Mercurial > dovecot > core-2.2
changeset 1189:2cb8e2136283 HEAD
Escape special chars in username if needed.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Tue, 18 Feb 2003 19:18:31 +0200 |
parents | 188e2ca0b36c |
children | c54c61822d27 |
files | src/auth/db-ldap.c src/auth/db-ldap.h src/auth/passdb-ldap.c src/auth/userdb-ldap.c |
diffstat | 4 files changed, 29 insertions(+), 0 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/db-ldap.c Tue Feb 18 13:44:42 2003 +0200 +++ b/src/auth/db-ldap.c Tue Feb 18 19:18:31 2003 +0200 @@ -9,6 +9,7 @@ #include "network.h" #include "ioloop.h" #include "hash.h" +#include "str.h" #include "settings.h" #include "db-ldap.h" @@ -261,6 +262,29 @@ } } +const char *ldap_escape(const char *str) +{ + string_t *s; + const char *p; + + for (p = str; *p != '\0'; p++) { + if (strchr("*()\\", *p) != NULL) + break; + } + + if (*p == '\0') + return str; + + s = t_str_new(64); + str_append_n(s, str, (size_t) (p-str)); + for (; *p != '\0'; p++) { + if (strchr("*()\\", *p) != NULL) + str_append_c(s, '\\'); + str_append_c(s, *p); + } + return str_c(s); +} + static const char *parse_setting(const char *key, const char *value, void *context) {
--- a/src/auth/db-ldap.h Tue Feb 18 13:44:42 2003 +0200 +++ b/src/auth/db-ldap.h Tue Feb 18 19:18:31 2003 +0200 @@ -59,4 +59,6 @@ struct ldap_connection *db_ldap_init(const char *config_path); void db_ldap_unref(struct ldap_connection *conn); +const char *ldap_escape(const char *str); + #endif
--- a/src/auth/passdb-ldap.c Tue Feb 18 13:44:42 2003 +0200 +++ b/src/auth/passdb-ldap.c Tue Feb 18 19:18:31 2003 +0200 @@ -73,6 +73,7 @@ } else { attr = ldap_first_attribute(conn->ld, entry, &ber); while (attr != NULL) { + i_warning("attr: %s", attr); vals = ldap_get_values(conn->ld, entry, attr); if (vals != NULL && vals[0] != NULL && vals[1] == NULL) { @@ -160,6 +161,7 @@ auth_request->realm, NULL); } + user = ldap_escape(user); if (conn->set.pass_filter == NULL) { filter = t_strdup_printf("(&(objectClass=posixAccount)(%s=%s))", passdb_ldap_conn->attr_names[ATTR_VIRTUAL_USER], user);
--- a/src/auth/userdb-ldap.c Tue Feb 18 13:44:42 2003 +0200 +++ b/src/auth/userdb-ldap.c Tue Feb 18 19:18:31 2003 +0200 @@ -148,6 +148,7 @@ if (realm != NULL) user = t_strconcat(user, "@", realm, NULL); + user = ldap_escape(user); if (conn->set.user_filter == NULL) { filter = t_strdup_printf("(&(objectClass=posixAccount)(%s=%s))", userdb_ldap_conn->attr_names[ATTR_VIRTUAL_USER], user);