[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Logic problem in the LDBM backend

To: Daniel Carroll <dan@mesa7.mesa.colorado.edu>
Subject: Re: Logic problem in the LDBM backend
From: "Kurt D. Zeilenga" <Kurt@openldap.org>
Date: Thu, 17 Dec 1998 12:29:24 -0800
Cc: openldap-devel@openldap.org
In-reply-to: <199812172011.NAA17236@mesa7.mesa.colorado.edu>

At 01:11 PM 12/17/98 -0700, Daniel Carroll wrote:
>
>
>Hello,
>
>   I think I've found a login problem in the LDBM backend of slapd
>   (Relating to the caching of entries).
>
>   The problem stems from the fact that DNs are not stored in canonical
>   from in the database.
>
>   The result is that when the DELETE command is issued, cache entries
>   are not always correctly deleted (out of the cache) -- which has the
>   potential to cause further problems (mainly at the application level)
>   when the deleted entries still appear in search results.
>
>   (I have an example at the end of this document to demonstrate the problem)
>
>   As I see it there are a number of possible ways to fix this:
>     1) Always store the DNs in canonical form in the database
>     2) Always canonicalize the DN when loading it from the database
>     3) In the cache_entrydn_cmp() routine, canonicalize the cache entry
>           before doing the comparison.

This (#3) is likely the best option.  It preserved the DN form of the
entries.

>     4) Modify the ravl_delete() routine.  (This is where the problem
>           manifests itself).
>     5) Never normalize/de-normalize a DN once it's in the cache.
>           (Not doing this has created the problem I'm trying to fix)

I believe should not be changed... just the cmp function should be fixed.
(this suggestion is just off the cuff... we should discuss ramifications)

>     6) (HACK) Re-write the cache_delete_entry_internal() routine.
>           I think this routine should be written slightly differently
>           anyway, to make it slightly more robust.  (However, my re-write
>           does obscures the bug, and doesn't fix the current memory leak,
>           but it _does_ do a better cleanup job than the current code.)

Be sure to post a copy of your "HACK" to this list for review proposes.


>     The basic problem stems from attempting to compare a normalized
>      DN to a non-normalized DN.  E.g.:
>         Compare: cn=Sample, ou=Some org, o=Main org, c=Whatever
>             and: CN=SAMPLE,OU=SOME ORG,O=MAIN ORG,C=WHATEVER
>      Removing the spaces causes the strcasecmp() routine to
>        fail, both for sorting (the main problem), and for comparisons.
>
>     Does anyone have suggestions on which way I (or someone else) should
>        pursue this?

See above.

>	- Dan (Daniel Carroll - dan@mesastate.edu)
>
>
>P.S.  I'm submitting the patch for cache_delete_entry_internal() in
>      a separate message to openldap-devel.

Great.

Follow-Ups:
- Re: Logic problem in the LDBM backend
  - From: "Kurt D. Zeilenga" <Kurt@openldap.org>

References:
- Logic problem in the LDBM backend
  - From: Daniel Carroll <dan@mesa7.mesa.colorado.edu>

Prev by Date: Possible patch to slapd/back-ldbm/cache.c
Next by Date: Re: [ldap] Shared Objects / SunOS
Index(es):
- Chronological
- Thread