Re: equal character forbidden in DN

[Pierangelo Masarati <ando@sys-net.it>]

Hendrik,

after discussion, the result is that '=' in DN string representations
is not allowed by current releases, based on our interpretation of
an ambiguous (and thus buggy) RFC 2253; Hallvard Furuseth points
out that draft-ietf-ldapbis-dn allows unescaped '=' as well as escaped
forms like '\=' and '\3D', so future releases of OpenLDAP will
comply to it.  At the moment you need to escape equals.  If you're
interested in the evolution of this issue, please check

http://www.openldap.org/its/index.cgi/Development?id=3229

Thanks for raising the issue.

p.

Harms, Hendrik (EXTERN: TOJAQ) wrote:

> My old openldap-2.1.26 accepts DNs with the '=' character in it. My
> openldap-2.1.29 doesn't:
>
>
> Example "dn: Document=254 Page=1-2,ou=data,dc=MyCompany"
>
>  dc=MyCompany
>     ou=data
>        Document=254 Page=1-2
>
> do_add
> ber_scanf fmt ({m) ber:
>  
>
> > > > dnPrettyNormal: <Document=254 Page=1-2,ou=data,dc=MyCompany>
> > > >        
> => ldap_bv2dn(Document=254 Page=1-2,ou=data,dc=MyCompany,0)
> <= ldap_bv2dn(Document=254 Page=1-2,ou=data,dc=MyCompany,0)=84
> do_add: invalid dn (Document=254 Page=1-2,ou=data,dc=MyCompany)
> send_ldap_result: conn=0 op=1 p=3
> send_ldap_result: err=34 matched="" text="invalid DN"
> send_ldap_response: msgid=2 tag=105 err=34
> ber_flush: 24 bytes to sd 10
> conn=0 op=1 RESULT tag=105 err=34 text=invalid DN
>
> Is the equal character behind "Page" not allowd by spec or is the
> openldap-2.1.29 broken in this point?
>  






   SysNet - via Dossi,8 27100 Pavia Tel: +390382573859 Fax: +390382476497