From 06c87342f48579a9a89c781f1ffd954015edb4eb Mon Sep 17 00:00:00 2001
From: Jared Hancock <jared@osticket.com>
Date: Thu, 24 Sep 2015 21:02:51 -0500
Subject: [PATCH] ldap: Properly escape search and dn values for queries

---
 auth-ldap/authentication.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/auth-ldap/authentication.php b/auth-ldap/authentication.php
index 34d78ea..5c03c4d 100644
--- a/auth-ldap/authentication.php
+++ b/auth-ldap/authentication.php
@@ -225,6 +225,7 @@ function($match) use ($username, $domain, $config) {
         if (!$this->_bind($c))
             return null;
 
+        $username = Net_LDAP2_Util::escape_filter_value($username);
         $r = $c->search(
             $this->getSearchBase(),
             str_replace(
@@ -288,6 +289,7 @@ function lookup($lookup_dn, $bind=true) {
                 $schema['username'],
             )))
         );
+        $lookup_dn = Net_LDAP2_Util::canonical_dn($lookup_dn);
         $r = $c->search($lookup_dn, '(objectClass=*)', $opts);
         if (PEAR::isError($r) || !$r->count())
             return null;
@@ -304,6 +306,7 @@ function search($query) {
 
         $schema = static::$schemas[$this->getSchema($c)];
         $schema = $schema['user'];
+        $query = Net_LDAP2_Util::escape_filter_value($query);
         $r = $c->search(
             $this->getSearchBase(),
             str_replace('{q}', $query, $schema['search']),