Summary: PCRE breaks SASL Mapping https://bugzilla.redhat.com/show_bug.cgi?id=504383 Summary: PCRE breaks SASL Mapping Product: 389 Version: 1.2.1 Platform: All OS/Version: Linux Status: NEW Severity: high Priority: high Component: Directory Server AssignedTo: nhosoi@xxxxxxxxxx ReportedBy: rmeggins@xxxxxxxxxx QAContact: ckannan@xxxxxxxxxx CC: nkinder@xxxxxxxxxx Blocks: 434915,495079 Estimated Hours: 0.0 Classification: Other Target Release: --- [Description of the problem] The old regex code used \( \) to indicate grouping for use with \& and \1, \2, etc. PCRE uses () instead. When you upgrade to a directory server that uses PCRE, the sasl mapping code will look for literal '(' and ')' in the patternand will fail.
I'm not sure what the best way to handle this is.
1) When reading the sasl mapping config, we could just convert \( and \) to (
and ), and write the fixes back out to the config. That is probably the
easiest way to handle upgrades.
2) Have setup -u go in and fix all of the configs.
1) is probably simpler, but might cause confusion if someone really did have a
( in a pattern, and really did want to match a literal '(' character.
[Fix Description]
I chose the first suggestion by Rich 1).
When getting a regular expression from the config file for sasl mapping, unescape parenthesis in the regular expression.
E.g., ^u:\(.*\) ==> ^u:(.*)
This unescape is necessary for the new regex code using PCRE
to keep the backward compatibility.
>From 5c3eb36aaa05e9cd4eaa923e337d3b55cf584a39 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Tue, 23 Jun 2009 13:51:14 -0700
Subject: [PATCH] 504383 PCRE breaks SASL Mapping
Fix Description: unescape parenthesis in the regular expression.
E.g., ^u:\(.*\) ==> ^u:(.*)
This unescape is necessary for the new regex code using PCRE
to keep the backward compatibility.
---
ldap/servers/slapd/sasl_map.c | 25 ++++++++++++++++++++++++-
1 files changed, 24 insertions(+), 1 deletions(-)
diff --git a/ldap/servers/slapd/sasl_map.c b/ldap/servers/slapd/sasl_map.c
index 10a0cf4..637ea5d 100644
--- a/ldap/servers/slapd/sasl_map.c
+++ b/ldap/servers/slapd/sasl_map.c
@@ -274,6 +274,29 @@ freeConfigEntry( Slapi_Entry ** e ) {
}
}
+/*
+ * unescape parenthesis in the regular expression.
+ * E.g., ^u:\(.*\) ==> ^u:(.*)
+ * This unescape is necessary for the new regex code using PCRE
+ * to keep the backward compatibility.
+ */
+char *
+_sasl_unescape_parenthesis(char *input)
+{
+ char *s = NULL;
+ char *d = NULL;
+
+ for (s = input, d = input; s && *s; s++) {
+ if (*s == '\\' && *(s+1) && (*(s+1) == '(' || *(s+1) == ')')) {
+ *d++ = *(++s);
+ } else {
+ *d++ = *s;
+ }
+ }
+ *d = '\0';
+ return input;
+}
+
static int
sasl_map_config_parse_entry(Slapi_Entry *entry, sasl_map_data **new_dp)
{
@@ -284,7 +307,7 @@ sasl_map_config_parse_entry(Slapi_Entry *entry, sasl_map_data **new_dp)
char *map_name = NULL;
*new_dp = NULL;
- regex = slapi_entry_attr_get_charptr( entry, "nsSaslMapRegexString" );
+ regex = _sasl_unescape_parenthesis(slapi_entry_attr_get_charptr( entry, "nsSaslMapRegexString" ));
basedntemplate = slapi_entry_attr_get_charptr( entry, "nsSaslMapBaseDNTemplate" );
filtertemplate = slapi_entry_attr_get_charptr( entry, "nsSaslMapFilterTemplate" );
map_name = slapi_entry_attr_get_charptr( entry, "cn" );
--
1.6.0.6
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
-- 389-devel mailing list 389-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-devel
