Originally reported in the forum [0]. This is only a cosmetic fix and has no user-visible impact, just fixing a code warning in the syslog. Applies only for case-insensitive realms too, where Active Directory is the only type to support that.
When looking up a non-existing username on case-insensitive realms, it currently returns `undef`, which then causes the following warning in the syslog: Use of uninitialized value $username in concatenation (.) or string at /usr/share/perl5/PVE/API2/AccessControl.pm line 303. authentication failure; rhost=::ffff:10.0.0.1 user= msg=user name '' is too short This now follows the logic from the common, case-sensitive path, to just return the original, given username (which is then later on validated in the auth chain). No functional changes. [0] https://forum.proxmox.com/threads/new-ad-realm-not-working-blank-username.157859/ Signed-off-by: Christoph Heiss <c.he...@proxmox.com> --- src/PVE/AccessControl.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/PVE/AccessControl.pm b/src/PVE/AccessControl.pm index 47f2d38..d1e7d56 100644 --- a/src/PVE/AccessControl.pm +++ b/src/PVE/AccessControl.pm @@ -1231,7 +1231,7 @@ sub lookup_username { die "ambiguous case insensitive match of username '$username', cannot safely grant access!\n" if scalar @matches > 1 && !$noerr; - return $matches[0] + return $matches[0] if defined($matches[0]); } return $username; -- 2.48.1 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
