- openldap-bugs - openldap.org

[Issue 10123] New: Allow compilation with new compilers
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10123 Issue ID: 10123 Summary: Allow compilation with new compilers Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- With clang 16 at least, slapd fails to compile servers/slapd/controls.c (missing an include of ac/ctype.h) and emits a large amount of warnings stemming from include/ac/* redefining existing functions in a K&R way (which apparently is not compatible with C2x). A fix is coming. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10109] New: [slapd] Segmentation fault
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10109 Issue ID: 10109 Summary: [slapd] Segmentation fault Product: OpenLDAP Version: 2.6.6 Hardware: x86_64 OS: Windows Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: sfhacker(a)hotmail.com Target Milestone: --- Created attachment 984 --> https://bugs.openldap.org/attachment.cgi?id=984&action=edit Backtrace Hi. OpenLDAP 2.6.6 built from source on Windows 10 x64. When starting the server using a basic slapd.conf file, I get a segmentation fault (see screenshot attached). Thanks in advance. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 10110] New: Chained searches skip callbacks for returned entries
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10110 Issue ID: 10110 Summary: Chained searches skip callbacks for returned entries Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Regardless of overlay ordering, slapo-chain's handling of entries returned will skip any callbacks that have been registered on the operation. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10076] New: suffixmassage in back-asyncmeta does not handle empty remote suffix correctly
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10076 Issue ID: 10076 Summary: suffixmassage in back-asyncmeta does not handle empty remote suffix correctly Product: OpenLDAP Version: 2.6.4 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- When configuring a suffixmassage directive on an asyncmeta database, a configuration like: suffixmassage "dc=example,dc=com" "" causes search requests to return error 34 "Invalid DN", because the empty remote suffix is massaged incorrectly, adding an unnecessary ",". The issue applies only to asyncmeta, on other proxies it functions correctly. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 10139] back-config discloses existence of entries contrary to ACL
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10139 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Group|OpenLDAP-devs | -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7420] Possible to bypass overlay unique and constraint
by openldap-its＠openldap.org 29 Jan '24

29 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=7420 --- Comment #11 from Quanah Gibson-Mount <quanah(a)openldap.org> --- commit d56dcccb6f6cfd590eb20628eec39ab815a65f5a Author: Howard Chu <hyc(a)openldap.org> Date: Sun Jan 28 04:43:44 2024 +0000 ITS#7420 clarify prev commit commit 03338946b3e165e3c703c57cede266c42418cc1f Author: Howard Chu <hyc(a)openldap.org> Date: Sun Jan 28 04:00:34 2024 +0000 ITS#7420 more for prev commit On naming error, don't free modvals -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 25 Jan '24

25 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #28 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Quanah Gibson-Mount from comment #27) > (In reply to Quanah Gibson-Mount from comment #26) > > Additionally, this was clearly documented in the UPGRADE section of the Admin guide. > > Specifically, in the OpenLDAP 2.5 admin guide section on upgrading from > OpenLDAP 2.4 or prior releases. https://www.openldap.org/doc/admin25/appendix-upgrading.html#Client%20utili… -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 25 Jan '24

25 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #27 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Quanah Gibson-Mount from comment #26) > Additionally, this was clearly documented in the UPGRADE section of the Admin guide. Specifically, in the OpenLDAP 2.5 admin guide section on upgrading from OpenLDAP 2.4 or prior releases. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 25 Jan '24

25 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #26 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to jel+git from comment #23) > 1) If one decides to drop an option, it should be > a) communicated clearly. > b) documented and alternatives shown Hello, The options were *clearly* marked as deprecated for the last 24 years in the man pages for the ldap client utilities. It appears whomever wrote the scripts in question chose to ignore this clearly documented deprecation of the options and used them anyway. Additionally, this was clearly documented in the UPGRADE section of the Admin guide. In other words, this change has been clearly communicated for years, and well documented. Perhaps in the future it would be wise to read the supplied upgrade documentation prior to performing an upgrade of software and to pay attention to deprecation notices in the software documentation instead of attacking a volunteer powered open source software project. Regards, Quanah -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10159] New: Unable to Use ldapi:// - ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
by openldap-its＠openldap.org 24 Jan '24

24 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10159 Issue ID: 10159 Summary: Unable to Use ldapi:// - ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1) Product: OpenLDAP Version: 2.5.13 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: chilimili1(a)outlook.de Target Milestone: --- Problem: When attempting to use the ldapi:// URI to interact with the OpenLDAP server using commands like ldapmodify or ldapsearch, an error is encountered: ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1). Process is running # ps -aux |grep ldap ldap 9 0.0 0.4 42232968 79472 ? Sl Jan23 0:10 /usr/libexec/slapd -u ldap -h ldap:/// ldapi:/// ldaps:/// -F /etc/openldap/slapd.d -d 256 Troubleshooting Steps Taken: Verified the ldapi URI configuration. Inspected the OpenLDAP configuration using slapd.conf or cn=config. Examined ACLs and access control rules. Additional Information: OpenLDAP is running as a Docker container Docker Compose configuration includes port mappings for LDAP (3269:389) and LDAPS (3268:636). The whole configuration was migrated from a working Server Any additional insights or recommendations for resolving the ldapi connection issue would be greatly appreciated. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 24 Jan '24

24 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #25 from Howard Chu <hyc(a)openldap.org> --- Also: the time to raise objections to a change is before the release. The 2.5 call for testing went out in April 2021. https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/… You're about 3 years late complaining about the removal of a feature deprecated 24 years ago. Demanding that volunteers work on what you want the way you want won't fly. Only people who are actively involved will have their concerns listened to. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 24 Jan '24

24 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #24 from Howard Chu <hyc(a)openldap.org> --- A reminder that the OpenLDAP Project is worked solely by volunteers. Symas does not direct the operation of the Project. They merely provide support for what the Project releases. Your criticism of Symas is wholly out of place. Meanwhile, criticizing work that was given to you for free, without you ever lifting a finger to contribute, just makes you a selfish, entitled, ungrateful ass. If you think you can run things better, then actively contribute. That is the only way that open source projects advance. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8618] Remove deprecated -h HOST and -p PORT options from clients
by openldap-its＠openldap.org 24 Jan '24

24 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8618 --- Comment #23 from jel+git(a)linofee.org --- Just upgraded a server from Ubuntu 20.04 to 22.04, which contains 2.5.x and found out, that the options -p and -h got dropped - and requires me to adjust quite a bit of scripts because of this non-sense. This is such a poor software management and versioning, hard to believe, that anyone who allowed it to go through, has any experience in enterprise ready software. 1) If one decides to drop an option, it should be a) communicated clearly. b) documented and alternatives shown 2) If a software gets released, which has an incompatible change wrt. previous major.minor.tiny version, it should rise the major number of the software version, so that OS/Distro vendors are warned and may decide to stick with the old version. There are several options to allow -H and -h,-p side by side - openldap has chosen the worst option. This might be a hint, how poor its maintenance actually is/how bad the support by sysmas probably is. This is also a good example, that for OS/Distro vendors it is sometimes a really good thing to stick with the older version instead of switching to the "latest" stuff. Anyway, thanx for the work. =8-( -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10158] New: Linker error when building openldap-2.4.59
by openldap-its＠openldap.org 23 Jan '24

23 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10158 Issue ID: 10158 Summary: Linker error when building openldap-2.4.59 Product: OpenLDAP Version: 2.4.59 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: umagmrit(a)gmail.com Target Milestone: --- -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 10013] New: Some code (ppolicy, etc.) ignores REP_CTRLS_MUSTBEFREED when touching rs->sr_ctrls
by openldap-its＠openldap.org 17 Jan '24

17 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10013 Issue ID: 10013 Summary: Some code (ppolicy, etc.) ignores REP_CTRLS_MUSTBEFREED when touching rs->sr_ctrls Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Certain parts of the source indicate that rs->sr_ctrls shouldn't be realloc'd/free'd unless REP_CTRLS_MUSTBEFREED is set, but then other parts of slapd (slap_ctrl_whatFailed_add, glue_op_search?, ...) and overlays (ppolicy, syncprov, ...) will blindly overwrite and/or realloc it. slap_add_control() (an analog of slap_add_controls()) might be useful for this, possibly alongside some way to free the other data kept around to streamline the code other users need for correct operation. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9944] New: Reverting an olcDbACLBind statement breaks proxied write operations
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=9944 Issue ID: 9944 Summary: Reverting an olcDbACLBind statement breaks proxied write operations Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- On a system with olcDbIDAssertBind configured, and proxied authorizations working correctly, an olcDbACLBind statement was added to the configuration for lastbind support. However an incorrect identity was in place for the authzid in the ACL bind statement which caused proxy authorization to fail. The change was backed out (There was never any change to the olcDbIDAssertBind config fragment) and after that, all write operations failed instead of being proxied, with err=80. Restarting slapd fixed the issue, which indicates an underlying problem in the cn=config db in reverting to the original working state. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 10151] New: Leaks in do_syncrep2() when error handling
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10151 Issue ID: 10151 Summary: Leaks in do_syncrep2() when error handling Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Investigating the persistent CI failures in test050, I can see some memory leaks that should be tackled (if only to reduce noise). For one, when receiving an entry without a syncrepl control attached or when dealing with a concurrent thread removing that consumer, we leak our scratch data (decoded controls, modlist, ...). -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10137] New: Ease redefining the MDB_IDL_LOGN value
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10137 Issue ID: 10137 Summary: Ease redefining the MDB_IDL_LOGN value Product: LMDB Version: 0.9.30 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: renault.cle(a)gmail.com Target Milestone: --- Created attachment 992 --> https://bugs.openldap.org/attachment.cgi?id=992&action=edit The patch do apply to midl.h Hello, I would like to slightly change the midl.h c file to make it possible to change the MDB_IDL_LOGN define without having to fork on my side. I know it can be redefined to reduce the amount of memory allocated by LMDB. I am using the latest `mdb.master` branch version of LMDB. https://github.com/mozilla/lmdb/pull/2 -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 10157] New: mdb_load doesn't build for me
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10157 Issue ID: 10157 Summary: mdb_load doesn't build for me Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: tools Assignee: bugs(a)openldap.org Reporter: vl(a)samba.org Target Milestone: --- Created attachment 1001 --> https://bugs.openldap.org/attachment.cgi?id=1001&action=edit Patch see attached patch -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 7420] Possible to bypass overlay unique and constraint
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=7420 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|IN_PROGRESS |RESOLVED --- Comment #10 from Quanah Gibson-Mount <quanah(a)openldap.org> --- • f5c96f44 by Howard Chu at 2024-01-10T17:05:13+00:00 ITS#7420 move entry_naming_check earlier in Add • 7debe76f by Howard Chu at 2024-01-15T16:43:56+00:00 ITS#7420 re-fix slapcommon.c -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10154] New: Configure auto close for pull requests created on github
by openldap-its＠openldap.org 16 Jan '24

16 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10154 Issue ID: 10154 Summary: Configure auto close for pull requests created on github Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Configure the auto close action for PRs created on Github. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 7420] Possible to bypass overlay unique and constraint
by openldap-its＠openldap.org 15 Jan '24

15 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=7420 --- Comment #9 from Howard Chu <hyc(a)openldap.org> --- (In reply to Ondřej Kuzník from comment #8) > The patch in MR!665 (now in master) has introduced a regression in slapadd > not filling in the implicit RDN attributes. Try removing line 7 > (olcDatabase: {0}config) in tests/data/slapd-dynamic.ldif and run test062. I see, the naming check needed to happen before the schema check. Fixed now in master. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7420] Possible to bypass overlay unique and constraint
by openldap-its＠openldap.org 15 Jan '24

15 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=7420 --- Comment #8 from Ondřej Kuzník <ondra(a)mistotebe.net> --- The patch in MR!665 (now in master) has introduced a regression in slapadd not filling in the implicit RDN attributes. Try removing line 7 (olcDatabase: {0}config) in tests/data/slapd-dynamic.ldif and run test062. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10156] New: Any recorded crash-consistency bugs/vulnerabilities in LMDB for study?
by openldap-its＠openldap.org 14 Jan '24

14 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=10156 Issue ID: 10156 Summary: Any recorded crash-consistency bugs/vulnerabilities in LMDB for study? Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: yilegu(a)cs.washington.edu Target Milestone: --- Dear LMDB developers, Hello! I am Michael Gu, a CS PhD student at the University of Washington, advised by Prof. Baris Kasikci. We are building a software testing tool that can test the crash-consistency of POSIX applications. The tool also supports testing MMIO-based applications and we think LMDB is a perfect evaluation target. We are wondering if there are any recorded crash consistency bugs/vulnerabilities during the development of the LMDB database. If so, could you kindly provide some pointers to which version of the LMDB database has such issues and if possible the Github commit or Issue ID on OpenLDAP issue tracking system correspondingly? Thank you so much in advance! Bests, Michael Gu ----------------- Yile (Michael) Gu CSE Ph.D. Student University of Washington -- Paul G. Allen School of Computer Science & Engineering yilegu(a)cs.washington.edu -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 8826] Contrib dsaschema module needs updating for cn=config
by openldap-its＠openldap.org 12 Jan '24

12 Jan '24

https://bugs.openldap.org/show_bug.cgi?id=8826 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |FIXED --- Comment #2 from Quanah Gibson-Mount <quanah(a)openldap.org> --- • 69a4a03a by Ondřej Kuzník at 2023-12-05T16:56:29+00:00 ITS#8826 Allow minimal dsaschema configuration in cn=config -- You are receiving this mail because: You are on the CC list for the issue.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs