Hi! Trying to match the (som,e experimental) certificate subject to assign it LDAP users, I have some problems: Escaping of the subject seems to make regexp matching even harder. For example "CN = "uid=windl+email=u.wi...@ukr.de", GN = Ulrich, SN = Windl" (as displayed by OpenSSL) is converted to "dn:sn=windl,givenName=ulrich,cn=uid\3Dwindl\2Bemail\3du.wi...@ukr.de"
As I understand it uid=windl+email=u.wi...@ukr.de<mailto:uid=windl+email=u.wi...@ukr.de>" and email=u.wi...@ukr.de<mailto:uid=windl+email=u.wi...@ukr.de>+uid=windl" would be equivalent. So when I want to match just the uid part I could use "uid\\3D([^,]+)", but that would include "\2Bemail\3Du...". If I'd use uid\\3D([^,\]+)", instead, any escaped character inside the uid would terminate the match. How do the experts handle it? Use very simplistic CNs in certificates? Kind regards, Ulrich Windl
