[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5592) Quarantine in back-meta



Full_Name: Andrew Graham
Version: 2.4.10
OS: SLES 10
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (194.169.32.250)


The quarantine function in back-meta will permanently disable a target if a
query is received while the quarantine has been imposed.

To reproduce, use the config file below. Send a query and the quarantine will be
set. Send another query within 20 seconds and the quarantine will not lift
without restarting slapd.

---- slapd.conf ----

include         /usr/local/openldap/etc/openldap/schema/core.schema
include         /usr/local/openldap/etc/openldap/schema/cosine.schema
include         /usr/local/openldap/etc/openldap/schema/inetorgperson.schema

pidfile         /usr/local/openldap/var/run/slapd.pid
argsfile        /usr/local/openldap/var/run/slapd.args

database meta

suffix dc=example,dc=com

uri ldap://afakeaddress/dc=target,dc=example,dc=com

quarantine 20,+