[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#8400) contiguous spaces in middle of DN - translucent overlay proxy

Full_Name: Dan Sullivan
Version:  2.4.40-7.el6_7
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (


I am reporting what I believe to be a bug in the translucent overlay proxy.  It
appears that two contiguous non-escaped spaces in the middle of a DN will get
sent to the remote server as a single space.  For example, if I have the
following record being dumped from the local database using slapcat:

dn: cn=foo\2C bar  [BSD] - HGD,ou=general
gidNumber: 339792922
homeDirectory: /home/fbar
sAMAccountName: fbar
objectClass: person

There are two spaces between bar and [BSD].  If I query LDAP for uidNumber (via
translucent local), the search DN that is passed to the remote server only has
one space in it.  Based on my understanding it is acceptable to have any number
of spaces in a DN without escaping them (as long as they are not the first or
the last characters in the field).  I verified that only a single space is being
sent to the remote server by doing a packet capture and looking at the actual
LDAP query being sent.

If it would help to provide configuration, additional logs, or a packet capture
please advise and I can provide this.

I believe my overlay proxy works fine otherwise.