From: Norbert K. <nor...@da...> - 2002-04-23 20:10:00
|
--On Dienstag, 23. April 2002 15:59 +0100 Graham Barr <gb...@po...>=20 wrote: > But you code also expanded > > CN=3D\a0 to 'CN' =3D> chr(160) > > Which means in canonical_dn both end up as > > CN=3D\a0 > > which is wrong > > CN=3D\a0 is not the same as CN=3D#a0 > > The first is a value of 1 character length and its type, for comaprisons, > is the type of CN. The second is a value of unknown type and so cannot be > compared to the first. After rereading RFC2253 it seems to me that CN should not be used as an=20 examaple here since it is a type that has a string representation. One=20 could argue that CN=3D#xxxx is illegal altogether. > The #xxxxxx is normally a BER encodeing so to get the examples right > > CN=3D\01\01\42 is not the same as CN=3D#010142 nor is it the same > as CN=3D\42 > > So you need to make sure that DNs of CN=3D#.... get returned from > canonical_dn as #... and DN that don't start with # do not. > As long as we do not want to make canonical_dn schema aware, I think it=20 should be enough for canonical_dn to encode AttributeTypes of the=20 dotted-decimal form as #xxxx. Additional attriubte types can be specified=20 by the (renamed) ber parameter. One question that remains is whether and how ldap_explode_dn should mark=20 values exploded from #xxxx. (BTW do such things really occur in DNs?) I=20 would argue that there is no need for this: - Only AttributeValues which are of a type which does not have a string=20 representation defined for it are encoded as #xxxx. [RFC2253] - "clients MUST NOT assume that an unrecognized syntax is a string=20 representation" [RFC2252] So an application that supports attribute types without a string=20 representation will know how to handle their values and therefore needs no=20 extra help by perl-ldap. Attached patch to perl-ldap-0.25_01: - additional comments and documentation - renamed binary parameter in canonical_dn to ber - canonical_dn uses ldap_explode_dn reverse functionality - #xxxx encode dotted-decimal attribute types - don't use refs for #xxxx values - handling of empty DNs --=20 Norbert Klasen, Dipl.-Inform. DAASI International GmbH phone: +49 7071 29 70336 Wilhelmstr. 106 fax: +49 7071 29 5114 72074 T=FCbingen email: nor...@da... Germany web: http://www.daasi.de |