[Issue 9495] authz-regexp using dn: instead of a URI mangles characters with HTML excapes

14 Jun 2021


      https://bugs.openldap.org/show_bug.cgi?id=9495
--- Comment #3 from Karl O. Pinc kop@karlpinc.com ---
On Mon, 14 Jun 2021 16:39:43 +0000
openldap-its@openldap.org wrote:
...
https://bugs.openldap.org/show_bug.cgi?id=9495
Quanah Gibson-Mount quanah@openldap.org changed:
       What    |Removed                     |Added


     Resolution|---                         |WONTFIX
         Status|UNCONFIRMED                 |RESOLVED


--- Comment #2 from Quanah Gibson-Mount quanah@openldap.org ---
Invalid usage.
SASL works with usernames, not DNs.  I.e., -U "cn=..." is invalid.
RFC4422 Simple Authentication and Security Layer (SASL)
states:
3.4.1.  Authorization Identity String
The authorization identity string is a sequence of zero or more
   Unicode [Unicode] characters, excluding the NUL (U+0000) character,
   representing the identity to act as.
So, the literal "cn=..." is a perfectly valid SASL username.
Regards,
Karl kop@karlpinc.com
Free Software:  "You don't pay back, you pay forward."
                 -- Robert A. Heinlein
-- 
You are receiving this mail because:
You are on the CC list for the issue.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[Issue 9495] authz-regexp using dn: instead of a URI mangles characters with HTML excapes