test

Sun Java System Directory Server Enterprise Edition 6.1 Release Notes

Bugs Fixed in Directory Server

This section lists bugs fixed in Directory Server 6.1 and 6.0 releases.

Bugs Fixed in Directory Server 6.1

Following list contains only the selected bugs fixed in this release. For the complete list of the bugs fixed in this release, see the README.patchnumber file in your patch directory.

2143525

Substring filters can be slow if they are changed into range index.

2143806

Adding a CoS Template entry that contains a single entry of " causes the system to crash.

2145935

The mutex_lock crashes while searching for replication agreements.

2145936

slapd_nss_decrypt() leaks memory on every call.

2145937
2145938

Server crashes if encrypted attribute exists with no value.

2145939

Incorrectly formatted DSML requests crashes the server on Solaris x86.

2145941

Deadlock in connection handling between multiple internal operations and incoming replication operation.

2147271

In Directory Server, users are able to perform MODRDN() anonymously, which enables the unauthorized users to change data in entries under specific conditions.

2148581

The ldapsearch command displays information about the existence of the attributes in an entry, which might enable unauthorized user to modify attributes in the entry.

6494027

Errors in replication agreement when doing total update or restarting a consumer.

6523245

Directory Server does not allow you to enable password quality checking alone without at least one other password policy feature.

6535366

Change in mutex locking for Directory Server can lead to slower search performance.

6539528

Directory Server skips merge of indexes if there are multiple import passes.

6542961

Setting a small value for the trimming of changelog may cause the server to crash.

Bugs Fixed in Directory Server 6.0

2065190

Issue with ;binary attributes and compliance with RFC 1274.

2073877

Console process grows when adding users.

2077615

Console cannot display an access log greater than 60 MB when a filter is used.

2078936

Log size settings over 2 GB do not work.

2081711

Directory Server crashes when a client sends a certificate without an issuer DN.

2096858

Adding an entry crashes Directory Server.

2096883

Directory Server dumps core due to an incorrect search performed by a plug-in.

2096891

Deadlock in access control plug-in.

2096903

Unable to configure pass-through authentication with URLs containing the same suffix.

2096910

DN checking operation is not properly carried out by Directory Server.

2096948

Regression related to ignoring referrals.

2096972

ldapsearch -A fails against a chained database.

2096974

During shutdown, referential integrity plug-in can crash Directory Server.

2097033

VLV indexes are broken.

2097063

Binding with certificate authentication and a simple bind can cause Directory Server to hang.

2097069

Replicated updates can stop replication.

2097104

Crash while deleting a browsing index.

2097113

Subtree plug-in logs superfluous postoperation warnings.

2097137

Referential Integrity plug-in does not allocate enough space for internal search.

2097199

Password expiration does not completely prevent users from binding.

2097204

Strange reverse DNS request issued at startup.

2097230

All attribute subtypes get deleted from index.

2097291

Directory Server dumps core in acl_access_allowed().

2097364

Wildcard searches work poorly with single character attribute values.

2097365

Some wildcard searches trigger problems.

2097370

ldif2db -n userRoot -i test.ldif causes a bus error.

2097382

ACIs and ACLs do not take extra white space into account.

2097440

Memory leak with persistent searches.

2097454

Directory Server dumps core when checking the history of a clear text password.

2097508

Persistent search returns tombstone purging events.

2097539

Start TLS is not thread safe.

2097566

bak2db fails with nested directory databases.

2097599

Buffer Overflow in re_comp().

2097622

Significant memory leak.

2097653

Directory Server core dumps in preop_modify() when the attribute uniqueness plug-in is active.

2097856

Directory Server crashes on receipt of an invalid PDU.

2098089

Substring index becomes corrupt if one of similar multiple values is deleted.

2099319

Installation fails on HP-UX.

2099405

Replication commands should have a timeout parameter.

2099420

Crash when trimming the retro changelog.

2099426

Duplicate uid attribute values arise when encryption is performed.

2099434

db2ldif -r removes the guardian file.

2101109

The audit log can fail to rotate as configured.

2101130

Access log rotation does not occur upon restart.

2101137

Some tombstone entries are not being purged.

2101144

Could not set referrals for replica errors.

2101156

Unable to release IDs on the consumer after the link is down for more than 5 minutes.

2101162

VLV search based on empty container returns err=1.

2101166

Memory leak in search on suffix containing referral subsuffix.

2101187

Adding entry with "*" chars in DN field incur full scan of tombstones.

2101191

repldisc does not properly work with multiple instances on the same host.

2101202

A modify or delete of more than five values deletes all values.

2101217

Crash when removing a RUV when using multiple Solaris 9 x86 masters.

2101232

DENY macro ACI applies to entries that should not be affected.

2101246

Log settings for minimum free disk space do not work as expected.

2101260

Directory Server stops responding when LDAP search with too many attributes is sent.

2101264

Search operation with "-" char in filter leads to failure.

2101312

Link loss longer than five minutes causes consumer not to sync after network recovery.

2101314

ADD not replicated, DEL cannot be replayed when using multi-master replication over SSL.

2101332

Expiration time unit does not take the right default value.

2101395

Schema deletions not propagated correctly.

2101399

Consumers hang when schema is pushed over replication.

2106623

Transaction logs are not always deleted.

2112994

Special DN with ; and , crashes Directory Server.

2113363

Internal search causes Console to display warning.

2115512

Directory Server crashes when changelog trimming is enabled.

2118489

Master and consumer expand superior object class differently.

2118767

Slow import with complex DIT.

2119156

Directory Server crashes at startup in ACI code.

2119159

Crash occurs when reading the replication agreement.

2119577

Chaining downcasts DNs.

2120295

ACL does not work as expected if nested group is specified as groupdn.

2120415

Directory Server exits after 4 GB realloc().

2120445

Directory Server crashes during a specific search when adding a subsuffix.

2120502

Crash at startup when nsslapd-binary-mode is set.

2120542

Unexpected password is expiring on consumer in %d seconds message reported.

2120918

Inconsistency in replicated data between master and consumer.

2120950

Multiple password changes can lead to clear-text password.

2120951

Directory Server connection is unexpectedly down.

2121080

Crash when checking access control during modify operation.

2121115

Crash on consumer during schema replication if legacy replication is enabled.

2121137

Updates to the retro changelog lost on master.

2121247

Excess warning messages about replay of operation already seen.

2121679

Race condition occurs when closing connections.

2121953

Online index task request and simultaneous access control search leads to hang.

2122537

Index corruption with very large number of matches.

2122698

Memory leak in individual password policies.

2123206

Crash in replication when difference between system clock is greater than 24 hours.

2123826

Data inconsistency after restarting masters under load.

2123827

Crash when shutting down server as changelog is being trimmed.

2124111

Huge memory leak topology using old protocol with mixed versions.

2124113

Crash with DSML PDU larger than 2 KB.

2124476

Need a tool to check database integrity.

2124477

fildif cannot handle files larger than 2GB.

2124722

Replication halts and restarts with send update now.

2124725

Clean RUV task does not remove RUV with read-only replica ID.

2124727

Deadlock between replica and connection locks.

2124730

Schema replication can miss changes.

2124731

Substring searches very slow.

2124740

mmldif delta files do not contain LDIF update statements.

2124975

Crash while processing modification with retro changelog plug-in turned on.

2125068

Memory leak when DN normalization fails.

2125161

db2ldif.pl -r can cause hang.

2125445

Adding and deleting an attribute in a single modify operation is not replicated correctly.

2125722

Crash if resource limit for number of file descriptors is dynamically increased.

2125809

Performance problems when doing searches with the en-US collation rule.

2125848

Exit when allocating 4 GB to handle access control for a group member.

2126520

Checkpoint forced even when no updates are performed.

2126571

CoS does not take effect for entries in nested organization.

2126669

Error during the creation of subsuffix or clone under a search workload.

2126886

Deadlock in database while evaluating the ACLs during a modify operation.

2127020

Replication may be slow to restart after a network outage.

2127266

A consumer does not detect there is pending operation and when closing an idle replication connection.

2127456

Modification lost when using ldapmodify.

2127545

Performance issue when deleting non existent attribute.

2127627

Deleting multivalued attributes results in high etime.

2127691

Adding and deleting the same entry on replica can lead to replication issues.

2127692

Performance degradation when purging tombstones in multi master environment.

2128056

Deletion operation is not flagged as dependent on a previous modification.

2128417

Retro Changelog plug-in fails to record changes if regular replication is disabled.

2129137

Duplicate unique IDs can be generated.

2129138

Allow administrators to reset passwords.

2129139

Cannot stop or use master after total update fails when using multi master replication over SSL.

2129140

Add the return code for errors that could not be logged in the changelog.

2129141

Hub not replicating due to bad hub replica ID, 65535, in hub RUV.

2129142

Lack of disk space causes looping in db2bak internal task.

2129143

ACI returns incorrect results when fix is applied.

2129145

Bad server side sort performance when data contains many identical values.

2129147

passwordRetryCount does not get incremented when passwordResetFailureCount is set to 0.

2129148

Performance degradation in substring searches.

2129149

Memory leak with virtual attributes.

2129152

Searches for subtype attributes does not work correctly with nsslapd-search-tune enabled.

2129154

Restart of a fractional consumer breaks replication with configuration error.

2129155

Crash within SASL bind check.

2129159

Hang when replication agreement is initialized from another master.

2129161

Infrequent updates on standby replica can cause replication to stop for prolonged periods.

2131372

Crash when referential integrity log file is truncated.

2131955

Hang when an error occurs during error log rotation.

2131982

No further adds possible after first empty replace operation on single-valued, replicated attribute.

2132137

Crash in replicated operation.

2132359

Log rotation does not work correctly after restart.

2132568

Generated CSN is not systematically higher than previous CSN.

2132654

Some CoS attributes not generated for entries under nested organizations.

2132657

Classic CoS under nested organization does not work as configured.

2132929

Bad default value for nsslapd-maxbersize.

2133109

Tools needed to monitor completeness, status, and availability of servers in large, multi master deployments.

2133110

Schema checking on hubs should be enabled by default.

2133155

Invalid values are accepted for minimum password length in individual password policies.

2133168

LDIF containing encrypted attribute values corrupts indexes during import.

2133351

ldif2db has been seen to hang.

2133355

Deadlock between tombstone purging thread and access control plug-in.

2133503

On Windows systems, DSML request fails when instance path contains a space.

2134041

Crash when adding VLV index with incorrect vlvFilter.

2134409

Remote denial of service attack possible with large memory allocation.

2134467

Partial replication can break when several suppliers are configured for changelog trimming.

2134470

Merge during ldif2db skips keys due to incorrect continuation block prefix.

2134480

Memory leak when index contains a continuation block.

2134648

The mmldif command should support huge files.

2134901

Individual password policy specifies plain text, but password in new entry is replicated in encrypted form.

2134918

CoS attribute not found on entries after online initialization.

2136223

Memory leak in ACI group member evaluation.

2136224

When nsslapd-db-transaction-batch-val is set, transaction flush fails to enforce the limit.

2136869

Import can corrupt state of entries having userPassword attributes.

2138073

Incorrect page size computation creates indexes with many overflow pages after a reindexing operation.

2138081

Substring performance requires improvement.

2138837

Entries can be skipped while importing an LDIF file generated with db2ldif.pl -r.

2139899

ioblocktimeout not always enforced when writing result over secure connection.

2139914

Potential crash when renaming corrupted child entry.

2140785

Memory leak when handling password histories.

2141919

Zero allocation error when retro changelog and TMR plug-in is enabled.

2142817

Memory leak during LDAP write operations upon failure to update a matching rule index.

2142904

Operational attribute entrydn added before the entry is cached.

2143075

VLV searches leak memory.

2143076

Restore fails following binary copy when CN attribute does not match case.

2143790

Memory leak in decryption code.

4537541

Retro changelog plug-in should be executed for selected backends.

4538988

Performance issues when searching for tombstone entries.

4541437

No feedback from import during delay processing large entries.

4541499

Allow more database configuration attributes to be set over LDAP.

4542920

Provide a changelog purge vector over LDAP.

4738244

Allow a grace login period after passwords expire.

4748577

Allow complete replication configuration and management on the command line.

4877553

Enable support for libwrap.

4881004

Set default changelog maximum age to seven days.

4882951

Provide frozen mode to allow file system snapshot backups.

4883062

Make it possible to import additional entries without initialization.

4925250

Incorrect error message when exporting a subtree with db2ldif -s.

4951154

Modify performance degrades until all entries are modified.

4966365

Backend instances called default do not work.

4972234

Allow account validation through an LDAP bind without the user password.

5021269

Adding entries with object class nsTombstone can cause replication to fail.

5045529

Support required for SASL/GSS encryption.

5063150

Make the SNMP agent work with the native operating system agents.

5095192

Stopping Directory Server is sometimes slow during poll for results in a replication session.

6197516

Need a way or a tool to monitor progress during recovery after a crash.

6224962

More control needed over cache sizes.

6249904

Changelog database and other databases do not shrink even after data is removed.

6252422

Role fails to work on consumer after online initialization.

6264095

Allow disabling of anonymous binds.

6272729

Need an attribute that shows the groups to which an entry belongs.

6290382

Crash on startup with message trying to allocate 0 or a negative number of bytes.

6292118

Add port number in access log when a client connection is created.

6296288

Need a non-intrusive way to count the number of active persistent searches.

6321407

Document plug-in execution order.

6333657

Avoid traversing nscpentrydn index when purging tombstones.

6341364

Log an error when using connection based access control and the client list is not specified.

6343255

Remove the time bomb.

6370656

Display connection number under cn=monitor in same format as access log.

6394412

Support a plug-in for password syntax checking.

6407613

changeNumber is not indexed by default.

6411228

Maximum connection backlog queue incorrectly hard coded as 128.

6442106

Crash while enabling replication.

The following bugs were found during the beta program, and subsequently fixed.

6330266

A disorderly shutdown was detected when memory allocation failed.

6340943

Output from the idsync command is misleading.

6340950

Error when using an option to create a replication agreement on the command line.

6342427

Memory allocation issue leads to no more space message.

6342905

Setting the directory administrator password on the command line is confusing.

6343490

Password reset and password lockout interact incorrectly.

6343505

Result code is misleading for a bind where the password must be reset.

6344889

Log rotation subcommand name is not clear.

6344890

Command line tools should use the --D bind-dn option to specify the administrator.

6345610

Command line usage should always list global options.

6345613

Output after starting replication on the command line is misleading.

6346406

Allow binary copy from a master replica to a dedicated consumer.

6348095

Make subcommands for replication configuration easier to understand.

6348096

Some subcommands names are misleading.

6348098

Password lockout not working properly after a number of failed attempts.

6348099

Fix syntax validation property online help.

6348101

Make unit sizes consistent when setting configuration property values.

6348103

Error in option when listing indexes from the command line.

6349174

Import through dsconf fails.

6355804

Issues arise when configuring replication using the command line.

6383106

Directory Service Control Center page to configure server groups leads to JSP not found error.

6405227

Adding approximate and substring indexes causes equality indexes to stop working.

6412227

The dsee_deploy command should work with install directory names only one character in length.

6415248

The uid attribute is not displayed correctly in the Entry Overview tab of DSCC for POSIX users.

6416455

Changing nsslapd-infolog-area does not change errors log contents.

6417038

Allow DSCC to create a server instance running as nobody.

6417541

Allow changes to client control settings in the Directory Server Configuration tab of DSCC.

6417617

Installation should not remove existing Java version.

6421070

Allow DSCC to delete replication agreements.

6424456

Clarify how to change the password with ldapmodify when pwdSafeModify is on.

6449394

Allow DSCC to register existing server instances.

6451067

Allow DSCC to edit a server location.

6451889

The path for the tool to register DSCC with Sun Java Web Console is not valid in the online help.

6451892

With a presence index configured, searches still appear unindexed in the access log.

6452544

Allow DSCC to work properly when creating servers on Solaris zones.

6459897

Fix errors after configuring a suffix through DSCC.

6459899

After a delete operation, the DSCC window does not close.

6460721

Deleting an index type leads to an Error null message.

6481268

Fix server instance registration issue that occurs when a DSCC session times out.