summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-11-05 11:05:38 -0400
committerStephen Gallagher <sgallagh@redhat.com>2010-11-15 09:52:35 -0500
commit85e8cbdd79359ae1f330c8b84f7b58d4fc6fda6e (patch)
tree9bda0a31cbc8fbcc4a5f04e4cc70765859c9c439
parent3e4ffc5cef28741454015c04aadc16da78aa1209 (diff)
downloadsssd-85e8cbdd79359ae1f330c8b84f7b58d4fc6fda6e.tar.gz
sssd-85e8cbdd79359ae1f330c8b84f7b58d4fc6fda6e.tar.xz
sssd-85e8cbdd79359ae1f330c8b84f7b58d4fc6fda6e.zip
Sanitize search filters in LDAP provider
-rw-r--r--src/providers/ldap/ldap_id.c18
-rw-r--r--src/providers/ldap/ldap_id_netgroup.c9
-rw-r--r--src/providers/ldap/sdap_access.c10
-rw-r--r--src/providers/ldap/sdap_async_accounts.c31
4 files changed, 61 insertions, 7 deletions
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c
index 91b6c8add..07e3ae179 100644
--- a/src/providers/ldap/ldap_id.c
+++ b/src/providers/ldap/ldap_id.c
@@ -64,6 +64,7 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx,
struct tevent_req *req;
struct users_get_state *state;
const char *attr_name;
+ char *clean_name;
int ret;
req = tevent_req_create(memctx, &state, struct users_get_state);
@@ -97,14 +98,20 @@ struct tevent_req *users_get_send(TALLOC_CTX *memctx,
goto fail;
}
+ ret = sss_filter_sanitize(state, name, &clean_name);
+ if (ret != EOK) {
+ goto fail;
+ }
+
state->filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
- attr_name, name,
+ attr_name, clean_name,
ctx->opts->user_map[SDAP_OC_USER].name);
if (!state->filter) {
DEBUG(2, ("Failed to build filter\n"));
ret = ENOMEM;
goto fail;
}
+ talloc_zfree(clean_name);
/* TODO: handle attrs_type */
ret = build_attrs_from_map(state, ctx->opts->user_map,
@@ -290,6 +297,7 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx,
struct tevent_req *req;
struct groups_get_state *state;
const char *attr_name;
+ char *clean_name;
int ret;
req = tevent_req_create(memctx, &state, struct groups_get_state);
@@ -323,14 +331,20 @@ struct tevent_req *groups_get_send(TALLOC_CTX *memctx,
goto fail;
}
+ ret = sss_filter_sanitize(state, name, &clean_name);
+ if (ret != EOK) {
+ goto fail;
+ }
+
state->filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
- attr_name, name,
+ attr_name, clean_name,
ctx->opts->group_map[SDAP_OC_GROUP].name);
if (!state->filter) {
DEBUG(2, ("Failed to build filter\n"));
ret = ENOMEM;
goto fail;
}
+ talloc_zfree(clean_name);
/* TODO: handle attrs_type */
ret = build_attrs_from_map(state, ctx->opts->group_map,
diff --git a/src/providers/ldap/ldap_id_netgroup.c b/src/providers/ldap/ldap_id_netgroup.c
index c82ccc439..6a668a1d6 100644
--- a/src/providers/ldap/ldap_id_netgroup.c
+++ b/src/providers/ldap/ldap_id_netgroup.c
@@ -59,6 +59,7 @@ struct tevent_req *netgroup_get_send(TALLOC_CTX *memctx,
{
struct tevent_req *req;
struct netgroup_get_state *state;
+ char *clean_name;
int ret;
req = tevent_req_create(memctx, &state, struct netgroup_get_state);
@@ -79,15 +80,21 @@ struct tevent_req *netgroup_get_send(TALLOC_CTX *memctx,
state->domain = state->ctx->be->domain;
state->name = name;
+ ret = sss_filter_sanitize(state, name, &clean_name);
+ if (ret != EOK) {
+ goto fail;
+ }
+
state->filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
ctx->opts->netgroup_map[SDAP_AT_NETGROUP_NAME].name,
- name,
+ clean_name,
ctx->opts->netgroup_map[SDAP_OC_NETGROUP].name);
if (!state->filter) {
DEBUG(2, ("Failed to build filter\n"));
ret = ENOMEM;
goto fail;
}
+ talloc_zfree(clean_name);
ret = build_attrs_from_map(state, ctx->opts->netgroup_map,
SDAP_OPTS_NETGROUP, &state->attrs);
diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c
index 4a30b74be..23c076f1f 100644
--- a/src/providers/ldap/sdap_access.c
+++ b/src/providers/ldap/sdap_access.c
@@ -114,6 +114,7 @@ static struct tevent_req *sdap_access_send(TALLOC_CTX *mem_ctx,
struct tevent_req *req;
struct ldb_result *res;
const char *basedn;
+ char *clean_username;
req = tevent_req_create(mem_ctx, &state, struct sdap_access_req_ctx);
if (req == NULL) {
@@ -204,17 +205,24 @@ static struct tevent_req *sdap_access_send(TALLOC_CTX *mem_ctx,
talloc_zfree(res);
/* Construct the filter */
+
+ ret = sss_filter_sanitize(state, state->username, &clean_username);
+ if (ret != EOK) {
+ goto failed;
+ }
+
state->filter = talloc_asprintf(
state,
"(&(%s=%s)(objectclass=%s)%s)",
state->sdap_ctx->opts->user_map[SDAP_AT_USER_NAME].name,
- state->username,
+ clean_username,
state->sdap_ctx->opts->user_map[SDAP_OC_USER].name,
state->access_ctx->filter);
if (state->filter == NULL) {
DEBUG(0, ("Could not construct access filter\n"));
goto failed;
}
+ talloc_zfree(clean_username);
DEBUG(6, ("Checking filter against LDAP\n"));
diff --git a/src/providers/ldap/sdap_async_accounts.c b/src/providers/ldap/sdap_async_accounts.c
index f4d6d0525..a4d15d677 100644
--- a/src/providers/ldap/sdap_async_accounts.c
+++ b/src/providers/ldap/sdap_async_accounts.c
@@ -1857,6 +1857,7 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx,
struct sdap_initgr_rfc2307_state *state;
const char *filter;
const char **attrs;
+ char *clean_name;
errno_t ret;
req = tevent_req_create(memctx, &state, struct sdap_initgr_rfc2307_state);
@@ -1881,13 +1882,21 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx,
return NULL;
}
+ ret = sss_filter_sanitize(state, name, &clean_name);
+ if (ret != EOK) {
+ talloc_free(req);
+ return NULL;
+ }
+
filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
opts->group_map[SDAP_AT_GROUP_MEMBER].name,
- name, opts->group_map[SDAP_OC_GROUP].name);
+ clean_name,
+ opts->group_map[SDAP_OC_GROUP].name);
if (!filter) {
talloc_zfree(req);
return NULL;
}
+ talloc_zfree(clean_name);
subreq = sdap_get_generic_send(state, state->ev, state->opts,
state->sh, base_dn, LDAP_SCOPE_SUBTREE,
@@ -3124,6 +3133,7 @@ static struct tevent_req *sdap_initgr_rfc2307bis_send(
struct sdap_initgr_rfc2307_state *state;
const char *filter;
const char **attrs;
+ char *clean_orig_dn;
req = tevent_req_create(memctx, &state, struct sdap_initgr_rfc2307_state);
if (!req) return NULL;
@@ -3143,13 +3153,21 @@ static struct tevent_req *sdap_initgr_rfc2307bis_send(
return NULL;
}
+ ret = sss_filter_sanitize(state, orig_dn, &clean_orig_dn);
+ if (ret != EOK) {
+ talloc_free(req);
+ return NULL;
+ }
+
filter = talloc_asprintf(state, "(&(%s=%s)(objectclass=%s))",
opts->group_map[SDAP_AT_GROUP_MEMBER].name,
- orig_dn, opts->group_map[SDAP_OC_GROUP].name);
+ clean_orig_dn,
+ opts->group_map[SDAP_OC_GROUP].name);
if (!filter) {
talloc_zfree(req);
return NULL;
}
+ talloc_zfree(clean_orig_dn);
DEBUG(6, ("Looking up parent groups for user [%s]\n", orig_dn));
subreq = sdap_get_generic_send(state, state->ev, state->opts,
@@ -3455,6 +3473,7 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req)
char *filter;
const char *orig_dn;
const char **attrs;
+ char *clean_orig_dn;
struct sdap_rfc2307bis_nested_ctx *state =
tevent_req_data(req, struct sdap_rfc2307bis_nested_ctx);
@@ -3529,15 +3548,21 @@ static errno_t rfc2307bis_nested_groups_step(struct tevent_req *req)
goto error;
}
+ ret = sss_filter_sanitize(state, orig_dn, &clean_orig_dn);
+ if (ret != EOK) {
+ goto error;
+ }
+
filter = talloc_asprintf(
tmp_ctx, "(&(%s=%s)(objectclass=%s))",
state->opts->group_map[SDAP_AT_GROUP_MEMBER].name,
- orig_dn,
+ clean_orig_dn,
state->opts->group_map[SDAP_OC_GROUP].name);
if (!filter) {
ret = ENOMEM;
goto error;
}
+ talloc_zfree(clean_orig_dn);
DEBUG(6, ("Looking up parent groups for group [%s]\n", orig_dn));
subreq = sdap_get_generic_send(state, state->ev, state->opts,