[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: LDIF and structural objectclasses

To: "'Daniel Tiefnig'" <dantie@gmx.at>, <openldap-software@OpenLDAP.org>
Subject: RE: LDIF and structural objectclasses
From: "Howard Chu" <hyc@highlandsun.com>
Date: Wed, 23 Apr 2003 16:46:21 -0700
Importance: Normal
In-reply-to: <3EA71F2B.7070103@gmx.at>

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Daniel Tiefnig

> Michael Ströder wrote:
> > Daniel Tiefnig wrote:
> >  > 1) Why are userpassword attributes always encoded in base64 in

> > I guess that's because userPassword is defined with SYNTAX
> > 1.3.6.1.4.1.1466.115.121.1.40 (Octet String) in OpenLDAP's schema.

> Hmm, good point, allthough I thought, that base64 coding is just used
> for output in LDIF syntax, and SYNTAX definition shouldn't interfere
> with LDIF in that way, should it? I have to think about that a little
> bit, i think. :o)

Normally libldif will only base64 encode a value if it finds unprintable or
special characters in it. However, libldif is hardcoded to always base64
encode userPassword. This has been its behavior since August 1999; I'd
imagine that it's done like this to prevent passwords from accidentally being
revealed to casual observers. The encoding is of course trivial, but there
aren't many people who can decode it in their heads...

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support

Follow-Ups:
- Re: LDIF and structural objectclasses
  - From: Daniel Tiefnig <dantie@gmx.at>

References:
- Re: LDIF and structural objectclasses
  - From: Daniel Tiefnig <dantie@gmx.at>

Prev by Date: Re: LDIF and structural objectclasses
Next by Date: Re: LDIF and structural objectclasses
Index(es):
- Chronological
- Thread