|
A little mistake : Twix and Snickers are not the right place to fix this issue.
It should be done before, when generating the response. This bug is related to RFC 2251. It's not any more a bug for http://www.ietf.org/internet-drafts/draft-ietf-ldapbis-protocol-32.txt, 4.1.9 :
"For certain result codes (typically, but not restricted to noSuchObject, aliasProblem, invalidDNSyntax and aliasDereferencingProblem), the matchedDN field is set (subject to access controls) to the name of the last entry (object or alias) used in finding the target (or base) object. This will be a truncated form of the provided name or, if an alias was dereferenced while attempting to locate the entry, of the resulting name. Otherwise the matchedDN field is empty. " A flag could be added in configuration to address the possibility to handle ldap-v3 or ldap-bis specific cases. What's the durability of such a draft ? Is it worth it to invest time ?
Jerome definitively !!!
here is the current status of the draft : https://datatracker.ietf.org/public/pidtracker.cgi?command=print_ballot&ballot_id=1023&filename=draft-ietf-ldapbis-protocol At this point, its is close to become an offical RFC. So let's o for that draft and you may not need to handle the old (RFC 2251) way.
This has been fixed for some time. I confirmed and we do this correctly thanks to
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
Bug
Closed
Trivial
Incorrect matched DN in the bind response (and others depending on the result code)
But I don't know if it is of some importance to keep the DN into the LdapResult. I bet that no client will ever throw an error if this condition is not fulfilled ;)
Twix and Snickers codec will be fixed to handle the resultcodes that should not produce a DN.
A valid test to do is to check what happens when one of the 4 given result code is returned : is the added DN is correct wrt rfc 2251, then ?