[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Error searching DNs with escaped special characters
> This is what slapd said to me:
> [root@bige ldap]# ./bin/ldapadd -x -D "cn=Manager,o=CA" -w secret <
> test.ldif adding new entry "x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca"
> do_add: invalid dn (x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca)
> ldapadd: update failed: x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca
> ldap_add: Invalid DN syntax (34)
> additional info: invalid DN
>
> [root@bige ldap]# more test.ldif
> dn: x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca
> x509serialNumber: 72340172838076685
> x509issuer: CN=kakaka"sa"df,C=RU
> x509subject: CN="äÅÎÉÓÏ× \22÷ÌÁÄÉÍÉÒ", C=RU, L=íÏÓË×Á, O=Signal - COM
> objectClass: top
> objectClass: organization
> objectClass: x509base
> objectClass: x509PKC
> x509version: 0
> description: ÐÒÏÇÒÁÍÍÉÓÔ
> o: Signal - COM
> l: íÏÓË×Á
> mail: mirror@nightmail.ru
> x509validityNotAfter: 20040708180450Z
> x509validityNotBefore: 20030709180450Z
> x509subjectPublicKeyInfoAlgorithm: 1.2.840.113549.1.1.1
> x509signatureAlgorithm: 1.2.840.113549.1.1.5
>
> All atributes are defined!!!
>
>
>> The parsing works correctly:
>> [ando@nb ldap]$ ./libraries/libldap/dntest 'x509issuer=CN=test
>> \22sa\22 sadf\,C=RU,O=ca' V3 V3,PRETTY
> Would you so please to describe this flags "V3 V3,PRETTY "
> Or where i can get more information about it?
It's a simple test program in libraries/libldap/dntest;
try run it to see available flags; they reflect flags
that are accepted by the ldap_bv2[r]dn() routines.
>
> Thank you.
>> ldap_rdn2str() = "x509issuer=CN=test \"sa\" sadf\2CC=RU"
>> ldap_rdn2str() = "O=ca"
>>
>> ldap_dn2str(ldap_str2dn("x509issuer=CN=test \22sa\22
>> sadf\,C=RU,O=ca"))
>> = "x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca"
>>
>> ldap_dn2domain("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>> = "(null)"
>>
>> ldap_dn2ufn("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>> = "CN=test \22sa\22 sadf\2CC=RU, ca"
>>
>> ldap_dn2dcedn("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>> = "/O=ca/x509issuer=CN\=test "sa" sadf\,C\=RU"
>>
>> ldap_dcedn2dn("/O=ca/x509issuer=CN\=test "sa" sadf\,C\=RU")
>> = "x509issuer=CN=test \22sa\22 sadf\2CC=RU,O=ca"
>>
>> ldap_dn2ad_canonical("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>> = "ca/CN\=test "sa" sadf\,C\=RU"
>>
>> ldap_explode_dn("x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca"):
>> "x509issuer=CN=test \22sa\22 sadf\2CC=RU"
>> ldap_explode_rdn("x509issuer=CN=test \22sa\22 sadf\2CC=RU")
>> 'x509issuer=CN=test \22sa\22 sadf\2CC=RU'
>> ldap_explode_rdn("x509issuer=CN=test \22sa\22 sadf\2CC=RU")
>> (no
>> types)
>> "CN=test \22sa\22 sadf\2CC=RU"
>> "O=ca"
>> ldap_explode_rdn("O=ca")
>> 'O=ca'
>> ldap_explode_rdn("O=ca") (no types)
>> "ca"
>>
>> ldap_explode_dn("x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca") (no
>> types):
>> "CN=test \22sa\22 sadf\2CC=RU"
>> "ca"
>>
>> "x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca"
>> == "x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca" ? yes
>>
>> but slapd fails because x509issuer is not defined (that's what I got);
>> did you define that attribute in your system? What definition did you
>> use?
> attributetype ( 1.3.6.1.4.1.10126.1.5.3.4
> NAME 'x509issuer'
> DESC 'Distinguished name of the entity who has signed and
> issued the certificate or CRL'
> EQUALITY distinguishedNameMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
> SINGLE-VALUE )
>>
>> p.
> --
> Wbr
> Nikita
--
Pierangelo Masarati
mailto:pierangelo.masarati@sys-net.it