[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: (ITS#4816) slurpd generates invalid ldapadd/modify requests
gael.roualland@oleane.net wrote:
> Full_Name: Gaël Roualland
> Version: 2.3.33
> OS: Linux
> URL: ftp://ftp.openldap.org/incoming/gael.roualland-070126.diff
> Submission from: (NULL) (213.56.0.199)
>
>
> Hello,
>
> Slurpd has a bug when replicating, in the way it generates the LDAPMod array of
> the add and modify operations : if the same attribute is present several times
> (for add) or in multiple change blocks (for modify) in the replication log, it
> simply adds all occurences to the LDAPMod array, hence having one or more
> attributes repeated serveral times which violates the protocol.
>
> This is usually fine with slapd because there is code there to accept invalid
> queries from the updatedn, but it is rejected if you're not using updatedn
> (which happens to be our case in a custom floating master scenario).
>
> The uploaded patch fixes this in slurpd by replacing its LDAPmod logic by one
> based on ldapmodify which generates proper requests. I know slurpd is considered
> deprecated, however this might be useful to others still using it and would
> allow to remove the exception from slapd code.
>
> Regards,
As far as I can see, slurpd merely processes the changes in the replog. If it
is generating requests out of sequence, then they must have been recorded
out-of-sequence in the log. And yet I don't see any reason why slapd would
generate the modifications out of sequence.
What are the circumstances that cause these improper sequences to get into
the replog in the first place?
As for copying the code from ldapmodify.c into slurpd - probably the better
solution would be to move the relevant code from ldapmodify.c into a library.
When we still maintained libldif as its own entity it would have made sense
to put it there, but now it would seem to best fit in libldap, and perhaps
the other LDIF routines in liblutil should move there as well. This would
also partially address ITS#4033.
--
-- Howard Chu
Chief Architect, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc
OpenLDAP Core Team http://www.openldap.org/project/