https://bugs.openldap.org/show_bug.cgi?id=10056
Issue ID: 10056 Summary: test069-delta-multiprovider-starttls failures on static builds Product: OpenLDAP Version: 2.6.4 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: build Assignee: bugs@openldap.org Reporter: kaction@disroot.org Target Milestone: ---
Hello.
I am getting following test error when trying to build `openldap` statically:
``` [nix-shell:/tmp/openldap-static/openldap-2.6.4/tests]$ ./run test069-delta-multiprovider-starttls Cleaning up test run directory leftover from previous run. Running ./scripts/test069-delta-multiprovider-starttls for mdb... running defines.sh Initializing server configurations... Starting server 1 on TCP/IP port 9011... Using ldapsearch to check that server 1 is running... Waiting 5 seconds for slapd to start... Using ldapadd for context on server 1... Starting server 2 on TCP/IP port 9012... Using ldapsearch to check that server 2 is running... Waiting 5 seconds for slapd to start... Using ldapadd to populate server 1... Waiting 7 seconds for syncrepl to receive changes... Using ldapsearch to read all the entries from server 1... Using ldapsearch to read all the entries from server 2... Comparing retrieved entries from server 1 and server 2... Using ldapadd to populate server 2... Using ldapsearch to read all the entries from server 1... Using ldapsearch to read all the entries from server 2... Comparing retrieved entries from server 1 and server 2... Breaking replication between server 1 and 2... Using ldapmodify to force conflicts between server 1 and 2... Restoring replication between server 1 and 2... Waiting 7 seconds for syncrepl to receive changes... Using ldapsearch to read all the entries from server 1... Using ldapsearch to read all the entries from server 2... Comparing retrieved entries from server 1 and server 2... test failed - server 1 and server 2 databases differ (561) ```
I added line number (561) into error message to pinpoint it more precisely. And here is difference between databases:
``` --- /tmp/openldap-static/openldap-2.6.4/tests/testrun/server1.flt 2023-05-23 22:53:51.000965129 -0400 +++ /tmp/openldap-static/openldap-2.6.4/tests/testrun/server2.flt 2023-05-23 22:53:51.005965136 -0400 @@ -289,13 +289,10 @@ userPassword:: amFq
dn: cn=James A Jones 2,ou=Alumni Association,ou=People,dc=example,dc=com -carLicense: 123-XYZ cn: James A Jones 2 cn: James Jones cn: Jim Jones -description: Amazing description: Bizarre -description: Mindboggling description: Stupendous employeeNumber: 64 employeeType: deadwood @@ -307,7 +304,7 @@ pager: +1 313 555 3923 postalAddress: Alumni Association $ 111 Maple St $ Anytown, MI 48109 seeAlso: cn=All Staff,ou=Groups,dc=example,dc=com -sn: Surname +sn: Jones telephoneNumber: +1 313 555 0895 title: Mad Cow Researcher, UM Alumni Association uid: jaj ```
Suggestions on what more information I can provide are welcome. You can also try to build `pkgsStatic.openldap` in this nixpkgs [commit](f9e32f61282275eb5fa9064e08bbd0a92d1187de)
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #1 from Ondřej Kuzník ondra@mistotebe.net --- On Wed, May 24, 2023 at 03:07:48AM +0000, openldap-its@openldap.org wrote:
Hello.
I am getting following test error when trying to build `openldap` statically:
I added line number (561) into error message to pinpoint it more precisely. And here is difference between databases:
--- /tmp/openldap-static/openldap-2.6.4/tests/testrun/server1.flt 2023-05-23 22:53:51.000965129 -0400 +++ /tmp/openldap-static/openldap-2.6.4/tests/testrun/server2.flt 2023-05-23 22:53:51.005965136 -0400 @@ -289,13 +289,10 @@ userPassword:: amFq dn: cn=James A Jones 2,ou=Alumni Association,ou=People,dc=example,dc=com -carLicense: 123-XYZ cn: James A Jones 2 cn: James Jones cn: Jim Jones -description: Amazing description: Bizarre -description: Mindboggling description: Stupendous employeeNumber: 64 employeeType: deadwood @@ -307,7 +304,7 @@ pager: +1 313 555 3923 postalAddress: Alumni Association $ 111 Maple St $ Anytown, MI 48109 seeAlso: cn=All Staff,ou=Groups,dc=example,dc=com -sn: Surname +sn: Jones telephoneNumber: +1 313 555 0895 title: Mad Cow Researcher, UM Alumni Association uid: jajSuggestions on what more information I can provide are welcome. You can also try to build `pkgsStatic.openldap` in this nixpkgs [commit](f9e32f61282275eb5fa9064e08bbd0a92d1187de)
Hi, did the ITS maybe cut off parts of your email? There is no link you're trying to refer to so I have no idea where to start.
It might be better to try and use the same configure options manually. If you can still reproduce the problem that way, provide the configure options and the contents of the tests/testrun/ directory. If you can't reproduce this when configuring+building manually, I'd suggest you look into that inconsistency first.
Thanks,
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #2 from kaction@disroot.org --- Created attachment 965 --> https://bugs.openldap.org/attachment.cgi?id=965&action=edit Content of tests/testrun
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #3 from kaction@disroot.org --- I meant this commit of nixpkgs: https://github.com/KAction/nixpkgs/commit/f9e32f61282275eb5fa9064e08bbd0a92d...
but I can reproduce it manually (well, with all dependencies provided by nixpkgs). Here are configure flags:
``` --prefix=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4 --bindir=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4/bin --sbindir=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4/sbin --includedir=/nix/store/svyf22i7y6i9q2waabph8ml95rlhlxnf-openldap-static-x86_64-unknown-linux-musl-2.6.4-dev/include --oldincludedir=/nix/store/svyf22i7y6i9q2waabph8ml95rlhlxnf-openldap-static-x86_64-unknown-linux-musl-2.6.4-dev/include --mandir=/nix/store/2jihzh0w4q0isbk2zbr41zwbk2c9yk8z-openldap-static-x86_64-unknown-linux-musl-2.6.4-man/share/man --infodir=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4/share/info --docdir=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4/share/doc/openldap-static-x86_64-unknown-linux-musl --libdir=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4/lib --libexecdir=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4/libexec --localedir=/nix/store/x0pi4dihn6mms2v4p2ih3l0fh2xkhznj-openldap-static-x86_64-unknown-linux-musl-2.6.4/share/locale --enable-argon2 --enable-crypt --enable-modules --enable-overlays --with-yielding_select=yes ac_cv_func_memcmp_working=yes --enable-static --disable-shared --disable-shared --build=x86_64-unknown-linux-gnu --host=x86_64-unknown-linux-musl ```
Another difference from default configuration is musl libc, fwiw.
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #4 from kaction@disroot.org --- Comment on attachment 965 --> https://bugs.openldap.org/attachment.cgi?id=965 Content of tests/testrun
This is tar.xz content of test directory as requested by developer.
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #5 from kaction@disroot.org --- Checked, build with musl libc, but dynamically linked passes tests fine.
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #6 from Ondřej Kuzník ondra@mistotebe.net --- On Wed, May 24, 2023 at 06:46:40PM +0000, openldap-its@openldap.org wrote:
Checked, build with musl libc, but dynamically linked passes tests fine.
I've tried to get started with nixpgs but commit f9e32f61282275eb5fa9064e08bbd0a92d1187de doesn't seem to exist in the https://github.com/NixOS/nixpkgs repo and going with master gets me an error that systemd-minimal-253.3 is "marked as broken".
Compiling with --enable-static --disable-shared on a Debian system (libc) doesn't pick up anything wrong and getting a musl toolchain for libtool etc is taking a while, so I'll probably stop right here for now.
Looking at the provided testrun, things run just fine, then servers are reconfigured and server2 starts complaining about TLS failures and as a result it never receives the remaining changes. Can you pass SLAPD_DEBUG=-1 to "make test" and provide the testrun again? This will enable more detailed logging. BTW, which TLS implementation are you using? It's not being passed to configure but I assume OpenSSL, can you confirm?
Thanks,
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #7 from kaction@disroot.org --- f9e32f61282275eb5fa9064e08bbd0a92d1187de commit in in my fork (KAction/nixpkgs). It addresses issue of systemd being broken on static systems (by disabling systemd).
Confirm, this package is using openssl=3.0.8.
Content of test directory after "SLAPD_DEBUG=-1 make test" failed attached.
https://bugs.openldap.org/show_bug.cgi?id=10056
kaction@disroot.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Attachment #965 is|0 |1 obsolete| |
--- Comment #8 from kaction@disroot.org --- Created attachment 970 --> https://bugs.openldap.org/attachment.cgi?id=970&action=edit SLAPD_DEBUG=-1
https://bugs.openldap.org/show_bug.cgi?id=10056
--- Comment #9 from Ondřej Kuzník ondra@mistotebe.net --- Thanks for the logs. There is some considerable delay between the processes being able to communicate with each other, showing the STARTTLS requests vs. the other process picking them up:
tests/testrun/slapd.1.log:64722cec.014e7b51 0x7ff09e19fb38 ldap_extended_operation_s tests/testrun/slapd.2.log:64722cf1.0656efa4 0x7f1dc06d2b38 ldap_extended_operation_s tests/testrun/slapd.1.log:64722cf1.065ac485 0x7ff09e9a2b38 ldap_extended_operation_s tests/testrun/slapd.1.log:64722cf1.065d0e51 0x7ff09e19fb38 conn=1002 op=0 STARTTLS tests/testrun/slapd.2.log:64722cf6.000338f2 0x7f1dbdf0cb38 conn=1000 op=0 STARTTLS tests/testrun/slapd.1.log:64722cf7.06bdca29 0x7ff09e19fb38 ldap_extended_operation_s tests/testrun/slapd.2.log:64722cfa.000221a8 0x7f1dbdf0cb38 conn=1002 op=0 STARTTLS tests/testrun/slapd.1.log:64722d02.0c852d92 0x7ff09c245b38 ldap_extended_operation_s tests/testrun/slapd.2.log:64722d02.0c8a8242 0x7f1dbe70fb38 conn=1006 op=0 STARTTLS tests/testrun/slapd.2.log:64722d02.0d37b90f 0x7f1dc06d2b38 ldap_extended_operation_s tests/testrun/slapd.1.log:64722d06.0003b59e 0x7ff09a42bb38 conn=1009 op=0 STARTTLS tests/testrun/slapd.1.log:64722d0f.02c123d5 0x7ff09c245b38 ldap_extended_operation_s tests/testrun/slapd.2.log:64722d12.000241cd 0x7f1dc0ed5b38 conn=1010 op=0 STARTTLS tests/testrun/slapd.1.log:64722d16.01082af6 0x7ff09e19fb38 ldap_extended_operation_s tests/testrun/slapd.2.log:64722d16.010cd90b 0x7f1dbd709b38 conn=1012 op=0 STARTTLS tests/testrun/slapd.2.log:64722d16.01849b23 0x7f1dc0ed5b38 ldap_extended_operation_s tests/testrun/slapd.1.log:64722d1a.00027e75 0x7ff09c245b38 conn=1014 op=0 STARTTLS tests/testrun/slapd.2.log:64722d21.00312e1b 0x7f1dbd709b38 ldap_extended_operation_s
This somehow appears to lead the server to decide its connections are failing. You might want to look into this, maybe first contrast with the shared build to see if might be a red herring.
Thanks,
https://bugs.openldap.org/show_bug.cgi?id=10056
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review | Status|UNCONFIRMED |RESOLVED Resolution|--- |FEEDBACK
--- Comment #10 from Quanah Gibson-Mount quanah@openldap.org --- Need feedback, not reproducible locally
-
openldap-its@openldap.org