Merge pull request #10340 from owncloud/fix-9887

better check whether string resembles a DN, fixes #9887

3 files changed, 15 insertions, 2 deletions

diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php
index 23ba4253ed3..570f445650d 100644
--- a/apps/user_ldap/lib/access.php
+++ b/apps/user_ldap/lib/access.php
@@ -141,6 +141,18 @@ class Access extends LDAPUtility implements user\IUserTools {
 	}
 
 	/**
+	 * checks whether the given string is probably a DN
+	 * @param string $string
+	 * @return boolean
+	 */
+	public function stringResemblesDN($string) {
+		$r = $this->ldap->explodeDN($string, 0);
+		// if exploding a DN succeeds and does not end up in
+		// an empty array except for $r[count] being 0.
+		return (is_array($r) && count($r) > 1);
+	}
+
+	/**
 	 * sanitizes a DN received from the LDAP server
 	 * @param array $dn the DN in question
 	 * @return array the sanitized DN
diff --git a/apps/user_ldap/lib/user/iusertools.php b/apps/user_ldap/lib/user/iusertools.php
index e409f3afed3..bbc678153de 100644
--- a/apps/user_ldap/lib/user/iusertools.php
+++ b/apps/user_ldap/lib/user/iusertools.php
@@ -33,6 +33,8 @@ interface IUserTools {
 
 	public function readAttribute($dn, $attr, $filter = 'objectClass=*');
 
+	public function stringResemblesDN($string);
+
 	public function dn2username($dn, $ldapname = null);
 
 	public function username2dn($name);
diff --git a/apps/user_ldap/lib/user/manager.php b/apps/user_ldap/lib/user/manager.php
index 0f17900b5f3..0ed3d09c48f 100644
--- a/apps/user_ldap/lib/user/manager.php
+++ b/apps/user_ldap/lib/user/manager.php
@@ -143,8 +143,7 @@ class Manager {
 			return $this->users['byUid'][$id];
 		}
 
-		if(strpos(mb_strtolower($id, 'UTF-8'), 'dc=') === false
-		   && strpos(mb_strtolower($id, 'UTF-8'), 'uid=') === false ) {
+		if(!$this->access->stringResemblesDN($id) ) {
 			//most likely a uid
 			$dn = $this->access->username2dn($id);
 			if($dn !== false) {