upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2026-05-26 03:24:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

ITS#10503 authzTo: reject member attributes with non-DN syntax

Browse source
This commit is contained in:
Howard Chu 2026-05-13 14:51:27 +01:00 committed by Quanah Gibson-Mount
parent 12656a7ca7
commit 0c8a5875d0
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
servers/slapd/saslauthz.c
View file

@ -368,6 +368,10 @@ is_dn: bv.bv_len = in->bv_len - ( bv.bv_val - in->bv_val );
if ( rc != LDAP_SUCCESS ) {
return rc;
}
if (ad->ad_type->sat_syntax != slap_schema.si_syn_distinguishedName &&
!is_at_syntax( ad->ad_type, SLAPD_NAMEUID_SYNTAX )) {
return LDAP_INVALID_SYNTAX;
}
}
if ( oc_bvfind( &group_oc ) == NULL ) {