https://bugs.openldap.org/show_bug.cgi?id=10334
Issue ID: 10334
Summary: When there is no entry in ldap db getting success
response instead of noSuchObject
Product: OpenLDAP
Version: unspecified
Hardware: x86_64
OS: Linux
Status: UNCONFIRMED
Keywords: needs_review
Severity: normal
Priority: ---
Component: slapd
Assignee: [email protected]
Reporter: [email protected]
Target Milestone: ---
Created attachment 1065
--> https://bugs.openldap.org/attachment.cgi?id=1065&action=edit
noSuchobject overlay module
Hi Team,
We are hosting an LDAP server on an Ubuntu Linux system, and our requirement is
to return a noSuchObject error in the LDAP response when a search yields no
results, instead of returning a success response.
we are using below search command.
ldapsearch -b "ou=Subscribers,ou=sda,o=centertel.pl" -D "cn=admin" -w "XXXXX"
-H ldap://ip:389 -v -s sub "ptkSubscriberIMSI=26003123456789"
This command is trying to search for the imsi under the base dn by using the
filter. in this case if there is no entry present in db we are expecting
noSuchObject (32) response from ldap.
We tried to build overlay by using below c++ script to modify the default ldap
behaviour to get nosuchobject when there is no entry in db.
#include "portable.h" // Required for OpenLDAP build environment
#include <stdio.h>
#include <ac/string.h> // OpenLDAP-specific replacements
#include <ac/regex.h> // Brings in regex_t, regmatch_t
#include <ldap.h>
#include "slap.h"
#include <stdio.h>
#include <ldap.h>
#include <slap.h>
int my_overlay_search(Operation *op, SlapReply *rs) {
// Correct call to next overlay/backend
int rc = overlay_op_walk(op, rs, SLAP_OP_SEARCH, (slap_overinfo
*)op->o_bd->bd_info, NULL);
if (rs->sr_err == LDAP_SUCCESS && rs->sr_entry == NULL) {
rs->sr_err = LDAP_NO_SUCH_OBJECT;
rs->sr_text = "No such object found";
Debug(LDAP_DEBUG_ANY, "Custom overlay: noSuchObject error
triggered\n");
}
return rc;
}
and by using below command build .so file
gcc -fPIC -shared \
-I "$OPENLDAP_SRC/include" \
-I "$OPENLDAP_SRC/servers/slapd" \
-I "$OPENLDAP_SRC/libraries/libldap" \
-I "$OPENLDAP_SRC/libraries/liblber" \
-o "my_overlay.c" "noSuchobject_overlay.so" \
-lldap
we didnt get any error while building the .so file.
but while loading the module by using below ldif file content getting error
dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: /usr/lib/ldap/noSuchobject_overlay.so
config="/etc/ldap/ldap.conf"
root@lodsto-essvt:~# ldapmodify -Q -Y EXTERNAL -H ldapi:/// -f
new_load_overlay.ldif
modifying entry "cn=module{0},cn=config"
ldap_modify: Other (e.g., implementation specific) error (80)
additional info: <olcModuleLoad> handler exited with 1
and we got stuck in this module load.
May be can you review and propose proper steps and script to build the required
module to get expected ldap behaviour.
Thanks in advance.
--
You are receiving this mail because:
You are on the CC list for the issue.
