summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2011-05-25 10:54:17 +0200
committerStephen Gallagher <sgallagh@redhat.com>2011-05-25 10:41:27 -0400
commit7efa8f8a0c3febfecd853e1c922de9df1dd09a89 (patch)
tree7783048974728b92e31bc41aa1a079d7a26a8fdb /src/providers/ldap
parent6e588d6381bea40e8678de5650a2aab41e4a382f (diff)
downloadsssd-7efa8f8a0c3febfecd853e1c922de9df1dd09a89.tar.gz
sssd-7efa8f8a0c3febfecd853e1c922de9df1dd09a89.tar.bz2
sssd-7efa8f8a0c3febfecd853e1c922de9df1dd09a89.zip
Sanitize username during initgroups call
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/sdap_async_accounts.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c
index 2a85cf7c..13311642 100644
--- a/src/providers/ldap/sdap_async_accounts.c
+++ b/src/providers/ldap/sdap_async_accounts.c
@@ -3007,6 +3007,7 @@ struct tevent_req *sdap_get_initgr_send(TALLOC_CTX *memctx,
const char *base_dn;
char *filter;
int ret;
+ char *clean_name;
DEBUG(9, ("Retrieving info for initgroups call\n"));
@@ -3023,9 +3024,14 @@ struct tevent_req *sdap_get_initgr_send(TALLOC_CTX *memctx,
state->grp_attrs = grp_attrs;
state->orig_user = NULL;
+ ret = sss_filter_sanitize(state, name, &clean_name);
+ if (ret != EOK) {
+ return NULL;
+ }
+
filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
state->opts->user_map[SDAP_AT_USER_NAME].name,
- state->name,
+ clean_name,
state->opts->user_map[SDAP_OC_USER].name);
if (!filter) {
talloc_zfree(req);