Univention Bugzilla – Attachment 10063 Details for
Bug 39345
urlencode ldap base in slapd.conf
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
39345.patch (text/plain), 2.53 KB, created by
Florian Best
on 2019-06-13 19:33 CEST
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Florian Best
Created:
2019-06-13 19:33 CEST
Size:
2.53 KB
patch
obsolete
>commit 6a093f405d5a7821bc3535913e8b65db87356238 >Author: Florian Best <best@univention.de> >Date: Tue Jan 8 19:16:11 2019 +0100 > > Bug #39345: quote ldap base in URIs > >diff --git a/base/univention-lib/python/misc.py b/base/univention-lib/python/misc.py >index 4ba8f0bbb2..6617bc4900 100644 >--- a/base/univention-lib/python/misc.py >+++ b/base/univention-lib/python/misc.py >@@ -32,6 +32,7 @@ Univention Common Python Library > > import univention.config_registry > import subprocess >+from urllib import quote > > > def createMachinePassword(): >@@ -80,7 +81,7 @@ def getLDAPURIs(configRegistryInstance=None): > if ldap_server_addition: > ldaphosts.extend(ldap_server_addition.split()) > if ldaphosts: >- urilist = ["ldap://%s:%s" % (host, port) for host in ldaphosts] >+ urilist = ["ldap://%s:%s" % (quote(host), quote(port)) for host in ldaphosts] > uri_string = ' '.join(urilist) > > return uri_string >diff --git a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master >index 3d7aecd147..9849ba080e 100644 >--- a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master >+++ b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-master >@@ -1,5 +1,6 @@ > @!@ > from univention.lib.misc import custom_username, custom_groupname >+from urllib import quote > > ldap_base = configRegistry['ldap/base'] > ldap_port = configRegistry['slapd/port'] >@@ -10,7 +11,7 @@ users_default_administrator = custom_username('Administrator') > > print 'authz-regexp' > print ' uid=([^,]*),cn=(gssapi|saml),cn=auth' >-print ' ldap:///%s??sub?uid=$1' % (ldap_base,) >+print ' ldap:///%s??sub?uid=$1' % (quote(ldap_base),) > print > > print 'access to attrs=uid value=root by * none stop' >diff --git a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave >index 40bb6e3d7c..bfaef0a837 100644 >--- a/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave >+++ b/management/univention-ldap/conffiles/etc/ldap/slapd.conf.d/60univention-ldap-server_acl-slave >@@ -1,6 +1,9 @@ > authz-regexp > uid=([^,]*),cn=(gssapi|saml),cn=auth >- ldap:///@%@ldap/base@%@??sub?uid=$1 >+@!@ >+from urllib import quote >+print '\tldap:///%s??sub?uid=$1' % (quote(configRegistry['ldap/base']),) >+@!@ > > # allow authentication > access to attrs=userPassword
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
Actions:
View
|
Diff
Attachments on
bug 39345
:
9793
|
9794
| 10063