diff options
author | Jochen Rill <jochen@tabbed.de> | 2017-11-13 10:32:16 +0100 |
---|---|---|
committer | Lauris BH <lauris@nix.lv> | 2017-11-13 11:32:16 +0200 |
commit | f94e6fd7a5c39bc82ab1bcf6a0befbc8358e84df (patch) | |
tree | b151d261e5fa4c6a0c3933d9433172d003901716 /modules | |
parent | 134958fd9f40b96384bc76598409a4a6fa032708 (diff) | |
download | gitea-f94e6fd7a5c39bc82ab1bcf6a0befbc8358e84df.tar.gz gitea-f94e6fd7a5c39bc82ab1bcf6a0befbc8358e84df.zip |
Correct ldap username validation. (#2880)
PR #342 was only partially applied. Spaces should not be at the start
and end of a username but they can be inside.
Diffstat (limited to 'modules')
-rw-r--r-- | modules/auth/ldap/ldap.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/modules/auth/ldap/ldap.go b/modules/auth/ldap/ldap.go index 7754cc8182..bb69f35587 100644 --- a/modules/auth/ldap/ldap.go +++ b/modules/auth/ldap/ldap.go @@ -69,7 +69,7 @@ func (ls *Source) sanitizedUserQuery(username string) (string, bool) { func (ls *Source) sanitizedUserDN(username string) (string, bool) { // See http://tools.ietf.org/search/rfc4514: "special characters" - badCharacters := "\x00()*\\,='\"#+;<> " + badCharacters := "\x00()*\\,='\"#+;<>" if strings.ContainsAny(username, badCharacters) { log.Debug("'%s' contains invalid DN characters. Aborting.", username) return "", false |