You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Matt Parker (JIRA)" <ji...@apache.org> on 2008/06/02 19:39:46 UTC
[jira] Created: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
--------------------------------------------------------------------------------------------
Key: DIRSERVER-1183
URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
Project: Directory ApacheDS
Issue Type: Bug
Components: ldap
Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
Reporter: Matt Parker
searching with a base DN that has quoted values results in noSuchObject. for example:
ldapsearch -b 'cn=foo' ...
works, but:
ldapsearch -b 'cn="foo"' ...
causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
ldapsearch -b 'cn=Parker\, Matt' ...
works, but:
ldapsearch -b 'cn="Parker\, Matt"' ...
causes invalidDNSyntax.
RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12601871#action_12601871 ]
Emmanuel Lecharny commented on DIRSERVER-1183:
----------------------------------------------
Ok, I think I have a fix for this guy.
All tests are now pasing, and shared-ldap tests are still passing.
I just have to make maven happy with integration tests before committing the fix.
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Alex Karasulu
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Alex Karasulu reassigned DIRSERVER-1183:
----------------------------------------
Assignee: Alex Karasulu
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Alex Karasulu
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny closed DIRSERVER-1183.
----------------------------------------
closed
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Emmanuel Lecharny
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Assigned: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny reassigned DIRSERVER-1183:
--------------------------------------------
Assignee: Emmanuel Lecharny (was: Alex Karasulu)
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Emmanuel Lecharny
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12601682#action_12601682 ]
Emmanuel Lecharny commented on DIRSERVER-1183:
----------------------------------------------
I will check the code, the RFCs and ee if we can safely support RFC 2253 syntax.
More to come later.
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12603095#action_12603095 ]
Emmanuel Lecharny commented on DIRSERVER-1183:
----------------------------------------------
Fixed in bigbang too :
http://svn.apache.org/viewvc?rev=664030&view=rev
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Emmanuel Lecharny
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Alex Karasulu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12601691#action_12601691 ]
Alex Karasulu commented on DIRSERVER-1183:
------------------------------------------
We may need to have a special compatibility mode flag in the configuration to switch semantics to handle these cases specifically there by relaxing some of the 4514 constraints in support of quoted escaped sequences.
I'm thinking this will require alterations to how lookups and search operations are performed (i.e. when finding the base of a search). The invalidDNSyntax exception makes me suspect that we may require changes to the DN parser (and RDN Parser) along with the codec to support this.
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Alex Karasulu
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12601854#action_12601854 ]
Emmanuel Lecharny commented on DIRSERVER-1183:
----------------------------------------------
Added a test to cover this issue :
/**
* test an RDN with escaped comma
*/
@Test
public void testRdnWithEscapedComa() throws InvalidNameException
{
assertTrue( RdnParser.isValid( "a=b\\,c" ) );
assertEquals( "a=b\\,c", new Rdn( "a=b\\,c" ).toString() );
assertTrue( RdnParser.isValid( "a=\"b,c\"" ) );
assertEquals( "a=b\\,c", new Rdn( "a=\"b,c\"" ).toString() );
assertEquals( "a=\"b,c\"", new Rdn( "a=\"b,c\"" ).getUpName() );
assertTrue( RdnParser.isValid( "a=\"b\\,c\"" ) );
assertEquals( "a=\"b\\,c\"", new Rdn( "a=\"b\\,c\"" ).getUpName() );
assertEquals( "a=\"b,c\"", new Rdn( "a=\"b\\,c\"" ).toString() );
}
The third test is failing.
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Alex Karasulu
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Resolved: (DIRSERVER-1183) searching with quoted attribute
values in a DN causes either noSuchObject or invalidDNSyntax
Posted by "Emmanuel Lecharny (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DIRSERVER-1183?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny resolved DIRSERVER-1183.
------------------------------------------
Resolution: Fixed
Fixed in :
http://svn.apache.org/viewvc?rev=662782&view=rev
> searching with quoted attribute values in a DN causes either noSuchObject or invalidDNSyntax
> --------------------------------------------------------------------------------------------
>
> Key: DIRSERVER-1183
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1183
> Project: Directory ApacheDS
> Issue Type: Bug
> Components: ldap
> Environment: Windows XP SP2, cygwin, ldapsearch 2.3.39, ADS trunk
> Reporter: Matt Parker
> Assignee: Emmanuel Lecharny
>
> searching with a base DN that has quoted values results in noSuchObject. for example:
> ldapsearch -b 'cn=foo' ...
> works, but:
> ldapsearch -b 'cn="foo"' ...
> causes noSuchObject. Further, if there is an escaped value inside the quotes, invalidDNSyntax occurs:
> ldapsearch -b 'cn=Parker\, Matt' ...
> works, but:
> ldapsearch -b 'cn="Parker\, Matt"' ...
> causes invalidDNSyntax.
> RFC 2253 section 4 (http://tools.ietf.org/html/rfc2253#section-4) clearly states that this is legal, but is obsoleted by 4514, which isn't as clear (at least to me). Although since most clients that are in use were probably at least written against 2253, it makes sense to continue to support quoted values for maximum compatibility, even if it's optional.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.