[Date Prev][Date Next] [Chronological] [Thread] [Top]

Patch: ACL #access-id#<invalid-DN> granted access to everyone (ITS#2006)

To: openldap-its@OpenLDAP.org
Subject: Patch: ACL #access-id#<invalid-DN> granted access to everyone (ITS#2006)
From: h.b.furuseth@usit.uio.no
Date: Mon, 5 Aug 2002 11:17:24 GMT

Full_Name: Hallvard B. Furuseth
Version: HEAD
OS: Linux
URL: http://folk.uio.no/hbf/OpenLDAP/acl-bad-dn.txt
Submission from: (NULL) (129.240.186.42)


There is a bug in OpenLDAPaci's "access-id":  If the specified DN is
invalid so dnNormalize2() fails, everyone gets access.
This means that e.g. "#access-id#[all]" gives public access, so it
might be considered a feature, but I fixed it anyway:-)  I guess that
means the change should be documented in the release notes, though.

See also ITS#2005 (add OpenLDAPaci #public# access).

Prev by Date: Patch: add OpenLDAPaci #public# access (ITS#2005)
Next by Date: Re: Info message for LDAP_SERVER_DOWN in case of SSL/TLS failure (ITS#1995)
Index(es):
- Chronological
- Thread