Full_Name: Alastair McCormack Version: 2.3.43 OS: Red Hat Enterprise Linux Server release 5.4 (Tikanga) URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (83.98.0.249)
Proprietary LDAP Client ---LDAPv3---> OpenLDAP 2.3.43 Query: ??sub(objectClass=*)
Client Receives Error 53: "searchOptions contained unrecognized flag"
This works fine when client is pointed at a Windows AD Domain Controller.
Tracing reveals that client is setting: Control: oid=1.2.840.113556.1.4.1340 = SERVER_SEARCH_FLAG_PHANTOM_ROOT noncritical
By my novice understanding of the LDAP v3 RFC, the non-critical flag should mean that the search should not fail if the Control is not supported. However, it would seem that in controls.c an unknown or unimplemented flag is causing an exception even if the Control option is non critical.
I have worked around this by creating and applying the following patch (includes typo fix):
--- /var/tmp/controls.c-ignore-non-crit-search-flags 2010-02-22 15:16:16.000000000 +0000 +++ openldap-2.3.43/servers/slapd/controls.c 2008-04-09 02:12:47.000000000 +0100 @@ -1425,10 +1425,10 @@ static int parseSearchOptions ( : SLAP_CONTROL_NONCRITICAL; }
- if ( search_flags & ~(LDAP_SEARCH_FLAG_DOMAIN_SCOPE) ) { + if ( (search_flags & ~(LDAP_SEARCH_FLAG_DOMAIN_SCOPE)) && ctrl->ldctl_iscritical ) { /* Other search flags not recognised so far, * including: - * LDAP_SEARCH_FLAG_PHANTOM_ROOM + * LDAP_SEARCH_FLAG_PHANTOM_ROOT */ rs->sr_text = "searchOptions contained unrecognized flag"; return LDAP_UNWILLING_TO_PERFORM;
I have very little C knowledge so this was more of a POC rather than a suggested solution.
Many thanks for a superb application. Keep up the good work :)
Alastair McCormack