[Date Prev][Date Next]
(ITS#3706) [enhancement] back-ldap/back-meta don't handle T-F filters
Full_Name: Pierangelo Masarati
OS: Linux (Whitebox)
Submission from: (NULL) (220.127.116.11)
Submitted by: ando
back-ldap and back-meta, when dealing with pre-computed filters that evaluate to
TRUE or FALSE as per <draft-zeilenga-ldap-t-f>, propagate the string "(?=true)"
or "(?=false)" which is used internally by slapd to mark "(&)" and "(|)",
According to <draft-zeilenga-ldap-t-f>, they should rather rewrite it back to
"(&)" and "(|)", if the remote server is known to support them; in any case, the
propagated string is meaningless.
A workaround for servers that don't support it could be "(objectClass=*)" and
"(!(objectClass=*))". A configuration switch could be defined that informs the
backend if the remote server supports the feature, or the backend could be
instructed about discovering the feature as per RFC3674.