[Date Prev][Date Next]
slapd exits on processing malformed saslAuthzTo attribute (ITS#3077)
Full_Name: Michael Glasson
Submission from: (NULL) (126.96.36.199)
slapd exits when processing a saslAuthzTo attribute which is not formatted
A saslAuthzTo like "uid=mg,ou=person,dc=mynym,dc=net" is processed as you would
expect, allowing the authentication id to authorize as the target entry.
A saslAuthzTo like "dn.regex:uid=.*,ou=person,dc=mynym,dc=net" is also processed
as you would expect, allowing the authentication id to authorize as an entry in
the target subtree.
A saslAuthzTo like "dn.subtree:ou=person,dc=mynym,dc=net" causes slapd to exit
I understand that saslAuthzTo entries of forms other than "dn.regex:..." may not
be supported, but I do not imagine that slapd should die when it processes an