From 0a6f7b33c3b5e0552c041f3d529f577c0b392f40 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Mon, 2 Jul 2012 20:31:07 +0200
Subject: [PATCH] LDAP: make it UTF-8 save
---
apps/user_ldap/appinfo/update.php | 18 ++++++++++++++++++
apps/user_ldap/appinfo/version | 2 +-
apps/user_ldap/group_ldap.php | 2 +-
apps/user_ldap/lib_ldap.php | 30 +++++++++++++++---------------
apps/user_ldap/user_ldap.php | 2 +-
5 files changed, 36 insertions(+), 18 deletions(-)
diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php
index dc437ce21c..badceb378d 100644
--- a/apps/user_ldap/appinfo/update.php
+++ b/apps/user_ldap/appinfo/update.php
@@ -31,3 +31,21 @@ if($state == 'doCheck'){
OCP\Config::setSystemValue('ldapIgnoreNamingRules', true);
}
}
+
+
+//from version 0.2 to 0.2.1
+$objects = array('user', 'group');
+
+foreach($objects as $object) {
+ $fetchDNSql = 'SELECT ldap_dn from *PREFIX*ldap_'.$object.'_mapping';
+ $updateSql = 'UPDATE *PREFIX*ldap_'.$object.'_mapping SET ldap_DN = ? WHERE ldap_dn = ?';
+
+ $query = OCP\DB::prepare($fetchDNSql);
+ $res = $query->execute();
+ $DNs = $res->fetchAll();
+ $updateQuery = OCP\DB::prepare($updateSql);
+ foreach($DNs as $dn) {
+ $newDN = mb_strtolower($dn['ldap_dn'], 'UTF-8');
+ $updateQuery->execute(array($newDN, $dn['ldap_dn']));
+ }
+}
diff --git a/apps/user_ldap/appinfo/version b/apps/user_ldap/appinfo/version
index 2f4536184b..5f021e960e 100644
--- a/apps/user_ldap/appinfo/version
+++ b/apps/user_ldap/appinfo/version
@@ -1 +1 @@
-0.2
\ No newline at end of file
+0.2.0.5
\ No newline at end of file
diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php
index a3117b5a41..d438c7d84d 100644
--- a/apps/user_ldap/group_ldap.php
+++ b/apps/user_ldap/group_ldap.php
@@ -158,7 +158,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend {
$isMemberUid = (strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid');
foreach($members as $member) {
if($isMemberUid) {
- $filter = str_replace('%uid', $member, OC_LDAP::conf('ldapLoginFilter'));
+ $filter = OCP\Util::mb_str_replace('%uid', $member, OC_LDAP::conf('ldapLoginFilter'), 'UTF-8');
$ldap_users = OC_LDAP::fetchListOfUsers($filter, 'dn');
if(count($ldap_users) < 1) {
continue;
diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index 152977ff7f..08b09304d7 100644
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -171,7 +171,7 @@ class OC_LDAP {
* returns the internal ownCloud name for the given LDAP DN of the group
*/
static public function dn2groupname($dn, $ldapname = null) {
- if(strripos($dn, self::$ldapBaseGroups) !== (strlen($dn)-strlen(self::$ldapBaseGroups))) {
+ if(mb_strripos($dn, self::$ldapBaseGroups, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen(self::$ldapBaseGroups, 'UTF-8'))) {
return false;
}
return self::dn2ocname($dn, $ldapname, false);
@@ -186,7 +186,7 @@ class OC_LDAP {
* returns the internal ownCloud name for the given LDAP DN of the user, false on DN outside of search DN
*/
static public function dn2username($dn, $ldapname = null) {
- if(strripos($dn, self::$ldapBaseUsers) !== (strlen($dn)-strlen(self::$ldapBaseUsers))) {
+ if(mb_strripos($dn, self::$ldapBaseUsers, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen(self::$ldapBaseUsers, 'UTF-8'))) {
return false;
}
return self::dn2ocname($dn, $ldapname, true);
@@ -304,7 +304,7 @@ class OC_LDAP {
*/
static private function alternateOwnCloudName($name, $dn) {
$ufn = ldap_dn2ufn($dn);
- $name = $name . '@' . trim(substr_replace($ufn, '', 0, strpos($ufn, ',')));
+ $name = $name . '@' . trim(OCP\Util::mb_substr_replace($ufn, '', 0, mb_strpos($ufn, ',', 0, 'UTF-8'), 'UTF-8'));
$name = self::sanitizeUsername($name);
return $name;
}
@@ -419,8 +419,8 @@ class OC_LDAP {
$rr = ldap_read($cr, $dn, 'objectClass=*', array($attr));
$er = ldap_first_entry($cr, $rr);
//LDAP attributes are not case sensitive
- $result = array_change_key_case(ldap_get_attributes($cr, $er));
- $attr = strtolower($attr);
+ $result = OCP\Util::mb_array_change_key_case(ldap_get_attributes($cr, $er), MB_CASE_LOWER, 'UTF-8');
+ $attr = mb_strtolower($attr, 'UTF-8');
if(isset($result[$attr]) && $result[$attr]['count'] > 0){
$values = array();
@@ -469,7 +469,7 @@ class OC_LDAP {
*/
static private function search($filter, $base, $attr = null) {
if(!is_null($attr) && !is_array($attr)) {
- $attr = array(strtolower($attr));
+ $attr = array(mb_strtolower($attr, 'UTF-8'));
}
// See if we have a resource
@@ -500,11 +500,11 @@ class OC_LDAP {
if(!is_array($item)) {
continue;
}
- $item = array_change_key_case($item);
+ $item = OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8');
if($multiarray) {
foreach($attr as $key) {
- $key = strtolower($key);
+ $key = mb_strtolower($key, 'UTF-8');
if(isset($item[$key])) {
if($key != 'dn'){
$selection[$i][$key] = self::resemblesDN($key) ? self::sanitizeDN($item[$key][0]) : $item[$key][0];
@@ -517,7 +517,7 @@ class OC_LDAP {
$i++;
} else {
//tribute to case insensitivity
- $key = strtolower($attr[0]);
+ $key = mb_strtolower($attr[0], 'UTF-8');
if(isset($item[$key])) {
if(self::resemblesDN($key)) {
@@ -546,10 +546,10 @@ class OC_LDAP {
static private function sanitizeDN($dn) {
//OID sometimes gives back DNs with whitespace after the comma a la "uid=foo, cn=bar, dn=..." We need to tackle this!
- $dn = preg_replace('/([^\\\]),(\s+)/','\1,',$dn);
+ $dn = preg_replace('/([^\\\]),(\s+)/u','\1,',$dn);
//make comparisons and everything work
- $dn = strtolower($dn);
+ $dn = mb_strtolower($dn, 'UTF-8');
return $dn;
}
@@ -560,10 +560,10 @@ class OC_LDAP {
}
//REPLACEMENTS
- $name = str_replace(' ', '_', $name);
+ $name = OCP\Util::mb_str_replace(' ', '_', $name, 'UTF-8');
//every remaining unallowed characters will be removed
- $name = preg_replace('/[^a-zA-Z0-9_.@-]/', '', $name);
+ $name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name);
return $name;
}
@@ -637,10 +637,10 @@ class OC_LDAP {
self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0);
self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0);
- self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid'));
+ self::$ldapUserDisplayName = mb_strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid'), 'UTF-8');
self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person');
self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)');
- self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR));
+ self::$ldapGroupDisplayName = mb_strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR), 'UTF-8');
self::$ldapIgnoreNamingRules = OCP\Config::getSystemValue('ldapIgnoreNamingRules', false);
if(empty(self::$ldapBaseUsers)) {
diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php
index 85b3d88973..b51d9a55cc 100644
--- a/apps/user_ldap/user_ldap.php
+++ b/apps/user_ldap/user_ldap.php
@@ -84,7 +84,7 @@ class OC_USER_LDAP extends OC_User_Backend {
*/
public function checkPassword($uid, $password){
//find out dn of the user name
- $filter = str_replace('%uid', $uid, OC_LDAP::conf('ldapLoginFilter'));
+ $filter = OCP\Util::mb_str_replace('%uid', $uid, OC_LDAP::conf('ldapLoginFilter'), 'UTF-8');
$ldap_users = OC_LDAP::fetchListOfUsers($filter, 'dn');
if(count($ldap_users) < 1) {
return false;
--
GitLab