https://bugs.openldap.org/show_bug.cgi?id=9253
Bug ID: 9253
Summary: Access not retained when last examined olcAccess has a
"break" control
Product: OpenLDAP
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: normal
Priority: ---
Component: slapd
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
When the last examined olcAccess control is "break" then it does not
matter what access rights have been granted by the rules, access is
denied.
Reproduce by having a database with a single access rule:
to attrs=userPassword by anonymous =x
Note that ldapwhoami successfully does a simple bind.
Then, modify so that the single existing access rule is:
to attrs=userPassword by anonymous =x break
Users can no longer do a simple bind.
You will see similar behavior with SASL binds, or any number
of access rules. Access is denied when the the last examined access
control is "break".
The problem is at line 309 of: servers/slapd/acl.c
(In master/HEAD, and probably all versions)
--
You are receiving this mail because:
You are on the CC list for the bug.
