question on ldap_escape_func in rlm_ldap.c

Wed Dec 7 14:40:04 CET 2005

-----Original Message-----
From: freeradius-users-bounces at lists.freeradius.org
[mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of
Nicolas Baradakis
Sent: 07 December 2005 13:18
To: FreeRadius users mailing list
Subject: Re: question on ldap_escape_func in rlm_ldap.c

Qin Zhen wrote:

> so in lastest version (1.0.5), a username 'jam\' will be converted 
> into 'jam\5c' and ldapsearch will be based on 'jam\5c' right? so this 
> username is supposed not to be found in ldap in this case?
> but how come in my server, the ldapsearch will base on 'jam' and those

> invalid charactors r just simply eliminated? scratching head...pls 
> assist..thanks so much

That's what is said in http://www.ietf.org/rfc/rfc2254.txt

<<<<<
   If a value should contain any of the following characters

           Character       ASCII value
           ---------------------------
           *               0x2a
           (               0x28
           )               0x29
           \               0x5c
           NUL             0x00

   the character must be encoded as the backslash '\' character (ASCII
   0x5c) followed by the two hexadecimal digits representing the ASCII
   value of the encoded character. The case of the two hexadecimal
   digits is not significant.
>>>>>

--
Nicolas Baradakis

-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

This e-mail is private and may be confidential and is for the intended recipient only.  If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed.  If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it.  We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free.  You should undertake your own virus checking.  The right to monitor e-mail communications through our network is reserved by us. 