mirrors/Radicale
1
0
Fork 0
mirror of https://github.com/Kozea/Radicale.git synced 2025-04-05 06:07:35 +03:00
Code Issues Projects Releases Packages Wiki Activity

LDAP auth: escape values used in LDAP filters to avoid possible injection of malicious code.

Browse source
This commit is contained in:
Peter Marschall 2024-12-29 08:29:27 +01:00
parent c243ae4ebf
commit 8c2feb4726
1 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

8
radicale/auth/ldap.py
View file

@ -112,10 +112,12 @@ class Auth(auth.BaseAuth):
conn.set_option(self.ldap.OPT_REFERRALS, 0) conn.set_option(self.ldap.OPT_REFERRALS, 0)
conn.simple_bind_s(self._ldap_reader_dn, self._ldap_secret) conn.simple_bind_s(self._ldap_reader_dn, self._ldap_secret)
"""Search for the dn of user to authenticate""" """Search for the dn of user to authenticate"""
escaped_login = self.ldap.filter.escape_filter_chars(login)
logger.debug(f"_login2 login escaped for LDAP filters: {escaped_login}")
res = conn.search_s( res = conn.search_s(
self._ldap_base, self._ldap_base,
self.ldap.SCOPE_SUBTREE, self.ldap.SCOPE_SUBTREE,
filterstr=self._ldap_filter.format(login), filterstr=self._ldap_filter.format(escaped_login),
attrlist=['memberOf'] attrlist=['memberOf']
) )
if len(res) != 1: if len(res) != 1:
@ -176,9 +178,11 @@ class Auth(auth.BaseAuth):
logger.debug(f"_login3 bind as {self._ldap_reader_dn}") logger.debug(f"_login3 bind as {self._ldap_reader_dn}")
"""Search the user dn""" """Search the user dn"""
escaped_login = self.ldap3.utils.conv.escape_filter_chars(login)
logger.debug(f"_login3 login escaped for LDAP filters: {escaped_login}")
conn.search( conn.search(
search_base=self._ldap_base, search_base=self._ldap_base,
search_filter=self._ldap_filter.format(login), search_filter=self._ldap_filter.format(escaped_login),
search_scope=self.ldap3.SUBTREE, search_scope=self.ldap3.SUBTREE,
attributes=['memberOf'] attributes=['memberOf']
) )