What you're printing is the template, not the result of the expansion. Change the printf() to output the value of "filter" instead, which contains (or should contain) the expansion of $d.
Note that ldap_search_ext_s() receives "filter", not ldap->ldap_descr->lud_filter.
________________________________________
From: opendkim-dev-bounce_at_lists.opendkim.org [opendkim-dev-bounce_at_lists.opendkim.org] On Behalf Of Mike Markley [mike_at_markley.org]
Sent: Thursday, February 18, 2010 2:29 PM
To: opendkim-dev_at_lists.opendkim.org
Subject: Re: stupid question on LDAP support
Already found the issue. The scan for $d/$D is only being done on the
dn, not the filter. Murray, was that by design? I'd think (logically and
based on your email describing the feature) that at least $d should work
in filters, too.
On Thu, Feb 18, 2010 at 02:24:33PM -0800, Mike Markley <mike_at_markley.org> wrote:
> It doesn't look like $d is actually getting substituted correctly in
> dkimf_db_mkldapquery(). I set up an environment for LDAP testing (don't mind
> the cringeworthy top-level suffix; it's old):
>
> $ ldapsearch -x -h localhost -b 'ou=dkim,dc=loopted,dc=com,o=internet' -s sub '(&(objectClass=dkimSelector)(dkimDomain=loopted.com))'
> # extended LDIF
> #
> # LDAPv3
> # base <ou=dkim,dc=loopted,dc=com,o=internet> with scope subtree
> # filter: (&(objectClass=dkimSelector)(dkimDomain=loopted.com))
> # requesting: ALL
> #
>
> # loopted.com, dkim, loopted, com, internet
> dn: dkimDomain=loopted.com,ou=dkim,dc=loopted,dc=com,o=internet
> objectClass: top
> objectClass: dkimSelector
> dkimDomain: loopted.com
> dkimPrivateKey: MIICXgIBAAKBgQDYzxBeKD+FgzvApipGDFDy7d1PgM84CPafF70vC9Sf3aGY9i
> [...]
>
> But opendkim -Q keeps not matching it. I threw in a quick printf("%s\n",
> ldap->ldap_descr->lud_filter) right before ldap_search_ext(), and:
> > ldap://localhost/ou=dkim,dc=loopted,dc=com,o=internet?dkimPrivateKey?sub?(&(objectClass=dkimDomain)(dkimDomain=$d))
> lt-opendkim: enter `query/n' where `n' is number of fields to request
> > loopted.com/1
> (&(objectClass=dkimDomain)(dkimDomain=$d))
> lt-opendkim: dkimf_db_get(): record not found
>
> I'll keep poking at it, but someone whose C is less rusty may very well
> be able to spot a silly typo somewhere while I'm still trying to figure
> it out.
--
Mike Markley <mike_at_markley.org>
Women professionals do tend to over-compensate.
- Dr. Elizabeth Dehaver, "Where No Man Has Gone Before",
stardate 1312.9.
Received on Thu Feb 18 2010 - 22:44:22 PST