public inbox for pmg-devel@lists.proxmox.com
 help / color / mirror / Atom feed
* [pmg-devel] [PATCH pmg-api v2 1/2] removed SMTP from regex
@ 2022-03-30 12:32 Markus Frank
  2022-03-30 12:32 ` [pmg-devel] [PATCH pmg-api v2 2/2] fix #3924: ldap: accept only valid email-address Markus Frank
  2022-04-04 13:33 ` [pmg-devel] applied: [PATCH pmg-api v2 1/2] removed SMTP from regex Thomas Lamprecht
  0 siblings, 2 replies; 4+ messages in thread
From: Markus Frank @ 2022-03-30 12:32 UTC (permalink / raw)
  To: pmg-devel

removed "SMTP" because of lowercase function is called before.

Signed-off-by: Markus Frank <m.frank@proxmox.com>
---
 src/PMG/LDAPCache.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/PMG/LDAPCache.pm b/src/PMG/LDAPCache.pm
index df61454..19e22a4 100755
--- a/src/PMG/LDAPCache.pm
+++ b/src/PMG/LDAPCache.pm
@@ -160,11 +160,11 @@ sub queryusers {
 	    foreach my $mail (@{$user->{attributes}->{$attr}}) {
 		$mail = lc($mail);
 		# Test if the Line starts with one of the following lines:
-		# proxyAddresses: [smtp|SMTP]:
+		# proxyAddresses: [smtp]:
 		# and also discard this starting string, so that $mail is only the
 		# address without any other characters...
 
-		$mail =~ s/^(smtp|SMTP)[\:\$]//gs;
+		$mail =~ s/^smtp[\:\$]//gs;
 
 		if ($mail !~ m/[\{\}\\\/]/ && $mail =~ m/^\S+\@\S+$/) {
 		    $umails->{$mail} = 1;
-- 
2.30.2





^ permalink raw reply	[flat|nested] 4+ messages in thread

* [pmg-devel] [PATCH pmg-api v2 2/2] fix #3924: ldap: accept only valid email-address
  2022-03-30 12:32 [pmg-devel] [PATCH pmg-api v2 1/2] removed SMTP from regex Markus Frank
@ 2022-03-30 12:32 ` Markus Frank
  2022-04-06  8:12   ` [pmg-devel] applied: " Thomas Lamprecht
  2022-04-04 13:33 ` [pmg-devel] applied: [PATCH pmg-api v2 1/2] removed SMTP from regex Thomas Lamprecht
  1 sibling, 1 reply; 4+ messages in thread
From: Markus Frank @ 2022-03-30 12:32 UTC (permalink / raw)
  To: pmg-devel

If a mail attribute contains special characters in ldap at the first
line, it will be set as primary email and results in a
"400 invalid format - value does not look like a valid email address"
Error-Statement in the webconsole. This mostly can happen if SIP
Addresses are in Active-Directory's proxyAddresses which begin with "SIP:".

To make the validation more strict I changed the api to use
pmg-email-address and added a regex which looks for protocolnames (sip:)
that could be in proxyAddresses but are not compatible and skips these
addresses.

Signed-off-by: Markus Frank <m.frank@proxmox.com>
---
 src/PMG/API2/LDAP.pm | 5 ++---
 src/PMG/LDAPCache.pm | 8 +++++++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/PMG/API2/LDAP.pm b/src/PMG/API2/LDAP.pm
index d2ee6a4..4922155 100644
--- a/src/PMG/API2/LDAP.pm
+++ b/src/PMG/API2/LDAP.pm
@@ -408,10 +408,9 @@ __PACKAGE__->register_method ({
 		description => "Profile ID.",
 		type => 'string', format => 'pve-configid',
 	    },
-	    email => {
+	    email => get_standard_option('pmg-email-address', {
 		description => "Email address.",
-		type => 'string', format => 'email',
-	    },
+	    }),
 	},
     },
     returns => {
diff --git a/src/PMG/LDAPCache.pm b/src/PMG/LDAPCache.pm
index 19e22a4..7a1d812 100755
--- a/src/PMG/LDAPCache.pm
+++ b/src/PMG/LDAPCache.pm
@@ -166,7 +166,13 @@ sub queryusers {
 
 		$mail =~ s/^smtp[\:\$]//gs;
 
-		if ($mail !~ m/[\{\}\\\/]/ && $mail =~ m/^\S+\@\S+$/) {
+		# exclude sip and x500 addresses in proxyAddresses
+		# https://docs.microsoft.com/en-us/troubleshoot/azure/active-directory/proxyaddresses-attribute-populate
+		if (
+		    $mail !~ m/[\{\}\\\/]/ && 
+		    $mail =~ m/^\S+\@\S+$/ && 
+		    $mail !~  m/^(sip|x500)[\:\$]/
+		) {
 		    $umails->{$mail} = 1;
 		    $pmail = $mail if !$pmail;
 		}
-- 
2.30.2





^ permalink raw reply	[flat|nested] 4+ messages in thread

* [pmg-devel] applied: [PATCH pmg-api v2 1/2] removed SMTP from regex
  2022-03-30 12:32 [pmg-devel] [PATCH pmg-api v2 1/2] removed SMTP from regex Markus Frank
  2022-03-30 12:32 ` [pmg-devel] [PATCH pmg-api v2 2/2] fix #3924: ldap: accept only valid email-address Markus Frank
@ 2022-04-04 13:33 ` Thomas Lamprecht
  1 sibling, 0 replies; 4+ messages in thread
From: Thomas Lamprecht @ 2022-04-04 13:33 UTC (permalink / raw)
  To: Markus Frank, pmg-devel

On 30.03.22 14:32, Markus Frank wrote:
> removed "SMTP" because of lowercase function is called before.
> 
> Signed-off-by: Markus Frank <m.frank@proxmox.com>
> ---
>  src/PMG/LDAPCache.pm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
>

applied, thanks!

just fyi, I reworded the commit subject slightly to:
"ldap cache: removed superfluous uppercase SMTP from regex"

It wasn't wrong at all, but a bit more context is nice to have when browsing
the online short log  or `git log --oneline` like I often do for assembling
relevant items for the debian/changelog file on package bump.




^ permalink raw reply	[flat|nested] 4+ messages in thread

* [pmg-devel] applied: [PATCH pmg-api v2 2/2] fix #3924: ldap: accept only valid email-address
  2022-03-30 12:32 ` [pmg-devel] [PATCH pmg-api v2 2/2] fix #3924: ldap: accept only valid email-address Markus Frank
@ 2022-04-06  8:12   ` Thomas Lamprecht
  0 siblings, 0 replies; 4+ messages in thread
From: Thomas Lamprecht @ 2022-04-06  8:12 UTC (permalink / raw)
  To: Markus Frank, pmg-devel

On 30.03.22 14:32, Markus Frank wrote:
> If a mail attribute contains special characters in ldap at the first
> line, it will be set as primary email and results in a
> "400 invalid format - value does not look like a valid email address"
> Error-Statement in the webconsole. This mostly can happen if SIP
> Addresses are in Active-Directory's proxyAddresses which begin with "SIP:".
> 
> To make the validation more strict I changed the api to use
> pmg-email-address and added a regex which looks for protocolnames (sip:)
> that could be in proxyAddresses but are not compatible and skips these
> addresses.
> 
> Signed-off-by: Markus Frank <m.frank@proxmox.com>
> ---
>  src/PMG/API2/LDAP.pm | 5 ++---
>  src/PMG/LDAPCache.pm | 8 +++++++-
>  2 files changed, 9 insertions(+), 4 deletions(-)
> 
>

applied, thanks! Fixed up a few (trailing/extra) whitespace errors and shortened
the m$ link.




^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2022-04-06  8:13 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-30 12:32 [pmg-devel] [PATCH pmg-api v2 1/2] removed SMTP from regex Markus Frank
2022-03-30 12:32 ` [pmg-devel] [PATCH pmg-api v2 2/2] fix #3924: ldap: accept only valid email-address Markus Frank
2022-04-06  8:12   ` [pmg-devel] applied: " Thomas Lamprecht
2022-04-04 13:33 ` [pmg-devel] applied: [PATCH pmg-api v2 1/2] removed SMTP from regex Thomas Lamprecht

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal