[cifs-protocol] [EXTERNAL] Re: character escaping in DN and canonicalName [120072224000698]
Sreekanth Nadendla
srenaden at microsoft.com
Thu Aug 13 01:22:56 UTC 2020
Yes Douglas. Thanks for confirming.
-----Original Message-----
From: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
Sent: Wednesday, August 12, 2020 7:00 PM
To: Sreekanth Nadendla <srenaden at microsoft.com>
Cc: cifs-protocol at lists.samba.org; support <support at mail.support.microsoft.com>
Subject: [EXTERNAL] Re: character escaping in DN and canonicalName [120072224000698]
thank you Sreekanth.
So this means escapes in the form "\01" are understood but never produced?
That is consistent with what I see.
regards,
Douglas
On 11/08/20 3:36 am, Sreekanth Nadendla wrote:
>
> Hello Douglas, the link you provided actually have the list of the only chars that will escape in canonicalName:
>
> "In the canonicalName both the forward slash and backslash characters are escaped using the backslash escape character. However, no other characters are escaped."
>
> canonicalName is a constructed attribute, which means it is only for output, but never for input. In other word, you can not write a string of value of a canonicalName. For the output sting of a canonicalName, the only characters that will appear with an escape \ will be forward and back slash.
>
>
> 1. Distinguished name has a list of chars that need escape. In corresponding canonicalName, escape will not appear:
> For example:
> Input DN to create a new object is: CN=test\#End,CN=MiniSmokeAppNC
> Search the object get:
> ldap_search_s(ld, "CN=test\#End,CN=MiniSmokeAppNC", 0,
> "(objectClass=*)", attrList, 0, &msg) Getting 1 entries:
> Dn: CN=test\#End,CN=MiniSmokeAppNC
> canonicalName: /MiniSmokeAppNC/test#End;
> name: test#End;
> DN has \#, but either canonicalName nor name has escape
>
> 2. Hex value will be translated and stored as a Unicode if we can.
> For example, input DN to create a new object is : “CN=test\C4\81\#,CN=MiniSmokeAppNC”
> Search the object get:
> Dn: CN=testÄ\#,CN=MiniSmokeAppNC
> canonicalName: /MiniSmokeAppNC/testÄ#;
> name: testÄ#;
> hex value is translated into a Unicode. No escape for it in DN,
> canonicalName, or name
>
> 3. Slash and backslash will appear in canonicalName with escape
> For example, input DN to create a new object is : “CN=test\#\\End,CN=MiniSmokeAppNC”
> Search this object get:
> Dn: CN=test\#\\End,CN=MiniSmokeAppNC
> canonicalName: /MiniSmokeAppNC/test#\\End;
> name: test#\End;
> DN has escape for both “#” and “\”. canonicalName has escape for \ but not for #. Name has either.
>
> Regards,
> Sreekanth Nadendla
> Microsoft Windows Open Specifications
>
> -----Original Message-----
> From: Sreekanth Nadendla
> Sent: Monday, August 3, 2020 11:19 AM
> To: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
> Cc: cifs-protocol at lists.samba.org; support
> <support at mail.support.microsoft.com>
> Subject: character escaping in DN and canonicalName [120072224000698]
>
> Hi Douglas, I’m researching this issue for you. Will provide you an update as soon as I have some details to share with you.
>
>
> Regards,
> Sreekanth Nadendla
> Microsoft Windows Open Specifications
>
> -----Original Message-----
> From: Obaid Farooqi <obaidf at microsoft.com>
> Sent: Wednesday, July 22, 2020 4:33 AM
> To: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
> Cc: cifs-protocol at lists.samba.org; support
> <support at mail.support.microsoft.com>
> Subject: RE: character escaping in DN and canonicalName
> [120072224000698]
>
> Hi Douglas:
> Thanks for contacting Microsoft. I have created a case to track this issue. A member of the open specifications team will be in touch soon.
>
> Regards,
> Obaid Farooqi
> Escalatiion Engineer | Microsoft
>
> -----Original Message-----
> From: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
> Sent: Tuesday, July 21, 2020 9:22 PM
> To: Interoperability Documentation Help <dochelp at microsoft.com>
> Cc: cifs-protocol at lists.samba.org
> Subject: [EXTERNAL] character escaping in DN and canonicalName
>
> hi Dochelp,
>
> According to RFC 4514 and articles like
> https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsoci
> al.technet.microsoft.com%2Fwiki%2Fcontents%2Farticles%2F5312.active-di
> rectory-characters-to-escape.aspx&data=02%7C01%7Csrenaden%40micros
> oft.com%7C245b6f5729a94277ae5508d83f137a89%7C72f988bf86f141af91ab2d7cd
> 011db47%7C1%7C0%7C637328700181242827&sdata=TzKL0ZsKw%2BP7GU2A1sZvL
> IIXTxpwkJjOjmcRQ6AqgLw%3D&reserved=0
> the characters ' ', '"', '#', '+', ',', ';', '<', '=', '>', '\' are escaped with a leading '\', while other characters can be escaped as hex values like "\0a". For canonicalName, '/' must also be escaped, for obvious reasons.
>
> My question is: is there anywhere a list of which characters are canonically escaped in the hex form?
>
> That is, I suppose a carriage return is always escaped as "\0d", and an 'A' is never escaped as "\41". But I don't know whether, for example, "ā" ('a' with macron) is included in a canonicalName or DN string as "\C4\81" or as the plain UTF-8 "ā".
>
> regards,
> Douglas
>
>
>
More information about the cifs-protocol
mailing list