[Bug 9253] New: Access not retained when last examined olcAccess has a "break" control

2 May 2020


      https://bugs.openldap.org/show_bug.cgi?id=9253
Bug ID: 9253
           Summary: Access not retained when last examined olcAccess has a
                    "break" control
           Product: OpenLDAP
           Version: unspecified
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: normal
          Priority: ---
         Component: slapd
          Assignee: bugs@openldap.org
          Reporter: kop@karlpinc.com
  Target Milestone: ---
When the last examined olcAccess control is "break" then it does not
matter what access rights have been granted by the rules, access is
denied.
Reproduce by having a database with a single access rule:
to attrs=userPassword by anonymous =x
Note that ldapwhoami successfully does a simple bind.
Then, modify so that the single existing access rule is:
to attrs=userPassword by anonymous =x break
Users can no longer do a simple bind.
You will see similar behavior with SASL binds, or any number
of access rules.  Access is denied when the the last examined access
control is "break".
The problem is at line 309 of: servers/slapd/acl.c
(In master/HEAD, and probably all versions)
-- 
You are receiving this mail because:
You are on the CC list for the bug.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Bug 9253] New: Access not retained when last examined olcAccess has a "break" control