- openldap-bugs - openldap.org

[Issue 8333] NAME 'internationalISDNNumber' (RFC 4519)
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8333 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6248] Support multiple CA Cert directories
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=6248 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8649] Issue when fetching the backend that will receive the contextCSN when we have glued databases
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8649 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9536] New: back-asyncmeta crashes when traffic is directed to a new database, created via cn=config
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9536 Issue ID: 9536 Summary: back-asyncmeta crashes when traffic is directed to a new database, created via cn=config Product: OpenLDAP Version: unspecified Hardware: All OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: nivanova(a)symas.com Target Milestone: --- A new back-asyncmeta database is successfully created via cn=config, but the first LDAP request it tries to proxy causes a segmentation fault: 0# 0x00007F4C1E346629 in /usr/src/backend/src/main/c++/overlay-proxy/.libs/overlay_proxy-2.4.so.0 1# 0x00007F4C26D701E0 in /lib64/libc.so.6 2# pthread_mutex_lock in /lib64/libpthread.so.0 3# ldap_pvt_thread_mutex_lock in /usr/local/libexec/slapd 4# asyncmeta_getconn in /usr/local/libexec/slapd 5# asyncmeta_back_add in /usr/local/libexec/slapd 6# fe_op_add in /usr/local/libexec/slapd 7# overlay_op_walk in /usr/local/libexec/slapd 8# 0x00000000004D8EFB in /usr/local/libexec/slapd 9# 0x00000000004D90DC in /usr/local/libexec/slapd 10# do_add in /usr/local/libexec/slapd 11# 0x0000000000445B20 in /usr/local/libexec/slapd 12# 0x00000000004460FB in /usr/local/libexec/slapd 13# 0x0000000000563C54 in /usr/local/libexec/slapd 14# 0x00007F4C270FB569 in /lib64/libpthread.so.0 15# clone in /lib64/libc.so.6 -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9581] New: Add precision setting for slapd lastbind setting
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9581 Issue ID: 9581 Summary: Add precision setting for slapd lastbind setting Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The lastbind functionality that was imported into slapd for 2.5 is missing the ability to fine tune the precision with which to allow the updates that was present in the original overlay. It would be nice to have an option for it. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 7080] post read control in back-config
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=7080 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6949] OpenLDAP Logging
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=6949 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 5344] Wrong check for bad Modify DN
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=5344 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9615] New: ppolicy pwcheck module should be a configuration setting
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9615 Issue ID: 9615 Summary: ppolicy pwcheck module should be a configuration setting Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- With the current implementation, the external pwcheck module for ppolicy is dl opened every time a given password policy is checked during a password modify operation. This appears to be problematic because eventually systems start reporting: check_password_quality: lt_dlopen failed: (ppm.so) file not found." There's really zero reason for this functionality to be implemented this way. Instead, an external password policy check module should be defined as a password policy config item, and then whether or not to use it remains a part of a given policy. This means the external module will only need to be opened a single time. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 8775] PASSMOD exop fails with RWM and tight ACLs
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8775 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6916] slapo-unique returns operations error when assertion control is used
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=6916 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9650] New: lloadd segfault on startup on systems using musl
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9650 Issue ID: 9650 Summary: lloadd segfault on startup on systems using musl Product: OpenLDAP Version: unspecified Hardware: All OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: lloadd Assignee: bugs(a)openldap.org Reporter: git(a)freundtech.com Target Milestone: --- I came across this problem while testing a fix for #9648. It seems to be unrelated, so I'm creating a separate issue. After compiling OpenLDAP 2.5.7 with the fix from #9648 and ----enable-balancer=yes on an Alpine Linux system lloadd segfaults on startup. The backtrace from a debug build is #0 0x00007ffff7fba852 in tss_get () from /lib/ld-musl-x86_64.so.1 #1 0x00005555555a844d in ldap_pvt_thread_key_getdata (key=0, data=0x7fffffffe820) at thr_posix.c:360 #2 0x00005555555a7f9f in ldap_pvt_thread_pool_context () at tpool.c:1442 #3 0x0000555555583122 in slap_sl_context (ptr=0x7ffff7f606e0) at sl_malloc.c:673 #4 0x0000555555580709 in ch_realloc (block=0x7ffff7f606e0, size=24) at ch_malloc.c:81 #5 0x0000555555572303 in lload_open_listener (url=0x7ffff7c43c30 "ldap:///", lud=0x7ffff7f60550, listeners=0x7fffffffeb1c, cur=0x7fffffffeb20) at daemon.c:465 #6 0x00005555555733bf in lloadd_listeners_init (urls=0x5555555d1958 "ldap:///") at daemon.c:749 #7 0x000055555557f7a9 in main (argc=1, argv=0x7fffffffed08) at main.c:632 The problem seems to be that ldap_pvt_thread_pool_context in tpool.c is called before ldap_int_thread_pool_startup in tpool.c is called. ldap_int_thread_pool_startup calls ldap_pvt_thread_key_create, which on posix calls pthread_key_create. ldap_pvt_thread_pool_context calls ldap_pvt_thread_key_getdata, which on posix calls pthread_getspecific. If ldap_int_thread_pool_startup wasn't called pthread_getspecific gets passed an uninitialized key, which is always 0 (because the variable is static). According to man 3 pthread_getspecific "The effect of calling pthread_getspecific() or pthread_setspecific() with a key value not obtained from pthread_key_create() or after key has been deleted with pthread_key_delete() is undefined." This seems to work fine on glibc, but crash on musl. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9599] New: Additional balancing strategies for lloadd
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9599 Issue ID: 9599 Summary: Additional balancing strategies for lloadd Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: lloadd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- At the moment, lloadd picks a backend on a round-robin basis, taking the first one that can deal with the request. This has several disadvantages: - there is no way to implement a failover set up where certain (e.g. local) servers should be contacted as a priority - all balancing is implicit on the limits imposed on servers - a connection/server is a candidate until we've reached those limits Allowing a priority and/or a different strategy to be set should address these. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9598] New: Restricted operation routing in lloadd
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9598 Issue ID: 9598 Summary: Restricted operation routing in lloadd Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: lloadd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- Lloadd is not supposed to understand the LDAP protocol and is happy to route operations to whichever connection is available, but this can backfire in certain ways: - there are controls and extended operations that establish an shared context on the connection (paged results, TXN, ...) - it might take a measurable amount of time before a write operation is propagated to other servers There should be a way to force some of these to a chosen backend/upstream connection temporarily or even permanently based on the OID of the extop/control in question. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9597] New: Send a Notice of Disconnection to clients
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9597 Issue ID: 9597 Summary: Send a Notice of Disconnection to clients Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: lloadd Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- When closing client connections, lloadd should try and send a NoD response first. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9633] New: Intermittent test030 failure caused by referral chasing
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9633 Issue ID: 9633 Summary: Intermittent test030 failure caused by referral chasing Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Not 100% reproducible but occurs frequently using ldif or wt backends. The test hits an assert failure in libldap. >>>>> Starting test030-relay for wt... running defines.sh Testing virtual naming context mapping with relay ldap meta backend(s)... Using relay backend... Starting slapd on TCP/IP port 9051... Using ldapsearch to check that slapd is running... Using ldapadd to populate the database... Searching base="dc=example,dc=com"... Searching base="o=Example,c=US"... Searching base="o=Esempio,c=IT"... Searching base="o=Beispiel,c=DE"... Modifying database "o=Beispiel,c=DE"... Modifying database "o=Example,c=US"... Searching base="o=Example,c=US"... Searching base="o=Esempio,c=IT"... Searching filter="(objectClass=referral)" attrs="'*' ref" base="dc=example,dc=com"... base="o=Example,c=US"... base="o=Esempio,c=IT"... Searching filter="(seeAlso=cn=all staff,ou=Groups,o=Example,c=US)" attrs="seeAlso" base="o=Example,c=US"... Searching filter="(uid=example)" attrs="uid" base="o=Example,c=US"... Searching filter="(member=cn=Another Added Group,ou=Groups,o=Example,c=US)" attrs="member" base="o=Example,c=US"... Filtering ldapsearch results... Filtering original ldif used to create database... Comparing filter output... Changing password to database "o=Example,c=US"... Binding with newly changed password to database "o=Beispiel,c=DE"... Comparing to database "o=Esempio,c=IT"... >>>>> waiting for things to exit Using ldap backend... Starting slapd on TCP/IP port 9051... Using ldapsearch to check that slapd is running... Using ldapadd to populate the database... Searching base="dc=example,dc=com"... Searching base="o=Example,c=US"... Searching base="o=Esempio,c=IT"... Searching base="o=Beispiel,c=DE"... Modifying database "o=Beispiel,c=DE"... Modifying database "o=Example,c=US"... Searching base="o=Example,c=US"... Search failed (255)! ../../head/tests/scripts/test030-relay: 240: kill: No such process >>>>> Failed test030-relay for wt after 3 seconds (exit 255) make[1]: Leaving directory '/home/hyc/OD/hobj/tests' backtrace: gdb) bt #0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:49 #1 0x00007fb9119bd864 in __GI_abort () at abort.c:79 #2 0x00007fb9119bd749 in __assert_fail_base ( fmt=0x7fb911b46f78 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x7fb9123efc93 "lr->lr_refcnt == 0", file=0x7fb9123ef5c0 "../../../head/libraries/libldap/request.c", line=1671, function=<optimized out>) at assert.c:92 #3 0x00007fb9119cf3d6 in __GI___assert_fail ( assertion=0x7fb9123efc93 "lr->lr_refcnt == 0", file=0x7fb9123ef5c0 "../../../head/libraries/libldap/request.c", line=1671, function=0x7fb9123efe70 <__PRETTY_FUNCTION__.1> "ldap_find_request_by_msgid") at assert.c:101 #4 0x00007fb9121d671c in ldap_find_request_by_msgid (ld=0x7fb8fc124d70, msgid=3) at ../../../head/libraries/libldap/request.c:1671 #5 0x00007fb9121b882d in try_read1msg (ld=0x7fb8fc124d70, msgid=5, all=1, lc=0x7fb8fc128180, result=0x7fb90511bf48) at ../../../head/libraries/libldap/result.c:575 #6 0x00007fb9121b8135 in wait4msg (ld=0x7fb8fc124d70, msgid=5, all=1, timeout=0x7fb90511bf90, result=0x7fb90511bf48) at ../../../head/libraries/libldap/result.c:369 #7 0x00007fb9121b77cb in ldap_result (ld=0x7fb8fc124d70, msgid=5, all=1, timeout=0x7fb90511bf90, result=0x7fb90511bf48) --Type <RET> for more, q to quit, c to continue without paging-- at ../../../head/libraries/libldap/result.c:120 #8 0x00007fb9121d3b8c in ldap_new_connection (ld=0x7fb8fc124d70, srvlist=0x7fb90511c160, use_ldsb=0, connect=1, bind=0x7fb90511c1a0, m_req=1, m_res=1) at ../../../head/libraries/libldap/request.c:627 #9 0x00007fb9121d2ba0 in ldap_send_server_request (ld=0x7fb8fc124d70, ber=0x7fb8f0137ea0, msgid=4, parentreq=0x7fb8f0000fd0, srvlist=0x7fb90511c160, lc=0x0, bind=0x7fb90511c1a0, m_noconn=0, m_res=1) at ../../../head/libraries/libldap/request.c:253 #10 0x00007fb9121d56e5 in ldap_chase_v3referrals (ld=0x7fb8fc124d70, lr=0x7fb8f0000fd0, refs=0x0, sref=1, errstrp=0x7fb8f0001000, hadrefp=0x7fb90511c208) at ../../../head/libraries/libldap/request.c:1283 #11 0x00007fb9121b8b40 in try_read1msg (ld=0x7fb8fc124d70, msgid=3, all=0, lc=0x7fb8fc128180, result=0x7fb90511c4e8) at ../../../head/libraries/libldap/result.c:680 #12 0x00007fb9121b8135 in wait4msg (ld=0x7fb8fc124d70, msgid=3, all=0, timeout=0x7fb90511c520, result=0x7fb90511c4e8) at ../../../head/libraries/libldap/result.c:369 #13 0x00007fb9121b77cb in ldap_result (ld=0x7fb8fc124d70, msgid=3, all=0, timeout=0x7fb90511c520, result=0x7fb90511c4e8) at ../../../head/libraries/libldap/result.c:120 #14 0x000055a093724e35 in ldap_back_search (op=0x7fb8f0000be0, rs=0x7fb90511d990) at ../../../../head/servers/slapd/back-ldap/search.c:317 #15 0x000055a0936ff157 in overlay_op_walk (op=0x7fb8f0000be0, --Type <RET> for more, q to quit, c to continue without paging-- rs=0x7fb90511d990, which=op_search, oi=0x55a0943711d0, on=0x0) at ../../../head/servers/slapd/backover.c:706 #16 0x000055a0936ff417 in over_op_func (op=0x7fb8f0000be0, rs=0x7fb90511d990, which=op_search) at ../../../head/servers/slapd/backover.c:766 #17 0x000055a0936ff59b in over_op_search (op=0x7fb8f0000be0, rs=0x7fb90511d990) at ../../../head/servers/slapd/backover.c:796 #18 0x000055a09365d201 in fe_op_search (op=0x7fb8f0000be0, rs=0x7fb90511d990) at ../../../head/servers/slapd/search.c:426 #19 0x000055a09365c9fa in do_search (op=0x7fb8f0000be0, rs=0x7fb90511d990) at ../../../head/servers/slapd/search.c:267 #20 0x000055a093658e0c in connection_operation (ctx=0x7fb90511daf0, arg_v=0x7fb8f0000be0) at ../../../head/servers/slapd/connection.c:1113 #21 0x000055a09365956b in connection_read_thread (ctx=0x7fb90511daf0, argv=0x10) at ../../../head/servers/slapd/connection.c:1265 #22 0x00007fb9121feea3 in ldap_int_thread_pool_wrapper (xpool=0x55a094357ac0) at ../../../head/libraries/libldap/tpool.c:1053 #23 0x00007fb911b8c450 in start_thread (arg=0x7fb90511e640) at pthread_create.c:481 #24 0x00007fb911aaed53 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 (gdb) frame 11 #11 0x00007fb9121b8b40 in try_read1msg (ld=0x7fb8fc124d70, msgid=3, all=0, lc=0x7fb8fc128180, result=0x7fb90511c4e8) at ../../../head/libraries/libldap/result.c:680 680 refer_cnt = ldap_chase_v3referrals( ld, lr, refs, (gdb) l 675 if ( ber_scanf( &tmpber, "{v}", &refs ) == LBER_ERROR ) { 676 rc = LDAP_DECODING_ERROR; 677 678 } else { 679 /* Note: refs array is freed by ldap_chase_v3referrals */ 680 refer_cnt = ldap_chase_v3referrals( ld, lr, refs, 681 1, &lr->lr_res_error, &hadref ); 682 if ( refer_cnt > 0 ) { 683 /* successfully chased reference */ 684 /* If haven't got end search, set chasing referrals */ (gdb) p *lr $7 = {lr_msgid = 3, lr_status = 1, lr_refcnt = 1, lr_outrefcnt = 1, lr_abandoned = 0, lr_origid = 3, lr_parentcnt = 0, lr_res_msgtype = 115, lr_res_errno = 0, lr_res_error = 0x0, lr_res_matched = 0x0, lr_ber = 0x7fb8f0139eb0, lr_conn = 0x7fb8fc128180, lr_dn = {bv_len = 17, bv_val = 0x7fb8f0128b79 "dc=example,dc=com\n\001\002\n\001"}, lr_parent = 0x0, lr_child = 0x0, lr_refnext = 0x0, lr_prev = 0x0, lr_next = 0x0} (gdb) The problem appears to be due to recursion in try_read1msg() when chasing a referral. In this case it's processing msgid 3 and then while looking for response to msgid 5 it sees another response to msgid 3. It looks up the corresponding request and sees it already has a non-zero lr_refcnt and assert fails there. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9716] New: Fix default guide versions for head and 2.6
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9716 Issue ID: 9716 Summary: Fix default guide versions for head and 2.6 Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The preamble file needs to be fixed in openldap head and the 2.6 release branch to be correct. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9653] New: typo in access-control.sdf
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9653 Issue ID: 9653 Summary: typo in access-control.sdf Product: OpenLDAP Version: 2.5.4 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- https://git.openldap.org/openldap/openldap/-/blob/master/doc/guide/admin/ac… says: “““ This directive allows users to modify their own entries if security protections have of strength 128 or better have been established, allows authentication access to anonymous users, and read access when 64 or better security protections have been established. ””” The first “have” must be deleted. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 9649] New: servers/slapd/schema/README missing schema
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9649 Issue ID: 9649 Summary: servers/slapd/schema/README missing schema Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The servers/slapd/schema/README file is supposed to contain information about the schema files found in this directory. However it is missing any entry for: dsee.schema msuser.schema namedobject.schema pmi.schema -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 9638] New: ldapsearch.1 documents default value of -T inaccurately
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9638 Issue ID: 9638 Summary: ldapsearch.1 documents default value of -T inaccurately Product: OpenLDAP Version: 2.5.6 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: ryan(a)openldap.org Target Milestone: --- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992130 The ldapsearch.1 man page says the default value for tmpdir (-T) is /var/tmp. The actual default value can come from a number of sources: environment variables (TMPDIR, TMP, TEMP), preprocessor macros (_P_tmpdir, P_tmpdir, _PATH_TMPDIR), or a hard-coded fallback (/tmp). The ldapsearch --help output correctly reflects the default value. It would be nice if the ldapsearch man page would reflect the actual compile-time default (LDAP_TMPDIR) and mention that it consults some environment variables. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9589] New: slapd.access.5 incorrect man page references
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9589 Issue ID: 9589 Summary: slapd.access.5 incorrect man page references Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The slapd.access(5) man page references: .BR back\-mdb (5). .BR back\-sql (5), Neither of these are valid man pages, as they are slapd-mdb(5) and slapd-sql(5). However, we reference back-<backend> throughout our documentation. Should we perhaps create links for the backend manpages so they can be found either way? I.e.: slapd-mdb.5.links -> back-mdb.5 -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9586] New: Admin guide: Need example fractional replication configuration
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9586 Issue ID: 9586 Summary: Admin guide: Need example fractional replication configuration Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The admin guide states: Syncrepl supports partial, sparse, and fractional replications but there are no example configurations for partial replication to draw from. This needs to be added to the guide. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9585] New: Admin guide: Need example sparse replication configuration
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9585 Issue ID: 9585 Summary: Admin guide: Need example sparse replication configuration Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The admin guide states: Syncrepl supports partial, sparse, and fractional replications but there are no example configurations for sparse replication to draw from. This needs to be added to the guide. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 8788] slapd-pcache undef not compatible with mdb
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8788 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 5555] authzTo ACL check for wrong principal
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=5555 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|TEST |FIXED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6244] "now" dynacl module
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=6244 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9673] New: Do not embed openldap version into library names
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9673 Issue ID: 9673 Summary: Do not embed openldap version into library names Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- We already use soname versioning as we should (I hope), so there is no need to embed our version into the library name, implying a transition every time we release a new major version even if we kept ABI backwards compatibility... That could remain for git builds (-devel/-releng suffixes) if we really need to, but I don't see the need for that either. -- You are receiving this mail because: You are on the CC list for the issue.

1 12

[Issue 9632] New: Tweak tests to allow running multiple instances concurrently
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9632 Issue ID: 9632 Summary: Tweak tests to allow running multiple instances concurrently Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- Add a new TESTINST variable that will add a ".$TESTINST" suffix to $TESTDIR and assign non-overlapping ranges to $BASEPORT. -- You are receiving this mail because: You are on the CC list for the issue.

1 8

[Issue 9617] New: Test suite has illegal exit values
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9617 Issue ID: 9617 Summary: Test suite has illegal exit values Product: OpenLDAP Version: 2.5.6 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Some of the scripts in the test suite use an illegal exit value of -1. This causes errors like: exit: Illegal number: -1 -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9616] New: Default slapd.conf/slapd.ldif are unusable with a modular build
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9616 Issue ID: 9616 Summary: Default slapd.conf/slapd.ldif are unusable with a modular build Product: OpenLDAP Version: 2.5.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- While we substitute in various build paths during the installation process of the default slapd.conf and slapd.ldif files, we fail to actually make them functional in the case of a modular build. This should be fixed so that they actually work as a default configuration. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9485] New: OPenldap is not autoconf 2.71 ready
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9485 Issue ID: 9485 Summary: OPenldap is not autoconf 2.71 ready Product: OpenLDAP Version: 2.4.57 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: kloczko.tomasz(a)gmail.com Target Milestone: --- + cd openldap-2.4.57 + autoreconf -fiv autoreconf: export WARNINGS= autoreconf: warning: autoconf input should be named 'configure.ac', not 'configure.in' autoreconf: Entering directory '.' autoreconf: configure.in: not using Gettext autoreconf: running: aclocal --force aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in' autoreconf: configure.in: tracing autoreconf: running: libtoolize --copy --force libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, 'build'. libtoolize: copying file 'build/ltmain.sh' libtoolize: Consider adding 'AC_CONFIG_MACRO_DIRS([m4])' to configure.in, libtoolize: and rerunning libtoolize and aclocal. libtoolize: Consider adding '-I m4' to ACLOCAL_AMFLAGS in Makefile.am. autoreconf: configure.in: not using Intltool autoreconf: configure.in: not using Gtkdoc autoreconf: running: aclocal --force aclocal: warning: autoconf input should be named 'configure.ac', not 'configure.in' autoreconf: running: /usr/bin/autoconf --force configure.in:72: warning: AM_INIT_AUTOMAKE: two- and three-arguments forms are deprecated. ./lib/autoconf/general.m4:2434: AC_DIAGNOSE is expanded from... aclocal.m4:9461: AM_INIT_AUTOMAKE is expanded from... configure.in:72: the top level configure.in:671: warning: The macro `AC_LIBTOOL_WIN32_DLL' is obsolete. configure.in:671: You should run autoupdate. aclocal.m4:8518: AC_LIBTOOL_WIN32_DLL is expanded from... configure.in:671: the top level configure.in:671: warning: AC_LIBTOOL_WIN32_DLL: Remove this warning and the call to _LT_SET_OPTION when you configure.in:671: put the 'win32-dll' option into LT_INIT's first parameter. ./lib/autoconf/general.m4:2434: AC_DIAGNOSE is expanded from... aclocal.m4:8518: AC_LIBTOOL_WIN32_DLL is expanded from... configure.in:671: the top level configure.in:672: warning: The macro `AC_LIBTOOL_DLOPEN' is obsolete. configure.in:672: You should run autoupdate. aclocal.m4:8483: AC_LIBTOOL_DLOPEN is expanded from... configure.in:672: the top level configure.in:672: warning: AC_LIBTOOL_DLOPEN: Remove this warning and the call to _LT_SET_OPTION when you configure.in:672: put the 'dlopen' option into LT_INIT's first parameter. ./lib/autoconf/general.m4:2434: AC_DIAGNOSE is expanded from... aclocal.m4:8483: AC_LIBTOOL_DLOPEN is expanded from... configure.in:672: the top level configure.in:673: warning: The macro `AC_PROG_LIBTOOL' is obsolete. configure.in:673: You should run autoupdate. aclocal.m4:121: AC_PROG_LIBTOOL is expanded from... configure.in:673: the top level configure.in:1216: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2736: _AC_PREPROC_IFELSE is expanded from... ./lib/autoconf/general.m4:2751: AC_PREPROC_IFELSE is expanded from... configure.in:1216: the top level configure.in:1369: warning: The macro `AC_TRY_LINK' is obsolete. configure.in:1369: You should run autoupdate. ./lib/autoconf/general.m4:2920: AC_TRY_LINK is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... configure.in:1369: the top level configure.in:1369: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... configure.in:1369: the top level configure.in:1384: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1384: the top level configure.in:1385: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1385: the top level configure.in:1386: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1386: the top level configure.in:1387: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1387: the top level configure.in:1388: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1388: the top level configure.in:1390: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1390: the top level configure.in:1392: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1392: the top level configure.in:1397: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1397: the top level configure.in:1400: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1400: the top level configure.in:1401: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1401: the top level configure.in:1403: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1403: the top level configure.in:1405: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1405: the top level configure.in:1407: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1407: the top level configure.in:1409: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1409: the top level configure.in:1412: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:664: OL_PTHREAD_TRY is expanded from... configure.in:1412: the top level configure.in:1497: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2962: _AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2981: AC_RUN_IFELSE is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... configure.in:1497: the top level configure.in:1893: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2249: AC_CACHE_VAL is expanded from... ./lib/autoconf/general.m4:2270: AC_CACHE_CHECK is expanded from... build/openldap.m4:295: OL_BDB_HEADER_VERSION is expanded from... build/openldap.m4:490: OL_BERKELEY_DB is expanded from... configure.in:1893: the top level configure.in:1933: warning: The macro `AC_TRY_LINK' is obsolete. configure.in:1933: You should run autoupdate. ./lib/autoconf/general.m4:2920: AC_TRY_LINK is expanded from... lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/general.m4:2894: _AC_LINK_IFELSE is expanded from... ./lib/autoconf/general.m4:2911: AC_LINK_IFELSE is expanded from... lib/m4sugar/m4sh.m4:699: AS_IF is expanded from... ./lib/autoconf/headers.m4:89: _AC_CHECK_HEADER_COMPILE is expanded from... ./lib/autoconf/headers.m4:56: AC_CHECK_HEADER is expanded from... lib/m4sugar/m4sh.m4:651: AS_FOR is expanded from... ./lib/autoconf/headers.m4:217: AC_CHECK_HEADERS is expanded from... configure.in:1933: the top level configure.in:2306: warning: The macro `AC_TYPE_SIGNAL' is obsolete. configure.in:2306: You should run autoupdate. ./lib/autoconf/types.m4:776: AC_TYPE_SIGNAL is expanded from... configure.in:2306: the top level configure.in:2317: warning: The macro `AC_HEADER_TIME' is obsolete. configure.in:2317: You should run autoupdate. ./lib/autoconf/headers.m4:743: AC_HEADER_TIME is expanded from... configure.in:2317: the top level configure.in:2515: warning: AC_LANG_CONFTEST: no AC_LANG_SOURCE call detected in body ./lib/autoconf/lang.m4:199: AC_LANG_CONFTEST is expanded from... ./lib/autoconf/general.m4:2823: _AC_COMPILE_IFELSE is expanded from... ./lib/autoconf/general.m4:2839: AC_COMPILE_IFELSE is expanded from... configure.in:2515: the top level autoreconf: running: /usr/bin/autoheader --force autoheader: warning: autoconf input should be named 'configure.ac', not 'configure.in' autoreconf: running: automake --add-missing --copy --force-missing automake: warning: autoconf input should be named 'configure.ac', not 'configure.in' configure.in:72: warning: AM_INIT_AUTOMAKE: two- and three-arguments forms are deprecated. For more info, see: configure.in:72: https://www.gnu.org/software/automake/manual/automake.html#Modernize-AM_005… configure.in:673: installing 'build/compile' configure.in:72: installing 'build/install-sh' configure.in:72: installing 'build/missing' automake: error: no 'Makefile.am' found for any configure output autoreconf: error: automake failed with exit status: 1 -- You are receiving this mail because: You are on the CC list for the issue.

1 21

[Issue 8874] --with-fetch incorrectly links libcom_err
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8874 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9643] New: back-wt: entry_decode failure.
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9643 Issue ID: 9643 Summary: back-wt: entry_decode failure. Product: OpenLDAP Version: 2.5.6 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: hamano(a)osstech.co.jp Target Milestone: --- https://bugs.openldap.org/show_bug.cgi?id=9463 ondra mentioned: > e.g. ./run -b wt -l 50 test034 I reproduced the issue by iterating test034. And I figure out the issue is in entry_encode/decode. It happens stochastically by reading memory outside the malloc area when decoding special entry (only dn entry without attributes). Since entry_encode/decode was originally used by back-bdb and back-hdb, these backends also had this problem. Currently It seems that only back-wt is using entry_encode/decode. I'll fork entry_encode/decode and create wt_entry_encode/decode. Then, we can remove entry_encode/decode. -- You are receiving this mail because: You are on the CC list for the issue.

1 10

[Issue 9636] New: delete back-shell
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9636 Issue ID: 9636 Summary: delete back-shell Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The back-shell backend was removed starting with OpenLDAP 2.5. It should also be removed from the head development branch. -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 9635] New: Delete back-ndb
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9635 Issue ID: 9635 Summary: Delete back-ndb Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- The back-ndb backend is deprecated and given Oracle's unwillingness to further defvelopment it is a dead project. Time to remove it. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 7080] post read control in back-config
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=7080 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 6949] OpenLDAP Logging
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=6949 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9720] New: accesslog mincsn needs initialization
by openldap-its＠openldap.org 26 Oct '21

26 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9720 Issue ID: 9720 Summary: accesslog mincsn needs initialization Product: OpenLDAP Version: 2.5.8 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- As reported on the -technical list, if using slapcat/slapadd to migrate an accesslog db from 2.4 to 2.5, the mincsn attribute will not be initialized causing a segfault on startup. -- You are receiving this mail because: You are on the CC list for the issue.

1 11

[Issue 9670] New: Roadmap has bogus items for 2.6/2.7
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9670 Issue ID: 9670 Summary: Roadmap has bogus items for 2.6/2.7 Product: website Version: unspecified Hardware: All URL: https://openldap.org/software/roadmap.html OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: ondra(a)mistotebe.net Target Milestone: --- - lloadd has supported "all" LDAP operation types since being merged in 2.5 - both ppolicy enhancements are bogus too - logging landed in 2.6 already -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9724] New: FreeBSD: fetch(3) should not require com_err library
by openldap-its＠openldap.org 25 Oct '21

25 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9724 Issue ID: 9724 Summary: FreeBSD: fetch(3) should not require com_err library Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: delphij(a)freebsd.org Target Milestone: --- This is reported at https://bugs.freebsd.org/259345 . fetch(3) support was added in 48d5465ab76af3739294584e25985b0cf368ad05 and com_err library was added as a dependency, at the time it was a dependency. However, shortly after that in 2000 (https://cgit.freebsd.org/src/commit/?id=ba101983d5c240f191e3f233907ebb4a6c7…), the dependency was removed, and beginning from FreeBSD 5.0 (released on January 14, 2003), the dependency was gone and do not exist in modern FreeBSD versions. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 8874] --with-fetch incorrectly links libcom_err
by openldap-its＠openldap.org 24 Oct '21

24 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8874 Xin Li <delphij(a)freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |delphij(a)freebsd.org --- Comment #6 from Xin Li <delphij(a)freebsd.org> --- *** Issue 9724 has been marked as a duplicate of this issue. *** -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9722] New: UX defect in screen to specify new password
by openldap-its＠openldap.org 22 Oct '21

22 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9722 Issue ID: 9722 Summary: UX defect in screen to specify new password Product: OpenLDAP Version: unspecified Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: christos.hayward(a)gmail.com Target Milestone: --- On a Debian 10 Linode, I ran: "aptitude install slapd ldap-utils". The screen prompting for a password was written in a way that led me to believe I was being asked for a password previously set as an LDAP password. This reflects a UX defect. I suggest a wording that shows clearly that one is being asked to assign a new password to LDAP, not enter a pre-existing password already assigned to LDAP. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9721] New: How To Add Lazy Loading Image In WordPress? (2 Effective Ways To Follow In 2021)
by openldap-its＠openldap.org 19 Oct '21

19 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9721 Issue ID: 9721 Summary: How To Add Lazy Loading Image In WordPress? (2 Effective Ways To Follow In 2021) Product: JLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: JLDAP Assignee: bugs(a)openldap.org Reporter: marklevisebook(a)gmail.com Target Milestone: --- Mainly if you are into the e-commerce industry then lazy loading will help you in a number of ways. As it allows websites to load images only when users state to scroll the website. A well-optimized website always comes with lazy loading because it allows site owners to offer the best experience by improving WordPress website speed. That is the reason why most of the businesses today look to hire experienced WordPress website design for their business. Read More: https://www.sfwpexperts.com/how-to-add-lazy-loading-image-in-wordpress-2-ef… https://www.sfwpexperts.com/ -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 8623] test022-ppolicy can fail due to timing dependency between lockout and expiration tests
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=8623 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9718 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 9645] New: Documentation upgrading from 2.4 - two descriptions
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9645 Issue ID: 9645 Summary: Documentation upgrading from 2.4 - two descriptions Product: OpenLDAP Version: 2.5.4 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- Searching in Internet for “upgrade openldap 2.5” finds • https://www.openldap.org/devel/admin/appendix-upgrading.html, and • https://www.openldap.org/doc/admin25/appendix-upgrading.html The text at the former link is incomplete, compared to the latter link. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9711] New: olcTLSVerifyClient set incorrectly on conversion
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9711 Issue ID: 9711 Summary: olcTLSVerifyClient set incorrectly on conversion Product: OpenLDAP Version: 2.5.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- When converting the following slapd.conf to cn=config via slaptest, the olcTLSVerifyClient parameter is set to "demand" instead of "never". The slapd.conf man page clearly states that "never" is supposed to be the default. This causes startTLS operations to fail from the client. slapd.conf: include /opt/symas/etc/openldap/schema/core.schema pidfile /var/symas/run/slapd.pid argsfile /var/symas/run/slapd.args loglevel stats TLSCACertificateFile /opt/symas/ssl/CA/certs/testsuiteCA.crt TLSCertificateFile /opt/symas/ssl/certs/ub18.crt TLSCertificateKeyFile /opt/symas/ssl/private/ub18.key modulepath /opt/symas/lib/openldap moduleload back_mdb.la database config rootpw secret database mdb maxsize 1073741824 suffix "dc=my-domain,dc=com" rootdn "cn=Manager,dc=my-domain,dc=com" rootpw secret directory /var/symas/openldap-data index objectClass eq database monitor With the above slapd.conf, the following ldapsearch command succeeds: /opt/symas/bin/ldapsearch -x -ZZ -H ldap://ub18.quanah.org/^ However, after converting it to cn=config: slaptest -f slapd.conf -F /opt/symas/etc/openldap/slapd.d olcTLSVerifyClient has an incorrect value of "demand" instead of "never": cn=config.ldif:olcTLSVerifyClient: demand -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 9679] New: On mariadb 10.5 the sql for creating the main definitions fails with errno: 150 "Foreign key constraint is incorrectly formed
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9679 Issue ID: 9679 Summary: On mariadb 10.5 the sql for creating the main definitions fails with errno: 150 "Foreign key constraint is incorrectly formed Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: lukav(a)lukav.com Target Milestone: --- Created attachment 841 --> https://bugs.openldap.org/attachment.cgi?id=841&action=edit Attached patch that fixes the issue When you try to execute servers/slapd/back-sql/rdbms_depend/mysql/backsql_create.sql in mariadb 10.5 you get an error: Fix Can't create table `ldap`.`ldap_entry_objclasses` (errno: 150 "Foreign key constraint is incorrectly formed") That is because entry_id column is not declared unsigned as the ldap_entries(id) column. This patch fixed the definition. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 9678] New: slapadd prints “olcRootPW: value #0: <olcRootPW> can only be set when rootdn is under suffix” and then crashes
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9678 Issue ID: 9678 Summary: slapadd prints “olcRootPW: value #0: <olcRootPW> can only be set when rootdn is under suffix” and then crashes Product: OpenLDAP Version: 2.5.7 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- Created attachment 840 --> https://bugs.openldap.org/attachment.cgi?id=840&action=edit Valgrind output Calling ``` slapadd -n0 -F/home/d/ldap/conf <<ABC dn: cn=config objectClass: olcGlobal cn: config olcAuthzRegexp: uid=([^@,]+)@example.org,cn=[^,]*,cn=auth uid=$1,cn=users,dc=example,dc=org dn: olcDatabase=frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: frontend dn: olcDatabase=config,cn=config objectClass: olcDatabaseConfig olcDatabase: config olcRootDN: uid=yyy,cn=users,dc=example,dc=org olcRootPW: zzz ABC ``` prints PROXIED attributeDescription "DC" inserted. olcRootPW: value #0: <olcRootPW> can only be set when rootdn is under suffix slapadd: could not add entry dn="olcDatabase={0}config,cn=config" (line=12): Segmentation fault (core dumped) The output of valgrind, when it runs the above command, is attached. -- You are receiving this mail because: You are on the CC list for the issue.

1 7

[Issue 9671] New: pwdPolicySubentry: no user modification allowed
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9671 Issue ID: 9671 Summary: pwdPolicySubentry: no user modification allowed Product: OpenLDAP Version: 2.5.7 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: michael(a)stroeder.com Target Milestone: --- Without using Relax Rules control it is not possible to set attribute pwdPolicySubentry anymore. This was possible with 2.4.x. # ldapadd -Q -f aehost.ldif adding new entry "host=foobar42.example.com,cn=test-hosts-1,cn=test,ou=ae-dir" ldap_add: Constraint violation (19) additional info: pwdPolicySubentry: no user modification allowed This is a really serious regression for existing admin processes. -- You are receiving this mail because: You are on the CC list for the issue.

1 14

[Issue 9664] New: Hiding namingContexts in the root DSE, when these are not in small letters
by openldap-its＠openldap.org 11 Oct '21

11 Oct '21

https://bugs.openldap.org/show_bug.cgi?id=9664 Issue ID: 9664 Summary: Hiding namingContexts in the root DSE, when these are not in small letters Product: OpenLDAP Version: 2.5.6 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: dpa-openldap(a)aegee.org Target Milestone: --- Below are the ACL for the frontend database. They are supposed to hide the cn=krbconfig from the namingContexts on the root DSE. dn: olcDatabase=frontend,cn=config objectClass: olcDatabaseConfig objectClass: olcFrontendConfig olcDatabase: frontend #olcAccess: to dn.base="" attrs=namingContexts val/distinguishedNameMatch="cn=krbcontainer" by * none olcAccess: to dn.base="" attrs=namingContexts val="cn=krbcontainer" by * none olcAccess: to dn.exact="" by * read dn: olcDatabase=mdb,cn=config objectClass: olcDatabaseConfig objectClass: olcMdbConfig olcDatabase: mdb olcDbMaxSize: 10485760 olcSuffix: cn=krbcontainer olcRootDN: uid=zzz,cn=krbcontainer olcRootPW: zzz olcDbDirectory: ldap/uuu olcDbIndex: objectClass eq olcAccess: to dn.sub="cn=krbContainer" by * read It does work! However, if change the case in (container ⇒ Container): olcSuffix: cn=krbContainer no matter how I set olcAccess in the frontend database, $ ldapsearch -xb "" -s base namingContexts always prints dn: namingContexts: cn=krbContainer In particular olcAccess: to dn.base="" attrs=namingContexts val/distinguishedNameMatch="cn=krbcontainer" by * none does not hide it. • It shall be possible to find olcSuffix from the DSE/namingContexts, even if the suffix is mixCased. Since the case is known at the time, when the rules are written, OpenLDAP shall offer an option for exact match, without converting data to lowercase. (as shown by sladp -d -1 ) -- You are receiving this mail because: You are on the CC list for the issue.

1 8

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs