Re^4: Question about base64 encoded attributes with Net::LDAP::LDIF

So here's a test entry. See that the userPassword is base64 encoded (noted with the two '::'). As an example, let's say my code is just interested in deleting the rutgersEduStatus attribute.

dn: uid=testing,ou=People,dc=rutgers,dc=edu
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetorgperson
objectClass: rutgersEduPerson
objectClass: eduPerson
uid: testing
givenName: Record
sn: Testing
cn: Record Testing
eduPersonAffiliation: alum
eduPersonAffiliation: member
eduPersonAffiliation: student
eduPersonPrimaryAffiliation: student
eduPersonPrincipalName: testing@rutgers.edu
employeeType: ALUMNI
employeeType: STUDENT
homePostalAddress: 433 W County Dr$Somerville, NJ 088763470
postalAddress: R U C S
rutgersEduDateOfBirth: 1960-01-01
rutgersEduStatus: active
uidNumber: 120001
userPassword:: e1NBU0x9dGVzdGluZ0BSVVRHRVJTLkVEVQ==
[download]

Comment on Re^4: Question about base64 encoded attributes with Net::LDAP::LDIF Download Code

Replies are listed 'Best First'.
Re^5: Question about base64 encoded attributes with Net::LDAP::LDIF (updated!) by haukex (Archbishop) on Jul 07, 2019 at 09:11 UTC
Thanks for the sample! I had a look at the Net::LDAP::LDIF source, and it looks like the `encode => 'base64'` option only affects the `dn:`, and attributes are only decided based on what characters they contain, nothing else. So unfortunately, unless you patch* this module, it won't be able to do what you want... Update: Of course, you could send all of the LDIF files through a "canonicalization" once, so that the diffs later on only show the actual changes. Or, if this is about version control, there are git filters... (not the most elegant solutions, just some ideas) * Update 2: Here's one way. The disadvantage is of course that if the module author makes changes to `Net::LDAP::LDIF::_write_attr`, you'd have to carry those over manually. use warnings; use strict; use Data::Dump; use Net::LDAP::LDIF; { package Net::LDAP::LDIF::B64; use parent 'Net::LDAP::LDIF'; sub _write_attr { my($self, $attr, $val) = @_; my $lower = $self->{lowercase}; my $fh = $self->{fh}; my $b64 = $self->{b64attr}; my $res = 1; # result value foreach my $v (@$val) { my $ln = $lower ? lc $attr : $attr; $v = Encode::encode_utf8($v) if (Net::LDAP::LDIF::CHECK_UTF8 and Encode::is_utf8($v)); if ( $v =~ /(^[ :<]\|[\x00-\x1f\x7f-\xff]\| $)/ \|\| $b64 && $attr=~$b64 ) { require MIME::Base64; $ln .= ':: ' . MIME::Base64::encode($v, ''); } else { $ln .= ': ' . $v; } $res &&= print $fh Net::LDAP::LDIF::_wrap($ln, $self->{wrap}), "\n"; } $res; } } our $old_ldif = Net::LDAP::LDIF->new( "dump.ldif", "r", onerror => 'undef' ); our $new_ldif = Net::LDAP::LDIF::B64->new( "dump_new.ldif", "w", onerror => 'undef', wrap => 76, b64attr => qr/\AuserPassword\z/ ); while (not $old_ldif->eof()) { my $entry = $old_ldif->read_entry(); if ($old_ldif->error()) { warn "Error msg: ", $old_ldif->error(), "\n"; warn "Error lines:\n", $old_ldif->error_lines(), "\n"; } else { # delete attributes no longer needed foreach my $attr ($entry->attributes()) { if ($attr =~ /^rutgersEduStatus/) { $entry->delete($attr); } } $new_ldif->write_entry($entry); } } $old_ldif->done(); $new_ldif->done(); __END__ --- dump.ldif 2019-07-07 11:03:31.773616611 +0200 +++ dump_new.ldif 2019-07-07 11:43:27.799984355 +0200 @@ -20,6 +20,5 @@ homePostalAddress: 433 W County Dr$Somerville, NJ 088763470 postalAddress: R U C S rutgersEduDateOfBirth: 1960-01-01 -rutgersEduStatus: active uidNumber: 120001 userPassword:: e1NBU0x9dGVzdGluZ0BSVVRHRVJTLkVEVQ== [download]	[reply] [d/l] [select]
Re^6: Question about base64 encoded attributes with Net::LDAP::LDIF (updated!) by steiner (Novice) on Jul 23, 2019 at 20:38 UTC
Finally got back to this project and that worked just fine. Don't mind the module patch since this will hopefully be a once and done script. Thanks so much! -ds	[reply]


Problems? Is your data what you think it is?
	PerlMonks