First Last Prev Next    This bug is not in your last search results.
Bug 34432 - Bracket in name of container leads to minor issues in subentries
Bracket in name of container leads to minor issues in subentries
Status: RESOLVED DUPLICATE of bug 40129
Product: UCS
Classification: Unclassified
Component: UMC - Domain management (Generic)
UCS 3.2
Other Linux
: P5 normal (vote)
: UCS 3.x
Assigned To: UMC maintainers
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-04-01 11:07 CEST by Dirk Wiesenthal
Modified: 2016-09-15 13:47 CEST (History)
3 users (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional):
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dirk Wiesenthal univentionstaff 2014-04-01 11:07:28 CEST 
Deleting a user in a container with brackets actually deletes the user but the frontend shows:

Die/das folgende(n) Objekt(e) konnte(n) nicht gelöscht werden:

    uid=baz,cn=foo (bar),$ldap_base: LDAP-Fehler Bad search filter

(No Traceback!)

Brackets in the container name may or may not have more severe consequences than this one. I have not found any, still I think the name should be more restricted or (even better) when searching, the filter should be escaped (I haven't looked up which search filter is bad, probably something in users/user.py)
Comment 1 Dirk Wiesenthal univentionstaff 2014-04-01 14:17:40 CEST 
Just found out that you can name your container like so:

"foo\, bar"

Renaming to "foobar" will not work. In fact, new containers are created, but this one will still exist and items in this container will not be moved. (This is due to the way the renaming is implemented: Creating a new container, moving all items there and then deleting self)

Renaming to "foo, bar" will even raise a KeyError.

Users below this container will have issues with assigned groups (appear as members in the group but not as group in self).
Comment 2 Alexander Kläser univentionstaff 2014-04-04 11:20:33 CEST 
(In reply to Dirk Wiesenthal from comment #1)
> Just found out that you can name your container like so:
> 
> "foo\, bar"
> …

Hm, AFAIS this should break the handling in the code which performs a dn.split(",")… even the lib function univention.uldap.explodeDn() does a simple split at ",".
Comment 3 Florian Best univentionstaff 2014-04-04 11:25:21 CEST 
The UCS@School lib also does manual splits at ','.
Comment 4 Florian Best univentionstaff 2016-09-15 13:47:02 CEST 
This meanwhile works. I retested:
User creation/modification/renaming/removal/moving to sub-container in Container "foo (bar) baz".
Renaming that container into "foo , bar (baz)".

(In reply to Alexander Kläser from comment #2)
> Hm, AFAIS this should break the handling in the code which performs a
> dn.split(",")… even the lib function univention.uldap.explodeDn() does a
> simple split at ",".
I fixed both in an UCS 4.1 erratum.

(In reply to Florian Best from comment #3)
> The UCS@School lib also does manual splits at ','.
I fixed this, too.

*** This bug has been marked as a duplicate of bug 40129 ***
First Last Prev Next    This bug is not in your last search results.