change in python-ldap method?
Michael Ströder
michael at stroeder.com
Tue Feb 26 00:29:53 CET 2002
Joe Little wrote:
>
> When it
> explodes the DN out of my entry, its string result is:
>
> "(cn=whois\+\+)"
> [..]
> However, even before I explode it, I already see the DN is stored in my res
> as whois\+\+.
This is perfectly right. See RFC2253, section 2.4. After reading BNF in
section 3. you might be convinced that you're best bet is to handle DNs
as opaque. "+" is used to form multi-valued RDNs.
> Searching on this DN results in an ldap.FILTER_ERROR: {'desc':
> 'Bad search filter', 'info': ''}
Special chars in search filters are a different thing, see RFC2254.
> whois++ has been in /etc/services for quite some time.
I remember that there was a discussion about this very topic on one of
the OpenLDAP lists.
> So one of two things
> has happened:
>
> 1) python-ldap has changed behavior in some way (whether first pull of data
> or search filter usage)
>
> 2) MigrationTools (used to load up NIS type data to LDAP) from padl.com,
> which fixed certain things associated with + and other symbols, can load
> data correctly into LDAP with Perl ala PerLDAP and PythonLDAP doesn't
> support the same.
3) The LDAP libs/server requires proper escaping/handling DNs which
translates to "+" need to be escaped nowadays. The application using
python-ldap has to be fixed.
Ciao, Michael.
More information about the python-ldap
mailing list