- openldap-bugs - openldap.org

[Issue 8977] Make IDL sizes configurable in back-mdb
by openldap-its＠openldap.org 28 Mar '23

28 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=8977 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=10031 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10027] New: MDB_TXN_FULL on large write transactions
by openldap-its＠openldap.org 28 Mar '23

28 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=10027 Issue ID: 10027 Summary: MDB_TXN_FULL on large write transactions Product: LMDB Version: unspecified Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: renault.cle(a)gmail.com Target Milestone: --- Hello, Our users ([1], [2]) encountered MDB_TXN_FULL errors when our Meilisearch engine processed a large write transaction. We did read the documentation about this error in the codebase of LMDB: Spill pages from the dirty list back to disk. This is intended to prevent running into #MDB_TXN_FULL situations, but note that they may still occur in a few cases: 1) our estimate of the txn size could be too small. Currently this seems unlikely, except with a large number of #MDB_MULTIPLE items. 2) child txns may run out of space if their parents dirtied a lot of pages and never spilled them. TODO: we probably should do a preemptive spill during #mdb_txn_begin() of a child txn, if the parent's dirty_room is below a given threshold. Otherwise, if not using nested txns, it is expected that apps will not run into #MDB_TXN_FULL any more. The pages are flushed to disk the same way as for a txn commit, e.g. their P_DIRTY flag is cleared. If the txn never references them again, they can be left alone. If the txn only reads them, they can be used without any fuss. If the txn writes them again, they can be dirtied immediately without going thru all of the work of #mdb_page_touch(). Such references are handled by #mdb_page_unspill(). However, It looks like we are not in those scenarios, we are not using MDB_DUPFIXED, and we are not using sub-transactions. We don't use the MDB_VL32 flag either, so this is not related to [3]. Thank you for your time, Have a nice day 💡 [1]: https://github.com/meilisearch/meilisearch/issues/3603 [2]: https://github.com/meilisearch/meilisearch/issues/3349 [3]: https://bugs.openldap.org/show_bug.cgi?id=8813 -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 10029] New: slapd crashes when run with unlimited open files
by openldap-its＠openldap.org 27 Mar '23

27 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=10029 Issue ID: 10029 Summary: slapd crashes when run with unlimited open files Product: OpenLDAP Version: 2.6.4 Hardware: All OS: Mac OS Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: gray(a)nxg.name Target Milestone: --- To reproduce: % ulimit -n unlimited % $T/openldap-2.6.4/libexec/slapd -d-1 641ee8bc.32f05820 0x1dc760140 @(#) $OpenLDAP: slapd 2.6.4 (Mar 25 2023 12:25:49) $ openldap 641ee8bc.32f39ff8 0x1dc760140 daemon_init: <null> 641ee8bc.32f40588 0x1dc760140 daemon: SLAP_SOCK_INIT: dtblsize=-1 641ee8bc.32f43080 0x1dc760140 ch_calloc of 1 elems of 18446744073709551615 bytes failed Assertion failed: (0), function ch_calloc, file ch_malloc.c, line 107. zsh: abort $T/openldap-2.6.4/libexec/slapd -d-1 This is because `daemon.c` (line 1867) uses the maximum number of open files to set `dtblsize`, which is subsequently used to size an array: 1867 #ifdef HAVE_SYSCONF 1868 dtblsize = sysconf( _SC_OPEN_MAX ); 1869 #elif defined(HAVE_GETDTABLESIZE) 1870 dtblsize = getdtablesize(); 1871 #else /* ! HAVE_SYSCONF && ! HAVE_GETDTABLESIZE */ 1872 dtblsize = FD_SETSIZE; 1873 #endif /* ! HAVE_SYSCONF && ! HAVE_GETDTABLESIZE */ If the maximum number of FDs is unlimited, then sysconf(_SC_OPEN_MAX) returns -1, and the program crashes when it tries to malloc that much memory. I've marked this as OS=macOS because that's what I'm illustrating this on, but the same thing would happen on any OS where the sysconf call returns a negative number for the 'unlimited' case. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10022] New: OlcAccess (META)
by openldap-its＠openldap.org 27 Mar '23

27 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=10022 Issue ID: 10022 Summary: OlcAccess (META) Product: OpenLDAP Version: 2.5.7 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: bourguijl(a)gmail.com Target Milestone: --- Dears, I've configured a META ldap instance pointing to a LDAP backend. In this backend, there are a few ACLs but which ones don't restrict ldapsearch that I perform from the META frontend. I just have an issue when I set some ACLs on the META frontend and more specially when I insert attrs=xxx in the ACL. ACL = OK {0}to dn.one="ou=staff,o=mobistar.be" by dn="uid=a0621004,ou=ObeExternalITOnGcp,ou=partners,o=mobistar.be" read ACL NOT OK {0}to dn.one="ou=staff,o=mobistar.be" attrs=uid by dn="uid=a0621004,ou=ObeExternalITOnGcp,ou=partners,o=mobistar.be" read Can you explain why when I restrict to an attribute, my ldapsearch didn't provide me any response as expected ? Is it a bug ? Thx in advance, J-L. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 8447] LMDB: Overwriting values in MDB_DUPSORT databases broken
by openldap-its＠openldap.org 27 Mar '23

27 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=8447 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|--- |0.9.31 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9496] New: Some writes missing from database
by openldap-its＠openldap.org 15 Mar '23

15 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=9496 Issue ID: 9496 Summary: Some writes missing from database Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: igfoo(a)github.com Target Milestone: --- With the attached test program, some of my database writes appear not to actually be written to the database. For example, a run may look like this: $ ./run.sh All done. All finished 1802 test.txt foo_200 is missing bar_200 is missing foo_404 is missing bar_404 is missing foo_407 is missing bar_407 is missing The script that I am using to run the program is below. This is using mdb.master 52bc29ee2efccf09c650598635cd42a50b6ecffe on Linux, with an ext4 filesystem. Is this an LMDB bug, or is there a bug in my code? Thanks Ian #!/bin/sh set -e if ! [ -d lmdb ] then rm -rf lmdb git clone https://github.com/LMDB/lmdb.git INSTALL_DIR="`pwd`/inst" cd lmdb/libraries/liblmdb make install prefix="$INSTALL_DIR" cd ../../.. fi gcc -Wall -Werror -Iinst/include loop.c inst/lib/liblmdb.a -o loop -pthread rm -f test.db test.db-lock ./loop echo "All finished" mdb_dump -np test.db > test.txt wc -l test.txt for i in `seq 100 999` do if ! grep -q "foo_$i" test.txt then echo "foo_$i is missing" fi if ! grep -q "bar_$i" test.txt then echo "bar_$i is missing" fi done -- You are receiving this mail because: You are on the CC list for the issue.

1 16

[Issue 10017] New: ldap.conf setting "BINDDN" has no associated LDAP_OPT_XXX constant for ldap_get_opt ldap_set_opt
by openldap-its＠openldap.org 13 Mar '23

13 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=10017 Issue ID: 10017 Summary: ldap.conf setting "BINDDN" has no associated LDAP_OPT_XXX constant for ldap_get_opt ldap_set_opt Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: sean(a)teletech.com.au Target Milestone: --- The Configuration file setting "BINDDN" has no associated LDAP_OPT_XXX constant and is not exposed to the ldap_get_opt / ldap_set_opt API. This is the only option that is not so accessible and this seems like an oversight. Option "PORT" is also not exposed but that is deprecated. You could make the case it shouldn't be. This setting could obviously be of interest to the Application and I see no reason for it to be hidden. Simple applications / tools may not have their own configuration files and instead rely solely of the ldap.conf file to configure openldap. Such an application could not easy supply a DN to the "bind" calls but may still wish to know the value specified in the configuration file. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10019] New: dynlist's +memberOf attribute not searchable/fetchable with anonymous binds
by openldap-its＠openldap.org 13 Mar '23

13 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=10019 Issue ID: 10019 Summary: dynlist's +memberOf attribute not searchable/fetchable with anonymous binds Product: OpenLDAP Version: 2.5.13 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: msl(a)touk.pl Target Milestone: --- Hi, This is and issue we discovered (as a side effect of testing) after switching from memberof overlay to dynlist with our confluence directory setup - which previously worked fine, but not anymore. Side effect of testing - as judging from the logs it seems that confluence is doing normal binds (which is even stranger as non-anonymous bind ldapsearch from commandline works correctly). Anyway, consider the following setup: groupOfURLs labeledURI uniqueMember+memberOf@groupOfUniqueNames We only use static groups, so the following group with one of members: DN: cn=TouK,ou=TouK,ou=Group,dc=touk,dc=pl objectClass: groupOfUniqueNames ... uniqueMember: cn=Michał Sołtys,ou=Touki,ou=People,dc=touk,dc=pl Correlates to: DN: cn=Michał Sołtys,ou=Touki,ou=People,dc=touk,dc=pl ... memberOf: cn=touk,ou=touk,ou=group,dc=touk,dc=pl The initial ACLs are set as follows: {0}to * by dn=gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth manage by * break {1}to dn.subtree=ou=People,dc=touk,dc=pl attrs=entry,entryUUID,memberOf,@toukAnonAccess by anonymous =scr by * break {2}to dn.subtree=ou=Group,dc=touk,dc=pl attrs=entry,@groupOfUniqueNames,@groupOfNames by anonymous =scr by * break ... later ACLs handling specific accesses and stuff, terminated with: {14}to * by users =scr Now if we do search doing non-anonymous binds, everything works correctly: ldapsearch -x -H ldaps://ldap.touk.pl -D "cn=Michał Sołtys,ou=Touki,ou=People,dc=touk,dc=pl" -s sub -b 'ou=Touki,ou=People,dc=touk,dc=pl' -o ldif-wrap=no -y ./pass -LLL -v '(uid=ast)' memberOf entryUUID ldap_initialize( ldaps://ldap.touk.pl:636/??base ) filter: (uid=ast) requesting: memberOf entryUUID dn: cn=Adam Stus,ou=Touki,ou=People,dc=touk,dc=pl entryUUID: 6c1adf48-a800-103a-8044-3100241d53c2 memberOf: cn=touk,ou=touk,ou=group,dc=touk,dc=pl But if we do an anonymous search - with ACLs as above explicitly allowing access to all relevant parts as in rule {1}, memberOf is not returned (it can't be used in filtering either): ldapsearch -x -H ldaps://ldap.touk.pl -s sub -b 'ou=Touki,ou=People,dc=touk,dc=pl' -o ldif-wrap=no -LLL -v '(uid=ast)' memberOf entryUUID ldap_initialize( ldaps://ldap.touk.pl:636/??base ) filter: (uid=ast) requesting: memberOf entryUUID dn: cn=Adam Stus,ou=Touki,ou=People,dc=touk,dc=pl entryUUID: 6c1adf48-a800-103a-8044-3100241d53c2 This - unless I missed something - looks like a bug. As mentioned above - our local confluence install is using dedicated user, but for some reason it is also unable filter using memberOf (though surprisingly it does work from command line for non-anonymous bind). Relevant parts of the slapd.log of such query: Mar 6 19:21:24 lipa1 slapd[1206591]: conn=1009 op=0 BIND dn="cn=confluence,ou=Apps,dc=touk,dc=pl" method=128 Mar 6 19:21:24 lipa1 slapd[1206591]: conn=1009 op=0 BIND dn="cn=confluence,ou=Apps,dc=touk,dc=pl" mech=SIMPLE bind_ssf=0 ssf=256 Mar 6 19:21:24 lipa1 slapd[1206591]: conn=1009 op=0 RESULT tag=97 err=0 qtime=0.000016 etime=0.000230 text= ... other operations Mar 6 19:26:58 lipa1 slapd[1206591]: conn=1009 op=28 SRCH base="ou=Touki,ou=People,dc=touk,dc=pl" scope=2 deref=3 filter="(&(toukAccountActive=TRUE)(memberOf=cn=finanse,ou=touk,ou=group,dc=touk,dc=pl))" Mar 6 19:26:58 lipa1 slapd[1206591]: conn=1009 op=28 SRCH attr=1.1 Mar 6 19:26:58 lipa1 slapd[1206591]: conn=1009 op=28 SEARCH RESULT tag=101 err=0 qtime=0.000019 etime=0.000541 nentries=0 text= See (nentries=0) above - but identical search performed from command line, e.g.: ldapsearch -x -H ldaps://ldap.touk.pl -D "cn=confluence,ou=Apps,dc=touk,dc=pl" -y ./b -a always -s sub -b 'ou=Touki,ou=People,dc=touk,dc=pl' -o ldif-wrap=no -LLL -v '(&(toukAccountActive=TRUE)(memberOf=cn=finanse,ou=touk,ou=group,dc=touk,dc=pl))' 1.1 correctly returns 6 people: Mar 7 15:21:31 lipa1 slapd[1220021]: conn=26424 op=0 BIND dn="cn=confluence,ou=Apps,dc=touk,dc=pl" method=128 Mar 7 15:21:31 lipa1 slapd[1220021]: conn=26424 op=0 BIND dn="cn=confluence,ou=Apps,dc=touk,dc=pl" mech=SIMPLE bind_ssf=0 ssf=256 Mar 7 15:21:31 lipa1 slapd[1220021]: conn=26424 op=0 RESULT tag=97 err=0 qtime=0.000025 etime=0.000269 text= Mar 7 15:21:31 lipa1 slapd[1220021]: conn=26424 op=1 SRCH base="ou=Touki,ou=People,dc=touk,dc=pl" scope=2 deref=3 filter="(&(toukAccountActive=TRUE)(memberOf=cn=finanse,ou=touk,ou=group,dc=touk,dc=pl))" Mar 7 15:21:31 lipa1 slapd[1220021]: conn=26424 op=1 SRCH attr=1.1 Mar 7 15:21:31 lipa1 slapd[1220021]: conn=26424 op=2 UNBIND Mar 7 15:21:31 lipa1 slapd[1220021]: conn=26424 op=1 SEARCH RESULT tag=101 err=0 qtime=0.000019 etime=0.002765 nentries=6 text= -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 13 Mar '23

13 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=4501 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review | -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 13 Mar '23

13 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=4501 --- Comment #7 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Fredrik Roubert from comment #6) > Does anyone have any opinion about this? We've assigned it for review, ty for the PR! -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 13 Mar '23

13 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=4501 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |needs_review -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 13 Mar '23

13 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=4501 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |smckinney(a)symas.com -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 11 Mar '23

11 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=4501 --- Comment #6 from Fredrik Roubert <fredrik(a)roubert.name> --- Does anyone have any opinion about this? -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10018] New: lmdb runs for two years and triggers abort error
by openldap-its＠openldap.org 09 Mar '23

09 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=10018 Issue ID: 10018 Summary: lmdb runs for two years and triggers abort error Product: LMDB Version: 0.9.23 Hardware: Other OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: Zhou.chang(a)h3c.com Target Milestone: --- We found that when the Last transaction ID exceeds the maximum value, the database abort signal will be triggered and two errors will be reported： Assertion 'rc == 0' failed in mdb_page_dirty() Assertion 'mp->mp_pgno != pgno' failed in mdb_page_touch() I would like to ask whether the current lmdb has considered this situation, ./mdb_stat -e /tmp/lmdb Environment Info Map address: (nil) Map size: 10485760 Page size: 4096 Max pages: 2560 Number of pages used: 238 Last transaction ID: 4294967295 Max readers: 126 Number of readers used: 2 -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 8447] LMDB: Overwriting values in MDB_DUPSORT databases broken
by openldap-its＠openldap.org 06 Mar '23

06 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=8447 --- Comment #5 from Howard Chu <hyc(a)openldap.org> --- Created attachment 951 --> https://bugs.openldap.org/attachment.cgi?id=951&action=edit test case Simple reproducer -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8447] LMDB: Overwriting values in MDB_DUPSORT databases broken
by openldap-its＠openldap.org 06 Mar '23

06 Mar '23

https://bugs.openldap.org/show_bug.cgi?id=8447 Howard Chu <hyc(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |TEST --- Comment #4 from Howard Chu <hyc(a)openldap.org> --- Fixed in mdb.master c7b3cc4df6dfe8f0772fb509bdc74777667caa43 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10007] New: lmdb does not work on MSYS2/Cygwin
by openldap-its＠openldap.org 27 Feb '23

27 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10007 Issue ID: 10007 Summary: lmdb does not work on MSYS2/Cygwin Product: LMDB Version: unspecified Hardware: All OS: Windows Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: facboy(a)gmail.com Target Milestone: --- lmdb can be compiled if the correct flags are set on MSYS2/Cygwin, but it does not actually work. `make test` will result in errors. If `make CPPFLAGS="-DMDB_USE_ROBUST=0"` is used, `mtest` fails with: > mtest.c:50: mdb_env_open(env, "./testdb", MDB_FIXEDMAP , 0664): Invalid argument > Aborted (core dumped) If `make CPPFLAGS="-DMDB_USE_POSIX_SEM=1"` is used, `mtest` fails with: > mtest.c:50: mdb_env_open(env, "./testdb", MDB_FIXEDMAP , 0664): No such file or directory > Aborted (core dumped) -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9972] New: SSS needs READ instead of SEARCH access
by openldap-its＠openldap.org 27 Feb '23

27 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9972 Issue ID: 9972 Summary: SSS needs READ instead of SEARCH access Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- I have configured an OpenLDAP 2.6 server with dn: olcDatabase=mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: mdb olcAccess: to dn="cn=bodies,dc=aegee,dc=org" by * search # no problem if this is READ olcAccess: to dn.sub="dc=aegee,dc=org" by * read … dn: olcOverlay=sssvlv,olcDatabase={1}mdb,cn=config objectClass:olcOverlayConfig The content of the tree is available anymously by calling ldapsearch -ZZxH ldap://ldap.aegee.org -b "dc=aegee,dc=org" -s sub . When I modify the call to use SSS: ldapsearch -ZxH ldap://ldap.aegee.org -b "dc=aegee,dc=org" -s sub -E sss=ou:2.5.13.15 it also returns results, but ends with ``` # search result search: 93 result: 50 Insufficient access # numResponses: 3 # numEntries: 2 ``` When I modify above: olcAccess: to dn="cn=bodies,dc=aegee,dc=org" by * read then the access is sufficient. There is no entry called "dn:cn=bodies,dc=aegee,dc=org", or rather the entry shall not be returned on searches and `ldapsearch -ZxH ldap://ldap.aegee.org -b "dc=aegee,dc=org" -s sub` does not return it. These work without a problem: ldapsearch -ZxH ldap://ldap.aegee.org -b "cn=bodies,dc=aegee,dc=org" -s one -E sss=ou:2.5.13.15 ldapsearch -ZxH ldap://ldap.aegee.org -b "cn=bodies,dc=aegee,dc=org" -s sub ldapsearch -ZxH ldap://ldap.aegee.org -b "cn=bodies,dc=aegee,dc=org" -s one This produces Insufficient access: ldapsearch -ZxH ldap://ldap.aegee.org -b "cn=bodies,dc=aegee,dc=org" -s sub -E sss=ou:2.5.13.15 That said client-side-sorting does work without a problem, but server-side sorting requires not only SEARCH, but also READ privileges on dn="cn=bodies,dc=aegee,dc=org". I find this is a bug: SSS requires read-acesss to data, which is not supposed to be returned to the client (dn:cn=bodies,dc=aegee,dc=org). For the additional server-side sorting no additional privileges shall be required, compared to returning the results without server-side-sorting. -- You are receiving this mail because: You are on the CC list for the issue.

1 11

[Issue 10009] New: test076 execution failed
by openldap-its＠openldap.org 27 Feb '23

27 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10009 Issue ID: 10009 Summary: test076 execution failed Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: test suite Assignee: bugs(a)openldap.org Reporter: 1010881517(a)qq.com Target Milestone: --- openldap-2.6.3test case test076-authid-rewrite failed when I upgrade openssl to openssl3.0 Does anyone have a similar problem? >>>>> 00:27:30 Starting test076-authid-rewrite for mdb... running defines.sh Starting slapd on TCP/IP port 9011... /home/abuild/rpmbuild/BUILD/openldap-2.6.3/openldap-2.6.3/tests Using ldapsearch to check that slapd is running... Checking whether DIGEST-MD5 is supported... Adding schema and database... Using ldapadd to populate the database... Adding olcAuthzRegexp rule for static mapping... Testing ldapwhoami as Manager... ./scripts/test076-authid-rewrite: line 177: 219330 Segmentation fault (core dumped) $LDAPSASLWHOAMI -H $URI1 -Y $MECH -U $ID -w $PASSWD ldapwhoami failed (139)! >>>>> 00:27:33 Failed test076-authid-rewrite for mdb after 3 seconds (exit 139) -- You are receiving this mail because: You are on the CC list for the issue.

2 9

[Issue 10012] New: fcntl called without checking value
by openldap-its＠openldap.org 27 Feb '23

27 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10012 Issue ID: 10012 Summary: fcntl called without checking value Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: balaev(a)tarantool.org Target Milestone: --- Created attachment 949 --> https://bugs.openldap.org/attachment.cgi?id=949&action=edit patch file ldap_pvt_socket() and ldap_int_socket() calls fcntl without checking value of file descriptor. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10008] New: Makefile does not building DLLs on Cygwin/MSYS2
by openldap-its＠openldap.org 27 Feb '23

27 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10008 Issue ID: 10008 Summary: Makefile does not building DLLs on Cygwin/MSYS2 Product: LMDB Version: unspecified Hardware: All OS: Windows Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: facboy(a)gmail.com Target Milestone: --- Currently when building on Cygwin/MSYS2 make does not generate DLL files. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 8447] LMDB: Overwriting values in MDB_DUPSORT databases broken
by openldap-its＠openldap.org 24 Feb '23

24 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=8447 --- Comment #3 from nicolas.werner(a)hotmail.de --- I can reproduce this without using any cursors. I am using the lmdb++ header for simplicity (https://github.com/hoytech/lmdbxx), but it also reproduces using the plain C API. Full repro: #include <iostream> #include <stdlib.h> #include "lmdb++.h" #define PROJECT_NAME "mdb-dup-bug" static int compare_state_key(const MDB_val *a, const MDB_val *b) { auto get_skey = [](const MDB_val *v) { std::string_view data(static_cast<const char *>(v->mv_data), v->mv_size); return data.substr(0, data.find(',')); }; return get_skey(a).compare(get_skey(b)); } int main(int argc, char **argv) { if(argc != 1) { std::cout << argv[0] << "takes no arguments.\n"; return 1; } std::cout << "This is project " << PROJECT_NAME << ".\n"; auto env = lmdb::env::create(); env.set_max_dbs(10); char dirname[] = "/tmp/lmdb-bug.XXXXXX"; env.open(mkdtemp(dirname)); lmdb::dbi db; { auto txn = lmdb::txn::begin(env); db = lmdb::dbi::open( txn, std::string("dupsort").c_str(), MDB_CREATE | MDB_DUPSORT); lmdb::dbi_set_dupsort(txn, db, compare_state_key); db.put(txn, "abcd", "ab,cdef"); db.put(txn, "abcd", "a,abc"); txn.commit(); } { auto txn = lmdb::txn::begin(env); std::string_view data; db.get(txn, "abcd", data); std::cout << "Data size: " << data.size() << " expected: 5, data: '" << data << "', expected: 'a,abc'\n"; txn.commit(); } { auto txn = lmdb::txn::begin(env); db.put(txn, "abcd", "a,12"); txn.commit(); } { auto txn = lmdb::txn::begin(env); std::string_view data; db.get(txn, "abcd", data); std::cout << "Data size: " << data.size() << " expected: 4, data: '" << data << "', expected: 'a,12'\n"; txn.commit(); } { auto txn = lmdb::txn::begin(env); db.put(txn, "abcd", "a,x"); txn.commit(); } { auto txn = lmdb::txn::begin(env); std::string_view data; db.get(txn, "abcd", data); std::cout << "Data size: " << data.size() << " expected: 3, data: '" << data << "', expected: 'a,x'\n"; txn.commit(); } return 0; } This prints the following output: This is project mdb-dup-bug. Data size: 5 expected: 5, data: 'a,abc', expected: 'a,abc' Data size: 5 expected: 4, data: 'a,12c', expected: 'a,12' Data size: 5 expected: 3, data: 'a,x2c', expected: 'a,x' Commenting out the first put with the different data-key resolves the issue, but certainly you would expect that replacing a duplicate replaces the size too. Doing explicit delete before the put works around this issue. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 4501] jdbcldap: use of enum reserved work (Java 1.5)
by openldap-its＠openldap.org 18 Feb '23

18 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=4501 --- Comment #5 from Fredrik Roubert <fredrik(a)roubert.name> --- Java 1.5 is no longer sufficient to be able to build this code base using a still supported JDK, so I propose updating the scope of this issue to Java 8 instead and then resolve that with this series of patches: https://git.openldap.org/openldap/jdbcldap/-/merge_requests/6 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9887] New: Offer to mirror OpenLDAP
by openldap-its＠openldap.org 13 Feb '23

13 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9887 Issue ID: 9887 Summary: Offer to mirror OpenLDAP Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: mirrors(a)jevincanders.net Target Milestone: --- Greetings, We're from Jevin Canders, a hosting company based in New York (servers are in Buffalo). We're wondering if you wanted/needed another US mirror. We're already mirroring other open source projects, including Kali Linux and F-Droid. As of next week (tentatively), our mirror server will have a 20 Gbps pipe to work with, so we'll be able to handle new projects. Let us know if you have any questions, concerns, or requests. Sincerely, Josh Anders and Kevin Croissant JC Mirrors Team -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9956] New: Please register my company on the support page
by openldap-its＠openldap.org 13 Feb '23

13 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9956 Issue ID: 9956 Summary: Please register my company on the support page Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: sjsong(a)aboutdap.kr Target Milestone: --- Hello. openldap page administrater. Please register my company on the support page. Please contact me if you need additional information. Registration phrase Seojindsa Co., Ltd. (Aboutdap Co., Ltd.)- Korea Provides consultancy, development, training and user support for OpenLDAP software in Korea. URL : seojindsa : www.seojindsa.kr, aboutdap : www.aboutdap.kr thank you. Song. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs