projects
/
metaproxy-moved-to-github.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
a65b7be
)
zoom: escape user/pass/ip in Torus auth lookup
author
Adam Dickmeiss
<adam@indexdata.dk>
Thu, 16 Aug 2012 07:10:59 +0000
(09:10 +0200)
committer
Adam Dickmeiss
<adam@indexdata.dk>
Thu, 16 Aug 2012 07:10:59 +0000
(09:10 +0200)
src/filter_zoom.cpp
patch
|
blob
|
history
diff --git
a/src/filter_zoom.cpp
b/src/filter_zoom.cpp
index
22e1ca7
..
264fa5a
100644
(file)
--- a/
src/filter_zoom.cpp
+++ b/
src/filter_zoom.cpp
@@
-2430,6
+2430,20
@@
void yf::Zoom::Frontend::handle_package(mp::Package &package)
}
}
}
}
+std::string escape_cql_term(std::string inp)
+{
+ std::string res;
+ size_t l = inp.length();
+ size_t i;
+ for (i = 0; i < l; i++)
+ {
+ if (strchr("*?^\"", inp[i]))
+ res += "\\";
+ res += inp[i];
+ }
+ return res;
+}
+
void yf::Zoom::Frontend::auth(mp::Package &package, Z_InitRequest *req,
int *error, char **addinfo, ODR odr)
{
void yf::Zoom::Frontend::auth(mp::Package &package, Z_InitRequest *req,
int *error, char **addinfo, ODR odr)
{
@@
-2470,7
+2484,8
@@
void yf::Zoom::Frontend::auth(mp::Package &package, Z_InitRequest *req,
if (user.length() && password.length())
{
if (user.length() && password.length())
{
- torus_query = "userName==" + user + " and password==" + password;
+ torus_query = "userName==\"" + escape_cql_term(user) +
+ "\" and password==\"" + escape_cql_term(password) + "\"";
}
else
{
}
else
{
@@
-2480,7
+2495,7
@@
void yf::Zoom::Frontend::auth(mp::Package &package, Z_InitRequest *req,
ip_cstr = cp + 1;
torus_query = "ip encloses/net.ipaddress \"";
ip_cstr = cp + 1;
torus_query = "ip encloses/net.ipaddress \"";
- torus_query += ip_cstr;
+ torus_query += escape_cql_term(std::string(ip_cstr));
torus_query += "\"";
}
torus_query += "\"";
}