[pve-devel] [PATCH access-control] fix #5136: ldap: Decode non-ASCII characters in attributes
Lukas Wagner
l.wagner at proxmox.com
Thu Dec 21 10:42:21 CET 2023
Hi, thanks for tackling this!
On 12/20/23 15:37, Filip Schauer wrote:
> Decode non-ASCII character when syncing user attributes, since those
> will be encoded later on. Without this fix the attributes where encoded
> twice, resulting in cases such as 'ü' turning into 'ü'.
>
> Signed-off-by: Filip Schauer <f.schauer at proxmox.com>
> ---
> src/PVE/Auth/LDAP.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/PVE/Auth/LDAP.pm b/src/PVE/Auth/LDAP.pm
> index b958f2b..5e7a30c 100755
> --- a/src/PVE/Auth/LDAP.pm
> +++ b/src/PVE/Auth/LDAP.pm
> @@ -301,7 +301,7 @@ sub get_users {
>
> foreach my $attr (keys %$user_attributes) {
> if (my $ours = $ldap_attribute_map->{$attr}) {
> - $ret->{$username}->{$ours} = $user_attributes->{$attr}->[0];
> + $ret->{$username}->{$ours} = PVE::Tools::decode_text($user_attributes->{$attr}->[0]);
> }
> }
>
Gave this a quick test.
Set up a glauth LDAP server, added some unicode symbols to the 'sn' LDAP
attribute, configured sync_attributes lastname=sn in domains.cfg and
tested the sync.
Tested-by: Lukas Wagner <l.wagner at proxmox.com>
--
- Lukas
More information about the pve-devel
mailing list