summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEndi Sukma Dewata <edewata@redhat.com>2012-09-18 12:30:53 -0500
committerEndi Sukma Dewata <edewata@redhat.com>2012-09-19 12:17:54 -0500
commit156ba568bac5aa35435bd226d25eafc4b619a25a (patch)
treec6232a5b3945263a7e9dad0390c4677c59dd0601
parent947ab8aa80c430bdec9ecfced19074c3bbd661c2 (diff)
downloadpki-156ba568bac5aa35435bd226d25eafc4b619a25a.zip
pki-156ba568bac5aa35435bd226d25eafc4b619a25a.tar.gz
pki-156ba568bac5aa35435bd226d25eafc4b619a25a.tar.xz
Added DN and filter escaping in ConfigurationUtils.
The ConfigurationUtils has been modified to escape values used in DN or filter according to LDAP standard. Ticket #193
-rw-r--r--base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java38
1 files changed, 19 insertions, 19 deletions
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index 987502d..6cd64f6 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -1049,7 +1049,7 @@ public class ConfigurationUtils {
boolean foundDatabase = false;
try {
- String dn = "cn=" + database + ",cn=ldbm database, cn=plugins, cn=config";
+ String dn = "cn=" + LDAPUtil.escapeDN(database) + ",cn=ldbm database, cn=plugins, cn=config";
LDAPEntry entry = conn.read(dn);
if (entry != null) foundDatabase = true;
} catch (LDAPException e) {
@@ -1114,7 +1114,7 @@ public class ConfigurationUtils {
attrs.add(new LDAPAttribute("objectClass", oc));
attrs.add(new LDAPAttribute("cn", database));
attrs.add(new LDAPAttribute("nsslapd-suffix", baseDN));
- String dn = "cn=" + database + ",cn=ldbm database, cn=plugins, cn=config";
+ String dn = "cn=" + LDAPUtil.escapeDN(database) + ",cn=ldbm database, cn=plugins, cn=config";
LDAPEntry entry = new LDAPEntry(dn, attrs);
conn.add(entry);
} catch (Exception e) {
@@ -1204,8 +1204,8 @@ public class ConfigurationUtils {
String instanceId = cs.getString("instanceId");
String cstype = cs.getString("cs.type");
- String dbuser = "uid=" + cstype + "-" + cs.getString("machineName") + "-"
- + cs.getString("service.securePort") + ",ou=people," + baseDN;
+ String dbuser = "uid=" + LDAPUtil.escapeDN(cstype + "-" + cs.getString("machineName") + "-"
+ + cs.getString("service.securePort")) + ",ou=people," + baseDN;
String configDir = instancePath + File.separator + cstype.toLowerCase() + File.separator + "conf";
@@ -1296,7 +1296,7 @@ public class ConfigurationUtils {
try {
dn = "cn=mapping tree, cn=config";
- filter = "nsslapd-backend=" + database;
+ filter = "nsslapd-backend=" + LDAPUtil.escapeFilter(database);
LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_ONE, filter,
attrs, true, cons);
if (res != null) {
@@ -1314,7 +1314,7 @@ public class ConfigurationUtils {
}
try {
- dn = "cn=" + database + ",cn=ldbm database, cn=plugins, cn=config";
+ dn = "cn=" + LDAPUtil.escapeDN(database) + ",cn=ldbm database, cn=plugins, cn=config";
LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_BASE, filter,
attrs, true, cons);
if (res != null) {
@@ -1619,7 +1619,7 @@ public class ConfigurationUtils {
}
}
- dn = "cn=" + bindUser + ",ou=csusers,cn=config";
+ dn = "cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config";
try {
attrs = new LDAPAttributeSet();
attrs.add(new LDAPAttribute("objectclass", "top"));
@@ -1689,7 +1689,7 @@ public class ConfigurationUtils {
attrs.add(new LDAPAttribute("nsDS5ReplicaRoot", basedn));
attrs.add(new LDAPAttribute("nsDS5ReplicaType", "3"));
attrs.add(new LDAPAttribute("nsDS5ReplicaBindDN",
- "cn=" + bindUser + ",ou=csusers,cn=config"));
+ "cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config"));
attrs.add(new LDAPAttribute("cn", "replica"));
attrs.add(new LDAPAttribute("nsDS5ReplicaId", Integer.toString(id)));
attrs.add(new LDAPAttribute("nsds5flags", "1"));
@@ -1704,7 +1704,7 @@ public class ConfigurationUtils {
try {
entry = conn.read(replicadn);
LDAPAttribute attr = entry.getAttribute("nsDS5ReplicaBindDN");
- attr.addValue("cn=" + bindUser + ",ou=csusers,cn=config");
+ attr.addValue("cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config");
LDAPModification mod = new LDAPModification(LDAPModification.REPLACE, attr);
conn.modify(replicadn, mod);
} catch (LDAPException ee) {
@@ -1726,7 +1726,7 @@ public class ConfigurationUtils {
public static void createReplicationAgreement(String replicadn, LDAPConnection conn, String name,
String replicahost, int replicaport, String replicapwd, String basedn, String bindUser,
String secure, String replicationSecurity) throws LDAPException {
- String dn = "cn=" + name + "," + replicadn;
+ String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
CMS.debug("createReplicationAgreement: dn: " + dn);
LDAPEntry entry = null;
LDAPAttributeSet attrs = null;
@@ -1741,7 +1741,7 @@ public class ConfigurationUtils {
attrs.add(new LDAPAttribute("nsDS5ReplicaPort", "" + replicaport));
attrs.add(new LDAPAttribute("nsDS5ReplicaBindDN",
- "cn=" + bindUser + ",ou=csusers,cn=config"));
+ "cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config"));
attrs.add(new LDAPAttribute("nsDS5ReplicaBindMethod", "Simple"));
attrs.add(new LDAPAttribute("nsds5replicacredentials", replicapwd));
@@ -1783,7 +1783,7 @@ public class ConfigurationUtils {
}
public static void initializeConsumer(String replicadn, LDAPConnection conn, String name) throws LDAPException {
- String dn = "cn=" + name + "," + replicadn;
+ String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
CMS.debug("initializeConsumer: initializeConsumer dn: " + dn);
CMS.debug("initializeConsumer: initializeConsumer host: " + conn.getHost() + " port: " + conn.getPort());
@@ -1796,7 +1796,7 @@ public class ConfigurationUtils {
public static boolean replicationDone(String replicadn, LDAPConnection conn, String name)
throws LDAPException, IOException {
- String dn = "cn=" + name + "," + replicadn;
+ String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
String filter = "(objectclass=*)";
String[] attrs = { "nsds5beginreplicarefresh" };
@@ -1818,7 +1818,7 @@ public class ConfigurationUtils {
public static String replicationStatus(String replicadn, LDAPConnection conn, String name)
throws IOException, LDAPException {
- String dn = "cn=" + name + "," + replicadn;
+ String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
String filter = "(objectclass=*)";
String[] attrs = { "nsds5replicalastinitstatus" };
@@ -3060,7 +3060,7 @@ public class ConfigurationUtils {
// create list containers
String clist[] = { "CAList", "OCSPList", "KRAList", "RAList", "TKSList", "TPSList" };
for (int i = 0; i < clist.length; i++) {
- dn = "cn=" + clist[i] + ",ou=Security Domain," + basedn;
+ dn = "cn=" + LDAPUtil.escapeDN(clist[i]) + ",ou=Security Domain," + basedn;
attrs = new LDAPAttributeSet();
attrs.add(new LDAPAttribute("objectclass", "top"));
attrs.add(new LDAPAttribute("objectclass", "pkiSecurityGroup"));
@@ -3071,7 +3071,7 @@ public class ConfigurationUtils {
// Add this host
String cn = CMS.getEESSLHost() + ":" + CMS.getAdminPort();
- dn = "cn=" + cn + ",cn=CAList,ou=Security Domain," + basedn;
+ dn = "cn=" + LDAPUtil.escapeDN(cn) + ",cn=CAList,ou=Security Domain," + basedn;
String subsystemName = cs.getString("preop.subsystem.name");
attrs = new LDAPAttributeSet();
attrs.add(new LDAPAttribute("objectclass", "top"));
@@ -3460,16 +3460,16 @@ public class ConfigurationUtils {
String serialdn = "";
if (type.equals("CA")) {
- serialdn = "ou=certificateRepository,ou=" + type.toLowerCase() + "," + basedn;
+ serialdn = "ou=certificateRepository,ou=" + LDAPUtil.escapeDN(type.toLowerCase()) + "," + basedn;
} else {
- serialdn = "ou=keyRepository,ou=" + type.toLowerCase() + "," + basedn;
+ serialdn = "ou=keyRepository,ou=" + LDAPUtil.escapeDN(type.toLowerCase()) + "," + basedn;
}
LDAPAttribute attrSerialNextRange =
new LDAPAttribute("nextRange", endSerialNum.add(oneNum).toString());
LDAPModification serialmod = new LDAPModification(LDAPModification.REPLACE, attrSerialNextRange);
conn.modify(serialdn, serialmod);
- String requestdn = "ou=" + type.toLowerCase() + ",ou=requests," + basedn;
+ String requestdn = "ou=" + LDAPUtil.escapeDN(type.toLowerCase()) + ",ou=requests," + basedn;
LDAPAttribute attrRequestNextRange =
new LDAPAttribute("nextRange", endRequestNum.add(oneNum).toString());
LDAPModification requestmod = new LDAPModification(LDAPModification.REPLACE, attrRequestNextRange);