Bug 202343 - ports-mgmt/pkg: package message should be urldecoded when reading back
Summary: ports-mgmt/pkg: package message should be urldecoded when reading back
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Baptiste Daroussin
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-08-15 10:29 UTC by ruy
Modified: 2016-02-29 12:35 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (delphij)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description ruy 2015-08-15 10:29:25 UTC
In Message for openldap-server-2.4.41,

    slapd_flags='-h "ldapi://%252fvar%252frun%252fopenldap%252fldapi/ ldap://0.0.0.0/"'

but opened Unix-domain socket is not decoded.

    # ps ax | grep ldap
    4132  -  Is     0:00.01 /usr/local/libexec/slapd -h ldapi://%252fvar%252frun%252fopenldap%252fldapi/ ldap://0.0.0.0/ -u ldap -g ldap
    # netstat -an | grep ldap
    fffff8000d3733c0 stream      0      0 fffff80018150760        0        0        0 %2fvar%2frun%2fopenldap%2fldapi

Tried specify the option without escape.

    # ps ax | grep ldap
    4212  -  Is     0:00.01 /usr/local/libexec/slapd -h ldapi:///var/run/openldap/ldapi/ ldap://0.0.0.0/ -u ldap -g ldap
    # netstat -an | grep ldap
    fffff8000d3733c0 stream      0      0 fffff80023a40588        0        0        0 /var/run/openldap/ldapi

Is this just a matter of the openldap-server's message ?
Comment 1 Xin LI freebsd_committer 2015-08-15 20:13:53 UTC
-h expects an URI so it has to be encoded.  See http://www.openldap.org/doc/admin24/runningslapd.html#Command-Line Options for more details.
Comment 2 ruy 2015-08-15 20:52:52 UTC
(In reply to Xin LI from comment #1)

Thank you for reading.
Not yet issue resolved.

When use the -h with encoded URI is not working, but -h with no-encoded URI is working.


In case FreeBSD 10.1 and openldap-server-2.4.41.

Use the -h with encoded URI, we can see the WARNING.

    # sysrc slapd_flags
    slapd_flags: -h 'ldapi://%252fvar%252frun%252fopenldap%252fldapi/ ldap://0.0.0.0/'
    # service slapd restart
    Stopping slapd.
    Waiting for PIDS: 1604.
    Starting slapd.
    /usr/local/etc/rc.d/slapd: WARNING: slapd: Can't find socket /var/run/openldap/ldapi

This WARNING would be output because the UNIX socket was not opened at run slapd script.

Even using the URI encoded in the running options,
  (-h 'ldapi://%252fvar%252frun%252fopenldap%252fldapi/)
correct socket name that is seen in netstat should have decoded URI.
  (%252fvar%252frun%252fopenldap%252fldapi/ -> /var/run/openldap/ldapi)


When use the -h with encoded URI is not created UNIX socket, but -h with no-encoded URI is created UNIX socket.

This was intended ?
Comment 3 Xin LI freebsd_committer 2015-08-15 23:10:10 UTC
(In reply to ruy from comment #2)
Here is what I tried:

root@anubis:/usr/ports/net/openldap24-server # cat >> /etc/rc.conf.local 
slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
root@anubis:/usr/ports/net/openldap24-server # sysrc slapd_flags
slapd_flags: -h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"
root@anubis:/usr/ports/net/openldap24-server # service slapd restart
Stopping slapd.
Waiting for PIDS: 77613.
Starting slapd.
root@anubis:/usr/ports/net/openldap24-server # sockstat -l | grep slap
ldap     slapd      77704 6  stream /var/run/openldap/ldapi
ldap     slapd      77704 7  tcp4   *:389                 *:*

The host system is FreeBSD 10.1-RELEASE-p16.

I then looked more closely to your report and found an extra %25 there, which would make slapd to create a socket in /.

Where did you get that part?  I tried this, and the output does look legitimate:

% pkg info -D openldap-server
openldap-server-2.4.41:
************************************************************

The OpenLDAP server package has been successfully installed.

In order to run the LDAP server, you need to edit
  /usr/local/etc/openldap/slapd.conf
to suit your needs and add the following lines to /etc/rc.conf:
  slapd_enable="YES"
  slapd_flags='-h "ldapi://%2fvar%2frun%2fopenldap%2fldapi/ ldap://0.0.0.0/"'
  slapd_sockets="/var/run/openldap/ldapi"

Then start the server with
  /usr/local/etc/rc.d/slapd start
or reboot.

Try `man slapd' and the online manual at
  http://www.OpenLDAP.org/doc/
for more information.
  
slapd runs under a non-privileged user id (by default `ldap'),
see /usr/local/etc/rc.d/slapd for more information.

************************************************************
Comment 4 Xin LI freebsd_committer 2015-08-15 23:11:13 UTC
By the way, modern OpenLDAP now supports using ldapi:/// ldap:/// to accomplish the same unless you only want IPv4 listening and IPv6 is available.
Comment 5 ruy 2015-08-15 23:53:10 UTC
(In reply to Xin LI from comment #3)

Thank you for testing.

I installed from pkg, not ports.
(e.g. # pkg install openldap-server)

As output below.

# uname -r
10.1-RELEASE-p16
# pkg info -D openldap-server
openldap-server-2.4.41:
************************************************************

The OpenLDAP server package has been successfully installed.

In order to run the LDAP server, you need to edit
  /usr/local/etc/openldap/slapd.conf
to suit your needs and add the following lines to /etc/rc.conf:
  slapd_enable="YES"
  slapd_flags='-h "ldapi://%252fvar%252frun%252fopenldap%252fldapi/ ldap://0.0.0.0/"'
  slapd_sockets="/var/run/openldap/ldapi"

Then start the server with
  /usr/local/etc/rc.d/slapd start
or reboot.

Try `man slapd' and the online manual at
  http://www.OpenLDAP.org/doc/
for more information.

slapd runs under a non-privileged user id (by default `ldap'),
see /usr/local/etc/rc.d/slapd for more information.

************************************************************


Ok. As pointed out, "%25" is extra.
Based on your reply, it was confirmed that used encoded URI operates correctly.

The incorrect argument is included in the message, it was understanding and pkg of problem.
Comment 6 ruy 2015-08-16 00:04:28 UTC
"%" is URI encoded to %25.
If openldap-server package is created automation, might be occur dual escape in the messages.
Comment 7 Xin LI freebsd_committer 2015-08-16 04:07:16 UTC
(In reply to ruy from comment #5)
Ah Okay, now I see where this comes.

Will investigate why, thanks for reporting.
Comment 8 Xin LI freebsd_committer 2015-08-16 04:08:21 UTC
(In reply to ruy from comment #6)
It's possible, but I use poudriere for quite some time and didn't see it before.  I've started my local builder and will check if I can reproduce it with bulk build.
Comment 9 Xin LI freebsd_committer 2015-08-16 06:26:40 UTC
I think this is a bug with pkgng and have a proposed patch at:

https://github.com/freebsd/pkg/pull/1306

Over to maintainer.
Comment 10 ruy 2015-08-16 08:00:34 UTC
(In reply to Xin LI from comment #9)
I should have been reported since the investigation in detail.
Thank you for taking the time.
Comment 11 Baptiste Daroussin freebsd_committer 2015-08-16 09:03:30 UTC
I have merged the code in the master branch.

I will merge it and test it in the release 1.5 branch and issue a new release asap.

Thank you!
Comment 12 Mark Linimon freebsd_committer freebsd_triage 2015-09-05 01:51:47 UTC
bapt has looked at this himself, so reassign away from group alias.
Comment 13 Baptiste Daroussin freebsd_committer 2016-02-29 12:35:26 UTC
Fixed long ago and forgot to close