Escape wildcards when searching LDAP by username.

CHANGELOG

@@ -20,6 +20,7 @@ v 7.9.0 (unreleased)
   - Add brakeman (security scanner for Ruby on Rails)
   - Slack username and channel options
   - Add grouped milestones from all projects to dashboard.
+  - Escape wildcards when searching LDAP by username.
 
 v 7.8.1
   - Fix run of custom post receive hooks

lib/gitlab/ldap/authentication.rb

@@ -50,7 +50,7 @@ module Gitlab
       end
 
       def user_filter(login)
-        filter = Net::LDAP::Filter.eq(config.uid, login)
+        filter = Net::LDAP::Filter.equals(config.uid, login)
 
         # Apply LDAP user filter if present
         if config.user_filter.present?

lib/gitlab/ldap/person.rb

@@ -9,10 +9,12 @@ module Gitlab
       attr_accessor :entry, :provider
 
       def self.find_by_uid(uid, adapter)
+        uid = Net::LDAP::Filter.escape(uid)
         adapter.user(adapter.config.uid, uid)
       end
 
       def self.find_by_dn(dn, adapter)
+        dn = Net::LDAP::Filter.escape(dn)
         adapter.user('dn', dn)
       end