[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit: ldap/servers/slapd filterentry.c schema_init.c

To: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Subject: Re: commit: ldap/servers/slapd filterentry.c schema_init.c
From: Pierangelo Masarati <ando@sys-net.it>
Date: Tue, 29 Mar 2005 09:05:57 +0200
Cc: kurt@OpenLDAP.org, OpenLDAP Devel <openldap-devel@OpenLDAP.org>
In-reply-to: <hbf.20050329nbfi@bombur.uio.no>
References: <200503260107.j2Q171aK044278@cantor.openldap.org> <4247D9E7.5070309@sys-net.it> <hbf.20050329nbfi@bombur.uio.no>
User-agent: Mozilla Thunderbird 1.0 (X11/20041206)

Hallvard B Furuseth wrote:

Pierangelo Masarati writes:

kurt@OpenLDAP.org wrote:

Update uniqueMemberMatch to be consistent with latest draft-ietf-ldapbis-syntaxes Add uniqueMemberMatch approximate support Add uniqueMemberMatch indexing support

As a consequence of this change, test026 is failing when the server is searched with "(uniqueMember=dc=example,dc=com)", i.e. the asserted value is missing the bitString portion. Since this option appears to be absent from draft-ietf-ldapbis-syntaxes, i.e. there's no mention of the possibility of having the asserted value without the bitString portion,
Yes there is.  Section 4.2.31 (uniqueMemberMatch) says:
  The rule evaluates to TRUE if and only if (...) and either, the
  <BitString> component is absent from both the attribute value and
  assertion value, or (...)
If you find that somewhat complex sentence ambiguous or too hard to
parse, maybe you should suggest a better wording to
ietf-ldapbis@openldap.org.
if my interpretation is correct the test is malformed and should be removed, since it seems to imply that an absent bitString is equivalent to a bitstring of "#'0'B".

I don't see how you get that from the draft. Also note that a bit string is just that - a bit string, not a representation of an integer. So if anything #''B would be a more natural "default".

I'm not getting this at all from the draft, but rather from the code. That's what the code was doing so far. Now I agree after Kurt's changes it looks much more consistent with the draft.

I was looking at an old version of the draft. After reading the most recent (-10, AFAIK) I think the wording is very clear: it says that to have a match, given a value and an asserted value, the DN parts must match and either the bitstring is absent from both, or the bitstrings match according to bitString matching rule. As such, if the value has the bitstring and the asserted value doesn't, it is my understanding that the result of the match is undefined, unless a missing bitString part is treated as an empty bitString (i.e. a bitString of '', which is equivalent to any amount of '0's).

p.


   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497

References:
- Re: commit: ldap/servers/slapd filterentry.c schema_init.c
  - From: Pierangelo Masarati <ando@sys-net.it>
- Re: commit: ldap/servers/slapd filterentry.c schema_init.c
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

Prev by Date: Re: test034 doesn't like back-monitor?
Next by Date: Re: back-config, includes
Index(es):
- Chronological
- Thread