OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Incoming/8683
Full headers

From: quanah@openldap.org
Subject: SLAPD_META_CLIENT_PR hidden behind LDAP_DEVEL
Compose comment
Download message
State:
0 replies:
0 followups:

Major security issue: yes  no

Notes:

Notification:


Date: Wed, 05 Jul 2017 16:13:27 +0000
From: quanah@openldap.org
To: openldap-its@OpenLDAP.org
Subject: SLAPD_META_CLIENT_PR hidden behind LDAP_DEVEL
Full_Name: Quanah Gibson-Mount
Version: RE24
OS: N/A
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (47.208.148.239)


The back-meta(5) man page discusses the following option:

       client-pr {accept-unsolicited|DISABLE|<size>}
              This feature allows one to use RFC 2696  Paged  Results  control
              when  performing  search  operations  with  a  specific  target,
              irrespective of the client's request.  When  set  to  a  numeric
              value,  Paged  Results  control  is always used with size as the
              page size.  When set to  accept-unsolicited,  unsolicited  Paged
              Results   control   responses   are  accepted  and  honored  for
              compatibility with  broken  remote  DSAs.   The  client  is  not
              exposed  to paged results handling between slapd-meta(5) and the
              remote servers.  By default (disabled), Paged Results control is
              not  used  and  responses  are  not accepted.  If set before any
              target specification, it affects all targets, unless  overridden
              by any per-target directive.


However, this feature is actually disabled by default, as it is #ifdef'd behind
LDAP_DEVEL in back-meta.h:

#ifdef LDAP_DEVEL
#define SLAPD_META_CLIENT_PR 1
#endif /* LDAP_DEVEL */


So we need to determine if either:

(a) The documentation should be removed from the man page, 
or
(b) The feature should be enabled by default, and moved out from behind
LDAP_DEVEL
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org