[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Liberal parsing of schema elements (ITS#1996)

Kurt D. Zeilenga wrote:
> I misunderstood the nature of the problem.  The
> client library ALLOW flags, if properly enabled,
> should be able to parse these non-conformant
> values.  If they aren't working, that's a bug.
> Patches welcomed.

Any progress on this?

Unfortunately I'm not a C programmer. I looked at the OpenLDAP 
code and AFAICS there is code to allow non-numeric OIDs if the 
proper ALLOW flag is set.

The author of the relevant parts in python-ldap double-checked 
that the ALLOW flags are properly passed to OpenLDAP's schema 
parsing functions.

But even with LDAP_SCHEMA_ALLOW_ALL the parsing chokes on e.g. 
this line (Python exception instance displayed here):

ldap.schema.SCHERR_NODIGIT: (5, "( pilotOrganization-OID NAME 
'pilotOrganization' DESC 'Standard ObjectClass' SUP 'top' MUST ( 
objectclass $ ou $ o )  MAY ( aci $ buildingName $ 
businessCategory $ description $ destinationIndicator $ 
facsimileTelephoneNumber $ internationalIsdnNumber $ l $ 
physicalDeliveryOfficeName $ postOfficeBox $ postalAddress $ 
postalCode $ preferredDeliveryMethod $ registeredAddress $ 
searchGuide $ seeAlso $ st $ street $ telephoneNumber $ 
teletexTerminalIdentifier $ telexNumber $ userPassword $ 
x121Address ) )")

> Of course, clients must (as in MUST, per RFC 2251)
> not send non-conformant values to servers.


My policy usually is: Allow garbage in if deterministic in some 
way, always produce compliant values as output.

Ciao, Michael.