port 95cee0e from stable45

diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index e0c6741bcb2dcf668583d0c8db8beae307a0d388..53d4edbe69cce5cd7829279143d857de6fe85cb6 100644 (file)
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -58,7 +58,7 @@ abstract class Access {
                        return false;
                }
                $rr = @ldap_read($cr, $dn, $filter, array($attr));
-               $dn = $dn = str_replace('\\5c', '\\', $dn);
+               $dn = $this->DNasBaseParameter($dn);
                if(!is_resource($rr)) {
                        \OCP\Util::writeLog('user_ldap', 'readAttribute failed for DN '.$dn, \OCP\Util::DEBUG);
                        //in case an error occurs , e.g. object does not exist
@@ -684,6 +684,7 @@ abstract class Access {
        }
 
        public function areCredentialsValid($name, $password) {
+               $name = $this->DNasBaseParameter($name);
                $testConnection = clone $this->connection;
                $credentials = array(
                        'ldapAgentName' => $name,
@@ -771,6 +772,18 @@ abstract class Access {
                return strtoupper($hex_guid_to_guid_str);
        }
 
+       /**
+        * @brief converts a stored DN so it can be used as base parameter for LDAP queries
+        * @param $dn the DN
+        * @returns String
+        *
+        * converts a stored DN so it can be used as base parameter for LDAP queries
+        * internally we store them for usage in LDAP filters
+        */
+       private function DNasBaseParameter($dn) {
+               return str_replace('\\5c', '\\', $dn);
+       }
+
        /**
         * @brief get a cookie for the next LDAP paged search
         * @param $filter the search filter to identify the correct search