https://bugs.openldap.org/show_bug.cgi?id=9212
--- Comment #1 from Ryan Tandy ryan@openldap.org --- Another one in back-meta/init.c (not as bad, the buffer is pre-initialized):
$ cat meta.ldif dn: olcDatabase={1}meta,cn=config objectClass: olcMetaConfig olcSuffix: dc=example,dc=com
dn: olcMetaSub=uri,olcDatabase={1}meta,cn=config objectClass: olcMetaTargetConfig olcDbURI: "ldap:///dc=example,dc=com" olcDbIDAssertAuthzFrom: * olcDbIDAssertBind: bindmethod=sasl flags=non-prescriptive
2.4:
$ ldapadd -H ldap://:9000 -x -D cn=root,cn=config -w secret -f meta.ldif adding new entry "olcDatabase={1}meta,cn=config"
adding new entry "olcMetaSub=uri,olcDatabase={1}meta,cn=config" ldap_add: Other (e.g., implementation specific) error (80) additional info: olcDbIDAssertBind: value #0: inconsistent idassert configuration (likely authz="*" used with "non-prescriptive" flag)
2.5:
$ ldapadd -H ldap://:9000 -x -D cn=root,cn=config -w secret -f meta.ldif adding new entry "olcDatabase={1}meta,cn=config"
adding new entry "olcMetaSub=uri,olcDatabase={1}meta,cn=config" ldap_add: Other (e.g., implementation specific) error (80) additional info: <olcDbIDAssertBind> failed startup