openldap-bugs

openldap-bugs@openldap.org

1 participants
20985 discussions

[Bug 9059] session log parsing triggers cascading REFRESH
by openldap-its＠openldap.org 30 Apr '20

30 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9059 --- Comment #4 from Ondřej Kuzník <ondra(a)mistotebe.net> --- The response is triggered by https://git.openldap.org/openldap/openldap/-/blob/fd23680a447b9efe1a481dd64… but it looks like the sessionlog has already been replayed correctly. In that case, we are either finished or have a persistent search set up and all remaining responses are queued up to be sent, so we shouldn't even care if we can still find the CSN in the DB... Moving that whole `if` under `do_present == 1` should then be enough and it might not be related to bug 8125 at all. But then I might be missing something. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9240] New: Can't log to stdout/stderr
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9240 Bug ID: 9240 Summary: Can't log to stdout/stderr Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: slapd Assignee: bugs(a)openldap.org Reporter: hadmut(a)danisch.de Target Milestone: --- Hi, slapd can send its logs and messages to syslog, which is nice and good in common Unix/Linux environments, but I didn't see any way to have the logs sent to stdout/stderr instead of syslog. When run in a docker/kubernetes container, which is a typical use nowadays, it should be run as a single process, and not require a separate syslog process just to write some logs to a file. There are dirty workarounds, but if run cleanly, it should be a standalone process. Therefore, it would be nice if slap had a container mode, where - it doesn't fork (currently available only through debugging mode) - sends logging to stdout/stderr instead of syslog regards -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 9202] Should limit depth of nested filters
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9202 --- Comment #9 from Quanah Gibson-Mount <quanah(a)openldap.org> --- (In reply to Michael Ströder from comment #8) > Please add the CVE-Id to CHANGES so downstream packagers take note of it. That's currently not a tracked item in the format of the CHANGES file. I have been thinking of adding a customized field to bugzilla to track CVEs (we did that at a prior job I worked at). We may want to consider a format change for RE25 to allow for CVEs in the CHANGES file as well. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9202] Should limit depth of nested filters
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9202 --- Comment #8 from Michael Ströder <michael(a)stroeder.com> --- Please add the CVE-Id to CHANGES so downstream packagers take note of it. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9202] Should limit depth of nested filters
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9202 --- Comment #7 from carnil(a)debian.org --- (In reply to Quanah Gibson-Mount from comment #3) > CVE-2020-10704 FWIW: Note that there is a dedicated CVE id for this issue in OpenLDAP, which is CVE-2020-12243. -- You are receiving this mail because: You are on the CC list for the bug.

1 0

[Bug 9233] New: Add argon2 module to contrib
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9233 Bug ID: 9233 Summary: Add argon2 module to contrib Product: OpenLDAP Version: 2.4.50 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: quanah(a)openldap.org Target Milestone: --- Now that the argon2 module is complete, add it to contrib for 2.4.50 -- You are receiving this mail because: You are on the CC list for the bug.

1 4

[Bug 9230] New: slapindex man page states that truncate option (-t) only works with Quick Mode (-q)
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9230 Bug ID: 9230 Summary: slapindex man page states that truncate option (-t) only works with Quick Mode (-q) Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: documentation Assignee: bugs(a)openldap.org Reporter: requate(a)univention.de Target Milestone: --- Created attachment 712 --> https://bugs.openldap.org/attachment.cgi?id=712&action=edit Patch proposal for doc/man/man8/slapindex.8 The slapindex man page states that truncate option (-t) only works with Quick Mode (-q), but from the source code I cannot see a reason for this restriction. Git blame shows that the statement predates back-mdb. -- You are receiving this mail because: You are on the CC list for the bug.

1 7

[Bug 9214] New: back-mdb: memory leak in dnSuperiorMatch search filter
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9214 Bug ID: 9214 Summary: back-mdb: memory leak in dnSuperiorMatch search filter Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs(a)openldap.org Reporter: grapvar(a)gmail.com Target Milestone: --- Created attachment 709 --> https://bugs.openldap.org/attachment.cgi?id=709&action=edit Fix for cursor leak This is a MDB backend issue. Each time when a dnSuperiorMatch rule of a search filter matches DN that exists in the DIT, the matching operation leaks one MDB cursor. Leak happens in servers/slapd/back-mdb/dn2id.c`mdb_dn2sups(). Leak exists since MDB backend inception, i.e. commit 2011-09-01 0ba4206 Import back-mdb Fix attached. -- You are receiving this mail because: You are on the CC list for the bug.

1 6

[Bug 9206] New: contrib/passwd/argon2: consolidate libsodium implementation
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9206 Bug ID: 9206 Summary: contrib/passwd/argon2: consolidate libsodium implementation Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: peter(a)adpm.de Target Milestone: --- Created attachment 702 --> https://bugs.openldap.org/attachment.cgi?id=702&action=edit patch to consolidate pw-argon2 implementation based on libsodium Hi, current libsodium implementation of pw-argon2 has 2 issues: - it uses crypto_pwhash_str(), which only guarantees a "memory-hard, CPU-intensive hash function", but not necessarily Argon2. - it uses a different unit for the 'memory' parameter than the libargon2 implementation: bytes instead of KiB. The attached patch aims to fix both issues. (The patch is is git format, you can merge it using 'git am') I'd appreciate if you include them into OpenLDAP. The referenced files are derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Peter Marschall <peter(a)adpm.de>. I have not assigned rights and/or interest in this work to any party. The referenced modifications to OpenLDAP Software are subject to the following notice: Copyright 2020 Peter Marschall Redistribution and use in source and binary forms, with or without modification, are permitted only as authorized by the OpenLDAP Public License. -- You are receiving this mail because: You are on the CC list for the bug.

1 8

[Bug 9203] New: No manual page for module 'pw-argon2'
by openldap-its＠openldap.org 28 Apr '20

28 Apr '20

https://bugs.openldap.org/show_bug.cgi?id=9203 Bug ID: 9203 Summary: No manual page for module 'pw-argon2' Product: OpenLDAP Version: 2.5 Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: contrib Assignee: bugs(a)openldap.org Reporter: peter(a)adpm.de Target Milestone: --- Created attachment 698 --> https://bugs.openldap.org/attachment.cgi?id=698&action=edit add manual page to pw-argon2 contrib module Hi, the pw-argon2 password module lacks a manual page. Please find attached patches to upstream to fix the issue. I'd appreciate if you include them into OpenLDAP. The referenced files are derived from OpenLDAP Software. All of the modifications to OpenLDAP Software represented in the following patch(es) were developed by Peter Marschall <peter(a)adpm.de>. I have not assigned rights and/or interest in this work to any party. The referenced modifications to OpenLDAP Software are subject to the following notice: Copyright 2015 Peter Marschall Redistribution and use in source and binary forms, with or without modification, are permitted only as authorizedy y the OpenLDAP Public License. -- You are receiving this mail because: You are on the CC list for the bug.

1 19

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-bugs