change in python-ldap method?

Joe Little jlittle at
Tue Feb 26 18:18:02 CET 2002

On 2/26/02 8:54 AM, "Michael Ströder" <michael at> wrote:

> Cc:-ed again to python-ldap-dev list since it might be interesting for
> others too.
> Joe Little wrote:
>> Do you use search filters with \+ in it?
> Yes, I've tested the group admin feature of web2ldap editing group
> membership of entries which have + (better say escaped \+) in their DN
> string representation. The filter also contained \+ but did not raise
> any filter error exception.
> As I said there are some bugs in web2ldap (0.10.3 as of this writing)
> concerning + in DNs which I fixed this morning. But they were unrelated
> to constructing search filters.
>> Is there a method that you are using the generate your search
>> string that strips the escapes out? The problem here is that I don't strip
>> them out.. and feel I should have to :)
> Don't strip them out. Pass the DN as assertion value right into your
> routine escaping the special chars for search filters. Then build the
> filter with the result. Watch out for the use of
> ldaputil.base.escape_filter_chars() in pylib/w2lapp/ of
> current web2ldap distribution.

I'm confused. The search filter barfed because I had the escape sequences in
there. If I just had the + symbols with \, it likely won't give me there
error. I was thinking I'd need to remove the \'s before commiting another
search. Previously, I didn't need to do this (last June).

> Another thing is if you want to compare attribute values within your
> client. For such a string comparison you have to unescape the attribute
> values *after* completely decomposing the DN with ldap.explode_dn() and
> ldap.explode_rdn(). I've started to implement a function for that.
> Ciao, Michael.

More information about the python-ldap mailing list