h.b.furuseth@usit.uio.no wrote:
Full_Name: Hallvard B Furuseth Version: HEAD OS: Linux URL: Submission from: (NULL) (129.240.6.233) Submitted by: hallvard
RFC 4528 says the Assert control is appropriate for Add. Slapd disagrees:
$ ldapadd -xhlocalhost:3890 -e!assert='(objectClass=organization)' <test.ldif adding new entry "o=test" ldap_add: Critical extension is unavailable (12) additional info: critical extension is unavailable
According to this thread
http://www.openldap.org/lists/openldap-software/200512/msg00250.html
the author of the assertion control (Kurt :) believes the current specification is flawed. In fact, the assertion control is intended to apply to the contents of the DIT. The entry does not belong to the DIT until the operation is completed, so assertion cannot apply.
back-bdb and back-sql do not apply the assert control to Add.
As per what seems to be the intention of the author of the specification (although it is in contrast with the current specification, RFC4528).
The message comes from slapd/controls.c. Don't fix that before fixing Add in the backends, otherwise critical controls can be ignored.
Another strangeness: overlays/syncprov.c applies the Assert control to Compare but not other operations. I don't know why, there are no comments about it.
No clue.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ----------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Fax: +39 0382 476497 Email: ando@sys-net.it -----------------------------------