[pve-devel] r4906 - pve-access-control/trunk
svn-commits at proxmox.com
svn-commits at proxmox.com
Fri Jul 16 08:52:09 CEST 2010
Author: dietmar
Date: 2010-07-16 06:52:09 +0000 (Fri, 16 Jul 2010)
New Revision: 4906
Modified:
pve-access-control/trunk/AccessControl.pm
pve-access-control/trunk/ChangeLog
Log:
* AccessControl.pm (authenticate_user_domain): catch special
case ($domain eq '')
(parse_domains): fix various bugs, allow spaces between domains,
skip duplicate parameters
Modified: pve-access-control/trunk/AccessControl.pm
===================================================================
--- pve-access-control/trunk/AccessControl.pm 2010-07-16 06:09:56 UTC (rev 4905)
+++ pve-access-control/trunk/AccessControl.pm 2010-07-16 06:52:09 UTC (rev 4906)
@@ -549,7 +549,8 @@
foreach my $entry (@$domain_cfg, $pam, $shadow) {
foreach my $doms ($entry->{domains}) {
foreach my $dom (@$doms) {
- if ($domain =~ m/^${dom}$/) {
+ if ((!$domain && ($dom eq '')) ||
+ ($domain && ($domain =~ m/^${dom}$/))) {
$found = 1;
@@ -1261,38 +1262,51 @@
my ($filename, $fh) = @_;
my $connlist = [];
- my $ad = {};
+ my $ad;
die "MODE: '$/'" if !$/;
+
while ($fh && defined (my $line = <$fh>)) {
chomp $line;
+
next if $line =~ m/^\#/; # skip comment lines
next if $line =~ m/^\s*$/; # skip empty lines
- if ($line =~ m/^(\S+):\s*(\S+)\s*$/) {
+
+ if ($line =~ m/^(\S+):\s*(.+)\s*$/) {
my $type = $1;
my $domains = $2;
my $ignore = 0;
- foreach my $domain (split_list($domains)) {
- if (!parse_domain_name ($domain, 1)) {
- $ignore = ($ad->{domains}) ? undef : 1;
- warn "ignoring domain '$domain' - (invalid form)\n";
- } elsif (($type ne "AD") && ($type ne "LDAP")) {
- $ignore = 1;
- warn "ignoring domains '$domains' - (unsupported authentication type '$type')\n";
- } else {
- push @{$ad->{domains}}, ($domain);
- $ad->{type} = $type;
+
+ if (($type ne "AD") && ($type ne "LDAP")) {
+ $ignore = 1;
+ warn "ignoring domains '$domains' - (unsupported authentication type '$type')\n";
+ } else {
+ $ad = { type => $type, domains => [] };
+
+ foreach my $domain (split_list($domains)) {
+ if (!parse_domain_name ($domain, 1)) {
+ warn "ignoring domain '$domain' - (invalid form)\n";
+ } else {
+ push @{$ad->{domains}}, $domain;
+ }
}
}
- while ((defined ($line = <$fh>)) && (!$ignore)) {
+ while (defined ($line = <$fh>)) {
next if $line =~ m/^\#/; #skip comment lines
+ last if $line =~ m/^\s*$/;
+
+ next if $ignore; # skip
if ($line =~ m/^\s+(\S+)(\s+(.*\S))?\s*$/) {
my ($k, $v) = ($1, $3);
if ($valid_params->{$k}) {
if ($v =~ m/^$valid_params->{$k}$/) {
- $ad->{$k} = $v;
+ if (!defined($ad->{$k})) {
+ $ad->{$k} = $v;
+ } else {
+ warn "ignoring duplicate parameter '$k $v'\n";
+ }
} else {
warn "ignoring value '$v' for parameter '$k' - invalid format\n";
}
@@ -1300,14 +1314,18 @@
warn "ignoring parameter '$k' - not supported\n";
}
} else {
- push(@$connlist, $ad);
- $ad = {};
- last;
+ warn "ignore config line: $line\n";
}
}
+ push(@$connlist, $ad) if !$ignore;
+ $ad = undef
+
+ } else {
+ warn "ignore config line: $line\n";
+
}
}
- push(@$connlist, $ad);
+
return $connlist;
}
Modified: pve-access-control/trunk/ChangeLog
===================================================================
--- pve-access-control/trunk/ChangeLog 2010-07-16 06:09:56 UTC (rev 4905)
+++ pve-access-control/trunk/ChangeLog 2010-07-16 06:52:09 UTC (rev 4906)
@@ -1,5 +1,12 @@
-2010-07-16 Seth Lauzon <seth.lauzon at gmail.com>A
+2010-07-16 Proxmox Support Team <support at proxmox.com>
+ * AccessControl.pm (authenticate_user_domain): catch special
+ case ($domain eq '')
+ (parse_domains): fix various bugs, allow spaces between domains,
+ skip duplicate parameters
+
+2010-07-16 Seth Lauzon <seth.lauzon at gmail.com>
+
* AccessControl.pm (parse_domains): borrowed code from Storage.pm to make it
less fragile to syntax errors in the domains.cfg file
More information about the pve-devel
mailing list