diff options
author | Michael Kozono <mkozono@gmail.com> | 2017-10-04 00:38:55 +0300 |
---|---|---|
committer | Michael Kozono <mkozono@gmail.com> | 2017-10-07 20:28:13 +0300 |
commit | 6b9229466dc84d3d2b4ed002807d28960bfd1a84 (patch) | |
tree | c69a5c66fb25bbfbd185b14a1af7a2c1fd0c51e1 /lib/gitlab/ldap | |
parent | ed07faf2847f5adaebbd65d81d423fd249f9b542 (diff) |
Normalize values, reusing DN normalization code
I first attempted to extract logic from the code that normalizes DNs, but I was unsuccessful. This is a hack but it works.
Diffstat (limited to 'lib/gitlab/ldap')
-rw-r--r-- | lib/gitlab/ldap/dn.rb | 6 | ||||
-rw-r--r-- | lib/gitlab/ldap/person.rb | 35 |
2 files changed, 8 insertions, 33 deletions
diff --git a/lib/gitlab/ldap/dn.rb b/lib/gitlab/ldap/dn.rb index 751219b7334..87a7f1c6bc0 100644 --- a/lib/gitlab/ldap/dn.rb +++ b/lib/gitlab/ldap/dn.rb @@ -25,6 +25,12 @@ module Gitlab UnsupportedDnFormatError = Class.new(StandardError) class DN + def self.normalize_value(given_value) + dummy_dn = "placeholder=#{given_value}" + normalized_dn = new(*dummy_dn).to_normalized_s + normalized_dn.sub(/\Aplaceholder=/, '') + end + ## # Initialize a DN, escaping as required. Pass in attributes in name/value # pairs. If there is a left over argument, it will be appended to the dn diff --git a/lib/gitlab/ldap/person.rb b/lib/gitlab/ldap/person.rb index af8aab2444b..e91e3a176e6 100644 --- a/lib/gitlab/ldap/person.rb +++ b/lib/gitlab/ldap/person.rb @@ -41,8 +41,8 @@ module Gitlab # 1. Excess spaces are stripped # 2. The string is downcased (for case-insensitivity) def self.normalize_uid(uid) - normalize_dn_part(uid) - rescue StandardError => e + ::Gitlab::LDAP::DN.normalize_value(uid) + rescue ::Gitlab::LDAP::MalformedDnError, ::Gitlab::LDAP::UnsupportedDnFormatError => e Rails.logger.info("Returning original UID \"#{uid}\" due to error during normalization attempt: #{e.message}") Rails.logger.info(e.backtrace.join("\n")) @@ -77,37 +77,6 @@ module Gitlab private - def self.normalize_dn_part(part) - cleaned = part.strip.downcase - - if cleaned.ends_with?('\\') - # If it ends with an escape character that is not followed by a - # character to be escaped, then this part may be malformed. But let's - # not worry too much about it, and just return it unmodified. - # - # Why? Because the reason we clean DNs is to make our simplistic - # string comparisons work better, even though there are all kinds of - # ways that equivalent DNs can vary as strings. If we run into a - # strange DN, we should just try to work with it. - # - # See https://www.ldap.com/ldap-dns-and-rdns for more. - return part unless part.ends_with?(' ') - - # Ends with an escaped space (which is valid). - cleaned = cleaned + ' ' - end - - # Get rid of blanks. This can happen if a split character is followed by - # whitespace and then another split character. - # - # E.g. this DN: 'uid=john+telephoneNumber= +1 555-555-5555' - # - # Should be returned as: 'uid=john+telephoneNumber=+1 555-555-5555' - cleaned = '' if cleaned.blank? - - cleaned - end - def entry @entry end |