Omitting %s from LDAP search filter results in corrupt search filter #9072
Labels
bug
A problem with current functionality, as opposed to missing functionality (enhancement)
Milestone
Comments
Salvoxia
added
bug
|
While I can agree this could behave better, |
|
My scenario is as follows: The obvious workaround is to use a filter like |
Correction: It seems that multiple uses of |
calmh
added a commit
to calmh/syncthing
that referenced
this issue
Oct 6, 2023
…9072) Also add some escaping for good measure.
calmh
added a commit
that referenced
this issue
Oct 14, 2023
* main: lib/fs: Properly handle Windows deduplicated files (fixes #9120) (#9168) cmd/ursrv: Replace "2006-01-02" with time.DateOnly (#9157) lib/api: Check basic auth (and set session cookie) before noauth exceptions (#9159) gui, man, authors: Update docs, translations, and contributors lib/api: Better handle %s templates in LDAP strings (fixes #9072) (#9155) docker: Allow start even if chown fails (fixes #9133) (#9152) lib/model: Verify versioning on configuration reload (fixes #9106) (#9154) cmd/stdiscosrv: Handle unescaped cert header from Traefik (fixes #9143) (#9153) Add oxford comma (#9137) Add HTML login form (fixes #4137) (#8757) gui: Fix favicon status (fixes #9149) (#9150) cmd/stdiscosrv: Slightly tweak replication settings build: Update deps build: Run release steps for workflow_dispatch as well cmd/ursrv: Add linuxserver.io detection (#9145) lib/config: Improve parsing of gui-address overrides (#9144) gui, man, authors: Update docs, translations, and contributors
maxi0604
added a commit
to maxi0604/syncthing
that referenced
this issue
Oct 15, 2023
commit a405c21 Author: Jakob Borg <jakob@kastelo.net> Date: Sat Oct 14 12:29:53 2023 +0200 cmd/stdiscosrv: Only attempt unescaping when there are %-encodings in the header (fixes syncthing#9143) commit dc6a10d Author: Jakob Borg <jakob@kastelo.net> Date: Wed Sep 20 08:52:33 2023 +0200 cmd/stcrashreceiver: Aggregate slice out of bounds errors commit d4c2acf Author: Jakob Borg <jakob@kastelo.net> Date: Wed Sep 20 08:39:01 2023 +0200 cmd/stcrashreceiver: Propagate synthetic user ID for crashes commit 483ecad Author: Jakob Borg <jakob@kastelo.net> Date: Sat Oct 14 12:18:27 2023 +0200 build: Update dependencies commit 9553365 Author: Eric P <eric@kastelo.net> Date: Wed Oct 11 14:40:55 2023 +0200 lib/fs: Properly handle Windows deduplicated files (fixes syncthing#9120) (syncthing#9168) ### Purpose Deduplicated files are apparently considered 'irregular' under the hood, this causes them to simply be ignored by Syncthing. This change is more of a workaround than a proper fix, as the fix should probably happen in the underlying libraries? - which may take some time. In the meanwhile, this change should make deduplicated files be treated as regular files and be indexed and synced as they should. ### Testing Create some volume where deduplication is turned on (see the relevant issue for details, including a proper description of how to reproduce it). Prior to this change, the deduplicated files were simply ignored (even by the indexer). After this change, the deduplicated files are being index and synced properly. commit 5eb2058 Author: orangekame3 <miya.org.0309@gmail.com> Date: Wed Oct 11 19:32:19 2023 +0900 cmd/ursrv: Replace "2006-01-02" with time.DateOnly (syncthing#9157) This commit replaces "2006-01-02" to time.DateOnly. time.DateOnly is introduced since Go1.20 commit ea1ea36 Author: Emil Lundberg <emil@emlun.se> Date: Tue Oct 10 07:48:35 2023 +0200 lib/api: Check basic auth (and set session cookie) before noauth exceptions (syncthing#9159) This is motivated by the Android app: syncthing/syncthing-android#1982 (comment) The planned fix in response to basic auth behaviour changing in syncthing#8757 was to add the `Authorization` header when opening the WebView, but it turns out the function used only applies the header to the initial page load, not any subsequent script loads or AJAX calls. The `basicAuthAndSessionMiddleware` checks for no-auth exceptions before checking the `Authorization` header, so the header has no effect on the initial page load since the `/` path is a no-auth exception. Thus the Android app fails to log in when opening the WebView. This changes the order of checks in `basicAuthAndSessionMiddleware` so that the `Authorization` header is always checked if present, and a session cookie is set if it is valid. Only after that does the middleware fall back to checking for no-auth exceptions. `api_test.go` has been expanded with additional checks: - Check that a session cookie is set whenever correct basic auth is provided. - Check that a session cookie is not set when basic auth is incorrect. - Check that a session cookie is not set when authenticating with an API token (either via `X-Api-Key` or `Authorization: Bearer`). And an additional test case: - Check that requests to `/` always succeed, but receive a session cookie when correct basic auth is provided. I have manually verified that - The new assertions fail if the `createSession` call is removed in `basicAuthAndSessionMiddleware`. - The new test cases in e6e4df4 fail before the change in 0e47d37 is applied. commit 6e4574a Author: Syncthing Release Automation <release@syncthing.net> Date: Mon Oct 9 03:45:35 2023 +0000 gui, man, authors: Update docs, translations, and contributors commit 3d0da5a Author: Jakob Borg <jakob@kastelo.net> Date: Sat Oct 7 04:29:53 2023 +0200 lib/api: Better handle %s templates in LDAP strings (fixes syncthing#9072) (syncthing#9155) Also add some escaping for good measure. commit 9f8e696 Author: Jakob Borg <jakob@kastelo.net> Date: Sat Oct 7 04:12:07 2023 +0200 docker: Allow start even if chown fails (fixes syncthing#9133) (syncthing#9152) commit a64ae36 Author: Jakob Borg <jakob@kastelo.net> Date: Sat Oct 7 04:09:51 2023 +0200 lib/model: Verify versioning on configuration reload (fixes syncthing#9106) (syncthing#9154) commit 690b553 Author: Jakob Borg <jakob@kastelo.net> Date: Sat Oct 7 04:09:07 2023 +0200 cmd/stdiscosrv: Handle unescaped cert header from Traefik (fixes syncthing#9143) (syncthing#9153) commit 2f6187d Author: DeflateAwning <11021263+DeflateAwning@users.noreply.github.com> Date: Fri Oct 6 09:25:28 2023 -0600 Add oxford comma (syncthing#9137) Co-authored-by: André Colomb <src@andre.colomb.de> commit 8294870 Author: Emil Lundberg <emil@emlun.se> Date: Fri Oct 6 13:00:58 2023 +0200 Add HTML login form (fixes syncthing#4137) (syncthing#8757) commit ac2e444 Author: bt90 <btom1990@googlemail.com> Date: Fri Oct 6 12:27:13 2023 +0200 gui: Fix favicon status (fixes syncthing#9149) (syncthing#9150) commit 4f6b86a Author: Jakob Borg <jakob@kastelo.net> Date: Wed Oct 4 11:36:49 2023 +0200 cmd/stdiscosrv: Slightly tweak replication settings commit 516c057 Author: Jakob Borg <jakob@kastelo.net> Date: Tue Oct 3 10:00:16 2023 +0200 build: Update deps commit d644dce Author: Jakob Borg <jakob@kastelo.net> Date: Tue Oct 3 09:33:52 2023 +0200 build: Run release steps for workflow_dispatch as well commit 7c57988 Author: bt90 <btom1990@googlemail.com> Date: Mon Oct 2 12:48:04 2023 +0200 cmd/ursrv: Add linuxserver.io detection (syncthing#9145) Detect linuxserver commit 296db31 Author: Jakob Borg <jakob@kastelo.net> Date: Mon Oct 2 08:40:03 2023 +0200 lib/config: Improve parsing of gui-address overrides (syncthing#9144) improve parsing of gui-address overrides make checks for whether the gui-address is overridden consistent by checking whether the environment variable is set and not an empty string. the `Network()` function however checked for the inclusion of a slash instead of the presence of any characters. If the config file's gui address was set to a unix socket and the gui override to a tcp address, then the function would have wrongly returned "unix". the `URL()` function always returned the config file's gui address if a unix socket was configured, even if an override was specified. the `URL()` function wrongly formatted unix addresses. the http(s) protocol was used as the sheme and the path was percent escaped. because of the previous bug, this could only be triggered if the config file's gui address was tcp and an unix socket override was given. simplify the `useTLS()` function's codepath for overrides. Co-authored-by: digital <didev@dinid.net> commit a8486b0 Author: Syncthing Release Automation <release@syncthing.net> Date: Mon Oct 2 03:45:41 2023 +0000 gui, man, authors: Update docs, translations, and contributors commit f8a7a03 Author: bt90 <btom1990@googlemail.com> Date: Fri Sep 29 17:42:44 2023 +0200 cmd/ursrv: Fix f-droid detection (syncthing#9142) Fix f-droid detection commit ceae56a Author: bt90 <btom1990@googlemail.com> Date: Fri Sep 29 16:34:28 2023 +0200 cmd/ursrv: Support new android build user (syncthing#9141) Support new android build user commit dcafd6e Author: DeflateAwning <11021263+DeflateAwning@users.noreply.github.com> Date: Thu Sep 28 03:55:48 2023 -0600 readme: Style fixes, add security note (syncthing#9136) commit 8619a03 Author: Jakob Borg <jakob@kastelo.net> Date: Mon Sep 25 21:50:17 2023 +0200 build: Update Actions commit b91d771 Author: Jakob Borg <jakob@kastelo.net> Date: Mon Sep 25 21:45:57 2023 +0200 Update dependencies (syncthing#9129) And some QUIC API changes, of course. commit 9940c91 Author: d-volution <49024624+d-volution@users.noreply.github.com> Date: Mon Sep 25 21:42:27 2023 +0200 gui: Scroll to bottom by clicking message in log viewer (syncthing#9128) commit 80a577b Author: tomasz1986 <twilczynski@naver.com> Date: Mon Sep 25 21:34:19 2023 +0200 gui: Show if device is untrusted in the main GUI (syncthing#9116) Add a new entry to the unfolded device info to inform the user that the device has been marked as "untrusted" and all folders shared with it have to be password-protected or already Receive Encrypted. Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit d672175 Author: tomasz1986 <twilczynski@naver.com> Date: Mon Sep 25 21:33:16 2023 +0200 gui: Show if device has Auto Accept enabled in the main GUI (syncthing#9118) Add a new entry to the unfolded device info to inform the user that the device has Auto Accept enabled. Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit a44b31d Author: tomasz1986 <twilczynski@naver.com> Date: Mon Sep 25 21:17:57 2023 +0200 gui: Fix body padding infinitely increasing due to overlapping modals (ref syncthing#9063) (syncthing#9078) Opening and hiding multiple modals at the same time as well as opening a modal before fully hiding the previous one can lead to the body padding infinitely increasing by the scrollbar width each time, with the only way to fix it being refreshing the GUI. Therefore, always try to ensure to open and hide multiple modals one by one, and also that the previous modal has fully been hidden before proceeding to open the next one. The most common case when this problem happens is when saving config changes which displays a GUI blocking modal that overlaps, e.g. with folder or device modals that have not been hidden yet. Ref: twbs/bootstrap#3902 (comment) Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit 70065e6 Author: Martin Polehla <p0l0us@users.noreply.github.com> Date: Mon Sep 25 16:17:01 2023 +0200 gitignore: All exe files, no editor configs (syncthing#9126) commit adbb3ed Author: Syncthing Release Automation <release@syncthing.net> Date: Mon Sep 25 03:45:38 2023 +0000 gui, man, authors: Update docs, translations, and contributors commit 6ed9c0c Author: Jakob Borg <jakob@kastelo.net> Date: Sun Sep 24 19:23:49 2023 +0200 lib/config: Accept pre-hashed password (fixes syncthing#9123) (syncthing#9124) commit 19bbf4f Author: tomasz1986 <twilczynski@naver.com> Date: Fri Sep 22 07:39:16 2023 +0200 gui: Add missing $scope in editDeviceUntrustedChanged function (syncthing#9117) Because $scope is missing, there are JavaScript errors when ticking and unticking the "Untrusted" checkbox in the Advanced tab of the Edit Device modal. Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit cf46bf0 Author: bt90 <btom1990@googlemail.com> Date: Wed Sep 20 11:23:48 2023 +0200 lib/connections: Fix transport type detection for QUIC (fixes syncthing#8274) (syncthing#9114) Check remote address commit 051cbdc Author: Jakob Borg <jakob@kastelo.net> Date: Wed Sep 20 09:04:47 2023 +0200 lib/fs, lib/model: Be careful about potentially negative durations (fixes syncthing#9112) (syncthing#9113) I don't really understand under what circumstances, but sometimes these calls panic with a "panic: counter cannot decrease in value" because the value passed to Add() was negative. commit 58d1f3a Author: Syncthing Release Automation <release@syncthing.net> Date: Mon Sep 18 03:45:31 2023 +0000 gui, man, authors: Update docs, translations, and contributors commit c9dfd75 Author: tomasz1986 <twilczynski@naver.com> Date: Tue Sep 12 15:02:37 2023 +0200 gui: Block GUI when saving changes only if necessary (ref syncthing#9063) (syncthing#9079) Currently, the UI is always blocked from modifications when changes are being saved, even if the save process takes very little time. This leads to a situation where showing and closing the blocking modal can take more time than is actually required to perform the whole operation. The modal opening and closing very quickly can also cause the screen to flash for a brief moment, leading to visual discomfort. Because of this, wait for at least 200 ms and only show the blocking modal if the changes have not been saved until then yet. The value of 200 ms is loosely based on [1] which states that 'a delay of 0.2–1.0 seconds does mean that users notice the delay and thus feel the computer is "working" on the command, as opposed to having the command be a direct effect of the users' actions.' Additionally, the delay must not be too long, because the main purpose of the blocking modal is to prevent the user from making further changes, and a longer delay would possibly allow to do so in that brief amount of time as long as the user is quick enough with their input. [1] https://nngroup.com/articles/response-times-3-important-limits Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit f47de83 Author: Jakob Borg <jakob@kastelo.net> Date: Tue Sep 12 14:48:15 2023 +0200 lib/protocol: Ensure starting & closing a connection are exclusive (fixes syncthing#9102) (syncthing#9103) In principle a connection can close while it's in progress with starting, and then it's undefined if we wait for goroutines to exit etc. With this change, we will wait for start to complete before starting to stop everything. commit caedb19 Author: tomasz1986 <twilczynski@naver.com> Date: Tue Sep 12 14:47:31 2023 +0200 gui: Remove unused hard-coded styles from Recent Changes modal (syncthing#9101) gui: Remove unused hard-coded styles from globalChangesModalView modal Currently, the globalChangesModalView modal has hardcoded th and td styles. However, they are not even used in the modal itself, because Bootstrap overrides them with its own styles for these elements in the same modal. Yet, when hard-coded like that, these styles can conflict with other table elements in the GUI. Thus, remove them completely. Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit e860d3b Author: bt90 <btom1990@googlemail.com> Date: Tue Sep 12 14:34:30 2023 +0200 lib/connections: Make assumptions about isLAN when interface address listing fails (syncthing#9093) commit ed66fba Author: bt90 <btom1990@googlemail.com> Date: Tue Sep 12 14:28:17 2023 +0200 lib/beacon, lib/discover: Send IPv4 limited broadcast when address listing fails (fixes syncthing#1628) (syncthing#9087) commit 415f320 Author: Jakob Borg <jakob@kastelo.net> Date: Tue Sep 12 14:08:59 2023 +0200 build: Update dependencies commit 4812600 Author: Jakob Borg <jakob@kastelo.net> Date: Mon Sep 11 23:10:18 2023 +0200 lib/versioner: Don't complain when folder is stopping (syncthing#9097) commit 5ff11ce Author: Jakob Borg <jakob@kastelo.net> Date: Mon Sep 11 14:59:48 2023 +0200 gui: Add help link for numConnections (syncthing#9082) commit 5415727 Author: tomasz1986 <twilczynski@naver.com> Date: Mon Sep 11 05:50:23 2023 +0200 gui: Add missing translation related to Number of Connections (ref syncthing#8918) (syncthing#9095) Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit e38679d Author: Syncthing Release Automation <release@syncthing.net> Date: Mon Sep 11 03:45:45 2023 +0000 gui, man, authors: Update docs, translations, and contributors commit f25a169 Author: Jakob Borg <jakob@kastelo.net> Date: Wed Sep 6 21:10:58 2023 +0200 build: Go 1.21.1 or higher commit 06ac10e Author: bt90 <btom1990@googlemail.com> Date: Wed Sep 6 14:36:00 2023 +0200 cmd/stdiscosrv: Deduplicate addresses (fixes syncthing#8482) (syncthing#9080) commit 7c0223b Author: Jakob Borg <jakob@kastelo.net> Date: Wed Sep 6 13:11:20 2023 +0200 lib/build: Next version is the Gold Grasshopper commit c6334e6 Author: Jakob Borg <jakob@kastelo.net> Date: Wed Sep 6 12:52:01 2023 +0200 all: Support multiple device connections (fixes syncthing#141) (syncthing#8918) This adds the ability to have multiple concurrent connections to a single device. This is primarily useful when the network has multiple physical links for aggregated bandwidth. A single connection will never see a higher rate than a single link can give, but multiple connections are load-balanced over multiple links. It is also incidentally useful for older multi-core CPUs, where bandwidth could be limited by the TLS performance of a single CPU core -- using multiple connections achieves concurrency in the required crypto calculations... Co-authored-by: Simon Frei <freisim93@gmail.com> Co-authored-by: tomasz1986 <twilczynski@naver.com> Co-authored-by: bt90 <btom1990@googlemail.com> commit 38bbdeb Author: Jakob Borg <jakob@kastelo.net> Date: Tue Sep 5 09:52:19 2023 +0200 build: Use actions/checkout@v4 commit e80d048 Author: Jakob Borg <jakob@kastelo.net> Date: Tue Sep 5 09:47:51 2023 +0200 build: Minor dependency update commit 4138e22 Author: Syncthing Release Automation <release@syncthing.net> Date: Mon Sep 4 03:45:39 2023 +0000 gui, man, authors: Update docs, translations, and contributors commit c42c0e7 Author: Maximilian <maxi.rostock@outlook.de> Date: Sun Sep 3 17:03:27 2023 +0200 lib/connections: Fix WANAddresses returning only unspecified IPs (ref syncthing#9010) (syncthing#9073) Avoids taking the address of the same variable twice. commit 5118538 Author: Jakob Borg <jakob@kastelo.net> Date: Sat Sep 2 16:42:46 2023 +0200 lib/model: Refactor folderRunners to use a serviceMap (syncthing#9071) Instead of separately tracking the token. Also changes serviceMap to have a channel version of RemoveAndWait, so that it's possible to do the removal under a lock but wait outside of the lock. And changed where we do that in connection close, reversing the change that happened when I added the serviceMap in 40b3b9a. commit 4d93648 Author: tomasz1986 <twilczynski@naver.com> Date: Sat Sep 2 12:19:18 2023 +0200 gui: Don't hide default values for folders and devices (syncthing#8987) Currently, some of the information for folders and devices displayed in the GUI relies on arbitrary values that come pre-set as defaults on a fresh Syncthing installation, i.e. if the value matches the default, it is hidden, and if does not, then it is displayed. With this change, the GUI always displays all information regardless of their value, making the overall experience more consistent and predictable. Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit 29f100c Author: tomasz1986 <twilczynski@naver.com> Date: Fri Sep 1 11:15:20 2023 +0200 gui: Fix File Versioning icon to match in all places (syncthing#9070) Currently, different icons are used for File Versioning when displayed in the unfolded folder info in the main part of the GUI, and the icon used in the Edit Folder modal. This changes the main GUI icon to match the icon used in the modal. Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit cd98a43 Author: tomasz1986 <twilczynski@naver.com> Date: Fri Sep 1 11:14:28 2023 +0200 gui: Fix Logs modal icon to match header icon (ref syncthing#9067) (syncthing#9069) The Logs icon was changed in [1] in the header, however the icon used in the modal was left out. This changes it, so that the header and the modal icons match. [1] 2abba1d Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit 4bf9823 Author: Jakob Borg <jakob@kastelo.net> Date: Fri Sep 1 08:35:30 2023 +0200 build: Be more subtle about cross compilation errors Summarize platforms that fail to build, without overloading the build log with errors that we anyway ignore. (Currently freebsd/riscv64 fails to build.) commit 29056d5 Author: Jakob Borg <jakob@kastelo.net> Date: Fri Sep 1 08:39:15 2023 +0200 build: Update dependencies (syncthing#9068) commit 2abba1d Author: tomasz1986 <twilczynski@naver.com> Date: Fri Sep 1 08:18:30 2023 +0200 gui: Remove footer and move links to header (fixes syncthing#5607) (syncthing#9067) * gui: Remove footer and move links to header (fixes syncthing#5607) Currently, the footer is always present and takes space at the bottom of the GUI. However, the links listed there are not part of everyday user interaction, and as such, they unnecessarily clutter the page, reducing the usable screen space. Thus, transform the current Help link in the header into a Help dropdown menu, and move the links from the footer into it. Also apply the following tweaks: 1. Move the About dialog from Actions to Help. 2. Add an Introduction (to the GUI) link to Help. 3. Change the Support icon from a question mark to a group of people. 4. Change the Changelog and About icons to a filled version to match the other icons better. 5. Use a source code icon for Source Code instead of a wrench icon, and move the wrench icon to Logs. This is done to prevent Changelog and Logs from using the same icon. 6. Update all dropdown icons' Fork Awesome styles to "fa fa-fw <icon>". Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> * a few more Fork Awesome style updates --------- Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit 325b3b1 Author: tomasz1986 <twilczynski@naver.com> Date: Fri Sep 1 07:22:04 2023 +0200 gui: Fix lastSeenDays error due to undefined deviceStats when adding new devices (ref syncthing#8730) (syncthing#9066) commit 03590e5 Author: tomasz1986 <twilczynski@naver.com> Date: Thu Aug 31 22:16:59 2023 +0200 gui: Automatically select device ID on click (ref syncthing#8544) (syncthing#9065) The CSS method to select device IDs on click was added in [1]. However, it was later mistakenly overwritten by [2]. This commit fixes the regression and also applies the same behaviour to the Edit Device modal which was omitted in the original commit. [1] 5baf5fe [2] 5e384c9 Signed-off-by: Tomasz Wilczyński <twilczynski@naver.com> commit 95b3c26 Author: tomasz1986 <twilczynski@naver.com> Date: Thu Aug 31 17:11:03 2023 +0200 gui: Prevent modifications when saving changes (fixes syncthing#9019) (syncthing#9063) commit 3e5f0b1 Author: tomasz1986 <twilczynski@naver.com> Date: Thu Aug 31 07:22:24 2023 +0200 gui: Show in GUI if limitBandwidthInLan is enabled (syncthing#9062) commit 3130af3 Author: Jakob Borg <jakob@kastelo.net> Date: Wed Aug 30 21:58:34 2023 +0200 lib/upgrade: Enable HTTP/2 for upgrade checks (syncthing#9060) commit abd89f1 Author: Jakob Borg <jakob@kastelo.net> Date: Wed Aug 30 21:58:05 2023 +0200 lib/discover: Enable HTTP/2 for global discovery requests (syncthing#9059) By creating the http.Transport and tls.Configuration ourselves we override some default behavior and end up with a client that speaks only HTTP/1.1. This adds a call to http.ConfigureTransport to do the relevant magic to enable HTTP/2. Also tweaks the keepalive settings to be a little kinder to the server(s). commit a80e6be Author: Jakob Borg <jakob@kastelo.net> Date: Wed Aug 30 09:36:27 2023 +0200 cmd/stdiscosrv: Streamline context handling commit acc532f Author: Jakob Borg <jakob@kastelo.net> Date: Wed Aug 30 09:09:50 2023 +0200 cmd/stdiscosrv: Explicitly enable HTTP/2 The server supports it, but it's not negotiated unless explicitly allowed in the TLS config NextProtos. commit 3cc3fb7 Author: Syncthing Release Automation <release@syncthing.net> Date: Mon Aug 28 03:45:57 2023 +0000 gui, man, authors: Update docs, translations, and contributors
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Syncthing Version
Syncthing version: v1.23.7, AMD64 Docker Container
What Happened
This seems similar to #8899, but for the LDAP search filter.
Configuring an LDAP search filter without the %s placeholder results in a warning message in the log file and a corrupt search filter sent to the LDAP server. Logging in with LDAP fails. I could not find the search filter in the LDAP log files though, but that might be due to the behavior of my LDAP server when receiving a corrupt search filter.
If %s is used in LDAP search filter, everything works.
Does not work:
Message in Syncthing log reads
Works:
What Is Expected
If %s is omitted from LDAP search filter, send it as configured without any processing.
Reproduction
The text was updated successfully, but these errors were encountered: