Univention Bugzilla – Full Text Bug Listing |
Summary: | LDAP filter escaping incomplete | ||
---|---|---|---|
Product: | UCS | Reporter: | Florian Best <best> |
Component: | UDM (Generic) | Assignee: | Florian Best <best> |
Status: | CLOSED FIXED | QA Contact: | Stefan Gohmann <gohmann> |
Severity: | normal | ||
Priority: | P5 | CC: | gohmann, hahn, steuwer, wiesenthal |
Version: | UCS 4.1 | ||
Target Milestone: | UCS 4.1-2-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: |
https://forge.univention.org/bugzilla/show_bug.cgi?id=34436 https://forge.univention.org/bugzilla/show_bug.cgi?id=36487 https://forge.univention.org/bugzilla/show_bug.cgi?id=40041 |
||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | Error handling, External feedback, Security | |
Max CVSS v3 score: | |||
Attachments: |
patch
patch |
Comment 1
Florian Best
2015-12-01 18:22:09 CET
Oh no, this is a bug in the self service module itself. Created attachment 7342 [details]
patch
The functions univention.admin.parentDn and univention.admin.explodeDn should also use the official functions from the ldap library.
Reported again, 4.0-4 errata363 (Walle) Remark: Hallo, Aufgrund diesen Fehler kann ich die Gruppe weder bearbeiten, noch umbennen oder löschen. Es klappt nicht über die management oberfläche und auch nicht über ssh. Können Sie mir da weiterhelfen? All broken LDAP filter escaping in univention-directory-manager-modules has been fixed. univention-directory-manager-modules (11.0.3-17): r70589 | Bug #40129: escape ldap filters univention-python (9.0.1-4): r70653 | Bug #40129: use official python-LDAP utilities univention-directory-manager-modules.yaml: r70599 | YAML Bug #41580, Bug #40041, Bug #40129, Bug #38110, Bug #40422 univention-directory-manager-modules (11.0.3-21): r70620 | Bug #40129: fix filter formatting for multivalue fields → use only the first value of that multivalue, should be fixed correctly by Bug #7430 univention-python.yaml: r70654 | YAML Bug #40129 Found some more: univention-directory-manager-modules (11.0.3-25): r70751 | Bug #40129: more LDAP filter escaping This seems to have broken the last Jenkins run: +280 failures like <http://jenkins.knut.univention.de:8080/job/UCS-4.1/job/UCS-4.1-2/job/AutotestJoin/lastCompletedBuild/SambaVersion=s4,Systemrolle=master/testReport/66_udm-computers/01_all_roles_removal/test/> *** Bug 41111 has been marked as a duplicate of this bug. *** (In reply to Philipp Hahn from comment #10) > This seems to have broken the last Jenkins run: +280 failures like > <http://jenkins.knut.univention.de:8080/job/UCS-4.1/job/UCS-4.1-2/job/ > AutotestJoin/lastCompletedBuild/SambaVersion=s4,Systemrolle=master/ > testReport/66_udm-computers/01_all_roles_removal/test/> univention-directory-manager-modules (11.0.3-28): r70768 | Bug #40129: fixup svn r70751 Reported again, 4.1-2 errata206 (Vahr) Remark: Gave OU a name with brackets in UMC. Appeared to work on creation and moving a computer object into it. However, subsequent renaming in Active directory computers and users exposed a problem with sync to openldap. Subsequent attempts to rename, move computer object and delete OU all give the below search filter error. Assume it's failing on brackets in the name. Execution of command 'udm/nav/object/query navigation' has failed: Traceback (most recent call last): File "%PY2.7%/notifier/threads.py", line 82, in _run tmp = self._function() File "%PY2.7%/notifier/__init__.py", line 104, in __call__ return self._function( *tmp, **self._kwargs ) File "%PY2.7%/univention/management/console/modules/udm/__init__.py", line 1035, in _thread for module, obj in list_objects(container, object_type=object_type): File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 1074, in list_objects yield (module, module.get(dn)) File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 87, in _decorated return method(*args, **kwargs) File "%PY2.7%/univention/management/console/ldap.py", line 135, in _decorated result = func(*args, **kwargs) File "%PY2.7%/univention/management/console/modules/udm/udm_ldap.py", line 507, in get obj.open() File "%PY2.7%/univention/admin/handlers/computers/windows.py", line 395, in open univention.admin.handlers.simpleComputer.open( self ) File "%PY2.7%/univention/admin/handlers/__init__.py", line 1273, in open result=self.lo.search(base=self.lo.base, filter=searchFilter, attr=['dn']) File "%PY2.7%/univention/admin/uldap.py", line 363, in search raise univention.admin.uexceptions.ldapError('%s: %s' % (_err2str(msg), filter)) ldapError: Bad search filter: (&(objectclass=univentionGroup)(uniqueMember=cn=***,ou=Laptops \\(roaming\\),dc=***,dc=com,dc=au)) Very good. Code review: OK r70653 → OK r70589 → OK r70620 → OK r70751 → OK r70768 → OK YAML: OK (minor adjustment r70835) Tests: OK <http://errata.software-univention.de/ucs/4.1/207.html> <http://errata.software-univention.de/ucs/4.1/208.html> *** Bug 10687 has been marked as a duplicate of this bug. *** Reported again, 4.1-2 errata206 (Vahr) *** Bug 34522 has been marked as a duplicate of this bug. *** *** Bug 34432 has been marked as a duplicate of this bug. *** |