[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4816) slurpd generates invalid ldapadd/modify requests



Full_Name: Gaël Roualland
Version: 2.3.33
OS: Linux
URL: ftp://ftp.openldap.org/incoming/gael.roualland-070126.diff
Submission from: (NULL) (213.56.0.199)


Hello,

Slurpd has a bug when replicating, in the way it generates the LDAPMod array of
the add and modify operations : if the same attribute is present several times
(for add) or in multiple change blocks (for modify) in the replication log, it
simply adds all occurences to the LDAPMod array, hence having one or more
attributes repeated serveral times which violates the protocol.

This is usually fine with slapd because there is code there to accept invalid
queries from the updatedn, but it is rejected if you're not using updatedn
(which happens to be our case in a custom floating master scenario).

The uploaded patch fixes this in slurpd by replacing its LDAPmod logic by one
based on ldapmodify which generates proper requests. I know slurpd is considered
deprecated, however this might be useful to others still using it and would
allow to remove the exception from slapd code.

Regards,