[SERVER-28662] Do not pass NULL baseDN to ldap_search Created: 06/Apr/17 Updated: 07/Sep/21 Resolved: 29/Aug/17 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 3.4.7, 3.5.12 |
| Fix Version/s: | 3.4.11, 3.5.13 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Spencer Jackson | Assignee: | Spencer Jackson |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Backwards Compatibility: | Fully Compatible | ||||||||
| Operating System: | ALL | ||||||||
| Backport Requested: |
v3.4
|
||||||||
| Sprint: | Platforms 2017-09-11 | ||||||||
| Participants: | |||||||||
| Case: | (copied to CRM) | ||||||||
| Description |
|
libldap interprets a NULL baseDN as the default baseDN, which is defined in ldap.conf, rather than the empty baseDN. We transform queries for "" to NULL. We query for the "" baseDN to acquire the rootDSE. This can result in the query for the rootDSE being misdirected to the wrong baseDN. |
| Comments |
| Comment by Githook User [ 17/Jan/18 ] |
|
Author: {'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}Message: (cherry picked from commit 5531c6ca9204fbca8f8c09d562e46848154bc8db) |
| Comment by Githook User [ 29/Aug/17 ] |
|
Author: {'name': 'Spencer Jackson', 'email': 'spencer.jackson@mongodb.com', 'username': 'spencerjackson'}Message: |