This is the second testing call for OpenLDAP 2.4.52. Depending on the results, this may be the final testing call.
Generally, get the code for RE24:
Extract, configure, and build.
Execute the test suite (via make test) after it is built. Optionally, cd tests && "make its" to run through the regression suite.
Thanks!
OpenLDAP 2.4.52 Engineering Added libldap LDAP_OPT_X_TLS_REQUIRE_SAN option (ITS#9318) Added libldap OpenSSL support for multiple EECDH curves (ITS#9054) Added slapd OpenSSL support for multiple EECDH curves (ITS#9054) Fixed librewrite malloc/free corruption (ITS#9249) Fixed libldap hang when using UDP and server down (ITS#9328) Fixed slapd syncrepl rare deadlock due to network issues (ITS#9324) Fixed slapd syncrepl regression that could trigger an assert (ITS#9329) Fixed slapd-mdb index error with collapsed range (ITS#9135)
Regards, Quanah
--
Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: http://www.symas.com
Am Donnerstag, den 27.08.2020, 18:37 -0700 schrieb Quanah Gibson-Mount:
This is the second testing call for OpenLDAP 2.4.52. Depending on the results, this may be the final testing call.
All tests for mdb were successfully. 0 tests for mdb were skipped.
Regards, Armin.
Michael Ströder wrote:
On 8/28/20 3:37 AM, Quanah Gibson-Mount wrote:
This is the second testing call for OpenLDAP 2.4.52.
All my usual tests seem to work.
One minor issue: Description of new syncrepl argument tls_reqsan is missing in slapd.conf(5).
Thanks, added in master d5ed7c5027
Ciao, Michael.
On Thu, 27 Aug 2020, Quanah Gibson-Mount wrote:
This is the second testing call for OpenLDAP 2.4.52.
RHEL 7.8, fully updated, spits out dozens of "ldap_sasl_bind_s: Invalid credentials (49)" failures, but the test still claims success:
Starting test008-concurrency for bdb...
[...]
PID=6365 - Bind base="ou=People,dc=example,dc=com" filter="(userPassword=*)" got 4 values. slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) PID=6346 - Read done (0). slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49)
[...]
PID=6390 - Search(500): base="cn=Monitor" scope=sub filter="(objectClass=*)" attrs=cn (more...). slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49)
[...]
Comparing filter output...
Test succeeded test008-concurrency completed OK for bdb.
best regards, Jokke Hämäläinen
openldap-technical@kolttonen.fi wrote:
On Thu, 27 Aug 2020, Quanah Gibson-Mount wrote:
This is the second testing call for OpenLDAP 2.4.52.
RHEL 7.8, fully updated, spits out dozens of "ldap_sasl_bind_s: Invalid credentials (49)" failures, but the test still claims success:
That's expected, since there are jobs repeatedly adding/deleting the entries in question. The point of this test is to flush out any crashes due to constantly changing conditions.
Starting test008-concurrency for bdb...
[...]
PID=6365 - Bind base="ou=People,dc=example,dc=com" filter="(userPassword=*)" got 4 values. slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) PID=6346 - Read done (0). slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49)
[...]
PID=6390 - Search(500): base="cn=Monitor" scope=sub filter="(objectClass=*)" attrs=cn (more...). slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6365: ldap_sasl_bind_s: Invalid credentials (49) slapd-bind PID=6389: ldap_sasl_bind_s: Invalid credentials (49)
[...]
Comparing filter output...
Test succeeded test008-concurrency completed OK for bdb.
best regards, Jokke Hämäläinen
On Thu, Aug 27, 2020 at 18:37:30 -0700, Quanah Gibson-Mount wrote:
This is the second testing call for OpenLDAP 2.4.52. Depending on the results, this may be the final testing call.
Generally, get the code for RE24:
Extract, configure, and build.
Execute the test suite (via make test) after it is built. Optionally, cd tests && "make its" to run through the regression suite.
A bit late but ... 2.4.52 fails to build on CentOS 6 with OpenSSL 1.0.1:
(cd .libs && rm -f libldap.la && ln -s ../libldap.la libldap.la) cc -g -O2 -I../../include -I../../include -c -o apitest.o apitest.c /bin/sh ../../libtool --mode=link cc -g -O2 -o apitest apitest.o libldap.la ../../libraries/liblber/liblber.la ../../libraries/liblutil/liblutil.a -lssl -lcrypto -lcrypt -lresolv cc -g -O2 -o .libs/apitest apitest.o ./.libs/libldap.so /home/ghendric/openldap-2.4.52/libraries/liblber/.libs/liblber.so ../../libraries/liblber/.libs/liblber.so ../../libraries/liblutil/liblutil.a -lssl -lcrypto -lcrypt -lresolv -Wl,--rpath -Wl,/opt/openldap-2.4.52/lib ./.libs/libldap.so: undefined reference to `SSL_CTX_set1_curves_list' ./.libs/libldap.so: undefined reference to `SSL_CTX_set_ecdh_auto' collect2: ld returned 1 exit status
Probably due to ITS#9054 ...
Geert
Geert Hendrickx wrote:
On Thu, Aug 27, 2020 at 18:37:30 -0700, Quanah Gibson-Mount wrote:
This is the second testing call for OpenLDAP 2.4.52. Depending on the results, this may be the final testing call.
Generally, get the code for RE24:
Extract, configure, and build.
Execute the test suite (via make test) after it is built. Optionally, cd tests && "make its" to run through the regression suite.
A bit late but ... 2.4.52 fails to build on CentOS 6 with OpenSSL 1.0.1:
OpenSSL 1.0.1 is obsolete and no longer supported by the OpenSSL Project, and thus we now require at least 1.0.2.
(cd .libs && rm -f libldap.la && ln -s ../libldap.la libldap.la) cc -g -O2 -I../../include -I../../include -c -o apitest.o apitest.c /bin/sh ../../libtool --mode=link cc -g -O2 -o apitest apitest.o libldap.la ../../libraries/liblber/liblber.la ../../libraries/liblutil/liblutil.a -lssl -lcrypto -lcrypt -lresolv cc -g -O2 -o .libs/apitest apitest.o ./.libs/libldap.so /home/ghendric/openldap-2.4.52/libraries/liblber/.libs/liblber.so ../../libraries/liblber/.libs/liblber.so ../../libraries/liblutil/liblutil.a -lssl -lcrypto -lcrypt -lresolv -Wl,--rpath -Wl,/opt/openldap-2.4.52/lib ./.libs/libldap.so: undefined reference to `SSL_CTX_set1_curves_list' ./.libs/libldap.so: undefined reference to `SSL_CTX_set_ecdh_auto' collect2: ld returned 1 exit status
Probably due to ITS#9054 ...
Geert
openldap-technical@openldap.org