+/*!
+ * Generate LDAP filter string for UUID query
+
+ * @param[in] uuidstr the UUID as string
+ * @param[in] attr_filter optional attribute
+ * @returns pointer to static filter string
+ */
+static char *gen_uuid_filter(const char *uuidstr_in, const char *attr_filter)
+{
+ EC_INIT;
+ int len;
+ const char *uuidstr = uuidstr_in;
+
+#define MAX_FILTER_SIZE 512
+ static char filter[MAX_FILTER_SIZE];
+ char stripped[MAX_FILTER_SIZE];
+
+#define LDAP_BIN_UUID_LEN 49 /* LDAP Binary Notation is \XX * 16 bytes of UUID + terminator = 49 */
+ char ldap_bytes[LDAP_BIN_UUID_LEN];
+
+ if (ldap_uuid_encoding == LDAP_UUID_ENCODING_MSGUID) {
+ /* Convert to LDAP-safe binary encoding for direct query of AD objectGUID attribute */
+ int i = 0, s = 0;
+ char c;
+ while ((c = uuidstr[i])) {
+ if((c >='a' && c <= 'f')
+ || (c >= 'A' && c <= 'F')
+ || (c >= '0' && c <= '9')) {
+ stripped[s++] = toupper(c);
+ }
+ i++;
+ }
+
+ snprintf(ldap_bytes, LDAP_BIN_UUID_LEN,
+ "\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c"
+ "\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c\\%c%c",
+ /* Data1 (uint32) */
+ stripped[6], stripped[7], stripped[4], stripped[5],
+ stripped[2], stripped[3], stripped[0], stripped[1],
+ /* Data2 (uint16) */
+ stripped[10], stripped[11], stripped[8], stripped[9],
+ /* Data3 (uint16) */
+ stripped[14], stripped[15], stripped[12], stripped[13],
+ /* Data4 (uint64) */
+ stripped[16], stripped[17], stripped[18], stripped[19],
+ stripped[20], stripped[21], stripped[22], stripped[23],
+ stripped[24], stripped[25], stripped[26], stripped[27],
+ stripped[28], stripped[29], stripped[30], stripped[31]);
+ uuidstr = ldap_bytes;
+ }
+
+ if (attr_filter) {
+ len = snprintf(filter, 256, "(&(%s=%s)(%s))", ldap_uuid_attr, uuidstr, attr_filter);
+ } else {
+ len = snprintf(filter, 256, "%s=%s", ldap_uuid_attr, uuidstr);
+ }
+
+EC_CLEANUP:
+ if (ret != 0)
+ return NULL;
+ return filter;
+}
+