* [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str
@ 2020-10-08 13:37 Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Fabian Grünbichler @ 2020-10-08 13:37 UTC (permalink / raw)
To: pbs-devel
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
src/api2/types/userid.rs | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/api2/types/userid.rs b/src/api2/types/userid.rs
index 3001b1d9..f0a61031 100644
--- a/src/api2/types/userid.rs
+++ b/src/api2/types/userid.rs
@@ -397,10 +397,7 @@ impl TryFrom<String> for Userid {
impl PartialEq<str> for Userid {
fn eq(&self, rhs: &str) -> bool {
- rhs.len() > self.name_len + 2 // make sure range access below is allowed
- && rhs.starts_with(self.name().as_str())
- && rhs.as_bytes()[self.name_len] == b'@'
- && &rhs[(self.name_len + 1)..] == self.realm().as_str()
+ self.data == *rhs
}
}
--
2.20.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
@ 2020-10-08 13:37 ` Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token Fabian Grünbichler
2020-10-08 13:57 ` [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Dietmar Maurer
2 siblings, 0 replies; 4+ messages in thread
From: Fabian Grünbichler @ 2020-10-08 13:37 UTC (permalink / raw)
To: pbs-devel
not triggered by any current code, but this would lead to a stack
exhaustion since borrow would call deref which would call borrow again..
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
src/api2/types/userid.rs | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/api2/types/userid.rs b/src/api2/types/userid.rs
index f0a61031..44cd10b7 100644
--- a/src/api2/types/userid.rs
+++ b/src/api2/types/userid.rs
@@ -131,13 +131,13 @@ impl std::ops::Deref for Username {
impl Borrow<UsernameRef> for Username {
fn borrow(&self) -> &UsernameRef {
- UsernameRef::new(self.as_str())
+ UsernameRef::new(self.0.as_str())
}
}
impl AsRef<UsernameRef> for Username {
fn as_ref(&self) -> &UsernameRef {
- UsernameRef::new(self.as_str())
+ self.borrow()
}
}
@@ -204,13 +204,13 @@ impl std::ops::Deref for Realm {
impl Borrow<RealmRef> for Realm {
fn borrow(&self) -> &RealmRef {
- RealmRef::new(self.as_str())
+ RealmRef::new(self.0.as_str())
}
}
impl AsRef<RealmRef> for Realm {
fn as_ref(&self) -> &RealmRef {
- RealmRef::new(self.as_str())
+ self.borrow()
}
}
--
2.20.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
@ 2020-10-08 13:37 ` Fabian Grünbichler
2020-10-08 13:57 ` [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Dietmar Maurer
2 siblings, 0 replies; 4+ messages in thread
From: Fabian Grünbichler @ 2020-10-08 13:37 UTC (permalink / raw)
To: pbs-devel
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
src/server/rest.rs | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/server/rest.rs b/src/server/rest.rs
index 4cfdd6c0..c985ccbd 100644
--- a/src/server/rest.rs
+++ b/src/server/rest.rs
@@ -504,7 +504,6 @@ fn check_auth(
if method != hyper::Method::GET {
if let Some(token) = token {
- println!("CSRF prevention token: {:?}", token);
verify_csrf_prevention_token(csrf_secret(), &userid, &token, -300, ticket_lifetime)?;
} else {
bail!("missing CSRF prevention token");
--
2.20.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token Fabian Grünbichler
@ 2020-10-08 13:57 ` Dietmar Maurer
2 siblings, 0 replies; 4+ messages in thread
From: Dietmar Maurer @ 2020-10-08 13:57 UTC (permalink / raw)
To: Proxmox Backup Server development discussion, Fabian Grünbichler
applied all 3 patches
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-10-08 13:58 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token Fabian Grünbichler
2020-10-08 13:57 ` [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Dietmar Maurer
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal