On Tuesday 05 July 2005 11:37, Howard Chu wrote:
> [EMAIL PROTECTED] wrote:
> > Update of /repo/OpenLDAP/pkg/ldap/servers/slapd
> >
> > Modified Files:
> > bconfig.c 1.103 -> 1.104
> >
> > Log Message:
> > Destroy Backend/Overlay after an error happend during one of the
> > config_parse_add()
Hi,
The 2.3 releases don't define LDAP_DEPRECATED anymore. This causes problems
with a lot of non-OpenLDAP software and I expect that many users of
libldap are not too happy about that especially because the man-pages for
many of the non-deprecated function are missing or just refer to the
dep
On Tuesday 18 October 2005 19:10, Kurt D. Zeilenga wrote:
> At 07:43 AM 10/18/2005, Ralf Haferkamp wrote:
> >Hi,
> >
> >The 2.3 releases don't define LDAP_DEPRECATED anymore. This causes
> > problems with a lot of non-OpenLDAP software and I expect that many
> &
Hi,
we recently found out that some versions of Active Directory don't
accept some extensible matching filters. (Newer Versions seem to work
correctly.)
The problem is that AD seems to be unable to decode the extensible
match, when the "dnAttributes" field is missing in the request (which
mean
On Thursday 20 October 2005 14:49, Kurt D. Zeilenga wrote:
> At 02:22 AM 10/20/2005, Ralf Haferkamp wrote:
> >we recently found out that some versions of Active Directory don't
> >accept some extensible matching filters.
>
> Old AD installs should be updated. I believe M
Hi,
I ran into a problem where an LDAP Client, that uses SSL/TLS (no matter
whether via ldaps or START_TLS) was indefinitely blocking in the
SSL_connect() call in libraries/libldap/tls.c.
As libldap mostly uses blocking IO (as far as I understand), the
SSL_connect call also uses blocking IO (ac
On Thursday 22 December 2005 18:43, Kurt D. Zeilenga wrote:
> At 10:43 AM 12/19/2005, Ralf Haferkamp wrote:
> >Hi,
> >
> >I ran into a problem where an LDAP Client, that uses SSL/TLS (no
> > matter whether via ldaps or START_TLS) was indefinitely blocking in
> > th
Am Do 22.12.2005 20:44 schrieb Kurt D. Zeilenga <[EMAIL PROTECTED]>:
> At 10:19 AM 12/22/2005, Ralf Haferkamp wrote:
> >I am not sure if I understand your question. My orignal idea was to
> >do
> >it without any addtional API and hide the non-blocking SSL-handshak
Am Do 22.12.2005 20:31 schrieb Kurt D. Zeilenga <[EMAIL PROTECTED]>:
> At 10:19 AM 12/22/2005, Ralf Haferkamp wrote:
> >On Thursday 22 December 2005 18:43, Kurt D. Zeilenga wrote:
> >> At 10:43 AM 12/19/2005, Ralf Haferkamp wrote:
> >> >Hi,
> >> >
Am Do 22.12.2005 22:54 schrieb Kurt D. Zeilenga <[EMAIL PROTECTED]>:
> At 12:57 PM 12/22/2005, Ralf Haferkamp wrote:
> >When using select() inside ldap_int_tls_connect() we could set the
> >timeout to e.g. LDAP_OPT_NETWORK_TIMEOUT so it would block only for a
> >certain
Hi,
I just recognized that current slapd advertises the config-context in
root-dse, even if back-config is not used (e.g. no config directory
exists). To me it seems useful to hide the "configContext" Attribute in
such cases and deny searches below cn=config with "no such object".
--
Ralf
On Thursday 16 February 2006 16:41, Pierangelo Masarati wrote:
> > Ralf Haferkamp wrote:
> >> Hi,
> >>
> >> I just recognized that current slapd advertises the config-context
> >> in root-dse, even if back-config is not used (e.g. no config
> >> d
On Thursday 16 February 2006 19:00, Howard Chu wrote:
> Ralf Haferkamp wrote:
> > On Thursday 16 February 2006 16:41, Pierangelo Masarati wrote:
> >>> Ralf Haferkamp wrote:
> >>>> Hi,
> >>>>
> >>>> I just recognized that current sl
On Thursday 16 February 2006 19:00, Howard Chu wrote:
> Ralf Haferkamp wrote:
> > On Thursday 16 February 2006 16:41, Pierangelo Masarati wrote:
> >>> Ralf Haferkamp wrote:
> >>>> Hi,
> >>>>
> >>>> I just recognized that current sl
On Friday 17 February 2006 18:48, Michael Ströder wrote:
> Ralf Haferkamp wrote:
> > Btw, while we are at it. For easy bootstrapping of back-config we
> > could add an implicit sasl-regexp that maps
> > "gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" to
&g
On Wednesday 27 September 2006 12:05, Pierangelo Masarati wrote:
> > Update of /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb
> >
> > Modified Files:
> > id2entry.c 1.74 -> 1.75
> > tools.c 1.108 -> 1.109
> >
> > Log Message:
> > Check for the correct return code of cursor->c_get() (DB_BU
On Wednesday 27 September 2006 12:25, Pierangelo Masarati wrote:
> >> DB_BUFFER_SMALL seems to be a bdb 4.4 only value (or, at least, > 4.2).
> >
> > Hm, you are correct. I only looked at the 4.4. docs :(. Sorry for that. I
> > take
> > a look how to get it correct for 4.2 and 4.4.
>
> Right now, I
Hi,
I am currently trying to add some functionality to the distproc-overlay
(should implement draft-sermersheim-ldap-distproc some day). For this I have
been able to adapt the chain-overlay so that it is able to sent the
ChainedRequest Extended Operation to the target server. On the target serv
Hi,
I am currently trying to initialize the back-config database by slapadd-ing
a small ldif-File (based on the slapd.ldif from CVS HEAD). However I ran into
various issues with regard to the ordering of the different database objects
and it unclear to me how exactly this is supposed to work.
On Wednesday 21 March 2007 19:40, Howard Chu wrote:
> Ralf Haferkamp wrote:
[..]
> >
> > 1. Should slapadd work with LDIF files that do not have any ordering
> > numbers for the databases in them?
> >
> > 2. Should slapadd work with LDIF files that does not explic
On Friday 23 March 2007 15:08, Ralf Haferkamp wrote:
> On Wednesday 21 March 2007 19:40, Howard Chu wrote:
> > Ralf Haferkamp wrote:
>
> [..]
>
> > > 1. Should slapadd work with LDIF files that do not have any ordering
> > > numbers for the databases in them
Hm, seems that this mail didn't get through on the first attempt. At least I
didn't see it on openldap-devel. Next try ...
On Thursday 29 March 2007 17:45, Howard Chu wrote:
> [EMAIL PROTECTED] wrote:
> > Update of /repo/OpenLDAP/pkg/ldap/servers/slapd
> >
> > Modified Files:
> > bconfig.c 1
On Friday 30 March 2007 13:09, Ralf Haferkamp wrote:
[..]
> > Most of the code in this checkin is a duplicate of slap_add_opattrs().
>
> Actually I was looking at the slapadd() function in slapadd.c while
> implementing this. Didn't really have slap_add_opattrs() in mind then
Hi,
I'd like to improve the error messages that back-config returns via LDAP to
the client. Currently in many case you only get back a very generic error
messages. E.g. when trying to add a second monitor database you just get:
Error code LDAP_OTHER with the diagnostic message set to " failed
i
On Monday 07 May 2007 21:26, Pierangelo Masarati wrote:
> Howard Chu wrote:
> > Ralf Haferkamp wrote:
> >> Hi,
> >>
> >> I'd like to improve the error messages that back-config returns via
> >> LDAP to the client. Currently in many case you onl
On Sunday 13 May 2007 00:15, [EMAIL PROTECTED] wrote:
> Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
>
> Modified Files:
> tls.c 1.147 -> 1.148
> Removed Files:
> gnutls.c 1.3 -> NONE
>
> Log Message:
> Merged GNUtls support into main tls.c
This broke building with openssl. Se
Hello,
slightly related to the above ITS, I have found another issue. I am not sure
though if this is a bug or if the behaviour is intended. I have a setup here
were the pcache and rwm-overlay is used on top of back-ldap.
rwm is used to rewrite some Attributetypes unknown to the Schema of the lo
No comments on this? So I guess this means I can just go ahead and submit the
patch to HEAD for testing?
On Monday 04 June 2007 17:13, Ralf Haferkamp wrote:
> Hello,
>
> slightly related to the above ITS, I have found another issue. I am not
> sure though if this is a bug or if the
On Tuesday 19 June 2007 19:09, Howard Chu wrote:
> Ralf Haferkamp wrote:
> > No comments on this? So I guess this means I can just go ahead and submit
> > the patch to HEAD for testing?
> >
> > On Monday 04 June 2007 17:13, Ralf Haferkamp wrote:
> >> Hello,
>
On Tuesday 19 June 2007 20:32, Pierangelo Masarati wrote:
> Ralf Haferkamp wrote:
> >> It used to be a requirement that any data passing through back-ldap be
> >> defined in the local server's schema. Recently that requirement was
> >> relaxed. I don'
On Wednesday 20 June 2007 12:17, Ralf Haferkamp wrote:
> On Tuesday 19 June 2007 20:32, Pierangelo Masarati wrote:
[..]
> >
> > The design of slapo-rwm(5) is based on: do things as correct as
> > possible, but don't be too clever. What you mean makes sense; however,
&g
Hi,
The ldap_dn2ad_canonical() function is supposed to map an LDAP DN into a
Active Directory Canonical Name. Does anybody know why this function
disallows DNs with UTF8 characters in them? The comments in the code are
somewhat uncertain regarding this ;)
/*
* b) does DCE/AD support UTF-8?
On Monday 07 May 2007 21:26, Pierangelo Masarati wrote:
> Howard Chu wrote:
> > Ralf Haferkamp wrote:
> >> Hi,
> >>
> >> I'd like to improve the error messages that back-config returns via
> >> LDAP to the client. Currently in many case you onl
On Tuesday 24 July 2007 09:36, Quanah Gibson-Mount wrote:
> --On Tuesday, July 24, 2007 8:21 AM +0100 Gavin Henry
>
> <[EMAIL PROTECTED]> wrote:
> >
> >
> >> This release showed amazing promise in the past as the first release to
> >> move to after 4.2 that showed real performance gains across the
On Tuesday 24 July 2007 11:43, Howard Chu wrote:
> Quanah Gibson-Mount wrote:
> > --On Tuesday, July 24, 2007 8:21 AM +0100 Gavin Henry
> >
> > <[EMAIL PROTECTED]> wrote:
> >>
> >>
> >>> This release showed amazing promise in the past as the first release to
> >>> move to after 4.2 that showed rea
The BI_db_func()-functions (xxx_db_init, xxx_db_open, xxx_db_close and
xxx_db_destroy) now accept a ConfigArgs pointer as an additional argument. I
think I fixed all existing backends and overlays to accept the new parameter
(make test succeeded with --enable-backends=yes and --enable-overlays=y
Hi,
Note, I just reworked that a bit I am now using a separate type as originally
suggested by Ando. That seems to be the cleaner approach.
On Wednesday 25 July 2007 17:28, Ralf Haferkamp wrote:
> The BI_db_func()-functions (xxx_db_init, xxx_db_open, xxx_db_close and
> xxx_db_destro
Hello,
is slapo-pcache supposed to work with back-config with current HEAD? I was not
able to create a working configuration, yet.
As soon as the olcPcacheConfig Entry is added as a child below a back-ldap
Database Entry, slapd tries to open the corresponding bdb/hdb Database for
the pcache ove
On Montag, 8. Oktober 2007, Howard Chu wrote:
> Howard Chu wrote:
> > Ralf Haferkamp wrote:
> >> Hello,
> >>
> >> is slapo-pcache supposed to work with back-config with current HEAD? I
> >> was not able to create a working configuration, yet.
> >&
On Mittwoch, 21. November 2007, Howard Chu wrote:
> Michael Ströder wrote:
> > Howard Chu wrote:
> >>> If incompatibility worries people even as early as this in 2.4's life,
> >>> we could leave the old format as the default in 2.4, and provide a
> >>> slapd.conf-option to enable ordered indexing.
On Mittwoch, 21. November 2007, Howard Chu wrote:
> Aaron Richton wrote:
[..]
> > Yes, this might be a bit painful for the early adopters. Is there any
> > sort of magic number or similar where slapd could bail out "sorry, please
> > slapindex" if given a RE23 format database? Then at least the FAQ
On Mittwoch, 21. November 2007, Michael Ströder wrote:
> Ralf Haferkamp wrote:
> > On the other hand we could even let the runtime indexer task recreate the
> > indexes on the fly when such an old index is discovered. ;-)
> >
> From an operational perspective I'm
On Mittwoch, 28. November 2007, Andrew Bartlett wrote:
[..]
> > Looking at the configuration, it seems this can only currently be
> > configured once - ie, for memberOf. Am I missing how to configure it to
> > also handle an arbitrary number of other attributes? Ideally I would
> > process the AD
On Montag, 3. Dezember 2007, Andrew Bartlett wrote:
> On Wed, 2007-11-28 at 12:20 +0100, Ralf Haferkamp wrote:
> > On Mittwoch, 28. November 2007, Andrew Bartlett wrote:
> > [..]
> >
> > > > Looking at the configuration, it seems this can only currently be
With the great features that back-config provides to configure OpenLDAP
servers at runtime it seems logical to start thinking about providing tools
that could help to leverage those features.
Currently to manage an OpenLDAP server through back-config you have the option
to use either a generic
On Dienstag, 15. Januar 2008, Howard Chu wrote:
> Ralf Haferkamp wrote:
> > With the great features that back-config provides to configure OpenLDAP
> > servers at runtime it seems logical to start thinking about providing
> > tools that could help to leverage those features.
On Dienstag, 15. Januar 2008, Hallvard B Furuseth wrote:
> Howard Chu writes:
> > One thing I find to be extremely awkward about other directory server
> > products is the fact that they corral you into using their custom
> > tools to do administration. If they even have a generic admin
> > interfa
On Mittwoch, 16. Januar 2008, Michael Ströder wrote:
> Ralf Haferkamp wrote:
> > On the other hand we have
> > quite some customers demanding for tools to manage OpenLDAP, that's
why I
> > came here to find ways to improve that situation in a way that
others
> &g
On Mittwoch, 16. Januar 2008, Michael Ströder wrote:
> Ralf Haferkamp wrote:
> >> For 1. I usually ask my customers how they are going to implement
> >> the change management. After some discussion we usually end up
> >> with text-based config managed with version
On Donnerstag, 17. Januar 2008, Michael Ströder wrote:
> Ralf Haferkamp wrote:
> > On Mittwoch, 16. Januar 2008, Michael Ströder wrote:
> >> Ralf Haferkamp wrote:
> >>>> For 1. I usually ask my customers how they are going to
> >>>> implement
On Donnerstag, 17. Januar 2008, Pierangelo Masarati wrote:
> Ralf Haferkamp wrote:
> >>> Yes, I guess that this works pretty well when you deploy OpenLDAP
> >>> (or basically any other software) at a single customer. It gets
> >>> harder when you ship OpenL
On Dienstag, 12. Februar 2008, Quanah Gibson-Mount wrote:
> Please test RE23 in preparation for OpenLDAP 2.3.41.
All tests passed on opensuse 10.3 x86_64
--
Ralf
On Dienstag, 12. Februar 2008, Michael Ströder wrote:
> Hallvard B Furuseth wrote:
> > Michael Ströder writes:
> >> /home/michael/src/openldap/OPENLDAP_REL_ENG_2_3/openldap/servers/s
> >>lapd/.libs/lt-slapd:
> >
> > Symbol `ldap_int_global_options' has different size in shared
> > object, consider
On Donnerstag, 24. April 2008, Howard Chu wrote:
[..]
>
> It's tempting to think about this for backglue, but we'd need a
> cross-database lock manager of some kind for detecting deadlocks.
> That implies that we really need an LDAP-level lock request, to
> handle distributed locking, and that the
On Mittwoch, 21. Mai 2008, Luca Scamoni wrote:
> Thought I would just drop in a note on this...
>
> There have been changes with glibc 2.8. Now struct ucred is ifdef'd
> under _GNU_SOURCE
Btw, I submitted this as ITS#5464 some weeks ago.
> Maybe configure should detect if it's needed?
--
Ralf
Hi,
as back-config does currently not have support for the delete operation
(config_back_delete() just returns LDAP_UNWILLING_TO_PERFORM
currently) I am trying to figure out what is needed to get at
least delete support for simple overlays (e.g. ppolicy or memberof)
running.
What I am curren
On Donnerstag, 5. Juni 2008, Hallvard B Furuseth wrote:
> You also need to walk through the database and delete any attributes
> object classes defined by the overlay. That'll be at least any
> operational attributes since they must be hardcoded into the C
> source.
>
> Only the overlay can know h
On Donnerstag, 5. Juni 2008, Hallvard B Furuseth wrote:
> You also need to walk through the database and delete any attributes
> object classes defined by the overlay. That'll be at least any
> operational attributes since they must be hardcoded into the C
> source.
Another problem with this is th
On Donnerstag, 5. Juni 2008, Howard Chu wrote:
> Ralf Haferkamp wrote:
> > Hi,
> >
> > as back-config does currently not have support for the delete
> > operation (config_back_delete() just returns
> > LDAP_UNWILLING_TO_PERFORM currently) I am trying to figure
On Donnerstag, 5. Juni 2008, Howard Chu wrote:
> Ralf Haferkamp wrote:
> > Hi,
> >
> > as back-config does currently not have support for the delete
> > operation (config_back_delete() just returns
> > LDAP_UNWILLING_TO_PERFORM currently) I am trying to figure
On Dienstag, 10. Juni 2008, Ralf Haferkamp wrote:
> On Donnerstag, 5. Juni 2008, Howard Chu wrote:
> > Ralf Haferkamp wrote:
> > > Hi,
> > >
> > > as back-config does currently not have support for the delete
> > > operation (config_back_delete()
On Freitag, 12. September 2008, [EMAIL PROTECTED] wrote:
> Update of /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb
>
> Modified Files:
> init.c 1.293 -> 1.294
>
> Log Message:
> stop and remove checkpoint task in _db_destroy (ITS#5698)
Generally I'd think that this would better fit into th
On Freitag, 12. September 2008, Howard Chu wrote:
> Ralf Haferkamp wrote:
> > On Freitag, 12. September 2008, [EMAIL PROTECTED] wrote:
> >> Update of /repo/OpenLDAP/pkg/ldap/servers/slapd/back-bdb
> >>
> >> Modified Files:
> >>init.c 1.293 -> 1
Am Donnerstag 02 Oktober 2008 06:26:44 schrieb Howard Chu:
> I was dusting off some of the last rfc2307bis revisions Luke sent me, and
> then remembered how much of a mess we still have with groups. Here are some
> ideas I'm toying with, would like some feedback before drafting for
> IETF-LDAPext.
Am Donnerstag 02 Oktober 2008 10:20:10 schrieb Howard Chu:
> Ralf Haferkamp wrote:
> > Am Donnerstag 02 Oktober 2008 06:26:44 schrieb Howard Chu:
> >> I was dusting off some of the last rfc2307bis revisions Luke sent me,
> >> and then remembered how much of a mess we s
Am Montag 10 November 2008 16:26:28 schrieb Howard Chu:
> [EMAIL PROTECTED] wrote:
> > Update of /repo/OpenLDAP/pkg/ldap/contrib/slapd-modules/nssov
> >
> > Modified Files:
> > passwd.c 1.2 -> 1.3
> >
> > Log Message:
> > corrected filter and search limits in uid2dn function (ITS#5802)
>
> Ni
Hi,
While doing a few slapadd testruns comparing the RE23 with the RE24 version I
ran into a strange issue. I ran test with different LDIFs (100k, 500k and
1000k Entries) and especially with the 500k and 1000k LDIF, slapadd from
2.3.43 was significantly faster than the 2.4.12 version.
2.3.43 l
Am Freitag 21 November 2008 14:21:06 schrieb Ralf Haferkamp:
> Hi,
>
> While doing a few slapadd testruns comparing the RE23 with the RE24 version
> I ran into a strange issue. I ran test with different LDIFs (100k, 500k and
> 1000k Entries) and especially with the 500k and 1000
Am Samstag 22 November 2008 02:59:28 schrieb Howard Chu:
> Ralf Haferkamp wrote:
> > Am Freitag 21 November 2008 14:21:06 schrieb Ralf Haferkamp:
> >> I did some profiling (with valgrinds callgrind tool) to find out where
> >> all the time is spend and it revealed tha
Am Montag 24 November 2008 23:12:36 schrieb Hallvard B Furuseth:
> Ralf Haferkamp writes:
> > When linking against db-4.7.25 slapadd is still a little faster when the
> > trickle-task is disabled: 15m19s (without the trickle-task) vs. 16m12s
> > for the 500k Entries LDIF.
used"
> info or whatever Berkeley DB is using? Then it could cause such pages
> to need to be re-read when they'd otherwise not need to be.
>
> The memp_trickle() call the dirty page percentage to 70%.
> Might be interesting to see how a run without the trickle task
>
Am Dienstag 25 November 2008 14:51:54 schrieb Ralf Haferkamp:
> Am Montag 24 November 2008 23:12:36 schrieb Hallvard B Furuseth:
> > Ralf Haferkamp writes:
> > > When linking against db-4.7.25 slapadd is still a little faster when
> > > the trickle-task is disabled:
Am Dienstag 25 November 2008 15:07:21 schrieb Hallvard B Furuseth:
> Did I send this? Trying again - I wrote:
> > ...unless the doc is inaccurate.
>
> which in any case would be no reason to make bdb_tool_entry_put()
> wait for env->memp_trickle(). If you keep the mutex lock,
> set a flag while
Hi,
since quite some time libldap enables tcp-keepalive, e.g. to detected dangling
syncrepl connections. However the default timeout of two hours that most
systems are using might be a bit too long for some applications (e.g. I had a
problem lately were nscd didn't answer queries anymore becaus
Am Freitag 01 Mai 2009 11:50:15 schrieb masar...@aero.polimi.it:
> > Hi,
> >
> > since quite some time libldap enables tcp-keepalive, e.g. to detected
> > dangling
> > syncrepl connections. However the default timeout of two hours that most
> > systems are using might be a bit too long for some app
Am Dienstag 05 Mai 2009 22:48:10 schrieb Howard Chu:
> Ralf Haferkamp wrote:
> > Am Freitag 01 Mai 2009 11:50:15 schrieb masar...@aero.polimi.it:
> >>> Hi,
> >>>
> >>> since quite some time libldap enables tcp-keepalive, e.g. to detected
> >
Am Mittwoch 06 Mai 2009 11:27:29 schrieb Howard Chu:
> Ralf Haferkamp wrote:
> > Am Dienstag 05 Mai 2009 22:48:10 schrieb Howard Chu:
> > Something like proposed in ITS#5133? It seems that it was rejected with a
> > reference to the enablement of SO_KEEPALIVE, though. Shoul
Hi,
In case of certificate verification failures I'd like to include the
verification error message ("certificate has expired", "unable to get issuer
certificate", ...) in the diagnostic errormessage.
For that I need pass the tls_session* as an extra argument to the
TI_session_errmsg functions
Am Dienstag 08 Dezember 2009 13:50:21 schrieb Hallvard B Furuseth:
> h...@openldap.org writes:
> > ITS#6419 also init for ldaps:// URIs
>
> Does it work for ldapi:// as well? (And should it?) I seem to
> remember StartTLS does work for ldapi, though I don't know what
> a sensible host name in th
Am Donnerstag 10 Dezember 2009 14:22:26 schrieb r...@openldap.org:
> Update of /repo/OpenLDAP/pkg/ldap/servers/slapd
>
> Modified Files:
> bconfig.c 1.404 -> 1.405
>
> Log Message:
> global limits can also be set in "cn=config" (more forITS#6428)
While working on this, I learned that the
Hi,
while taking up some loose ends on my work on delete support for back-
config (enabled with -DSLAP_CONFIG_DELETE) I wondered how we should deal
with the deletion of the syncprov overlay when there are active
refreshAndPersist sessions. What errorcode should we sent when closing
such a conne
Am Freitag 26 Februar 2010 13:30:55 schrieb masar...@aero.polimi.it:
> > Hi,
> >
> > while taking up some loose ends on my work on delete support for
> > back- config (enabled with -DSLAP_CONFIG_DELETE) I wondered how we
> > should deal with the deletion of the syncprov overlay when there
> > are
Am Freitag 26 Februar 2010 19:29:43 schrieb Howard Chu:
> Ralf Haferkamp wrote:
> > Am Freitag 26 Februar 2010 13:30:55 schrieb masar...@aero.polimi.it:
> >>> Hi,
> >>>
> >>> while taking up some loose ends on my work on delete support for
> >&g
Hi,
most of you probably know the issues with using syncrepl with SASL/gssapi
when built against MIT Kerberos. Is cause of the problem is also well
know. MIT's gssapi implementation will not encode packages for
established connection anymore once the ticket is expired. Once this
happened any c
Am Mittwoch 23 Juni 2010, 05:39:06 schrieb Quanah Gibson-Mount:
> --On Tuesday, June 22, 2010 8:38 PM -0700 Quanah Gibson-Mount
>
> wrote:
> > --On Tuesday, June 22, 2010 4:27 PM +0200 Ralf Haferkamp
> >
> >
> > wrote:
> >> Did I overlook somethi
Hi,
Am Donnerstag 01 Juli 2010, 17:48:35 schrieb Hallvard B Furuseth:
> r...@openldap.org writes:
> > controls.c 1.212 -> 1.213
> >
> > new call unregister_supported_control(), will be
> > needed for cn=config delete support
>
> Gcc complains about at this line:
> slap_known_controls[
Hi,
I am currently coding a small slapd plugin named kinit. All it does is
requesting a Kerberos TGT for a configurable principal (default:
ldap/@REALM) and renews/reinits it when needed using slapd's
runqueue.
I'd like to submit it to HEAD soon. Where should it go? contrib/slapd-
modules/kini
Hi,
On Thursday 14 October 2010 02:02:17 Howard Chu wrote:
> h...@openldap.org wrote:
> > Update of /repo/OpenLDAP/pkg/ldap/libraries/libldap
> >
> > Modified Files:
> > sasl.c 1.82 -> 1.83
> >
> > Log Message:
> > More for prev commit. What about ldap_pvt_sasl_getmechs() ?
> >
> > CVS We
On Friday 15 October 2010 14:02:27 Howard Chu wrote:
> Howard Chu wrote:
> > Ralf Haferkamp wrote:
[..]
> >>> Please review and comment, thanks.
> >>
> >> It seems that SASL/GSSAPI binds broke somehow. At least for me
> >> ldapsearch from
Hi,
I'd like slapd to be able to report the overlays and backends that are
statically compiled into the binary. I am currently thinking about adding
that to the -V option, e.g. if slapd is called with -VVV (-VV is already
taken it seem) it lists the statically included overlays and backends
ad
Am Mittwoch 27 Oktober 2010, 10:27:23 schrieb Pierangelo Masarati:
> Ralf Haferkamp wrote:
> > Hi,
> >
> > I'd like slapd to be able to report the overlays and backends that
> > are statically compiled into the binary. I am currently thinking
> > about addin
While trying to implement back-config delete support for slapo-chain I
stumbled across some inconsistencies in slapo-chain's configuration
routines.
When using slapd.conf it is not possible to configure some settings for
slapo-chain's underlying back-ldap database. E.g. things like
chain "-size
Hi,
while working on some issues in slapo-pcache (ITS#6950, 6951, 6953 and
6954). I noticed some (IMO) odd behaviour in how the experiation of
cached queries is handled.
It seems that pcache happily returns entries for cached queries from the
cache even if the query has already expired (ttl is
Hi,
I wonder how we should go forward with test058-syncrepl-asymmetric. If I
understand the test (and the comments in syncrepl.c) correctly the setup
it is testing is unsupported in slapd, am I right? (Which is the reason
why test failures are ignored currently, I guess)
On the provider the sy
Am Freitag 11 November 2011, 11:05:28 schrieb Howard Chu:
> Ralf Haferkamp wrote:
> > Hi,
> >
> > I wonder how we should go forward with test058-syncrepl-asymmetric.
> > If I understand the test (and the comments in syncrepl.c)
> > correctly the setup it is test
Hi,
On Thu, Nov 01, 2012 at 05:36:54PM +, I wrote:
> I've just uploaded:
>
> ftp://ftp.openldap.org/incoming/rhafer-Use-non-blocking-IO-during-SSL-Handshake-ITS-7428.dif
>
> which tries to address the issue. If LDAP_OPT_NETWORK_TIMEOUT is set
> ldap_int_tls_start will switch to non-blocking
96 matches
Mail list logo