keystone assignment backend ldap patch

File contents

--- assignment/backends/ldap.py~	2013-12-18 16:21:44.000000000 +0400
+++ assignment/backends/ldap.py	2014-06-15 19:45:39.390021202 +0400
@@ -18,6 +18,7 @@
 import uuid
 
 import ldap as ldap
+import ldap.filter
 
 from keystone import assignment
 from keystone import clean
@@ -468,9 +469,10 @@
 
     def list_project_roles_for_user(self, user_dn, project_subtree):
         conn = self.get_connection()
+	user_dn_esc = ldap.filter.escape_filter_chars(user_dn)
         query = '(&(objectClass=%s)(%s=%s))' % (self.object_class,
                                                 self.member_attribute,
-                                                user_dn)
+                                                user_dn_esc)
         try:
             roles = conn.search_s(project_subtree,
                                   ldap.SCOPE_SUBTREE,