]> git.ipfire.org Git - thirdparty/openldap.git/commitdiff
projects / thirdparty / openldap.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c1912fb)
ITS#9370 check for equality rule on old_rdn
authorHoward Chu <hyc@openldap.org>
Mon, 19 Oct 2020 13:03:41 +0000 (14:03 +0100)
committerHoward Chu <hyc@openldap.org>
Mon, 19 Oct 2020 13:03:41 +0000 (14:03 +0100)
We should probably just check in dnNormalize instead, and catch
this everywhere DNs are received. It might make us reject some
DNs that are already in use, though (e.g. received from other
directory servers that don't do schema checking).

servers/slapd/modrdn.c patch | blob | blame | history

diff --git a/servers/slapd/modrdn.c b/servers/slapd/modrdn.c
index 68e08ce8821e0887c0f710c7aa80e038a30bdba8..fbd7639f422e6fc4d33a516849a524951c59cca1 100644 (file)
--- a/servers/slapd/modrdn.c
+++ b/servers/slapd/modrdn.c
@@ -499,6 +499,16 @@ slap_modrdn2mods(
                                        old_rdn[d_cnt]->la_attr.bv_val );
                                goto done;              
                        }
+                       if ( !desc->ad_type->sat_equality ) {
+                               Debug( LDAP_DEBUG_TRACE,
+                                       "%s slap_modrdn2mods: %s: %s (old)\n",
+                                       op->o_log_prefix,
+                                       rs->sr_text,
+                                       old_rdn[ d_cnt ]->la_attr.bv_val );
+                               rs->sr_text = "naming attribute has no equality matching rule";
+                               rs->sr_err = LDAP_NAMING_VIOLATION;
+                               goto done;
+                       }
 
                        /* Apply modification */
                        mod_tmp = ( Modifications * )ch_malloc( sizeof( Modifications ) );
Mirror of https://git.openldap.org/openldap/openldap.git