[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5614) Ignore invalid search filters

hyc@symas.com wrote:

> I don't think ldap_munge_filter() is adequate any more. Note that filter2bv 
> doesn't use (?=undefined) for unknown attributeTypes or illegal values any 
> more, it uses (?<attr>=<value>). This change was made to allow the log 
> messages to show what the actual offending values were. A better strategy here 
> may be to walk the Filter tree and look for 
> (f->f_choice&SLAPD_FILTER_UNDEFINED) before making the search request, so that 
> no retries are needed.

That's what the new patch does, for example, for back-meta.  However, we 
still need somehow to "unparse" the filter to allow those substitutions 
the proxy must honor, like "(?=true)", "(?=false)".


Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   ando@sys-net.it