EscapeFilter the group dn membership (#20200)
The uid provided to the group filter must be properly escaped using the provided ldap.EscapeFilter function. Fix #20181 Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
		
							parent
							
								
									45f17528a8
								
							
						
					
					
						commit
						6efbe49439
					
				
					 1 changed files with 1 additions and 1 deletions
				
			
		|  | @ -199,7 +199,7 @@ func checkRestricted(l *ldap.Conn, ls *Source, userDN string) bool { | ||||||
| // List all group memberships of a user | // List all group memberships of a user | ||||||
| func (source *Source) listLdapGroupMemberships(l *ldap.Conn, uid string) []string { | func (source *Source) listLdapGroupMemberships(l *ldap.Conn, uid string) []string { | ||||||
| 	var ldapGroups []string | 	var ldapGroups []string | ||||||
| 	groupFilter := fmt.Sprintf("(%s=%s)", source.GroupMemberUID, uid) | 	groupFilter := fmt.Sprintf("(%s=%s)", source.GroupMemberUID, ldap.EscapeFilter(uid)) | ||||||
| 	result, err := l.Search(ldap.NewSearchRequest( | 	result, err := l.Search(ldap.NewSearchRequest( | ||||||
| 		source.GroupDN, | 		source.GroupDN, | ||||||
| 		ldap.ScopeWholeSubtree, | 		ldap.ScopeWholeSubtree, | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		
		Reference in a new issue
	
	 zeripath
						zeripath