[Freeipa-devel] [PATCH] misc escaping issues

Kevin McCarthy kmccarth at redhat.com
Fri Oct 5 22:28:27 UTC 2007 

This patch adds dn escaping when entries are created.
 e.g. cn=Bob"s Group
Also adds the null char to safe_filter.
Lastly fixes a double escaping issues with dynamicedit.js

-Kevin

-------------- next part --------------
# HG changeset patch
# User Kevin McCarthy <kmccarth at redhat.com>
# Date 1191623158 25200
# Node ID 85a9d3f6c031f7f318b4d8b8e507e38829c9df1c
# Parent  37e1c1e03c98e2e03f198c6c300587c4369c867e
Several escaping fixes:
- illegal dn characters need to be escaped
- null characters in search filters
- dynamicedit.js was double html escaping (the python layer does it already)

diff -r 37e1c1e03c98 -r 85a9d3f6c031 ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js
--- a/ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js	Fri Oct 05 13:59:35 2007 -0700
+++ b/ipa-server/ipa-gui/ipagui/static/javascript/dynamicedit.js	Fri Oct 05 15:25:58 2007 -0700
@@ -71,12 +71,12 @@ function renderMemberInfo(newdiv, info) 
 function renderMemberInfo(newdiv, info) {
   if (info.type == "user") {
     newdiv.appendChild(document.createTextNode(
-      info.name.escapeHTML() + " " + info.descr.escapeHTML() + " "));
+      info.name + " " + info.descr + " "));
   } else if (info.type == "group") {
     ital = document.createElement('i');
     ital.appendChild(document.createTextNode(
-      info.name.escapeHTML() + " " + 
-      info.descr.escapeHTML() + " "));
+      info.name + " " + 
+      info.descr + " "));
     newdiv.appendChild(ital);
   }
 }
diff -r 37e1c1e03c98 -r 85a9d3f6c031 ipa-server/xmlrpc-server/funcs.py
--- a/ipa-server/xmlrpc-server/funcs.py	Fri Oct 05 13:59:35 2007 -0700
+++ b/ipa-server/xmlrpc-server/funcs.py	Fri Oct 05 15:25:58 2007 -0700
@@ -22,6 +22,7 @@ sys.path.append("/usr/share/ipa")
 
 import krbV
 import ldap
+import ldap.dn
 import ipaserver.dsinstance
 import ipaserver.ipaldap
 import ipa.ipautil
@@ -347,7 +348,8 @@ class IPAServer:
         if self.__is_user_unique(user['uid'], opts) == 0:
             raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE)
 
-        dn="uid=%s,%s,%s" % (user['uid'], user_container,self.basedn)
+        dn="uid=%s,%s,%s" % (ldap.dn.escape_dn_chars(user['uid']),
+                             user_container,self.basedn)
         entry = ipaserver.ipaldap.Entry(dn)
 
         # FIXME: This should be dynamic and can include just about anything
@@ -650,7 +652,8 @@ class IPAServer:
         if self.__is_group_unique(group['cn'], opts) == 0:
             raise ipaerror.gen_exception(ipaerror.LDAP_DUPLICATE)
 
-        dn="cn=%s,%s,%s" % (group['cn'], group_container,self.basedn)
+        dn="cn=%s,%s,%s" % (ldap.dn.escape_dn_chars(group['cn']),
+                            group_container,self.basedn)
         entry = ipaserver.ipaldap.Entry(dn)
 
         # some required objectclasses
@@ -1017,5 +1020,7 @@ def ldap_search_escape(match):
     elif value == "*":
         # drop '*' from input.  search performs its own wildcarding
         return ""
+    elif value =='\x00':
+        return r'\00'
     else:
         return value
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4054 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20071005/46069de5/attachment.bin>

More information about the Freeipa-devel mailing list