Running pykolab-0.8.10-1.9.el7.kolab_16.noarch
Had a new employee with the surname O'Brien join recently, and I noticed logs growing; on further inspection and installing on a fresh install on the test server there are repeated entries with the following logs below. It seems like something somewhere needs to be escaped, but I'm not sure where to begin with this best. Users with no apostrophes do not experience this.
A simple solution is outlined at http://lists.kolab.org/pipermail/users/2013-March/014584.html and suggests just taking the apostrophe out, but that seems unsatisfactory, plus it seems like it could possibly be the root of a security vulnerability if exploited correctly and there is indeed a function which is not properly parsed.
Expected behaviour is for minimal errors to be printed to logs.
Observed behaviour is users with apostrophes spam continuous entries in logs when interacting with email.
kolab/pykolab.log:
2019-04-04 03:47:51,212 pykolab.plugins.recipientpolicy ERROR [5349] Policy for secondary email address failed: SyntaxError('invalid syntax', ('<string>', 1, 66, "retval = '{0}.{1}@{2}'.format('James'[0:1].capitalize(), 'O'Brien', 'domain.com')\n"))
2019-04-04 03:47:51,212 pykolab.plugins.recipientpolicy ERROR [5349] Policy for secondary email address failed: SyntaxError('invalid syntax', ('<string>', 1, 66, "retval = '{0}.{1}@{2}'.format('James'[0:1].capitalize(), 'O'Brien', 'domain.com')\n"))
dirsrv/slapd-mail/access
[04/Apr/2019:04:08:02.642739566 +0000] conn=4 op=526 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=2 filter="(objectClass=kolabinetorgperson)" attrs=ALL
[04/Apr/2019:04:08:02.643012195 +0000] conn=4 op=526 RESULT err=0 tag=101 nentries=1 etime=0.0000311716
[04/Apr/2019:04:08:02.645905431 +0000] conn=4 op=527 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=2 filter="(objectClass=kolabinetorgperson)" attrs=ALL
[04/Apr/2019:04:08:02.646154736 +0000] conn=4 op=527 RESULT err=0 tag=101 nentries=1 etime=0.0003106545
[04/Apr/2019:04:08:02.651035525 +0000] conn=238 op=2 UNBIND
[04/Apr/2019:04:08:02.651049067 +0000] conn=238 op=2 fd=65 closed - U1
[04/Apr/2019:04:08:02.657448221 +0000] conn=4 op=528 SRCH base="dc=domain,dc=com" scope=2 filter="(&(|(mail=james.o'brien@domain.com)(alias=james.o'brien@domain.com)(nsUniqueId=james.o'brien@domain.com))(!(nsUniqueId=058c4601-568c11e9-a18c855e-3bd2aeb5)))" attrs="mail alias nsUniqueId"
[04/Apr/2019:04:08:02.657744709 +0000] conn=4 op=528 RESULT err=0 tag=101 nentries=0 etime=0.0011554739 notes=U
[04/Apr/2019:04:08:02.683915797 +0000] conn=4 op=529 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=0 filter="(objectClass=*)" attrs="distinguishedName mailQuota"
[04/Apr/2019:04:08:02.684103590 +0000] conn=4 op=529 RESULT err=0 tag=101 nentries=1 etime=0.0025389474
[04/Apr/2019:04:08:55.893372900 +0000] conn=239 fd=65 slot=65 connection from 127.0.0.1 to 127.0.0.1
[04/Apr/2019:04:08:55.893464115 +0000] conn=239 op=0 BIND dn="uid=kolab-service,ou=Special Users,dc=domain,dc=com" method=128 version=3
[04/Apr/2019:04:08:55.893873831 +0000] conn=239 op=0 RESULT err=0 tag=97 nentries=0 etime=0.0000466691 dn="uid=kolab-service,ou=special users,dc=domain,dc=com"
[04/Apr/2019:04:08:55.898841175 +0000] conn=239 op=1 BIND dn="uid=obrien,ou=People,dc=domain,dc=com" method=128 version=3
[04/Apr/2019:04:08:55.899123517 +0000] conn=239 op=1 RESULT err=0 tag=97 nentries=0 etime=0.0000314178 dn="uid=obrien,ou=people,dc=domain,dc=com"
[04/Apr/2019:04:08:55.902738767 +0000] conn=4 op=531 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=2 filter="(objectClass=kolabinetorgperson)" attrs=ALL
[04/Apr/2019:04:08:55.903029464 +0000] conn=4 op=531 RESULT err=0 tag=101 nentries=1 etime=0.0000329622
[04/Apr/2019:04:08:55.905869887 +0000] conn=4 op=532 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=2 filter="(objectClass=kolabinetorgperson)" attrs=ALL
[04/Apr/2019:04:08:55.906117000 +0000] conn=4 op=532 RESULT err=0 tag=101 nentries=1 etime=0.0003051524
[04/Apr/2019:04:08:55.911186564 +0000] conn=239 op=2 UNBIND
[04/Apr/2019:04:08:55.911200081 +0000] conn=239 op=2 fd=65 closed - U1
[04/Apr/2019:04:08:55.913678952 +0000] conn=4 op=533 SRCH base="dc=domain,dc=com" scope=2 filter="(&(|(mail=james.o'brien@domain.com)(alias=james.o'brien@domain.com)(nsUniqueId=james.o'brien@domain.com))(!(nsUniqueId=058c4601-568c11e9-a18c855e-3bd2aeb5)))" attrs="mail alias nsUniqueId"
[04/Apr/2019:04:08:55.914002883 +0000] conn=4 op=533 RESULT err=0 tag=101 nentries=0 etime=0.0007850861 notes=U
[04/Apr/2019:04:08:55.940965105 +0000] conn=4 op=534 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=0 filter="(objectClass=*)" attrs="distinguishedName mailQuota"
[04/Apr/2019:04:08:55.941171432 +0000] conn=4 op=534 RESULT err=0 tag=101 nentries=1 etime=0.0022477489
[04/Apr/2019:04:09:02.825278092 +0000] conn=240 fd=65 slot=65 connection from 127.0.0.1 to 127.0.0.1
[04/Apr/2019:04:09:02.825352874 +0000] conn=240 op=0 BIND dn="uid=kolab-service,ou=Special Users,dc=domain,dc=com" method=128 version=3
[04/Apr/2019:04:09:02.825715575 +0000] conn=240 op=0 RESULT err=0 tag=97 nentries=0 etime=0.0000403121 dn="uid=kolab-service,ou=special users,dc=domain,dc=com"
[04/Apr/2019:04:09:02.830557736 +0000] conn=240 op=1 BIND dn="uid=obrien,ou=People,dc=domain,dc=com" method=128 version=3
[04/Apr/2019:04:09:02.830875483 +0000] conn=240 op=1 RESULT err=0 tag=97 nentries=0 etime=0.0000350367 dn="uid=obrien,ou=people,dc=domain,dc=com"
[04/Apr/2019:04:09:02.834741034 +0000] conn=4 op=536 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=2 filter="(objectClass=kolabinetorgperson)" attrs=ALL
[04/Apr/2019:04:09:02.835016552 +0000] conn=4 op=536 RESULT err=0 tag=101 nentries=1 etime=0.0000324573
[04/Apr/2019:04:09:02.837912298 +0000] conn=4 op=537 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=2 filter="(objectClass=kolabinetorgperson)" attrs=ALL
[04/Apr/2019:04:09:02.838152817 +0000] conn=4 op=537 RESULT err=0 tag=101 nentries=1 etime=0.0003096284
[04/Apr/2019:04:09:02.843147061 +0000] conn=240 op=2 UNBIND
[04/Apr/2019:04:09:02.843160294 +0000] conn=240 op=2 fd=65 closed - U1
[04/Apr/2019:04:09:02.845374727 +0000] conn=4 op=538 SRCH base="dc=domain,dc=com" scope=2 filter="(&(|(mail=james.o'brien@domain.com)(alias=james.o'brien@domain.com)(nsUniqueId=james.o'brien@domain.com))(!(nsUniqueId=058c4601-568c11e9-a18c855e-3bd2aeb5)))" attrs="mail alias nsUniqueId"
[04/Apr/2019:04:09:02.845634269 +0000] conn=4 op=538 RESULT err=0 tag=101 nentries=0 etime=0.0007446365 notes=U
[04/Apr/2019:04:09:02.873749816 +0000] conn=4 op=539 SRCH base="uid=obrien,ou=People,dc=domain,dc=com" scope=0 filter="(objectClass=*)" attrs="distinguishedName mailQuota"
[04/Apr/2019:04:09:02.873909494 +0000] conn=4 op=539 RESULT err=0 tag=101 nentries=1 etime=0.0025146948