From c80b45cfb0db2f447aa5c880d8e2bc1bca4e8dab Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come@opensides.be>
Date: Fri, 20 Jan 2017 10:42:54 +0100
Subject: [PATCH] Fixes #5322 Removed LDAP::fix and LDAP::convert
---
include/class_SnapshotDialogs.inc | 4 +-
include/class_SnapshotHandler.inc | 2 +-
include/class_config.inc | 5 +-
include/class_ldap.inc | 113 ++++--------------
include/class_listing.inc | 6 +-
include/class_management.inc | 2 +-
include/class_msgPool.inc | 2 +-
include/class_objects.inc | 2 +-
include/class_userinfo.inc | 4 +-
include/functions.inc | 6 +-
.../simpleplugin/class_simpleManagement.inc | 2 +-
plugins/admin/acl/class_aclManagement.inc | 1 -
.../class_departmentManagement.inc | 2 +-
plugins/admin/groups/class_ogroup.inc | 4 +-
setup/class_setupStep_Migrate.inc | 8 +-
15 files changed, 48 insertions(+), 115 deletions(-)
diff --git a/include/class_SnapshotDialogs.inc b/include/class_SnapshotDialogs.inc
index d6544c5ca..ea499d6ca 100644
--- a/include/class_SnapshotDialogs.inc
+++ b/include/class_SnapshotDialogs.inc
@@ -219,7 +219,7 @@ class SnapshotRestoreDialog extends simplePlugin
$objects = array(
array(
'name' => 'snapshot',
- 'dn' => LDAP::fix($this->snapDn),
+ 'dn' => $this->snapDn,
'icon' => 'geticon.php?context=actions&icon=document-restore&size=16',
'type' => 'Snapshot'
)
@@ -233,7 +233,7 @@ class SnapshotRestoreDialog extends simplePlugin
$objects = array(
array(
'name' => 'snapshot',
- 'dn' => LDAP::fix($this->snapDn),
+ 'dn' => $this->snapDn,
'icon' => 'geticon.php?context=actions&icon=document-restore&size=16',
'type' => 'Snapshot'
)
diff --git a/include/class_SnapshotHandler.inc b/include/class_SnapshotHandler.inc
index 754b6451f..60e55bf0c 100644
--- a/include/class_SnapshotHandler.inc
+++ b/include/class_SnapshotHandler.inc
@@ -233,7 +233,7 @@ class SnapshotHandler
/* Create object */
$data = '';
foreach ($dns as $tmp_dn) {
- $data .= $ldap->generateLdif(LDAP::fix($tmp_dn), '(!(objectClass=gosaDepartment))', 'sub');
+ $data .= $ldap->generateLdif($tmp_dn, '(!(objectClass=gosaDepartment))', 'sub');
if (!$ldap->success()) {
msg_dialog::display(_('LDAP error'), msgPool::ldaperror($ldap->get_error(), $tmp_dn, '', get_class()), LDAP_ERROR);
}
diff --git a/include/class_config.inc b/include/class_config.inc
index af982031c..90a68a9d1 100644
--- a/include/class_config.inc
+++ b/include/class_config.inc
@@ -388,9 +388,6 @@ class config {
$this->current['BASE'] = key($bases);
}
- /* Convert BASE to have escaped special characters */
- $this->current['BASE'] = @LDAP::convert($this->current['BASE']);
-
/* Parse LDAP referral informations */
if (!isset($this->current['ADMINDN']) || !isset($this->current['ADMINPASSWORD'])) {
$url = $this->current['SERVER'];
@@ -684,7 +681,7 @@ class config {
}
/* Fix name, if it contains a replace tag */
- $name = preg_replace('/\\\\,/', ',', LDAP::fix($name));
+ $name = preg_replace('/\\\\,/', ',', $name);
/* Check if current name is too long, then cut it */
if (mb_strlen($name, 'UTF-8') > $max_size) {
diff --git a/include/class_ldap.inc b/include/class_ldap.inc
index fd6a35561..9ebcde881 100644
--- a/include/class_ldap.inc
+++ b/include/class_ldap.inc
@@ -26,8 +26,6 @@
* Source code for Class LDAP
*/
-define("SPECIALS_OVERRIDE", FALSE);
-
/*!
* \brief This class contains all ldap function needed to make
* ldap operations easy
@@ -86,7 +84,7 @@ class LDAP
global $config;
$this->follow_referral = $follow_referral;
$this->tls = $tls;
- $this->binddn = LDAP::convert($binddn);
+ $this->binddn = $binddn;
$this->bindpw = $bindpw;
$this->hostname = $hostname;
@@ -112,67 +110,6 @@ class LDAP
return $this->srp++;
}
- /*! \brief Function to replace all problematic characters inside a DN by \001XX
- *
- * Function to replace all problematic characters inside a DN by \001XX, where
- * \001 is decoded to chr(1) [ctrl+a]. It is not impossible, but very unlikely
- * that this character is inside a DN.
- *
- * Currently used codes:
- * \code
- * , => CO
- * \2C => CO
- * ( => OB
- * ) => CB
- * / => SL
- * " => DQ
- * \22 => DQ
- * \endcode
- *
- * \param string $dn The DN
- *
- * \return String, the corrected DN
- */
- static function convert($dn)
- {
- if (SPECIALS_OVERRIDE == TRUE) {
- $tmp = preg_replace(
- array("/\\\\,/", "/\\\\2C/", "/\(/", "/\)/", "/\//", "/\\\\22/", '/\\\\"/'),
- array("\001CO", "\001CO", "\001OB", "\001CB", "\001SL", "\001DQ", "\001DQ"),
- $dn
- );
- return preg_replace('/,\s+/', ',', $tmp);
- } else {
- return $dn;
- }
- }
-
- /*!
- * \brief Function to fix all problematic characters inside a DN DN by replacing \001XX codes
- * to their original values
- *
- * Function to fix all problematic characters inside a DN by replacing \001XX codes
- * to their original values. See "convert" for more information.
- * ',' characters are always expanded to \, (not \2C), since all tested LDAP servers
- * seem to take it the correct way.
- *
- * \param string $dn The DN
- *
- * \return String, the fixed DN
- */
- static function fix($dn)
- {
- if (SPECIALS_OVERRIDE == TRUE) {
- return preg_replace(
- array("/\001CO/", "/\001OB/", "/\001CB/", "/\001SL/", "/\001DQ/"),
- array("\,", "(", ")", "/", '\"'),
- $dn
- );
- } else {
- return $dn;
- }
- }
-
/*!
* \brief Function to fix problematic characters in DN's that are used for search requests. I.e. member=....
*
@@ -204,7 +141,7 @@ class LDAP
}
$this->error = "No Error";
- if (@ldap_bind($this->cid, LDAP::fix($this->binddn), $this->bindpw)) {
+ if (@ldap_bind($this->cid, $this->binddn, $this->bindpw)) {
$this->error = "Success";
$this->hascon = TRUE;
} else {
@@ -227,7 +164,7 @@ class LDAP
function rebind($ldap, $referral)
{
$credentials = $this->get_credentials($referral);
- if (@ldap_bind($ldap, LDAP::fix($credentials['ADMINDN']), $credentials['ADMINPASSWORD'])) {
+ if (@ldap_bind($ldap, $credentials['ADMINDN'], $credentials['ADMINPASSWORD'])) {
$this->error = "Success";
$this->hascon = TRUE;
$this->reconnect = TRUE;
@@ -275,10 +212,10 @@ class LDAP
*/
function cd($dir)
{
- if ($dir == "..") {
+ if ($dir == '..') {
$this->basedn = $this->getParentDir();
} else {
- $this->basedn = LDAP::convert($dir);
+ $this->basedn = $dir;
}
}
@@ -289,12 +226,12 @@ class LDAP
*
* \return String, the parent directory
*/
- function getParentDir($basedn = "")
+ function getParentDir($basedn = '')
{
- if ($basedn == "") {
+ if ($basedn == '') {
$basedn = $this->basedn;
} else {
- $basedn = LDAP::convert($basedn);
+ $basedn = $basedn;
}
return preg_replace("/[^,]*[,]*[ ]*(.*)/", "$1", $basedn);
}
@@ -321,11 +258,11 @@ class LDAP
case 'base':
throw new FusionDirectoryException('not implemented');
case 'one':
- $this->sr[$srp] = @ldap_list($this->cid, LDAP::fix($this->basedn), $filter, $attrs);
+ $this->sr[$srp] = @ldap_list($this->cid, $this->basedn, $filter, $attrs);
break;
default:
case 'subtree':
- $this->sr[$srp] = @ldap_search($this->cid, LDAP::fix($this->basedn), $filter, $attrs);
+ $this->sr[$srp] = @ldap_search($this->cid, $this->basedn, $filter, $attrs);
break;
}
$this->error = @ldap_error($this->cid);
@@ -340,7 +277,7 @@ class LDAP
}
}
- $this->log("LDAP operation: time=".(microtime(TRUE) - $start)." operation=search('".LDAP::fix($this->basedn)."', '$filter')");
+ $this->log("LDAP operation: time=".(microtime(TRUE) - $start)." operation=search('".$this->basedn."', '$filter')");
return $this->sr[$srp];
} else {
$this->error = "Could not connect to LDAP server";
@@ -385,7 +322,7 @@ class LDAP
}
$this->clearResult($srp);
- $this->sr[$srp] = @ldap_read($this->cid, LDAP::fix($dn), $filter, $attrs);
+ $this->sr[$srp] = @ldap_read($this->cid, $dn, $filter, $attrs);
$this->error = @ldap_error($this->cid);
$this->resetResult($srp);
$this->hasres[$srp] = TRUE;
@@ -409,7 +346,7 @@ class LDAP
if ($this->reconnect) {
$this->connect();
}
- $res = @ldap_read($this->cid, LDAP::fix($dn), $filter, array("objectClass"));
+ $res = @ldap_read($this->cid, $dn, $filter, array("objectClass"));
$rv = @ldap_count_entries($this->cid, $res);
return $rv;
} else {
@@ -458,7 +395,7 @@ class LDAP
}
if ($this->re[$srp]) {
$att = @ldap_get_attributes($this->cid, $this->re[$srp]);
- $att['dn'] = trim(LDAP::convert(@ldap_get_dn($this->cid, $this->re[$srp])));
+ $att['dn'] = trim(@ldap_get_dn($this->cid, $this->re[$srp]));
}
$this->error = @ldap_error($this->cid);
if (!isset($att)) {
@@ -513,7 +450,7 @@ class LDAP
$rv = @ldap_get_dn($this->cid, $this->re[$srp]);
$this->error = @ldap_error($this->cid);
- return trim(LDAP::convert($rv));
+ return trim($rv);
}
} else {
$this->error = "Perform a Fetch with no Search";
@@ -565,7 +502,7 @@ class LDAP
$dn = $this->basedn;
}
- $r = ldap_mod_del($this->cid, LDAP::fix($dn), $attrs);
+ $r = ldap_mod_del($this->cid, $dn, $attrs);
$this->error = @ldap_error($this->cid);
return $r;
} else {
@@ -584,7 +521,7 @@ class LDAP
$dn = $this->basedn;
}
- $r = @ldap_mod_add($this->cid, LDAP::fix($dn), $attrs);
+ $r = @ldap_mod_add($this->cid, $dn, $attrs);
$this->error = @ldap_error($this->cid);
return $r;
} else {
@@ -604,7 +541,7 @@ class LDAP
if ($this->reconnect) {
$this->connect();
}
- $r = @ldap_delete($this->cid, LDAP::fix($deletedn));
+ $r = @ldap_delete($this->cid, $deletedn);
$this->error = @ldap_error($this->cid);
return ($r ? $r : 0);
} else {
@@ -651,7 +588,7 @@ class LDAP
if ($this->reconnect) {
$this->connect();
}
- $r = ldap_rename($this->cid, @LDAP::fix($source), @LDAP::fix($dest_rdn), @LDAP::fix($parent), FALSE);
+ $r = ldap_rename($this->cid, $source, $dest_rdn, $parent, FALSE);
$this->error = ldap_error($this->cid);
/* Check if destination dn exists, if not the
@@ -744,7 +681,7 @@ class LDAP
if ($this->reconnect) {
$this->connect();
}
- $r = @ldap_modify($this->cid, LDAP::fix($this->basedn), $attrs);
+ $r = @ldap_modify($this->cid, $this->basedn, $attrs);
$this->error = @ldap_error($this->cid);
if (!$this->success()) {
$this->error .= $this->makeReadableErrors($this->error, $attrs);
@@ -767,7 +704,7 @@ class LDAP
if ($this->reconnect) {
$this->connect();
}
- $r = @ldap_add($this->cid, LDAP::fix($this->basedn), $attrs);
+ $r = @ldap_add($this->cid, $this->basedn, $attrs);
$this->error = @ldap_error($this->cid);
if (!$this->success()) {
$this->error .= $this->makeReadableErrors($this->error, $attrs);
@@ -825,7 +762,7 @@ class LDAP
/* Create missing entry? */
if (!count($attrs)) {
$type = preg_replace('/^([^=]+)=.*$/', '\\1', $cdn);
- $param = LDAP::fix(preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn));
+ $param = preg_replace('/^[^=]+=([^,]+).*$/', '\\1', $cdn);
$param = preg_replace(array('/\\\\,/','/\\\\"/'), array(',','"'), $param);
$na = array();
@@ -927,7 +864,7 @@ class LDAP
if ($this->reconnect) {
$this->connect();
}
- $sr = @ldap_read($this->cid, LDAP::fix($dn), "objectClass=*", array("$name"));
+ $sr = @ldap_read($this->cid, $dn, "objectClass=*", array("$name"));
/* fill data from LDAP */
if ($sr) {
@@ -999,7 +936,7 @@ class LDAP
if (isset($referrals[$server])) {
return $referrals[$server];
} else {
- $ret['ADMINDN'] = LDAP::fix($this->binddn);
+ $ret['ADMINDN'] = $this->binddn;
$ret['ADMINPASSWORD'] = $this->bindpw;
}
@@ -1079,7 +1016,7 @@ class LDAP
function dn_exists($dn)
{
- return @ldap_list($this->cid, LDAP::fix($dn), "(objectClass=*)", array("objectClass"));
+ return @ldap_list($this->cid, $dn, "(objectClass=*)", array("objectClass"));
}
diff --git a/include/class_listing.inc b/include/class_listing.inc
index 84666cfb7..68567f150 100644
--- a/include/class_listing.inc
+++ b/include/class_listing.inc
@@ -851,7 +851,7 @@ class listing
$params[] = $this->getObjectType($cfg['dn'], $cfg);
break;
case 'dn':
- $params[] = LDAP::fix($cfg['dn']);
+ $params[] = $cfg['dn'];
break;
default:
if (preg_match('/^"(.*)"$/', $param, $m)) {
@@ -978,7 +978,7 @@ class listing
$result = " ";
if ($type) {
- $result = '<img class="center" title="'.LDAP::fix($dn).'" src="'.htmlentities($types[$type]['image'], ENT_COMPAT, 'UTF-8').'" alt="'.$type.'"/>';
+ $result = '<img class="center" title="'.$dn.'" src="'.htmlentities($types[$type]['image'], ENT_COMPAT, 'UTF-8').'" alt="'.$type.'"/>';
if (!isset($this->objectTypeCount[$types[$type]['label']])) {
$this->objectTypeCount[$types[$type]['label']] = 0;
}
@@ -1140,7 +1140,7 @@ class listing
{
$row = func_get_arg(0);
$pid = $this->pid;
- $dn = LDAP::fix(func_get_arg(1));
+ $dn = func_get_arg(1);
$params = array(func_get_arg(2));
// Collect sprintf params
diff --git a/include/class_management.inc b/include/class_management.inc
index fbddadd12..13d6cad67 100644
--- a/include/class_management.inc
+++ b/include/class_management.inc
@@ -46,7 +46,7 @@ class management
if (!preg_match('/^geticon/', $plIcon)) {
$plIcon = get_template_path($plIcon);
}
- return print_header($plIcon, $plTitle, LDAP::fix(get_object_info()));
+ return print_header($plIcon, $plTitle, get_object_info());
}
/*!
diff --git a/include/class_msgPool.inc b/include/class_msgPool.inc
index 1890b689a..f3cb895a8 100644
--- a/include/class_msgPool.inc
+++ b/include/class_msgPool.inc
@@ -716,7 +716,7 @@ class msgPool {
/* Fill DN information */
if ($dn != '') {
- $dn_info = '<br/><br/><i>'._('Object').':</i> '.LDAP::fix($dn);
+ $dn_info = '<br/><br/><i>'._('Object').':</i> '.$dn;
}
return $headline.$dn_info.'<br/><br/><i>'._('Error').':</i> '.$error;
diff --git a/include/class_objects.inc b/include/class_objects.inc
index 5808ee8db..bf6c481dd 100644
--- a/include/class_objects.inc
+++ b/include/class_objects.inc
@@ -282,7 +282,7 @@ class objects
continue;
}
}
- $templates[$dn] = $attrs['cn'][0]." - ".LDAP::fix($key);
+ $templates[$dn] = $attrs['cn'][0].' - '.$key;
}
}
}
diff --git a/include/class_userinfo.inc b/include/class_userinfo.inc
index 7afca9563..a41fbf2d3 100644
--- a/include/class_userinfo.inc
+++ b/include/class_userinfo.inc
@@ -193,12 +193,12 @@ class userinfo
/* Inspect members... */
foreach (array_keys($type['members']) as $grp) {
/* Some group inside the members that is relevant for us? */
- if (in_array_ics(@LDAP::convert(preg_replace('/^G:/', '', $grp)), $this->groups)) {
+ if (in_array_ics(preg_replace('/^G:/', '', $grp), $this->groups)) {
$interresting = TRUE;
}
/* Some role inside the members that is relevant for us? */
- if (in_array_ics(@LDAP::convert(preg_replace('/^R:/', '', $grp)), $this->roles)) {
+ if (in_array_ics(preg_replace('/^R:/', '', $grp), $this->roles)) {
$interresting = TRUE;
}
diff --git a/include/functions.inc b/include/functions.inc
index e41bc232c..a4584f0a8 100644
--- a/include/functions.inc
+++ b/include/functions.inc
@@ -1071,9 +1071,9 @@ function get_ou($name)
if ($ou != '') {
if (!preg_match('/^[^=]+=[^=]+/', $ou)) {
- $ou = @LDAP::convert("ou=$ou");
+ $ou = "ou=$ou";
} else {
- $ou = @LDAP::convert("$ou");
+ $ou = "$ou";
}
if (preg_match('/'.preg_quote($config->current['BASE'], '/').'$/', $ou)) {
@@ -2153,7 +2153,7 @@ function get_next_id_hook($attrib, $dn)
$command = $config->get_cfg_value("nextIdHook");
if ($command != "") {
- $command .= " ".escapeshellarg(LDAP::fix($dn))." ".escapeshellarg($attrib);
+ $command .= " ".escapeshellarg($dn)." ".escapeshellarg($attrib);
if (check_command($command)) {
@DEBUG (DEBUG_SHELL, __LINE__, __FUNCTION__, __FILE__, $command, "Execute");
exec($command, $output);
diff --git a/include/simpleplugin/class_simpleManagement.inc b/include/simpleplugin/class_simpleManagement.inc
index 196c50bd8..ee9c3a03c 100644
--- a/include/simpleplugin/class_simpleManagement.inc
+++ b/include/simpleplugin/class_simpleManagement.inc
@@ -913,7 +913,7 @@ class simpleManagement extends management
$entry = $this->getHeadpage()->getEntry($dn);
$objects[] = array(
'name' => $entry[$info['mainAttr']][0],
- 'dn' => LDAP::fix($dn),
+ 'dn' => $dn,
'icon' => $info['icon'],
'type' => $info['name']
);
diff --git a/plugins/admin/acl/class_aclManagement.inc b/plugins/admin/acl/class_aclManagement.inc
index 79467ced2..a87ac4aca 100644
--- a/plugins/admin/acl/class_aclManagement.inc
+++ b/plugins/admin/acl/class_aclManagement.inc
@@ -208,7 +208,6 @@ class aclManagement extends simpleManagement
}
$ou .= " ["._("ACL Assignment")."]";
- $dn = LDAP::fix($dn);
return "<a href='?plug=".$_GET['plug']."&PID=$pid&act=listing_edit_$row' title='$dn'>$ou</a>";
}
diff --git a/plugins/admin/departments/class_departmentManagement.inc b/plugins/admin/departments/class_departmentManagement.inc
index eccb920cb..359292ba0 100644
--- a/plugins/admin/departments/class_departmentManagement.inc
+++ b/plugins/admin/departments/class_departmentManagement.inc
@@ -95,7 +95,7 @@ class departmentManagement extends simpleManagement
if ($dn == $base) {
$ou = ".";
}
- $dn = LDAP::fix(func_get_arg(1));
+ $dn = func_get_arg(1);
return "<a href='?plug=".$_GET['plug']."&PID=$pid&act=listing_open_$row' title='$dn'>$ou</a>";
}
diff --git a/plugins/admin/groups/class_ogroup.inc b/plugins/admin/groups/class_ogroup.inc
index fe06985b5..3ac6cea8f 100644
--- a/plugins/admin/groups/class_ogroup.inc
+++ b/plugins/admin/groups/class_ogroup.inc
@@ -60,11 +60,11 @@ class ObjectsAttribute extends GenericDialogAttribute
}
if (!isset($this->displays[$i])) {
trigger_error('Unkown type for "'.$this->value[$i].'"');
- $this->displays[$i] = sprintf(_('Unknown type : %s'), LDAP::fix($this->value[$i]));
+ $this->displays[$i] = sprintf(_('Unknown type : %s'), $this->value[$i]);
$this->types[$i] = 'I';
}
} else {
- $this->displays[$i] = sprintf(_('Non existing dn: %s'), LDAP::fix($this->value[$i]));
+ $this->displays[$i] = sprintf(_('Non existing dn: %s'), $this->value[$i]);
$this->types[$i] = 'I';
}
}
diff --git a/setup/class_setupStep_Migrate.inc b/setup/class_setupStep_Migrate.inc
index 5ee91efe1..30edf7e13 100644
--- a/setup/class_setupStep_Migrate.inc
+++ b/setup/class_setupStep_Migrate.inc
@@ -605,7 +605,7 @@ class Step_Migrate extends setupStep
/* Fix displayed dn syntax */
$infos['entries'] = $this->$var;
foreach ($infos['entries'] as $key => $data) {
- $infos['entries'][$key]['dn'] = LDAP::fix($data['dn']);
+ $infos['entries'][$key]['dn'] = $data['dn'];
}
$this->openDialog(new StepMigrateDialog($checkobj, 'setup_migrate_accounts.tpl', $infos));
}
@@ -624,7 +624,7 @@ class Step_Migrate extends setupStep
$var = $checkobj->name.'_toMigrate';
$infos['entries'] = $this->$var;
foreach ($infos['entries'] as $key => $data) {
- $infos['entries'][$key]['dn'] = LDAP::fix($data['dn']);
+ $infos['entries'][$key]['dn'] = $data['dn'];
}
return $infos;
}
@@ -672,7 +672,7 @@ class Step_Migrate extends setupStep
_('Migration error'),
sprintf(
_('Cannot migrate entry "%s":').'<br/><br/><i>%s</i>',
- LDAP::fix($attrs['dn']), $ldap->get_error()
+ $attrs['dn'], $ldap->get_error()
),
ERROR_DIALOG
);
@@ -1024,7 +1024,7 @@ class Step_Migrate extends setupStep
_('Migration error'),
sprintf(
_('Cannot add ACL role "%s":').'<br/><br/><i>%s</i>',
- LDAP::fix($dn), $ldap->get_error()
+ $dn, $ldap->get_error()
),
ERROR_DIALOG
);
--
GitLab