diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-09-20 15:55:19 -0700 |
|---|---|---|
| committer | Michael Kozono <mkozono@gmail.com> | 2017-10-07 10:28:13 -0700 |
| commit | 8bd59f3aeb614afb58152b033ba1020edae6c3a7 (patch) | |
| tree | 436235134ea101b3a98593e8a7072b72b9eb453d | |
| parent | 47dff608f4a06c54f243a26fb1412bef70df0844 (diff) | |
| download | gitlab-ce-8bd59f3aeb614afb58152b033ba1020edae6c3a7.tar.gz | |
Raise UnsupportedDnFormatError on multivalued RDNs
| -rw-r--r-- | lib/gitlab/ldap/dn.rb | 2 | ||||
| -rw-r--r-- | spec/lib/gitlab/ldap/dn_spec.rb | 32 |
2 files changed, 32 insertions, 2 deletions
diff --git a/lib/gitlab/ldap/dn.rb b/lib/gitlab/ldap/dn.rb index 60e2ba96587..234de1fe7eb 100644 --- a/lib/gitlab/ldap/dn.rb +++ b/lib/gitlab/ldap/dn.rb @@ -108,6 +108,7 @@ module Gitlab yield key.string.strip, value.string.rstrip key = StringIO.new value = StringIO.new; + when '+' then raise(UnsupportedDnFormatError, "Multivalued RDNs are not supported") else value << char end when :value_normal_escape then @@ -133,6 +134,7 @@ module Gitlab yield key.string.strip, value.string # Don't strip trailing escaped space! key = StringIO.new value = StringIO.new; + when '+' then raise(UnsupportedDnFormatError, "Multivalued RDNs are not supported") else value << char end when :value_quoted then diff --git a/spec/lib/gitlab/ldap/dn_spec.rb b/spec/lib/gitlab/ldap/dn_spec.rb index a39aab91f8b..6b197fa22fd 100644 --- a/spec/lib/gitlab/ldap/dn_spec.rb +++ b/spec/lib/gitlab/ldap/dn_spec.rb @@ -16,8 +16,6 @@ describe Gitlab::LDAP::DN do 'strips extraneous whitespace' | 'uid =John Smith , ou = People, dc= example,dc =com' | 'uid=john smith,ou=people,dc=example,dc=com' 'strips extraneous whitespace for a DN with a single RDN' | 'uid = John Smith' | 'uid=john smith' 'unescapes non-reserved, non-special Unicode characters' | 'uid = Sebasti\\c3\\a1n\\ C.\\20Smith\\ , ou=People (aka. \\22humans\\") ,dc=example, dc=com' | 'uid=sebastián c. smith \\ ,ou=people (aka. \\"humans\\"),dc=example,dc=com' - 'strips extraneous whitespace without modifying the multivalued RDN' | 'uid = John Smith + telephoneNumber = +1 555-555-5555 , ou = People,dc=example,dc=com' | 'uid=john smith+telephonenumber=+1 555-555-5555,ou=people,dc=example,dc=com' - 'strips the space after the plus sign in the telephoneNumber' | 'uid = John Smith + telephoneNumber = + 1 555-555-5555 , ou = People,dc=example,dc=com' | 'uid=john smith+telephonenumber=+1 555-555-5555,ou=people,dc=example,dc=com' 'downcases the whole string' | 'UID=John Smith,ou=People,dc=example,dc=com' | 'uid=john smith,ou=people,dc=example,dc=com' 'for a null DN (empty string), returns empty string and does not error' | '' | '' 'does not strip an escaped leading space in an attribute value' | 'uid=\\ John Smith,ou=People,dc=example,dc=com' | 'uid=\\ john smith,ou=people,dc=example,dc=com' @@ -42,6 +40,36 @@ describe Gitlab::LDAP::DN do end end + context 'when we do not support the given DN format' do + context 'multivalued RDNs' do + context 'without extraneous whitespace' do + let(:given) { 'uid=john smith+telephonenumber=+1 555-555-5555,ou=people,dc=example,dc=com' } + + it 'raises UnsupportedDnFormatError' do + expect{ subject }.to raise_error(Gitlab::LDAP::UnsupportedDnFormatError) + end + end + + context 'with extraneous whitespace' do + context 'around the phone number plus sign' do + let(:given) { 'uid = John Smith + telephoneNumber = + 1 555-555-5555 , ou = People,dc=example,dc=com' } + + it 'raises UnsupportedDnFormatError' do + expect{ subject }.to raise_error(Gitlab::LDAP::UnsupportedDnFormatError) + end + end + + context 'not around the phone number plus sign' do + let(:given) { 'uid = John Smith + telephoneNumber = +1 555-555-5555 , ou = People,dc=example,dc=com' } + + it 'raises UnsupportedDnFormatError' do + expect{ subject }.to raise_error(Gitlab::LDAP::UnsupportedDnFormatError) + end + end + end + end + end + context 'when the given DN is malformed' do let(:given) { 'uid\\=john' } |