(ITS#7618) pcache overlay does not allow the use of NOT ("!") in templates

[amoneger@cisco.com]

Full_Name: Alex Moneger
Version: 2.4.35
OS: centos 6.3
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (64.103.25.102)


Hi,

When trying to define a template which query contains a '!', slapd complains
about a syntax issue in the config file and refuses to start. This is because
there seems to be a missing check for '!' in template_attrs() in pcache.c, so
'!' char is passed to slap_bv2ad() which correctly errors out. i.e:

May 27 20:53:53 centos63 slapd[44623]: line 71 (pcacheTemplate
(&(gidNumber=)(objectClass=)(cn=*)(&(gidNumber=*)(!(gidNumber=)))) 0 3600)
May 27 20:53:53 centos63 slapd[44623]: /etc/openldap/pcache.conf: line 71:
unable to parse template: AttributeDescription contains inappropriate
characters.

I believe the use of "not" should be allowed in cacheable templates, since they
appear to be a valid search filter definition as per RFC 2254.

The fix is very easy. I cannot upload the diff to the ftp server, since it
errors with space related errors when uploading the file.

Content of the diff:
--- openldap-2.4.35/servers/slapd/overlays/pcache.c     2013-03-28
15:41:51.000000000 +0000
+++ openldap-2.4.35/servers/slapd/overlays/pcache.c0    2013-05-27
21:27:20.847919253 +0100
@@ -523,7 +523,7 @@
        allop = an_find( attrs, slap_bv_all_operational_attrs );
 
        for (;;) {
-               while ( *p1 == '(' || *p1 == '&' || *p1 == '|' || *p1 == ')' )
p1++;
+               while ( *p1 == '(' || *p1 == '&' || *p1 == '|' || *p1 == ')' ||
*p1 == '!') p1++;
                p2 = strchr( p1, '=' );
                if ( !p2 )
                        break;

It can be applied this way if you consider this of any use:
cd "${HOME}"/openldap-2.4.35
patch -p0 --verbose < ~/pcache.p0 

Cheers,
Alex