[email protected] wrote: >> No, thanks. The problem is that these specific statements do not >> prescribe a fixed number of arguments. Moreover, the function that uses >> the value resets the field when passed a NULL argument. If this behavior >> needs to be preserved, I have the right fix handy. Otherwise it might >> need more work. > > To be more specific: slapd's TLS configuration is registered without > enforcing a specific number of arguments. This check is delegated to the > underlying calls to ldap_pvt_tls_set_option() performed by > config_tls_option(). This poses two problems: > > - since the argument of these parameters is ARG_STRING, if no arg is > passed then ch_strdup() fails > > - fixing this (by skipping ch_strdup() if argc == 1, for example) results > in calling ldap_pvt_tls_set_option with a NULL value, which is a perfectly > legitimate value (it means: clear any existing value), but it may not be > appropriate in this context. > > Please advise whether the right fix is skip ch_strdup(), or enforcing a > requirement for argc == 2 for TLS-related fields.
I don't remember any particular reason why the argument count was omitted here. Looking back over release 2.2 I don't see any special provision for multiple arguments. I.e., it doesn't look like we need to accomodate longer argument lists here. And I don't see why we would want to NULL out any existing settings. Sounds like we should just require argc == 2. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
