[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8162) Problème parsing bad LDAP URI in slapo-unique uniqueURI parameter

To: openldap-its@OpenLDAP.org
Subject: (ITS#8162) Problème parsing bad LDAP URI in slapo-unique uniqueURI parameter
From: bdauvergne@entrouvert.com
Date: Tue, 02 Jun 2015 21:11:03 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Benjamin Dauvergne
Version: 2.4.40
OS: Debian
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (82.242.47.212)


I had configured an mdb backend with a unique overlay configured like this:

add olcOverlay={4}unique,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcUniqueConfig
olcOverlay: {4}unique
olcUniqueURI: ldap://?supannAutreMail?sub

When trying to add the first non root-entry of new DB openldap freeze and takes
100% CPU. After activating loglevel 255 I saw that it was looping inside
mdb_search() logging 'scope not okay' with an increasing integer value in
front.

The problem here is that le LDAP URI is missing a third 'slash' which should
separate the missing hostname part from the base DN parameter. The RFC 2255
grammar seem to imply that the third slash is mandatory if there are other
parameters after it. I think OpenLDAP should have complained about the malformed
olcUniqueURI value, not accept it blindly and fail by entering an infinite
loop.

Overlay configuration that is working:


add olcOverlay={4}unique,olcDatabase={2}mdb,cn=config
objectClass: olcOverlayConfig
objectClass: olcUniqueConfig
olcOverlay: {4}unique
olcUniqueURI: ldap:///?supannAutreMail?sub

Prev by Date: Re: (ITS#8161) index approx not working
Next by Date: Re: (ITS#8162) Problème parsing bad LDAP URI in slapo-unique uniqueURI parameter
Index(es):
- Chronological
- Thread