Univention Bugzilla – Attachment 7326 Details for
Bug 40129
LDAP filter escaping incomplete
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch
40129.patch (text/plain), 1.04 KB, created by
Florian Best
on 2015-11-30 13:53 CET
(
hide
)
Description:
patch
Filename:
MIME Type:
Creator:
Florian Best
Created:
2015-11-30 13:53 CET
Size:
1.04 KB
patch
obsolete
>diff --git a/management/univention-directory-manager-modules/modules/univention/admin/filter.py b/management/univention-directory-manager-modules/modules/univention/admin/filter.py >index f94a7a1..27cdff1 100644 >--- a/management/univention-directory-manager-modules/modules/univention/admin/filter.py >+++ b/management/univention-directory-manager-modules/modules/univention/admin/filter.py >@@ -32,19 +32,12 @@ > > import re > import types >+import ldap.filter > import univention.admin.uexceptions > > def escapeForLdapFilter(txt): >- """Escape LDAP filter value. >- Bug #19976: According to RFC2254 [*()\\\0] must be \\%02x encoded. >- >- >>> escapeForLdapFilter('key=value') >- 'key=value' >- >>> escapeForLdapFilter('description=Number (1)') >- 'description=Number \\\\281\\\\29' >- """ >- # parenthesis mess up ldap filters - they should be escaped >- return txt.replace('(', '\(').replace(')', '\)').replace('\\', '\\\\') >+ """Escape LDAP filter value.""" >+ return ldap.filter.escape_filter_chars(txt) > > class conjunction: > """LDAP filter conjunction (&) or disjunction (|)."""
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=7326">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 40129
:
7326
|
7342