[Date Prev][Date Next]
Re: (ITS#6545) delta-syncrepl rejects modification master accepted
> On Wed, Apr 05, 2017 at 04:14:12PM +0200, Michael StrÃ¶der wrote:
>> firstname.lastname@example.org wrote:
>>> On Wed, Apr 05, 2017 at 07:32:46AM -0400, Frank Swasey wrote:
>>>> Thanks for the patch to provide a test script that just shows the same
>>>> I see two possible solutions:
>>>> 1) replacing the same attribute twice in the same modify LDIF is illegal
>>>> (as it was in older releases)
>>> AFAIK, LDAP doesn't forbid it so I don't see that going away.
>> Yes, there's no text in RFC 4511 which forbids this:
>> However personally I consider LDAP clients sending modify requests like this to be
>> broken/mis-behaving. (And I'd like to know which LDAP clients were causing this ITS.)
> I'm not saying it's common or good practice ;)
>> => There could be a slapd per-backend configuation directive to disallow it with a
>> strong hint in the docs recommending to disallow it when using delta-syncrepl.
>> disallow mod_attr_repeated
> In my view, that's more pain than it's worth.
Hmm, I think slapd should be able to disallow a crazy modify request like this: