[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8706) illogical return from ldap_search_ext_s()

To: openldap-its@OpenLDAP.org
Subject: (ITS#8706) illogical return from ldap_search_ext_s()
From: kurt.w.heberlein@hpe.com
Date: Fri, 04 Aug 2017 18:20:44 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Full_Name: Kurt Heberlein
Version: 2.4.40+patches
OS: Debian Wheezy
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (66.168.54.228)


Using simple binding with TLS, i have a successfully bound (authenticated) user,
and using the same LDAP*, i experience intermittent failures attempting to
retrieve the user's memberOf list.   The failure manifests itself as a return
from ldap_search_ext_s() with a return code of LDAP_SUCCESS but a NULL results
pointer.

Most of the time this call correctly returns the list of groups the user is a
member of, but intermittently it returns a NULL list even though the return code
is LDAP_SUCCESS.    There is no other error indication.   What am i missing?

The call looks like this:
 
ret = ldap_search_ext_s(lp, base, scope, filter, attrs, 0, NULL, NULL, NULL, -1,

 &res);

if(ret != LDAP_SUCCESS) {
 ...
} else {
  assert(res != NULL);
  for(msg = ldap_first_message(lp, res); msg != NULL; msg =
ldap_next_message(lp, msg)) {
      ...

Where lp is the LDAP* pointer of for the successful bind of user
      base = "DC=EMEA,DC=AD,DC=SOMECOMPANY,DC=COM"
      scope = LDAP_SCOPE_SUBTREE
      filter = "(&(objectClass=user)(sAMAccountName=someusername))"
      attrs = attrs[0] = "memberOf"
              attrs[0] = NULL
      
i dont find any documentation that indicates that res could be NULL after
LDAP_SUCCESS is returned from the search.  

Thanks

Prev by Date: Re: (ITS#8690) syncprov memory leak
Next by Date: Re: (ITS#8706) illogical return from ldap_search_ext_s()
Index(es):
- Chronological
- Thread