LDAP usernames are directly concatenated into the filter query,
which opens up the risk of unauthenticated LDAP injection,
potentially allowing to bypass the authentication.
To solve this, apply escaping as per RFC 4515.
Co-authored-by: Shane Synan <digitalcircuit36939@gmail.com> Co-authored-by: Manuel Nickschas <sputnick@quassel-irc.org>