[pve-devel] [PATCH common] fix #5034 ldap attribute regex

Stefan Sterz s.sterz at proxmox.com
Wed Nov 15 16:02:39 CET 2023


On 15.11.23 14:28, Stefan Sterz wrote:
>>  src/PVE/JSONSchema.pm | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/src/PVE/JSONSchema.pm b/src/PVE/JSONSchema.pm
>> index 49e0d7a..ef58b62 100644
>> --- a/src/PVE/JSONSchema.pm
>> +++ b/src/PVE/JSONSchema.pm
>> @@ -408,7 +408,7 @@ PVE::JSONSchema::register_format('ldap-simple-attr', \&verify_ldap_simple_attr);
>>  sub verify_ldap_simple_attr {
>>      my ($attr, $noerr) = @_;
>>  
>> -    if ($attr =~ m/^[a-zA-Z0-9]+$/) {
>> +    if ($attr =~ m/^[a-zA-Z0-9\-]+$/) {
> 
> if i'm not mistaken, this regex should try to filter an `AttributeValue`
> [1]. in case we do stick with this regex approach here, you may want to
> relax this even further, as per the standard:
> 

sorry just noticed i forgot to add:

[1]: https://datatracker.ietf.org/doc/html/rfc4514#section-2.4






More information about the pve-devel mailing list