Ticket #17 (closed defect: fixed)
LDAP backend doesn't escape filters in all functions
|Reported by:||jan@…||Owned by:||somebody|
In the "inline bool LdapBackend::list_simple( const string& target, int domain_id )" function in "modules/ldapbackend/ldabpackend.cc" The target isn't escaped when passing it as filter. This causes the ldap backend to disconnect from the LDAP server whenever a request for a name with a * or a \ is done. When receiving many of these requests this results in a DoS because ldap backends are shut down faster than powerdns can start new ones.