Dan Nelson <<dnelson[at]allantgroup.com>> wrote:
> As for LDAP, the BNF tables in rfc 4512 say that LDAP schema names have to
> start with a letter and you're only allowed to backslash-escape "'"
> and "\".
Afaics, they're even more restrictive than that: Names must start with
a letter and only be followed by letters, digits, or hyphens. I think
the rfc did a psychologic mistake to put them inside quotes in the
NAME spec, which makes them easily confused with generic quoted
strings.
> Protocls.LDAP should be able to read non-conforming data, but I'd be
> okay with it refusing to write bad data.
Please check if this patch does it for you:
--- lib/modules/Protocols.pmod/LDAP.pmod/client.pike 29 Oct 2008 14:19:08
-0000 1.117
+++ lib/modules/Protocols.pmod/LDAP.pmod/client.pike 22 Aug 2009 13:51:01 -0000
@@ -2216,8 +2216,11 @@
string parse_qdescr (string what)
{
string name;
- // No strict syntax check here.
- switch (sscanf (str, "'%[-;a-zA-Z0-9]'%*[ ]%s", name, str)) {
+ // RFC 4512 restricts this to a letter followed by letters,
+ // digits or hyphens. However, real world cases shows that
+ // other chars can occur here ('.', at least), so let's be
+ // lax.
+ switch (sscanf (str, "'%[^']'%*[ ]%s", name, str)) {
case 0:
ERROR ("%sExpected %s after term %O at pos %d: %O\n",
errmsg_prefix, what, term_id, sizeof (orig_str) - pos, orig_str);
|