From 42f235123e2069be53a1ec134dfdda2d678c8f9b Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@owncloud.com>
Date: Sat, 17 Nov 2012 00:03:35 +0100
Subject: [PATCH] LDAP: Make update script escape all known DNs. Requires
 version bump.

---
 apps/user_ldap/appinfo/update.php | 37 ++++++++++++++++++++++++++-----
 apps/user_ldap/appinfo/version    |  2 +-
 2 files changed, 33 insertions(+), 6 deletions(-)

diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php
index e6e25cec73..9b54ba18b6 100644
--- a/apps/user_ldap/appinfo/update.php
+++ b/apps/user_ldap/appinfo/update.php
@@ -34,22 +34,49 @@ $groupBE = new \OCA\user_ldap\GROUP_LDAP();
 $groupBE->setConnector($connector);
 
 foreach($objects as $object) {
-	$fetchDNSql = 'SELECT `ldap_dn`, `owncloud_name` FROM `*PREFIX*ldap_'.$object.'_mapping` WHERE `directory_uuid` = \'\'';
-	$updateSql = 'UPDATE `*PREFIX*ldap_'.$object.'_mapping` SET `ldap_DN` = ?, `directory_uuid` = ? WHERE `ldap_dn` = ?';
+	$fetchDNSql = '
+		SELECT `ldap_dn`, `owncloud_name`, `directory_uuid`
+		FROM `*PREFIX*ldap_'.$object.'_mapping`';
+	$updateSql = '
+		UPDATE `*PREFIX*ldap_'.$object.'_mapping`
+		SET `ldap_DN` = ?, `directory_uuid` = ?
+		WHERE `ldap_dn` = ?';
 
 	$query = OCP\DB::prepare($fetchDNSql);
 	$res = $query->execute();
 	$DNs = $res->fetchAll();
 	$updateQuery = OCP\DB::prepare($updateSql);
 	foreach($DNs as $dn) {
-		$newDN = mb_strtolower($dn['ldap_dn'], 'UTF-8');
-		if($object == 'user') {
+		$newDN = escapeDN(mb_strtolower($dn['ldap_dn'], 'UTF-8'));
+		if(!empty($dn['directory_uuid'])) {
+			$uuid = $dn['directory_uuid'];
+		} elseif($object == 'user') {
 			$uuid = $userBE->getUUID($newDN);
 			//fix home folder to avoid new ones depending on the configuration
 			$userBE->getHome($dn['owncloud_name']);
 		} else {
 			$uuid = $groupBE->getUUID($newDN);
 		}
-		$updateQuery->execute(array($newDN, $uuid, $dn['ldap_dn']));
+		try {
+			$updateQuery->execute(array($newDN, $uuid, $dn['ldap_dn']));
+		} catch(Exception $e) {
+		    \OCP\Util::writeLog('user_ldap', 'Could not update '.$object.' '.$dn['ldap_dn'].' in the mappings table. ', \OCP\Util::WARN);
+		}
+
 	}
 }
+
+function escapeDN($dn) {
+	$aDN = ldap_explode_dn($dn, false);
+	unset($aDN['count']);
+	foreach($aDN as $key => $part) {
+		$value = substr($part, strpos($part, '=')+1);
+		$escapedValue = strtr($value, Array(','=>'\2c', '='=>'\3d', '+'=>'\2b',
+			'<'=>'\3c', '>'=>'\3e', ';'=>'\3b', '\\'=>'\5c',
+			'"'=>'\22', '#'=>'\23'));
+		$part = str_replace($part, $value, $escapedValue);
+	}
+	$dn = implode(',', $aDN);
+
+	return $dn;
+}
diff --git a/apps/user_ldap/appinfo/version b/apps/user_ldap/appinfo/version
index 73082a89b3..b1a5f4781d 100644
--- a/apps/user_ldap/appinfo/version
+++ b/apps/user_ldap/appinfo/version
@@ -1 +1 @@
-0.3.0.0
\ No newline at end of file
+0.3.0.1
\ No newline at end of file