[pve-devel] applied: [PATCH v2 access-control 06/23] auth: pull username REs into variables

Thomas Lamprecht t.lamprecht at proxmox.com
Tue Jan 14 12:33:23 CET 2020


On 11/21/19 3:43 PM, Fabian Grünbichler wrote:
> for reusage in API token ID format/verification
> 
> Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
> ---
>  PVE/Auth/Plugin.pm | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/PVE/Auth/Plugin.pm b/PVE/Auth/Plugin.pm
> index 5c11991..6d59b72 100755
> --- a/PVE/Auth/Plugin.pm
> +++ b/PVE/Auth/Plugin.pm
> @@ -27,7 +27,8 @@ sub lock_domain_config {
>      }
>  }
>  
> -my $realm_regex = qr/[A-Za-z][A-Za-z0-9\.\-_]+/;
> +our $realm_regex = qr/[A-Za-z][A-Za-z0-9\.\-_]+/;
> +our $user_regex = qr![^\s:/]+!;
>  
>  PVE::JSONSchema::register_format('pve-realm', \&pve_verify_realm);
>  sub pve_verify_realm {
> @@ -66,7 +67,7 @@ sub verify_username {
>      # colon separated lists)!
>      # slash is not allowed because it is used as pve API delimiter
>      # also see "man useradd"
> -    if ($username =~ m!^([^\s:/]+)\@(${realm_regex})$!) {
> +    if ($username =~ m!^(${user_regex})\@(${realm_regex})$!) {
>  	return wantarray ? ($username, $1, $2) : $username;
>      }
>  
> 

applied




More information about the pve-devel mailing list