1
# Description: Fixes some issues with the uniqueness overlay.
2
# ITS 6077 fixed in openldap > 2.4.17.
3
# Upstream: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=6077
4
# Patch: http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/2009-July/003409.html
6
--- openldap-2.4.17/servers/slapd/overlays/unique.c 21 Jan 2009 23:40:40 -0000 1.41
7
+++ openldap-2.4.17/servers/slapd/overlays/unique.c 24 Jul 2009 20:00:53 -0000 1.42
8
@@ -47,6 +47,7 @@ typedef struct unique_domain_uri_s {
13
struct unique_attrs_s *attrs;
16
@@ -141,6 +142,7 @@ unique_free_domain_uri ( unique_domain_u
17
ch_free ( uri->dn.bv_val );
18
ch_free ( uri->ndn.bv_val );
19
ch_free ( uri->filter.bv_val );
20
+ filter_free( uri->f );
23
next_attr = attr->next;
24
@@ -214,6 +216,13 @@ unique_new_domain_uri ( unique_domain_ur
29
+ if ( BER_BVISNULL( &be->be_rootndn ) || BER_BVISEMPTY( &be->be_rootndn ) ) {
30
+ Debug( LDAP_DEBUG_ANY,
31
+ "slapo-unique needs a rootdn; "
32
+ "backend <%s> has none, YMMV.\n",
33
+ be->be_nsuffix[0].bv_val, 0, 0 );
37
attr_str = url_desc->lud_attrs;
38
@@ -247,17 +256,16 @@ unique_new_domain_uri ( unique_domain_ur
41
if (url_desc->lud_filter) {
42
- Filter *f = str2filter( url_desc->lud_filter );
43
+ uri->f = str2filter( url_desc->lud_filter );
47
snprintf( c->cr_msg, sizeof( c->cr_msg ),
48
"unique: bad filter");
52
/* make sure the strfilter is in normal form (ITS#5581) */
53
- filter2bv( f, &uri->filter );
55
+ filter2bv( uri->f, &uri->filter );
56
ptr = strstr( uri->filter.bv_val, "(?=" /*)*/ );
57
if ( ptr != NULL && ptr <= ( uri->filter.bv_val - STRLENOF( "(?=" /*)*/ ) + uri->filter.bv_len ) )
59
@@ -459,6 +467,13 @@ unique_cf_base( ConfigArgs *c )
64
+ ch_free( c->value_dn.bv_val );
65
+ BER_BVZERO( &c->value_dn );
66
+ ch_free( c->value_ndn.bv_val );
67
+ BER_BVZERO( &c->value_ndn );
73
@@ -1071,6 +1086,17 @@ unique_add(
74
&& !dnIsSuffix( &op->o_req_ndn, &uri->ndn ))
78
+ if ( test_filter( NULL, op->ora_e, uri->f )
79
+ == LDAP_COMPARE_FALSE )
81
+ Debug( LDAP_DEBUG_TRACE,
82
+ "==> unique_add_skip<%s>\n",
83
+ op->o_req_dn.bv_val, 0, 0 );
88
if(!(a = op->ora_e->e_attrs)) {
89
op->o_bd->bd_info = (BackendInfo *) on->on_info;
90
send_ldap_error(op, rs, LDAP_INVALID_SYNTAX,
91
--- openldap-2.4.17/tests/scripts/test024-unique 21 Jan 2009 23:40:45 -0000 1.14
92
+++ openldap-2.4.17/tests/scripts/test024-unique 24 Jul 2009 20:00:53 -0000 1.15
93
@@ -425,6 +425,7 @@ dn: olcOverlay={0}unique,olcDatabase={1}
96
olcUniqueURI: ldap:///?sn?sub?(cn=e*)
97
+olcUniqueURI: ldap:///?uid?sub?(cn=edgar)
100
olcUniqueURI: ldap:///?description?one
101
@@ -445,6 +446,7 @@ objectClass: olcUniqueConfig
102
olcOverlay: {0}unique
103
olcUniqueURI: ldap:///?employeeNumber,displayName?sub
104
olcUniqueURI: ldap:///?sn?sub?(cn=e*)
105
+olcUniqueURI: ldap:///?uid?sub?(cn=edgar)
108
diff $TESTDIR/third-config.ldif $TESTDIR/third-reference.ldif > /dev/null 2>&1
109
@@ -473,6 +475,24 @@ if test $RC != 0 ; then
113
+echo "Adding a record unique in all domains because of filter conditions "
114
+$LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \
115
+ $TESTOUT 2>&1 << EOF
116
+dn: uid=empty,ou=users,o=unique
117
+objectClass: inetOrgPerson
124
+if test $RC != 0 ; then
125
+ echo "spurious unique error ($RC)!"
126
+ test $KILLSERVERS != no && kill -HUP $KILLPIDS
131
echo "Adding a record unique in one domain, non-unique in the filtered domain..."
133
$LDAPADD -D "$UNIQUEDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \