Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-28662

Do not pass NULL baseDN to ldap_search

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Fixed
    • Affects Version/s: 3.4.7, 3.5.12
    • Fix Version/s: 3.4.11, 3.5.13
    • Component/s: Security
    • Labels:
      None
    • Backwards Compatibility:
      Fully Compatible
    • Operating System:
      ALL
    • Backport Requested:
      v3.4
    • Sprint:
      Platforms 2017-09-11
    • Case:

      Description

      libldap interprets a NULL baseDN as the default baseDN, which is defined in ldap.conf, rather than the empty baseDN. We transform queries for "" to NULL. We query for the "" baseDN to acquire the rootDSE. This can result in the query for the rootDSE being misdirected to the wrong baseDN.

        Attachments

          Issue Links

            Activity

              People

              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: