[Date Prev][Date Next] [Chronological] [Thread] [Top]

DN Validation

To: Open Ldap <openldap-software@openldap.org>
Subject: DN Validation
From: Tod Schmidt <tschmidty@yahoo.com>
Date: Wed, 13 Jan 2010 08:22:41 -0800 (PST)
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1263399761; bh=WyqlG2iBEMF5sLnBGasQ4rERwwkdHSXb4H8MBwzNcuQ=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=LUyEt4rbP7zhbevL3uLZylaW8ymIGo2YhNhtKbae4r9At9C/uoK3j+a8jiqJGxSVfemsecX+OO+1A4dmh3Csxprc2p3Dk3YNt/rEPLqaf8a6sgVNrQbh19dcReUqwrhLyQgMCkfe6NG/CEKq8WvPCike0e2s0H83u3Ckg7BYx94=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=Fdm2LweWjq8Cr8m9f/q9Ggvs4jmErDcfJNQ5b3XsArQGeaTXXqL24KsmgG+OXoKHPaThxyDcLt+deqmzfn7Gp6QNhamARqKIFJrGQY30/Tipt7zO5yZmeHZSIfBTwN1KuqzE6xVeL5nD/9IV8Xrj6aClsBXxixn6UTXuZ6HK1ys=;

I am running into an issue when trying to rewrite the bindDN where the function ldap_bv2dn is called before rewriting and rejecting certain dn values.

Specifically I am trying to bind using just the email address, in the form "user@host.net" however this gets flagged and returns -4, ldap decoding error.

>>> dnPrettyNormal: <user@host.net>
=> ldap_bv2dn(user@host.net,0)
ldap_err2string
<= ldap_bv2dn(user@host.net)=-4 Decoding error
bind: invalid dn (user@host.net)
send_ldap_result: conn=0 op=0 p=3
send_ldap_result: err=34 matched="" text="invalid DN"

Using an attribute form, "mail=user@host.net" gets properly passed to the rewrite function and all works as expected.

My question is whether there is any way around the validation that is performed before the rewrite beyond hacking the source code.

Any help is appreciated.

Thanks,
Tod Schmidt

Prev by Date: trouble setting initial replication between multiple masters
Next by Date: Re: multiple replication scenarios questions
Index(es):
- Chronological
- Thread