httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject LDAP escaping question
Date Wed, 03 Feb 2016 19:17:24 GMT
I am looking at an old block of code in mod_authnz_ldap that seems to
have been there since it was imported.  We do some escaping of the
HTTP basic auth username before copying it into a filter.

    for (p = user, q=filtbuf + len;
         *p && q < filtbuf_end; *q++ = *p++) {
        if (strchr("*()\\", *p) != NULL) {
            *q++ = '\\';
            if (q >= filtbuf_end) {
              break;
            }
        }
    }


But neither http://tools.ietf.org/html/rfc4514 nor

-- 
Eric Covener
covener@gmail.com

Mime
View raw message