7:27 a.m.
https://fedorahosted.org/sssd/ticket/1440
Looks like some LDAP servers are able to store empty attribute values.
For some servers it results in syntax error, so it is probably a rare
case (if not an error) to have such values. LDB seems to be unable to
handle such values too, so in this patch we skip empty values and do not
store them to local cache.
Patch is attached.
Thanks
Michal
1:28 p.m.
On Thu, Sep 20, 2012 at 02:27:03PM +0200, Michal Židek wrote:
https://fedorahosted.org/sssd/ticket/1440
Looks like some LDAP servers are able to store empty attribute
values. For some servers it results in syntax error, so it is
probably a rare case (if not an error) to have such values. LDB
seems to be unable to handle such values too, so in this patch we
skip empty values and do not store them to local cache.
Patch is attached.
Thanks
Michal
I double checked this scenario with Rich.
Technically an "empty" value could have been legal for cases where the string
was an octet string with a single zero byte. Treating such attribute as
if it was missing is probably the right thing to do. For the objects
we care about, this value is possible only with old server that don't do
syntaxt validation.
Ack!
4:38 a.m.
On Thu, Sep 20, 2012 at 08:28:25PM +0200, Jakub Hrozek wrote:
On Thu, Sep 20, 2012 at 02:27:03PM +0200, Michal Židek wrote:
> https://fedorahosted.org/sssd/ticket/1440
>
> Looks like some LDAP servers are able to store empty attribute
> values. For some servers it results in syntax error, so it is
> probably a rare case (if not an error) to have such values. LDB
> seems to be unable to handle such values too, so in this patch we
> skip empty values and do not store them to local cache.
>
> Patch is attached.
>
> Thanks
> Michal
I double checked this scenario with Rich.
Technically an "empty" value could have been legal for cases where the string
was an octet string with a single zero byte. Treating such attribute as
if it was missing is probably the right thing to do. For the objects
we care about, this value is possible only with old server that don't do
syntaxt validation.
Ack!
Pushed to master.
4:20 a.m.
On Fri, Sep 21, 2012 at 11:38:55AM +0200, Jakub Hrozek wrote:
On Thu, Sep 20, 2012 at 08:28:25PM +0200, Jakub Hrozek wrote:
> On Thu, Sep 20, 2012 at 02:27:03PM +0200, Michal Židek wrote:
> > https://fedorahosted.org/sssd/ticket/1440
> >
> > Looks like some LDAP servers are able to store empty attribute
> > values. For some servers it results in syntax error, so it is
> > probably a rare case (if not an error) to have such values. LDB
> > seems to be unable to handle such values too, so in this patch we
> > skip empty values and do not store them to local cache.
> >
> > Patch is attached.
> >
> > Thanks
> > Michal
>
> I double checked this scenario with Rich.
>
> Technically an "empty" value could have been legal for cases where the
string
> was an octet string with a single zero byte. Treating such attribute as
> if it was missing is probably the right thing to do. For the objects
> we care about, this value is possible only with old server that don't do
> syntaxt validation.
>
> Ack!
Pushed to master.
The commit was pushed to sssd-1-9 at the same time it was pushed to
master. I also pushed it to sssd-1-8 now as we just had a user hitting
the problem on #sssd apparently.
4080
days inactive
4234
days old
sssd-devel@lists.fedorahosted.org
3 comments
2 participants
participants (2)
-
Jakub Hrozek -
Michal Židek