diff options
| author | Саша Иванов <solo12zw74@gmail.com> | 2016-12-21 11:43:22 +0300 |
|---|---|---|
| committer | 无闻 <u@gogs.io> | 2016-12-21 03:43:22 -0500 |
| commit | ca6cbb95cc8af4216a457f5940e1d5bf756723c2 (patch) | |
| tree | fac350c0dd11faf499fb7367aba35ead63351a33 | |
| parent | 7cb440273c077238ed1ccc40a9ac73666b289d37 (diff) | |
#3791 update LDAP username check (#3906)
| -rw-r--r-- | modules/auth/ldap/ldap.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/auth/ldap/ldap.go b/modules/auth/ldap/ldap.go index 55364bfc..cb50fceb 100644 --- a/modules/auth/ldap/ldap.go +++ b/modules/auth/ldap/ldap.go @@ -59,8 +59,8 @@ func (ls *Source) sanitizedUserQuery(username string) (string, bool) { func (ls *Source) sanitizedUserDN(username string) (string, bool) { // See http://tools.ietf.org/search/rfc4514: "special characters" - badCharacters := "\x00()*\\,='\"#+;<> " - if strings.ContainsAny(username, badCharacters) { + badCharacters := "\x00()*\\,='\"#+;<>" + if strings.ContainsAny(username, badCharacters) || strings.HasPrefix(username, " ") || strings.HasSuffix(username, " ") { log.Debug("'%s' contains invalid DN characters. Aborting.", username) return "", false } |