Ticket History #8245: kerberos.ldif file has malformed entries

# Tue Sep 15 14:40:01 2015 wfiveash (Will Fiveash) - Ticket created

Subject:

kerberos.ldif file has malformed entries

Download (untitled) / with headers
text/plain 546B

This was reported internally at Oracle in regards to the Solaris version
of the kerberos.ldif file however the MIT v1.13.2 version also has the
following issue:

The file kerberos.ldif in usr/src/lib/krb5/plugins/kdb/ldap/libkdb_ldap has
two lines that start with tabs instead of equivalent spaces. These
lines are
rejected when imported by the OpenLDAP server. The LDAP spec requires
continuation lines to begin with at least two spaces.
.
48 SUBSTR caseExactSubstringsMatch
.
827 MAY ( krbObjectReferences ) )

# Tue Sep 15 14:53:15 2015 ghudson@mit.edu (Greg Hudson) - Correspondence added

Download (untitled) / with headers
text/plain 307B

It looks like these tabs were introduced in commit
5f860ff2232c3a56f736f3995b16263e84a0e848 (aka r18674) on 2006-10-10,
which first appeared in 1.6.

It's good to know that Solaris is using this file; it's not suitable for
OpenLDAP, so it doesn't get a lot of use.

I will plan to untabify the file soon.

# Tue Sep 15 14:57:36 2015 <will.fiveash@oracle.com> - Correspondence added

Date:	Tue, 15 Sep 2015 13:57:32 -0500
From:	Will Fiveash <will.fiveash@oracle.com>
To:	rt@krbdev.mit.edu
Subject:	Re: [krbdev.mit.edu #8245] kerberos.ldif file has malformed entries
RT-Send-Cc:

Download (untitled) / with headers
text/plain 633B

On Tue, Sep 15, 2015 at 02:53:15PM -0400, Greg Hudson via RT wrote:

Show quoted text

> It looks like these tabs were introduced in commit
> 5f860ff2232c3a56f736f3995b16263e84a0e848 (aka r18674) on 2006-10-10,
> which first appeared in 1.6.
>
> It's good to know that Solaris is using this file; it's not suitable for
> OpenLDAP, so it doesn't get a lot of use.

I was unaware it was unsuitable for OpenLDAP. How does one import this
schema into OpenLDAP?

Also, check the kerberos.schema file in the same dir as it too as the
same bogus tabs.

Show quoted text

> I will plan to untabify the file soon.

Thanks.

--
Will Fiveash
Oracle Solaris Software Engineer

# Wed Sep 16 11:53:49 2015 ghudson@mit.edu (Greg Hudson) - Correspondence added

Download (untitled) / with headers
text/plain 220B

People use the kerberos.schema file for OpenLDAP, typically using slapcat
to translate it to LDIF. Among other differences, OpenLDAP's directory
representation of schemas lives inside cn=config, rather than cn=schema.

# Wed Sep 16 12:06:58 2015 ghudson@mit.edu (Greg Hudson) - Given to ghudson@mit.edu (Greg Hudson)

# Wed Sep 16 12:06:58 2015 ghudson@mit.edu (Greg Hudson) - Status changed from 'new' to 'review'

# Wed Sep 16 12:06:58 2015 ghudson@mit.edu (Greg Hudson) - Correspondence added

From:	ghudson@mit.edu
Subject:	git commit

Download (untitled) / with headers
text/plain 468B

Untabify kerberos.schema and kerberos.ldif

Tabs are not equivalent to spaces in LDIF.

https://github.com/krb5/krb5/commit/dd2baa849b00fa1f26d722450f22f13e34e71af4
Author: Greg Hudson <ghudson@mit.edu>
Commit: dd2baa849b00fa1f26d722450f22f13e34e71af4
Branch: master
src/plugins/kdb/ldap/libkdb_ldap/kerberos.ldif | 12 +++++-----
src/plugins/kdb/ldap/libkdb_ldap/kerberos.schema | 24 +++++++++++-----------
2 files changed, 18 insertions(+), 18 deletions(-)

# Fri Sep 18 12:54:14 2015 tlyu (Taylor Yu) - Status changed from 'review' to 'resolved'

# Fri Sep 18 12:54:14 2015 tlyu (Taylor Yu) - Version_Fixed 1.14 added