Encode LDAP user names

traccar · Feb 26, 2020 · e4f6e74 · e4f6e74
1 parent 886a1ac
commit e4f6e74
Showing 1 changed file with 33 additions and 3 deletions.
diff --git a/src/main/java/org/traccar/database/LdapProvider.java b/src/main/java/org/traccar/database/LdapProvider.java
@@ -1,5 +1,5 @@
 /*
- * Copyright 2017 Anton Tananaev (anton@traccar.org)
+ * Copyright 2017 - 2020 Anton Tananaev (anton@traccar.org)
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -81,7 +81,7 @@ private boolean isAdmin(String accountName) {
         if (this.adminFilter != null) {
             try {
                 InitialDirContext context = initContext();
-                String searchString = adminFilter.replace(":login", accountName);
+                String searchString = adminFilter.replace(":login", encodeForLdap(accountName));
                 SearchControls searchControls = new SearchControls();
                 searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
                 NamingEnumeration<SearchResult> results = context.search(searchBase, searchString, searchControls);
@@ -107,7 +107,7 @@ public InitialDirContext initContext() throws NamingException {
     private SearchResult lookupUser(String accountName) throws NamingException {
         InitialDirContext context = initContext();
 
-        String searchString = searchFilter.replace(":login", accountName);
+        String searchString = searchFilter.replace(":login", encodeForLdap(accountName));
 
         SearchControls searchControls = new SearchControls();
         String[] attributeFilter = {idAttribute, nameAttribute, mailAttribute};
@@ -176,4 +176,34 @@ public boolean login(String username, String password) {
         return false;
     }
 
+    public String encodeForLdap(String input) {
+        if( input == null ) {
+            return null;
+        }
+        StringBuilder sb = new StringBuilder();
+        for (int i = 0; i < input.length(); i++) {
+            char c = input.charAt(i);
+            switch (c) {
+                case '\\':
+                    sb.append("\\5c");
+                    break;
+                case '*':
+                    sb.append("\\2a");
+                    break;
+                case '(':
+                    sb.append("\\28");
+                    break;
+                case ')':
+                    sb.append("\\29");
+                    break;
+                case '\0':
+                    sb.append("\\00");
+                    break;
+                default:
+                    sb.append(c);
+            }
+        }
+        return sb.toString();
+    }
+
 }