openldap-devel

openldap-devel@openldap.org

2 participants
1422 discussions

Re: OpenLDAP 2.4.51 available, LMDB 0.9.26 available
by Clément OUDOT 12 Aug '20

12 Aug '20

Hello, changelog seems not well updated on the website: https://www.openldap.org/software/release/changes.html Clément. Le mer. 12 août 2020 à 07:02, <project(a)openldap.org> a écrit : > > OpenLDAP 2.4.51 is now available for download as detailed on our download page: > > https://www.openldap.org/software/download/ > > and should soon be available on all official mirrors: > > ftp://ftp.openldap.org/pub/OpenLDAP/MIRRORS > > This is a maintenance release and is made available for general use. Users of OpenLDAP Software are encouraged to upgrade. > > Significant contributors are: > > Howard Chu (Symas Corp) > Quanah Gibson-Mount (Symas Corp) > Ondřej Kuzník (Symas Corp) > Ryan Tandy > > OpenLDAP 2.4.51 Release (2020/08/11) > Added slapo-ppolicy implement Netscape password policy controls (ITS#9279) > Fixed libldap retry loop in ldap_int_tls_connect (ITS#8650) > Fixed libldap to use getaddrinfo in ldap_pvt_get_fqdn (ITS#9287) > Fixed slapd to enforce singular existence of some overlays (ITS#9309) > Fixed slapd syncrepl to not delete non-replicated attrs (ITS#9227) > Fixed slapd syncrepl to correctly delete entries on resync (ITS#9282) > Fixed slapd syncrepl to use replace on single valued attrs (ITS#9294, ITS#9295) > Fixed slapd-perl dynamic config with threaded slapd (ITS#7573) > Fixed slapo-ppolicy to expose the ppolicy control (ITS#9285) > Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302) > Fixed slapo-ppolicy so it can only exist once per DB (ITS#9309) > Fixed slapo-chain to check referral (ITS#9262) > Build Environment > Fix test064 so it no longer uses bashisms (ITS#9263) > Contrib > Fix default prefix value for pw-argon2, pw-pbkdf2 modules (ITS#9248) > slapo-allowed - Fix usage of unitialized variable (ITS#9308) > Documentation > ldap_parse_result(3) - Document ldap_parse_intermediate (ITS#9271) > > > MD5(openldap-2.4.51.tgz)= 0d2025896cf1c17af7304ecc57ec9531 > SHA1(openldap-2.4.51.tgz)= 4fe7f0e5766d0d9a5431871b581938c05b4eb873 > > LMDB 0.9.26 Release (2020/08/11) > ITS#9278 fix robust mutex cleanup for FreeBSD

2 1

Two new repos
by Ondřej Kuzník 12 Aug '20

12 Aug '20

This is an announcement that two new repositories have just been added on Gitlab: https://git.openldap.org/openldap/syncmonitor This is a project to support real-time monitoring of OpenLDAP's replication. It comes as a Python module using the asyncio library to provide a fully reactive interface. An asyncio wrapper around Michael's python-ldap0 is included for that reason. A sample terminal application is also provided to showcase what is possible. https://git.openldap.org/ondra/pldap (in personal namespace for now) The above mentioned asyncio wrapper is a bit of a break with how traditional python-ldap wrappers are used. This comes out of attempts to use and extend the existing Python LDAP modules to do what I needed them to do and discussions with Michael Ströder, maintainer of python-ldap0, how that might be achieved. In the end I've drafted a new module that has two goals: - explore a new API that can stay mostly uniform across plain Python and async code, where result and intermediate responses are extracted in a more natural way - move towards run-time wrapping of libldap so that the module is immediately usable in environments without the need to compile a native wrapper At some point, this code should either be extended to cover the scope that the other two wrappers (python-ldap and python-ldap0) provide or the approach should be adopted in either. It is my understanding that the OpenLDAP project might be interested in adopting either of the modules at some point (subject to that module adopting the OpenLDAP Public License). In view of the above, I've kept it in my personal namespace for now so as not to give any impression that this the official Python module to use for all things LDAP. At some point, these (just like the mod-harness module published last year) should be the building blocks for the test suite that I hope to build at some point. As such, there are many smaller tools of general utility bundled in there, especially in the syncmonitor repository. Should you find them useful, let's turn them into something more complete. Please review and come back with suggestions or, if you feel so inclined, patches. Regards, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP

1 0

RE25 make depend
by Michael Ströder 27 Jul '20

27 Jul '20

HI! With RE25 branch make depend fails on my system (see below). Find attached my build script which works just fine for RE24. Any changes needed for RE25? Ciao, Michael. cd back-shell && make -w depend make[3]: Entering directory '/home/michael/src/openldap-git/re25/openldap/servers/slapd/back-shell' make[3]: *** No rule to make target 'Makefile.in', needed by 'Makefile'. Stop. make[3]: Leaving directory '/home/michael/src/openldap-git/re25/openldap/servers/slapd/back-shell' make[2]: *** [Makefile:589: depend-local-srv] Error 1 make[2]: Leaving directory '/home/michael/src/openldap-git/re25/openldap/servers/slapd' make[1]: *** [Makefile:328: depend-common] Error 1 make[1]: Leaving directory '/home/michael/src/openldap-git/re25/openldap/servers' make: *** [Makefile:349: depend-common] Error 1

2 3

bugzilla spam?
by Michael Ströder 26 Jul '20

26 Jul '20

HI! To this seems to be spam: https://bugs.openldap.org/show_bug.cgi?id=6036#c5 Maybe also block the user fieldengineer59(a)yahoo.com? Ciao, Michael.

2 1

ppolicy control exposure in RE24?
by Quanah Gibson-Mount 13 Jul '20

13 Jul '20

Currently the ppolicy overlay does not expose the related control in the supportedControl attribute of the rootDSE. This is due to the general policy that controls for items that are not part of a finalized specification are not published. However, at this point, ppolicy while not finalized, is long established. For 2.5, we will be exposing the control, but I think it could be useful to do this for 2.4.51+ as well. Does anyone have any objections to this change being backported to RE24? <https://bugs.openldap.org/show_bug.cgi?id=9285> Thanks, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

5 4

terminology cleanup
by Quanah Gibson-Mount 15 Jun '20

15 Jun '20

I've done a pass for RE24 at cleaning up terminology around replication which should make things a lot less confusing, as we were using various terms interchangably w/o much explanation. I've put this up for review at <https://git.openldap.org/openldap/openldap/-/merge_requests/82> It'd be great to have a few people look over it as it touches a lot of stuff. Thanks, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

contrib modules to promote to mainline for 2.5?
by Quanah Gibson-Mount 23 Apr '20

23 Apr '20

Are there any contrib modules that we should consider promoting to mainline for the 2.5 series? I.e., sha2, argon2 seem like potential options. --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

6 11

Re: contrib modules to promote to mainline for 2.5?
by Quanah Gibson-Mount 22 Apr '20

22 Apr '20

--On Wednesday, April 22, 2020 1:04 PM -0700 Philip Guenther <pguenther(a)proofpoint.com> wrote: > Is there a ticket tracking this where the open question(s) for which a > response is needed can be seen? The obvious search of > https://bugs.openldap.org/buglist.cgi?quicksearch=bcrypt There wouldn't be, as it requires the author to contribute it as noted in: <https://github.com/wclarie/openldap-bcrypt/issues/1> Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

1 0

MinGW status.
by Ryan Tandy 17 Apr '20

17 Apr '20

1. Why do I care about Windows? After seeing knowledgeable people say several times that building OpenLDAP on Windows worked fine for them [1][2][3], but failing my first attempts, I decided it should damn well work for me too! [1] https://bugs.openldap.org/show_bug.cgi?id=7878#c1 [2] https://bugs.openldap.org/show_bug.cgi?id=7878#c3 [3] https://www.openldap.org/lists/openldap-technical/201908/msg00033.html 2. Where are we now? Master branch is in OK shape now. A basic build with OpenSSL and default-ish backends/overlays succeeds. If built WITHOUT --enable-dynamic, it even passes the test suite, with one workaround [4]. If built WITH --enable-dynamic, there are various issues related to the libtool wrappers: the test processes don't exit when killed [5], ITS#2922 occurs, etc. Executing the binaries directly seems to work around most of it, but I still have an unexplained failure in test058. RE24 has the code fixes now (in 2.4.50), however, its older libtool and autoconf still contain bugs that have been fixed now in master. It doesn't produce DLLs due to a libtool bug [6], but the executables can be built with the static libs. The test suite needs configure rebuilt with a newer autoconf [7], plus all the same caveats as master. [4] --- a/tests/scripts/defines.sh +++ b/tests/scripts/defines.sh @@ -18 +18 @@ -TESTWD=`pwd` +TESTWD=`pwd -W` [5] https://sourceforge.net/p/mingw/bugs/845/ https://sourceforge.net/p/mingw/bugs/1783/ [6] haven't found a bug or commit link, but https://lists.defectivebydesign.org/archive/html/lmi/2011-06/msg00016.html discusses the same problem [7] http://git.savannah.gnu.org/gitweb/?p=autoconf.git;a=commit;h=17ea0df46f819… If I've analyzed anything above incorrectly, please let me know! 3. Where to next? I'd like to write up some up-to-date instructions for building on Windows, but I'm not sure where I would post them before the FAQ site is replaced. When I linked with MSYS2's cyrus-sasl package, I encountered heap corruption errors. I haven't looked more closely at that yet. Since a native Windows CI host looks unlikely in the short term, I'd like to investigate getting cross builds [8] stable enough to add as a CI target. ITS#9087 is a first step in that direction. Obviously it wouldn't be able to run tests, but we could at least monitor compile failures. There are a few things to deal with, such as configure tests that currently run test programs (e.g. "working memcmp"), and providing dependency libraries (-lregex). [8] apt install gcc-mingw-w64-x86-64 cheers, Ryan

1 0

2.4 commit review
by Quanah Gibson-Mount 02 Apr '20

02 Apr '20

I think the following ITSes would be good to add for 2.4.50. Any objections? ITS#7074 - Fix olcDatabaseDummy init for windows ITS#9003 - Fix slapd-ldap(5) man page to note idassert-authzfrom policy difference ITS#9181 - Fix race on Windows mutex init ITS#9182 - pcache: fix private DB init Thanks, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: <http://www.symas.com>

2 2

← Newer
1
2
3
4
5
6
7
8
9
...
143
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-devel