[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#8574) bconfig support for DNs that need escaping
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#8574) bconfig support for DNs that need escaping
- From: hyc@symas.com
- Date: Wed, 22 Feb 2017 17:42:59 +0000
- Auto-submitted: auto-generated (OpenLDAP-ITS)
okuznik@symas.com wrote:
> Full_Name: Ondrej Kuznik
> Version: master
> OS:
> URL: ftp://ftp.openldap.org/incoming/Ondrej-Kuznik-20170125-Deal-with-rDN-correctly.patch
> Submission from: (NULL) (151.228.185.198)
>
>
> When an rdn under cn=config needs escaping, incorrect value gets passed to the
> attribute and, if the attribute is single-value, the entry is rejected by
> entry_naming_check().
>
> Patch against master is attached.
Why are you running the normalizer in a for-loop:
+ for ( cnt = 0; rDN[cnt]; cnt++ ) {
but always setting value #0?
+ free( a->a_vals[0].bv_val );
+ ber_dupbv( &a->a_vals[0], &ava->la_value );
If the RDN is actually a compound with multiple AVAs you need to concatenate
them into a single value. Otherwise, if you don't intend to support compound
RDNs, there's no point in using a for-loop. Just return an error if there's
more than one AVA.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/