[Date Prev][Date Next] [Chronological] [Thread] [Top]

access violation in slapd (userCerficate search) (ITS#2004)



Full_Name: Sergey Simakov
Version: 2.1.2
OS: Windows 2000
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (194.186.131.178)


Access violation in slapd searching for userCertificate,caCertificate or
certificateRevokation list attributes, for example (subtree search, base is
cn=users,dc=x509,dc=ru, using root access):

search filter: (userCertificate;binary=*)(caCertificate;binary=*)
search for: userCertificate;binary and caCertificate;binary
slapd log:
====> bdb_cache_return_entry_r( 2 ): returned (0)
entry_decode: "cn=ca,cn=users,dc=x509,dc=ru"
<= entry_decode(cn=ca,cn=users,dc=x509,dc=ru)
=> test_filter
    OR
=> test_filter_or
=> test_filter
    PRESENT
=> access_allowed: search access to "cn=ca,cn=users,dc=x509,dc=ru"
"userCertific
ate" requested
<= root access granted
<= test_filter 5
=> test_filter
    PRESENT
=> access_allowed: search access to "cn=ca,cn=users,dc=x509,dc=ru"
"cACertificat
e" requested
<= root access granted
<= test_filter 6
<= test_filter_or 6
<= test_filter 6
=> send_search_entry: dn="cn=ca,cn=users,dc=x509,dc=ru"
=> access_allowed: read access to "cn=ca,cn=users,dc=x509,dc=ru" "entry"
request
ed
<= root access granted
<----- access violation at this point

search filter: (certificateRevocationList;binary=*)(authorityRevocationList;binary=*)search
for: certificateRevocationList;binary and authorityRevocationList;binary
slapd log:
bdb_search: 2 does match filter
====> bdb_cache_return_entry_r( 2 ): returned (0)
====> bdb_cache_find_entry_id( 3 ) "cn=ca,cn=users,dc=x509,dc=ru" (found) (1
tri
es)
=> test_filter
    OR
=> test_filter_or
=> test_filter
    PRESENT
=> access_allowed: search access to "cn=ca,cn=users,dc=x509,dc=ru"
"certificateR
evocationList" requested
<= root access granted
<= test_filter 6
<= test_filter_or 6
<= test_filter 6
=> send_search_entry: dn="cn=ca,cn=users,dc=x509,dc=ru"
=> access_allowed: read access to "cn=ca,cn=users,dc=x509,dc=ru" "entry"
request
ed
<= root access granted
<----- access violation at this point