From: Justin Erenkrantz <jerenkrantz@apache.org>
Date: Fri, 4 Feb 2005 00:29:44 +0000 (+0000)
Subject: mod_auth_ldap: Handle the inconsistent way in which the MS LDAP library
X-Git-Tag: 2.0.53~32
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c1e32e3f59de818e432f4a4ca65183536aebb42;p=thirdparty%2Fapache%2Fhttpd.git

mod_auth_ldap: Handle the inconsistent way in which the MS LDAP library
handles special characters.

MFC: 105379
PR: 24437
Submitted by: Jess Holle
Reviewed by: minfrin, wrowe, jim


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@151272 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index f5f7bb51731..eb4f2fb3dc6 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,8 @@
 Changes with Apache 2.0.53
 
+  *) mod_auth_ldap: Handle the inconsistent way in which the MS LDAP
+     library handles special characters.  PR 24437.  [Jess Holle]
+
   *) Win32 MPM: Correct typo in debugging output.  [William Rowe]
 
   *) conf: Remove AddDefaultCharset from the default configuration because
diff --git a/modules/experimental/mod_auth_ldap.c b/modules/experimental/mod_auth_ldap.c
index 93b014071c1..a7d8f7970e9 100644
--- a/modules/experimental/mod_auth_ldap.c
+++ b/modules/experimental/mod_auth_ldap.c
@@ -222,19 +222,47 @@ void mod_auth_ldap_build_filter(char *filtbuf,
      * LDAP filter metachars are escaped.
      */
     filtbuf_end = filtbuf + FILTER_LENGTH - 1;
-    for (p = user, q=filtbuf + strlen(filtbuf);
-         *p && q < filtbuf_end; *q++ = *p++) {
 #if APR_HAS_MICROSOFT_LDAPSDK
-        /* Note: The Microsoft SDK escapes for us, so is not necessary */
+    for (p = user, q=filtbuf + strlen(filtbuf);
+         *p && q < filtbuf_end; ) {
+        if (strchr("*()\\", *p) != NULL) {
+            if ( q + 3 >= filtbuf_end)
+              break;  /* Don't write part of escape sequence if we can't write all of it */
+            *q++ = '\\';
+            switch ( *p++ )
+            {
+              case '*':
+                *q++ = '2';
+                *q++ = 'a';
+                break;
+              case '(':
+                *q++ = '2';
+                *q++ = '8';
+                break;
+              case ')':
+                *q++ = '2';
+                *q++ = '9';
+                break;
+              case '\\':
+                *q++ = '5';
+                *q++ = 'c';
+                break;
+           }
+        }
+        else
+            *q++ = *p++;
+    }
 #else
+    for (p = user, q=filtbuf + strlen(filtbuf);
+         *p && q < filtbuf_end; *q++ = *p++) {
         if (strchr("*()\\", *p) != NULL) {
             *q++ = '\\';
             if (q >= filtbuf_end) {
-	        break;
-	    }
+              break;
+            }
         }
-#endif
     }
+#endif
     *q = '\0';
 
     /*