Extend slapd -c option to accept only sid=XXX?
by Rein Tollevik
There are (at least as far as I know) no other way than slapcat/slapadd
to get rid of any incorrect contextCSN values, at least on servers where
syncprov is enabled. I have been down that road some times already,
each time being equally annoyed by the fact that there are no easier way
to fix it..
Removing a contextCSN value is required in order to remove a server from
a multi-master configuration, or to get rid of the values with SID=0
that is far to easy to slip in if slapd or slapadd is started without
the proper serverID setting.
The slapd -c option requires a rid=XXX to be specified, but also allows
sid=XXX (which I haven't quite understood the usefulness of..). I
suggest that the -c option is extended to also allow only sid=XXX
without any rid.
With only sid=XXX,csn=XXX specified both syncrepl and syncprov should
replace the contextCSN value with that sid (as read from the database
upon startup) with the specified csn. Obviously, only a single csn
value can be accepted, and an absent or zero csn value should mean to
delete the contextCSN value with that sid. Well, deleting a contextCSN
value is really all I need, so I would be I more than happy to leave the
replace possibility out...
Adding an easy way to get rid of invalid contextCSN values should make a
transition to enforcing serverID 0 for single-master only configs much
more acceptable for those that have used serverID 0 in multi-master setups.
Re: commit: ldap/libraries/librewrite rewrite-int.h
by Hallvard B Furuseth
> rewrite-int.h 1.24 -> 1.25
> ITS#6005 librewrite must use the same mem allocators as slapd
If you are killing C free/mallocs, here are some others from 'nm *.o'
to look at. I don't have time at the moment. Hopefully most are
malloced/freed by the same code, not passed to/from ber memory.
clients/tools/common.o: free malloc
clients/tools/ldapcompare.o: free malloc
clients/tools/ldapsearch.o: free malloc realloc
clients/tools/ldapurl.o: free realloc
libraries/liblber/memory.o: free malloc calloc realloc
libraries/libldap/test.o: free malloc calloc realloc
libraries/libldap_r/test.o: free malloc calloc realloc
libraries/liblunicode/ure.o: free malloc calloc realloc
libraries/liblutil/meter.o: free calloc
servers/slapd/alock.o: free calloc
tests/progs/slapd-addel.o: malloc calloc realloc
tests/progs/slapd-bind.o: free realloc
tests/progs/slapd-read.o: free malloc
tests/progs/slapd-tester.o: malloc calloc
multiple free in ldapsearch
NetBSD's libc reports a multiple free each time I run 2.4.15's
ldapsearch using x509 certificate authentication (That is, SASL
Running with export MALLOC_OPTIONS=A, it is kind enough to abort, so I
have a backtrace:
#0 0xbb94223f in kill () from /usr/lib/libc.so.12
#1 0xbb9dea64 in abort () from /usr/lib/libc.so.12
#2 0xbb9dd300 in tcgetattr () from /usr/lib/libc.so.12
#3 0xbb9dd331 in tcgetattr () from /usr/lib/libc.so.12
#4 0xbb9de661 in free () from /usr/lib/libc.so.12
#5 0xbbaff5c7 in CRYPTO_free () from /usr/lib/libcrypto.so.3
#6 0xbbad0871 in X509_asn1_meth () from /usr/lib/libcrypto.so.3
#7 0xbbaec6d7 in ASN1_primitive_free () from /usr/lib/libcrypto.so.3
#8 0xbbaec8f3 in ASN1_item_free () from /usr/lib/libcrypto.so.3
#9 0xbbad09dd in X509_free () from /usr/lib/libcrypto.so.3
#10 0xbbb6fe31 in ssl_cert_free () from /usr/lib/libssl.so.4
#11 0xbbb6d981 in SSL_CTX_free () from /usr/lib/libssl.so.4
#12 0xbbbe008f in tlso_ctx_free () from /usr/pkg/lib/libldap-2.4.so.2
#13 0xbbbdce5b in ldap_pvt_tls_ctx_free () from
#14 0xbbbdcf78 in ldap_int_tls_destroy () from
#15 0xbbbdd06e in ldap_pvt_tls_destroy () from
#16 0x08050e88 in ?? ()
#17 0x00000000 in ?? ()
I will investigate further if I find time, but I post this just in case
it rings a bell for someone.
Re: commit: ldap/servers/slapd syncrepl.c
by Howard Chu
> Update of /repo/OpenLDAP/pkg/ldap/servers/slapd
> Modified Files:
> syncrepl.c 1.449 -> 1.450
> Log Message:
> Once more, mutex_lock -> trylock...
See ITS#5454 and the commit logs for this history behind this one, it's gone
back and forth several times. The recent change to add a 4th server to test050
caused a config/pause deadlock to occur again.
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
by Gavin Henry
I know they suck, they were just meant to have something there.
What we would we like to see using the slapd-config format?
A simple example that can just be used with ldapadd/slapadd in one go?
T +44 (0) 1224 279484
M +44 (0) 7930 323266
F +44 (0) 1224 824887
Open Source. Open Solutions(tm).
Suretec Systems is a limited company registered in Scotland. Registered
number: SC258005. Registered office: 13 Whiteley Well Place, Inverurie,
Aberdeenshire, AB51 4FP.
Subject to disclaimer at http://www.suretecgroup.com/disclaimer.html