search

threerings / openvpn-auth-ldap

Implements username/password authentication via LDAP for OpenVPN 2.x.
Other
134 stars 63 forks source link

Cannot use a Bind Password containing double quotes #84

Open jgitlin-p21 opened 3 years ago

jgitlin-p21 commented 3 years ago

It appears there is no way to escape a double quote value " within the config file.

The leads to issues when the LDAP Bind Password contains a quote.

Example: Bind password of: TedSG"F!Bv$t@4P#&aJ6

Config like:

<LDAP>
  URL           ldap://ldapexample.com:389/
  BindDN                uid=ldap,ou=Users,o=example,dc=com
  Password  "TedSG\"F!Bv$t@4P#&aJ6"
...

Results in error:

A parse error occured while attempting to comprehend F!Bv$t@4P#&aJ6, on line 12.
Fri May  7 19:15:12 2021 PLUGIN_INIT: plugin initialization function failed: /usr/lib64/openvpn/plugin/lib/openvpn-auth-ldap.so
Fri May  7 19:15:12 2021 Exiting due to fatal error

If there is an escape character I should be using, please let me know! I reviewed the TRConfigLexer.re and could not find the proper syntax to use...

jgitlin-p21 commented 3 years ago

I have since worked around this issue by writing my own LDAP authentication script; therefore please feel free to deprioritize this issue (or close it outright) if nobody else appears to be affected.