https://bugs.openldap.org/show_bug.cgi?id=9812
Issue ID: 9812 Summary: Registered SLAPI plugin functions are not called Product: OpenLDAP Version: 2.6.1 Hardware: x86_64 OS: Linux Status: UNCONFIRMED Keywords: needs_review Severity: normal Priority: --- Component: slapd Assignee: bugs@openldap.org Reporter: guru@unixarea.de Target Milestone: ---
We're running since ages with an OpenLDAP server 2.4.40 a plugin which publishes changes (add, modify, delete) in LDAP to an Identity Server (IDM). We compile on SuSE Linux from source. The configure options for 2.6.1 are:
./configure --enable-aci=yes --enable-dynacl --enable-spasswd=yes --enable-crypt=yes --enable-debug=yes --enable-shared=yes --enable-modules=yes --enable-slapi --enable-slapd=yes --with-tls --prefix=/opt/openldap-2.6.1
Our SLAPI plugin, written in C works fine for 2.4.40 and stopped working for 2.6.1. It is configured in slapd.conf as
plugin postoperation /opt/openldap-2.6.1/lib64/idm.so idm_init "IDM Plugin" 10.23.33.52 3001
The function idm_init() registers static C functions the supposed way:
int idm_init(Slapi_PBlock * pb) { int rc = LDAP_SUCCESS;
log("idm-plugin:","now in idm_init()\n"); // first call, create new list and register the functions ... rc |= slapi_pblock_set( /* Plug-in API version */ pb, SLAPI_PLUGIN_VERSION, SLAPI_PLUGIN_CURRENT_VERSION); rc |= slapi_pblock_set( /* Plug-in description */ pb, SLAPI_PLUGIN_DESCRIPTION, (void *) &desc); rc |= slapi_pblock_set( /* Modify function */ pb, SLAPI_PLUGIN_POST_MODIFY_FN, (void *) modify_user); ... // read arguments and add list entry rc |= read_arguments(pb);
log("idm-plugin", "idm_init() return rc:%d\n", rc); return rc; }
The begin of the function for modify_user() looks like this:
static int modify_user(Slapi_PBlock * pb) { Slapi_Entry *entry; log("idm-plugin:", "now in modify_user\n"); if (slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &entry) != LDAP_SUCCESS) { log("IDM-Connector Plugin", "entry modified, but couldn't get entry"); return -1; } ...
But the function gets never called from slapd on changes in LDAP. The log shows only the registering:
03/16/22 10:52:26 idm-plugin:: now in idm_init() 03/16/22 10:52:26 IDM-Connector Plugin: idm_init: Initializing plugin 03/16/22 10:52:26 idm-plugin:: now in read_arguments() 03/16/22 10:52:26 IDM Plugin: added idm connector: ip=10.23.33.52, port=3001 03/16/22 10:52:26 idm-plugin: idm_init() returns rc:0 03/16/22 10:52:26 plugin_pblock_new: Registered plugin OCLC-IDM-Connector-Notifier 1.0 [OCLC.org] (Notify the OCLC IDM-Connector of changes)
As I said, with OpenLDAP 2.4.40 this works fine. It does not work anymore with 2.6.1.
https://bugs.openldap.org/show_bug.cgi?id=9812
--- Comment #1 from Howard Chu hyc@openldap.org --- Unable to reproduce this problem. My local build invokes the plugin as expected.
### #include <slapi-plugin.h>
static const Slapi_PluginDesc desc = { "idm-id", "dummy", "0.0", "slapi test demo" };
static int modify_user(Slapi_PBlock *pb) { Slapi_Entry *entry; slapi_log_error(SLAPI_LOG_TRACE, "idm-plugin", "now in modify_user()\n"); if (slapi_pblock_get(pb, SLAPI_SEARCH_TARGET, &entry) != LDAP_SUCCESS) { slapi_log_error(SLAPI_LOG_FATAL, "idm-plugin", "entry modified, but couldn't get entry"); return -1; } return 0; }
int idm_init(Slapi_PBlock *pb) { int rc = LDAP_SUCCESS;
slapi_log_error(SLAPI_LOG_TRACE, "idm-plugin", "now in idm_init()\n"); rc |= slapi_pblock_set( /* Plug-in API version */ pb, SLAPI_PLUGIN_VERSION, SLAPI_PLUGIN_CURRENT_VERSION); rc |= slapi_pblock_set( /* Plug-in description */ pb, SLAPI_PLUGIN_DESCRIPTION, (void *) &desc); rc |= slapi_pblock_set( /* Modify function */ pb, SLAPI_PLUGIN_POST_MODIFY_FN, (void *) modify_user); // rc |= read_arguments(pb); slapi_log_error(SLAPI_LOG_TRACE, "idm-plugin", "idm_init() return rc:%d\n", rc); return rc; } ###
config: ###
include ./schema/core.schema include ./schema/cosine.schema include ./schema/inetorgperson.schema include ./schema/openldap.schema include ./schema/nis.schema include ./testdata/test.schema
pidfile /home/hyc/OD/hobj/tests/testrun/slapd.1.pid argsfile /home/hyc/OD/hobj/tests/testrun/slapd.1.args
sockbuf_max_incoming 4194303
database mdb suffix "dc=example,dc=com" rootdn "cn=Manager,dc=example,dc=com" rootpw secret directory /home/hyc/OD/hobj/tests/testrun/db.1.a index objectClass eq index cn,sn,uid pres,eq,sub maxsize 33554432
plugin postoperation /tmp/dummy.so idm_init "IDM plugin" 127.0.0.1 3001
database monitor ###
https://bugs.openldap.org/show_bug.cgi?id=9812
--- Comment #2 from Matthias Apitz guru@unixarea.de --- I compiled your plugin code and loaded it:
03/22/22 07:30:05 idm-plugin: now in idm_init() 03/22/22 07:30:05 idm-plugin: idm_init() return rc:0 03/22/22 07:30:05 plugin_pblock_new: Registered plugin idm-id 0.0 [dummy] (slapi test demo)
A ldapmodify does change the data in LDAP:
ldapsearch -H ldap://10.23.33.17:389 -b 'dc=oclc,dc=org' -D 'cn=ldapmanager,dc=oclc,dc=org' -w XXXXXXX "*" | grep Sisis
grep Sisis /tmp/ldapmodify.in idmName: Sisis
ldapmodify -H ldap://10.23.33.17:1389 -D 'cn=ldapmanager,dc=oclc,dc=org' -w XXXXXX < /tmp/ldapmodify.in modifying entry "cn=Sigrid1,ou=idmtest,dc=oclc,dc=org"
ldapsearch -H ldap://10.23.33.17:389 -b 'dc=oclc,dc=org' -D 'cn=ldapmanager,dc=oclc,dc=org' -w XXXXXX "*" | grep Sisis idmName: Sisis
but the function call to modify_user() is not logged in /tmp/idm_openldap_pluginlog.log
The config is
include /opt/openldap-2.6.1/etc/openldap/schema/core.schema
pidfile /opt/openldap-2.6.1/var/run/slapd.pid argsfile /opt/openldap-2.6.1/var/run/slapd.args
modulepath /opt/openldap-2.6.1/lib/openldap moduleload back_mdb.la
database config
database mdb maxsize 1073741824 suffix "dc=oclc,dc=org" rootdn "cn=ldapmanager,dc=oclc,dc=org" rootpw XXXXXX
directory /opt/openldap-2.6.1/var/openldap-data
index objectClass eq
database monitor
pluginlog /tmp/idm_openldap_pluginlog.log
plugin postoperation /opt/openldap-2.6.1/lib64/idm.so idm_init "IDM Plugin" 10.23.33.52 3001
include /opt/openldap-2.6.1/etc/openldap/schema/idmUser.schema
TLSCACertificateFile /opt/openldap-2.6.1/etc/openldap/server.pem TLSCertificateFile /opt/openldap-2.6.1/etc/openldap/server.pem TLSCertificateKeyFile /opt/openldap-2.6.1/etc/openldap/server.pem
logfile /tmp/ldap-logfile logfile-only on loglevel any
https://bugs.openldap.org/show_bug.cgi?id=9812
--- Comment #3 from Matthias Apitz guru@unixarea.de --- I'm ofcourse willing to debug this problem, but I couldn't find the starting point, i.e. from which C-source the registered functions are supposed to be called. Can you enlighten me with this. Thanks
https://bugs.openldap.org/show_bug.cgi?id=9812
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |INVALID
--- Comment #4 from Howard Chu hyc@openldap.org --- (In reply to Matthias Apitz from comment #2)
database monitor
pluginlog /tmp/idm_openldap_pluginlog.log
plugin postoperation /opt/openldap-2.6.1/lib64/idm.so idm_init "IDM Plugin" 10.23.33.52 3001
Your plugin is configured on the monitor database, so it won't see any modifications on the mdb database.
No bug here, closing this ITS.
https://bugs.openldap.org/show_bug.cgi?id=9812
Matthias Apitz guru@unixarea.de changed:
What |Removed |Added ---------------------------------------------------------------------------- Resolution|INVALID |FIXED
--- Comment #5 from Matthias Apitz guru@unixarea.de --- Thank you!
https://bugs.openldap.org/show_bug.cgi?id=9812
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |VERIFIED Resolution|FIXED |INVALID
https://bugs.openldap.org/show_bug.cgi?id=9812
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords|needs_review |
-
openldap-its@openldap.org