Run into this while setting up a new DN.
The DN in namespace only matches if it is normalized.
So it may be best to do this by default when adding a namespace.
With this using a capitalized namespace like "o=OpenBSD,c=CA" will
work. Also as a side note the rootdn is already normalized so no need
to fix that.
Totally unrelated but I could not resist to change the error check for
host from the somewhat funky <= 0 to a != 1 (host returns 1 on success and
0 and -1 on failure).
I will split this into two commits in the end.
--
:wq Claudio
Index: parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/ldapd/parse.y,v
retrieving revision 1.40
diff -u -p -r1.40 parse.y
--- parse.y 2 May 2021 14:39:05 -0000 1.40
+++ parse.y 6 Oct 2021 16:56:50 -0000
@@ -207,7 +207,7 @@ conf_main : LISTEN ON STRING port ssl ce
if (! interface($3, cert, &conf->listeners,
$4, $5)) {
if (host($3, cert, &conf->listeners,
- $4, $5) <= 0) {
+ $4, $5) != 1) {
yyerror("invalid virtual ip or
interface: %s", $3);
free($6);
free($3);
@@ -1206,15 +1206,16 @@ namespace_new(const char *suffix)
if ((ns = calloc(1, sizeof(*ns))) == NULL)
return NULL;
- ns->suffix = strdup(suffix);
ns->sync = 1;
ns->cache_size = 1024;
ns->index_cache_size = 512;
+ ns->suffix = strdup(suffix);
if (ns->suffix == NULL) {
free(ns->suffix);
free(ns);
return NULL;
}
+ normalize_dn(ns->suffix);
TAILQ_INIT(&ns->indices);
TAILQ_INIT(&ns->request_queue);
SIMPLEQ_INIT(&ns->acl);
