Ignore extra spaces in baseDN and attributes when creating LDAP search request #12086
Conversation
|
@liggitt my hope is this fixes https://bugzilla.redhat.com/show_bug.cgi?id=1399781 |
|
I don't know that much about LDAP, but seeing this: seems not accurate. It's as if the server is having a bad day and putting spaces randomly in some entries and others not. I'm guessing it might be misconfiguration somewhere, but not 100% sure. |
| return -1 | ||
| } | ||
| return r | ||
| } | ||
| if strings.EqualFold(o.QueryAttribute, "dn") { | ||
| if _, err := ldap.ParseDN(attributeValue); err != nil { |
There was a problem hiding this comment.
Can we use result of this function instead of manually parsing and checking validity?
There was a problem hiding this comment.
Agree, we should be comparing the structured forms
| @@ -104,11 +105,17 @@ type LDAPQueryOnAttribute struct { | |||
| // NewSearchRequest creates a new search request from the identifying query by internalizing the value of | |||
| // the attribute to be filtered as well as any attributes that need to be recovered | |||
| func (o *LDAPQueryOnAttribute) NewSearchRequest(attributeValue string, attributes []string) (*ldap.SearchRequest, error) { | |||
| removeSpaces := func(r rune) rune { | |||
There was a problem hiding this comment.
Can't blindly remove spaces, they are significant in values, but not between values
| return -1 | ||
| } | ||
| return r | ||
| } | ||
| if strings.EqualFold(o.QueryAttribute, "dn") { | ||
| if _, err := ldap.ParseDN(attributeValue); err != nil { |
There was a problem hiding this comment.
Agree, we should be comparing the structured forms
| }, | ||
| expectedError: false, | ||
| }, | ||
| { |
There was a problem hiding this comment.
Need a test that ensures we still correctly identify mismatched white space inside the values as being out of scope
|
@enj fyi |
|
requires go-ldap/ldap#98 |
|
closing in favor of #12105 |
No description provided.