The 389-ds-base package does not compile when instructed to use Mozilla LDAP SDK rather then OpenSSL. The resulting error is:
ldap/servers/slapd/opshared.c: In function 'op_shared_search': ldap/servers/slapd/opshared.c:469:16: error: 'LDAP_CANCELLED' undeclared (first use in this function) ldap/servers/slapd/opshared.c:469:16: note: each undeclared identifier is reported only once for each function it appears in
It seems that LDAP_CANCELLED constant is OpenLDAP specific (ldap.h: #define LDAP_CANCELLED 0x76), Mozilla LDAP does not define it.
I am trying to compile 389-ds-base-1.3.1.8 (but the error is present at least since 1.3.1.0) on Debian 7.1 with mozldap-6.0.7.
Replying to [ticket:47510 mvocu]:
The 389-ds-base package does not compile when instructed to use Mozilla LDAP SDK rather then OpenSSL. The resulting error is: ldap/servers/slapd/opshared.c: In function 'op_shared_search': ldap/servers/slapd/opshared.c:469:16: error: 'LDAP_CANCELLED' undeclared (first use in this function) ldap/servers/slapd/opshared.c:469:16: note: each undeclared identifier is reported only once for each function it appears in It seems that LDAP_CANCELLED constant is OpenLDAP specific (ldap.h: #define LDAP_CANCELLED 0x76), Mozilla LDAP does not define it.
The fix is to define this in slapi-plugin.h. There are many of these near the top of that file. {{{
}}}
Is mozldap included with Debian?
No, MozLDAP is not included with Debian.
After adding the #define LDAP_CANCELLED 0x76, the compilation ends with:
ldap/servers/slapd/daemon.c: In function 'handle_closed_connection': ldap/servers/slapd/daemon.c:2597:37: error: 'openldap_sockbuf_io' undeclared (first use in this function) ldap/servers/slapd/daemon.c:2597:37: note: each undeclared identifier is reported only once for each function it appears in ldap/servers/slapd/daemon.c:2598:3: error: 'LBER_SBIOD_LEVEL_PROVIDER' undeclared (first use in this function) ldap/servers/slapd/daemon.c: In function 'handle_new_connection': ldap/servers/slapd/daemon.c:2676:32: error: 'LBER_SB_OPT_SET_MAX_INCOMING' undeclared (first use in this function)
The reason I am trying to use MozLDAP instead of OpenLDAP is that Debian's OpenLDAP is linked against GnuTLS, not OpenSSL (and certainly not Mozilla NSS). I can compile, link and run the slapd against the Debian's OpenLDAP libraries (with 389-ds using Mozilla NSS), but I experience strange connection errors in passthru plugin when connecting to the (already deployed) configuration server. I attribute these errors to the TLS layer, as passthru plugin is using the underlying GnuTLS library, but I was not able to find the real cause.
And yes - after applying the obvious workarounds (basically hiding everything that does not compile in #ifdef USE_OPENLDAP ... #endif), the resulting ns-slapd works, including the passthru to config server (no change in configuration needed).
Replying to [comment:2 mvocu]:
Hmm, this is going to be a problem for every Debian/Ubuntu user. We (the 389 team) really need to figure out how to handle platforms that don't have openldap that supports moznss (and ldif - older versions of openldap did not have support for libldif). I really want to be able to build 389 with whatever openldap is provided by the OS. This means that we will have to change 389 so that it does not assume openldap is using NSS. This will take a good bit of work.
After adding the #define LDAP_CANCELLED 0x76, the compilation ends with: ldap/servers/slapd/daemon.c: In function 'handle_closed_connection':
ldap/servers/slapd/daemon.c: In function 'handle_closed_connection':
add #if defined(USE_OPENLDAP) and #endif around the ber_sockbuf_remove_io(conn->c_sb, &openldap_sockbuf_io, LBER_SBIOD_LEVEL_PROVIDER); in handle_closed_connection()
ldap/servers/slapd/daemon.c:2597:37: error: 'openldap_sockbuf_io' undeclared (first use in this function) ldap/servers/slapd/daemon.c:2597:37: note: each undeclared identifier is reported only once for each function it appears in ldap/servers/slapd/daemon.c:2598:3: error: 'LBER_SBIOD_LEVEL_PROVIDER' undeclared (first use in this function) ldap/servers/slapd/daemon.c: In function 'handle_new_connection': ldap/servers/slapd/daemon.c:2676:32: error: 'LBER_SB_OPT_SET_MAX_INCOMING' undeclared (first use in this function)
same thing - add a #if defined(USE_OPENLDAP) and #ifdef block around this
Replying to [comment:4 mvocu]:
Ok, that's good to know. Can you attach your patches to this ticket?
patch to enable compilation with mozilla ldap sdk 389-ds-base.patch
Patch attached.
Maybe supporting openldap with different ssl would not be that much work; I was not able to figure out what was the real problem in my case. Maybe there was missing some configuration of openldap/gnutls (cacertdir comes to my mind, supported cipher suites, ...) that was not propagated from the slapd configuration. The server side of SSL was working fine with NSS, the problem was in client side (passthru, have not tried replication though).
In any case, the ability to turn on debugging of the ldap library would have been of great help, eg. something like ldap_set_option(..., LDAP_OPT_DEBUG_LEVEL, ...)
attachment 0001-Ticket-47510-389-ds-base-does-not-compile-against-Mo.patch
Thanks mvocu for the patch! Sending out for review...
git merge mozldap Updating 1e7c62d..069657f Fast-forward ldap/servers/slapd/daemon.c | 8 +++++--- ldap/servers/slapd/slapi-plugin.h | 5 +++++ 2 files changed, 10 insertions(+), 3 deletions(-)
git push origin master Counting objects: 13, done. Delta compression using up to 4 threads. Compressing objects: 100% (7/7), done. Writing objects: 100% (7/7), 900 bytes, done. Total 7 (delta 5), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 1e7c62d..069657f master -> master
commit 069657f Author: Mark Reynolds mreynolds@redhat.com Date: Fri Sep 27 09:20:51 2013 -0400
[mareynol@localhost ds]$ git checkout 389-ds-base-1.3.1 Switched to branch '389-ds-base-1.3.1'
git cherry-pick -x master Finished one cherry-pick. [389-ds-base-1.3.1 eba7764] Ticket 47510 - 389-ds-base does not compile against MozLDAP libraries
git push origin 389-ds-base-1.3.1 Counting objects: 13, done. Delta compression using up to 4 threads. Compressing objects: 100% (7/7), done. Writing objects: 100% (7/7), 968 bytes, done. Total 7 (delta 5), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 6b35dc7..eba7764 389-ds-base-1.3.1 -> 389-ds-base-1.3.1
{{{ struct FILE *ldif_fd_in = NULL; }}}
Isn't it just FILE * - no struct? as in {{{ int fprintf(FILE stream, const char format, ...); }}}
If so, then you'll also have to use fopen()/fclose() instead of PR_Open/PR_Close
Replying to [comment:15 rmeggins]:
{{{ struct FILE *ldif_fd_in = NULL; }}} Isn't it just FILE * - no struct? as in {{{ int fprintf(FILE stream, const char format, ...); }}} If so, then you'll also have to use fopen()/fclose() instead of PR_Open/PR_Close
I get other warnings/errors when I try changing this around. I just casted ldif_fd_in to (FILE *). New patch attached...
Here is the declaration from /usr/include/mozldap/ldif.h {{{ char ldif_get_entry( FILE fp, int *lineno ); }}} What warnings/errors do you get?
Revision #2 0001-Ticket-47510-Repl-Sync-does-not-compile-against-MozL.patch
Replying to [comment:17 rmeggins]:
Err, I think I read the one warning from the wrong workspace, and thought something else was going on. FILE works fine, new patch attached.
git merge ticket47510 Updating 70ed005..820b448 Fast-forward ldap/servers/plugins/automember/automember.c | 8 ++-- ldap/servers/slapd/operation.c | 3 +- ldap/servers/slapd/slapi-plugin.h | 72 ++++++++++++++++++++++++++ ldap/servers/slapd/util.c | 4 +- 4 files changed, 80 insertions(+), 7 deletions(-)
git push origin master Counting objects: 21, done. Delta compression using up to 4 threads. Compressing objects: 100% (11/11), done. Writing objects: 100% (11/11), 1.90 KiB, done. Total 11 (delta 8), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 70ed005..820b448 master -> master
commit 820b448 Author: Mark Reynolds mreynolds@redhat.com Date: Fri Sep 27 16:06:27 2013 -0400
1.3.1
git push origin 389-ds-base-1.3.1 Counting objects: 21, done. Delta compression using up to 4 threads. Compressing objects: 100% (11/11), done. Writing objects: 100% (11/11), 1.89 KiB, done. Total 11 (delta 8), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git c74fcf7..a1ab932 389-ds-base-1.3.1 -> 389-ds-base-1.3.1
commit a1ab932 Author: Mark Reynolds mreynolds@redhat.com Date: Fri Sep 27 16:06:27 2013 -0400
git merge ticket47510 Updating 820b448..d876e6d Fast-forward ldap/servers/slapd/slapi-plugin.h | 21 --------------------- 1 files changed, 0 insertions(+), 21 deletions(-)
git push origin master Counting objects: 11, done. Delta compression using up to 4 threads. Compressing objects: 100% (6/6), done. Writing objects: 100% (6/6), 590 bytes, done. Total 6 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 820b448..d876e6d master -> master [mareynol@localhost ds]$ git log -1 commit d876e6d Author: Mark Reynolds mreynolds@redhat.com Date: Fri Sep 27 20:49:53 2013 -0400
git checkout 389-ds-base-1.3.1 Switched to branch '389-ds-base-1.3.1' git cherry-pick -x master Finished one cherry-pick. [389-ds-base-1.3.1 4347de5] Ticket 47510 - remove unnecessary typedef 1 files changed, 0 insertions(+), 21 deletions(-)
git push origin 389-ds-base-1.3.1 Counting objects: 11, done. Delta compression using up to 4 threads. Compressing objects: 100% (6/6), done. Writing objects: 100% (6/6), 633 bytes, done. Total 6 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git a1ab932..4347de5 389-ds-base-1.3.1 -> 389-ds-base-1.3.1
Ported all the changes to 1.2.11(for EPEL 5)
git merge mozldap Updating 44a773d..847150a Fast-forward ldap/servers/plugins/automember/automember.c | 8 ++++---- .../plugins/posix-winsync/posix-group-task.c | 2 +- ldap/servers/plugins/posix-winsync/posix-winsync.c | 1 + ldap/servers/plugins/rootdn_access/rootdn_access.c | 3 --- ldap/servers/plugins/rootdn_access/rootdn_access.h | 2 ++ ldap/servers/slapd/daemon.c | 5 +++-- ldap/servers/slapd/pw.c | 2 +- ldap/servers/slapd/slapi-plugin.h | 4 ++++ 8 files changed, 16 insertions(+), 11 deletions(-)
git push origin 389-ds-base-1.2.11 Counting objects: 33, done. Delta compression using up to 4 threads. Compressing objects: 100% (17/17), done. Writing objects: 100% (17/17), 1.58 KiB, done. Total 17 (delta 13), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 44a773d..847150a 389-ds-base-1.2.11 -> 389-ds-base-1.2.11
commit 847150a Author: Mark Reynolds mreynolds@redhat.com Date: Thu Oct 3 15:03:11 2013 -0400
attachment 0001-Ticket-47510-Additional-mozldap-failures-with-Repl-S.patch
Found/fixed more Repl Sync failures:
git merge mozldap Updating 62c89ea..8516b55 Fast-forward ldap/servers/slapd/slapi-plugin.h | 16 ++++++++++++++++ 1 files changed, 16 insertions(+), 0 deletions(-)
git push origin master Counting objects: 11, done. Delta compression using up to 4 threads. Compressing objects: 100% (6/6), done. Writing objects: 100% (6/6), 923 bytes, done. Total 6 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git 62c89ea..8516b55 master -> master
commit 8516b55 Author: Mark Reynolds mreynolds@redhat.com Date: Thu Oct 3 15:36:01 2013 -0400
Metadata Update from @mvocu: - Issue assigned to mreynolds - Issue set to the milestone: 1.3.2 - 09/13 (September)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/847
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.