Escaping * in ldap filters
Peter Lambrechtsen
peter at crypt.nz
Mon Nov 14 09:33:17 CET 2016
Running 3.0.x head from a few months ago.
I'm trying to have a ldap search filter that if I don't have an existing
VSA set then default to a *
filter = "(&(SIID=%{Alc-Subsc-ID-Str})(Line=%{%{LineID}:-*}))"
That in theory should mean if I don't have a LineID included in the request
then I would return * instead, but it keeps on getting escaped.
(0) ldap.id: EXPAND (&(SIID=%{Alc-Subsc-ID-Str})(Line=%{%{Line}:-*}))
(0) ldap.id: --> (&(tcnzFixedBUASIID=V_1999999)(Line=\2a))
(0) ldap.id: Performing search in "ou=Fixed,o=Identities" with filter
"(&(SIID=V_1999999)(Line=\2a))", scope "sub"
(0) ldap.id: Waiting for search result...
(0) ldap.id: Search returned no results
If I just have a filter set to * then it's fine;
filter = "(&(SIID=%{Alc-Subsc-ID-Str})(Line=*))"
Any way to stop the * from being escaped?
More information about the Freeradius-Users
mailing list