[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5474) Problem with schema validation in 2.4.8
benoitde@sympatico.ca wrote:
> I tried to load a slapcat dump from OpenLDAP 2.3.27 into OpenLDAP 2.4.8,
> and had problems with java entries. I narrowed down the problem with
> this simple test case:
>
> LDIF:
> dn: cn=REQ,dc=example,dc=com
> javaClassName: Toto
> objectClass: javaContainer
> objectClass: javaObject
> objectClass: javaNamingReference
> javaFactory: TotoFactory
> cn: REQ
> javaReferenceAddress: #0#VER#1
>
> Load of this LDIF in OpenLDAP 2.3.27:
>
> ldapadd -D"cn=Manager,dc=example,dc=com" -W -x -f /tmp/bug.ldif
> Enter LDAP Password:
> adding new entry "cn=REQUEST,dc=example,dc=com"
>
> Works, but in OpenLDAP 2.4.8:
>
> ldapadd -h myserver -p 1389 -D"cn=Manager,dc=example,dc=com" -W -x -f
> /tmp/bug.ldif
> Enter LDAP Password:
> adding new entry "cn=REQUEST,dc=example,dc=com"
> ldap_add: Object class violation (65)
> additional info: instanstantiation of abstract objectClass 'javaObject' not
> allowed
>
> And the entry is not loaded.
The problem is that OpenLDAP 2.4 allows to add entries that contain
ABSTRACT objectClasses, as soon as no non-ABSTRACT class is subtyped
from them, which is clearly an error.
It all reduces to a missing negation in the ABSTRACT subclassing check,
resulting in reversing the logic of the test.
Please test servers/slapd/schema_check.c 1.112 -> 1.113
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Email: pierangelo.masarati@sys-net.it
---------------------------------------