Re: [exim] exim LDAP bug with default *@ lookups?

Top Page
Delete this message
Reply to this message
Author: Nigel Wade
Date:  
To: exim-users
Subject: Re: [exim] exim LDAP bug with default *@ lookups?
Phil Pennock wrote:
> On 2006-11-20 at 09:39 +0100, Marten Lehmann wrote:
>> how can I use wildcard-lookups with LDAP?
>
> Can someone experienced with LDAP/exim tell me if I've hit a bug whilst
> looking into answering this? I can't be sure because it's barfing in
> the client side without talking to the server.
>
> Looking up two attributes, one of which exists and one doesn't, I get
> the text below; the second lookup issues the LDAP query but then fails
> internally when trying to do the *@ fallback. Same problem if I use
> ldap*@ instead of ldapm*@. It seems that Exim trying to construct the
> *@ fallback puts something bad into the ldap client libraries.
>
> "exim -be", syslog from slapd, "exim -d+all -be".
>
> (and anyone with a brain can guess the real value of "spammers-foad" --
> I get too much spam trying to reach me at any address used to post to
> exim-users)
>
> Regards,
> -Phil
>


>
>> ${lookup ldapm*@ {ldapi://%2fvar%2frun%2fopenldap%2fldapi/ou=People,dc=spodhuis,dc=org?cn?sub?(mail=spammers-foad@???)}}
> 23:42:53 72871 expanding: ldapi://%2fvar%2frun%2fopenldap%2fldapi/ou=People,dc=spodhuis,dc=org?cn?sub?(mail=spammers-foad@???)
> 23:42:53 72871    result: ldapi://%2fvar%2frun%2fopenldap%2fldapi/ou=People,dc=spodhuis,dc=org?cn?sub?(mail=spammers-foad@???)
> 23:42:53 72871 search_open: ldapm "NULL"
> 23:42:53 72871 search_find: file="NULL"
> 23:42:53 72871   key="ldapi://%2fvar%2frun%2fopenldap%2fldapi/ou=People,dc=spodhuis,dc=org?cn?sub?(mail=spammers-foad@???)" partial=-1 affix=NULL starflags=2


The above shows a valid LDAP search key.


[snip]

> 23:42:59 72871 trying default match *@spodhuis.org)
> 23:42:59 72871 internal_search_find: file="NULL"
> 23:42:59 72871 type=ldapm key="*@spodhuis.org)"
> 23:42:59 72871 database lookup required for *@spodhuis.org)


The above is what the "default" lookup is attempting to use as a key, which is
not right (see above).

According the manual default values are only applicable to single-key lookups
(and that doesn't include LDAP). I think you have to use 2 searches, a first
specific search, and if that fails, a second "default" search.

-- 
Nigel Wade, System Administrator, Space Plasma Physics Group,
             University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@???
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555