Hello community, here is the log from the commit of package openldap2 for openSUSE:Factory checked in at 2020-09-10 22:45:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/openldap2 (Old) and /work/SRC/openSUSE:Factory/.openldap2.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "openldap2" Thu Sep 10 22:45:25 2020 rev:157 rq:832824 version:unknown Changes: -------- --- /work/SRC/openSUSE:Factory/openldap2/openldap2.changes 2020-09-01 20:03:45.176490963 +0200 +++ /work/SRC/openSUSE:Factory/.openldap2.new.4249/openldap2.changes 2020-09-10 22:45:29.655682780 +0200 @@ -1,0 +2,14 @@ +Mon Sep 7 15:58:31 UTC 2020 - Michael Ströder <[email protected]> + +- updated to 2.4.53 + +OpenLDAP 2.4.53 (2020/09/07) + Added slapd syncrepl additional SYNC logging (ITS#9043) + Fixed slapd syncrepl segfault on NULL cookie on REFRESH (ITS#9282) + Fixed slapd syncrepl to use fresh connection on REFRESH fallback (ITS#9338) + Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302,ITS#9334) + Build + Require OpenSSL 1.0.2 or later (ITS#9323) + Fixed libldap compilation issue with broken C compilers (ITS#9332) + +------------------------------------------------------------------- Old: ---- openldap-2.4.52.tgz New: ---- openldap-2.4.53.tgz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ openldap2.spec ++++++ --- /var/tmp/diff_new_pack.8gjNCF/_old 2020-09-10 22:45:31.167684173 +0200 +++ /var/tmp/diff_new_pack.8gjNCF/_new 2020-09-10 22:45:31.167684173 +0200 @@ -22,7 +22,7 @@ %endif %define run_test_suite 0 -%define version_main 2.4.52 +%define version_main 2.4.53 %define name_ppolicy_check_module ppolicy-check-password %define version_ppolicy_check_module 1.2 %define ppolicy_docdir %{_docdir}/openldap-%{name_ppolicy_check_module}-%{version_ppolicy_check_module} ++++++ openldap-2.4.52.tgz -> openldap-2.4.53.tgz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/CHANGES new/openldap-2.4.53/CHANGES --- old/openldap-2.4.52/CHANGES 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/CHANGES 2020-09-07 17:13:36.000000000 +0200 @@ -1,5 +1,14 @@ OpenLDAP 2.4 Change Log +OpenLDAP 2.4.53 (2020/09/07) + Added slapd syncrepl additional SYNC logging (ITS#9043) + Fixed slapd syncrepl segfault on NULL cookie on REFRESH (ITS#9282) + Fixed slapd syncrepl to use fresh connection on REFRESH fallback (ITS#9338) + Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302,ITS#9334) + Build + Require OpenSSL 1.0.2 or later (ITS#9323) + Fixed libldap compilation issue with broken C compilers (ITS#9332) + OpenLDAP 2.4.52 (2020/08/28) Added libldap LDAP_OPT_X_TLS_REQUIRE_SAN option (ITS#9318) Added libldap OpenSSL support for multiple EECDH curves (ITS#9054) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/build/version.var new/openldap-2.4.53/build/version.var --- old/openldap-2.4.52/build/version.var 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/build/version.var 2020-09-07 17:13:36.000000000 +0200 @@ -15,9 +15,9 @@ ol_package=OpenLDAP ol_major=2 ol_minor=4 -ol_patch=52 -ol_api_inc=20452 +ol_patch=53 +ol_api_inc=20453 ol_api_current=13 -ol_api_revision=0 +ol_api_revision=1 ol_api_age=11 -ol_release_date="2020/08/28" +ol_release_date="2020/09/07" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/clients/tools/common.c new/openldap-2.4.53/clients/tools/common.c --- old/openldap-2.4.52/clients/tools/common.c 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/clients/tools/common.c 2020-09-07 17:13:36.000000000 +0200 @@ -182,6 +182,8 @@ enum { Intr_None = 0, Intr_Abandon, Intr_Cancel, Intr_Ignore }; static volatile sig_atomic_t gotintr, abcan; +int backlog; + #ifdef LDAP_CONTROL_X_SESSION_TRACKING static int @@ -672,6 +674,13 @@ gotintr = abcan; } + } else if ( strcasecmp( control, "backlog" ) == 0 ) { + /* special search: accumulate lots of responses + * but don't read any, force slapd writer to wait. + * Then abandon the search and issue a new one. + */ + backlog = 1; + } else if ( tool_is_oid( control ) ) { LDAPControl *tmpctrls, ctrl; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/clients/tools/common.h new/openldap-2.4.53/clients/tools/common.h --- old/openldap-2.4.52/clients/tools/common.h 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/clients/tools/common.h 2020-09-07 17:13:36.000000000 +0200 @@ -98,6 +98,9 @@ extern ber_int_t vlvCount; extern struct berval *vlvContext; +/* features */ +extern int backlog; + /* options */ extern struct timeval nettimeout; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/clients/tools/ldapsearch.c new/openldap-2.4.53/clients/tools/ldapsearch.c --- old/openldap-2.4.52/clients/tools/ldapsearch.c 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/clients/tools/ldapsearch.c 2020-09-07 17:13:36.000000000 +0200 @@ -1420,6 +1420,7 @@ tv_timelimitp = &tv_timelimit; } +again: rc = ldap_search_ext( ld, base, scope, filter, attrs, attrsonly, sctrls, cctrls, tv_timelimitp, sizelimit, &msgid ); @@ -1443,6 +1444,21 @@ tvp = &tv; } + if ( backlog == 1 ) { + printf( _("\nWaiting for responses to accumulate, press Enter to continue: ")); + fflush( stdout ); + getchar(); + printf( _("Abandoning msgid %d\n"), msgid ); + ldap_abandon_ext( ld, msgid, NULL, NULL ); + /* turn off syncrepl control */ + ldap_set_option( ld, LDAP_OPT_SERVER_CONTROLS, NULL ); + backlog = 2; + scope = LDAP_SCOPE_BASE; + goto again; + } else if ( backlog == 2 ) { + tv.tv_sec = timelimit; + } + while ((rc = ldap_result( ld, LDAP_RES_ANY, sortattr ? LDAP_MSG_ALL : LDAP_MSG_ONE, tvp, &res )) > 0 ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/configure new/openldap-2.4.53/configure --- old/openldap-2.4.52/configure 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/configure 2020-09-07 17:13:36.000000000 +0200 @@ -1,5 +1,5 @@ #! /bin/sh -# From configure.in Id: 37293e618797a957ebe6b5f7b9479e9165e1362b . +# From configure.in Id: 1c7bad4c0b18f9e988c4b161a996f5078917430e . # Guess values for system-dependent variables and create Makefiles. # Generated by GNU Autoconf 2.65. # @@ -15472,6 +15472,23 @@ if test $ac_cv_header_openssl_ssl_h = yes ; then + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <openssl/opensslv.h> + #if OPENSSL_VERSION_NUMBER < 0x1000200fL + #error "OpenSSL is too old" + #endif +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error "OpenSSL 1.0.2a or newer required +See \`config.log' for more details." "$LINENO" 5; } +fi +rm -f conftest.err conftest.$ac_ext + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for SSL_CTX_set_msg_callback in -lssl" >&5 $as_echo_n "checking for SSL_CTX_set_msg_callback in -lssl... " >&6; } if test "${ac_cv_lib_ssl_SSL_CTX_set_msg_callback+set}" = set; then : diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/configure.in new/openldap-2.4.53/configure.in --- old/openldap-2.4.52/configure.in 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/configure.in 2020-09-07 17:13:36.000000000 +0200 @@ -25,7 +25,7 @@ dnl Configure.in for OpenLDAP AC_COPYRIGHT([[Copyright 1998-2020 The OpenLDAP Foundation. All rights reserved. Restrictions apply, see COPYRIGHT and LICENSE files.]]) -AC_REVISION([$Id: 37293e618797a957ebe6b5f7b9479e9165e1362b $]) +AC_REVISION([$Id: 1c7bad4c0b18f9e988c4b161a996f5078917430e $]) AC_INIT([OpenLDAP],,[http://www.openldap.org/its/]) m4_define([AC_PACKAGE_BUGREPORT],[<http://www.openldap.org/its/>]) AC_CONFIG_SRCDIR(build/version.sh)dnl @@ -1164,6 +1164,13 @@ AC_CHECK_HEADERS(openssl/ssl.h) if test $ac_cv_header_openssl_ssl_h = yes ; then + AC_PREPROC_IFELSE([AC_LANG_SOURCE( + [[#include <openssl/opensslv.h>] + [#if OPENSSL_VERSION_NUMBER < 0x1000200fL] + [#error "OpenSSL is too old"] + [#endif]])], + , [AC_MSG_FAILURE([OpenSSL 1.0.2a or newer required])]) + AC_CHECK_LIB(ssl, SSL_CTX_set_msg_callback, [have_openssl=yes need_rsaref=no], [have_openssl=no], diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/doc/guide/admin/appendix-recommended-versions.sdf new/openldap-2.4.53/doc/guide/admin/appendix-recommended-versions.sdf --- old/openldap-2.4.52/doc/guide/admin/appendix-recommended-versions.sdf 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/doc/guide/admin/appendix-recommended-versions.sdf 2020-09-07 17:13:36.000000000 +0200 @@ -15,7 +15,7 @@ !block table; align=Center; coltags="N,EX,EX"; title="Table 8.5: OpenLDAP Software Dependency Versions" Feature|Software|Version {{TERM[expand]TLS}}: -|{{PRD:OpenSSL}}|0.9.7+ +|{{PRD:OpenSSL}}|1.0.2+ |{{PRD:GnuTLS}}|2.12.0 |{{PRD:MozNSS}}|3.12.9 {{TERM[expand]SASL}}|{{PRD:Cyrus SASL}}|2.1.21+ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/doc/guide/admin/guide.html new/openldap-2.4.53/doc/guide/admin/guide.html --- old/openldap-2.4.52/doc/guide/admin/guide.html 2020-08-28 19:32:17.000000000 +0200 +++ new/openldap-2.4.53/doc/guide/admin/guide.html 2020-09-07 17:20:08.000000000 +0200 @@ -23,7 +23,7 @@ <DIV CLASS="title"> <H1 CLASS="doc-title">OpenLDAP Software 2.4 Administrator's Guide</H1> <ADDRESS CLASS="doc-author">The OpenLDAP Project <<A HREF="http://www.openldap.org/";>http://www.openldap.org/</A>></ADDRESS> -<ADDRESS CLASS="doc-modified">28 August 2020</ADDRESS> +<ADDRESS CLASS="doc-modified">7 September 2020</ADDRESS> <BR CLEAR="All"> </DIV> <DIV CLASS="contents"> @@ -8982,7 +8982,7 @@ <TT> <A HREF="http://www.openssl.org/";>OpenSSL</A></TT> </TD> <TD> -<TT>0.9.7+</TT> +<TT>1.0.2+</TT> </TD> </TR> <TR> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/libraries/libldap/ldap-int.h new/openldap-2.4.53/libraries/libldap/ldap-int.h --- old/openldap-2.4.52/libraries/libldap/ldap-int.h 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/libraries/libldap/ldap-int.h 2020-09-07 17:13:36.000000000 +0200 @@ -263,7 +263,7 @@ int ldo_tls_impl; int ldo_tls_crlcheck; int ldo_tls_require_san; -#define LDAP_LDO_TLS_NULLARG ,0,0,0,{0,0,0,0,0,0,0,0,0},0,0,0,0 +#define LDAP_LDO_TLS_NULLARG ,0,0,0,{0,0,0,0,0,0,0,0,0},0,0,0,0,0 #else #define LDAP_LDO_TLS_NULLARG #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/servers/slapd/ctxcsn.c new/openldap-2.4.53/servers/slapd/ctxcsn.c --- old/openldap-2.4.52/servers/slapd/ctxcsn.c 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/servers/slapd/ctxcsn.c 2020-09-07 17:13:36.000000000 +0200 @@ -209,6 +209,8 @@ if ( csn == NULL ) return LDAP_OTHER; csn->bv_len = ldap_pvt_csnstr( csn->bv_val, csn->bv_len, slap_serverID, 0 ); + Debug( LDAP_DEBUG_SYNC, "slap_get_csn: %s generated new csn=%s manage=%d\n", + op->o_log_prefix, csn->bv_val, manage_ctxcsn ); if ( manage_ctxcsn ) slap_queue_csn( op, csn ); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/servers/slapd/overlays/ppolicy.c new/openldap-2.4.53/servers/slapd/overlays/ppolicy.c --- old/openldap-2.4.52/servers/slapd/overlays/ppolicy.c 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/servers/slapd/overlays/ppolicy.c 2020-09-07 17:13:36.000000000 +0200 @@ -995,12 +995,12 @@ LDAPControl *ctrl = NULL; Entry *e; + ldap_pvt_thread_mutex_lock( &pi->pwdFailureTime_mutex ); /* If we already know it's locked, just get on with it */ if ( ppb->pErr != PP_noError ) { goto locked; } - ldap_pvt_thread_mutex_lock( &pi->pwdFailureTime_mutex ); op->o_bd->bd_info = (BackendInfo *)on->on_info; rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e ); op->o_bd->bd_info = bi; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/servers/slapd/overlays/syncprov.c new/openldap-2.4.53/servers/slapd/overlays/syncprov.c --- old/openldap-2.4.52/servers/slapd/overlays/syncprov.c 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/servers/slapd/overlays/syncprov.c 2020-09-07 17:13:36.000000000 +0200 @@ -325,10 +325,18 @@ if ( type ) { switch ( type ) { case LDAP_TAG_SYNC_NEW_COOKIE: + Debug( LDAP_DEBUG_SYNC, "%s syncprov_sendinfo: " + "sending a new cookie=%s\n", + op->o_log_prefix, cookie->bv_val, 0 ); ber_printf( ber, "tO", type, cookie ); break; case LDAP_TAG_SYNC_REFRESH_DELETE: case LDAP_TAG_SYNC_REFRESH_PRESENT: + Debug( LDAP_DEBUG_SYNC, "%s syncprov_sendinfo: " + "%s cookie=%s\n", + op->o_log_prefix, + type == LDAP_TAG_SYNC_REFRESH_DELETE ? "refreshDelete" : "refreshPresent", + cookie ? cookie->bv_val : "" ); ber_printf( ber, "t{", type ); if ( cookie ) { ber_printf( ber, "O", cookie ); @@ -339,6 +347,10 @@ ber_printf( ber, "N}" ); break; case LDAP_TAG_SYNC_ID_SET: + Debug( LDAP_DEBUG_SYNC, "%s syncprov_sendinfo: " + "%s syncIdSet cookie=%s\n", + op->o_log_prefix, refreshDeletes ? "delete" : "present", + cookie ? cookie->bv_val : "" ); ber_printf( ber, "t{", type ); if ( cookie ) { ber_printf( ber, "O", cookie ); @@ -351,8 +363,8 @@ break; default: Debug( LDAP_DEBUG_TRACE, - "syncprov_sendinfo: invalid syncinfo type (%d)\n", - type, 0, 0 ); + "%s syncprov_sendinfo: invalid syncinfo type (%d)\n", + op->o_log_prefix, type, 0 ); return LDAP_OTHER; } } @@ -471,6 +483,7 @@ fop.ors_filter = &generic_filter; fop.ors_filterstr = generic_filterstr; + Debug( LDAP_DEBUG_SYNC, "%s syncprov_findbase: searching\n", op->o_log_prefix, 0, 0 ); rc = fop.o_bd->be_search( &fop, &frs ); } else { ldap_pvt_thread_mutex_unlock( &fc->fss->s_mutex ); @@ -633,6 +646,15 @@ srs = op->o_controls[slap_cids.sc_LDAPsync]; } + Debug( LDAP_DEBUG_SYNC, "%s syncprov_findcsn: mode=%s csn=%s\n", + op->o_log_prefix, + mode == FIND_MAXCSN ? + "FIND_MAXCSN" : + mode == FIND_CSN ? + "FIND_CSN" : + "FIND_PRESENT", + csn ? csn->bv_val : "" ); + fop = *op; fop.o_sync_mode &= SLAP_CONTROL_MASK; /* turn off sync_mode */ /* We want pure entries, not referrals */ @@ -753,6 +775,10 @@ break; case FIND_CSN: /* If matching CSN was not found, invalidate the context. */ + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_findcsn: csn%s=%s %sfound\n", + op->o_log_prefix, + cf.f_choice == LDAP_FILTER_EQUALITY ? "=" : "<", + cf.f_av_value.bv_val, cb.sc_private ? "" : "not " ); if ( !cb.sc_private ) { /* If we didn't find an exact match, then try for <= */ if ( findcsn_retry ) { @@ -859,11 +885,11 @@ #ifdef LDAP_DEBUG if ( so->s_sid > 0 ) { - Debug( LDAP_DEBUG_SYNC, "syncprov_sendresp: to=%03x, cookie=%s\n", - so->s_sid, cookie.bv_val, 0 ); + Debug( LDAP_DEBUG_SYNC, "%s syncprov_sendresp: to=%03x, cookie=%s\n", + op->o_log_prefix, so->s_sid, cookie.bv_val ); } else { - Debug( LDAP_DEBUG_SYNC, "syncprov_sendresp: cookie=%s\n", - cookie.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_SYNC, "%s syncprov_sendresp: cookie=%s\n", + op->o_log_prefix, cookie.bv_val, 0 ); } #endif @@ -890,10 +916,17 @@ } /* fallthru */ case LDAP_SYNC_MODIFY: + Debug( LDAP_DEBUG_SYNC, "%s syncprov_sendresp: sending %s, dn=%s\n", + op->o_log_prefix, + mode == LDAP_SYNC_ADD ? "LDAP_SYNC_ADD" : "LDAP_SYNC_MODIFY", + e_uuid.e_nname.bv_val ); rs.sr_attrs = op->ors_attrs; rs.sr_err = send_search_entry( op, &rs ); break; case LDAP_SYNC_DELETE: + Debug( LDAP_DEBUG_SYNC, "%s syncprov_sendresp: " + "sending LDAP_SYNC_DELETE, dn=%s\n", + op->o_log_prefix, ri->ri_dn.bv_val, 0 ); e_uuid.e_attrs = NULL; e_uuid.e_name = ri->ri_dn; e_uuid.e_nname = ri->ri_ndn; @@ -1096,6 +1129,9 @@ slap_compose_sync_cookie( NULL, &ri->ri_cookie, si->si_ctxcsn, so->s_rid, slap_serverID ? slap_serverID : -1); } + Debug( LDAP_DEBUG_SYNC, "%s syncprov_qresp: " + "set up a new syncres mode=%d csn=%s\n", + so->s_op->o_log_prefix, mode, csn.bv_val ); ldap_pvt_thread_mutex_unlock( &ri->ri_mutex ); ldap_pvt_thread_mutex_lock( &so->s_mutex ); @@ -1222,6 +1258,9 @@ e = opc->se; } if ( rc ) { + Debug( LDAP_DEBUG_SYNC, "%s syncprov_matchops: " + "%s check, error finding entry dn=%s in database\n", + op->o_log_prefix, saveit ? "initial" : "final", fc.fdn->bv_val ); op->o_bd = b0; return; } @@ -1241,6 +1280,9 @@ a = attr_find( e->e_attrs, slap_schema.si_ad_entryUUID ); if ( a ) ber_dupbv_x( &opc->suuid, &a->a_nvals[0], op->o_tmpmemctx ); + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_matchops: " + "%srecording uuid for dn=%s on opc=%p\n", + op->o_log_prefix, a ? "" : "not ", opc->sdn.bv_val, opc ); } else if ( op->o_tag == LDAP_REQ_MODRDN && !saveit ) { op->o_tmpfree( opc->sndn.bv_val, op->o_tmpmemctx ); op->o_tmpfree( opc->sdn.bv_val, op->o_tmpmemctx ); @@ -1470,6 +1512,10 @@ assert( !syn->ssyn_validate( syn, si->si_ctxcsn+i )); } #endif + + Debug( LDAP_DEBUG_SYNC, "%s syncprov_checkpoint: running checkpoint\n", + op->o_log_prefix, 0, 0 ); + mod.sml_numvals = si->si_numcsns; mod.sml_values = si->si_ctxcsn; mod.sml_nvalues = NULL; @@ -1571,6 +1617,17 @@ se->se_sid = slap_parse_csn_sid( &se->se_csn ); ldap_pvt_thread_mutex_lock( &sl->sl_mutex ); + if ( LogTest( LDAP_DEBUG_SYNC ) ) { + char uuidstr[40] = {}; + if ( !BER_BVISEMPTY( &opc->suuid ) ) { + lutil_uuidstr_from_normalized( opc->suuid.bv_val, opc->suuid.bv_len, + uuidstr, 40 ); + } + + Debug( LDAP_DEBUG_SYNC, "%s syncprov_add_slog: " + "adding csn=%s to sessionlog, uuid=%s\n", + op->o_log_prefix, se->se_csn.bv_val, uuidstr ); + } if ( sl->sl_head ) { /* Keep the list in csn order. */ if ( ber_bvcmp( &sl->sl_tail->se_csn, &se->se_csn ) <= 0 ) { @@ -1605,13 +1662,22 @@ int i; se = sl->sl_head; sl->sl_head = se->se_next; + Debug( LDAP_DEBUG_SYNC, "%s syncprov_add_slog: " + "expiring csn=%s from sessionlog (sessionlog size=%d)\n", + op->o_log_prefix, se->se_csn.bv_val, sl->sl_num ); for ( i=0; i<sl->sl_numcsns; i++ ) if ( sl->sl_sids[i] >= se->se_sid ) break; if ( i == sl->sl_numcsns || sl->sl_sids[i] != se->se_sid ) { + Debug( LDAP_DEBUG_SYNC, "%s syncprov_add_slog: " + "adding csn=%s to mincsn\n", + op->o_log_prefix, se->se_csn.bv_val, 0 ); slap_insert_csn_sids( (struct sync_cookie *)sl, i, se->se_sid, &se->se_csn ); } else { + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_add_slog: " + "updating mincsn for sid=%d csn=%s to %s\n", + op->o_log_prefix, se->se_sid, sl->sl_mincsn[i].bv_val, se->se_csn.bv_val ); ber_bvreplace( &sl->sl_mincsn[i], &se->se_csn ); } ch_free( se ); @@ -1671,7 +1737,15 @@ srs->sr_state.ctxcsn[0].bv_val, 0, 0 ); for ( se=sl->sl_head; se; se=se->se_next ) { int k; - Debug( LDAP_DEBUG_SYNC, "log csn %s\n", se->se_csn.bv_val, 0, 0 ); + + if ( LogTest( LDAP_DEBUG_SYNC ) ) { + char uuidstr[40]; + lutil_uuidstr_from_normalized( se->se_uuid.bv_val, se->se_uuid.bv_len, + uuidstr, 40 ); + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_playlog: " + "log entry tag=%lu uuid=%s cookie=%s\n", + op->o_log_prefix, se->se_tag, uuidstr, se->se_csn.bv_val ); + } ndel = 1; for ( k=0; k<srs->sr_state.numcsns; k++ ) { if ( se->se_sid == srs->sr_state.sids[k] ) { @@ -1680,7 +1754,8 @@ } } if ( ndel <= 0 ) { - Debug( LDAP_DEBUG_SYNC, "cmp %d, too old\n", ndel, 0, 0 ); + Debug( LDAP_DEBUG_SYNC, "%s syncprov_playlog: " + "cmp %d, too old\n", op->o_log_prefix, ndel, 0 ); continue; } ndel = 0; @@ -1691,7 +1766,8 @@ } } if ( ndel > 0 ) { - Debug( LDAP_DEBUG_SYNC, "cmp %d, too new\n", ndel, 0, 0 ); + Debug( LDAP_DEBUG_SYNC, "%s syncprov_playlog: " + "cmp %d, too new\n", op->o_log_prefix, ndel, 0 ); break; } if ( se->se_tag == LDAP_REQ_DELETE ) { @@ -1709,6 +1785,16 @@ uuids[j].bv_val = uuids[0].bv_val + (j * UUID_LEN); AC_MEMCPY(uuids[j].bv_val, se->se_uuid.bv_val, UUID_LEN); uuids[j].bv_len = UUID_LEN; + + if ( LogTest( LDAP_DEBUG_SYNC ) ) { + char uuidstr[40]; + lutil_uuidstr_from_normalized( uuids[j].bv_val, uuids[j].bv_len, + uuidstr, 40 ); + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_playlog: " + "picking a %s entry uuid=%s cookie=%s\n", + op->o_log_prefix, se->se_tag == LDAP_REQ_DELETE ? "deleted" : "modified", + uuidstr, delcsn[0].bv_len ? delcsn[0].bv_val : "(null)" ); + } } ldap_pvt_thread_mutex_lock( &sl->sl_mutex ); sl->sl_playing--; @@ -1797,7 +1883,8 @@ slap_compose_sync_cookie( op, &cookie, delcsn, srs->sr_state.rid, slap_serverID ? slap_serverID : -1 ); - Debug( LDAP_DEBUG_SYNC, "syncprov_playlog: cookie=%s\n", cookie.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_SYNC, "%s syncprov_playlog: cookie=%s\n", + op->o_log_prefix, cookie.bv_val, 0 ); } uuids[ndel].bv_val = NULL; @@ -2379,7 +2466,8 @@ */ if ( !rs->sr_entry ) { assert( rs->sr_entry != NULL ); - Debug( LDAP_DEBUG_ANY, "bogus referral in context\n",0,0,0 ); + Debug( LDAP_DEBUG_ANY, "%s syncprov_search_response: " + "bogus referral in context\n", op->o_log_prefix, 0, 0 ); return SLAP_CB_CONTINUE; } a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryCSN ); @@ -2396,8 +2484,9 @@ for ( i=0; i<ss->ss_numcsns; i++ ) { if ( sid == ss->ss_sids[i] && ber_bvcmp( &a->a_nvals[0], &ss->ss_ctxcsn[i] ) > 0 ) { - Debug( LDAP_DEBUG_SYNC, + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_search_response: " "Entry %s CSN %s greater than snapshot %s\n", + op->o_log_prefix, rs->sr_entry->e_name.bv_val, a->a_nvals[0].bv_val, ss->ss_ctxcsn[i].bv_val ); @@ -2412,8 +2501,9 @@ if ( sid == srs->sr_state.sids[i] && ber_bvcmp( &a->a_nvals[0], &srs->sr_state.ctxcsn[i] )<= 0 ) { - Debug( LDAP_DEBUG_SYNC, + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_search_response: " "Entry %s CSN %s older or equal to ctx %s\n", + op->o_log_prefix, rs->sr_entry->e_name.bv_val, a->a_nvals[0].bv_val, srs->sr_state.ctxcsn[i].bv_val ); @@ -2445,7 +2535,8 @@ slap_compose_sync_cookie( op, &cookie, ss->ss_ctxcsn, srs->sr_state.rid, slap_serverID ? slap_serverID : -1 ); - Debug( LDAP_DEBUG_SYNC, "syncprov_search_response: cookie=%s\n", cookie.bv_val, 0, 0 ); + Debug( LDAP_DEBUG_SYNC, "%s syncprov_search_response: cookie=%s\n", + op->o_log_prefix, cookie.bv_val, 0 ); } /* Is this a regular refresh? @@ -2483,6 +2574,8 @@ /* Turn off the refreshing flag */ ss->ss_so->s_flags ^= PS_IS_REFRESHING; + Debug( LDAP_DEBUG_SYNC, "%s syncprov_search_response: " + "detaching op\n", op->o_log_prefix, 0, 0 ); syncprov_detach_op( op, ss->ss_so, on ); ldap_pvt_thread_mutex_unlock( &op->o_conn->c_mutex ); @@ -2524,6 +2617,11 @@ } srs = op->o_controls[slap_cids.sc_LDAPsync]; + Debug( LDAP_DEBUG_SYNC, "%s syncprov_op_search: " + "got a %ssearch with a cookie=%s\n", + op->o_log_prefix, + op->o_sync_mode & SLAP_SYNC_PERSIST ? "persistent ": "", + srs->sr_state.octet_str.bv_val ); /* If this is a persistent search, set it up right away */ if ( op->o_sync_mode & SLAP_SYNC_PERSIST ) { @@ -2587,6 +2685,8 @@ sop->s_si = si; si->si_ops = sop; ldap_pvt_thread_mutex_unlock( &si->si_ops_mutex ); + Debug( LDAP_DEBUG_SYNC, "%s syncprov_op_search: " + "registered persistent search\n", op->o_log_prefix, 0, 0 ); } /* snapshot the ctxcsn @@ -2646,6 +2746,9 @@ if (srs->sr_state.numcsns != numcsns) { /* consumer doesn't have the right number of CSNs */ + Debug( LDAP_DEBUG_SYNC, "%s syncprov_op_search: " + "consumer cookie is missing a csn we track\n", + op->o_log_prefix, 0, 0 ); changed = SS_CHANGED; if ( srs->sr_state.ctxcsn ) { ber_bvarray_free_x( srs->sr_state.ctxcsn, op->o_tmpmemctx ); @@ -2683,6 +2786,11 @@ /* our state is older, complain to consumer */ rs->sr_err = LDAP_UNWILLING_TO_PERFORM; rs->sr_text = "consumer state is newer than provider!"; + Log5( LDAP_DEBUG_SYNC, ldap_syslog_level, "%s syncprov_op_search: " + "consumer %d state %s is newer than provider %d state %s\n", + op->o_log_prefix, sids[i], srs->sr_state.ctxcsn[i].bv_val, + sids[j], /* == slap_serverID */ + ctxcsn[j].bv_val); bailout: if ( sop ) { syncops **sp = &si->si_ops; @@ -2720,6 +2828,9 @@ rs->sr_ctrls = NULL; return rs->sr_err; } + Debug( LDAP_DEBUG_SYNC, "%s syncprov_op_search: " + "no change, skipping log replay\n", + op->o_log_prefix, 0, 0 ); goto shortcut; } @@ -2772,6 +2883,9 @@ rs->sr_text = "sync cookie is stale"; goto bailout; } + Debug( LDAP_DEBUG_SYNC, "%s syncprov_op_search: " + "failed to find entry with csn=%s, ignoring cookie\n", + op->o_log_prefix, mincsn.bv_val, 0 ); if ( srs->sr_state.ctxcsn ) { ber_bvarray_free_x( srs->sr_state.ctxcsn, op->o_tmpmemctx ); srs->sr_state.ctxcsn = NULL; @@ -2858,6 +2972,9 @@ * us into persist phase */ if ( !changed && !dirty ) { + Debug( LDAP_DEBUG_SYNC, "%s syncprov_op_search: " + "nothing changed, finishing up initial search early\n", + op->o_log_prefix, 0, 0 ); rs->sr_err = LDAP_SUCCESS; rs->sr_nentries = 0; send_ldap_result( op, rs ); @@ -3145,6 +3262,10 @@ return rc; } + Debug( LDAP_DEBUG_SYNC, "syncprov_db_open: " + "starting syncprov for suffix %s\n", + be->be_suffix[0].bv_val, 0, 0 ); + thrctx = ldap_pvt_thread_pool_context(); connection_fake_init2( &conn, &opbuf, thrctx, 0 ); op = &opbuf.ob_op; @@ -3203,6 +3324,9 @@ si->si_numcsns = 1; si->si_sids = ch_malloc( sizeof(int) ); si->si_sids[0] = slap_serverID; + Debug( LDAP_DEBUG_SYNC, "syncprov_db_open: " + "generated a new ctxcsn=%s for suffix %s\n", + csn.bv_val, be->be_suffix[0].bv_val, 0 ); /* make sure we do a checkpoint on close */ si->si_numops++; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/servers/slapd/syncrepl.c new/openldap-2.4.53/servers/slapd/syncrepl.c --- old/openldap-2.4.52/servers/slapd/syncrepl.c 2020-08-28 18:10:00.000000000 +0200 +++ new/openldap-2.4.53/servers/slapd/syncrepl.c 2020-09-07 17:13:36.000000000 +0200 @@ -534,7 +534,7 @@ /* SIDs are the same, take fast path */ if ( !changed ) { for ( i = 0; i > ei; i++ ) { - if ( !bvmatch( &sc1->ctxcsn[i], &sc2->ctxcsn[i] )) { + if ( ber_bvcmp( &sc1->ctxcsn[i], &sc2->ctxcsn[i] ) < 0 ) { ber_bvreplace( &sc1->ctxcsn[i], &sc2->ctxcsn[i] ); changed = 1; } @@ -561,9 +561,12 @@ } if ( i < ei && sc1->sids[i] == sc2->sids[j] ) { newsids[k] = sc1->sids[i]; - ber_dupbv( &newcsns[k], &sc2->ctxcsn[j] ); - if ( !bvmatch( &sc1->ctxcsn[i], &sc2->ctxcsn[j] )) + if ( ber_bvcmp( &sc1->ctxcsn[i], &sc2->ctxcsn[j] ) < 0 ) { changed = 1; + ber_dupbv( &newcsns[k], &sc2->ctxcsn[j] ); + } else { + ber_dupbv( &newcsns[k], &sc1->ctxcsn[i] ); + } i++; j++; k++; continue; } @@ -601,27 +604,39 @@ struct sync_cookie sc1, sc2; int ret; - sc1.numcsns = 1; - sc1.sids = malloc( sizeof(int)); - sc1.ctxcsn = malloc( sizeof( struct berval ) * 2); + sc1.numcsns = 4; + sc1.sids = malloc( sizeof( int ) * sc1.numcsns ); + sc1.ctxcsn = malloc( sizeof( struct berval ) * ( sc1.numcsns + 1 )); sc1.sids[0] = 1; - { struct berval bv = BER_BVC("20200826182258.100566Z#000000#001#000000"); + sc1.sids[1] = 3; + sc1.sids[2] = 4; + sc1.sids[3] = 5; + { struct berval bv = BER_BVC("20200101000000.100000Z#sc1#001#000000"); /* unique */ ber_dupbv( &sc1.ctxcsn[0], &bv ); } - BER_BVZERO( &sc1.ctxcsn[1] ); - - sc2.numcsns = 3; - sc2.sids = malloc( sizeof(int) * 3); - sc2.ctxcsn = malloc( sizeof(struct berval) * 4); - sc2.sids[0] = 1; - sc2.sids[1] = 2; - sc2.sids[2] = 3; - { struct berval bv = BER_BVC("20200826182258.100567Z#000000#001#000000"); + { struct berval bv = BER_BVC("20200101000000.100000Z#sc1#003#000000"); /* lower */ + ber_dupbv( &sc1.ctxcsn[1], &bv ); } + { struct berval bv = BER_BVC("20201231000000.100000Z#sc1#004#000000"); /* higher */ + ber_dupbv( &sc1.ctxcsn[2], &bv ); } + { struct berval bv = BER_BVC("20200228000000.100000Z#sc1#005#000000"); /* unique */ + ber_dupbv( &sc1.ctxcsn[3], &bv ); } + BER_BVZERO( &sc1.ctxcsn[sc1.numcsns] ); + + sc2.numcsns = 4; + sc2.sids = malloc( sizeof( int ) * sc2.numcsns ); + sc2.ctxcsn = malloc( sizeof( struct berval ) * ( sc2.numcsns + 1 )); + sc2.sids[0] = 2; + sc2.sids[1] = 3; + sc2.sids[2] = 4; + sc2.sids[3] = 6; + { struct berval bv = BER_BVC("20200101000000.100000Z#sc2#002#000000"); /* unique */ ber_dupbv( &sc2.ctxcsn[0], &bv ); } - { struct berval bv = BER_BVC("20200826182259.141950Z#000000#002#000000"); + { struct berval bv = BER_BVC("20200331000000.100000Z#sc2#003#000000"); /* higher */ ber_dupbv( &sc2.ctxcsn[1], &bv ); } - { struct berval bv = BER_BVC("20200826182300.171795Z#000000#003#000000"); + { struct berval bv = BER_BVC("20200501000000.100000Z#sc2#004#000000"); /* lower */ ber_dupbv( &sc2.ctxcsn[2], &bv ); } - BER_BVZERO( &sc2.ctxcsn[3] ); + { struct berval bv = BER_BVC("20200628000000.100000Z#sc2#006#000000"); /* unique */ + ber_dupbv( &sc2.ctxcsn[3], &bv ); } + BER_BVZERO( &sc2.ctxcsn[sc2.numcsns] ); ret = merge_state( si, &sc1, &sc2 ); } @@ -848,6 +863,8 @@ } si->si_refreshDone = 0; + Debug( LDAP_DEBUG_SYNC, "do_syncrep1: %s starting refresh (sending cookie=%s)\n", + si->si_ridtxt, si->si_syncCookie.octet_str.bv_val, 0 ); rc = ldap_sync_search( si, op->o_tmpmemctx ); @@ -1531,7 +1548,8 @@ if ( msg ) ldap_msgfree( msg ); - if ( rc && rc != LDAP_SYNC_REFRESH_REQUIRED && si->si_ld ) { + if ( rc ) { + /* never reuse existing connection */ if ( si->si_conn ) { connection_client_stop( si->si_conn ); si->si_conn = NULL; @@ -1644,6 +1662,7 @@ if ( !si->si_schemachecking ) op->o_no_schema_check = 1; +reload: /* Establish session, do search */ if ( !si->si_ld ) { si->si_refreshDelete = 0; @@ -1661,7 +1680,6 @@ rc = do_syncrep1( op, si ); } -reload: /* Process results */ if ( rc == LDAP_SUCCESS ) { ldap_get_option( si->si_ld, LDAP_OPT_DESC, &s ); @@ -1672,11 +1690,6 @@ op->o_ndn = op->o_bd->be_rootndn; rc = do_syncrep2( op, si ); if ( rc == LDAP_SYNC_REFRESH_REQUIRED ) { - if ( BER_BVISNULL( &si->si_syncCookie.octet_str )) - slap_compose_sync_cookie( NULL, &si->si_syncCookie.octet_str, - si->si_syncCookie.ctxcsn, si->si_syncCookie.rid, - si->si_syncCookie.sid ); - rc = ldap_sync_search( si, op->o_tmpmemctx ); goto reload; } @@ -3025,9 +3038,9 @@ int retry = 1; int freecsn = 1; - Debug( LDAP_DEBUG_SYNC, - "syncrepl_entry: %s LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_%s) tid %x\n", - si->si_ridtxt, syncrepl_state2str( syncstate ), op->o_tid ); + Log4( LDAP_DEBUG_SYNC, ldap_syslog_level, + "syncrepl_entry: %s LDAP_RES_SEARCH_ENTRY(LDAP_SYNC_%s) csn=%s tid %x\n", + si->si_ridtxt, syncrepl_state2str( syncstate ), syncCSN ? syncCSN->bv_val : "(none)", op->o_tid ); if (( syncstate == LDAP_SYNC_PRESENT || syncstate == LDAP_SYNC_ADD ) ) { if ( !si->si_refreshPresent && !si->si_refreshDone ) { @@ -3639,6 +3652,9 @@ op->ors_slimit = 1; uf.f_av_value = uuids[i]; filter2bv_x( op, op->ors_filter, &op->ors_filterstr ); + Debug( LDAP_DEBUG_SYNC, "syncrepl_del_nonpresent: %s " + "checking non-present filter=%s\n", + si->si_ridtxt, op->ors_filterstr.bv_val, 0 ); rc = be->be_search( op, &rs_search ); op->o_tmpfree( op->ors_filterstr.bv_val, op->o_tmpmemctx ); } @@ -4588,6 +4604,8 @@ if ( rs->sr_type == REP_RESULT ) { count = presentlist_free( si->si_presentlist ); si->si_presentlist = NULL; + Debug( LDAP_DEBUG_SYNC, "nonpresent_callback: %s " + "had %d items left in the list\n", si->si_ridtxt, count, 0 ); } else if ( rs->sr_type == REP_SEARCH ) { if ( !( si->si_refreshDelete & NP_DELETE_ONE ) ) { @@ -4597,15 +4615,12 @@ present_uuid = presentlist_find( si->si_presentlist, &a->a_nvals[0] ); } - if ( LogTest( LDAP_DEBUG_SYNC ) ) { - char buf[sizeof("rid=999 non")]; - - snprintf( buf, sizeof(buf), "%s %s", si->si_ridtxt, - present_uuid ? "" : "non" ); - - Debug( LDAP_DEBUG_SYNC, "nonpresent_callback: %spresent UUID %s, dn %s\n", - buf, a ? a->a_vals[0].bv_val : "<missing>", rs->sr_entry->e_name.bv_val ); - } + Log4(LDAP_DEBUG_SYNC, ldap_syslog_level, "nonpresent_callback: " + "%s %spresent UUID %s, dn %s\n", + si->si_ridtxt, + present_uuid ? "" : "non", + a ? a->a_vals[0].bv_val : "<missing>", + rs->sr_entry->e_name.bv_val ); if ( a == NULL ) return 0; } @@ -4613,6 +4628,9 @@ if ( present_uuid == NULL ) { int covered = 1; /* covered by our new contextCSN? */ + if ( !syncCookie ) + syncCookie = &si->si_syncCookie; + /* TODO: This can go once we can build a filter that takes care of * the check for us */ a = attr_find( rs->sr_entry->e_attrs, slap_schema.si_ad_entryCSN ); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/openldap-2.4.52/tests/data/regressions/its9338/its9338 new/openldap-2.4.53/tests/data/regressions/its9338/its9338 --- old/openldap-2.4.52/tests/data/regressions/its9338/its9338 1970-01-01 01:00:00.000000000 +0100 +++ new/openldap-2.4.53/tests/data/regressions/its9338/its9338 2020-09-07 17:13:36.000000000 +0200 @@ -0,0 +1,100 @@ +#! /bin/sh +# $OpenLDAP$ +## This work is part of OpenLDAP Software <http://www.openldap.org/>. +## +## Copyright 1998-2020 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## <http://www.OpenLDAP.org/license.html>. + +echo "running defines.sh" +. $SRCDIR/scripts/defines.sh + +if test $SYNCPROV = syncprovno; then + echo "Syncrepl provider overlay not available, test skipped" + exit 0 +fi + +mkdir -p $TESTDIR $DBDIR1 + +echo "This test checks for pending operations to resume correctly" +echo "after they were stopped by a writer getting blocked by a full" +echo "socket output buffer. It uses a search with syncrepl control" +echo "and multiple modifications to generate enough responses to" +echo "fill the output buffer." +echo "" + +# +# Test replication: +# - start provider +# - populate over ldap +# - start persistent search and ignoring responses +# - perform some repeated adds/deletes to fill buffer +# - abandon persistent search and issue new search +# - if the bug is present, this will timeout. +# + +echo "Starting provider slapd on TCP/IP port $PORT1..." +. $CONFFILTER $BACKEND $MONITORDB < $SRPROVIDERCONF > $CONF1 +$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 & +PID=$! +if test $WAIT != 0 ; then + echo PID $PID + read foo +fi +KILLPIDS="$PID" + +sleep 1 + +echo "Using ldapsearch to check that provider slapd is running..." +for i in 0 1 2 3 4 5; do + $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \ + 'objectclass=*' > /dev/null 2>&1 + RC=$? + if test $RC = 0 ; then + break + fi + echo "Waiting 5 seconds for slapd to start..." + sleep 5 +done + +if test $RC != 0 ; then + echo "ldapsearch failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Using ldapadd to populate the provider directory..." +$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \ + $LDIFORDERED > /dev/null 2>&1 +RC=$? +if test $RC != 0 ; then + echo "ldapadd failed ($RC)!" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit $RC +fi + +echo "Starting persistent search and modifications..." +echo '(Ignore the "press Enter to continue" that appears below)' +( sleep 3; echo "" 1>&2; $PROGDIR/slapd-addel -H $URI1 -D "$MANAGERDN" -w $PASSWD -l 4000 -f $DATADIR/do_add.1 1>&2; \ +echo "" ) | $LDAPSEARCH -b "$BASEDN" -H $URI1 -E sync=rp -e backlog -l $SLEEP1 + +if test $? != 0 ; then + echo "ldapsearch failed - write waiter didn't resume pending ops" + test $KILLSERVERS != no && kill -HUP $KILLPIDS + exit 1 +fi + +test $KILLSERVERS != no && kill -HUP $KILLPIDS + +echo ">>>>> Test succeeded" + +test $KILLSERVERS != no && wait + +exit 0
