I'm looking at the utility functions and think I see a couple issues. One is a bug I'm pretty sure and the other may just be me.
1. canonical_dn takes an option parameter casefold, but it doesn't pass casefold to ldap_explode_dn, which it uses internally, so casefold=none is impossible. Casefold=upper works, because the case is assertively changed to upper. Casefold=lower works, because the case is assertively changed to lower. Casefold=none fails because by the time you get to the point of declaring "no change to the case of the attributes" the case has already been changed by ldap_explode_dn. E.g. a. Original: $dn = "cn=blr,infocus1,OU=resources,DC=foo,DC=com" b. Code: $dnc = canonical_dn($dn, casefold => 'none') c. Expected: cn=blr\,infocus1,OU=resources,DC=foo,DC=com d. Returned: CN=blr\,infocus1,OU=resources,DC=foo,DC=com 2. I'm passing in a DN with a leading '#' and getting back undef. I would expect to get it back escaped. Most special characters work fine, but "#" doesn't. Actually looks like a problem in the initial pattern match in ldap_explode_dn E.g.: a. Original: cn=#blr-infocus1,OU=resources,DC=foo,DC=com b. Code: $dnc = canonical_dn($dn, casefold => 'none') c. Expected: cn=\#blr-infocus1,OU=resources,DC=foo,DC=com d. Returned: undef It also appears that the documentation of options in Net::LDAP::Util has become corrupted - at least in the activestate perl it has. The values for casefold are unclear and the other options within both canonical_dn and ldap_explode_dn are not indented correctly. This is perl-ldap 0.33 with ldap.pm version 0.16. On the first issue, simply changing the call to ldap_explode_dn in canonical_dn from "ldap_explode_dn( $dn )" to "ldap_explode_dn( $dn, %opt )" appears to fix the casefold issue. On the second, I may be too rusty to fix the regex. Best, Andy Webb
