[jira] [Commented] (CAMEL-18811) camel-ldap - InvalidSearchFilterException: invalid attribute description

Tue, 03 Jan 2023 07:54:42 -0800 


    [ 
https://issues.apache.org/jira/browse/CAMEL-18811?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17654077#comment-17654077
 ] 

Christian Schubert-Huff commented on CAMEL-18811:
-------------------------------------------------

On a sidenote, the CVE retraction process seems somewhat slow and unreliable to 
me. We migrated to 3.20.0, and yet, that version of camel-ldap was again 
flagged as vulnerable to the CVE, with a criticality that - once again - broke 
our build.

> camel-ldap - InvalidSearchFilterException: invalid attribute description
> ------------------------------------------------------------------------
>
>                 Key: CAMEL-18811
>                 URL: https://issues.apache.org/jira/browse/CAMEL-18811
>             Project: Camel
>          Issue Type: Bug
>          Components: camel-ldap
>    Affects Versions: 3.14.7, 3.18.4
>         Environment: linux, jdk11, camel-main, camel-ldap, ActiveDirectory
>            Reporter: Christian Schubert-Huff
>            Assignee: Claus Ibsen
>            Priority: Minor
>             Fix For: 3.14.8, 3.18.5, 3.20.0
>
>
> We updated to camel 3.18.4 and this broke camel-ldap, running against 
> ActiveDirectory.
> Filter string is "(CN=USERID)". In 3.18.4, this gets escaped to 
> "\28CN=USERID\29" (changed by CAMEL-18696), which does not return a result, 
> but instead throws this exception:
> {code:java}
> javax.naming.directory.InvalidSearchFilterException: invalid attribute 
> description; remaining name 'OU=Std,OU=User,OU=ORG,DC=ad,DC=example,DC=com'
>         at java.naming/com.sun.jndi.ldap.Filter.encodeSimpleFilter(Unknown 
> Source)
>         at java.naming/com.sun.jndi.ldap.Filter.encodeFilter(Unknown Source)
>         at java.naming/com.sun.jndi.ldap.Filter.encodeFilterString(Unknown 
> Source)
>         at java.naming/com.sun.jndi.ldap.LdapClient.search(Unknown Source)
>         at java.naming/com.sun.jndi.ldap.LdapCtx.doSearch(Unknown Source)
>         at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
>         at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
>         at 
> java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown 
> Source)
>         at 
> java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown
>  Source)
>         at 
> java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown
>  Source)
>         at 
> java.naming/javax.naming.directory.InitialDirContext.search(Unknown Source)
>         at 
> org.apache.camel.component.ldap.LdapProducer.simpleSearch(LdapProducer.java:129)
>         at 
> org.apache.camel.component.ldap.LdapProducer.process(LdapProducer.java:83)
> {code}
> The same filter string used to work fine in 3.18.1



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to