Description Dirk Ahrnke 2022-07-11 17:40:40 CEST

+++ This bug was initially created as a clone of Bug #31606 +++

It is possible to silently prevent slapd from starting by using comma and whitespace to separate IP addresses in ldap/acl/read/ips.

A simple strip() could prevent that from happening:

# diff -Nur 70univention-ldap-server_acl-master-end.orig 70univention-ldap-server_acl-master-end
--- 70univention-ldap-server_acl-master-end.orig        2013-06-03 10:27:49.000000000 +0200
+++ 70univention-ldap-server_acl-master-end     2013-06-03 10:28:01.000000000 +0200
@@ -142,7 +142,7 @@
        ldap_acl_read_anonymous_ips = configRegistry.get('ldap/acl/read/ips')
        if ldap_acl_read_anonymous_ips:
                for ip in ldap_acl_read_anonymous_ips.split(','):
-                       print '   by peername.ip=%s read' % ip
+                       print '   by peername.ip=%s read' % ip.strip()
 else:
        print '   by * read'