[Date Prev][Date Next] [Chronological] [Thread] [Top]

servers/slapd/sasl.c username's strpbrk (ITS#664)

To: openldap-its@OpenLDAP.org
Subject: servers/slapd/sasl.c username's strpbrk (ITS#664)
From: mei@isi.edu
Date: Tue, 15 Aug 2000 21:03:51 GMT

Full_Name: mei-hui su
Version: openldap 2.0 latest
OS: solaris 2.7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (128.9.64.206)


Hi,

  In servers/slapd/sasl.c around line #475

                        } else if ( username[0] == 'u' && username[1] == ':'
                                && username[2] != '\0'
                                && strpbrk( &username[2], "=,;\"\\") == NULL )
<<--

  the strpbrk should not check for '=' because it is possible to have userid
with
'=' as part of attributeTypeAndValue. For example, X.509 userids (i.e. subject
names).

mei

Prev by Date: Re: delete multiple attr can SEGV
Next by Date: a typo in servers/slapd/sasl.c (ITS#665)
Index(es):
- Chronological
- Thread