ldap/servers/plugins/replication/windows_protocol_util.c | 14 +++++++-------
1 file changed, 7 insertions(+), 7 deletions(-)
New commits:
commit 7a0548ba3df54de5883c3a16a1c1951af9327dfc
Author: Rich Megginson <rmeggins(a)redhat.com>
Date: Wed Jul 27 18:54:03 2011 -0600
Bug 725953 - Winsync: DS entries fail to sync to AD, if the User's CN entry
contains a comma
https://bugzilla.redhat.com/show_bug.cgi?id=725953
Resolves: bug 725953
Bug Description: Winsync: DS entries fail to sync to AD, if the User's CN entry
contains a comma
Reviewed by: nhosoi (Thanks!)
Branch: master
Fix Description: When we construct a new AD DN, usually from the value of the
"cn" attribute in the entry, we need to escape the , and any other special
characters in the value used in the DN. We do this by putting double
quotes around the value, and let slapi_create_dn_string remove the quotes
and use \ escapes instead.
Platforms tested: RHEL6 x86_64, Windows 2008 x86_64
Flag Day: no
Doc impact: no
diff --git a/ldap/servers/plugins/replication/windows_protocol_util.c
b/ldap/servers/plugins/replication/windows_protocol_util.c
index 54dd87b..51b26fd 100644
--- a/ldap/servers/plugins/replication/windows_protocol_util.c
+++ b/ldap/servers/plugins/replication/windows_protocol_util.c
@@ -1128,7 +1128,7 @@ process_replay_add(Private_Repl_Protocol *prp, Slapi_Entry
*add_entry, Slapi_Ent
container_str = extract_container(slapi_entry_get_sdn_const(local_entry),
windows_private_get_directory_subtree(prp->agmt));
- new_dn_string = PR_smprintf("cn=%s,%s%s", cn_string, container_str,
suffix);
+ new_dn_string = slapi_create_dn_string("cn=\"%s\",%s%s",
cn_string, container_str, suffix);
if (new_dn_string) {
/* If the tombstone exists, reanimate it. If the tombstone
@@ -3273,7 +3273,7 @@ extract_container(const Slapi_DN *entry_dn, const Slapi_DN
*suffix_dn)
slapi_rdn_get_first(rdn, &rdn_type, &rdn_str);
if (rdn_str)
{
- result = PR_sprintf_append(result, "%s=%s,", rdn_type,rdn_str );
+ result = PR_sprintf_append(result, "%s=\"%s\",", rdn_type,rdn_str
);
}
/* Don't free this until _after_ we've used the rdn_str */
slapi_rdn_free(&rdn);
@@ -3378,7 +3378,7 @@ map_entry_dn_outbound(Slapi_Entry *e, Slapi_DN **dn,
Private_Repl_Protocol *prp,
container_str = extract_container(slapi_entry_get_sdn_const(e),
windows_private_get_directory_subtree(prp->agmt));
- new_dn_string = PR_smprintf("cn=%s,%s%s", cn_string, container_str,
suffix);
+ new_dn_string = slapi_create_dn_string("cn=\"%s\",%s%s",
cn_string, container_str, suffix);
if (new_dn_string) {
slapi_sdn_free(&new_dn);
@@ -3447,9 +3447,9 @@ map_entry_dn_outbound(Slapi_Entry *e, Slapi_DN **dn,
Private_Repl_Protocol *prp,
container_str = extract_container(slapi_entry_get_sdn_const(e),
windows_private_get_directory_subtree(prp->agmt));
- rdnstr = is_nt4 ? "samaccountname=%s,%s%s" : "cn=%s,%s%s";
+ rdnstr = is_nt4 ? "samaccountname=\"%s\",%s%s" :
"cn=\"%s\",%s%s";
- new_dn_string = PR_smprintf(rdnstr,cn_string,container_str,suffix);
+ new_dn_string = slapi_create_dn_string(rdnstr,cn_string,container_str,suffix);
if (new_dn_string)
{
new_dn = slapi_sdn_new_dn_byval(new_dn_string);
@@ -3674,7 +3674,7 @@ map_entry_dn_inbound(Slapi_Entry *e, Slapi_DN **dn, const Repl_Agmt
*ra)
/* Local DNs for users and groups are different */
if (is_user)
{
- new_dn_string = PR_smprintf("uid=%s,%s%s",username,container_str,suffix);
+ new_dn_string =
slapi_create_dn_string("uid=\"%s\",%s%s",username,container_str,suffix);
winsync_plugin_call_get_new_ds_user_dn_cb(ra,
windows_private_get_raw_entry(ra),
e,
@@ -3683,7 +3683,7 @@ map_entry_dn_inbound(Slapi_Entry *e, Slapi_DN **dn, const Repl_Agmt
*ra)
windows_private_get_windows_subtree(ra));
} else
{
- new_dn_string = PR_smprintf("cn=%s,%s%s",username,container_str,suffix);
+ new_dn_string =
slapi_create_dn_string("cn=\"%s\",%s%s",username,container_str,suffix);
if (is_group) {
winsync_plugin_call_get_new_ds_group_dn_cb(ra,
windows_private_get_raw_entry(ra),