From: Dominik Csapak <d.csapak@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api v4 11/12] ldap: improve unicode support
Date: Thu, 24 Nov 2022 13:21:11 +0100 [thread overview]
Message-ID: <20221124122112.666868-12-d.csapak@proxmox.com> (raw)
In-Reply-To: <20221124122112.666868-1-d.csapak@proxmox.com>
when we receive mails with SMTPUTF8 encoded sender/recipient,
we have to encode these values for our ldapcache to work,
otherwise pmg-smtp-filter fails with when trying to insert
perl strings.
on read from the cache we have to decode these values again so
that the webui can show them correctly
also encode/decode dn and group names, since according to rfc4514[0]
utf-8 should be ok here
0: https://www.ietf.org/rfc/rfc4514.txt
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
---
openldap/freeipa did not let me add an email with unicode characters,
but active directory did. so tested with that
src/PMG/LDAPCache.pm | 31 ++++++++++++++++++-------------
src/PMG/RuleDB/LDAP.pm | 11 +++++++----
src/PMG/RuleDB/LDAPUser.pm | 13 ++++++++-----
3 files changed, 33 insertions(+), 22 deletions(-)
diff --git a/src/PMG/LDAPCache.pm b/src/PMG/LDAPCache.pm
index f0698da..6cc4383 100755
--- a/src/PMG/LDAPCache.pm
+++ b/src/PMG/LDAPCache.pm
@@ -6,6 +6,7 @@ use File::Path;
use LockFile::Simple;
use Data::Dumper;
use DB_File;
+use Encode qw(encode decode);
use PVE::SafeSyslog;
use PVE::Tools qw(split_list);
@@ -491,7 +492,7 @@ sub get_groups {
my $status = $dbh->seq($key, $value, R_FIRST());
while ($status == 0) {
- $res->{$value} = $key;
+ $res->{$value} = PMG::Utils::try_decode_utf8($key);
$status = $dbh->seq($key, $value, R_NEXT());
}
@@ -515,9 +516,9 @@ sub get_users {
while ($status == 0) {
my ($pmail, $account, $dn) = unpack('n/a* n/a* n/a*', $value);
$res->{$key} = {
- pmail => $pmail,
- account => $account,
- dn => $dn,
+ pmail => PMG::Utils::try_decode_utf8($pmail),
+ account => PMG::Utils::try_decode_utf8($account),
+ dn => PMG::Utils::try_decode_utf8($dn),
};
$status = $dbh->seq($key, $value, R_NEXT());
}
@@ -595,7 +596,7 @@ sub list_addresses {
return undef if !$dbhmails || !$dbhusers;
- $mail = lc($mail);
+ $mail = encode('UTF-8', lc($mail));
my $res = [];
@@ -609,7 +610,7 @@ sub list_addresses {
my ($pmail, $account, $dn) = unpack('n/a* n/a* n/a*', $rdata);
- push @$res, { primary => 1, email => $pmail };
+ push @$res, { primary => 1, email => PMG::Utils::try_decode_utf8($pmail) };
my $key = 0 ;
my $value = "" ;
@@ -617,7 +618,7 @@ sub list_addresses {
while ($status == 0) {
if ($value == $cuid && $key ne $pmail) {
- push @$res, { primary => 0, email => $key };
+ push @$res, { primary => 0, email => PMG::Utils::try_decode_utf8($key) };
}
$status = $dbhmails->seq($key, $value, R_NEXT());
}
@@ -631,7 +632,7 @@ sub mail_exists {
my $dbh = $self->{dbstat}->{mails}->{dbh};
return 0 if !$dbh;
- $mail = lc($mail);
+ $mail = encode('UTF-8', lc($mail));
my $res;
$dbh->get($mail, $res);
@@ -644,7 +645,7 @@ sub account_exists {
my $dbh = $self->{dbstat}->{accounts}->{dbh};
return 0 if !$dbh;
- $account = lc($account);
+ $account = encode('UTF-8', lc($account));
my $res;
$dbh->get($account, $res);
@@ -657,6 +658,8 @@ sub group_exists {
my $dbh = $self->{dbstat}->{groups}->{dbh};
return 0 if !$dbh;
+ $group = encode('UTF-8', $group);
+
my $res;
$dbh->get($group, $res);
return $res;
@@ -669,8 +672,8 @@ sub account_has_address {
my $dbhaccounts = $self->{dbstat}->{accounts}->{dbh};
return 0 if !$dbhmails || !$dbhaccounts;
- $account = lc($account);
- $mail = lc($mail);
+ $account = encode('UTF-8', lc($account));
+ $mail = encode('UTF-8', lc($mail));
my $accid;
$dbhaccounts->get($account, $accid);
@@ -692,12 +695,14 @@ sub user_in_group {
return 0 if !$dbhmails || !$dbhgroups || !$dbhmemberof;
- $mail = lc($mail);
+ $mail = encode('UTF-8', lc($mail));
my $cuid;
$dbhmails->get($mail, $cuid);
return 0 if !$cuid;
+ $group = encode('UTF-8', $group);
+
my $groupid;
$dbhgroups->get($group, $groupid);
return 0 if !$groupid;
@@ -715,7 +720,7 @@ sub account_info {
return undef if !$dbhmails || !$dbhusers;
- $mail = lc($mail);
+ $mail = encode('UTF-8', lc($mail));
my $res = {};
diff --git a/src/PMG/RuleDB/LDAP.pm b/src/PMG/RuleDB/LDAP.pm
index a132499..3fcf5f0 100644
--- a/src/PMG/RuleDB/LDAP.pm
+++ b/src/PMG/RuleDB/LDAP.pm
@@ -3,6 +3,7 @@ package PMG::RuleDB::LDAP;
use strict;
use warnings;
use DBI;
+use Encode qw(encode);
use PVE::Exception qw(raise_param_exc);
@@ -45,12 +46,14 @@ sub load_attr {
defined($value) || die "undefined value: ERROR";
+ my $decoded = PMG::Utils::try_decode_utf8($value);
+
my $obj;
- if ($value =~ m/^([^:]*):(.*)$/) {
+ if ($decoded =~ m/^([^:]*):(.*)$/) {
$obj = $class->new($2, $1, $ogroup);
- $obj->{digest} = Digest::SHA::sha1_hex($id, $2, $1, $ogroup);
+ $obj->{digest} = Digest::SHA::sha1_hex($id, encode('UTF-8', $2), encode('UTF-8', $1), $ogroup);
} else {
- $obj = $class->new($value, '', $ogroup);
+ $obj = $class->new($decoded, '', $ogroup);
$obj->{digest} = Digest::SHA::sha1_hex($id, $value, '#', $ogroup);
}
@@ -69,7 +72,7 @@ sub save {
my $grp = $self->{ldapgroup};
my $profile = $self->{profile};
- my $confdata = "$profile:$grp";
+ my $confdata = encode('UTF-8', "$profile:$grp");
if (defined ($self->{id})) {
# update
diff --git a/src/PMG/RuleDB/LDAPUser.pm b/src/PMG/RuleDB/LDAPUser.pm
index 022d784..345decb 100644
--- a/src/PMG/RuleDB/LDAPUser.pm
+++ b/src/PMG/RuleDB/LDAPUser.pm
@@ -4,6 +4,7 @@ use strict;
use warnings;
use DBI;
use Digest::SHA;
+use Encode qw(encode);
use PVE::INotify;
@@ -46,13 +47,15 @@ sub load_attr {
my $class = ref($type) || $type;
defined($value) || die "undefined value: ERROR";
-
+
+ my $decoded = PMG::Utils::try_decode_utf8($value);
+
my $obj;
- if ($value =~ m/^([^:]*):(.*)$/) {
+ if ($decoded =~ m/^([^:]*):(.*)$/) {
$obj = $class->new($2, $1, $ogroup);
- $obj->{digest} = Digest::SHA::sha1_hex($id, $2, $1, $ogroup);
+ $obj->{digest} = Digest::SHA::sha1_hex($id, encode('UTF-8', $2), encode('UTF-8', $1), $ogroup);
} else {
- $obj = $class->new($value, '', $ogroup);
+ $obj = $class->new($decoded, '', $ogroup);
$obj->{digest} = Digest::SHA::sha1_hex ($id, $value, '#', $ogroup);
}
@@ -71,7 +74,7 @@ sub save {
my $user = $self->{ldapuser};
my $profile = $self->{profile};
- my $confdata = "$profile:$user";
+ my $confdata = encode('UTF-8', "$profile:$user");
if (defined($self->{id})) {
# update
--
2.30.2
next prev parent reply other threads:[~2022-11-24 12:21 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-24 12:21 [pmg-devel] [PATCH pmg-api v4 00/12] ruledb - improve experience for non-ascii tests and mails Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 01/12] utils: return perl string from decode_rfc1522 Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 02/12] ruledb: properly substitute prox_vars in headers Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 03/12] fix #2541 ruledb: encode relevant values as utf-8 in database Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 04/12] ruledb: encode e-mail addresses for syslog Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 05/12] partially fix #2465: handle smtputf8 addresses in the rule-system Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 06/12] quarantine: handle utf8 data Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 07/12] pmgqm: handle smtputf8 data Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 08/12] statistics: handle utf8 data Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 09/12] quarantine: fix adding non-ascii senders to wl/bl Dominik Csapak
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 10/12] utils: refactor rfc1522_to_html Dominik Csapak
2022-11-24 12:21 ` Dominik Csapak [this message]
2022-11-24 12:21 ` [pmg-devel] [PATCH pmg-api v4 12/12] statistics: refactor filter_text generation Dominik Csapak
2022-11-24 15:45 ` [pmg-devel] applied-series: [PATCH pmg-api v4 00/12] ruledb - improve experience for non-ascii tests and mails Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221124122112.666868-12-d.csapak@proxmox.com \
--to=d.csapak@proxmox.com \
--cc=pmg-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox