389-ds-base

Clone
Source Code
GIT

#49377 Misleading error message - Incoming BER Element was 3 bytes
Closed: wontfix 6 years ago Opened 6 years ago by firstyear.

Closed: wontfix
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1445188

Description of problem:
Because of a wrong port number used in commandline for ladpmodify, I am getting
in error logs -
[25/Apr/2017:03:03:32.806827033 -0400] - ERR - log_ber_too_big_error - conn=12
fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change
the nsslapd-maxbersize attribute in cn=config to increase.

which is misleading

Version-Release number of selected component (if applicable):
389-ds-base-1.3.6.1-9.el7.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Configure MMR with SSL

2. execute - /usr/lib64/mozldap/ldapmodify -Z -P
"/etc/dirsrv/slapd-M1/cert8.db" -W secret12 -p 30100 -h localhost -D
"cn=directory manager" -w Secret123 << EOF
dn: uid=new_user4,dc=example,dc=com
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
uid: new_user4
sn: new_user4
cn: new_user4
EOF

where 30100 is non-ssl port (wrong port number)

3. you will get below on command line -
ldap_simple_bind: Can't contact LDAP server
        SSL error -5938 (Encountered end of file.)

4. And in error messages, it will show -
[25/Apr/2017:03:13:17.830291071 -0400] - ERR - log_ber_too_big_error - conn=16
fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change
the nsslapd-maxbersize attribute in cn=config to increase.
[25/Apr/2017:03:22:08.700482270 -0400] - ERR - log_ber_too_big_error - conn=22
fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change
the nsslapd-maxbersize attribute in cn=config to increase.


Actual results:
Error message for a wrong port-

[25/Apr/2017:03:13:17.830291071 -0400] - ERR - log_ber_too_big_error - conn=16
fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change
the nsslapd-maxbersize attribute in cn=config to increase.
[25/Apr/2017:03:22:08.700482270 -0400] - ERR - log_ber_too_big_error - conn=22
fd=64 Incoming BER Element was 3 bytes, max allowable is 2097152 bytes. Change
the nsslapd-maxbersize attribute in cn=config to increase.


Expected results:
Errors message should be helpful in pointing out the mistake.


Additional info:

Metadata Update from @firstyear:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1445188
6 years ago

Metadata Update from @mreynolds:
- Custom field component adjusted to None
- Custom field origin adjusted to None
- Custom field reviewstatus adjusted to None
- Custom field type adjusted to None
- Custom field version adjusted to None
- Issue set to the milestone: 1.3.7.0 (was: 0.0 NEEDS_TRIAGE)
6 years ago

Metadata Update from @firstyear:
- Issue assigned to firstyear
6 years ago

Metadata Update from @firstyear:
- Custom field reviewstatus adjusted to review (was: None)
6 years ago

Metadata Update from @mreynolds:
- Custom field reviewstatus adjusted to ack (was: review)
6 years ago

commit b3629af
To ssh://git@pagure.io/389-ds-base.git
b4497c4..b3629af master -> master

Metadata Update from @firstyear:
- Custom field reviewstatus adjusted to review (was: ack)
- Issue close_status updated to: fixed
- Issue set to the milestone: 1.4 backlog (was: 1.3.7.0)
- Issue status updated to: Closed (was: Open)
6 years ago

This also needs to go into 1.3.7...

Metadata Update from @mreynolds:
- Issue set to the milestone: 1.3.7.0 (was: 1.4 backlog)
- Issue status updated to: Open (was: Closed)
6 years ago

commit f49e4cf
To ssh://git@pagure.io/389-ds-base.git
231c28b..f49e4cf 389-ds-base-1.3.7 -> 389-ds-base-1.3.7

Metadata Update from @firstyear:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)
6 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/2436

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: fixed)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
None
review
None
Attachments 1
0001-Ticket-49377-Incoming-BER-too-large-with-TLS-...
Attached 6 years ago View Comment
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.