Changelog Development Documentation Download libcurl Mailing Lists News
cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: Ldap URL and binary entries

From: Jean-Marc Desperrier <jmdesp_at_free.fr>
Date: Wed, 01 Jun 2005 17:25:07 +0200

Daniel Stenberg wrote:

> So what letters _are_ unsafe then? Or perhaps we should reverse the
> logic and only output it as-is if we find it only contains safe
> letters. I take it this means safely printable? Like isgraph() and space?

I'll copy you the grammar from the RFC. It must be a SAFE-STRING :

SAFE-CHAR = %x01-09 / %x0B-0C / %x0E-7F
                           ; any value <= 127 decimal except NUL, LF,
                           ; and CR

SAFE-INIT-CHAR = %x01-09 / %x0B-0C / %x0E-1F /
                           %x21-39 / %x3B / %x3D-7F
                           ; any value <= 127 except NUL, LF, CR,
                           ; SPACE, colon (":", ASCII 58 decimal)
                           ; and less-than ("<" , ASCII 60 decimal)

SAFE-STRING = [SAFE-INIT-CHAR *SAFE-CHAR]

As a special case, if the final character is a space, you must encode.

> BTW, your patch makes the code not compile for me anymore, since I
> have no 'struct berval' anywhere...

In my setting, it came from this include line at the top of ldap.c
# include <winldap.h>
which defines it as
typedef struct berval {
    ULONG bv_len;
    PCHAR bv_val;
} LDAP_BERVAL, * PLDAP_BERVAL, BERVAL, * PBERVAL, BerValue;

OpenLDAP for Linux/OS X, etc. has it with :
#include <lber.h>
typedef struct berval {
 ber_len_t bv_len;
 char *bv_val;
 } BerValue, *BerVarray;

I don't think the size of the first element is guaranteed to be the same
on all platforms, so it's better to get it from the correct include than
redefining it.

> I find the mixing of the meaning odd. First, it selects type of output
> and then it selects which entry in a multi-valued attribute?
>
> Can't we make the type of output respect CURLOPT_TRANSFERTEXT instead?
> If we consider the ldif format to be text, and then add a
> CURLOPT_LDAPNUMENTRY or similar?

Yes, this is a good idea except that I understand CURLOPT_TRANSFERTEXT
defaults to binary, and here we really want to default to ldif.

> And I haven't really read up on this (yet), but is there really no way
> to specify that number using the LDAP URL format?

Not that I know.
I've seen in the past discussions about an extension to include a filter
on them in the URL, but that's a syntax very few LDAP servers support
and it requires to already have some info about what there is in the values.
I've found the reference, it's in RFC 3876. It's not even obvious how to
include that in URL.
Received on 2005-06-01