>>>> "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> 10/30/00 6:02:12 PM >>>
>At 05:12 PM 10/30/00 -0700, Jim Sermersheim wrote:
>>There are some inconsistencies between the two ways the string is represented in 2.4 and 3.
>>2.4 talks about escaping a space character at the beginning or the end of the string. It doesn't say whether multiple spaces each need to be escaped.
>They MAY be escaped (like any other character).
> cn=\20 John Smith \20,dc=example,dc=com
My read of 2.4 says that there are 10 things that need to be escaped by the \ prefix mechanism (not \xx). These are:
A space or "#" at the begining
A space at the end
one of the other special char's.
When I read "If a character to be escaped is one of the list shown above, then it is prefixed by a backslash ('\' ASCII 92)" I apply it to the full set of characters (including pre space and #, and post space. Maybe it means only the list of characters in the third bullet item, but that's not how I read it. This tells me that these are legaI, and the proper way to escape pre/post spaces and inital #:
cn=\ John Smith \ ,dc=example,dc=com
>>3 includes "#" as a special char but not " ".
>" " should not be in special as it would allow:
> cn=\ foo\ ,dc=example,dc=com
>which is bogus per 2.4....
Again, this is not how I interpret 2.4. the wording "the list shown above" is open to interpretation.
>>The only time "#" needs to be escaped is when it appears at the beginning of the string.
>3's special should be consistent with 2.4's
> o one of the characters ",", "+", """, "\", "<", ">" or ";"
>that is, the '#' should not be listed. That, is:
>is fine per 2.4.
>>Likewise, the space char should be accounted for.
>>Adjust if only the first or last of multiple leading or following spaces needs to be escaped.
>No requirement to escape, hence no adjustment needed for space.
A beginning or ending space needs to be escaped. One of my original questions is also, do multiple beginning or ending spaces need to be escaped? i.e.:
cn=\ \ foo\ \ ,dc=example,dc=com
or, as the case may be,
> distinguishedName = [name]
> ; may be empty
> name = name-component *("," name-component)
> name-component = attributeTypeAndValue *("+" attributeTypeAndValue)
> = attributeType "=" attributeValue
> attributeType = (ALPHA 1*keychar) / oid
> keychar = ALPHA / DIGIT / "-"
> oid = 1*DIGIT *("." 1*DIGIT)
> attributeValue = string | hexstring
> string = *( stringchar | pair )
> special = "," / "=" / "+" / """ / "<" / ">" / ";"
> pair = ESC ( ESC / special / hexpair )
> stringchar = <any character except one of special or ESC>
> hexstring = "#" 1*hexpair
> hexpair = HEX HEX
> HEX = DIGIT
> / "A" / "B" / "C" / "D" / "E" / "F"
> / "a" / "b" / "c" / "d" / "e" / "f"
> ALPHA = <any ASCII alphabetic character>
> ; decimal 65-90 and 97-122
> DIGIT = <any ASCII decimal digit>
> ; decimal 48-57
> ESC = <the ASCII backslash character "\">
> ; decimal 92
This BNF doesn't tell me how to properly represent these in LDAP v3:
cn=" foo ",dc=example,dc=com
It also now allows me to do this: