[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openldap-bugs
Subject:    [Issue 10195] New: permissive modify control without value
From:       openldap-its () openldap ! org
Date:       2024-03-30 17:54:32
Message-ID: bug-10195-2 () http ! bugs ! openldap ! org/
[Download RAW message or body]

https://bugs.openldap.org/show_bug.cgi?id=10195

          Issue ID: 10195
           Summary: permissive modify control without value
           Product: OpenLDAP
           Version: 2.6.7
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: slapd
          Assignee: bugs@openldap.org
          Reporter: lesignor@cirad.fr
  Target Milestone: ---

Hello,

A windows ldap client (dotnet) format the request with oid permissive modify
control like this :

00d0                           30 84 00 00 00 1e 04 17   ........0.......
00e0   31 2e 32 2e 38 34 30 2e 31 31 33 35 35 36 2e 31   1.2.840.113556.1
00f0   2e 34 2e 31 34 31 33 01 01 ff 04 00               .4.1413.....

The last 2 bytes 04 00 seems to indicate no value (length of value = 0 ?).

With openldap 2.4.x this request was accepted.

With openldap 2.5.x or openldap 2.6.x, this request is rejected for invalid
protocol with error message : permissiveModify control value not absent

With ldapmodify from openldap, the same request is formatted without the last 2
bytes and is accepted.

Could it be possible to accept request with control without value formatted
with 04 00 to indicate no value ?

It will help to migrate from openldap 2.4.x to 2.5.x or 2.6.x

Thanks

-- 
You are receiving this mail because:
You are on the CC list for the issue.=
[prev in list] [next in list] [prev in thread] [next in thread]