#47510 389-ds-base does not compile against MozLDAP libraries
Closed: Fixed None Opened 6 years ago by mvocu.

The 389-ds-base package does not compile when instructed to use Mozilla LDAP SDK rather then OpenSSL. The resulting error is:

ldap/servers/slapd/opshared.c: In function 'op_shared_search':
ldap/servers/slapd/opshared.c:469:16: error: 'LDAP_CANCELLED' undeclared (first use in this function)
ldap/servers/slapd/opshared.c:469:16: note: each undeclared identifier is reported only once for each function it appears in

It seems that LDAP_CANCELLED constant is OpenLDAP specific (ldap.h: #define LDAP_CANCELLED 0x76), Mozilla LDAP does not define it.

I am trying to compile 389-ds-base-1.3.1.8 (but the error is present at least since 1.3.1.0) on Debian 7.1 with mozldap-6.0.7.


Replying to [ticket:47510 mvocu]:

The 389-ds-base package does not compile when instructed to use Mozilla LDAP SDK rather then OpenSSL. The resulting error is:

ldap/servers/slapd/opshared.c: In function 'op_shared_search':
ldap/servers/slapd/opshared.c:469:16: error: 'LDAP_CANCELLED' undeclared (first use in this function)
ldap/servers/slapd/opshared.c:469:16: note: each undeclared identifier is reported only once for each function it appears in

It seems that LDAP_CANCELLED constant is OpenLDAP specific (ldap.h: #define LDAP_CANCELLED 0x76), Mozilla LDAP does not define it.

The fix is to define this in slapi-plugin.h. There are many of these near the top of that file.
{{{

ifndef LDAP_CANCELLED

define LDAP_CANCELLED 0x76

endif

}}}

I am trying to compile 389-ds-base-1.3.1.8 (but the error is present at least since 1.3.1.0) on Debian 7.1 with mozldap-6.0.7.

Is mozldap included with Debian?

No, MozLDAP is not included with Debian.

After adding the #define LDAP_CANCELLED 0x76, the compilation ends with:

ldap/servers/slapd/daemon.c: In function 'handle_closed_connection':
ldap/servers/slapd/daemon.c:2597:37: error: 'openldap_sockbuf_io' undeclared (first use in this function)
ldap/servers/slapd/daemon.c:2597:37: note: each undeclared identifier is reported only once for each function it appears in
ldap/servers/slapd/daemon.c:2598:3: error: 'LBER_SBIOD_LEVEL_PROVIDER' undeclared (first use in this function)
ldap/servers/slapd/daemon.c: In function 'handle_new_connection':
ldap/servers/slapd/daemon.c:2676:32: error: 'LBER_SB_OPT_SET_MAX_INCOMING' undeclared (first use in this function)

The reason I am trying to use MozLDAP instead of OpenLDAP is that Debian's OpenLDAP is linked against GnuTLS, not OpenSSL (and certainly not Mozilla NSS). I can compile, link and run the slapd against the Debian's OpenLDAP libraries (with 389-ds using Mozilla NSS), but I experience strange connection errors in passthru plugin when connecting to the (already deployed) configuration server. I attribute these errors to the TLS layer, as passthru plugin is using the underlying GnuTLS library, but I was not able to find the real cause.

And yes - after applying the obvious workarounds (basically hiding everything that does not compile in #ifdef USE_OPENLDAP ... #endif), the resulting ns-slapd works, including the passthru to config server (no change in configuration needed).

Replying to [comment:2 mvocu]:

No, MozLDAP is not included with Debian.

Hmm, this is going to be a problem for every Debian/Ubuntu user. We (the 389 team) really need to figure out how to handle platforms that don't have openldap that supports moznss (and ldif - older versions of openldap did not have support for libldif). I really want to be able to build 389 with whatever openldap is provided by the OS. This means that we will have to change 389 so that it does not assume openldap is using NSS. This will take a good bit of work.

After adding the #define LDAP_CANCELLED 0x76, the compilation ends with:

ldap/servers/slapd/daemon.c: In function 'handle_closed_connection':

add #if defined(USE_OPENLDAP) and #endif around the
ber_sockbuf_remove_io(conn->c_sb, &openldap_sockbuf_io,
LBER_SBIOD_LEVEL_PROVIDER);
in handle_closed_connection()

ldap/servers/slapd/daemon.c:2597:37: error: 'openldap_sockbuf_io' undeclared (first use in this function)
ldap/servers/slapd/daemon.c:2597:37: note: each undeclared identifier is reported only once for each function it appears in
ldap/servers/slapd/daemon.c:2598:3: error: 'LBER_SBIOD_LEVEL_PROVIDER' undeclared (first use in this function)
ldap/servers/slapd/daemon.c: In function 'handle_new_connection':
ldap/servers/slapd/daemon.c:2676:32: error: 'LBER_SB_OPT_SET_MAX_INCOMING' undeclared (first use in this function)

same thing - add a #if defined(USE_OPENLDAP) and #ifdef block around this

Replying to [comment:4 mvocu]:

And yes - after applying the obvious workarounds (basically hiding everything that does not compile in #ifdef USE_OPENLDAP ... #endif), the resulting ns-slapd works, including the passthru to config server (no change in configuration needed).

Ok, that's good to know. Can you attach your patches to this ticket?

patch to enable compilation with mozilla ldap sdk
389-ds-base.patch

Patch attached.

Maybe supporting openldap with different ssl would not be that much work; I was not able to figure out what was the real problem in my case. Maybe there was missing some configuration of openldap/gnutls (cacertdir comes to my mind, supported cipher suites, ...) that was not propagated from the slapd configuration. The server side of SSL was working fine with NSS, the problem was in client side (passthru, have not tried replication though).

In any case, the ability to turn on debugging of the ldap library would have been of great help, eg. something like ldap_set_option(..., LDAP_OPT_DEBUG_LEVEL, ...)

Thanks mvocu for the patch! Sending out for review...

git merge mozldap
Updating 1e7c62d..069657f
Fast-forward
ldap/servers/slapd/daemon.c | 8 +++++---
ldap/servers/slapd/slapi-plugin.h | 5 +++++
2 files changed, 10 insertions(+), 3 deletions(-)

git push origin master
Counting objects: 13, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 900 bytes, done.
Total 7 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
1e7c62d..069657f master -> master

commit 069657f
Author: Mark Reynolds mreynolds@redhat.com
Date: Fri Sep 27 09:20:51 2013 -0400

[mareynol@localhost ds]$ git checkout 389-ds-base-1.3.1
Switched to branch '389-ds-base-1.3.1'

git cherry-pick -x master
Finished one cherry-pick.
[389-ds-base-1.3.1 eba7764] Ticket 47510 - 389-ds-base does not compile against MozLDAP libraries

git push origin 389-ds-base-1.3.1
Counting objects: 13, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (7/7), done.
Writing objects: 100% (7/7), 968 bytes, done.
Total 7 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
6b35dc7..eba7764 389-ds-base-1.3.1 -> 389-ds-base-1.3.1

{{{
struct FILE *ldif_fd_in = NULL;
}}}

Isn't it just FILE * - no struct? as in
{{{
int fprintf(FILE stream, const char format, ...);
}}}

If so, then you'll also have to use fopen()/fclose() instead of PR_Open/PR_Close

Replying to [comment:15 rmeggins]:

{{{
struct FILE *ldif_fd_in = NULL;
}}}

Isn't it just FILE * - no struct? as in
{{{
int fprintf(FILE stream, const char format, ...);
}}}

If so, then you'll also have to use fopen()/fclose() instead of PR_Open/PR_Close

I get other warnings/errors when I try changing this around. I just casted ldif_fd_in to (FILE *). New patch attached...

Here is the declaration from /usr/include/mozldap/ldif.h
{{{
char ldif_get_entry( FILE fp, int *lineno );
}}}
What warnings/errors do you get?

Replying to [comment:17 rmeggins]:

Here is the declaration from /usr/include/mozldap/ldif.h
{{{
char ldif_get_entry( FILE fp, int *lineno );
}}}
What warnings/errors do you get?

Err, I think I read the one warning from the wrong workspace, and thought something else was going on. FILE works fine, new patch attached.

git merge ticket47510
Updating 70ed005..820b448
Fast-forward
ldap/servers/plugins/automember/automember.c | 8 ++--
ldap/servers/slapd/operation.c | 3 +-
ldap/servers/slapd/slapi-plugin.h | 72 ++++++++++++++++++++++++++
ldap/servers/slapd/util.c | 4 +-
4 files changed, 80 insertions(+), 7 deletions(-)

git push origin master
Counting objects: 21, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (11/11), done.
Writing objects: 100% (11/11), 1.90 KiB, done.
Total 11 (delta 8), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
70ed005..820b448 master -> master

commit 820b448
Author: Mark Reynolds mreynolds@redhat.com
Date: Fri Sep 27 16:06:27 2013 -0400

1.3.1

git push origin 389-ds-base-1.3.1
Counting objects: 21, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (11/11), done.
Writing objects: 100% (11/11), 1.89 KiB, done.
Total 11 (delta 8), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
c74fcf7..a1ab932 389-ds-base-1.3.1 -> 389-ds-base-1.3.1

commit a1ab932
Author: Mark Reynolds mreynolds@redhat.com
Date: Fri Sep 27 16:06:27 2013 -0400

git merge ticket47510
Updating 820b448..d876e6d
Fast-forward
ldap/servers/slapd/slapi-plugin.h | 21 ---------------------
1 files changed, 0 insertions(+), 21 deletions(-)

git push origin master
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 590 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
820b448..d876e6d master -> master
[mareynol@localhost ds]$ git log -1
commit d876e6d
Author: Mark Reynolds mreynolds@redhat.com
Date: Fri Sep 27 20:49:53 2013 -0400

git checkout 389-ds-base-1.3.1
Switched to branch '389-ds-base-1.3.1'
git cherry-pick -x master
Finished one cherry-pick.
[389-ds-base-1.3.1 4347de5] Ticket 47510 - remove unnecessary typedef
1 files changed, 0 insertions(+), 21 deletions(-)

git push origin 389-ds-base-1.3.1
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 633 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
a1ab932..4347de5 389-ds-base-1.3.1 -> 389-ds-base-1.3.1

Ported all the changes to 1.2.11(for EPEL 5)

git merge mozldap
Updating 44a773d..847150a
Fast-forward
ldap/servers/plugins/automember/automember.c | 8 ++++----
.../plugins/posix-winsync/posix-group-task.c | 2 +-
ldap/servers/plugins/posix-winsync/posix-winsync.c | 1 +
ldap/servers/plugins/rootdn_access/rootdn_access.c | 3 ---
ldap/servers/plugins/rootdn_access/rootdn_access.h | 2 ++
ldap/servers/slapd/daemon.c | 5 +++--
ldap/servers/slapd/pw.c | 2 +-
ldap/servers/slapd/slapi-plugin.h | 4 ++++
8 files changed, 16 insertions(+), 11 deletions(-)

git push origin 389-ds-base-1.2.11
Counting objects: 33, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (17/17), done.
Writing objects: 100% (17/17), 1.58 KiB, done.
Total 17 (delta 13), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
44a773d..847150a 389-ds-base-1.2.11 -> 389-ds-base-1.2.11

commit 847150a
Author: Mark Reynolds mreynolds@redhat.com
Date: Thu Oct 3 15:03:11 2013 -0400

Found/fixed more Repl Sync failures:

git merge mozldap
Updating 62c89ea..8516b55
Fast-forward
ldap/servers/slapd/slapi-plugin.h | 16 ++++++++++++++++
1 files changed, 16 insertions(+), 0 deletions(-)

git push origin master
Counting objects: 11, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (6/6), 923 bytes, done.
Total 6 (delta 4), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
62c89ea..8516b55 master -> master

commit 8516b55
Author: Mark Reynolds mreynolds@redhat.com
Date: Thu Oct 3 15:36:01 2013 -0400

Metadata Update from @mvocu:
- Issue assigned to mreynolds
- Issue set to the milestone: 1.3.2 - 09/13 (September)

2 years ago

Login to comment on this ticket.

Metadata