[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: lastmod modif* attributes mishandled? (ITS#168)



Appologies for the delay in responding...

>While configuring OpenLDAP-1.2.1 to support roaming by Netscape
>Communicator 4.5, I determined that OpenLDAP does not provide
>modifiersname and/or modifytimestamp for newly created entries.

The server should NOT update modif* until it's been modified.

>The failure to return a value for modifytimestamp causes Nu^Htscr^Hape to
>fail to update the roaming entries after it initially creates them.

This is their bug.  A client should NOT rely on getting these if
if explicit asked for.  They may be ACL'ed away.

>I have configured "lastmod" as "on" and the "creat*" operational attributes
>are automatically added when an entry is created.  But, when Netscape
>requests the value of modifytimestamp (which was not automatically added
>when the entry was created), it is not available and not spoofed.

Again, as designed.

>My quick fix was to patch ldap/servers/slapd/add.c to create a
>"modifiersname" attribute whenever a "creatorsname" attribute is created
>and to create a "modifytimestamp" attribute whenever a "createtimestamp"
>attribute is created.

This is actually incorrect behavior.

>My patch does not handle records previously created.  The better fix is
>probably to make OpenLDAP return the value (if any) of the corresponding
>"creator*" attribute whenever a request of a non-existant "modif*"
>attribute is encountered.  But, I was unable to locate the appropriate
>code quickly.

I believe the client should not expect a "modif*" attribute to
be available upon create.