Logged in as guest
Viewing Archive.Software Bugs/25 Full headers
Major security issue: yes no
Notes: Fixed as detailed in followup #2 Released with 1.1.2. Notification:
Date: Mon, 28 Dec 1998 16:05:06 -0800 To: openldap-its@OpenLDAP.Org From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org> Subject: ldapmodify failure ...
--=====================_914918706==_ Content-Type: text/plain; charset="us-ascii" This is a bug. Verified using by enabling schema checking in tests/data/slapd-master.conf. Kurt >To: ldap@umich.edu, openldap-general@openldap.org >From: Anthony Brock <abrock@georgefox.edu> >Subject: ldapmodify failure ... >Sender: owner-openldap-general@openldap.org >X-Rcpt-To: UNKNOWN- > >I am having problems with openldap 1.1.1 (it is the same for openldap >1.1.0) on Solaris 2.6 and 2.7 (sparc). > >When adding an entry to the database I receive the error: > ># ldapmodify -a -h localhost -D "cn=root,o=George Fox University,c=US" -w >xxxxxxxxxxxx < test >adding new entry cn=Administrators, o=George Fox University, c=US >ldap_add: Object class violation > ># > >This error occurs both with current entries in the database (created with >ldif2ldbm) or on an empty database. I have included a log of what the >server says during this (slapd debug file.txt) and my slapd.conf file. All >remaining files are from the stock-distribution. > >PLEASE give me a clue what is happening here. This has ground my >development to a halt. Thanks in advance, > >Tony > >******** >* test * >******** >dn: cn=Administrators, o=George Fox University, c=US >objectclass: top >objectclass: groupOfNames >cn: Administrators >owner: cn=Admin, o=George Fox University, c=US >member: cn=Admin, o=George Fox University, c=US > >************** >* slapd.conf * >************** >include /usr/local/etc/openldap/slapd.at.conf >include /usr/local/etc/openldap/slapd.oc.conf >schemacheck on ># referral ldap://ldap.itd.umich.edu > >####################################################################### ># Setup access controls >####################################################################### > >access to attrs=userPassword by self write by dn="cn=Admin,o=George Fox >University,c=US" write by dn="cn=Web Master,o=George Fox University,c=US" >compare by * none by dn="^$" none > >access to attrs=member,entry by dnattr=owner write > >access to attrs=universityID by * none by dn="^$" none > >access to attrs=cn by * read > >access to attrs=uid by * read > >access to attrs=uidNumber by * read > >access to * by self write > >####################################################################### ># ldbm database definitions >####################################################################### > >database ldbm >suffix "o=George Fox University, c=US" >directory /usr/tmp/ldap >rootdn "cn=root, o=George Fox University, c=US" >rootpw xxxxxxxxxxxx > > >============================================================================ >Anthony W. Brock Directory of Network Services >abrock@georgefox.edu George Fox Univerisity >---------------------------------------------------------------------------- > --=====================_914918706==_ Content-Type: text/plain; charset="us-ascii" Content-Disposition: attachment; filename="slapd_debug_file1.txt" slapd 1.1.1-Release (Mon Dec 28 10:48:04 PST 1998) root@dns1:/usr/local/archives/ldap/servers/slapd ACL: access to attrs=userPassword by dn=self by dn=CN=ADMIN,O=GEORGE FOX UNIVERSITY,C=US by dn=CN=WEB MASTER,O=GEORGE FOX UNIVERSITY,C=US by dn=.* by dn=^$ ACL: access to attrs=member,entry by dnattr=owner ACL: access to attrs=universityID by dn=.* by dn=^$ ACL: access to attrs=cn by dn=.* ACL: access to attrs=uid by dn=.* ACL: access to attrs=uidNumber by dn=.* ACL: access to dn=.* by dn=self slapd starting do_bind do_bind: version 2 dn (cn=root,o=George Fox University,c=US) method 128 dn2entry_r: dn: cn=root,o=George Fox University,c=US => dn2id( "cn=root,o=George Fox University,c=US" ) => ldbm_cache_open( "/usr/tmp/ldap/dn2id.gdbm", 2, 600 ) <= ldbm_cache_open (opened 0) <= dn2id NOID dn2entry_r: dn: o=George Fox University,c=US => dn2id( "o=George Fox University,c=US" ) => ldbm_cache_open( "/usr/tmp/ldap/dn2id.gdbm", 2, 600 ) <= ldbm_cache_open (cache 0) <= dn2id 1 => id2entry_r( 1 ) => ldbm_cache_open( "/usr/tmp/ldap/id2entry.gdbm", 2, 600 ) <= ldbm_cache_open (opened 1) => str2entry <= str2entry 0x96288 <= id2entry_r( 1 ) (disk) ====> cache_return_entry_r send_ldap_result 0:: do_add => dn2id( "cn=Administrators,o=George Fox University,c=US" ) => ldbm_cache_open( "/usr/tmp/ldap/dn2id.gdbm", 2, 600 ) <= ldbm_cache_open (cache 0) <= dn2id NOID Entry (cn=Administrators, o=George Fox University, c=US), required attr (top) missing Entry (cn=Administrators, o=George Fox University, c=US), required attr (groupOfNames) missing entry failed schema check send_ldap_result 65:: do_unbind slapd got shutdown signal 2 slapd got do_nothing signal 1
Date: Mon, 28 Dec 1998 16:09:31 -0800 To: openldap-its@OpenLDAP.Org From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org> Subject: Re: ldapmodify failure ... (ITS#25)
The following modifications to test suite hilites the problem. >From: kurt@openldap.org >To: OpenLDAP Commit <openldap-commit@openldap.org> >Subject: commit: pkg/ldap/tests/data slapd-master.conf slapd.oc.conf > >Update of /repo/OpenLDAP/pkg/ldap/tests/data > >Modified Files: > slapd-master.conf 1.2 -> 1.3 > slapd.oc.conf 1.1.3.1 -> 1.2
Date: Mon, 28 Dec 1998 16:10:11 -0800 To: openldap-its@OpenLDAP.Org From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.Org> Subject: Re: ldapmodify failure ... (ITS#25)
The following fix appears to resolve the problem. >From: kurt@openldap.org >To: OpenLDAP Commit <openldap-commit@openldap.org> >Subject: commit: pkg/ldap/servers/slapd charray.c schema.c > >Update of /repo/OpenLDAP/pkg/ldap/servers/slapd > >Modified Files: > charray.c 1.6 -> 1.7 > schema.c 1.5 -> 1.6 > >Log Message: >Fix schema check bug... actually charray needs to dup strings on >add/merge as we now free strings agressively. Improved debug >message to include name of missing required attribute and added >check for 'operational attributes'. This check should be used >everywhere we need to test for operational attributes (add/modify).
______________ © Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org
