On 3/6/04 4:11 pm, Graham Barr <[EMAIL PROTECTED]> wrote:
>
>
> Begin forwarded message:
>
>> From: Douglas Gray Stephens <[EMAIL PROTECTED]>
>> Date: 3 June 2004 15:58:41 BST
>> To: [EMAIL PROTECTED]
>> Subject: Potential bug in Net::LDAP (with binary data)
>> Message-Id: <[EMAIL PROTECTED]>
>>
>>
>> Graham,
>>
>> I have an odd observation while working with a usercertificate;binary
>> data. At present I have not tracked this down to Net::LDAP, but
>> thought that you may have some suggestions.
>>
>> The attached perl replaces my certificate. I have access to a few
>> servers (old Innosoft (strictly v2 with guess as to what the v3
>> standards would be), iPlanet 5.1, and SunOne 5.2 (both very much v3)).
Your script has this line:
my %change=(q{usercertificate;binary}=>[q{MIIDTDCCArWgAwIBA...
The value of the certificate should be binary on the wire, not base-64
encoded. So you should use the binary value in perl too..
Since you're sending junk to the servers, the server's *should* be rejecting
your modify operations. That they're not is a defect in each of the servers,
and you can't really expect any sort of sane behaviour from them.
How do things change if you send the BER value instead of the base 64?
Cheers,
Chris
