[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4306) bad ACL syntax in modification to olcAccess attribute crashes slapd

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#4306) bad ACL syntax in modification to olcAccess attribute crashes slapd
From: ando@sys-net.it
Date: Thu, 5 Jan 2006 19:45:15 GMT

I think I noticed (and fixed) this quite some time ago.  I need to check,
but it might be due to the fact that in re23 many config errors are
ignored (apart from a warning message) while in HEAD they're all treated
as errors; this might be reflected in the return value (if any) of the ACL
parsing functions.  I recommend we enable strict config checking as soon
as possible, at the cost of possibly highlighting some existing broken
configurations (better notice it later than never...).

p.

> At 11:02 AM 1/5/2006, erici@motown.cc.utexas.edu wrote:
>>Full_Name: Eric Irrgang
>>Version: 2.3.14
>>OS: Solaris 9
>>URL:
>>Submission from: (NULL) (128.83.217.14)
>>
>>
>>slapd crashes quietly and abruptly when an invalid ACL is added via
>> cn=config.
>>An ACL that would normally prevent server startup due to syntax errors
>> will
>>cause the OL 2.3.14 to crash when added via ldapmodify to "dn:
>>olcDatabase={1}bdb,cn=config".
>
> And a core stack backtrace (gdb 'bt') as well.
>
> Also, as 2.3.15 includes some fixes in the area of ACLs, as
> well as a Solaris-specific crasher, you should attempt to
> duplicate the problem in 2.3.15.
>
> Kurt
>
>
>

Ing. Pierangelo Masarati
Responsabile Open Solution
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309          
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------

Prev by Date: Re: (ITS#4306) bad ACL syntax in modification to olcAccess attribute crashes slapd
Next by Date: Re: (ITS#4260) slapd does not notice when reindexing completes via modifcation to cn=config
Index(es):
- Chronological
- Thread