Home > Archive > LDAP > August 2005 > Avoid base64 decoding
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Avoid base64 decoding
|
|
|
| Hi, is there any way to avoid base64 decoding an attribute value?=20
I open an existing ldif (300000 users), modify some entries, and print
to standard output the result.=20
Everything works as expected but the encoded attributes are converted to
plain text.=20
When I try to import it to the LDAP server I get errors because those
attributes values get interpreted as attributes themselves.
Thx in advance
Joan
ORIGINAL ENTRY
dn: uid=3Dricardo,ou=3Dpeople,o=3Dexample
objectclass: top
objectclass: person
mailautoreplytext::
WWEgaGUgcmVjaWJpZG8gdHUgbWVuc2FqZS4NClRl
IHJlc3BvbmRlcsOpI
HBlcnNvbmFsbWVudGUgbG8gYW50ZXMgcG9zaWJsZ
S4NClVuIHNhbHVkbzogUmljYXJkbw=3D=
=3D
mailautoreplytext;lang-es: $
MODIFIED ENTRY
dn: uid=3Dricardo,ou=3Dpeople,o=3Dexample
objectclass: top
objectclass: person
mailautoreplytext: Ya he recibido tu mensaje.^M
Te responder=E9 personalmente lo antes posible.^M
Un saludo: Ricardo
mailautoreplytext;lang-es: $
If I add:
$v =3D~ s/\n/\n /g;
before printing printing the value I can "fix" this entry but I'd rather
keep the original encoding.=20
CODE SNIP
my $ldifmig =3D Net::LDAP::LDIF->new( $ldif_a_migrar, "r", onerror =3D>
'undef' );
while( not $ldifmig->eof() ) {
my $entry =3D $ldifmig->read_entry();
if ( $ldifmig->error() ) {
print "Error msg: ",$ldifmig->error(),"\n";
print "Error lines:\n",$ldifmig->error_lines(),"\n";
}
else {
my $dn =3D $entry->dn();
if ( $entry->exists('mail') ) {
$entry->add ( 'objectclass' =3D> [
'inetadmin',
'inetlocalmailrecipient',
'ipuser'
]);
}
my @attributes =3D $entry->attributes;
print "dn: $dn\n";
for my $attribute (@attributes) {
my $values =3D $entry->get_value($attribute , asref =3D> 1);
for my $v (@{$values}) {
#Workaround
#$v =3D~ s/\n/\n /g;
print "$attribute: $v\n";
}
}
print "\n";
}
}
$ldifmig->done();
| |
| Peter Marschall 2005-08-29, 7:05 pm |
| Hi,
On Monday, 29. August 2005 14:38, Joan wrote:
> Hi, is there any way to avoid base64 decoding an attribute value?
> I open an existing ldif (300000 users), modify some entries, and print
> to standard output the result.
> Everything works as expected but the encoded attributes are converted to
> plain text.
> When I try to import it to the LDAP server I get errors because those
> attributes values get interpreted as attributes themselves.
Base64-encoding is required in the LDIF format if the values of attributes =
are=20
not representable as printable ASCII characters (e.g. non-ASCII letters [e.=
g.=20
=E9], binary values [certificates, images, ...], letters from the ASCII con=
trol=20
range [0x00 - 0x32], ...).
I.e. The LDIF standard uses Base64 as transport encoding to protect values=
=20
from being interpreted falsely
If you want to use Net::LDAP::LDIF or ldapmodify / ldapadd to import data=
=20
into the directory you need to Base64-encode thase values that may cause=20
trouble.
One of the easier ways to do this is to use Net::LDAP::LDIF for writing.
See below for an untested version.
> ORIGINAL ENTRY
> dn: uid=3Dricardo,ou=3Dpeople,o=3Dexample
> objectclass: top
> objectclass: person
> mailautoreplytext::
> WWEgaGUgcmVjaWJpZG8gdHUgbWVuc2FqZS4NClRl
IHJlc3BvbmRlcsOpI
> HBlcnNvbmFsbWVudGUgbG8gYW50ZXMgcG9zaWJsZ
S4NClVuIHNhbHVkbzogUmljYXJkbw=3D=
=3D
> mailautoreplytext;lang-es: $
>
> MODIFIED ENTRY
> dn: uid=3Dricardo,ou=3Dpeople,o=3Dexample
> objectclass: top
> objectclass: person
> mailautoreplytext: Ya he recibido tu mensaje.^M
> Te responder=E9 personalmente lo antes posible.^M
> Un saludo: Ricardo
> mailautoreplytext;lang-es: $
>
> If I add:
>
> $v =3D~ s/\n/\n /g;
>
> before printing printing the value I can "fix" this entry but I'd rather
> keep the original encoding.
>
> CODE SNIP
>
> my $ldifmig =3D Net::LDAP::LDIF->new( $ldif_a_migrar, "r", onerror =3D>
> 'undef' );
my $ldifnew =3D Net::LDAP::LDIF->new('-', 'w'); # - means STDOUT
> while( not $ldifmig->eof() ) {
> my $entry =3D $ldifmig->read_entry();
> if ( $ldifmig->error() ) {
> print "Error msg: ",$ldifmig->error(),"\n";
> print "Error lines:\n",$ldifmig->error_lines(),"\n";
> }
> else {
> my $dn =3D $entry->dn();
>
> if ( $entry->exists('mail') ) {
> $entry->add ( 'objectclass' =3D> [
> 'inetadmin',
> 'inetlocalmailrecipient',
> 'ipuser'
> ]);
> }
> =20
$ldifout->write_entry($entry);
> }
> }
>
> $ldifmig->done();
$ldifout->done();
=2D-=20
Peter Marschall
eMail: peter@adpm.de
| |
|
| Hi,
> On Monday, 29. August 2005 14:38, Joan wrote:
>=20
> Base64-encoding is required in the LDIF format if the values of
> attributes are=20
> not representable as printable ASCII characters (e.g. non-ASCII letters
> [e.g.=20
> =E9], binary values [certificates, images, ...], letters from the ASCII
> control=20
> range [0x00 - 0x32], ...).
> I.e. The LDIF standard uses Base64 as transport encoding to protect
> values=20
> from being interpreted falsely
I know, that's what I want to KEEP the base64 encoding. My problem was
that the "get_value" method was decoding the attributes and I was
printing that to STDOUT.
>=20
> If you want to use Net::LDAP::LDIF or ldapmodify / ldapadd to import
> data=20
> into the directory you need to Base64-encode thase values that may cause=
=20
> trouble.
>=20
> One of the easier ways to do this is to use Net::LDAP::LDIF for writing.
>=20
> See below for an untested version.
that did the trick, and my code is cleaner too :)
thx Peter!
=20
s/ldifnew/ldifout/
> my $ldifnew =3D Net::LDAP::LDIF->new('-', 'w'); # - means STDOUT
> $ldifout->write_entry($entry);
> $ldifout->done();
|
|
|
|
|