[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8400) contiguous spaces in middle of DN - translucent overlay proxy

dsullivan2@bsd.uchicago.edu wrote:
> Full_Name: Dan Sullivan
> Version:  2.4.40-7.el6_7
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (
> Hi,
> I am reporting what I believe to be a bug in the translucent overlay proxy.  It
> appears that two contiguous non-escaped spaces in the middle of a DN will get
> sent to the remote server as a single space.  For example, if I have the
> following record being dumped from the local database using slapcat:

This is not a bug. As specified in X.520, multiple consecutive spaces are 

Closing this ITS.

> dn: cn=foo\2C bar  [BSD] - HGD,ou=general
> accounts,ou=accounts,ou=hgd,dc=somedomain,dc=uchicago,dc=edu
> gidNumber: 339792922
> uidNumber:3939798516
> homeDirectory: /home/fbar
> sAMAccountName: fbar
> objectClass: person
> There are two spaces between bar and [BSD].  If I query LDAP for uidNumber (via
> translucent local), the search DN that is passed to the remote server only has
> one space in it.  Based on my understanding it is acceptable to have any number
> of spaces in a DN without escaping them (as long as they are not the first or
> the last characters in the field).  I verified that only a single space is being
> sent to the remote server by doing a packet capture and looking at the actual
> LDAP query being sent.
> If it would help to provide configuration, additional logs, or a packet capture
> please advise and I can provide this.
> I believe my overlay proxy works fine otherwise.
> Dan

   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/