Hi list, I'm writing about the recent bug reported by Enrico Scholz, as described in https://sourceforge.net/tracker/?func=detail&atid=1126467&aid=2933017&group_id=250683
The problem exists because there is no verification of the filter build with base on the ExtLookupQuery, when using the ldap driver. Now the BIG problem is that making a parser for that is no sweet potato at all. Unfortunately the OpenLDAP guys didn't make available in their public API the functions they regularly use to make such tests. All is done through a private API, meaning that such routines aren't available in any of their shared libs. I have went through their code and what we would apparently need is a function called ldap_pvt_put_filter. Porting that function, and its dependencies, would mean including a *not so small* part of their code in the dspam code. Maintaining such code would be a major PITA. That said, i'm frankly very open to sugestions. Best regards, Hugo Monteiro. -- fct.unl.pt:~# cat .signature Hugo Monteiro Email : hugo.monte...@fct.unl.pt Telefone : +351 212948300 Ext.15307 Web : http://hmonteiro.net Divisão de Informática Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa Quinta da Torre 2829-516 Caparica Portugal Telefone: +351 212948596 Fax: +351 212948548 www.ci.fct.unl.pt ap...@fct.unl.pt fct.unl.pt:~# _ ------------------------------------------------------------------------------ Throughout its 18-year history, RSA Conference consistently attracts the world's best and brightest in the field, creating opportunities for Conference attendees to learn about information security's most important issues through interactions with peers, luminaries and emerging and established companies. http://p.sf.net/sfu/rsaconf-dev2dev _______________________________________________ Dspam-devel mailing list Dspam-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-devel
