Zhang Huangbin  committed 0d46556

Use ldap.dn.escape_dn_chars to escape invalid chars while converting keyword to dn.

  • Participants
  • Parent commits 7e4231a
  • Branches default

Comments (0)

Files changed (2)

File libs/ldaplib/

 import web
 import ldap
-from ldap.dn import escape_dn_chars
 # Used for user auth.
 def Auth(uri, dn, password, session=web.config.get('_session')):
-        dn = escape_dn_chars(web.safestr(dn.strip()))
+        dn = web.safestr(dn.strip())
         password = password.strip()
         # Detect STARTTLS support.

File libs/ldaplib/

 from base64 import b64encode
 import web
 import ldap
+from ldap.dn import escape_dn_chars
 from libs import iredutils, settings
 from libs.ldaplib import attrs
 def convKeywordToDN(keyword, accountType='user'):
     '''Convert keyword and account type to DN.'''
     keyword = web.safestr(keyword).strip().replace(' ', '')
+    keyword = escape_dn_chars(keyword)
     accountType == web.safestr(accountType)
     # No matter what account type is, try to get a domain name.