head 1.1; branch 1.1.1; access; symbols netbsd-11-0-RC4:1.1.1.2 netbsd-11-0-RC3:1.1.1.2 netbsd-11-0-RC2:1.1.1.2 netbsd-11-0-RC1:1.1.1.2 OPENLDAP2_6_10:1.1.1.2 perseant-exfatfs-base-20250801:1.1.1.2 netbsd-11:1.1.1.2.0.62 netbsd-11-base:1.1.1.2 netbsd-10-1-RELEASE:1.1.1.2 perseant-exfatfs-base-20240630:1.1.1.2 perseant-exfatfs:1.1.1.2.0.60 perseant-exfatfs-base:1.1.1.2 netbsd-8-3-RELEASE:1.1.1.2 netbsd-9-4-RELEASE:1.1.1.2 netbsd-10-0-RELEASE:1.1.1.2 netbsd-10-0-RC6:1.1.1.2 netbsd-10-0-RC5:1.1.1.2 netbsd-10-0-RC4:1.1.1.2 netbsd-10-0-RC3:1.1.1.2 netbsd-10-0-RC2:1.1.1.2 netbsd-10-0-RC1:1.1.1.2 netbsd-10:1.1.1.2.0.58 netbsd-10-base:1.1.1.2 netbsd-9-3-RELEASE:1.1.1.2 OPENLDAP2_5_6:1.1.1.2 cjep_sun2x-base1:1.1.1.2 cjep_sun2x:1.1.1.2.0.56 cjep_sun2x-base:1.1.1.2 cjep_staticlib_x-base1:1.1.1.2 netbsd-9-2-RELEASE:1.1.1.2 cjep_staticlib_x:1.1.1.2.0.54 cjep_staticlib_x-base:1.1.1.2 netbsd-9-1-RELEASE:1.1.1.2 OPENLDAP2_4_50:1.1.1.2 phil-wifi-20200421:1.1.1.2 phil-wifi-20200411:1.1.1.2 is-mlppp:1.1.1.2.0.52 is-mlppp-base:1.1.1.2 phil-wifi-20200406:1.1.1.2 netbsd-8-2-RELEASE:1.1.1.2 netbsd-9-0-RELEASE:1.1.1.2 netbsd-9-0-RC2:1.1.1.2 netbsd-9-0-RC1:1.1.1.2 phil-wifi-20191119:1.1.1.2 OPENLDAP_2_4_48:1.1.1.2 netbsd-9:1.1.1.2.0.50 netbsd-9-base:1.1.1.2 phil-wifi-20190609:1.1.1.2 netbsd-8-1-RELEASE:1.1.1.2 netbsd-8-1-RC1:1.1.1.2 pgoyette-compat-merge-20190127:1.1.1.2 pgoyette-compat-20190127:1.1.1.2 pgoyette-compat-20190118:1.1.1.2 pgoyette-compat-1226:1.1.1.2 pgoyette-compat-1126:1.1.1.2 pgoyette-compat-1020:1.1.1.2 pgoyette-compat-0930:1.1.1.2 pgoyette-compat-0906:1.1.1.2 netbsd-7-2-RELEASE:1.1.1.2 pgoyette-compat-0728:1.1.1.2 netbsd-8-0-RELEASE:1.1.1.2 phil-wifi:1.1.1.2.0.48 phil-wifi-base:1.1.1.2 pgoyette-compat-0625:1.1.1.2 netbsd-8-0-RC2:1.1.1.2 pgoyette-compat-0521:1.1.1.2 pgoyette-compat-0502:1.1.1.2 pgoyette-compat-0422:1.1.1.2 netbsd-8-0-RC1:1.1.1.2 pgoyette-compat-0415:1.1.1.2 pgoyette-compat-0407:1.1.1.2 pgoyette-compat-0330:1.1.1.2 pgoyette-compat-0322:1.1.1.2 pgoyette-compat-0315:1.1.1.2 netbsd-7-1-2-RELEASE:1.1.1.2 pgoyette-compat:1.1.1.2.0.46 pgoyette-compat-base:1.1.1.2 OPENLDAP_2_4_45:1.1.1.2 netbsd-7-1-1-RELEASE:1.1.1.2 matt-nb8-mediatek:1.1.1.2.0.44 matt-nb8-mediatek-base:1.1.1.2 perseant-stdc-iso10646:1.1.1.2.0.42 perseant-stdc-iso10646-base:1.1.1.2 netbsd-8:1.1.1.2.0.40 netbsd-8-base:1.1.1.2 prg-localcount2-base3:1.1.1.2 prg-localcount2-base2:1.1.1.2 prg-localcount2-base1:1.1.1.2 prg-localcount2:1.1.1.2.0.38 prg-localcount2-base:1.1.1.2 pgoyette-localcount-20170426:1.1.1.2 bouyer-socketcan-base1:1.1.1.2 pgoyette-localcount-20170320:1.1.1.2 netbsd-7-1:1.1.1.2.0.36 netbsd-7-1-RELEASE:1.1.1.2 netbsd-7-1-RC2:1.1.1.2 OPENLDAP_2_4_44:1.1.1.2 netbsd-7-nhusb-base-20170116:1.1.1.2 bouyer-socketcan:1.1.1.2.0.34 bouyer-socketcan-base:1.1.1.2 pgoyette-localcount-20170107:1.1.1.2 netbsd-7-1-RC1:1.1.1.2 pgoyette-localcount-20161104:1.1.1.2 netbsd-7-0-2-RELEASE:1.1.1.2 localcount-20160914:1.1.1.2 netbsd-7-nhusb:1.1.1.2.0.32 netbsd-7-nhusb-base:1.1.1.2 pgoyette-localcount-20160806:1.1.1.2 pgoyette-localcount-20160726:1.1.1.2 pgoyette-localcount:1.1.1.2.0.30 pgoyette-localcount-base:1.1.1.2 netbsd-7-0-1-RELEASE:1.1.1.2 netbsd-7-0:1.1.1.2.0.28 netbsd-7-0-RELEASE:1.1.1.2 netbsd-7-0-RC3:1.1.1.2 netbsd-7-0-RC2:1.1.1.2 netbsd-7-0-RC1:1.1.1.2 netbsd-5-2-3-RELEASE:1.1.1.1 netbsd-5-1-5-RELEASE:1.1.1.1 netbsd-6-0-6-RELEASE:1.1.1.2 netbsd-6-1-5-RELEASE:1.1.1.2 netbsd-7:1.1.1.2.0.26 netbsd-7-base:1.1.1.2 OPENLDAP_2_4_39:1.1.1.2 yamt-pagecache-base9:1.1.1.2 yamt-pagecache-tag8:1.1.1.2 netbsd-6-1-4-RELEASE:1.1.1.2 netbsd-6-0-5-RELEASE:1.1.1.2 tls-earlyentropy:1.1.1.2.0.24 tls-earlyentropy-base:1.1.1.2 riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.1.1.2 riastradh-drm2-base3:1.1.1.2 netbsd-6-1-3-RELEASE:1.1.1.2 netbsd-6-0-4-RELEASE:1.1.1.2 netbsd-5-2-2-RELEASE:1.1.1.1 netbsd-5-1-4-RELEASE:1.1.1.1 netbsd-6-1-2-RELEASE:1.1.1.2 netbsd-6-0-3-RELEASE:1.1.1.2 netbsd-5-2-1-RELEASE:1.1.1.1 netbsd-5-1-3-RELEASE:1.1.1.1 netbsd-6-1-1-RELEASE:1.1.1.2 riastradh-drm2-base2:1.1.1.2 riastradh-drm2-base1:1.1.1.2 riastradh-drm2:1.1.1.2.0.16 riastradh-drm2-base:1.1.1.2 netbsd-6-1:1.1.1.2.0.22 netbsd-6-0-2-RELEASE:1.1.1.2 netbsd-6-1-RELEASE:1.1.1.2 khorben-n900:1.1.1.2.0.20 netbsd-6-1-RC4:1.1.1.2 netbsd-6-1-RC3:1.1.1.2 agc-symver:1.1.1.2.0.18 agc-symver-base:1.1.1.2 netbsd-6-1-RC2:1.1.1.2 netbsd-6-1-RC1:1.1.1.2 yamt-pagecache-base8:1.1.1.2 netbsd-5-2:1.1.1.1.0.22 netbsd-6-0-1-RELEASE:1.1.1.2 yamt-pagecache-base7:1.1.1.2 netbsd-5-2-RELEASE:1.1.1.1 netbsd-5-2-RC1:1.1.1.1 matt-nb6-plus-nbase:1.1.1.2 yamt-pagecache-base6:1.1.1.2 netbsd-6-0:1.1.1.2.0.14 netbsd-6-0-RELEASE:1.1.1.2 netbsd-6-0-RC2:1.1.1.2 tls-maxphys:1.1.1.2.0.12 tls-maxphys-base:1.1.1.2 matt-nb6-plus:1.1.1.2.0.10 matt-nb6-plus-base:1.1.1.2 netbsd-6-0-RC1:1.1.1.2 yamt-pagecache-base5:1.1.1.2 yamt-pagecache-base4:1.1.1.2 netbsd-6:1.1.1.2.0.8 netbsd-6-base:1.1.1.2 netbsd-5-1-2-RELEASE:1.1.1.1 netbsd-5-1-1-RELEASE:1.1.1.1 yamt-pagecache-base3:1.1.1.2 yamt-pagecache-base2:1.1.1.2 yamt-pagecache:1.1.1.2.0.6 yamt-pagecache-base:1.1.1.2 cherry-xenmp:1.1.1.2.0.4 cherry-xenmp-base:1.1.1.2 bouyer-quota2-nbase:1.1.1.2 bouyer-quota2:1.1.1.2.0.2 bouyer-quota2-base:1.1.1.2 matt-mips64-premerge-20101231:1.1.1.2 matt-nb5-mips64-premerge-20101231:1.1.1.1 matt-nb5-pq3:1.1.1.1.0.20 matt-nb5-pq3-base:1.1.1.1 OPENLDAP_2_4_23:1.1.1.2 netbsd-5-1:1.1.1.1.0.18 netbsd-5-1-RELEASE:1.1.1.1 netbsd-5-1-RC4:1.1.1.1 matt-nb5-mips64-k15:1.1.1.1 netbsd-5-1-RC3:1.1.1.1 netbsd-5-1-RC2:1.1.1.1 netbsd-5-1-RC1:1.1.1.1 OPENLDAP_2_4_21:1.1.1.2 netbsd-5-0-2-RELEASE:1.1.1.1 matt-nb5-mips64-premerge-20091211:1.1.1.1 matt-premerge-20091211:1.1.1.1 matt-nb5-mips64-u2-k2-k4-k7-k8-k9:1.1.1.1 matt-nb4-mips64-k7-u2a-k9b:1.1.1.1 matt-nb5-mips64-u1-k1-k5:1.1.1.1 matt-nb5-mips64:1.1.1.1.0.16 netbsd-5-0-1-RELEASE:1.1.1.1 jym-xensuspend-nbase:1.1.1.1 netbsd-5-0:1.1.1.1.0.14 netbsd-5-0-RELEASE:1.1.1.1 netbsd-5-0-RC4:1.1.1.1 netbsd-5-0-RC3:1.1.1.1 netbsd-5-0-RC2:1.1.1.1 jym-xensuspend:1.1.1.1.0.12 jym-xensuspend-base:1.1.1.1 netbsd-5-0-RC1:1.1.1.1 haad-dm-base2:1.1.1.1 haad-nbase2:1.1.1.1 netbsd-5:1.1.1.1.0.10 netbsd-5-base:1.1.1.1 matt-mips64-base2:1.1.1.1 haad-dm-base1:1.1.1.1 mjf-devfs2:1.1.1.1.0.8 mjf-devfs2-base:1.1.1.1 wrstuden-revivesa-base-3:1.1.1.1 wrstuden-revivesa:1.1.1.1.0.6 wrstuden-revivesa-base:1.1.1.1 wrstuden-revivesa-base-2:1.1.1.1 OPENLDAP_2_4_11:1.1.1.1 haad-dm:1.1.1.1.0.4 haad-dm-base:1.1.1.1 wrstuden-revivesa-base-1:1.1.1.1 yamt-pf42-base4:1.1.1.1 yamt-pf42:1.1.1.1.0.2 yamt-pf42-base3:1.1.1.1 OPENLDAP_2_4_9:1.1.1.1 OPENLDAP:1.1.1; locks; strict; comment @# @; 1.1 date 2008.05.22.14.20.36; author lukem; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2008.05.22.14.20.36; author lukem; state Exp; branches 1.1.1.1.2.1 1.1.1.1.6.1 1.1.1.1.8.1; next 1.1.1.2; 1.1.1.2 date 2010.03.08.02.14.20; author lukem; state Exp; branches; next ; 1.1.1.1.2.1 date 2008.05.22.14.20.36; author yamt; state dead; branches; next 1.1.1.1.2.2; 1.1.1.1.2.2 date 2008.06.04.02.04.25; author yamt; state Exp; branches; next ; 1.1.1.1.6.1 date 2008.05.22.14.20.36; author wrstuden; state dead; branches; next 1.1.1.1.6.2; 1.1.1.1.6.2 date 2008.09.18.05.15.27; author wrstuden; state Exp; branches; next ; 1.1.1.1.8.1 date 2008.05.22.14.20.36; author lukem; state dead; branches; next 1.1.1.1.8.2; 1.1.1.1.8.2 date 2008.05.22.14.20.37; author lukem; state Exp; branches; next ; desc @@ 1.1 log @Initial revision @ text @# Tree Structure dn: dc=example,dc=com objectClass: domain objectClass: domainRelatedObject dc: example associatedDomain: example.com dn: ou=LDAPv3,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv3 description: RFC 2253 compliant DN string representation dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Must Succeed # at least one member must be present; thus we use the entry's DN member: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com # specific DN forms member: member: UID=jsmith,DC=example,DC=net member: OU=Sales+CN=J. Smith,DC=example,DC=net member: CN=John Smith\, III,DC=example,DC=net member: OU=Sales\; Data\+Algorithms,DC=example,DC=net member: CN=Before\0dAfter,DC=example,DC=net member: CN=\23John Smith\20,DC=example,DC=net member: CN=Lu\C4\8Di\C4\87 member: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example # DN forms already defined as "member" in a different string representation seeAlso: CN=John Smith\2C III,DC=example,DC=net seeAlso: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net seeAlso: CN=\#John Smith\ ,DC=example,DC=net # comment description: "member" values contain specific DN forms; description: "seeAlso" values contain DN forms already defined as "member", description: but in a different string representation; description: the following "description" values contain the "member" and description: "seeAlso" DN string representations used above. # list here all string representations used above in "member" and "seeAlso" description: "" description: UID=jsmith,DC=example,DC=net description: OU=Sales+CN=J. Smith,DC=example,DC=net description: CN=John Smith\, III,DC=example,DC=net description: CN=John Smith\2C III,DC=example,DC=net description: OU=Sales\; Data\+Algorithms,DC=example,DC=net description: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net description: CN=Before\0dAfter,DC=example,DC=net description: CN=\23John Smith\20,DC=example,DC=net description: CN=\#John Smith\ ,DC=example,DC=net description: CN=Lu\C4\8Di\C4\87 description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example dn: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Should Succeed member: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com member: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com member: 1.1.1= description: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com description: 1.1.1= dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Unescaped Equals member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com member: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com // unescaped EQUALS dn: cn=Must Fail 1,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 1 member: uid;x-option=jsmith description: uid;x-option=jsmith // option dn: cn=Must Fail 2,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 2 member: at_tr=jsmith description: at_tr=jsmith // invalid attribute type name dn: cn=Must Fail 3,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 3 member: -attr=jsmith description: -attr=jsmith // invalid attribute type name dn: cn=Must Fail 4,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 4 dn: cn=Must Fail 5,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 5 member: 1..1=jsmith description: 1..1=jsmith // invalid numeric OID dn: cn=Must Fail 6,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 6 member: 1.1.=jsmith description: 1.1.=jsmith // invalid numeric OID dn: cn=Must Fail 7,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 7 member: 01.1=jsmith description: 01.1=jsmith // invalid numeric OID dn: cn=Must Fail 8,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 8 member: 1.ff=jsmith description: 1.ff=jsmith // invalid numeric OID dn: cn=Must Fail 9,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 9 member: 1.1.1=#GG description: 1.1.1=#GG // invalid HEX form dn: cn=Must Fail 10,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 10 member: 1.1.1=#000 description: 1.1.1=#000 // invalid HEX form dn: cn=Must Fail 11,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 11 member: 1.1.1=#F description: 1.1.1=#F // invalid HEX form dn: cn=Must Fail 12,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 12 member: 1.1.1=# description: 1.1.1=# // invalid HEX form dn: cn=Must Fail 13,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 13 member: UID=jsmith,,DC=example,DC=net description: UID=jsmith,,DC=example,DC=net // extra comma dn: cn=Must Fail 14,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 14 member: UID=john,smith description: UID=john,smith // unescaped , dn: cn=Must Fail 15,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 15 member: UID=john+smith description: UID=john+smith // unescaped + dn: cn=Must Fail 16,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 16 member: UID=john\?smith description: UID=john\?smith // invalid escape of ? or unescaped \ dn: cn=Must Fail 17,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 17 member: UID=john\Fsmith description: UID=john\Fsmith // invalid HEX escape dn: cn=Must Fail 18,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 18 member: UID=john\GGsmith description: UID=john\GGsmith // invalid HEX escape # String representations we should accept for compatibility with RFC1779 dn: ou=LDAPv2,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv2 description: RFC 1779 compliant DN string representation dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 1 member: description: " " // space, quote characters (") are not part of the string dn: cn=May Succeed 2,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 2 member: OID.0.9.2342.19200300.100.1.1=jsmith description: OID.0.9.2342.19200300.100.1.1=jsmith // invalid attribute type name dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 3 member: UID=jsmith, O=example, C=US description: UID=jsmith, O=example, C=US // spaces dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 4 member: UID=jsmith;O=example;C=US description: UID=jsmith;O=example;C=US // semi-colons dn: cn=May Succeed 5,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 5 member: description: // brackets dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 6 member: CN="John Smith",O=example,C=US description: CN="John Smith",O=example,C=US // quotes # Other DN-related syntaxes dn: ou=Related Syntaxes,dc=example,dc=com objectClass: organizationalUnit ou: Related Syntaxes # Name and Optional UID dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Name and Optional UID uniqueMember: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com uniqueMember: #'1'B uniqueMember: #'0010'B uniqueMember: dc=example,dc=com#'1000'B uniqueMember: dc=example,dc=com#'0'B description: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com // only DN portion description: #'1'B // empty "" DN description: #'0010'B // empty "" DN with leading '0's description: dc=example,dc=com#'1000'B // with DN portion description: dc=example,dc=com#'0'B // with DN portion and just one '0' dn: cn=Should Fail 1,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 1 uniqueMember: #'1234'B description: #'1234'B // illegal digits other than '0' and '1' dn: cn=Should Fail 2,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 2 uniqueMember: #'12ABCD'B description: #'12ABCD'B // illegal digits and chars other than '0' and '1' dn: cn=Should Parse as DN,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Parse as DN uniqueMember: dc=example,dc=com#0'B uniqueMember: dc=example,dc=com#'0B uniqueMember: dc=example,dc=com '0'B description: dc=example,dc=com#0'B // malformed UID? description: dc=example,dc=com#'0B // malformed UID? description: dc=example,dc=com '0'B // malformed UID? # UID=jsmith,DC=example,DC=net [AoOn] # 304631133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 31163014060A0992268993F22C64010113066A736D697468 # # OU=Sales+CN=J. Smith,DC=example,DC=net [AoOn] # 304F31133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311F300C060355040B130553616C6573300F060355040313 # 084A2E20536D697468 # # CN=John Smith\, III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=John Smith\2C III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=Before\0dAfter,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3115301306035504030C0C4265666F72650D4166746572 # # CN=\23John Smith\20,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # CN=\#John Smith\ ,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # FIXME: currently doesn't work # 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com [AoOn] # 304031133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3110300E06082B060104018B3A0004024869 # # CN=Lu\C4\8Di\C4\87 [AoOn] # 30123110300E06035504030C074C75C48D69C487 [AoO] # # FIXME: currently doesn't work # 1.1.1= // empty value [AoO] # 300A31083006060229011300 [AoO] # #Invalid DNs # // some implementations may be liberal in what they accept # // but should strict in what they produce. # # uid;x-option=jsmith // option [oOn] # # at_tr=jsmith // invalid attribute type name [AoOn] # # -attr=jsmith // invalid attribute type name [AoOn] # # 1..1=jsmith // invalid numeric OID [AoO] # # 1.1.=jsmith // invalid numeric OID [AoO] # # 01.1=jsmith // invalid numeric OID [oO] # # 1.ff=jsmith // invalid numeric OID [AoOn] # # 1.1.1=#GG // invalid HEX form [AoOn] # # 1.1.1=#000 // invalid HEX form [AoO] # # 1.1.1=#F // invalid HEX form [AoO] # # 1.1.1=# // invalid HEX form [AoO] # # UID=jsmith,,DC=example,DC=net // extra comma [AoOn] # # UID=john,smith // unescaped , [AoOn] # # UID=john+smith // unescaped + [AoOn] # # UID=john\?smith // invalid escape of ? or unescaped \ [oOn] # # UID=john\Fsmith // invalid hex escape [AoOn] # # UID=john\GGsmith // invalid hex escape [oOn] # #The following strings are invalid for use in LDAPv3, but were #legal in LDAPv2 (RFC 1779). Some LDAPv3 implementations are #liberal in accepting these but should not generate them. # # " " // space, quote characters (") are not part of the string # # OID.1.1=jsmith // invalid attribute type name # # UID=jsmith, O=example, C=US // spaces # # UID=jsmith;O=example;C=US // semi-colons # # // brackets [AoOn] # # CN="John Smith",O=example,C=US // quotes @ 1.1.1.1 log @OpenLDAP 2.4.9 @ text @@ 1.1.1.1.8.1 log @file test-dn.ldif was added on branch mjf-devfs2 on 2008-05-22 14:20:37 +0000 @ text @d1 362 @ 1.1.1.1.8.2 log @352351 @ text @a0 362 # Tree Structure dn: dc=example,dc=com objectClass: domain objectClass: domainRelatedObject dc: example associatedDomain: example.com dn: ou=LDAPv3,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv3 description: RFC 2253 compliant DN string representation dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Must Succeed # at least one member must be present; thus we use the entry's DN member: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com # specific DN forms member: member: UID=jsmith,DC=example,DC=net member: OU=Sales+CN=J. Smith,DC=example,DC=net member: CN=John Smith\, III,DC=example,DC=net member: OU=Sales\; Data\+Algorithms,DC=example,DC=net member: CN=Before\0dAfter,DC=example,DC=net member: CN=\23John Smith\20,DC=example,DC=net member: CN=Lu\C4\8Di\C4\87 member: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example # DN forms already defined as "member" in a different string representation seeAlso: CN=John Smith\2C III,DC=example,DC=net seeAlso: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net seeAlso: CN=\#John Smith\ ,DC=example,DC=net # comment description: "member" values contain specific DN forms; description: "seeAlso" values contain DN forms already defined as "member", description: but in a different string representation; description: the following "description" values contain the "member" and description: "seeAlso" DN string representations used above. # list here all string representations used above in "member" and "seeAlso" description: "" description: UID=jsmith,DC=example,DC=net description: OU=Sales+CN=J. Smith,DC=example,DC=net description: CN=John Smith\, III,DC=example,DC=net description: CN=John Smith\2C III,DC=example,DC=net description: OU=Sales\; Data\+Algorithms,DC=example,DC=net description: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net description: CN=Before\0dAfter,DC=example,DC=net description: CN=\23John Smith\20,DC=example,DC=net description: CN=\#John Smith\ ,DC=example,DC=net description: CN=Lu\C4\8Di\C4\87 description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example dn: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Should Succeed member: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com member: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com member: 1.1.1= description: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com description: 1.1.1= dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Unescaped Equals member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com member: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com // unescaped EQUALS dn: cn=Must Fail 1,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 1 member: uid;x-option=jsmith description: uid;x-option=jsmith // option dn: cn=Must Fail 2,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 2 member: at_tr=jsmith description: at_tr=jsmith // invalid attribute type name dn: cn=Must Fail 3,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 3 member: -attr=jsmith description: -attr=jsmith // invalid attribute type name dn: cn=Must Fail 4,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 4 dn: cn=Must Fail 5,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 5 member: 1..1=jsmith description: 1..1=jsmith // invalid numeric OID dn: cn=Must Fail 6,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 6 member: 1.1.=jsmith description: 1.1.=jsmith // invalid numeric OID dn: cn=Must Fail 7,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 7 member: 01.1=jsmith description: 01.1=jsmith // invalid numeric OID dn: cn=Must Fail 8,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 8 member: 1.ff=jsmith description: 1.ff=jsmith // invalid numeric OID dn: cn=Must Fail 9,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 9 member: 1.1.1=#GG description: 1.1.1=#GG // invalid HEX form dn: cn=Must Fail 10,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 10 member: 1.1.1=#000 description: 1.1.1=#000 // invalid HEX form dn: cn=Must Fail 11,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 11 member: 1.1.1=#F description: 1.1.1=#F // invalid HEX form dn: cn=Must Fail 12,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 12 member: 1.1.1=# description: 1.1.1=# // invalid HEX form dn: cn=Must Fail 13,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 13 member: UID=jsmith,,DC=example,DC=net description: UID=jsmith,,DC=example,DC=net // extra comma dn: cn=Must Fail 14,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 14 member: UID=john,smith description: UID=john,smith // unescaped , dn: cn=Must Fail 15,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 15 member: UID=john+smith description: UID=john+smith // unescaped + dn: cn=Must Fail 16,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 16 member: UID=john\?smith description: UID=john\?smith // invalid escape of ? or unescaped \ dn: cn=Must Fail 17,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 17 member: UID=john\Fsmith description: UID=john\Fsmith // invalid HEX escape dn: cn=Must Fail 18,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 18 member: UID=john\GGsmith description: UID=john\GGsmith // invalid HEX escape # String representations we should accept for compatibility with RFC1779 dn: ou=LDAPv2,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv2 description: RFC 1779 compliant DN string representation dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 1 member: description: " " // space, quote characters (") are not part of the string dn: cn=May Succeed 2,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 2 member: OID.0.9.2342.19200300.100.1.1=jsmith description: OID.0.9.2342.19200300.100.1.1=jsmith // invalid attribute type name dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 3 member: UID=jsmith, O=example, C=US description: UID=jsmith, O=example, C=US // spaces dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 4 member: UID=jsmith;O=example;C=US description: UID=jsmith;O=example;C=US // semi-colons dn: cn=May Succeed 5,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 5 member: description: // brackets dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 6 member: CN="John Smith",O=example,C=US description: CN="John Smith",O=example,C=US // quotes # Other DN-related syntaxes dn: ou=Related Syntaxes,dc=example,dc=com objectClass: organizationalUnit ou: Related Syntaxes # Name and Optional UID dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Name and Optional UID uniqueMember: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com uniqueMember: #'1'B uniqueMember: #'0010'B uniqueMember: dc=example,dc=com#'1000'B uniqueMember: dc=example,dc=com#'0'B description: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com // only DN portion description: #'1'B // empty "" DN description: #'0010'B // empty "" DN with leading '0's description: dc=example,dc=com#'1000'B // with DN portion description: dc=example,dc=com#'0'B // with DN portion and just one '0' dn: cn=Should Fail 1,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 1 uniqueMember: #'1234'B description: #'1234'B // illegal digits other than '0' and '1' dn: cn=Should Fail 2,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 2 uniqueMember: #'12ABCD'B description: #'12ABCD'B // illegal digits and chars other than '0' and '1' dn: cn=Should Parse as DN,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Parse as DN uniqueMember: dc=example,dc=com#0'B uniqueMember: dc=example,dc=com#'0B uniqueMember: dc=example,dc=com '0'B description: dc=example,dc=com#0'B // malformed UID? description: dc=example,dc=com#'0B // malformed UID? description: dc=example,dc=com '0'B // malformed UID? # UID=jsmith,DC=example,DC=net [AoOn] # 304631133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 31163014060A0992268993F22C64010113066A736D697468 # # OU=Sales+CN=J. Smith,DC=example,DC=net [AoOn] # 304F31133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311F300C060355040B130553616C6573300F060355040313 # 084A2E20536D697468 # # CN=John Smith\, III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=John Smith\2C III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=Before\0dAfter,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3115301306035504030C0C4265666F72650D4166746572 # # CN=\23John Smith\20,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # CN=\#John Smith\ ,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # FIXME: currently doesn't work # 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com [AoOn] # 304031133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3110300E06082B060104018B3A0004024869 # # CN=Lu\C4\8Di\C4\87 [AoOn] # 30123110300E06035504030C074C75C48D69C487 [AoO] # # FIXME: currently doesn't work # 1.1.1= // empty value [AoO] # 300A31083006060229011300 [AoO] # #Invalid DNs # // some implementations may be liberal in what they accept # // but should strict in what they produce. # # uid;x-option=jsmith // option [oOn] # # at_tr=jsmith // invalid attribute type name [AoOn] # # -attr=jsmith // invalid attribute type name [AoOn] # # 1..1=jsmith // invalid numeric OID [AoO] # # 1.1.=jsmith // invalid numeric OID [AoO] # # 01.1=jsmith // invalid numeric OID [oO] # # 1.ff=jsmith // invalid numeric OID [AoOn] # # 1.1.1=#GG // invalid HEX form [AoOn] # # 1.1.1=#000 // invalid HEX form [AoO] # # 1.1.1=#F // invalid HEX form [AoO] # # 1.1.1=# // invalid HEX form [AoO] # # UID=jsmith,,DC=example,DC=net // extra comma [AoOn] # # UID=john,smith // unescaped , [AoOn] # # UID=john+smith // unescaped + [AoOn] # # UID=john\?smith // invalid escape of ? or unescaped \ [oOn] # # UID=john\Fsmith // invalid hex escape [AoOn] # # UID=john\GGsmith // invalid hex escape [oOn] # #The following strings are invalid for use in LDAPv3, but were #legal in LDAPv2 (RFC 1779). Some LDAPv3 implementations are #liberal in accepting these but should not generate them. # # " " // space, quote characters (") are not part of the string # # OID.1.1=jsmith // invalid attribute type name # # UID=jsmith, O=example, C=US // spaces # # UID=jsmith;O=example;C=US // semi-colons # # // brackets [AoOn] # # CN="John Smith",O=example,C=US // quotes @ 1.1.1.2 log @OpenLDAP 2.4.21. Numerous fixes, including: * properly handle NUL in CN of SSL certs (CVE-2009-3767) @ text @d229 1 a229 1 uniqueMember: dc=example,dc=com#''B d234 1 a234 1 description: dc=example,dc=com#''B // with DN portion + bitstring with no bits @ 1.1.1.1.6.1 log @file test-dn.ldif was added on branch wrstuden-revivesa on 2008-09-18 05:15:27 +0000 @ text @d1 362 @ 1.1.1.1.6.2 log @Sync with wrstuden-revivesa-base-2. @ text @a0 362 # Tree Structure dn: dc=example,dc=com objectClass: domain objectClass: domainRelatedObject dc: example associatedDomain: example.com dn: ou=LDAPv3,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv3 description: RFC 2253 compliant DN string representation dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Must Succeed # at least one member must be present; thus we use the entry's DN member: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com # specific DN forms member: member: UID=jsmith,DC=example,DC=net member: OU=Sales+CN=J. Smith,DC=example,DC=net member: CN=John Smith\, III,DC=example,DC=net member: OU=Sales\; Data\+Algorithms,DC=example,DC=net member: CN=Before\0dAfter,DC=example,DC=net member: CN=\23John Smith\20,DC=example,DC=net member: CN=Lu\C4\8Di\C4\87 member: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example # DN forms already defined as "member" in a different string representation seeAlso: CN=John Smith\2C III,DC=example,DC=net seeAlso: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net seeAlso: CN=\#John Smith\ ,DC=example,DC=net # comment description: "member" values contain specific DN forms; description: "seeAlso" values contain DN forms already defined as "member", description: but in a different string representation; description: the following "description" values contain the "member" and description: "seeAlso" DN string representations used above. # list here all string representations used above in "member" and "seeAlso" description: "" description: UID=jsmith,DC=example,DC=net description: OU=Sales+CN=J. Smith,DC=example,DC=net description: CN=John Smith\, III,DC=example,DC=net description: CN=John Smith\2C III,DC=example,DC=net description: OU=Sales\; Data\+Algorithms,DC=example,DC=net description: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net description: CN=Before\0dAfter,DC=example,DC=net description: CN=\23John Smith\20,DC=example,DC=net description: CN=\#John Smith\ ,DC=example,DC=net description: CN=Lu\C4\8Di\C4\87 description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example dn: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Should Succeed member: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com member: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com member: 1.1.1= description: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com description: 1.1.1= dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Unescaped Equals member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com member: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com // unescaped EQUALS dn: cn=Must Fail 1,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 1 member: uid;x-option=jsmith description: uid;x-option=jsmith // option dn: cn=Must Fail 2,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 2 member: at_tr=jsmith description: at_tr=jsmith // invalid attribute type name dn: cn=Must Fail 3,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 3 member: -attr=jsmith description: -attr=jsmith // invalid attribute type name dn: cn=Must Fail 4,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 4 dn: cn=Must Fail 5,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 5 member: 1..1=jsmith description: 1..1=jsmith // invalid numeric OID dn: cn=Must Fail 6,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 6 member: 1.1.=jsmith description: 1.1.=jsmith // invalid numeric OID dn: cn=Must Fail 7,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 7 member: 01.1=jsmith description: 01.1=jsmith // invalid numeric OID dn: cn=Must Fail 8,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 8 member: 1.ff=jsmith description: 1.ff=jsmith // invalid numeric OID dn: cn=Must Fail 9,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 9 member: 1.1.1=#GG description: 1.1.1=#GG // invalid HEX form dn: cn=Must Fail 10,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 10 member: 1.1.1=#000 description: 1.1.1=#000 // invalid HEX form dn: cn=Must Fail 11,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 11 member: 1.1.1=#F description: 1.1.1=#F // invalid HEX form dn: cn=Must Fail 12,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 12 member: 1.1.1=# description: 1.1.1=# // invalid HEX form dn: cn=Must Fail 13,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 13 member: UID=jsmith,,DC=example,DC=net description: UID=jsmith,,DC=example,DC=net // extra comma dn: cn=Must Fail 14,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 14 member: UID=john,smith description: UID=john,smith // unescaped , dn: cn=Must Fail 15,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 15 member: UID=john+smith description: UID=john+smith // unescaped + dn: cn=Must Fail 16,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 16 member: UID=john\?smith description: UID=john\?smith // invalid escape of ? or unescaped \ dn: cn=Must Fail 17,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 17 member: UID=john\Fsmith description: UID=john\Fsmith // invalid HEX escape dn: cn=Must Fail 18,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 18 member: UID=john\GGsmith description: UID=john\GGsmith // invalid HEX escape # String representations we should accept for compatibility with RFC1779 dn: ou=LDAPv2,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv2 description: RFC 1779 compliant DN string representation dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 1 member: description: " " // space, quote characters (") are not part of the string dn: cn=May Succeed 2,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 2 member: OID.0.9.2342.19200300.100.1.1=jsmith description: OID.0.9.2342.19200300.100.1.1=jsmith // invalid attribute type name dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 3 member: UID=jsmith, O=example, C=US description: UID=jsmith, O=example, C=US // spaces dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 4 member: UID=jsmith;O=example;C=US description: UID=jsmith;O=example;C=US // semi-colons dn: cn=May Succeed 5,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 5 member: description: // brackets dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 6 member: CN="John Smith",O=example,C=US description: CN="John Smith",O=example,C=US // quotes # Other DN-related syntaxes dn: ou=Related Syntaxes,dc=example,dc=com objectClass: organizationalUnit ou: Related Syntaxes # Name and Optional UID dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Name and Optional UID uniqueMember: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com uniqueMember: #'1'B uniqueMember: #'0010'B uniqueMember: dc=example,dc=com#'1000'B uniqueMember: dc=example,dc=com#'0'B description: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com // only DN portion description: #'1'B // empty "" DN description: #'0010'B // empty "" DN with leading '0's description: dc=example,dc=com#'1000'B // with DN portion description: dc=example,dc=com#'0'B // with DN portion and just one '0' dn: cn=Should Fail 1,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 1 uniqueMember: #'1234'B description: #'1234'B // illegal digits other than '0' and '1' dn: cn=Should Fail 2,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 2 uniqueMember: #'12ABCD'B description: #'12ABCD'B // illegal digits and chars other than '0' and '1' dn: cn=Should Parse as DN,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Parse as DN uniqueMember: dc=example,dc=com#0'B uniqueMember: dc=example,dc=com#'0B uniqueMember: dc=example,dc=com '0'B description: dc=example,dc=com#0'B // malformed UID? description: dc=example,dc=com#'0B // malformed UID? description: dc=example,dc=com '0'B // malformed UID? # UID=jsmith,DC=example,DC=net [AoOn] # 304631133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 31163014060A0992268993F22C64010113066A736D697468 # # OU=Sales+CN=J. Smith,DC=example,DC=net [AoOn] # 304F31133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311F300C060355040B130553616C6573300F060355040313 # 084A2E20536D697468 # # CN=John Smith\, III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=John Smith\2C III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=Before\0dAfter,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3115301306035504030C0C4265666F72650D4166746572 # # CN=\23John Smith\20,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # CN=\#John Smith\ ,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # FIXME: currently doesn't work # 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com [AoOn] # 304031133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3110300E06082B060104018B3A0004024869 # # CN=Lu\C4\8Di\C4\87 [AoOn] # 30123110300E06035504030C074C75C48D69C487 [AoO] # # FIXME: currently doesn't work # 1.1.1= // empty value [AoO] # 300A31083006060229011300 [AoO] # #Invalid DNs # // some implementations may be liberal in what they accept # // but should strict in what they produce. # # uid;x-option=jsmith // option [oOn] # # at_tr=jsmith // invalid attribute type name [AoOn] # # -attr=jsmith // invalid attribute type name [AoOn] # # 1..1=jsmith // invalid numeric OID [AoO] # # 1.1.=jsmith // invalid numeric OID [AoO] # # 01.1=jsmith // invalid numeric OID [oO] # # 1.ff=jsmith // invalid numeric OID [AoOn] # # 1.1.1=#GG // invalid HEX form [AoOn] # # 1.1.1=#000 // invalid HEX form [AoO] # # 1.1.1=#F // invalid HEX form [AoO] # # 1.1.1=# // invalid HEX form [AoO] # # UID=jsmith,,DC=example,DC=net // extra comma [AoOn] # # UID=john,smith // unescaped , [AoOn] # # UID=john+smith // unescaped + [AoOn] # # UID=john\?smith // invalid escape of ? or unescaped \ [oOn] # # UID=john\Fsmith // invalid hex escape [AoOn] # # UID=john\GGsmith // invalid hex escape [oOn] # #The following strings are invalid for use in LDAPv3, but were #legal in LDAPv2 (RFC 1779). Some LDAPv3 implementations are #liberal in accepting these but should not generate them. # # " " // space, quote characters (") are not part of the string # # OID.1.1=jsmith // invalid attribute type name # # UID=jsmith, O=example, C=US // spaces # # UID=jsmith;O=example;C=US // semi-colons # # // brackets [AoOn] # # CN="John Smith",O=example,C=US // quotes @ 1.1.1.1.2.1 log @file test-dn.ldif was added on branch yamt-pf42 on 2008-06-04 02:04:25 +0000 @ text @d1 362 @ 1.1.1.1.2.2 log @sync with head @ text @a0 362 # Tree Structure dn: dc=example,dc=com objectClass: domain objectClass: domainRelatedObject dc: example associatedDomain: example.com dn: ou=LDAPv3,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv3 description: RFC 2253 compliant DN string representation dn: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Must Succeed # at least one member must be present; thus we use the entry's DN member: cn=Must Succeed,ou=LDAPv3,dc=example,dc=com # specific DN forms member: member: UID=jsmith,DC=example,DC=net member: OU=Sales+CN=J. Smith,DC=example,DC=net member: CN=John Smith\, III,DC=example,DC=net member: OU=Sales\; Data\+Algorithms,DC=example,DC=net member: CN=Before\0dAfter,DC=example,DC=net member: CN=\23John Smith\20,DC=example,DC=net member: CN=Lu\C4\8Di\C4\87 member: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example # DN forms already defined as "member" in a different string representation seeAlso: CN=John Smith\2C III,DC=example,DC=net seeAlso: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net seeAlso: CN=\#John Smith\ ,DC=example,DC=net # comment description: "member" values contain specific DN forms; description: "seeAlso" values contain DN forms already defined as "member", description: but in a different string representation; description: the following "description" values contain the "member" and description: "seeAlso" DN string representations used above. # list here all string representations used above in "member" and "seeAlso" description: "" description: UID=jsmith,DC=example,DC=net description: OU=Sales+CN=J. Smith,DC=example,DC=net description: CN=John Smith\, III,DC=example,DC=net description: CN=John Smith\2C III,DC=example,DC=net description: OU=Sales\; Data\+Algorithms,DC=example,DC=net description: OU=Sales\3B Data\2BAlgorithms,DC=example,DC=net description: CN=Before\0dAfter,DC=example,DC=net description: CN=\23John Smith\20,DC=example,DC=net description: CN=\#John Smith\ ,DC=example,DC=net description: CN=Lu\C4\8Di\C4\87 description: testUUID=597ae2f6-16a6-1027-98f4-abcdefABCDEF,DC=Example dn: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Should Succeed member: cn=Should Succeed,ou=LDAPv3,dc=example,dc=com member: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com member: 1.1.1= description: 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com description: 1.1.1= dn: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com objectClass: groupOfNames cn: Unescaped Equals member: cn=Unescaped Equals,ou=LDAPv3,dc=example,dc=com member: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com description: cn=A*x=b is a linear algebra problem,ou=LDAPv3,dc=example,dc=com // unescaped EQUALS dn: cn=Must Fail 1,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 1 member: uid;x-option=jsmith description: uid;x-option=jsmith // option dn: cn=Must Fail 2,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 2 member: at_tr=jsmith description: at_tr=jsmith // invalid attribute type name dn: cn=Must Fail 3,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 3 member: -attr=jsmith description: -attr=jsmith // invalid attribute type name dn: cn=Must Fail 4,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 4 dn: cn=Must Fail 5,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 5 member: 1..1=jsmith description: 1..1=jsmith // invalid numeric OID dn: cn=Must Fail 6,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 6 member: 1.1.=jsmith description: 1.1.=jsmith // invalid numeric OID dn: cn=Must Fail 7,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 7 member: 01.1=jsmith description: 01.1=jsmith // invalid numeric OID dn: cn=Must Fail 8,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 8 member: 1.ff=jsmith description: 1.ff=jsmith // invalid numeric OID dn: cn=Must Fail 9,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 9 member: 1.1.1=#GG description: 1.1.1=#GG // invalid HEX form dn: cn=Must Fail 10,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 10 member: 1.1.1=#000 description: 1.1.1=#000 // invalid HEX form dn: cn=Must Fail 11,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 11 member: 1.1.1=#F description: 1.1.1=#F // invalid HEX form dn: cn=Must Fail 12,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 12 member: 1.1.1=# description: 1.1.1=# // invalid HEX form dn: cn=Must Fail 13,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 13 member: UID=jsmith,,DC=example,DC=net description: UID=jsmith,,DC=example,DC=net // extra comma dn: cn=Must Fail 14,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 14 member: UID=john,smith description: UID=john,smith // unescaped , dn: cn=Must Fail 15,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 15 member: UID=john+smith description: UID=john+smith // unescaped + dn: cn=Must Fail 16,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 16 member: UID=john\?smith description: UID=john\?smith // invalid escape of ? or unescaped \ dn: cn=Must Fail 17,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 17 member: UID=john\Fsmith description: UID=john\Fsmith // invalid HEX escape dn: cn=Must Fail 18,ou=Groups,dc=example,dc=com objectClass: groupOfNames cn: Must Fail 18 member: UID=john\GGsmith description: UID=john\GGsmith // invalid HEX escape # String representations we should accept for compatibility with RFC1779 dn: ou=LDAPv2,dc=example,dc=com objectClass: organizationalUnit ou: LDAPv2 description: RFC 1779 compliant DN string representation dn: cn=May Succeed 1,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 1 member: description: " " // space, quote characters (") are not part of the string dn: cn=May Succeed 2,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 2 member: OID.0.9.2342.19200300.100.1.1=jsmith description: OID.0.9.2342.19200300.100.1.1=jsmith // invalid attribute type name dn: cn=May Succeed 3,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 3 member: UID=jsmith, O=example, C=US description: UID=jsmith, O=example, C=US // spaces dn: cn=May Succeed 4,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 4 member: UID=jsmith;O=example;C=US description: UID=jsmith;O=example;C=US // semi-colons dn: cn=May Succeed 5,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 5 member: description: // brackets dn: cn=May Succeed 6,ou=LDAPv2,dc=example,dc=com objectClass: groupOfNames cn: May Succeed 6 member: CN="John Smith",O=example,C=US description: CN="John Smith",O=example,C=US // quotes # Other DN-related syntaxes dn: ou=Related Syntaxes,dc=example,dc=com objectClass: organizationalUnit ou: Related Syntaxes # Name and Optional UID dn: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Name and Optional UID uniqueMember: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com uniqueMember: #'1'B uniqueMember: #'0010'B uniqueMember: dc=example,dc=com#'1000'B uniqueMember: dc=example,dc=com#'0'B description: cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com // only DN portion description: #'1'B // empty "" DN description: #'0010'B // empty "" DN with leading '0's description: dc=example,dc=com#'1000'B // with DN portion description: dc=example,dc=com#'0'B // with DN portion and just one '0' dn: cn=Should Fail 1,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 1 uniqueMember: #'1234'B description: #'1234'B // illegal digits other than '0' and '1' dn: cn=Should Fail 2,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Fail 2 uniqueMember: #'12ABCD'B description: #'12ABCD'B // illegal digits and chars other than '0' and '1' dn: cn=Should Parse as DN,cn=Name and Optional UID,ou=Related Syntaxes,dc=example,dc=com objectClass: groupOfUniqueNames cn: Should Parse as DN uniqueMember: dc=example,dc=com#0'B uniqueMember: dc=example,dc=com#'0B uniqueMember: dc=example,dc=com '0'B description: dc=example,dc=com#0'B // malformed UID? description: dc=example,dc=com#'0B // malformed UID? description: dc=example,dc=com '0'B // malformed UID? # UID=jsmith,DC=example,DC=net [AoOn] # 304631133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 31163014060A0992268993F22C64010113066A736D697468 # # OU=Sales+CN=J. Smith,DC=example,DC=net [AoOn] # 304F31133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311F300C060355040B130553616C6573300F060355040313 # 084A2E20536D697468 # # CN=John Smith\, III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=John Smith\2C III,DC=example,DC=net [AoOn] # 304831133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311830160603550403130F4A6F686E20536D6974682C2049 # 4949 # # CN=Before\0dAfter,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3115301306035504030C0C4265666F72650D4166746572 # # CN=\23John Smith\20,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # CN=\#John Smith\ ,DC=example,DC=net [AoOn] # 304531133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 311530130603550403140C234A6F686E20536D69746820 # # FIXME: currently doesn't work # 1.3.6.1.4.1.1466.0=#04024869,DC=example,DC=com [AoOn] # 304031133011060A0992268993F22C64011916036E657431 [AoO] # 173015060A0992268993F22C64011916076578616D706C65 # 3110300E06082B060104018B3A0004024869 # # CN=Lu\C4\8Di\C4\87 [AoOn] # 30123110300E06035504030C074C75C48D69C487 [AoO] # # FIXME: currently doesn't work # 1.1.1= // empty value [AoO] # 300A31083006060229011300 [AoO] # #Invalid DNs # // some implementations may be liberal in what they accept # // but should strict in what they produce. # # uid;x-option=jsmith // option [oOn] # # at_tr=jsmith // invalid attribute type name [AoOn] # # -attr=jsmith // invalid attribute type name [AoOn] # # 1..1=jsmith // invalid numeric OID [AoO] # # 1.1.=jsmith // invalid numeric OID [AoO] # # 01.1=jsmith // invalid numeric OID [oO] # # 1.ff=jsmith // invalid numeric OID [AoOn] # # 1.1.1=#GG // invalid HEX form [AoOn] # # 1.1.1=#000 // invalid HEX form [AoO] # # 1.1.1=#F // invalid HEX form [AoO] # # 1.1.1=# // invalid HEX form [AoO] # # UID=jsmith,,DC=example,DC=net // extra comma [AoOn] # # UID=john,smith // unescaped , [AoOn] # # UID=john+smith // unescaped + [AoOn] # # UID=john\?smith // invalid escape of ? or unescaped \ [oOn] # # UID=john\Fsmith // invalid hex escape [AoOn] # # UID=john\GGsmith // invalid hex escape [oOn] # #The following strings are invalid for use in LDAPv3, but were #legal in LDAPv2 (RFC 1779). Some LDAPv3 implementations are #liberal in accepting these but should not generate them. # # " " // space, quote characters (") are not part of the string # # OID.1.1=jsmith // invalid attribute type name # # UID=jsmith, O=example, C=US // spaces # # UID=jsmith;O=example;C=US // semi-colons # # // brackets [AoOn] # # CN="John Smith",O=example,C=US // quotes @