OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Software Bugs/6574
Full headers

From: masarati@aero.polimi.it
Subject: back-meta does not rebind as user when retrying
 Compose comment
Download message
State:
0 replies:
0 followups:

Major security issue: yes  no

Notes:

Notification: 


Date: Tue, 15 Jun 2010 18:41:10 +0000
From: masarati@aero.polimi.it
To: openldap-its@OpenLDAP.org
Subject: back-meta does not rebind as user when retrying

Full_Name: Pierangelo Masarati
Version: HEAD/re24
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (129.72.141.2)
Submitted by: ando


While retrying, back-meta destroys the failed connection to a remote target, and
re-creates it.  However, it loses the credentials, while restoring the bound DN.
 As a consequence, the connection looks bound, but it's actually anonymous.  A
fix is coming.  The fix either preserves the credentials, when rebind-as-user is
set, or turns the connection into anonymous.  The latter case is of little
practical use, and should only be used in conjunction with idassert, so that in
case of retry, from that point on identity is asserted.

p.
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org