Description of problem: nsslapd-maxbersize misinterprets assigned value
Version-Release number of selected component (if applicable): [root@dhcp201-149 ~]# rpm -qa | grep 389 389-adminutil-1.1.15-3.fc19.1.x86_64 389-admin-console-1.1.8-5.fc19.noarch 389-dsgw-1.1.10-1.fc19.x86_64 389-console-1.1.7-4.fc19.noarch 389-ds-base-libs-1.3.1.6-12.el7.x86_64 389-admin-1.1.31-1.fc19.2.x86_64 389-ds-console-1.2.7-2.fc19.noarch 389-admin-console-doc-1.1.8-5.fc19.noarch 389-ds-1.2.2-4.fc19.noarch 389-ds-base-1.3.1.6-12.el7.x86_64 389-ds-console-doc-1.2.7-2.fc19.noarch [root@dhcp201-149 ~]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.0 Beta (Maipo)
How reproducible: Always
Steps to Reproduce: 1.[root@dhcp201-149 ~]# ldapmodify -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 << EOF
dn: cn=config changetype: modify replace: nsslapd-maxbersize nsslapd-maxbersize: 2,147,483,647 EOF modifying entry "cn=config"
[root@dhcp201-149 ~]# ldapadd -x -h localhost -p 389 -D "cn=Directory Manager" -w Secret123 -f /export/a.ldif adding new entry "cn=Jennifer1 J Jensen, dc=example, dc=com" ldapadd: update failed: cn=Jennifer1 J Jensen, dc=example, dc=com ldap_add: Can't contact LDAP server (-1)
AND for all other LDAP operation it will give :: ldap_result: Can't contact LDAP server (-1)
Access Logs :: [02/Jan/2014:15:20:28 +051800] conn=9 op=0 RESULT err=0 tag=97 nentries=0 etime=0 dn="cn=directory manager" [02/Jan/2014:15:20:28 +051800] conn=9 op=-1 fd=64 closed error 34 (Numerical result out of range) - B2
Error Logs :: [02/Jan/2014:15:20:28 +051800] connection - conn=9 fd=64 Incoming BER Element was too long, max allowable is 2097152 bytes. Change the nsslapd-maxbersize attribute in cn=config to increase.
Actual results: All LDAP operation will fail
Expected results: There should be validation while assigning value to the attribute nsslapd-maxbersize
Additional info: config_set_maxbersize converts the input string using "atoi", which does 2,147,483,647 into 2.
This was fixed in 1.3.3 via:
https://fedorahosted.org/389/ticket/47437
Metadata Update from @mreynolds: - Issue set to the milestone: FUTURE
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1000
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Duplicate)
Login to comment on this ticket.