On Thu, Nov 19, 2009 at 07:30:32PM -0500, Simo Sorce wrote: > See commit comment. > > -- > Simo Sorce * Red Hat, Inc * New York
> >From 49862816e3b7077bc7a002c980901d31aff06269 Mon Sep 17 00:00:00 2001 > From: Simo Sorce <sso...@redhat.com> > Date: Thu, 19 Nov 2009 19:28:36 -0500 > Subject: [PATCH] Correctly escape DN value. > > In building the DN string we weren't correctly escaping the value of the RDN > component. This patches fixes that. > --- > server/db/sysdb_ops.c | 48 ++++++++++++++++++++++++++++++++++++++++++------ > 1 files changed, 42 insertions(+), 6 deletions(-) > > diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c > index 4a44f28..da53fd3 100644 > --- a/server/db/sysdb_ops.c > +++ b/server/db/sysdb_ops.c > @@ -2769,6 +2769,42 @@ int sysdb_store_user_recv(struct tevent_req *req) > > /* =Store-Group-(Native/Legacy)-(replaces-existing-data)================== */ > > +static char *build_dom_dn_str_escape(TALLOC_CTX *memctx, const char > *template, > + const char *domain, const char *name) > +{ > + char *ret; > + int l; > + > + l = strcspn(name, ",=\n+<>#;\\\""); Wouldn't it be better to always call ldb_dn_escape_value() instead of depending on a hardcoded set of characters which might be different in other/coming versions of libldb? bye, Sumit _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel