Hi!
Trying to match the (som,e experimental) certificate subject to assign it LDAP users, I have some problems: Escaping of the subject seems to make regexp matching even harder. For example "CN = "uid=windl+email=u.windl@ukr.de", GN = Ulrich, SN = Windl" (as displayed by OpenSSL) is converted to "dn:sn=windl,givenName=ulrich,cn=uid\3Dwindl\2Bemail\3Du.windl@ukr.de"
As I understand it uid=windl+email=u.windl@ukr.demailto:uid=windl+email=u.windl@ukr.de" and email=u.windl@ukr.demailto:uid=windl+email=u.windl@ukr.de+uid=windl" would be equivalent.
So when I want to match just the uid part I could use "uid\3D([^,]+)", but that would include "\2Bemail\3Du...". If I'd use uid\3D([^,]+)", instead, any escaped character inside the uid would terminate the match.
How do the experts handle it? Use very simplistic CNs in certificates?
Kind regards, Ulrich Windl