[strongSwan] attr-sql - case insensitive?
anders at anduras.de
Thu Jul 5 18:01:16 CEST 2018
Am 04.07.2018 um 16:23 schrieb Tobias Brunner:
> Hi Sven,
>> The name in the database matches the name the user configured in
>> their settings. So this is very error-prone.
>> Is it possible to match here case insensitive?
>> Or any other ideas?
> The `data` column of the `identities` table in the default schema uses a
> binary type (BLOB or varbinary), same goes for the queries where the
> argument is of type DB_BLOB (and not DB_TEXT). So the comparison here
> will always be via an exact binary match. I guess that's mostly for
> ASN.1 DNs, which couldn't be stored/compared directly as text.
> I suppose, if you only use e.g. email addresses as identities (i.e. no
> binary DNs) you could probably change the type of that column (e.g. to
> TEXT or varchar) and when using MySQL add `collate utf8_unicode_ci` for
> a case insensitive comparison. But you'd also need to change the type
> in the queries (in the attr-sql plugin and the pool tool, if you use
> it). At least I guess that's required, I didn't try what happens if the
> argument's type doesn't exactly match that of the column.
> Another option is probably to convert the identities to text and store
> and compare them as such, but that would also require several code changes.
Thank for the answer!
In other words:
I have to change to code to make it work this way.
At least the attr-sql plugin code.
Is this correct?
Sven Anders <anders at anduras.de> () UTF-8 Ribbon Campaign
/\ Support plain text e-mail
ANDURAS intranet security AG
Messestrasse 3 - 94036 Passau - Germany
Web: www.anduras.de - Tel: +49 (0)851-4 90 50-0 - Fax: +49 (0)851-4 90 50-55
Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety.
- Benjamin Franklin
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 339 bytes
Desc: not available
More information about the Users