From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7 Description of problem: The password policy reqauest and response controls have the same oid (this is correct according to the latest draft http://www.ietf.org/internet-drafts/draft-behera-ldap-password-policy-09.txt ) FDS registers both request and response controls and ends up with duplicate oid values in the supportedControls attribute Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.ldapsearch -s base -b "" 2. 3. Actual Results: duplicate oid 1.3.6.1.4.1.42.2.27.8.5.1 in supportedControl Expected Results: one 1.3.6.1.4.1.42.2.27.8.5.1 value Additional info:
One line change: Index: control.c =================================================================== RCS file: /cvs/dirsec/ldapserver/ldap/servers/slapd/control.c,v retrieving revision 1.4 diff -t -U8 -r1.4 control.c --- control.c 19 Apr 2005 22:07:36 -0000 1.4 +++ control.c 10 Jan 2006 19:13:56 -0000 @@ -90,20 +90,26 @@ slapi_register_supported_control( LDAP_CONTROL_REAL_ATTRS_ONLY, SLAPI_OPERATION_SEARCH ); slapi_register_supported_control( LDAP_CONTROL_VIRT_ATTRS_ONLY, SLAPI_OPERATION_SEARCH ); slapi_register_supported_control( LDAP_X_CONTROL_PWPOLICY_REQUEST, SLAPI_OPERATION_SEARCH | SLAPI_OPERATION_COMPARE | SLAPI_OPERATION_ADD | SLAPI_OPERATION_DELETE | SLAPI_OPERATION_MODIFY | SLAPI_OPERATION_MODDN ); +/* + We do not register the password policy response because it has + the same oid as the request (and it was being reported twice in + in the root DSE supportedControls attribute) + slapi_register_supported_control( LDAP_X_CONTROL_PWPOLICY_RESPONSE, SLAPI_OPERATION_SEARCH | SLAPI_OPERATION_COMPARE | SLAPI_OPERATION_ADD | SLAPI_OPERATION_DELETE | SLAPI_OPERATION_MODIFY | SLAPI_OPERATION_MODDN ); +*/ slapi_register_supported_control( LDAP_CONTROL_GET_EFFECTIVE_RIGHTS, SLAPI_OPERATION_SEARCH ); }
Verified: PASS Test machine: neo.dsdev.sjc.redhat.com Test: [root@neo ~]# /usr/lib/mozldap/ldapsearch -h neo.dsdev.sjc.redhat.com -p 389 -D "cn=directory manager" -w Secret123 -s base -b "" objectclass=* "*" | grep 1.3.6.1.4.1.42.2.27.8.5.1 supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1