- openldap-bugs - openldap.org

(ITS#5672) Build of back-ndb fails - back-ndb.h:26:22: error: NdbApi.hpp: No such file or directory
by michael＠stroeder.com 30 Aug '08

30 Aug '08

Full_Name: Michael Ströder Version: HEAD OS: Linux URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (84.163.97.73) I think this says it all: back-ndb.h:26:22: error: NdbApi.hpp: No such file or directory I could provide the complete build output if needed.

1 0

Re: (ITS#5608) caseIgnoreListMatch implemented in HEAD
by ando＠sys-net.it 30 Aug '08

30 Aug '08

ando(a)sys-net.it wrote: > ... I'd consider this > ITS as a request to finally implement that matching rule. Applied to HEAD; please test. No time for caseIgnoreListSubstringsMatch, though. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando(a)sys-net.it -----------------------------------

1 0

Re: (ITS#5661) contextCSN gets corrupted on the stand by mirror
by ando＠sys-net.it 29 Aug '08

29 Aug '08

Ali Pouya wrote: > Hi Pierangelo, >>> contextCSN: 20080727021429.070493Z#000000#000#000000 >>> contextCSN:: +HYDCTA4MDIwMzM3MTguMzAwMTExWiMwMDAwMDAjMDAxIzAwMDAwMA== >> >> which looks like >> >> 4 bytes of garbage + "0802033718.300111Z#000000#001#000000" >> > Yes, but I would like to bring a precision : > under VI the 4 bytes are handled as 2 characters only. That's probably because vi incorrectly interprets that as a multi-byte encoding, since it contains garbage. That's supposed to be a string restricted to those chars that are allowed by generalized time, so you shouldn't rely on vi guesses based on their actual, erroneous content. > In fact each time > the problem occurs I repair my database using a BDB C program wich reads > the first key from id2entry.bdb and writes it on disk. > Then I use vi to fix the contextCSN, before writing the key back to the > database. > Using vi I do not delete any characters. I only replace them by 20, then > I fix the rest of the fields. Then you'd get year 20 AD! The 08 you see in your broken entryCSN is the month, not the last two digits of the year. > Another precision : when the first two chars take corrupted, the rest of > the contextCSN gets stuck and does not follow write operations. > >> I note that, according to the sid values you assigned to servers A and >> B, the first contextCSN should not appear, since it has sid == 0, >> while the second one, apart from the corruption, is plausible (as >> you're writing to server A, with sid == 1). >> > Yes. > The contextCSN with sid=0 is there because at the beginning I initiated > my directory without SID (defaults to 0), then I set two difrent SIDs > for A and B. Can you try a fresh reload of the database(s) stripping out the entryCSN and letting slapadd generate them, using the -S <SID> switch (along with the -w switch), in order to enforce a SID of 001 (or 002, as you like)? p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando(a)sys-net.it -----------------------------------

1 0

Re: (ITS#5671) using constraint uri results in slapd abort
by ando＠sys-net.it 29 Aug '08

29 Aug '08

kkalev(a)noc.ntua.gr wrote: > Full_Name: Kostas Kalevras > Version: $OpenLDAP: slapd 2.4.11 (Aug 20 2008 14:21:11) > OS: FreeBSD 6.3-RELEASE-p3 > URL: http://noc.ntua.gr/~kkalev/kostas.kalevras-20080829.txt > Submission from: (NULL) (147.102.224.68) > > > When enabling contraint overlay with the uri feature and running an ldap modify > that will triger the contraint, slapd aborts. More information in the included > logs Sounds like a duplicate of ITS#5581, which was only partially fixed in 2.4.11. This should already be fixed in HEAD, please test. Also, try removing the brackets from the filter in the constraint_attribute statement; this should work around your issue while upgrading. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando(a)sys-net.it -----------------------------------

1 0

(ITS#5671) using constraint uri results in slapd abort
by kkalev＠noc.ntua.gr 29 Aug '08

29 Aug '08

Full_Name: Kostas Kalevras Version: $OpenLDAP: slapd 2.4.11 (Aug 20 2008 14:21:11) OS: FreeBSD 6.3-RELEASE-p3 URL: http://noc.ntua.gr/~kkalev/kostas.kalevras-20080829.txt Submission from: (NULL) (147.102.224.68) When enabling contraint overlay with the uri feature and running an ldap modify that will triger the contraint, slapd aborts. More information in the included logs

1 0

Re: N-way multimaster replication problem (ITS#5617)
by miguel.jinez＠gmail.com 28 Aug '08

28 Aug '08

Hello, I have complied openldap 2.4.11 now, and I have test again, but the problem persist El mié, 27-08-2008 a las 20:10 +0000, Gavin Henry escribió: > Can you try on 2.4.11 now. > > Thanks.

1 0

Re: (ITS#5545) Inconsistency in multi-master setup
by ghenry＠OpenLDAP.org 27 Aug '08

27 Aug '08

> Have setup 2-node multi-master configuration. Found that when > operating on same > set of users at high loading, there will be consistency between the > masters. Can you confirm this on 2.4.11? -- Kind Regards, Gavin Henry. OpenLDAP Engineering Team. E ghenry(a)OpenLDAP.org Community developed LDAP software. http://www.openldap.org/project/

1 0

Re: (ITS#5655) add option for setting minimum TLS/SSL protocol
by guenther＠sendmail.com 27 Aug '08

27 Aug '08

On Wed, 20 Aug 2008, Philip Guenther wrote: > I have an updated patch, but can't post it: ftp.openldap.org's incoming is > full: Still full...

1 0

RE: (ITS#5668) Invalid entryCSN generated, and slapd will not restart
by emmanuel.duru＠atosorigin.com 27 Aug '08

27 Aug '08

I am running windows 32 bits. Here is what I get from my debugging session: After QueryPerformanceCounter( &count ), count.QuadPart is worth 4243738405535005 So the overflow comes from count.QuadPart *= 1000000; > -----Message d'origine----- > De : Howard Chu [mailto:hyc@symas.com] > Envoyé : mercredi 27 août 2008 13:08 > À : openldap-its(a)openldap.org; Emmanuel Duru > Objet : Re: (ITS#5668) Invalid entryCSN generated, and slapd will not > restart > > ando(a)sys-net.it wrote: > > emmanuel.duru(a)atosorigin.com wrote: > >> I see that tm->tm_usub is negative, there seems to be overflows between > >> LARGE_INTEGER and int variables. > > It would take over 4 billion operations in a single timer tick (on the > order > of nanoseconds) to make tm_usub overflow. That seems pretty unlikely. > > > If the problem disappears by initializing the static variables in > > lutil_gettime(), then it might be a compiler issue. > > I suppose that's always possible... > > The original post shows that the tm_usec field is negative. That could > happen > if the offset we computed between the SYSTEMTIME and the > PerformanceCounter > was wrong, or if the SYSTEMTIME was adjusted while the process was > running. > > What version of Windows are you running? 32 or 64 bit? Can you singlestep > through this function with a debugger and verify all of the values? I > haven't > run this code on Windows in a long time, would take a bit of effort to > resurrect my build environment. > > -- > -- Howard Chu > CTO, Symas Corp. http://www.symas.com > Director, Highland Sun http://highlandsun.com/hyc/ > Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#5669) slapd ...
by ali.pouya＠free.fr 27 Aug '08

27 Aug '08

Howard Chu wrote : >In fact, just drop the syncprov-reloadhint setting and you'll be fine. (Since >you never have delete operations, reloads will never occur anyway.) OK Howard. Thanks for your help. I tried to send this message several times. May be you will receive more than one answer. Best Regards Ali

1 0

Re: (ITS#5669) slapd ...
by ali.pouya＠free.fr 27 Aug '08

27 Aug '08

Howard Chu wrote : >In fact, just drop the syncprov-reloadhint setting and you'll be fine. (Since >you never have delete operations, reloads will never occur anyway.) OK Howard. Thanks for your help. I tried to send this message several times. May be you will receive more than one answer. Best Regards Ali

1 0

consumer crashing provider
by Dick Visser 27 Aug '08

27 Aug '08

(first post) Hi guys I am trying to set-up a pair of directory servers. Both of them run Ubuntu 8.04, which has OpenLDAP-2.4.9. I started out with one server, configured that to suit my needs (store UNIX and smb accounts), which works fine. Next thing is to set-up a second 'slave' server. After reading the docs, I decided to go for the syncrepl style replication for our micro tree. Everything seems to work fine. If I start the consumer it nicely pulls content from the provider. Retrieving the whole tree with ldapsearch from both servers yields exactly the same ldif. Great. However, if I now change something on my main server a.k.a. provider (f.i. change a password), the next time the consumers contacts the provider, the provider crashes: root@ldap:/etc/ldap# slapd -f slapd.conf -g openldap -u openldap -d 15 [snip] *** glibc detected *** slapd: free(): invalid size: 0xb676ef08 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xb7c62a85] /lib/tls/i686/cmov/libc.so.6(cfree+0x90)[0xb7c664f0] /usr/lib/liblber-2.4.so.2(ber_memfree_x+0x4a)[0xb7f93b4a] /usr/lib/ldap/syncprov-2.4.so.2[0xb787619a] slapd(overlay_op_walk+0x34)[0x80da4e4] slapd[0x80daaf7] slapd(fe_op_search+0x313)[0x8078a73] slapd(do_search+0x777)[0x80792e7] slapd[0x807653f] slapd[0x8076c36] /usr/lib/libldap_r-2.4.so.2[0xb7fa4714] /lib/tls/i686/cmov/libpthread.so.0[0xb7d4b4fb] /lib/tls/i686/cmov/libc.so.6(clone+0x5e)[0xb7ccde5e] ======= Memory map: ======== Aborted A slave server killing a master sort of defeats the whole purpose ;-) Any ideas how to solve this? If it makes any difference, here is the provider config: include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 4096 modulepath /usr/lib/ldap moduleload back_hdb moduleload syncprov sizelimit 5000 tool-threads 1 backend hdb database hdb suffix "dc=terena,dc=org" rootdn "cn=Replication,dc=terena,dc=org" directory "/var/lib/ldap" dbconfig set_cachesize 0 16777216 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 index objectClass,entryCSN,entryUUID eq index cn pres,sub,eq index sn pres,sub,eq index uid pres,sub,eq index displayName pres,sub,eq index uidNumber eq index gidNumber eq index memberUid eq index sambaSID eq index sambaPrimaryGroupSID eq index sambaDomainName eq index default sub lastmod on checkpoint 512 30 overlay syncprov syncprov-checkpoint 1 1 syncprov-sessionlog 100 access to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=terena,dc=org" write by dn="cn=smbadmin,dc=terena,dc=org" read by dn="cn=syncrepl,dc=terena,dc=org" read by anonymous auth by self write by * none access to * by dn="cn=admin,dc=terena,dc=org" write by * read access to dn.base="" by * read And here is the consumer config: include /etc/ldap/schema/core.schema include /etc/ldap/schema/cosine.schema include /etc/ldap/schema/nis.schema include /etc/ldap/schema/inetorgperson.schema include /etc/ldap/schema/samba.schema pidfile /var/run/slapd/slapd.pid argsfile /var/run/slapd/slapd.args loglevel 256 modulepath /usr/lib/ldap moduleload back_hdb sizelimit 500 tool-threads 1 backend hdb database hdb suffix "dc=terena,dc=org" rootdn "cn=Replication,dc=terena,dc=org" directory "/var/lib/ldap" dbconfig set_cachesize 0 2097152 0 dbconfig set_lk_max_objects 1500 dbconfig set_lk_max_locks 1500 dbconfig set_lk_max_lockers 1500 index objectClass,entryCSN,entryUUID eq access to attrs=userPassword,shadowLastChange,sambaLMPassword,sambaNTPassword by dn="cn=admin,dc=terena,dc=org" write by dn="cn=smbadmin,dc=terena,dc=org" read by anonymous auth by self write by * none access to * by dn="cn=admin,dc=terena,dc=org" write by * read access to dn.base="" by * read syncrepl rid=000 provider=ldap://ldap.terena.org:389 type=refreshOnly interval=00:00:00:60 retry="60 10 300 +" searchbase="dc=terena,dc=org" scope=sub attrs=* schemachecking=off bindmethod=simple binddn="cn=syncrepl,dc=terena,dc=org" credentials=hackme updateref ldap://ldap.terena.org:389 -- Dick Visser TERENA IT Support Officer TERENA Secretariat Singel 468 D, 1017 AW Amsterdam The Netherlands T +31 20 530 44 88 F +31 20 530 44 99 visser(a)terena.org | www.terena.org

2 1

Re: (ITS#5668) Invalid entryCSN generated, and slapd will not restart
by hyc＠symas.com 27 Aug '08

27 Aug '08

ando(a)sys-net.it wrote: > emmanuel.duru(a)atosorigin.com wrote: >> I see that tm->tm_usub is negative, there seems to be overflows between >> LARGE_INTEGER and int variables. It would take over 4 billion operations in a single timer tick (on the order of nanoseconds) to make tm_usub overflow. That seems pretty unlikely. > If the problem disappears by initializing the static variables in > lutil_gettime(), then it might be a compiler issue. I suppose that's always possible... The original post shows that the tm_usec field is negative. That could happen if the offset we computed between the SYSTEMTIME and the PerformanceCounter was wrong, or if the SYSTEMTIME was adjusted while the process was running. What version of Windows are you running? 32 or 64 bit? Can you singlestep through this function with a debugger and verify all of the values? I haven't run this code on Windows in a long time, would take a bit of effort to resurrect my build environment. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

RE: (ITS#5668) Invalid entryCSN generated, and slapd will not restart
by emmanuel.duru＠atosorigin.com 27 Aug '08

27 Aug '08

I'm sorry I thought this was an initialization issue, but this is not, Howard Chu is right. After some debugging, it is the tm_usec part which is negative (not the tm_usub, my mistake), tm_usec is computed from the large integers. > -----Message d'origine----- > De : Pierangelo Masarati [mailto:ando@sys-net.it] > Envoyé : mercredi 27 août 2008 12:23 > À : emmanuel.duru(a)atosorigin.com > Cc : openldap-its(a)openldap.org > Objet : Re: (ITS#5668) Invalid entryCSN generated, and slapd will not > restart > > emmanuel.duru(a)atosorigin.com wrote: > > I see that tm->tm_usub is negative, there seems to be overflows between > > LARGE_INTEGER and int variables. > > If the problem disappears by initializing the static variables in > lutil_gettime(), then it might be a compiler issue. > > p. > > > Ing. Pierangelo Masarati > OpenLDAP Core Team > > SysNet s.r.l. > via Dossi, 8 - 27100 Pavia - ITALIA > http://www.sys-net.it > ----------------------------------- > Office: +39 02 23998309 > Mobile: +39 333 4963172 > Fax: +39 0382 476497 > Email: ando(a)sys-net.it > -----------------------------------

1 0

Re: (ITS#5668) Invalid entryCSN generated, and slapd will not restart
by ando＠sys-net.it 27 Aug '08

27 Aug '08

emmanuel.duru(a)atosorigin.com wrote: > I see that tm->tm_usub is negative, there seems to be overflows between > LARGE_INTEGER and int variables. If the problem disappears by initializing the static variables in lutil_gettime(), then it might be a compiler issue. p. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando(a)sys-net.it -----------------------------------

1 0

RE: (ITS#5668) Invalid entryCSN generated, and slapd will not restart
by emmanuel.duru＠atosorigin.com 27 Aug '08

27 Aug '08

I see that tm->tm_usub is negative, there seems to be overflows between LARGE_INTEGER and int variables.

1 0

Re: (ITS#5670) admin guide octetstring matching rule typos
by ghenry＠OpenLDAP.org 26 Aug '08

26 Aug '08

Fixed in HEAD. Thanks. -- Kind Regards, Gavin Henry. OpenLDAP Engineering Team. E ghenry(a)OpenLDAP.org Community developed LDAP software. http://www.openldap.org/project/

1 0

Re: (ITS#5668) Invalid entryCSN generated, and slapd will not restart
by hyc＠symas.com 26 Aug '08

26 Aug '08

emmanuel.duru(a)atosorigin.com wrote: > Full_Name: Emmanuel Duru > Version: 2.4.11 > OS: Windows > URL: > Submission from: (NULL) (80.78.0.137) > > > On Windows, slapd generates entryCSN values such as: > 20080822124130.-657205Z#000000#000#000000 (the problem is the minus sign). > This is also the case when generating the cn=config branch from a slapd.conf > file. > Following this, slapd will not restart, because it checks the validity of > entryCSN values on cn=config branch at startup. > I believe that the problem comes from non initialized static variables in > lutil_gettime() function. > Do notice that initializations are also missing in non WIN32 section. No. The C standard specifies that global and static variables are initialized to zero by default. If you're a C programmer you should know this already. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#5670) admin guide octetstring matching rule typos
by mbackes＠symas.com 26 Aug '08

26 Aug '08

Full_Name: Matthew Backes Version: 2.4, head OS: URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (76.88.99.93) Section 12.2.4. Attribute Type Specification contains a table of matching rules, and octetString syntax's rules have an additional "string" typo in them, contradicting both the RFC and the code as implemented. Index: admin/aspell.en.pws =================================================================== RCS file: /repo/OpenLDAP/pkg/openldap-guide/admin/aspell.en.pws,v retrieving revision 1.26 diff -u -r1.26 aspell.en.pws --- admin/aspell.en.pws 19 Aug 2008 15:27:48 -0000 1.26 +++ admin/aspell.en.pws 26 Aug 2008 20:55:30 -0000 @@ -1383,7 +1383,7 @@ mandir RXER SSFs -octetStringOrderingStringMatch +octetStringOrderingMatch auditCompare pEntry strongAuthNotSupported @@ -1657,7 +1657,7 @@ baz params generalizedTimeOrderingMatch -octetStringSubstringsStringMatch +octetStringSubstringsMatch ber slimit ali Index: admin/schema.sdf =================================================================== RCS file: /repo/OpenLDAP/pkg/openldap-guide/admin/schema.sdf,v retrieving revision 1.51 diff -u -r1.51 schema.sdf --- admin/schema.sdf 25 Jul 2008 19:10:27 -0000 1.51 +++ admin/schema.sdf 26 Aug 2008 20:55:30 -0000 @@ -260,8 +260,8 @@ numericStringOrderingMatch ordering numerical numericStringSubstringsMatch substrings numerical octetStringMatch equality octet string -octetStringOrderingStringMatch ordering octet string -octetStringSubstringsStringMatch ordering octet string +octetStringOrderingMatch ordering octet string +octetStringSubstringsMatch ordering octet string objectIdentiferMatch equality object identifier !endblock

1 0

Re: (ITS#5669) slapd replica ignores some new objects
by hyc＠symas.com 26 Aug '08

26 Aug '08

Howard Chu wrote: > ali.pouya(a)free.fr wrote: >> I precise that I have set the following directives (I have no delete operation >> in my directory and I wish to avoid the present phase to be engaged) : >> >> syncprov-nopresent TRUE >> syncprov-reloadhint TRUE >> >> If I comment out at least one of these directives then the problem disapears >> (the object o1 is present in the replica). > > You're tripping over a behavior change that was made to fix ITS#5493. For now, > you should only use both of those settings together if the underlying database > is an accesslog DB (which always returns entries in modification order). We > should probably use some other method of detecting the accesslog... In fact, just drop the syncprov-reloadhint setting and you'll be fine. (Since you never have delete operations, reloads will never occur anyway.) -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

Re: (ITS#5669) slapd replica ignores some new objects
by hyc＠symas.com 26 Aug '08

26 Aug '08

ali.pouya(a)free.fr wrote: > Full_Name: Ali Pouya > Version: 2.4.11 > OS: Linux 2.6 (Fedora) > URL: ftp://ftp.openldap.org/incoming/ > Submission from: (NULL) (145.242.11.3) > > > I have a directory with a master and one replica in RefreshAndPersist mode. > > The replica is synchronized with the master. I stop it for making a backup. > During that time I do three write operations on the master : > > I add a new object o1, > then I modify an already existing object o2, > and finally I add another new object o3. > > After service startup, the replica gets synchronized with the master, and the > contextCSN attributes are the same on both servers. > But the object o1 is missing in the replica ! > > More investigation shows that the sync provider sends objects to the consumer in > createTimestamp order. > In other words the sync information is sent in this order : o2, then o1, then > o3. > > After getting o2, the consumer rejects o1 (which has now a smaller entryCSN) > with this message in the log: > > .... > do_syncrep2: cookie=rid=002,csn=20080822130259.472005Z#000000#001#000000 > do_syncrep2: rid=002 CSN too old, ignoring > 20080822130259.472005Z#000000#001#000000 > ldap_msgfree > ... > > I think sync data would better be sent in entryCSN order rather than in > createTimestamp order. That is not possible, nor is it supposed to be necessary with the way the syncrepl protocol was designed. During a refresh (which occurs at server startup time, at least) the consumer's context is not updated until all of the modified entries have been received. So, this particular comparison should never fail like this. > I precise that I have set the following directives (I have no delete operation > in my directory and I wish to avoid the present phase to be engaged) : > > syncprov-nopresent TRUE > syncprov-reloadhint TRUE > > If I comment out at least one of these directives then the problem disapears > (the object o1 is present in the replica). You're tripping over a behavior change that was made to fix ITS#5493. For now, you should only use both of those settings together if the underlying database is an accesslog DB (which always returns entries in modification order). We should probably use some other method of detecting the accesslog... > The environment and configuration files are the same as for ITS 5661. > Of course I can provide any other information required. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

(ITS#5669) slapd replica ignores some new objects
by ali.pouya＠free.fr 26 Aug '08

26 Aug '08

Full_Name: Ali Pouya Version: 2.4.11 OS: Linux 2.6 (Fedora) URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (145.242.11.3) I have a directory with a master and one replica in RefreshAndPersist mode. The replica is synchronized with the master. I stop it for making a backup. During that time I do three write operations on the master : I add a new object o1, then I modify an already existing object o2, and finally I add another new object o3. After service startup, the replica gets synchronized with the master, and the contextCSN attributes are the same on both servers. But the object o1 is missing in the replica ! More investigation shows that the sync provider sends objects to the consumer in createTimestamp order. In other words the sync information is sent in this order : o2, then o1, then o3. After getting o2, the consumer rejects o1 (which has now a smaller entryCSN) with this message in the log: .... do_syncrep2: cookie=rid=002,csn=20080822130259.472005Z#000000#001#000000 do_syncrep2: rid=002 CSN too old, ignoring 20080822130259.472005Z#000000#001#000000 ldap_msgfree ... I think sync data would better be sent in entryCSN order rather than in createTimestamp order. I precise that I have set the following directives (I have no delete operation in my directory and I wish to avoid the present phase to be engaged) : syncprov-nopresent TRUE syncprov-reloadhint TRUE If I comment out at least one of these directives then the problem disapears (the object o1 is present in the replica). The environment and configuration files are the same as for ITS 5661. Of course I can provide any other information required. Best Regards Ali Pouya

1 0

(ITS#5668) Invalid entryCSN generated, and slapd will not restart
by emmanuel.duru＠atosorigin.com 26 Aug '08

26 Aug '08

Full_Name: Emmanuel Duru Version: 2.4.11 OS: Windows URL: Submission from: (NULL) (80.78.0.137) On Windows, slapd generates entryCSN values such as: 20080822124130.-657205Z#000000#000#000000 (the problem is the minus sign). This is also the case when generating the cn=config branch from a slapd.conf file. Following this, slapd will not restart, because it checks the validity of entryCSN values on cn=config branch at startup. I believe that the problem comes from non initialized static variables in lutil_gettime() function. Do notice that initializations are also missing in non WIN32 section.

1 0

(ITS#5665)
by toby＠inf.ed.ac.uk 25 Aug '08

25 Aug '08

Hi there, I've patched pcache.c and it seems fine. I'll put it through some more testing and confirm. Cheers Toby -- The University of Edinburgh is a charitable body, registered in Scotland, with registration number SC005336.

1 0

Re: (ITS#5665) slapd crashing with slapo-pcache when using attrset "*"
by ando＠sys-net.it 23 Aug '08

23 Aug '08

Should be fixed in HEAD; please test. Ing. Pierangelo Masarati OpenLDAP Core Team SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando(a)sys-net.it -----------------------------------

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs