From: Pierangelo Masarati <ando@openldap.org>
Date: Mon, 23 Feb 2009 00:04:48 +0000 (+0000)
Subject: do not allow naming attribute repetitions in RDNs (ITS#5968)
X-Git-Tag: ACLCHECK_0~791
X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=34b34f6b63f333bd78dcf95502cc130993f9e487;p=openldap

do not allow naming attribute repetitions in RDNs (ITS#5968)
---

diff --git a/servers/slapd/dn.c b/servers/slapd/dn.c
index c3669d6406..638187411a 100644
--- a/servers/slapd/dn.c
+++ b/servers/slapd/dn.c
@@ -250,21 +250,8 @@ AVA_Sort( LDAPRDN rdn, int nAVAs )
 			ava_j = rdn[ j ];
 			a = strcmp( ava_i->la_attr.bv_val, ava_j->la_attr.bv_val );
 
-			if ( a == 0 ) {
-				int		d;
-
-				d = ava_i->la_value.bv_len - ava_j->la_value.bv_len;
-
-				a = memcmp( ava_i->la_value.bv_val, 
-						ava_j->la_value.bv_val,
-						d <= 0 ? ava_i->la_value.bv_len 
-							: ava_j->la_value.bv_len );
-
-				if ( a == 0 ) {
-					a = d;
-				}
-			}
-			/* Duplicates are not allowed */
+			/* RFC4512 does not allow multiple AVAs
+			 * with the same attribute type in RDN (ITS#5968) */
 			if ( a == 0 )
 				return LDAP_INVALID_DN_SYNTAX;