changed notes changed state Open to Suspended moved from Incoming to Development
Full_Name: mei-hui su Version: openldap 2.0 latest OS: solaris 2.7 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (128.9.64.206) Hi, In servers/slapd/sasl.c around line #475 } else if ( username[0] == 'u' && username[1] == ':' && username[2] != '\0' && strpbrk( &username[2], "=,;\"\\") == NULL ) <<-- the strpbrk should not check for '=' because it is possible to have userid with '=' as part of attributeTypeAndValue. For example, X.509 userids (i.e. subject names). mei
The strpbrk is used to ensure that a valid DN is produce. The code probably should escape the value as necessary (of course, this makes for uglier regex'ing). Mark is working in this area, I'll leave it to him to sort out a reason path. You may want to comment on his proposal (on the devel list). Kurt
moved from Development to Software Enhancements
moved from Software Enhancements to Development
changed notes changed state Suspended to Closed
Authzid code replaced