You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by je...@apache.org on 2005/02/04 01:29:47 UTC
svn commit: r151272 - in httpd/httpd/branches/2.0.x: CHANGES
modules/experimental/mod_auth_ldap.c
Author: jerenkrantz
Date: Thu Feb 3 16:29:44 2005
New Revision: 151272
URL: http://svn.apache.org/viewcvs?view=rev&rev=151272
Log:
mod_auth_ldap: Handle the inconsistent way in which the MS LDAP library
handles special characters.
MFC: 105379
PR: 24437
Submitted by: Jess Holle
Reviewed by: minfrin, wrowe, jim
Modified:
httpd/httpd/branches/2.0.x/CHANGES
httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c
Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?view=diff&r1=151271&r2=151272
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES (original)
+++ httpd/httpd/branches/2.0.x/CHANGES Thu Feb 3 16:29:44 2005
@@ -1,5 +1,8 @@
Changes with Apache 2.0.53
+ *) mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
+ library handles special characters. PR 24437. [Jess Holle]
+
*) Win32 MPM: Correct typo in debugging output. [William Rowe]
*) conf: Remove AddDefaultCharset from the default configuration because
Modified: httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c?view=diff&r1=151271&r2=151272
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c (original)
+++ httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c Thu Feb 3 16:29:44 2005
@@ -222,19 +222,47 @@
* LDAP filter metachars are escaped.
*/
filtbuf_end = filtbuf + FILTER_LENGTH - 1;
- for (p = user, q=filtbuf + strlen(filtbuf);
- *p && q < filtbuf_end; *q++ = *p++) {
#if APR_HAS_MICROSOFT_LDAPSDK
- /* Note: The Microsoft SDK escapes for us, so is not necessary */
+ for (p = user, q=filtbuf + strlen(filtbuf);
+ *p && q < filtbuf_end; ) {
+ if (strchr("*()\\", *p) != NULL) {
+ if ( q + 3 >= filtbuf_end)
+ break; /* Don't write part of escape sequence if we can't write all of it */
+ *q++ = '\\';
+ switch ( *p++ )
+ {
+ case '*':
+ *q++ = '2';
+ *q++ = 'a';
+ break;
+ case '(':
+ *q++ = '2';
+ *q++ = '8';
+ break;
+ case ')':
+ *q++ = '2';
+ *q++ = '9';
+ break;
+ case '\\':
+ *q++ = '5';
+ *q++ = 'c';
+ break;
+ }
+ }
+ else
+ *q++ = *p++;
+ }
#else
+ for (p = user, q=filtbuf + strlen(filtbuf);
+ *p && q < filtbuf_end; *q++ = *p++) {
if (strchr("*()\\", *p) != NULL) {
*q++ = '\\';
if (q >= filtbuf_end) {
- break;
- }
+ break;
+ }
}
-#endif
}
+#endif
*q = '\0';
/*