From 2af74736514f8bc194239e40a6a04a862db305e0 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Fri, 3 Aug 2012 15:51:25 +0200
Subject: [PATCH] LDAP: sanitize base, user and group trees. fixes oc-1302

---
 apps/user_ldap/lib_ldap.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php
index ab838812ae..70b4664542 100644
--- a/apps/user_ldap/lib_ldap.php
+++ b/apps/user_ldap/lib_ldap.php
@@ -666,9 +666,9 @@ class OC_LDAP {
 			self::$ldapPort              = OCP\Config::getAppValue('user_ldap', 'ldap_port', 389);
 			self::$ldapAgentName         = OCP\Config::getAppValue('user_ldap', 'ldap_dn','');
 			self::$ldapAgentPassword     = base64_decode(OCP\Config::getAppValue('user_ldap', 'ldap_agent_password',''));
-			self::$ldapBase              = OCP\Config::getAppValue('user_ldap', 'ldap_base', '');
-			self::$ldapBaseUsers         = OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase);
-			self::$ldapBaseGroups        = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase);
+			self::$ldapBase              = self::sanitizeDN(OCP\Config::getAppValue('user_ldap', 'ldap_base', ''));
+			self::$ldapBaseUsers         = self::sanitizeDN(OCP\Config::getAppValue('user_ldap', 'ldap_base_users',self::$ldapBase));
+			self::$ldapBaseGroups        = self::sanitizeDN(OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase));
 			self::$ldapTLS               = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0);
 			self::$ldapNoCase            = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0);
 			self::$ldapUserDisplayName   = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid'));
-- 
GitLab