[dovecot-cvs] dovecot/src/auth db-ldap.c,1.9,1.10 db-ldap.h,1.6,1.7 passdb-ldap.c,1.3,1.4 userdb-ldap.c,1.7,1.8
cras at procontrol.fi
cras at procontrol.fi
Tue Feb 18 19:18:34 EET 2003
Update of /home/cvs/dovecot/src/auth
In directory danu:/tmp/cvs-serv31966
Modified Files:
db-ldap.c db-ldap.h passdb-ldap.c userdb-ldap.c
Log Message:
Escape special chars in username if needed.
Index: db-ldap.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/db-ldap.c,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -d -r1.9 -r1.10
--- db-ldap.c 17 Feb 2003 14:57:23 -0000 1.9
+++ db-ldap.c 18 Feb 2003 17:18:31 -0000 1.10
@@ -9,6 +9,7 @@
#include "network.h"
#include "ioloop.h"
#include "hash.h"
+#include "str.h"
#include "settings.h"
#include "db-ldap.h"
@@ -259,6 +260,29 @@
dest++;
}
}
+}
+
+const char *ldap_escape(const char *str)
+{
+ string_t *s;
+ const char *p;
+
+ for (p = str; *p != '\0'; p++) {
+ if (strchr("*()\\", *p) != NULL)
+ break;
+ }
+
+ if (*p == '\0')
+ return str;
+
+ s = t_str_new(64);
+ str_append_n(s, str, (size_t) (p-str));
+ for (; *p != '\0'; p++) {
+ if (strchr("*()\\", *p) != NULL)
+ str_append_c(s, '\\');
+ str_append_c(s, *p);
+ }
+ return str_c(s);
}
static const char *parse_setting(const char *key, const char *value,
Index: db-ldap.h
===================================================================
RCS file: /home/cvs/dovecot/src/auth/db-ldap.h,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -d -r1.6 -r1.7
--- db-ldap.h 11 Feb 2003 14:06:46 -0000 1.6
+++ db-ldap.h 18 Feb 2003 17:18:31 -0000 1.7
@@ -59,4 +59,6 @@
struct ldap_connection *db_ldap_init(const char *config_path);
void db_ldap_unref(struct ldap_connection *conn);
+const char *ldap_escape(const char *str);
+
#endif
Index: passdb-ldap.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/passdb-ldap.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- passdb-ldap.c 17 Feb 2003 14:57:23 -0000 1.3
+++ passdb-ldap.c 18 Feb 2003 17:18:31 -0000 1.4
@@ -73,6 +73,7 @@
} else {
attr = ldap_first_attribute(conn->ld, entry, &ber);
while (attr != NULL) {
+ i_warning("attr: %s", attr);
vals = ldap_get_values(conn->ld, entry, attr);
if (vals != NULL && vals[0] != NULL &&
vals[1] == NULL) {
@@ -160,6 +161,7 @@
auth_request->realm, NULL);
}
+ user = ldap_escape(user);
if (conn->set.pass_filter == NULL) {
filter = t_strdup_printf("(&(objectClass=posixAccount)(%s=%s))",
passdb_ldap_conn->attr_names[ATTR_VIRTUAL_USER], user);
Index: userdb-ldap.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/userdb-ldap.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -d -r1.7 -r1.8
--- userdb-ldap.c 17 Feb 2003 14:57:23 -0000 1.7
+++ userdb-ldap.c 18 Feb 2003 17:18:31 -0000 1.8
@@ -148,6 +148,7 @@
if (realm != NULL)
user = t_strconcat(user, "@", realm, NULL);
+ user = ldap_escape(user);
if (conn->set.user_filter == NULL) {
filter = t_strdup_printf("(&(objectClass=posixAccount)(%s=%s))",
userdb_ldap_conn->attr_names[ATTR_VIRTUAL_USER], user);
More information about the dovecot-cvs
mailing list