There is an incorrect assumption in the normalized DN cache code that if a DN and its normalized form have the same length then normalization did not occur. Here is a counter example:
dn: cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config dn: cn=replica,cn=o\3DNetscapeRoot,cn=mapping tree,cn=config
Here attached is a patch to fix this.
attachment 0018544666_1355755908_ndn-match-fix.patch
Thank you for the good test case. As you pointed out, if 'cn=replica,cn="o=NetscapeRoot",cn=mapping tree,cn=config' is given to ndn_cache_lookup, it does not correctly return the normalized dn 'cn=replica,cn=o\3DNetscapeRoot,cn=mapping tree,cn=config'.
git patch file (master) 0001-Ticket-547-Incorrect-assumption-in-ndn-cache.patch
Bug Description: In ndn_cache_lookup, to determine the given dn is already normalized or not, the length is compared with the normalized dn length. If they match, it considers the given dn is already normalized. But there are cases even if the lengths are equal, the given dn may not be normalized yet. (e.g., 'cn="o=ABC",o=XYZ' vs. 'cn=o\3DABC,o=XYZ')
Fix Description: This patch adds another check: if the dn and normalized dn length match, call memcmp to compare the 2 dn's. When memcmp returns 0, ndn_cache_lookup returns the passed dn.
ack
Reviewed by Mark (Thank you!!)
Pushed to master: commit 0c44a46
Metadata Update from @nhosoi: - Issue assigned to nhosoi - Issue set to the milestone: 1.3.1
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/547
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.