x00007f26403e5000) libdl.so.2 => /lib/libdl.so.2 (0x00007f26401e1000) libssl.so.0.9.8 => /lib/libssl.so.0.9.8 (0x00007f263ff8e000) libcrypto.so.0.9.8 => /lib/libcrypto.so.0.9.8 (0x00007f263fbfe000) libresolv.so.2 => /lib/libresolv.so.2 (0x00007f263f9e5000) libc.so.6 => /lib/libc.so.6 (0x00007f263f661000) /lib64/ld-linux-x86-64.so.2 (0x00007f2640a77000) libz.so.1 => /lib/libz.so.1 (0x00007f263f44a000) Note that libldap and liblber in /src/new... are used instead of the libraries installed in /opt/OpenLDAP/lib. The same problem occurs in Solaris 10.

1 0

(ITS#7136) [PATCH] MozNSS: store TLS params until the deferred initialization is finished
by jvcelak＠redhat.com 25 Jan '12

25 Jan '12

Full_Name: Jan Vcelak Version: git master OS: Linux URL: ftp://ftp.openldap.org/incoming/jvcelak-20120125-nss-params-deferred-init.p… Submission from: (NULL) (209.132.186.34) Deferred TLS initialization is used with Mozilla NSS. The real initialization takes place when the TLS context is needed for the first time. If the initialization parameters were freed immediately after tlsm_ctx_init was called, they were not available at the time of deferred initialization which caused segmentation fault. This situation happens e.g. with syncrepl. With this patch, initialization parameters are copied and stored until the deferred initialization is finished. The parameters are freed afterwards. Original bug report: https://bugzilla.redhat.com/show_bug.cgi?id=783431 Patch uploaded. The attached file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Red Hat. Red Hat has not assigned rights and/or interest in this work to any party. I, Jan Vcelak am authorized by Red Hat, my employer, to release this work under the following terms. Red Hat hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.

1 0

(ITS#7135) [PATCH] MozNSS, PEM: fix segfault when TLS certificate key is not set
by jvcelak＠redhat.com 25 Jan '12

25 Jan '12

Full_Name: Jan Vcelak Version: git master OS: Linux URL: ftp://ftp.openldap.org/incoming/jvcelak-20120125-nss-pem-segfault-tls-certk… Submission from: (NULL) (209.132.186.34) Slapd segfaults when PEM certificate is used with Mozilla NSS crypto backend and olcTLSCertificateKeyFile is not set. Original report: https://bugzilla.redhat.com/show_bug.cgi?id=772890 Patch is uploaded. The attached file is derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Red Hat. Red Hat has not assigned rights and/or interest in this work to any party. I, Jan Vcelak am authorized by Red Hat, my employer, to release this work under the following terms. Red Hat hereby place the following modifications to OpenLDAP Software (and only these modifications) into the public domain. Hence, these modifications may be freely used and/or redistributed for any purpose with or without attribution and/or other notice.

1 0

Re: (ITS#7134) Referential Integrity implement in LDAP
by quanah＠zimbra.com 24 Jan '12

24 Jan '12

--On Wednesday, January 25, 2012 6:11 AM +0000 jasminindia(a)gmail.com wrote: > Full_Name: Crack Jack > Version: 2.4.28 > OS: Red Hat > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (174.26.62.117) > > > we have two separate nodes called Roles and Permission. Roles contains > set of permissions. > How we can define relationship between Roles and permissions? > In case if delete permissions than Role must be deleted. > I referred openLDAP document but no more information. I heard about > "alias". will that help for referential integrity? The ITS system is for reporting bugs, not for asking usage questions. This ITS will be closed. If you have questions about how to use and configure OpenLDAP, then submit them to the openldap-technical(a)openldap.org mailing list. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

(ITS#7134) Referential Integrity implement in LDAP
by jasminindia＠gmail.com 24 Jan '12

24 Jan '12

Full_Name: Crack Jack Version: 2.4.28 OS: Red Hat URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (174.26.62.117) we have two seperate nodes called Roles and Permission. Roles contains set of permissions. How we can define relationship between Roles and permissions? In case if delete permissions than Role must be deleted. I referred openLDAP document but no more information. I heard about "alias". will that help for referential integrity?

1 0

Re: (ITS#7133) slapd dies with SIGSEGV on SIGHUP
by quanah＠zimbra.com 24 Jan '12

24 Jan '12

--On Tuesday, January 24, 2012 11:50 PM +0000 dpmcgee(a)gmail.com wrote: > On Tue, Jan 24, 2012 at 5:46 PM, Howard Chu <hyc(a)symas.com> wrote: >> Dan McGee wrote: >>> >>> On Tue, Jan 24, 2012 at 3:38 PM, Howard Chu<hyc(a)symas.com> ??wrote: >>>> >>>> dpmcgee(a)gmail.com wrote: >>>>> >>>>> >>>>> Full_Name: Dan McGee >>>>> Version: 2.4.28 >>>>> OS: Arch Linux, 3.0.2 kernel >>>>> URL: >>>>> Submission from: (NULL) (2002:47c2:29f0:1:21f:d0ff:fea2:ee12) >>>>> >>>>> >>>>> Running the test suite looks like a disaster because every time the >>>>> test server >>>>> is killed you see lines like this (probably 1409 times for every >>>>> single test, >>>>> who knows): >>>> >>>> >>>> >>>> Sounds like this is a dup of ITS#7118. A potential fix has been >>>> committed to >>>> git master; you should recompile both libldap and libldap_r with the >>>> patch >>>> to verify if the fix is effective. Please test and report back, thanks. >>> >>> >>> Appears to address the problem. The test suite is running without >>> errors at the moment. Thanks for the quick response! >> >> >> Thanks for verifying. Unfortunately, the previous patch was incomplete >> (and would break init.c on some non-Linux platforms). A new patch is now >> in git, if you could test again, thanks. > > Can you please give links to patches, or at least commit IDs? Your > directions are quite vague, as I only see one patch in git that > matches "7118" when searched for > (http://www.openldap.org/devel/gitweb.cgi?p=openldap.git&a=search&h=HEAD& > st=commit&s=7118). If > http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=patch;h=270ef33 > acf18dc13bfd07f8a8e66b446f80e7d27 is not what I should be testing, please > let me know. >From <http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=summary>: 10 min ago Howard ChuCleanup gssapi_flags -> ldo_gssapi_flags master commit | commitdiff | tree | snapshot 11 min ago Howard ChuMore for prev commit (270ef33acf18dc13bfd07f8a8e66b446f... commit | commitdiff | tree | snapshot 2 hours ago Howard ChuITS#7118, #7133 tentative fix commit | commitdiff | tree | snapshot -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

Re: (ITS#7133) slapd dies with SIGSEGV on SIGHUP
by hyc＠symas.com 24 Jan '12

24 Jan '12

Dan McGee wrote: > On Tue, Jan 24, 2012 at 5:46 PM, Howard Chu<hyc(a)symas.com> wrote: >> Thanks for verifying. Unfortunately, the previous patch was incomplete (and >> would break init.c on some non-Linux platforms). A new patch is now in git, >> if you could test again, thanks. > > Can you please give links to patches, or at least commit IDs? Your > directions are quite vague, as I only see one patch in git that > matches "7118" when searched for > (http://www.openldap.org/devel/gitweb.cgi?p=openldap.git&a=search&h=HEAD&st=…). > If http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=patch;h=270ef33ac… > is not what I should be testing, please let me know. Ah sorry, it's this: http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=7ff18967… -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs