openldap-devel

openldap-devel@openldap.org

1416 discussions

What happened to cvs.openldap.org?
by Michael Ströder 16 Aug '08

16 Aug '08

HI! Since yesterday I can't reach the pserver on cvs.OpenLDAP.org anymore. $ cvs up -Rd . cvs [update aborted]: connect to cvs.OpenLDAP.org(204.152.186.56):2401 failed: Connection refused Ciao, Michael.

2 3

Re: commit: ldap/libraries/libldap ldap-tls.h tls2.c tls_g.c tls_m.c tls_o.c ldap-int.h
by Howard Chu 13 Aug '08

13 Aug '08

hyc(a)OpenLDAP.org wrote: > Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap > > Modified Files: > ldap-int.h 1.189 -> 1.190 > Added Files: > ldap-tls.h NONE -> 1.1 > tls2.c NONE -> 1.1 > tls_g.c NONE -> 1.1 > tls_m.c NONE -> 1.1 > tls_o.c NONE -> 1.1 > > Log Message: > Modular TLS support, proof of concept. tls2.c would replace tls.c, > but I'm leaving tls.c intact for now. The GnuTLS and OpenSSL support are working fine; the MozillaNSS support is still pretty broken; it can't initialize itself. (However, it sort of works when linked into a Mozilla app that already does the NSS initialization. See the patch here https://bugzilla.mozilla.org/show_bug.cgi?id=292127 for one example of to accomplish that.) -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

1 0

HEADS UP: tls restructuring
by Howard Chu 13 Aug '08

13 Aug '08

I've split all of the OpenSSL and GnuTLS-specific code into their own separate source files, to clean up some of the #ifdef mess that was in tls.c before. This approach actually allows support for both to be compiled in at the same time. I'll probably add an LDAP_OPT_X option to select which implementation to use at runtime. (It might make sense to make these dynamically loadable modules, but for now I don't want to make libldap dependent on ltdl/dlopen/whatever.) I have not committed these changes yet. Probably will in the next day or two unless there are objections. There's one user-visible change: get_option(LDAP_OPT_X_TLS_SSL_CTX) now returns a pointer to a privately defined structure. For GnuTLS this is in fact the same behavior as before. For OpenSSL this is a change; it used to return the actual (SSL *). If this is going to break something of yours, holler now... -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

2 4

reduced DEFAULT_SEARCH_STACK_DEPTH
by Suhel Momin 11 Aug '08

11 Aug '08

Hi, I want to understand what is the impact of changing following #defines #define DEFAULT_SEARCH_STACK_DEPTH 16 #define MINIMUM_SEARCH_STACK_DEPTH 8 I can see that this value is used to allocate search_stack. I modified these values to #define DEFAULT_SEARCH_STACK_DEPTH 4 #define MINIMUM_SEARCH_STACK_DEPTH 2 This helped in reducing memory footprint however I am not sure about the wide range impact. Thanks, Suhel

2 1

multiple calls to ldap_initialize
by manu＠netbsd.org 04 Aug '08

04 Aug '08

Hello The man page says that ldap_initialize should not be re-entered, since it does initialize the library. As I understand this statement, it means that it can be called multiple times (to get simultaneous connexions to multiple LDAP servers), provided the calls are done sequentially. Is that right? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu(a)netbsd.org

1 0

Remove SunOS LWP support
by Hallvard B Furuseth 30 Jul '08

30 Jul '08

libraries/libldap_r/thr_lwp.c (SunOS LWP) has since 1999 (rev 1.5) said: /* This implementation NEEDS WORK. It currently does not compile */ I suggest we kill LWP support. Has anyone tried to use it since 1999? Note, configure --with-threads=lwp turns into either Solaris threads (#define HAVE_THR) or SunOS LWP (#define HAVE_LWP). -- Hallvard

3 3

Re: commit: openldap-guide/admin appendix-recommended-versions.sdf aspell.en.pws install.sdf maintenance.sdf quickstart.sdf runningslapd.sdf schema.sdf slapdconf2.sdf slapdconfig.sdf
by Howard Chu 25 Jul '08

25 Jul '08

ghenry(a)OpenLDAP.org wrote: > Update of /repo/OpenLDAP/pkg/openldap-guide/admin > > Modified Files: > appendix-recommended-versions.sdf 1.4 -> 1.5 > aspell.en.pws 1.24 -> 1.25 > install.sdf 1.47 -> 1.48 > maintenance.sdf 1.11 -> 1.12 > quickstart.sdf 1.51 -> 1.52 > runningslapd.sdf 1.23 -> 1.24 > schema.sdf 1.50 -> 1.51 > slapdconf2.sdf 1.47 -> 1.48 > slapdconfig.sdf 1.107 -> 1.108 > > Log Message: > (ITS#5616) Docs: various admin guide corrections > > CVS Web URLs: > http://www.openldap.org/devel/cvsweb.cgi/admin/?cvsroot=OpenLDAP-guide > http://www.openldap.org/devel/cvsweb.cgi/admin/appendix-recommended-version… > http://www.openldap.org/devel/cvsweb.cgi/admin/aspell.en.pws?cvsroot=OpenLD… Who validated these corrections? "datebase" is not a valid word. There are several terms in this diff that are invalid. > http://www.openldap.org/devel/cvsweb.cgi/admin/install.sdf?cvsroot=OpenLDAP… > http://www.openldap.org/devel/cvsweb.cgi/admin/maintenance.sdf?cvsroot=Open… > http://www.openldap.org/devel/cvsweb.cgi/admin/quickstart.sdf?cvsroot=OpenL… > http://www.openldap.org/devel/cvsweb.cgi/admin/runningslapd.sdf?cvsroot=Ope… > http://www.openldap.org/devel/cvsweb.cgi/admin/schema.sdf?cvsroot=OpenLDAP-… > http://www.openldap.org/devel/cvsweb.cgi/admin/slapdconf2.sdf?cvsroot=OpenL… > http://www.openldap.org/devel/cvsweb.cgi/admin/slapdconfig.sdf?cvsroot=Open… > > Changes are generally available on cvs.openldap.org (and CVSweb) > within 30 minutes of being committed. > -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

2 1

back-bdb flaw
by Howard Chu 23 Jul '08

23 Jul '08

There appears to be a long-standing problem with back-bdb and entries with more than BDB_IDL_DB_MAX immediate children. If the entryIDs of the children are non-contiguous, then attempts to delete the subtree of the entry will fail, because the IDL range for the OneLevel index in the dn2id DB will never zero out. back-hdb doesn't have this problem. Not sure what an appropriate fix is. Ideally, when deleting an entry whose ID corresponds to either the lower or upper bound of the range, we should update the range with the ID of the next remaining sibling. But there's no easy way to search for that ID, so we just increment/decrement the range by 1. The OneLevel index is the only structure that can quickly tell us what the siblings are, and it's obviously useless when this situation arises. The only way to search would be to [inc/dec]rement the ID and retrieve the corresponding entry's DN to see if it is a sibling of the deleted entry, and loop until a sibling is found or we run into the opposite range boundary. On a large DB this will be extremely slow. Seems like the best fix is to deprecate back-bdb and only use back-hdb from now on. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/

5 15

RE24 testing
by Quanah Gibson-Mount 16 Jul '08

16 Jul '08

Please test RE24, thanks! --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration

8 13

SLAP_BUILTIN_SASL
by Quanah Gibson-Mount 13 Jul '08

13 Jul '08

Is SLAP_BUILTIN_SASL suppose to be triggered if Cyrus-sasl isn't found? I was grepping the 2.4 source, and all I see is several lines in servers/slapd/sasl.c along the lines of: #elif defined(SASL_BUILTIN_SASL) i.e., nothing that ever defines (enables) it. --Quanah -- Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration

1 0

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

openldap-devel