[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5758) NO-OP control criticality

Full_Name: Pierangelo Masarati
Version: HEAD/re24/re23
OS: irrelevant
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (
Submitted by: ando

The latest draft I can find (14 February 2007) states that

                                               Clients MUST provide a
  criticality value of TRUE to prevent unintended modification of the

As a consequence, I think the server could reject instances of this control with
a criticality of FALSE, to prevent its unintended use.  However, OpenLDAP's
slapd currently tolerates a criticality of FALSE, and OpenLDAP clients allow
users to use this control with a criticality of FALSE.  I think the clients need
to be fixed, and the server should prevent this improper use.  Also, the server
should check whether the control is used with operations not indicated in the
draft (i.e. non-write ops).