Escape user-provided values in ldap_authentication and ldap_oper.

modules/extra/m_ldap_authentication.cpp

@@ -84,7 +84,9 @@ class IdentifyInterface : public LDAPInterface
 			{
 				if (ii->admin_bind)
 				{
-					Anope::string sf = search_filter.replace_all_cs("%account", ii->req->GetAccount()).replace_all_cs("%object_class", object_class);
+					Anope::string sf = search_filter
+						.replace_all_cs("%account", ii->lprov->EscapeSF(ii->req->GetAccount()))
+						.replace_all_cs("%object_class", object_class);
 					try
 					{
 						Log(LOG_DEBUG) << "m_ldap_authentication: searching for " << sf;
@@ -296,7 +298,7 @@ class ModuleLDAPAuthentication : public Module
 		attributes[3].name = this->password_attribute;
 		attributes[3].values.push_back(pass);
 
-		Anope::string new_dn = username_attribute + "=" + na->nick + "," + basedn;
+		Anope::string new_dn = username_attribute + "=" + this->ldap->EscapeDN(na->nick) + "," + basedn;
 		this->ldap->Add(&this->orinterface, new_dn, attributes);
 	}
 

modules/extra/m_ldap_oper.cpp

@@ -115,8 +115,12 @@ class LDAPOper : public Module
 				throw LDAPException("Could not search LDAP for opertype settings, invalid configuration.");
 
 			if (!this->binddn.empty())
-				this->ldap->Bind(NULL, this->binddn.replace_all_cs("%a", u->Account()->display), this->password.c_str());
+			{
-			this->ldap->Search(new IdentifyInterface(this, u), this->basedn, this->filter.replace_all_cs("%a", u->Account()->display));
+				Anope::string bdn = this->binddn.replace_all_cs("%a", this->ldap->EscapeDN(u->Account()->display));
+				this->ldap->Bind(NULL, bdn, this->password.c_str());
+			}
+			Anope::string af = this->filter.replace_all_cs("%a", this->ldap->EscapeSF(u->Account()->display));
+			this->ldap->Search(new IdentifyInterface(this, u), this->basedn, af);
 		}
 		catch (const LDAPException &ex)
 		{