/*
* Convert user name to cn, avoiding duplicates and quoting as needed.
+ * See http://www.faqs.org/rfcs/rfc2253.html
*/
static char *
user_to_cn(const char *user)
for (src = user, dst = cn; *src != '\0'; src++) {
switch (*src) {
case ',':
- case '\\':
- case '#':
case '+':
+ case '"':
+ case '\\':
case '<':
case '>':
+ case '#':
case ';':
- *dst++ = '\\';
- *dst++ = *src;
+ *dst++ = '\\'; /* always escape */
+ break;
+ case ' ':
+ if (src == user || src[1] == '\0')
+ *dst++ = '\\'; /* only escape at beginning or end of string */
break;
default:
- *dst++ = *src;
break;
}
+ *dst++ = *src;
}
*dst = '\0';
sudoCommand: ALL
sudoOrder: 2
-dn: cn=foo",ou=SUDOers,dc=sudo,dc=ws
+dn: cn=foo\",ou=SUDOers,dc=sudo,dc=ws
objectClass: top
objectClass: sudoRole
-cn: foo"
+cn: foo\"
sudoUser: foo"
sudoHost: hostc
sudoRunAsUser: root
sudoCommand: ALL
sudoOrder: 4
-dn: cn=foo:bar",ou=SUDOers,dc=sudo,dc=ws
+dn: cn=foo:bar\",ou=SUDOers,dc=sudo,dc=ws
objectClass: top
objectClass: sudoRole
-cn: foo:bar"
+cn: foo:bar\"
sudoUser: foo:bar"
sudoHost: hoste
sudoRunAsUser: root
sudoCommand: ALL
sudoOrder: 9
-dn: cn=%:C/non"UNIX"0 c,ou=SUDOers,dc=sudo,dc=ws
+dn: cn=%:C/non\"UNIX\"0 c,ou=SUDOers,dc=sudo,dc=ws
objectClass: top
objectClass: sudoRole
-cn: %:C/non"UNIX"0 c
+cn: %:C/non\"UNIX\"0 c
sudoUser: %:C/non"UNIX"0 c
sudoHost: hoste
sudoRunAsUser: root
projects / sudo / commitdiff