- openldap-bugs - openldap.org

[Issue 7080] post read control in back-config
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=7080 --- Comment #3 from Quanah Gibson-Mount <quanah(a)openldap.org> --- head: • 2bf59ff6 by Ondřej Kuzník at 2022-01-06T03:05:45+00:00 ITS#7080 Find config entry before processing pre-read on delete RE26: • cf2a4a60 by Ondřej Kuzník at 2022-01-12T22:38:11+00:00 ITS#7080 Find config entry before processing pre-read on delete -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9768] New: slapo-translucent handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9768 Issue ID: 9768 Summary: slapo-translucent handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- If olcTranslucentLocal/olcTranslucentRemote is passed multiple attribute names in a single value that (or one further down the list) is later removed, the overlay doesn't handle its removal correctly. We should encourage users to provide a single attribute name per value, just like we do in EMIT for those provided in slapd.conf. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9767] New: slapo-unique handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9767 Issue ID: 9767 Summary: slapo-unique handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- If olcUniqueIgnore/olcUniqueAttribute is passed multiple names in a single value that is later removed, the overlay doesn't handle its removal correctly. We should encourage users to provide a single attribute name per value, just like we do in EMIT for those provided in slapd.conf. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9556] New: slapd-config should return invalidAttributeSyntax if parsing schema description fails
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9556 Issue ID: 9556 Summary: slapd-config should return invalidAttributeSyntax if parsing schema description fails Product: OpenLDAP Version: 2.5.4 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: michael(a)stroeder.com Target Milestone: --- I'm currently testing error handling and interacting with LDAP clients (e.g. my web2ldap). Sending an invalid attribute type description results in an error (as expected) returned by slapd-config: RESULT tag=103 err=80 qtime=0.000032 etime=0.001271 text=olcAttributeTypes: Unexpected token before SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) But result code other(80) seems not very useful. It's too unspecific to decide on specific error handling. It would be much more useful if slapd-config returns invalidAttributeSyntax(21) in this case. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9576] New: Add ConfigTable link into ConfigArgs
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9576 Issue ID: 9576 Summary: Add ConfigTable link into ConfigArgs Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: enhancement Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Would make it possible to examine defaults if necessary. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9729] New: Allow setting multiprovider before adding syncrepl stanzas
by openldap-its＠openldap.org 12 Jan '22

12 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9729 Issue ID: 9729 Summary: Allow setting multiprovider before adding syncrepl stanzas Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- It should be possible to set multiprovider first, avoiding the window of the DB being read-only while performing an online upgrade of a single provider to an MPR set up and generally simplifying configuration. Instead, the only requirement should be that serverID has been explicitly set (hopefully != 0). -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 6097] MMR problems with deletes
by openldap-its＠openldap.org 10 Jan '22

10 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=6097 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.2 |2.6.1 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9778] New: Can't find the back-xxx.la libraries
by openldap-its＠openldap.org 06 Jan '22

06 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9778 Issue ID: 9778 Summary: Can't find the back-xxx.la libraries Product: OpenLDAP Version: 2.6.0 Hardware: Other OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: burt.stampfl(a)amsc.com Target Milestone: --- Created attachment 870 --> https://bugs.openldap.org/attachment.cgi?id=870&action=edit Output from the build steps I described in the 'description' above. Hi, I'm new to OpenLDAP. Pulled down the current 2.6 release to a Debian target and am having trouble figuring out how to build the backend modules for dynamic use. What I did: 1. Downloaded openldap-2.6.0.tgz and extracted the source on my Debian target. 2. configured the 'build' via (output indicated it was successful) : ./configure --enable-sql=no --enable-wt=no --enable-spasswd=yes --enable-passwd=yes --enable-perl=yes --enable-crypt=yes --enable-ldap=yes --enable-slapd=yes --enable-ppolicy=yes --enable-otp=yes --enable-auditlog=yes --enable-modules=yes --with-cyrus-sasl=yes 3. ran 'make depend' (output indicated it was successful). 4. ran 'make' (output indicated it was successful). 5. ran the tests via 'env SLAPD_DEBUG=1 make test' (output indicated it was successful). 6. Installed it via 'su root -c 'make install' I was able to pretty easily get the slapd server running, create a database (mdb) add users, etc, and access via a remote client. Once I was able to do that I wanted to enable the ppolicy backend/overlay and have not been able to get this to work. Looking online it appears I need some 'backend' modules like back-mdb.la, ppolicy.la, etc and I cannot find them anywhere in my build tree. I had thought the --enable-xxx directives I used in the config step would have forced this to build them, but I guess not. How do I create these dynamic backend modules and is there any documentation on how to use them in the newer dynamic configuration schema ? I've attached a file with the output from the steps I performed above. Thank you Burt -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 8988] Undefined Behavior in slapadd
by openldap-its＠openldap.org 06 Jan '22

06 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=8988 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|FIXED |INVALID -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8988] Undefined Behavior in slapadd
by openldap-its＠openldap.org 06 Jan '22

06 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=8988 --- Comment #23 from Howard Chu <hyc(a)openldap.org> --- > Running slapadd to build slapd database... ../../../libraries/liblmdb/mdb.c:7544:26: runtime error: member access within misaligned address 0x0000023fe67a for type 'struct MDB_page', which requires 8 byte alignment 0x0000023fe67a: note: pointer points here 00 00 00 00 03 00 00 00 00 00 00 00 00 00 52 00 10 00 66 00 00 00 00 00 00 00 00 00 00 00 00 00 The code in question is accessing an unsigned short on a 2 byte boundary. I.e., its alignment is correct. UBsan is incorrect here. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9775] New: fresh git clone will not build
by openldap-its＠openldap.org 04 Jan '22

04 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9775 Issue ID: 9775 Summary: fresh git clone will not build Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: nick(a)folino.us Target Milestone: --- git clone https://git.openldap.org/openldap/openldap.git cd openldap ./configure make depend Entering subdirectory tests make[1]: Entering directory 'openldap/tests' Making depend in openldap/tests Entering subdirectory modules make[2]: Entering directory 'openldap/tests/modules' make[2]: *** No rule to make target 'depend'. Stop. make[2]: Leaving directory 'openldap/tests/modules' make[1]: *** [Makefile:430: depend-common] Error 1 make[1]: Leaving directory 'openldap/tests' make: *** [Makefile:356: depend-common] Error 1 -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9774] New: Add and maintain file CHANGES for 2.6.x
by openldap-its＠openldap.org 04 Jan '22

04 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9774 Issue ID: 9774 Summary: Add and maintain file CHANGES for 2.6.x Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: michael(a)stroeder.com Target Milestone: --- In opposite to rel eng branches for 2.4.x and 2.5.x the branch for 2.6.x is still missing a CHANGES files. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9773] New: slapo-allowed should also list "operational" attributes
by openldap-its＠openldap.org 03 Jan '22

03 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9773 Issue ID: 9773 Summary: slapo-allowed should also list "operational" attributes Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: michael(a)stroeder.com Target Milestone: --- When using slapo-allowed a client may disable input fields for attributes not listed in 'allowedAttributesEffective'. This helps the user to understand that he/she should not even try to modify the attribute (better UX). But slapo-allowed never shows operational attributes in allowedAttributesEffective. In most use-cases this is understandable but there are some nice use-cases (e.g. setting pwdPolicySubentry) where it should be possible for the client to display an enabled input field even for operational attributes. See also: * Discussion in ITS#9671 * https://code.stroeder.com/ldap/web2ldap/issues/24 -- You are receiving this mail because: You are on the CC list for the issue.

1 1

[Issue 9769] New: Patch new feature batch get
by openldap-its＠openldap.org 03 Jan '22

03 Jan '22

https://bugs.openldap.org/show_bug.cgi?id=9769 Issue ID: 9769 Summary: Patch new feature batch get Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: rouzier(a)gmail.com Target Milestone: --- Created attachment 859 --> https://bugs.openldap.org/attachment.cgi?id=859&action=edit New functionality mdb_cursor_get_batch New functionality mdb_cursor_get_batch mdb_cursor_get_batch retrieves a page worth of key/values. This is to reduce the number of function calls when doing a scan of the database. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 8988] Undefined Behavior in slapadd
by openldap-its＠openldap.org 17 Dec '21

17 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=8988 --- Comment #22 from noloader(a)gmail.com <noloader(a)gmail.com> --- On Fri, Jun 7, 2019 at 9:59 AM Howard Chu <hyc(a)symas.com> wrote: > > noloader(a)gmail.com wrote: > > On Fri, Jun 7, 2019 at 9:32 AM Howard Chu <hyc(a)symas.com> wrote: > >> > >> noloader(a)gmail.com wrote: > >> ... > >>> I encourage OpenLDAP to fix the undefined behavior. OpenLDAP is an > >>> important project, and the undefined behavior is causing too many > >>> tangential problems. > >> > >> Undefined behavior is not a bug, nor is it prohibited by the C spec. It is a necessary > >> part of the language for its intended use as a system programming language, writing > >> machine-specific programs. Anyone who says it is prohibited by the spec is wrong. The kernel recently got bitten using the same pattern of unaligned short pointers through casts. GCC produced code which corrupted initramfs during unpacking. See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=100363. OpenLDAP should fix that code. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9771] New: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp'
by openldap-its＠openldap.org 15 Dec '21

15 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9771 Issue ID: 9771 Summary: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp' Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: shoober420(a)gmail.com Target Milestone: --- Created attachment 861 --> https://bugs.openldap.org/attachment.cgi?id=861&action=edit openldap build log When trying to build openldap from current master commit (https://github.com/openldap/openldap/commit/75636a407e38f1502c592566b5bf4c3…), I get the following error. Full build log attached. libtool: link: x86_64-pc-linux-gnu-gcc -m32 -march=native -O3 -pipe -fno-plt -fno-common -fipa-pta -falign-functions=32 -fdevirtualize-at-ltrans -fuse-linker-plugin -floop-nest-optimize -fgraphite-identity -fexcess-precision=fast -w -flto=auto -Wl,-O1 -o .libs/ftest ftest.o -Wl,--as-needed ./.libs/libldap.so /var/tmp/portage/net-nds/openldap-9999/work/openldap-9999-abi_x86_32.x86/libraries/liblber/.libs/liblber.so ../../libraries/liblber/.libs/liblber.so ../../libraries/liblutil/liblutil.a -lgnutls -luuid /usr/lib/gcc/x86_64-pc-linux-gnu/12.0.0/../../../../x86_64-pc-linux-gnu/bin/ld: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp' collect2: error: ld returned 1 exit status make[2]: *** [Makefile:338: urltest] Error 1 make[2]: *** Waiting for unfinished jobs.... /usr/lib/gcc/x86_64-pc-linux-gnu/12.0.0/../../../../x86_64-pc-linux-gnu/bin/ld: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp' /usr/lib/gcc/x86_64-pc-linux-gnu/12.0.0/../../../../x86_64-pc-linux-gnu/bin/ld: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp' collect2: error: ld returned 1 exit status collect2: error: ld returned 1 exit status make[2]: *** [Makefile:326: apitest] Error 1 make[2]: *** [Makefile:334: testavl] Error 1 /usr/lib/gcc/x86_64-pc-linux-gnu/12.0.0/../../../../x86_64-pc-linux-gnu/bin/ld: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp' collect2: error: ld returned 1 exit status make[2]: *** [Makefile:330: ftest] Error 1 /usr/lib/gcc/x86_64-pc-linux-gnu/12.0.0/../../../../x86_64-pc-linux-gnu/bin/ld: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp' collect2: error: ld returned 1 exit status make[2]: *** [Makefile:328: dntest] Error 1 /usr/lib/gcc/x86_64-pc-linux-gnu/12.0.0/../../../../x86_64-pc-linux-gnu/bin/ld: ./.libs/libldap.so: undefined reference to `ber_sockbuf_io_udp' collect2: error: ld returned 1 exit status make[2]: *** [Makefile:332: ltest] Error 1 make[2]: Leaving directory '/var/tmp/portage/net-nds/openldap-9999/work/openldap-9999-abi_x86_32.x86/libraries/libldap' make[1]: *** [Makefile:312: all-common] Error 1 make[1]: Leaving directory '/var/tmp/portage/net-nds/openldap-9999/work/openldap-9999-abi_x86_32.x86/libraries' make: *** [Makefile:320: all-common] Error 1 -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9493] New: slapo-accesslog handling of deletion of multi-valued configuration attributes removes wrong value from list
by openldap-its＠openldap.org 14 Dec '21

14 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9493 Issue ID: 9493 Summary: slapo-accesslog handling of deletion of multi-valued configuration attributes removes wrong value from list Product: OpenLDAP Version: 2.4.57 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: svella(a)technologist.com Target Milestone: --- I observed this in the debugger while working on a small feature addition to slapo-accesslog. log_cf_gen(), when handling the initial configuration of oldAccessLogOldAttr (accesslog.c:989), linked list li_oldattrs is being built by inserting each value in order at the head of the list, resulting in the list being in reverse order. But when handling LDAP_MOD_DELETE of same attribute (accesslog.c:989), it is using the index of the removed value (valx) to find and removed the entry in the linked list, but it's counting from the head of li_oldattrs and not the tail, resulting in the wrong item being removed from the list unless counting from the head or the tail happens find the same item. (Line numbers refer to commit 6c469f07935e351e349bf38fc223dab704c51a76) Handling of oldAccessLogBase appears to have the same problem, and a cursory glance through the source of other overlays reveals a similar pattern, and I'm guessing the same problem. -- You are receiving this mail because: You are on the CC list for the issue.

1 21

[Issue 9282] New: Syncrepl re-creates deleted entry
by openldap-its＠openldap.org 13 Dec '21

13 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9282 Issue ID: 9282 Summary: Syncrepl re-creates deleted entry Product: OpenLDAP Version: 2.4.50 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Scenario: 2 node Multi-provider replication Add database to provider A ensure database replicates to provider B Stop provider A delete entry on provider B Start provider A Wait for provider B to reconnect to provider A Deleted entry re-appears -- You are receiving this mail because: You are on the CC list for the issue.

1 22

[Issue 9765] New: slapd crash
by openldap-its＠openldap.org 08 Dec '21

08 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9765 Issue ID: 9765 Summary: slapd crash Product: OpenLDAP Version: 2.4.46 Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: shivaprasadtp(a)yahoo.in Target Milestone: --- Start-up two slapd server instances. Configure syncreply overlay with one of the servers as a provider and the other one as consumer. Create around 100 users. Now start changing syncrepl configuration for one of the slapd servers, lets say the consumer server, in a loop with 5 seconds delay. After few mins the slapd server crashes. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9757] New: The private key of the ldap certificate
by openldap-its＠openldap.org 02 Dec '21

02 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9757 Issue ID: 9757 Summary: The private key of the ldap certificate Product: OpenLDAP Version: 2.4.59 Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: ydgdsnn(a)163.com Target Milestone: --- Created attachment 856 --> https://bugs.openldap.org/attachment.cgi?id=856&action=edit prikey.key Current situation: The private key of the ldap certificate is used to set LDAP_OPT_X_TLS_KEYFILE when bind, and this file is currently stored in plain text. Appeal: Can we store the ciphertext of the file, and then decrypt it when we use it? -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 8485] [PATCH] Adding support for encrypted server private keys
by openldap-its＠openldap.org 02 Dec '21

02 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=8485 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ydgdsnn(a)163.com --- Comment #13 from Quanah Gibson-Mount <quanah(a)openldap.org> --- *** Issue 9757 has been marked as a duplicate of this issue. *** -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9754] New: segfault after adding olcAccess
by openldap-its＠openldap.org 02 Dec '21

02 Dec '21

https://bugs.openldap.org/show_bug.cgi?id=9754 Issue ID: 9754 Summary: segfault after adding olcAccess Product: OpenLDAP Version: 2.6.0 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: goudal(a)enseirb.fr Target Milestone: --- On a new production server 2.6.0 on ubuntu 20.04 LTS uptodate. After adding an olcAccess attribute I got a segfault. The aclValue added is {9}to attrs=ipbCompteValide,ipbEtendue,mailForwardingAddress by dn.base="uid=cptadmin,ou=people,dc=ipb,dc=fr" write by * read (the ipbXXX attrs are local ones). I have tried to add it twice and it did segfault twice. Here are the last logs for the server (logLevel was on sync). Nov 25 14:34:32 ldap2021 slapd[67824]: slap_graduate_commit_csn: removing 0x7f3a475615c0 20211125133351.609580Z#000000#00a#000000 Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291397 MOD dn="dc=ipb,dc=fr" Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291397 MOD attr=contextCSN Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291397 syncprov_matchops: recording uuid for dn=dc=ipb,dc=fr on opc=0x7f3a48001440 Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1053 op=1 syncprov_qresp: set up a new syncres mode=2 csn= Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291397 RESULT tag=103 err=0 qtime=0.000017 etime=0.003762 text= Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291398 SRCH base="dc=ipb,dc=fr" scope=2 deref=0 filter="(entryUUID=29a4991c-9dda-103b-98c2-c3fe49d4fff9)" Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291398 SRCH attr=* + Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291398 SEARCH RESULT tag=101 err=0 qtime=0.000028 etime=0.000285 nentries=1 text= Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291399 MOD dn="uid=pbouchevrea,ou=people,dc=ipb,dc=fr" Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291399 MOD attr=ipbDateFin entryCSN modifiersName modifyTimestamp Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291399 syncprov_matchops: recording uuid for dn=uid=pbouchevrea,ou=people,dc=ipb,dc=fr on opc=0x7f3a48001630 Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291399 syncprov_findbase: searching Nov 25 14:34:32 ldap2021 slapd[67824]: slap_queue_csn: queueing 0x7f3a438bc700 20211125133351.654596Z#000000#00a#000000 Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1053 op=1 syncprov_qresp: set up a new syncres mode=2 csn=20211125133351.654596Z#000000#00a#000000 Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291399 RESULT tag=103 err=0 qtime=0.000025 etime=0.022224 text= Nov 25 14:34:32 ldap2021 slapd[67824]: slap_graduate_commit_csn: removing 0x7f3a438bc700 20211125133351.654596Z#000000#00a#000000 Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291400 MOD dn="dc=ipb,dc=fr" Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291400 MOD attr=contextCSN Nov 25 14:34:32 ldap2021 slapd[67824]: conn=1000 op=291400 syncprov_matchops: recording uuid for dn=dc=ipb,dc=fr on opc=0x7f3a50003440 Nov 25 14:34:32 ldap2021 kernel: [262778.995540] slapd[68072]: segfault at 0 ip 00007f4ea0d3553e sp 00007f4e9dae9f48 error 4 in libc-2.31.so[7f4ea0cad000+178000] Nov 25 14:34:32 ldap2021 kernel: [262778.995584] Code: b6 07 29 c8 c3 0f 1f 80 00 00 00 00 f3 0f 1e fa 89 f8 31 d2 66 0f ef ff 09 f0 25 ff 0f 00 00 3d c0 0f 00 00 0f 8f 74 02 00 00 <f3> 0f 6f 0f f3 0f 6f 06 66 0f 74 c1\ 66 0f da c1 66 0f ef c9 66 0f Nov 25 14:34:36 ldap2021 slapd[70083]: * Stopping OpenLDAP slapd -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 6467] syncrepl enhancements
by openldap-its＠openldap.org 29 Nov '21

29 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=6467 Ondřej Kuzník <ondra(a)mistotebe.net> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9756 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9755] New: gitlab emits “time="2021-11-27T09:23:59Z" level=info msg="SSL_CERT_DIR is configured" ssl_cert_dir=/opt/gitlab/embedded/ssl/certs/”
by openldap-its＠openldap.org 28 Nov '21

28 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=9755 Issue ID: 9755 Summary: gitlab emits “time="2021-11-27T09:23:59Z" level=info msg="SSL_CERT_DIR is configured" ssl_cert_dir=/opt/gitlab/embedded/ssl/certs/” Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- In my .git/config I have: [remote "gl"] url = git@git.openldap.org:dpa-openldap/openldap.git fetch = +refs/heads/*:refs/remotes/gl/* Calling `git fetch gl` prints: time="2021-11-27T09:23:59Z" level=info msg="SSL_CERT_DIR is configured" ssl_cert_dir=/opt/gitlab/embedded/ssl/certs/ Since I see this message nowhere else, I assume the message is sent by the git server. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9746] New: Local Logging - Hostname and PID formatting
by openldap-its＠openldap.org 15 Nov '21

15 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=9746 Issue ID: 9746 Summary: Local Logging - Hostname and PID formatting Product: OpenLDAP Version: 2.6.0 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: gnoe(a)symas.com Target Milestone: --- With the new local logging feature in 2.6+, each log line displays a pointer (ex: "0x7fa63e866880") instead of the hostname and slapd PID. These fields in the log lines should be in syslog format. * Related to ITS #9745 -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 8375] paged results control results in full db search?
by openldap-its＠openldap.org 15 Nov '21

15 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=8375 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.1 |2.6.2 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6097] MMR problems with deletes
by openldap-its＠openldap.org 15 Nov '21

15 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=6097 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.1 |2.6.2 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7335] Create process for updating man pages to handle both cn=config and slapd.conf configurations
by openldap-its＠openldap.org 15 Nov '21

15 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=7335 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.1 |2.6.2 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8255] slapd-sock: response parsing in str2result() is broken
by openldap-its＠openldap.org 15 Nov '21

15 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=8255 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.6.1 |2.6.2 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9744] New: Phoenix American Financial Services
by openldap-its＠openldap.org 10 Nov '21

10 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=9744 Issue ID: 9744 Summary: Phoenix American Financial Services Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: robertleemaxpro(a)gmail.com Target Milestone: --- Phoenix American Financial Services provides full-service fund administration, fund accounting, transfer agent and investor services as well as sales and marketing reporting to fund sponsors in the alternative investment industry. Visit site: https://www.phxa.com/ -- You are receiving this mail because: You are on the CC list for the issue.

1 1

[Issue 9741] New: Meaningless out-of-bound read in ldif-filter.c
by openldap-its＠openldap.org 09 Nov '21

09 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=9741 Issue ID: 9741 Summary: Meaningless out-of-bound read in ldif-filter.c Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: matthias.st.pierre(a)ncp-e.com Target Milestone: --- I just stumbled over the following compiler warning in ldif-filter.c (see [1]): 14:10:41 ldif-filter.c:209:16: warning: adding 'int' to a string does not append to the string [-Wstring-plus-int] 14:10:41 sep = "\r\n" + 2 - line_len; /* sep = copy(line) */ 14:10:41 ~~~~~~~^~~ 14:10:41 ldif-filter.c:209:16: note: use array indexing to silence this warning 14:10:41 sep = "\r\n" + 2 - line_len; /* sep = copy(line) */ 14:10:41 ^ 14:10:41 & [ ] While the expression is valid pointer arithmetic, it does not make sense to me, because it calculates some (possibly negative) offset to the literal string "\r\n" in memory, not the address of the beginning of some line, as the comment `sep = copy(line)` suggests. (Originally added in commit [2]). [1] https://git.openldap.org/openldap/openldap/-/blob/master/tests/progs/ldif-f… [2] https://git.openldap.org/openldap/openldap/-/commit/725743abdb -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9734] New: database ldap does not use SSL client certs as configured
by openldap-its＠openldap.org 03 Nov '21

03 Nov '21

https://bugs.openldap.org/show_bug.cgi?id=9734 Issue ID: 9734 Summary: database ldap does not use SSL client certs as configured Product: OpenLDAP Version: unspecified Hardware: All OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: daniel(a)ylitalo.io Target Milestone: --- Created attachment 849 --> https://bugs.openldap.org/attachment.cgi?id=849&action=edit Generated config I'm trying to setup openldap to proxy against our account on ldap.google.com with backend ldap but it does not seem like slapd uses the client cert and key eventhough it's configured. I'm receiving response "result: 50 Insufficient access" from local proxy/google and the only way you can get that response is by not providing the client cert and key. I'm attaching the config used and the slapd.conf used to generate this config, as you can see the olcDbStartTLS options are there in the ldif file but seems not to be used. (I've replaced our suffix with example.com) The debug log entry is; Nov 02 10:26:20 dev.example.com slapd[864482]:conn=1012 op=1 SRCH base="dc=example,dc=com" scope=2 deref=0 filter="(uid=daniel.ylitalo)" Nov 02 10:26:20 dev.example.com slapd[864482]: ==> limits_get: conn=1012 op=1 self="[anonymous]" this="dc=example,dc=com" Nov 02 10:26:20 dev.example.com slapd[864482]: =>ldap_back_getconn: conn 0x7fb6101044b0 fetched refcnt=1. Nov 02 10:26:20 dev.example.com slapd[864482]: => ldap_back_munge_filter "(uid=daniel.ylitalo)" Nov 02 10:26:20 dev.example.com slapd[864482]: <= ldap_back_munge_filter "(uid=daniel.ylitalo)" (0) Nov 02 10:26:20 dev.example.com slapd[864482]: conn=1012 op=1 ldap_back_retry: retrying URI="ldaps://ldap.google.com:636" DN="" Nov 02 10:26:20 dev.example.com slapd[864482]: => ldap_back_munge_filter "(uid=daniel.ylitalo)" Nov 02 10:26:20 dev.example.com slapd[864482]: <= ldap_back_munge_filter "(uid=daniel.ylitalo)" (0) Nov 02 10:26:20 dev.example.com slapd[864482]: send_ldap_result: conn=1012 op=1 p=3 Nov 02 10:26:20 dev.example.com slapd[864482]: send_ldap_result: err=50 matched="" text="" Nov 02 10:26:20 dev.example.com slapd[864482]: send_ldap_response: msgid=2 tag=101 err=50 Nov 02 10:26:20 dev.example.com slapd[864482]: conn=1012 op=1 SEARCH RESULT tag=101 err=50 nentries=0 text= While using ldapsearch against same endpoint works just fine with the certs; LDAPTLS_CERT=/etc/ldap/google.crt LDAPTLS_KEY=/etc/ldap/google.key ldapsearch -H ldaps://ldap.google.com -b dc=example,dc=com '(uid=daniel.ylitalo)' -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9732] New: OpenLDAP TLS ciphersuite and groups limit issue
by openldap-its＠openldap.org 29 Oct '21

29 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9732 Issue ID: 9732 Summary: OpenLDAP TLS ciphersuite and groups limit issue Product: OpenLDAP Version: 2.4.54 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: narayananballem(a)gmail.com Target Milestone: --- Hi Team, Hope you can help with this issue. I am trying to disable SSLV3 on OpenLDAP servers we are using OpenLDAP as a proxy with upstream Active directory servers. we are using CA certs on this openssl we would like to disable SSLV3 I added the below entry slapd.conf but when I tried to start slapd it's failing to start TLSCipherSuite HIGH:MEDIUM:!SSLv2:!SSLV3 errors as below slapd[19899]: main: TLS init def ctx failed: -1 slapd[19899]: slapd stopped. slapd[19899]: connections_destroy: nothing to destroy. debug logs restart as below TLS: could not set cipher list HIGH:MEDIUM:!SSLv2:!SSLV3. 617c64c1 main: TLS init def ctx failed: -1 617c64c1 slapd stopped. Also, did anybody notice this issue? I am facing the issue with a group display we have several users in group while looking for groups in getent group we are seeing a few groups not sure if there is any limit on group filed in Database -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 9002] Add option to slapcat to honor rtxnsize setting
by openldap-its＠openldap.org 28 Oct '21

28 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9002 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=8226 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8226] long searches are bad for back-mdb
by openldap-its＠openldap.org 28 Oct '21

28 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8226 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9002 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9715] New: Consolidate code for loglevel/logfile for better shared usage between slapd and lloadd
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9715 Issue ID: 9715 Summary: Consolidate code for loglevel/logfile for better shared usage between slapd and lloadd Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- In a future release, consolidate logging code, loglevel bits to be better shared between slapd and stand-alone lloadd. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9723] New: C_EOF not reset in mdb_cursor_get with MDB_FIRST_DUP
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9723 Issue ID: 9723 Summary: C_EOF not reset in mdb_cursor_get with MDB_FIRST_DUP Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: stephan.j.bircher(a)gmail.com Target Milestone: --- I'm on the master branch of lmdb. Steps to reproduce // search for an non-existent key rc = mdb_cursor_get(cursor, &key, &val, MDB_SET_RANGE); if (rc == MDB_NOTFOUND) { // C_EOF is not set on the cursor flags // go to the last. // C_EOF remains set which is ok mdb_cursor_get(mdbCursor, &key, &val, MDB_LAST); // go to the first dup of the last // C_EOF remains set which is NOT OK mdb_cursor_get(mdbCursor, &key, &val, MDB_FIRST_DUP); // return MDB_NOTFOUND in any case whether there are duplicates or not // because C_EOF was not cleared mdb_cursor_get(mdbCursor, &key, &val, MDB_NEXT_NODUP); } Possible fix: case MDB_FIRST_DUP: mfunc = mdb_cursor_first; mmove: if (data == NULL || !(mc->mc_flags & C_INITIALIZED)) { rc = EINVAL; break; } if (mc->mc_xcursor == NULL) { rc = MDB_INCOMPATIBLE; break; } if (mc->mc_ki[mc->mc_top] >= NUMKEYS(mc->mc_pg[mc->mc_top])) { mc->mc_ki[mc->mc_top] = NUMKEYS(mc->mc_pg[mc->mc_top]); rc = MDB_NOTFOUND; break; } { MDB_node *leaf = NODEPTR(mc->mc_pg[mc->mc_top], mc->mc_ki[mc->mc_top]); if (!F_ISSET(leaf->mn_flags, F_DUPDATA)) { MDB_GET_KEY(leaf, key); rc = mdb_node_read(mc, leaf, data); break; } } if (!(mc->mc_xcursor->mx_cursor.mc_flags & C_INITIALIZED)) { rc = EINVAL; break; } rc = mfunc(&mc->mc_xcursor->mx_cursor, data, NULL); // FIX: clear C_EOF if (rc == MDB_SUCCESS && mc->mc_flags & C_EOF && mfunc == mdb_cursor_first) { mc->mc_flags ^= C_EOF; } break; -- You are receiving this mail because: You are on the CC list for the issue.

1 10

[Issue 9492] New: Add local logging capa
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9492 Issue ID: 9492 Summary: Add local logging capa Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: mhardin(a)symas.com Target Milestone: --- Enhancement request: Add capability to slapd to log to a local file with log rotation features. Log format should not change from syslog-generated log style. -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9641] New: accesslog when logging failed operations interferes with deltasync
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9641 Issue ID: 9641 Summary: accesslog when logging failed operations interferes with deltasync Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: replication Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Take delta-MPR setup and accesslog configured with logsuccess off. We encounter a conflicting write (one that fails to apply in the DB) and fall back to plain syncrepl. Since we are configured to log that write, syncprov sees it (it is a failure, so doesn't match filter, which should contain reqResult=0) and sends a LDAP_SYNC_NEW_COOKIE with that CSN to our delta-consumers. While we apply this write locally in the fallback session, the consumers will skip what they see as a duplicate and lose the change. My understanding is that for failed operations, we should ignore the CSN we received with the operation and instead set up a new one (with our own sid). -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 7215] Configuration Bug of index_substr_if_{max, min}len
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=7215 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9700] New: Need to determine new library ABI versioning starting point
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9700 Issue ID: 9700 Summary: Need to determine new library ABI versioning starting point Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- With the change in how OpenLDAP client libraries are versioned vs prior releases, we need to determine a useful starting point for the current ABI prior to release. Since current libldap is versioned as libldap.so.2, we may want to start with ol_api_current=2 -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9157] return additional error code information when OPT_X_TLS_NEWCTX fails
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9157 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8958] 2nd cn=config update blocks slapd while adding subordinate index
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8958 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8695] _sleep is deprecated
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8695 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9666] New: 2.5 to 2.6 upgrade documentation
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9666 Issue ID: 9666 Summary: 2.5 to 2.6 upgrade documentation Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Need to document any upgrade issues for going from 2.5 to 2.6 -- You are receiving this mail because: You are on the CC list for the issue.

1 11

[Issue 8903] Add Bind Early Option to ldappasswd
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8903 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6138] Bad Cancel/Abandon/"internal abandon"/Syncprov interactions
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=6138 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9122] slapadd with dry run fails with back-mdb
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9122 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9575] New: Object class olcGlobal should not allow olcPasswordHash
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9575 Issue ID: 9575 Summary: Object class olcGlobal should not allow olcPasswordHash Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: michael(a)stroeder.com Target Milestone: --- Object class olcGlobal should not allow olcPasswordHash because slapd will crash during start if attribute is set. Reported in this thread: https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/… -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9713] New: slaptest fails to log failure reason when logfile is not writeable
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9713 Issue ID: 9713 Summary: slaptest fails to log failure reason when logfile is not writeable Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- When using the logfile directive in slapd config. If the file exists, but is not writable by slaptest. The test fails, but there is no indication why: /opt/OPENLDAP_REL_ENG_2_6/sbin/slaptest -v -u -f /opt/install/slapd/opt/OPENLDAP_REL_ENG_2_6/etc/openldap/slapd.conf slaptest: bad configuration file! 2.5.4 behaves differently. The test does not fail, regardless of whether the file exists or not, or whether it is writable or not. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs