mod_auth_ldap: Handle the inconsistent way in which the MS LDAP library

author Justin Erenkrantz <jerenkrantz@apache.org>

Fri, 4 Feb 2005 00:29:44 +0000 (00:29 +0000)

committer Justin Erenkrantz <jerenkrantz@apache.org>

Fri, 4 Feb 2005 00:29:44 +0000 (00:29 +0000)
author Justin Erenkrantz <jerenkrantz@apache.org>
Fri, 4 Feb 2005 00:29:44 +0000 (00:29 +0000)
committer Justin Erenkrantz <jerenkrantz@apache.org>
Fri, 4 Feb 2005 00:29:44 +0000 (00:29 +0000)
diff --git a/CHANGES b/CHANGES

index f5f7bb517319bddc7761922361fbba9ed911c67b..eb4f2fb3dc64970100b4adb7340dc9bb57a0be84 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,8 @@
  Changes with Apache 2.0.53
  
+  *) mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
+     library handles special characters.  PR 24437.  [Jess Holle]
+
    *) Win32 MPM: Correct typo in debugging output.  [William Rowe]
  
    *) conf: Remove AddDefaultCharset from the default configuration because
diff --git a/modules/experimental/mod_auth_ldap.c b/modules/experimental/mod_auth_ldap.c

index 93b014071c14822c2df86fe38680955613b593cb..a7d8f7970e942b32c7b558a29a0f9c6fc9d137d4 100644 (file)
--- a/modules/experimental/mod_auth_ldap.c
+++ b/modules/experimental/mod_auth_ldap.c
@@ -222,19 +222,47 @@ void mod_auth_ldap_build_filter(char *filtbuf,
       * LDAP filter metachars are escaped.
       */
      filtbuf_end = filtbuf + FILTER_LENGTH - 1;
-    for (p = user, q=filtbuf + strlen(filtbuf);
-         *p && q < filtbuf_end; *q++ = *p++) {
  #if APR_HAS_MICROSOFT_LDAPSDK
-        /* Note: The Microsoft SDK escapes for us, so is not necessary */
+    for (p = user, q=filtbuf + strlen(filtbuf);
+         *p && q < filtbuf_end; ) {
+        if (strchr("*()\\", *p) != NULL) {
+            if ( q + 3 >= filtbuf_end)
+              break;  /* Don't write part of escape sequence if we can't write all of it */
+            *q++ = '\\';
+            switch ( *p++ )
+            {
+              case '*':
+                *q++ = '2';
+                *q++ = 'a';
+                break;
+              case '(':
+                *q++ = '2';
+                *q++ = '8';
+                break;
+              case ')':
+                *q++ = '2';
+                *q++ = '9';
+                break;
+              case '\\':
+                *q++ = '5';
+                *q++ = 'c';
+                break;
+           }
+        }
+        else
+            *q++ = *p++;
+    }
  #else
+    for (p = user, q=filtbuf + strlen(filtbuf);
+         *p && q < filtbuf_end; *q++ = *p++) {
          if (strchr("*()\\", *p) != NULL) {
              *q++ = '\\';
              if (q >= filtbuf_end) {
-               break;
-           }
+              break;
+            }
          }
-#endif
      }
+#endif
      *q = '\0';
  
      /*
author	Justin Erenkrantz <jerenkrantz@apache.org>
	Fri, 4 Feb 2005 00:29:44 +0000 (00:29 +0000)
committer	Justin Erenkrantz <jerenkrantz@apache.org>
	Fri, 4 Feb 2005 00:29:44 +0000 (00:29 +0000)
CHANGES		patch \| blob \| blame \| history
modules/experimental/mod_auth_ldap.c		patch \| blob \| blame \| history