[pve-devel] [PATCH access-control 1/3] access: lookup: fix undef warning for case-insensitive realms
Christoph Heiss
c.heiss at proxmox.com
Tue Mar 25 11:38:31 CET 2025
Originally reported in the forum [0].
This is only a cosmetic fix and has no user-visible impact, just fixing
a code warning in the syslog. Applies only for case-insensitive realms
too, where Active Directory is the only type to support that.
When looking up a non-existing username on case-insensitive realms, it
currently returns `undef`, which then causes the following warning in
the syslog:
Use of uninitialized value $username in concatenation (.) or string at /usr/share/perl5/PVE/API2/AccessControl.pm line 303.
authentication failure; rhost=::ffff:10.0.0.1 user= msg=user name '' is too short
This now follows the logic from the common, case-sensitive path, to just
return the original, given username (which is then later on validated in
the auth chain).
No functional changes.
[0] https://forum.proxmox.com/threads/new-ad-realm-not-working-blank-username.157859/
Signed-off-by: Christoph Heiss <c.heiss at proxmox.com>
---
src/PVE/AccessControl.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm
index 47f2d38..d1e7d56 100644
--- a/src/PVE/AccessControl.pm
+++ b/src/PVE/AccessControl.pm
@@ -1231,7 +1231,7 @@ sub lookup_username {
die "ambiguous case insensitive match of username '$username', cannot safely grant access!\n"
if scalar @matches > 1 && !$noerr;
- return $matches[0]
+ return $matches[0] if defined($matches[0]);
}
return $username;
--
2.48.1
More information about the pve-devel
mailing list