On Fri, 2009-11-20 at 09:50 +0100, Sumit Bose wrote:
> On Thu, Nov 19, 2009 at 07:30:32PM -0500, Simo Sorce wrote:
> > See commit comment.
> >
> > --
> > Simo Sorce * Red Hat, Inc * New York
>
> > >From 49862816e3b7077bc7a002c980901d31aff06269 Mon Sep 17 00:00:00 2001
> > From: Simo Sorce <sso...@redhat.com>
> > Date: Thu, 19 Nov 2009 19:28:36 -0500
> > Subject: [PATCH] Correctly escape DN value.
> >
> > In building the DN string we weren't correctly escaping the value of the RDN
> > component. This patches fixes that.
> > ---
> > server/db/sysdb_ops.c | 48
> > ++++++++++++++++++++++++++++++++++++++++++------
> > 1 files changed, 42 insertions(+), 6 deletions(-)
> >
> > diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c
> > index 4a44f28..da53fd3 100644
> > --- a/server/db/sysdb_ops.c
> > +++ b/server/db/sysdb_ops.c
> > @@ -2769,6 +2769,42 @@ int sysdb_store_user_recv(struct tevent_req *req)
> >
> > /* =Store-Group-(Native/Legacy)-(replaces-existing-data)==================
> > */
> >
> > +static char *build_dom_dn_str_escape(TALLOC_CTX *memctx, const char
> > *template,
> > + const char *domain, const char *name)
> > +{
> > + char *ret;
> > + int l;
> > +
> > + l = strcspn(name, ",=\n+<>#;\\\"");
>
> Wouldn't it be better to always call ldb_dn_escape_value() instead of
> depending on a hardcoded set of characters which might be different in
> other/coming versions of libldb?
Theorethically it would, but members list can be quite long and
ldb_dn_escape_value() always allocates memory.
The list is unlikely to change though, as it is in an LDAP standard.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
