httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 49568] New: Apache mod_authnz_ldap built with the MS LDAPSDK does not handle multi-byte DNs
Date Wed, 07 Jul 2010 19:28:00 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49568

           Summary: Apache mod_authnz_ldap built with the MS LDAPSDK does
                    not handle multi-byte DNs
           Product: Apache httpd-2
           Version: 2.2.15
          Platform: PC
        OS/Version: Windows Server 2003
            Status: NEW
          Severity: major
          Priority: P2
         Component: mod_authz_ldap
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: dopey@moonteeth.com


Created an attachment (id=25729)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=25729)
ldif file containing user that doesn't work.  Password for the user is the
string: two

If a user's DN contains a multi-byte character, auth_ldap will not authenticate
the user because the multi-byte characters returned by the searchRequest will
be converted to ?'s when attempting to bind.

For example a user with the following dn:
cn=t[UTF-8: 0xE6 0x88 0x91], ou=people

UTF-8: 0xE6 0x88 0x91 is the utf-8 character for the chinese word for me.

Will not work because the bind request will be for
cn=t?,ou=people

See this mailing list thread with a discussion on this:
http://marc.info/?l=apache-httpd-dev&m=121623942300453&w=2

Attached is an ldif file containing the dn I used.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message