- openldap-bugs - openldap.org

[Bug 9259] New: PHP ldap_start_tls function does not work on Windows (No Official Documentation)
by openldap-its＠openldap.org 14 May '20

14 May '20

https://bugs.openldap.org/show_bug.cgi?id=9259 Bug ID: 9259 Summary: PHP ldap_start_tls function does not work on Windows (No Official Documentation) Product: OpenLDAP Version: 2.4.44 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: auth1299(a)yahoo.com Target Milestone: --- Created attachment 731 --> https://bugs.openldap.org/attachment.cgi?id=731&action=edit php function I wrote. I am unable to get PHP function "ldap_start_tls" to work. I'm using PHP version 7.1.10 on windows 2016 server. Documentation is at the link below but for windows, nothing works. https://www.php.net/manual/en/function.ldap-start-tls.php I can't even get proper debug information to work which makes it impossible for me to resolve any issues. The only information I get back is this: LDAP RESULT: -11 - Connect error Debug command I am using. ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7); I have attached the php function I am using. -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 8155] add support for cacertdir with gnutls
by openldap-its＠openldap.org 14 May '20

14 May '20

https://bugs.openldap.org/show_bug.cgi?id=8155 Ryan Tandy <ryan(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |TEST Keywords|OL_2_5_REQ | --- Comment #3 from Ryan Tandy <ryan(a)openldap.org> --- Commits: 9282e6ed by Ryan Tandy at 2020-05-14T07:56:28-07:00 ITS#8155 Support cacertdir with GnuTLS -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8873] slapd-meta/ldap - Remove deprecated options
by openldap-its＠openldap.org 14 May '20

14 May '20

1 0

[Bug 8873] slapd-meta/ldap - Remove deprecated options
by openldap-its＠openldap.org 14 May '20

14 May '20

https://bugs.openldap.org/show_bug.cgi?id=8873 --- Comment #1 from Quanah Gibson-Mount <quanah(a)openldap.org> --- More deprecated options: binddn bindpw proxyauthzdn proxyauthzpw acl-method -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9091] mdb attribute get mixed up in slapadd continue (-c) mode
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=9091 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9091] mdb attribute get mixed up in slapadd continue (-c) mode
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=9091 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|TEST |FIXED --- Comment #6 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Fixed in 2.4.49 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9080] Feature request: support DNS SRV lookups in ldap.conf
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=9080 --- Comment #3 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to jerj from comment #2) > I am happy to contribute this under whatever opensource license OpenLDAP > uses. Please see https://www.openldap.org/devel/contributing.html, particularly the IPR section. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9080] Feature request: support DNS SRV lookups in ldap.conf
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=9080 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=7027 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 7027] [PATCH] Implement priority/weight for DNS SRV records
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=7027 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9080 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9080] Feature request: support DNS SRV lookups in ldap.conf
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=9080 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=6462 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 6462] DNS SRV records: ldaps ???
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=6462 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9080 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9080] Feature request: support DNS SRV lookups in ldap.conf
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=9080 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=5919 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 5919] URI syntaxe (ldap:///dc=my%2cdc=domaine)
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=5919 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9080 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9080] Feature request: support DNS SRV lookups in ldap.conf
by openldap-its＠openldap.org 13 May '20

13 May '20

https://bugs.openldap.org/show_bug.cgi?id=9080 jerj(a)coplanar.net changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jerj(a)coplanar.net --- Comment #2 from jerj(a)coplanar.net --- Created attachment 730 --> https://bugs.openldap.org/attachment.cgi?id=730&action=edit openldap clients/tools honor config files ldap.conf ldaprc URI setting It seems all the client tools needlessly overwrite the URI setting with the default ldap://localhost, which gets used anyhow if there is no URI at all given in config files or on commandline. The attached patch is a first attempt, it has had little testing other than putting a DNS SRV URI in /etc/ldap/ldap.conf, but it should help move the conversation along. It seemed to me that 'ldapsearch (uid=me) homeDirectory' should just work vs Samba AD DC's ldap, and now it does for me. I am happy to contribute this under whatever opensource license OpenLDAP uses. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8681] dynlist overlay fails to generate attributes when paging is used
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=8681 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords|OL_2_5_REQ | Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8681] dynlist overlay fails to generate attributes when paging is used
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=8681 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |DUPLICATE --- Comment #1 from Quanah Gibson-Mount <quanah(a)openldap.org> --- *** This bug has been marked as a duplicate of bug 8372 *** -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8372] Incomplete members from dynlist group when Paged Results control is specified
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=8372 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh(a)inai.de --- Comment #4 from Quanah Gibson-Mount <quanah(a)openldap.org> --- *** Bug 8681 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 7743] mdb_idl_intersection() seems to expand the search candidates unnecessarily
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=7743 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|bdb_idl_intersection() |mdb_idl_intersection() |seems to expand the search |seems to expand the search |candidates unnecessarily |candidates unnecessarily -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 7420] Way to bypass overlay unique and constraint
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=7420 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Way to bypass overlay |Way to bypass overlay |unique and constranit |unique and constraint -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 5915] Some man pages still only talk about slapd.conf
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=5915 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Depends on| |7335 Referenced Bugs: https://bugs.openldap.org/show_bug.cgi?id=7335 [Bug 7335] Create process for updating man pages to handle both cn=config and slapd.conf configurations -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 7335] Create process for updating man pages to handle both cn=config and slapd.conf configurations
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=7335 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |5915 Referenced Bugs: https://bugs.openldap.org/show_bug.cgi?id=5915 [Bug 5915] Some man pages still only talk about slapd.conf -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8758] New Mirror in the Netherlands
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=8758 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8758] New Mirror in the Netherlands
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=8758 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|FEEDBACK |FIXED --- Comment #5 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Thanks this is now live. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8154] sizeLimit/timeLimit are described as Multi-value in slapd-config man page
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=8154 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |IN_PROGRESS --- Comment #2 from Quanah Gibson-Mount <quanah(a)openldap.org> --- https://git.openldap.org/openldap/openldap/-/merge_requests/64 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 7573] back-perl not working with cn=config
by openldap-its＠openldap.org 12 May '20

12 May '20

https://bugs.openldap.org/show_bug.cgi?id=7573 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Target Milestone|2.5.0 |2.4.51 Resolution|TEST |FIXED --- Comment #8 from Quanah Gibson-Mount <quanah(a)openldap.org> --- RE24: • 8c7f26b1 by Ryan Tandy at 2020-05-12T15:07:21+00:00 ITS#7573 Fix back-perl dynamic config with threaded slapd -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9258] New: Segmentation fault with -u option
by openldap-its＠openldap.org 11 May '20

11 May '20

https://bugs.openldap.org/show_bug.cgi?id=9258 Bug ID: 9258 Summary: Segmentation fault with -u option Product: OpenLDAP Version: 2.5 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: nick(a)folino.us Target Milestone: --- starting as root and using the -u option causes segfault: $ sudo /apps/openldap-devel/libexec/slapd -h "ldap://localhost" -f /apps/openldap-devel/etc/openldap/slapd.conf -u nick -d -1 ldap_url_parse_ext(ldap://localhost/) ldap_init: trying /apps/openldap-devel/etc/openldap/ldap.conf ldap_init: using /apps/openldap-devel/etc/openldap/ldap.conf ldap_init: HOME env is /root ldap_init: trying /root/ldaprc ldap_init: trying /root/.ldaprc ldap_init: trying ldaprc ldap_init: LDAPCONF env is NULL ldap_init: LDAPRC env is NULL 5eb7fbed @(#) $OpenLDAP: slapd 2.5.X (May 10 2020 08:03:33) $ nick@opti790:/home/nick/git/openldap/servers/slapd ldap_pvt_gethostbyname_a: host=opti790, r=0 5eb7fbed daemon_init: ldap://localhost 5eb7fbed daemon_init: listen on ldap://localhost 5eb7fbed daemon_init: 1 listeners to open... ldap_url_parse_ext(ldap://localhost) 5eb7fbed daemon: listener initialized ldap://localhost 5eb7fbed daemon_init: 1 listeners opened munmap_chunk(): invalid pointer Aborted Starting as the user without the -u option loads slapd without issue This also fails in the 2.X branch Works as intended in 2.4.50. -- You are receiving this mail because: You are on the CC list for the bug.

1 3

[Bug 6937] Remove --enable-proctitle and strdup(optarg)
by openldap-its＠openldap.org 11 May '20

11 May '20

https://bugs.openldap.org/show_bug.cgi?id=6937 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |nick(a)folino.us --- Comment #5 from Quanah Gibson-Mount <quanah(a)openldap.org> --- *** Bug 9258 has been marked as a duplicate of this bug. *** -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 6937] Remove --enable-proctitle and strdup(optarg)
by openldap-its＠openldap.org 11 May '20

11 May '20

https://bugs.openldap.org/show_bug.cgi?id=6937 --- Comment #4 from Quanah Gibson-Mount <quanah(a)openldap.org> --- commit fc8a7b25b8b5da95ce11743cc2386b257af26923 Author: Ryan Tandy <ryan(a)nardis.ca> Date: Sun May 10 08:47:54 2020 -0700 ITS#9258 More for ITS#6937, don't free user/group -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8847] New LDAP URL syntax to support binding to specific IP address at client side
by openldap-its＠openldap.org 11 May '20

11 May '20

https://bugs.openldap.org/show_bug.cgi?id=8847 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|quanah(a)openldap.org |bugs(a)openldap.org -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8758] New Mirror in the Netherlands
by openldap-its＠openldap.org 09 May '20

09 May '20

https://bugs.openldap.org/show_bug.cgi?id=8758 --- Comment #4 from mirror(a)koddos.net <mirror(a)koddos.net> --- Hello Quanah, It is setup: https://mirror.koddos.net/OpenLDAP/ (Netherlands) https://mirror-hk.koddos.net/OpenLDAP/ (Hong Kong) Regards, Martin > https://bugs.openldap.org/show_bug.cgi?id=8758 > > --- Comment #3 from Quanah Gibson-Mount <quanah(a)openldap.org> --- > (In reply to mirror(a)koddos.net from comment #2) >> Hello, >> >> Yes we still are interested. We run mirrors in Hong Kong and the >> Netherlands. We can setup both locations if you wish. > Hi Martin, > > That sounds great. The server for rsync is www.openldap.org and the module > name is OpenLDAP-ftp > > Let me know the links to the mirrors they are configured and I will add them to > the website. > > Regards, > Quanah > -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9098] assert fails in meta_back_search in some cases after reconnect
by openldap-its＠openldap.org 07 May '20

07 May '20

https://bugs.openldap.org/show_bug.cgi?id=9098 --- Comment #18 from maxime.besson(a)worteks.com <maxime.besson(a)worteks.com> --- Hi, In thread 1 at #4 : i and candidates[i] are optimized out, but the disasembly if that assert line shows a 0x10(%r13),%eax that leads me to believe that candidates[i] is in $r13 at that time: (gdb) print *((SlapReply *)$r13) $90 = {sr_type = REP_RESULT, sr_tag = 3, sr_msgid = -1, sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x0, sr_ctrls = 0x0, sr_un = {sru_search = {r_entry = 0x0, r_attr_flags = 0, r_operational_attrs = 0x0, r_attrs = 0x0, r_nentries = 0, r_v2ref = 0x0}, sru_sasl = {r_sasldata = 0x0}, sru_extended = {r_rspoid = 0x0, r_rspdata = 0x0}}, sr_flags = 0} I can't be exactly sure about 'i', but poking around memory makes be believe that it's 5 too. In thread 8 at #9: (gdb) print candidate $85 = 5 (gdb) print candidates[candidate] $86 = {sr_type = 4294967295, sr_tag = 0, sr_msgid = 0, sr_err = 0, sr_matched = 0x0, sr_text = 0x0, sr_ref = 0x25, sr_ctrls = 0x7f007061646c, sr_un = {sru_search = {r_entry = 0x7f4184000078, r_attr_flags = 32, r_operational_attrs = 0x25, r_attrs = 0x7f005f706374, r_nentries = -2078873856, r_v2ref = 0x20}, sru_sasl = { r_sasldata = 0x7f4184000078}, sru_extended = {r_rspoid = 0x7f4184000078 "\320|\033\204A\177", r_rspdata = 0x20}}, sr_flags = 133} The other stack traces I collected however do not seem to show an interaction with ldap_sasl_bind I should be able to deploy a patched slapd 2.4.48 (or why not 2.4.49) if you send me a diff. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9098] assert fails in meta_back_search in some cases after reconnect
by openldap-its＠openldap.org 07 May '20

07 May '20

https://bugs.openldap.org/show_bug.cgi?id=9098 --- Comment #17 from nivanova(a)symas.com <nivanova(a)symas.com> --- Hello again, We have tried to reproduce the issue, but so far without success - with or without timeouts, and running with helgrind did not show any relevant errors. We will keep trying, but in the mean time: The trace you provided shows something curious. We have the assertion error in Thread 1, and at the same time, we have Thread 8 performing ldap_sasl_bind on the same mc. It could be on a different candidate, in which case this would be irrelevant, but to make sure - if you still have the core and are able to open it, can you give us the following: In thread 1 at #4 , the value of i and of candidates[i] In thread 8 at #9, the value of candidate and candidates[candidate] It also seems something strange has happened to the data, entry values are different from the current, and the pointers seem off... We may need to add a few additional log messages to check the flow and data state since we can't debug. Given that you also can't reproduce it in a test environment, how feasible would be to deploy a build in production that has only log messages added? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9247] New: Replace ftp:// dowload URLs
by openldap-its＠openldap.org 07 May '20

07 May '20

https://bugs.openldap.org/show_bug.cgi?id=9247 Bug ID: 9247 Summary: Replace ftp:// dowload URLs Product: website Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: website Assignee: bugs(a)openldap.org Reporter: michael(a)stroeder.com Target Milestone: --- Browsers will drop support for ftp:// URLs pretty soon. So the download page should link https:// URLs of mirrors if available. Currently these mirrors support it: https://mirror.eu.oneandone.net/software/openldap/openldap-release/ https://gpl.savoirfairelinux.net/pub/mirrors/openldap/openldap-release/ IMO OpenLDAP's own site should also provide downloads via HTTPS: https://ftp.openldap.org/pub/OpenLDAP/openldap-release/ -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 8282] WEB: Devel/tools page is out of date
by openldap-its＠openldap.org 06 May '20

06 May '20

https://bugs.openldap.org/show_bug.cgi?id=8282 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8282] WEB: Devel/tools page is out of date
by openldap-its＠openldap.org 06 May '20

06 May '20

https://bugs.openldap.org/show_bug.cgi?id=8282 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED --- Comment #1 from Quanah Gibson-Mount <quanah(a)openldap.org> --- commit 86b78c87f48a7203893214d4fcbc1894c4eb338d Author: Quanah Gibson-Mount <quanah(a)openldap.org> Date: Wed May 6 21:51:22 2020 +0000 ITS#8282 - Update tools page - Fix link to autoconf - Fix link to libtool - Add link to gcc - Add link to MSYS2 commit d867b164c5e69e49bc13677c6ff541abae10bb81 Author: Quanah Gibson-Mount <quanah(a)openldap.org> Date: Wed May 6 19:34:20 2020 +0000 Update tools page to be current -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8758] New Mirror in the Netherlands
by openldap-its＠openldap.org 06 May '20

06 May '20

https://bugs.openldap.org/show_bug.cgi?id=8758 --- Comment #3 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to mirror(a)koddos.net from comment #2) > Hello, > > Yes we still are interested. We run mirrors in Hong Kong and the > Netherlands. We can setup both locations if you wish. Hi Martin, That sounds great. The server for rsync is www.openldap.org and the module name is OpenLDAP-ftp Let me know the links to the mirrors they are configured and I will add them to the website. Regards, Quanah -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8376] Use getaddrinfo to resolve FQDN
by openldap-its＠openldap.org 06 May '20

06 May '20

https://bugs.openldap.org/show_bug.cgi?id=8376 --- Comment #15 from Quanah Gibson-Mount <quanah(a)openldap.org> --- Note: SuSE has zero interest in pursuing this patch, as per https://bugzilla.opensuse.org/show_bug.cgi?id=1171127#c3 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8614] Remove ability to build non-threaded slapd
by openldap-its＠openldap.org 05 May '20

05 May '20

https://bugs.openldap.org/show_bug.cgi?id=8614 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|Test suite fails when using |Remove ability to build |--with-threads=no |non-threaded slapd -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8614] Test suite fails when using --with-threads=no
by openldap-its＠openldap.org 05 May '20

05 May '20

https://bugs.openldap.org/show_bug.cgi?id=8614 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |IN_PROGRESS Assignee|bugs(a)openldap.org |quanah(a)openldap.org -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 6151] Update cosine.schema to RFC 4524
by openldap-its＠openldap.org 05 May '20

05 May '20

https://bugs.openldap.org/show_bug.cgi?id=6151 --- Comment #20 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Howard Chu from comment #9) > > a) cosine.schema (== RFC1274) > > cosine4524.schema (== RFC4524) > > mutually exclusive (Kurt does not like this) > > > > b) cosine4524.schema (== RFC4524) > > cosine.schema (== RFC1274 - RFC4524) > > the latter includes the former > > > > c) cosine4524.schema (== RFC4524) > > cosine1274.schema (== RFC1274 - RFC4524) > > > > (there might be more) > > Yes, cosine.schema wrapping cosine4524.schema and cosine1274.schema might be > best. Sounds like (d) is the best option then: cosine4524.schema cosine1274.schema cosine.schema ? Michael, do you want to update your patch for this? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8376] Use getaddrinfo to resolve FQDN
by openldap-its＠openldap.org 04 May '20

04 May '20

https://bugs.openldap.org/show_bug.cgi?id=8376 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|quanah(a)openldap.org |bugs(a)openldap.org -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8376] Use getaddrinfo to resolve FQDN
by openldap-its＠openldap.org 04 May '20

04 May '20

https://bugs.openldap.org/show_bug.cgi?id=8376 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |CONFIRMED -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9255] New: make fails in 2.4.50 due to missing Debug1/Debug3 symbols
by openldap-its＠openldap.org 04 May '20

04 May '20

https://bugs.openldap.org/show_bug.cgi?id=9255 Bug ID: 9255 Summary: make fails in 2.4.50 due to missing Debug1/Debug3 symbols Product: OpenLDAP Version: 2.4.50 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: libraries Assignee: bugs(a)openldap.org Reporter: marcosbd(a)vmware.com Target Milestone: --- We're finding an issue building OpenLDAP due to missing Debug1/Debug3 symbols: Entering subdirectory libldap make[2]: Entering directory '/bitnami/blacksmith-sandox/openldap-2.4.50/libraries/libldap' /bin/sh ../../libtool --mode=link gcc -Wl,-z,relro,-z,now,--as-needed -DLDAP_CONNECTIONLESS -DLDAP_USE_NON_BLOCKING_TLS -Wl,-rpath=/opt/bitnami/openldap/lib -L/opt/bitnami/openldap/lib -o apitest apitest.o libldap.la ../../libraries/liblber/liblber.la ../../libraries/liblutil/liblutil.a -lsasl2 -lssl -lcrypto -lcrypt -lresolv gcc -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,--as-needed -DLDAP_CONNECTIONLESS -DLDAP_USE_NON_BLOCKING_TLS -Wl,-rpath=/opt/bitnami/openldap/lib -o .libs/apitest apitest.o -L/opt/bitnami/openldap/lib ./.libs/libldap.so /bitnami/blacksmith-sandox/openldap-2.4.50/libraries/liblber/.libs/liblber.so ../../libraries/liblber/.libs/liblber.so ../../libraries/liblutil/liblutil.a -lsasl2 -lssl -lcrypto -lcrypt -lresolv -Wl,--rpath -Wl,/opt/bitnami/openldap/lib /usr/bin/ld: ./.libs/libldap.so: undefined reference to `Debug1' /usr/bin/ld: ./.libs/libldap.so: undefined reference to `Debug3' collect2: error: ld returned 1 exit status make[2]: *** [Makefile:309: apitest] Error 1 make[2]: Leaving directory '/bitnami/blacksmith-sandox/openldap-2.4.50/libraries/libldap' make[1]: *** [Makefile:296: all-common] Error 1 make[1]: Leaving directory '/bitnami/blacksmith-sandox/openldap-2.4.50/libraries' make: *** [Makefile:312: all-common] Error 1 We see that in master there are a lot of references to those symbols, but in the OPENLDAP_REL_ENG_2_4_50 tag of the repo it only appears in two places. It looks like this issue was caused by commit 7cf7aa3141 in ITS#8650. -- You are receiving this mail because: You are on the CC list for the bug.

1 5

[Bug 9254] New: Datatypes boudary check on slapadd
by openldap-its＠openldap.org 04 May '20

04 May '20

https://bugs.openldap.org/show_bug.cgi?id=9254 Bug ID: 9254 Summary: Datatypes boudary check on slapadd Product: OpenLDAP Version: 2.4.42 Hardware: All OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: c.dosio(a)gmail.com Target Milestone: --- The import of an LDIF file containing a passwordPolicy objectClass where the attribute pwdMaxAge was populated as 50000000000000 (while the max value of that attribute should be 315360000) went fine but any editing of values on that objectClass would make slapd hang until brutally killed (it goes into error 8 where apparently the operation is waiting to be executed, but even after several hours it would still be frozen). The only way I managed to solve the situation was to take e previous dump, change the value to something within the value's range, and restore it. BTW I couldn't manage to run slapcat (neither with the -c flag) to have a full dump. There are three issues in my opinion: 1. Shouldn't slapadd make some checks on data type values and eventually either give an error or change an exceeding value to the minimum/maximum value of the range? 2. Shouldn't slapd manage the exceeding value instead of freezing (in a way coherent to point 1)? 3. Shouldn't slapcat be forced to skip over the problem of an out of range value at least if run with the "-c" flag? -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 9253] New: Access not retained when last examined olcAccess has a "break" control
by openldap-its＠openldap.org 03 May '20

03 May '20

https://bugs.openldap.org/show_bug.cgi?id=9253 Bug ID: 9253 Summary: Access not retained when last examined olcAccess has a "break" control Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: kop(a)karlpinc.com Target Milestone: --- When the last examined olcAccess control is "break" then it does not matter what access rights have been granted by the rules, access is denied. Reproduce by having a database with a single access rule: to attrs=userPassword by anonymous =x Note that ldapwhoami successfully does a simple bind. Then, modify so that the single existing access rule is: to attrs=userPassword by anonymous =x break Users can no longer do a simple bind. You will see similar behavior with SASL binds, or any number of access rules. Access is denied when the the last examined access control is "break". The problem is at line 309 of: servers/slapd/acl.c (In master/HEAD, and probably all versions) -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 9252] New: OpenLDAP ldif file import issue
by openldap-its＠openldap.org 02 May '20

02 May '20

https://bugs.openldap.org/show_bug.cgi?id=9252 Bug ID: 9252 Summary: OpenLDAP ldif file import issue Product: OpenLDAP Version: 2.4.44 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Severity: normal Priority: --- Component: build Assignee: bugs(a)openldap.org Reporter: pranjit_biswas(a)infosys.com Target Milestone: --- We are trying to install openldap.x86_64 - 2.4.44-21.el7_6 on an Linux RHEL 7.7 on AWS . We have installed and made changes to the config files and did a slaptest of the config file as shown below . [root@efg-ac cn=config]# slaptest -u 5ea6064f ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={0}config.ldif" 5ea6064f ldif_read_file: checksum error on "/etc/openldap/slapd.d/cn=config/olcDatabase={2}hdb.ldif" config file testing succeeded Now we are importing the ldif file from our current on-prem server . Even though we were getting different errors earlier , after all the changes we have made to the config , the error that we are getting now is ldap_bind error for the credentials . [root@efg-dev cn=config]# ldapadd -w xxxxxxxx -x -D "cn=Manager,dc=bpost,dc=be" -f ldap_dump-27042020-DEV.ldif ldap_bind: Invalid credentials (49) We are not sure which password to give here . We have given the same credentials in the config file : olcDatabase={2}hdb.ldif olcRootDN: cn=Manager,dc=bpost,dc=be olcRootPW: xxxxxxxx Please assist -- You are receiving this mail because: You are on the CC list for the bug.

1 2

[Bug 6347] JLDAP: LDIFReader should use UTF-8 character set instead of US-ASCII
by openldap-its＠openldap.org 30 Apr '20

30 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=6347 --- Comment #3 from Howard Chu <hyc(a)openldap.org> --- (In reply to drmuey+github from comment #2) > Would this make it so that non-ascii strings ar enot base 64 encoded? Changing how the reader works has no bearing on whether the writer does base 64 encoding. Your question makes no sense. The LDIF spec says the input values may be in UTF8 or base64 encoded, so this is a legitimate bug that should be fixed. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 6347] JLDAP: LDIFReader should use UTF-8 character set instead of US-ASCII
by openldap-its＠openldap.org 30 Apr '20

30 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=6347 --- Comment #2 from drmuey+github(a)gmail.com --- Would this make it so that non-ascii strings ar enot base 64 encoded? -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9059] session log parsing triggers cascading REFRESH
by openldap-its＠openldap.org 30 Apr '20

30 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9059 --- Comment #5 from Howard Chu <hyc(a)openldap.org> --- (In reply to Ondřej Kuzník from comment #4) > The response is triggered by > https://git.openldap.org/openldap/openldap/-/blob/ > fd23680a447b9efe1a481dd64d9c57f3873f3108/servers/slapd/overlays/syncprov. > c#L2886 but it looks like the sessionlog has already been replayed correctly. > > In that case, we are either finished or have a persistent search set up and > all remaining responses are queued up to be sent, so we shouldn't even care > if we can still find the CSN in the DB... Moving that whole `if` under > `do_present == 1` should then be enough and it might not be related to bug > 8125 at all. > > But then I might be missing something. Sounds OK. the MinCSN check is to make sure the DB hasn't already moved on past the consumer's cookie, but if the sessionlog validly spans the consumer cookie then the check isn't needed. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 8155] add support for cacertdir with gnutls
by openldap-its＠openldap.org 30 Apr '20

30 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=8155 Ryan Tandy <ryan(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |IN_PROGRESS --- Comment #2 from Ryan Tandy <ryan(a)openldap.org> --- https://git.openldap.org/openldap/openldap/-/merge_requests/60 -- You are receiving this mail because: You are on the CC list for the bug.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs