View Issue Details

IDProjectCategoryView StatusLast Update
0001816SOGoBackend Generalpublic2012-05-31 14:05
Reporterryacketta Assigned Toludovic  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
Product Version1.3.14 
Target Version1.3.16Fixed in Version1.3.16 
Summary0001816: LDAP group expanding fails due to case-sensitive objectClass search
Description

SOGoGroup.m looks for posixGroup while LDAPSource.m lower cases each objectClass before searching for posixgroup. LDAp is case-insensitive, one can search for posixgroup or posixGroup with proper return results.

Searching through the code I notice

in ./SOGo/SoObjects/SOGo/SOGoGroup.m you search classes (a NSArray) as such

// We check to see if it's a group
classes = [[entry attributeWithName: @"objectClass"] allStringValues];
...
[classes containsObject: @"posixGroup"])

while in ./SOGo/SoObjects/SOGo/LDAPSource.m
you lower case the LDAP query results before searching for posixgroup

// We get our objectClass attribute values. We lowercase
// everything for ease of search after.
o = [ldapEntry objectClasses];
classes = nil;

if (o)
{
int i, c;

  classes = [NSMutableArray arrayWithArray: o];
  c = [classes count];
  for (i = 0; i < c; i++)
    [classes replaceObjectAtIndex: i
             withObject: [[classes objectAtIndex: i] lowercaseString]];
}

if (classes)
{
// We check if our entry is a group. If so, we set the
// 'isGroup' custom attribute.
if ([classes containsObject: @"group"] ||
[classes containsObject: @"groupofnames"] ||
[classes containsObject: @"groupofuniquenames"] ||
[classes containsObject: @"posixgroup"])
{
[ldifRecord setObject: [NSNumber numberWithInt: 1]
forKey: @"isGroup"];
}
...

then do the following
[classes containsObject: @"posixgroup"])

Right now SOGo is using two different methods for find a objectClass, one is case-sensitive and the other is case-insensitive. This breaks group expansion if LDAP contains a camel cased objectClass entry (posixGroup).

TagsNo tags attached.

Issue History

Date Modified Username Field Change
2012-05-23 12:34 ryacketta New Issue
2012-05-23 12:44 ludovic Target Version => 1.3.16
2012-05-31 14:04 ludovic Note Added: 0003987
2012-05-31 14:04 ludovic Status new => resolved
2012-05-31 14:04 ludovic Resolution open => fixed
2012-05-31 14:04 ludovic Assigned To => ludovic
2012-05-31 14:05 ludovic Fixed in Version => 1.3.16
2012-05-31 14:05 ludovic Status resolved => closed