diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2012-08-03 15:51:25 +0200 |
|---|---|---|
| committer | Jörn Friedrich Dreyer <jfd@butonic.de> | 2012-08-24 14:54:16 +0200 |
| commit | 2af74736514f8bc194239e40a6a04a862db305e0 (patch) | |
| tree | 2dce0ad908d2fb9cc3e6b71e0bbf18089312d214 | |
| parent | a3b4cb205c8cf95e483decb6c4208789bd98e84c (diff) | |
| download | nextcloud-server-2af74736514f8bc194239e40a6a04a862db305e0.tar.gz nextcloud-server-2af74736514f8bc194239e40a6a04a862db305e0.zip | |
LDAP: sanitize base, user and group trees. fixes oc-1302
| -rw-r--r-- | apps/user_ldap/lib_ldap.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php index ab838812aef..70b4664542a 100644 --- a/apps/user_ldap/lib_ldap.php +++ b/apps/user_ldap/lib_ldap.php @@ -666,9 +666,9 @@ class OC_LDAP { self::$ldapPort = OCP\Config::getAppValue('user_ldap', 'ldap_port', 389); self::$ldapAgentName = OCP\Config::getAppValue('user_ldap', 'ldap_dn',''); self::$ldapAgentPassword = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password','')); - self::$ldapBase = OCP\Config::getAppValue('user_ldap', 'ldap_base', ''); - self::$ldapBaseUsers = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase); - self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase); + self::$ldapBase = self::sanitizeDN(OCP\Config::getAppValue('user_ldap', 'ldap_base', '')); + self::$ldapBaseUsers = self::sanitizeDN(OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase)); + self::$ldapBaseGroups = self::sanitizeDN(OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase)); self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0); self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0); self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid')); |