From 1726794341e9e58256004f040b276fa579161b6b Mon Sep 17 00:00:00 2001
From: Endi Sukma Dewata <edewata@redhat.com>
Date: Thu, 20 Sep 2012 10:11:22 -0500
Subject: Renamed escapeDN() into escapeRDNValue().

The escapeDN() has been renamed into escapeRDNValue() for better
clarity.

Ticket #193
---
 .../netscape/certsrv/cert/CertSearchRequest.java   |  6 ++--
 .../def/nsTokenUserKeySubjectNameDefault.java      |  4 +--
 .../netscape/cms/servlet/cert/CertProcessor.java   |  2 +-
 .../cms/servlet/cert/EnrollmentProcessor.java      |  2 +-
 .../com/netscape/cms/servlet/cert/SrchCerts.java   |  6 ++--
 .../cms/servlet/csadmin/ConfigurationUtils.java    | 32 ++++++++---------
 .../com/netscape/cmscore/usrgrp/UGSubsystem.java   | 40 +++++++++++-----------
 .../src/com/netscape/cmsutil/ldap/LDAPUtil.java    | 34 +++++++++---------
 8 files changed, 63 insertions(+), 63 deletions(-)

diff --git a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
index 832a1c5f4..d2a4eeee9 100644
--- a/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
+++ b/base/common/src/com/netscape/certsrv/cert/CertSearchRequest.java
@@ -824,12 +824,12 @@ public class CertSearchRequest {
                 lf.append("(x509cert.subject=*");
                 lf.append(avaName);
                 lf.append("=");
-                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param)));
+                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(",*)");
                 lf.append("(x509cert.subject=*");
                 lf.append(avaName);
                 lf.append("=");
-                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param)));
+                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append(")");
                 lf.append(")");
             } else {
@@ -837,7 +837,7 @@ public class CertSearchRequest {
                 lf.append(avaName);
                 lf.append("=");
                 lf.append("*");
-                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(param)));
+                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(param)));
                 lf.append("*)");
             }
         }
diff --git a/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java b/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
index 01cc73aba..86a2a6961 100644
--- a/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
+++ b/base/common/src/com/netscape/cms/profile/def/nsTokenUserKeySubjectNameDefault.java
@@ -430,8 +430,8 @@ public class nsTokenUserKeySubjectNameDefault extends EnrollDefault {
                     String[] sla = la.getStringValueArray();
                     CMS.debug("nsTokenUserKeySubjectNameDefault: getSubjectName(): got attribute: "
                             + mLdapStringAttrs[i] +
-                            "=" + LDAPUtil.escapeDN(sla[0]));
-                    request.setExtData(mLdapStringAttrs[i], LDAPUtil.escapeDN(sla[0]));
+                            "=" + LDAPUtil.escapeRDNValue(sla[0]));
+                    request.setExtData(mLdapStringAttrs[i], LDAPUtil.escapeRDNValue(sla[0]));
                 }
             }
             CMS.debug("pattern = " + pattern);
diff --git a/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java b/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java
index 4e24b5862..52326a512 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/CertProcessor.java
@@ -99,7 +99,7 @@ public class CertProcessor extends Processor {
                             // special characters in subject names parameters must be escaped
                             if (inputName.matches("^sn_.*")) {
                                 req.setExtData(inputName,
-                                        LDAPUtil.escapeDN(dataInputs.get(inputName)));
+                                        LDAPUtil.escapeRDNValue(dataInputs.get(inputName)));
                             } else {
                                 req.setExtData(inputName, dataInputs.get(inputName));
                             }
diff --git a/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java b/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
index 03d0bb20c..9e4686698 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/EnrollmentProcessor.java
@@ -70,7 +70,7 @@ public class EnrollmentProcessor extends CertProcessor {
                     if (dataInputs.containsKey(inputName)) {
                         // all subject name parameters start with sn_, no other input parameters do
                         if (inputName.matches("^sn_.*")) {
-                            ctx.set(inputName, LDAPUtil.escapeDN(dataInputs.get(inputName)));
+                            ctx.set(inputName, LDAPUtil.escapeRDNValue(dataInputs.get(inputName)));
                         } else {
                             ctx.set(inputName, dataInputs.get(inputName));
                         }
diff --git a/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java b/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
index b35ca054c..0a04110c2 100644
--- a/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
+++ b/base/common/src/com/netscape/cms/servlet/cert/SrchCerts.java
@@ -225,12 +225,12 @@ public class SrchCerts extends CMSServlet {
                 lf.append("(x509cert.subject=*");
                 lf.append(avaName);
                 lf.append("=");
-                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(val)));
+                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(val)));
                 lf.append(",*)");
                 lf.append("(x509cert.subject=*");
                 lf.append(avaName);
                 lf.append("=");
-                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(val)));
+                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(val)));
                 lf.append(")");
                 lf.append(")");
             } else {
@@ -238,7 +238,7 @@ public class SrchCerts extends CMSServlet {
                 lf.append(avaName);
                 lf.append("=");
                 lf.append("*");
-                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeDN(val)));
+                lf.append(LDAPUtil.escapeFilter(LDAPUtil.escapeRDNValue(val)));
                 lf.append("*)");
             }
         }
diff --git a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
index bcfe36459..ee69ebb3f 100644
--- a/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
+++ b/base/common/src/com/netscape/cms/servlet/csadmin/ConfigurationUtils.java
@@ -1049,7 +1049,7 @@ public class ConfigurationUtils {
 
         boolean foundDatabase = false;
         try {
-            String dn = "cn=" + LDAPUtil.escapeDN(database) + ",cn=ldbm database, cn=plugins, cn=config";
+            String dn = "cn=" + LDAPUtil.escapeRDNValue(database) + ",cn=ldbm database, cn=plugins, cn=config";
             LDAPEntry entry = conn.read(dn);
             if (entry != null) foundDatabase = true;
         } catch (LDAPException e) {
@@ -1114,7 +1114,7 @@ public class ConfigurationUtils {
             attrs.add(new LDAPAttribute("objectClass", oc));
             attrs.add(new LDAPAttribute("cn", database));
             attrs.add(new LDAPAttribute("nsslapd-suffix", baseDN));
-            String dn = "cn=" + LDAPUtil.escapeDN(database) + ",cn=ldbm database, cn=plugins, cn=config";
+            String dn = "cn=" + LDAPUtil.escapeRDNValue(database) + ",cn=ldbm database, cn=plugins, cn=config";
             LDAPEntry entry = new LDAPEntry(dn, attrs);
             conn.add(entry);
         } catch (Exception e) {
@@ -1313,7 +1313,7 @@ public class ConfigurationUtils {
         }
 
         try {
-            dn = "cn=" + LDAPUtil.escapeDN(database) + ",cn=ldbm database, cn=plugins, cn=config";
+            dn = "cn=" + LDAPUtil.escapeRDNValue(database) + ",cn=ldbm database, cn=plugins, cn=config";
             LDAPSearchResults res = conn.search(dn, LDAPConnection.SCOPE_BASE, filter,
                     attrs, true, cons);
             if (res != null) {
@@ -1618,7 +1618,7 @@ public class ConfigurationUtils {
             }
         }
 
-        dn = "cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config";
+        dn = "cn=" + LDAPUtil.escapeRDNValue(bindUser) + ",ou=csusers,cn=config";
         try {
             attrs = new LDAPAttributeSet();
             attrs.add(new LDAPAttribute("objectclass", "top"));
@@ -1688,7 +1688,7 @@ public class ConfigurationUtils {
             attrs.add(new LDAPAttribute("nsDS5ReplicaRoot", basedn));
             attrs.add(new LDAPAttribute("nsDS5ReplicaType", "3"));
             attrs.add(new LDAPAttribute("nsDS5ReplicaBindDN",
-                    "cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config"));
+                    "cn=" + LDAPUtil.escapeRDNValue(bindUser) + ",ou=csusers,cn=config"));
             attrs.add(new LDAPAttribute("cn", "replica"));
             attrs.add(new LDAPAttribute("nsDS5ReplicaId", Integer.toString(id)));
             attrs.add(new LDAPAttribute("nsds5flags", "1"));
@@ -1703,7 +1703,7 @@ public class ConfigurationUtils {
                 try {
                     entry = conn.read(replicadn);
                     LDAPAttribute attr = entry.getAttribute("nsDS5ReplicaBindDN");
-                    attr.addValue("cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config");
+                    attr.addValue("cn=" + LDAPUtil.escapeRDNValue(bindUser) + ",ou=csusers,cn=config");
                     LDAPModification mod = new LDAPModification(LDAPModification.REPLACE, attr);
                     conn.modify(replicadn, mod);
                 } catch (LDAPException ee) {
@@ -1725,7 +1725,7 @@ public class ConfigurationUtils {
     public static void createReplicationAgreement(String replicadn, LDAPConnection conn, String name,
             String replicahost, int replicaport, String replicapwd, String basedn, String bindUser,
             String secure, String replicationSecurity) throws LDAPException {
-        String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
+        String dn = "cn=" + LDAPUtil.escapeRDNValue(name) + "," + replicadn;
         CMS.debug("createReplicationAgreement: dn: " + dn);
         LDAPEntry entry = null;
         LDAPAttributeSet attrs = null;
@@ -1740,7 +1740,7 @@ public class ConfigurationUtils {
 
             attrs.add(new LDAPAttribute("nsDS5ReplicaPort", "" + replicaport));
             attrs.add(new LDAPAttribute("nsDS5ReplicaBindDN",
-                    "cn=" + LDAPUtil.escapeDN(bindUser) + ",ou=csusers,cn=config"));
+                    "cn=" + LDAPUtil.escapeRDNValue(bindUser) + ",ou=csusers,cn=config"));
             attrs.add(new LDAPAttribute("nsDS5ReplicaBindMethod", "Simple"));
             attrs.add(new LDAPAttribute("nsds5replicacredentials", replicapwd));
 
@@ -1782,7 +1782,7 @@ public class ConfigurationUtils {
     }
 
     public static void initializeConsumer(String replicadn, LDAPConnection conn, String name) throws LDAPException {
-        String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
+        String dn = "cn=" + LDAPUtil.escapeRDNValue(name) + "," + replicadn;
         CMS.debug("initializeConsumer: initializeConsumer dn: " + dn);
         CMS.debug("initializeConsumer: initializeConsumer host: " + conn.getHost() + " port: " + conn.getPort());
 
@@ -1795,7 +1795,7 @@ public class ConfigurationUtils {
 
     public static boolean replicationDone(String replicadn, LDAPConnection conn, String name)
             throws LDAPException, IOException {
-        String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
+        String dn = "cn=" + LDAPUtil.escapeRDNValue(name) + "," + replicadn;
         String filter = "(objectclass=*)";
         String[] attrs = { "nsds5beginreplicarefresh" };
 
@@ -1817,7 +1817,7 @@ public class ConfigurationUtils {
 
     public static String replicationStatus(String replicadn, LDAPConnection conn, String name)
             throws IOException, LDAPException {
-        String dn = "cn=" + LDAPUtil.escapeDN(name) + "," + replicadn;
+        String dn = "cn=" + LDAPUtil.escapeRDNValue(name) + "," + replicadn;
         String filter = "(objectclass=*)";
         String[] attrs = { "nsds5replicalastinitstatus" };
 
@@ -3059,7 +3059,7 @@ public class ConfigurationUtils {
         // create list containers
         String clist[] = { "CAList", "OCSPList", "KRAList", "RAList", "TKSList", "TPSList" };
         for (int i = 0; i < clist.length; i++) {
-            dn = "cn=" + LDAPUtil.escapeDN(clist[i]) + ",ou=Security Domain," + basedn;
+            dn = "cn=" + LDAPUtil.escapeRDNValue(clist[i]) + ",ou=Security Domain," + basedn;
             attrs = new LDAPAttributeSet();
             attrs.add(new LDAPAttribute("objectclass", "top"));
             attrs.add(new LDAPAttribute("objectclass", "pkiSecurityGroup"));
@@ -3070,7 +3070,7 @@ public class ConfigurationUtils {
 
         // Add this host
         String cn = CMS.getEESSLHost() + ":" + CMS.getAdminPort();
-        dn = "cn=" + LDAPUtil.escapeDN(cn) + ",cn=CAList,ou=Security Domain," + basedn;
+        dn = "cn=" + LDAPUtil.escapeRDNValue(cn) + ",cn=CAList,ou=Security Domain," + basedn;
         String subsystemName = cs.getString("preop.subsystem.name");
         attrs = new LDAPAttributeSet();
         attrs.add(new LDAPAttribute("objectclass", "top"));
@@ -3498,16 +3498,16 @@ public class ConfigurationUtils {
 
         String serialdn = "";
         if (type.equals("CA")) {
-            serialdn = "ou=certificateRepository,ou=" + LDAPUtil.escapeDN(type.toLowerCase()) + "," + basedn;
+            serialdn = "ou=certificateRepository,ou=" + LDAPUtil.escapeRDNValue(type.toLowerCase()) + "," + basedn;
         } else {
-            serialdn = "ou=keyRepository,ou=" + LDAPUtil.escapeDN(type.toLowerCase()) + "," + basedn;
+            serialdn = "ou=keyRepository,ou=" + LDAPUtil.escapeRDNValue(type.toLowerCase()) + "," + basedn;
         }
         LDAPAttribute attrSerialNextRange =
                 new LDAPAttribute("nextRange", endSerialNum.add(oneNum).toString());
         LDAPModification serialmod = new LDAPModification(LDAPModification.REPLACE, attrSerialNextRange);
         conn.modify(serialdn, serialmod);
 
-        String requestdn = "ou=" + LDAPUtil.escapeDN(type.toLowerCase()) + ",ou=requests," + basedn;
+        String requestdn = "ou=" + LDAPUtil.escapeRDNValue(type.toLowerCase()) + ",ou=requests," + basedn;
         LDAPAttribute attrRequestNextRange =
                 new LDAPAttribute("nextRange", endRequestNum.add(oneNum).toString());
         LDAPModification requestmod = new LDAPModification(LDAPModification.REPLACE, attrRequestNextRange);
diff --git a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
index 6b6157241..034357b6e 100644
--- a/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
+++ b/base/common/src/com/netscape/cmscore/usrgrp/UGSubsystem.java
@@ -685,7 +685,7 @@ public final class UGSubsystem implements IUGSubsystem {
             }
         }
 
-        LDAPEntry entry = new LDAPEntry("uid=" + LDAPUtil.escapeDN(id.getUserID()) +
+        LDAPEntry entry = new LDAPEntry("uid=" + LDAPUtil.escapeRDNValue(id.getUserID()) +
                 "," + getUserBaseDN(), attrs);
         // for audit log
         SessionContext sessionContext = SessionContext.getContext();
@@ -742,7 +742,7 @@ public final class UGSubsystem implements IUGSubsystem {
 
             try {
                 ldapconn = getConn();
-                ldapconn.modify("uid=" + LDAPUtil.escapeDN(user.getUserID()) +
+                ldapconn.modify("uid=" + LDAPUtil.escapeRDNValue(user.getUserID()) +
                         "," + getUserBaseDN(), addCert);
                 // for audit log
                 SessionContext sessionContext = SessionContext.getContext();
@@ -791,7 +791,7 @@ public final class UGSubsystem implements IUGSubsystem {
 
             try {
                 ldapconn = getConn();
-                ldapconn.modify("uid=" + LDAPUtil.escapeDN(user.getUserID()) +
+                ldapconn.modify("uid=" + LDAPUtil.escapeRDNValue(user.getUserID()) +
                         "," + getUserBaseDN(), addCert);
                 // for audit log
                 SessionContext sessionContext = SessionContext.getContext();
@@ -840,7 +840,7 @@ public final class UGSubsystem implements IUGSubsystem {
 
             try {
                 ldapconn = getConn();
-                ldapconn.modify("uid=" + LDAPUtil.escapeDN(user.getUserID()) +
+                ldapconn.modify("uid=" + LDAPUtil.escapeRDNValue(user.getUserID()) +
                         "," + getUserBaseDN(), delAttr);
                 // for audit log
                 SessionContext sessionContext = SessionContext.getContext();
@@ -919,7 +919,7 @@ public final class UGSubsystem implements IUGSubsystem {
             try {
                 ldapconn = getConn();
 
-                String dn = "uid=" + LDAPUtil.escapeDN(user.getUserID()) + "," + getUserBaseDN();
+                String dn = "uid=" + LDAPUtil.escapeRDNValue(user.getUserID()) + "," + getUserBaseDN();
 
                 try {
                     // remove seeAlso attribute
@@ -993,10 +993,10 @@ public final class UGSubsystem implements IUGSubsystem {
 
         try {
             ldapconn = getConn();
-            String groupDN = "cn=" + LDAPUtil.escapeDN(grp.getGroupID()) +
+            String groupDN = "cn=" + LDAPUtil.escapeRDNValue(grp.getGroupID()) +
                     "," + getGroupBaseDN();
             LDAPAttribute memberAttr = new LDAPAttribute(
-                    "uniquemember", "uid=" + LDAPUtil.escapeDN(userid) + "," + getUserBaseDN());
+                    "uniquemember", "uid=" + LDAPUtil.escapeRDNValue(userid) + "," + getUserBaseDN());
             LDAPModification singleChange = new LDAPModification(
                     LDAPModification.ADD, memberAttr);
 
@@ -1020,10 +1020,10 @@ public final class UGSubsystem implements IUGSubsystem {
 
         try {
             ldapconn = getConn();
-            String groupDN = "cn=" + LDAPUtil.escapeDN(grp.getGroupID()) +
+            String groupDN = "cn=" + LDAPUtil.escapeRDNValue(grp.getGroupID()) +
                     "," + getGroupBaseDN();
             LDAPAttribute memberAttr = new LDAPAttribute(
-                    "uniquemember", "uid=" + LDAPUtil.escapeDN(userid) + "," + getUserBaseDN());
+                    "uniquemember", "uid=" + LDAPUtil.escapeRDNValue(userid) + "," + getUserBaseDN());
             LDAPModification singleChange = new LDAPModification(
                     LDAPModification.DELETE, memberAttr);
 
@@ -1052,7 +1052,7 @@ public final class UGSubsystem implements IUGSubsystem {
 
         try {
             ldapconn = getConn();
-            ldapconn.delete("uid=" + LDAPUtil.escapeDN(userid) + "," + getUserBaseDN());
+            ldapconn.delete("uid=" + LDAPUtil.escapeRDNValue(userid) + "," + getUserBaseDN());
             // for audit log
             SessionContext sessionContext = SessionContext.getContext();
             String adminId = (String) sessionContext.get(SessionContext.USER_ID);
@@ -1117,7 +1117,7 @@ public final class UGSubsystem implements IUGSubsystem {
                     try {
                         LDAPModification singleChange = new LDAPModification(
                                 LDAPModification.DELETE, new LDAPAttribute("telephonenumber"));
-                        ldapconn.modify("uid=" + LDAPUtil.escapeDN(user.getUserID()) +
+                        ldapconn.modify("uid=" + LDAPUtil.escapeRDNValue(user.getUserID()) +
                                 "," + getUserBaseDN(), singleChange);
                     } catch (LDAPException e) {
                         if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) {
@@ -1136,7 +1136,7 @@ public final class UGSubsystem implements IUGSubsystem {
                     try {
                         LDAPModification singleChange = new LDAPModification(
                                 LDAPModification.DELETE, new LDAPAttribute("userstate"));
-                        ldapconn.modify("uid=" + LDAPUtil.escapeDN(user.getUserID()) +
+                        ldapconn.modify("uid=" + LDAPUtil.escapeRDNValue(user.getUserID()) +
                                 "," + getUserBaseDN(), singleChange);
                     } catch (LDAPException e) {
                         if (e.getLDAPResultCode() != LDAPException.NO_SUCH_ATTRIBUTE) {
@@ -1168,7 +1168,7 @@ public final class UGSubsystem implements IUGSubsystem {
              * }
              * }
              **/
-            ldapconn.modify("uid=" + LDAPUtil.escapeDN(user.getUserID()) +
+            ldapconn.modify("uid=" + LDAPUtil.escapeRDNValue(user.getUserID()) +
                     "," + getUserBaseDN(), attrs);
             // for audit log
             SessionContext sessionContext = SessionContext.getContext();
@@ -1390,7 +1390,7 @@ public final class UGSubsystem implements IUGSubsystem {
      * NOTE - this takes just the group name.
      */
     public IGroup getGroupFromName(String name) {
-        return getGroup("cn=" + LDAPUtil.escapeDN(name) + "," + getGroupBaseDN());
+        return getGroup("cn=" + LDAPUtil.escapeRDNValue(name) + "," + getGroupBaseDN());
     }
 
     /**
@@ -1497,7 +1497,7 @@ public final class UGSubsystem implements IUGSubsystem {
      * by running an ldap search for the user in the group
      */
     protected boolean isMemberOfLdapGroup(String userid, String groupname) {
-        String basedn = "cn=" + LDAPUtil.escapeDN(groupname) + ",ou=groups," + mBaseDN;
+        String basedn = "cn=" + LDAPUtil.escapeRDNValue(groupname) + ",ou=groups," + mBaseDN;
         LDAPConnection ldapconn = null;
         boolean founduser = false;
         try {
@@ -1574,12 +1574,12 @@ public final class UGSubsystem implements IUGSubsystem {
                     String name = e.nextElement();
 
                     // DOES NOT SUPPORT NESTED GROUPS...
-                    attrMembers.addValue("uid=" + LDAPUtil.escapeDN(name) + "," +
+                    attrMembers.addValue("uid=" + LDAPUtil.escapeRDNValue(name) + "," +
                             getUserBaseDN());
                 }
                 attrs.add(attrMembers);
             }
-            LDAPEntry entry = new LDAPEntry("cn=" + LDAPUtil.escapeDN(grp.getGroupID()) +
+            LDAPEntry entry = new LDAPEntry("cn=" + LDAPUtil.escapeRDNValue(grp.getGroupID()) +
                     "," + getGroupBaseDN(), attrs);
 
             ldapconn = getConn();
@@ -1612,7 +1612,7 @@ public final class UGSubsystem implements IUGSubsystem {
 
         try {
             ldapconn = getConn();
-            ldapconn.delete("cn=" + LDAPUtil.escapeDN(name) + "," + getGroupBaseDN());
+            ldapconn.delete("cn=" + LDAPUtil.escapeRDNValue(name) + "," + getGroupBaseDN());
         } catch (LDAPException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_REMOVE_GROUP", e.toString()));
 
@@ -1652,7 +1652,7 @@ public final class UGSubsystem implements IUGSubsystem {
                     String name = e.nextElement();
 
                     // DOES NOT SUPPORT NESTED GROUPS...
-                    attrMembers.addValue("uid=" + LDAPUtil.escapeDN(name) + "," +
+                    attrMembers.addValue("uid=" + LDAPUtil.escapeRDNValue(name) + "," +
                             getUserBaseDN());
                 }
                 mod.add(LDAPModification.REPLACE, attrMembers);
@@ -1666,7 +1666,7 @@ public final class UGSubsystem implements IUGSubsystem {
             }
 
             ldapconn = getConn();
-            ldapconn.modify("cn=" + LDAPUtil.escapeDN(grp.getGroupID()) +
+            ldapconn.modify("cn=" + LDAPUtil.escapeRDNValue(grp.getGroupID()) +
                     "," + getGroupBaseDN(), mod);
         } catch (LDAPException e) {
             log(ILogger.LL_FAILURE, CMS.getLogMessage("CMSCORE_USRGRP_MODIFY_GROUP", e.toString()));
diff --git a/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java b/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java
index ca894d87c..b02ffee78 100644
--- a/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java
+++ b/base/util/src/com/netscape/cmsutil/ldap/LDAPUtil.java
@@ -63,47 +63,47 @@ public class LDAPUtil {
     /**
      * This method escapes special characters for LDAP DN (RFC 1779).
      */
-    public static String escapeDN(Object value) {
-        return LDAPUtil.escapeDN(value.toString(),  false);
+    public static String escapeRDNValue(Object value) {
+        return LDAPUtil.escapeRDNValue(value.toString(), false);
     }
 
-    public static String escapeDN(String v, boolean doubleEscape) {
-        StringBuffer result = new StringBuffer();
+    public static String escapeRDNValue(String value, boolean doubleEscape) {
+        StringBuilder sb = new StringBuilder();
 
         // Do we need to escape any characters
-        for (int i = 0; i < v.length(); i++) {
-            int c = v.charAt(i);
+        for (int i = 0; i < value.length(); i++) {
+            int c = value.charAt(i);
             if (c == ',' || c == '=' || c == '+' || c == '<' ||
                     c == '>' || c == '#' || c == ';' || c == '\r' ||
                     c == '\n' || c == '\\' || c == '"') {
-                if ((c == 0x5c) && ((i + 1) < v.length())) {
-                    int nextC = v.charAt(i + 1);
+                if ((c == 0x5c) && ((i + 1) < value.length())) {
+                    int nextC = value.charAt(i + 1);
                     if ((c == 0x5c) && (nextC == ',' || nextC == '=' || nextC == '+' ||
                             nextC == '<' || nextC == '>' || nextC == '#' ||
                             nextC == ';' || nextC == '\r' || nextC == '\n' ||
                             nextC == '\\' || nextC == '"')) {
                         if (doubleEscape)
-                            result.append('\\');
+                            sb.append('\\');
                     } else {
-                        result.append('\\');
+                        sb.append('\\');
                         if (doubleEscape)
-                            result.append('\\');
+                            sb.append('\\');
                     }
                 } else {
-                    result.append('\\');
+                    sb.append('\\');
                     if (doubleEscape)
-                        result.append('\\');
+                        sb.append('\\');
                 }
             }
             if (c == '\r') {
-                result.append("0D");
+                sb.append("0D");
             } else if (c == '\n') {
-                result.append("0A");
+                sb.append("0A");
             } else {
-                result.append((char) c);
+                sb.append((char) c);
             }
         }
-        return result.toString();
+        return sb.toString();
     }
 
     public static void importLDIF(LDAPConnection conn, String filename, ArrayList<String> errors) throws IOException {
-- 
cgit