diff options
author | Michael Kozono <mkozono@gmail.com> | 2017-09-17 23:09:36 -0700 |
---|---|---|
committer | Michael Kozono <mkozono@gmail.com> | 2017-10-07 10:28:12 -0700 |
commit | 4ae32d9577d63e95c7d924cb72cce2e7b8fbdf47 (patch) | |
tree | 6534bb47bcdef99d7ed50eccb265994bc3f06ce1 | |
parent | f1773640bf74125bb09fd5af8e780d2592e922f0 (diff) | |
download | gitlab-ce-4ae32d9577d63e95c7d924cb72cce2e7b8fbdf47.tar.gz |
Fix normalize behavior for escaped delimiter chars
-rw-r--r-- | lib/gitlab/ldap/person.rb | 2 | ||||
-rw-r--r-- | spec/lib/gitlab/ldap/person_spec.rb | 18 |
2 files changed, 17 insertions, 3 deletions
diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb index 5c8924f1472..267514d0fcd 100644 --- a/lib/gitlab/ldap/person.rb +++ b/lib/gitlab/ldap/person.rb @@ -66,7 +66,7 @@ module Gitlab # 1. Excess spaces around attribute names and values are stripped # 2. The string is downcased (for case-insensitivity) def self.normalize_dn(dn) - dn.split(/([,+=])/).map do |part| + dn.split(/(?<!\\)([,+=])/).map do |part| normalize_dn_part(part) end.join('') end diff --git a/spec/lib/gitlab/ldap/person_spec.rb b/spec/lib/gitlab/ldap/person_spec.rb index 80c24fde16a..58e63b52631 100644 --- a/spec/lib/gitlab/ldap/person_spec.rb +++ b/spec/lib/gitlab/ldap/person_spec.rb @@ -40,7 +40,10 @@ describe Gitlab::LDAP::Person do 'does not strip the unescaped trailing newline in an attribute value' | 'uid=John Smith\n ,ou=People,dc=example,dc=com' | 'uid=John Smith\n,ou=People,dc=example,dc=com' 'does not modify casing' | 'UID=John Smith,ou=People,dc=example,dc=com' | 'UID=John Smith,ou=People,dc=example,dc=com' 'does not strip non whitespace' | 'uid=John Smith,ou=People,dc=example,dc=com' | 'uid=John Smith,ou=People,dc=example,dc=com' - 'for a malformed DN (when an equal sign is escaped), returns the DN completely unmodified' | 'uid= foo\\=bar' | 'uid= foo\\=bar' + 'does not treat escaped equal signs as attribute delimiters' | 'uid= foo \\= bar' | 'uid=foo \\= bar' + 'does not treat escaped hex equal signs as attribute delimiters' | 'uid= foo \\3D bar' | 'uid=foo \\3D bar' + 'does not treat escaped commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\, CA' | 'uid=John C. Smith,ou=San Francisco\\, CA' + 'does not treat escaped hex commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\2C CA' | 'uid=John C. Smith,ou=San Francisco\\2C CA' end with_them do @@ -62,6 +65,10 @@ describe Gitlab::LDAP::Person do 'does not strip the unescaped trailing newline in an attribute value' | ' John Smith\n ' | 'John Smith\n' 'does not modify casing' | ' John Smith ' | 'John Smith' 'does not strip non whitespace' | 'John Smith' | 'John Smith' + 'does not treat escaped equal signs as attribute delimiters' | ' foo \\= bar' | 'foo \\= bar' + 'does not treat escaped hex equal signs as attribute delimiters' | ' foo \\3D bar' | 'foo \\3D bar' + 'does not treat escaped commas as attribute delimiters' | ' Smith\\, John C.' | 'Smith\\, John C.' + 'does not treat escaped hex commas as attribute delimiters' | ' Smith\\2C John C.' | 'Smith\\2C John C.' end with_them do @@ -85,6 +92,10 @@ describe Gitlab::LDAP::Person do 'does not strip the unescaped trailing newline in an attribute value' | ' John Smith\n ' | 'John Smith\n' 'does not modify casing' | ' John Smith ' | 'John Smith' 'does not strip non whitespace' | 'John Smith' | 'John Smith' + 'does not treat escaped equal signs as attribute delimiters' | ' foo \\= bar' | 'foo \\= bar' + 'does not treat escaped hex equal signs as attribute delimiters' | ' foo \\3D bar' | 'foo \\3D bar' + 'does not treat escaped commas as attribute delimiters' | ' Smith\\, John C.' | 'Smith\\, John C.' + 'does not treat escaped hex commas as attribute delimiters' | ' Smith\\2C John C.' | 'Smith\\2C John C.' end with_them do @@ -117,7 +128,10 @@ describe Gitlab::LDAP::Person do 'does not strip the unescaped trailing newline in an attribute value' | 'uid=John Smith\n ,ou=People,dc=example,dc=com' | 'uid=John Smith\n,ou=People,dc=example,dc=com' 'does not modify casing' | 'UID=John Smith,ou=People,dc=example,dc=com' | 'UID=John Smith,ou=People,dc=example,dc=com' 'does not strip non whitespace' | 'uid=John Smith,ou=People,dc=example,dc=com' | 'uid=John Smith,ou=People,dc=example,dc=com' - 'for a malformed DN (when an equal sign is escaped), returns the DN completely unmodified' | 'uid= foo\\=bar' | 'uid= foo\\=bar' + 'does not treat escaped equal signs as attribute delimiters' | 'uid= foo \\= bar' | 'uid=foo \\= bar' + 'does not treat escaped hex equal signs as attribute delimiters' | 'uid= foo \\3D bar' | 'uid=foo \\3D bar' + 'does not treat escaped commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\, CA' | 'uid=John C. Smith,ou=San Francisco\\, CA' + 'does not treat escaped hex commas as attribute delimiters' | 'uid= John C. Smith, ou=San Francisco\\2C CA' | 'uid=John C. Smith,ou=San Francisco\\2C CA' end with_them do |