[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#5861) Assert control on Add request fails
h.b.furuseth@usit.uio.no wrote:
> Full_Name: Hallvard B Furuseth
> Version: HEAD
> OS: Linux
> URL:
> Submission from: (NULL) (129.240.6.233)
> Submitted by: hallvard
>
>
> RFC 4528 says the Assert control is appropriate for Add. Slapd disagrees:
>
> $ ldapadd -xhlocalhost:3890 -e\!assert='(objectClass=organization)' <test.ldif
> adding new entry "o=test"
> ldap_add: Critical extension is unavailable (12)
> additional info: critical extension is unavailable
According to this thread
<http://www.openldap.org/lists/openldap-software/200512/msg00250.html>
the author of the assertion control (Kurt :) believes the current
specification is flawed. In fact, the assertion control is intended to
apply to the contents of the DIT. The entry does not belong to the DIT
until the operation is completed, so assertion cannot apply.
> back-bdb and back-sql do not apply the assert control to Add.
As per what seems to be the intention of the author of the specification
(although it is in contrast with the current specification, RFC4528).
> The message comes from slapd/controls.c. Don't fix that before fixing
> Add in the backends, otherwise critical controls can be ignored.
>
> Another strangeness: overlays/syncprov.c applies the Assert control to
> Compare but not other operations. I don't know why, there are no
> comments about it.
No clue.
p.
Ing. Pierangelo Masarati
OpenLDAP Core Team
SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office: +39 02 23998309
Mobile: +39 333 4963172
Fax: +39 0382 476497
Email: ando@sys-net.it
-----------------------------------