[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7934) wrong search behavior in accesslog entries

alexoz66@gmail.com wrote:
> Full_Name: John Alex.
> Version: 2.4.39
> OS: FreeBSD 9.2
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (37.6.134.63)
>
>
> Values of reqAttr in accesslog entries are not searchable the normal way if they
> contain at least an uppercase character.

Thanks for the report, fixed in git master
>
> Even though the reqAttr attribute has a caseIgnoreMatch search rule, the only
> way to search for values containing uppercase characters is to explicitly use a
> caseExactMatch rule.
>
> Consider this accesslog entry for example:
>
> dn: reqStart=20140905054555.000001Z,cn=accesslog
> objectClass: auditSearch
> reqAttr: givenName
> reqAttrsOnly: FALSE
> reqAuthzID: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
> reqDerefAliases: never
> reqDN: dc=example,dc=com
> reqEnd: 20140905054555.000002Z
> reqEntries: 9
> reqFilter: (objectClass=*)
> reqResult: 0
> reqScope: sub
> reqSession: 1268
> reqSizeLimit: 500
> reqStart: 20140905054555.000001Z
> reqTimeLimit: 3600
> reqType: search
>
>
> Searching with "(reqAttr=givenName)" will not return results, while using
> "(reqAttr:caseExactMatch:=givenName)" will return the above entry. Accesslog
> entries where values of reqAttr contain only lowercase characters are returned
> correctly with the "(reqAttr=givenName)" filter.
>
> The same behavior can be observed with reqFilter (and probably other attributes
> as well but I didn't test).
>
> This applies to entries added to the db by the accesslog overlay and not to
> entries otherwise inserted.
>
>


-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/