- openldap-bugs - openldap.org

[Issue 6884] contrib: password syntax checking overlay
by openldap-its＠openldap.org 07 Jul '21

07 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=6884 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |WONTFIX --- Comment #6 from Quanah Gibson-Mount <quanah(a)openldap.org> --- PPM is now included with OpenLDAP 2.5 and later, has this functionality plus other functions. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6761] contrib usn overlay broken
by openldap-its＠openldap.org 07 Jul '21

07 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=6761 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.0 |--- -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6247] slapd-modules/now: New matching rules that enable comparisone slapd's current server time against timestamp attributes
by openldap-its＠openldap.org 07 Jul '21

07 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=6247 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|has_patch, IPR_OK | Target Milestone|2.6.0 |--- -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6244] "now" dynacl module
by openldap-its＠openldap.org 07 Jul '21

07 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=6244 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |quanah(a)openldap.org -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8229] ldapsearch: report failed search results to stderr even when ldif == 0
by openldap-its＠openldap.org 07 Jul '21

07 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=8229 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.0 |3.0.0 --- Comment #4 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Pushing to 3.0 as any changes could break existing script behavior. 3.0 is open for significant behavior changes. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9606] New: What is the purpose of 123.hp.com?
by openldap-its＠openldap.org 07 Jul '21

07 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=9606 Issue ID: 9606 Summary: What is the purpose of 123.hp.com? Product: JLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: JLDAP Assignee: bugs(a)openldap.org Reporter: alinacrew57(a)gmail.com Target Milestone: --- For the printers, drivers are needed. The printers can interpret the jobs and the printing needs by using them. As a result, a visit to 123.hp.com is required to get the essential drivers. After visiting the HP website, type the model number of your printer into the search box. All of the drivers associated with the model number of the printer will be shown. You must choose a driver that is compatible with your printer. You must install the driver file after downloading it. This will download and install drivers on your computer. https://www.123hgh.com/ -- You are receiving this mail because: You are on the CC list for the issue.

1 1

[Issue 9592] New: recursion operator (*) for acl “sets” does not work as documented
by openldap-its＠openldap.org 06 Jul '21

06 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=9592 Issue ID: 9592 Summary: recursion operator (*) for acl “sets” does not work as documented Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: grapvar(a)gmail.com Target Milestone: --- I have traced how the slapd computes recursion operator (*) in acl's “sets” and found out that it does not work as documented. IIUC, the reference documentation is: “Sets in Access Controls” (http://www.openldap.org/faq/index.cgi?file=1133) To make things simpler, I report the finding using the example provided by the documentation. Here it is: entry "cn=Group" has attr "member" with values { "cn=User", "cn=Other" } entry "cn=Group2" has attr "member" with values { "cn=Group", "cn=Person" } The documentation claims that the expression “[cn=Group2]/member*” resolves to { "cn=User", "cn=Other", "cn=Person" } In fact, it resolves to { "cn=Group", "cn=User", "cn=Other", "cn=Person" }. To generalize: all intermediate dn's persist in a set, that's how set_chase( closure = 1 ) works, and this doesn't look like that's how it's supposed to work. Be advised, please, that this issue has been reported by occasional visitor, from a developer point of view, not a user point of view, so I won't define, provide or construct any “valid use case”. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 8903] Add Bind Early Option to ldappasswd
by openldap-its＠openldap.org 06 Jul '21

06 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=8903 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Keywords|has_patch, IPR_OK | Resolution|--- |TEST --- Comment #5 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • 6285668c by Randall Mason at 2021-06-27T20:18:24+00:00 ITS#8903 - Add option to bind early in ldappasswd -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8695] _sleep is deprecated
by openldap-its＠openldap.org 06 Jul '21

06 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=8695 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |TEST Status|IN_PROGRESS |RESOLVED --- Comment #3 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • 44e1c653 by Quanah Gibson-Mount at 2021-06-27T19:03:30+00:00 ITS#8695 - Update Windows to use Sleep instead of deprecated _sleep -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7080] post read control in back-config
by openldap-its＠openldap.org 06 Jul '21

06 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=7080 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |TEST Status|UNCONFIRMED |RESOLVED --- Comment #2 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • 5e4f1e86 by Ondřej Kuzník at 2021-06-27T17:39:46+00:00 ITS#7080 Move slap_read_controls Debug message to STATS • a2e9cb1a by Ondřej Kuzník at 2021-06-27T17:39:46+00:00 ITS#7080 Postread control support for back-ldif/config -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9605] New: How to install 123.hp.com/setup 6978 printer drivers ?
by openldap-its＠openldap.org 05 Jul '21

05 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=9605 Issue ID: 9605 Summary: How to install 123.hp.com/setup 6978 printer drivers ? Product: JLDAP Version: unspecified Hardware: x86_64 OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: JLDAP Assignee: bugs(a)openldap.org Reporter: andrewjimmy813(a)gmail.com Target Milestone: --- Drivers are required to use an HP printer 6978. 123.hp.com/setup 6978 is where you can get the setup file. You don't need to be concerned about malware or viruses since you're getting the files from the HP website. It's a secure site. When you navigate to the URL, you'll see a download button. You may download the setup file based on your operating system. You may open the setup file by clicking on it. A warning notice will appear on the screen. Yes, should be selected. The drivers will be downloaded and installed on your computer. https://l-123hp.com/officejet-pro-models/ojpro6978 -- You are receiving this mail because: You are on the CC list for the issue.

1 1

[Issue 9604] New: What Is The AOL Blerk Error 1?
by openldap-its＠openldap.org 03 Jul '21

03 Jul '21

https://bugs.openldap.org/show_bug.cgi?id=9604 Issue ID: 9604 Summary: What Is The AOL Blerk Error 1? Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: smith8395john(a)gmail.com Target Milestone: --- If there is a problem with the authentication procedure for AOL Mail, you may see the message AOL Blerk ERROR 1. This is most likely due to browser settings, especially if you're using an older or outdated browser, and may be resolved by performing the troubleshooting steps below. Change your browser's settings. Make a change to a saved bookmark Troubleshoot Internet Explorer problems. To access AOL Mail use the latest browser. Unfortunately, Microsoft has ceased upgrading Internet Explorer, it is no longer regarded as a secure means to browse the internet. While these troubleshooting techniques may assist in resolving certain difficulties with AOL Mail on Internet Explorer, they are not guaranteed to do so. https://www.emailsupport.us/blog/aol-blerk-error-1/ -- You are receiving this mail because: You are on the CC list for the issue.

1 1

[Issue 9595] New: indeterminate result of matching AVA in filter
by openldap-its＠openldap.org 27 Jun '21

27 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=9595 Issue ID: 9595 Summary: indeterminate result of matching AVA in filter Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: grapvar(a)gmail.com Target Milestone: --- I have traced how test_ava_filter() matches an entry against an AVA and found out that result of matching may be indeterminate. For concreteness, let us suppose an entry E is being matched against equality ava (A1=U). E has a few values for A1, in this particular order: Attr Value (A1=U) match ---- ----- ------------ A1 V False A1 U True A1 @$%#^ #LDAP_INVALID_SYNTAX overall matching result: TRUE. But what if A1 values follow in other order? Attr Value (A1=U) match ---- ----- ------------ A1 V False A1 @$%#^ #LDAP_INVALID_SYNTAX A1 U True overall matching result: #LDAP_INVALID_SYNTAX. But... wait, E has one more attribute A2, which subclasses A1. And their values happen to be in this order: Attr Value (A1=U) match ---- ----- ------------ A1 V False A1 @$%#^ #LDAP_INVALID_SYNTAX A1 U True A2 U True A2 *%#$! #LDAP_INVALID_SYNTAX overall matching result: TRUE again. It seems rather unnatural and confusing that the given set of attributes and their values has indeterminate result of matching. Be advised, please, that this issue has been reported by occasional visitor, from a developer point of view, not a user point of view, so I won't define, provide or construct any “valid use case”. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9594] New: The characters not allowed in SASL ids used with olcAuthzRegexp are undocumented
by openldap-its＠openldap.org 27 Jun '21

27 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=9594 Issue ID: 9594 Summary: The characters not allowed in SASL ids used with olcAuthzRegexp are undocumented Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: kop(a)karlpinc.com Target Milestone: --- Some characters cannot be used in SASL ids processed by the SASL mechanism that olcAuthzRegexp configures. It is undocumented which characters are allowed and which are not. See also ITS bug number 9495. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9495] New: authz-regexp using dn: instead of a URI mangles characters with HTML excapes
by openldap-its＠openldap.org 25 Jun '21

25 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=9495 Issue ID: 9495 Summary: authz-regexp using dn: instead of a URI mangles characters with HTML excapes Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: kop(a)karlpinc.com Target Milestone: --- Trying to use an authz-regexp that maps directly to dn-s by using "dn:..." instead of a URI results in the authz id having some characters "html escaped". As a result the authorized entity cannot be found. E.g. a "-U cn=Barbara Jensen,ou=Information Technology Division" with olcAuthzRegexp: "^uid=([^,]+),.*" "dn:$1,ou=people,dc=example,dc=com" fails. Debug logs show that the equal and the comma character return from ldap_bv2dn() in escaped forms, that are then substituted into the target dn and result in a dn that does not exist in the DIT. 6046d7cd SASL Canonicalize [conn=1113]: authcid="cn=Barbara Jensen,ou=Informatio n Technology Division" 6046d7cd slap_sasl_getdn: conn 1113 id=cn=Barbara Jensen,ou=Information Technolo gy Division [len=52] => ldap_dn2bv(16) <= ldap_dn2bv(uid=cn\3DBarbara Jensen\2Cou\3DInformation Technology Division,cn=PLAIN,cn=auth)=0 6046d7cd slap_sasl_getdn: u:id converted to uid=cn\3DBarbara Jensen\2Cou\3DInformation Technology Division,cn=PLAIN,cn=auth ... 6046d7cd send_ldap_result: err=49 matched="" text="SASL(-13): user not found: Password verification failed" I suspect that when the "dn:..." form is used with authz-regexp the supplied authzid should _not_ have it's characters canonicalized because they will not be substituted into a URI. If so, this would be a bug. If not, there should be documentation on the restrictions on what characters can be used in authzid when the "dn:..." form is used. Tested against HEAD of master, although the version in the bug report is 2.5. See also Bug# 6912. -- You are receiving this mail because: You are on the CC list for the issue.

1 12

[Issue 8788] slapd-pcache undef not compatible with mdb
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=8788 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |TEST --- Comment #4 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • f6dcc600 by Quanah Gibson-Mount at 2021-06-24T17:48:21+00:00 ITS#8788 - Document that "undef" is not usable with back-mdb -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8874] --with-fetch incorrectly links libcom_err
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=8874 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |TEST --- Comment #5 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Commits: • 59f8d06d by Quanah Gibson-Mount at 2021-06-24T15:01:51+00:00 ITS#8874 - Don't try and link in libcom_err with libfetch on FreeBSD -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7239] slapo-accesslog: not all write operations logged with 'logops all'
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=7239 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |hyc(a)openldap.org -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6916] slapo-unique returns operations error when assertion control is used
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=6916 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|bugs(a)openldap.org |hyc(a)openldap.org -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6878] slapo-ppcache segfault with tavl_delete
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=6878 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6878] slapo-ppcache segfault with tavl_delete
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=6878 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |SUSPENDED Status|UNCONFIRMED |RESOLVED --- Comment #11 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Likely resolved at this point. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6868] When used in conjunction with the translucent overlay, the rwm overlay filters out auxiliary objectclasses
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=6868 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.0 |2.7.0 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6825] unique_uri filter reaching beyond its intended target
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=6825 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.0 |2.7.0 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6825] unique_uri filter reaching beyond its intended target
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=6825 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|OL_2_6_REQ | --- Comment #8 from Quanah Gibson-Mount <quanah(a)openldap.org> --- modify fixed in HEAD; modrdn needs work modify fixed in RE24; modrdn needs work -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9444] New: Feature Request: Textual error data is not sent through chaining overlay
by openldap-its＠openldap.org 24 Jun '21

24 Jun '21

https://bugs.openldap.org/show_bug.cgi?id=9444 Issue ID: 9444 Summary: Feature Request: Textual error data is not sent through chaining overlay Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: andrewlanecarr(a)gmail.com Target Milestone: --- When operating in a replicated environment we would like to see the text message accompany the error code propagated to the other nodes in the cluster. For Example: Master Log - master slapd[406]: conn=1160 op=3 MOD attr=userPassword master slapd[406]: conn=1160 op=3 RESULT tag=103 err=19 text=Password is not being changed from existing value Slave Log - slave slapd[31094]: conn=1000 op=18 MOD attr=userPassword slave slapd[31094]: conn=1000 op=18 RESULT tag=103 err=19 text= The text "Password is not being changed from existing value" is not copied in this process. This is using the following configuration: -- You are receiving this mail because: You are on the CC list for the issue.

1 6

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs