hyc@OpenLDAP.org wrote:
- back-ldap fails to startup if back-monitor isn't enabled. It should silently
skip usage of back-monitor, the way back-bdb does.
should be fixed now (not quite clean, though)
- multiple calls are made to ldap_back_is_proxy_authz with
sendok=LDAP_BACK_SENDERR without checking the return status or aborting the operation. As such, when proxy authorization is not in effect for an operation, the client receives multiple Error Result messages for its request (even though it continues to completion).
This should be fixed now, thanks for pointing out.
Likewise for ldap_back_proxy_authz_bind.
Here the fix is slightly different: whenever ldap_back_proxy_authz_bind() succeeds, it should set rc to 1; this is the actual error.
Either these functions should never send a result back to the client, or their return status should be checked and processing should stop when they fail. I've cleaned up several instances of this type of error in previous revisions but can't track them all down now. Errors of this type may also exist in RE23; I haven't looked.
There shouldn't be too many, as that stuff was only recently reworked.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
-
ando@sys-net.it