* [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str
@ 2020-10-08 13:37 Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Fabian Grünbichler @ 2020-10-08 13:37 UTC (permalink / raw)
To: pbs-devel
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
src/api2/types/userid.rs | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/src/api2/types/userid.rs b/src/api2/types/userid.rs
index 3001b1d9..f0a61031 100644
--- a/src/api2/types/userid.rs
+++ b/src/api2/types/userid.rs
@@ -397,10 +397,7 @@ impl TryFrom<String> for Userid {
impl PartialEq<str> for Userid {
fn eq(&self, rhs: &str) -> bool {
- rhs.len() > self.name_len + 2 // make sure range access below is allowed
- && rhs.starts_with(self.name().as_str())
- && rhs.as_bytes()[self.name_len] == b'@'
- && &rhs[(self.name_len + 1)..] == self.realm().as_str()
+ self.data == *rhs
}
}
--
2.20.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
@ 2020-10-08 13:37 ` Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token Fabian Grünbichler
2020-10-08 13:57 ` [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Dietmar Maurer
2 siblings, 0 replies; 4+ messages in thread
From: Fabian Grünbichler @ 2020-10-08 13:37 UTC (permalink / raw)
To: pbs-devel
not triggered by any current code, but this would lead to a stack
exhaustion since borrow would call deref which would call borrow again..
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
src/api2/types/userid.rs | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/src/api2/types/userid.rs b/src/api2/types/userid.rs
index f0a61031..44cd10b7 100644
--- a/src/api2/types/userid.rs
+++ b/src/api2/types/userid.rs
@@ -131,13 +131,13 @@ impl std::ops::Deref for Username {
impl Borrow<UsernameRef> for Username {
fn borrow(&self) -> &UsernameRef {
- UsernameRef::new(self.as_str())
+ UsernameRef::new(self.0.as_str())
}
}
impl AsRef<UsernameRef> for Username {
fn as_ref(&self) -> &UsernameRef {
- UsernameRef::new(self.as_str())
+ self.borrow()
}
}
@@ -204,13 +204,13 @@ impl std::ops::Deref for Realm {
impl Borrow<RealmRef> for Realm {
fn borrow(&self) -> &RealmRef {
- RealmRef::new(self.as_str())
+ RealmRef::new(self.0.as_str())
}
}
impl AsRef<RealmRef> for Realm {
fn as_ref(&self) -> &RealmRef {
- RealmRef::new(self.as_str())
+ self.borrow()
}
}
--
2.20.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
@ 2020-10-08 13:37 ` Fabian Grünbichler
2020-10-08 13:57 ` [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Dietmar Maurer
2 siblings, 0 replies; 4+ messages in thread
From: Fabian Grünbichler @ 2020-10-08 13:37 UTC (permalink / raw)
To: pbs-devel
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
src/server/rest.rs | 1 -
1 file changed, 1 deletion(-)
diff --git a/src/server/rest.rs b/src/server/rest.rs
index 4cfdd6c0..c985ccbd 100644
--- a/src/server/rest.rs
+++ b/src/server/rest.rs
@@ -504,7 +504,6 @@ fn check_auth(
if method != hyper::Method::GET {
if let Some(token) = token {
- println!("CSRF prevention token: {:?}", token);
verify_csrf_prevention_token(csrf_secret(), &userid, &token, -300, ticket_lifetime)?;
} else {
bail!("missing CSRF prevention token");
--
2.20.1
^ permalink raw reply [flat|nested] 4+ messages in thread
* [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token Fabian Grünbichler
@ 2020-10-08 13:57 ` Dietmar Maurer
2 siblings, 0 replies; 4+ messages in thread
From: Dietmar Maurer @ 2020-10-08 13:57 UTC (permalink / raw)
To: Proxmox Backup Server development discussion, Fabian Grünbichler
applied all 3 patches
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-10-08 13:58 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-08 13:37 [pbs-devel] [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 2/3] Userid: fix borrow/deref recursion Fabian Grünbichler
2020-10-08 13:37 ` [pbs-devel] [PATCH proxmox-backup 3/3] REST: don't print CSRF token Fabian Grünbichler
2020-10-08 13:57 ` [pbs-devel] applied: [PATCH proxmox-backup 1/3] Userid: simplify comparison with str Dietmar Maurer
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox