Bug 36343 - mdb backend finds base object by ldapsearch -s one -b "$ldap_base" objectclass=domain
mdb backend finds base object by ldapsearch -s one -b "$ldap_base" objectclas...
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.0-3-errata
Assigned To: Felix Botner
Arvid Requate
Depends on:
  Show dependency treegraph
Reported: 2014-10-29 17:32 CET by Arvid Requate
Modified: 2016-05-10 12:30 CEST (History)
5 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:
requate: Patch_Available+

fix_mdb_onelevel_search.patch (547 bytes, patch)
2014-10-30 15:06 CET, Arvid Requate
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2014-10-29 17:32:20 CET
I filed an upstream bug for this, see URL.

Code using SCOPE_ONELEVEL searches may show a change of behaviour. From a quick grep I see these candidates:


E.g. I would expect "base+one" in univention.uldap to return the base object twice when searching e.g. for objectclass=domain.

But the issue only occurs if a filter was specified for a scope "one" search which only matches the base of the search and none of the children.

+++ This bug was initially created as a clone of Bug #36169 +++
Comment 1 Arvid Requate univentionstaff 2014-10-30 15:06:35 CET
Created attachment 6265 [details]

Upstream patch.
Comment 2 Felix Botner univentionstaff 2015-09-11 15:08:26 CEST
cherry picked openldap from errata4.0-1 to errata4.0-3, added patch 97_bug36343.patch and built openldap in errata4.0-3.

YAML: 2015-09-11-openldap.yaml
Comment 3 Arvid Requate univentionstaff 2015-09-22 16:15:05 CEST
Ok, patch applied.
Applying patch 97_bug36343.patch using -p1
Output of the patch process:
patching file servers/slapd/back-mdb/search.c


and "univention-ldapsearch -s one objectClass=univentionBase  -LLL dn" works.

Advisory is ok, I removed support for ucs4.0-2, which has has ended today.
Comment 4 Janek Walkenhorst univentionstaff 2015-09-23 17:13:04 CEST