[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Jndi VLV usage (maybe a BER encoding issue)
- To: openldap-technical@openldap.org
- Subject: Jndi VLV usage (maybe a BER encoding issue)
- From: Sebastien Bahloul <sebastien.bahloul@gmail.com>
- Date: Mon, 25 Oct 2010 16:39:57 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:mime-version:content-type:message-id; bh=YdkEa0c2FROjywYG0ziAqlPna/i+eHD53k5m1liM6ws=; b=wnl7tb0caxdzJPH4+lXAvufbZo/ApYvRawZty9HSuXUvcv+LfCokxRD85o6jdLdkXK aQJfUE7lTjvpZl2faeuGIiHrmdwxbBEB+/ta6OqxO1ZjqptXF8UjxB0z3vGtM4o1Vz3u 9n4ysxDfEqM8ts6bAhrK4tJxq2PNpOA8r/Odc=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=from:to:subject:date:user-agent:mime-version:content-type :message-id; b=UNZVvMgBlRdKt8mSRsv7xOuE3cC5/gmB4eYLM7Qzv+XmjpUROTVatQzOXBT2NKI175 uT0grDE2fiK7fsUExh+S6KxtTpVQ6IpK4tUDFw/8j8BbaOOhP83Zt330cdf3qt5UdvXp 4dIEMiiOBibUrAdTns8ZgUsc/HNAFJf+uX5xw=
- User-agent: KMail/1.13.5 (Linux/2.6.35-22-generic; KDE/4.5.1; x86_64; ; )
Hi,
Does anyone already succeed to use VLV search requests through JNDI API ? It
is functional with ldapsearch, but I get the following error on JDK 1.5 :
javax.naming.NamingException [Root exception is
com.sun.jndi.ldap.Ber$DecodeException: Encountered ASN.1 tag 2 (expected tag
10)]
After doing some network captures between different directories implementation,
it seems that there is a BER encoding error on the VLV response error code :
Global VLV control response ASN1 dump (through openssl asn1parse) :
0:d=0 hl=2 l= 50 cons: SEQUENCE
2:d=1 hl=2 l= 24 prim: OCTET STRING :2.16.840.1.113730.3.4.10
28:d=1 hl=2 l= 22 prim: OCTET STRING
0000 - 30 14 02 01 00 02 02 00-aa 02 01 00 04 08 10 0a
0...............
0010 - 82 15 ..
0016 - <SPACES/NULS>
Included octet string VLV control response ASN1 dump :
0:d=0 hl=2 l= 20 cons: SEQUENCE
2:d=1 hl=2 l= 1 prim: INTEGER :00
5:d=1 hl=2 l= 2 prim: INTEGER :AA
9:d=1 hl=2 l= 1 prim: INTEGER :00
12:d=1 hl=2 l= 8 prim: OCTET STRING
0000 - 10 0a 82 15 ....
0008 - <SPACES/NULS>
According to latest VLV draft (seems to be version 4) in section 5.2, return
type for error code (last 00 in this dump) must be an enumerated type (tag
type 10). In OpenLDAP response, error code is encoded as an integer (tag type
2).
I suggest to fix this by changing ber_printf(..."{iii ... to
ber_printf(..."{iie ... in sssvlv.c:198. Please find a sssvlv patch attached.
Regards
--
Sebastien Bahloul
@: sebastien.bahloul@gmail.com
--- servers/slapd/overlays/sssvlv.c.orig 2010-10-25 16:02:38.257076732 +0200
+++ servers/slapd/overlays/sssvlv.c 2010-10-25 16:02:45.827133810 +0200
@@ -198,7 +198,7 @@
ber_init2( ber, NULL, LBER_USE_DER );
ber_set_option( ber, LBER_OPT_BER_MEMCTX, &op->o_tmpmemctx );
- rc = ber_printf( ber, "{iii", so->so_vlv_target, so->so_nentries,
+ rc = ber_printf( ber, "{iie", so->so_vlv_target, so->so_nentries,
so->so_vlv_rc );
if ( rc != -1 && so->so_vcontext ) {