From 26d78576b4851d708e5bc47ba48f75dc09ec060a Mon Sep 17 00:00:00 2001
From: Vilnius Ramanauskas <vilnius.ramanauskas@iterato.lt>
Date: Sun, 2 Mar 2025 17:06:17 +0200
Subject: [PATCH] PS-9704 (8.0) Fix auth_ldap bug with unescaped parentheses in
 user DN

---
 plugin/auth_ldap/src/connection.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugin/auth_ldap/src/connection.cc b/plugin/auth_ldap/src/connection.cc
index c67c2e64c103..f5ee5afa8736 100644
--- a/plugin/auth_ldap/src/connection.cc
+++ b/plugin/auth_ldap/src/connection.cc
@@ -309,7 +309,7 @@ groups_t Connection::search_groups(const std::string &user_name,
   std::string filter = std::regex_replace(group_search_filter,
                                           std::regex("\\{UA\\}"), user_name);
   std::string escaped_user_dn =
-      std::regex_replace(user_dn, std::regex("\\\\\""), "\\\\\"");
+      std::regex_replace(user_dn, std::regex(R"(\\\"|[\(\)])"), R"(\$&)");
   filter = std::regex_replace(filter, std::regex("\\{UD\\}"), escaped_user_dn);
 
   LDAPMessage *l_result;