[Issue 10184] New: slapo-translucent

[openldap-its]

https://bugs.openldap.org/show_bug.cgi?id=10184

          Issue ID: 10184
           Summary: slapo-translucent
           Product: OpenLDAP
           Version: 2.6.3
          Hardware: x86_64
                OS: Linux
            Status: UNCONFIRMED
          Keywords: needs_review
          Severity: normal
          Priority: ---
         Component: overlays
          Assignee: b...@openldap.org
          Reporter: marco.espos...@gmail.com
  Target Milestone: ---

I am currently experiencing an issue with an OpenLDAP instance configured with
the slapo-translucent overlay.

After performing an ldapmodify:

# ldapmodify -x -D cn=Manager,dc=example,dc=com -W -H ldap:/// <<EOF
dn: uid=user,ou=People,dc=example,dc=com
changetype: modify
replace: uidNumber
uidNumber: 99
EOF

LDAP queries requesting only translucent local attributes do not return results
unless both the remote and local attributes are included in the filter. Here is
an example illustrating the behavior:

Query with both remote and local attributes in the filter after ldapmodify
(works correctly):

# ldapsearch -x -D "cn=Manager,dc=example,dc=com" -W -H ldap:/// -b
"ou=People,dc=example,dc=com" "(uid=user)" uid uidNumber
# extended LDIF
#
# LDAPv3
# base <ou=People,dc=example,dc=com> with scope subtree
# filter: uid=user
# requesting: uid uidNumber 
#

# user, People, example.com
dn: uid=user,ou=People,dc=example,dc=com
uidNumber: 99
uid: user

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Query with only local attributes in the filter after ldapmodify (does not
return results):

# ldapsearch -x -D "cn=Manager,dc=example,dc=com" -W -H ldap:/// -b
"ou=People,dc=example,dc=com" "(uid=user)" uidNumber
# extended LDIF
#
# LDAPv3
# base <ou=People,dc=example,dc=com> with scope subtree
# filter: uid=user
# requesting: uidNumber 
#

# search result
search: 2
result: 0 Success

# numResponses: 1


While attempting to debug the issue, I believe the problem may be related to
the code in lines 928 - 940 of the file overlays/translucent.c:

https://git.openldap.org/openldap/openldap/-/blob/master/servers/slapd/overlays/translucent.c#L931

Specifically, I suspect that the issue may be related to the conditions within
the 'if' statement.

I have carefully reviewed the slapd instance configuration and overlay
settings, but I have not been able to identify the root cause. Any assistance
or advice on resolving this issue would be greatly appreciated.

Thank you for your time and support.

Best regards,
Marco

-- 
You are receiving this mail because:
You are on the CC list for the issue.