[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3465) character escaping in strings

jgra@vp.pl wrote:

>Full_Name: Janusz Grabowski
>Version: 2.2.20
>OS: Debian Linux
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (
>According to RFC2253 characters: ",", "+", """, "\", "<", ">",";" in strings
>needs escaping by prefixing it with '\' (backslash).
>But it is not possible to add the following simple ldif file to LDAP directory
>(using ldapmodify):
>dn: ou=test \"test\",dc=example,dc=com
>objectclass: top
>objectclass: organizationalUnit
>ou: test \"test\"
>Server reports: 
>bdb_add: entry failed schema check: value of naming attribute 'ou' is not
>present in entry (64)
>send_ldap_result: conn=0 op=1 p=3
>send_ldap_result: err=64 matched="" text="value of naming attribute 'ou' is not
>present in entry"
>After some debuging I found that function value_find_ex() defined in
>servers/slapd/value.c try to match 'ou' attribute value using value_match()
>(defined in the same file) passing two differend values of 'ou' as arguments
>[test \"test\"] as stored value and [test "test"] as asserted value, so matching
>new take a place.
>I dont understand why one of this values is normalized and second is not??
The value needs be normalized when used in the DN, not when used in the 
entry.  I.e., your example would work as

dn: ou=test \"test\",dc=example,dc=com
objectclass: top
objectclass: organizationalUnit
ou: test "test"

i.e. the value is <test "test">, and its representation, in a DN string 
representation, is <test \"test\"> (angle brackets are not part of the 

The software works as intended.


    SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497