[pve-devel] [PATCH access-control 1/1] fix #3748 changed regex-pattern to accept escape sequences on Comma
Markus Frank
m.frank at proxmox.com
Wed Jan 19 13:21:41 CET 2022
Correction: Patch for access-control and not for container
> On 19.01.2022 13:04 markus frank <m.frank at proxmox.com> wrote:
>
>
> old-pattern: '\w+=[^,]+(,\s*\w+=[^,]+)*'
> the old pattern didn't allow LDAP base domain name to be like: dc=first\, second, dc=com
> new-pattern: qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
>
> ---
> src/PVE/Auth/LDAP.pm | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/src/PVE/Auth/LDAP.pm b/src/PVE/Auth/LDAP.pm
> index 97d0778..ad23cb2 100755
> --- a/src/PVE/Auth/LDAP.pm
> +++ b/src/PVE/Auth/LDAP.pm
> @@ -19,7 +19,7 @@ sub properties {
> base_dn => {
> description => "LDAP base domain name",
> type => 'string',
> - pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
> + pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
> optional => 1,
> maxLength => 256,
> },
> @@ -33,7 +33,7 @@ sub properties {
> bind_dn => {
> description => "LDAP bind domain name",
> type => 'string',
> - pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
> + pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
> optional => 1,
> maxLength => 256,
> },
> @@ -91,7 +91,7 @@ sub properties {
> description => "LDAP base domain name for group sync. If not set, the"
> ." base_dn will be used.",
> type => 'string',
> - pattern => '\w+=[^,]+(,\s*\w+=[^,]+)*',
> + pattern => qr(\w+=([^,\\]|\\,)+(,\s*\w+=([^,\\]|\\,)+)*),
> optional => 1,
> maxLength => 256,
> },
> --
> 2.30.2
>
>
>
> _______________________________________________
> pve-devel mailing list
> pve-devel at lists.proxmox.com
> https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
More information about the pve-devel
mailing list