[pve-devel] [PATCH v2 access-control] fix #5136: ldap: Decode non-ASCII characters in attributes
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Feb 28 15:41:13 CET 2024
Am 09/01/2024 um 14:35 schrieb Filip Schauer:
> UTF8 decode non-ASCII characters when syncing user attributes, since
> those will be encoded later on. Without this fix the attributes were
> encoded twice, resulting in cases such as 'ü' turning into 'ü'.
>
> Signed-off-by: Filip Schauer <f.schauer at proxmox.com>
> ---
> Changes since v1:
> * Do not try to URI unescape the user attributes, since we do that later
> in PVE::AccessControl::parse_user_config anyways.
>
> src/PVE/Auth/LDAP.pm | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/PVE/Auth/LDAP.pm b/src/PVE/Auth/LDAP.pm
> index b958f2b..06177db 100755
> --- a/src/PVE/Auth/LDAP.pm
> +++ b/src/PVE/Auth/LDAP.pm
> @@ -301,7 +301,7 @@ sub get_users {
>
> foreach my $attr (keys %$user_attributes) {
> if (my $ours = $ldap_attribute_map->{$attr}) {
> - $ret->{$username}->{$ours} = $user_attributes->{$attr}->[0];
> + $ret->{$username}->{$ours} = Encode::decode('utf8', $user_attributes->{$attr}->[0]);
> }
> }
>
this would need a rebase, oh, and would be great if the original testers
could reconfirm the v2 approach of doing utf-8 decoding only.
More information about the pve-devel
mailing list