oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Filter out searches for *@REALM, which takes very long time, and other

Browse Source 
ldap special characters, this should really be quoting instead.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23941 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-10-19 01:32:04 +00:00
parent 476329daa6
commit 21fdd30824
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
lib/hdb/hdb-ldap.c
View File

@@ -797,6 +797,20 @@ LDAP__lookup_princ(krb5_context context,
krb5_error_code ret;
int rc;
char *filter = NULL;
size_t len;
/*
* Filter out searches for *@REALM, which takes very long time,
* and other ldap special characters, this should really be
* quoting instead.
*/
len = strcspn(princname, "()*=&\\|~=<>!");
if (princname[len] != '\0') {
krb5_set_error_message(context, HDB_ERR_NOENTRY,
"Principal contains ldap "
"search term: %s", princname);
return HDB_ERR_NOENTRY;
}
ret = LDAP__connect(context, db);
if (ret)