From 6f5d1ca3b1563d0ed580a43ba711b3534b19234e Mon Sep 17 00:00:00 2001 From: Heiko Schlittermann Date: Thu, 11 Sep 2014 22:25:51 +0100 Subject: Fix ldap lookup for single-attr request, multiple-attr return. Bug 1521 Exim documented behaviour is that the single-request case controls the output format (by not labelling attributes with names). The code is broken for the case where attrs B, C are derived from A and A is requested (and the LDAP server used isn't buggy here; some are and only return A rather than A, B, C). --- src/src/lookups/ldap.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/src/lookups/ldap.c b/src/src/lookups/ldap.c index f77229ded..ef7ed9e34 100644 --- a/src/src/lookups/ldap.c +++ b/src/src/lookups/ldap.c @@ -797,7 +797,13 @@ while ((rc = ldap_result(lcp->ld, msgid, 0, timeoutptr, &result)) == DEBUG(D_lookup) debug_printf("LDAP attr loop %s:%s\n", attr, value); - if (values != firstval) + /* In case we requested one attribute only but got + * several times into that attr loop, we need to append + * the additional values. (This may happen if you derive + * attributeTypes B and C from A and then query for A.) + * In all other cases we detect the different attribute + * and append only every non first value. */ + if ((attr_count == 1 && data) || (values != firstval)) data = string_cat(data, &size, &ptr, US",", 1); /* For multiple attributes, the data is in quotes. We must escape -- cgit v1.2.3