You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by je...@apache.org on 2005/02/04 01:29:47 UTC

svn commit: r151272 - in httpd/httpd/branches/2.0.x: CHANGES modules/experimental/mod_auth_ldap.c

Author: jerenkrantz
Date: Thu Feb  3 16:29:44 2005
New Revision: 151272

URL: http://svn.apache.org/viewcvs?view=rev&rev=151272
Log:
mod_auth_ldap: Handle the inconsistent way in which the MS LDAP library
handles special characters.

MFC: 105379
PR: 24437
Submitted by: Jess Holle
Reviewed by: minfrin, wrowe, jim

Modified:
    httpd/httpd/branches/2.0.x/CHANGES
    httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c

Modified: httpd/httpd/branches/2.0.x/CHANGES
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/CHANGES?view=diff&r1=151271&r2=151272
==============================================================================
--- httpd/httpd/branches/2.0.x/CHANGES (original)
+++ httpd/httpd/branches/2.0.x/CHANGES Thu Feb  3 16:29:44 2005
@@ -1,5 +1,8 @@
 Changes with Apache 2.0.53
 
+  *) mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
+     library handles special characters.  PR 24437.  [Jess Holle]
+
   *) Win32 MPM: Correct typo in debugging output.  [William Rowe]
 
   *) conf: Remove AddDefaultCharset from the default configuration because

Modified: httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c
URL: http://svn.apache.org/viewcvs/httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c?view=diff&r1=151271&r2=151272
==============================================================================
--- httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c (original)
+++ httpd/httpd/branches/2.0.x/modules/experimental/mod_auth_ldap.c Thu Feb  3 16:29:44 2005
@@ -222,19 +222,47 @@
      * LDAP filter metachars are escaped.
      */
     filtbuf_end = filtbuf + FILTER_LENGTH - 1;
-    for (p = user, q=filtbuf + strlen(filtbuf);
-         *p && q < filtbuf_end; *q++ = *p++) {
 #if APR_HAS_MICROSOFT_LDAPSDK
-        /* Note: The Microsoft SDK escapes for us, so is not necessary */
+    for (p = user, q=filtbuf + strlen(filtbuf);
+         *p && q < filtbuf_end; ) {
+        if (strchr("*()\\", *p) != NULL) {
+            if ( q + 3 >= filtbuf_end)
+              break;  /* Don't write part of escape sequence if we can't write all of it */
+            *q++ = '\\';
+            switch ( *p++ )
+            {
+              case '*':
+                *q++ = '2';
+                *q++ = 'a';
+                break;
+              case '(':
+                *q++ = '2';
+                *q++ = '8';
+                break;
+              case ')':
+                *q++ = '2';
+                *q++ = '9';
+                break;
+              case '\\':
+                *q++ = '5';
+                *q++ = 'c';
+                break;
+           }
+        }
+        else
+            *q++ = *p++;
+    }
 #else
+    for (p = user, q=filtbuf + strlen(filtbuf);
+         *p && q < filtbuf_end; *q++ = *p++) {
         if (strchr("*()\\", *p) != NULL) {
             *q++ = '\\';
             if (q >= filtbuf_end) {
-	        break;
-	    }
+              break;
+            }
         }
-#endif
     }
+#endif
     *q = '\0';
 
     /*