cyril wrote:

The message is located in

isc_result_t dlz_ldap_checkURL(char *URL, int attrCnt, const char *msg)

located in file bin/named/dlz_ldap_driver.c provided by ctrix_dlz_9.3.3.patch

OK. In your initial posting you claimed to be using bind 9.3.4, I assume you patched 9.3.4 with 9.3.3 patch. Anyway, in that patch I still don't see the message you reported; did you copy it verbatim, or did you elaborate it?. Anyway, that patch looks definitely similar to the analogous code in bind 9.4.0. That code seems to make use of LDAP URLs only as a means to define a LDAP search in compact form; but URLs have a specific syntax with restrictions, as indicated in RFC4516 and RFC3986; pretending to parse them with standards compliant library functions while they don't comply with their definition sounds a bit hazardous.

In any case, it's astonishing that the URL syntax is used along with a marker for macro replacement that's the most reserved char in URLs. Sounds like someone chose the largest available gun to shoot in his own foot.

p.

Ing. Pierangelo Masarati OpenLDAP Core Team

SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------