[debian-edu-commits] debian-edu/pkg-team/ 01/01: Allow IPv4 and FQDN addresses as sudoHost.

Dominik George natureshadow-guest at moszumanska.debian.org
Sun Nov 27 17:18:41 UTC 2016


This is an automated email from the git hooks/post-receive script.

natureshadow-guest pushed a commit to branch master
in repository gosa.

commit bf4c6d39042d66db556db1307c2a14cd33325e7e
Author: Dominik George <nik at naturalnet.de>
Date:   Sun Nov 27 18:08:09 2016 +0100

    Allow IPv4 and FQDN addresses as sudoHost.
---
 debian/changelog                        |  6 ++++++
 debian/patches/1027_fix-sudo-fqdn.patch | 36 +++++++++++++++++++++++++++++++++
 debian/patches/series                   |  1 +
 3 files changed, 43 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index c06c033..506e85d 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+gosa (2.7.4+reloaded2-13) UNRELEASED; urgency=medium
+
+  * Allow IPv4 addresses and FQDNs as sudoHost. (Closes: #834065).
+
+ -- Dominik George <nik at naturalnet.de>  Sun, 27 Nov 2016 18:06:48 +0100
+
 gosa (2.7.4+reloaded2-12) unstable; urgency=medium
 
   [ Mike Gabriel ]
diff --git a/debian/patches/1027_fix-sudo-fqdn.patch b/debian/patches/1027_fix-sudo-fqdn.patch
new file mode 100644
index 0000000..a3b2e8e
--- /dev/null
+++ b/debian/patches/1027_fix-sudo-fqdn.patch
@@ -0,0 +1,36 @@
+Description: Allow IPv4 addresses and FQDNs as sudoHost
+Author: Dominik George <nik at naturalnet.de>
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=834065
+--- a/sudo/admin/sudo/class_sudoGeneric.inc
++++ b/sudo/admin/sudo/class_sudoGeneric.inc
+@@ -292,6 +292,15 @@ class sudo extends plugin
+           ADD values 
+          *********************/
+ 
++        /* Acceptable characters for various fields */
++        $ipv4_regex = "^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$";
++        $fqdn_regex = "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$";
++        $attr_regex = array(
++            "sudoUser" => "/^[a-z0-9{$c}]*$/i",
++            "sudoHost" => "/$ipv4_regex|$fqdn_regex/i",
++            "sudoRunAs" => "/^[a-z0-9{$c}]*$/i"
++        );
++
+         /* User / Host / Runas */ 
+         foreach(array("sudoUser","sudoHost","sudoRunAs") as $attr){
+             if($this->acl_is_writeable($attr) && 
+@@ -300,12 +309,12 @@ class sudo extends plugin
+                     !empty($_POST['new_'.$attr])){
+ 
+                 $c = preg_quote(' *+-?_|!\'"()','/');
+-                if(preg_match("/^[a-z0-9{$c}]*$/i",get_post('new_'.$attr))){
++                if(preg_match($attr_regex[$attr],get_post('new_'.$attr))){
+                     $attrs = $this->$attr;
+                     $attrs[] =  trim(get_post('new_'.$attr)); 
+                     $this->$attr = $attrs;
+                 }else{
+-                    msg_dialog::display(_("Error"),msgPool::invalid($attr,get_post('new_'.$attr),"/[a-z0-9{$c}]/i"));
++                    msg_dialog::display(_("Error"),msgPool::invalid($attr,get_post('new_'.$attr),$attr_regex[$attr]));
+                 }
+             }
+         }
diff --git a/debian/patches/series b/debian/patches/series
index 4c63ef6..4d169c5 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -31,6 +31,7 @@
 1024_dont-overescape-dollar-signs-in-smb-passwords.patch
 1025_fix-with-smarty-3-1-29.patch
 1026_fix-deprecated-constructor-format.patch
+1027_fix-sudo-fqdn.patch
 2001_fix-smarty-location.patch
 2002_fix-template-location.patch
 2003_fix-class-mapping.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/pkg-team/gosa.git



More information about the debian-edu-commits mailing list