Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[Ldap] Incorrect determination of RelativeDistinguishedName for the "move" operation#39518
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
carsonbot commentedDec 15, 2020
Hey! I see that this is your first PR. That is great! Welcome! Symfony has acontribution guide which I suggest you to read. In short:
Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change. When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor! I am going to sit back now and wait for the reviews. Cheers! Carsonbot |
OskarStark left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
First of all, thanks for your contribution 👍 Well done for your first time here 🎉
As this is a bugfix it should target the lowest maintained branch which contains this bug, so4.4?
src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/EntryManagerTest.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/EntryManagerTest.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/EntryManagerTest.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/EntryManagerTest.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/EntryManagerTest.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
src/Symfony/Component/Ldap/Tests/Adapter/ExtLdap/EntryManagerTest.php OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
| { | ||
| return [ | ||
| ['CN=Simple,DC=example,DC=net','CN=Simple'], | ||
| ['CN=James \"Jim\" Smith\, III,DC=example,DC=net','CN=James \"Jim\" Smith\, III'], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Sorry if it's a dumb question: should the expected value be'CN=James "Jim" Smith, III'?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Certain characters in the canonical name must be escaped for them to work with LDAP server.
So to continue working with the LDAP server we need the backslash in front of the quotes. => CN=James \"Jim\" Smith\, III
| privatefunctionparseRdnFromEntry(Entry$entry):string | ||
| { | ||
| if (!preg_match('/^([^,]+),/',$entry->getDn(),$matches)) { | ||
| if (!preg_match('/(^[^,\\\\]*(?:\\\\.[^,\\\\]*)*),/',$entry->getDn(),$matches)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
the regexp won't work when several\ are used, eg with\\\\ or\\\\\,,isn't it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
The number of\ shouldn't matter. Compared to the old code, basically the same is done, except that now the comma is not matched if it is escaped with a\.
It's a bit tricky with the "not matching regex groups" (starting with ?: ). It is quite hard to read and understand.
jderusse commentedDec 17, 2020
Thank you@astepin. |
Uh oh!
There was an error while loading.Please reload this page.
If the specified "DistinguishedName" contains a comma in the first value, the first "RelativeDistinguishedName" was determined incorrectly.
The regular expression now matches up to the first comma which was not escaped with backslash.
Testing private methods is a bit messy here. However, I thought it was better than testing this against an LDAP server.
Source:https://tools.ietf.org/html/rfc4514#section-3