search

389ds / 389-ds-base

The enterprise-class Open Source LDAP server for Linux
https://www.port389.org/
Other
210 stars 90 forks source link

Issue 6199 - wrong search query during certificate based authentication #6205

Closed progier389 closed 3 months ago

progier389 commented 3 months ago

Problems: SubjectDN extracted from the certificate is not escaped when used by certmap.conf Other extracted value are wrongly escaped and quoted when added in filter

Solution: Ensure that proper escape function is used in these two cases. Values in filter should not be quoted but * should be escaped.

Note: I considered to reuse the ldap_bv2escaped_filter_value function but it needless realloc the returned data so I ended up to rewrite something the escape function (which is quite straightforward anyway).

Issue: #6199

Reviewed by: @droideck

progier389 commented 3 months ago

Fixed the extra space that cause "Validate tests" to fail Fixed the missing free(certFilter)

progier389 commented 3 months ago

I agree about waiting for the CI tests