diff --git a/modules/extra/m_ldap_authentication.cpp b/modules/extra/m_ldap_authentication.cpp index f89b2413d..f9143eb96 100644 --- a/modules/extra/m_ldap_authentication.cpp +++ b/modules/extra/m_ldap_authentication.cpp @@ -84,7 +84,9 @@ class IdentifyInterface : public LDAPInterface { if (ii->admin_bind) { - Anope::string sf = search_filter.replace_all_cs("%account", ii->req->GetAccount()).replace_all_cs("%object_class", object_class); + Anope::string sf = search_filter + .replace_all_cs("%account", ii->lprov->EscapeSF(ii->req->GetAccount())) + .replace_all_cs("%object_class", object_class); try { Log(LOG_DEBUG) << "m_ldap_authentication: searching for " << sf; @@ -296,7 +298,7 @@ class ModuleLDAPAuthentication : public Module attributes[3].name = this->password_attribute; attributes[3].values.push_back(pass); - Anope::string new_dn = username_attribute + "=" + na->nick + "," + basedn; + Anope::string new_dn = username_attribute + "=" + this->ldap->EscapeDN(na->nick) + "," + basedn; this->ldap->Add(&this->orinterface, new_dn, attributes); } diff --git a/modules/extra/m_ldap_oper.cpp b/modules/extra/m_ldap_oper.cpp index c1c5c6591..06978b0d6 100644 --- a/modules/extra/m_ldap_oper.cpp +++ b/modules/extra/m_ldap_oper.cpp @@ -115,8 +115,12 @@ class LDAPOper : public Module throw LDAPException("Could not search LDAP for opertype settings, invalid configuration."); if (!this->binddn.empty()) - this->ldap->Bind(NULL, this->binddn.replace_all_cs("%a", u->Account()->display), this->password.c_str()); - this->ldap->Search(new IdentifyInterface(this, u), this->basedn, this->filter.replace_all_cs("%a", u->Account()->display)); + { + Anope::string bdn = this->binddn.replace_all_cs("%a", this->ldap->EscapeDN(u->Account()->display)); + this->ldap->Bind(NULL, bdn, this->password.c_str()); + } + Anope::string af = this->filter.replace_all_cs("%a", this->ldap->EscapeSF(u->Account()->display)); + this->ldap->Search(new IdentifyInterface(this, u), this->basedn, af); } catch (const LDAPException &ex) {