public/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-10-31 21:28:11 +09:00
Code Issues Packages Projects Releases Wiki Activity

Correct ldap username validation. (#2880)

Browse Source 
PR #342 was only partially applied. Spaces should not be at the start
and end of a username but they can be inside.
This commit is contained in:
Jochen Rill
2017-11-13 10:32:16 +01:00
committed by Lauris BH
parent 134958fd9f
commit f94e6fd7a5
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/auth/ldap/ldap.go
View File

@@ -69,7 +69,7 @@ func (ls *Source) sanitizedUserQuery(username string) (string, bool) {
func (ls *Source) sanitizedUserDN(username string) (string, bool) { func (ls *Source) sanitizedUserDN(username string) (string, bool) {
// See http://tools.ietf.org/search/rfc4514: "special characters" // See http://tools.ietf.org/search/rfc4514: "special characters"
badCharacters := "\x00()*\\,='\"#+;<> " badCharacters := "\x00()*\\,='\"#+;<>"
if strings.ContainsAny(username, badCharacters) { if strings.ContainsAny(username, badCharacters) {
log.Debug("'%s' contains invalid DN characters. Aborting.", username) log.Debug("'%s' contains invalid DN characters. Aborting.", username)
return "", false return "", false