[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#5172) slash in dn

reinhold.may@gmx.de wrote:

> I'm fairly new to OpenLDAP and hope I've not misunderstood things... in that
> case: sorry.
> 
> I've been trying to import the following .ldif:
> 
> dn: dc=somedomain,dc=org
> objectclass: top
> objectclass: dcObject
> objectclass: organization
> o: somedomain LDAP
> dc: somedomain
> 
> dn: ou=My address book,dc=somedomain,dc=org
> objectclass: top
> objectclass: organizationalUnit
> ou: My address book
> 
> dn: ou=With/Slash,ou=My address book,dc=somedomain,dc=org
> objectclass: top
> objectclass: organizationalUnit
> ou: Medical
> 
> dn: cn=With/Slash,ou=My address book,dc=somedomain,dc=org
> objectclass: top
> objectclass: person
> objectclass: organizationalPerson
> objectclass: inetOrgPerson
> objectclass: mozillaAbPersonAlpha
> cn: With/Slash
> sn: With/Slash

The above LDIF is inconsistent: the "cn=With/Slash,ou=My address
book,dc=somedomain,dc=org" entry is repeated, and in the first
occurrence it is inconsistent: the distinguished value "With/Slash" is
not present in the entry, there's a "Medical" instead.  I suspect you
messed things up when sanitizing your data.

> 
> The "/" results into the following error message:
> 
> ldap_add: No such object (32)
>         additional info: Parent does not exist

This error means that the parent of the entry you're trying to add does
not exist.  Here "parent" means the entry immediately below the one
you're trying to add, so assuming you're trying to add
"cn=With/Slash,ou=My address book,dc=somedomain,dc=org", what appears to
be missing is "ou=My address book,dc=somedomain,dc=org".  Are you sure
it exists?  By looking at the server's logs at "stats,trace" level, can
you tell what DN is being looked up for the parent?

> If my last entry reads:
> 
> dn: cn=WithoutSlash,ou=My address book,dc=somedomain,dc=org
> objectclass: top
> objectclass: person
> objectclass: organizationalPerson
> objectclass: inetOrgPerson
> objectclass: mozillaAbPersonAlpha
> cn: WithoutSlash
> sn: WithoutSlash
> 
> slapd accepts the entry and adds it to its directory.
> 
> I've read RFCs 2849 (about LDIF) and 2253 (about DNs) and can't even find "/" to
> be a special character.  But just in case it was forgotten, I tried to represent
> it as "\/" and "\2f" but neither solution helped.

Yes, it's not.

Using OpenLDAP 2.3 code, I can correctly parse the DN you suspect to
trigger the unexpected behavior you reported:

$ slapdn 'cn=With/Slash,ou=My address book,dc=somedomain,dc=org'
DN: <cn=With/Slash,ou=My address book,dc=somedomain,dc=org> check succeeded
normalized: <cn=with/slash,ou=my address book,dc=somedomain,dc=org>
pretty:     <cn=With/Slash,ou=My address book,dc=somedomain,dc=org>

$ ./libraries/libldap/dntest 'cn=With/Slash,ou=My address
book,dc=somedomain,dc=org'
        ldap_rdn2str() = "cn=With/Slash"
        ldap_rdn2str() = "ou=My address book"
        ldap_rdn2str() = "dc=somedomain"
        ldap_rdn2str() = "dc=org"

ldap_dn2str(ldap_str2dn("cn=With/Slash,ou=My address
book,dc=somedomain,dc=org"))
        = "cn=With/Slash,ou=My address book,dc=somedomain,dc=org"

ldap_dn2domain("cn=With/Slash,ou=My address book,dc=somedomain,dc=org")
        = "somedomain.org"

ldap_dn2ufn("cn=With/Slash,ou=My address book,dc=somedomain,dc=org")
        = "With/Slash, My address book, somedomain.org"

ldap_dn2dcedn("cn=With/Slash,ou=My address book,dc=somedomain,dc=org")
        = "/dc=org/dc=somedomain/ou=My address book/cn=With\/Slash"

ldap_dcedn2dn("/dc=org/dc=somedomain/ou=My address book/cn=With\/Slash")
        = "cn=With/Slash,ou=My address book,dc=somedomain,dc=org"

ldap_dn2ad_canonical("cn=With/Slash,ou=My address
book,dc=somedomain,dc=org")
        = "somedomain.org/My address book/With\/Slash"

ldap_explode_dn("cn=With/Slash,ou=My address book,dc=somedomain,dc=org"):
        "cn=With/Slash"
        ldap_explode_rdn("cn=With/Slash")
                'cn=With/Slash'
        ldap_explode_rdn("cn=With/Slash") (no types)
                        "With/Slash"
        "ou=My address book"
        ldap_explode_rdn("ou=My address book")
                'ou=My address book'
        ldap_explode_rdn("ou=My address book") (no types)
                        "My address book"
        "dc=somedomain"
        ldap_explode_rdn("dc=somedomain")
                'dc=somedomain'
        ldap_explode_rdn("dc=somedomain") (no types)
                        "somedomain"
        "dc=org"
        ldap_explode_rdn("dc=org")
                'dc=org'
        ldap_explode_rdn("dc=org") (no types)
                        "org"

ldap_explode_dn("cn=With/Slash,ou=My address book,dc=somedomain,dc=org")
(no types):
        "With/Slash"
        "My address book"
        "somedomain"
        "org"

"cn=With/Slash,ou=My address book,dc=somedomain,dc=org"
         == "cn=With/Slash,ou=My address book,dc=somedomain,dc=org" ? yes

p.



Ing. Pierangelo Masarati
OpenLDAP Core Team

SysNet s.r.l.
via Dossi, 8 - 27100 Pavia - ITALIA
http://www.sys-net.it
---------------------------------------
Office:  +39 02 23998309
Mobile:  +39 333 4963172
Email:   pierangelo.masarati@sys-net.it
---------------------------------------