[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
(ITS#4761) error in "group" authorization parsing
Full_Name: Pierangelo Masarati
Version: HEAD,re23
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (87.28.220.33)
Submitted by: ando
When an authorization rule using groups, like "group:<dn>" is used, the default
member attribute "member" is erroneously set to an empy berval, resulting in an
invalid filter being used for the internal lookup to check for membership.
A workaround consists in avoiding defaults: "group/<oc>/<at>:<dn>".
"group/<oc>:<dn>" appears to work as intended, i.e. in this case the default
attribute is correctly used. A fix is coming.
p.