[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5768) [enhancement] add support for Dereference Control

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5768) [enhancement] add support for Dereference Control
From: abartlet@samba.org
Date: Thu, 11 Dec 2008 04:42:31 GMT

--=-svDYOuAyXlEqIDWU48Ko
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Thu, 2008-12-11 at 12:22 +1100, Andrew Bartlett wrote:
> On Thu, 2008-10-23 at 00:15 +0200, Pierangelo Masarati wrote:
> > A tentative implementation is in HEAD, please test.  You need to:
>=20
> Thankyou very much.  I downloaded CVS HEAD and tested it out (finally -
> the Samba4 side of the implementation took far longer than I expected).
>=20
> > - configure as --enable-deref
> >=20
> > - enable the "deref" overlay in slapd, with "overlay deref" (doesn't
> > work as global overlay yet, sorry).
>=20
> This is something Samba4 will need, as many of our links are
> cross-database.  But fixing this for a single DB is a big help in any
> case.
>=20
> > - run searches like
> >
> > $ ldapsearch -x -b dc=3Dexample,dc=3Dcom -E 'deref=3Dmember:entryUUID'
> >=20
> > you'll see results like
>=20
> When using Samba4's client, it seems to work, but it is as if it extends
> the control to the full expected length, but not the data.  Ie, attached
> this is the control response I got back from the 'make testenv'
> environment in Samba4.  I've also attached the full LDAP request.
>=20
> The extra zeros also appear in the OpenLDAP logs (so it's not a Samba4
> parsing bug).
>=20
> I can make the Samba4 tree that reproduces this available as a GIT
> repository if you like. =20

To reproduce:

In a checkout from git://git.samba.org/abartlet/samba.git master run:
OPENLDAP_ROOT=3D/usr/local/ TEST_LDAP=3Dyes make testenv

Then in the xterm that pops up, run:

bin/ldbsearch -H ldap://localdc1 cn=3Dadministrator
--controls=3Dextended_dn:1:1

This will not return the extended DN (compare with TEST_LDAP=3Dno),
because it fails to parse the returned control in
libcli/ldap/ldap_controls.c (I suspect my parser also needs work)

Thanks,

Andrew Bartlett

--=20
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.

--=-svDYOuAyXlEqIDWU48Ko
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQBJQJosz4A8Wyi0NrsRAuLgAJwIYEfeK/rj9xXw+/2KiVhDPw6bvwCeJwaj
Q/I64Xu6suP53nnqNT6Bkv0=
=GSzF
-----END PGP SIGNATURE-----

--=-svDYOuAyXlEqIDWU48Ko--

Prev by Date: Re: (ITS#5768) [enhancement] add support for Dereference Control
Next by Date: (ITS#5854) Double send response in meta backend
Index(es):
- Chronological
- Thread