diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-09-20 15:05:25 -0700 |
|---|---|---|
| committer | Michael Kozono <mkozono@gmail.com> | 2017-10-07 10:28:12 -0700 |
| commit | c79879f33a05494f2ae5785a663b874bf8e42655 (patch) | |
| tree | 0107474fe462e5bcf7da50bc25ccc8b692185406 | |
| parent | e65bf3fa63ae45aaf9600cffb50be58eee9023db (diff) | |
| download | gitlab-ce-c79879f33a05494f2ae5785a663b874bf8e42655.tar.gz | |
Fix escaped equal signs
| -rw-r--r-- | lib/gitlab/ldap/dn.rb | 10 | ||||
| -rw-r--r-- | spec/lib/gitlab/ldap/dn_spec.rb | 4 |
2 files changed, 8 insertions, 6 deletions
diff --git a/lib/gitlab/ldap/dn.rb b/lib/gitlab/ldap/dn.rb index c23fac2d57a..554156142cc 100644 --- a/lib/gitlab/ldap/dn.rb +++ b/lib/gitlab/ldap/dn.rb @@ -218,10 +218,12 @@ module Gitlab self.class.new(*to_a).to_s end - # http://tools.ietf.org/html/rfc2253 section 2.4 lists these exceptions - # for dn values. All of the following must be escaped in any normal string - # using a single backslash ('\') as escape. - NORMAL_ESCAPES = [',', '+', '"', '\\', '<', '>', ';'] + # https://tools.ietf.org/html/rfc4514 section 2.4 lists these exceptions + # for DN values. All of the following must be escaped in any normal string + # using a single backslash ('\') as escape. The space character is left + # out here because in a "normalized" string, spaces should only be escaped + # if necessary (i.e. leading or trailing space). + NORMAL_ESCAPES = [',', '+', '"', '\\', '<', '>', ';', '='] # Compiled character class regexp using the keys from the above hash, and # checking for a space or # at the start, or space at the end, of the diff --git a/spec/lib/gitlab/ldap/dn_spec.rb b/spec/lib/gitlab/ldap/dn_spec.rb index 44e30a69d44..dafc0037a0d 100644 --- a/spec/lib/gitlab/ldap/dn_spec.rb +++ b/spec/lib/gitlab/ldap/dn_spec.rb @@ -27,8 +27,8 @@ describe Gitlab::LDAP::DN do 'does not strip an unescaped leading newline (actually an invalid DN)' | 'uid=\nJohn Smith,ou=People,dc=example,dc=com' | 'uid=\njohn smith,ou=people,dc=example,dc=com' 'does not strip an unescaped trailing newline (actually an invalid DN)' | 'uid=John Smith\n ,ou=People,dc=example,dc=com' | 'uid=john smith\n,ou=people,dc=example,dc=com' 'does not strip if no extraneous whitespace' | 'uid=John Smith,ou=People,dc=example,dc=com' | 'uid=john smith,ou=people,dc=example,dc=com' - 'does not treat escaped equal signs as attribute delimiters' | 'uid= foo \\= bar' | 'uid=foo \\= bar' - 'does not treat escaped hex equal signs as attribute delimiters' | 'uid= foo \\3D bar' | 'uid=foo \\3d bar' + 'does not modify an escaped equal sign in an attribute value' | 'uid= foo \\= bar' | 'uid=foo \\= bar' + 'converts an escaped hex equal sign to an escaped equal sign in an attribute value' | 'uid= foo \\3D bar' | 'uid=foo \\= bar' 'does not treat escaped commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\, CA' | 'uid=john c. smith,ou=san francisco\\, ca' 'does not treat escaped hex commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\2C CA' | 'uid=john c. smith,ou=san francisco\\2c ca' end |