Bug#175710: python-ldap modlist patch

Michael Ströder michael at stroeder.com
Sun Apr 20 11:54:52 CEST 2003

Domenico Andreoli wrote:
> hi Michael,
> the patch you are referring to is already in the python-ldap version i'm
> using and the problem is right in the "modlist.append((ldap.MOD_DELETE,attrtype,None))".
> the error i get is from deletion of an inexistent entry.
> i attached an example to reproduce the bug.

1. Note that your code does not work with OpenLDAP 2.1.x since this version 
does stricter error checking on entry data:

ldap.NAMING_VIOLATION: {'info': "naming attribute 'uid' is not present in 
entry", 'desc': 'Naming violation'}

2. Strictly spoken you are creating an invalid entry with

entry = make_entry(None)

The attribute value list of attribute 'description' is simply [ None ] which 
is filtered in modifyModlist() to []. But it means that the attribute is 
assumed to be existent in the old_entry. Non-existent attributes should not 
appear in the entry data at all.

Note: The diffing in modifyModlist() loops over new_entry.keys(). Whether an 
attribute is present in old_entry is determined by existence of the 
attribute type name in the dictionary's keys.

Ciao, Michael.

More information about the python-ldap mailing list