Full_Name: Paul Boven Version: 2.2.15 OS: Solaris 9 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (145.100.25.81) L.S., When using ldapsearch to query an Active Directory (2003), the OpenLdap ldapsearch application hangs after displaying the data in question. However, this -only- happens when using an SSL connection. The problem seems to be with the referrals returned by the AD server, and this problem is very similar to ITS#3051 except that without SSL, everything works fine. The hang occurs at the same place as in ITS#3051 (See below). Further information: The server in question is using the Active Directory as it's DNS server in order to verify the certificates. /usr/local/etc/openldap/ldap.conf: URI ldaps://ads1.edu.local ldaps://ads2.edu.local BASE dc=edu,dc=local TLS_CACERTDIR /usr/local/openssl/certs SASL_SECPROPS maxssf=0 #For Kerberos to work The problem occurs with both 'simple authentication' and with Kerberos. OpenSSL version is 0.9.7d Debug output: (searching on a non-existing user to keep the debug-size in check a bit, the problem occurs with objects that do exist as well). bash-2.05$ /usr/local/bin/ldapsearch -d 1 -H ldaps://ads2.edu.local "(samaccountname=zttest)" ldap_create ldap_url_parse_ext(ldaps://ads2.edu.local) ldap_pvt_sasl_getmech ldap_search put_filter: "(objectclass=*)" put_filter: simple put_simple_filter: "objectclass=*" ldap_send_initial_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: TCP ads2.edu.local:636 ldap_new_socket: 5 ldap_prepare_socket: 5 ldap_connect_to_host: Trying 10.1.2.3:636 ldap_connect_timeout: fd: 5 tm: -1 async: 0 ldap_ndelay_on: 5 ldap_is_sock_ready: 5 ldap_ndelay_off: 5 TLS trace: SSL_connect:before/connect initialization TLS trace: SSL_connect:SSLv2/v3 write client hello A TLS trace: SSL_connect:SSLv3 read server hello A TLS certificate verification: depth: 1, err: 0, subject: /DC=local/DC=edu/CN=ads2, issuer: /DC=local/DC=edu/CN=ads2 TLS certificate verification: depth: 0, err: 0, subject: /CN=ads2.edu.local, issuer: /DC=local/DC=edu/CN=ads2 TLS trace: SSL_connect:SSLv3 read server certificate A TLS trace: SSL_connect:SSLv3 read server certificate request A TLS trace: SSL_connect:SSLv3 read server done A TLS trace: SSL_connect:SSLv3 write client certificate A TLS trace: SSL_connect:SSLv3 write client key exchange A TLS trace: SSL_connect:SSLv3 write change cipher spec A TLS trace: SSL_connect:SSLv3 write finished A TLS trace: SSL_connect:SSLv3 flush data TLS trace: SSL_connect:SSLv3 read finished A ldap_open_defconn: successful ldap_send_server_request ber_flush: 64 bytes to sd 5 ldap_result msgid 1 ldap_chkResponseList for msgid=1, all=1 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid 1 wait4msg continue, msgid 1, all 1 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:56 2004 ** Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=1, all=1 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid 1, all 1 ber_get_next ber_get_next: tag 0x30 len 96 contents: ldap_read: message type search-entry msgid 1, original id 1 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type search-result msgid 1, original id 1 ber_scanf fmt ({iaa) ber: read1msg: 0 new referrals read1msg: mark request completed, id = 1 request 1 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_free_connection ldap_free_connection: refcnt 1 adding response id 1 type 101: ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (}) ber: ldap_get_values ber_scanf fmt ({x{{a) ber: ber_scanf fmt ([v]) ber: ldap_msgfree ldap_sasl_interactive_bind_s: server supports: GSSAPI GSS-SPNEGO EXTERNAL DIGEST-MD5 ldap_int_sasl_bind: GSSAPI GSS-SPNEGO EXTERNAL DIGEST-MD5 ldap_int_sasl_open: host=ads2 SASL/GSSAPI authentication started ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_send_server_request ber_flush: 1173 bytes to sd 5 ldap_result msgid 2 ldap_chkResponseList for msgid=2, all=1 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid 2 wait4msg continue, msgid 2, all 1 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:57 2004 ** Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=2, all=1 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid 2, all 1 ber_get_next ber_get_next: tag 0x30 len 132 contents: ldap_read: message type bind msgid 2, original id 2 ber_scanf fmt ({iaa) ber: read1msg: 0 new referrals read1msg: mark request completed, id = 2 request 2 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 2, msgid 2) ldap_free_connection ldap_free_connection: refcnt 1 ldap_parse_sasl_bind_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (O) ber: ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (x) ber: ber_scanf fmt (}) ber: ldap_msgfree sasl_client_step: 1 ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_send_server_request ber_flush: 22 bytes to sd 5 ldap_result msgid 3 ldap_chkResponseList for msgid=3, all=1 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid 3 wait4msg continue, msgid 3, all 1 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:57 2004 ** Outstanding Requests: * msgid 3, origid 3, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=3, all=1 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid 3, all 1 ber_get_next ber_get_next: tag 0x30 len 71 contents: ldap_read: message type bind msgid 3, original id 3 ber_scanf fmt ({iaa) ber: read1msg: 0 new referrals read1msg: mark request completed, id = 3 request 3 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 3, msgid 3) ldap_free_connection ldap_free_connection: refcnt 1 ldap_parse_sasl_bind_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (O) ber: ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (x) ber: ber_scanf fmt (}) ber: ldap_msgfree sasl_client_step: 0 ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_send_server_request ber_flush: 77 bytes to sd 5 ldap_result msgid 4 ldap_chkResponseList for msgid=4, all=1 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid 4 wait4msg continue, msgid 4, all 1 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:57 2004 ** Outstanding Requests: * msgid 4, origid 4, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=4, all=1 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid 4, all 1 ber_get_next ber_get_next: tag 0x30 len 18 contents: ldap_read: message type bind msgid 4, original id 4 ber_scanf fmt ({iaa) ber: read1msg: 0 new referrals read1msg: mark request completed, id = 4 request 4 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 4, msgid 4) ldap_free_connection ldap_free_connection: refcnt 1 ldap_parse_sasl_bind_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (O) ber: ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (x) ber: ber_scanf fmt (}) ber: ldap_msgfree SASL username: Administrator@EDU.LOCAL SASL SSF: 0 # extended LDIF # # LDAPv3 # base <> with scope sub # filter: (samaccountname=zttest) # requesting: ALL # ldap_search_ext put_filter: "(samaccountname=zttest)" put_filter: simple put_simple_filter: "samaccountname=zttest" ldap_send_initial_request ldap_send_server_request ber_flush: 67 bytes to sd 5 ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:57 2004 ** Outstanding Requests: * msgid 5, origid 5, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 77 contents: ldap_read: message type search-reference msgid 5, original id 5 # search reference ber_scanf fmt ({v) ber: ber_scanf fmt (}) ber: ref: ldaps://ForestDnsZones.edu.local/DC=ForestDnsZones,DC=edu,DC=local ldap_msgfree ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:57 2004 ** Outstanding Requests: * msgid 5, origid 5, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 77 contents: ldap_read: message type search-reference msgid 5, original id 5 # search reference ber_scanf fmt ({v) ber: ber_scanf fmt (}) ber: ref: ldaps://DomainDnsZones.edu.local/DC=DomainDnsZones,DC=edu,DC=local ldap_msgfree ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:57 2004 ** Outstanding Requests: * msgid 5, origid 5, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 61 contents: ldap_read: message type search-reference msgid 5, original id 5 # search reference ber_scanf fmt ({v) ber: ber_scanf fmt (}) ber: ref: ldaps://edu.local/CN=Configuration,DC=edu,DC=local ldap_msgfree ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: ads2.edu.local port: 636 (default) refcnt: 2 status: Connected last used: Thu Aug 26 14:51:57 2004 ** Outstanding Requests: * msgid 5, origid 5, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type search-result msgid 5, original id 5 ber_scanf fmt ({iaa) ber: read1msg: 0 new referrals read1msg: mark request completed, id = 5 request 5 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 5, msgid 5) ldap_free_connection ldap_free_connection: refcnt 1 ldap_int_select
changed notes
Forward this through the issue tracking system... >Date: Thu, 28 Oct 2004 13:35:24 -0500 >From: Mike Thomas <mwt@cems.umn.edu> >To: openldap-bugs@OpenLDAP.org >Subject: another followup to #ITS3304/#ITS3307 (FIXED, possibly?) >Comment: openldap-bugs mailing list <http://www.OpenLDAP.org/lists/> >List-Archive: <http://www.OpenLDAP.org/lists/openldap-bugs/> > >Hello, > >I've never hacked around the OpenLDAP sources before, so forgive me if I've applied an uneducated fix, but after reading the diff between openldap 2.1.28 (working) and 2.1.29 (unworking) I went through and found the problem that was causing the referral hanging problem. > >This is with OpenLDAP 2.1.30 > >Here's the segment of code (lines 805-807) > > if ( lc != NULL ) { > ldap_free_connection( ld, lc, 0, 1 ); > *lcp = NULL; > } > >removing (or commenting out) the *lcp = NULL; statement on line 807 resolves this problem. The searches now chase referrals correctly >and the search terminates instead of hangs. Like I said before, I'm fairly uneducated when it comes to the OpenLDAP code, I do not know if this fix introduces and other problems, but I thought since there was no progess (or stalled progress) on this bug, I'd investigate this myself. > >--Mike >
Forward this through the issue tracking system... >Date: Thu, 28 Oct 2004 12:12:37 -0500 >From: Mike Thomas <mwt@cems.umn.edu> >To: openldap-bugs@OpenLDAP.org >Subject: followup (more information for ITS#3304 >Comment: openldap-bugs mailing list <http://www.OpenLDAP.org/lists/> >List-Archive: <http://www.OpenLDAP.org/lists/openldap-bugs/> > >Hello, > >In regards to bug #3304 (I filed #3307, but this bug report was much better then mine, heh), I have pinpointed the release in which the problem occured in the 2.1.x tree. The problem occurs in any release (in the 2.1.x branch, I believe) greater then 2.1.28. 2.1.28 works just fine. I hope that helps, as there have been absolutely no posts about this bug at all. > >--Mike
Forward this through the issue tracking system... >Date: Thu, 28 Oct 2004 13:36:36 -0500 >From: Mike Thomas <mwt@cems.umn.edu> >To: openldap-bugs@OpenLDAP.org >Subject: Re: another followup to #ITS3304/#ITS3307 (FIXED, possibly?) >Comment: openldap-bugs mailing list <http://www.OpenLDAP.org/lists/> >List-Archive: <http://www.OpenLDAP.org/lists/openldap-bugs/> > >Well, in my haste, i forgot to say which file I changed, oops. > >This fix was applied to libraries/libldap/result.c > >--Mike > >>Hello, >> >>I've never hacked around the OpenLDAP sources before, so forgive me if I've applied an uneducated fix, but after reading the diff between openldap 2.1.28 (working) and 2.1.29 (unworking) I went through and found the problem that was causing the referral hanging problem. >> >>This is with OpenLDAP 2.1.30 >> >>Here's the segment of code (lines 805-807) >> >> if ( lc != NULL ) { >> ldap_free_connection( ld, lc, 0, 1 ); >> *lcp = NULL; >> } >> >>removing (or commenting out) the *lcp = NULL; statement on line 807 resolves this problem. The searches now chase referrals correctly >>and the search terminates instead of hangs. Like I said before, I'm fairly uneducated when it comes to the OpenLDAP code, I do not know if this fix introduces and other problems, but I thought since there was no progess (or stalled progress) on this bug, I'd investigate this myself. >> >>--Mike >> >>
moved from Incoming to Software Bugs
Is ldapsearch(1) hanging with or without -C? At 11:35 AM 10/28/2004, Mike Thomas wrote: >Hello, > >I've never hacked around the OpenLDAP sources before, so forgive me if I've applied an uneducated fix, but after reading the diff between openldap 2.1.28 (working) and 2.1.29 (unworking) I went through and found the problem that was causing the referral hanging problem. > >This is with OpenLDAP 2.1.30 > >Here's the segment of code (lines 805-807) > > if ( lc != NULL ) { > ldap_free_connection( ld, lc, 0, 1 ); > *lcp = NULL; > } > >removing (or commenting out) the *lcp = NULL; statement on line 807 resolves this problem. The searches now chase referrals correctly >and the search terminates instead of hangs. Like I said before, I'm fairly uneducated when it comes to the OpenLDAP code, I do not know if this fix introduces and other problems, but I thought since there was no progess (or stalled progress) on this bug, I'd investigate this myself. > >--Mike >
Kurt, It is hanging without the -C, enabling the -C option causes the search to finish sucessfully, here is the ldapsearch command I used (passwords have been starred) ldapsearch -H ldaps://phoenix.cems.umn.edu -x -d 1 -b "dc=cems,dc=umn,dc=edu" -s "sub" -D "cn=nssldap,ou=Users,ou=IT Office,dc=cems,dc=umn,dc=edu" -w '********' "cn=mwt" here's the debug output (without -C) ldap_create ldap_url_parse_ext(ldaps://phoenix.cems.umn.edu) ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: TCP phoenix.cems.umn.edu:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 134.84.165.42:636 ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_is_sock_ready: 3 ldap_ndelay_off: 3 ldap_int_sasl_open: host=phoenix.cems.umn.edu TLS certificate verification: depth: 0, err: 66, subject: C=, ST=, L=, O=, OU=, CN=phoenix.cems.umn.edu/Email=, issuer: C=, ST=MN, L=Minneapolis, O=University of Minnesota, OU=CEMS, CN=phoenix/Email=cems_sys@cems.umn.edu TLS certificate verification: Error, Unknown error ldap_open_defconn: successful ldap_send_server_request ber_flush: 83 bytes to sd 3 ldap_result msgid 1 ldap_chkResponseList for msgid=1, all=1 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid 1 wait4msg continue, msgid 1, all 1 ** Connections: * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:01:12 2004 ** Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=1, all=1 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid 1, all 1 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type bind msgid 1, original id 1 ber_scanf fmt ({iaa) ber: read1msg: 0 new referrals read1msg: mark request completed, id = 1 request 1 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_free_connection ldap_free_connection: refcnt 1 ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (}) ber: ldap_msgfree ldap_search_ext put_filter: "cn=mwt" put_filter: default put_simple_filter: "cn=mwt" ldap_send_initial_request ldap_send_server_request ber_flush: 58 bytes to sd 3 ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:01:12 2004 ** Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 2108 contents: ldap_read: message type search-entry msgid 2, original id 2 ldap_get_dn ber_scanf fmt ({a) ber: ldap_dn2ufn ldap_dn_normalize => ldap_bv2dn(CN=mwt,OU=Users,OU=IT Office,DC=cems,DC=umn,DC=edu,0) <= ldap_bv2dn(CN=mwt,OU=Users,OU=IT Office,DC=cems,DC=umn,DC=edu,0)=0 => ldap_dn2bv(64) <= ldap_dn2bv(mwt, Users, IT Office, cems.umn.edu,64)=0 ber_scanf fmt ({xx) ber: ldap_first_attribute ber_scanf fmt ({xl{) ber: ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt (x}{a) ber: <truncated...it does that for a while....> ber_scanf fmt ([V]) ber: ldap_next_attribute ldap_msgfree ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:01:12 2004 ** Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 69 contents: ldap_read: message type search-reference msgid 2, original id 2 ber_scanf fmt ({v) ber: ber_scanf fmt (}) ber: ldap_msgfree ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:01:12 2004 ** Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type search-result msgid 2, original id 2 ber_scanf fmt ({iaa) ber: read1msg: 0 new referrals read1msg: mark request completed, id = 2 request 2 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 2, msgid 2) ldap_free_connection ldap_free_connection: refcnt 1 ldap_int_select and right there is where it hangs. Here below is the debug output with -C on the above ldapsearch command: ldap_create ldap_url_parse_ext(ldaps://phoenix.cems.umn.edu) ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: TCP phoenix.cems.umn.edu:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 134.84.165.42:636 ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_is_sock_ready: 3 ldap_ndelay_off: 3 ldap_int_sasl_open: host=phoenix.cems.umn.edu TLS certificate verification: depth: 0, err: 66, subject: C=, ST=, L=, O=, OU=, CN=phoenix.cems.umn.edu/Email=, issuer: C=, ST=MN, L=Minneapolis, O=University of Minnesota, OU=CEMS, CN=phoenix/Email=cems_sys@cems.umn.edu TLS certificate verification: Error, Unknown error ldap_open_defconn: successful ldap_send_server_request ber_flush: 83 bytes to sd 3 ldap_result msgid 1 ldap_chkResponseList for msgid=1, all=1 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid 1 wait4msg continue, msgid 1, all 1 ** Connections: * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:05:26 2004 ** Outstanding Requests: * msgid 1, origid 1, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=1, all=1 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid 1, all 1 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type bind msgid 1, original id 1 ber_scanf fmt ({iaa) ber: ber_scanf fmt ({iaa}) ber: new result: res_errno: 0, res_error: <>, res_matched: <> read1msg: 0 new referrals read1msg: mark request completed, id = 1 request 1 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 1, msgid 1) ldap_free_connection ldap_free_connection: refcnt 1 ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (}) ber: ldap_msgfree ldap_search_ext put_filter: "cn=mwt" put_filter: default put_simple_filter: "cn=mwt" ldap_send_initial_request ldap_send_server_request ber_flush: 58 bytes to sd 3 ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:05:26 2004 ** Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 2108 contents: ldap_read: message type search-entry msgid 2, original id 2 ldap_get_dn ber_scanf fmt ({a) ber: ldap_dn2ufn ldap_dn_normalize => ldap_bv2dn(CN=mwt,OU=Users,OU=IT Office,DC=cems,DC=umn,DC=edu,0) <= ldap_bv2dn(CN=mwt,OU=Users,OU=IT Office,DC=cems,DC=umn,DC=edu,0)=0 => ldap_dn2bv(64) <= ldap_dn2bv(mwt, Users, IT Office, cems.umn.edu,64)=0 ber_scanf fmt ({xx) ber: ldap_first_attribute ber_scanf fmt ({xl{) ber: ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: ldap_get_values_len ber_scanf fmt ({x{{a) ber: ber_scanf fmt (x}{a) ber: ber_scanf fmt ([V]) ber: ldap_next_attribute ber_scanf fmt ({ax}) ber: <truncated> ldap_next_attribute ldap_msgfree ldap_result msgid -1 ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid -1 wait4msg continue, msgid -1, all 0 ** Connections: * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:05:26 2004 ** Outstanding Requests: * msgid 2, origid 2, status InProgress outstanding referrals 0, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 69 contents: ldap_read: message type search-reference msgid 2, original id 2 ber_scanf fmt ({v}) ber: ldap_chase_v3referrals ldap_url_parse_ext(ldap://cems.umn.edu/CN=Configuration,DC=cems,DC=umn,DC=edu) re_encode_request: new msgid 3, new dn <CN=Configuration,DC=cems,DC=umn,DC=edu> ber_scanf fmt ({it) ber: ber_scanf fmt ({ae) ber: ldap_chase_v3referral: msgid 2, url "ldap://cems.umn.edu/CN=Configuration,DC=cems,DC=umn,DC=edu" ldap_send_server_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: TCP cems.umn.edu:389 ldap_new_socket: 5 ldap_prepare_socket: 5 ldap_connect_to_host: Trying 134.84.165.42:389 ldap_connect_timeout: fd: 5 tm: -1 async: 0 ldap_ndelay_on: 5 ldap_is_sock_ready: 5 ldap_ndelay_off: 5 ldap_int_sasl_open: host=phoenix.cems.umn.edu anonymous rebind via ldap_bind_s ldap_bind_s ldap_simple_bind_s ldap_sasl_bind_s ldap_sasl_bind ldap_send_initial_request ldap_send_server_request ber_flush: 14 bytes to sd 5 ldap_result msgid 4 ldap_chkResponseList for msgid=4, all=1 ldap_chkResponseList returns NULL wait4msg (infinite timeout), msgid 4 wait4msg continue, msgid 4, all 1 ** Connections: * host: cems.umn.edu port: 0 refcnt: 2 status: Connected last used: Mon Nov 1 12:05:26 2004 rebind in progress queue is empty * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 2 status: Connected last used: Mon Nov 1 12:05:26 2004 ** Outstanding Requests: * msgid 4, origid 4, status InProgress outstanding referrals 0, parent count 0 * msgid 2, origid 2, status InProgress outstanding referrals 1, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=4, all=1 ldap_chkResponseList returns NULL read1msg: msgid 4, all 1 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type search-result msgid 2, original id 2 ber_scanf fmt ({iaa) ber: ber_scanf fmt ({iaa}) ber: new result: res_errno: 0, res_error: <>, res_matched: <> read1msg: 0 new referrals read1msg: mark request completed, id = 2 ldap_free_connection ldap_free_connection: refcnt 1 ldap_int_select read1msg: msgid 4, all 1 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type bind msgid 4, original id 4 ber_scanf fmt ({iaa) ber: ber_scanf fmt ({iaa}) ber: new result: res_errno: 0, res_error: <>, res_matched: <> read1msg: 0 new referrals read1msg: mark request completed, id = 4 request 4 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 4, msgid 4) ldap_free_connection ldap_free_connection: refcnt 1 ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (}) ber: ldap_msgfree ber_flush: 75 bytes to sd 5 read1msg: 1 new referrals wait4msg continue, msgid -1, all 0 ** Connections: * host: cems.umn.edu port: 0 refcnt: 1 status: Connected last used: Mon Nov 1 12:05:26 2004 * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 1 status: Connected last used: Mon Nov 1 12:05:26 2004 ** Outstanding Requests: * msgid 3, origid 2, status InProgress outstanding referrals 0, parent count 1 * msgid 2, origid 2, status Request Completed outstanding referrals 1, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 79 contents: ldap_read: message type search-reference msgid 3, original id 2 ber_scanf fmt ({v}) ber: ldap_chase_v3referrals ldap_url_parse_ext(ldap://cems.umn.edu/CN=Schema,CN=Configuration,DC=cems,DC=umn,DC=edu) re_encode_request: new msgid 5, new dn <CN=Schema,CN=Configuration,DC=cems,DC=umn,DC=edu> ber_scanf fmt ({it) ber: ber_scanf fmt ({ae) ber: ldap_chase_v3referral: msgid 3, url "ldap://cems.umn.edu/CN=Schema,CN=Configuration,DC=cems,DC=umn,DC=edu" ldap_send_server_request ber_flush: 85 bytes to sd 5 read1msg: search ref chased, mark request chasing refs, id = 3 read1msg: 1 new referrals wait4msg continue, msgid -1, all 0 ** Connections: * host: cems.umn.edu port: 0 refcnt: 2 status: Connected last used: Mon Nov 1 12:05:26 2004 * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 1 status: Connected last used: Mon Nov 1 12:05:26 2004 ** Outstanding Requests: * msgid 5, origid 2, status InProgress outstanding referrals 0, parent count 1 * msgid 3, origid 2, status ChasingRefs outstanding referrals 0, parent count 1 * msgid 2, origid 2, status Request Completed outstanding referrals 2, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type search-result msgid 3, original id 2 ber_scanf fmt ({iaa) ber: ber_scanf fmt ({iaa}) ber: new result: res_errno: 0, res_error: <>, res_matched: <> read1msg: 0 new referrals read1msg: mark request completed, id = 3 merged parent (id 2) error info: result errno 0, error <>, matched <> ldap_free_connection ldap_free_connection: refcnt 1 wait4msg continue, msgid -1, all 0 ** Connections: * host: cems.umn.edu port: 0 refcnt: 1 status: Connected last used: Mon Nov 1 12:05:26 2004 * host: phoenix.cems.umn.edu port: 636 (default) refcnt: 1 status: Connected last used: Mon Nov 1 12:05:26 2004 ** Outstanding Requests: * msgid 5, origid 2, status InProgress outstanding referrals 0, parent count 1 * msgid 3, origid 2, status Request Completed outstanding referrals 0, parent count 1 * msgid 2, origid 2, status Request Completed outstanding referrals 1, parent count 0 ** Response Queue: Empty ldap_chkResponseList for msgid=-1, all=0 ldap_chkResponseList returns NULL ldap_int_select read1msg: msgid -1, all 0 ber_get_next ber_get_next: tag 0x30 len 16 contents: ldap_read: message type search-result msgid 5, original id 2 ber_scanf fmt ({iaa) ber: ber_scanf fmt ({iaa}) ber: new result: res_errno: 0, res_error: <>, res_matched: <> read1msg: 0 new referrals read1msg: mark request completed, id = 5 merged parent (id 2) error info: result errno 0, error <>, matched <> request 2 done res_errno: 0, res_error: <>, res_matched: <> ldap_free_request (origid 2, msgid 2) ldap_free_request (origid 2, msgid 5) ldap_free_request (origid 2, msgid 3) ldap_free_connection ldap_send_unbind ber_flush: 7 bytes to sd 5 ldap_free_connection: actually freed ldap_parse_result ber_scanf fmt ({iaa) ber: ber_scanf fmt (}) ber: ldap_err2string ldap_unbind ldap_free_connection ldap_send_unbind ber_flush: 7 bytes to sd 3 ldap_free_connection: actually freed # extended LDIF # # LDAPv3 # base <dc=cems,dc=umn,dc=edu> with scope sub # filter: cn=mwt # requesting: ALL <truncated actual search results, but it did return the correct information> # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 Let me know if you need anymore. --Mike >Is ldapsearch(1) hanging with or without -C? > >At 11:35 AM 10/28/2004, Mike Thomas wrote: > > >>Hello, >> >>I've never hacked around the OpenLDAP sources before, so forgive me if I've applied an uneducated fix, but after reading the diff between openldap 2.1.28 (working) and 2.1.29 (unworking) I went through and found the problem that was causing the referral hanging problem. >> >>This is with OpenLDAP 2.1.30 >> >>Here's the segment of code (lines 805-807) >> >> if ( lc != NULL ) { >> ldap_free_connection( ld, lc, 0, 1 ); >> *lcp = NULL; >> } >> >>removing (or commenting out) the *lcp = NULL; statement on line 807 resolves this problem. The searches now chase referrals correctly >>and the search terminates instead of hangs. Like I said before, I'm fairly uneducated when it comes to the OpenLDAP code, I do not know if this fix introduces and other problems, but I thought since there was no progess (or stalled progress) on this bug, I'd investigate this myself. >> >>--Mike >> >> >> > > > >
Output with -d -l would be useful. (Be sure to redact embedded password -- or use a throw-away password).
Kurt, Here's the debug output from the command, I've gzip'd it since it was 7.3mb and attached it. I've left the password in the command in case you'd like to test against our active directory, it will be changed in a few days however. ldapsearch -H ldaps://phoenix.cems.umn.edu -x -b "dc=cems,dc=umn,dc=edu" -s "sub" -D "cn=nssldap,ou=Users,ou=IT Office,dc=cems,dc=umn,dc=edu" -w '$#**(MikeRocks)' "cn=mwt" -d -1 > debug_output.txt 2>&1 >Output with -d -l would be useful. (Be sure to redact embedded >password -- or use a throw-away password). > > >
I posted the debug output requested with an attachment however it was rejected on one of the lists due to being too big, so I put it up on a website, the url for the debug output for the command ldapsearch -H ldaps://phoenix.cems.umn.edu -x -b "dc=cems,dc=umn,dc=edu" -s "sub" -D "cn=nssldap,ou=Users,ou=IT Office,dc=cems,dc=umn,dc=edu" -w '$#**(MikeRocks)' "cn=mwt" -d -1 > debug_output.txt 2>&1 is located at http://calamity.cems.umn.edu/~mwt/debug_output.txt.gz Thanks, --Mike
I could not duplicate this problem in either OPENLDAP_REL_ENG_2_2 (equivalent to 2.2.18) nor HEAD. If you are not using the latest version of OpenLDAP, please update and re-test. Thanks, Kurt At 09:02 AM 11/5/2004, mwt@cems.umn.edu wrote: >I posted the debug output requested with an attachment however it was >rejected on one of the lists due to being too big, so I put it up on a >website, the url for the debug output for the command > >ldapsearch -H ldaps://phoenix.cems.umn.edu -x -b "dc=cems,dc=umn,dc=edu" >-s "sub" -D "cn=nssldap,ou=Users,ou=IT Office,dc=cems,dc=umn,dc=edu" -w >'$#**(MikeRocks)' "cn=mwt" -d -1 > debug_output.txt 2>&1 > >is located at http://calamity.cems.umn.edu/~mwt/debug_output.txt.gz > >Thanks, > >--Mike
Sure enough, works fine with OpenLDAP 2.2.18, however, it does not work in 2.1.30. Since this is the release that is included in all debian releases at the moment, is there a chance of localizing the reason this problem occured and backporting it to the 2.1.x branch as a bug fix? --Mike >I could not duplicate this problem in either OPENLDAP_REL_ENG_2_2 >(equivalent to 2.2.18) nor HEAD. If you are not using the latest >version of OpenLDAP, please update and re-test. Thanks, Kurt > >At 09:02 AM 11/5/2004, mwt@cems.umn.edu wrote: > > >>I posted the debug output requested with an attachment however it was >>rejected on one of the lists due to being too big, so I put it up on a >>website, the url for the debug output for the command >> >>ldapsearch -H ldaps://phoenix.cems.umn.edu -x -b "dc=cems,dc=umn,dc=edu" >>-s "sub" -D "cn=nssldap,ou=Users,ou=IT Office,dc=cems,dc=umn,dc=edu" -w >>'$#**(MikeRocks)' "cn=mwt" -d -1 > debug_output.txt 2>&1 >> >>is located at http://calamity.cems.umn.edu/~mwt/debug_output.txt.gz >> >>Thanks, >> >>--Mike >> >> > > >
At 10:11 AM 11/5/2004, mwt@cems.umn.edu wrote: >Sure enough, works fine with OpenLDAP 2.2.18, Okay, then this issue will be closed. >however, it does not work in 2.1.30. 2.1 is historic. >Since this is the release that is included in all debian >releases at the moment, is there a chance of localizing the reason this >problem occured and backporting it to the 2.1.x branch as a bug fix? Well, the code is all there... But from a project perspective, as 2.1 is historic, it very unlikely that the project would undertake engineering another 2.1 patch release. Thanks, Kurt
changed notes changed state Open to Closed
Based upon other feedback, it seems that latest release of OpenLDAP Software (2.2.18) does not suffer from this problem. Hence, this issue will be closed. If you believe the produce remains in latest release, please provide detailed information. Thanks, Kurt
Hi Kurt and other OpenLDAP people, Kurt Zeilenga wrote: > Based upon other feedback, it seems that latest release of OpenLDAP Software > (2.2.18) does not suffer from this problem. Hence, this issue will be closed. > If you believe the produce remains in latest release, please provide detailed > information. I can confirm the problem is fixed (tried 2.2.19 today). Sorry for not getting back earlier, was on holiday :-) Regards and thanks, Paul Boven.
moved from Software Bugs to Archive.Software Bugs
Relates back to ITS#2982 confirmed fixed in 2.2.18