Escaping of binary characters

Michael Ströder michael at
Tue May 10 13:56:27 CEST 2005

Mark Hammond wrote:
> 	I'm using python-ldap in conjunction with Zope and the LDAPUserFolder
> product to talk to a Windows Active Directory server.  One of the objects I
> am trying to fetch via LDAP is objectGUID - a binary value.

Can you please provide sample Python code so I can see what you really
want to achieve? Are you searching entries by objectGUID assertion values?

> It seems to me that the current implementation of
> ldap.filters.escape_filter_chars is too conservative in choosing the
> characters to escape.

This implementation simply trys to preserve a human-readable form of the
search filter as much as possible.

> I have provided a sample implementation at
> - the patch there
> escapes all non-printable characters.

I saw this but I won't accept the patch. Although not technically wrong
it has the disadvantage that search filters won't be human-readable
anymore (which is very handy for debugging).

But actually nothing forces you to use python-ldap's helper function
ldap.filter.escape_filter_chars(). You can simply use your own
implementation in your code. You could even substitute python-ldap's
implementation by initially overwriting it

import ldap.filter
ldap.filter.escape_filter_chars = my_funky_escape_filter_chars

>  Once this patch is in place, I can
> query this binary objectGUID attribute,

Again I don't exactly understand what you're trying to achieve.

Ciao, Michael.

More information about the python-ldap mailing list