Full_Name: Kurt Zeilenga Version: HEAD OS: Mac OS X 10.4.10 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (24.180.46.200) Submitted by: kurt
Fixed in HEAD libraries/libldap/ppolicy.c 1.14,1.15 libraries/libldap/controls.c 1.53,1.55
Fixed in HEAD libraries/libldap/ppolicy.c 1.14,1.15 libraries/libldap/controls.c 1.53,1.55
... then I believe that most of the libldap specific control creation is broken or at least misusing ldap_create_control(). See for example pagectrl.c, sortctrl.c and more.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
On Aug 22, 2007, at 11:21 AM, Pierangelo Masarati wrote:
Fixed in HEAD libraries/libldap/ppolicy.c 1.14,1.15 libraries/libldap/controls.c 1.53,1.55
... then I believe that most of the libldap specific control creation is broken or at least misusing ldap_create_control().
Well, ldap_create_control is flawed, period, as its not generally usable. It only applicable to controls whose values are BER encoded using our BER library. Seems more appropriate that those using our BER library to generate BER encoded data for a control value ought to do all the BER calls themselves. I recommend axing it, or at least, deprecating it from the API.
I'd also recommend deprecating ldap_find_control promotes running through the sequence of controls multiple times... and it cannot find the 2nd or later control of the same kind...
See for example pagectrl.c, sortctrl.c and more.
The paged and sorted request controls, IIRC, always have control values containing BER encoded data. So ldap_create_control(3) should not be broken here. The ppolicy request control must not have a control value, so that use was broken. Hence the change. Time is short for me at the moment, so just made a quick fix (a bit too quick, as you can see from the commit log:-).
-- Kurt
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it
Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it
Kurt Zeilenga wrote:
Well, ldap_create_control is flawed, period, as its not generally usable. It only applicable to controls whose values are BER encoded using our BER library. Seems more appropriate that those using our BER library to generate BER encoded data for a control value ought to do all the BER calls themselves. I recommend axing it, or at least, deprecating it from the API.
OK.
I'd also recommend deprecating ldap_find_control promotes running through the sequence of controls multiple times... and it cannot find the 2nd or later control of the same kind...
OK.
See for example pagectrl.c, sortctrl.c and more.
The paged and sorted request controls, IIRC, always have control values containing BER encoded data. So ldap_create_control(3) should not be broken here.
It's not broken, it's rather used in a broken manner: called with a NULL ber, with the control value separately cooked and set afterwards...
The ppolicy request control must not have a control value, so that use was broken. Hence the change. Time is short for me at the moment, so just made a quick fix (a bit too quick, as you can see from the commit log:-).
:)
I'll try to cleanup things a little bit.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
Pierangelo Masarati wrote:
I'll try to cleanup things a little bit.
(hopefully) fixed. Please check and comment.
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.r.l. via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it --------------------------------------- Office: +39 02 23998309 Mobile: +39 333 4963172 Email: pierangelo.masarati@sys-net.it ---------------------------------------
-
Kurt Zeilenga -
kurt@OpenLDAP.org
-
Pierangelo Masarati