[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Patch: Very buggy slapd/saslauthz.c:slap_parseURI() (ITS#1681)



Good question, I have no idea why ldap_url_parse isn't being used.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support 

> -----Original Message-----
> From: owner-openldap-bugs@OpenLDAP.org
> [mailto:owner-openldap-bugs@OpenLDAP.org]On Behalf Of
> h.b.furuseth@usit.uio.no
> Sent: Monday, March 25, 2002 2:06 AM
> To: openldap-its@OpenLDAP.org
> Subject: Patch: Very buggy slapd/saslauthz.c:slap_parseURI() (ITS#1681)
> 
> 
> Full_Name: Hallvard B. Furuseth
> Version: 2.1.0alpha
> OS: Linux
> URL: http://folk.uio.no/hbf/OpenLDAP/parseURI.txt
> Submission from: (NULL) (158.36.148.34)
> 
> 
> slap_parseURI() does not handle defaulted scope (== base) when there
> is a filter, nor a scope not followed by a filter, nor extensions
> after the filter.  It assumes wrongly that dnNormalize2(,&bv,) does
> not use bv.bv_len.  It returns LDAP_INVALID_SYNTAX for "ldap://host/";
> (i.e. empty base without a following '?') instead of LDAP_SUCCESS
> which is returned if there is a '?'.  It does not detect bad filters.
> Finally, *scope receives -1 instead of LDAP_SCOPE_BASE for URLs of
> the forms "ldap://host/dn"; and "ldap://host/dn?";.
> 
> Here is a fix, though I don't know why you don't just use
> ldap_url_parse() + dnNormalize2() instead.
> 
> It has been tested as a stand-alone routine, but not in slapd (except
> for a simple 'make test').
>