base(): make more secure, allow '' as DN
Only accept DNs as arguments to base that are legal DNs.
Convert DN given into canonical form.
--- a/shelldap Sat Mar 05 19:15:48 2011 +0100
+++ b/shelldap Sat Mar 05 19:41:07 2011 +0100
@@ -368,6 +368,7 @@
use Term::Shell;
use Digest::MD5;
use Net::LDAP qw(LDAP_SUCCESS LDAP_SERVER_DOWN);
+use Net::LDAP::Util qw(canonical_dn);
use Net::LDAP::LDIF;
use Data::Dumper;
use File::Temp;
@@ -623,8 +624,9 @@
$conf->{'basedn'} = $namingContexts[0];
$self->{'base'} = $namingContexts[0];
}
- if ( $_[0] ) {
- $self->{'base'} = $_[0];
+ if ( @_ ) {
+ my $base = canonical_dn($_[0], casefold => 'none');
+ $self->{'base'} = $base if ($base);
}
return $self->{'base'};
}