node-ldapjs icon indicating copy to clipboard operation
node-ldapjs copied to clipboard

Published 20 hours ago verified publisher icon ldapjs

Remove lowercase conversion on searchResEntry objectName

Open stenh0use opened this issue 5 years ago • 7 comments

This PR addresses issue #645

This change fixes how DNs are formatted for searchResEntry messages.

Existing behavior forces the object class in the response to be in lower case regardless of how it is stored in the server.

eg. data in the database that is stored like the following:

camelCase=camelCase,cn=foo,o=test

This will be returned to the requester in the following format:

camelcase=camelCase,cn=foo,o=test

The new behavior once this PR is merged will allow for the server to send the response in the same format that the data is stored in the database.

eg.

camelCase=camelCase,cn=foo,o=test

stenh0use avatar Jul 28 '20 00:07 stenh0use

I'll fix the build once https://github.com/ldapjs/node-ldapjs/pull/646 is merged as some of the test DNs have spaces in them

stenh0use avatar Jul 28 '20 01:07 stenh0use

@jsumners what do you mean by non-breaking manner?

This change means that any DN that is not purely lower case will be returned by the server to the requester as they sent it.

We could potentially introduce a configurable option to default to existing behaviour but enable this to be turned on. I am not very familiar with the core code base, are there any examples of configurable features you could point me to? I can look at implementing something that does not change existing behaviour.

stenh0use avatar Jul 28 '20 12:07 stenh0use

This change means that any DN that is not purely lower case will be returned by the server to the requester as they sent it.

Current implementation would expect the lowercasing to happen. Changing this behavior is a breaking change.

We could potentially introduce a configurable option to default to existing behaviour but enable this to be turned on. I am not very familiar with the core code base, are there any examples of configurable features you could point me to? I can look at implementing something that does not change existing behaviour.

Your familiarity is probably on par with mine. I am indeed suggesting an option that can be passed along to the RDN constructor that would enable case parroting.

jsumners avatar Jul 28 '20 12:07 jsumners

No worries, I'll look into it when I get the chance.

stenh0use avatar Jul 30 '20 22:07 stenh0use

This is a Bad Idea. LDAP, which is a protocol, SHOULD NOT be manipulating values stored within the LDAP server.

DNs are the construction of RDNs that make up the DN and are LDAP Attribute Values and should NOT be manipulated by the Access Protocol. This would imply that a results from a user store would be different based on access protocol. (ie. SQL vs LDAP)

jwilleke avatar Oct 14 '20 12:10 jwilleke

@jwilleke I probably didn't explain my PR very well.

What you are saying is true, and is actually the problem that this PR addresses. The data in the ldap server is being converted to lowercase regardless of how it is stored.

stenh0use avatar Oct 14 '20 12:10 stenh0use

Yes this change makes sense.

Agree with @jsumners that the current behavior should be preserved, users should be given an option to use this feature.

@spookiej Please rephrase the PR description, I did not understand what you meant until I read the actual code changes and the discussions.

calvincheng8 avatar Dec 22 '20 16:12 calvincheng8

👋

On February 22, 2023, we released version 3 of this library. As a result, we are closing this issue/pull request.

Please see issue #839 for more information, including how to proceed if you feel this closure is in error.

jsumners avatar Feb 22 '23 19:02 jsumners