From 0a6f7b33c3b5e0552c041f3d529f577c0b392f40 Mon Sep 17 00:00:00 2001 From: Arthur Schiwon Date: Mon, 2 Jul 2012 20:31:07 +0200 Subject: [PATCH] LDAP: make it UTF-8 save --- apps/user_ldap/appinfo/update.php | 18 ++++++++++++++++++ apps/user_ldap/appinfo/version | 2 +- apps/user_ldap/group_ldap.php | 2 +- apps/user_ldap/lib_ldap.php | 30 +++++++++++++++--------------- apps/user_ldap/user_ldap.php | 2 +- 5 files changed, 36 insertions(+), 18 deletions(-) diff --git a/apps/user_ldap/appinfo/update.php b/apps/user_ldap/appinfo/update.php index dc437ce21c..badceb378d 100644 --- a/apps/user_ldap/appinfo/update.php +++ b/apps/user_ldap/appinfo/update.php @@ -31,3 +31,21 @@ if($state == 'doCheck'){ OCP\Config::setSystemValue('ldapIgnoreNamingRules', true); } } + + +//from version 0.2 to 0.2.1 +$objects = array('user', 'group'); + +foreach($objects as $object) { + $fetchDNSql = 'SELECT ldap_dn from *PREFIX*ldap_'.$object.'_mapping'; + $updateSql = 'UPDATE *PREFIX*ldap_'.$object.'_mapping SET ldap_DN = ? WHERE ldap_dn = ?'; + + $query = OCP\DB::prepare($fetchDNSql); + $res = $query->execute(); + $DNs = $res->fetchAll(); + $updateQuery = OCP\DB::prepare($updateSql); + foreach($DNs as $dn) { + $newDN = mb_strtolower($dn['ldap_dn'], 'UTF-8'); + $updateQuery->execute(array($newDN, $dn['ldap_dn'])); + } +} diff --git a/apps/user_ldap/appinfo/version b/apps/user_ldap/appinfo/version index 2f4536184b..5f021e960e 100644 --- a/apps/user_ldap/appinfo/version +++ b/apps/user_ldap/appinfo/version @@ -1 +1 @@ -0.2 \ No newline at end of file +0.2.0.5 \ No newline at end of file diff --git a/apps/user_ldap/group_ldap.php b/apps/user_ldap/group_ldap.php index a3117b5a41..d438c7d84d 100644 --- a/apps/user_ldap/group_ldap.php +++ b/apps/user_ldap/group_ldap.php @@ -158,7 +158,7 @@ class OC_GROUP_LDAP extends OC_Group_Backend { $isMemberUid = (strtolower($this->ldapGroupMemberAssocAttr) == 'memberuid'); foreach($members as $member) { if($isMemberUid) { - $filter = str_replace('%uid', $member, OC_LDAP::conf('ldapLoginFilter')); + $filter = OCP\Util::mb_str_replace('%uid', $member, OC_LDAP::conf('ldapLoginFilter'), 'UTF-8'); $ldap_users = OC_LDAP::fetchListOfUsers($filter, 'dn'); if(count($ldap_users) < 1) { continue; diff --git a/apps/user_ldap/lib_ldap.php b/apps/user_ldap/lib_ldap.php index 152977ff7f..08b09304d7 100644 --- a/apps/user_ldap/lib_ldap.php +++ b/apps/user_ldap/lib_ldap.php @@ -171,7 +171,7 @@ class OC_LDAP { * returns the internal ownCloud name for the given LDAP DN of the group */ static public function dn2groupname($dn, $ldapname = null) { - if(strripos($dn, self::$ldapBaseGroups) !== (strlen($dn)-strlen(self::$ldapBaseGroups))) { + if(mb_strripos($dn, self::$ldapBaseGroups, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen(self::$ldapBaseGroups, 'UTF-8'))) { return false; } return self::dn2ocname($dn, $ldapname, false); @@ -186,7 +186,7 @@ class OC_LDAP { * returns the internal ownCloud name for the given LDAP DN of the user, false on DN outside of search DN */ static public function dn2username($dn, $ldapname = null) { - if(strripos($dn, self::$ldapBaseUsers) !== (strlen($dn)-strlen(self::$ldapBaseUsers))) { + if(mb_strripos($dn, self::$ldapBaseUsers, 0, 'UTF-8') !== (mb_strlen($dn, 'UTF-8')-mb_strlen(self::$ldapBaseUsers, 'UTF-8'))) { return false; } return self::dn2ocname($dn, $ldapname, true); @@ -304,7 +304,7 @@ class OC_LDAP { */ static private function alternateOwnCloudName($name, $dn) { $ufn = ldap_dn2ufn($dn); - $name = $name . '@' . trim(substr_replace($ufn, '', 0, strpos($ufn, ','))); + $name = $name . '@' . trim(OCP\Util::mb_substr_replace($ufn, '', 0, mb_strpos($ufn, ',', 0, 'UTF-8'), 'UTF-8')); $name = self::sanitizeUsername($name); return $name; } @@ -419,8 +419,8 @@ class OC_LDAP { $rr = ldap_read($cr, $dn, 'objectClass=*', array($attr)); $er = ldap_first_entry($cr, $rr); //LDAP attributes are not case sensitive - $result = array_change_key_case(ldap_get_attributes($cr, $er)); - $attr = strtolower($attr); + $result = OCP\Util::mb_array_change_key_case(ldap_get_attributes($cr, $er), MB_CASE_LOWER, 'UTF-8'); + $attr = mb_strtolower($attr, 'UTF-8'); if(isset($result[$attr]) && $result[$attr]['count'] > 0){ $values = array(); @@ -469,7 +469,7 @@ class OC_LDAP { */ static private function search($filter, $base, $attr = null) { if(!is_null($attr) && !is_array($attr)) { - $attr = array(strtolower($attr)); + $attr = array(mb_strtolower($attr, 'UTF-8')); } // See if we have a resource @@ -500,11 +500,11 @@ class OC_LDAP { if(!is_array($item)) { continue; } - $item = array_change_key_case($item); + $item = OCP\Util::mb_array_change_key_case($item, MB_CASE_LOWER, 'UTF-8'); if($multiarray) { foreach($attr as $key) { - $key = strtolower($key); + $key = mb_strtolower($key, 'UTF-8'); if(isset($item[$key])) { if($key != 'dn'){ $selection[$i][$key] = self::resemblesDN($key) ? self::sanitizeDN($item[$key][0]) : $item[$key][0]; @@ -517,7 +517,7 @@ class OC_LDAP { $i++; } else { //tribute to case insensitivity - $key = strtolower($attr[0]); + $key = mb_strtolower($attr[0], 'UTF-8'); if(isset($item[$key])) { if(self::resemblesDN($key)) { @@ -546,10 +546,10 @@ class OC_LDAP { static private function sanitizeDN($dn) { //OID sometimes gives back DNs with whitespace after the comma a la "uid=foo, cn=bar, dn=..." We need to tackle this! - $dn = preg_replace('/([^\\\]),(\s+)/','\1,',$dn); + $dn = preg_replace('/([^\\\]),(\s+)/u','\1,',$dn); //make comparisons and everything work - $dn = strtolower($dn); + $dn = mb_strtolower($dn, 'UTF-8'); return $dn; } @@ -560,10 +560,10 @@ class OC_LDAP { } //REPLACEMENTS - $name = str_replace(' ', '_', $name); + $name = OCP\Util::mb_str_replace(' ', '_', $name, 'UTF-8'); //every remaining unallowed characters will be removed - $name = preg_replace('/[^a-zA-Z0-9_.@-]/', '', $name); + $name = preg_replace('/[^a-zA-Z0-9_.@-]/u', '', $name); return $name; } @@ -637,10 +637,10 @@ class OC_LDAP { self::$ldapBaseGroups = OCP\Config::getAppValue('user_ldap', 'ldap_base_groups', self::$ldapBase); self::$ldapTLS = OCP\Config::getAppValue('user_ldap', 'ldap_tls',0); self::$ldapNoCase = OCP\Config::getAppValue('user_ldap', 'ldap_nocase', 0); - self::$ldapUserDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid')); + self::$ldapUserDisplayName = mb_strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_display_name', 'uid'), 'UTF-8'); self::$ldapUserFilter = OCP\Config::getAppValue('user_ldap', 'ldap_userlist_filter','objectClass=person'); self::$ldapLoginFilter = OCP\Config::getAppValue('user_ldap', 'ldap_login_filter', '(uid=%uid)'); - self::$ldapGroupDisplayName = strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR)); + self::$ldapGroupDisplayName = mb_strtolower(OCP\Config::getAppValue('user_ldap', 'ldap_group_display_name', LDAP_GROUP_DISPLAY_NAME_ATTR), 'UTF-8'); self::$ldapIgnoreNamingRules = OCP\Config::getSystemValue('ldapIgnoreNamingRules', false); if(empty(self::$ldapBaseUsers)) { diff --git a/apps/user_ldap/user_ldap.php b/apps/user_ldap/user_ldap.php index 85b3d88973..b51d9a55cc 100644 --- a/apps/user_ldap/user_ldap.php +++ b/apps/user_ldap/user_ldap.php @@ -84,7 +84,7 @@ class OC_USER_LDAP extends OC_User_Backend { */ public function checkPassword($uid, $password){ //find out dn of the user name - $filter = str_replace('%uid', $uid, OC_LDAP::conf('ldapLoginFilter')); + $filter = OCP\Util::mb_str_replace('%uid', $uid, OC_LDAP::conf('ldapLoginFilter'), 'UTF-8'); $ldap_users = OC_LDAP::fetchListOfUsers($filter, 'dn'); if(count($ldap_users) < 1) { return false;