Menu
▾
▴
Re: Net::LDAP::Util::canonical_dn
|
From: Chris R. <chr...@me...> - 2001-03-08 12:44:12
|
Graham Barr <gb...@po...> wrote: > On Thu, Mar 08, 2001 at 11:04:06AM -0000, Chris Ridd wrote: > >> Let's see, what canonicalisation does canonical_dn do.. >> >> * it lowercases values that are # followed by hex, >> * it lowercases types that start with an OID, >> * it backslashifies RFC 2253-magic characters, >> * it backslash and hex encodes 0x00-0x1f and 0x7f-0xff characters, >> * it surrounds values with leading/trailing/multiple spaces with quotes. >> >> (Actually, that last part is not permitted by RFC 2253. You should >> replace those spaces with "\20" or "\ ". I suspect "\20" would be safer >> especially at the end of a string, to avoid someone simply ripping >> trailing spaces off and leaving the string ending with a dangling slash.) > > 2253 also no longer requires the escaping of multiple spaces within > a value. Yes, that appears to be an RFC 1779-ism. >> Those canonicalisations look OK to me. Have I missed any others? > > canonical_dn also reorders the parts of multi-part RDNs So it does. I suspect this will be OK for most servers that support multi-ava RDNs. It also upper-cases attribute types. > Graham. > I reckon it would be OK to call canonicalise_dn in the LDIF _write_cmd, but perhaps only in the case where the DN has a char that is not a 'SAFE-UTF8-CHAR', as per RFC 2849. Cheers, Chris |
