Using version 1.2.5 (Build 2010.012.2035) with "Schema Checking" enabled, I can have: postalAddress: $, $$$ Using version 1.2.6.a2 (Build 2010.061.2025) with "Schema Checking" enabled, I am not able to use the above syntax for postalAddress. In an email discussion with Rich, it appears as though RFC 2252 allows this, whereas RFC 4517 does not. This difference breaks eGroupWare's addressbook (adnd possibly many other CMS) handling of the postalAddress, homePostalAddress, etc. attributes. The issue is with "partial addresses", where you may not have every part of the address defined for entry into LDAP: For example, take the following address: 123 4th ST ANYTOWN IL 60611 USA What if I wanted to have a contact for which I only knew the postal code and country. Is it "illegal" to have the following in postalAddress? postalAddress: $, $60611$$USA The fact that "this has always worked" with OpenLDAP and previous versions (1.2.5) of 389 DS is irrelevant, I agree. But it seems like the description for 1.3.6.1.4.1.1466.115.121.1.41 doesn't prohibit that format. It appears to me (the non-expert) as though the "$" character simply acts as a line terminator/carriage return. Me: > Is it "illegal" to have the following in postalAddress? > > postalAddress: $, $60611$$USA > Rich: According to RFC 4517, yes, but according to RFC 2252, technically no.
I think the right thing to do is to allow $$, and optionally make it configurable.
Created attachment 398636 [details] patch
To ssh://git.fedorahosted.org/git/389/ds.git 4845ffc..b8ff06d master -> master commit b8ff06dd240df947fee972fe13bb2826ebb02048 Author: Rich Megginson <rmeggins> Date: Mon Mar 8 14:35:17 2010 -0700 Reviewed by: nhosoi (Thanks!) Branch: HEAD Fix Description: Even though RFC 4517 says a postal address syntax value should not contain empty lines (e.g. $$), most, if not all, current applications expect to be able to store $$. This adds an internal switch to allow support for $$ for now. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no To ssh://git.fedorahosted.org/git/389/ds.git 73a7424..5962d96 Directory_Server_8_2_Branch -> Directory_Server_8_2_Branch commit 5962d965030a70a1cbf31081ed92d5f933e89c00 Author: Rich Megginson <rmeggins> Date: Mon Mar 8 14:35:17 2010 -0700 Reviewed by: nhosoi (Thanks!) Branch: Directory_Server_8_2_Branch Fix Description: Even though RFC 4517 says a postal address syntax value should not contain empty lines (e.g. $$), most, if not all, current applications expect to be able to store $$. This adds an internal switch to allow support for $$ for now. Platforms tested: RHEL5 x86_64 Flag Day: no Doc impact: no (cherry picked from commit b8ff06dd240df947fee972fe13bb2826ebb02048)
verified - RHEL 4 version: redhat-ds-base-8.2.0-2010060704.el4dsrv 1. turned on syntax checking # ldapsearch -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -b "cn=config" | grep syntaxcheck nsslapd-syntaxcheck: on 2. Added user with postalAddress as defined in comment 1 successfully ldapsearch -x -h `hostname` -p 389 -D "cn=Directory Manager" -w Secret123 -b "uid=test,ou=people,dc=example,dc=com" "(objectclass=*)" # extended LDIF # # LDAPv3 # base <uid=test,ou=people,dc=example,dc=com> with scope sub # filter: (objectclass=*) # requesting: ALL # # test, People, example.com dn: uid=test,ou=People,dc=example,dc=com uid: test givenName: test objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson postalAddress: $, $60611$$USA sn: test cn: test test userPassword:: e1NTSEF9T1B3T211YU5mYWZXSFBweHlOcWl4ZkpwWmlGeEJveDJyc1NFWVE9PQ= = # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1
I believe this is fixed and can be closed. Thank you.