Re: Error searching DNs with escaped special characters

[Nikita Bige <big_nikita@mtu-net.ru>]

This is what slapd said to me:
[root@bige ldap]# ./bin/ldapadd -x -D "cn=Manager,o=CA" -w secret  < test.ldif
adding new entry "x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca"
do_add: invalid dn (x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca)
ldapadd: update failed: x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca
ldap_add: Invalid DN syntax (34)
        additional info: invalid DN

[root@bige ldap]# more test.ldif
dn: x509issuer=CN=kakaka\22sa\22df\,C=RU,O=ca
x509serialNumber: 72340172838076685
x509issuer: CN=kakaka"sa"df,C=RU
x509subject: CN="Денисов \22Владимир", C=RU, L=Москва, O=Signal - COM
objectClass: top
objectClass: organization
objectClass: x509base
objectClass: x509PKC
x509version: 0
description: программист
o: Signal - COM
l: Москва
mail: mirror@nightmail.ru
x509validityNotAfter: 20040708180450Z
x509validityNotBefore: 20030709180450Z
x509subjectPublicKeyInfoAlgorithm: 1.2.840.113549.1.1.1
x509signatureAlgorithm: 1.2.840.113549.1.1.5

All atributes are defined!!!


> The parsing works correctly:
> [ando@nb ldap]$ ./libraries/libldap/dntest 'x509issuer=CN=test \22sa\22
> sadf\,C=RU,O=ca' V3 V3,PRETTY
Would you so please to describe this flags  "V3 V3,PRETTY "
Or where i can get more information about it?

Thank you.
>         ldap_rdn2str() = "x509issuer=CN=test \"sa\" sadf\2CC=RU"
>         ldap_rdn2str() = "O=ca"
>
> ldap_dn2str(ldap_str2dn("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca"))
>         = "x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca"
>
> ldap_dn2domain("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>         = "(null)"
>
> ldap_dn2ufn("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>         = "CN=test \22sa\22 sadf\2CC=RU, ca"
>
> ldap_dn2dcedn("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>         = "/O=ca/x509issuer=CN\=test "sa" sadf\,C\=RU"
>
> ldap_dcedn2dn("/O=ca/x509issuer=CN\=test "sa" sadf\,C\=RU")
>         = "x509issuer=CN=test \22sa\22 sadf\2CC=RU,O=ca"
>
> ldap_dn2ad_canonical("x509issuer=CN=test \22sa\22 sadf\,C=RU,O=ca")
>         = "ca/CN\=test "sa" sadf\,C\=RU"
>
> ldap_explode_dn("x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca"):
>         "x509issuer=CN=test \22sa\22 sadf\2CC=RU"
>         ldap_explode_rdn("x509issuer=CN=test \22sa\22 sadf\2CC=RU")
>                 'x509issuer=CN=test \22sa\22 sadf\2CC=RU'
>         ldap_explode_rdn("x509issuer=CN=test \22sa\22 sadf\2CC=RU") (no
> types)
>                         "CN=test \22sa\22 sadf\2CC=RU"
>         "O=ca"
>         ldap_explode_rdn("O=ca")
>                 'O=ca'
>         ldap_explode_rdn("O=ca") (no types)
>                         "ca"
>
> ldap_explode_dn("x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca") (no types):
>         "CN=test \22sa\22 sadf\2CC=RU"
>         "ca"
>
> "x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca"
>          == "x509issuer=CN=test \"sa\" sadf\2CC=RU,O=ca" ? yes
>
> but slapd fails because x509issuer is not defined (that's what I got);
> did you define that attribute in your system? What definition did you
> use?
attributetype   ( 1.3.6.1.4.1.10126.1.5.3.4
     NAME 'x509issuer'
     DESC 'Distinguished name of the entity who has signed and
           issued the certificate or CRL'
     EQUALITY distinguishedNameMatch
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.12
     SINGLE-VALUE ) 
>
> p.
-- 
Wbr
Nikita