[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4782) back-ldap bugs

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#4782) back-ldap bugs
From: ando@sys-net.it
Date: Tue, 19 Dec 2006 21:12:44 GMT

hyc@OpenLDAP.org wrote:
> 1) back-ldap fails to startup if back-monitor isn't enabled. It should silently
> skip usage of back-monitor, the way back-bdb does.
>   
should be fixed now (not quite clean, though)
> 2) multiple calls are made to ldap_back_is_proxy_authz with
> sendok=LDAP_BACK_SENDERR without checking the return status or aborting the
> operation. As such, when proxy authorization is not in effect for an operation,
> the client receives multiple Error Result messages for its request (even though
> it continues to completion).
This should be fixed now, thanks for pointing out.
> Likewise for ldap_back_proxy_authz_bind.
Here the fix is slightly different: whenever 
ldap_back_proxy_authz_bind() succeeds, it should set rc to 1; this is 
the actual error.
> Either
> these functions should never send a result back to the client, or their return
> status should be checked and processing should stop when they fail. I've cleaned
> up several instances of this type of error in previous revisions but can't track
> them all down now. Errors of this type may also exist in RE23; I haven't
> looked.
>   
There shouldn't be too many, as that stuff was only recently reworked.

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.n.c.
Via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
------------------------------------------
Office:   +39.02.23998309
Mobile:   +39.333.4963172
Email:    pierangelo.masarati@sys-net.it
------------------------------------------

Prev by Date: Re: (ITS#4782) back-ldap bugs
Next by Date: Re: (ITS#4780) ACL set memory leak
Index(es):
- Chronological
- Thread