"Dieter Kluenter" dieter@dkluenter.de writes:
Hi, I face a strange behaviour of a authz regexp. This is part of my slapd.conf
authz-regexp "gidNumber=(.*)+uidNumber=(.*),cn=peercred,cn=external,cn= auth" "ldap:///o=avci,c=de?dn?sub?(&(uidNumber=$2)(gidNumber=$1))"
The result of a ldapwhoami:
SASL/EXTERNAL authentication started SASL username: gidNumber=100+uidNumber=1000,cn=peercred,cn=external,cn=auth SASL SSF: 0 dn:gidNumber=100+uidNumber=1000,cn=peercred,cn=external,cn=auth
A result of search ldapsearch -Y EXTERNAL -H ldapi:/// -b o=avci,c=de -s sub "(&(gidNumber=100)(uidNumber=1000))" dn
dn: cn=Dieter Kluenter,ou=Partner,o=avci,c=de result: 0 Success
This sequence looks a bit strange: ... 5cb44468 connection_read(16): checking for input on id=1000 ber_get_next ldap_read: want=8, got=7 0000: 30 05 02 01 03 42 00 0....B. ber_get_next: tag 0x30 len 5 contents: ber_dump: buf=0x7f4fa41040a0 ptr=0x7f4fa41040a0 end=0x7f4fa41040a5 len=5 0000: 02 01 03 42 00 ...B. 5cb44468 op tag 0x42, time 1555317864 ber_get_next ldap_read: want=8, got=0 ...
-Dieter