[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/servers/slapd entry.c

Michael Ströder wrote:
> Pierangelo Masarati wrote:
>> Hallvard B Furuseth wrote:
>>> ando@OpenLDAP.org writes:
>>>>       Tag: OPENLDAP_REL_ENG_2_3
>>>> 	entry.c ->
>>>> import fix to ITS#5071
>>> This (/* require ';binary' when appropriate (ITS#5071) */) is a
>>> functionality change which can prevent people from upgrading.
>>> I don't think that belongs so late in RE23's life cycle.
>> You can't load a certificate without ';binary' using ldapadd/ldapmodify;
>> this fix makes slapadd consistent with LDAP operations, so I don't think
>> it's going to break things that much.
> I also think it's good to have this fixed in RE23.

On a related note: I've noticed that even deleting ALL certificates of
an entry using ldapmodify requires

dn: cn=anyone
changetype: modify
delete: userCertificate;binary

In fact,

dn: cn=anyone
changetype: modify
delete: userCertificate

fails even if there's nothing to transport and thus the ';binary' is


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it