I am currently dealing with an ldap server which contains dn's like this
cn=Mark Smith, ou="Faculty of Medicine, Nursing and Health Sciences", ou=Staff, o=University, c=au
So when the escaping occurs within the _clean_dn function, the dn is split on the character ',' which doesn't work because it's part of the ou section. So using the explode_dn function solves this by more accurately separating the sections of the dn.
comma is a valid character according to RFC 2253
diff --git a/Products/LDAPUserFolder/LDAPDelegate.py b/Products/LDAPUserFolder/LDAPDelegate.py
index 4ac469a..044b91b 100644
--- a/Products/LDAPUserFolder/LDAPDelegate.py
+++ b/Products/LDAPUserFolder/LDAPDelegate.py
@@ -621,7 +621,7 @@ class LDAPDelegate(Persistent):
def _clean_dn(self, dn):
""" Escape all characters that need escaping for a DN, see RFC 2253 """
- elems = [self._clean_rdn(x) for x in dn.split(',')]
+ elems = [self._clean_rdn(x) for x in self.explode_dn(dn)]
return ','.join(elems)
|
