mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 22:35:10 +00:00
Code Issues Releases Wiki Activity

Fix the pass2 ldap query string when no search filter is defined.

Browse Source 
Due to the addition of "(sudoUser=*)" to the query we always need
the AND operator, even if no search filter is present.
This commit is contained in:
Todd C. Miller
2017-08-31 11:05:48 -06:00
parent c3d098254d
commit 5cdee2c2c0
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/sudoers/ldap.c
View File

@@ -1847,12 +1847,10 @@ sudo_ldap_build_pass2(void)
ldap_conf.timed ? timebuffer : "",
(ldap_conf.timed || ldap_conf.search_filter) ? ")" : "");
} else {
len = asprintf(&filt, "%s%s(sudoUser=*)(sudoUser=%s*)%s%s",
(ldap_conf.timed || ldap_conf.search_filter) ? "(&" : "",
len = asprintf(&filt, "(&%s(sudoUser=*)(sudoUser=%s*)%s)",
ldap_conf.search_filter ? ldap_conf.search_filter : "",
query_netgroups ? "+" : "%:",
ldap_conf.timed ? timebuffer : "",
(ldap_conf.timed || ldap_conf.search_filter) ? ")" : "");
ldap_conf.timed ? timebuffer : "");
}
if (len == -1)
sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));