From ad89155aefdc8cc757657a5c57da6624d8e8b25d Mon Sep 17 00:00:00 2001 From: Andrew Branson Date: Thu, 13 Jun 2013 09:58:56 +0200 Subject: Escape DNs in Path, so special characters can be used in Path components. Fixes #125 --- .../java/com/c2kernel/lookup/LDAPLookupUtils.java | 29 +++++++++++++++++++--- 1 file changed, 25 insertions(+), 4 deletions(-) (limited to 'src/main/java/com/c2kernel/lookup/LDAPLookupUtils.java') diff --git a/src/main/java/com/c2kernel/lookup/LDAPLookupUtils.java b/src/main/java/com/c2kernel/lookup/LDAPLookupUtils.java index d8a4394..1ac4b3b 100644 --- a/src/main/java/com/c2kernel/lookup/LDAPLookupUtils.java +++ b/src/main/java/com/c2kernel/lookup/LDAPLookupUtils.java @@ -27,6 +27,7 @@ import com.novell.ldap.LDAPSearchResults; final public class LDAPLookupUtils { + static final char[] META_CHARS = {'+', '=', '"', ',', '<', '>', ';', '/'}; static public LDAPEntry getEntry(LDAPConnection ld, String dn,int dereference) throws ObjectNotFoundException { @@ -285,24 +286,44 @@ final public class LDAPLookupUtils Logger.msg(ex.toString()); } } + public static String escapeDN (String name) { //From RFC 2253 and the / character for JNDI - final char[] META_CHARS = {'+', '"', '<', '>', ';', '/'}; + String escapedStr = new String(name); //Backslash is both a Java and an LDAP escape character, so escape it first escapedStr = escapedStr.replaceAll("\\\\","\\\\"); //Positional characters - see RFC 2253 - escapedStr = escapedStr.replaceAll("^#","\\\\#"); + escapedStr = escapedStr.replaceAll("^#","\\\\#"); // TODO: active directory requires hash to be escaped everywhere escapedStr = escapedStr.replaceAll("^ | $","\\\\ "); for (char element : META_CHARS) { escapedStr = escapedStr.replaceAll("\\"+element,"\\\\" + element); } - Logger.msg(6, "LDAP DN "+name+" escaped to "+escapedStr); + if (!name.equals(escapedStr)) Logger.msg(3, "LDAP DN "+name+" escaped to "+escapedStr); return escapedStr; } + + public static String unescapeDN (String dn) { + //From RFC 2253 and the / character for JNDI + String unescapedStr = new String(dn); + + //Positional characters - see RFC 2253 + unescapedStr = unescapedStr.replaceAll("^\\\\#", "#"); // TODO: active directory requires hash to be escaped everywhere + unescapedStr = unescapedStr.replaceAll("^\\\\ |\\\\ $", " "); + + for (char element : META_CHARS) { + unescapedStr = unescapedStr.replaceAll("\\\\" + element, ""+element); + } + + //Any remaining backslashes + unescapedStr = unescapedStr.replaceAll("\\\\","\\"); + + if (!dn.equals(unescapedStr)) Logger.msg(3, "LDAP DN "+dn+" unescaped to "+unescapedStr); + return unescapedStr; + } public static String escapeSearchFilter (String filter) { //From RFC 2254 @@ -312,7 +333,7 @@ final public class LDAPLookupUtils //escapedStr = escapedStr.replaceAll("\\*","\\\\2a"); // we need stars for searching escapedStr = escapedStr.replaceAll("\\(","\\\\28"); escapedStr = escapedStr.replaceAll("\\)","\\\\29"); - Logger.msg(6, "LDAP Search Filter "+filter+" escaped to "+escapedStr); + if (!filter.equals(escapedStr)) Logger.msg(3, "LDAP Search Filter "+filter+" escaped to "+escapedStr); return escapedStr; } } -- cgit v1.2.3