diff options
| author | Arthur Schiwon <blizzz@owncloud.com> | 2012-11-16 23:29:00 +0100 |
|---|---|---|
| committer | Arthur Schiwon <blizzz@owncloud.com> | 2012-11-21 19:25:10 +0100 |
| commit | 24e13419a38949aa554911c919956c591b0ee0cd (patch) | |
| tree | 18f8d46842cb9782ffb0e5664629f1b8f4b2bdac /apps/user_ldap | |
| parent | a85d891938475fa375c9056fbd58885077091404 (diff) | |
| download | nextcloud-server-24e13419a38949aa554911c919956c591b0ee0cd.tar.gz nextcloud-server-24e13419a38949aa554911c919956c591b0ee0cd.zip | |
LDAP: escape values in the DN, fixes #419
Diffstat (limited to 'apps/user_ldap')
| -rw-r--r-- | apps/user_ldap/lib/access.php | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/apps/user_ldap/lib/access.php b/apps/user_ldap/lib/access.php index b2244c17c0e..2273caec02c 100644 --- a/apps/user_ldap/lib/access.php +++ b/apps/user_ldap/lib/access.php @@ -119,6 +119,19 @@ abstract class Access { //make comparisons and everything work $dn = mb_strtolower($dn, 'UTF-8'); + //escape DN values according to RFC 2253 + //thanks to Kolab, http://git.kolab.org/pear/Net_LDAP3/tree/lib/Net/LDAP3.php#n1313 + $aDN = ldap_explode_dn($dn, false); + unset($aDN['count']); + foreach($aDN as $key => $part) { + $value = substr($part, strpos($part, '=')+1); + $escapedValue = strtr($value, Array(','=>'\2c', '='=>'\3d', '+'=>'\2b', + '<'=>'\3c', '>'=>'\3e', ';'=>'\3b', '\\'=>'\5c', + '"'=>'\22', '#'=>'\23')); + $part = str_replace($part, $value, $escapedValue); + } + $dn = implode(',', $aDN); + return $dn; } |