[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: equal character forbidden in DN



Hendrik,

after discussion, the result is that '=' in DN string representations
is not allowed by current releases, based on our interpretation of
an ambiguous (and thus buggy) RFC 2253; Hallvard Furuseth points
out that draft-ietf-ldapbis-dn allows unescaped '=' as well as escaped
forms like '\=' and '\3D', so future releases of OpenLDAP will
comply to it.  At the moment you need to escape equals.  If you're
interested in the evolution of this issue, please check

http://www.openldap.org/its/index.cgi/Development?id=3229

Thanks for raising the issue.

p.

Harms, Hendrik (EXTERN: TOJAQ) wrote:

My old openldap-2.1.26 accepts DNs with the '=' character in it. My
openldap-2.1.29 doesn't:


Example "dn: Document=254 Page=1-2,ou=data,dc=MyCompany"

 dc=MyCompany
    ou=data
       Document=254 Page=1-2

do_add
ber_scanf fmt ({m) ber:


dnPrettyNormal: <Document=254 Page=1-2,ou=data,dc=MyCompany>


=> ldap_bv2dn(Document=254 Page=1-2,ou=data,dc=MyCompany,0)
<= ldap_bv2dn(Document=254 Page=1-2,ou=data,dc=MyCompany,0)=84
do_add: invalid dn (Document=254 Page=1-2,ou=data,dc=MyCompany)
send_ldap_result: conn=0 op=1 p=3
send_ldap_result: err=34 matched="" text="invalid DN"
send_ldap_response: msgid=2 tag=105 err=34
ber_flush: 24 bytes to sd 10
conn=0 op=1 RESULT tag=105 err=34 text=invalid DN

Is the equal character behind "Page" not allowd by spec or is the
openldap-2.1.29 broken in this point?








   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497