On Tue, 2022-03-29 at 20:43 +0100, Raf Czlonka wrote:
> > Synopsis: ldap(1) search doesn't seem to working properly
> > Category: system
> > Environment:
> System : OpenBSD 7.1
> Details : OpenBSD 7.1-beta (GENERIC.MP) #444: Sun Mar 27 11:33:24
> MDT 2022
>
> [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
>
> Architecture: OpenBSD.amd64
> Machine : amd64
> > Description:
> ldap(1) search seems broken - doesn't show the attribute
> which has been explicitly requested
> > How-To-Repeat:
> $ ldap search -b 'ou=users,dc=debian,dc=org' -H db.debian.org -Z uid |
> grep ^uid | wc -l
> 0
>
> Only dn is shown, not uid, as expected.
> > Fix:
> This has been reported last year on misc@[0]; then martijn@
> moved it to tech@[1] and sent a diff, with a follow-up
> January[2].
>
> After a very quick test - essentially the same command as
> above - it seems like the proposed diff fixes the issue:
>
> $ /usr/obj/usr.bin/ldap/ldap search -b 'ou=users,dc=debian,dc=org' -H
> db.debian.org -Z uid | grep ^uid | wc -l
> 2240
>
> [0] https://marc.info/?l=openbsd-misc&m=163618291218790&w=2
> [1] https://marc.info/?l=openbsd-tech&m=163636158613557&w=2
> [2] https://marc.info/?l=openbsd-tech&m=164121477527625&w=2
>
> Regards,
>
> Raf
>
Anyone willing to OK this before release?
As stated in my original mail, this should also be applied to
libexec/login_ldap and usr.sbin/ypldap
martijn@
Index: aldap.c
===================================================================
RCS file: /cvs/src/usr.bin/ldap/aldap.c,v
retrieving revision 1.9
diff -u -p -r1.9 aldap.c
--- aldap.c 24 Oct 2019 12:39:26 -0000 1.9
+++ aldap.c 30 Mar 2022 14:58:05 -0000
@@ -580,15 +580,15 @@ int
aldap_first_attr(struct aldap_message *msg, char **outkey,
struct aldap_stringset **outvalues)
{
- struct ber_element *b, *c;
+ struct ber_element *b;
char *key;
struct aldap_stringset *ret;
if (msg->body.search.attrs == NULL)
goto fail;
- if (ober_scanf_elements(msg->body.search.attrs, "{s(e)}e",
- &key, &b, &c) != 0)
+ if (ober_scanf_elements(msg->body.search.attrs, "{s(e)}",
+ &key, &b) != 0)
goto fail;
msg->body.search.iter = msg->body.search.attrs->be_next;
@@ -610,7 +610,7 @@ int
aldap_next_attr(struct aldap_message *msg, char **outkey,
struct aldap_stringset **outvalues)
{
- struct ber_element *a, *b;
+ struct ber_element *a;
char *key;
struct aldap_stringset *ret;
@@ -622,8 +622,7 @@ aldap_next_attr(struct aldap_message *ms
if (ober_get_eoc(msg->body.search.iter) == 0)
goto notfound;
- if (ober_scanf_elements(msg->body.search.iter, "{s(e)}e", &key, &a, &b)
- != 0)
+ if (ober_scanf_elements(msg->body.search.iter, "{s(e)}", &key, &a) != 0)
goto fail;
msg->body.search.iter = msg->body.search.iter->be_next;
