- openldap-bugs - openldap.org

[Issue 9957] New: slapo-dynlist manpage needs better description of dynlist-attrset
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9957 Issue ID: 9957 Summary: slapo-dynlist manpage needs better description of dynlist-attrset Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Each dynlist-attrset defines one of three distinct behaviours: - dynamic list (attributes are gathered from other entries) - dynamic group (DNs are gathered based on other entries) - static group (DNs are gathered based on DNs stored on entries) With the groups possibly being recursive, requiring traversal. Since the above do not mix, the documentation should be more explicit about how each one should look and behave. It should also be noted somewhere what happens (or not) when multiple dynlist-attrset stanzas would apply to the same entry. At that point, configuration code could also be made more strict to reject configurations that satisfy the apparent dynlist-attrset syntax but do not actually represent anything that fits just one of the above and is therefore nonsensical (with parts of it apparently ignored at runtime). With nonsensical configuration rejected, it would be possible to streamline internal dynlist structures and make critical parts of the overlay code more readable. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9941] New: back-asyncmeta(5) man page has incorrect information
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9941 Issue ID: 9941 Summary: back-asyncmeta(5) man page has incorrect information Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- Currently the man page states that asyncmeta selects the connection queue with the least number of pending operations as the next connection, but that was dropped a while ago, and the connections queues are selected round-robin. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9985] New: slapd-modules/passwd/totp does not build .so file
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9985 Issue ID: 9985 Summary: slapd-modules/passwd/totp does not build .so file Product: OpenLDAP Version: 2.6.3 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: bastian-bugopenldap21(a)t6l.de Target Milestone: --- I try to build the contrib module totp from openldap 2.6.3. The README states to run `make` in order to build the dynamic link-able .so file. It does not so on my test system (could be a flaw on the test system though). Many thanks, -- You are receiving this mail because: You are on the CC list for the issue.

1 12

[Issue 9917] New: Remove -h and -p from options[] in client tools
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9917 Issue ID: 9917 Summary: Remove -h and -p from options[] in client tools Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: daniels.thomas(a)pm.me Target Milestone: --- Created attachment 914 --> https://bugs.openldap.org/attachment.cgi?id=914&action=edit patch for this issue The options -h and -p got removed from client tools (https://bugs.openldap.org/show_bug.cgi?id=8618). However, they were still present in the options[] array in several client tools source files. So, if one of those tools got executed with -h or -p followed by a value, this lead to the error "unrecognized option -", without mentioning which option was problematic. Removing 'h' and 'p' from options[] fixes this. This patch does that. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9908] New: LDAP* leak in slapd-tester children when retrying a bind
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9908 Issue ID: 9908 Summary: LDAP* leak in slapd-tester children when retrying a bind Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Happens in lloadd's test002 where the balancer routinely returns BUSY in response to a bind. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9860] New: ldapsearch memory leaks
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9860 Issue ID: 9860 Summary: ldapsearch memory leaks Product: OpenLDAP Version: 2.5.12 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: hamano(a)osstech.co.jp Target Milestone: --- When using page control, The control value leaks with each goto getNextPage; loop due to `i` and `nctrl` step back. ``` 1114 getNextPage: ... 1124 save_nctrls = nctrls; 1125 i = nctrls; ``` ``` 1284 if ( ldap_create_page_control_value( ld, 1285 pageSize, &pr_cookie, &c[i].ldctl_value ) ) ``` ``` 1445 /* step back to the original number of controls, so that 1446 * those set while parsing args are preserved */ 1447 nctrls = save_nctrls; ``` ``` 1612 goto getNextPage; ``` -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9926] New: Bad file links in openldap-OPENLDAP_REL_ENG_2_5.tar.gz
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9926 Issue ID: 9926 Summary: Bad file links in openldap-OPENLDAP_REL_ENG_2_5.tar.gz Product: OpenLDAP Version: 2.5.13 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: ksmith(a)blackducksoftware.com Target Milestone: --- The current archive openldap-OPENLDAP_REL_ENG_2_5.tar.gz (downloaded 10/4/22) contains files that were included as invalid links. This causes errors when trying to unzip via 7zip or trying to scan with various software tools. The tar.gz is successfully expanded using "tar -xvzf" but the problem files do not exist. Error output in 7zip is: Can not create symbolic link: A required priviledge in not held by the client.: openldap-OPENLDAP_REL_ENG_2_5\servers\lloadd\design.md openldap-OPENLDAP_REL_ENG_2_5\servers\lloadd\nt_svc.c openldap-OPENLDAP_REL_ENG_2_5\tests\data\homedir\skel\directory\broken link openldap-OPENLDAP_REL_ENG_2_5\tests\data\homedir\skel\svmlink Bad file links in openldap-OPENLDAP_REL_ENG_2_5.tar.gz -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9900] New: configure.ac contains non-portable statement (bashism)
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9900 Issue ID: 9900 Summary: configure.ac contains non-portable statement (bashism) Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: michael.osipov(a)siemens.com Target Milestone: --- My shell on HP-UX tells me: ./configure[22349]: ==: A test command parameter is not valid. which is causes by > 2038 if test $ol_enable_slapd == no && test $ol_enable_balancer != yes ; then in configure.ac. Similar I have reported to BIND9: https://gitlab.isc.org/isc-projects/bind9/-/issues/2873. POSIX expects one equals sign. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9894] New: NetBSD build needs gmake, the default make utility does not have all the necessary features.
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9894 Issue ID: 9894 Summary: NetBSD build needs gmake, the default make utility does not have all the necessary features. Product: OpenLDAP Version: unspecified Hardware: x86_64 OS: Other Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: lucio.dere(a)gmail.com Target Milestone: --- Please include in your build instructions that NetBSD's "make" (bmake, I seem to recall) rejects some Makefile stuff (for the bare "make" command, "make depend" completed successfully). Perhaps configure can figure that out or just check for gmake and use it if found? I did not try "make test". -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9942] New: back-mdb fails to release Added entries
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9942 Issue ID: 9942 Summary: back-mdb fails to release Added entries Product: OpenLDAP Version: 2.5.12 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Detected by valgrind on test002. Appears to be a regression since some time after ITS#7915. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9895] New: Increase max number of index DBs in back-mdb
by openldap-its＠openldap.org 09 Feb '23

09 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9895 Issue ID: 9895 Summary: Increase max number of index DBs in back-mdb Product: OpenLDAP Version: 2.5.12 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Currently there is a hardcoded limit of 128 index DBs in back-mdb. Some sites want more than this (although there's no evidence they actually use more than 128 attributes in all of their applications' search filters). For 2.5/2.6 we can simply double the constant. For 2.7 consider making it configurable. Note that increasing the number increases the size of an LMDB transaction structure, and also increases the time needed to initialize it whenever creating a transaction, so it's a bad idea to just set this to an arbitrarily large number. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10006] New: gitlab account awaiting approval
by openldap-its＠openldap.org 06 Feb '23

06 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10006 Issue ID: 10006 Summary: gitlab account awaiting approval Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: facboy(a)gmail.com Target Milestone: --- i've tried creating an account on https://git.openldap.org a few weeks ago, but it is still awaiting approval. it has the same email as this bugzilla account. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10005] New: Fix flags not getting committed when using named dbs in lmdb
by openldap-its＠openldap.org 06 Feb '23

06 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10005 Issue ID: 10005 Summary: Fix flags not getting committed when using named dbs in lmdb Product: LMDB Version: 0.9.29 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: mega.alpha100(a)gmail.com Target Milestone: --- This addition is simply a replication of some logic already in lmdb's repo to ensure flags are saved when using named db, like is already done for the main/unamed db This is a link to the requested fix https://github.com/Ultra-Code/lmdb/commit/ce001a311d8fb16afbf13df2a1e21d505… -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10002] New: Potential memory leak in tests/progs/slapd-bind.c
by openldap-its＠openldap.org 02 Feb '23

02 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10002 Issue ID: 10002 Summary: Potential memory leak in tests/progs/slapd-bind.c Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: test suite Assignee: bugs(a)openldap.org Reporter: 1061499390(a)qq.com Target Milestone: --- Version: Github:master Potential memory leak in slapd-bind.c line 139.Calling ldap_url_parse() without calling ldap_free_urldesc() to free the memory will cause a memory leak. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10001] New: Potential memory leak in libraries/libldap/urltest.c
by openldap-its＠openldap.org 02 Feb '23

02 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=10001 Issue ID: 10001 Summary: Potential memory leak in libraries/libldap/urltest.c Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: 1061499390(a)qq.com Target Milestone: --- Version: Github:master Potential memory leak in urltest.c line 75.Calling ldap_url_parse() without calling ldap_free_urldesc() to free the memory will cause a memory leak. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9994] New: Potential memory leak in tests/progs/slapd-modify.c
by openldap-its＠openldap.org 02 Feb '23

02 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9994 Issue ID: 9994 Summary: Potential memory leak in tests/progs/slapd-modify.c Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: test suite Assignee: bugs(a)openldap.org Reporter: 1061499390(a)qq.com Target Milestone: --- Version: Github:master Potential memory leak in slapd-modify.c line 164 and 191.Calling ldap_modify_ext_s() without calling ldap_mods_free() to free the memory will cause a memory leak. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9992] New: Requesting information about libraries/ldap_r
by openldap-its＠openldap.org 01 Feb '23

01 Feb '23

https://bugs.openldap.org/show_bug.cgi?id=9992 Issue ID: 9992 Summary: Requesting information about libraries/ldap_r Product: OpenLDAP Version: 2.5.12 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: jjrobert(a)lexmark.com Target Milestone: --- Apologies if this is a duplicate - the tracking system seemed to glitch when I submitted so I'm typing it up again. We are upgrading our stack from using openldap 2.4.57 to 2.5.12 and one of our dependencies is missing lldap_r. I searched and only really found this, which gives me some idea of its purpose: https://marc.info/?l=openldap-devel&m=95218635611825 Is it simply gone now, or does it exist as a separate library? Is there any guidance on what to do if you were using it previously? Thanks, -Jeff -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 7933] [PATCH] fix frontend config
by openldap-its＠openldap.org 31 Jan '23

31 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=7933 --- Comment #8 from Ondřej Kuzník <ondra(a)mistotebe.net> --- On Thu, Jan 26, 2023 at 01:53:22PM +0000, openldap-its(a)openldap.org wrote: > Could this be the reason why I get `attribute 'olcPasswordHash' not allowed` > when trying to apply an .ldif file such as: > > dn: olcDatabase={-1}frontend,cn=config > changetype: modify > add: olcPasswordHash > olcPasswordHash: {CRYPT} > > This has popped up in Fedora > (https://bugzilla.redhat.com/show_bug.cgi?id=2061966) which seem to have copied > the respective default frontend config file before this patch (see > https://src.fedoraproject.org/rpms/openldap/blob/f37/f/slapd.ldif#_105). As you suggest, this seems to be a Fedora packaging issue: them shipping an out of date ldif file where they might have been able to copy it from upstream source. Pretty sure in that case there's nothing that can be done on the OpenLDAP project side. Someone might need to step up and help Fedora package maintainers deal with it if they say the existing team don't have the capacity. Regards, -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9718] New: test022 can fail on expiry
by openldap-its＠openldap.org 31 Jan '23

31 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=9718 Issue ID: 9718 Summary: test022 can fail on expiry Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- >>>>> Starting test022-ppolicy for mdb... running defines.sh Starting slapd on TCP/IP port 9011... Using ldapsearch to check that slapd is running... Testing redundant ppolicy instance... Using ldapadd to populate the database... Testing account lockout... Waiting 13 seconds for lockout to reset... Testing password expiration Waiting seconds for password to expire... sleep: missing operand Try 'sleep --help' for more information. Password expiration test failed >>>>> test022-ppolicy failed for mdb after 43 seconds (exit 1) The issue here is apparently that line 122-123 failed to populate the DELAY variable. 121 122 DELAY=`$LDAPSEARCH -D "$MANAGERDN" -H $URI1 -w $PASSWD \ 123 -b "$USER" -E accountUsability 1.1 | sed -n -e 's/.*expire=$\d*$/\1/p'` 124 125 echo "Testing password expiration" 126 echo "Waiting $DELAY seconds for password to expire..." 127 sleep $DELAY 128 sleep 1 -- You are receiving this mail because: You are on the CC list for the issue.

1 10

[Issue 8102] syncrepl_entry: be_modify failed (16)
by openldap-its＠openldap.org 30 Jan '23

30 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=8102 --- Comment #10 from Quanah Gibson-Mount <quanah(a)openldap.org> --- head: • 868309c9 by Ondřej Kuzník at 2023-01-30T12:06:24+00:00 ITS#8102 Do not continue if deconfigured during pause RE26: • 0b2f5ad7 by Ondřej Kuzník at 2023-01-30T19:01:00+00:00 ITS#8102 Do not continue if deconfigured during pause RE25: • 6733fe4d by Ondřej Kuzník at 2023-01-30T19:02:48+00:00 ITS#8102 Do not continue if deconfigured during pause -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9045] Crashes in cn=config (test050)
by openldap-its＠openldap.org 30 Jan '23

30 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=9045 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.4 |2.5.14 Resolution|--- |FIXED Status|IN_PROGRESS |RESOLVED --- Comment #10 from Quanah Gibson-Mount <quanah(a)openldap.org> --- head: • 12bf5a95 by Ondřej Kuzník at 2023-01-23T11:53:36+00:00 ITS#9045 rlock only if there may be other threads RE26: • 66c2b5ad by Ondřej Kuzník at 2023-01-30T18:57:18+00:00 ITS#9045 rlock only if there may be other threads RE25: • 2f3b77d4 by Quanah Gibson-Mount at 2023-01-30T18:58:16+00:00 Revert "Revert "ITS#9045 Do not share cn=config entries with outside code"" This reverts commit 393308ac1c3eb9d65b682c06826d60a0bf856070. • 5936d721 by Ondřej Kuzník at 2023-01-30T18:59:26+00:00 ITS#9045 rlock only if there may be other threads -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8698] ppolicy: responses from pwdCheckModule discarded when using an extended password modify
by openldap-its＠openldap.org 27 Jan '23

27 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=8698 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9990 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8698] ppolicy: responses from pwdCheckModule discarded when using an extended password modify
by openldap-its＠openldap.org 26 Jan '23

26 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=8698 --- Comment #3 from subbarao(a)computer.org <subbarao(a)computer.org> --- Part of the fix for this change breaks exop overlay callbacks. Fortunately the fix is simple, just revert the change to passwd.c. The rest works fine. Please see ITS#9990 for more details: https://bugs.openldap.org/show_bug.cgi?id=9990 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7933] [PATCH] fix frontend config
by openldap-its＠openldap.org 26 Jan '23

26 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=7933 --- Comment #7 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to nilskemail+github from comment #6) > Could this be the reason why I get `attribute 'olcPasswordHash' not allowed` > when trying to apply an .ldif file such as: > > dn: olcDatabase={-1}frontend,cn=config > changetype: modify > add: olcPasswordHash > olcPasswordHash: {CRYPT} > > This has popped up in Fedora > (https://bugzilla.redhat.com/show_bug.cgi?id=2061966) which seem to have > copied the respective default frontend config file before this patch (see > https://src.fedoraproject.org/rpms/openldap/blob/f37/f/slapd.ldif#_105). I'd open a bug with redhat as to why they're doing this at all. {CRYPT} hashes are not portable. If they want to support secure hashes, they should use the ARGON2 module. You also fail to state what version of OpenLDAP you're reporting against. This bug was fixed in 2014, so unless RH is using an absolutely ancient version of OpenLDAP, this would not be related. You probably should describe the issue(s) you are encountering in a post to the openldap-technical email list (https://lists.openldap.org) -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7933] [PATCH] fix frontend config
by openldap-its＠openldap.org 26 Jan '23

26 Jan '23

https://bugs.openldap.org/show_bug.cgi?id=7933 --- Comment #6 from nilskemail+github(a)gmail.com --- Could this be the reason why I get `attribute 'olcPasswordHash' not allowed` when trying to apply an .ldif file such as: dn: olcDatabase={-1}frontend,cn=config changetype: modify add: olcPasswordHash olcPasswordHash: {CRYPT} This has popped up in Fedora (https://bugzilla.redhat.com/show_bug.cgi?id=2061966) which seem to have copied the respective default frontend config file before this patch (see https://src.fedoraproject.org/rpms/openldap/blob/f37/f/slapd.ldif#_105). -- You are receiving this mail because: You are on the CC list for the issue.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs