LDAP server with binary transfer attribute for userCertificate (RFC 4522/RFC 4523)

[degenkolb]

Hi,

does ldaptor as a server implementation support binary transfer as mentioned in RFC 4522 ? https://datatracker.ietf.org/doc/html/rfc4522

And if yes how should I go about "tagging" an attribute for binary transfer?

I try to build an LDAP server for distribution of user certificates in the userCertificate attribute from RFC 4523. https://datatracker.ietf.org/doc/html/rfc4523#section-4.1

The simple LDAP server from the documentation is running but only serves the attributes as text.

Even if I try something like adding the base64 encoded version of a .cer file. or add ";binary" in the schema definition.

    "uid=mohamed",
    {
        "objectClass": ["people", "inetOrgPerson"],
        "cn": ["Mohamed Al Ghâlib"],
        "sn": ["Al Ghâlib"],
        "givenName": ["mohamed"],
        "uid": ["mohamed"],
        "mail": ["/home/mohamed/mailDir"],
        "userCertificate;binary": ["""MIIIfzCCBmegAw[...]v+pA=="""],
    }

I found some reference to a binary_transfer_required attribute in schema.py but I don't know if this is what I'm looking for, if its only usable for a LDAP client or how to use it for a LDAP server.

Can somebody give me a hint how to implement something like that?

Thanks.