diff options
author | Michael Kozono <mkozono@gmail.com> | 2017-09-20 14:21:27 -0700 |
---|---|---|
committer | Michael Kozono <mkozono@gmail.com> | 2017-10-07 10:28:12 -0700 |
commit | cb591f86e42a2f3bd4df2980cc4cfed0a0641e71 (patch) | |
tree | 7bfab5025e1d6702b62a3e06456dfcab62a75e77 | |
parent | a0d7a22e7c1e8ae1a61b4ef24ef38180c68782c7 (diff) | |
download | gitlab-ce-cb591f86e42a2f3bd4df2980cc4cfed0a0641e71.tar.gz |
Fix to_s_normalize for escaped leading space
-rw-r--r-- | lib/gitlab/ldap/dn.rb | 14 | ||||
-rw-r--r-- | spec/lib/gitlab/ldap/dn_spec.rb | 2 |
2 files changed, 4 insertions, 12 deletions
diff --git a/lib/gitlab/ldap/dn.rb b/lib/gitlab/ldap/dn.rb index 555ef0b80ae..02a4cbcd13a 100644 --- a/lib/gitlab/ldap/dn.rb +++ b/lib/gitlab/ldap/dn.rb @@ -210,27 +210,19 @@ module Gitlab # http://tools.ietf.org/html/rfc2253 section 2.4 lists these exceptions # for dn values. All of the following must be escaped in any normal string # using a single backslash ('\') as escape. - ESCAPES = { - ',' => ',', - '+' => '+', - '"' => '"', - '\\' => '\\', - '<' => '<', - '>' => '>', - ';' => ';', - } + NORMAL_ESCAPES = [',', '+', '"', '\\', '<', '>', ';'] # Compiled character class regexp using the keys from the above hash, and # checking for a space or # at the start, or space at the end, of the # string. ESCAPE_RE = Regexp.new("(^ |^#| $|[" + - ESCAPES.keys.map { |e| Regexp.escape(e) }.join + + NORMAL_ESCAPES.map { |e| Regexp.escape(e) }.join + "])") ## # Escape a string for use in a DN value def self.escape(string) - string.gsub(ESCAPE_RE) { |char| "\\" + ESCAPES[char] } + string.gsub(ESCAPE_RE) { |char| "\\" + char } end ## diff --git a/spec/lib/gitlab/ldap/dn_spec.rb b/spec/lib/gitlab/ldap/dn_spec.rb index 11711c905a1..73124bc4cc4 100644 --- a/spec/lib/gitlab/ldap/dn_spec.rb +++ b/spec/lib/gitlab/ldap/dn_spec.rb @@ -20,7 +20,7 @@ describe Gitlab::LDAP::DN do 'strips the space after the plus sign in the telephoneNumber' | 'uid = John Smith + telephoneNumber = + 1 555-555-5555 , ou = People,dc=example,dc=com' | 'uid=john smith+telephonenumber=+1 555-555-5555,ou=people,dc=example,dc=com' 'downcases the whole string' | 'UID=John Smith,ou=People,dc=example,dc=com' | 'uid=john smith,ou=people,dc=example,dc=com' 'for a null DN (empty string), returns empty string and does not error' | '' | '' - 'does not strip an escaped leading space in an attribute value (and does not error like Net::LDAP::DN.new does)' | 'uid=\\ John Smith,ou=People,dc=example,dc=com' | 'uid=\\ john smith,ou=people,dc=example,dc=com' + 'does not strip an escaped leading space in an attribute value' | 'uid=\\ John Smith,ou=People,dc=example,dc=com' | 'uid=\\ john smith,ou=people,dc=example,dc=com' 'does not strip an escaped trailing space in an attribute value' | 'uid=John Smith\\ ,ou=People,dc=example,dc=com' | 'uid=john smith\\ ,ou=people,dc=example,dc=com' 'does not strip an escaped leading newline in an attribute value' | 'uid=\\\nJohn Smith,ou=People,dc=example,dc=com' | 'uid=\\\njohn smith,ou=people,dc=example,dc=com' 'does not strip an escaped trailing newline in an attribute value' | 'uid=John Smith\\\n,ou=People,dc=example,dc=com' | 'uid=john smith\\\n,ou=people,dc=example,dc=com' |