Fixes in 7.3.x

OPENDJ-9999: DS uses encrypt/decrypt for key wrapping instead of wrap/unwrap

OPENDJ-9917: VirtualListView limits returned entries when used with an attr#USERDN ACI

OPENDJ-8796: Virtual attribute providers ignore critical controls, such as VLV, paging, and sorting

OPENDJ-9828: Deadlock in big index

OPENDJ-9798: Recreated indexes are considered trusted when empty

OPENDJ-9790: Cannot create GeneralizedTimes with large fractional values

OPENDJ-9773: Slow startup when using multiple backends with static groups

OPENDJ-9272: Change number indexing state is logged too often

OPENDJ-9158: AM User/CTS affinity failover doesn’t happen when DS’s disk volume is detached

OPENDJ-6791: RS reconnect delay is too aggressive

OPENDJ-9587: ChangeNumberIndexer unable to advance even after proper shutdown of the replica

OPENDJ-9472: Upgrade does not correctly handle previously patched upgrades

OPENDJ-9550: Problem with entryUUIDs and operational attributes of static groups

OPENDJ-9473: The bindPasswordFile (bindPassword:file) option cannot be used with a tools.properties file

OPENDJ-9358: ACI: (userdn = "ldap:///anyone" and not userdn = "ldap:///all") captures authenticated users and should not

OPENDJ-9300: DS 7.3 upgrade requires a full index rebuild

OPENDJ-9295: Search involving BigIndex throws NoSuchElementException

OPENDJ-9272: Change number indexing state is logged too often

OPENDJ-9250: The max-allowed-client-connections limit should not apply to the admin connector

OPENDJ-9245: DS backup to an S3 bucket on a new region fails

OPENDJ-9213: The dsconfig list-replication-domains output contains redundant columns

OPENDJ-9204: RS ignores DS state and forwards changes DS has already seen

OPENDJ-9200: Backup process logs incorrect number of jdb files

OPENDJ-9183: Replicated request controls serialized in LDIF using V1 encoding

OPENDJ-9182: NPE in changelogstat on encountering a modify DN request

OPENDJ-9167: Reading isMemberOf after adding, deleting, or renaming a static group can block for a long time when there are many static groups

OPENDJ-9102: Log rotation stops once the File Count Retention Policy count is met

OPENDJ-9042: All worker threads blocked waiting for abandon operations to complete

OPENDJ-9041: Undeliverable unexpected exception while performing an abandon operation during server shutdown

OPENDJ-9033: DS refuses to start and throws an NPE when a subordinate-base-dn is used

OPENDJ-9032: The dsrepl --script-friendly option was never implemented and should not appear in the tool

OPENDJ-9020: Replicas should persist their ReplicaOfflineMsg unless they’re being recovered from the replication server

OPENDJ-9007: LoadBalancer availability check fails if the current bind user state is "bad"

OPENDJ-9002: Changelogstat outputs verbose CSNs for offline messages, but not other messages

OPENDJ-9000: Missing RS - RS heartbeats are not detected

OPENDJ-8992: A replica rejoining the topology after its changelog is purged is not tested for the correct server state

OPENDJ-8975: Modified file permissions for 99-user.ldif revert to 600 when DS is restarted

OPENDJ-8917: ReplicationBroker.java swallowed important debugging info

OPENDJ-8831: Log when and why the ChangeNumberIndexer cannot move forward

OPENDJ-8815: dsrepl status does not take bad data status into account

OPENDJ-8808: Potential deadlock between overlapping rename operations

OPENDJ-8779: Improve replica and changelog logging

OPENDJ-8378: dsrepl status shows deleted replication domains

OPENDJ-8233: RS connection error reason is not logged when hostname is not resolvable

OPENDJ-7942: The server ignores critical VLV request controls when falling back to an unindexed search

OPENDJ-7941: Client connections to proxy are timed out after 10 seconds regardless of activity

OPENDJ-7925: Searchrate does not retrieve data when used simultaneously with modrate on groups

OPENDJ-7688: Spurious DS disconnections because of missing heartbeat

OPENDJ-7640: Supportextract does not collect all security stores when several keystores have the same basename

OPENDJ-7516: External cn=changelog is not updated while replication initialization is in progress

OPENDJ-3409: Retention and rotation policies do not work with CAUD handlers

OPENDJ-3057: Replication Server starts listener although ChangeLog DB is unusable

OPENDJ-8874: Full replica purge should write CSN information right away

OPENDJ-8829: Error messages incorrectly mentions cn=System,cn=monitor

OPENDJ-8805: dsconfig exits when setting the "bootstrap-replication-server" property with a <null> value in the "Replication Service Discovery Mechanism".

OPENDJ-8792: SDK: Log SSL exceptions as errors instead of warnings

OPENDJ-8778: Setup option --trustStorePassword:file behaves differently than --trustStorePasswordFile

OPENDJ-8727: HTTP embedded listener throws IllegalStateException: Output channel is not set

OPENDJ-8698: DS should write config archive files in a crash consistent way

OPENDJ-8610: RS-RS session thread stuck in Session.send could prevent DS from shutdown

OPENDJ-8548: Optimize scoping of indexed searches

OPENDJ-8532: Error running export-ldif offline: "DatabaseConfig.setReadOnly() must be set to false when creating a Database"

OPENDJ-8500: IllegalMonitorStateException after subtree read lock timeout when adding an entry

OPENDJ-8473: Upgrade does not migrate ds-cfg-je-property values

OPENDJ-8383: dsrepl status fails when certificates accepted interactively

OPENDJ-8280: DS will not start when using a non US Locale after changing config

OPENDJ-8254: dsbackup restore/list slow to complete with cloud storage

OPENDJ-8243: Indexes could cause ldapsearch to return multiple copies of the same entry

OPENDJ-8227: Deadlock between Changelog DB purger and Thread for RS session

OPENDJ-8226: Support Extract tool ignores non-default changelogDb location when collecting domains.state file

OPENDJ-8205: Log message lists an object’s string representation instead of a file name

OPENDJ-8137: LDIF backend silently rejects entries that fail schema validation

OPENDJ-8115: -Djavax.net.ssl.trustStore=<value> in OPENDJ_JAVA_ARGS throws NullPointerException

OPENDJ-8090: am-identity-store:7.1 setup profile is not functional

OPENDJ-8079: targattrsfilters expression does not work with 2 filters but permits 1 or more than 2 filters

OPENDJ-8062: Possible inconsistent state after backup restore

OPENDJ-8046: Changelog files are not closed after searching cn=changelog

OPENDJ-8028: Prometheus monitoring doesn’t work with Telegraf

OPENDJ-8024: Prevent configuration of VLV indexes with scope base-object

OPENDJ-8008: OutOfMemoryException in subtree delete

OPENDJ-7991: makeldif: "invalid number of arguments" using DateTime tag with colons

OPENDJ-7971: dsbackup fails when JDB file cleaned

OPENDJ-7970: Ensure that DS is crash resilient for all runtime file changes

OPENDJ-7889: Configuring group-id against DS-only instance requires restart for the change to be reported by monitoring

OPENDJ-7818: Package based upgrade does not support instances running as non-root

OPENDJ-7816: dsbackup fails when destination is a symbolic link to a real directory

OPENDJ-7755: DS 7.0 replication with older version, CryptoManager failed to import the symmetric key entry

OPENDJ-7744: dsrepl initialize in a topology with DS7 and DS 5.5 fails if DS7 serverId starts with 0

OPENDJ-7596: dsbackup has global connection options that do not work with some subcommands

OPENDJ-4935: Replication instability and divergence when using high latency disks

OPENDJ-7928: JSON normalization cannot handle nested arrays

OPENDJ-7905: Schema replication error after upgrade

OPENDJ-7867: NPE if dsbackup bucket name contains underscores

OPENDJ-7851: Supportextract tool: clobbers the server.out filehandle when kill -3 is used.

OPENDJ-7847: StaticGroup’s objectclass sanity checks are unhelpful

OPENDJ-7810: JMX connections are always considered insecure

OPENDJ-7761: DS sporadically hangs while reconnecting to an RS

OPENDJ-7758: DS 7.0 dsrepl add-local-server-to-pre-7-0-topology: NPE if master-key is in different keystore

OPENDJ-7747: ldapmodify display full stack exception on LDIF errors if connection is already established

OPENDJ-7737: ConfigurationFramework#initialize0 changes the class loader without clearing the map of registered jar files

OPENDJ-7699: Supportextract throws NoSuchElementException when the server.pid file is empty

OPENDJ-7689: dsrepl add-local-server-to-pre-7-0-topology does not tolerate separate keystore and truststore

OPENDJ-7687: Global Access Control Policy regarding cn=schema is too restrictive

OPENDJ-7674: Migrating encrypted changelog files during upgrade fails

OPENDJ-7655: Replaying multiple MODIFYDN operations is very slow

OPENDJ-7612: replication divergence on CTS in the cloud

OPENDJ-7599: Cannot add a pre-encoded password to an entry without an existing password

OPENDJ-7554: Windows: Secrets not retrieved from :file command-line arguments

OPENDJ-7523: Example plugin and example pwdscheme pom.xml are missing correct revision

OPENDJ-7513: Missing subSchemaSubEntry attribute from rootDSE access controls

OPENDJ-7481: JSON logs do not contain proxy auth DN

OPENDJ-7474: Docker sample README.md provides wrong instructions for running the container

OPENDJ-7450: The startswith (sw) operator on indexed JSON attribute is slow

OPENDJ-7319: Addrate can run out of memory when --deleteMode off and --noPurge are set

OPENDJ-7286: Changelog searches can start with incorrect cursors

OPENDJ-7176: Filters with malformed attribute descriptions cannot be parsed

OPENDJ-7115: DS does not start when deployed with ISTIO sidecar container in the GCP K8s cloud

OPENDJ-7016: status command outputs malformed JSON in script friendly mode

OPENDJ-6994: strict-format-country-string does not affect the server

OPENDJ-6787: Changelog searches are extremely slow if any cursors are exhausted

OPENDJ-6778: Proxy server mishandles abandon requests

OPENDJ-6733: SMTP handler sends incorrect email when account status is modified by manually updating ds-pwp-account-disabled attribute

OPENDJ-6711: Replication status reports The provided value "5277383431" could not be parsed as an integer.

OPENDJ-6557: IDM Password Sync plugin induces 100% CPU in Apache Http Components when used with JDK 11

OPENDJ-6540: The Supportextract hangs when loggers are configured to use /dev/stdout

OPENDJ-6527: Server does not return password policy responses with only warnings

OPENDJ-6521: setup checks admin port despite options --skipPortCheck --doNotStart

OPENDJ-6512: Problems when work queue fills

OPENDJ-6499: Query on rest2ldap over ssl gets stuck after few curl requests using TLSv1.3 on JDK11

OPENDJ-6377: Replication replay: issues with ReplaySynchronizer

OPENDJ-6349: "RuntimeException: Should never happen" in HttpClientConnection

OPENDJ-6240: DS not honoring per user resource limits when processing RESTful operation requests

OPENDJ-6235: Stale ds-sync-hist attribute values reappear in the entry after replication is unconfigured

OPENDJ-6222: SMTP messages are sometimes not encoded with the correct charset

OPENDJ-6221: Logging for CONNECT operations are not saved in Nanosecond format

OPENDJ-6196: HTTP connection handler continues to listen to 0.0.0.0 after setting listen-address

OPENDJ-6188: Backend returns an incorrect error type when disk space hits low threshold

OPENDJ-6173: cn=monitor memory pool stats do not get updated properly over time

OPENDJ-6116: Unspecified Communications Error when multiple rest2ldap endpoints share configuration elements

OPENDJ-5675: JDK11: supportextract tool cannot find jstack command

OPENDJ-5664: JDK 11: illegal reflective access warning during import-ldif

OPENDJ-5661: supportextract tool help and version options are different from other tools

OPENDJ-5660: JDK 11: illegal reflective access warning on setup (with profile)

OPENDJ-5611: Change number indexing can lag behind replication under extreme load

OPENDJ-5590: Proxy: server discovery fails silently when proxy base-dn differs from backend’s base-dn

OPENDJ-5584: Server does not validate sum of memory used by JE backend caches in all cases

OPENDJ-4764: REST2LDAP gateway sasl-plain authorization doesn’t handle dn: correctly

OPENDJ-4714: SSL handshake now sends 16KB list of CA issuer DNs

OPENDJ-3121: Setup fails to create the lib/extensions directory in the instance.loc path, if a instance.loc file is used.

OPENDJ-2605: Debian packages should be idempotent

OPENDJ-1169: Exception/error lost when logging ERR_LOOP_REPLAYING_OPERATION

OPENDJ-640: Text Query Against indexed telephoneNumber Attribute Very Slow

OPENDJ-5606: Upgrade to DS 6.0 fails if multiple filesystems are involved

OPENDJ-5594: StackOverflowError with groupOfURLs when isMemberOf is requested

OPENDJ-5582: LdapClientSocket connection leaked when handshake fails

OPENDJ-5558: SDK: LdapUrl is not IPv6 clean

OPENDJ-5553: Rest2Ldap cannot connect to TLSv1.2 servers

OPENDJ-5496: DS fails to reconnect to an RS, disconnecting in handshake phase, after system restart

OPENDJ-5481: ERR_OPERATION_NOT_FOUND_IN_PENDING message used twice in different contexts

OPENDJ-5406: Duplicate entry DNs if entry is deleted and then added during export-ldif or dsreplication initialize

OPENDJ-5293: Proxy: Replication Service Discovery Mechanism logs WARNING

OPENDJ-5272: "idle-time-limit" global configuration property has no effect

OPENDJ-5210: Possible memory-leak if request received while bind in progress

OPENDJ-5140: PersistentSearch heap usage grows

OPENDJ-5137: Reading compressed or encrypted entries fails to close the InflaterInputStream

OPENDJ-5115: ldappasswordmodify fails, NPE in PasswordPolicyState updatePasswordHistory

OPENDJ-4967: Rest2ldap UndeliverableException occurs when a referenced entity cannot be fetched

OPENDJ-4947: SASL DIGEST-MD5: bind request failed with protocol error

OPENDJ-4881: Updates via Rest2ldap fail if record does not contain the necessary object class

OPENDJ-4852: Backup with --backupAll misses a few backends

OPENDJ-4625: Changelog range searches miss entries

OPENDJ-4589: dsconfig --offline is not case-insensitive

OPENDJ-4325: Changelog searches requesting changelogCookie are very slow

OPENDJ-4229: status command with keystore options throws NullPointerException

OPENDJ-3480: Updating schema backend properties while it is enabled leaves schema backend in broken state

OPENDJ-3343: Invalid Conflict resolution on Add sequence when Parent & Child are added on different replica

OPENDJ-3341: REST to LDAP gateway: HTTP response for API description is empty

OPENDJ-3153: REST to LDAP gateway: changing password fails when using proxied authorization

OPENDJ-2356: verify-index displays an inappropriate error message when run in online mode

OPENDJ-4983: IllegalStateException in change number indexer

OPENDJ-4943: NullPointerException in BackupManager.java when backup --hash is used offline

OPENDJ-4845: Crypto manager uses TLSv1, fails if admin connector ssl-protocol is TLSv1.2

OPENDJ-4823: Adding a third replica breaks key ordering of the changelogDb

OPENDJ-4729: WorkerThread is blocked in BlockingBackpressureOperator after disconnection

OPENDJ-4725: Cannot reset change-log change number

OPENDJ-4598: Replication Server cursoring through obsolete replica ID’s causing high CPU spin

OPENDJ-4587: Replication: Medium consistency point frozen when a DS+RS is unconfigured or a DS+RS is stopped

OPENDJ-4559: All worker threads blocked on ReentrantReadWriteLock in GroupManager

OPENDJ-4557: isMemberOf search result excludes entries' operational attributes

OPENDJ-4555: Server not responding

OPENDJ-4533: NullPointerException in TTL reaper

OPENDJ-4497: ttl-enabling an index requires a restart

OPENDJ-4485: MODRDN with a blank newrdn: value is not rejected.

OPENDJ-4464: Collective attributes do not consider if an attribute is single or multi-valued.

OPENDJ-4296: Rebuilding index on two backends at the same time causes NPE

OPENDJ-4210: Cannot import/export LDIF in offline mode after configuring Password Synchronization Plugin

OPENDJ-4125: Extremely poor performance under connect/disconnect load and eventual port exhaustion

OPENDJ-3896: Change number indexer exits due to uncaught IllegalStateException

OPENDJ-3878: Example plugin POM has wrong parent and is missing repositories

OPENDJ-3504: LDAP bytesRead/Written and SNMP counters (dsApplIfInBytes and dsApplIfOutBytes) are not incremented

OPENDJ-3437: Cannot delete access log publisher when it is disabled

OPENDJ-1881: OPENDJ JMX monitoring report statistics as type String instead of Number

OPENDJ-1158: rebuild-index leaves backend offline if a backup is running

OPENDJ-934: Changes to RS window-size property require a server restart

OPENDJ-431: Server-side sort control only works on result sets of less than 100000 entries

OPENDJ-4341: setup with production mode with java 9

OPENDJ-4316: HTTP Connector leaks Session objects

OPENDJ-4275: Changelog searches cursor through inappropriate replica DBs

OPENDJ-4234: Poor changelog search performance using changenumber ranges

OPENDJ-4228: status command with keystore options throws ArrayIndexOutOfBoundsException

OPENDJ-4178: Performance drop with complex subtree searches between 2.x and 3.5.1/4.0.0

OPENDJ-4125: Extremely poor performance under connect/disconnect load and eventual port exhaustion

OPENDJ-4115: build and publish missing changes gets confused with non-local changes

OPENDJ-4011: Setup requires TLS to be enabled when using --productionMode

OPENDJ-4007: Referential Integrity plugin checks all modifications when run as preModifyOperation

OPENDJ-4006: forgerock-je included in releases does not work with Azul Zulu

OPENDJ-3966: The Bcrypt storage scheme displays the wrong syntax Range and default for the bcrypt-cost

OPENDJ-3963: JMXClientConnections are leaked

OPENDJ-3931: Replication fails to propagate all changes added after a backup/restore to a newly created instance

OPENDJ-3904: Delivery includes QuickSetup.app and Uninstall.app files for commands that were removed

OPENDJ-3886: Modifying Json File-Based Access Logger configuration can cause a corrupt log record

OPENDJ-3868: Proxied persistent searches are not cancelled/abandoned when the client abandons them or disconnects

OPENDJ-3825: Spring daylight savings change can break recurring tasks

OPENDJ-3645: SASL DIGEST-MD5: "digest-uri" parameter is not taken into account

OPENDJ-3643: On Windows "java.properties" does not support values containing "=" character

OPENDJ-3507: After upgrading a 2.6.2 server to 3.5.1 server is spinning at 93% CPU

OPENDJ-3471: ldifsearch command fails to consume @objectclass notation in attribute list

OPENDJ-3380: Creating a backend with null base DN can render the instance unusable

OPENDJ-2850: SDK SASL integrity/confidentiality violates protocol

OPENDJ-2842: Load balancing algorithms are not optimum after failure of a connection factory

OPENDJ-2190: Replicas cannot always keep up with sustained high write throughput

OPENDJ-1135: DS sometimes fails to connect to RS after server restart

OPENDJ-609: Replicas out of sync after add/delete operations in sustained stress testing