[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenLDAP UTF8 values support
- To: openldap-technical@openldap.org
- Subject: Re: OpenLDAP UTF8 values support
- From: André Rodier <andre@rodier.me>
- Date: Sat, 24 Mar 2018 00:10:17 +0000
- Authentication-results: smtpfr.rodier.me; dmarc=fail (p=reject dis=none) header.from=rodier.me
- Content-language: en-GB
- Dkim-filter: OpenDKIM Filter v2.9.2 smtpfr.rodier.me B8C8F245DE
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rodier.me; s=smtpuk; t=1521850217; bh=vOLPgJp+U+mkEd/nYeNiOiRAtgKOsnr2WVZrLynURX4=; h=From:Subject:To:References:Date:In-Reply-To:From; b=GblRoCDo//B2MlQAXLnrAgqMaT/jqo9vEdaluXiV80hwKr3v/trylRK2OLaTe20vQ j6Uo8n5In6LhZogqRslCLVCDHQm3rFdH8DTkZ8eks2buoW/N3IAPUhQ/0Karwb7iYf yHHfZXfagUEZ+htpzyhh4wQu/R78ZN2W6mRNg7AM=
- In-reply-to: <424b67167c4b85d478b2bd027502e262@stroeder.com>
- References: <bca770bcc9a54f2028ba6ff6bce515e0@imap.rodier.me> <424b67167c4b85d478b2bd027502e262@stroeder.com>
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
On 21/03/18 17:19, Michael Ströder wrote:
> On 2018-03-21 16:42, Andre Rodier wrote:
>> I want to use international characters for the "secondary" email
>> addresses but and OpenLDAP is complaining about it, as invalid syntax.
>
> That's because attribute 'mail' is defined to be IA5String syntax
> which is more or less ASCII.
>
>> Is there any limitation in OpenLDAP that would prevent some fields to
>> be stored in UTF8 directly?
>
> No. But the attribute type has to be declared to use DirectoryString
> syntax.
>
> That's why I proposed 'intlMailAddr' herein:
> https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07#section-2
>
>
> Note that this attribute only makes sense in case of non-ASCII local part
> and for use with SMTPUTF8 extensions. I currently only know of one SMTPUTF8
> implementation (postfix 3.x).
>
> If the mail address' domain part is non-ASCII you should store it as
> IDNA encoding
> (e.g. my web2ldap supports auto-converting the user's input.)
>
>> I have noticed that the givenName and
>> surname are automatically encoded in base64 when containing accents,
>> so is it a standard practice?
>
> The attribute values are *not* base64-encoded via LDAP.
> What you're seeing as output of ldapsearch is LDIF representation
> which has to be ASCII-clean (see RFC 2849).
>
> Ciao, Michael.
>
Hello Michael,
Thank you for your schema, it is working perfectly.
I am adding the final LDIF file that works with OpenLDAP, so anyone can
use it for their projects:
> # The attribute type 'intlMailAddr' is defined for storing SMTPUTF8
> # compliant addresses [RFC6530]
> # https://tools.ietf.org/html/draft-stroeder-mailboxrelatedobject-07
>
> dn: cn=intlMailAddr,cn=schema,cn=config
> objectClass: olcSchemaConfig
> cn: intlMailAddr
> olcAttributeTypes: ( 1.3.6.1.4.1.5427.1.389.4.18
> NAME 'intlMailAddr'
> DESC 'Internationalized Email Address'
> EQUALITY caseIgnoreMatch
> SUBSTR caseIgnoreSubstringsMatch
> SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
> olcObjectClasses: ( 1.3.6.1.4.1.5427.1.389.6.9
> NAME 'mailboxRelatedObject'
> DESC 'Associated RFC 5321 mailbox for any entry'
> AUXILIARY
> MAY ( displayName $ mail $ intlMailAddr ) )
Tell me if I made a mistake, but so far it works perfectly. I have both
Dovecot and Postfix querying internationalised email addresses, and I
will have something stable enough soon.
Kind regards,
André
--
https://github.com/progmaticltd/homebox