From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 5A0A9BBF98 for ; Wed, 20 Dec 2023 15:37:39 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 363FFF27D for ; Wed, 20 Dec 2023 15:37:09 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 20 Dec 2023 15:37:08 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 50530487E8 for ; Wed, 20 Dec 2023 15:37:08 +0100 (CET) From: Filip Schauer To: pve-devel@lists.proxmox.com Date: Wed, 20 Dec 2023 15:37:03 +0100 Message-Id: <20231220143703.55091-1-f.schauer@proxmox.com> X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.141 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: [pve-devel] [PATCH access-control] fix #5136: ldap: Decode non-ASCII characters in attributes X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Dec 2023 14:37:39 -0000 Decode non-ASCII character when syncing user attributes, since those will be encoded later on. Without this fix the attributes where encoded twice, resulting in cases such as 'ü' turning into 'ü'. Signed-off-by: Filip Schauer --- src/PVE/Auth/LDAP.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/Auth/LDAP.pm b/src/PVE/Auth/LDAP.pm index b958f2b..5e7a30c 100755 --- a/src/PVE/Auth/LDAP.pm +++ b/src/PVE/Auth/LDAP.pm @@ -301,7 +301,7 @@ sub get_users { foreach my $attr (keys %$user_attributes) { if (my $ours = $ldap_attribute_map->{$attr}) { - $ret->{$username}->{$ours} = $user_attributes->{$attr}->[0]; + $ret->{$username}->{$ours} = PVE::Tools::decode_text($user_attributes->{$attr}->[0]); } } -- 2.39.2