[X2Go-Commits] [x2goserver] 01/08: x2goserver/lib/x2go{sqlitewrapper.pl, utils.pm}: allow arbitrary-length user names, user names starting with digits and drop $ as a valid user name character. Fixes: #1229.
git-admin at x2go.org
git-admin at x2go.org
Wed Nov 1 10:23:26 CET 2017
This is an automated email from the git hooks/post-receive script.
x2go pushed a commit to branch release/4.0.1.x
in repository x2goserver.
commit 780622ac76ed677e3c59aa65a6e487062e2ec31e
Author: Mihai Moldovan <ionic at ionic.de>
Date: Wed Nov 1 06:47:37 2017 +0100
x2goserver/lib/x2go{sqlitewrapper.pl,utils.pm}: allow arbitrary-length user names, user names starting with digits and drop $ as a valid user name character. Fixes: #1229.
---
debian/changelog | 3 +++
x2goserver/lib/x2gosqlitewrapper.pl | 10 ++++------
x2goserver/lib/x2goutils.pm | 10 ++++------
3 files changed, 11 insertions(+), 12 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 4d63a80..19045ff 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -46,6 +46,9 @@ x2goserver (4.0.1.21-0x2go1) UNRELEASED; urgency=medium
- x2goserver/{bin/x2golistshadowsessions,
lib/x2go{dbwrapper.pm,sqlitewrapper.pl}}: backport listshadowsessions*
DB functions and unmark them as FIXME entries.
+ - x2goserver/lib/x2go{sqlitewrapper.pl,utils.pm}: allow arbitrary-length
+ user names, user names starting with digits and drop $ as a valid user
+ name character. Fixes: #1229.
* x2goserver.spec:
- Add mandatory perl-generators Build-Requires as per
https://fedoraproject.org/wiki/Changes/Build_Root_Without_Perl
diff --git a/x2goserver/lib/x2gosqlitewrapper.pl b/x2goserver/lib/x2gosqlitewrapper.pl
index 4604c6e..49afad6 100755
--- a/x2goserver/lib/x2gosqlitewrapper.pl
+++ b/x2goserver/lib/x2gosqlitewrapper.pl
@@ -61,13 +61,11 @@ sub sanitizer {
return $string;
} else {return 0;}
} elsif ($type eq "x2gosid") {
- $string =~ s/[^a-zA-Z0-9\_\-\$\.\@]//g;
- if ($string =~ /^([a-zA-Z0-9\_\-\$\.\@]*)$/) {
+ $string =~ s/[^a-zA-Z0-9\.\_\-\@]//g;
+ if ($string =~ /^([a-zA-Z0-9\.\_\-\@]*)$/) {
$string = $1;
- if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,47}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-\.]*\_dp[\d]{1,2}$/) {
- if ((length($1) > 0) and (length($1) < 48)){
- return $string;
- } else {return 0;}
+ if ($string =~ /^([a-zA-Z0-9\.\_][a-zA-Z0-9\.\_\-\@]*)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\.\_\-]*\_dp[\d]{1,2}$/) {
+ return $string;
} else {return 0;}
} else {return 0;}
} elsif ($type eq "SOMETHINGELSE") {
diff --git a/x2goserver/lib/x2goutils.pm b/x2goserver/lib/x2goutils.pm
index 9104f77..ebbcf2e 100644
--- a/x2goserver/lib/x2goutils.pm
+++ b/x2goserver/lib/x2goutils.pm
@@ -40,13 +40,11 @@ sub sanitizer {
return $string;
} else {return 0;}
} elsif ($type eq "x2gosid") {
- $string =~ s/[^a-zA-Z0-9\_\-\$\.\@]//g;
- if ($string =~ /^([a-zA-Z0-9\_\-\$\.\@]*)$/) {
+ $string =~ s/[^a-zA-Z0-9\.\_\-\@]//g;
+ if ($string =~ /^([a-zA-Z0-9\.\_\-\@]*)$/) {
$string = $1;
- if ($string =~ /^([a-zA-Z\_][a-zA-Z0-9\_\-\.\@]{0,47}[\$]?)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\_\-\.]*\_dp[\d]{1,2}$/) {
- if ((length($1) > 0) and (length($1) < 48)){
- return $string;
- } else {return 0;}
+ if ($string =~ /^([a-zA-Z0-9\.\_][a-zA-Z0-9\.\_\-\@]*)\-([\d]{2,4})\-([\d]{9,12})\_[a-zA-Z0-9\.\_\-]*\_dp[\d]{1,2}$/) {
+ return $string;
} else {return 0;}
} else {return 0;}
} elsif ($type eq "SOMETHINGELSE") {
--
Alioth's /srv/git/code.x2go.org/x2goserver.git//..//_hooks_/post-receive-email on /srv/git/code.x2go.org/x2goserver.git
More information about the x2go-commits
mailing list