diff options
author | Dmitriy Zaporozhets <dzaporozhets@gitlab.com> | 2015-03-11 19:57:28 +0300 |
---|---|---|
committer | Dmitriy Zaporozhets <dzaporozhets@gitlab.com> | 2015-03-11 19:57:28 +0300 |
commit | e349ca1353ac1ab05edd7c7fad4628b2ccf4fd97 (patch) | |
tree | 646a7c47b5b91151550f9fc2ab472e5b78aa68f7 /lib | |
parent | 8cebbea7c236d8c548d423c4fbf89462fc95cca7 (diff) | |
parent | 757dca2b78c8b218295c855d6b7529bad05ae24b (diff) |
Merge branch 'ldap-filter-eq' into 'master'
Escape wildcards when searching LDAP by username.
Addresses https://dev.gitlab.org/gitlab/gitlabhq/issues/2086.
Also see https://dev.gitlab.org/gitlab/gitlab-ee/merge_requests/344 and https://dev.gitlab.org/gitlab/omniauth-ldap/merge_requests/2.
See merge request !1644
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/ldap/authentication.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/ldap/person.rb | 2 |
2 files changed, 3 insertions, 1 deletions
diff --git a/lib/gitlab/ldap/authentication.rb b/lib/gitlab/ldap/authentication.rb index 8af2c74e959..649cf3194b8 100644 --- a/lib/gitlab/ldap/authentication.rb +++ b/lib/gitlab/ldap/authentication.rb @@ -50,7 +50,7 @@ module Gitlab end def user_filter(login) - filter = Net::LDAP::Filter.eq(config.uid, login) + filter = Net::LDAP::Filter.equals(config.uid, login) # Apply LDAP user filter if present if config.user_filter.present? diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb index 3e0b3e6cbf8..3c426179375 100644 --- a/lib/gitlab/ldap/person.rb +++ b/lib/gitlab/ldap/person.rb @@ -9,10 +9,12 @@ module Gitlab attr_accessor :entry, :provider def self.find_by_uid(uid, adapter) + uid = Net::LDAP::Filter.escape(uid) adapter.user(adapter.config.uid, uid) end def self.find_by_dn(dn, adapter) + dn = Net::LDAP::Filter.escape(dn) adapter.user('dn', dn) end |