[pve-devel] [PATCH v2 access-control 06/23] auth: pull username REs into variables

Fabian Grünbichler f.gruenbichler at proxmox.com
Thu Nov 21 15:43:24 CET 2019


for reusage in API token ID format/verification

Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
 PVE/Auth/Plugin.pm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/PVE/Auth/Plugin.pm b/PVE/Auth/Plugin.pm
index 5c11991..6d59b72 100755
--- a/PVE/Auth/Plugin.pm
+++ b/PVE/Auth/Plugin.pm
@@ -27,7 +27,8 @@ sub lock_domain_config {
     }
 }
 
-my $realm_regex = qr/[A-Za-z][A-Za-z0-9\.\-_]+/;
+our $realm_regex = qr/[A-Za-z][A-Za-z0-9\.\-_]+/;
+our $user_regex = qr![^\s:/]+!;
 
 PVE::JSONSchema::register_format('pve-realm', \&pve_verify_realm);
 sub pve_verify_realm {
@@ -66,7 +67,7 @@ sub verify_username {
     # colon separated lists)!
     # slash is not allowed because it is used as pve API delimiter
     # also see "man useradd"
-    if ($username =~ m!^([^\s:/]+)\@(${realm_regex})$!) {
+    if ($username =~ m!^(${user_regex})\@(${realm_regex})$!) {
 	return wantarray ? ($username, $1, $2) : $username;
     }
 
-- 
2.20.1





More information about the pve-devel mailing list