Escape DN when searching LDAP with a filter

[felddy]

🗣 Description

• Escape the subject before using it to search LDAP. This broke when a contractor tried to PIV into the COOL. The (affiliate) broke the search.
• Pulled in skeleton

Closes #6

💭 Motivation and Context

Contractors are people too.

🧪 Testing

Tested in production (where it was debugged)

📷 Screenshots (if appropriate)

🚥 Types of Changes

• [x] Bug fix (non-breaking change which fixes an issue)
• [ ] New feature (non-breaking change which adds functionality)
• [ ] Breaking change (causes existing functionality to change)

✅ Checklist

• [x] My code follows the code style of this project.
• [ ] My change requires a change to the documentation.
• [ ] I have updated the documentation accordingly.
• [x] I have read the CONTRIBUTING document.
• [ ] I have added tests to cover my changes.
• [x] All new and existing tests passed.

[felddy]

Looks like fedora31 and fedora29 don't have c_rehash installed. (Part of OpenSSL) https://www.openssl.org/docs/man1.0.2/man1/c_rehash.html

Thoughts?

    TASK [ansible-role-openvpn : Fetch DHS CA certificates using fetch_user_ca_certs.sh] ***
    fatal: [fedora31]: FAILED! => {"changed": true, "cmd": ["/etc/openvpn/server/fetch_user_ca_certs.sh"], "delta": "0:00:00.786731", "end": "2020-03-19 21:58:41.495663", "msg": "non-zero return code", "rc": 127, "start": "2020-03-19 21:58:40.708932", "stderr": "/etc/openvpn/server/fetch_user_ca_certs.sh: line 40: c_rehash: command not found", "stderr_lines": ["/etc/openvpn/server/fetch_user_ca_certs.sh: line 40: c_rehash: command not found"], "stdout": "", "stdout_lines": []}
    changed: [kali]
    changed: [debian11]
    changed: [debian10]
    fatal: [fedora29]: FAILED! => {"changed": true, "cmd": ["/etc/openvpn/server/fetch_user_ca_certs.sh"], "delta": "0:00:01.597671", "end": "2020-03-19 21:58:42.144962", "msg": "non-zero return code", "rc": 127, "start": "2020-03-19 21:58:40.547291", "stderr": "/etc/openvpn/server/fetch_user_ca_certs.sh: line 40: c_rehash: command not found", "stderr_lines": ["/etc/openvpn/server/fetch_user_ca_certs.sh: line 40: c_rehash: command not found"], "stdout": "", "stdout_lines": []}

[jsf9k]

@felddy, I made some changes to get rid of most of the failures. The Debian 11 build is still failing, but that is because I don't have a systemd-enabled Debian 11 image. I can create one tomorrow, and then everything should pass.

[felddy]

Thanks @jsf9k, no rush.

[felddy]

Just reviewed additions. Thanks for modernizing it... This is the way™.