Bug 1150694
Summary: | Encoding of SearchResultEntry is missing tag | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Noriko Hosoi <nhosoi> |
Component: | 389-ds-base | Assignee: | Noriko Hosoi <nhosoi> |
Status: | CLOSED ERRATA | QA Contact: | Viktor Ashirov <vashirov> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 7.0 | CC: | amsharma, nhosoi, nkinder, rmeggins, tbordaz |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | 389-ds-base-1.3.3.1-6.el7 | Doc Type: | Bug Fix |
Doc Text: |
Cause: The encoding of the PreReadControl,PostReadControl does not contain the tag (LDAP_RES_SEARCH_ENTRY = constructed+application).
Consequence: The missing tag is a violation of LDAP (Lightweight Directory Access Protocol).
Fix: Add the tag to the ber encoding.
Result: The server does not violate the protocol.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2015-03-05 09:36:09 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Noriko Hosoi
2014-10-08 17:19:37 UTC
Please add verification steps Hi Thierry, Could there be an isolated reproducer for this issue? If yes, could you share with us? Hello Noriko, In the ticket I provided a test case https://fedorahosted.org/389/attachment/ticket/47920/ticket47920_test.py. By isolated reproducer do you mean a test case integrated into the CI tests ? thanks thierry (In reply to thierry bordaz from comment #3) > Hello Noriko, > > In the ticket I provided a test case > https://fedorahosted.org/389/attachment/ticket/47920/ticket47920_test.py. > > By isolated reproducer do you mean a test case integrated into the CI tests ? > > thanks > thierry Cool! (Sorry, Thierry. I should have remembered you added the test case... :p) That's perfect for the verification. Thanks, Thierry! executed https://fedorahosted.org/389/attachment/ticket/47920/ticket47920_test.py Result :: [root@dhcp201-126 export]# python test.py *** <ldap.ldapobject.SimpleLDAPObject instance at 0x7ffa47daba70> ldap://localhost:389/ - SimpleLDAPObject.set_option ((17, 3), {}) => result: None *** <ldap.ldapobject.SimpleLDAPObject instance at 0x7ffa47daba70> ldap://localhost:389/ - SimpleLDAPObject.simple_bind (('cn=directory manager', 'Secret123', None, None), {}) => result: 1 *** <ldap.ldapobject.SimpleLDAPObject instance at 0x7ffa47daba70> ldap://localhost:389/ - SimpleLDAPObject.result4 ((1, 1, -1, 0, 0, 0), {}) => result: (97, [], 1, []) *** <ldap.ldapobject.SimpleLDAPObject instance at 0x7ffa47daba70> ldap://localhost:389/ - SimpleLDAPObject.add_ext (('uid=foo,dc=example,dc=com', [('objectClass', ['account']), ('uid', ['foo']), ('description', ['original description'])], None, None), {}) => result: 2 *** <ldap.ldapobject.SimpleLDAPObject instance at 0x7ffa47daba70> ldap://localhost:389/ - SimpleLDAPObject.modify_ext (('uid=foo,dc=example,dc=com', [(2, 'description', 'new description')], [('1.3.6.1.1.13.2', True, '0\x12\x04\x03uid\x04\x0bdescription')], None), {}) => result: 3 *** <ldap.ldapobject.SimpleLDAPObject instance at 0x7ffa47daba70> ldap://localhost:389/ - SimpleLDAPObject.result4 ((3, 1, -1, 0, 0, 0), {}) => result: (103, [], 3, [('1.3.6.1.1.13.2', 0, 'dM\x04\x19uid=foo,dc=example,dc=com000\x0c\x04\x03uid1\x05\x04\x03foo0 \x04\x0bdescription1\x11\x04\x0fnew description')]) resp_ctrls[0].dn: uid=foo,dc=example,dc=com resp_ctrls[0].entry: {'description': ['new description'], 'uid': ['foo']} Hence marking as VERIFIED. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHSA-2015-0416.html |