Re: Support for Base64 encoded values

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Ricardo Padilha <rpadilha [at] drobo.com>
To: "nss-pam-ldapd-users [at] lists.arthurdejong.org" <nss-pam-ldapd-users [at] lists.arthurdejong.org>
Subject: Re: Support for Base64 encoded values
Date: Mon, 19 Jun 2017 14:52:24 +0000

On 18/06/17 21:27, "Trent W. Buck" <twb-nss-pam-ldapd-users@cyber.com.au>
wrote:
>Hmm, it looks like this is already a solved problem for LDAP?
>
>    http://www.unicode.org/L2/L2006/06347-ldap-info.txt
>    → RFC 4518
>    →  The input string is to be normalized to Unicode Form KC
>       (compatibility composed) as described in [UAX15].  The output is
>the
>       normalized string.
>
>I don't understand LDAP RFCs very well.
>Does that mean an RFC4518-conformant LDAP *server* will handle
>everything, and
>nslcd's current behaviour is correct?

From my reading of the RFC, it looks like it. Unfortunately, as far as I
can tell openldap does not yet support RFC 4518 according to
http://www.openldap.org/faq/data/cache/649.html. They also claim that most
LDAP server implementations don’t support RFC 4518 either.

In fact the RFC seems to include a lot more than normalization:

“ The following six-step process SHALL be applied to each presented and
   attribute value in preparation for character string matching rule
   Evaluation.

  1) Transcode
  2) Map
  3) Normalize
  4) Prohibit
  5) Check bidi
  6) Insignificant Character Handling ”

R.

-- 
To unsubscribe send an email to
nss-pam-ldapd-users-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-users/

Re: Support for Base64 encoded values, (continued)

Prev by Date: Re: Support for Base64 encoded values
Next by Date: Re: Support for Base64 encoded values
Previous by thread: Re: Support for Base64 encoded values
Next by thread: Re: Support for Base64 encoded values