On 08/15/2012 03:14 AM, sergio wrote:
On 08/15/2012 11:08 AM, Michael Ströder wrote:
If you want to process LDIF then be prepared to process any LDIF data compliant to RFC 2849. Period.
RFC 2849 doesn't say any special about userPassword and why it should be base64 encoded.
I'm not a programmer by any stretch of the imagination but it appears to me that the LDIF generator is hard-coded to always base64-encode the userPassword value.
Digging through the OpenLDAP gitweb, I found these lines in libraries/libldap/ldif.c:
365 * name and OID of attributeTypes that must be base64 encoded in any case 366 */ 367 typedef struct must_b64_encode_s { 368 struct berval name; 369 struct berval oid; 370 } must_b64_encode_s; 371 372 static must_b64_encode_s default_must_b64_encode[] = { 373 { BER_BVC( "userPassword" ), BER_BVC( "2.5.4.35" ) }, 374 { BER_BVNULL, BER_BVNULL } 375 };
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=libraries/l...
I don't see any justification in the file for doing so, but the RFC says any value MAY be encoded. I think Michael's advice is very prudent.
/* Wes Hardin */