[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: authz-regexp and invalid filters

To: "David Hawes" <dhawes@vt.edu>
Subject: Re: authz-regexp and invalid filters
From: masarati@aero.polimi.it
Date: Wed, 28 Apr 2010 16:37:51 +0200 (CEST)
Cc: OpenLDAP <openldap-software@openldap.org>
Importance: Normal
In-reply-to: <4BD74241.3040500@vt.edu>
References: <4BD74241.3040500@vt.edu>
User-agent: SquirrelMail/1.4.15

> When using a search-based mapping for an authentication DN to a user's
> DN, certain characters, namely '(' and ')', will cause the mapping to
> fail.  In order for the mapping to succeed, the characters need to be
> properly escaped so they pass str2filter().
>
> Is there any reason that special characters used in authz-regexp filters
> should not be escaped when using search-based mappings?
>
> I am testing this with 2.4.21.

I guess this circumstance was simply overlooked.  It should be improbable,
because usually in authz-regexp filters are supposed to contain, or to be
related to, userids.  I suggest you file an ITS
<http://www.openldap.org/its/>.

p.

References:
- authz-regexp and invalid filters
  - From: David Hawes <dhawes@vt.edu>

Prev by Date: authz-regexp and invalid filters
Index(es):
- Chronological
- Thread