Commit 01d7be4f authored by wannes's avatar wannes
Browse files

Use javax.naming.ldap.Rdn to escape values, because UnboundId DN parsing is a PITA

parent d0d5e6a2
......@@ -111,7 +111,7 @@ public class LDAP {
if (result == 1) return true;
LDAPConnection connection = new LDAPConnection(socketFactory, host.get(), Integer.parseInt(Config.get("ldap/port", "636")));
BindResult bind = connection.bind(new DN(dn).toString(), password);
BindResult bind = connection.bind(dn, password);
boolean success = bind.getResultCode().equals(ResultCode.SUCCESS);
connection.close();
return success;
......
......@@ -18,13 +18,13 @@
package be.neutrinet.ispng.vpn;
import be.neutrinet.ispng.security.OwnedEntity;
import com.unboundid.ldap.sdk.DN;
import com.unboundid.ldap.sdk.persist.LDAPField;
import com.unboundid.ldap.sdk.persist.LDAPGetter;
import com.unboundid.ldap.sdk.persist.LDAPObject;
import org.apache.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.naming.ldap.Rdn;
import java.io.ByteArrayOutputStream;
import java.security.MessageDigest;
import java.security.Security;
......@@ -76,14 +76,7 @@ public class User implements OwnedEntity {
}
public String getDN() {
String dn = "mail=" + email + "," + Users.usersDN();
try {
return new DN(dn).toString();
} catch (Exception ex) {
Logger.getLogger(getClass()).error("Malformed DN " + dn, ex);
}
return "";
return "mail=" + Rdn.escapeValue(email) + "," + Users.usersDN();
}
public void setPassword(String password) {
......
......@@ -26,6 +26,7 @@ import com.unboundid.ldap.sdk.persist.ObjectSearchListener;
import com.unboundid.ldap.sdk.persist.PersistedObjects;
import org.apache.log4j.Logger;
import javax.naming.ldap.Rdn;
import java.util.ArrayList;
import java.util.List;
import java.util.Optional;
......@@ -99,7 +100,7 @@ public class Users {
public static User get(String email) {
try {
return persister.get(new DN("mail=" + email + "," + usersDN()).toString(), LDAP.connection());
return persister.get("mail=" + Rdn.escapeValue(email) + "," + usersDN().toString(), LDAP.connection());
} catch (LDAPException ex) {
Logger.getLogger(Users.class).error("Failed to get user", ex);
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment