[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5980) libldap referral chasing now returns referral (10) and matchedDN

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#5980) libldap referral chasing now returns referral (10) and matchedDN
From: ando@sys-net.it
Date: Tue, 3 Mar 2009 08:37:07 GMT
Auto-submitted: auto-generated (OpenLDAP-ITS)

hyc@symas.com wrote:
> ando@sys-net.it wrote:
>> Full_Name: Pierangelo Masarati
>> Version: HEAD/re24
>> OS: irrelevant
>> URL: ftp://ftp.openldap.org/incoming/
>> Submission from: (NULL) (82.63.140.131)
>> Submitted by: ando
>>
>>
>> Probably a side-effect of fixing ITS#5853: when setting LDAP_OPT_REFERRALS,
>> libldap automatically chases any referrals, but at the end returns a response
>> with ld_errno set to 10 and ld_matched set to the portion of DN that was matched
>> in the initial request.  This is because the corresponding fields in the parent
>> request are not cleared when the referral is successfully chased.  I'm trying to
>> fix this, but it's not clear to me when success should be detected: at
>> successful referral chasing request submission, I guess?
> 
> When does this behavior? It doesn't show up in e.g. test009...

If you have a subordinate reference in server1 that points to server2 
and you search server1 using the DN of the subordinate reference.  What 
I do is:

- fire test003

- create a slapd.2.conf with suffix "ou=Other,dc=example,dc=com"

- populate server1 with

dn: ou=Other,dc=example,dc=com
objectClass: referral
objectClass: extensibleObject
ou: Other
ref: ldap://:9012/ou=Other,dc=example,dc=com

- populate server2 with

dn: ou=Other,dc=example,dc=com
objectClass: organizationalUnit
ou: Other

dn: cn=Foo Bar,ou=Other,dc=example,dc=com
objectClass: device
cn: Foo Bar

- search server1 for "ou=Other,dc=example,dc=com"

Apparently, test009 is only testing the superior reference.  test016 
tests subordinate references, but without even trying -C.  I think the 
test should be modified to be run once without and once with -C in order 
to test the library's behavior.  I believe automatic referral chasing 
should be deprecated, but I fear there are tons of code out there that 
rely on it.

p.




Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
-----------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Fax:     +39 0382 476497
Email:   ando@sys-net.it
-----------------------------------

Prev by Date: (ITS#5988) entries skipped in n-way mutimaster replication
Next by Date: Re: (ITS#5980) libldap referral chasing now returns referral (10) and matchedDN
Index(es):
- Chronological
- Thread