[cifs-protocol] character escaping in DN and canonicalName [120072224000698]
Douglas Bagnall
douglas.bagnall at catalyst.net.nz
Wed Aug 12 23:00:13 UTC 2020
thank you Sreekanth.
So this means escapes in the form "\01" are understood but never produced?
That is consistent with what I see.
regards,
Douglas
On 11/08/20 3:36 am, Sreekanth Nadendla wrote:
>
> Hello Douglas, the link you provided actually have the list of the only chars that will escape in canonicalName:
>
> "In the canonicalName both the forward slash and backslash characters are escaped using the backslash escape character. However, no other characters are escaped."
>
> canonicalName is a constructed attribute, which means it is only for output, but never for input. In other word, you can not write a string of value of a canonicalName. For the output sting of a canonicalName, the only characters that will appear with an escape \ will be forward and back slash.
>
>
> 1. Distinguished name has a list of chars that need escape. In corresponding canonicalName, escape will not appear:
> For example:
> Input DN to create a new object is: CN=test\#End,CN=MiniSmokeAppNC
> Search the object get:
> ldap_search_s(ld, "CN=test\#End,CN=MiniSmokeAppNC", 0, "(objectClass=*)", attrList, 0, &msg)
> Getting 1 entries:
> Dn: CN=test\#End,CN=MiniSmokeAppNC
> canonicalName: /MiniSmokeAppNC/test#End;
> name: test#End;
> DN has \#, but either canonicalName nor name has escape
>
> 2. Hex value will be translated and stored as a Unicode if we can.
> For example, input DN to create a new object is : “CN=test\C4\81\#,CN=MiniSmokeAppNC”
> Search the object get:
> Dn: CN=testÄ\#,CN=MiniSmokeAppNC
> canonicalName: /MiniSmokeAppNC/testÄ#;
> name: testÄ#;
> hex value is translated into a Unicode. No escape for it in DN, canonicalName, or name
>
> 3. Slash and backslash will appear in canonicalName with escape
> For example, input DN to create a new object is : “CN=test\#\\End,CN=MiniSmokeAppNC”
> Search this object get:
> Dn: CN=test\#\\End,CN=MiniSmokeAppNC
> canonicalName: /MiniSmokeAppNC/test#\\End;
> name: test#\End;
> DN has escape for both “#” and “\”. canonicalName has escape for \ but not for #. Name has either.
>
> Regards,
> Sreekanth Nadendla
> Microsoft Windows Open Specifications
>
> -----Original Message-----
> From: Sreekanth Nadendla
> Sent: Monday, August 3, 2020 11:19 AM
> To: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
> Cc: cifs-protocol at lists.samba.org; support <support at mail.support.microsoft.com>
> Subject: character escaping in DN and canonicalName [120072224000698]
>
> Hi Douglas, I’m researching this issue for you. Will provide you an update as soon as I have some details to share with you.
>
>
> Regards,
> Sreekanth Nadendla
> Microsoft Windows Open Specifications
>
> -----Original Message-----
> From: Obaid Farooqi <obaidf at microsoft.com>
> Sent: Wednesday, July 22, 2020 4:33 AM
> To: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
> Cc: cifs-protocol at lists.samba.org; support <support at mail.support.microsoft.com>
> Subject: RE: character escaping in DN and canonicalName [120072224000698]
>
> Hi Douglas:
> Thanks for contacting Microsoft. I have created a case to track this issue. A member of the open specifications team will be in touch soon.
>
> Regards,
> Obaid Farooqi
> Escalatiion Engineer | Microsoft
>
> -----Original Message-----
> From: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
> Sent: Tuesday, July 21, 2020 9:22 PM
> To: Interoperability Documentation Help <dochelp at microsoft.com>
> Cc: cifs-protocol at lists.samba.org
> Subject: [EXTERNAL] character escaping in DN and canonicalName
>
> hi Dochelp,
>
> According to RFC 4514 and articles like
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsocial.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2F5312.active-directory-characters-to-escape.aspx&data=02%7C01%7Csrenaden%40microsoft.com%7Cf6102022d87742a94e6b08d82e19ccd8%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637310035698795797&sdata=1ALo7t2ByMAMsJN7AVPeumOVtlLbs2Ri%2FVR49AJwFTY%3D&reserved=0
> the characters ' ', '"', '#', '+', ',', ';', '<', '=', '>', '\' are escaped with a leading '\', while other characters can be escaped as hex values like "\0a". For canonicalName, '/' must also be escaped, for obvious reasons.
>
> My question is: is there anywhere a list of which characters are canonically escaped in the hex form?
>
> That is, I suppose a carriage return is always escaped as "\0d", and an 'A' is never escaped as "\41". But I don't know whether, for example, "ā" ('a' with macron) is included in a canonicalName or DN string as "\C4\81" or as the plain UTF-8 "ā".
>
> regards,
> Douglas
>
>
>
More information about the cifs-protocol
mailing list