[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7350) aclparse.c acl_unparse() attrval empty DN

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#7350) aclparse.c acl_unparse() attrval empty DN
From: hyc@symas.com
Date: Wed, 22 Aug 2012 22:07:18 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

daniel@pluta.biz wrote:
> Full_Name: Daniel Pluta
> Version: MASTER
> OS: Linux
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (2001:470:9feb:ff03:4dbf:1141:9dad:2f88)
> 
> 
> It seems to me, that the following acl statement isn't correctly unparsed within
> aclparse.c:
> 
> to dn.base="ou=persons,o=test" attrs=seeAlso val/distinguishedNameMatch="" by
> users read
> 
> 
> Starting slapd using loglevel 128 reports:
> 
> Backend ACL: access to dn.base="ou=persons,o=test"
>  attrs=seeAlso
>         by users read
> 
> I would have expected:
> 
> Backend ACL: access to dn.base="ou=persons,o=test"
>  attrs=seeAlso
>  val/distinguishedNameMatch=""
>         by users read
> 
> 
> As the empty DN is empty, the problem seems to be located in aclparse.c's
> acl_unparse()'s statement
> 
> if ( !BER_BVISEMPTY( &a->acl_attrval ) )
> 
> or even in the parse_acl() flagless spliting into left and right.
> 
> 
> 
Sounds right. Thanks for the report, fixed in master.

-- 
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Prev by Date: (ITS#7364) mdb: clean up POSIX semaphores on environment close.
Next by Date: Re: (ITS#7364) mdb: clean up POSIX semaphores on environment close.
Index(es):
- Chronological
- Thread