openldap-bugs

openldap-bugs@openldap.org

1 participants
20946 discussions

[Issue 10243] New: Looking to get account on OpenLDAP Gitlab
by openldap-its＠openldap.org 06 Aug '24

06 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10243 Issue ID: 10243 Summary: Looking to get account on OpenLDAP Gitlab Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: ak.openldap(a)anroet.com Target Milestone: --- I'm trying to open an account on Gitlab. The purpose for having an account on gitlab is so that I can start the process of building a docker image for use in our Production K8s environment. Currently, I can only find docker images for version 2.4 and the admission controllers in out production k8s clusters isn't having none of that. I'm attempting to create an account using the following email address: ak.openldap(a)anroet.com -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10246] New: Impossible to add integerOrderingMatch ordering rule for integer syntax attribute
by openldap-its＠openldap.org 02 Aug '24

02 Aug '24

https://bugs.openldap.org/show_bug.cgi?id=10246 Issue ID: 10246 Summary: Impossible to add integerOrderingMatch ordering rule for integer syntax attribute Product: OpenLDAP Version: 2.5.18 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: thierryblaise(a)hotmail.com Target Milestone: --- Hi everyone, As I don't know anymore where to search, I'm trying here: I added a custom objectClass to my v2.5.18 openLDAP deployment schema, and in that schema, there's an attribute of type integer that I need to be able to search for with filter "<=" and ">=". To that end, and to my knowledge and following documentation (https://www.openldap.org/doc/admin25/schema.html#Attribute%20Type%20Specifi…), I need to declare an ordering matching rule in attribute definition of the schema. However, when I do that with the following olcAttributeTypes definition : olcAttributeTypes: ( 1.3.6.1.4.1.xxx.x.x.xxx NAME 'last-modified' DESC 'Object Last Modified Time' ORDERING integerOrderingMatch SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE ) and try to import the ldif containing this definition, the following error appears: modifying entry "cn={5}clients,cn=schema,cn=config" ldap_modify: Other (e.g., implementation specific) error (80) additional info: olcAttributeTypes: AttributeType inappropriate matching rule: "integerOrderingMatch" I tried with all documented OrderingMatch rules in case, but same error modulo name of OrderingMatch rule. Basic schemas only have been imported (core, nis, cosine, inetOrgPerson) Any idea what I do wrong? -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 10245] New: mdb_env_set_maxdbs signature appears incorrect
by openldap-its＠openldap.org 31 Jul '24

31 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10245 Issue ID: 10245 Summary: mdb_env_set_maxdbs signature appears incorrect Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: bchik(a)meta.com Target Milestone: --- The current signature for mdb_env_set_maxdbs: int mdb_env_set_maxdbs(MDB_env *env, MDB_dbi dbs); The documentation says the second parameter is intended to be the maximum number of databases, however, the parameter is typed as a DB handle. This appears to work because MDB_dbi is typedef'd to an unsigned int. I believe the intended signature would be: int mdb_env_set_maxdbs(MDB_env *env, unsigned int dbs); -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10241] New: Crash in mdb_page_search_root()
by openldap-its＠openldap.org 22 Jul '24

22 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10241 Issue ID: 10241 Summary: Crash in mdb_page_search_root() Product: LMDB Version: 0.9.24 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: david.komarek(a)whalebone.io Target Milestone: --- Hello, The LMDB is crashing in mdb_page_search_root() on following instruction `0x7f85221479d2 movzwl 0xa(%rdx),%eax`. This instruction corresponds to following line in source code - https://github.com/LMDB/lmdb/blob/LMDB_0.9.24/libraries/liblmdb/mdb.c#L5485 (while access mp_flags in MDB_page structure) Here is callstack as generated by core dump (without symbols as we're using package from Ubuntu repositories) ``` Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007f85221479d2 in ?? () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. #1 0x00007f8522147d15 in ?? () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. #2 0x00007f8522148432 in ?? () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. #3 0x00007f8522148a70 in mdb_get () from /usr/lib/x86_64-linux-gnu/liblmdb.so.0 No symbol table info available. ``` Translation ``` #0 mdb_page_search_root() #1 mdb_page_search() #2 mdb_cursor_set() #3 mdb_get() ``` Registers in time of crash: ``` rax 0x2 2 rbx 0x7ffcd8d2a100 140723946168576 rcx 0x3 3 rdx 0x7f825baf7000 140197860700160 rsi 0x1000 4096 rdi 0x7f851c00f4d0 140209677202640 rbp 0x0 0x0 rsp 0x7ffcd8d29e40 0x7ffcd8d29e40 r8 0x7ffcd8d29e50 140723946167888 r9 0x7f851c00f5b8 140209677202872 r10 0x7f851c003090 140209677152400 r11 0x2ce33e6c02ce33e7 3234497591006606311 r12 0x0 0 r13 0x7ffcd8d2a510 140723946169616 r14 0x79 121 r15 0x7f851c003098 140209677152408 rip 0x7f85221479d2 0x7f85221479d2 eflags 0x10246 [ PF ZF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 k0 0x40 64 k1 0xfffff0f0 4294963440 k2 0xff01 65281 k3 0xffffffff 4294967295 k4 0xffffffff 4294967295 k5 0xffffffff 4294967295 k6 0xffffffff 4294967295 k7 0x0 0 ``` Our setup is following: We have single process (running in separate container) which reads and writes to LMDB. It opens environment with following flags MDB_NORDAHEAD|MDB_WRITEMAP|MDB_NOTLS|MDB_NOSYNC. The environment contain several DBs. All DBIs are open with MDB_CREATE flag. Transactions are open without flags. On the other hand we have several processes running in the single container, which are only allowed read (these processes crash). The environment is open with following flags MDB_NORDAHEAD|MDB_WRITEMAP|MDB_NOTLS|MDB_RDONLY. All DBIs are open without flags. Transactions are open with MDB_RDONLY flag. Could you please investigate it? If you will need some other artifacts or comments, please let me know. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

[Issue 10240] New: Information required about the end of support date for OpenLDAP ver 2.6.3
by openldap-its＠openldap.org 17 Jul '24

17 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10240 Issue ID: 10240 Summary: Information required about the end of support date for OpenLDAP ver 2.6.3 Product: OpenLDAP Version: 2.6.3 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: bluesoulprince(a)gmail.com Target Milestone: --- Hi Team, As we have integrated OpenLDAP 2.6.3 version in our application, we would like to know the community support availability end of date for this version, to plan our application maintenance accordingly. Could you please help us with this information. Thanks, Vivek S -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 10236] New: fragmentation makes mdb_page_alloc slow
by openldap-its＠openldap.org 16 Jul '24

16 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10236 Issue ID: 10236 Summary: fragmentation makes mdb_page_alloc slow Product: LMDB Version: 0.9.31 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: aalekseyev(a)janestreet.com Target Milestone: --- Created attachment 1022 --> https://bugs.openldap.org/attachment.cgi?id=1022&action=edit patch is relative to LMDB_0.9.31 It's a known problem that mdb_page_alloc can be slow when the free list is large and fragmented. [1] [2] [3] I'm not sure it's known *how* slow it can be. In our workload we saw a fragmented freelist leading to a pathological O(n^2) behavior. To handle a multi-page allocation we iterate loading chunks of the free list one by one, and at every iteration we do O(n) work to check if the allocation can succeed. Even small-ish allocations (tens of pages) are repeatedly hitting this edge case, with free list growing to ~1000000, and the outer loop taking ~2000 iterations (10^9 worth of work in total, just to allocate a few pages). Even though I'm sure there are ways to avoid hitting this pathological scenario so much (avoid values larger than 4k, or fix whatever causes fragmentation), it seems unacceptable to have a performance cliff this bad. I made a patch to make the allocation take ~O(n*log(n)), by loading and merging multiple chunks at once instead of doing it one-by-one. I'd appreciate it if someone could review the patch (attached), improve it, and/or come up with an alternative fix. The code in `midl.c` is kinda meme-y, including a contribution from GPT-4o, but it performs well enough to speed up our pathological workload by ~20x (which is still ~3x away from the non-fragmented case). Anyway, the main thing that warrants scrutiny is the change in `mdb.c`: I understand very little about lmdb internals and I worry that loading multiple pages at once instead of one-by-one might break something. [1] issue #8664 [2] https://lists.openldap.org/hyperkitty/list/openldap-bugs@openldap.org/threa… [3] https://lists.openldap.org/hyperkitty/list/openldap-technical@openldap.org/… -- You are receiving this mail because: You are on the CC list for the issue.

1 9

[Issue 10239] New: The slapd domain name is inconsistent, synchronization cannot be modified by the rewrite dn parameter dc.
by openldap-its＠openldap.org 16 Jul '24

16 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10239 Issue ID: 10239 Summary: The slapd domain name is inconsistent, synchronization cannot be modified by the rewrite dn parameter dc. Product: OpenLDAP Version: 2.4.44 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: 2458943823(a)qq.com Target Milestone: --- /etc/openldap/slapd: syncrepl rid=002 provider=ldap://172.18.1.1 bindmethod=simple binddn="cn=Manager,dc=wsc,dc=ls,dc=com" credentials=lnewnews1tter searchbase="dc=wsc,dc=ls,dc=com" schemachecking=off type=refreshAndPersist retry="60 +" rewrite dn "dc=wsc,dc=ls,dc=com" "dc=wsc,dc=slave1,dc=ls,dc=com" The error is as follows: 66912211 /etc/openldap/slapd.conf: line 281: Error: parse_syncrepl_line: unable to parse "rewrite" . 66912211 failed to add syncinfo slaptest: bad configuration directory! -- You are receiving this mail because: You are on the CC list for the issue.

1 11

[Issue 10238] New: libldap-2.5-0 kept back from upgrade
by openldap-its＠openldap.org 13 Jul '24

13 Jul '24

https://bugs.openldap.org/show_bug.cgi?id=10238 Issue ID: 10238 Summary: libldap-2.5-0 kept back from upgrade Product: JLDAP Version: unspecified Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: JLDAP Assignee: bugs(a)openldap.org Reporter: sonny_ward23(a)yahoo.com Target Milestone: --- sonny@sjw-T470p:~$ sudo apt update Ign:1 https://mirrors.ocf.berkeley.edu/linuxmint-packages virginia InRelease Hit:2 https://dl.google.com/linux/chrome/deb stable InRelease Hit:3 https://mirrors.ocf.berkeley.edu/linuxmint-packages virginia Release Hit:4 http://security.ubuntu.com/ubuntu jammy-security InRelease Hit:5 http://mirror.arizona.edu/ubuntu jammy InRelease Hit:6 http://mirror.arizona.edu/ubuntu jammy-updates InRelease Hit:7 http://mirror.arizona.edu/ubuntu jammy-backports InRelease Reading package lists... Done Building dependency tree... Done Reading state information... Done 1 package can be upgraded. Run 'apt list --upgradable' to see it. sonny@sjw-T470p:~$ apt list --upgradable -a Listing... Done libldap-2.5-0/jammy-updates 2.5.18+dfsg-0ubuntu0.22.04.1 amd64 [upgradable from: 2.5.17+dfsg-0ubuntu0.22.04.1] libldap-2.5-0/now 2.5.17+dfsg-0ubuntu0.22.04.1 amd64 [installed,upgradable to: 2.5.18+dfsg-0ubuntu0.22.04.1] libldap-2.5-0/jammy-security 2.5.16+dfsg-0ubuntu0.22.04.2 amd64 libldap-2.5-0/jammy 2.5.11+dfsg-1~exp1ubuntu3 amd64 sonny@sjw-T470p:~$ sudo apt upgrade Reading package lists... Done Building dependency tree... Done Reading state information... Done Calculating upgrade... Done The following packages have been kept back: libldap-2.5-0 0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded. sonny@sjw-T470p:~$ apt show libldap-2.5-0 -a Package: libldap-2.5-0 Version: 2.5.18+dfsg-0ubuntu0.22.04.1 Priority: optional Section: libs Source: openldap Origin: Ubuntu Maintainer: Ubuntu Developers <ubuntu-devel-discuss(a)lists.ubuntu.com> Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel(a)lists.alioth.debian.org> Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 579 kB Depends: libc6 (>= 2.34), libgnutls30 (>= 3.7.2), libsasl2-2 (>= 2.1.27+dfsg2) Recommends: libldap-common Conflicts: ldap-utils (<= 2.1.23-1) Replaces: libldap-2.3-0, libldap2 Homepage: https://www.openldap.org/ Task: server-minimal, print-server, ubuntu-desktop-minimal, lamp-server, samba-server, ubuntu-desktop, cloud-image, postgresql-server, ubuntu-desktop-raspi, ubuntu-wsl, mail-server, server, ubuntu-server-raspi, kubuntu-desktop, xubuntu-core, xubuntu-desktop, lubuntu-desktop, ubuntustudio-desktop-core, ubuntustudio-desktop, ubuntukylin-desktop, ubuntu-mate-core, ubuntu-mate-desktop, ubuntu-budgie-desktop, ubuntu-budgie-desktop-raspi Phased-Update-Percentage: 20 Download-Size: 183 kB APT-Sources: http://mirror.arizona.edu/ubuntu jammy-updates/main amd64 Packages Description: OpenLDAP libraries These are the run-time libraries for the OpenLDAP (Lightweight Directory Access Protocol) servers and clients. Package: libldap-2.5-0 Version: 2.5.17+dfsg-0ubuntu0.22.04.1 Status: install ok installed Priority: optional Section: libs Source: openldap Maintainer: Ubuntu Developers <ubuntu-devel-discuss(a)lists.ubuntu.com> Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel(a)lists.alioth.debian.org> Installed-Size: 579 kB Depends: libc6 (>= 2.34), libgnutls30 (>= 3.7.2), libsasl2-2 (>= 2.1.27+dfsg2) Recommends: libldap-common Conflicts: ldap-utils (<= 2.1.23-1) Replaces: libldap-2.3-0, libldap2 Homepage: https://www.openldap.org/ Download-Size: unknown APT-Manual-Installed: yes APT-Sources: /var/lib/dpkg/status Description: OpenLDAP libraries These are the run-time libraries for the OpenLDAP (Lightweight Directory Access Protocol) servers and clients. Package: libldap-2.5-0 Version: 2.5.16+dfsg-0ubuntu0.22.04.2 Priority: optional Section: libs Source: openldap Origin: Ubuntu Maintainer: Ubuntu Developers <ubuntu-devel-discuss(a)lists.ubuntu.com> Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel(a)lists.alioth.debian.org> Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 579 kB Depends: libc6 (>= 2.34), libgnutls30 (>= 3.7.2), libsasl2-2 (>= 2.1.27+dfsg2) Recommends: libldap-common Conflicts: ldap-utils (<= 2.1.23-1) Replaces: libldap-2.3-0, libldap2 Homepage: https://www.openldap.org/ Task: server-minimal, print-server, ubuntu-desktop-minimal, lamp-server, samba-server, ubuntu-desktop, cloud-image, postgresql-server, ubuntu-desktop-raspi, ubuntu-wsl, mail-server, server, ubuntu-server-raspi, kubuntu-desktop, xubuntu-core, xubuntu-desktop, lubuntu-desktop, ubuntustudio-desktop-core, ubuntustudio-desktop, ubuntukylin-desktop, ubuntu-mate-core, ubuntu-mate-desktop, ubuntu-budgie-desktop, ubuntu-budgie-desktop-raspi Download-Size: 183 kB APT-Sources: http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages Description: OpenLDAP libraries These are the run-time libraries for the OpenLDAP (Lightweight Directory Access Protocol) servers and clients. Package: libldap-2.5-0 Version: 2.5.11+dfsg-1~exp1ubuntu3 Priority: optional Section: libs Source: openldap Origin: Ubuntu Maintainer: Ubuntu Developers <ubuntu-devel-discuss(a)lists.ubuntu.com> Original-Maintainer: Debian OpenLDAP Maintainers <pkg-openldap-devel(a)lists.alioth.debian.org> Bugs: https://bugs.launchpad.net/ubuntu/+filebug Installed-Size: 573 kB Depends: libc6 (>= 2.34), libgnutls30 (>= 3.7.2), libsasl2-2 (>= 2.1.27+dfsg2) Recommends: libldap-common Conflicts: ldap-utils (<= 2.1.23-1) Replaces: libldap-2.3-0, libldap2 Homepage: https://www.openldap.org/ Task: server-minimal, print-server, ubuntu-desktop-minimal, lamp-server, samba-server, ubuntu-desktop, cloud-image, postgresql-server, ubuntu-desktop-raspi, ubuntu-wsl, mail-server, server, ubuntu-server-raspi, kubuntu-desktop, xubuntu-core, xubuntu-desktop, lubuntu-desktop, ubuntustudio-desktop-core, ubuntustudio-desktop, ubuntukylin-desktop, ubuntu-mate-core, ubuntu-mate-desktop, ubuntu-budgie-desktop, ubuntu-budgie-desktop-raspi Download-Size: 184 kB APT-Sources: http://mirror.arizona.edu/ubuntu jammy/main amd64 Packages Description: OpenLDAP libraries These are the run-time libraries for the OpenLDAP (Lightweight Directory Access Protocol) servers and clients. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 10222] New: mdb_dump page has outdated information about user-defined comparison functions
by openldap-its＠openldap.org 28 Jun '24

28 Jun '24

https://bugs.openldap.org/show_bug.cgi?id=10222 Issue ID: 10222 Summary: mdb_dump page has outdated information about user-defined comparison functions Product: LMDB Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: tools Assignee: bugs(a)openldap.org Reporter: zach.vonler(a)sambanovasystems.com Target Milestone: --- Created attachment 1019 --> https://bugs.openldap.org/attachment.cgi?id=1019&action=edit Patch to mdb_dump man page The `mdb_dump` man page contains an outdated section warning that databases created with user-defined comparison functions cannot be dumped and reloaded without changes to the `mdb_load` program. The `-a` option that was added to the `mdb_load` program in this commit https://github.com/openldap/openldap/commit/7796aaebcd1b937233adab5b1f3d3a1… made it possible to reload such databases, so this patch updates the `mdb_dump` man page to reflect that. -- You are receiving this mail because: You are on the CC list for the issue.

1 3

[Issue 10147] New: Bind dn is getting malformed inside ldap_sasl_bind function
by openldap-its＠openldap.org 25 Jun '24

25 Jun '24

https://bugs.openldap.org/show_bug.cgi?id=10147 Issue ID: 10147 Summary: Bind dn is getting malformed inside ldap_sasl_bind function Product: OpenLDAP Version: 2.6.3 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: satishkumar1728(a)gmail.com Target Milestone: --- Hi team, We are using open ldap version 2.6 in one of our application processes. We are using ldap_sasl_bind function defined in open ldap api to send bind request to ldap server. We are passing the dn name to the above function and it is parsing the dn name as expected. We have added some print statements inside ldap_sasl_bind function and it is printing the dn string that we passed to the function. Also, ldap_sasl_bind function will accept const char pointer to dn as an argument. So, it cannot modify the dn string inside the function. But somehow the bind dn is getting malformed and we are getting failed bind response from the ldap server (invalid DN). We did some analysis using tcpdump and we found out that the dn string that we passed to the ldap_sasl_bind function and the dn string from the tcpdump are different. We did some code walkthrough of ldap_sasl_bind function and it is observed that it is doing some ber encoding of dn name inside the function. We are suspecting that the encoding is not happening properly. Example dn that we passed to ldap_sasl_bin function: "uid=abc, ou=users, dc=fds, dc=mr" Dn name that was captured in tcpdump at source: "uid=abc, o dc= dc= dc= dc= dc=mr" Is there any specific reason for the bind DN to get malformed like this inside ldap_sasl_bind function. Do you have any observations like this in any scenario. Kindly provide some inputs to resolve this issue. -- You are receiving this mail because: You are on the CC list for the issue.

1 6

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs