Hi,
I wrote yesterday about problems in the code. Weirdly enough, I don't get any
mail from the synapse lists, so I can't quote Luca's reply properly. No e-mail
from synalist has arrived to my spam filter/firewall, so I'd appreciate it if
the admin could have a look at what's going on and if the problems also affect
other users.
I continued working on the code and I have some good news: The problems can be
solved by just changing a small number of AnsiStrings to Strings. So I should
be able to provide a nice, clean patch, which works with both FPC and new and
old Delphis. At the moment I already have a test program, which accesses both
AD and OpenLdap with dn:s, passwords etc. containing utf8 characters - and it
works on both Lazarus and Delphi XE.
Before sending any patches, I'd need to know how you guys prefer to solve a few
problems.
The way to change a password is something like this:
att:=TLDAPAttribute.Create;
if IsAD then att.AttributeName:='unicodePwd' else
att.AttributeName:='userPassword';
att.Add(NewPasswd);
Ldap.Modify(dn,MO_Replace,att);
Now, the att.Add calls UnquoteStr, which is really problematic. If the user has
quotes in his password, they are removed or at least messed up. The function
itself is a bit weird and excessively complicated. I couldn't find any places
where UnquoteStr would be used for removing anything but the first and last
quote of the string, so I'd like to replace it with a simple:
function UnquoteStr(const Value: string; Quote: Char): string;
// This one removes only the first and last quote. /jarto
begin
if (Length(Value) >= 2) and (Value[1] = Quote) and (Value[Length(Value)] =
Quote) then
result := copy(Value, 2, Length(Value) - 2)
else result := Value;
end;
After using that one, I can use passwords, that have single and double quotes
in them without any problems. The only password causing trouble is, if the user
inputs a password, which starts and ends with a quote. Luca's solution works in
that case: att.Add(QuoteStr(Passwd),'"');
Luca posted a Utf16Le function, which he uses. Well, it does work with
non-unicode passwords, but fails when the string contains Unicode characters.
To do things right and have proper support for AD's unicodePwd, we have two
possibilities:
1. We could add a call to the right conversion function. UTF8ToUCS2LE/
UTF8ToUCS2BE on FPC, nothing on newer Delphis, who-knows-what on older Delphis.
However, on FPC that would require LCLBase to be added and it's really a big
can of worms to open.
2. We could simply add a new function TLDAPAttribute.AddRaw(Value:
AnsiString), which would not do any conversions or remove quotes. Then the user
has the possibility to use a proper encoding functions to make sure the Unicode
password is 100% correct.
I'd really appreciate opinions on this as I'd like to commit my changes and
move on to the other Unicode challenges in my own code :)
Regards,
Jarto Tarpio
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
synalist-public mailing list
synalist-public@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/synalist-public
