This is an automated email from the ASF dual-hosted git repository.
zrhoffman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git
The following commit(s) were added to refs/heads/master by this push:
new 32a41fc Sanitize username before executing LDAP query
32a41fc is described below
commit 32a41fcf3934a03905d6c3d8f6082300634da017
Author: ZHOU PERTER <[email protected]>
AuthorDate: Sat Oct 30 00:56:52 2021 +0800
Sanitize username before executing LDAP query
---
traffic_ops/traffic_ops_golang/auth/ldap.go | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/traffic_ops/traffic_ops_golang/auth/ldap.go
b/traffic_ops/traffic_ops_golang/auth/ldap.go
index 9b3118f..e0c9021 100644
--- a/traffic_ops/traffic_ops_golang/auth/ldap.go
+++ b/traffic_ops/traffic_ops_golang/auth/ldap.go
@@ -87,7 +87,7 @@ func LookupUserDN(username string, cfg *config.ConfigLDAP)
(string, bool, error)
searchRequest := ldap.NewSearchRequest(
cfg.SearchBase,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
- fmt.Sprintf(cfg.SearchQuery, username),
+ fmt.Sprintf(cfg.SearchQuery, ldap.EscapeFilter(username)),
[]string{"dn"},
nil,
)
