From 01266b5608b47ba3e5291f24d23c875137a780b5 Mon Sep 17 00:00:00 2001
From: aland <aland>
Date: Sun, 8 Apr 2007 07:14:57 +0000
Subject: [PATCH] 	Add more LDAP escaping rules from RFC 2253

---
 src/modules/rlm_ldap/rlm_ldap.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/modules/rlm_ldap/rlm_ldap.c b/src/modules/rlm_ldap/rlm_ldap.c
index 538cf6f..a01b0da 100644
--- a/src/modules/rlm_ldap/rlm_ldap.c
+++ b/src/modules/rlm_ldap/rlm_ldap.c
@@ -830,7 +830,9 @@ static int ldap_escape_func(char *out, int outlen, const char *in)
 		/*
 		 *	Encode unsafe characters.
 		 */
-		if (strchr("*=\\,()", *in)) {
+		if (((len == 0) &&
+		    ((in[0] == ' ') || (in[0] == '#'))) ||
+		    (strchr(",+\"\\<>;*=()", *in))) {
 			static const char hex[] = "0123456789abcdef";
 
 			/*
-- 
2.1.4