[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#3419) slap_sasl_getdn() does not escape RDN value

To: openldap-its@OpenLDAP.org
Subject: (ITS#3419) slap_sasl_getdn() does not escape RDN value
From: lukeh@padl.com
Date: Mon, 6 Dec 2004 12:44:17 GMT

Full_Name: Luke Howard
Version: 2.2.19
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (203.13.32.92)


If a SASL mechanism returns a user authentication identity containing a
character that is significant in a distinguished name (eg: u:DOMAIN\user), then
slap_sasl_getdn() will fail with LDAP_INVALID_SYNTAX.

Rather than constructing the SASL authorization DN by concatenating strings, it
needs to treat the user name as an unescaped RDN value, and call ldap_dn2str()
to convert it into a string.

Prev by Date: [Fwd: Re: slapd locks up on modify op (ITS#3365)]
Next by Date: Re: (ITS#3419) slap_sasl_getdn() does not escape RDN value
Index(es):
- Chronological
- Thread