[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#4971) patch for OpenLDAP 2-3-32

jemeterisan@mail.ru wrote:

> I had noticed, that the patch, used for 'schema-map.c' doesn't work  
> correct. I hope, You also had checked it up. So what had I found in  
> the function 'backsql_ad2at':
> The attribute name is stored in 'struct berval' structure, so if  
> You change '.bv_val' from 'userCertificate;binary' to  
> 'userCertificate', You should change '.bv_len' in accordance to  
> strlen(aaa.bv_val) without strlen(";binary").

I assume you refer to a patch that was submitted along with ITS#4868; 
that patch is absolutely incorrect and in fact it has been rejected.  A 
consistent fix has been applied to hEAD code.  It has never been 
backported to OpenLDAP 2.3 because nobody fed back about it.  If you 
wish to test HEAD code and report success, I'll be happy to backport it 
to OpenLDAP 2.3 so that it gets released with the next release.

> And by the way I want to store 'userCertificate' attribute type in PostrgreSQL. 
> What type of the field in the table should I use?

Any blob-like format would be fine (although I haven't tested it with 
PostgreSQL yet).

> Just another question to the developers:
> I've heared that OpenLDAP is sensible to DOS attacks, so, how can I avoid this
> trouble? And I want to know more about this problem, if possible.

Please direct software use related questions to the openldap-software 
mailing list.


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it