ITS#9763 Make sure we keep cn=config values separate

author Ondřej Kuzník <ondra@mistotebe.net>

Wed, 8 Dec 2021 17:15:40 +0000 (17:15 +0000)

committer Quanah Gibson-Mount <quanah@openldap.org>

Tue, 4 Jan 2022 22:34:32 +0000 (22:34 +0000)
author Ondřej Kuzník <ondra@mistotebe.net>
Wed, 8 Dec 2021 17:15:40 +0000 (17:15 +0000)
committer Quanah Gibson-Mount <quanah@openldap.org>
Tue, 4 Jan 2022 22:34:32 +0000 (22:34 +0000)
diff --git a/servers/slapd/overlays/refint.c b/servers/slapd/overlays/refint.c

index 2e49a94be553eda95a913c17754ce37bf8670577..a60422aca17733c2bba8d7e3556719d777fac0c2 100644 (file)
--- a/servers/slapd/overlays/refint.c
+++ b/servers/slapd/overlays/refint.c
@@ -242,6 +242,17 @@ refint_cf_gen(ConfigArgs *c)
                 switch ( c->type ) {
                 case REFINT_ATTRS:
                         rc = 0;
+                       if ( c->op != SLAP_CONFIG_ADD && c->argc > 2 ) {
+                               /* We wouldn't know how to delete these values later */
+                               snprintf( c->cr_msg, sizeof( c->cr_msg ),
+                                       "Please insert multiple names as separate %s values",
+                                       c->argv[0] );
+                               Debug( LDAP_DEBUG_CONFIG|LDAP_DEBUG_NONE,
+                                       "%s: %s\n", c->log, c->cr_msg );
+                               rc = LDAP_INVALID_SYNTAX;
+                               break;
+                       }
+
                         for ( i=1; i < c->argc; ++i ) {
                                 ad = NULL;
                                 if ( slap_str2ad ( c->argv[i], &ad, &text )
author	Ondřej Kuzník <ondra@mistotebe.net>
	Wed, 8 Dec 2021 17:15:40 +0000 (17:15 +0000)
committer	Quanah Gibson-Mount <quanah@openldap.org>
	Tue, 4 Jan 2022 22:34:32 +0000 (22:34 +0000)