Add .qhelp along with its example

Author: jorgectf

python/ql/src/experimental/Security/CWE-522/LDAPInsecureAuth.qhelp

@@ -0,0 +1,23 @@
+<!DOCTYPE qhelp PUBLIC
+  "-//Semmle//qhelp//EN"
+  "qhelp.dtd">
+<qhelp>
+
+<overview>
+<p>Failing to ensure the utilization of SSL in an LDAP connection can cause the entire communication
+to be sent in cleartext making it easier for an attacker to intercept it.</p>
+</overview>
+
+<recommendation>
+<p>Always set <code>use_SSL</code> to <code>True</code>, call <code>start_tls_s()</code> or set a proper option flag (<code>ldap.OPT_X_TLS_XXXXXX</code>).</p>
+</recommendation>
+
+<example>
+<p>This example shows both good and bad ways to deal with this issue under Python 3.</p>
+
+<p>The first one sets <code>use_SSL</code> to true as a keyword argument whereas the second one fails to provide a value for it, so
+the default one is used (<code>False</code>).</p>
+<sample src="LDAPInsecureAuth.py" />
+</example>
+
+</qhelp>

python/ql/src/experimental/Security/CWE-522/examples/LDAPInsecureAuth.py

@@ -0,0 +1,20 @@
+from ldap3 import Server, Connection, ALL
+from flask import request, Flask
+
+app = Flask(__name__)
+
+
+@app.route("/good")
+def good():
+    srv = Server(host, port, use_ssl=True)
+    conn = Connection(srv, dn, password)
+    conn.search(dn, search_filter)
+    return conn.response
+
+
+@app.route("/bad")
+def bad():
+    srv = Server(host, port)
+    conn = Connection(srv, dn, password)
+    conn.search(dn, search_filter)
+    return conn.response

python/ql/test/experimental/query-tests/Security/CWE-522/ldap3_remote.py

@@ -101,7 +101,7 @@ def eight():
     host = schema + "somethingon.theinternet.com"
     srv = Server(host, port=1337)
     conn = Connection(srv, "dn", "password")
-    conn.start_tls()  # !
+    conn.start_tls()
     conn.search("dn", "search_filter")
     return conn.response