Re: problem with ldap_modify_s

[kunkee@neosoft.com (Randy Kunkee)]

> We are experiencing unexpected behavior using this function.
> 
> Here is our code example:
> 
>  	LDAPMod *array[2];
>       array[0]=new (LDAPMod )[sizeof(LDAPMod)];
>       array[0]->mod_op=LDAP_MOD_REPLACE;
>       array[0]->mod_type="SPAM";
>       array[0]->mod_vals.modv_strvals=new char*[2];
>       array[0]->mod_vals.modv_strvals[0]="EGGS&SPAM";
>       array[0]->mod_vals.modv_strvals[1]=NULL;
>       array[1]=NULL;
>       int  rc=ldap_modify_s(LDAP_HANDLE_,"cn=albatross, ou=users,
> dc=company", array);
>       if(rc != LDAP_SUCCESS)
>       {
>                 cout<<"LDAP update failed: "<<ldap_err2string(rc)<<endl; 
>       } 
> 
> 
> There is no entry "SPAM" under user "albatross" so we expect this operation
> to fail. Instead it adds this entry which is the effect we would expect from
> mod_op LDAP_MOD_ADD but not from LDAP_MOD_REPLACE.
> 
> 
> Dmitry
> 

It is behaving correctly.  You are saying that there is no
attribute "SPAM" under the user "albatross".  If the attribute does
not exist, LDAP_MOD_REPLACE will create it.  If it already exists, it replaces
it.  Think of LDAP_MOD_REPLACE as meaning "make it look like this, regardless
what it was before".  In LDAPv3 (OpenLDAP 2.x), you can even supply an
empty empty mod_vals list, which implies a delete, which is a feature that
will save me some code (but is not supported in LDAPv2/OpenLDAP 1.2.x).

Randy