Skip to content
This repository has been archived by the owner on Nov 25, 2020. It is now read-only.

Commit

Permalink
Fix ldap UserID with spec chars breaks ldapsearch
Browse files Browse the repository at this point in the history
  • Loading branch information
@c12simple
c12simple committed Sep 22, 2016
1 parent 35a2c19 commit 5c65dbd
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 2 deletions.
9 changes: 8 additions & 1 deletion core/src/plugins/auth.ldap/LdapAuthDriver.php
View file
Expand Up @@ -988,6 +988,13 @@ public function getLdapGroupListFromDN()
*/ */
public function sanitize($s, $level = InputFilter::SANITIZE_HTML) public function sanitize($s, $level = InputFilter::SANITIZE_HTML)
{ {
return $s; $preg = '/[\\/<>\?\*\\\\|;:,+"\]\[]/';
/**
* These are illegal characters and can break ldap searching.
* when we create new user on Windows AD, these illegal characters will be replaced by '_'.
* Give a try by replacement of '_'
*/
$newS = preg_replace($preg, '_', $s);
return $newS;
} }
} }
2 changes: 1 addition & 1 deletion core/src/plugins/auth.multi/MultiAuthDriver.php
View file
Expand Up @@ -568,7 +568,7 @@ public function sanitize($s, $level = InputFilter::SANITIZE_HTML)
* Override only for ldap. * Override only for ldap.
*/ */
if ($this->masterSlaveMode) { if ($this->masterSlaveMode) {
if ($this->masterName == 'ldap') { if (($this->masterName == 'ldap') || ($this->masterName == 'ldapv2')) {
return $this->drivers[$this->masterName]->sanitize($s, $level); return $this->drivers[$this->masterName]->sanitize($s, $level);
} }
} }
Expand Down

0 comments on commit 5c65dbd

Please sign in to comment.