openldap-bugs

openldap-bugs@openldap.org

1 participants
20985 discussions

[Issue 10200] New: Can pcacheTemplate support '!' operator
by openldap-its＠openldap.org 04 Apr '24

04 Apr '24

https://bugs.openldap.org/show_bug.cgi?id=10200 Issue ID: 10200 Summary: Can pcacheTemplate support '!' operator Product: OpenLDAP Version: 2.5.16 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: shaosong.li(a)salesforce.com Target Milestone: --- Hi, I am using Openldap V2.5.17 and pcache engine for cache. After multiple rounds of testing, I found the '!" is not supported in the pcacheTemplate, such as below, which is used for filter from ldap query (!(uidNumber=0)). pcacheTemplate (!(uidNumber=)) 0 6000 300 0 0 While checking the source code, i don't see the '!' operator supported, however, I do see '&' and '|' in the source code. https://git.openldap.org/openldap/openldap/-/blob/OPENLDAP_REL_ENG_2_5/serv… Thanks, -- You are receiving this mail because: You are on the CC list for the issue.

1 4

[Issue 10196] New: ldapsearch with -h localhost resulting dns lookup
by openldap-its＠openldap.org 03 Apr '24

03 Apr '24

https://bugs.openldap.org/show_bug.cgi?id=10196 Issue ID: 10196 Summary: ldapsearch with -h localhost resulting dns lookup Product: OpenLDAP Version: 2.4.46 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: client tools Assignee: bugs(a)openldap.org Reporter: mca100309(a)gmail.com Target Milestone: --- ldapsearch -h localhost -p 16611 xxxxxxxx socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, IPPROTO_IP) = 3 setsockopt(3, SOL_IPV6, IPV6_RECVERR, [1], 4) = 0 connect(3, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "fd03::a", &sin6_addr), sin6_scope_id=0}, 28) = 0 poll([{fd=3, events=POLLOUT}], 1, 0) = 1 ([{fd=3, revents=POLLOUT}]) sendto(3, "R$\1\0\0\1\0\0\0\0\0\0'odinfn5gceir201-eir"..., 57, MSG_NOSIGNAL, NULL, 0) = 57 poll([{fd=3, events=POLLIN}], 1, 5000) = 1 ([{fd=3, revents=POLLIN}]) ioctl(3, FIONREAD, [57]) = 0 recvfrom(3, "R$\201\202\0\1\0\0\0\0\0\0'odinfn5gceir201-eir"..., 1024, 0, {sa_family=AF_INET6, sin6_port=htons(53), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "fd03::a", &sin6_addr), sin6_scope_id=0}, [28]) = 57 close(3) Whenever ldapsearch is executed localhost it it initiating a dnslookup also. It is happening in some platform only -- You are receiving this mail because: You are on the CC list for the issue.

1 5

[Issue 10194] New: Does LMDB support zero length keys?
by openldap-its＠openldap.org 02 Apr '24

02 Apr '24

https://bugs.openldap.org/show_bug.cgi?id=10194 Issue ID: 10194 Summary: Does LMDB support zero length keys? Product: LMDB Version: 0.9.29 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: liblmdb Assignee: bugs(a)openldap.org Reporter: roger.marsh(a)btinternet.com Target Milestone: --- I suspect the answer is 'No' but do not see a definitive statement. I followed the Python code and documentation trail below, but decided to ask here when I concluded I could not decide. Some Python code was adapted from berkeleydb to lmdb and gave an exception for a cursor.set_range_dup(b'', <some value>) call. Reading the lmdb/cffi.py code in site-packages prompted me to try cursor.set_range(b''), which seemed reasonable given that is what is done for berkeleydb, and it worked. However cursor.put(b'', <some value>) gave an exception quoting "mdb_put: MDB_BAD_VALSIZE ...". The documentation for the Python interface to LMDB at lmdb.readthedocs.io/ states behaviour for the empty bytestring for set_key(), set_key_dup(), and set_range(); but not for set_range_dup() or put(). Only set_key() and set_key_dup() describe empty bytestring as an error. -- You are receiving this mail because: You are on the CC list for the issue.

1 2

[Issue 7298] permissive modify control misparsed
by openldap-its＠openldap.org 02 Apr '24

02 Apr '24

https://bugs.openldap.org/show_bug.cgi?id=7298 Quanah Gibson-Mount <quanah(a)openldap.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=10195 -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7298] permissive modify control misparsed
by openldap-its＠openldap.org 31 Mar '24

31 Mar '24

https://bugs.openldap.org/show_bug.cgi?id=7298 --- Comment #6 from Howard Chu <hyc(a)openldap.org> --- "No data for this control" means the data portion should not be sent at all. Setting bv_len and bv_val is just the quirk of how their API is designed. If we accept their published spec at face value, then their C# SDK implementation is wrong, because it is sending zero length data instead of "no data". You should submit a ticket to Microsoft to resolve this by either fixing their doc or fixing their SDK, whichever the case may be. The current OpenLDAP behavior conforms to their official spec so there is no OpenLDAP bug here. -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7298] permissive modify control misparsed
by openldap-its＠openldap.org 30 Mar '24

30 Mar '24

https://bugs.openldap.org/show_bug.cgi?id=7298 --- Comment #5 from lesignor(a)cirad.fr --- In the Microsoft documentation (https://learn.microsoft.com/en-us/previous-versions/windows/desktop/ldap/ld…), they write : ldctl_value No data for this control. In the berval structure, set bv_len to zero and bv_val to NULL. As they said set bv_len to zero, I guess some developer choose to send 04 00 to set the length to 0, and other consider to remove all fields. The ldap client, I use, is a dotnet client. I think it uses the c# sdk from Microsoft. Would it be possible to accept both implementation (null or empty) ? It will be a great help to migrate to openldap 2.6.x. Thanks -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10192] New: otp.c overlay - HOTP wrongly numbers gneration
by openldap-its＠openldap.org 28 Mar '24

28 Mar '24

https://bugs.openldap.org/show_bug.cgi?id=10192 Issue ID: 10192 Summary: otp.c overlay - HOTP wrongly numbers gneration Product: OpenLDAP Version: 2.6.7 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: michal.pura(a)gmail.com Target Milestone: --- Hello, I am trying to use otp.c overlay but seems that numbers are not properly generated. In my case I have random secret like 'aaaabbbbccccdddd' and according to what Google Authenticator and https://www.verifyr.com/en/otp/check#hotp is generating we should have the following HOTP codes for above secret: 1 - 229789 2 - 801677 3 - 630108 4 - 214543 5 - 916392 6 - 346078 7 - 701644 8 - 865071 9 - 431248 10 - 355053 but, otp.c module is returning the following numbers: 1 - 441008 2 - 465617 3 - 669281 4 - 042697 5 - 461210 6 - 620979 7 - 700859 8 - 573924 9 - 805067 10 - 135880 The secret is properly generated and used in the code. I've checked it under debugger. The hash algorithm is defined as 1.2.840.113549.2.7 -> HMAC-WITH-SHA1. What is wrong? -- You are receiving this mail because: You are on the CC list for the issue.

1 10

[Issue 7400] Memberof and Syncrepl incompatibility
by openldap-its＠openldap.org 26 Mar '24

26 Mar '24

https://bugs.openldap.org/show_bug.cgi?id=7400 --- Comment #14 from Quanah Gibson-Mount <quanah(a)openldap.org> --- head: • ae1c8f18 by Howard Chu at 2024-02-20T15:55:37+00:00 ITS#7400 slapo-memberof: delete note about deprecation -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 7400] Memberof and Syncrepl incompatibility
by openldap-its＠openldap.org 26 Mar '24

26 Mar '24

https://bugs.openldap.org/show_bug.cgi?id=7400 --- Comment #13 from Quanah Gibson-Mount <quanah(a)openldap.org> --- RE26: • f30def77 by Howard Chu at 2024-03-26T16:38:10+00:00 ITS#7400 slapo-memberof: delete note about deprecation -- You are receiving this mail because: You are on the CC list for the issue.

1 0

[Issue 10082] New: More dynlist eval tweaks
by openldap-its＠openldap.org 26 Mar '24

26 Mar '24

https://bugs.openldap.org/show_bug.cgi?id=10082 Issue ID: 10082 Summary: More dynlist eval tweaks Product: OpenLDAP Version: 2.5.14 Hardware: All OS: All Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: overlays Assignee: bugs(a)openldap.org Reporter: hyc(a)openldap.org Target Milestone: --- When the memberOf attribute is a user attribute instead of operational, it will be expanded on any search for (all user attributes). If the search is filtering on objectclasses that don't contain this attribute, that's wasted work. Check for a matching objectclass in the filter before doing that. -- You are receiving this mail because: You are on the CC list for the issue.

1 5

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs