This is an automated email from the ASF dual-hosted git repository.
zrhoffman pushed a commit to branch 6.0.x
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/6.0.x by this push:
new 84ba159 Sanitize username before executing LDAP query
84ba159 is described below
commit 84ba15926f739338b711f2e21b72b53e96618512
Author: ZHOU PERTER <[email protected]>
AuthorDate: Sat Oct 30 00:56:52 2021 +0800
Sanitize username before executing LDAP query
(cherry picked from commit 32a41fcf3934a03905d6c3d8f6082300634da017)
---
traffic_ops/traffic_ops_golang/auth/ldap.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/traffic_ops/traffic_ops_golang/auth/ldap.go
b/traffic_ops/traffic_ops_golang/auth/ldap.go
index b294285..0c8403d 100644
--- a/traffic_ops/traffic_ops_golang/auth/ldap.go
+++ b/traffic_ops/traffic_ops_golang/auth/ldap.go
@@ -87,7 +87,7 @@ func LookupUserDN(username string, cfg *config.ConfigLDAP)
(string, bool, error)
searchRequest := ldap.NewSearchRequest(
cfg.SearchBase,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
- fmt.Sprintf(cfg.SearchQuery, username),
+ fmt.Sprintf(cfg.SearchQuery, ldap.EscapeFilter(username)),
[]string{"dn"},
nil,
)
