From cb591f86e42a2f3bd4df2980cc4cfed0a0641e71 Mon Sep 17 00:00:00 2001
From: Michael Kozono <mkozono@gmail.com>
Date: Wed, 20 Sep 2017 14:21:27 -0700
Subject: Fix to_s_normalize for escaped leading space

---
 lib/gitlab/ldap/dn.rb           | 14 +++-----------
 spec/lib/gitlab/ldap/dn_spec.rb |  2 +-
 2 files changed, 4 insertions(+), 12 deletions(-)

diff --git a/lib/gitlab/ldap/dn.rb b/lib/gitlab/ldap/dn.rb
index 555ef0b80ae..02a4cbcd13a 100644
--- a/lib/gitlab/ldap/dn.rb
+++ b/lib/gitlab/ldap/dn.rb
@@ -210,27 +210,19 @@ module Gitlab
       # http://tools.ietf.org/html/rfc2253 section 2.4 lists these exceptions
       # for dn values. All of the following must be escaped in any normal string
       # using a single backslash ('\') as escape.
-      ESCAPES = {
-        ','  => ',',
-        '+'  => '+',
-        '"'  => '"',
-        '\\' => '\\',
-        '<' => '<',
-        '>' => '>',
-        ';' => ';',
-      }
+      NORMAL_ESCAPES = [',', '+', '"', '\\', '<', '>', ';']
 
       # Compiled character class regexp using the keys from the above hash, and
       # checking for a space or # at the start, or space at the end, of the
       # string.
       ESCAPE_RE = Regexp.new("(^ |^#| $|[" +
-                             ESCAPES.keys.map { |e| Regexp.escape(e) }.join +
+                             NORMAL_ESCAPES.map { |e| Regexp.escape(e) }.join +
                              "])")
 
       ##
       # Escape a string for use in a DN value
       def self.escape(string)
-        string.gsub(ESCAPE_RE) { |char| "\\" + ESCAPES[char] }
+        string.gsub(ESCAPE_RE) { |char| "\\" + char }
       end
 
       ##
diff --git a/spec/lib/gitlab/ldap/dn_spec.rb b/spec/lib/gitlab/ldap/dn_spec.rb
index 11711c905a1..73124bc4cc4 100644
--- a/spec/lib/gitlab/ldap/dn_spec.rb
+++ b/spec/lib/gitlab/ldap/dn_spec.rb
@@ -20,7 +20,7 @@ describe Gitlab::LDAP::DN do
       'strips the space after the plus sign in the telephoneNumber'                                  | 'uid = John Smith  + telephoneNumber  = + 1 555-555-5555 , ou = People,dc=example,dc=com'             | 'uid=john smith+telephonenumber=+1 555-555-5555,ou=people,dc=example,dc=com'
       'downcases the whole string'                                                                   | 'UID=John Smith,ou=People,dc=example,dc=com'                                                          | 'uid=john smith,ou=people,dc=example,dc=com'
       'for a null DN (empty string), returns empty string and does not error'                        | ''                                                                                                    | ''
-      'does not strip an escaped leading space in an attribute value (and does not error like Net::LDAP::DN.new does)' | 'uid=\\ John Smith,ou=People,dc=example,dc=com'                                     | 'uid=\\ john smith,ou=people,dc=example,dc=com'
+      'does not strip an escaped leading space in an attribute value'                                | 'uid=\\ John Smith,ou=People,dc=example,dc=com'                                                       | 'uid=\\ john smith,ou=people,dc=example,dc=com'
       'does not strip an escaped trailing space in an attribute value'                               | 'uid=John Smith\\ ,ou=People,dc=example,dc=com'                                                       | 'uid=john smith\\ ,ou=people,dc=example,dc=com'
       'does not strip an escaped leading newline in an attribute value'                              | 'uid=\\\nJohn Smith,ou=People,dc=example,dc=com'                                                      | 'uid=\\\njohn smith,ou=people,dc=example,dc=com'
       'does not strip an escaped trailing newline in an attribute value'                             | 'uid=John Smith\\\n,ou=People,dc=example,dc=com'                                                      | 'uid=john smith\\\n,ou=people,dc=example,dc=com'
-- 
cgit v1.2.1