openldap-bugs

openldap-bugs@openldap.org

1 participants
20960 discussions

Re: (ITS#5983) ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC
by michael＠stroeder.com 02 Mar '09

02 Mar '09

mariusp44(a)gmail.com wrote: > I am running openldap 2.4.11 Note that this release is already a bit old. If you're testing it is more helpful to use a recent release (like 2.4.15 at the moment). Ciao, Michael.

1 0

Re: (ITS#5860) slapd memeory leak under openldap 2.4
by rlvcosta＠yahoo.com 02 Mar '09

02 Mar '09

Howard, Thank you for your great knowledge in the OpenLDAP internals. I will also give a try and check but looks like you could pinpoint the issue and solve it. I would like to say this will greatly allow many users to control better memory usage and then have DBs bigger than available memory, what can be very common nowadays. I normally will not have 2 process searching DB simultaneously, this was just a test. In this way performance, in average, will be reasonable. Thanks a lot! Rodrigo. --- On Mon, 3/2/09, Howard Chu <hyc(a)symas.com> wrote: > From: Howard Chu <hyc(a)symas.com> > Subject: Re: (ITS#5860) slapd memeory leak under openldap 2.4 > To: rlvcosta(a)yahoo.com > Cc: openldap-its(a)openldap.org > Date: Monday, March 2, 2009, 4:36 AM > Rodrigo Costa wrote: > > Howard, > > > > One more comment. If you take a longer time between > the ldapsearches the > issue doesn't appear sometimes. > > > > So you need to start the first ldapsearh and like 15 > seconds later start > > the > second one. With this scenario the problem will for sure > appear. > > I was finally able to reproduce this issue, by running two > identical searches simultaneously on a server with more than > 2 CPU cores. Given any delay between the two search > invocation, the problem did not appear. > > This is now fixed in HEAD. Thanks for your help in > providing data for reproducing the issue. > > > In this way we will see large chunks of memory being > allocated and after > > it > stabilizes the query get stuck returning as the issue > before 16 records per > minute, or very slow and getting stuck all the time. > > I should point out - the memory use is stabilized now (as > it should be) but the search performance of a configuration > such as yours will be extremely poor due to the unavoidable > thrashing that such a query pattern exerts on the cache. > Setting a larger minfree can help reduce some of the > contention but it will still be much slower than normal. > > > Regards, > > > > Rodrigo. > > > -- -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP > http://www.openldap.org/project/

1 0

Re: (ITS#5983) ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC
by Pierangelo Masarati 02 Mar '09

02 Mar '09

> Full_Name: Marius Paulauskas > Version: 2.4.11 > OS: Solaris 10 (SPARC) > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (76.201.141.149) Please retry with latest. p.

1 0

Re: (ITS#5982) man page for ldapexop
by Gavin Henry 02 Mar '09

02 Mar '09

Thanks for your contribution! Could you take a read of: http://www.openldap.org/devel/contributing.html#notice with an example of the format at the top of: ftp://ftp.openldap.org/incoming/andrew-findlay-limits.sdf-20081118 Thanks and always appreciated! Gavin.

1 0

ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC openldap 2.4.11
by Marius Paulauskas 02 Mar '09

02 Mar '09

Hello, I am trying to change a password for ldap entry using ldappasswd -vx -D "cn=root,dc=test,dc=com" -w foobarr "uid=mariusp,ou=people,dc=test,dc=com" and reply I get is: Result: Other (e.g., implementation specific) error (80) Additional info: password hash failed This error occurs if password-hash is set to SSHA, SMD5 and CRYPT. It works fine if it is CLEARTEXT, SHA and MD5. I am running openldap 2.4.11 on Solaris 10 latest on SPARC. It is in testing meaning there is nothing special about its configuration all defaults. Database has two entries just to play with. Same error occurs if I use downloaded pre-compiled version from sunfreeware.com or compile it myself using gcc. Wondering if anyone experienced similar issue. Regards, /Marius

3 2

Re: (ITS#5860) slapd memeory leak under openldap 2.4
by hyc＠symas.com 02 Mar '09

02 Mar '09

Rodrigo Costa wrote: > Howard, > > One more comment. If you take a longer time between the ldapsearches the issue doesn't appear sometimes. > > So you need to start the first ldapsearh and like 15 seconds later start > the second one. With this scenario the problem will for sure appear. I was finally able to reproduce this issue, by running two identical searches simultaneously on a server with more than 2 CPU cores. Given any delay between the two search invocation, the problem did not appear. This is now fixed in HEAD. Thanks for your help in providing data for reproducing the issue. > In this way we will see large chunks of memory being allocated and after > it stabilizes the query get stuck returning as the issue before 16 records per minute, or very slow and getting stuck all the time. I should point out - the memory use is stabilized now (as it should be) but the search performance of a configuration such as yours will be extremely poor due to the unavoidable thrashing that such a query pattern exerts on the cache. Setting a larger minfree can help reduce some of the contention but it will still be much slower than normal. > Regards, > > Rodrigo. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#5983) ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC
by mariusp44＠gmail.com 02 Mar '09

02 Mar '09

Full_Name: Marius Paulauskas Version: 2.4.11 OS: Solaris 10 (SPARC) URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (76.201.141.149) I am trying to change a password for ldap entry using ldappasswd -vx -D "cn=root,dc=test,dc=com" -w foobarr "uid=mariusp,ou=people,dc=test,dc=com" and reply I get is: Result: Other (e.g., implementation specific) error (80) Additional info: password hash failed This error occurs if password-hash is set to SSHA, SMD5 and CRYPT. It works fine if it is CLEARTEXT, SHA and MD5. I am running openldap 2.4.11 on Solaris 10 latest on SPARC. It is in testing meaning there is nothing special about its configuration all defaults. Database has two entries just to play with. Same error occurs if I use downloaded pre-compiled version from sunfreeware.com or compile it myself using gcc.

1 0

Re: (ITS#5981) TLSVerifyClient try setting fails with GnuTLS
by hyc＠symas.com 02 Mar '09

02 Mar '09

peter(a)adpm.de wrote: > Full_Name: Peter Marschall > Version: 2.4.15 > OS: Linux > URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch > Submission from: (NULL) (92.75.56.86) > > > Hi, > > when OpenLDAP 2.4.15 is compiled with GnuTLS, then setting > TLSVerifyClient Try > in slapd.conf makes TLS connections without certificates impossible. > > This is caused by incomplete decoding in tls_g.c > > The patch in ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch > fixes this issue together with a few other little cleanups: > - remove unused variables (less compiler warnings) > - use correct types (less compiler warnings) > - detect failed calls for activation/exiration functions to > avoid giving wrong information > > Please consider adding this patch to OpenLDAP Thanks for the patch, committed to HEAD. > > Regards > Peter > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#5982) man page for ldapexop
by peter＠adpm.de 01 Mar '09

01 Mar '09

Full_Name: Peter Marschall Version: 2.4.15 OS: Linux URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301-ldapexop.1 Submission from: (NULL) (94.217.131.234) Hi, doing a little bug triaging for Debian, I noticed there is not man page for ldapexop. At ftp://ftp.openldap.org/incoming/Peter-Marschall-090301-ldapexop.1 you can find my first draft for it. Please adapt as you please and add it to the next release. Regards Peter

1 0

(ITS#5981) TLSVerifyClient try setting fails with GnuTLS
by peter＠adpm.de 01 Mar '09

01 Mar '09

Full_Name: Peter Marschall Version: 2.4.15 OS: Linux URL: ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch Submission from: (NULL) (92.75.56.86) Hi, when OpenLDAP 2.4.15 is compiled with GnuTLS, then setting TLSVerifyClient Try in slapd.conf makes TLS connections without certificates impossible. This is caused by incomplete decoding in tls_g.c The patch in ftp://ftp.openldap.org/incoming/Peter-Marschall-090301.patch fixes this issue together with a few other little cleanups: - remove unused variables (less compiler warnings) - use correct types (less compiler warnings) - detect failed calls for activation/exiration functions to avoid giving wrong information Please consider adding this patch to OpenLDAP Regards Peter

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs