ITS#6570 part #1 (again), reject RDNs with binary BER values

author Howard Chu <hyc@openldap.org>

Mon, 7 Jun 2010 00:02:32 +0000 (00:02 +0000)

committer Howard Chu <hyc@openldap.org>

Mon, 7 Jun 2010 00:02:32 +0000 (00:02 +0000)
author Howard Chu <hyc@openldap.org>
Mon, 7 Jun 2010 00:02:32 +0000 (00:02 +0000)
committer Howard Chu <hyc@openldap.org>
Mon, 7 Jun 2010 00:02:32 +0000 (00:02 +0000)
diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c

index 5b1adbf6da626130ada9b5dce0bc53dd2a685751..6383a7b2bfc34223002efe0ba4c438d1567c635a 100644 (file)
--- a/servers/slapd/dn.c
+++ b/servers/slapd/dn.c
@@ -302,16 +302,13 @@ LDAPRDN_rewrite( LDAPRDN rdn, unsigned flags, void *ctx )
                 ava->la_attr = ad->ad_cname;
  
                 if( ava->la_flags & LDAP_AVA_BINARY ) {
-                       if( ava->la_value.bv_len == 0 ) {
-                               /* BER encoding is empty */
-                               return LDAP_INVALID_SYNTAX;
-                       }
+                       /* AVA is binary encoded, not supported */
+                       return LDAP_INVALID_SYNTAX;
  
                         /* Do not allow X-ORDERED 'VALUES' naming attributes */
                 } else if( ad->ad_type->sat_flags & SLAP_AT_ORDERED_VAL ) {
                         return LDAP_INVALID_SYNTAX;
  
-                       /* AVA is binary encoded, don't muck with it */
                 } else if( flags & SLAP_LDAPDN_PRETTY ) {
                         transf = ad->ad_type->sat_syntax->ssyn_pretty;
                         if( !transf ) {
author	Howard Chu <hyc@openldap.org>
	Mon, 7 Jun 2010 00:02:32 +0000 (00:02 +0000)
committer	Howard Chu <hyc@openldap.org>
	Mon, 7 Jun 2010 00:02:32 +0000 (00:02 +0000)