[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Support for extensible certificate mapping

To: openldap-devel@OpenLDAP.org
Subject: Re: Support for extensible certificate mapping
From: Luke Howard <lukeh@padl.com>
Date: Thu, 23 Sep 2004 11:46:20 +1000
Organization: PADL Software Pty Ltd
References: <200409190853.i8J8r2hG069987@au.padl.com> <6.1.2.0.0.20040919153440.0420cef0@127.0.0.1> <200409200112.i8K1CtYc094796@au.padl.com> <200409230110.i8N1Abqf047437@au.padl.com>
Versions: dmail (bsd44) 2.6d/makemail 2.10

>cn=/C\=AU/O\=PADL Software Pty Ltd/CN\=Luke
>Howard/emailAddress\=lukeh@dsg.padl.com,cn=/C\=AU/O\=PADL Software Pty Ltd,cn=PKINIT,cn=auth
>
>so that the unescaped subject and issuer can be passed into an
>LDAP search filter within a sasl-regexp. 
>
>(NB: I'm building the RDNs manually and then calling ldap_dn2bv()
>with LDAP_DN_FORMAT_LDAPV2.)

What I want to do is have the \= converted to = by the time
$1 and $2 are evaluated. I wonder if this is actually possible...

sasl-regexp cn=(.*),cn=(.*),cn=PKINIT,cn=auth ldap://$REGISTRY=Domain NC??sub?(&(objectClass=User)(altSecurityIdentities=X509:<I>$2<S>$1))

-- Luke

--

Follow-Ups:
- Re: Support for extensible certificate mapping
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

References:
- Support for extensible certificate mapping
  - From: Luke Howard <lukeh@padl.com>
- Re: Support for extensible certificate mapping
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: Support for extensible certificate mapping
  - From: Luke Howard <lukeh@padl.com>
- Re: Support for extensible certificate mapping
  - From: Luke Howard <lukeh@padl.com>

Prev by Date: Re: Support for extensible certificate mapping
Next by Date: Re: Support for extensible certificate mapping
Index(es):
- Chronological
- Thread