[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: peername + openldap 2.2.4

To: Quanah Gibson-Mount <quanah@stanford.edu>
Subject: Re: peername + openldap 2.2.4
From: Frank Swasey <Frank.Swasey@uvm.edu>
Date: Wed, 7 Jan 2004 14:53:02 -0500 (EST)
Cc: openldap-software@OpenLDAP.org
In-reply-to: <170307198.1073474449@cadabra.stanford.edu>
References: <1073445880.27620.43.camel@lin-workstation.azapple.com> <3FFBCC1F.7000204@central.susx.ac.uk> <165518543.1073469660@cadabra.stanford.edu> <63465.81.72.89.40.1073502722.squirrel@webmail.sys-net.it> <170307198.1073474449@cadabra.stanford.edu>

Today at 11:20am, Quanah Gibson-Mount wrote:

> --On Wednesday, January 07, 2004 8:12 PM +0100 Pierangelo Masarati
> <ando@sys-net.it> wrote:
>
> > Moreover, the default
> > for unqualified acl patterns is now EXACT rather than REGEX.
> >
> > Try

> >         peername.regex="^IP=139\.184\.*"

> I used:
>
> peername="127.0.0.1"
>
> This works perfectly in OpenLDAP 2.1.  It does not work at all in OpenLDAP
> 2.2.

So, change it to specify peername.regex which is what it defaulted to in
OpenLDAP 2.1.  In OpenLDAP 2.2, it's defaulting to peername.exact and it
isn't exactly matching (never did).

-- 
Frank Swasey                    | http://www.uvm.edu/~fcs
Systems Programmer              | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
                    === God Bless Us All ===

References:
- acl fun
  - From: Craig White <craigwhite@azapple.com>
- peername + openldap 2.2.4
  - From: D.M.Lewney@sussex.ac.uk (Dave Lewney)
- Re: peername + openldap 2.2.4
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: peername + openldap 2.2.4
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: peername + openldap 2.2.4
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: slapd not using secure port.
Next by Date: Re: Help Me!!!!!!!!
Index(es):
- Chronological
- Thread